libmemcached

Merge lp:~dave-terei/libmemcached/libmemcached into lp:libmemcached

libmemcached
Merge into 1.2

Proposed by David Terei on 2014-06-20

Status:	Needs review
Proposed branch:	lp:~dave-terei/libmemcached/libmemcached
Merge into:	lp:libmemcached
Diff against target:	899 lines (+403/-345) 8 files modified bootstrap.sh (+10/-1) libmemcached-1.2/include.am (+1/-0) libmemcached-1.2/isasl.h (+92/-0) libmemcached-1.2/sasl.h (+1/-5) libmemcached-1.2/struct/sasl.h (+2/-6) libmemcached/include.am (+1/-0) libmemcached/sasl.cc (+104/-333) libmemcached/sasl_client.cc (+192/-0)
To merge this branch:	bzr merge lp:~dave-terei/libmemcached/libmemcached
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Tangent Trunk		2014-06-20	Pending
Review via email: mp+224003@code.launchpad.net

Description of the change

Move to an internal SASL library taken from the membase guys. This removes the dependency on Cyrus SASL. It only supports PLAIN authentication, which seems fine as it's the only authentication mechanism other clients and memcached itself appears to support.

This enables SASL auth to be on by default which has great flow on effects for the community as right now most clients don't support SASL since they can't rely on libmemcached supporting it.

The removal of libsasl isn't complete (i.e., from configure scripts and build system) but I don't have a great grasp of that stuff. This is a initial step in the direction where the final stages of cleaning up should be trivial for someone who knows the code base.

Revision history for this message

David Terei (dave-terei) wrote on 2015-02-10:

Any update on this?

Unmerged revisions

1115. By David Terei <email address hidden> on 2014-06-20

Move to internal (ISASL) library rather than cyrus SASL to enable SASL on by default.

ISASL library from membase.

1114. By David Terei <email address hidden> on 2014-06-20

Add support for Arch linux to build system.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

