ztzg opened a new pull request #1134: ZOOKEEPER-1112: Add (Cyrus) SASL 
authentication support to C client library
URL: https://github.com/apache/zookeeper/pull/1134
 
 
   This is a "respin" of https://github.com/apache/zookeeper/pull/1054, which I 
withdrew due to some annoying shortcomings.
   
   This changeset allows C clients to use SASL to authenticate with the 
ZooKeeper server.  It is loosely based on patches #1 and #2 by Tom Klonikowski, 
at https://reviews.apache.org/r/2252/, but the result has been extensively 
reworked to follow the semantics of the Java client:
   
     * No SASL operations are exposed through the API;
   
     * The configuration is provided, and stored, at "handle init time";
   
     * SASL authentication is automatically performed after each (re)connect.
   
   It introduces an optional dependency on the Cyrus SASL library, which can 
either be autodetected (default) or configured using the 
`--without-sasl`/`--with-sasl[=DIR]` flags.
   
   `TestServerRequireClientSASLAuth.cc` has been renamed to `TestSASLAuth.cc`, 
and a test has been added which successfully (re)authenticates using the 
`DIGEST-MD5` mechanism.  An earlier version of this code has been used to 
successfully authenticate clients via Kerberos.
   
   While `cli.c` is not modified by this commit, we are planning to submit a 
subsequent contribution which enables SASL support in that client using the 
ZOOKEEPER-3599 (use `getopt` if available) mechanism.
   
   Co-authored-by: Tom Klonikowski <kloni...@informatik.haw-hamburg.de>

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

Reply via email to