[opensuse-security] Failing @ basic Setup & Test of OpenSuse's SASL - openSUSE Security

5 Sep 2008


      I'm working on getting SASL setup & tested, for eventual use with 
GSSAPI/KerberosV authentication.
I'm not sure what the right OpenSuse list for this is, but since it 
is a security topic, I thought 'here' would be a good start.
I've got Cyrus SASL installed from distribution repos on OpenSuse 
11,
saslauthd -v
    	saslauthd 2.1.22
    	authentication mechanisms: getpwent kerberos5 pam rimap shadow 
ldap
I'm reading the SASL docs' "Configuring GSSAPI and Cyrus SASL" 
(.../gssapi.html).
The instructions there state:
"The command-line used for sample-server needs to specify the 
GSSAPI service name and the location of the plug-ins; your sample 
command line might look something like this:
    
    ./sample-server -s host -p ../plugins/.libs
    
    on UNIX"
On OpenSuse, apparently, the app is instead (?),
/usr/bin/cyrus_sasl_sample_server
Checking the sample server/client apps' usage options, they're,
usage: client [-p port] [-s service] [-m mech] host
  usage: server [-p port] [-s service] [-m mech]
where "-p" refers to "port".  Which is clearly *not* the plugin 
library, as per the docs/example.
When I try to run the recommended test, I get simply,
cyrus_sasl_sample_server -p 389 -s ldap -m GSSAPI
  trying 2, 1, 6
  trying 10, 1, 6
  socket: Address family not supported by protocol
and, @ syslog:
 Sep  5 09:08:31 dirsvr cyrus_sasl_sample_server: auxpropfunc error 
invalid parameter supplied
 Sep  5 09:08:31 dirsvr cyrus_sasl_sample_server: _sasl_plugin_load 
failed on sasl_auxprop_plug_init for plugin: ldapdb
not, as the doc says,
" You should get a response similar to:
    
      Generating client mechanism list...
      Sending list of 3 mechanism(s)
      S: R1NTQVBJIFBMQUlOIEFOT05ZTU9VUw==
    "
Can someone please clarify how to set up, run & pass the simple 
'sample' tests?  Or, point to some other docs?  Or, even explain 
what the
console output/ log errors might mean?
I've posted what I've done so far (much the same as here) on the 
Cyrus SASL list too, @
http://www.irbs.net/internet/cyrus-sasl/0809/0005.html
To be honest, I've managed to get more confused since I started.
Thanks,
Ric
--
Hotel pics, info and virtual tours.  Click here to book a hotel online.
http://tagline.hushmail.com/fc/Ioyw6h4eRCkUqa67voYXqzEG9Kr77Qh9kxfyTayJUNWA9...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security+help@opensuse.org