add kerberos config #6
5
.gitignore
vendored
5
.gitignore
vendored
@ -176,5 +176,6 @@ cython_debug/
|
|||||||
a.out
|
a.out
|
||||||
*.out
|
*.out
|
||||||
*.o
|
*.o
|
||||||
sample/sample_server
|
sample/server
|
||||||
sample/sample_client
|
sample/client
|
||||||
|
sample/core
|
||||||
|
213
sample/.clang-format
Normal file
213
sample/.clang-format
Normal file
@ -0,0 +1,213 @@
|
|||||||
|
# 语言: None, Cpp, Java, JavaScript, ObjC, Proto, TableGen, TextProto
|
||||||
|
Language: Cpp
|
||||||
|
# BasedOnStyle: LLVM
|
||||||
|
|
||||||
|
# 访问说明符(public、private等)的偏移
|
||||||
|
AccessModifierOffset: -4
|
||||||
|
|
||||||
|
# 开括号(开圆括号、开尖括号、开方括号)后的对齐: Align, DontAlign, AlwaysBreak(总是在开括号后换行)
|
||||||
|
AlignAfterOpenBracket: Align
|
||||||
|
|
||||||
|
# 连续赋值时,对齐所有等号
|
||||||
|
AlignConsecutiveAssignments: false
|
||||||
|
|
||||||
|
# 连续声明时,对齐所有声明的变量名
|
||||||
|
AlignConsecutiveDeclarations: false
|
||||||
|
|
||||||
|
# 右对齐逃脱换行(使用反斜杠换行)的反斜杠
|
||||||
|
AlignEscapedNewlines: Right
|
||||||
|
|
||||||
|
# 水平对齐二元和三元表达式的操作数
|
||||||
|
AlignOperands: true
|
||||||
|
|
||||||
|
# 对齐连续的尾随的注释
|
||||||
|
AlignTrailingComments: true
|
||||||
|
|
||||||
|
# 不允许函数声明的所有参数在放在下一行
|
||||||
|
AllowAllParametersOfDeclarationOnNextLine: false
|
||||||
|
|
||||||
|
# 不允许短的块放在同一行
|
||||||
|
AllowShortBlocksOnASingleLine: true
|
||||||
|
|
||||||
|
# 允许短的case标签放在同一行
|
||||||
|
AllowShortCaseLabelsOnASingleLine: true
|
||||||
|
|
||||||
|
# 允许短的函数放在同一行: None, InlineOnly(定义在类中), Empty(空函数), Inline(定义在类中,空函数), All
|
||||||
|
AllowShortFunctionsOnASingleLine: None
|
||||||
|
|
||||||
|
# 允许短的if语句保持在同一行
|
||||||
|
AllowShortIfStatementsOnASingleLine: true
|
||||||
|
|
||||||
|
# 允许短的循环保持在同一行
|
||||||
|
AllowShortLoopsOnASingleLine: true
|
||||||
|
|
||||||
|
# 总是在返回类型后换行: None, All, TopLevel(顶级函数,不包括在类中的函数),
|
||||||
|
# AllDefinitions(所有的定义,不包括声明), TopLevelDefinitions(所有的顶级函数的定义)
|
||||||
|
AlwaysBreakAfterReturnType: None
|
||||||
|
|
||||||
|
# 总是在多行string字面量前换行
|
||||||
|
AlwaysBreakBeforeMultilineStrings: false
|
||||||
|
|
||||||
|
# 总是在template声明后换行
|
||||||
|
AlwaysBreakTemplateDeclarations: true
|
||||||
|
|
||||||
|
# false表示函数实参要么都在同一行,要么都各自一行
|
||||||
|
BinPackArguments: true
|
||||||
|
|
||||||
|
# false表示所有形参要么都在同一行,要么都各自一行
|
||||||
|
BinPackParameters: true
|
||||||
|
|
||||||
|
# 大括号换行,只有当BreakBeforeBraces设置为Custom时才有效
|
||||||
|
