Kerberos authentication using GSSAPI

Fan, Jan-fon jan-fon.fan at intel.com
Thu May 23 14:47:32 EDT 2019


Hi,
I have been using a Python client script to do the authentication in our Linux environment and it's working properly.
Now I need to write a C program to do the authentication and I am choosing Cyrus 2.1.27.
After installation, I ran pluginviewer and it showed:

Installed and properly configured SASL (client side) mechanisms are:
  GS2-IAKERB GS2-KRB5 GSSAPI DIGEST-MD5 EXTERNAL CRAM-MD5 PLAIN ANONYMOUS
Available SASL (client side) mechanisms matching your criteria are:
  GS2-IAKERB GS2-KRB5 GSSAPI DIGEST-MD5 EXTERNAL CRAM-MD5 PLAIN ANONYMOUS

So I think the installation is OK.

But after more than one week of trying, I am not able to make it work. Currently I got "generic failure" error message from the sasl_client_step.
I will be appreciated if someone can send me a sample client program using GSSAPI mechanism.
Below is my code:

int result;
const char *data;
unsigned len;
const char *sasl_impl, *sasl_ver;
sasl_interact_t *interactions = NULL;
sasl_conn_t *conn;
const char *chosenmech;
char buf[2048];

sasl_security_properties_t secprops = {56, 256, 2048, SASL_SEC_PASS_CREDENTIALS, NULL, NULL };

sasl_callback_t callbacks[] = {
                { SASL_CB_AUTHNAME, NULL, NULL },
                { SASL_CB_PASS, NULL, NULL },
                { SASL_CB_LIST_END, NULL, NULL }};

result = sasl_client_init(callbacks);

result = sasl_client_new("HTTP", "SCVIMOPXJDAPP01.INTEL.COM", NULL, NULL, NULL, callbacks, SASL_SUCCESS_DATA, &conn);

sasl_setprop(conn, SASL_SEC_PROPS, &secprops);

result=sasl_client_start(conn, "GSSAPI", &interactions, &data, &len, &chosenmech);

result = sasl_client_step(conn, NULL, NULL, NULL, &data, &len);
while (result == SASL_CONTINUE) {
                strcpy(buf, data);
                data=NULL;
                result = sasl_client_step(conn, buf, len, NULL, &data, &len);
}

After the while loop, the result is -1 (generic failure).

Thanks,
Jan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20190523/616b92fc/attachment.html>


More information about the Cyrus-sasl mailing list