add kerberos config #6
5
.gitignore
vendored
5
.gitignore
vendored
@ -176,5 +176,6 @@ cython_debug/
|
||||
a.out
|
||||
*.out
|
||||
*.o
|
||||
sample/sample_server
|
||||
sample/sample_client
|
||||
sample/server
|
||||
sample/client
|
||||
sample/core
|
||||
|
||||
213
sample/.clang-format
Normal file
213
sample/.clang-format
Normal file
@ -0,0 +1,213 @@
|
||||
# 语言: None, Cpp, Java, JavaScript, ObjC, Proto, TableGen, TextProto
|
||||
Language: Cpp
|
||||
# BasedOnStyle: LLVM
|
||||
|
||||
# 访问说明符(public、private等)的偏移
|
||||
AccessModifierOffset: -4
|
||||
|
||||
# 开括号(开圆括号、开尖括号、开方括号)后的对齐: Align, DontAlign, AlwaysBreak(总是在开括号后换行)
|
||||
AlignAfterOpenBracket: Align
|
||||
|
||||
# 连续赋值时,对齐所有等号
|
||||
AlignConsecutiveAssignments: false
|
||||
|
||||
# 连续声明时,对齐所有声明的变量名
|
||||
AlignConsecutiveDeclarations: false
|
||||
|
||||
# 右对齐逃脱换行(使用反斜杠换行)的反斜杠
|
||||
AlignEscapedNewlines: Right
|
||||
|
||||
# 水平对齐二元和三元表达式的操作数
|
||||
AlignOperands: true
|
||||
|
||||
# 对齐连续的尾随的注释
|
||||
AlignTrailingComments: true
|
||||
|
||||
# 不允许函数声明的所有参数在放在下一行
|
||||
AllowAllParametersOfDeclarationOnNextLine: false
|
||||
|
||||
# 不允许短的块放在同一行
|
||||
AllowShortBlocksOnASingleLine: true
|
||||
|
||||
# 允许短的case标签放在同一行
|
||||
AllowShortCaseLabelsOnASingleLine: true
|
||||
|
||||
# 允许短的函数放在同一行: None, InlineOnly(定义在类中), Empty(空函数), Inline(定义在类中,空函数), All
|
||||
AllowShortFunctionsOnASingleLine: None
|
||||
|
||||
# 允许短的if语句保持在同一行
|
||||
AllowShortIfStatementsOnASingleLine: true
|
||||
|
||||
# 允许短的循环保持在同一行
|
||||
AllowShortLoopsOnASingleLine: true
|
||||
|
||||
# 总是在返回类型后换行: None, All, TopLevel(顶级函数,不包括在类中的函数),
|
||||
# AllDefinitions(所有的定义,不包括声明), TopLevelDefinitions(所有的顶级函数的定义)
|
||||
AlwaysBreakAfterReturnType: None
|
||||
|
||||
# 总是在多行string字面量前换行
|
||||
AlwaysBreakBeforeMultilineStrings: false
|
||||
|
||||
# 总是在template声明后换行
|
||||
AlwaysBreakTemplateDeclarations: true
|
||||
|
||||
# false表示函数实参要么都在同一行,要么都各自一行
|
||||
BinPackArguments: true
|
||||
|
||||
# false表示所有形参要么都在同一行,要么都各自一行
|
||||
BinPackParameters: true
|
||||
|
||||
# 大括号换行,只有当BreakBeforeBraces设置为Custom时才有效
|
||||
BraceWrapping:
|
||||
# class定义后面
|
||||
AfterClass: false
|
||||
# 控制语句后面
|
||||
AfterControlStatement: false
|
||||
# enum定义后面
|
||||
AfterEnum: false
|
||||
# 函数定义后面
|
||||
AfterFunction: false
|
||||
# 命名空间定义后面
|
||||
AfterNamespace: false
|
||||
# struct定义后面
|
||||
AfterStruct: false
|
||||
# union定义后面
|
||||
AfterUnion: false
|
||||
# extern之后
|
||||
AfterExternBlock: false
|
||||
# catch之前
|
||||
BeforeCatch: false
|
||||
# else之前
|
||||
BeforeElse: false
|
||||
# 缩进大括号
|
||||
IndentBraces: false
|
||||
# 分离空函数
|
||||
SplitEmptyFunction: false
|
||||
# 分离空语句
|
||||
SplitEmptyRecord: false
|
||||
# 分离空命名空间
|
||||
SplitEmptyNamespace: false
|
||||
|
||||
# 在二元运算符前换行: None(在操作符后换行), NonAssignment(在非赋值的操作符前换行), All(在操作符前换行)
|
||||
BreakBeforeBinaryOperators: NonAssignment
|
||||
|
