add kerberos

This commit is contained in:
LingZhaoHui 2022-03-20 22:14:30 +08:00
parent 67c33ac1ec
commit 45ba21dbc0
3 changed files with 73 additions and 35 deletions

View File

@ -15,14 +15,16 @@ all: $(PROGRAM)
@echo "" @echo ""
client:sample-client.c client:sample-client.c
$(CC) -c sample-client.c $(FINAL_FLAG) $(CC) -g -c sample-client.c $(FINAL_FLAG)
$(CC) -o client sample-client.o $(FINAL_FLAG) $(CC) -g -o client sample-client.o $(FINAL_FLAG)
rm *.o
server:sample-server.c server:sample-server.c
$(CC) -c sample-server.c $(FINAL_FLAG) $(CC) -g -c sample-server.c $(FINAL_FLAG)
$(CC) -o server sample-server.o $(FINAL_FLAG) $(CC) -g -o server sample-server.o $(FINAL_FLAG)
rm *.o
clean: clean:
rm *.o server client rm server client

View File

@ -1,3 +1,4 @@
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
@ -13,17 +14,18 @@ char buf[SAMPLE_SEC_BUF_SIZE];
static sasl_conn_t *conn = NULL; static sasl_conn_t *conn = NULL;
const char *realm = "DOMAIN.COM"; const char *realm = "DOMAIN.COM";
const char *mech = "gssapi"; const char *mech = "GSSAPI";
const char *iplocal = "127.0.0.1"; const char *iplocal = "127.0.0.1";
const char *ipremote = "127.0.0.1"; const char *ipremote = "127.0.0.1";
char *searchpath = NULL; char *searchpath = NULL;
const char *service = "zeekling"; const char *service = "zeekling";
const char *fqdn = "";
int cfd; int cfd;
int init_sasl() { int init_sasl() {
int result = sasl_client_init(NULL); int result = sasl_client_init(NULL);
if (result != SASL_OK) { if (result != SASL_OK) {
printf("Initializing libsasl"); printf("Initializing libsasl\n");
return -1; return -1;
} }
return 0; return 0;
@ -32,38 +34,69 @@ int init_sasl() {
int connect_server() { int connect_server() {
struct sockaddr_in s_add, c_add; struct sockaddr_in s_add, c_add;
unsigned short portnum = 2345; unsigned short portnum = 2345;
printf("Hello,welcome to client !\r\n"); printf("Hello,welcome to client !\n");
cfd = socket(AF_INET, SOCK_STREAM, 0); cfd = socket(AF_INET, SOCK_STREAM, 0);
if(-1 == cfd) { if(-1 == cfd) {
printf("socket fail ! \r\n"); printf("socket fail ! \n");
return 1;
}
printf("socket ok !\r\n");
bzero(&s_add,sizeof(struct sockaddr_in));
s_add.sin_family=AF_INET;
s_add.sin_addr.s_addr= inet_addr("127.0.0.1");
s_add.sin_port=htons(portnum);
if(-1 == connect(cfd,(struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
printf("connect fail !\r\n");
return 1; return 1;
} }
printf("connect ok !\r\n"); printf("socket ok !\n");
bzero(&s_add, sizeof(struct sockaddr_in));
s_add.sin_family = AF_INET;
s_add.sin_addr.s_addr = inet_addr("127.0.0.1");
s_add.sin_port = htons(portnum);
if(-1 == connect(cfd,(struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
printf("connect fail !\n");
return 1;
}
printf("connect ok !\n");
return 0; return 0;
} }
int auth_sever() { int auth_sever() {
int result = sasl_client_new("sample", fqdn, "127.0.0.1",
"127.0.0.1", NULL, 0, &conn);
if (result != SASL_OK) {
printf("client new client failed\n");
return 1;
}
char *data = NULL;
unsigned len = 0;
result = sasl_client_start(conn, mech, NULL, &data, &len, &mech);
if (result != SASL_OK && result != SASL_CONTINUE) {
printf("client auth start failed error:%s\n", sasl_errdetail(conn));
return 1;
}
while (1) {
//todo 多次认证
printf("write data %s, %d", data, len);
if(-1 == write(cfd, data, len)) {
printf("write failed\n");
return 1;
}
int recbytes = 0;
char *buffer = NULL;
if (read(recbytes = read(cfd, buffer, 1024)) == -1) {
printf("read error\n");
return 1;
}
printf("receive %s %d", buffer, recbytes);
result = sasl_client_step(conn, buffer, recbytes, NULL, &data, &len);
if (result != SASL_OK && result != SASL_CONTINUE) {
printf("auth failed, %s\n", sasl_errdetail(conn));
return 1;
}
}
return 0; return 0;
} }
int main() { int main() {
int result; int result;
const char *data; const char *data;
const char *chosenmech; const char *chosenmech;
int serverlast = 0; int serverlast = 0;
unsigned len; unsigned len;
const char *fqdn = "";
char *userid = NULL; char *userid = NULL;
char *authid = NULL; char *authid = NULL;
@ -81,18 +114,20 @@ int main() {
} }
if(-1 == (recbytes = read(cfd, buffer, 1024))) { if(-1 == (recbytes = read(cfd, buffer, 1024))) {
printf("read data fail !\r\n"); printf("read data fail !\n");
return -1; return -1;
} }
if (strcmp(buffer, "need_auth") == 0 && auth_sever() != 0) { if (strcmp(buffer, "need_auth") == 0 && auth_sever() != 0) {
printf("auth failed"); printf("auth failed\n");
return -1; return -1;
} }
printf("auth ok\r\nREC:\r\n"); printf("auth ok\nREC:\n");
buffer[recbytes]='\0'; buffer[recbytes]='\0';
printf("%s\r\n",buffer); printf("%s\n",buffer);
auth_sever();
getchar(); getchar();
close(cfd); close(cfd);

