add kerberos
This commit is contained in:
parent
67c33ac1ec
commit
45ba21dbc0
@ -15,14 +15,16 @@ all: $(PROGRAM)
|
|||||||
@echo ""
|
@echo ""
|
||||||
|
|
||||||
client:sample-client.c
|
client:sample-client.c
|
||||||
$(CC) -c sample-client.c $(FINAL_FLAG)
|
$(CC) -g -c sample-client.c $(FINAL_FLAG)
|
||||||
$(CC) -o client sample-client.o $(FINAL_FLAG)
|
$(CC) -g -o client sample-client.o $(FINAL_FLAG)
|
||||||
|
rm *.o
|
||||||
|
|
||||||
server:sample-server.c
|
server:sample-server.c
|
||||||
$(CC) -c sample-server.c $(FINAL_FLAG)
|
$(CC) -g -c sample-server.c $(FINAL_FLAG)
|
||||||
$(CC) -o server sample-server.o $(FINAL_FLAG)
|
$(CC) -g -o server sample-server.o $(FINAL_FLAG)
|
||||||
|
rm *.o
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
rm *.o server client
|
rm server client
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
@ -13,17 +14,18 @@ char buf[SAMPLE_SEC_BUF_SIZE];
|
|||||||
|
|
||||||
static sasl_conn_t *conn = NULL;
|
static sasl_conn_t *conn = NULL;
|
||||||
const char *realm = "DOMAIN.COM";
|
const char *realm = "DOMAIN.COM";
|
||||||
const char *mech = "gssapi";
|
const char *mech = "GSSAPI";
|
||||||
const char *iplocal = "127.0.0.1";
|
const char *iplocal = "127.0.0.1";
|
||||||
const char *ipremote = "127.0.0.1";
|
const char *ipremote = "127.0.0.1";
|
||||||
char *searchpath = NULL;
|
char *searchpath = NULL;
|
||||||
const char *service = "zeekling";
|
const char *service = "zeekling";
|
||||||
|
const char *fqdn = "";
|
||||||
int cfd;
|
int cfd;
|
||||||
|
|
||||||
int init_sasl() {
|
int init_sasl() {
|
||||||
int result = sasl_client_init(NULL);
|
int result = sasl_client_init(NULL);
|
||||||
if (result != SASL_OK) {
|
if (result != SASL_OK) {
|
||||||
printf("Initializing libsasl");
|
printf("Initializing libsasl\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
@ -32,28 +34,60 @@ int init_sasl() {
|
|||||||
int connect_server() {
|
int connect_server() {
|
||||||
struct sockaddr_in s_add, c_add;
|
struct sockaddr_in s_add, c_add;
|
||||||
unsigned short portnum = 2345;
|
unsigned short portnum = 2345;
|
||||||
printf("Hello,welcome to client !\r\n");
|
printf("Hello,welcome to client !\n");
|
||||||
cfd = socket(AF_INET, SOCK_STREAM, 0);
|
cfd = socket(AF_INET, SOCK_STREAM, 0);
|
||||||
if(-1 == cfd) {
|
if(-1 == cfd) {
|
||||||
printf("socket fail ! \r\n");
|
printf("socket fail ! \n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
printf("socket ok !\r\n");
|
printf("socket ok !\n");
|
||||||
bzero(&s_add, sizeof(struct sockaddr_in));
|
bzero(&s_add, sizeof(struct sockaddr_in));
|
||||||
s_add.sin_family = AF_INET;
|
s_add.sin_family = AF_INET;
|
||||||
s_add.sin_addr.s_addr = inet_addr("127.0.0.1");
|
s_add.sin_addr.s_addr = inet_addr("127.0.0.1");
|
||||||
s_add.sin_port = htons(portnum);
|
s_add.sin_port = htons(portnum);
|
||||||
|
|
||||||
if(-1 == connect(cfd,(struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
|
if(-1 == connect(cfd,(struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
|
||||||
printf("connect fail !\r\n");
|
printf("connect fail !\n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
printf("connect ok !\r\n");
|
printf("connect ok !\n");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int auth_sever() {
|
int auth_sever() {
|
||||||
|
int result = sasl_client_new("sample", fqdn, "127.0.0.1",
|
||||||
|
"127.0.0.1", NULL, 0, &conn);
|
||||||
|
if (result != SASL_OK) {
|
||||||
|
printf("client new client failed\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
char *data = NULL;
|
||||||
|
unsigned len = 0;
|
||||||
|
result = sasl_client_start(conn, mech, NULL, &data, &len, &mech);
|
||||||
|
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||||
|
printf("client auth start failed error:%s\n", sasl_errdetail(conn));