David Terei

Tangent

 === modified file 'bootstrap.sh'
 --- bootstrap.sh	2014-02-16 11:31:04 +0000
 +++ bootstrap.sh	2014-06-20 23:47:25 +0000
@@ -191,6 +191,9 @@
      opensuse)
        VENDOR_DISTRIBUTION='opensuse'
        ;;
++    arch)
++      VENDOR_DISTRIBUTION='arch'
++      ;;
      *)
        die "attempt to set an invalid VENDOR_DISTRIBUTION=$dist"
        ;;
@@ -262,6 +265,9 @@
      opensuse)
        VENDOR_RELEASE="$release"
        ;;
++    arch)
++      VENDOR_RELEASE="$release"
++      ;;
      unknown)
        die "attempt to set VENDOR_RELEASE without setting VENDOR_DISTRIBUTION"
        ;;
@@ -311,8 +317,11 @@
      suse)
        VENDOR='suse'
        ;;
++    arch)
++      VENDOR='arch'
++      ;;
      *)
--      die "An attempt was made to set an invalid VENDOR=$_vendor"
++      die "An attempt was made to set an invalid VENDOR=$vendor"
        ;;
    esac
 === modified file 'libmemcached-1.2/include.am'
 --- libmemcached-1.2/include.am	2013-06-11 12:31:47 +0000
 +++ libmemcached-1.2/include.am	2014-06-20 23:47:25 +0000
@@ -33,6 +33,7 @@
  nobase_include_HEADERS+= libmemcached-1.2/flush_buffers.h
  nobase_include_HEADERS+= libmemcached-1.2/get.h
  nobase_include_HEADERS+= libmemcached-1.2/hash.h
++nobase_include_HEADERS+= libmemcached-1.2/isasl.h
  nobase_include_HEADERS+= libmemcached-1.2/limits.h
  nobase_include_HEADERS+= libmemcached-1.2/memcached.h
  nobase_include_HEADERS+= libmemcached-1.2/memcached.hpp
 === added file 'libmemcached-1.2/isasl.h'
 --- libmemcached-1.2/isasl.h	1970-01-01 00:00:00 +0000
 +++ libmemcached-1.2/isasl.h	2014-06-20 23:47:25 +0000
@@ -0,0 +1,92 @@
++/* -*- Mode: C; tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- */
++/*
++ * Copyright (C) 2010 Membase, Inc
++ * All rights reserved.
++ *
++ *   Licensed under the Apache License, Version 2.0 (the "License");
++ *   you may not use this file except in compliance with the License.
++ *   You may obtain a copy of the License at
++ *
++ *       http://www.apache.org/licenses/LICENSE-2.0
++ *
++ *   Unless required by applicable law or agreed to in writing, software
++ *   distributed under the License is distributed on an "AS IS" BASIS,
++ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ *   See the License for the specific language governing permissions and
++ *   limitations under the License.
++ */
++
++/* This is a minimalistic SASL implementation */
++#ifndef SASL_ISASL_H
++#define SASL_ISASL_H
++
++#include "visibility.h"
++
++#ifdef __cplusplus
++extern "C" {
++#endif
++
++typedef struct {
++    unsigned long len;
++    unsigned char data[1];
++} sasl_secret_t;
++
++typedef struct {
++    unsigned long id;
++    int (*proc)(void);
++    void *context;
++} sasl_callback_t;
++
++/* define the different callback id's we support */
++#define SASL_CB_USER 1
++#define SASL_CB_AUTHNAME 2
++#define SASL_CB_PASS 3
++#define SASL_CB_LIST_END 4
++
++/* Define the error codes we support */
++#define SASL_OK 0
++#define SASL_CONTINUE 1
++#define SASL_ERROR -1
++#define SASL_BADPARAM -7
++
++typedef struct sasl_conn sasl_conn_t;
++
++LIBMEMCACHED_LOCAL
++int sasl_client_init(const sasl_callback_t *callbacks);
++
++LIBMEMCACHED_LOCAL
++void sasl_done(void);
++
++LIBMEMCACHED_LOCAL
++int sasl_client_new(const char *service,
++                    const char *serverFQDN,
++                    const char *iplocalport,
++                    const char *ipremoteport,
++                    const sasl_callback_t *prompt_supp,
++                    unsigned int flags,
++                    sasl_conn_t **pconn);
++
++LIBMEMCACHED_LOCAL
++void sasl_dispose(sasl_conn_t **pconn);
++
++LIBMEMCACHED_LOCAL
++int sasl_client_start(sasl_conn_t *conn,
++                      const char *mechlist,
++                      void **prompt_need,
++                      const char **clientout,
++                      unsigned int *clientoutlen,
++                      const char **mech);
++
++LIBMEMCACHED_LOCAL
++int sasl_client_step(sasl_conn_t *a, const void *b, unsigned int c,
