diff --git a/.gitignore b/.gitignore index 241aed2..cbe778b 100644 --- a/.gitignore +++ b/.gitignore @@ -176,5 +176,6 @@ cython_debug/ a.out *.out *.o -sample/sample_server -sample/sample_client +sample/server +sample/client +sample/core diff --git a/sample/.clang-format b/sample/.clang-format new file mode 100644 index 0000000..e295476 --- /dev/null +++ b/sample/.clang-format @@ -0,0 +1,213 @@ +# 语言: None, Cpp, Java, JavaScript, ObjC, Proto, TableGen, TextProto +Language: Cpp +# BasedOnStyle: LLVM + +# 访问说明符(public、private等)的偏移 +AccessModifierOffset: -4 + +# 开括号(开圆括号、开尖括号、开方括号)后的对齐: Align, DontAlign, AlwaysBreak(总是在开括号后换行) +AlignAfterOpenBracket: Align + +# 连续赋值时,对齐所有等号 +AlignConsecutiveAssignments: false + +# 连续声明时,对齐所有声明的变量名 +AlignConsecutiveDeclarations: false + +# 右对齐逃脱换行(使用反斜杠换行)的反斜杠 +AlignEscapedNewlines: Right + +# 水平对齐二元和三元表达式的操作数 +AlignOperands: true + +# 对齐连续的尾随的注释 +AlignTrailingComments: true + +# 不允许函数声明的所有参数在放在下一行 +AllowAllParametersOfDeclarationOnNextLine: false + +# 不允许短的块放在同一行 +AllowShortBlocksOnASingleLine: true + +# 允许短的case标签放在同一行 +AllowShortCaseLabelsOnASingleLine: true + +# 允许短的函数放在同一行: None, InlineOnly(定义在类中), Empty(空函数), Inline(定义在类中,空函数), All +AllowShortFunctionsOnASingleLine: None + +# 允许短的if语句保持在同一行 +AllowShortIfStatementsOnASingleLine: true + +# 允许短的循环保持在同一行 +AllowShortLoopsOnASingleLine: true + +# 总是在返回类型后换行: None, All, TopLevel(顶级函数,不包括在类中的函数), +# AllDefinitions(所有的定义,不包括声明), TopLevelDefinitions(所有的顶级函数的定义) +AlwaysBreakAfterReturnType: None + +# 总是在多行string字面量前换行 +AlwaysBreakBeforeMultilineStrings: false + +# 总是在template声明后换行 +AlwaysBreakTemplateDeclarations: true + +# false表示函数实参要么都在同一行,要么都各自一行 +BinPackArguments: true + +# false表示所有形参要么都在同一行,要么都各自一行 +BinPackParameters: true + +# 大括号换行,只有当BreakBeforeBraces设置为Custom时才有效 +BraceWrapping: + # class定义后面 + AfterClass: false + # 控制语句后面 + AfterControlStatement: false + # enum定义后面 + AfterEnum: false + # 函数定义后面 + AfterFunction: false + # 命名空间定义后面 + AfterNamespace: false + # struct定义后面 + AfterStruct: false + # union定义后面 + AfterUnion: false + # extern之后 + AfterExternBlock: false + # catch之前 + BeforeCatch: false + # else之前 + BeforeElse: false + # 缩进大括号 + IndentBraces: false + # 分离空函数 + SplitEmptyFunction: false + # 分离空语句 + SplitEmptyRecord: false + # 分离空命名空间 + SplitEmptyNamespace: false + +# 在二元运算符前换行: None(在操作符后换行), NonAssignment(在非赋值的操作符前换行), All(在操作符前换行) +BreakBeforeBinaryOperators: NonAssignment + +# 在大括号前换行: Attach(始终将大括号附加到周围的上下文), Linux(除函数、命名空间和类定义,与Attach类似), +# Mozilla(除枚举、函数、记录定义,与Attach类似), Stroustrup(除函数定义、catch、else,与Attach类似), +# Allman(总是在大括号前换行), GNU(总是在大括号前换行,并对于控制语句的大括号增加额外的缩进), WebKit(在函数前换行), Custom +# 注:这里认为语句块也属于函数 +BreakBeforeBraces: Custom + +# 在三元运算符前换行 +BreakBeforeTernaryOperators: false + +# 在构造函数的初始化列表的冒号后换行 +BreakConstructorInitializers: AfterColon + +#BreakInheritanceList: AfterColon + +BreakStringLiterals: false + +# 每行字符的限制,0表示没有限制 +ColumnLimit: 0 + +CompactNamespaces: true + +# 构造函数的初始化列表要么都在同一行,要么都各自一行 +ConstructorInitializerAllOnOneLineOrOnePerLine: false + +# 构造函数的初始化列表的缩进宽度 +ConstructorInitializerIndentWidth: 4 + +# 延续的行的缩进宽度 +ContinuationIndentWidth: 4 + +# 去除C++11的列表初始化的大括号{后和}前的空格 +Cpp11BracedListStyle: true + +# 继承最常用的指针和引用的对齐方式 +DerivePointerAlignment: false + +# 固定命名空间注释 +FixNamespaceComments: true + +# 缩进case标签 +IndentCaseLabels: false + +IndentPPDirectives: None + +# 缩进宽度 +IndentWidth: 4 + +# 函数返回类型换行时,缩进函数声明或函数定义的函数名 +IndentWrappedFunctionNames: false + +# 保留在块开始处的空行 +KeepEmptyLinesAtTheStartOfBlocks: false + +# 连续空行的最大数量 +MaxEmptyLinesToKeep: 1 + +# 命名空间的缩进: None, Inner(缩进嵌套的命名空间中的内容), All +NamespaceIndentation: None + +# 指针和引用的对齐: Left, Right, Middle +PointerAlignment: Right + +# 允许重新排版注释 +ReflowComments: true + +# 允许排序#include +SortIncludes: false + +# 允许排序 using 声明 +SortUsingDeclarations: false + +# 在C风格类型转换后添加空格 +SpaceAfterCStyleCast: false + +# 在Template 关键字后面添加空格 +SpaceAfterTemplateKeyword: true + +# 在赋值运算符之前添加空格 +SpaceBeforeAssignmentOperators: true + +# SpaceBeforeCpp11BracedList: true + +# SpaceBeforeCtorInitializerColon: true + +# SpaceBeforeInheritanceColon: true + +# 开圆括号之前添加一个空格: Never, ControlStatements, Always +SpaceBeforeParens: ControlStatements + +# SpaceBeforeRangeBasedForLoopColon: true + +# 在空的圆括号中添加空格 +SpaceInEmptyParentheses: false + +# 在尾随的评论前添加的空格数(只适用于//) +SpacesBeforeTrailingComments: 1 + +# 在尖括号的<后和>前添加空格 +SpacesInAngles: false + +# 在C风格类型转换的括号中添加空格 +SpacesInCStyleCastParentheses: false + +# 在容器(ObjC和JavaScript的数组和字典等)字面量中添加空格 +SpacesInContainerLiterals: true + +# 在圆括号的(后和)前添加空格 +SpacesInParentheses: false + +# 在方括号的[后和]前添加空格,lamda表达式和未指明大小的数组的声明不受影响 +SpacesInSquareBrackets: false + +# 标准: Cpp03, Cpp11, Auto +Standard: Cpp11 + +# tab宽度 +TabWidth: 4 + +# 使用tab字符: Never, ForIndentation, ForContinuationAndIndentation, Always +UseTab: Never \ No newline at end of file diff --git a/sample/Makefile b/sample/Makefile index 389544f..4a32714 100644 --- a/sample/Makefile +++ b/sample/Makefile @@ -1,7 +1,7 @@ CC=gcc -PROGRAM=sample_client sample_server +PROGRAM=client server LIBSSL_LIBS=-lsasl2 @@ -14,17 +14,17 @@ all: $(PROGRAM) @echo "build seccess!" @echo "" -sample_client:sample-client.c +client:sample-client.c $(CC) -g -c sample-client.c $(FINAL_FLAG) - $(CC) -g -o sample_client sample-client.o $(FINAL_FLAG) + $(CC) -g -o client sample-client.o $(FINAL_FLAG) rm *.o -sample_server:sample-server.c +server:sample-server.c $(CC) -g -c sample-server.c $(FINAL_FLAG) - $(CC) -g -o sample_server sample-server.o $(FINAL_FLAG) + $(CC) -g -o server sample-server.o $(FINAL_FLAG) rm *.o clean: - rm sample_server sample_client + rm server client diff --git a/sample/sample-client.c b/sample/sample-client.c index 694b1e2..5077ef1 100644 --- a/sample/sample-client.c +++ b/sample/sample-client.c @@ -1,141 +1,166 @@ - #include #include #include +#include #include #include #include #include -#include #define SAMPLE_SEC_BUF_SIZE (2048) char buf[SAMPLE_SEC_BUF_SIZE]; static sasl_conn_t *conn = NULL; -const char *realm = "DOMAIN.COM"; +const char *realm = "TEST.COM"; const char *mech = "GSSAPI"; const char *iplocal = "127.0.0.1"; const char *ipremote = "127.0.0.1"; char *searchpath = NULL; -const char *service = "zeekling"; -const char *fqdn = ""; +const char *service = "server"; +const char *fqdn = "hadoop.test.com"; int cfd; int init_sasl() { - int result = sasl_client_init(NULL); - if (result != SASL_OK) { - printf("Initializing libsasl\n"); - return -1; - } - return 0; + int result = sasl_client_init(NULL); + if (result != SASL_OK) { + printf("Initializing libsasl\n"); + return -1; + } + printf("sasl_client_init ok\n"); + return 0; } int connect_server() { - struct sockaddr_in s_add, c_add; - unsigned short portnum = 2345; - printf("Hello,welcome to client !