BraceWrapping:
|
||||||
|
# class定义后面
|
||||||
|
AfterClass: false
|
||||||
|
# 控制语句后面
|
||||||
|
AfterControlStatement: false
|
||||||
|
# enum定义后面
|
||||||
|
AfterEnum: false
|
||||||
|
# 函数定义后面
|
||||||
|
AfterFunction: false
|
||||||
|
# 命名空间定义后面
|
||||||
|
AfterNamespace: false
|
||||||
|
# struct定义后面
|
||||||
|
AfterStruct: false
|
||||||
|
# union定义后面
|
||||||
|
AfterUnion: false
|
||||||
|
# extern之后
|
||||||
|
AfterExternBlock: false
|
||||||
|
# catch之前
|
||||||
|
BeforeCatch: false
|
||||||
|
# else之前
|
||||||
|
BeforeElse: false
|
||||||
|
# 缩进大括号
|
||||||
|
IndentBraces: false
|
||||||
|
# 分离空函数
|
||||||
|
SplitEmptyFunction: false
|
||||||
|
# 分离空语句
|
||||||
|
SplitEmptyRecord: false
|
||||||
|
# 分离空命名空间
|
||||||
|
SplitEmptyNamespace: false
|
||||||
|
|
||||||
|
# 在二元运算符前换行: None(在操作符后换行), NonAssignment(在非赋值的操作符前换行), All(在操作符前换行)
|
||||||
|
BreakBeforeBinaryOperators: NonAssignment
|
||||||
|
|
||||||
|
# 在大括号前换行: Attach(始终将大括号附加到周围的上下文), Linux(除函数、命名空间和类定义,与Attach类似),
|
||||||
|
# Mozilla(除枚举、函数、记录定义,与Attach类似), Stroustrup(除函数定义、catch、else,与Attach类似),
|
||||||
|
# Allman(总是在大括号前换行), GNU(总是在大括号前换行,并对于控制语句的大括号增加额外的缩进), WebKit(在函数前换行), Custom
|
||||||
|
# 注:这里认为语句块也属于函数
|
||||||
|
BreakBeforeBraces: Custom
|
||||||
|
|
||||||
|
# 在三元运算符前换行
|
||||||
|
BreakBeforeTernaryOperators: false
|
||||||
|
|
||||||
|
# 在构造函数的初始化列表的冒号后换行
|
||||||
|
BreakConstructorInitializers: AfterColon
|
||||||
|
|
||||||
|
#BreakInheritanceList: AfterColon
|
||||||
|
|
||||||
|
BreakStringLiterals: false
|
||||||
|
|
||||||
|
# 每行字符的限制,0表示没有限制
|
||||||
|
ColumnLimit: 0
|
||||||
|
|
||||||
|
CompactNamespaces: true
|
||||||
|
|
||||||
|
# 构造函数的初始化列表要么都在同一行,要么都各自一行
|
||||||
|
ConstructorInitializerAllOnOneLineOrOnePerLine: false
|
||||||
|
|
||||||
|
# 构造函数的初始化列表的缩进宽度
|
||||||
|
ConstructorInitializerIndentWidth: 4
|
||||||
|
|
||||||
|
# 延续的行的缩进宽度
|
||||||
|
ContinuationIndentWidth: 4
|
||||||
|
|
||||||
|
# 去除C++11的列表初始化的大括号{后和}前的空格
|
||||||
|
Cpp11BracedListStyle: true
|
||||||
|
|
||||||
|
# 继承最常用的指针和引用的对齐方式
|
||||||
|
DerivePointerAlignment: false
|
||||||
|
|
||||||
|
# 固定命名空间注释
|
||||||
|
FixNamespaceComments: true
|
||||||
|
|
||||||
|
# 缩进case标签
|
||||||
|
IndentCaseLabels: false
|
||||||
|
|
||||||
|
IndentPPDirectives: None
|
||||||
|
|
||||||
|
# 缩进宽度
|
||||||
|
IndentWidth: 4
|
||||||
|
|
||||||
|
# 函数返回类型换行时,缩进函数声明或函数定义的函数名
|
