Re: Regarding setting up SASL with memcached server and getting a memcached client to associate with server.
Hey,
Did the memcached-sasl-pwdb file get created and is there a line in it?
On Fri, 6 Apr 2018, Om Kale wrote:
> Got it. I see the line you mentioned in the test code.
> I executed the following steps but still see same issue. (I ran ./configure
> after the echo command)
>
>
> Here are the steps:
>
> OKALE-M-33H5:memcached-1.5.7 okale$ echo "hello" | saslpasswd2 -a memcached
> -c -p ok
> OKALE-M-33H5:memcached-1.5.7 okale$ ls -lrth | grep -i 'memcached.conf'
> -rw-r--r-- 1 okale staff 116B Apr 6 15:28 memcached.conf
> OKALE-M-33H5:memcached-1.5.7 okale$
> OKALE-M-33H5:memcached-1.5.7 okale$
> OKALE-M-33H5:memcached-1.5.7 okale$
> OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf
> mech_list: plain
> log_level: 5
> sasldb_path:
> /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb
> OKALE-M-33H5:memcached-1.5.7 okale$
> OKALE-M-33H5:memcached-1.5.7 okale$
> OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v
> Reading configuration from:
>
> Initialized SASL.
> mech: ``SRP'' with 15 bytes of data
> SASL (severity 2): no secret in database
> sasl result code: -4
> Unknown sasl response: -4
>
>
>
> Client side:
> OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost
> Set failed: AUTHENTICATION FAILURE
> OKALE-M-33H5:mycode okale$
>
>
>
> Is there a specific location where memcached.conf and the sasl db file:
> memcached-sasl-pwdb, need to be put?
>
>
>
>
> Thanks and Regards,Om Kale
>
>
> On Fri, Apr 6, 2018 at 3:54 PM, dormando wrote:
> Read the 30 lines around where I said, not just that line.
>
> though I guess it's just:
>
> system("echo testpass | $saslpasswd_path -a memcached -c -p testuser");
>
> so that means:
>
> echo "testpass" | saslpasswd2 -a memcached -c -p testuser
> if you run that from the same directory as your memcached.conf (or use
> -f
> to point to it?), it should create the file properly.
>
> I'm saying to use the tool instead of just putting the username/password
> into the file, and also using the sasldb_path: argument in
> memcached.conf
> to point to the sasldb, instead of the environment variable.
>
> On Fri, 6 Apr 2018, Om Kale wrote:
>
> > Hey Dormando,
> > Ok. When I look at the 't/binary-sasl.t' and search for the section
> you mentioned,
> > I see this:
> >
> > # Build the auth DB for testing.
> >
> > my $sasldb = '/tmp/test-memcached.sasldb';
> >
> > unlink $sasldb;
> >
> >
> > In the t/sasl/memcached.conf, I see the following:
> > mech_list: plain cram-md5
> > log_level: 5
> > sasldb_path: /tmp/test-memcached.sasldb
> >
> > Now, let me know what I need to doa bit confused.
> > Do I need to change any of the above or do I create
> test-memcached.sasldb under tmp on my machine, add a username:password to it
> and then
> run ./configure
> > followed by make?
> >
> >
> >
> >
> > Thanks and Regards,Om Kale
> >
> >
> > On Fri, Apr 6, 2018 at 2:48 PM, dormando wrote:
> > Just for sanity's sake, if you look at: t/sasl/memcached.conf
> in the
> > tarball, and look at t/binary-sasl.t (look for the section
> starting with
> > "my $sasldb =", and build a passwd + configure the pwdb that
> way, does it
> > work?
> >
> > to reiterate; the test config file explicitly declares the path
> for the db
> > within memcached.conf, and then adds the passwords to it via the
> > saslpasswd tool.
> >
> > Would help rule things out anyway. thanks!
> >
> > On Fri, 6 Apr 2018, Om Kale wrote:
> >
> > > Yup, it will be really helpful if you could try and reproduce
> it.
> > > Yes...that's the thing I was wondering, 'no secret in
> database' means its able to reach the database, but unable to read/load the
> > memcached-sasl-pwdb
> > > file. Additionally, I was wondering, if there is need to
> write additional code for some shared secret at client side or any other
> > dependencies.
> > > Currently, I am directly using memcached_set_sasl_auth_data
> function in the client.
> > >
> > > Here are the steps to reproduce:
> > > 1. I installed the memcached server with the enable-sasl and
> enable-sasl-db.
> > > 2. Wrote a c client as attached in the email.
> > > 3. Created a file with the username:password entry named
> memcached-sasl-pwdb as shown before.
