Currently my set up is as follows: 1. My memcached.conf exists at /Users/okale/Library/Caches/ Homebrew/memcached-1.5.7/ 2. The memcached server on starting reads from this file as shown in the log: OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v Reading configuration from: </Users/okale/Library/Caches/ Homebrew/memcached-1.5.7/memcached.conf> Initialized SASL. 3. The contents of the memcached.conf are: mech_list: plain log_level: 5 sasldb_path: /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ memcached-sasl-pwdb 4. The memcached-sasl-pwdb is located at /Users/okale/Library/Caches/ Homebrew/memcached-1.5.7/ and has the line: (I am adding this line manually as the command 'echo "testpass" | saslpasswd2 -a memcached -c -p testuser' is not creating the file and adding the content in it) ok:hello
However, I still see same error on server side: mech: ``SRP'' with 15 bytes of data SASL (severity 2): no secret in database sasl result code: -4 Unknown sasl response: -4 Also on client side, I still see: OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost Set failed: AUTHENTICATION FAILURE One more question is: Is there any additional info to be provided while starting the memcached server itself? Thanks and Regards, Om Kale On Mon, Apr 9, 2018 at 10:35 AM, Om Kale <omkal...@gmail.com> wrote: > Hey Dormando, > I do not see the memcached-sasl-pwdb created and the password added in it. > The steps are same as above. > Also, is there a specific location where memcached.conf and the sasl db > file: memcached-sasl-pwdb, need to be put? > I do not see the memcached-sasl-pwdb created automatically. Also the > memcached.conf is located at t/sasl/memcached.conf, do I need to make the > modification in this file to point to sasl db or can I create my own > memcached.conf at another location? > > > > > Thanks and Regards, > Om Kale > > > On Fri, Apr 6, 2018 at 5:53 PM, dormando <dorma...@rydia.net> wrote: > >> Hey, >> >> Did the memcached-sasl-pwdb file get created and is there a line in it? >> >> On Fri, 6 Apr 2018, Om Kale wrote: >> >> > Got it. I see the line you mentioned in the test code. >> > I executed the following steps but still see same issue. (I ran >> ./configure after the echo command) >> > >> > >> > Here are the steps: >> > >> > OKALE-M-33H5:memcached-1.5.7 okale$ echo "hello" | saslpasswd2 -a >> memcached -c -p ok >> > OKALE-M-33H5:memcached-1.5.7 okale$ ls -lrth | grep -i 'memcached.conf' >> > -rw-r--r-- 1 okale staff 116B Apr 6 15:28 memcached.conf >> > OKALE-M-33H5:memcached-1.5.7 okale$ >> > OKALE-M-33H5:memcached-1.5.7 okale$ >> > OKALE-M-33H5:memcached-1.5.7 okale$ >> > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf >> > mech_list: plain >> > log_level: 5 >> > sasldb_path: /Users/okale/Library/Caches/Ho >> mebrew/memcached-1.5.7/memcached-sasl-pwdb >> > OKALE-M-33H5:memcached-1.5.7 okale$ >> > OKALE-M-33H5:memcached-1.5.7 okale$ >> > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v >> > Reading configuration from: </Users/okale/Library/Caches/H >> omebrew/memcached-1.5.7/memcached.conf> >> > Initialized SASL. >> > mech: ``SRP'' with 15 bytes of data >> > SASL (severity 2): no secret in database >> > sasl result code: -4 >> > Unknown sasl response: -4 >> > >> > >> > >> > Client side: >> > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost >> > Set failed: AUTHENTICATION FAILURE >> > OKALE-M-33H5:mycode okale$ >> > >> > >> > >> > Is there a specific location where memcached.conf and the sasl db file: >> memcached-sasl-pwdb, need to be put? >> > >> > >> > >> > >> > Thanks and Regards,Om Kale >> > >> > >> > On Fri, Apr 6, 2018 at 3:54 PM, dormando <dorma...@rydia.net> wrote: >> > Read the 30 lines around where I said, not just that line. >> > >> > though I guess it's just: >> > >> > system("echo testpass | $saslpasswd_path -a memcached -c -p >> testuser"); >> > >> > so that means: >> > >> > echo "testpass" | saslpasswd2 -a memcached -c -p testuser >> > if you run that from the same directory as your memcached.conf >> (or use -f >> > to point to it?), it should create the file properly. >> > >> > I'm saying to use the tool instead of just putting the >> username/password >> > into the file, and also using the sasldb_path: argument in >> memcached.conf >> > to point to the sasldb, instead of the environment variable. >> > >> > On Fri, 6 Apr 2018, Om Kale wrote: >> > >> > > Hey Dormando, >> > > Ok. When I look at the 't/binary-sasl.t' and search for the >> section you mentioned, >> > > I see this: >> > > >> > > # Build the auth DB for testing. >> > > >> > > my $sasldb = '/tmp/test-memcached.sasldb'; >> > > >> > > unlink $sasldb; >> > > >> > > >> > > In the t/sasl/memcached.conf, I see the following: >> > > mech_list: plain cram-md5 >> > > log_level: 5 >> > > sasldb_path: /tmp/test-memcached.sasldb >> > > >> > > Now, let me know what I need to do....a bit confused. >> > > Do I need to change any of the above or do I create >> test-memcached.sasldb under tmp on my machine, add a username:password to >> it and then >> > run ./configure >> > > followed by make? >> > > >> > > >> > > >> > > >> > > Thanks and Regards,Om Kale >> > > >> > > >> > > On Fri, Apr 6, 2018 at 2:48 PM, dormando <dorma...