||||||
|
IndentWrappedFunctionNames: false
|
||||||
|
|
||||||
|
# 保留在块开始处的空行
|
||||||
|
KeepEmptyLinesAtTheStartOfBlocks: false
|
||||||
|
|
||||||
|
# 连续空行的最大数量
|
||||||
|
MaxEmptyLinesToKeep: 1
|
||||||
|
|
||||||
|
# 命名空间的缩进: None, Inner(缩进嵌套的命名空间中的内容), All
|
||||||
|
NamespaceIndentation: None
|
||||||
|
|
||||||
|
# 指针和引用的对齐: Left, Right, Middle
|
||||||
|
PointerAlignment: Right
|
||||||
|
|
||||||
|
# 允许重新排版注释
|
||||||
|
ReflowComments: true
|
||||||
|
|
||||||
|
# 允许排序#include
|
||||||
|
SortIncludes: false
|
||||||
|
|
||||||
|
# 允许排序 using 声明
|
||||||
|
SortUsingDeclarations: false
|
||||||
|
|
||||||
|
# 在C风格类型转换后添加空格
|
||||||
|
SpaceAfterCStyleCast: false
|
||||||
|
|
||||||
|
# 在Template 关键字后面添加空格
|
||||||
|
SpaceAfterTemplateKeyword: true
|
||||||
|
|
||||||
|
# 在赋值运算符之前添加空格
|
||||||
|
SpaceBeforeAssignmentOperators: true
|
||||||
|
|
||||||
|
# SpaceBeforeCpp11BracedList: true
|
||||||
|
|
||||||
|
# SpaceBeforeCtorInitializerColon: true
|
||||||
|
|
||||||
|
# SpaceBeforeInheritanceColon: true
|
||||||
|
|
||||||
|
# 开圆括号之前添加一个空格: Never, ControlStatements, Always
|
||||||
|
SpaceBeforeParens: ControlStatements
|
||||||
|
|
||||||
|
# SpaceBeforeRangeBasedForLoopColon: true
|
||||||
|
|
||||||
|
# 在空的圆括号中添加空格
|
||||||
|
SpaceInEmptyParentheses: false
|
||||||
|
|
||||||
|
# 在尾随的评论前添加的空格数(只适用于//)
|
||||||
|
SpacesBeforeTrailingComments: 1
|
||||||
|
|
||||||
|
# 在尖括号的<后和>前添加空格
|
||||||
|
SpacesInAngles: false
|
||||||
|
|
||||||
|
# 在C风格类型转换的括号中添加空格
|
||||||
|
SpacesInCStyleCastParentheses: false
|
||||||
|
|
||||||
|
# 在容器(ObjC和JavaScript的数组和字典等)字面量中添加空格
|
||||||
|
SpacesInContainerLiterals: true
|
||||||
|
|
||||||
|
# 在圆括号的(后和)前添加空格
|
||||||
|
SpacesInParentheses: false
|
||||||
|
|
||||||
|
# 在方括号的[后和]前添加空格,lamda表达式和未指明大小的数组的声明不受影响
|
||||||
|
SpacesInSquareBrackets: false
|
||||||
|
|
||||||
|
# 标准: Cpp03, Cpp11, Auto
|
||||||
|
Standard: Cpp11
|
||||||
|
|
||||||
|
# tab宽度
|
||||||
|
TabWidth: 4
|
||||||
|
|
||||||
|
# 使用tab字符: Never, ForIndentation, ForContinuationAndIndentation, Always
|
||||||
|
UseTab: Never
|
@ -1,7 +1,7 @@
|
|||||||
|
|
||||||
CC=gcc
|
CC=gcc
|
||||||
|
|
||||||
PROGRAM=sample_client sample_server
|
PROGRAM=client server
|
||||||
|
|
||||||
LIBSSL_LIBS=-lsasl2
|
LIBSSL_LIBS=-lsasl2
|
||||||
|
|
||||||
@ -14,17 +14,17 @@ all: $(PROGRAM)
|
|||||||
@echo "build seccess!"
