add kerberos config

.gitignore

@@ -176,5 +176,6 @@ cython_debug/
 a.out
 *.out
 *.o
-sample/sample_server
-sample/sample_client
+sample/server
+sample/client
+sample/core

sample/.clang-format

@@ -0,0 +1,213 @@
+# 语言: None, Cpp, Java, JavaScript, ObjC, Proto, TableGen, TextProto
+Language: Cpp
+# BasedOnStyle:	LLVM
+
+# 访问说明符(public、private等)的偏移
+AccessModifierOffset: -4
+
+# 开括号(开圆括号、开尖括号、开方括号)后的对齐: Align, DontAlign, AlwaysBreak(总是在开括号后换行)
+AlignAfterOpenBracket: Align
+
+# 连续赋值时，对齐所有等号
+AlignConsecutiveAssignments: false
+
+# 连续声明时，对齐所有声明的变量名
+AlignConsecutiveDeclarations: false
+
+# 右对齐逃脱换行(使用反斜杠换行)的反斜杠
+AlignEscapedNewlines: Right
+
+# 水平对齐二元和三元表达式的操作数
+AlignOperands: true
+
+# 对齐连续的尾随的注释
+AlignTrailingComments: true
+
+# 不允许函数声明的所有参数在放在下一行
+AllowAllParametersOfDeclarationOnNextLine: false
+
+# 不允许短的块放在同一行
+AllowShortBlocksOnASingleLine: true
+
+# 允许短的case标签放在同一行
+AllowShortCaseLabelsOnASingleLine: true
+
+# 允许短的函数放在同一行: None, InlineOnly(定义在类中), Empty(空函数), Inline(定义在类中，空函数), All
+AllowShortFunctionsOnASingleLine: None
+
+# 允许短的if语句保持在同一行
+AllowShortIfStatementsOnASingleLine: true
+
+# 允许短的循环保持在同一行
+AllowShortLoopsOnASingleLine: true
+
+# 总是在返回类型后换行: None, All, TopLevel(顶级函数，不包括在类中的函数), 
+# AllDefinitions(所有的定义，不包括声明), TopLevelDefinitions(所有的顶级函数的定义)
+AlwaysBreakAfterReturnType: None
+
+# 总是在多行string字面量前换行
+AlwaysBreakBeforeMultilineStrings: false
+
+# 总是在template声明后换行
+AlwaysBreakTemplateDeclarations: true
+
+# false表示函数实参要么都在同一行，要么都各自一行
+BinPackArguments: true
+
+# false表示所有形参要么都在同一行，要么都各自一行
+BinPackParameters: true
+
+# 大括号换行，只有当BreakBeforeBraces设置为Custom时才有效
+BraceWrapping:
+  # class定义后面
+  AfterClass: false
+  # 控制语句后面
+  AfterControlStatement: false
+  # enum定义后面
+  AfterEnum: false
+  # 函数定义后面
+  AfterFunction: false
+  # 命名空间定义后面
+  AfterNamespace: false
+  # struct定义后面
+  AfterStruct: false
+  # union定义后面
+  AfterUnion: false
+  # extern之后
+  AfterExternBlock: false
+  # catch之前
+  BeforeCatch: false
+  # else之前
+  BeforeElse: false
+  # 缩进大括号
+  IndentBraces: false
+  # 分离空函数
+  SplitEmptyFunction: false
+  # 分离空语句
+  SplitEmptyRecord: false
+  # 分离空命名空间
+  SplitEmptyNamespace: false
+
+# 在二元运算符前换行: None(在操作符后换行), NonAssignment(在非赋值的操作符前换行), All(在操作符前换行)
+BreakBeforeBinaryOperators: NonAssignment
+
+# 在大括号前换行: Attach(始终将大括号附加到周围的上下文), Linux(除函数、命名空间和类定义，与Attach类似), 
+#   Mozilla(除枚举、函数、记录定义，与Attach类似), Stroustrup(除函数定义、catch、else，与Attach类似), 