@rydia.net> >> wrote: >> > > Just for sanity's sake, if you look at: >> t/sasl/memcached.conf in the >> > > tarball, and look at t/binary-sasl.t (look for the >> section starting with >> > > "my $sasldb =", and build a passwd + configure the pwdb >> that way, does it >> > > work? >> > > >> > > to reiterate; the test config file explicitly declares >> the path for the db >> > > within memcached.conf, and then adds the passwords to it >> via the >> > > saslpasswd tool. >> > > >> > > Would help rule things out anyway. thanks! >> > > >> > > On Fri, 6 Apr 2018, Om Kale wrote: >> > > >> > > > Yup, it will be really helpful if you could try and >> reproduce it. >> > > > Yes...that's the thing I was wondering, 'no secret in >> database' means its able to reach the database, but unable to read/load the >> > > memcached-sasl-pwdb >> > > > file. Additionally, I was wondering, if there is need >> to write additional code for some shared secret at client side or any other >> > > dependencies. >> > > > Currently, I am directly using >> memcached_set_sasl_auth_data function in the client. >> > > > >> > > > Here are the steps to reproduce: >> > > > 1. I installed the memcached server with the >> enable-sasl and enable-sasl-db. >> > > > 2. Wrote a c client as attached in the email. >> > > > 3. Created a file with the username:password entry >> named memcached-sasl-pwdb as shown before. >> > > > 4. Created a memcached.conf with mech:plain >> > > > 5. Ran the server using ./memcached -S -vv >> > > > 6. Ran the client using ./testsasl username password >> localhost >> > > > >> > > > Couple more things to add: >> > > > 1. I have followed the following wiki: >> > > > https://github.com/memcached/memcached/wiki/SASLHowto >> > > > >> > > > 2. I haven't used this but added the user:pass in the >> memcached-sasl-pwdb file manually. >> > > > >> > > > saslpasswd2 -a memcached -c cacheuser >> > > > 3. For the SASL library cyrus-sasl-plain, I have >> installed it, but havent used/pointed to it in code or on the server as I >> did not >> > see >> > > steps for this. >> > > > >> > > > 4.I see its mentioned configure option >> --enable-sasl-pwdb is not working on the wiki, but saw that its there in >> one of the new PRs. >> > > > https://github.com/memcached/memcached/issues/365 >> > > > >> > > > >> > > > Let me know if you need any additional info from my >> side. >> > > > >> > > > Regards, >> > > > Om Kale >> > > > >> > > > >> > > > >> > > > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando >> wrote: >> > > > No secret in database means it thinks the pwdb is >> empty (or it can't >> > > > load/find the pwdb). >> > > > >> > > > I'm not sure why offhand.. I can try to reproduce >> it but won't have time >> > > > until later today. >> > > > >> > > > On Fri, 6 Apr 2018, Om Kale wrote: >> > > > >> > > > > Hi Dormando, >> > > > > Thanks for the quick reply. I used the >> environment variable you suggested before running the memcached server >> instance: >> > > > > MEMCACHED_SASL_PWDB="/Users/ok >> ale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" >> > > > > >> > > > > I have added the following in my memcached.conf >> file (so basically tells plain text). I have openssl and openldap installed >> > on my >> > > machine >> > > > but haven't >> > > > > specified it any config or pointed to it in the >> code. >> > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat >> memcached.conf >> > > > > > mech_list: plain >> > > > > >> > > > > Now I run: >> > > > > ./memcached -S -v >> > > > > >> > > > > Followed by the client: >> > > > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello >> localhost >> > > > > Set failed: AUTHENTICATION FAILURE >> > > > > >> > > > > But still get the same error as before on the >> memcached server: >> > > > > OKALE-M-33H5:memcached-1.5.7 okale$ export >> > > MEMCACHED_SASL_PWDB="/Users/o >> kale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" >> > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached >> -S -v >> > > > > Reading configuration from: >> </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> >> > > > > Initialized SASL. >> > > > > mech: ``SRP'' with 15 bytes of data >> > > > > SASL (severity 2): no secret in database >> > > > > sasl result code: -4 >> > > > > Unknown sasl response: -4 >> > > > > >> > > > > >> > > > > >> > > > > You could refer to my attached client code >> above but I still don't understand why it says 'no secret in database'. >> > > > > >> > > > > >> > > > > >> > > > > Thanks and Regards, >> > > > > Om Kale >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, >> Dormando