> > > 4. Created a memcached.conf with mech:plain
> > > 5. Ran the server using ./memcached -S -vv
> > > 6. Ran the client using ./testsasl username password localhost
> > >
> > > Couple more things to add:
> > > 1. I have followe
Re: Regarding setting up SASL with memcached server and getting a memcached client to associate with server.
Got it. I see the line you mentioned in the test code.
I executed the following steps but still see same issue. (I ran ./configure
after the echo command)
Here are the steps:
OKALE-M-33H5:memcached-1.5.7 okale$ echo "hello" | saslpasswd2 -a memcached
-c -p ok
OKALE-M-33H5:memcached-1.5.7 okale$ ls -lrth | grep -i 'memcached.conf'
-rw-r--r-- 1 okale staff 116B Apr 6 15:28 memcached.conf
OKALE-M-33H5:memcached-1.5.7 okale$
OKALE-M-33H5:memcached-1.5.7 okale$
OKALE-M-33H5:memcached-1.5.7 okale$
OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf
mech_list: plain
log_level: 5
sasldb_path:
/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb
OKALE-M-33H5:memcached-1.5.7 okale$
OKALE-M-33H5:memcached-1.5.7 okale$
OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v
Reading configuration from:
Initialized SASL.
mech: ``SRP'' with 15 bytes of data
SASL (severity 2): no secret in database
sasl result code: -4
Unknown sasl response: -4
Client side:
OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost
Set failed: AUTHENTICATION FAILURE
OKALE-M-33H5:mycode okale$
Is there a specific location where memcached.conf and the sasl db file:
memcached-sasl-pwdb, need to be put?
Thanks and Regards,
Om Kale
On Fri, Apr 6, 2018 at 3:54 PM, dormando wrote:
> Read the 30 lines around where I said, not just that line.
>
> though I guess it's just:
>
> system("echo testpass | $saslpasswd_path -a memcached -c -p testuser");
>
> so that means:
>
> echo "testpass" | saslpasswd2 -a memcached -c -p testuser
> if you run that from the same directory as your memcached.conf (or use -f
> to point to it?), it should create the file properly.
>
> I'm saying to use the tool instead of just putting the username/password
> into the file, and also using the sasldb_path: argument in memcached.conf
> to point to the sasldb, instead of the environment variable.
>
> On Fri, 6 Apr 2018, Om Kale wrote:
>
> > Hey Dormando,
> > Ok. When I look at the 't/binary-sasl.t' and search for the section you
> mentioned,
> > I see this:
> >
> > # Build the auth DB for testing.
> >
> > my $sasldb = '/tmp/test-memcached.sasldb';
> >
> > unlink $sasldb;
> >
> >
> > In the t/sasl/memcached.conf, I see the following:
> > mech_list: plain cram-md5
> > log_level: 5
> > sasldb_path: /tmp/test-memcached.sasldb
> >
> > Now, let me know what I need to doa bit confused.
> > Do I need to change any of the above or do I create
> test-memcached.sasldb under tmp on my machine, add a username:password to
> it and then run ./configure
> > followed by make?
> >
> >
> >
> >
> > Thanks and Regards,Om Kale
> >
> >
> > On Fri, Apr 6, 2018 at 2:48 PM, dormando wrote:
> > Just for sanity's sake, if you look at: t/sasl/memcached.conf in
> the
> > tarball, and look at t/binary-sasl.t (look for the section
> starting with
> > "my $sasldb =", and build a passwd + configure the pwdb that way,
> does it
> > work?
> >
> > to reiterate; the test config file explicitly declares the path
> for the db
> > within memcached.conf, and then adds the passwords to it via the
> > saslpasswd tool.
> >
> > Would help rule things out anyway. thanks!
> >
> > On Fri, 6 Apr 2018, Om Kale wrote:
> >
> > > Yup, it will be really helpful if you could try and reproduce it.
> > > Yes...that's the thing I was wondering, 'no secret in database'
> means its able to reach the database, but unable to read/load the
> > memcached-sasl-pwdb
> > > file. Additionally, I was wondering, if there is need to write
> additional code for some shared secret at client side or any other
> > dependencies.
> > > Currently, I am directly using memcached_set_sasl_auth_data
> function in the client.
> > >
> > > Here are the steps to reproduce:
> > > 1. I installed the memcached server with the enable-sasl and
> enable-sasl-db.
> > > 2. Wrote a c client as attached in the email.
> > > 3. Created a file with the username:password entry named
> memcached-sasl-pwdb as shown before.