++                     void *d, const void *e, void *f);
++
++LIBMEMCACHED_LOCAL
++const char *sasl_errstring(int saslerr,
++                           const char *langlist,
++                           const char **outlang);
++#ifdef __cplusplus
++}
++#endif
++
++#endif
 === modified file 'libmemcached-1.2/sasl.h'
 --- libmemcached-1.2/sasl.h	2013-06-12 08:17:31 +0000
 +++ libmemcached-1.2/sasl.h	2014-06-20 23:47:25 +0000
@@ -37,11 +37,7 @@
  #pragma once
--#if defined(LIBMEMCACHED_WITH_SASL_SUPPORT) && LIBMEMCACHED_WITH_SASL_SUPPORT
--# include <sasl/sasl.h>
--#else
--# define sasl_callback_t void
--#endif
++#include <libmemcached-1.2/isasl.h>
  #ifdef __cplusplus
  extern "C" {
 === modified file 'libmemcached-1.2/struct/sasl.h'
 --- libmemcached-1.2/struct/sasl.h	2011-12-12 16:59:07 +0000
 +++ libmemcached-1.2/struct/sasl.h	2014-06-20 23:47:25 +0000
@@ -35,14 +35,10 @@
+  *
   */
--#if defined(LIBMEMCACHED_WITH_SASL_SUPPORT) && LIBMEMCACHED_WITH_SASL_SUPPORT
--#include <sasl/sasl.h>
--#else
--#define sasl_callback_t void
--#endif
--
  #pragma once
++#include <libmemcached-1.2/isasl.h>
++
  struct memcached_sasl_st {
    sasl_callback_t *callbacks;
    /*
 === modified file 'libmemcached/include.am'
 --- libmemcached/include.am	2014-02-03 15:21:04 +0000
 +++ libmemcached/include.am	2014-06-20 23:47:25 +0000
@@ -107,6 +107,7 @@
  libmemcached_libmemcached_la_SOURCES+= libmemcached/response.cc
  libmemcached_libmemcached_la_SOURCES+= libmemcached/result.cc
  libmemcached_libmemcached_la_SOURCES+= libmemcached/sasl.cc
++libmemcached_libmemcached_la_SOURCES+= libmemcached/sasl_client.cc
  libmemcached_libmemcached_la_SOURCES+= libmemcached/server.cc
  libmemcached_libmemcached_la_SOURCES+= libmemcached/server_list.cc
  libmemcached_libmemcached_la_SOURCES+= libmemcached/server_list.hpp
 === modified file 'libmemcached/sasl.cc'
 --- libmemcached/sasl.cc	2013-06-12 09:23:02 +0000
 +++ libmemcached/sasl.cc	2014-06-20 23:47:25 +0000
@@ -36,112 +36,25 @@
   */
  #include "libmemcached/common.h"
++
  #include <cassert>
--
--#if defined(LIBMEMCACHED_WITH_SASL_SUPPORT) && LIBMEMCACHED_WITH_SASL_SUPPORT
--
--#if defined(HAVE_LIBSASL) && HAVE_LIBSASL
--#include <sasl/sasl.h>
--#endif
--
  #include <pthread.h>
  void memcached_set_sasl_callbacks(memcached_st *shell,
                                    const sasl_callback_t *callbacks)
+ {
--  Memcached* self= memcached2Memcached(shell);
--  if (self)
--  {
--    self->sasl.callbacks= const_cast<sasl_callback_t *>(callbacks);
--    self->sasl.is_allocated= false;
--  }
++  (void)shell;
++  (void)callbacks;
+ }
  sasl_callback_t *memcached_get_sasl_callbacks(memcached_st *shell)
+ {
--  Memcached* self= memcached2Memcached(shell);
--  if (self)
--  {
--    return self->sasl.callbacks;
--  }
--
++  (void)shell;
    return NULL;
+ }
--/**
-- * Resolve the names for both ends of a connection
-- * @param fd socket to check
-- * @param laddr local address (out)
-- * @param raddr remote address (out)
-- * @return true on success false otherwise (errno contains more info)
-- */
--static memcached_return_t resolve_names(memcached_instance_st& server, char *laddr, size_t laddr_length, char *raddr, size_t raddr_length)
--{
--  char host[MEMCACHED_NI_MAXHOST];
--  char port[MEMCACHED_NI_MAXSERV];
--  struct sockaddr_storage saddr;
--  socklen_t salen= sizeof(saddr);
--
--  if (getsockname(server.fd, (struct sockaddr *)&saddr, &salen) < 0)
--  {
--    return memcached_set_error(server, MEMCACHED_HOST_LOOKUP_FAILURE, MEMCACHED_AT);
--  }
--
--  if (getnameinfo((struct sockaddr *)&saddr, salen, host, sizeof(host), port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV) < 0)
--  {
--    return memcached_set_error(server, MEMCACHED_HOST_LOOKUP_FAILURE, MEMCACHED_AT);
--  }
--
--  (void)snprintf(laddr, laddr_length, "%s;%s", host, port);
--  salen= sizeof(saddr);
--
--  if (getpeername(server.fd, (struct sockaddr *)&saddr, &salen) < 0)
--  {
--    return memcached_set_error(server, MEMCACHED_HOST_LOOKUP_FAILURE, MEMCACHED_AT);