\n"); - cfd = socket(AF_INET, SOCK_STREAM, 0); - if(-1 == cfd) { - printf("socket fail ! \n"); - return 1; - } - printf("socket ok !\n"); - bzero(&s_add, sizeof(struct sockaddr_in)); - s_add.sin_family = AF_INET; - s_add.sin_addr.s_addr = inet_addr("127.0.0.1"); - s_add.sin_port = htons(portnum); + struct sockaddr_in s_add, c_add; + unsigned short portnum = 2345; + printf("Hello,welcome to client !\n"); + cfd = socket(AF_INET, SOCK_STREAM, 0); + if (-1 == cfd) { + printf("socket fail ! \n"); + return 1; + } + printf("socket ok !\n"); + bzero(&s_add, sizeof(struct sockaddr_in)); + s_add.sin_family = AF_INET; + s_add.sin_addr.s_addr = inet_addr("127.0.0.1"); + s_add.sin_port = htons(portnum); - if(-1 == connect(cfd,(struct sockaddr *)(&s_add), sizeof(struct sockaddr))) { - printf("connect fail !\n"); - return 1; - } - printf("connect ok !\n"); - return 0; + if (-1 == connect(cfd, (struct sockaddr *)(&s_add), sizeof(struct sockaddr))) { + printf("connect fail !\n"); + return 1; + } + printf("connect ok !\n"); + return 0; +} + +int readTicket(char *ticket) { + char len_str[10] = {0}; + int recbytes; + if (-1 == (recbytes = read(cfd, len_str, 10))) { + printf("read len fail !\n"); + close(cfd); + return 0; + } + char buffer[1024] = {0}; + int len = atoi(len_str); + printf("read len=%s\n", len_str); + if (-1 == (recbytes = read(cfd, ticket, len))) { + printf("read data fail !\n"); + close(cfd); + return 0; + } + return len; + +} + +void writeTicket(char *data, unsigned len) { + char len_str[10] = {0}; + sprintf(len_str, "%d", len); + if (-1 == write(cfd, len_str, 10)) { + printf("write failed\n"); + return 1; + } + if (-1 == write(cfd, data, len)) { + printf("write failed\n"); + return 1; + } } int auth_sever() { - int result = sasl_client_new("sample", fqdn, "127.0.0.1", - "127.0.0.1", NULL, 0, &conn); - if (result != SASL_OK) { - printf("client new client failed\n"); - return 1; - } - char *data = NULL; - unsigned len = 0; - result = sasl_client_start(conn, mech, NULL, &data, &len, &mech); - if (result != SASL_OK && result != SASL_CONTINUE) { - printf("client auth start failed error:%s\n", sasl_errdetail(conn)); - return 1; - } - while (1) { - //todo 多次认证 - printf("write data %s, %d", data, len); - if(-1 == write(cfd, data, len)) { - printf("write failed\n"); - return 1; - } - int recbytes = 0; - char *buffer = NULL; - if (read(recbytes = read(cfd, buffer, 1024)) == -1) { - printf("read error\n"); - return 1; - } - printf("receive %s %d", buffer, recbytes); - result = sasl_client_step(conn, buffer, recbytes, NULL, &data, &len); - if (result != SASL_OK && result != SASL_CONTINUE) { - printf("auth failed, %s\n", sasl_errdetail(conn)); - return 1; - } - } - return 0; + printf("begin auth\n"); + int result = sasl_client_new("server", fqdn, NULL, NULL, NULL, 0, &conn); + if (result != SASL_OK) { + printf("client new