+#   Allman(总是在大括号前换行), GNU(总是在大括号前换行，并对于控制语句的大括号增加额外的缩进), WebKit(在函数前换行), Custom
+#   注：这里认为语句块也属于函数
+BreakBeforeBraces: Custom
+
+# 在三元运算符前换行
+BreakBeforeTernaryOperators: false
+
+# 在构造函数的初始化列表的冒号后换行
+BreakConstructorInitializers: AfterColon
+
+#BreakInheritanceList: AfterColon
+
+BreakStringLiterals: false
+
+# 每行字符的限制，0表示没有限制
+ColumnLimit: 0
+
+CompactNamespaces: true
+
+# 构造函数的初始化列表要么都在同一行，要么都各自一行
+ConstructorInitializerAllOnOneLineOrOnePerLine: false
+
+# 构造函数的初始化列表的缩进宽度
+ConstructorInitializerIndentWidth: 4
+
+# 延续的行的缩进宽度
+ContinuationIndentWidth: 4
+
+# 去除C++11的列表初始化的大括号{后和}前的空格
+Cpp11BracedListStyle: true
+
+# 继承最常用的指针和引用的对齐方式
+DerivePointerAlignment: false
+
+# 固定命名空间注释
+FixNamespaceComments: true
+
+# 缩进case标签
+IndentCaseLabels: false
+
+IndentPPDirectives: None
+
+# 缩进宽度
+IndentWidth: 4
+
+# 函数返回类型换行时，缩进函数声明或函数定义的函数名
+IndentWrappedFunctionNames: false
+
+# 保留在块开始处的空行
+KeepEmptyLinesAtTheStartOfBlocks: false
+
+# 连续空行的最大数量
+MaxEmptyLinesToKeep: 1
+
+# 命名空间的缩进: None, Inner(缩进嵌套的命名空间中的内容), All
+NamespaceIndentation: None
+
+# 指针和引用的对齐: Left, Right, Middle
+PointerAlignment: Right
+
+# 允许重新排版注释
+ReflowComments: true
+
+# 允许排序#include
+SortIncludes: false
+
+# 允许排序 using 声明
+SortUsingDeclarations: false
+
+# 在C风格类型转换后添加空格
+SpaceAfterCStyleCast: false
+
+# 在Template 关键字后面添加空格
+SpaceAfterTemplateKeyword: true
+
+# 在赋值运算符之前添加空格
+SpaceBeforeAssignmentOperators: true
+
+# SpaceBeforeCpp11BracedList: true
+
+# SpaceBeforeCtorInitializerColon: true
+
+# SpaceBeforeInheritanceColon: true
+
+# 开圆括号之前添加一个空格: Never, ControlStatements, Always
+SpaceBeforeParens: ControlStatements
+
+# SpaceBeforeRangeBasedForLoopColon: true
+
+# 在空的圆括号中添加空格
+SpaceInEmptyParentheses: false
+
+# 在尾随的评论前添加的空格数(只适用于//)
+SpacesBeforeTrailingComments: 1
+
+# 在尖括号的<后和>前添加空格
+SpacesInAngles: false
+
+# 在C风格类型转换的括号中添加空格
+SpacesInCStyleCastParentheses: false
+
+# 在容器(ObjC和JavaScript的数组和字典等)字面量中添加空格
+SpacesInContainerLiterals: true
+
+# 在圆括号的(后和)前添加空格
+SpacesInParentheses: false
+
+# 在方括号的[后和]前添加空格，lamda表达式和未指明大小的数组的声明不受影响
+SpacesInSquareBrackets: false
+
+# 标准: Cpp03, Cpp11, Auto
+Standard: Cpp11
+
+# tab宽度
+TabWidth: 4
+
+# 使用tab字符: Never, ForIndentation, ForContinuationAndIndentation, Always
+UseTab: Never

sample/Makefile

@@ -1,7 +1,7 @@
 
 CC=gcc
 
-PROGRAM=sample_client sample_server
+PROGRAM=client server
 
 LIBSSL_LIBS=-lsasl2
 
@@ -14,17 +14,17 @@ all: $(PROGRAM)
 	@echo "build seccess!"
 	@echo ""
 