> > > 4. Created a memcached.conf with mech:plain
> > > 5. Ran the server using ./memcached -S -vv
> > > 6. Ran the client using ./testsasl username password localhost
> > >
> > > Couple more things to add:
> > > 1. I have followed the following wiki:
> > > https://github.com/memcached/memcached/wiki/SASLHowto
> > >
> > > 2. I haven't used this but added the user:pass in the
> memcached-sasl-pwdb file manually.
> > >
> > > saslpasswd2 -a memcached -c cacheuser
> > > 3. For the SASL library cyrus-sasl-plain, I have installed it,
> but havent used/pointed to it in code or on the server as I did not see
> > steps for this.
> > >
> > > 4.I see its mentioned configure option --enable-sasl-pwdb is not
> working on the wiki, but saw that its there in one of the new PRs.
> > > https://github.com/memcache
Re: Regarding setting up SASL with memcached server and getting a memcached client to associate with server.
Read the 30 lines around where I said, not just that line.
though I guess it's just:
system("echo testpass | $saslpasswd_path -a memcached -c -p testuser");
so that means:
echo "testpass" | saslpasswd2 -a memcached -c -p testuser
if you run that from the same directory as your memcached.conf (or use -f
to point to it?), it should create the file properly.
I'm saying to use the tool instead of just putting the username/password
into the file, and also using the sasldb_path: argument in memcached.conf
to point to the sasldb, instead of the environment variable.
On Fri, 6 Apr 2018, Om Kale wrote:
> Hey Dormando,
> Ok. When I look at the 't/binary-sasl.t' and search for the section you
> mentioned,
> I see this:
>
> # Build the auth DB for testing.
>
> my $sasldb = '/tmp/test-memcached.sasldb';
>
> unlink $sasldb;
>
>
> In the t/sasl/memcached.conf, I see the following:
> mech_list: plain cram-md5
> log_level: 5
> sasldb_path: /tmp/test-memcached.sasldb
>
> Now, let me know what I need to doa bit confused.
> Do I need to change any of the above or do I create test-memcached.sasldb
> under tmp on my machine, add a username:password to it and then run
> ./configure
> followed by make?
>
>
>
>
> Thanks and Regards,Om Kale
>
>
> On Fri, Apr 6, 2018 at 2:48 PM, dormando wrote:
> Just for sanity's sake, if you look at: t/sasl/memcached.conf in the
> tarball, and look at t/binary-sasl.t (look for the section starting with
> "my $sasldb =", and build a passwd + configure the pwdb that way, does
> it
> work?
>
> to reiterate; the test config file explicitly declares the path for the
> db
> within memcached.conf, and then adds the passwords to it via the
> saslpasswd tool.
>
> Would help rule things out anyway. thanks!
>
> On Fri, 6 Apr 2018, Om Kale wrote:
>
> > Yup, it will be really helpful if you could try and reproduce it.
> > Yes...that's the thing I was wondering, 'no secret in database' means
> its able to reach the database, but unable to read/load the
> memcached-sasl-pwdb
> > file. Additionally, I was wondering, if there is need to write
> additional code for some shared secret at client side or any other
> dependencies.
> > Currently, I am directly using memcached_set_sasl_auth_data function
> in the client.
> >
> > Here are the steps to reproduce:
> > 1. I installed the memcached server with the enable-sasl and
> enable-sasl-db.
> > 2. Wrote a c client as attached in the email.
> > 3. Created a file with the username:password entry named
> memcached-sasl-pwdb as shown before.
> > 4. Created a memcached.conf with mech:plain
> > 5. Ran the server using ./memcached -S -vv
> > 6. Ran the client using ./testsasl username password localhost
> >
> > Couple more things to add:
> > 1. I have followed the following wiki:
> > https://github.com/memcached/memcached/wiki/SASLHowto
> >
> > 2. I haven't used this but added the user:pass in the
> memcached-sasl-pwdb file manually.
> >
> > saslpasswd2 -a memcached -c cacheuser
> > 3. For the SASL library cyrus-sasl-plain, I have installed it, but
> havent used/pointed to it in code or on the server as I did not see
> steps for this.
> >
> > 4.I see its mentioned configure option --enable-sasl-pwdb is not
> working on the wiki, but saw that its there in one of the new PRs.
> > https://github.com/memcached/memcached/issues/365
> >
> >
> > Let me know if you need any additional info from my side.
> >
> > Regards,
> > Om Kale
> >
> >
> >
> > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando wrote:
> > No secret in database means it thinks the pwdb is empty (or it
> can't
> > load/find the pwdb).
> >
> > I'm not sure why offhand.. I can try to reproduce it but won't
> have time
> > until later today.
