tech notes

February 19, 2008

jabberd SASL problems

Filed under: bsd — admin @ 10:24 pm

I had some problems with my jabber server. It was just a plain jabberd+mysql installation from ports. For some reason it didn’t want to authenticate with SASL using digest-md5 mechanism. The only working option was plaintext without SASL, which wasn’t really perfect…

After searching in google it turned out to be a problem with GSASL library, which is the default SASL library used by jabberd.

It looks like jabberd also works with other SASL libraries, cyrus-sasl for example. Even that it’s marked as being experimental it seems to be working better than the default GSASL library.

Here’s how to install jabberd with cyrus-sasl:

1. Install cyrus-sasl (/usr/ports/security/cyrus-sasl2)

2. edit jabberd’s Makefile

 --- Makefile.orig       2008-02-19 22:11:37.000000000 +0000
+++ Makefile    2008-02-19 22:11:39.000000000 +0000
@@ -15,7 +15,6 @@
 COMMENT=       Online presence and instant messaging server

 LIB_DEPENDS=   expat.6:${PORTSDIR}/textproc/expat2 \
-               gsasl.11:${PORTSDIR}/security/gsasl \
                idn.16:${PORTSDIR}/dns/libidn

 OPTIONS=       MYSQL "Support MySQL (storage/auth/reg)" on \
@@ -37,7 +36,7 @@
 USE_LDCONFIG=  ${PREFIX}/lib/jabberd
 CONFIGURE_ARGS+=       --localstatedir=/var \
                --sysconfdir=${PREFIX}/etc/jabberd \
-               --enable-ssl --enable-mio=poll --enable-sasl=gsasl \
+               --enable-ssl --enable-mio=poll --enable-sasl=cyrus \
                --with-extra-include-path="${LOCALBASE}/include ${EIP}" \
                --with-extra-library-path="${LOCALBASE}/lib ${ELP}"

3. do make patch, and edit work/jabberd-2.1.21/sx/sasl_cyrus.c

--- sasl_cyrus.c.orig   2008-02-19 22:13:53.000000000 +0000
+++ sasl_cyrus.c        2008-02-19 22:14:05.000000000 +0000
@@ -20,7 +20,6 @@

 /* SASL authentication handler */

-#error Cyrus SASL implementation is not supported! It is included here only for the brave ones,\
 that do know what they are doing. You need to remove this line to compile it.

 #include "sx.h"
 #include "sasl.h"

4. continue with make install

2 Responses to “jabberd SASL problems”

  1. slava Says:
    March 22nd, 2008 at 8:13 am

    hi, thanks for litl tutorial :)
    my steps of install where different, beside the third one. I didn’t found in jabberd’s Makefile the lines you pointed out, yes i had to mention that i compiled the 2.1.23 version of jabberd.

    CD to jabberd directory

    1. edit the jabberd-2.1.23/sx/sasl_cyrus.c

    2. configure

    ./configure –enable-mysql –enable-debug –with-sasl=cyrus –enable-ssl \
    –with-extra-include-path=/usr/local/include:/usr/local/include/mysql \
    –with-extra-library-path=/usr/local/lib:/usr/local/lib/mysql

    3. make and isntall

    make
    make install
    make clean
  2. admin Says:
    April 10th, 2008 at 12:24 am

    Hi, thanks for your comment.

    Did you actually have any problems with your jabberd compiled with GSASL library? I was told by the port maintainer that GSASL is the only officially supported library at the moment and Cyrus SASL had been disabled some time ago due to some problems. I ended up thinking that it was a problem with my config even that it used to run on a different server for quite a long time.

Leave a Reply

You must be logged in to post a comment.

Powered by WordPress