-sample_client:sample-client.c
+client:sample-client.c
 	$(CC) -g -c sample-client.c $(FINAL_FLAG)
-	$(CC) -g -o sample_client sample-client.o $(FINAL_FLAG)
+	$(CC) -g -o client sample-client.o $(FINAL_FLAG)
 	rm *.o
 
-sample_server:sample-server.c
+server:sample-server.c
 	$(CC) -g -c sample-server.c $(FINAL_FLAG)
-	$(CC) -g -o sample_server sample-server.o $(FINAL_FLAG)
+	$(CC) -g -o server sample-server.o $(FINAL_FLAG)
 	rm *.o
 
 clean:
-	rm sample_server sample_client
+	rm server client
 
 

sample/sample-client.c

@@ -1,141 +1,166 @@
-
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
+#include <sys/types.h>
 #include <sasl/sasl.h>
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <linux/in.h>
-#include <string.h>
 
 #define SAMPLE_SEC_BUF_SIZE (2048)
 
 char buf[SAMPLE_SEC_BUF_SIZE];
 
 static sasl_conn_t *conn = NULL;
-const char *realm = "DOMAIN.COM";
+const char *realm = "TEST.COM";
 const char *mech = "GSSAPI";
 const char *iplocal = "127.0.0.1";
 const char *ipremote = "127.0.0.1";
 char *searchpath = NULL;
-const char *service = "zeekling";
-const char *fqdn = "";
+const char *service = "server";
+const char *fqdn = "hadoop.test.com";
 int cfd;
 
 int init_sasl() {
-	int result = sasl_client_init(NULL);
-	if (result != SASL_OK) {
-		printf("Initializing libsasl\n");
-		return -1;
-	}
-	return 0;
+    int result = sasl_client_init(NULL);
+    if (result != SASL_OK) {
+        printf("Initializing libsasl\n");
+        return -1;
+    }
+    printf("sasl_client_init ok\n");
+    return 0;
 }
 
 int connect_server() {
-	struct sockaddr_in s_add, c_add;
-	unsigned short portnum = 2345;
-	printf("Hello,welcome to client !\n");
-	cfd = socket(AF_INET, SOCK_STREAM, 0);
-	if(-1 == cfd) {
-		printf("socket fail ! \n");
-		return 1;
-	}
-	printf("socket ok !\n");
-	bzero(&s_add, sizeof(struct sockaddr_in));
-	s_add.sin_family = AF_INET;
-	s_add.sin_addr.s_addr = inet_addr("127.0.0.1");
-	s_add.sin_port = htons(portnum);
+    struct sockaddr_in s_add, c_add;
+    unsigned short portnum = 2345;
+    printf("Hello,welcome to client !\n");
+    cfd = socket(AF_INET, SOCK_STREAM, 0);
+    if (-1 == cfd) {
+        printf("socket fail ! \n");
+        return 1;
+    }
+    printf("socket ok !\n");
+    bzero(&s_add, sizeof(struct sockaddr_in));
+    s_add.sin_family = AF_INET;
+    s_add.sin_addr.s_addr = inet_addr("127.0.0.1");
+    s_add.sin_port = htons(portnum);
 