> >
> > On Fri, 6 Apr 2018, Om Kale wrote:
> >
> > > Hi Dormando,
> > > Thanks for the quick reply. I used the environment variable
> you suggested before running the memcached server instance:
> > >
> MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb"
> > >
> > > I have added the following in my memcached.conf file (so
> basically tells plain text). I have openssl and openldap installed on my
> machine
> > but haven't
> > > specified it any config or pointed to it in the code.
> > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf
> > > > mech_list: plain
> > >
> > > Now I run:
> > > ./memcached -S -v
> > >
> > > Followed by the client:
> > > OKALE-M-33H5:mycode ok
Re: Regarding setting up SASL with memcached server and getting a memcached client to associate with server.
Hey Dormando, Ok. When I look at the 't/binary-sasl.t' and search for the section you mentioned, I see this: # Build the auth DB for testing. my $sasldb = '/tmp/test-memcached.sasldb'; unlink $sasldb; In the t/sasl/memcached.conf, I see the following: mech_list: plain cram-md5 log_level: 5 sasldb_path: /tmp/test-memcached.sasldb Now, let me know what I need to doa bit confused. Do I need to change any of the above or do I create test-memcached.sasldb under tmp on my machine, add a username:password to it and then run ./configure followed by make? Thanks and Regards, Om Kale On Fri, Apr 6, 2018 at 2:48 PM, dormando wrote: > Just for sanity's sake, if you look at: t/sasl/memcached.conf in the > tarball, and look at t/binary-sasl.t (look for the section starting with > "my $sasldb =", and build a passwd + configure the pwdb that way, does it > work? > > to reiterate; the test config file explicitly declares the path for the db > within memcached.conf, and then adds the passwords to it via the > saslpasswd tool. > > Would help rule things out anyway. thanks! > > On Fri, 6 Apr 2018, Om Kale wrote: > > > Yup, it will be really helpful if you could try and reproduce it. > > Yes...that's the thing I was wondering, 'no secret in database' means > its able to reach the database, but unable to read/load the > memcached-sasl-pwdb > > file. Additionally, I was wondering, if there is need to write > additional code for some shared secret at client side or any other > dependencies. > > Currently, I am directly using memcached_set_sasl_auth_data function in > the client. > > > > Here are the steps to reproduce: > > 1. I installed the memcached server with the enable-sasl and > enable-sasl-db. > > 2. Wrote a c client as attached in the email. > > 3. Created a file with the username:password entry named > memcached-sasl-pwdb as shown before. > > 4. Created a memcached.conf with mech:plain > > 5. Ran the server using ./memcached -S -vv > > 6. Ran the client using ./testsasl username password localhost > > > > Couple more things to add: > > 1. I have followed the following wiki: > > https://github.com/memcached/memcached/wiki/SASLHowto > > > > 2. I haven't used this but added the user:pass in the > memcached-sasl-pwdb file manually. > > > > saslpasswd2 -a memcached -c cacheuser > > 3. For the SASL library cyrus-sasl-plain, I have installed it, but > havent used/pointed to it in code or on the server as I did not see steps > for this. > > > > 4.I see its mentioned configure option --enable-sasl-pwdb is not working > on the wiki, but saw that its there in one of the new PRs. > > https://github.com/memcached/memcached/issues/365 > > > > > > Let me know if you need any additional info from my side. > > > > Regards, > > Om Kale > > > > > > > > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando wrote: > > No secret in database means it thinks the pwdb is empty (or it > can't > > load/find the pwdb). > > > > I'm not sure why offhand.. I can try to reproduce it but won't > have time > > until later today. > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > Hi Dormando, > > > Thanks for the quick reply. I used the environment variable you > suggested before running the memcached server instance: > > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/ > memcached-1.5.7/memcached-sasl-pwdb" > > > > > > I have added the following in my memcached.conf file (so > basically tells plain text). I have openssl and openldap installed on my > machine > > but haven't > > > specified it any config or pointed to it in the code. > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > > > mech_list: plain > > > > > > Now I run: > > > ./memcached -S -v > > > > > > Followed by the client: > > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > > > Set failed: AUTHENTICATION FAILURE > > > > > > But still get the same error as before on the memcached server: > > > OKALE-M-33H5:memcached-1.5.7 okale$ export > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/ > memcached-1.5.7/memcached-sasl-pwdb" > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > > Reading configuration from: Homebrew/memcached-1.5.7/memcached.conf> > > > Initialized SASL. > > > mech: ``SRP'' with 15 bytes of data > > > SASL (severity 2): no secret in database > > > sasl result code: -4 > > > Unknown sasl response: -4 > > > > > > > > > > > > You could refer to my attached client code above but I still > don't understand why it says 'no secret in database'. > > > > > > > > > > > > Thanks and Regards, > > > Om Kale > > > > > > > > > > > > > > > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, Dormando wrote: > > > > > > > >
Re: Regarding setting up SASL with memcached server and getting a memcached client to associate with server.
