Hey, Did the memcached-sasl-pwdb file get created and is there a line in it?
On Fri, 6 Apr 2018, Om Kale wrote: > Got it. I see the line you mentioned in the test code. > I executed the following steps but still see same issue. (I ran ./configure > after the echo command) > > > Here are the steps: > > OKALE-M-33H5:memcached-1.5.7 okale$ echo "hello" | saslpasswd2 -a memcached > -c -p ok > OKALE-M-33H5:memcached-1.5.7 okale$ ls -lrth | grep -i 'memcached.conf' > -rw-r--r-- 1 okale staff 116B Apr 6 15:28 memcached.conf > OKALE-M-33H5:memcached-1.5.7 okale$ > OKALE-M-33H5:memcached-1.5.7 okale$ > OKALE-M-33H5:memcached-1.5.7 okale$ > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > mech_list: plain > log_level: 5 > sasldb_path: > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > OKALE-M-33H5:memcached-1.5.7 okale$ > OKALE-M-33H5:memcached-1.5.7 okale$ > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > Initialized SASL. > mech: ``SRP'' with 15 bytes of data > SASL (severity 2): no secret in database > sasl result code: -4 > Unknown sasl response: -4 > > > > Client side: > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > Set failed: AUTHENTICATION FAILURE > OKALE-M-33H5:mycode okale$ > > > > Is there a specific location where memcached.conf and the sasl db file: > memcached-sasl-pwdb, need to be put? > > > > > Thanks and Regards,Om Kale > > > On Fri, Apr 6, 2018 at 3:54 PM, dormando <dorma...@rydia.net> wrote: > Read the 30 lines around where I said, not just that line. > > though I guess it's just: > > system("echo testpass | $saslpasswd_path -a memcached -c -p testuser"); > > so that means: > > echo "testpass" | saslpasswd2 -a memcached -c -p testuser > if you run that from the same directory as your memcached.conf (or use > -f > to point to it?), it should create the file properly. > > I'm saying to use the tool instead of just putting the username/password > into the file, and also using the sasldb_path: argument in > memcached.conf > to point to the sasldb, instead of the environment variable. > > On Fri, 6 Apr 2018, Om Kale wrote: > > > Hey Dormando, > > Ok. When I look at the 't/binary-sasl.t' and search for the section > you mentioned, > > I see this: > > > > # Build the auth DB for testing. > > > > my $sasldb = '/tmp/test-memcached.sasldb'; > > > > unlink $sasldb; > > > > > > In the t/sasl/memcached.conf, I see the following: > > mech_list: plain cram-md5 > > log_level: 5 > > sasldb_path: /tmp/test-memcached.sasldb > > > > Now, let me know what I need to do....a bit confused. > > Do I need to change any of the above or do I create > test-memcached.sasldb under tmp on my machine, add a username:password to it > and then > run ./configure > > followed by make? > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > On Fri, Apr 6, 2018 at 2:48 PM, dormando <dorma...@rydia.net> wrote: > > Just for sanity's sake, if you look at: t/sasl/memcached.conf > in the > > tarball, and look at t/binary-sasl.t (look for the section > starting with > > "my $sasldb =", and build a passwd + configure the pwdb that > way, does it > > work? > > > > to reiterate; the test config file explicitly declares the path > for the db > > within memcached.conf, and then adds the passwords to it via the > > saslpasswd tool. > > > > Would help rule things out anyway. thanks! > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > Yup, it will be really helpful if you could try and reproduce > it. > > > Yes...that's the thing I was wondering, 'no secret in > database' means its able to reach the database, but unable to read/load the > > memcached-sasl-pwdb > > > file. Additionally, I was wondering, if there is need to > write additional code for some shared secret at client side or any other > > dependencies. > > > Currently, I am directly using memcached_set_sasl_auth_data > function in the client. > > > > > > Here are the steps to reproduce: > > > 1. I installed the memcached server with the enable-sasl and > enable-sasl-db. > > > 2. Wrote a c client as attached in the email. > > > 3. Created a file with the username:password entry named > memcached-sasl-pwdb as shown before. > > > 4. Created a memcached.conf with mech:plain > > > 5. Ran the server using ./memcached -S -vv > > > 6. Ran the client using ./testsasl username password localhost > > > > > > Couple more things to add: > > > 1. I have followed the following wiki: > > > https://github.com/memcached/memcached/wiki/SASLHowto > > > > > > 2. I haven't used this but added the user:pass in the > memcached-sasl-pwdb file manually. > > > > > > saslpasswd2 -a memcached -c cacheuser > > > 3. For the SASL library cyrus-sasl-plain, I have installed > it, but havent used/pointed to it in code or on the server as I did not > see > > steps for this. > > > > > > 4.I see its mentioned configure option --enable-sasl-pwdb is > not working on the wiki, but saw that its there in one of the new PRs. > > > https://github.com/memcached/memcached/issues/365 > > > > > > > > > Let me know if you need any additional info from my side. > > > > > > Regards, > > > Om Kale > > > > > > > > > > > > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando wrote: > > > No secret in database means it thinks the pwdb is empty > (or it can't > > > load/find the pwdb). > > > > > > I'm not sure why offhand.. I can try to reproduce it > but won't have time > > > until later today. > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > Hi Dormando, > > > > Thanks for the quick reply. I used the environment > variable you suggested before running the memcached server instance: > > > > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > > > > > I have added the following in my memcached.conf file > (so basically tells plain text). I have openssl and openldap installed > on my > > machine > > > but haven't > > > > specified it any config or pointed to it in the code. > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat > memcached.conf > > > > > mech_list: plain > > > > > > > > Now I run: > > > > ./memcached -S -v > > > > > > > > Followed by the client: > > > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello > localhost > > > > Set failed: AUTHENTICATION FAILURE > > > > > > > > But still get the same error as before on the > memcached server: > > > > OKALE-M-33H5:memcached-1.5.7 okale$ export > > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > > > Initialized SASL. > > > > mech: ``SRP'' with 15 bytes of data > > > > SASL (severity 2): no secret in database > > > > sasl result code: -4 > > > > Unknown sasl response: -4 > > > > > > > > > > > > > > > > You could refer to my attached client code above but > I still don't understand why it says 'no secret in database'. > > > > > > > > > > > > > > > > Thanks and Regards, > > > > Om Kale > > > > > > > > > > > > > > > > > > > > > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, > Dormando wrote: > > > > > > > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > > > and then try to run my client, I get the > following error on the server: > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > ./memcached -S -v > > > > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > > > > Initialized SASL. > > > > > mech: ``SRP'' with 15 bytes of data > > > > > SASL (severity 2): no secret in database > > > > > sasl result code: -4 > > > > > Unknown sasl response: -4 > > > > > > > > > > > > > > > I have added my username, password in a file > called memcached-sasl-pwdb which is located at > > > > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat > memcached-sasl-pwdb > > > > > ok:hello > > > > > > > > > > > > > > > > > > > > My memcached.conf located at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and > contains: > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat > memcached.conf > > > > > mech_list: plain > > > > > > > > > > > > > > > I have a couple of questions: > > > > > 1. How can the memcached server on start up > know the configured users and the username:password details. (Does it > read it > > from > > > > memcached-sasl-pwdb? If > > > > > yes, how do I configure it/point to it?) > > > > > > > > I guess the wiki didn't get fully updated :( If > you use PWDB, it's via > > > > MEMCACHED_SASL_PWDB as an environment variable, > so: > > > > $ > > > > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > ./memcached -S -v > > > > > > > > > > > > > 2. What's the use of the memcached.conf file > in the "Reading configuration from: > > > > > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>" > > > > > > > > Stating the supported mechanisms for sasl > authentication (ie; the at-rest > > > > state of the password data) > > > > > > > > > in the output. I am presuming this read will > tell the memcached server the username:password details. If yes, what > should > > be the > > > location > > > > of this file > > > > > 3. Do I need to install/point to any > additional ssl libraries during server bring up? > > > > > > > > Should be answered above. Hopefully that works > for you > > > > > > > > -- > > > > > > > > --- > > > > You received this message because you are subscribed > to the Google Groups "memcached" group. > > > > To unsubscribe from this group and stop receiving > emails from it, send an email to memcached+...@googlegroups.com. > > > > For more options, visit > https://groups.google.com/d/optout. > > > > > > > > > > > > > > -- > > > > > > --- > > > You received this message because you are subscribed to the > Google Groups "memcached" group. > > > To unsubscribe from this group and stop receiving emails from > it, send an email to memcached+unsubscr...@googlegroups.com. > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > -- > > > > --- > > You received this message because you are subscribed to the > Google Groups "memcached" group. > > To unsubscribe from this group and stop receiving emails from > it, send an email to memcached+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups "memcached" group. > > To unsubscribe from this group and stop receiving emails from it, > send an email to memcached+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > --- > You received this message because you are subscribed to the Google > Groups "memcached" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "memcached" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.