--  }
--
--  if (getnameinfo((struct sockaddr *)&saddr, salen, host, sizeof(host),
--                   port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV) < 0)
--  {
--    return memcached_set_error(server, MEMCACHED_HOST_LOOKUP_FAILURE, MEMCACHED_AT);
--  }
--
--  (void)snprintf(raddr, raddr_length, "%s;%s", host, port);
--
--  return MEMCACHED_SUCCESS;
--}
--
--extern "C" {
--
--static void sasl_shutdown_function()
--{
--  sasl_done();
--}
--
--static volatile int sasl_startup_state= SASL_OK;
--pthread_mutex_t sasl_startup_state_LOCK= PTHREAD_MUTEX_INITIALIZER;
--static pthread_once_t sasl_startup_once= PTHREAD_ONCE_INIT;
--static void sasl_startup_function(void)
--{
--  sasl_startup_state= sasl_client_init(NULL);
--
--  if (sasl_startup_state == SASL_OK)
--  {
--    (void)atexit(sasl_shutdown_function);
--  }
--}
--
--} // extern "C"
--
  memcached_return_t memcached_sasl_authenticate_connection(memcached_instance_st* server)
+ {
--#if defined(LIBMEMCACHED_WITH_SASL_SUPPORT) && LIBMEMCACHED_WITH_SASL_SUPPORT == 0
--  if (LIBMEMCACHED_WITH_SASL_SUPPORT == 0)
--  {
--    return MEMCACHED_NOT_SUPPORTED;
--  }
--#endif
--
    if (server == NULL)
+   {
      return MEMCACHED_INVALID_ARGUMENTS;
@@ -150,14 +63,15 @@
    /* SANITY CHECK: SASL can only be used with the binary protocol */
    if (memcached_is_binary(server->root) == false)
+   {
--    return  memcached_set_error(*server, MEMCACHED_INVALID_ARGUMENTS, MEMCACHED_AT,
--                                memcached_literal_param("memcached_sasl_authenticate_connection() is not supported via the ASCII protocol"));
++    return memcached_set_error(*server, MEMCACHED_INVALID_ARGUMENTS, MEMCACHED_AT,
++      memcached_literal_param("memcached_sasl_authenticate_connection() is "
++       "not supported via the ASCII protocol"));
+   }
    /* Try to get the supported mech from the server. Servers without SASL
--   * support will return UNKNOWN COMMAND, so we can just treat that
--   * as authenticated
-- */
++   * support will return UNKNOWN COMMAND, so we can just treat that as
++   * authenticated
++   */
    protocol_binary_request_no_extras request= { };
    initialize_binary_request(server, request.message.header);
@@ -183,7 +97,7 @@
         * that the server don't support SASL and treat it as success and
         * let the client fail with the next operation if the error was
         * caused by another problem....
--     */
++       */
        rc= MEMCACHED_SUCCESS;
+     }
@@ -191,33 +105,9 @@
+   }
    assert_msg(server->fd != INVALID_SOCKET, "Programmer error, invalid socket");
--  /* set ip addresses */
--  char laddr[MEMCACHED_NI_MAXHOST + MEMCACHED_NI_MAXSERV];
--  char raddr[MEMCACHED_NI_MAXHOST + MEMCACHED_NI_MAXSERV];
--
--  if (memcached_failed(rc= resolve_names(*server, laddr, sizeof(laddr), raddr, sizeof(raddr))))
--  {
--    return rc;
--  }
--
--  int pthread_error;
--  if ((pthread_error= pthread_once(&sasl_startup_once, sasl_startup_function)) != 0)
--  {
--    return memcached_set_errno(*server, pthread_error, MEMCACHED_AT);
--  }
--
--  (void)pthread_mutex_lock(&sasl_startup_state_LOCK);
--  if (sasl_startup_state != SASL_OK)
--  {
--    const char *sasl_error_msg= sasl_errstring(sasl_startup_state, NULL, NULL);
--    return memcached_set_error(*server, MEMCACHED_AUTH_PROBLEM, MEMCACHED_AT,
--                               memcached_string_make_from_cstr(sasl_error_msg));
--  }
--  (void)pthread_mutex_unlock(&sasl_startup_state_LOCK);
--
    sasl_conn_t *conn;
    int ret;
--  if ((ret= sasl_client_new("memcached", server->_hostname, laddr, raddr, server->root->sasl.callbacks, 0, &conn) ) != SASL_OK)
++  if ((ret= sasl_client_new("memcached", NULL, NULL, NULL, server->root->sasl.callbacks, 0, &conn) ) != SASL_OK)
+   {
      const char *sasl_error_msg= sasl_errstring(ret, NULL, NULL);
@@ -326,228 +216,109 @@
                                                  const char *username,
                                                  const char *password)
+ {