wrote: >> > > > > >> > > > > >> > > > > On Fri, 6 Apr 2018, Om Kale wrote: >> > > > > >> > > > > > and then try to run my client, I get >> the following error on the server: >> > > > > > >> > > > > > >> > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ >> ./memcached -S -v >> > > > > > Reading configuration from: >> </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> >> > > > > > Initialized SASL. >> > > > > > mech: ``SRP'' with 15 bytes of data >> > > > > > SASL (severity 2): no secret in database >> > > > > > sasl result code: -4 >> > > > > > Unknown sasl response: -4 >> > > > > > >> > > > > > >> > > > > > I have added my username, password in a >> file called memcached-sasl-pwdb which is located at >> > > > > > /Users/okale/Library/Caches/Ho >> mebrew/memcached-1.5.7/memcached-sasl-pwdb >> > > > > > >> > > > > > >> > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat >> memcached-sasl-pwdb >> > > > > > ok:hello >> > > > > > >> > > > > > >> > > > > > >> > > > > > My memcached.conf located at >> /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and >> contains: >> > > > > > >> > > > > > >> > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat >> memcached.conf >> > > > > > mech_list: plain >> > > > > > >> > > > > > >> > > > > > I have a couple of questions: >> > > > > > 1. How can the memcached server on >> start up know the configured users and the username:password details. (Does >> it >> > read it >> > > from >> > > > > memcached-sasl-pwdb? If >> > > > > > yes, how do I configure it/point to it?) >> > > > > >> > > > > I guess the wiki didn't get fully updated >> :( If you use PWDB, it's via >> > > > > MEMCACHED_SASL_PWDB as an environment >> variable, so: >> > > > > $ >> > > > > MEMCACHED_SASL_PWDB="/Users/ok >> ale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" >> > > > > ./memcached -S -v >> > > > > >> > > > > >> > > > > > 2. What's the use of the memcached.conf >> file in the "Reading configuration from: >> > > > > </Users/okale/Library/Caches/H >> omebrew/memcached-1.5.7/memcached.conf>" >> > > > > >> > > > > Stating the supported mechanisms for sasl >> authentication (ie; the at-rest >> > > > > state of the password data) >> > > > > >> > > > > > in the output. I am presuming this read >> will tell the memcached server the username:password details. If yes, what >> > should >> > > be the >> > > > location >> > > > > of this file >> > > > > > 3. Do I need to install/point to any >> additional ssl libraries during server bring up? >> > > > > >> > > > > Should be answered above. Hopefully that >> works for you >> > > > > >> > > > > -- >> > > > > >> > > > > --- >> > > > > You received this message because you are >> subscribed to the Google Groups "memcached" group. >> > > > > To unsubscribe from this group and stop >> receiving emails from it, send an email to memcached+...@googlegroups.com >> . >> > > > > For more options, visit >> https://groups.google.com/d/optout. >> > > > > >> > > > > >> > > > >> > > > -- >> > > > >> > > > --- >> > > > You received this message because you are subscribed to >> the Google Groups "memcached" group. >> > > > To unsubscribe from this group and stop receiving >> emails from it, send an email to memcached+unsubscr...@googlegroups.com. >> > > > For more options, visit https://groups.google.com/d/op >> tout. >> > > > >> > > > >> > > >> > > -- >> > > >> > > --- >> > > You received this message because you are subscribed to >> the Google Groups "memcached" group. >> > > To unsubscribe from this group and stop receiving emails >> from it, send an email to memcached+unsubscr...@googlegroups.com. >> > > For more options, visit https://groups.google.com/d/op >> tout. >> > > >> > > >> > > -- >> > > >> > > --- >> > > You received this message because you are subscribed to the >> Google Groups "memcached" group. >> > > To unsubscribe from this group and stop receiving emails from >> it, send an email to memcached+unsubscr...@googlegroups.com. >> > > For more options, visit https://groups.google.com/d/optout. >> > > >> > > >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the >> Google Groups "memcached" group. >> > To unsubscribe from this group and stop receiving emails from it, >> send an email to memcached+unsubscr...@googlegroups.com. >> > For more options, visit https://groups.google.com/d/optout. >> > >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> Groups "memcached" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an email to memcached+unsubscr...@googlegroups.com. >> > For more options, visit https://groups.google.com/d/optout. >> > >> > >> >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "memcached" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to memcached+unsubscr...@googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. >> > > -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.