Cyrus SASL 2.1.25 / Plugin Testing

"Info (MateAR.eu)" <info@xxxxxxxxx> · Wed, 26 Sep 2012 09:04:07 +0100

Hi all,

I've modified sample/server and sample/client apps slightly to output 
debug info useful during testing. Find below my findings.
All plugins seem to work fine except SRP. Sorry about the stupid 
question (I'm a newbie), but how I can test SRP?

Thanks in advance.

Sergio.

---

Test Results

Server side [sample/server]

This product includes software developed by Computing Services
at Carnegie Mellon University (http://www.cmu.edu/computing/).

Built against SASL API version 2.1.25
LibSasl version 2.1.15 by "Cyrus SASL"

Build options: Berkeley DB 5.3.21, OpenSSL 1.0.1c, OpenLDAP 2.4.32

Waiting for incoming connections on all IPv4 and IPv6 addresses ...

Accepted new connection ...
Generating client mechanism list ... 8 mechanisms
Waiting for client mechanism ...
Using mechanism: NTLM
Sending response length: 60
0000  4e 54 4c 4d 53 53 50 00:02 00 00 00 0c 00 0c 00  NTLMSSP.........
0010  30 00 00 00 05 02 02 00:59 59 59 59 59 59 59 59  0.......YYYYYYYY
0020  00 00 00 00 00 00 00 00:00 00 00 00 00 00 00 00  ................
0030  4c 00 4f 00 4e 00 44 00:4f 00 4e 00              L.O.N.D.O.N.
Waiting for client reply ...
Negotiation complete.
Successful authentication 'rosario'
Realm: (NULL)
SSF: 0
Closing connection.

Client side [sample/client]

Receiving capability list ... SRP DIGEST-MD5 OTP CRAM-MD5 NTLM LOGIN PLAIN
ANONYMOUS
Using mechanism: NTLM
Please enter an authentication id: rosario
Password:
Sending response length: 114
0000  4e 54 4c 4d 53 53 50 00:03 00 00 00 00 00 00 00  NTLMSSP.........
0010  40 00 00 00 18 00 18 00:40 00 00 00 0c 00 0c 00  @.......@.......
0020  58 00 00 00 0e 00 0e 00:64 00 00 00 00 00 00 00  X.......d.......
0030  72 00 00 00 00 00 00 00:72 00 00 00 05 02 00 00  r.......r.......
0040  20 7c 7d 71 06 35 b4 a6:20 07 2e a8 1f b7 6d c4   |}q.5.. .....m.
0050  7f 32 88 89 da f0 1f 8c:4c 00 4f 00 4e 00 44 00  .2......L.O.N.D.
0060  4f 00 4e 00 72 00 6f 00:73 00 61 00 72 00 69 00  O.N.r.o.s.a.r.i.
0070  6f 00                                            o.
Successful authentication.
Closing connection.

<... another test using OTP ...>

Server Side

Accepted new connection ...
Generating client mechanism list ... 8 mechanisms
Waiting for client mechanism ...
Using mechanism: OTP
Sending response length: 22
0000  6f 74 70 2d 6d 64 35 20:34 39 33 20 6c 6f 33 35  otp-md5 493 lo35
0010  39 39 20 65 78 74                                99 ext
Waiting for client reply ...
Negotiation complete.
Successful authentication 'rosario'
Realm: (NULL)
SSF: 0
Closing connection.

Client side

Receiving capability list ... SRP DIGEST-MD5 OTP CRAM-MD5 NTLM LOGIN PLAIN
ANONYMOUS
Please enter an authentication id: rosario
Please enter an authorization id: rosario
Password:
Using mechanism: OTP
Sending response length: 20
0000  68 65 78 3a 39 35 62 38:39 30 35 31 31 64 39 31  hex:95b890511d91
0010  33 34 35 64                                      345d
Successful authentication.
Closing connection.

