sasl support for argus and clients
Carter Bullard
carter at qosient.com
Mon Jul 31 12:42:42 EDT 2006
Hey Gabriel,
I've tested and tested, with every combination, and I can't
replicate your
problem. I'm going to put up new code in the next few days, and
possibly
that will be all you will need to do to fix the problem.
Carter
On Jul 19, 2006, at 11:47 AM, Gabriel L. Somlo wrote:
> On Tue, Jul 18, 2006 at 10:10:33PM +0000, carter at qosient.com wrote:
>> I believe there is a default non-zero value, so if you compiled in
>> sasl support, and you don't want security, you should set the
>> *SSL_MIN* and *SSL_MAX* to zero?
>
> You mean ARGUS_MIN_SSF and ARGUS_MAX_SSF ? They're set to 40 and 128
> and commented out in the config file. I uncommented them and set them
> both to 0, with the same result -- ra segfaults after printing out the
> error message about SASL negotiation.
>
> Funny thing is, it's not argus itself having a problem, but rather the
> ra client barfs when it tries to connect to it... Not just 'oh, I give
> up because I can't negotiate SASL, bye' but a real, bona-fide
> segfault :)
>
> Let me know if you can't replicate this, and I'll get in there with a
> debugger and poke around...
>
> Thanks,
> Gabriel
>
>>
>> Carter Bullard
>> QoSient LLC
>> 150 E. 57th Street Suite 12D
>> New York, New York 10022
>> +1 212 588-9133 Phone
>> +1 212 588-9134 Fax
>>
>> -----Original Message-----
>> From: "Gabriel L. Somlo" <somlo at cmu.edu>
>> Date: Tue, 18 Jul 2006 17:40:59
>> To:Carter Bullard <carter at qosient.com>
>> Cc:Argus <argus-info at lists.andrew.cmu.edu>
>> Subject: Re: [ARGUS] sasl support for argus and clients
>>
>> On Mon, Jul 17, 2006 at 11:32:23PM -0400, Carter Bullard wrote:
>>> A new set of release candidates is now available on the server.
>>> This set enables SASL support for strong encryption and
>>> authentication
>>> for argus and its clients. This release is intended for those
>>> that are
>>> doing SASL testing (although anyone is welcome to test), as you need
>>> to create sasl accounts on the machine running argus (saslpasswd),
>>> so there is some work to do just to get started.
>>
>> Carter,
>>
>> I built both argus rc.20 and argus-clients rc.21 on FC4 (using
>> --with-sasl=yes) , and whenever I try to run ra to connect to argus,
>> I get this:
>>
>>
>> ra -n -S 128.2.4.35
>> ra[32280]: 17:33:27.932784 RaSaslNegotiate: error starting SASL
>> negotiation
>> Segmentation fault
>>
>>
>> I haven't set up any SASL accounts or changed anything in the config
>> file from the last set of release candidates.
>>
>> Do you mean that when compiling with SASL support (--with-sasl or
>> --with-sasl=yes), SASL accounts then become *mandatory* ?
>>
>> Thanks,
>> Gabriel
>>
>>
>
More information about the argus
mailing list