Sorry, ran out of time today. will try for earlier tomorrow On Mon, 9 Apr 2018, Om Kale wrote:
> Hi Dormando,I was just curious to know whether you were able to reproduce the > above > mentioned issue? > > Thanks and Regards,Om Kale > > On Mon, Apr 9, 2018 at 12:53 PM, Om Kale <omkal...@gmail.com> wrote: > Yes, that will be very helpful Dormando. I agree, might be missing > something. > The points where I think I might be going wrong are as follows: > > 1. The exact location and contents of memcached.conf and the sasl db file - > memcached-sasl-pwdb (and the interaction between the two). > As per my understanding, SASL_CONF_PATH, tells the memcached server where to > read > the file from and then the line sasldb_path in the conf file tells the server > where to get the sasl db file for username:password authentication. I feel > this > linkage is not happening correctly in my case. > > 2. Is the sasl db file generated on its own when I run the server? If yes, do > we > need to add command line parameters while running the memcached server for > this to > happen. (FYI: I have configured --enable-sasl-pwdb while running configure) > > The main problem I am facing right now is memcached-sasl-pwdb is not getting > created and populated on its own. > Please do let me know the outcome once you try to reproduce it. I am cuurently > using MAC-OS high Sierra. > > Thanks and Regards,Om Kale > > > On Mon, Apr 9, 2018 at 12:28 PM, dormando <dorma...@rydia.net> wrote: > Hey, > > I'll try to reproduce this today. I have a feeling you're skipping > some > steps but it's definitely a confusing process... > > On Mon, 9 Apr 2018, Om Kale wrote: > > > Currently my set up is as follows: > > 1. My memcached.conf exists at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > > 2. The memcached server on starting reads from this file as shown in > the log: > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > Initialized SASL. > > 3. The contents of the memcached.conf are: > > mech_list: plain > > log_level: 5 > > sasldb_path: > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > 4. The memcached-sasl-pwdb is located > at /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ and has the > line: > > (I am adding this line manually as the command 'echo "testpass" | > saslpasswd2 -a memcached -c -p testuser' is not creating the file and > adding the > > content in it) > > ok:hello > > > > However, I still see same error on server side: > > mech: ``SRP'' with 15 bytes of data > > SASL (severity 2): no secret in database > > sasl result code: -4 > > Unknown sasl response: -4 > > > > Also on client side, I still see: > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > > Set failed: AUTHENTICATION FAILURE > > > > > > One more question is: > > Is there any additional info to be provided while starting the > memcached server itself? > > > > Thanks and Regards,Om Kale > > > > > > On Mon, Apr 9, 2018 at 10:35 AM, Om Kale <omkal...@gmail.com> wrote: > > Hey Dormando, > > I do not see the memcached-sasl-pwdb created and the password added in it. > > The steps are same as above. > > Also, is there a specific location where memcached.conf and the sasl db > file: memcached-sasl-pwdb, need to be put? > > I do not see the memcached-sasl-pwdb created automatically. Also the > memcached.conf is located at t/sasl/memcached.conf, do I need to make the > > modification in this file to point to sasl db or can I create my own > memcached.conf at another location? > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > On Fri, Apr 6, 2018 at 5:53 PM, dormando <dorma...@rydia.net> wrote: > > Hey, > > > > Did the memcached-sasl-pwdb file get created and is there a line in > it? > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > Got it. I see the line you mentioned in the test code. > > > I executed the following steps but still see same issue. (I ran > ./configure after the echo command) > > > > > > > > > Here are the steps: > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ echo "hello" | saslpasswd2 -a > memcached -c -p ok > > > OKALE-M-33H5:memcached-1.5.7 okale$ ls -lrth | grep -i > 'memcached.conf' > > > -rw-r--r-- 1 okale staff 116B Apr 6 15:28 memcached.conf > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > > mech_list: plain > > > log_level: 5 > > > sasldb_path: > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > > Initialized SASL. > > > mech: ``SRP'' with 15 bytes of data > > > SASL (severity 2): no secret in database > > > sasl result code: -4 > > > Unknown sasl response: -4 > > > > > > > > > > > > Client side: > > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > > > Set failed: AUTHENTICATION FAILURE > > > OKALE-M-33H5:mycode okale$ > > > > > > > > > > > > Is there a specific location where memcached.conf and the sasl db > file: memcached-sasl-pwdb, need to be put? > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > On Fri, Apr 6, 2018 at 3:54 PM, dormando <dorma...