View File

@ -69,7 +69,7 @@ int auth_client(kClient *c) {
int recbytes; int recbytes;
char buffer[1024]={0}; char buffer[1024]={0};
if ((recbytes = read(c->fp, buffer, 1024)) == -1) { if ((recbytes = read(c->fp, buffer, 1024)) == -1) {
printf("read failed"); printf("read failed\n");
close(c->fp); close(c->fp);
return 1; return 1;
} }
@ -78,22 +78,23 @@ int auth_client(kClient *c) {
unsigned len = 0; unsigned len = 0;
int result = sasl_server_start(c->conn, mech, buffer, recbytes, &out, &len); int result = sasl_server_start(c->conn, mech, buffer, recbytes, &out, &len);
if (result != SASL_OK && result != SASL_CONTINUE) { if (result != SASL_OK && result != SASL_CONTINUE) {
printf("auth failed "); printf("auth failed ,%s\n", sasl_errdetail(c->conn));
write(c->fp, "auth failed", 11); write(c->fp, "auth failed\n", 11);
close(c->fp); close(c->fp);
} }
while (result == SASL_CONTINUE) { while (result == SASL_CONTINUE) {
if (write(c->fp, out, len) == -1) { if (write(c->fp, out, len) == -1) {
printf("write failed"); printf("write failed\n");
return 1; return 1;
} }
if (recbytes = read(c->fp, buffer, 1024)) { if (recbytes = read(c->fp, buffer, 1024)) {
printf("write failed"); printf("write failed\n");
return 1; return 1;
} }
result = sasl_server_step(c->conn, buffer, recbytes, &out, &len); result = sasl_server_step(c->conn, buffer, recbytes, &out, &len);
if (result != SASL_OK && result != SASL_CONTINUE) { if (result != SASL_OK && result != SASL_CONTINUE) {
write(c->fp, "auth failed", 11); printf("auth failed ,%s\n", sasl_errdetail(c->conn));
write(c->fp, "auth failed\n", 11);
close(c->fp); close(c->fp);
return 1; return 1;
} }