||||
# 在大括号前换行: Attach(始终将大括号附加到周围的上下文), Linux(除函数、命名空间和类定义,与Attach类似),
|
||||
# Mozilla(除枚举、函数、记录定义,与Attach类似), Stroustrup(除函数定义、catch、else,与Attach类似),
|
||||
# Allman(总是在大括号前换行), GNU(总是在大括号前换行,并对于控制语句的大括号增加额外的缩进), WebKit(在函数前换行), Custom
|
||||
# 注:这里认为语句块也属于函数
|
||||
BreakBeforeBraces: Custom
|
||||
|
||||
# 在三元运算符前换行
|
||||
BreakBeforeTernaryOperators: false
|
||||
|
||||
# 在构造函数的初始化列表的冒号后换行
|
||||
BreakConstructorInitializers: AfterColon
|
||||
|
||||
#BreakInheritanceList: AfterColon
|
||||
|
||||
BreakStringLiterals: false
|
||||
|
||||
# 每行字符的限制,0表示没有限制
|
||||
ColumnLimit: 0
|
||||
|
||||
CompactNamespaces: true
|
||||
|
||||
# 构造函数的初始化列表要么都在同一行,要么都各自一行
|
||||
ConstructorInitializerAllOnOneLineOrOnePerLine: false
|
||||
|
||||
# 构造函数的初始化列表的缩进宽度
|
||||
ConstructorInitializerIndentWidth: 4
|
||||
|
||||
# 延续的行的缩进宽度
|
||||
ContinuationIndentWidth: 4
|
||||
|
||||
# 去除C++11的列表初始化的大括号{后和}前的空格
|
||||
Cpp11BracedListStyle: true
|
||||
|
||||
# 继承最常用的指针和引用的对齐方式
|
||||
DerivePointerAlignment: false
|
||||
|
||||
# 固定命名空间注释
|
||||
FixNamespaceComments: true
|
||||
|
||||
# 缩进case标签
|
||||
IndentCaseLabels: false
|
||||
|
||||
IndentPPDirectives: None
|
||||
|
||||
# 缩进宽度
|
||||
IndentWidth: 4
|
||||
|
||||
# 函数返回类型换行时,缩进函数声明或函数定义的函数名
|
||||
IndentWrappedFunctionNames: false
|
||||
|
||||
# 保留在块开始处的空行
|
||||
KeepEmptyLinesAtTheStartOfBlocks: false
|
||||
|
||||
# 连续空行的最大数量
|
||||
MaxEmptyLinesToKeep: 1
|
||||
|
||||
# 命名空间的缩进: None, Inner(缩进嵌套的命名空间中的内容), All
|
||||
NamespaceIndentation: None
|
||||
|
||||
# 指针和引用的对齐: Left, Right, Middle
|
||||
PointerAlignment: Right
|
||||
|
||||
# 允许重新排版注释
|
||||
ReflowComments: true
|
||||
|
||||
# 允许排序#include
|
||||
SortIncludes: false
|
||||
|
||||
# 允许排序 using 声明
|
||||
SortUsingDeclarations: false
|
||||
|
||||
# 在C风格类型转换后添加空格
|
||||
SpaceAfterCStyleCast: false
|
||||
|
||||
# 在Template 关键字后面添加空格
|
||||
SpaceAfterTemplateKeyword: true
|
||||
|
||||
# 在赋值运算符之前添加空格
|
||||
SpaceBeforeAssignmentOperators: true
|
||||
|
||||
# SpaceBeforeCpp11BracedList: true
|
||||
|
||||
# SpaceBeforeCtorInitializerColon: true
|
||||
|
||||
# SpaceBeforeInheritanceColon: true
|
||||
|
||||
# 开圆括号之前添加一个空格: Never, ControlStatements, Always
|
||||
SpaceBeforeParens: ControlStatements
|
||||
|
||||
# SpaceBeforeRangeBasedForLoopColon: true
|
||||
|
||||
# 在空的圆括号中添加空格
|
||||
SpaceInEmptyParentheses: false
|
||||
|
||||
# 在尾随的评论前添加的空格数(只适用于//)
|
||||
SpacesBeforeTrailingComments: 1
|
||||
|
||||
# 在尖括号的<后和>前添加空格
|
||||
SpacesInAngles: false
|
||||
|
||||
# 在C风格类型转换的括号中添加空格
|
||||
SpacesInCStyleCastParentheses: false
|
||||
|
||||
# 在容器(ObjC和JavaScript的数组和字典等)字面量中添加空格
|
||||
SpacesInContainerLiterals: true
|
||||
|
||||
# 在圆括号的(后和)前添加空格
|
||||
SpacesInParentheses: false
|
||||
|
||||
# 在方括号的[后和]前添加空格,lamda表达式和未指明大小的数组的声明不受影响
|
||||
SpacesInSquareBrackets: false
|
||||
|
||||
# 标准: Cpp03, Cpp11, Auto
|
||||
Standard: Cpp11
|