--  if (libmemcached_has_feature(LIBMEMCACHED_FEATURE_HAS_SASL))
--  {
--    Memcached* ptr= memcached2Memcached(shell);
--
--    if (ptr == NULL or username == NULL or password == NULL)
--    {
--      return MEMCACHED_INVALID_ARGUMENTS;
--    }
--
--    memcached_return_t ret;
--    if (memcached_failed(ret= memcached_behavior_set(ptr, MEMCACHED_BEHAVIOR_BINARY_PROTOCOL, 1)))
--    {
--      return memcached_set_error(*ptr, ret, MEMCACHED_AT, memcached_literal_param("Unable change to binary protocol which is required for SASL."));
--    }
--
--    memcached_destroy_sasl_auth_data(ptr);
--
--    sasl_callback_t *callbacks= libmemcached_xcalloc(ptr, 4, sasl_callback_t);
--    size_t password_length= strlen(password);
--    size_t username_length= strlen(username);
--    char *name= (char *)libmemcached_malloc(ptr, username_length +1);
--    sasl_secret_t *secret= (sasl_secret_t*)libmemcached_malloc(ptr, password_length +1 + sizeof(sasl_secret_t));
--
--    if (callbacks == NULL or name == NULL or secret == NULL)
--    {
--      libmemcached_free(ptr, callbacks);
--      libmemcached_free(ptr, name);
--      libmemcached_free(ptr, secret);
--      return memcached_set_error(*ptr, MEMCACHED_MEMORY_ALLOCATION_FAILURE, MEMCACHED_AT);
--    }
--
--    secret->len= password_length;
--    memcpy(secret->data, password, password_length);
--    secret->data[password_length]= 0;
--
--    callbacks[0].id= SASL_CB_USER;
--    callbacks[0].proc= (int (*)())get_username;
--    callbacks[0].context= strncpy(name, username, username_length +1);
--    callbacks[1].id= SASL_CB_AUTHNAME;
--    callbacks[1].proc= (int (*)())get_username;
--    callbacks[1].context= name;
--    callbacks[2].id= SASL_CB_PASS;
--    callbacks[2].proc= (int (*)())get_password;
--    callbacks[2].context= secret;
--    callbacks[3].id= SASL_CB_LIST_END;
--
--    ptr->sasl.callbacks= callbacks;
--    ptr->sasl.is_allocated= true;
--
--    return MEMCACHED_SUCCESS;
--  }
--  return MEMCACHED_NOT_SUPPORTED;
++  Memcached* ptr= memcached2Memcached(shell);
++
++  if (ptr == NULL or username == NULL or password == NULL)
++  {
++    return MEMCACHED_INVALID_ARGUMENTS;
++  }
++
++  memcached_return_t ret;
++  if (memcached_failed(ret= memcached_behavior_set(ptr, MEMCACHED_BEHAVIOR_BINARY_PROTOCOL, 1)))
++  {
++    return memcached_set_error(*ptr, ret, MEMCACHED_AT, memcached_literal_param("Unable change to binary protocol which is required for SASL."));
++  }
++
++  memcached_destroy_sasl_auth_data(ptr);
++
++  sasl_callback_t *callbacks= libmemcached_xcalloc(ptr, 4, sasl_callback_t);
++  size_t password_length= strlen(password);
++  size_t username_length= strlen(username);
++  char *name= (char *)libmemcached_malloc(ptr, username_length +1);
++  sasl_secret_t *secret= (sasl_secret_t*)libmemcached_malloc(ptr, password_length +1 + sizeof(sasl_secret_t));
++
++  if (callbacks == NULL or name == NULL or secret == NULL)
++  {
++    libmemcached_free(ptr, callbacks);
++    libmemcached_free(ptr, name);
++    libmemcached_free(ptr, secret);
++    return memcached_set_error(*ptr, MEMCACHED_MEMORY_ALLOCATION_FAILURE, MEMCACHED_AT);
++  }
++
++  secret->len= password_length;
++  memcpy(secret->data, password, password_length);
++  secret->data[password_length]= 0;
++
++  callbacks[0].id= SASL_CB_USER;
++  callbacks[0].proc= (int (*)())get_username;
++  callbacks[0].context= strncpy(name, username, username_length +1);
++  callbacks[1].id= SASL_CB_AUTHNAME;
++  callbacks[1].proc= (int (*)())get_username;
++  callbacks[1].context= name;
++  callbacks[2].id= SASL_CB_PASS;
++  callbacks[2].proc= (int (*)())get_password;
++  callbacks[2].context= secret;
++  callbacks[3].id= SASL_CB_LIST_END;
++
++  ptr->sasl.callbacks= callbacks;
++  ptr->sasl.is_allocated= true;
++
++  return MEMCACHED_SUCCESS;
+ }
  memcached_return_t memcached_destroy_sasl_auth_data(memcached_st *shell)
+ {
--  if (libmemcached_has_feature(LIBMEMCACHED_FEATURE_HAS_SASL))
--  {
--    Memcached* ptr= memcached2Memcached(shell);
--    if (ptr == NULL)
