kerberosTest/sample/client.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import os 
import subprocess 
import gssapi 
import sys 
import socket

def send_data(data:bytes, length:int):
    len_str = length.to_bytes(3, byteorder="little", signed=True)
    print(len_str)
    s.send(len_str)
    s.send(data)

def recv_data():
    bs = s.recv(3)
    length = int.from_bytes(bs, byteorder="little", signed=True)
    print(length)
    data = s.recv(length)
    return data

curr_path = os.getcwd()
os.environ["KRB5_CONFIG"] = curr_path + "/krb5.conf"
os.environ["KRB5CCNAME"]  = "/tmp/krb5cc_cli_1000"
os.environ["KRB5_KTNAME"] = curr_path + "/cli.keytab"
os.environ["KRB5_TRACE"] = "/tmp/client.log"
principal = "cli@TEST.HADOOP.COM"

res = subprocess.call(["kinit", "-kt", "cli.keytab", principal])
subprocess.call(["klist"])

name = gssapi.Name(principal)

server_token = None 
port = 12345
s = socket.socket()
host = "127.0.0.1"
s.connect((host, port))
rev = s.recv(1024)

print(rev)
cname = name.canonicalize(gssapi.MechType.kerberos)
print(cname)
client_ctx = gssapi.SecurityContext(name=cname, usage="initiate")
while not client_ctx.complete:
    client_token = client_ctx.step(server_token)
    client_token = client_token or b''
    print("client_token=", client_token, "\nlen=", len(client_token), "\n")
    send_data(client_token, len(client_token))
    server_token = recv_data()
    print("server_token=", server_token,"len=",len(server_token), "\n")
update 2022-07-28 14:47:57 +00:00			`#!/usr/bin/env python3`
			`# -- coding: utf-8 --`
			`import os`
			`import subprocess`
			`import gssapi`
			`import sys`
			`import socket`

update kerberos 2022-07-30 13:19:32 +00:00			`def send_data(data:bytes, length:int):`
			`len_str = length.to_bytes(3, byteorder="little", signed=True)`
			`print(len_str)`
			`s.send(len_str)`
			`s.send(data)`

			`def recv_data():`
			`bs = s.recv(3)`
			`length = int.from_bytes(bs, byteorder="little", signed=True)`
			`print(length)`
			`data = s.recv(length)`
			`return data`

update 2022-07-28 14:47:57 +00:00			`curr_path = os.getcwd()`
修改域名 2023-10-06 02:31:49 +00:00			`os.environ["KRB5_CONFIG"] = curr_path + "/krb5.conf"`
update 2022-07-28 14:47:57 +00:00			`os.environ["KRB5CCNAME"] = "/tmp/krb5cc_cli_1000"`
修改域名 2023-10-06 02:31:49 +00:00			`os.environ["KRB5_KTNAME"] = curr_path + "/cli.keytab"`
update 2022-07-28 14:47:57 +00:00			`os.environ["KRB5_TRACE"] = "/tmp/client.log"`
修改域名 2023-10-06 02:31:49 +00:00			`principal = "cli@TEST.HADOOP.COM"`
update 2022-07-28 14:47:57 +00:00
修改域名 2023-10-06 02:31:49 +00:00			`res = subprocess.call(["kinit", "-kt", "cli.keytab", principal])`
update 2022-07-28 14:47:57 +00:00			`subprocess.call(["klist"])`

			`name = gssapi.Name(principal)`

			`server_token = None`
			`port = 12345`
			`s = socket.socket()`
			`host = "127.0.0.1"`
			`s.connect((host, port))`
			`rev = s.recv(1024)`

			`print(rev)`
			`cname = name.canonicalize(gssapi.MechType.kerberos)`
			`print(cname)`
			`client_ctx = gssapi.SecurityContext(name=cname, usage="initiate")`
			`while not client_ctx.complete:`
			`client_token = client_ctx.step(server_token)`
update kerberos 2022-07-30 13:19:32 +00:00			`client_token = client_token or b''`
			`print("client_token=", client_token, "\nlen=", len(client_token), "\n")`
			`send_data(client_token, len(client_token))`
			`server_token = recv_data()`
			`print("server_token=", server_token,"len=",len(server_token), "\n")`
update 2022-07-28 14:47:57 +00:00