Hey,

Did the memcached-sasl-pwdb file get created and is there a line in it?

On Fri, 6 Apr 2018, Om Kale wrote:

> Got it. I see the line you mentioned in the test code.
> I executed the following steps but still see same issue. (I ran ./configure 
> after the echo command)
>
>
> Here are the steps:
>
> OKALE-M-33H5:memcached-1.5.7 okale$ echo "hello" | saslpasswd2 -a memcached 
> -c -p ok
> OKALE-M-33H5:memcached-1.5.7 okale$ ls -lrth | grep -i 'memcached.conf'
> -rw-r--r--   1 okale  staff   116B Apr  6 15:28 memcached.conf
> OKALE-M-33H5:memcached-1.5.7 okale$
> OKALE-M-33H5:memcached-1.5.7 okale$
> OKALE-M-33H5:memcached-1.5.7 okale$
> OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf
> mech_list: plain
> log_level: 5
> sasldb_path: 
> /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb
> OKALE-M-33H5:memcached-1.5.7 okale$
> OKALE-M-33H5:memcached-1.5.7 okale$
> OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v
> Reading configuration from: 
> </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>
> Initialized SASL.
> mech:  ``SRP'' with 15 bytes of data
> SASL (severity 2): no secret in database
> sasl result code:  -4
> Unknown sasl response:  -4
>
>
>
> Client side:
> OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost
> Set failed: AUTHENTICATION FAILURE
> OKALE-M-33H5:mycode okale$
>
>
>
> Is there a specific location where memcached.conf and the sasl db file: 
> memcached-sasl-pwdb, need to be put?
>
>
>
>
> Thanks and Regards,Om Kale
>
>
> On Fri, Apr 6, 2018 at 3:54 PM, dormando <dorma...@rydia.net> wrote:
>       Read the 30 lines around where I said, not just that line.
>
>       though I guess it's just:
>
>       system("echo testpass | $saslpasswd_path -a memcached -c -p testuser");
>
>       so that means:
>
>       echo "testpass" | saslpasswd2 -a memcached -c -p testuser
>       if you run that from the same directory as your memcached.conf (or use 
> -f
>       to point to it?), it should create the file properly.
>
>       I'm saying to use the tool instead of just putting the username/password
>       into the file, and also using the sasldb_path: argument in 
> memcached.conf
>       to point to the sasldb, instead of the environment variable.
>
>       On Fri, 6 Apr 2018, Om Kale wrote:
>
>       > Hey Dormando,
>       > Ok. When I look at the 't/binary-sasl.t' and search for the section 
> you mentioned,
>       > I see this:
>       >
>       > # Build the auth DB for testing.
>       >
>       > my $sasldb = '/tmp/test-memcached.sasldb';
>       >
>       > unlink $sasldb;
>       >
>       >
>       > In the t/sasl/memcached.conf, I see the following:
>       > mech_list: plain cram-md5
>       > log_level: 5
>       > sasldb_path: /tmp/test-memcached.sasldb
>       >
>       > Now, let me know what I need to do....a bit confused.
>       > Do I need to change any of the above or do I create 
> test-memcached.sasldb under tmp on my machine, add a username:password to it 
> and then
>       run ./configure
>       > followed by make?
>       >
>       >
>       >
>       >
>       > Thanks and Regards,Om Kale
>       >
>       >
>       > On Fri, Apr 6, 2018 at 2:48 PM, dormando <dorma...@rydia.net> wrote:
>       >       Just for sanity's sake, if you look at: t/sasl/memcached.conf 
> in the
>       >       tarball, and look at t/binary-sasl.t (look for the section 
> starting with
>       >       "my $sasldb =", and build a passwd + configure the pwdb that 
> way, does it
>       >       work?
>       >
>       >       to reiterate; the test config file explicitly declares the path 
> for the db
>       >       within memcached.conf, and then adds the passwords to it via the
>       >       saslpasswd tool.
>       >
>       >       Would help rule things out anyway. thanks!
>       >
>       >       On Fri, 6 Apr 2018, Om Kale wrote:
>       >
>       >       > Yup, it will be really helpful if you could try and reproduce 
> it.
>       >       > Yes...that's the thing I was wondering, 'no secret in 
> database' means its able to reach the database, but unable to read/load the
>       >       memcached-sasl-pwdb
>       >       > file. Additionally, I was wondering, if there is need to 
> write additional code for some shared secret at client side or any other
>       >       dependencies.