-	if(-1 == connect(cfd,(struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
-		printf("connect fail !\n");
-		return 1;
-	}
-	printf("connect ok !\n");
-	return 0;
+    if (-1 == connect(cfd, (struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
+        printf("connect fail !\n");
+        return 1;
+    }
+    printf("connect ok !\n");
+    return 0;
+}
+
+int readTicket(char *ticket) {
+    char len_str[10] = {0};
+    int recbytes;
+    if (-1 == (recbytes = read(cfd, len_str, 10))) {
+        printf("read len fail !\n");
+        close(cfd);
+        return 0;
+    }
+    char buffer[1024] = {0};
+    int len = atoi(len_str);
+    printf("read len=%s\n", len_str);
+    if (-1 == (recbytes = read(cfd, ticket, len))) {
+        printf("read data fail !\n");
+        close(cfd);
+        return 0;
+    }
+	return len;
+
+}
+
+void writeTicket(char *data, unsigned len) {
+    char len_str[10] = {0};
+    sprintf(len_str, "%d", len);
+    if (-1 == write(cfd, len_str, 10)) {
+        printf("write failed\n");
+        return 1;
+    }
+    if (-1 == write(cfd, data, len)) {
+        printf("write failed\n");
+        return 1;
+    }
 }
 
 int auth_sever() {
-	int result = sasl_client_new("sample", fqdn, "127.0.0.1",
-			"127.0.0.1", NULL, 0, &conn);
-	if (result != SASL_OK) {
-		printf("client new client failed\n");
-		return 1;
-	}
-	char *data = NULL;
-	unsigned len = 0;
-	result = sasl_client_start(conn, mech, NULL, &data, &len, &mech);
-	if (result != SASL_OK && result != SASL_CONTINUE) {
-		printf("client auth start failed error:%s\n", sasl_errdetail(conn));
-		return 1;
-	}
-	while (1) {
-		//todo  多次认证
-		printf("write data %s, %d", data, len);
-		if(-1 == write(cfd, data, len)) {
-			printf("write failed\n");
-			return 1;
-		}
-		int recbytes = 0;
-		char *buffer = NULL;
-		if (read(recbytes = read(cfd, buffer, 1024)) == -1) {
-			printf("read error\n");
-			return 1;
-		}
-		printf("receive %s %d", buffer, recbytes);
-		result = sasl_client_step(conn, buffer, recbytes, NULL, &data, &len);
-		if (result != SASL_OK && result != SASL_CONTINUE) {
-			printf("auth failed, %s\n", sasl_errdetail(conn));
-			return 1;
-		}
-	}
-	return 0;
+    printf("begin auth\n");
+    int result = sasl_client_new("server", fqdn, NULL, NULL, NULL, 0, &conn);
+    if (result != SASL_OK) {
+        printf("client new client failed\n");
+        return 1;
+    }
+    char data[1024] = {0};
+    unsigned len = 0;
+    printf("begin sasl_client_start\n");
+    result = sasl_client_start(conn, mech, NULL, &data, &len, &mech);
+    if (result != SASL_OK && result != SASL_CONTINUE) {
+        printf("client auth start failed error:%s\n", sasl_errdetail(conn));
+        return 1;
+    }
+    //data[len] = '\0';
+    printf("sasl_client_start ok: ticket=%s, len=%d\n", data, len);
+    while (1) {
+        char len_str[10] = {0};
+        writeTicket(data, len);
+		char *buffer;
+        int size = readTicket(buffer);
+
+        result = sasl_client_step(conn, buffer, size, NULL, &data, &len);
+        if (result != SASL_OK && result != SASL_CONTINUE) {
+            printf("auth failed, %s\n", sasl_errdetail(conn));
+            return 1;
+        }
+    }
+    return 0;
 }
 
 int main() {
-	int result;
-	const char *data;
-	const char *chosenmech;
-	int serverlast = 0;
-	unsigned len;
-	char *userid = NULL;
-	char *authid = NULL;
+    int result;
+    const char *data;
+    const char *chosenmech;
+    int serverlast = 0;
+    unsigned len;
+    char *userid = NULL;
+    char *authid = NULL;
 
-	int recbytes;
-	int sin_size;
-	char buffer[1024]={0};
+    int recbytes;
+    int sin_size;
+    char buffer[1024] = {0};
 
-	if (connect_server() != 0)
-	{
-		return 1;
-	}
+    if (connect_server() != 0) {
+        return 1;
+    }
 