||||
|
||||
# tab宽度
|
||||
TabWidth: 4
|
||||
|
||||
# 使用tab字符: Never, ForIndentation, ForContinuationAndIndentation, Always
|
||||
UseTab: Never
|
||||
@ -1,7 +1,7 @@
|
||||
|
||||
CC=gcc
|
||||
|
||||
PROGRAM=sample_client sample_server
|
||||
PROGRAM=client server
|
||||
|
||||
LIBSSL_LIBS=-lsasl2
|
||||
|
||||
@ -14,17 +14,17 @@ all: $(PROGRAM)
|
||||
@echo "build seccess!"
|
||||
@echo ""
|
||||
|
||||
sample_client:sample-client.c
|
||||
client:sample-client.c
|
||||
$(CC) -g -c sample-client.c $(FINAL_FLAG)
|
||||
$(CC) -g -o sample_client sample-client.o $(FINAL_FLAG)
|
||||
$(CC) -g -o client sample-client.o $(FINAL_FLAG)
|
||||
rm *.o
|
||||
|
||||
sample_server:sample-server.c
|
||||
server:sample-server.c
|
||||
$(CC) -g -c sample-server.c $(FINAL_FLAG)
|
||||
$(CC) -g -o sample_server sample-server.o $(FINAL_FLAG)
|
||||
$(CC) -g -o server sample-server.o $(FINAL_FLAG)
|
||||
rm *.o
|
||||
|
||||
clean:
|
||||
rm sample_server sample_client
|
||||
rm server client
|
||||
|
||||
|
||||
|
||||
@ -1,141 +1,166 @@
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <sys/types.h>
|
||||
#include <sasl/sasl.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <linux/in.h>
|
||||
#include <string.h>
|
||||
|
||||
#define SAMPLE_SEC_BUF_SIZE (2048)
|
||||
|
||||
char buf[SAMPLE_SEC_BUF_SIZE];
|
||||
|
||||
static sasl_conn_t *conn = NULL;
|
||||
const char *realm = "DOMAIN.COM";
|
||||
const char *realm = "TEST.COM";
|
||||
const char *mech = "GSSAPI";
|
||||
const char *iplocal = "127.0.0.1";
|
||||
const char *ipremote = "127.0.0.1";
|
||||
char *searchpath = NULL;
|
||||
const char *service = "zeekling";
|
||||
const char *fqdn = "";
|
||||
const char *service = "server";
|
||||
const char *fqdn = "hadoop.test.com";
|
||||
int cfd;
|
||||
|
||||
int init_sasl() {
|
||||
int result = sasl_client_init(NULL);
|
||||
if (result != SASL_OK) {
|
||||
printf("Initializing libsasl\n");
|
||||
return -1;
|
||||
}
|
||||
return 0;
|
||||
int result = sasl_client_init(NULL);
|
||||
if (result != SASL_OK) {
|
||||
printf("Initializing libsasl\n");
|
||||
return -1;
|
||||
}
|
||||
printf("sasl_client_init ok\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
int connect_server() {
|
||||
struct sockaddr_in s_add, c_add;
|
||||
unsigned short portnum = 2345;
|
||||
printf("Hello,welcome to client !\n");
|
||||
cfd = socket(AF_INET, SOCK_STREAM, 0);
|
||||
if(-1 == cfd) {
|
||||
printf("socket fail ! \n");
|
||||
return 1;
|
||||
}
|
||||
printf("socket ok !\n");
|
||||
bzero(&s_add, sizeof(struct sockaddr_in));
|
||||
s_add.sin_family = AF_INET;
|
||||
s_add.sin_addr.s_addr = inet_addr("127.0.0.1");
|
||||
s_add.sin_port = htons(portnum);
|
||||
struct sockaddr_in s_add, c_add;
|
||||
unsigned short portnum = 2345;
|
||||
printf("Hello,welcome to client !\n");
|
||||
cfd = socket(AF_INET, SOCK_STREAM, 0);
|
||||
if (-1 == cfd) {
|