|
@echo "build seccess!"
|
||||||
@echo ""
|
@echo ""
|
||||||
|
|
||||||
sample_client:sample-client.c
|
client:sample-client.c
|
||||||
$(CC) -g -c sample-client.c $(FINAL_FLAG)
|
$(CC) -g -c sample-client.c $(FINAL_FLAG)
|
||||||
$(CC) -g -o sample_client sample-client.o $(FINAL_FLAG)
|
$(CC) -g -o client sample-client.o $(FINAL_FLAG)
|
||||||
rm *.o
|
rm *.o
|
||||||
|
|
||||||
sample_server:sample-server.c
|
server:sample-server.c
|
||||||
$(CC) -g -c sample-server.c $(FINAL_FLAG)
|
$(CC) -g -c sample-server.c $(FINAL_FLAG)
|
||||||
$(CC) -g -o sample_server sample-server.o $(FINAL_FLAG)
|
$(CC) -g -o server sample-server.o $(FINAL_FLAG)
|
||||||
rm *.o
|
rm *.o
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
rm sample_server sample_client
|
rm server client
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,25 +1,24 @@
|
|||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
#include <sys/types.h>
|
||||||
#include <sasl/sasl.h>
|
#include <sasl/sasl.h>
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
#include <linux/in.h>
|
#include <linux/in.h>
|
||||||
#include <string.h>
|
|
||||||
|
|
||||||
#define SAMPLE_SEC_BUF_SIZE (2048)
|
#define SAMPLE_SEC_BUF_SIZE (2048)
|
||||||
|
|
||||||
char buf[SAMPLE_SEC_BUF_SIZE];
|
char buf[SAMPLE_SEC_BUF_SIZE];
|
||||||
|
|
||||||
static sasl_conn_t *conn = NULL;
|
static sasl_conn_t *conn = NULL;
|
||||||
const char *realm = "DOMAIN.COM";
|
const char *realm = "TEST.COM";
|
||||||
const char *mech = "GSSAPI";
|
const char *mech = "GSSAPI";
|
||||||
const char *iplocal = "127.0.0.1";
|
const char *iplocal = "127.0.0.1";
|
||||||
const char *ipremote = "127.0.0.1";
|
const char *ipremote = "127.0.0.1";
|
||||||
char *searchpath = NULL;
|
char *searchpath = NULL;
|
||||||
const char *service = "zeekling";
|
const char *service = "server";
|
||||||
const char *fqdn = "";
|
const char *fqdn = "hadoop.test.com";
|
||||||
int cfd;
|
int cfd;
|
||||||
|
|
||||||
int init_sasl() {
|
int init_sasl() {
|
||||||
@ -28,6 +27,7 @@ int init_sasl() {
|
|||||||
printf("Initializing libsasl\n");
|
printf("Initializing libsasl\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
printf("sasl_client_init ok\n");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -36,7 +36,7 @@ int connect_server() {
|
|||||||
unsigned short portnum = 2345;
|
unsigned short portnum = 2345;
|
||||||
printf("Hello,welcome to client !\n");
|
printf("Hello,welcome to client !\n");
|
||||||
cfd = socket(AF_INET, SOCK_STREAM, 0);
|
cfd = socket(AF_INET, SOCK_STREAM, 0);
|
||||||
if(-1 == cfd) {
|
if (-1 == cfd) {
|
||||||
printf("socket fail ! \n");
|
printf("socket fail ! \n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -46,7 +46,7 @@ int connect_server() {
|
|||||||
s_add.sin_addr.s_addr = inet_addr("127.0.0.1");
|
s_add.sin_addr.s_addr = inet_addr("127.0.0.1");
|
||||||
s_add.sin_port = htons(portnum);
|
s_add.sin_port = htons(portnum);
|
||||||
|
|
||||||
if(-1 == connect(cfd,(struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
|
if (-1 == connect(cfd, (struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
|
||||||