-	if (init_sasl() != 0) {
-		return 1;
-	}
+    if (init_sasl() != 0) {
+        return 1;
+    }
 
-	if(-1 == (recbytes = read(cfd, buffer, 1024))) {
-		printf("read data fail !\n");
-		return -1;
-	}
+    if (-1 == (recbytes = read(cfd, buffer, 1024))) {
+        printf("read data fail !\n");
+        return -1;
+    }
 
-	if (strcmp(buffer, "need_auth") == 0 && auth_sever() != 0) {
-		printf("auth failed\n");
-		return -1;
-	}
-	printf("auth ok\nREC:\n");
+    if (strcmp(buffer, "need_auth") == 0 && auth_sever() != 0) {
+        printf("auth failed\n");
+        return -1;
+    }
+    printf("auth ok\nREC:\n");
 
-	buffer[recbytes]='\0';
-	printf("%s\n",buffer);
+    buffer[recbytes] = '\0';
+    printf("%s\n", buffer);
 
-	auth_sever();
+    auth_sever();
 
-	getchar();
-	close(cfd);
+    getchar();
+    close(cfd);
 
-	if (init_sasl() != 0) {
-		return 1;
-	}
-	return 0;
+    if (init_sasl() != 0) {
+        return 1;
+    }
+    return 0;
 }
-
-

sample/sample-server.c

@@ -9,159 +9,169 @@
 #include <sasl/sasl.h>
 
 int sfp;
-struct sockaddr_in s_add,c_add;
+struct sockaddr_in s_add, c_add;
 int sin_size;
 
+char *server = "server";
+
 typedef struct kClient {
-	int fp;
-	int auth_complete;
-	int begin_auth;
-	sasl_conn_t *conn;
+    int fp;
+    int auth_complete;
+    int begin_auth;
+    sasl_conn_t *conn;
 } kClient;
 
 int listen_port() {
-	unsigned short portnum=2345;
+    unsigned short portnum = 2345;
 
-	sfp = socket(AF_INET, SOCK_STREAM, 0);
-	if(-1 == sfp) {
-		printf("socket fail ! \n");
-		return -1;
-	}
+    sfp = socket(AF_INET, SOCK_STREAM, 0);
+    if (-1 == sfp) {
+        printf("socket fail ! \n");
+        return -1;
+    }
 
-	/* 填充服务器端口地址信息，以便下面使用此地址和端口监听 */
-	bzero(&s_add,sizeof(struct sockaddr_in));
-	s_add.sin_family=AF_INET;
-	s_add.sin_addr.s_addr=htonl(INADDR_ANY); /* 这里地址使用全0，即所有 */
-	s_add.sin_port=htons(portnum);
-	/* 使用bind进行绑定端口 */
-	if(-1 == bind(sfp,(struct sockaddr *)(&s_add), sizeof(struct sockaddr)))
-	{
-		printf("bind fail !\n");
-		return -1;
-	}
-	/* 开始监听相应的端口 */
-	if(-1 == listen(sfp,5))
-	{
-		printf("listen fail !\n");
-		return -1;
-	}
-	printf("Hello,welcome to my server !\n");
-	return 0;
+    /* 填充服务器端口地址信息，以便下面使用此地址和端口监听 */
+    bzero(&s_add, sizeof(struct sockaddr_in));
+    s_add.sin_family = AF_INET;
+    s_add.sin_addr.s_addr = htonl(INADDR_ANY); /* 这里地址使用全0，即所有 */
+    s_add.sin_port = htons(portnum);
+    /* 使用bind进行绑定端口 */
+    if (-1 == bind(sfp, (struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
+        printf("bind fail !\n");
+        return -1;
+    }
+    /* 开始监听相应的端口 */
+    if (-1 == listen(sfp, 5)) {
+        printf("listen fail !\n");
+        return -1;
+    }
+    printf("Hello,welcome to my server !\n");
+    return 0;
 }
 
