Re: A problem in using DIGEST-MD5 mechanism

[makotosc]

> Hi,

Hi Francis,

> >  I got a problem in using GNU SASL library.   I only can build SASL
> > client/server authentication by PLAIN/EXTERN/CRAM-MD5/ANONYMOUS
> > mechanism except DIGEST-MD5. Is there anyone ever successful in using
> > DIGEST-MD5 mechanism?
>
> Sure. We are using it with no problem in Vortex [1].

In actual, the GNU SASL library(v0.2.18) I owned gets from the Vortex 
Library of sourceforge website
(Because I need libgsasl library for Windows Platform).
But it doesn't work in DIGEST-MD5 mechanism.
Then, I try to build another libgsasl library(v0.2.9) for Windows Platform
(I just guess it is maybe disabled in libgsasl v0.2.18).
But it still doesn't work and gets same error 
code(GSASL_MECHANISM_CALLED_TOO_MANY_TIMES) from libgsasl library.

> > I also tried the example in the website
> > (http://josefsson.org/gsasl/manual/html_node/Examples.html#Examples)
> > but the problem is still existed. It always gets error from
> > gsasl_client_start() and the returned code is
> > 3( GSASL_MECHANISM_CALLED_TOO_MANY_TIMES). Who can tell me where the
> > problem is? Thanks.   makotosc
> > ------------------------------------------------------------------------------------------------ 
> > The test code is copied from the example website and I only change the 
> > mech to "DIGEST-MD5":   int main (int argc, char *argv[])
> > {
> >    Gsasl *ctx = NULL;
> >    int rc;
> >
> >    if ((rc = gsasl_init (&ctx)) != GSASL_OK)
> >    {
> >       printf ("Cannot initialize libgsasl (%d): %s", rc,
> > gsasl_strerror (rc));
> >       return 1;
> >    }
> >    client (ctx);
> >    gsasl_done (ctx);
> >    return 0;
> > }   static void client (Gsasl * ctx)
> > {
> >    Gsasl_session *session;
> >    const char *mech = "DIGEST-MD5";
> >    int rc;
> >
> >    if ((rc = gsasl_client_start (ctx, mech, &session)) != GSASL_OK)
> >    {
> >        printf ("Cannot initialize client (%d): %s\n", rc,
> > gsasl_strerror (rc));
> >        return;
> >    }
> >    gsasl_property_set (session, GSASL_AUTHID, "jas");
> >    gsasl_property_set (session, GSASL_PASSWORD, "secret");
>
> I think the issue is here, try to also configure the
> "realm" (GSASL_REALM).

Oh, Sorry.  I know it should be set this property and I forget to add it to 
sample code.
I think maybe the problem is not lack of properties, because it gets error 
from gsasl_client_start() function
and gsasl_client_start() is called before gsasl_property_set() in this 
sample code.
Do you think there is any other setting I should do before calling 
gsasl_client_start()?

Anyway, thanks for your reply.

makotosc

> >    client_authenticate (ctx, session);
> >    gsasl_finish (session);
> > }   static void client_authenticate (Gsasl * ctx, Gsasl_session *
> > session) {.......}
>
> Cheers!
>
> [1] http://www.aspl.es/vortex
> --
> Francis Brosnan Blazquez <address@hidden>
> Advanced Software Production Line, S.L.