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
while (1) {
|
||||||
|
//todo 多次认证
|
||||||
|
printf("write data %s, %d", data, len);
|
||||||
|
if(-1 == write(cfd, data, len)) {
|
||||||
|
printf("write failed\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
int recbytes = 0;
|
||||||
|
char *buffer = NULL;
|
||||||
|
if (read(recbytes = read(cfd, buffer, 1024)) == -1) {
|
||||||
|
printf("read error\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
printf("receive %s %d", buffer, recbytes);
|
||||||
|
result = sasl_client_step(conn, buffer, recbytes, NULL, &data, &len);
|
||||||
|
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||||
|
printf("auth failed, %s\n", sasl_errdetail(conn));
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -63,7 +97,6 @@ int main() {
|
|||||||
const char *chosenmech;
|
const char *chosenmech;
|
||||||
int serverlast = 0;
|
int serverlast = 0;
|
||||||
unsigned len;
|
unsigned len;
|
||||||
const char *fqdn = "";
|
|
||||||
char *userid = NULL;
|
char *userid = NULL;
|
||||||
char *authid = NULL;
|
char *authid = NULL;
|
||||||
|
|
||||||
@ -81,18 +114,20 @@ int main() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if(-1 == (recbytes = read(cfd, buffer, 1024))) {
|
if(-1 == (recbytes = read(cfd, buffer, 1024))) {
|
||||||
printf("read data fail !\r\n");
|
printf("read data fail !\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (strcmp(buffer, "need_auth") == 0 && auth_sever() != 0) {
|
if (strcmp(buffer, "need_auth") == 0 && auth_sever() != 0) {
|
||||||
printf("auth failed");
|
printf("auth failed\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
printf("auth ok\r\nREC:\r\n");
|
printf("auth ok\nREC:\n");
|
||||||
|
|
||||||
buffer[recbytes]='\0';
|
buffer[recbytes]='\0';
|
||||||
printf("%s\r\n",buffer);
|
printf("%s\n",buffer);
|
||||||
|
|
||||||
|
auth_sever();
|
||||||
|
|
||||||
getchar();
|
getchar();
|
||||||
close(cfd);
|
close(cfd);
|
||||||
|
@ -69,7 +69,7 @@ int auth_client(kClient *c) {
|
|||||||
int recbytes;
|
int recbytes;
|
||||||
char buffer[1024]={0};
|
char buffer[1024]={0};
|
||||||
if ((recbytes = read(c->fp, buffer, 1024)) == -1) {
|
if ((recbytes = read(c->fp, buffer, 1024)) == -1) {
|
||||||
printf("read failed");
|
printf("read failed\n");
|
||||||
close(c->fp);
|
close(c->fp);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -78,22 +78,23 @@ int auth_client(kClient *c) {
|
|||||||
unsigned len = 0;
|
unsigned len = 0;
|
||||||
int result = sasl_server_start(c->conn, mech, buffer, recbytes, &out, &len);
|
int result = sasl_server_start(c->conn, mech, buffer, recbytes, &out, &len);
|
||||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||||
printf("auth failed ");
|
printf("auth failed ,%s\n", sasl_errdetail(c->conn));
|
||||||
write(c->fp, "auth failed", 11);
|
write(c->fp, "auth failed\n", 11);
|
||||||
close(c->fp);
|
close(c->fp);
|
||||||
}
|
}
|
||||||
while (result == SASL_CONTINUE) {
|
while (result == SASL_CONTINUE) {
|
||||||
if (write(c->fp, out, len) == -1) {
|
if (write(c->fp, out, len) == -1) {
|
||||||
printf("write failed");
|
printf("write failed\n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if (recbytes = read(c->fp, buffer, 1024)) {
|
if (recbytes = read(c->fp, buffer, 1024)) {
|
||||||
printf("write failed");
|
printf("write failed\n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
result = sasl_server_step(c->conn, buffer, recbytes, &out, &len);
|
result = sasl_server_step(c->conn, buffer, recbytes, &out, &len);
|
||||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||||
write(c->fp, "auth failed", 11);
|
printf("auth failed ,%s\n", sasl_errdetail(c->conn));
|
||||||
|
write(c->fp, "auth failed\n", 11);
|
||||||
close(c->fp);
|
close(c->fp);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user