No worthy mechs found

Ted Yu yuzhihong at gmail.com
Wed Mar 15 12:39:36 EDT 2017 

w.r.t. Server not found in Kerberos database error, I generated another
keytab with indicated principal and got past the error.

FYI

On Tue, Mar 14, 2017 at 6:49 PM, Ted Yu <yuzhihong at gmail.com> wrote:

> Got over previous error (for now).
>
> However, this time I got:
>
> Mar 14 10:00:46 5f4a350528ca client-test: GSSAPI Error: Unspecified GSS
> failure.  Minor code may provide more information (Server hbase/
> 5f4a350528ca at EXAMPLE.COM not found in Kerberos database)
>
> 5f4a350528ca is the docker VM.
>
> # klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: hbase/localhost at EXAMPLE.COM
>
> Valid starting     Expires            Service principal
> 03/14/17 04:02:50  03/14/17 14:02:50  krbtgt/EXAMPLE.COM at EXAMPLE.COM
> renew until 03/21/17 04:02:50
>
> How do I get over the above error ?
>
> Thanks
>
> On Tue, Mar 14, 2017 at 4:09 PM, Ted Yu <yuzhihong at gmail.com> wrote:
>
>> Hi,
>> I use the following code for calling sasl_client_init():
>>
>>     callback->id = SASL_CB_GETPATH;
>>
>>     callback->proc = (sasl_callback_ft) &GetPluginPath;
>>
>>     callback->context = (void *)(sasl_plugin_dir_path.c_str());
>>
>>     ++callback;
>>
>>
>>     /* user */
>>
>>     callback->id = SASL_CB_USER;
>>
>>     callback->proc = (sasl_callback_ft) &Simple;
>>
>>     callback->context = const_cast<char *>(user_name_.c_str());
>>
>>     ++callback;
>>
>>
>>     /* termination */
>>
>>     callback->id = SASL_CB_LIST_END;
>>
>>     callback->proc = NULL;
>>
>>     callback->context = NULL;
>>
>>     ++callback;
>>
>>     rc = sasl_client_init(callbacks);
>>
>>
>> sasl_client_init() returned 0.
>>
>> But the following:
>>
>>     const char *mechusing, *mechlist = "GSSAPI";
>>
>>
>>     do {
>>
>>       currentReturnCode = sasl_client_start(sconn_, /* the same context
>> from above */
>>
>>            mechlist, /* the list of mechanisms
>>
>>             from the server */
>>
>>             NULL, /* filled in if an
>>
>>             interaction is needed */
>>
>>             &out, /* filled in on success */
>>
>>             &outlen, /* filled in on success */
>>
>>             &mechusing);
>>
>> gave me -4.
>>
>> I saw this auth log:
>>
>>   Mar 14 09:01:33 5f4a350528ca client-test: No worthy mechs found
>>
>> Under CYRUS_SASL_PLUGINS_DIR :
>>
>> # ls /usr/lib/sasl2
>>
>> libanonymous.la        libcrammd5.la        libdigestmd5.la
>> libgs2.la        libgssapiv2.la        libotp.la        libplain.la
>>    libscram.la
>>
>> libanonymous.so        libcrammd5.so        libdigestmd5.so
>>  libgs2.so        libgssapiv2.so        libotp.so        libplain.so
>>  libscram.so
>>
>> libanonymous.so.3      libcrammd5.so.3      libdigestmd5.so.3
>>  libgs2.so.3      libgssapiv2.so.3      libotp.so.3      libplain.so.3
>>  libscram.so.3
>>
>> libanonymous.so.3.0.0  libcrammd5.so.3.0.0  libdigestmd5.so.3.0.0
>>  libgs2.so.3.0.0  libgssapiv2.so.3.0.0  libotp.so.3.0.0  libplain.so.3.0.0
>>  libscram.so.3.0.0
>>
>>
>> Is there any lib which was missing ?
>>
>> Thanks
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20170315/d6b88aa9/attachment.html>

More information about the Cyrus-sasl mailing list