||||
printf("socket fail ! \n");
|
||||
return 1;
|
||||
}
|
||||
printf("socket ok !\n");
|
||||
bzero(&s_add, sizeof(struct sockaddr_in));
|
||||
s_add.sin_family = AF_INET;
|
||||
s_add.sin_addr.s_addr = inet_addr("127.0.0.1");
|
||||
s_add.sin_port = htons(portnum);
|
||||
|
||||
if(-1 == connect(cfd,(struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
|
||||
printf("connect fail !\n");
|
||||
return 1;
|
||||
}
|
||||
printf("connect ok !\n");
|
||||
return 0;
|
||||
if (-1 == connect(cfd, (struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
|
||||
printf("connect fail !\n");
|
||||
return 1;
|
||||
}
|
||||
printf("connect ok !\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
int readTicket(char *ticket) {
|
||||
char len_str[10] = {0};
|
||||
int recbytes;
|
||||
if (-1 == (recbytes = read(cfd, len_str, 10))) {
|
||||
printf("read len fail !\n");
|
||||
close(cfd);
|
||||
return 0;
|
||||
}
|
||||
char buffer[1024] = {0};
|
||||
int len = atoi(len_str);
|
||||
printf("read len=%s\n", len_str);
|
||||
if (-1 == (recbytes = read(cfd, ticket, len))) {
|
||||
printf("read data fail !\n");
|
||||
close(cfd);
|
||||
return 0;
|
||||
}
|
||||
return len;
|
||||
|
||||
}
|
||||
|
||||
void writeTicket(char *data, unsigned len) {
|
||||
char len_str[10] = {0};
|
||||
sprintf(len_str, "%d", len);
|
||||
if (-1 == write(cfd, len_str, 10)) {
|
||||
printf("write failed\n");
|
||||
return 1;
|
||||
}
|
||||
if (-1 == write(cfd, data, len)) {
|
||||
printf("write failed\n");
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
int auth_sever() {
|
||||
int result = sasl_client_new("sample", fqdn, "127.0.0.1",
|
||||
"127.0.0.1", NULL, 0, &conn);
|
||||
if (result != SASL_OK) {
|
||||
printf("client new client failed\n");
|
||||
return 1;
|
||||
}
|
||||
char *data = NULL;
|
||||
unsigned len = 0;
|
||||
result = sasl_client_start(conn, mech, NULL, &data, &len, &mech);
|
||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||
printf("client auth start failed error:%s\n", sasl_errdetail(conn));
|
||||
return 1;
|
||||
}
|
||||
while (1) {
|
||||
//todo 多次认证
|
||||
printf("write data %s, %d", data, len);
|
||||
if(-1 == write(cfd, data, len)) {
|
||||
printf("write failed\n");
|
||||
return 1;
|
||||
}
|
||||
int recbytes = 0;
|
||||
char *buffer = NULL;
|
||||
if (read(recbytes = read(cfd, buffer, 1024)) == -1) {
|
||||
printf("read error\n");
|
||||
return 1;
|
||||
}
|
||||
printf("receive %s %d", buffer, recbytes);
|
||||
result = sasl_client_step(conn, buffer, recbytes, NULL, &data, &len);
|
||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||
printf("auth failed, %s\n", sasl_errdetail(conn));
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
printf("begin auth\n");
|
||||
int result = sasl_client_new("server", fqdn, NULL, NULL, NULL, 0, &conn);
|
||||
if (result != SASL_OK) {
|
||||
printf("client new client failed\n");