 kClient *createClient(int fp) {
-	kClient *c = malloc(sizeof(kClient));
-	c->fp = fp;
-	c->auth_complete = -1;
-	c->begin_auth = 0;
-	c->conn = NULL;
-	return c;
+    kClient *c = malloc(sizeof(kClient));
+    c->fp = fp;
+    c->auth_complete = -1;
+    c->begin_auth = 0;
+    c->conn = NULL;
+    return c;
 }
 
 int auth_client(kClient *c) {
-	if (!c->begin_auth && sasl_server_new("sample", "DOMAIN.COM",
-				"DOMAIN.COM", "127.0.0.1", "127.0.0.1", NULL,
-				0, &c->conn) == SASL_OK) {
-		printf("Allocating sasl connection state");
-		return 1;
-	}
-	const char *mech = "GSSAPI";
-	int recbytes;
-	char buffer[1024]={0};
-	if ((recbytes = read(c->fp, buffer, 1024)) == -1) {
-		printf("read failed\n");
-		close(c->fp);
-		return 1;
-	}
-	buffer[recbytes] = '\0';
-	char *out;
-	unsigned len = 0;
-	int result = sasl_server_start(c->conn, mech, buffer, recbytes, &out, &len);
-	if (result != SASL_OK && result != SASL_CONTINUE) {
-		printf("auth failed ,%s\n", sasl_errdetail(c->conn));
-		write(c->fp, "auth failed\n", 11);
-		close(c->fp);
-	}
-	while (result == SASL_CONTINUE) {
-		if (write(c->fp, out, len) == -1) {
-			printf("write failed\n");
-			return 1;
-		}
-		if (recbytes = read(c->fp, buffer, 1024)) {
-			printf("write failed\n");
-			return 1;
-		}
-		result = sasl_server_step(c->conn, buffer, recbytes, &out, &len);
-		if (result != SASL_OK && result != SASL_CONTINUE) {
-			printf("auth failed ,%s\n", sasl_errdetail(c->conn));
-			write(c->fp, "auth failed\n", 11);
-			close(c->fp);
-			return 1;
-		}
-	}
-	return 0;
+    if (!c->begin_auth) {
+        int result = sasl_server_new(server, "hadoop.test.com", "TEST.COM", NULL, NULL, NULL, 0, &c->conn);
+        if (result != SASL_OK) {
+            printf("Allocating sasl connection state, %s\n", sasl_errdetail(c->conn));
+            return 1;
+        }
+    }
+
+    const char *mech = "GSSAPI";
+    char buffer[1024] = {0};
+    int client_len = readTicket(c, buffer);
+    char *out;
+    unsigned len = 0;
+    buffer[client_len] = '\n';
+    printf("ticket=%s, len=%d\n", buffer, client_len);
+    int result = sasl_server_start(c->conn, mech, buffer, client_len, &out, &len);
+    if (result != SASL_OK && result != SASL_CONTINUE) {
+        printf("auth failed ,%s, result=%d\n", sasl_errdetail(c->conn), result);
+        write(c->fp, "auth failed\n", 11);
+        close(c->fp);
+        return;
+    }
+    printf("sasl_server_start ok\n");
+    while (result == SASL_CONTINUE) {
+        writeTicket(c, out, len);
+        client_len = readTicket(c, buffer);
+        result = sasl_server_step(c->conn, buffer, client_len, &out, &len);
+        if (result != SASL_OK && result != SASL_CONTINUE) {
+            printf("auth failed ,%s\n", sasl_errdetail(c->conn));
+            write(c->fp, "auth failed\n", 11);
+            close(c->fp);
+            return 1;
+        }
+        printf("sasl_server_start ok");
+    }
+    return 0;
+}
+
+int readTicket(kClient *c, char *ticket) {
+    char len_str[10] = {0};
+    int recbytes;
+    if (-1 == (recbytes = read(c->fp, len_str, 25))) {
+        printf("read len fail !\n");
+        close(c->fp);
+        return 0;
+    }
+    int len = atoi(len_str);
+    printf("read len=%s\n", len_str);
+    if (-1 == (recbytes = read(c->fp, ticket, len))) {
+        printf("read data fail !\n");
+        close(c->fp);
+        return 0;
+    }
+    return len;
+}
+
+void writeTicket(kClient *c, char *data, unsigned len) {
+    char len_str[10] = {0};
+    sprintf(len_str, "%d", len);
+    if (-1 == write(c->fp, len_str, 10)) {
+        printf("write failed\n");
+        return 1;
+    }
+    if (-1 == write(c->fp, data, len)) {
+        printf("write failed\n");
+        return 1;
+    }
 }
 
