Hey, I'll try to reproduce this today. I have a feeling you're skipping some steps but it's definitely a confusing process...
On Mon, 9 Apr 2018, Om Kale wrote: > Currently my set up is as follows: > 1. My memcached.conf exists at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > 2. The memcached server on starting reads from this file as shown in the log: > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > Initialized SASL. > 3. The contents of the memcached.conf are: > mech_list: plain > log_level: 5 > sasldb_path: > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > 4. The memcached-sasl-pwdb is located at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ and has the line: > (I am adding this line manually as the command 'echo "testpass" | saslpasswd2 > -a memcached -c -p testuser' is not creating the file and adding the > content in it) > ok:hello > > However, I still see same error on server side: > mech: ``SRP'' with 15 bytes of data > SASL (severity 2): no secret in database > sasl result code: -4 > Unknown sasl response: -4 > > Also on client side, I still see: > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > Set failed: AUTHENTICATION FAILURE > > > One more question is: > Is there any additional info to be provided while starting the memcached > server itself? > > Thanks and Regards,Om Kale > > > On Mon, Apr 9, 2018 at 10:35 AM, Om Kale <omkal...@gmail.com> wrote: > Hey Dormando, > I do not see the memcached-sasl-pwdb created and the password added in it. > The steps are same as above. > Also, is there a specific location where memcached.conf and the sasl db file: > memcached-sasl-pwdb, need to be put? > I do not see the memcached-sasl-pwdb created automatically. Also the > memcached.conf is located at t/sasl/memcached.conf, do I need to make the > modification in this file to point to sasl db or can I create my own > memcached.conf at another location? > > > > > Thanks and Regards,Om Kale > > > On Fri, Apr 6, 2018 at 5:53 PM, dormando <dorma...@rydia.net> wrote: > Hey, > > Did the memcached-sasl-pwdb file get created and is there a line in it? > > On Fri, 6 Apr 2018, Om Kale wrote: > > > Got it. I see the line you mentioned in the test code. > > I executed the following steps but still see same issue. (I ran > ./configure after the echo command) > > > > > > Here are the steps: > > > > OKALE-M-33H5:memcached-1.5.7 okale$ echo "hello" | saslpasswd2 -a > memcached -c -p ok > > OKALE-M-33H5:memcached-1.5.7 okale$ ls -lrth | grep -i > 'memcached.conf' > > -rw-r--r-- 1 okale staff 116B Apr 6 15:28 memcached.conf > > OKALE-M-33H5:memcached-1.5.7 okale$ > > OKALE-M-33H5:memcached-1.5.7 okale$ > > OKALE-M-33H5:memcached-1.5.7 okale$ > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > mech_list: plain > > log_level: 5 > > sasldb_path: > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > OKALE-M-33H5:memcached-1.5.7 okale$ > > OKALE-M-33H5:memcached-1.5.7 okale$ > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > Initialized SASL. > > mech: ``SRP'' with 15 bytes of data > > SASL (severity 2): no secret in database > > sasl result code: -4 > > Unknown sasl response: -4 > > > > > > > > Client side: > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > > Set failed: AUTHENTICATION FAILURE > > OKALE-M-33H5:mycode okale$ > > > > > > > > Is there a specific location where memcached.conf and the sasl db > file: memcached-sasl-pwdb, need to be put? > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > On Fri, Apr 6, 2018 at 3:54 PM, dormando <dorma...@rydia.net> wrote: > > Read the 30 lines around where I said, not just that line. > > > > though I guess it's just: > > > > system("echo testpass | $saslpasswd_path -a memcached -c -p > >testuser"); > > > > so that means: > > > > echo "testpass" | saslpasswd2 -a memcached -c -p testuser > > if you run that from the same directory as your memcached.conf (or > >use -f > > to point to it?), it should create the file properly. > > > > I'm saying to use the tool instead of just putting the > >username/password > > into the file, and also using the sasldb_path: argument in > >memcached.conf > > to point to the sasldb, instead of the environment variable. > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > Hey Dormando, > > > Ok. When I look at the 't/binary-sasl.t' and search for the section > >you mentioned, > > > I see this: > > > > > > # Build the auth DB for testing. > > > > > > my $sasldb = '/tmp/test-memcached.sasldb'; > > > > > > unlink $sasldb; > > > > > > > > > In the t/sasl/memcached.conf, I see the following: > > > mech_list: plain cram-md5 > > > log_level: 5 > > > sasldb_path: /tmp/test-memcached.sasldb > > > > > > Now, let me know what I need to do....a bit confused. > > > Do I need to change any of the above or do I create > >test-memcached.sasldb under tmp on my machine, add a username:password to it > and then > > run ./configure > > > followed by make? > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > On Fri, Apr 6, 2018 at 2:48 PM, dormando <dorma...