printf("connect fail !\n");
|
printf("connect fail !\n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -54,35 +54,63 @@ int connect_server() {
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int readTicket(char *ticket) {
|
||||||
|
char len_str[10] = {0};
|
||||||
|
int recbytes;
|
||||||
|
if (-1 == (recbytes = read(cfd, len_str, 10))) {
|
||||||
|
printf("read len fail !\n");
|
||||||
|
close(cfd);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
char buffer[1024] = {0};
|
||||||
|
int len = atoi(len_str);
|
||||||
|
printf("read len=%s\n", len_str);
|
||||||
|
if (-1 == (recbytes = read(cfd, ticket, len))) {
|
||||||
|
printf("read data fail !\n");
|
||||||
|
close(cfd);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
return len;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
void writeTicket(char *data, unsigned len) {
|
||||||
|
char len_str[10] = {0};
|
||||||
|
sprintf(len_str, "%d", len);
|
||||||
|
if (-1 == write(cfd, len_str, 10)) {
|
||||||
|
printf("write failed\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
if (-1 == write(cfd, data, len)) {
|
||||||
|
printf("write failed\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
int auth_sever() {
|
int auth_sever() {
|
||||||
int result = sasl_client_new("sample", fqdn, "127.0.0.1",
|
printf("begin auth\n");
|
||||||
"127.0.0.1", NULL, 0, &conn);
|
int result = sasl_client_new("server", fqdn, NULL, NULL, NULL, 0, &conn);
|
||||||
if (result != SASL_OK) {
|
if (result != SASL_OK) {
|
||||||
printf("client new client failed\n");
|
printf("client new client failed\n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
char *data = NULL;
|
char data[1024] = {0};
|
||||||
unsigned len = 0;
|
unsigned len = 0;
|
||||||
|
printf("begin sasl_client_start\n");
|
||||||
result = sasl_client_start(conn, mech, NULL, &data, &len, &mech);
|
result = sasl_client_start(conn, mech, NULL, &data, &len, &mech);
|
||||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||||
printf("client auth start failed error:%s\n", sasl_errdetail(conn));
|
printf("client auth start failed error:%s\n", sasl_errdetail(conn));
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
//data[len] = '\0';
|
||||||
|
printf("sasl_client_start ok: ticket=%s, len=%d\n", data, len);
|
||||||
while (1) {
|
while (1) {
|
||||||
//todo 多次认证
|
char len_str[10] = {0};
|
||||||
printf("write data %s, %d", data, len);
|
writeTicket(data, len);
|
||||||
if(-1 == write(cfd, data, len)) {
|
char *buffer;
|
||||||
printf("write failed\n");
|
int size = readTicket(buffer);
|
||||||
return 1;
|
|
||||||
}
|
result = sasl_client_step(conn, buffer, size, NULL, &data, &len);
|
||||||
int recbytes = 0;
|
|
||||||
char *buffer = NULL;
|
|
||||||
if (read(recbytes = read(cfd, buffer, 1024)) == -1) {
|
|
||||||
printf("read error\n");
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
printf("receive %s %d", buffer, recbytes);
|
|
||||||
result = sasl_client_step(conn, buffer, recbytes, NULL, &data, &len);
|
|
||||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||||
printf("auth failed, %s\n", sasl_errdetail(conn));
|
printf("auth failed, %s\n", sasl_errdetail(conn));
