sasl support for argus and clients
Gabriel L. Somlo
somlo at cmu.edu
Mon Jul 31 12:45:19 EDT 2006
Carter,
OK, I'll try the new code when it becomes available, and we'll work
from there...
Thanks much,
Gabriel
On Mon, Jul 31, 2006 at 12:42:42PM -0400, Carter Bullard wrote:
> Hey Gabriel,
> I've tested and tested, with every combination, and I can't
> replicate your
> problem. I'm going to put up new code in the next few days, and
> possibly
> that will be all you will need to do to fix the problem.
>
> Carter
>
>
> On Jul 19, 2006, at 11:47 AM, Gabriel L. Somlo wrote:
>
> >On Tue, Jul 18, 2006 at 10:10:33PM +0000, carter at qosient.com wrote:
> >>I believe there is a default non-zero value, so if you compiled in
> >>sasl support, and you don't want security, you should set the
> >>*SSL_MIN* and *SSL_MAX* to zero?
> >
> >You mean ARGUS_MIN_SSF and ARGUS_MAX_SSF ? They're set to 40 and 128
> >and commented out in the config file. I uncommented them and set them
> >both to 0, with the same result -- ra segfaults after printing out the
> >error message about SASL negotiation.
> >
> >Funny thing is, it's not argus itself having a problem, but rather the
> >ra client barfs when it tries to connect to it... Not just 'oh, I give
> >up because I can't negotiate SASL, bye' but a real, bona-fide
> >segfault :)
> >
> >Let me know if you can't replicate this, and I'll get in there with a
> >debugger and poke around...
> >
> >Thanks,
> >Gabriel
> >
> >>
> >>Carter Bullard
> >>QoSient LLC
> >>150 E. 57th Street Suite 12D
> >>New York, New York 10022
> >>+1 212 588-9133 Phone
> >>+1 212 588-9134 Fax
> >>
> >>-----Original Message-----
> >>From: "Gabriel L. Somlo" <somlo at cmu.edu>
> >>Date: Tue, 18 Jul 2006 17:40:59
> >>To:Carter Bullard <carter at qosient.com>
> >>Cc:Argus <argus-info at lists.andrew.cmu.edu>
> >>Subject: Re: [ARGUS] sasl support for argus and clients
> >>
> >>On Mon, Jul 17, 2006 at 11:32:23PM -0400, Carter Bullard wrote:
> >>>A new set of release candidates is now available on the server.
> >>>This set enables SASL support for strong encryption and
> >>>authentication
> >>>for argus and its clients. This release is intended for those
> >>>that are
> >>>doing SASL testing (although anyone is welcome to test), as you need
> >>>to create sasl accounts on the machine running argus (saslpasswd),
> >>>so there is some work to do just to get started.
> >>
> >>Carter,
> >>
> >>I built both argus rc.20 and argus-clients rc.21 on FC4 (using
> >>--with-sasl=yes) , and whenever I try to run ra to connect to argus,
> >>I get this:
> >>
> >>
> >>ra -n -S 128.2.4.35
> >>ra[32280]: 17:33:27.932784 RaSaslNegotiate: error starting SASL
> >>negotiation
> >>Segmentation fault
> >>
> >>
> >>I haven't set up any SASL accounts or changed anything in the config
> >>file from the last set of release candidates.
> >>
> >>Do you mean that when compiling with SASL support (--with-sasl or
> >>--with-sasl=yes), SASL accounts then become *mandatory* ?
> >>
> >>Thanks,
> >>Gabriel
> >>
> >>
> >
>
>
>
More information about the argus
mailing list