@rydia.net> wrote: > > > Read the 30 lines around where I said, not just that line. > > > > > > though I guess it's just: > > > > > > system("echo testpass | $saslpasswd_path -a memcached -c -p > testuser"); > > > > > > so that means: > > > > > > echo "testpass" | saslpasswd2 -a memcached -c -p testuser > > > if you run that from the same directory as your memcached.conf (or > use -f > > > to point to it?), it should create the file properly. > > > > > > I'm saying to use the tool instead of just putting the > username/password > > > into the file, and also using the sasldb_path: argument in > memcached.conf > > > to point to the sasldb, instead of the environment variable. > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > Hey Dormando, > > > > Ok. When I look at the 't/binary-sasl.t' and search for the > section you mentioned, > > > > I see this: > > > > > > > > # Build the auth DB for testing. > > > > > > > > my $sasldb = '/tmp/test-memcached.sasldb'; > > > > > > > > unlink $sasldb; > > > > > > > > > > > > In the t/sasl/memcached.conf, I see the following: > > > > mech_list: plain cram-md5 > > > > log_level: 5 > > > > sasldb_path: /tmp/test-memcached.sasldb > > > > > > > > Now, let me know what I need to do....a bit confused. > > > > Do I need to change any of the above or do I create > test-memcached.sasldb under tmp on my machine, add a username:password to it > > and then > > > run ./configure > > > > followed by make? > > > > > > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > On Fri, Apr 6, 2018 at 2:48 PM, dormando <dorma...@rydia.net> > wrote: > > > > Just for sanity's sake, if you look at: > t/sasl/memcached.conf in the > > > > tarball, and look at t/binary-sasl.t (look for the section > starting with > > > > "my $sasldb =", and build a passwd + configure the pwdb > that way, does it > > > > work? > > > > > > > > to reiterate; the test config file explicitly declares the > path for the db > > > > within memcached.conf, and then adds the passwords to it > via the > > > > saslpasswd tool. > > > > > > > > Would help rule things out anyway. thanks! > > > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > > > Yup, it will be really helpful if you could try and > reproduce it. > > > > > Yes...that's the thing I was wondering, 'no secret in > database' means its able to reach the database, but unable to > > read/load the > > > > memcached-sasl-pwdb > > > > > file. Additionally, I was wondering, if there is need to > write additional code for some shared secret at client side or any > > other > > > > dependencies. > > > > > Currently, I am directly using > memcached_set_sasl_auth_data function in the client. > > > > > > > > > > Here are the steps to reproduce: > > > > > 1. I installed the memcached server with the enable-sasl > and enable-sasl-db. > > > > > 2. Wrote a c client as attached in the email. > > > > > 3. Created a file with the username:password entry named > memcached-sasl-pwdb as shown before. > > > > > 4. Created a memcached.conf with mech:plain > > > > > 5. Ran the server using ./memcached -S -vv > > > > > 6. Ran the client using ./testsasl username password > localhost > > > > > > > > > > Couple more things to add: > > > > > 1. I have followed the following wiki: > > > > > https://github.com/memcached/memcached/wiki/SASLHowto > > > > > > > > > > 2. I haven't used this but added the user:pass in the > memcached-sasl-pwdb file manually. > > > > > > > > > > saslpasswd2 -a memcached -c cacheuser > > > > > 3. For the SASL library cyrus-sasl-plain, I have > installed it, but havent used/pointed to it in code or on the server as I > > did not > > > see > > > > steps for this. > > > > > > > > > > 4.I see its mentioned configure option > --enable-sasl-pwdb is not working on the wiki, but saw that its there in one > of the > > new PRs. > > > > > https://github.com/memcached/memcached/issues/365 > > > > > > > > > > > > > > > Let me know if you need any additional info from my > side. > > > > > > > > > > Regards, > > > > > Om Kale > > > > > > > > > > > > > > > > > > > > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando > wrote: > > > > > No secret in database means it thinks the pwdb is > empty (or it can't > > > > > load/find the pwdb). > > > > > > > > > > I'm not sure why offhand.. I can try to reproduce > it but won't have time > > > > > until later today. > > > > > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > > > > > Hi Dormando, > > > > > > Thanks for the quick reply. I used the > environment variable you suggested before running the memcached server > > instance: > > > > > > > >>MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sas > l-pwdb" > > > > > > > > > > > > I have added the following in my memcached.conf > file (so basically tells plain text). I have openssl and openldap > > installed > > > on my > > > > machine > > > > > but haven't > > > > > > specified it any config or pointed to it in the > code. > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat > memcached.conf > > > > > > > mech_list: plain > > > > > > > > > > > > Now I run: > > > > > > ./memcached -S -v > > > > > > > > > > > > Followed by the client: > > > > > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello > localhost > > > > > > Set failed: AUTHENTICATION FAILURE > > > > > > > > > > > > But still get the same error as before on the > memcached server: > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ export > > > > > > >MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sa > sl-pwdb" > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached > -S -v > > > > > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > > > > > Initialized SASL. > > > > > > mech: ``SRP'' with 15 bytes of data > > > > > > SASL (severity 2): no secret in database > > > > > > sasl result code: -4 > > > > > > Unknown sasl response: -4 > > > > > > > > > > > > > > > > > > > > > > > > You could refer to my attached client code above > but I still don't understand why