Subject: | Unset USER/USERNAME env vars produce bogus results with cyrus-sasl |
Hi,
If the USER (or USERNAME) env variable is unset, then the cyrus-sasl code returns a bogus response.
Here is the relevant portion in its source:
https://github.com/dinhviethoa/cyrus-sasl/blob/master/lib/common.c#L1536
Please see the attached test file for the demonstration of the issue.
Also see https://github.com/Perl-Hadoop/Thrift-SASL/issues/1
for more information on the subject.
I guess this can either be checked and reported in Authen::SASL::XS or it can be
documented in the Pod to give pointers to the users as this behavior is really
confusing in addition to being (in my opinion) wrong (which took quite some time
to figure out with multiple layers of modules for me).
Thrift::SASL::Transport is already patched to report back the exact issue
to prevent future confusions on my end. Which makes this ticket a heads up
on the issue.
Thanks,
Burak
Subject: | authen-sasl-unset-env-bug.pl |
#!/usr/local/bin/booking-perl
use 5.018;
use strict;
use warnings;
use Authen::SASL qw(XS);
my $host = 'hadoop-lhr4-hiveserver2.anycast.prod.booking.com';
sub test_sasl {
my $sasl = Authen::SASL->new(
mechanism => 'PLAIN',
callback => {
canonuser => scalar( getpwuid $< ),
pass => 'none',
}
);
my $conn = $sasl->client_new( hive => $host );
my $resp = $conn->client_start;
my $status = $conn->code;
my $success = $status == 0;
printf "sasl=%s\n", ref $sasl;
printf "conn=%s\n", ref $conn;
printf "%s(%s): %s\n",
$success ? 'Status' : 'Error',
$status // 'n/a',
$conn->error,
;
print "\n\n";
}
{
print "Regular #1\n";
test_sasl();
}
{
local %ENV;
delete $ENV{USER};
print "USER is unset\n";
test_sasl();
}
{
print "Regular #2\n";
test_sasl();
}
{
local %ENV;
$ENV{USER} = '';
print "USER set to empty string\n";
test_sasl();
}
{
print "Regular #3\n";
test_sasl();
}
{
local %ENV;
$ENV{USER} = 'blablabla';
print "USER set to a bogus value\n";
test_sasl();
}
{
print "Regular #4\n";
test_sasl();
}