<... another test using DIGEST-MD5 ...>

Server Side

Accepted new connection ...
Generating client mechanism list ... 8 mechanisms
Waiting for client mechanism ...
Using mechanism: DIGEST-MD5
Sending response length: 178
0000  6e 6f 6e 63 65 3d 22 58:56 31 64 58 56 31 64 58  nonce="XV1dXV1dX
0010  56 31 64 58 56 31 64 58:56 31 64 58 56 31 64 58  V1dXV1dXV1dXV1dX
0020  56 31 64 58 56 31 64 58:56 31 64 58 56 31 64 58  V1dXV1dXV1dXV1dX
0030  56 30 3d 22 2c 72 65 61:6c 6d 3d 22 6c 6f 6e 64  V0=",realm="lond
0040  6f 6e 22 2c 71 6f 70 3d:22 61 75 74 68 2c 61 75  on",qop="auth,au
0050  74 68 2d 69 6e 74 2c 61:75 74 68 2d 63 6f 6e 66  th-int,auth-conf
0060  22 2c 63 69 70 68 65 72:3d 22 72 63 34 2d 34 30  ",cipher="rc4-40
0070  2c 72 63 34 2d 35 36 2c:72 63 34 2c 64 65 73 2c  ,rc4-56,rc4,des,
0080  33 64 65 73 22 2c 6d 61:78 62 75 66 3d 32 30 34  3des",maxbuf=204
0090  38 2c 63 68 61 72 73 65:74 3d 75 74 66 2d 38 2c  8,charset=utf-8,
00a0  61 6c 67 6f 72 69 74 68:6d 3d 6d 64 35 2d 73 65  algorithm=md5-se
00b0  73 73                                            ss
Waiting for client reply ...
Sending response length: 40
0000  72 73 70 61 75 74 68 3d:65 61 66 33 30 36 65 34  rspauth=eaf306e4
0010  34 32 34 39 38 31 64 62:62 37 32 35 65 63 34 64  424981dbb725ec4d
0020  38 63 66 34 39 34 63 37:                         8cf494c7
Waiting for client reply ...
Negotiation complete.
Successful authentication 'rosario'
Realm: (NULL)
SSF: 0
Closing connection.

Client side

Receiving capability list ... SRP DIGEST-MD5 OTP CRAM-MD5 NTLM LOGIN PLAIN
ANONYMOUS
Using mechanism: DIGEST-MD5
Please enter an authentication id: rosario
Please enter an authorization id: rosario
Password:
Sending response length: 228
0000  75 73 65 72 6e 61 6d 65:3d 22 72 6f 73 61 72 69  username="rosari
0010  6f 22 2c 72 65 61 6c 6d:3d 22 6c 6f 6e 64 6f 6e  o",realm="london
0020  22 2c 6e 6f 6e 63 65 3d:22 58 56 31 64 58 56 31  ",nonce="XV1dXV1
0030  64 58 56 31 64 58 56 31:64 58 56 31 64 58 56 31  dXV1dXV1dXV1dXV1
0040  64 58 56 31 64 58 56 31:64 58 56 31 64 58 56 31  dXV1dXV1dXV1dXV1
0050  64 58 56 30 3d 22 2c 63:6e 6f 6e 63 65 3d 22 58  dXV0=",cnonce="X
0060  56 31 64 58 56 31 64 58:56 31 64 58 56 31 64 58  V1dXV1dXV1dXV1dX
0070  56 31 64 58 56 31 64 58:56 31 64 58 56 31 64 58  V1dXV1dXV1dXV1dX
0080  56 31 64 58 56 31 64 58:56 30 3d 22 2c 6e 63 3d  V1dXV1dXV0=",nc=
0090  30 30 30 30 30 30 30 31:2c 71 6f 70 3d 61 75 74  00000001,qop=aut
00a0  68 2c 64 69 67 65 73 74:2d 75 72 69 3d 22 72 63  h,digest-uri="rc
00b0  6d 64 2f 6c 6f 6e 64 6f:6e 22 2c 72 65 73 70 6f  md/london",respo
00c0  6e 73 65 3d 37 39 34 63:61 32 62 65 32 62 37 38  nse=794ca2be2b78
00d0  32 61 39 36 65 35 35 33:36 34 38 38 62 64 37 34  2a96e5536488bd74
00e0  37 61 62 61                                      7aba
Sending null response ...
Successful authentication.
Closing connection.