Just for sanity's sake, if you look at: t/sasl/memcached.conf in the tarball, and look at t/binary-sasl.t (look for the section starting with "my $sasldb =", and build a passwd + configure the pwdb that way, does it work? to reiterate; the test config file explicitly declares the path for the db within memcached.conf, and then adds the passwords to it via the saslpasswd tool. Would help rule things out anyway. thanks! On Fri, 6 Apr 2018, Om Kale wrote: > Yup, it will be really helpful if you could try and reproduce it. > Yes...that's the thing I was wondering, 'no secret in database' means its > able to reach the database, but unable to read/load the memcached-sasl-pwdb > file. Additionally, I was wondering, if there is need to write additional > code for some shared secret at client side or any other dependencies. > Currently, I am directly using memcached_set_sasl_auth_data function in the > client. > > Here are the steps to reproduce: > 1. I installed the memcached server with the enable-sasl and enable-sasl-db. > 2. Wrote a c client as attached in the email. > 3. Created a file with the username:password entry named memcached-sasl-pwdb > as shown before. > 4. Created a memcached.conf with mech:plain > 5. Ran the server using ./memcached -S -vv > 6. Ran the client using ./testsasl username password localhost > > Couple more things to add: > 1. I have followed the following wiki: > https://github.com/memcached/memcached/wiki/SASLHowto > > 2. I haven't used this but added the user:pass in the memcached-sasl-pwdb > file manually. > > saslpasswd2 -a memcached -c cacheuser > 3. For the SASL library cyrus-sasl-plain, I have installed it, but havent > used/pointed to it in code or on the server as I did not see steps for this. > > 4.I see its mentioned configure option --enable-sasl-pwdb is not working on > the wiki, but saw that its there in one of the new PRs. > https://github.com/memcached/memcached/issues/365 > > > Let me know if you need any additional info from my side. > > Regards, > Om Kale > > > > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando wrote: > No secret in database means it thinks the pwdb is empty (or it can't > load/find the pwdb). > > I'm not sure why offhand.. I can try to reproduce it but won't have time > until later today. > > On Fri, 6 Apr 2018, Om Kale wrote: > > > Hi Dormando, > > Thanks for the quick reply. I used the environment variable you > suggested before running the memcached server instance: > > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > I have added the following in my memcached.conf file (so basically > tells plain text). I have openssl and openldap installed on my machine > but haven't > > specified it any config or pointed to it in the code. > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > > mech_list: plain > > > > Now I run: > > ./memcached -S -v > > > > Followed by the client: > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > > Set failed: AUTHENTICATION FAILURE > > > > But still get the same error as before on the memcached server: > > OKALE-M-33H5:memcached-1.5.7 okale$ export > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > Reading configuration from: > > > Initialized SASL. > > mech: ``SRP'' with 15 bytes of data > > SASL (severity 2): no secret in database > > sasl result code: -4 > > Unknown sasl response: -4 > > > > > > > > You could refer to my attached client code above but I still don't > understand why it says 'no secret in database'. > > > > > > > > Thanks and Regards, > > Om Kale > > > > > > > > > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, Dormando wrote: > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > and then try to run my client, I get the following error on > the server: > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > > Reading configuration from: > > > > Initialized SASL. > > > mech: ``SRP'' with 15 bytes of data > > > SASL (severity 2): no secret in database > > > sasl result code: -4 > > > Unknown sasl response: -4 > > > > > > > > > I have added my username, password in a file called > memcached-sasl-pwdb which is located at > > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memc
Re: Regarding setting up SASL with memcached server and getting a memcached client to associate with server.