@rydia.net> wrote: > > > Just for sanity's sake, if you look at: t/sasl/memcached.conf > >in the > > > tarball, and look at t/binary-sasl.t (look for the section > >starting with > > > "my $sasldb =", and build a passwd + configure the pwdb that > >way, does it > > > work? > > > > > > to reiterate; the test config file explicitly declares the > >path for the db > > > within memcached.conf, and then adds the passwords to it via > >the > > > saslpasswd tool. > > > > > > Would help rule things out anyway. thanks! > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > Yup, it will be really helpful if you could try and > >reproduce it. > > > > Yes...that's the thing I was wondering, 'no secret in > >database' means its able to reach the database, but unable to > read/load the > > > memcached-sasl-pwdb > > > > file. Additionally, I was wondering, if there is need to > >write additional code for some shared secret at client side or any > other > > > dependencies. > > > > Currently, I am directly using memcached_set_sasl_auth_data > >function in the client. > > > > > > > > Here are the steps to reproduce: > > > > 1. I installed the memcached server with the enable-sasl > >and enable-sasl-db. > > > > 2. Wrote a c client as attached in the email. > > > > 3. Created a file with the username:password entry named > >memcached-sasl-pwdb as shown before. > > > > 4. Created a memcached.conf with mech:plain > > > > 5. Ran the server using ./memcached -S -vv > > > > 6. Ran the client using ./testsasl username password > >localhost > > > > > > > > Couple more things to add: > > > > 1. I have followed the following wiki: > > > > https://github.com/memcached/memcached/wiki/SASLHowto > > > > > > > > 2. I haven't used this but added the user:pass in the > >memcached-sasl-pwdb file manually. > > > > > > > > saslpasswd2 -a memcached -c cacheuser > > > > 3. For the SASL library cyrus-sasl-plain, I have installed > >it, but havent used/pointed to it in code or on the server as I > did not > > see > > > steps for this. > > > > > > > > 4.I see its mentioned configure option --enable-sasl-pwdb > >is not working on the wiki, but saw that its there in one of the > new PRs. > > > > https://github.com/memcached/memcached/issues/365 > > > > > > > > > > > > Let me know if you need any additional info from my side. > > > > > > > > Regards, > > > > Om Kale > > > > > > > > > > > > > > > > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando > >wrote: > > > > No secret in database means it thinks the pwdb is > >empty (or it can't > > > > load/find the pwdb). > > > > > > > > I'm not sure why offhand.. I can try to reproduce it > >but won't have time > > > > until later today. > > > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > > > Hi Dormando, > > > > > Thanks for the quick reply. I used the environment > >variable you suggested before running the memcached server > instance: > > > > > > >MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > > > > > > > I have added the following in my memcached.conf > >file (so basically tells plain text). I have openssl and openldap > installed > > on my > > > machine > > > > but haven't > > > > > specified it any config or pointed to it in the > >code. > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat > >memcached.conf > > > > > > mech_list: plain > > > > > > > > > > Now I run: > > > > > ./memcached -S -v > > > > > > > > > > Followed by the client: > > > > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello > >localhost > > > > > Set failed: AUTHENTICATION FAILURE > > > > > > > > > > But still get the same error as before on the > >memcached server: > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ export > > > > >MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S > >-v > > > > > Reading configuration from: > ></Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > > > > Initialized SASL. > > > > > mech: ``SRP'' with 15 bytes of data > > > > > SASL (severity 2): no secret in database > > > > > sasl result code: -4 > > > > > Unknown sasl response: -4 > > > > > > > > > > > > > > > > > > > > You could refer to my attached client code above > >but I still don't understand why it says 'no secret in database'. > > > > > > > > > > > > > > > > > > > > Thanks and Regards, > > > > > Om Kale > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, > >Dormando wrote: > > > > > > > > > > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > > > > > and then try to run my client, I get the > >following error on the server: > > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > >./memcached -S -v > > > > > > Reading configuration from: > ></Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > > > > > Initialized SASL. > > > > > > mech: ``SRP'' with 15 bytes of data > > > > > > SASL (severity 2): no secret in database > > > > > > sasl result code: -4 > > > > > > Unknown sasl response: -4 > > > > > > > > > > > > > > > > > > I have added my username, password in a > >file called memcached-sasl-pwdb which is located at > > > > > > > >/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat > >memcached-sasl-pwdb > > > > > > ok:hello > > > > > > > > > > > > > > > > > > > > > > > > My memcached.conf located at > >/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and > contains: > > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat > >memcached.conf > > > > > > mech_list: plain > > > > > > > > > > > > > > > > > > I have a couple of questions: > > > > > > 1. How can the memcached server on start up > >know the configured users and the username:password details. > (Does it > > read it > > > from > > > > > memcached-sasl-pwdb? If > > > > > > yes, how do I configure it/point to it?) > > > > > > > > > > I guess the wiki didn't get fully updated :( > >If you use PWDB, it's via > > > > > MEMCACHED_SASL_PWDB as an environment > >variable, so: > > > > > $ > > > > > > >MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > > ./memcached -S -v > > > > > > > > > > > > > > > > 2. What's the use of the memcached.conf > >file in the "Reading configuration from: > > > > > > ></Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>" > > > > > > > > > > Stating the supported mechanisms for sasl > >authentication (ie; the at-rest > > > > > state of the password data) > > > > > > > > > > > in the output. I am presuming this read > >will tell the memcached server the username:password details. If > yes, what > > should > > > be the > > > > location > > > > > of this file > > > > > > 3. Do I need to install/point to any > >additional ssl libraries during server bring up? > > > > > > > > > > Should be answered above. Hopefully that > >works for you > > > > > > > > > > -- > > > > > > > > > > --- > > > > > You received this message because you are > >subscribed to the Google Groups "memcached" group. > > > > > To unsubscribe from this group and stop receiving > >emails from it, send an email to memcached+...@googlegroups.com. > > > > > For more options, visit > >https://groups.google.com/d/optout. > > > > > > > > > > > > > > > > > > -- > > > > > > > > --- > > > > You received this message because you are subscribed to the > >Google Groups "memcached" group. > > > > To unsubscribe from this group and stop receiving emails > >from it, send an email to memcached+unsubscr...@googlegroups.com. > > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > > > > > -- > > > > > > --- > > > You received this message because you are subscribed to the > >Google Groups "memcached" group. > > > To unsubscribe from this group and stop receiving emails from > >it, send an email to memcached+unsubscr...@googlegroups.com. > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > -- > > > > > > --- > > > You received this message because you are subscribed to the Google > >Groups "memcached" group. > > > To unsubscribe from this group and stop receiving emails from it, > >send an email to memcached+unsubscr...@googlegroups.com. > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > >Groups "memcached" group. > > To unsubscribe from this group and stop receiving emails from it, > >send an email to memcached+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > > > --- > > You received this message because you are subscribed to the Google Groups > > "memcached" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to memcached+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "memcached" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "memcached" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.