<... another test using SRP ...>

Server Side

Accepted new connection ...
Generating client mechanism list ... 8 mechanisms
Waiting for client mechanism ...
Using mechanism: SRP
Sending response length: 786
0000  00 00 03 0e 00 01 00 ac:6b db 41 32 4a 9a 9b f1  ........k.A2J...
0010  66 de 5e 13 89 58 2f af:72 b6 65 19 87 ee 07 fc  f.^..X/.r.e.....
0020  31 92 94 3d b5 60 50 a3:73 29 cb b4 a0 99 ed 81  1..=.`P.s)......
0030  93 e0 75 77 67 a1 3d d5:23 12 ab 4b 03 31 0d cd  ..uwg.=.#..K.1..
0040  7f 48 a9 da 04 fd 50 e8:08 39 69 ed b7 67 b0 cf  .H....P..9i..g..
0050  60 95 17 9a 16 3a b3 66:1a 05 fb d5 fa aa e8 29  `....:.f.......)
0060  18 a9 96 2f 0b 93 b8 55:f9 79 93 ec 97 5e ea a8  .../...U.y...^..
0070  0d 74 0a db f4 ff 74 73:59 d0 41 d5 c3 3e a7 1d  .t....tsY.A..>..
0080  28 1e 44 6b 14 77 3b ca:97 b4 3a 23 fb 80 16 76  (.Dk.w;...:#...v
0090  bd 20 7a 43 6c 64 81 f1:d2 b9 07 87 17 46 1a 5b  . zCld.......F.[
00a0  9d 32 e6 88 f8 77 48 54:45 23 b5 24 b0 d5 7d 5e  .2...wHTE#.$..}^
00b0  a7 7a 27 75 d2 ec fa 03:2c fb db f5 2f b3 78 61  .z'u....,.../.xa
00c0  60 27 90 04 e5 7a e6 af:87 4e 73 03 ce 53 29 9c  `'...z...Ns..S).
00d0  cc 04 1c 7b c3 08 d8 2a:56 98 f3 a8 d0 c3 82 71  ...{...*V......q
00e0  ae 35 f8 e9 db fb b6 94:b5 c8 03 d8 9f 7a e4 35  .5...........z.5
00f0  de 23 6d 52 5f 54 75 9b:65 e3 72 fc d6 8e f2 0f  .#mR_Tu.e.r.....
0100  a7 11 1f 9e 4a ff 73 00:01 02 10 3c 3c 3c 3c 3c  ....J.s....<<<<<
0110  3c 3c 3c 3c 3c 3c 3c 3c:3c 3c 3c 01 00 9e da e8  <<<<<<<<<<<.....
0120  f5 ef 10 13 32 5c da 24:f8 80 ad 9c 21 16 60 91  ....2\.$....!.`.
0130  2b e5 1e 12 dd 68 c1 71:c5 ca 6d b8 73 0e 85 d0  +....h.q..m.s...
0140  a1 2c 11 82 a1 5b d5 32:11 5c 4a 16 3d 9c 1a 3e  .,...[.2.\J.=..>
0150  8a 23 80 c8 57 24 6c fd:13 b2 6c a3 ea f5 58 59  .#..W$l...l...XY
0160  0e a5 8e 7f 8b 8d b8 ab:4a 7f bd 06 4c db bb 71  ........J...L..q
0170  29 d8 7a 82 ea d2 ea 5a:99 82 62 6a b3 d6 46 83  ).z....Z..bj..F.
0180  52 67 31 4e 8b 9a b2 ea:62 89 ac f8 f7 a8 10 4b  Rg1N....b......K
0190  24 77 02 ff 1a 43 84 76:55 c1 4b 8f 98 eb ab 48  $w...C.vU.K....H
01a0  9f ce 5e 52 cc 45 c6 04:bb 5f 57 2e 97 3a 01 43  ..^R.E..._W..:.C
01b0  4b e4 5f b3 18 f3 af 97:93 f2 eb e8 48 c9 18 74  K._.........H..t
01c0  83 83 2d eb 19 7e 00 04:2e 12 77 e5 19 11 84 6c  ..-..~....w....l
01d0  4e 76 a7 ef 45 df d5 3e:d4 de 8d 0e dd 21 ec e5  Nv..E..>.....!..
01e0  66 e5 c3 11 91 d3 23 ef:e8 33 79 41 ca 8e 78 06  f.....#..3yA..x.
01f0  39 ec f1 a6 f5 b0 c6 ff:72 60 ad 72 3a 9f 4e b3  9.......r`.r:.N.
0200  1a 16 34 90 b2 b3 28 f7:81 ba 93 be 51 00 36 bf  ..4...(.....Q.6.
0210  9e 4a f5 c1 ad d6 bb fe:a9 4e 64 6d 3d 00 f3 6d  .J.......Ndm=..m
0220  64 61 3d 53 48 41 2d 31:2c 72 65 70 6c 61 79 5f  da=SHA-1,replay_
0230  64 65 74 65 63 74 69 6f:6e 2c 69 6e 74 65 67 72  detection,integr
0240  69 74 79 3d 48 4d 41 43:2d 53 48 41 2d 31 2c 69  ity=HMAC-SHA-1,i
0250  6e 74 65 67 72 69 74 79:3d 48 4d 41 43 2d 52 49  ntegrity=HMAC-RI
0260  50 45 4d 44 2d 31 36 30:2c 69 6e 74 65 67 72 69  PEMD-160,integri
0270  74 79 3d 48 4d 41 43 2d:4d 44 35 2c 63 6f 6e 66  ty=HMAC-MD5,conf
0280  69 64 65 6e 74 69 61 6c:69 74 79 3d 44 45 53 2c  identiality=DES,
0290  63 6f 6e 66 69 64 65 6e:74 69 61 6c 69 74 79 3d  confidentiality=
02a0  33 44 45 53 2c 63 6f 6e:66 69 64 65 6e 74 69 61  3DES,confidentia
02b0  6c 69 74 79 3d 41 45 53:2c 63 6f 6e 66 69 64 65  lity=AES,confide
02c0  6e 74 69 61 6c 69 74 79:3d 42 6c 6f 77 66 69 73  ntiality=Blowfis
02d0  68 2c 63 6f 6e 66 69 64:65 6e 74 69 61 6c 69 74  h,confidentialit
02e0  79 3d 43 41 53 54 2d 31:32 38 2c 63 6f 6e 66 69  y=CAST-128,confi
02f0  64 65 6e 74 69 61 6c 69:74 79 3d 49 44 45 41 2c  dentiality=IDEA,
0300  6d 61 78 62 75 66 66 65:72 73 69 7a 65 3d 32 30  maxbuffersize=20
0310  34 38                                            48
Waiting for client reply ...
Performing SASL negotiation: authentication failure
Closing connection.

