Hi folks,
I've been struggling with this issue for a few days and am hoping I can get some help troubleshooting a confusing problem I'm hitting with the SASL library.
could not find auxprop plugin, was searching for '[all]'
I don't have the same problem with the same code on my Ubuntu 13.04 dev box... there it works as expected (I'm building cyrus-sasl the same way in both environments).
On the RHEL machine, I am able to see the anonymous and plain mechanisms in the app (via sasl_global_listmech()), as expected, but it seems like it can't find libsasldb.so ... even though it is right there next to the other loaded mechanisms.
$ ls -al /usr/lib64/sasl2
total 160
drwxr-xr-x. 2 root root 4096 Feb 20 2013 .
dr-xr-xr-x. 62 root root 36864 Jul 18 14:53 ..
lrwxrwxrwx. 1 root root 22 Feb 20 2013 libanonymous.so -> libanonymous.so.2.0.23
lrwxrwxrwx. 1 root root 22 Feb 20 2013 libanonymous.so.2 -> libanonymous.so.2.0.23
-rwxr-xr-x. 1 root root 18776 Dec 7 2011 libanonymous.so.2.0.23
On the RHEL machine, I am able to see the anonymous and plain mechanisms in the app (via sasl_global_listmech()), as expected, but it seems like it can't find libsasldb.so ... even though it is right there next to the other loaded mechanisms.
$ ls -al /usr/lib64/sasl2
total 160
drwxr-xr-x. 2 root root 4096 Feb 20 2013 .
dr-xr-xr-x. 62 root root 36864 Jul 18 14:53 ..
lrwxrwxrwx. 1 root root 22 Feb 20 2013 libanonymous.so -> libanonymous.so.2.0.23
lrwxrwxrwx. 1 root root 22 Feb 20 2013 libanonymous.so.2 -> libanonymous.so.2.0.23
-rwxr-xr-x. 1 root root 18776 Dec 7 2011 libanonymous.so.2.0.23
...
lrwxrwxrwx. 1 root root 18 Feb 20 2013 libplain.so -> libplain.so.2.0.23
lrwxrwxrwx. 1 root root 18 Feb 20 2013 libplain.so.2 -> libplain.so.2.0.23
-rwxr-xr-x. 1 root root 18808 Dec 7 2011 libplain.so.2.0.23
lrwxrwxrwx. 1 root root 19 Feb 20 2013 libsasldb.so -> libsasldb.so.2.0.23
lrwxrwxrwx. 1 root root 19 Feb 20 2013 libsasldb.so.2 -> libsasldb.so.2.0.23
-rwxr-xr-x. 1 root root 22784 Dec 7 2011 libsasldb.so.2.0.23
lrwxrwxrwx. 1 root root 18 Feb 20 2013 libplain.so.2 -> libplain.so.2.0.23
-rwxr-xr-x. 1 root root 18808 Dec 7 2011 libplain.so.2.0.23
lrwxrwxrwx. 1 root root 19 Feb 20 2013 libsasldb.so -> libsasldb.so.2.0.23
lrwxrwxrwx. 1 root root 19 Feb 20 2013 libsasldb.so.2 -> libsasldb.so.2.0.23
-rwxr-xr-x. 1 root root 22784 Dec 7 2011 libsasldb.so.2.0.23
(Note: I'm setting the plugin path to include /usr/lib64/sasl2 via a SASL_CB_GETPATH callback.)
It looks like the library found the plugin modules; they show up in lsof output:
$ sudo lsof -p 20497 | grep sasl2/
sasl_rpc- 20497 mpercy mem REG 8,1 22784 920289 /usr/lib64/sasl2/libsasldb.so.2.0.23
sasl_rpc- 20497 mpercy mem REG 8,1 31256 944275 /usr/lib64/sasl2/libgssapiv2.so.2.0.23
sasl_rpc- 20497 mpercy mem REG 8,1 18808 925831 /usr/lib64/sasl2/liblogin.so.2.0.23
sasl_rpc- 20497 mpercy mem REG 8,1 18808 925834 /usr/lib64/sasl2/libplain.so.2.0.23
sasl_rpc- 20497 mpercy mem REG 8,1 18776 920286 /usr/lib64/sasl2/libanonymous.so.2.0.23
$ sudo lsof -p 20497 | grep sasl2/
sasl_rpc- 20497 mpercy mem REG 8,1 22784 920289 /usr/lib64/sasl2/libsasldb.so.2.0.23
sasl_rpc- 20497 mpercy mem REG 8,1 31256 944275 /usr/lib64/sasl2/libgssapiv2.so.2.0.23
sasl_rpc- 20497 mpercy mem REG 8,1 18808 925831 /usr/lib64/sasl2/liblogin.so.2.0.23
sasl_rpc- 20497 mpercy mem REG 8,1 18808 925834 /usr/lib64/sasl2/libplain.so.2.0.23
sasl_rpc- 20497 mpercy mem REG 8,1 18776 920286 /usr/lib64/sasl2/libanonymous.so.2.0.23
CFLAGS="-DPIC" ./configure --prefix=$PREFIX \
--disable-digest --disable-sql --disable-cram --disable-ldap --disable-otp \
--enable-static --enable-staticdlopen --without-des
make clean
make
make install
To make things slightly more complicated, for the plain mech only, this error goes away if I compile without -DPIC. But anonymous authentication continues to fail with the above error code and log message, either with or without -DPIC.
