1#!/usr/local/bin/perl 2 3# simple_client 4# uses mk_req & mk_priv to send an authenticated and encrypted message 5 6use blib; # remove if not in module build directory 7use IO::Socket; 8use Authen::Krb5 (ADDRTYPE_INET,ADDRTYPE_IPPORT); 9 10# replace with your own stuff 11$SERVICE = "sample"; 12$SERVER = "server.domain.edu"; 13 14Authen::Krb5::init_context(); 15 16$ac = new Authen::Krb5::AuthContext; 17 18$s = new IO::Socket::INET( 19 PeerAddr => $SERVER, 20 PeerPort => 12345, 21 Proto => 'tcp' 22); 23defined $s or die $!; 24 25$cc = Authen::Krb5::cc_default(); 26$d = Authen::Krb5::mk_req($ac,0,$SERVICE,$SERVER,'testing',$cc); 27unless ($d) { 28 print "mk_req error: ",Authen::Krb5::error(),"\n"; 29 exit(1); 30} 31 32# set local and remote addresses, using network byte order 33$addr = new Authen::Krb5::Address(ADDRTYPE_INET,pack("N",$s->sockaddr())); 34$ports = new Authen::Krb5::Address(ADDRTYPE_IPPORT,pack("n",$s->sockport())); 35$ac->setaddrs($addr,undef); 36$ac->setports($ports,undef); 37 38# create the replay cache 39($l,$r) = $ac->getaddrs(); 40$lap = Authen::Krb5::gen_portaddr($l,$s->sockport()); 41$rcn = Authen::Krb5::gen_replay_name($lap,"foobar"); 42$rc = Authen::Krb5::get_server_rcache($rcn); 43$ac->setrcache($rc); 44 45#encrypt the message 46$enc = Authen::Krb5::mk_priv($ac,"There's more than one way to do it."); 47unless ($enc) { 48 print "mk_priv error: ",Authen::Krb5::error(),"\n"; 49 exit(1); 50} 51 52print $s $d."__END\n".$enc."__END\n"; 53print "Sent authentication info and encrypted message.\n"; 54 55close($s); 56 57Authen::Krb5::free_context(); 58