Giter Club home page Giter Club logo

gosasl's Introduction

Go SASL library

Build Status

gosasl is a library for different SASL mechanisms. Currently GSSAPI, DIGEST-MD5, PLAIN and ANONYMOUS are implemented. Support for other mechanisms may be added in the future. Only GSSAPI supports a QOP higher than auth.

Installation

Gosasl can be installed with:

go get github.com/beltran/gosasl

To add kerberos support gosasl requires header files to build against the GSSAPI C library. They can be installed with:

  • Ubuntu: sudo apt-get install libkrb5-dev
  • MacOS: brew install homebrew/dupes/heimdal --without-x11
  • Debian: yum install -y krb5-devel

Then:

go get -tags kerberos github.com/beltran/gosasl

Example Usage

    mechanism, err := NewGSSAPIMechanism("service")
	if err != nil {
		log.Fatal(err)
    }    
    conn = getConnection("somehost")
    client := NewSaslClientWithMechanism("somehost", mechanism)
    response, err := client.Start()
    if err != nil {
		log.Fatal(err)
    }
    conn.sendResponse(response)

    for true {
        status, challenge = conn.getChallenge()
        if status == COMPLETE {
            break
        } else if status == OK {
            response = client.Step(challenge)
            conn.sendResponse(response)
        } else {
            log.Fatal("Failed to establish connection")
        }
    }
    if !client.Complete() {
        log.Fatal("SASL negotiation did not complete")
    }

    // begin normal communication
    encoded := conn.fetchData()
    decoded := client.Decode(encoded)
    response = processData(decoded)
    conn.sendData(client.Encode(response))

    client.Dispose()

This library is inspired by pure-sasl.

gosasl's People

Contributors

beltran avatar krisss85 avatar laura-george avatar zhujiaqi avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar

Forkers

chennqqi zhujiaqi leonli02 laura-george stntngo wenbingshen krisss85 hffariel sikurity myhat123 bytebase

gosasl's Issues

Connecting to kerberized Impala

Hello! Firstly, Thank you for this wonderful project that saved my days!

I was trying to write a client to connect to a kerberized Impala daemon in a CDH cluster, using its Thrift protocal.

My goal was to modify this impalathing, adding sasl_transport from your gohive project, which requires gosasl. That's why im here.

After a frustrating day with the believe that I was getting very close to get this working, I could not.

"The maximum packet length can't be zero. The server doesn't support GSSAPI" was all i got.

Just before giving up I was looking at the source of this project and decided to remove this fail-safe check to see what will happen...and surprisingly enough my code worked.

After several days, the code seems working alright. However I still don't know the root of this cause, so I'm here for the answer.

What's the purpose of these lines. Any risk if I remove them?

Thanks for your time.

--- a/gssapi.go
+++ b/gssapi.go
@@ -86,9 +86,9 @@ func (m *GSSAPIMechanism) step(challenge []byte) ([]byte, error) {
                qopBits := data[0]
                data[0] = 0
                m.serverMaxLength = int(binary.BigEndian.Uint32(data))
-               if m.serverMaxLength == 0 {
+               /* if m.serverMaxLength == 0 {
                        return nil, fmt.Errorf("The maximum packet length can't be zero. The server doesn't support GSSAPI")
-               }
+               }*/

CDH version 5.11.0
go version go1.9.4
linux/amd64 centos 7

kerberos support issue

msg:
panic: gosasl was installed without kerberos support please reinstall with go get using the flags build kerberos

I have run command on mac to install kerberos support, but still not working. could you help to fix the issue?

command:
go get -u -tags kerberos github.com/beltran/gosasl
output:
$ go get -u -tags kerberos github.com/beltran/gosasl
go: finding github.com/beltran/gosasl latest
go: finding github.com/beltran/gssapi latest

command:
output:
$ ll /Users/xx/go/pkg/mod/github.com/beltran
total 0
dr-x------ 16 xx staff 512 3 23 16:22 [email protected]
dr-x------ 27 xx staff 864 3 23 16:22 [email protected]
dr-x------ 13 xx staff 416 3 23 16:26 [email protected]
dr-x------ 13 xx staff 416 3 23 16:31 [email protected]

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.