#0 _sasl_log (conn=<value optimized out>, level=5, fmt=0x6302f0 "could not find auxprop plugin, was searching for '%s'") at common.c:1988
#1 0x0000000000562118 in _sasl_auxprop_lookup (sparams=0x1164000, flags=0, user=0x1145fa1 "anonymous", ulen=9) at auxprop.c:973
#2 0x0000000000563ab5 in _sasl_auxprop_lookup_user_props (conn=0x1145200, user=<value optimized out>, ulen=<value optimized out>, flags=3, oparams=0x1145a70) at canonusr.c:220
#3 _sasl_canon_user_lookup (conn=0x1145200, user=<value optimized out>, ulen=<value optimized out>, flags=3, oparams=0x1145a70) at canonusr.c:281
#4 0x0000000000561860 in anonymous_server_mech_step (conn_context=<value optimized out>, sparams=0x1164000, clientin=0x10d9b18 "anonymous@localhost", clientinlen=34,
serverout=<value optimized out>, serveroutlen=<value optimized out>, oparams=0x1145a70) at anonymous.c:135
#5 0x000000000055c1db in sasl_server_step (conn=0x1145200, clientin=<value optimized out>, clientinlen=<value optimized out>, serverout=0x7ffff6d67478, serveroutlen=<value optimized out>)
at server.c:1618
#6 0x000000000055c6e4 in sasl_server_start (conn=0x1145200, mech=<value optimized out>, clientin=0x10d9b18 "anonymous@localhost", clientinlen=34, serverout=0x7ffff6d67478,
serveroutlen=<value optimized out>) at server.c:1533
Any ideas about what the problem could be here? Or suggestions for debugging this further?
Mike
PS:
I've included some more details from the problematic environment below.
$ pluginviewer -a
Installed auxprop mechanisms are:
sasldb
List of auxprop plugins follows
Plugin "sasldb" , API version: 4
supports store: yes
$ pluginviewer -s
Installed SASL (server side) mechanisms are:
ANONYMOUS GSSAPI PLAIN LOGIN EXTERNAL
List of server plugins follows
Plugin "anonymous" [loaded], API version: 4
SASL mechanism: ANONYMOUS, best SSF: 0, supports setpass: no
security flags: NO_PLAINTEXT
features: WANT_CLIENT_FIRST
Plugin "gssapiv2" [loaded], API version: 4
SASL mechanism: GSSAPI, best SSF: 56, supports setpass: no
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "plain" [loaded], API version: 4
SASL mechanism: PLAIN, best SSF: 0, supports setpass: no
security flags: NO_ANONYMOUS
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "login" [loaded], API version: 4
SASL mechanism: LOGIN, best SSF: 0, supports setpass: no
security flags: NO_ANONYMOUS
features:
$ rpm -qa | grep sasl
cyrus-sasl-plain-2.1.23-13.el6.x86_64
cyrus-sasl-devel-2.1.23-13.el6.x86_64
cyrus-sasl-2.1.23-13.el6.x86_64
cyrus-sasl-gssapi-2.1.23-13.el6.x86_64
cyrus-sasl-lib-2.1.23-13.el6.x86_64
$ lsb_release -a
LSB Version: :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID: CentOS
Description: CentOS release 6.2 (Final)
Release: 6.2
Codename: Final
Installed auxprop mechanisms are:
sasldb
List of auxprop plugins follows
Plugin "sasldb" , API version: 4
supports store: yes
$ pluginviewer -s
Installed SASL (server side) mechanisms are:
ANONYMOUS GSSAPI PLAIN LOGIN EXTERNAL
List of server plugins follows
Plugin "anonymous" [loaded], API version: 4
SASL mechanism: ANONYMOUS, best SSF: 0, supports setpass: no
security flags: NO_PLAINTEXT
features: WANT_CLIENT_FIRST
Plugin "gssapiv2" [loaded], API version: 4
SASL mechanism: GSSAPI, best SSF: 56, supports setpass: no
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "plain" [loaded], API version: 4
SASL mechanism: PLAIN, best SSF: 0, supports setpass: no
security flags: NO_ANONYMOUS
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "login" [loaded], API version: 4
SASL mechanism: LOGIN, best SSF: 0, supports setpass: no
security flags: NO_ANONYMOUS
features:
$ rpm -qa | grep sasl
cyrus-sasl-plain-2.1.23-13.el6.x86_64
cyrus-sasl-devel-2.1.23-13.el6.x86_64
cyrus-sasl-2.1.23-13.el6.x86_64
cyrus-sasl-gssapi-2.1.23-13.el6.x86_64
cyrus-sasl-lib-2.1.23-13.el6.x86_64
$ lsb_release -a
LSB Version: :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID: CentOS
Description: CentOS release 6.2 (Final)
Release: 6.2
Codename: Final