|
||||
return 1;
|
||||
}
|
||||
char data[1024] = {0};
|
||||
unsigned len = 0;
|
||||
printf("begin sasl_client_start\n");
|
||||
result = sasl_client_start(conn, mech, NULL, &data, &len, &mech);
|
||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||
printf("client auth start failed error:%s\n", sasl_errdetail(conn));
|
||||
return 1;
|
||||
}
|
||||
//data[len] = '\0';
|
||||
printf("sasl_client_start ok: ticket=%s, len=%d\n", data, len);
|
||||
while (1) {
|
||||
char len_str[10] = {0};
|
||||
writeTicket(data, len);
|
||||
char *buffer;
|
||||
int size = readTicket(buffer);
|
||||
|
||||
result = sasl_client_step(conn, buffer, size, NULL, &data, &len);
|
||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||
printf("auth failed, %s\n", sasl_errdetail(conn));
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
int main() {
|
||||
int result;
|
||||
const char *data;
|
||||
const char *chosenmech;
|
||||
int serverlast = 0;
|
||||
unsigned len;
|
||||
char *userid = NULL;
|
||||
char *authid = NULL;
|
||||
int result;
|
||||
const char *data;
|
||||
const char *chosenmech;
|
||||
int serverlast = 0;
|
||||
unsigned len;
|
||||
char *userid = NULL;
|
||||
char *authid = NULL;
|
||||
|
||||
int recbytes;
|
||||
int sin_size;
|
||||
char buffer[1024]={0};
|
||||
int recbytes;
|
||||
int sin_size;
|
||||
char buffer[1024] = {0};
|
||||
|
||||
if (connect_server() != 0)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
if (connect_server() != 0) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (init_sasl() != 0) {
|
||||
return 1;
|
||||
}
|
||||
if (init_sasl() != 0) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
if(-1 == (recbytes = read(cfd, buffer, 1024))) {
|
||||
printf("read data fail !\n");
|
||||
return -1;
|
||||
}
|
||||
if (-1 == (recbytes = read(cfd, buffer, 1024))) {
|
||||
printf("read data fail !\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (strcmp(buffer, "need_auth") == 0 && auth_sever() != 0) {
|
||||
printf("auth failed\n");
|
||||
return -1;
|
||||
}
|
||||
printf("auth ok\nREC:\n");
|
||||
if (strcmp(buffer, "need_auth") == 0 && auth_sever() != 0) {
|
||||
printf("auth failed\n");
|
||||
return -1;
|
||||
}
|
||||
printf("auth ok\nREC:\n");
|
||||
|
||||
buffer[recbytes]='\0';
|
||||
printf("%s\n",buffer);
|
||||
buffer[recbytes] = '\0';
|
||||
printf("%s\n", buffer);
|
||||
|
||||
auth_sever();
|
||||
auth_sever();
|
||||
|
||||
getchar();
|
||||
close(cfd);
|
||||
getchar();
|
||||
close(cfd);
|
||||
|
||||
if (init_sasl() != 0) {
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
if (init_sasl() != 0) {
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -9,159 +9,169 @@
|
||||
#include <sasl/sasl.h>
|
||||
|
||||
int sfp;
|
||||
struct sockaddr_in s_add,c_add;
|
||||
struct sockaddr_in s_add, c_add;
|
||||
int sin_size;
|
||||
|
||||
char *server = "server";
|
||||