client failed\n"); + return 1; + } + char data[1024] = {0}; + unsigned len = 0; + printf("begin sasl_client_start\n"); + result = sasl_client_start(conn, mech, NULL, &data, &len, &mech); + if (result != SASL_OK && result != SASL_CONTINUE) { + printf("client auth start failed error:%s\n", sasl_errdetail(conn)); + return 1; + } + //data[len] = '\0'; + printf("sasl_client_start ok: ticket=%s, len=%d\n", data, len); + while (1) { + char len_str[10] = {0}; + writeTicket(data, len); + char *buffer; + int size = readTicket(buffer); + + result = sasl_client_step(conn, buffer, size, NULL, &data, &len); + if (result != SASL_OK && result != SASL_CONTINUE) { + printf("auth failed, %s\n", sasl_errdetail(conn)); + return 1; + } + } + return 0; } int main() { - int result; - const char *data; - const char *chosenmech; - int serverlast = 0; - unsigned len; - char *userid = NULL; - char *authid = NULL; + int result; + const char *data; + const char *chosenmech; + int serverlast = 0; + unsigned len; + char *userid = NULL; + char *authid = NULL; - int recbytes; - int sin_size; - char buffer[1024]={0}; + int recbytes; + int sin_size; + char buffer[1024] = {0}; - if (connect_server() != 0) - { - return 1; - } + if (connect_server() != 0) { + return 1; + } - if (init_sasl() != 0) { - return 1; - } + if (init_sasl() != 0) { + return 1; + } - if(-1 == (recbytes = read(cfd, buffer, 1024))) { - printf("read data fail !\n"); - return -1; - } + if (-1 == (recbytes = read(cfd, buffer, 1024))) { + printf("read data fail !\n"); + return -1; + } - if (strcmp(buffer, "need_auth") == 0 && auth_sever() != 0) { - printf("auth failed\n"); - return -1; - } - printf("auth ok\nREC:\n"); + if (strcmp(buffer, "need_auth") == 0 && auth_sever() != 0) { + printf("auth failed\n"); + return -1; + } + printf("auth ok\nREC:\n"); - buffer[recbytes]='\0'; - printf("%s\n",buffer); + buffer[recbytes] = '\0'; + printf("%s\n", buffer); - auth_sever(); + auth_sever(); - getchar(); - close(cfd); + getchar(); + close(cfd); - if (init_sasl() != 0) { - return 1; - } - return 0; + if (init_sasl() != 0) { + return 1; + } + return 0; } - - diff --git a/sample/sample-server.c b/sample/sample-server.c index c27b377..c942779 100644 --- a/sample/sample-server.c +++ b/sample/sample-server.c @@ -9,159 +9,169 @@ #include int sfp; -struct sockaddr_in s_add,c_add; +struct sockaddr_in s_add, c_add; int sin_size; +char *server = "server"; + typedef struct kClient { - int fp; - int auth_complete; - int begin_auth; - sasl_conn_t *conn; + int fp; + int auth_complete; + int begin_auth; + sasl_conn_t *conn; } kClient; int listen_port() { - unsigned short portnum=2345; + unsigned short portnum = 2345; - sfp = socket(AF_INET, SOCK_STREAM, 0); - if(-1 == sfp) { - printf("socket fail ! \n"); - return -1; - } + sfp = socket(AF_INET, SOCK_STREAM, 0); + if (-1 == sfp) { + printf("socket fail ! \n"); + return -1; + } - /* 填充服务器端口地址信息,以便下面使用此地址和端口监听 */ - bzero(&s_add,sizeof(struct sockaddr_in)); - s_add.sin_family=AF_INET; - s_add.sin_addr.s_addr=htonl(INADDR_ANY); /* 这里地址使用全0,即所有 */ - s_add.sin_port=htons(portnum); - /* 使用bind进行绑定端口 */ - if(-1 == bind(sfp,(struct sockaddr *)(&s_add), sizeof(struct sockaddr))) - { - printf("bind fail !