Warning: file_get_contents(/data/phpspider/zhask/data//catemap/4/c/61.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
使用Cyrus SASL的外部机制_C_Authentication_Sasl_Cyrus - Fatal编程技术网
Fatal编程技术网
  • c/
  • 使用Cyrus SASL的外部机制

使用Cyrus SASL的外部机制

c authentication

使用Cyrus SASL的外部机制,c,authentication,sasl,cyrus,C,Authentication,Sasl,Cyrus,Cyrus SASL api不支持外部机制吗?我正在努力 将其用作客户端,但当被询问时,它会返回SASL\u NOMECH % cat cyrus_sal_ex.c /* cyrus_sasl_ex.c: Example of using the Cyrus SASL api */ #include <stdio.h> /* for printf() */ #include <sasl/sasl.h> /* for sasl_client_*(), SASL_

Cyrus SASL api不支持外部机制吗?我正在努力 将其用作客户端,但当被询问时,它会返回
SASL\u NOMECH

% cat cyrus_sal_ex.c
/* cyrus_sasl_ex.c: Example of using the Cyrus SASL api */
#include <stdio.h>      /* for printf() */
#include <sasl/sasl.h>  /* for sasl_client_*(), SASL_*, sasl_*_t */

static char const * SASL_return_code(int const code) 
{
  switch(code) 
  {
    /* ... */
    case SASL_OK:     return "SASL_OK[0]: successful result";
    /* ... */
    case SASL_NOMECH: return "SASL_NOMECH[-4]: mechanism not supported";
    /* ... */
  }
  return "unrecognized";
}

int main()
{
  char const *  output = NULL;
  unsigned      outlen = 0;
  char const *  mechanism = NULL;
  sasl_conn_t * conn;

# define PRINT_RESULT( x ) do\
  {\
    int const __result = (x);\
    printf("%s == %d\n\t%s\n", #x, __result, SASL_return_code(__result));\
    if (__result < 0) goto done;\
  }\
  while (0)

  PRINT_RESULT( sasl_client_init( NULL ) );
  PRINT_RESULT( sasl_client_new( "fake", "fakey.mcfaker.ton", "127.0.0.1", "127.255.255.1", NULL, 0, &conn) );
  PRINT_RESULT( sasl_client_start( conn, "EXTERNAL", NULL, &output, &outlen, &mechanism) );

done:
# undef PRINT_RESULT
  printf("output: [%d bytes] : %s\n", outlen, (output ? output : "NULL") );
  printf("mechanism: %s\n", (mechanism ? mechanism : "NULL"));

  return 0;
}
% gcc -I/sw/include -L/sw/lib -lsasl2 cyrus_sasl_ex.c -o cyrus_sasl_ex # your header/library locations may vary
% ./cyrus_sasl_ex
sasl_client_init( NULL ) == 0
        SASL_OK[0]: successful result
sasl_client_new( "fake", "fakey.mcfaker.ton", "127.0.0.1", "127.255.255.1", NULL, 0, &conn) == 0
        SASL_OK[0]: successful result
sasl_client_start( conn, "EXTERNAL", NULL, &output, &outlen, &mechanism) == -4
        SASL_NOMECH[-4]: mechanism not supported
output: [0 bytes] : NULL
mechanism: EXTERNAL
%
所以我猜我做错了什么。我尝试将我能想到的所有
sasl\u回调添加到
sasl\u客户机*()
,但是
他们都没有接到电话。我是否应该通过一些论点来断言外部机制是一种可接受的机制?
或者SASL_NOMECH总是返回外部b/c,这似乎不正确


有人能帮我吗?
好的,我找到了遗漏的步骤

根据
sasl/sasl.h
,我需要设置
sasl\u AUTH\u EXTERNAL
属性
对于我的
sasl\u conn\t
首先:


/* set property in SASL connection state
 * returns:
 *  SASL_OK       -- value set
 *  SASL_BADPARAM -- invalid property or value
 */
LIBSASL_API int sasl_setprop(sasl_conn_t *conn,
                 int propnum,
                 const void *value);
#define SASL_SSF_EXTERNAL  100  /* external SSF active (sasl_ssf_t *) */
#define SASL_SEC_PROPS     101  /* sasl_security_properties_t */
#define SASL_AUTH_EXTERNAL 102  /* external authentication ID (const char *) */

/* If the SASL_AUTH_EXTERNAL value is non-NULL, then a special version of the
 * EXTERNAL mechanism is enabled (one for server-embedded EXTERNAL mechanisms).
 * Otherwise, the EXTERNAL mechanism will be absent unless a plug-in
 * including EXTERNAL is present.
 */


一旦我这么做了,其余的人都明白了:


% cat cyrus_sasl_ex.c
/* Example of using the Cyrus SASL api */
#include <stdio.h>          /* for printf() */
#include <sasl/sasl.h>  /* for sasl_client_*(), SASL_*, sasl_*_t */

int main()
{
    char const *    output = NULL;
    unsigned            outlen = 0;
    char const *    mechanism = NULL;
    sasl_conn_t * conn;

#   define PRINT_RESULT( x ) do\
    {\
        int const __result = (x);\
        printf("%s == %d\n\t%s\n", #x, __result, sasl_errstring(__result,NULL,NULL));\
        if (__result < 0) goto done;\
    }\
    while (0)