|
||||||
return 1;
|
return 1;
|
||||||
@ -102,10 +130,9 @@ int main() {
|
|||||||
|
|
||||||
int recbytes;
|
int recbytes;
|
||||||
int sin_size;
|
int sin_size;
|
||||||
char buffer[1024]={0};
|
char buffer[1024] = {0};
|
||||||
|
|
||||||
if (connect_server() != 0)
|
if (connect_server() != 0) {
|
||||||
{
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -113,7 +140,7 @@ int main() {
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(-1 == (recbytes = read(cfd, buffer, 1024))) {
|
if (-1 == (recbytes = read(cfd, buffer, 1024))) {
|
||||||
printf("read data fail !\n");
|
printf("read data fail !\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -124,8 +151,8 @@ int main() {
|
|||||||
}
|
}
|
||||||
printf("auth ok\nREC:\n");
|
printf("auth ok\nREC:\n");
|
||||||
|
|
||||||
buffer[recbytes]='\0';
|
buffer[recbytes] = '\0';
|
||||||
printf("%s\n",buffer);
|
printf("%s\n", buffer);
|
||||||
|
|
||||||
auth_sever();
|
auth_sever();
|
||||||
|
|
||||||
@ -137,5 +164,3 @@ int main() {
|
|||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -9,9 +9,11 @@
|
|||||||
#include <sasl/sasl.h>
|
#include <sasl/sasl.h>
|
||||||
|
|
||||||
int sfp;
|
int sfp;
|
||||||
struct sockaddr_in s_add,c_add;
|
struct sockaddr_in s_add, c_add;
|
||||||
int sin_size;
|
int sin_size;
|
||||||
|
|
||||||
|
char *server = "server";
|
||||||
|
|
||||||
typedef struct kClient {
|
typedef struct kClient {
|
||||||
int fp;
|
int fp;
|
||||||
int auth_complete;
|
int auth_complete;
|
||||||
@ -20,28 +22,26 @@ typedef struct kClient {
|
|||||||
} kClient;
|
} kClient;
|
||||||
|
|
||||||
int listen_port() {
|
int listen_port() {
|
||||||
unsigned short portnum=2345;
|
unsigned short portnum = 2345;
|
||||||
|
|
||||||
sfp = socket(AF_INET, SOCK_STREAM, 0);
|
sfp = socket(AF_INET, SOCK_STREAM, 0);
|
||||||
if(-1 == sfp) {
|
if (-1 == sfp) {
|
||||||
printf("socket fail ! \n");
|
printf("socket fail ! \n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* 填充服务器端口地址信息,以便下面使用此地址和端口监听 */
|
/* 填充服务器端口地址信息,以便下面使用此地址和端口监听 */
|
||||||
bzero(&s_add,sizeof(struct sockaddr_in));
|
bzero(&s_add, sizeof(struct sockaddr_in));
|
||||||
s_add.sin_family=AF_INET;
|
s_add.sin_family = AF_INET;
|
||||||
s_add.sin_addr.s_addr=htonl(INADDR_ANY); /* 这里地址使用全0,即所有 */
|
s_add.sin_addr.s_addr = htonl(INADDR_ANY); /* 这里地址使用全0,即所有 */
|
||||||
s_add.sin_port=htons(portnum);
|
s_add.sin_port = htons(portnum);
|
||||||
/* 使用bind进行绑定端口 */
|
/* 使用bind进行绑定端口 */
|
||||||
if(-1 == bind(sfp,(struct sockaddr *)(&s_add), sizeof(struct sockaddr)))
|
if (-1 == bind(sfp, (struct sockaddr *)(&s_add), sizeof(struct sockaddr))) {
|
||||||
{
|
|
||||||
printf("bind fail !\n");
|
printf("bind fail !\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
/* 开始监听相应的端口 */
|
/* 开始监听相应的端口 */
|
||||||
if(-1 == listen(sfp,5))
|
if (-1 == listen(sfp, 5)) {
|
||||||
{
|
|
||||||
printf("listen fail !\n");
|
printf("listen fail !\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -59,80 +59,95 @@ kClient *createClient(int fp) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
int auth_client(kClient *c) {
|