|
||||
typedef struct kClient {
|
||||
int fp;
|
||||
int auth_complete;
|
||||
int begin_auth;
|
||||
sasl_conn_t *conn;
|
||||
int fp;
|
||||
int auth_complete;
|
||||
int begin_auth;
|
||||
sasl_conn_t *conn;
|
||||
} kClient;
|
||||
|
||||
int listen_port() {
|
||||
unsigned short portnum=2345;
|
||||
unsigned short portnum = 2345;
|
||||
|
||||
sfp = socket(AF_INET, SOCK_STREAM, 0);
|
||||
if(-1 == sfp) {
|
||||
printf("socket fail ! \n");
|
||||
return -1;
|
||||
}
|
||||
sfp = socket(AF_INET, SOCK_STREAM, 0);
|
||||
if (-1 == sfp) {
|
||||
printf("socket fail ! \n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* 填充服务器端口地址信息,以便下面使用此地址和端口监听 */
|
||||
bzero(&s_add,sizeof(struct sockaddr_in));
|
||||
s_add.sin_family=AF_INET;
|
||||
s_add.sin_addr.s_addr=htonl(INADDR_ANY); /* 这里地址使用全0,即所有 */
|
||||
s_add.sin_port=htons(portnum);
|
||||
/* 使用bind进行绑定端口 */
|
||||
if(-1 == bind(sfp,(struct sockaddr *)(&s_add), sizeof(struct sockaddr)))
|
||||
{
|
||||
printf("bind fail !\n");
|
||||
return -1;
|
||||
}
|
||||
/* 开始监听相应的端口 */
|
||||
if(-1 == listen(sfp,5))
|
||||
{
|
||||
printf("listen fail !\n");
|
||||
return -1;
|
||||
}
|
||||
printf("Hello,welcome to my server !\n");
|
||||
return 0;
|
||||
/* 填充服务器端口地址信息,以便下面使用此地址和端口监听 */
|
||||
bzero(&s_add, sizeof(struct sockaddr_in));
|
||||
s_add.sin_family = AF_INET;
|
||||
s_add.sin_addr.s_addr = htonl(INADDR_ANY); /* 这里地址使用全0,即所有 */
|
||||
s_add.sin_port = htons(portnum);
|
||||
/* 使用bind进行绑定端口 */
|
||||
if (-1 == bind(sfp, (struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
|
||||
printf("bind fail !\n");
|
||||
return -1;
|
||||
}
|
||||
/* 开始监听相应的端口 */
|
||||
if (-1 == listen(sfp, 5)) {
|
||||
printf("listen fail !\n");
|
||||
return -1;
|
||||
}
|
||||
printf("Hello,welcome to my server !\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
kClient *createClient(int fp) {
|
||||
kClient *c = malloc(sizeof(kClient));
|
||||
c->fp = fp;
|
||||
c->auth_complete = -1;
|
||||
c->begin_auth = 0;
|
||||
c->conn = NULL;
|
||||
return c;
|
||||
kClient *c = malloc(sizeof(kClient));
|
||||
c->fp = fp;
|
||||
c->auth_complete = -1;
|
||||
c->begin_auth = 0;
|
||||
c->conn = NULL;
|
||||
return c;
|
||||
}
|
||||
|
||||
int auth_client(kClient *c) {
|
||||
if (!c->begin_auth && sasl_server_new("sample", "DOMAIN.COM",
|
||||
"DOMAIN.COM", "127.0.0.1", "127.0.0.1", NULL,
|
||||
0, &c->conn) == SASL_OK) {
|
||||
printf("Allocating sasl connection state");
|
||||
return 1;
|
||||
}
|
||||
const char *mech = "GSSAPI";
|
||||
int recbytes;
|
||||
char buffer[1024]={0};
|
||||
if ((recbytes = read(c->fp, buffer, 1024)) == -1) {
|
||||
printf("read failed\n");
|
||||
close(c->fp);
|
||||
return 1;
|
||||
}
|
||||
buffer[recbytes] = '\0';
|
||||
char *out;
|
||||
unsigned len = 0;
|
||||
int result = sasl_server_start(c->conn, mech, buffer, recbytes, &out, &len);
|