 void readQuery(kClient *c) {
-	char buffer[1024]={0};
-	int recbytes;
-	/* 这里使用write向客户端发送信息，也可以尝试使用其他函数实现 */
-	if(-1 == write(c->fp,"need_auth",9))
-	{
-		printf("write fail!\n");
-		close(c->fp);
-		return;
-	}
-	printf("write ok!\n");
-	while (1) {
-		if(-1 == (recbytes = read(c->fp,buffer,1024))) {
-			printf("read data fail !\n");
-			close(c->fp);
-		}
-		if (c->auth_complete != 1 && auth_client(c) != 0) {
-			printf("auth failed!\n");
-			break;
-		}
-		if(-1 == write(c->fp,"need_auth",9)) {
-			printf("write fail!\n");
-			break;
-		}
-	}
-	close(c->fp);
-}
+    char buffer[1024] = {0};
+    int recbytes;
+    /* 这里使用write向客户端发送信息，也可以尝试使用其他函数实现 */
+    if (-1 == write(c->fp, "need_auth", 9)) {
+        printf("write fail!\n");
+        close(c->fp);
+        return;
+    }
 
+    if (auth_client(c) != 0) {
+        printf("auth failed!\n");
+        return;
+    }
+
+    close(c->fp);
+}
 
 int init_sasl() {
-	int result = sasl_server_init(NULL, "sample");
-	if (result != SASL_OK) {
-		printf("Initializing libsasl");
-		return 1;
-	}
-	return 0;
+    int result = sasl_server_init(NULL, server);
+    if (result != SASL_OK) {
+        printf("Initializing libsasl");
+        return 1;
+    }
+    return 0;
 }
 
-int main()
-{
-	if (listen_port() != 0 && init_sasl() != 0)
-	{
-		return 1;
-	}
-	while(1)
-	{
-		sin_size = sizeof(struct sockaddr_in);
-		int nfp = accept(sfp, (struct sockaddr *)(&c_add), &sin_size);
-		if(-1 == nfp)
-		{
-			printf("accept fail !\r\n");
-			return -1;
-		}
+int main() {
+    if (listen_port() != 0) {
+        return 1;
+    }
+    init_sasl();
+    while (1) {
+        sin_size = sizeof(struct sockaddr_in);
+        int nfp = accept(sfp, (struct sockaddr *)(&c_add), &sin_size);
+        if (-1 == nfp) {
+            printf("accept fail !\r\n");
+            return -1;
+        }
 
-		printf("accept ok!\nServer start get connect from %#x : %#x\n", ntohl(c_add.sin_addr.s_addr), ntohs(c_add.sin_port));
-		kClient *c = createClient(nfp);
-		readQuery(c);
-	}
-	close(sfp);
-	return 0;
+        printf("accept ok!\nServer start get connect from %#x : %#x\n", ntohl(c_add.sin_addr.s_addr), ntohs(c_add.sin_port));
+        kClient *c = createClient(nfp);
+        readQuery(c);
+    }
+    close(sfp);
+    return 0;
 }
-
-

server/env

@@ -1,3 +1,4 @@
 PWD=$(pwd)
 export KRB5_CONFIG=${PWD}/server/krb5.conf
 export KRB5CCNAME=/tmp/krb5cc_hadoop_1000
+export KRB5_KTNAME=${PWD}/server/hadoop.keytab