Yup, it will be really helpful if you could try and reproduce it. Yes...that's the thing I was wondering, 'no secret in database' means its able to reach the database, but unable to read/load the memcached-sasl-pwdb file. Additionally, I was wondering, if there is need to write additional code for some shared secret at client side or any other dependencies. Currently, I am directly using memcached_set_sasl_auth_data function in the client. Here are the steps to reproduce: 1. I installed the memcached server with the enable-sasl and enable-sasl-db. 2. Wrote a c client as attached in the email. 3. Created a file with the username:password entry named memcached-sasl-pwdb as shown before. 4. Created a memcached.conf with mech:plain 5. Ran the server using ./memcached -S -vv 6. Ran the client using ./testsasl username password localhost Couple more things to add: 1. I have followed the following wiki: https://github.com/memcached/memcached/wiki/SASLHowto 2. I haven't used this but added the user:pass in the memcached-sasl-pwdb file manually. saslpasswd2 -a memcached -c cacheuser 3. For the SASL library cyrus-sasl-plain, I have installed it, but havent used/pointed to it in code or on the server as I did not see steps for this. 4.I see its mentioned configure option --enable-sasl-pwdb is not working on the wiki, but saw that its there in one of the new PRs. https://github.com/memcached/memcached/issues/365 Let me know if you need any additional info from my side. Regards, Om Kale On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando wrote: > > No secret in database means it thinks the pwdb is empty (or it can't > load/find the pwdb). > > I'm not sure why offhand.. I can try to reproduce it but won't have time > until later today. > > On Fri, 6 Apr 2018, Om Kale wrote: > > > Hi Dormando, > > Thanks for the quick reply. I used the environment variable you > suggested before running the memcached server instance: > > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > > > I have added the following in my memcached.conf file (so basically tells > plain text). I have openssl and openldap installed on my machine but > haven't > > specified it any config or pointed to it in the code. > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > > mech_list: plain > > > > Now I run: > > ./memcached -S -v > > > > Followed by the client: > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > > Set failed: AUTHENTICATION FAILURE > > > > But still get the same error as before on the memcached server: > > OKALE-M-33H5:memcached-1.5.7 okale$ export > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > Reading configuration from: > > > Initialized SASL. > > mech: ``SRP'' with 15 bytes of data > > SASL (severity 2): no secret in database > > sasl result code: -4 > > Unknown sasl response: -4 > > > > > > > > You could refer to my attached client code above but I still don't > understand why it says 'no secret in database'. > > > > > > > > Thanks and Regards, > > Om Kale > > > > > > > > > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, Dormando wrote: > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > and then try to run my client, I get the following error on the > server: > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > > Reading configuration from: > > > > Initialized SASL. > > > mech: ``SRP'' with 15 bytes of data > > > SASL (severity 2): no secret in database > > > sasl result code: -4 > > > Unknown sasl response: -4 > > > > > > > > > I have added my username, password in a file called > memcached-sasl-pwdb which is located at > > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached-sasl-pwdb > > > ok:hello > > > > > > > > > > > > My memcached.conf located at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and > contains: > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > > mech_list: plain > > > > > > > > > I have a couple of questions: > > > 1. How can the memcached server on start up know the configured > users and the username:password details. (Does it read it from > > memcached-sasl-pwdb? If > > > yes, how do I configure it/point to it?) > > > > I guess the wiki didn't get fully updated :( If you use PWDB, it's > via > > MEMCACHED_SASL_PWDB as an environment variable, so: > > $ > > > MEMCACHED_SASL_PWDB="/Users/okale/Librar
Re: Regarding setting up SASL with memcached server and getting a memcached client to associate with server.
No secret in database means it thinks the pwdb is empty (or it can't load/find the pwdb). I'm not sure why offhand.. I can try to reproduce it but won't have time until later today. On Fri, 6 Apr 2018, Om Kale wrote: > Hi Dormando, > Thanks for the quick reply. I used the environment variable you suggested > before running the memcached server instance: > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > I have added the following in my memcached.conf file (so basically tells > plain text). I have openssl and openldap installed on my machine but haven't > specified it any config or pointed to it in the code. > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > mech_list: plain > > Now I run: > ./memcached -S -v > > Followed by the client: > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > Set failed: AUTHENTICATION FAILURE > > But still get the same error as before on the memcached server: > OKALE-M-33H5:memcached-1.5.7 okale$ export > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > Reading configuration from: > > Initialized SASL. > mech: ``SRP'' with 15 bytes of data > SASL (severity 2): no secret in database > sasl result code: -4 > Unknown sasl response: -4 > > > > You could refer to my attached client code above but I still don't understand > why it says 'no secret in database'. > > > > Thanks and Regards, > Om Kale > > > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, Dormando wrote: > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > and then try to run my client, I get the following error on the > server: > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > Reading configuration from: > > > Initialized SASL. > > mech: ``SRP'' with 15 bytes of data > > SASL (severity 2): no secret in database > > sasl result code: -4 > > Unknown sasl response: -4 > > > > > > I have added my username, password in a file called > memcached-sasl-pwdb which is located at > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached-sasl-pwdb > > ok:hello > > > > > > > > My memcached.conf located at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and > contains: > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > mech_list: plain > > > > > > I have a couple of questions: > > 1. How can the memcached server on start up know the configured users > and the username:password details. (Does it read it from > memcached-sasl-pwdb? If > > yes, how do I configure it/point to it?) > > I guess the wiki didn't get fully updated :( If you use PWDB, it's via > MEMCACHED_SASL_PWDB as an environment variable, so: > $ > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > ./memcached -S -v > > > > 2. What's the use of the memcached.conf file in the "Reading > configuration from: > " > > Stating the supported mechanisms for sasl authentication (ie; the > at-rest > state of the password data) > > > in the output. I am presuming this read will tell the memcached > server the username:password details. If yes, what should be the location > of this file > > 3. Do I need to install/point to any additional ssl libraries during > server bring up? > > Should be answered above. Hopefully that works for you > > -- > > --- > You received this message because you are subscribed to the Google Groups > "memcached" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: Regarding setting up SASL with memcached server and getting a memcached client to associate with server.