>       >       > Currently, I am directly using memcached_set_sasl_auth_data 
> function in the client.
>       >       >
>       >       > Here are the steps to reproduce:
>       >       > 1. I installed the memcached server with the enable-sasl and 
> enable-sasl-db.
>       >       > 2. Wrote a c client as attached in the email.
>       >       > 3. Created a file with the username:password entry named 
> memcached-sasl-pwdb as shown before.
>       >       > 4. Created a memcached.conf with mech:plain
>       >       > 5. Ran the server using ./memcached -S -vv
>       >       > 6. Ran the client using ./testsasl username password localhost
>       >       >
>       >       > Couple more things to add:
>       >       > 1. I have followed the following wiki:
>       >       > https://github.com/memcached/memcached/wiki/SASLHowto
>       >       >
>       >       > 2. I haven't used this but added the user:pass in the 
> memcached-sasl-pwdb file manually.
>       >       >
>       >       >  saslpasswd2 -a memcached -c cacheuser
>       >       > 3. For the SASL library cyrus-sasl-plain, I have installed 
> it, but havent used/pointed to it in code or on the server as I did not
>       see
>       >       steps for this.
>       >       >
>       >       > 4.I see its mentioned configure option --enable-sasl-pwdb is 
> not working on the wiki, but saw that its there in one of the new PRs.
>       >       > https://github.com/memcached/memcached/issues/365
>       >       >
>       >       >
>       >       > Let me know if you need any additional info from my side.
>       >       >
>       >       > Regards,
>       >       > Om Kale
>       >       >
>       >       >
>       >       >
>       >       > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando wrote:
>       >       >       No secret in database means it thinks the pwdb is empty 
> (or it can't
>       >       >       load/find the pwdb).
>       >       >
>       >       >       I'm not sure why offhand.. I can try to reproduce it 
> but won't have time
>       >       >       until later today.
>       >       >
>       >       >       On Fri, 6 Apr 2018, Om Kale wrote:
>       >       >
>       >       >       > Hi Dormando,
>       >       >       > Thanks for the quick reply. I used the environment 
> variable you suggested before running the memcached server instance:
>       >       >       > 
> MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb"
>       >       >       >
>       >       >       > I have added the following in my memcached.conf file 
> (so basically tells plain text). I have openssl and openldap installed
>       on my
>       >       machine
>       >       >       but haven't
>       >       >       > specified it any config or pointed to it in the code.
>       >       >       > > OKALE-M-33H5:memcached-1.5.7 okale$ cat 
> memcached.conf
>       >       >       > > mech_list: plain
>       >       >       >
>       >       >       > Now I run:
>       >       >       > ./memcached -S -v
>       >       >       >
>       >       >       > Followed by the client:
>       >       >       > OKALE-M-33H5:mycode okale$ ./testsasl ok hello 
> localhost
>       >       >       > Set failed: AUTHENTICATION FAILURE
>       >       >       >
>       >       >       > But still get the same error as before on the 
> memcached server:
>       >       >       > OKALE-M-33H5:memcached-1.5.7 okale$ export
>       >       
> MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb"
>       >       >       > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v
>       >       >       > Reading configuration from: 
> </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>
>       >       >       > Initialized SASL.
>       >       >       > mech:  ``SRP'' with 15 bytes of data
>       >       >       > SASL (severity 2): no secret in database
>       >       >       > sasl result code:  -4
>       >       >       > Unknown sasl response:  -4
>       >       >       >
>       >       >       >
>       >       >       >
>       >       >       > You could refer to my attached client code above but 
> I still don't understand why it says 'no secret in database'.
>       >       >       >
>       >       >       >
>       >       >       >
>       >       >       > Thanks and Regards,
>       >       >       > Om Kale
>       >       >       >
>       >       >       >
>       >       >       >
>       >       >       >
>       >       >       >
>       >       >       > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, 
> Dormando wrote:
>       >       >       >
>       >       >       >
>       >       >       >       On Fri, 6 Apr 2018, Om Kale wrote:
>       >       >       >
>       >       >       >       > and then try to run my client, I get the 
> following error on the server:
>       >       >       >       >
>       >       >       >       >
>       >       >       >       > OKALE-M-33H5:memcached-1.5.7 okale$ 
> ./memcached -S -v
>       >       >       >       > Reading configuration from: 
> </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>
>       >       >       >       > Initialized SASL.