int auth_client(kClient *c) {
|
||||||
if (!c->begin_auth && sasl_server_new("sample", "DOMAIN.COM",
|
if (!c->begin_auth) {
|
||||||
"DOMAIN.COM", "127.0.0.1", "127.0.0.1", NULL,
|
int result = sasl_server_new(server, "hadoop.test.com", "TEST.COM", NULL, NULL, NULL, 0, &c->conn);
|
||||||
0, &c->conn) == SASL_OK) {
|
if (result != SASL_OK) {
|
||||||
printf("Allocating sasl connection state");
|
printf("Allocating sasl connection state, %s\n", sasl_errdetail(c->conn));
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const char *mech = "GSSAPI";
|
const char *mech = "GSSAPI";
|
||||||
int recbytes;
|
char buffer[1024] = {0};
|
||||||
char buffer[1024]={0};
|
int client_len = readTicket(c, buffer);
|
||||||
if ((recbytes = read(c->fp, buffer, 1024)) == -1) {
|
|
||||||
printf("read failed\n");
|
|
||||||
close(c->fp);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
buffer[recbytes] = '\0';
|
|
||||||
char *out;
|
char *out;
|
||||||
unsigned len = 0;
|
unsigned len = 0;
|
||||||
int result = sasl_server_start(c->conn, mech, buffer, recbytes, &out, &len);
|
buffer[client_len] = '\n';
|
||||||
|
printf("ticket=%s, len=%d\n", buffer, client_len);
|
||||||
|
int result = sasl_server_start(c->conn, mech, buffer, client_len, &out, &len);
|
||||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||||
printf("auth failed ,%s\n", sasl_errdetail(c->conn));
|
printf("auth failed ,%s, result=%d\n", sasl_errdetail(c->conn), result);
|
||||||
write(c->fp, "auth failed\n", 11);
|
write(c->fp, "auth failed\n", 11);
|
||||||
close(c->fp);
|
close(c->fp);
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
printf("sasl_server_start ok\n");
|
||||||
while (result == SASL_CONTINUE) {
|
while (result == SASL_CONTINUE) {
|
||||||
if (write(c->fp, out, len) == -1) {
|
writeTicket(c, out, len);
|
||||||
printf("write failed\n");
|
client_len = readTicket(c, buffer);
|
||||||
return 1;
|
result = sasl_server_step(c->conn, buffer, client_len, &out, &len);
|
||||||
}
|
|
||||||
if (recbytes = read(c->fp, buffer, 1024)) {
|
|
||||||
printf("write failed\n");
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
result = sasl_server_step(c->conn, buffer, recbytes, &out, &len);
|
|
||||||
if (result != SASL_OK && result != SASL_CONTINUE) {
|
if (result != SASL_OK && result != SASL_CONTINUE) {
|
||||||
printf("auth failed ,%s\n", sasl_errdetail(c->conn));
|
printf("auth failed ,%s\n", sasl_errdetail(c->conn));
|
||||||
write(c->fp, "auth failed\n", 11);
|
write(c->fp, "auth failed\n", 11);
|
||||||
close(c->fp);
|
close(c->fp);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
printf("sasl_server_start ok");
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int readTicket(kClient *c, char *ticket) {
|
||||||
|
char len_str[10] = {0};
|
||||||
|
int recbytes;
|
||||||
|
if (-1 == (recbytes = read(c->fp, len_str, 25))) {
|
||||||
|
printf("read len fail !\n");
|
||||||
|
close(c->fp);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
int len = atoi(len_str);
|
||||||
|
printf("read len=%s\n", len_str);
|
||||||
|
if (-1 == (recbytes = read(c->fp, ticket, len))) {
|
||||||
|