Hi Dormando, Thanks for the quick reply. I used the environment variable you suggested before running the memcached server instance: MEMCACHED_SASL_PWDB="/Users/ okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" I have added the following in my memcached.conf file (so basically tells plain text). I have openssl and openldap installed on my machine but haven't specified it any config or pointed to it in the code. > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > mech_list: plain Now I run: ./memcached -S -v Followed by the client: OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost Set failed: AUTHENTICATION FAILURE But still get the same error as before on the memcached server: OKALE-M-33H5:memcached-1.5.7 okale$ export MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v Reading configuration from: Initialized SASL. mech: ``SRP'' with 15 bytes of data SASL (severity 2): no secret in database sasl result code: -4 Unknown sasl response: -4 You could refer to my attached client code above but I still don't understand why it says 'no secret in database'. Thanks and Regards, Om Kale On Friday, April 6, 2018 at 12:19:17 PM UTC-7, Dormando wrote: > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > and then try to run my client, I get the following error on the server: > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > Reading configuration from: > > > Initialized SASL. > > mech: ``SRP'' with 15 bytes of data > > SASL (severity 2): no secret in database > > sasl result code: -4 > > Unknown sasl response: -4 > > > > > > I have added my username, password in a file called memcached-sasl-pwdb > which is located at > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached-sasl-pwdb > > ok:hello > > > > > > > > My memcached.conf located at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and > contains: > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > mech_list: plain > > > > > > I have a couple of questions: > > 1. How can the memcached server on start up know the configured users > and the username:password details. (Does it read it from > memcached-sasl-pwdb? If > > yes, how do I configure it/point to it?) > > I guess the wiki didn't get fully updated :( If you use PWDB, it's via > MEMCACHED_SASL_PWDB as an environment variable, so: > $ > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > ./memcached -S -v > > > > 2. What's the use of the memcached.conf file in the "Reading > configuration from: > " > > Stating the supported mechanisms for sasl authentication (ie; the at-rest > state of the password data) > > > in the output. I am presuming this read will tell the memcached server > the username:password details. If yes, what should be the location of this > file > > 3. Do I need to install/point to any additional ssl libraries during > server bring up? > > Should be answered above. Hopefully that works for you -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: Regarding setting up SASL with memcached server and getting a memcached client to associate with server.
On Fri, 6 Apr 2018, Om Kale wrote: > and then try to run my client, I get the following error on the server: > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > Reading configuration from: > > Initialized SASL. > mech: ``SRP'' with 15 bytes of data > SASL (severity 2): no secret in database > sasl result code: -4 > Unknown sasl response: -4 > > > I have added my username, password in a file called memcached-sasl-pwdb which > is located at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached-sasl-pwdb > ok:hello > > > > My memcached.conf located at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and > contains: > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > mech_list: plain > > > I have a couple of questions: > 1. How can the memcached server on start up know the configured users and the > username:password details. (Does it read it from memcached-sasl-pwdb? If > yes, how do I configure it/point to it?) I guess the wiki didn't get fully updated :( If you use PWDB, it's via MEMCACHED_SASL_PWDB as an environment variable, so: $ MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" ./memcached -S -v > 2. What's the use of the memcached.conf file in the "Reading configuration > from: " Stating the supported mechanisms for sasl authentication (ie; the at-rest state of the password data) > in the output. I am presuming this read will tell the memcached server the > username:password details. If yes, what should be the location of this file > 3. Do I need to install/point to any additional ssl libraries during server > bring up? Should be answered above. Hopefully that works for you -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Regarding setting up SASL with memcached server and getting a memcached client to associate with server.
Hi All,
I am new to memcached and have started working on it for the past couple
weeks.