||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||
printf("auth failed ,%s\n", sasl_errdetail(c->conn));
|
||||
write(c->fp, "auth failed\n", 11);
|
||||
close(c->fp);
|
||||
}
|
||||
while (result == SASL_CONTINUE) {
|
||||
if (write(c->fp, out, len) == -1) {
|
||||
printf("write failed\n");
|
||||
return 1;
|
||||
}
|
||||
if (recbytes = read(c->fp, buffer, 1024)) {
|
||||
printf("write failed\n");
|
||||
return 1;
|
||||
}
|
||||
result = sasl_server_step(c->conn, buffer, recbytes, &out, &len);
|
||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||
printf("auth failed ,%s\n", sasl_errdetail(c->conn));
|
||||
write(c->fp, "auth failed\n", 11);
|
||||
close(c->fp);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
if (!c->begin_auth) {
|
||||
int result = sasl_server_new(server, "hadoop.test.com", "TEST.COM", NULL, NULL, NULL, 0, &c->conn);
|
||||
if (result != SASL_OK) {
|
||||
printf("Allocating sasl connection state, %s\n", sasl_errdetail(c->conn));
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
const char *mech = "GSSAPI";
|
||||
char buffer[1024] = {0};
|
||||
int client_len = readTicket(c, buffer);
|
||||
char *out;
|
||||
unsigned len = 0;
|
||||
buffer[client_len] = '\n';
|
||||
printf("ticket=%s, len=%d\n", buffer, client_len);
|
||||
int result = sasl_server_start(c->conn, mech, buffer, client_len, &out, &len);
|
||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||
printf("auth failed ,%s, result=%d\n", sasl_errdetail(c->conn), result);
|
||||
write(c->fp, "auth failed\n", 11);
|
||||
close(c->fp);
|
||||
return;
|
||||
}
|
||||
printf("sasl_server_start ok\n");
|
||||
while (result == SASL_CONTINUE) {
|
||||
writeTicket(c, out, len);
|
||||
client_len = readTicket(c, buffer);
|
||||
result = sasl_server_step(c->conn, buffer, client_len, &out, &len);
|
||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||
printf("auth failed ,%s\n", sasl_errdetail(c->conn));
|
||||
write(c->fp, "auth failed\n", 11);
|
||||
close(c->fp);
|
||||
return 1;
|
||||
}
|
||||
printf("sasl_server_start ok");
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
int readTicket(kClient *c, char *ticket) {
|
||||
char len_str[10] = {0};
|
||||
int recbytes;
|
||||
if (-1 == (recbytes = read(c->fp, len_str, 25))) {
|
||||
printf("read len fail !\n");
|
||||
close(c->fp);
|
||||
return 0;
|
||||
}
|
||||
int len = atoi(len_str);
|
||||
printf("read len=%s\n", len_str);
|
||||
if (-1 == (recbytes = read(c->fp, ticket, len))) {
|
||||
printf("read data fail !\n");
|
||||
close(c->fp);
|
||||
return 0;
|
||||
}
|
||||
return len;
|
||||
}
|
||||
|
||||
void writeTicket(kClient *c, char *data, unsigned len) {
|
||||
char len_str[10] = {0};
|
||||
sprintf(len_str, "%d", len);
|
||||
if (-1 == write(c->fp, len_str, 10)) {
|
||||
printf("write failed\n");
|
||||
return 1;
|
||||
}
|
||||
if (-1 == write(c->fp, data, len)) {
|
||||
printf("write failed\n");