\n"); - return -1; - } - /* 开始监听相应的端口 */ - if(-1 == listen(sfp,5)) - { - printf("listen fail !\n"); - return -1; - } - printf("Hello,welcome to my server !\n"); - return 0; + /* 填充服务器端口地址信息,以便下面使用此地址和端口监听 */ + bzero(&s_add, sizeof(struct sockaddr_in)); + s_add.sin_family = AF_INET; + s_add.sin_addr.s_addr = htonl(INADDR_ANY); /* 这里地址使用全0,即所有 */ + s_add.sin_port = htons(portnum); + /* 使用bind进行绑定端口 */ + if (-1 == bind(sfp, (struct sockaddr *)(&s_add), sizeof(struct sockaddr))) { + printf("bind fail !\n"); + return -1; + } + /* 开始监听相应的端口 */ + if (-1 == listen(sfp, 5)) { + printf("listen fail !\n"); + return -1; + } + printf("Hello,welcome to my server !\n"); + return 0; } kClient *createClient(int fp) { - kClient *c = malloc(sizeof(kClient)); - c->fp = fp; - c->auth_complete = -1; - c->begin_auth = 0; - c->conn = NULL; - return c; + kClient *c = malloc(sizeof(kClient)); + c->fp = fp; + c->auth_complete = -1; + c->begin_auth = 0; + c->conn = NULL; + return c; } int auth_client(kClient *c) { - if (!c->begin_auth && sasl_server_new("sample", "DOMAIN.COM", - "DOMAIN.COM", "127.0.0.1", "127.0.0.1", NULL, - 0, &c->conn) == SASL_OK) { - printf("Allocating sasl connection state"); - return 1; - } - const char *mech = "GSSAPI"; - int recbytes; - char buffer[1024]={0}; - if ((recbytes = read(c->fp, buffer, 1024)) == -1) { - printf("read failed\n"); - close(c->fp); - return 1; - } - buffer[recbytes] = '\0'; - char *out; - unsigned len = 0; - int result = sasl_server_start(c->conn, mech, buffer, recbytes, &out, &len); - if (result != SASL_OK && result != SASL_CONTINUE) { - printf("auth failed ,%s\n", sasl_errdetail(c->conn)); - write(c->fp, "auth failed\n", 11); - close(c->fp); - } - while (result == SASL_CONTINUE) { - if (write(c->fp, out, len) == -1) { - printf("write failed\n"); - return 1; - } - if (recbytes = read(c->fp, buffer, 1024)) { - printf("write failed\n"); - return 1; - } - result = sasl_server_step(c->conn, buffer, recbytes, &out, &len); - if (result != SASL_OK && result != SASL_CONTINUE) { - printf("auth failed ,%s\n", sasl_errdetail(c->conn)); - write(c->fp, "auth failed\n", 11); - close(c->fp); - return 1; - } - } - return 0; + if (!c->begin_auth) { + int result = sasl_server_new(server, "hadoop.test.com", "TEST.COM", NULL, NULL, NULL, 0, &c->conn); + if (result != SASL_OK) { + printf("Allocating sasl connection state, %s\n", sasl_errdetail(c->conn)); + return 1; + } + } + + const char *mech = "GSSAPI"; + char buffer[1024] = {0}; + int client_len = readTicket(c, buffer); + char *out; + unsigned len = 0; + buffer[client_len] = '\n'; + printf("ticket=%s, len=%d\n", buffer, client_len); + int result = sasl_server_start(c->conn, mech, buffer, client_len, &out, &len); + if (result != SASL_OK && result != SASL_CONTINUE) { + printf("auth failed ,%s, result=%d\n", sasl_errdetail(c->conn), result); + write(c->fp, "auth failed\n", 11); + close(c->fp); + return; + } + printf("sasl_server_start ok\n"); + while (result == SASL_CONTINUE) { + writeTicket(c, out, len); + client_len = readTicket(c, buffer); + result = sasl_server_step(c->conn, buffer, client_len, &out, &len); + if (result != SASL_OK && result != SASL_CONTINUE) { + printf("auth failed ,%s\n", sasl_errdetail(c->conn)); + write(c->fp, "auth failed\n", 11); + close(c->fp); + return 1; + } + printf("sasl_server_start ok"); + } + return 0; +} + +int readTicket(kClient *c, char *ticket) { + char len_str[10] = {0}; + int recbytes; + if (-1 == (recbytes = read(c->fp, len_str, 25))) { + printf("read len fail !