    PRINT_RESULT( sasl_client_init( NULL ) );
    PRINT_RESULT( sasl_client_new( "fake", "fakey.mcfaker.ton", "127.0.0.1", "127.255.255.1", NULL, 0, &conn) );
    PRINT_RESULT( sasl_setprop( conn, SASL_AUTH_EXTERNAL, "fake authority" ) );
    PRINT_RESULT( sasl_client_start( conn, "EXTERNAL", NULL, &output, &outlen, &mechanism) );

done:
#   undef PRINT_RESULT
    printf("output: [%d bytes] : %s\n", outlen, (output ? output : "NULL") );
    printf("mechanism: %s\n", (mechanism ? mechanism : "NULL"));

    return 0;
}
% gcc -I/sw/include -L/sw/lib -lsasl2 cyrus_sasl_ex.c -o cyrus_sasl_ex
% ./cyrus_sasl_ex
sasl_client_init( NULL ) == 0
        successful result
sasl_client_new( "fake", "fakey.mcfaker.ton", "127.0.0.1", "127.255.255.1", NULL, 0, &conn) == 0
        successful result
sasl_setprop( conn, SASL_AUTH_EXTERNAL, "fake authority" ) == 0
        successful result
sasl_client_start( conn, "EXTERNAL", NULL, &output, &outlen, &mechanism) == 0
        successful result
output: [0 bytes] :
mechanism: EXTERNAL



%cat cyrus\u sasl\u ex.c
/*使用Cyrus SASL api的示例*/
#包括/*用于printf()*/
#包括/*用于sasl_客户机*()、sasl_*、sasl_*\t*/
int main()
{
char const*output=NULL;
无符号outlen=0;
char const*机制=NULL;
萨斯勒康涅狄格州;
#定义打印结果(x)do\
{\
int const_uuuresult=(x)\
printf(“%s==%d\n\t%s\n”、#x、#u结果、sasl_错误字符串(#u结果、NULL、NULL))\
如果(_结果<0)转到完成\
}\
而(0)
打印结果(sasl客户端初始化(NULL));
打印结果(sasl_客户机_新(“假”、“假”、“假”.mcfaker.ton”、“127.0.0.1”、“127.255.255.1”、空、0和连接”);
打印结果(sasl_setprop(连接,sasl_AUTH_外部,“假授权”);
打印结果(sasl客户端启动(连接、外部、空、输出、输出和机制));
完成:
#未定义打印结果
printf(“输出:[%d字节]:%s\n”,outlen,(输出?输出:“NULL”);
printf(“机制:%s\n”,(机制?机制:“NULL”);
返回0;
}
%gcc-I/sw/include-L/sw/lib-lsasl2 cyrus_sasl_ex.c-o cyrus_sasl_ex
%/cyrus_sasl_ex
sasl_客户端_初始化(NULL)==0
成功的结果
sasl_客户端_新建(“假”、“假”、“假.mcfaker.ton”、“127.0.0.1”、“127.255.255.1”、NULL、0和conn)=0
成功的结果
sasl_setprop(连接,sasl_认证,外部,“假授权”)==0
成功的结果
sasl_客户端_启动(连接、外部、空、输出、输出和机制)=0
成功的结果
输出:[0字节]:
机制:外部


然而,由于预装在OS X 10.5上的Cyrus SASL版本有一个bug,使得外部插件需要一个
SASL\u CB\u用户
回调并传递一个空指针来存储其返回值,这仍然意味着我必须在所有这些机器上更新Cyrus SASL


或者,我可能只是围绕这个bug编写代码。
这是因为Cyrus SASL编译时没有任何机制(默认情况下,它们被假定为动态链接)。因此,如果没有动态链接的机制,它将报告没有匹配机制

因此,更好的答案是使用静态链接的机制(在Cyrus包中称为插件)重新编译Cyrus SASL。如果查看config.h头并#将相应的静态定义定义定义为1,然后重新编译(我手动将插件源从plugins dir添加到libsasl2.a存档)。然后,当你链接这个库时,你不会得到那个错误(没有你找到的解决方法)


% cat cyrus_sasl_ex.c
/* Example of using the Cyrus SASL api */
#include <stdio.h>          /* for printf() */
#include <sasl/sasl.h>  /* for sasl_client_*(), SASL_*, sasl_*_t */

int main()
{
    char const *    output = NULL;
    unsigned            outlen = 0;
    char const *    mechanism = NULL;
    sasl_conn_t * conn;

#   define PRINT_RESULT( x ) do\
    {\
        int const __result = (x);\
        printf("%s == %d\n\t%s\n", #x, __result, sasl_errstring(__result,NULL,NULL));\
        if (__result < 0) goto done;\
    }\
    while (0)

    PRINT_RESULT( sasl_client_init( NULL ) );
    PRINT_RESULT( sasl_client_new( "fake", "fakey.mcfaker.ton", "127.0.0.1", "127.255.255.1", NULL, 0, &conn) );
    PRINT_RESULT( sasl_setprop( conn, SASL_AUTH_EXTERNAL, "fake authority" ) );
    PRINT_RESULT( sasl_client_start( conn, "EXTERNAL", NULL, &output, &outlen, &mechanism) );

done:
#   undef PRINT_RESULT
    printf("output: [%d bytes] : %s\n", outlen, (output ? output : "NULL") );
    printf("mechanism: %s\n", (mechanism ? mechanism : "NULL"));

    return 0;
}
% gcc -I/sw/include -L/sw/lib -lsasl2 cyrus_sasl_ex.c -o cyrus_sasl_ex
% ./cyrus_sasl_ex
sasl_client_init( NULL ) == 0
        successful result
sasl_client_new( "fake", "fakey.mcfaker.ton", "127.0.0.1", "127.255.255.1", NULL, 0, &conn) == 0
        successful result
sasl_setprop( conn, SASL_AUTH_EXTERNAL, "fake authority" ) == 0
        successful result
sasl_client_start( conn, "EXTERNAL", NULL, &output, &outlen, &mechanism) == 0
        successful result
output: [0 bytes] :
mechanism: EXTERNAL