*My use case is creating a SASL enabled client and successfully get/set
into memcache server using authentication.*
I have enabled SASL and enabled SASL-PWDB in the brew install itself:
brew install memcached --enable-sasl --enable-sasl-pwdb
I have written a simple memcached client using libmemcached which looks
like this: (Using: memcached_set_sasl_auth_data)
/*
* Test that libmemcached is built with SASL support.
*/
#include
#include
#include
const char* key = "abc";
const char* value = "value";
// test basic get/set operation works.
void test_getset(memcached_st* cache)
{
char* r_value;
uint32_t flags = 0;
uint32_t r_flags = 0;
size_t val_length;
memcached_return_t rc;
rc = memcached_set(cache, key, strlen(key), value, strlen(value),
(time_t)0, flags);
if (rc == MEMCACHED_TIMEOUT) {
fprintf(stderr, "Set timeout\n");
return;
} else if (rc != MEMCACHED_SUCCESS) {
fprintf(stderr, "Set failed: %s\n", memcached_strerror(cache, rc));
return;
}
r_value = memcached_get(cache, key, strlen(key), &val_length, &r_flags,
&rc);
if (rc == MEMCACHED_TIMEOUT) {
fprintf(stderr, "Get timeout\n");
return;
} else if (rc != MEMCACHED_SUCCESS) {
fprintf(stderr, "Get failed: %s\n", memcached_strerror(cache, rc));
return;
}
if (strcmp(value, r_value) != 0) {
fprintf(stderr, "Get returned bad value! (%s != %s)!\n", value,
r_value);
}
if (r_flags != flags) {
fprintf(stderr, "Get returned bad flags! (%u != %u)!\n", flags,
r_flags);
}
fprintf(stdout, "Get/Set success!\n");
}
// connect with SASL.
void authTest(const char* user, const char* pass, const char* server)
{
memcached_server_st *servers = NULL;
memcached_return_t rc;
memcached_st *cache;
cache = memcached_create(NULL);
rc = memcached_set_sasl_auth_data(cache, user, pass);
if (rc != MEMCACHED_SUCCESS)
fprintf(stderr, "Couldn't setup SASL auth: %s\n",
memcached_strerror(cache, rc));
rc = memcached_behavior_set(cache, MEMCACHED_BEHAVIOR_BINARY_PROTOCOL, 1);
if (rc != MEMCACHED_SUCCESS)
fprintf(stderr, "Couldn't use the binary protocol: %s\n",
memcached_strerror(cache, rc));
rc = memcached_behavior_set(cache, MEMCACHED_BEHAVIOR_CONNECT_TIMEOUT,
1);
if (rc != MEMCACHED_SUCCESS)
fprintf(stderr, "Couldn't set the connect timeout: %s\n",
memcached_strerror(cache, rc));
servers = memcached_server_list_append(servers, "localhost", 11211, &rc);
rc = memcached_server_push(cache, servers);
if (rc != MEMCACHED_SUCCESS)
fprintf(stderr, "Couldn't add server: %s\n", memcached_strerror(cache,
rc));
test_getset(cache);
memcached_free(cache);
}
// start program.
int main(int argv, char *args[])
{
if (argv != 4) {
fprintf(stderr, "ERROR: usage => %s [username] [password] [server]\n",
args[0]);
return 1;
}
authTest(args[1], args[2], args[3]);
return 0;
}
Now when I run the memcached server using:
memcached -S -vv
and then try to run my client, I get the following error on the server:
OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v
Reading configuration from:
Initialized SASL.
mech: ``SRP'' with 15 bytes of data
SASL (severity 2): no secret in database
sasl result code: -4
Unknown sasl response: -4
On the client side, I see the following:
OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost
Set failed: AUTHENTICATION FAILURE
OKALE-M-33H5:mycode okale$
I have added my username, password in a file called memcached-sasl-pwdb
which is located at
/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb
OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached-sasl-pwdb
ok:hello
My memcached.conf located at
/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and
contains:
OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf
mech_list: plain
I have a couple of questions:
1. How can the memcached server on start up know the configured users and
the username:password details. (Does it read it from memcached-sasl-pwdb?
If yes, how do I configure it/point to it?)
2. What's the use of the memcached.conf file in the "Reading configuration
from:
" in
the output. I am presuming this read will tell the memcached server the
username:password details. If yes, what should be the location of this file
3. Do I need to install/point to any additional ssl libraries during server
bring up?
Please refer attachment for the verbose memcached server log.
Help will be much appreciated.
Thanks and Regards,
Om Kale
--
---
You received this message because you are subscribed to the Google Groups
"memcached" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to memcached+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
memcachedserververbose.rtf
Description: RTF file