\n"); + close(c->fp); + return 0; + } + int len = atoi(len_str); + printf("read len=%s\n", len_str); + if (-1 == (recbytes = read(c->fp, ticket, len))) { + printf("read data fail !\n"); + close(c->fp); + return 0; + } + return len; +} + +void writeTicket(kClient *c, char *data, unsigned len) { + char len_str[10] = {0}; + sprintf(len_str, "%d", len); + if (-1 == write(c->fp, len_str, 10)) { + printf("write failed\n"); + return 1; + } + if (-1 == write(c->fp, data, len)) { + printf("write failed\n"); + return 1; + } } void readQuery(kClient *c) { - char buffer[1024]={0}; - int recbytes; - /* 这里使用write向客户端发送信息,也可以尝试使用其他函数实现 */ - if(-1 == write(c->fp,"need_auth",9)) - { - printf("write fail!\n"); - close(c->fp); - return; - } - printf("write ok!\n"); - while (1) { - if(-1 == (recbytes = read(c->fp,buffer,1024))) { - printf("read data fail !\n"); - close(c->fp); - } - if (c->auth_complete != 1 && auth_client(c) != 0) { - printf("auth failed!\n"); - break; - } - if(-1 == write(c->fp,"need_auth",9)) { - printf("write fail!\n"); - break; - } - } - close(c->fp); -} + char buffer[1024] = {0}; + int recbytes; + /* 这里使用write向客户端发送信息,也可以尝试使用其他函数实现 */ + if (-1 == write(c->fp, "need_auth", 9)) { + printf("write fail!\n"); + close(c->fp); + return; + } + if (auth_client(c) != 0) { + printf("auth failed!\n"); + return; + } + + close(c->fp); +} int init_sasl() { - int result = sasl_server_init(NULL, "sample"); - if (result != SASL_OK) { - printf("Initializing libsasl"); - return 1; - } - return 0; + int result = sasl_server_init(NULL, server); + if (result != SASL_OK) { + printf("Initializing libsasl"); + return 1; + } + return 0; } -int main() -{ - if (listen_port() != 0 && init_sasl() != 0) - { - return 1; - } - while(1) - { - sin_size = sizeof(struct sockaddr_in); - int nfp = accept(sfp, (struct sockaddr *)(&c_add), &sin_size); - if(-1 == nfp) - { - printf("accept fail !\r\n"); - return -1; - } +int main() { + if (listen_port() != 0) { + return 1; + } + init_sasl(); + while (1) { + sin_size = sizeof(struct sockaddr_in); + int nfp = accept(sfp, (struct sockaddr *)(&c_add), &sin_size); + if (-1 == nfp) { + printf("accept fail !\r\n"); + return -1; + } - printf("accept ok!\nServer start get connect from %#x : %#x\n", ntohl(c_add.sin_addr.s_addr), ntohs(c_add.sin_port)); - kClient *c = createClient(nfp); - readQuery(c); - } - close(sfp); - return 0; + printf("accept ok!\nServer start get connect from %#x : %#x\n", ntohl(c_add.sin_addr.s_addr), ntohs(c_add.sin_port)); + kClient *c = createClient(nfp); + readQuery(c); + } + close(sfp); + return 0; } - - diff --git a/server/env b/server/env index 5e1daa2..99cfeb3 100755 --- a/server/env +++ b/server/env @@ -1,3 +1,4 @@ PWD=$(pwd) export KRB5_CONFIG=${PWD}/server/krb5.conf export KRB5CCNAME=/tmp/krb5cc_hadoop_1000 +export KRB5_KTNAME=${PWD}/server/hadoop.keytab