--    {
--      return MEMCACHED_INVALID_ARGUMENTS;
--    }
--
--    if (ptr->sasl.callbacks == NULL)
--    {
--      return MEMCACHED_SUCCESS;
--    }
--
--    if (ptr->sasl.is_allocated)
--    {
--      libmemcached_free(ptr, ptr->sasl.callbacks[0].context);
--      libmemcached_free(ptr, ptr->sasl.callbacks[2].context);
--      libmemcached_free(ptr, (void*)ptr->sasl.callbacks);
--      ptr->sasl.is_allocated= false;
--    }
--
--    ptr->sasl.callbacks= NULL;
--
++  Memcached* ptr= memcached2Memcached(shell);
++  if (ptr == NULL)
++  {
++    return MEMCACHED_INVALID_ARGUMENTS;
++  }
++
++  if (ptr->sasl.callbacks == NULL)
++  {
      return MEMCACHED_SUCCESS;
+   }
--  return MEMCACHED_NOT_SUPPORTED;
++  if (ptr->sasl.is_allocated)
++  {
++    libmemcached_free(ptr, ptr->sasl.callbacks[0].context);
++    libmemcached_free(ptr, ptr->sasl.callbacks[2].context);
++    libmemcached_free(ptr, (void*)ptr->sasl.callbacks);
++    ptr->sasl.is_allocated= false;
++  }
++
++  ptr->sasl.callbacks= NULL;
++
++  return MEMCACHED_SUCCESS;
+ }
  memcached_return_t memcached_clone_sasl(memcached_st *clone, const  memcached_st *source)
+ {
--  if (libmemcached_has_feature(LIBMEMCACHED_FEATURE_HAS_SASL))
--  {
--    if (clone == NULL or source == NULL)
--    {
--      return MEMCACHED_INVALID_ARGUMENTS;
--    }
--
--    if (source->sasl.callbacks == NULL)
--    {
--      return MEMCACHED_SUCCESS;
--    }
--
--    /* Hopefully we are using our own callback mechanisms.. */
--    if (source->sasl.callbacks[0].id == SASL_CB_USER &&
--        source->sasl.callbacks[0].proc ==  (int (*)())get_username &&
--        source->sasl.callbacks[1].id == SASL_CB_AUTHNAME &&
--        source->sasl.callbacks[1].proc ==  (int (*)())get_username &&
--        source->sasl.callbacks[2].id == SASL_CB_PASS &&
--        source->sasl.callbacks[2].proc ==  (int (*)())get_password &&
--        source->sasl.callbacks[3].id == SASL_CB_LIST_END)
--    {
--      sasl_secret_t *secret= (sasl_secret_t *)source->sasl.callbacks[2].context;
--      return memcached_set_sasl_auth_data(clone,
--                                          (const char*)source->sasl.callbacks[0].context,
--                                          (const char*)secret->data);
--    }
--
--    /*
--     * But we're not. It may work if we know what the user tries to pass
--     * into the list, but if we don't know the ID we don't know how to handle
--     * the context...
--     */
--    ptrdiff_t total= 0;
--
--    while (source->sasl.callbacks[total].id != SASL_CB_LIST_END)
--    {
--      switch (source->sasl.callbacks[total].id)
--      {
--        case SASL_CB_USER:
--        case SASL_CB_AUTHNAME:
--        case SASL_CB_PASS:
--          break;
--        default:
--          /* I don't know how to deal with this... */
--          return MEMCACHED_NOT_SUPPORTED;
--      }
--
--      ++total;
--    }
--
--    sasl_callback_t *callbacks= libmemcached_xcalloc(clone, total +1, sasl_callback_t);
--    if (callbacks == NULL)
--    {
--      return MEMCACHED_MEMORY_ALLOCATION_FAILURE;
--    }
--    memcpy(callbacks, source->sasl.callbacks, (total + 1) * sizeof(sasl_callback_t));
--
--    /* Now update the context... */
--    for (ptrdiff_t x= 0; x < total; ++x)
--    {
--      if (callbacks[x].id == SASL_CB_USER || callbacks[x].id == SASL_CB_AUTHNAME)
--      {
--        callbacks[x].context= (sasl_callback_t*)libmemcached_malloc(clone, strlen((const char*)source->sasl.callbacks[x].context));
--
--        if (callbacks[x].context == NULL)
--        {
--          /* Failed to allocate memory, clean up previously allocated memory */
--          for (ptrdiff_t y= 0; y < x; ++y)
--          {
--            libmemcached_free(clone, clone->sasl.callbacks[y].context);
--          }
--
--          libmemcached_free(clone, callbacks);
--          return MEMCACHED_MEMORY_ALLOCATION_FAILURE;
--        }
--        strncpy((char*)callbacks[x].context, (const char*)source->sasl.callbacks[x].context, sizeof(callbacks[x].context));