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
void readQuery(kClient *c) {
|
||||
char buffer[1024]={0};
|
||||
int recbytes;
|
||||
/* 这里使用write向客户端发送信息,也可以尝试使用其他函数实现 */
|
||||
if(-1 == write(c->fp,"need_auth",9))
|
||||
{
|
||||
printf("write fail!\n");
|
||||
close(c->fp);
|
||||
return;
|
||||
}
|
||||
printf("write ok!\n");
|
||||
while (1) {
|
||||
if(-1 == (recbytes = read(c->fp,buffer,1024))) {
|
||||
printf("read data fail !\n");
|
||||
close(c->fp);
|
||||
}
|
||||
if (c->auth_complete != 1 && auth_client(c) != 0) {
|
||||
printf("auth failed!\n");
|
||||
break;
|
||||
}
|
||||
if(-1 == write(c->fp,"need_auth",9)) {
|
||||
printf("write fail!\n");
|
||||
break;
|
||||
}
|
||||
}
|
||||
close(c->fp);
|
||||
}
|
||||
char buffer[1024] = {0};
|
||||
int recbytes;
|
||||
/* 这里使用write向客户端发送信息,也可以尝试使用其他函数实现 */
|
||||
if (-1 == write(c->fp, "need_auth", 9)) {
|
||||
printf("write fail!\n");
|
||||
close(c->fp);
|
||||
return;
|
||||
}
|
||||
|
||||
if (auth_client(c) != 0) {
|
||||
printf("auth failed!\n");
|
||||
return;
|
||||
}
|
||||
|
||||
close(c->fp);
|
||||
}
|
||||
|
||||
int init_sasl() {
|
||||
int result = sasl_server_init(NULL, "sample");
|
||||
if (result != SASL_OK) {
|
||||
printf("Initializing libsasl");
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
int result = sasl_server_init(NULL, server);
|
||||
if (result != SASL_OK) {
|
||||
printf("Initializing libsasl");
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
int main()
|
||||
{
|
||||
if (listen_port() != 0 && init_sasl() != 0)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
while(1)
|
||||
{
|
||||
sin_size = sizeof(struct sockaddr_in);
|
||||
int nfp = accept(sfp, (struct sockaddr *)(&c_add), &sin_size);
|
||||
if(-1 == nfp)
|
||||
{
|
||||
printf("accept fail !\r\n");
|
||||
return -1;
|
||||
}
|
||||
int main() {
|
||||
if (listen_port() != 0) {
|
||||
return 1;
|
||||
}
|
||||
init_sasl();
|
||||
while (1) {
|
||||
sin_size = sizeof(struct sockaddr_in);
|
||||
int nfp = accept(sfp, (struct sockaddr *)(&c_add), &sin_size);
|
||||
if (-1 == nfp) {
|
||||
printf("accept fail !\r\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
printf("accept ok!\nServer start get connect from %#x : %#x\n", ntohl(c_add.sin_addr.s_addr), ntohs(c_add.sin_port));
|
||||
kClient *c = createClient(nfp);
|
||||
readQuery(c);
|
||||
}
|
||||
close(sfp);
|
||||
return 0;
|
||||
printf("accept ok!\nServer start get connect from %#x : %#x\n", ntohl(c_add.sin_addr.s_addr), ntohs(c_add.sin_port));
|
||||
kClient *c = createClient(nfp);
|
||||
readQuery(c);
|
||||
}
|
||||
close(sfp);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
PWD=$(pwd)
|
||||
export KRB5_CONFIG=${PWD}/server/krb5.conf
|
||||
export KRB5CCNAME=/tmp/krb5cc_hadoop_1000
|
||||
export KRB5_KTNAME=${PWD}/server/hadoop.keytab
|
||||
|
||||
Loading…
Reference in New Issue
Block a user