Just for sanity's sake, if you look at: t/sasl/memcached.conf in the tarball, and look at t/binary-sasl.t (look for the section starting with "my $sasldb =", and build a passwd + configure the pwdb that way, does it work?
to reiterate; the test config file explicitly declares the path for the db within memcached.conf, and then adds the passwords to it via the saslpasswd tool. Would help rule things out anyway. thanks! On Fri, 6 Apr 2018, Om Kale wrote: > Yup, it will be really helpful if you could try and reproduce it. > Yes...that's the thing I was wondering, 'no secret in database' means its > able to reach the database, but unable to read/load the memcached-sasl-pwdb > file. Additionally, I was wondering, if there is need to write additional > code for some shared secret at client side or any other dependencies. > Currently, I am directly using memcached_set_sasl_auth_data function in the > client. > > Here are the steps to reproduce: > 1. I installed the memcached server with the enable-sasl and enable-sasl-db. > 2. Wrote a c client as attached in the email. > 3. Created a file with the username:password entry named memcached-sasl-pwdb > as shown before. > 4. Created a memcached.conf with mech:plain > 5. Ran the server using ./memcached -S -vv > 6. Ran the client using ./testsasl username password localhost > > Couple more things to add: > 1. I have followed the following wiki: > https://github.com/memcached/memcached/wiki/SASLHowto > > 2. I haven't used this but added the user:pass in the memcached-sasl-pwdb > file manually. > > saslpasswd2 -a memcached -c cacheuser > 3. For the SASL library cyrus-sasl-plain, I have installed it, but havent > used/pointed to it in code or on the server as I did not see steps for this. > > 4.I see its mentioned configure option --enable-sasl-pwdb is not working on > the wiki, but saw that its there in one of the new PRs. > https://github.com/memcached/memcached/issues/365 > > > Let me know if you need any additional info from my side. > > Regards, > Om Kale > > > > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando wrote: > No secret in database means it thinks the pwdb is empty (or it can't > load/find the pwdb). > > I'm not sure why offhand.. I can try to reproduce it but won't have time > until later today. > > On Fri, 6 Apr 2018, Om Kale wrote: > > > Hi Dormando, > > Thanks for the quick reply. I used the environment variable you > suggested before running the memcached server instance: > > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > I have added the following in my memcached.conf file (so basically > tells plain text). I have openssl and openldap installed on my machine > but haven't > > specified it any config or pointed to it in the code. > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > > mech_list: plain > > > > Now I run: > > ./memcached -S -v > > > > Followed by the client: > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > > Set failed: AUTHENTICATION FAILURE > > > > But still get the same error as before on the memcached server: > > OKALE-M-33H5:memcached-1.5.7 okale$ export > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > Initialized SASL. > > mech: ``SRP'' with 15 bytes of data > > SASL (severity 2): no secret in database > > sasl result code: -4 > > Unknown sasl response: -4 > > > > > > > > You could refer to my attached client code above but I still don't > understand why it says 'no secret in database'. > > > > > > > > Thanks and Regards, > > Om Kale > > > > > > > > > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, Dormando wrote: > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > and then try to run my client, I get the following error on > the server: > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > > Initialized SASL. > > > mech: ``SRP'' with 15 bytes of data > > > SASL (severity 2): no secret in database > > > sasl result code: -4 > > > Unknown sasl response: -4 > > > > > > > > > I have added my username, password in a file called > memcached-sasl-pwdb which is located at > > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached-sasl-pwdb > > > ok:hello > > > > > > > > > > > > My memcached.conf located at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and > contains: > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > > mech_list: plain > > > > > > > > > I have a couple of questions: > > > 1. How can the memcached server on start up know the > configured users and the username:password details. (Does it read it from > > memcached-sasl-pwdb? If > > > yes, how do I configure it/point to it?) > > > > I guess the wiki didn't get fully updated :( If you use PWDB, > it's via > > MEMCACHED_SASL_PWDB as an environment variable, so: > > $ > > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > ./memcached -S -v > > > > > > > 2. What's the use of the memcached.conf file in the "Reading > configuration from: > > > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>" > > > > Stating the supported mechanisms for sasl authentication (ie; > the at-rest > > state of the password data) > > > > > in the output. I am presuming this read will tell the > memcached server the username:password details. If yes, what should be the > location > > of this file > > > 3. Do I need to install/point to any additional ssl libraries > during server bring up? > > > > Should be answered above. Hopefully that works for you > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups "memcached" group. > > To unsubscribe from this group and stop receiving emails from it, > send an email to memcached+...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "memcached" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
