add kerberos #3
@ -12,12 +12,12 @@
|
|||||||
char buf[SAMPLE_SEC_BUF_SIZE];
|
char buf[SAMPLE_SEC_BUF_SIZE];
|
||||||
|
|
||||||
static sasl_conn_t *conn = NULL;
|
static sasl_conn_t *conn = NULL;
|
||||||
char *realm = "DOMAIN.COM";
|
const char *realm = "DOMAIN.COM";
|
||||||
char *mech = "gssapi";
|
const char *mech = "gssapi";
|
||||||
char *iplocal = "127.0.0.1";
|
const char *iplocal = "127.0.0.1";
|
||||||
char *ipremote = "127.0.0.1";
|
const char *ipremote = "127.0.0.1";
|
||||||
char *searchpath = NULL;
|
char *searchpath = NULL;
|
||||||
char *service = "zeekling";
|
const char *service = "zeekling";
|
||||||
int cfd;
|
int cfd;
|
||||||
|
|
||||||
int init_sasl() {
|
int init_sasl() {
|
||||||
@ -63,7 +63,7 @@ int main() {
|
|||||||
const char *chosenmech;
|
const char *chosenmech;
|
||||||
int serverlast = 0;
|
int serverlast = 0;
|
||||||
unsigned len;
|
unsigned len;
|
||||||
char *fqdn = "";
|
const char *fqdn = "";
|
||||||
char *userid = NULL;
|
char *userid = NULL;
|
||||||
char *authid = NULL;
|
char *authid = NULL;
|
||||||
|
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
@ -6,7 +8,7 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <sasl/sasl.h>
|
#include <sasl/sasl.h>
|
||||||
|
|
||||||
int sfp; /* 定义两个描述符 */
|
int sfp;
|
||||||
struct sockaddr_in s_add,c_add;
|
struct sockaddr_in s_add,c_add;
|
||||||
int sin_size;
|
int sin_size;
|
||||||
|
|
||||||
@ -14,10 +16,11 @@ typedef struct kClient {
|
|||||||
int fp;
|
int fp;
|
||||||
int auth_complete;
|
int auth_complete;
|
||||||
int begin_auth;
|
int begin_auth;
|
||||||
|
sasl_conn_t *conn;
|
||||||
} kClient;
|
} kClient;
|
||||||
|
|
||||||
int listen_port() {
|
int listen_port() {
|
||||||
unsigned short portnum=2345; /* 服务端使用端口 */
|
unsigned short portnum=2345;
|
||||||
|
|
||||||
sfp = socket(AF_INET, SOCK_STREAM, 0);
|
sfp = socket(AF_INET, SOCK_STREAM, 0);
|
||||||
if(-1 == sfp) {
|
if(-1 == sfp) {
|
||||||
@ -50,12 +53,51 @@ kClient *createClient(int fp) {
|
|||||||
kClient *c = malloc(sizeof(kClient));
|
kClient *c = malloc(sizeof(kClient));
|
||||||
c->fp = fp;
|
c->fp = fp;
|
||||||
c->auth_complete = -1;
|
c->auth_complete = -1;
|
||||||
c->begin_auth = -1;
|
c->begin_auth = 0;
|
||||||
|
c->conn = NULL;
|
||||||
return c;
|
return c;
|
||||||
}
|
}
|
||||||
|
|
||||||
int auth_client(kClient *c) {
|
int auth_client(kClient *c) {
|
||||||
|
if (!c->begin_auth && sasl_server_new("sample", "DOMAIN.COM",
|
||||||
|
"DOMAIN.COM", "127.0.0.1", "127.0.0.1", NULL,
|
||||||
|
0, &c->conn) == SASL_OK) {
|
||||||
|
printf("Allocating sasl connection state");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
const char *mech = "GSSAPI";
|
||||||
|
int recbytes;
|
||||||
|
char buffer[1024]={0};
|
||||||
|
if ((recbytes = read(c->fp, buffer, 1024)) == -1) {
|
||||||
|
printf("read failed");
|
||||||
|
close(c->fp);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
buffer[recbytes] = '\0';
|
||||||
|
char *out;
|
||||||
|
unsigned len = 0;
|
||||||
|
int result = sasl_server_start(c->conn, mech, buffer, recbytes, &out, &len);
|
||||||
|
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||||
|
printf("auth failed ");
|
||||||
|
write(c->fp, "auth failed", 11);
|
||||||
|
close(c->fp);
|
||||||
|
}
|
||||||
|
while (result == SASL_CONTINUE) {
|
||||||
|
if (write(c->fp, out, len) == -1) {
|
||||||
|
printf("write failed");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
if (recbytes = read(c->fp, buffer, 1024)) {
|
||||||
|
printf("write failed");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
result = sasl_server_step(c->conn, buffer, recbytes, &out, &len);
|
||||||
|
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||||
|
write(c->fp, "auth failed", 11);
|
||||||
|
close(c->fp);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -113,7 +155,7 @@ int main()
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
printf("accept ok!\r\nServer start get connect from %#x : %#x\r\n",ntohl(c_add.sin_addr.s_addr),ntohs(c_add.sin_port));
|
printf("accept ok!\nServer start get connect from %#x : %#x\n", ntohl(c_add.sin_addr.s_addr), ntohs(c_add.sin_port));
|
||||||
kClient *c = createClient(nfp);
|
kClient *c = createClient(nfp);
|
||||||
readQuery(c);
|
readQuery(c);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user