Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lack of $ENV{USER} leading to the weird authentication error #1

Closed
burak opened this issue Mar 9, 2017 · 6 comments
Closed

Lack of $ENV{USER} leading to the weird authentication error #1

burak opened this issue Mar 9, 2017 · 6 comments

Comments

@burak
Copy link
Member

burak commented Mar 9, 2017
edited

Compare this

$ perl -MThrift::API::HiveClient2 -wE ' Thrift::API::HiveClient2->new(qw/ host hiveserver2-host port 10000 timeout 7200 username hive /, sasl => { mechanism => "PLAIN", callback => {qw/ pass none canonuser hive /} } )->execute("select 1 + 1"); say 42 ' 42

with this

$ perl -MThrift::API::HiveClient2 -wE ' delete $ENV{USER}; Thrift::API::HiveClient2->new(qw/ host hiveserver2-host port 10000 timeout 7200 username hive /, sasl => { mechanism => "PLAIN", callback => {qw/ pass none canonuser hive /} } )->execute("select 1 + 1"); say 42 ' Authentication failed: 3 > Error validating the login at Thrift/SASL/Transport.pm line 114.

Not sure about the actual culprit yet.
@dmorel
Copy link
Member

dmorel commented Mar 9, 2017 via email

@burak burak changed the title Lack of $ENV{USER} leading the weird authentication error Lack of $ENV{USER} leading to the weird authentication error Mar 9, 2017
@burak
Copy link
Member Author

burak commented Mar 9, 2017

Thanks. Yes, that might be. I didn't dig deeper yet. But the error is not triggered if the value is empty or undef or USER=whateverfakevalue and only happens when it's absent all together.

@burak
Copy link
Member Author

burak commented Mar 10, 2017
edited

@dmorel a quick check on the source seems to show that you are correct ;)

https://github.com/dinhviethoa/cyrus-sasl/blob/master/lib/common.c#L1536

1534 switch(id) {
1535 case SASL_CB_AUTHNAME:
1536 userid = getenv("USER");
1537 if (userid != NULL) {
1538 *result = userid;
1539 if (len) *len = strlen(userid);
1540 return SASL_OK;
1541 }
1542 userid = getenv("USERNAME");
1543 if (userid != NULL) {
1544 *result = userid;
1545 if (len) *len = strlen(userid);
1546 return SASL_OK;
1547 }
...
1564 return SASL_FAIL;
1565 default:
1566 return SASL_BADPARAM;
1567 }
1568 }

Damn, I hate this GitHub crappy formatting

@burak
Copy link
Member Author

burak commented Mar 10, 2017

@dmorel OTOH if $ENV{USER} is used like this then what are we authenticating against when setting the username option I wonder ;p (still have to read the code to figure out how these things work together though)

@burak
Copy link
Member Author

burak commented Mar 10, 2017

Pushed 8c5169d to have a verbose message for the issue

@burak burak closed this as completed Mar 13, 2017
@burak
Copy link
Member Author

burak commented Mar 13, 2017

Detecting and warning should be enough. The upstream XS module or the C code should ideally be fixed but they seem to be dead^Wstable code so I'm not holding my breath.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dmorel @burak