printf("read data fail !\n");
|
||||||
|
close(c->fp);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
return len;
|
||||||
|
}
|
||||||
|
|
||||||
|
void writeTicket(kClient *c, char *data, unsigned len) {
|
||||||
|
char len_str[10] = {0};
|
||||||
|
sprintf(len_str, "%d", len);
|
||||||
|
if (-1 == write(c->fp, len_str, 10)) {
|
||||||
|
printf("write failed\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
if (-1 == write(c->fp, data, len)) {
|
||||||
|
printf("write failed\n");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
void readQuery(kClient *c) {
|
void readQuery(kClient *c) {
|
||||||
char buffer[1024]={0};
|
char buffer[1024] = {0};
|
||||||
int recbytes;
|
int recbytes;
|
||||||
/* 这里使用write向客户端发送信息,也可以尝试使用其他函数实现 */
|
/* 这里使用write向客户端发送信息,也可以尝试使用其他函数实现 */
|
||||||
if(-1 == write(c->fp,"need_auth",9))
|
if (-1 == write(c->fp, "need_auth", 9)) {
|
||||||
{
|
|
||||||
printf("write fail!\n");
|
printf("write fail!\n");
|
||||||
close(c->fp);
|
close(c->fp);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
printf("write ok!\n");
|
|
||||||
while (1) {
|
if (auth_client(c) != 0) {
|
||||||
if(-1 == (recbytes = read(c->fp,buffer,1024))) {
|
|
||||||
printf("read data fail !\n");
|
|
||||||
close(c->fp);
|
|
||||||
}
|
|
||||||
if (c->auth_complete != 1 && auth_client(c) != 0) {
|
|
||||||
printf("auth failed!\n");
|
printf("auth failed!\n");
|
||||||
break;
|
return;
|
||||||
}
|
|
||||||
if(-1 == write(c->fp,"need_auth",9)) {
|
|
||||||
printf("write fail!\n");
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
close(c->fp);
|
close(c->fp);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int init_sasl() {
|
int init_sasl() {
|
||||||
int result = sasl_server_init(NULL, "sample");
|
int result = sasl_server_init(NULL, server);
|
||||||
if (result != SASL_OK) {
|
if (result != SASL_OK) {
|
||||||
printf("Initializing libsasl");
|
printf("Initializing libsasl");
|
||||||
return 1;
|
return 1;
|
||||||
@ -140,18 +155,15 @@ int init_sasl() {
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int main()
|
int main() {
|
||||||
{
|
if (listen_port() != 0) {
|
||||||
if (listen_port() != 0 && init_sasl() != 0)
|
|
||||||
{
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
while(1)
|
init_sasl();
|
||||||
{
|
while (1) {
|
||||||
sin_size = sizeof(struct sockaddr_in);
|
sin_size = sizeof(struct sockaddr_in);
|
||||||
int nfp = accept(sfp, (struct sockaddr *)(&c_add), &sin_size);
|
int nfp = accept(sfp, (struct sockaddr *)(&c_add), &sin_size);
|
||||||
if(-1 == nfp)
|
if (-1 == nfp) {
|
||||||
{
|
|
||||||
printf("accept fail !\r\n");
|
printf("accept fail !\r\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -163,5 +175,3 @@ int main()
|
|||||||
close(sfp);
|
close(sfp);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
PWD=$(pwd)
|
PWD=$(pwd)
|
||||||
export KRB5_CONFIG=${PWD}/server/krb5.conf
|
export KRB5_CONFIG=${PWD}/server/krb5.conf
|
||||||
export KRB5CCNAME=/tmp/krb5cc_hadoop_1000
|
export KRB5CCNAME=/tmp/krb5cc_hadoop_1000
|
||||||
|
export KRB5_KTNAME=${PWD}/server/hadoop.keytab
|
||||||
|
Loading…
Reference in New Issue
Block a user