Client side

Receiving capability list ... SRP DIGEST-MD5 OTP CRAM-MD5 NTLM LOGIN PLAIN
ANONYMOUS
Please enter an authentication id: rosario
Please enter an authorization id: rosario
Password:
Using mechanism: SRP
Sending response length: 311
0000  00 00 01 33 01 00 38 ce:43 ff 48 ae 87 24 ea e8  ...3..8.C.H..$..
0010  65 95 ee 34 6c b7 49 c1:d4 13 d0 b2 00 63 5c 85  e..4l.I......c\.
0020  93 86 27 cb f1 b7 d7 ec:26 3c bf fb 37 b0 59 c0  ..'.....&<..7.Y.
0030  50 30 a8 be b4 09 a4 3c:b6 b0 11 9a a6 0d ce 61  P0.....<.......a
0040  ad 3d 5f 99 24 09 1b a2:c8 63 39 8a e8 2d 40 ed  .=_.$....c9..-@.
0050  a8 1f 2b 44 3f c9 c6 9c:8f 76 a7 4e a8 66 e1 2a  ..+D?....v.N.f.*
0060  1a b3 06 93 ab 45 59 a7:3d d4 e8 d4 69 9d 1f 8e  .....EY.=...i...
0070  e0 90 bc d5 14 67 ea c0:ac 3a 08 40 04 65 2e c8  .....g...:.@.e..
0080  48 16 32 41 6a 9a 9a 66:77 3a e4 c2 0f 2b 8a be  H.2Aj..fw:...+..
0090  a8 20 cf 18 44 dd 5b 69:cb 7b b1 b1 b9 64 ab 89  . ..D.[i.{...d..
00a0  0a 74 b3 a1 5a d8 e6 58:71 c9 4b ee 36 2a 85 9b  .t..Z..Xq.K.6*..
00b0  52 52 a1 42 49 e9 0c e9:61 d4 0e dd 3f 0b 53 1d  RR.BI...a...?.S.
00c0  b8 3b cf 99 fb 2b 90 8e:d5 41 c1 3f 75 ff af 66  .;...+...A.?u..f
00d0  a6 cd 04 26 46 90 43 29:87 96 92 8f 43 15 04 99  ...&F.C)....C...
00e0  15 c2 8e 24 71 2b b1 fe:3d 71 3e 00 ed 62 42 dd  ...$q+..=q>..bB.
00f0  99 0e 8c da 5e 31 e7 7c:6a 61 32 57 c1 14 80 69  ....^1.|ja2W...i
0100  14 df 51 c9 8e 75 14 2b:e5 ad 24 dd f8 60 91 93  ..Q..u.+..$..`..
0110  e7 9d fa 25 49 06 f2 d1:6d cd b7 00 09 6d 64 61  ...%I...m....mda
0120  3d 53 48 41 2d 31 10 5e:5e 5e 5e 5e 5e 5e 5e 5e  =SHA-1.^^^^^^^^^
0130  5e 5e 5e 5e 5e 5e 5e                             ^^^^^^^
Authentication failed.
Closing connection.