2023-10-06 02:32:55 +00:00
8 changed files with 49 additions and 12 deletions
--- a/.gitignore
+++ b/.gitignore
@ -179,3 +179,4 @@ a.out
 sample/server
 sample/client
 sample/core
 *.keytab
--- a/sample/client.py
+++ b/sample/client.py
@ -20,13 +20,13 @@ def recv_data():
    return data
 curr_path = os.getcwd()
-os.environ["KRB5_CONFIG"] = curr_path + "/client/krb5.conf"
+os.environ["KRB5_CONFIG"] = curr_path + "/krb5.conf"
 os.environ["KRB5CCNAME"]  = "/tmp/krb5cc_cli_1000"
-os.environ["KRB5_KTNAME"] = curr_path + "/client/cli.keytab"
+os.environ["KRB5_KTNAME"] = curr_path + "/cli.keytab"
 os.environ["KRB5_TRACE"] = "/tmp/client.log"
-principal = "cli@TEST.COM"
+principal = "cli@TEST.HADOOP.COM"
-res = subprocess.call(["kinit", "-kt", "client/cli.keytab", principal])
+res = subprocess.call(["kinit", "-kt", "cli.keytab", principal])
 subprocess.call(["klist"])
 name = gssapi.Name(principal)
--- a/sample/kinit_client.sh
+++ b/sample/kinit_client.sh
@ -0,0 +1,9 @@
 #!/usr/bin/env bash 
 #
 export KRB5CCNAME=/tmp/krb5cc_cli_1000
 export KRB5_CONFIG="/home/zeekling/project/gitea/kerberosTest/sample/krb5.conf"
 kinit -kt ./cli.keytab cli
 klist
--- a/sample/kinit_server.sh
+++ b/sample/kinit_server.sh
@ -0,0 +1,9 @@
 #!/usr/bin/env bash 
 #
 export KRB5CCNAME=/tmp/krb5_server_1000
 export KRB5_CONFIG="/home/zeekling/project/gitea/kerberosTest/sample/krb5.conf"
 kinit -kt ./hadoop.keytab server/hadoop.test.hadoop.com@TEST.HADOOP.COM
 klist
--- a/sample/krb5.conf
+++ b/sample/krb5.conf
@ -0,0 +1,18 @@
 [logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log
 [libdefaults]
 default_realm = TEST.HADOOP.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true
 [realms]
 TEST.HADOOP.COM = {
  kdc = krb5-kdc-server:88
  admin_server = krb5-kdc-server
 }
--- a/sample/sample-client.c
+++ b/sample/sample-client.c
@ -12,13 +12,13 @@
 char buf[SAMPLE_SEC_BUF_SIZE];
 static sasl_conn_t *conn = NULL;
-const char *realm = "TEST.COM";
+const char *realm = "TEST.HADOOP.COM";
 const char *mech = "GSSAPI";
 const char *iplocal = "127.0.0.1";
 const char *ipremote = "127.0.0.1";
 char *searchpath = NULL;
 const char *service = "server";
-const char *fqdn = "hadoop.test.com";
+const char *fqdn = "hadoop.test.hadoop.com";
 int cfd;
 int init_sasl() {
--- a/sample/sample-server.c
+++ b/sample/sample-server.c
@ -60,7 +60,7 @@ kClient *createClient(int fp) {
 int auth_client(kClient *c) {
    if (!c->begin_auth) {
-        int result = sasl_server_new(server, "hadoop.test.com", "TEST.COM", NULL, NULL, NULL, 0, &c->conn);
+        int result = sasl_server_new(server, "hadoop.test.hadoop.com", "TEST.HADOOP.COM", NULL, NULL, NULL, 0, &c->conn);
        if (result != SASL_OK) {
            printf("Allocating sasl connection state, %s\n", sasl_errdetail(c->conn));
            return 1;
--- a/sample/server.py
+++ b/sample/server.py
@ -22,16 +22,16 @@ def recv_data(cli:socket):
 # 设置环境变量
-principal = "server/hadoop.test.com@TEST.COM"
+principal = "server/hadoop.test.hadoop.com@TEST.HADOOP.COM"
 curr_path = os.getcwd()
-os.environ["KRB5_CONFIG"] = curr_path + "/server/krb5.conf"
+os.environ["KRB5_CONFIG"] = curr_path + "/krb5.conf"
-os.environ["KRB5_KTNAME"] = curr_path + "/server/hadoop.keytab"
+os.environ["KRB5_KTNAME"] = curr_path + "/hadoop.keytab"
-os.environ["KRB5CCNAME"] = "/tmp/krb5cc_hadoop_1000"
+os.environ["KRB5CCNAME"] = "/tmp/krb5_server_1000"
 os.environ["KRB5_TRACE"] = "/tmp/server.log"
 kinit_res = subprocess.call(["kinit", "-kt", os.environ["KRB5_KTNAME"], principal])
 klist_res = subprocess.call(["klist"])
-name = gssapi.Name("server/hadoop.test.com", name_type=gssapi.NameType.kerberos_principal)
+name = gssapi.Name("server/hadoop.test.hadoop.com", name_type=gssapi.NameType.kerberos_principal)
 cname = name.canonicalize(gssapi.MechType.kerberos)
 print(cname)