>       >       >       >       > mech:  ``SRP'' with 15 bytes of data
>       >       >       >       > SASL (severity 2): no secret in database
>       >       >       >       > sasl result code:  -4
>       >       >       >       > Unknown sasl response:  -4
>       >       >       >       >
>       >       >       >       >
>       >       >       >       > I have added my username, password in a file 
> called memcached-sasl-pwdb which is located at
>       >       >       >       > 
> /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb
>       >       >       >       >
>       >       >       >       >
>       >       >       >       > OKALE-M-33H5:memcached-1.5.7 okale$ cat 
> memcached-sasl-pwdb
>       >       >       >       > ok:hello
>       >       >       >       >
>       >       >       >       >
>       >       >       >       >
>       >       >       >       > My memcached.conf located at 
> /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and 
> contains:
>       >       >       >       >
>       >       >       >       >
>       >       >       >       > OKALE-M-33H5:memcached-1.5.7 okale$ cat 
> memcached.conf
>       >       >       >       > mech_list: plain
>       >       >       >       >
>       >       >       >       >
>       >       >       >       > I have a couple of questions:
>       >       >       >       > 1. How can the memcached server on start up 
> know the configured users and the username:password details. (Does it
>       read it
>       >       from
>       >       >       >       memcached-sasl-pwdb? If
>       >       >       >       > yes, how do I configure it/point to it?)
>       >       >       >
>       >       >       >       I guess the wiki didn't get fully updated :( If 
> you use PWDB, it's via
>       >       >       >       MEMCACHED_SASL_PWDB as an environment variable, 
> so:
>       >       >       >       $
>       >       >       >       
> MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb"
>       >       >       >       ./memcached -S -v
>       >       >       >
>       >       >       >
>       >       >       >       > 2. What's the use of the memcached.conf file 
> in the "Reading configuration from:
>       >       >       >       
> </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>"
>       >       >       >
>       >       >       >       Stating the supported mechanisms for sasl 
> authentication (ie; the at-rest
>       >       >       >       state of the password data)
>       >       >       >
>       >       >       >       > in the output. I am presuming this read will 
> tell the memcached server the username:password details. If yes, what
>       should
>       >       be the
>       >       >       location
>       >       >       >       of this file
>       >       >       >       > 3. Do I need to install/point to any 
> additional ssl libraries during server bring up?
>       >       >       >
>       >       >       >       Should be answered above. Hopefully that works 
> for you
>       >       >       >
>       >       >       > --
>       >       >       >
>       >       >       > ---
>       >       >       > You received this message because you are subscribed 
> to the Google Groups "memcached" group.
>       >       >       > To unsubscribe from this group and stop receiving 
> emails from it, send an email to memcached+...@googlegroups.com.
>       >       >       > For more options, visit 
> https://groups.google.com/d/optout.
>       >       >       >
>       >       >       >
>       >       >
>       >       > --
>       >       >
>       >       > ---
>       >       > You received this message because you are subscribed to the 
> Google Groups "memcached" group.
>       >       > To unsubscribe from this group and stop receiving emails from 
> it, send an email to memcached+unsubscr...@googlegroups.com.
>       >       > For more options, visit https://groups.google.com/d/optout.
>       >       >
>       >       >
>       >
>       >       --
>       >
>       >       ---
>       >       You received this message because you are subscribed to the 
> Google Groups "memcached" group.
>       >       To unsubscribe from this group and stop receiving emails from 
> it, send an email to memcached+unsubscr...@googlegroups.com.
>       >       For more options, visit https://groups.google.com/d/optout.
>       >
>       >
>       > --
>       >
>       > ---
>       > You received this message because you are subscribed to the Google 
> Groups "memcached" group.
>       > To unsubscribe from this group and stop receiving emails from it, 
> send an email to memcached+unsubscr...@googlegroups.com.
>       > For more options, visit https://groups.google.com/d/optout.
>       >
>       >
>
>       --
>
>       ---
>       You received this message because you are subscribed to the Google 
> Groups "memcached" group.
>       To unsubscribe from this group and stop receiving emails from it, send 
> an email to memcached+unsubscr...@googlegroups.com.
>       For more options, visit https://groups.google.com/d/optout.
>
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups 
> "memcached" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to memcached+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"memcached" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to memcached+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to