it says 'no secret in database'. > > > > > > > > > > > > > > > > > > > > > > > > Thanks and Regards, > > > > > > Om Kale > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, > Dormando wrote: > > > > > > > > > > > > > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > > > > > > > and then try to run my client, I get the > following error on the server: > > > > > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > ./memcached -S -v > > > > > > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > > > > > > Initialized SASL. > > > > > > > mech: ``SRP'' with 15 bytes of data > > > > > > > SASL (severity 2): no secret in database > > > > > > > sasl result code: -4 > > > > > > > Unknown sasl response: -4 > > > > > > > > > > > > > > > > > > > > > I have added my username, password in a > file called memcached-sasl-pwdb which is located at > > > > > > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > > > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat > memcached-sasl-pwdb > > > > > > > ok:hello > > > > > > > > > > > > > > > > > > > > > > > > > > > > My memcached.conf located at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and > > contains: > > > > > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat > memcached.conf > > > > > > > mech_list: plain > > > > > > > > > > > > > > > > > > > > > I have a couple of questions: > > > > > > > 1. How can the memcached server on start > up know the configured users and the username:password details. > > (Does it > > > read it > > > > from > > > > > > memcached-sasl-pwdb? If > > > > > > > yes, how do I configure it/point to it?) > > > > > > > > > > > > I guess the wiki didn't get fully updated > :( If you use PWDB, it's via > > > > > > MEMCACHED_SASL_PWDB as an environment > variable, so: > > > > > > $ > > > > > > > > >MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sas > l-pwdb" > > > > > > ./memcached -S -v > > > > > > > > > > > > > > > > > > > 2. What's the use of the memcached.conf > file in the "Reading configuration from: > > > > > > > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>" > > > > > > > > > > > > Stating the supported mechanisms for sasl > authentication (ie; the at-rest > > > > > > state of the password data) > > > > > > > > > > > > > in the output. I am presuming this read > will tell the memcached server the username:password details. If > > yes, what > > > should > > > > be the > > > > > location > > > > > > of this file > > > > > > > 3. Do I need to install/point to any > additional ssl libraries during server bring up? > > > > > > > > > > > > Should be answered above. Hopefully that > works for you > > > > > > > > > > > > -- > > > > > > > > > > > > --- > > > > > > You received this message because you are > subscribed to the Google Groups "memcached" group. > > > > > > To unsubscribe from this group and stop > receiving emails from it, send an email to memcached+...@googlegroups.com. > > > > > > For more options, visit > https://groups.google.com/d/optout. > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > --- > > > > > You received this message because you are subscribed to > the Google Groups "memcached" group. > > > > > To unsubscribe from this group and stop receiving emails > from it, send an email to memcached+unsubscr...@googlegroups.com. > > > > > For more options, visit > https://groups.google.com/d/optout. > > > > > > > > > > > > > > > > > > -- > > > > > > > > --- > > > > You received this message because you are subscribed to > the Google Groups "memcached" group. > > > > To unsubscribe from this group and stop receiving emails > from it, send an email to memcached+unsubscr...@googlegroups.com. > > > > For more options, visit > https://groups.google.com/d/optout. > > > > > > > > > > > > -- > > > > > > > > --- > > > > You received this message because you are subscribed to the > Google Groups "memcached" group. > > > > To unsubscribe from this group and stop receiving emails from > it, send an email to memcached+unsubscr...@googlegroups.com. > > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > > > > > -- > > > > > > --- > > > You received this message because you are subscribed to the Google > Groups "memcached" group. > > > To unsubscribe from this group and stop receiving emails from it, > send an email to memcached+unsubscr...@googlegroups.com. > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > -- > > > > > > --- > > > You received this message because you are subscribed to the Google > Groups "memcached" group. > > > To unsubscribe from this group and stop receiving emails from it, send > an email to memcached+unsubscr...@googlegroups.com. > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > -- > > > > --- > > You received this message because you are subscribed to the Google Groups > "memcached" group. > > To unsubscribe from this group and stop receiving emails from it, send an > email to memcached+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > -- > > > > --- > > You received this message because you are subscribed to the Google Groups > "memcached" group. > > To unsubscribe from this group and stop receiving emails from it, send an > email to memcached+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "memcached" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "memcached" > group. > To unsubscribe from this group and stop receiving emails from it, send an > email to > memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.