--      }
--      else
--      {
--        sasl_secret_t *src= (sasl_secret_t *)source->sasl.callbacks[x].context;
--        sasl_secret_t *n= (sasl_secret_t*)libmemcached_malloc(clone, src->len + 1 + sizeof(*n));
--        if (n == NULL)
--        {
--          /* Failed to allocate memory, clean up previously allocated memory */
--          for (ptrdiff_t y= 0; y < x; ++y)
--          {
--            libmemcached_free(clone, clone->sasl.callbacks[y].context);
--          }
--
--          libmemcached_free(clone, callbacks);
--          return MEMCACHED_MEMORY_ALLOCATION_FAILURE;
--        }
--        memcpy(n, src, src->len + 1 + sizeof(*n));
--        callbacks[x].context= n;
--      }
--    }
--
--    clone->sasl.callbacks= callbacks;
--    clone->sasl.is_allocated= true;
--
++  if (clone == NULL or source == NULL)
++  {
++    return MEMCACHED_INVALID_ARGUMENTS;
++  }
++
++  if (source->sasl.callbacks == NULL)
++  {
      return MEMCACHED_SUCCESS;
+   }
--  return MEMCACHED_NOT_SUPPORTED;
--}
--
--#else
--
--void memcached_set_sasl_callbacks(memcached_st *, const sasl_callback_t *)
--{
--}
--
--sasl_callback_t *memcached_get_sasl_callbacks(memcached_st *)
--{
--  return NULL;
--}
--
--memcached_return_t memcached_set_sasl_auth_data(memcached_st *, const char *, const char *)
--{
--  return MEMCACHED_NOT_SUPPORTED;
--}
--
--memcached_return_t memcached_clone_sasl(memcached_st *, const  memcached_st *)
--{
--  return MEMCACHED_NOT_SUPPORTED;
--}
--
--memcached_return_t memcached_destroy_sasl_auth_data(memcached_st*)
--{
--  return MEMCACHED_NOT_SUPPORTED;
--}
--
--memcached_return_t memcached_sasl_authenticate_connection(memcached_instance_st*)
--{
--  return MEMCACHED_NOT_SUPPORTED;
--}
--
--#endif
++  /* Only support using our own callback mechanisms.. */
++  if (source->sasl.callbacks[0].id == SASL_CB_USER &&
++      source->sasl.callbacks[0].proc ==  (int (*)())get_username &&
++      source->sasl.callbacks[1].id == SASL_CB_AUTHNAME &&
++      source->sasl.callbacks[1].proc ==  (int (*)())get_username &&
++      source->sasl.callbacks[2].id == SASL_CB_PASS &&
++      source->sasl.callbacks[2].proc ==  (int (*)())get_password &&
++      source->sasl.callbacks[3].id == SASL_CB_LIST_END)
++  {
++    sasl_secret_t *secret= (sasl_secret_t *)source->sasl.callbacks[2].context;
++    return memcached_set_sasl_auth_data(clone,
++                                        (const char*)source->sasl.callbacks[0].context,
++                                        (const char*)secret->data);
++  }
++
++  return MEMCACHED_NOT_SUPPORTED;
++}
++
 === added file 'libmemcached/sasl_client.cc'
 --- libmemcached/sasl_client.cc	1970-01-01 00:00:00 +0000
 +++ libmemcached/sasl_client.cc	2014-06-20 23:47:25 +0000
@@ -0,0 +1,192 @@
++/* -*- Mode: C; tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- */
++/*
++ * Copyright (C) 2010 Membase, Inc
++ * All rights reserved.
++ *
++ *   Licensed under the Apache License, Version 2.0 (the "License");
++ *   you may not use this file except in compliance with the License.
++ *   You may obtain a copy of the License at
++ *
++ *       http://www.apache.org/licenses/LICENSE-2.0
++ *
++ *   Unless required by applicable law or agreed to in writing, software
++ *   distributed under the License is distributed on an "AS IS" BASIS,
++ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ *   See the License for the specific language governing permissions and
++ *   limitations under the License.
++ */
++
++// Minimal SASL client that only supports PLAIN authentication.
++
++#include <libmemcached-1.2/isasl.h>
++#include <string.h>
++#include <stdlib.h>
++
++struct sasl_conn {
++    const sasl_callback_t *callbacks;
++    char *userdata;
++};
++
++static const char *plain = "PLAIN";
++
++LIBMEMCACHED_LOCAL
++int sasl_client_new(const char *service,
++                    const char *serverFQDN,
++                    const char *iplocalport,
++                    const char *ipremoteport,
++                    const sasl_callback_t *prompt_supp,
