argus + sasl: does this works?

Carter Bullard carter at qosient.com
Wed Oct 28 10:22:59 EDT 2009


Hey Peter,
Sasl support is turned on through ./configure, so we don't need (or at  
least
we shouldn't need)  the SASLLIB compile switch.  My configure finds  
sasl2
and adds "-lsasl2" to @COMPATLIB@, and turns on "ARGUS_SASL=1".

    ./configure --with-sasl=yes

We use to configure it with sasl by default, but seems like that  
changed a year
or so ago.

We get to the authentication code through the routine  
ArgusReadConnection(),
which gets the remote socket, grabs the first management record from  
the stream,
which declares if security is required, and calls ArgusAuthenticate(),  
which calls
ArgusInitializeAuthentication() on line 232 of ./common/argus_auth.c.   
It does
its SASL turns, before sending a START to the remote argus data source,
before reading any additional records.

Try the "./configure --with-sasl=yes" on both argus and the clients,  
and see if
that doesn't make it?

Be sure and run with the ra() clients with "-D2", which should show  
all the sasl
debug messages.  Possibly you don't have an appropriate MECH?

Carter

On Oct 28, 2009, at 7:15 AM, Peter Volkov wrote:

> Hi guys. I'm testing argus-3.0.2 and argus-clients-3.0.2 with sasl
> support. With patch in attachment I've managed to build both (btw,
> please apply) but I failed to connect with ratop to argus. After a bit
> of digging into sources I found sasl_client_init() is defined
> in ./common/argus_auth.c:ArgusInitializeAuthentication() function,  
> which
> is not called anywhere anywhere outside argus_auth.c. So it looks like
> sasl is not working with current sarg. Could anybody confirm my
> findings, please?
>
> Thanks in advance for any help,
> -- 
> Peter.
> <argus-sasl-linkage.patch>





-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3815 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20091028/9e0cc414/attachment.bin>


More information about the argus mailing list