++                    unsigned flags,
++                    sasl_conn_t **pconn)
++{
++    struct sasl_conn *conn = (sasl_conn *) calloc(1, sizeof(*conn));
++    if (conn == NULL) {
++        return SASL_ERROR;
++    }
++
++    conn->callbacks = prompt_supp;
++    *pconn = conn;
++
++    (void)service;
++    (void)serverFQDN;
++    (void)iplocalport;
++    (void)ipremoteport;
++    (void)flags;
++
++    return SASL_OK;
++}
++
++LIBMEMCACHED_LOCAL
++void sasl_dispose(sasl_conn_t **pconn) {
++    free((*pconn)->userdata);
++    free(*pconn);
++    *pconn = NULL;
++}
++
++LIBMEMCACHED_LOCAL
++int sasl_client_start(sasl_conn_t *conn,
++                      const char *mechlist,
++                      void **prompt_need,
++                      const char **clientout,
++                      unsigned int*clientoutlen,
++                      const char **mech) {
++    const char *usernm = NULL;
++    unsigned int usernmlen;
++    int i = 0;
++    int found = 0;
++    sasl_secret_t *pass;
++
++    if (strstr(mechlist, "PLAIN") == NULL) {
++        return SASL_ERROR;
++    }
++
++    *mech = plain;
++
++    /* get the username: */
++    while (conn->callbacks[i].id != SASL_CB_LIST_END) {
++        if (conn->callbacks[i].id == SASL_CB_USER) {
++            int r;
++            union {
++                int (*get)(void*, int, const char **, unsigned int*);
++                int (*proc)(void);
++            } hack;
++
++            hack.proc = conn->callbacks[i].proc;
++
++            r = hack.get(conn->callbacks[i].context, SASL_CB_USER,
++                         &usernm, &usernmlen);
++            if (r != SASL_OK) {
++                return r;
++            }
++            found = 1;
++            break;
++        }
++        ++i;
++    }
++
++    if (!found) {
++        return SASL_ERROR;
++    }
++
++    found = 0;
++    i = 0;
++    while (conn->callbacks[i].id != SASL_CB_LIST_END) {
++        if (conn->callbacks[i].id == SASL_CB_PASS) {
++            int r;
++            union {
++                int (*get)(sasl_conn_t *, void *, int, sasl_secret_t **);
++                int (*proc)(void);
++            } hack;
++
++            hack.proc = conn->callbacks[i].proc;
++
++            r = hack.get(conn, conn->callbacks[i].context, SASL_CB_PASS,
++                         &pass);
++            if (r != SASL_OK) {
++                return r;
++            }
++            found = 1;
++            break;
++        }
++        ++i;
++    }
++    if (!found) {
++        return SASL_ERROR;
++    }
++
++    conn->userdata = (char *) calloc(usernmlen + 1 + pass->len + 1, 1);
++    if (conn->userdata == NULL) {
++        return SASL_ERROR;
++    }
++
++    memcpy(conn->userdata + 1, usernm, usernmlen);
++    memcpy(conn->userdata + usernmlen + 2, pass->data, pass->len);
++    *clientout = conn->userdata;
++    *clientoutlen = (unsigned int)(usernmlen + 2 + pass->len);
++
++    (void)prompt_need;
++    return SASL_OK;
++}
++
++LIBMEMCACHED_LOCAL
++void sasl_done(void)
++{
++
++}
++
++LIBMEMCACHED_LOCAL
++int sasl_client_step(sasl_conn_t *a, const void *b, unsigned int c,
++                     void *d, const void *e, void *f)
++{
++    (void)a;(void)b;(void)c;(void)d;(void)e;(void)f;
++    return SASL_ERROR;
++}
++
++LIBMEMCACHED_LOCAL
++int sasl_client_init(const sasl_callback_t *callbacks)
++{
++    (void)callbacks;
++    return SASL_OK;
++}
++
++LIBMEMCACHED_LOCAL
++const char *sasl_errstring(int saslerr,
++                           const char *langlist,
++                           const char **outlang)
++{
++    (void)langlist;
++
++    if (outlang)
++    {
++        *outlang= "en-us";
++    }
++
++    switch(saslerr)
++      {
++      case SASL_OK:       return "successful result";
++      case SASL_CONTINUE: return "another step is needed in authentication";
++      case SASL_ERROR:    return "generic failure";
++      case SASL_BADPARAM: return "invalid parameter supplied";
++      default:            return "undefined error!";
++      }
++}
++