taclib_private.h revision 41120
1/*- 2 * Copyright 1998 Juniper Networks, Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD: cvs2svn/branches/JUNIPER/lib/libtacplus/taclib_private.h 41120 1998-11-13 00:54:26Z jdp $ 27 */ 28 29#ifndef TACLIB_PRIVATE_H 30#define TACLIB_PRIVATE_H 31 32#include "taclib.h" 33 34/* Defaults */ 35#define PATH_TACPLUS_CONF "/etc/tacplus.conf" 36#define TACPLUS_PORT 49 37#define TIMEOUT 3 /* In seconds */ 38 39/* Limits */ 40#define BODYSIZE 8150 /* Maximum message body size */ 41#define ERRSIZE 128 /* Maximum error message length */ 42#define MAXCONFLINE 1024 /* Maximum config file line length */ 43#define MAXSERVERS 10 /* Maximum number of servers to try */ 44 45/* Protocol constants. */ 46#define HDRSIZE 12 /* Size of message header */ 47 48/* Protocol version number */ 49#define TAC_VER_MAJOR 0xc /* Major version number */ 50 51/* Protocol packet types */ 52#define TAC_AUTHEN 0x01 /* Authentication */ 53#define TAC_AUTHOR 0x02 /* Authorization */ 54#define TAC_ACCT 0x03 /* Accouting */ 55 56/* Protocol header flags */ 57#define TAC_UNENCRYPTED 0x01 58#define TAC_SINGLE_CONNECT 0x04 59 60struct tac_server { 61 struct sockaddr_in addr; /* Address of server */ 62 char *secret; /* Shared secret */ 63 int timeout; /* Timeout in seconds */ 64 int flags; 65}; 66 67/* 68 * An optional string of bytes specified by the client for inclusion in 69 * a request. The data is always a dynamically allocated copy that 70 * belongs to the library. It is copied into the request packet just 71 * before sending the request. 72 */ 73struct clnt_str { 74 void *data; 75 size_t len; 76}; 77 78/* 79 * An optional string of bytes from a server response. The data resides 80 * in the response packet itself, and must not be freed. 81 */ 82struct srvr_str { 83 const void *data; 84 size_t len; 85}; 86 87struct tac_authen_start { 88 u_int8_t action; 89 u_int8_t priv_lvl; 90 u_int8_t authen_type; 91 u_int8_t service; 92 u_int8_t user_len; 93 u_int8_t port_len; 94 u_int8_t rem_addr_len; 95 u_int8_t data_len; 96 unsigned char rest[1]; 97}; 98 99struct tac_authen_reply { 100 u_int8_t status; 101 u_int8_t flags; 102 u_int16_t msg_len; 103 u_int16_t data_len; 104 unsigned char rest[1]; 105}; 106 107struct tac_authen_cont { 108 u_int16_t user_msg_len; 109 u_int16_t data_len; 110 u_int8_t flags; 111 unsigned char rest[1]; 112}; 113 114struct tac_msg { 115 u_int8_t version; 116 u_int8_t type; 117 u_int8_t seq_no; 118 u_int8_t flags; 119 u_int8_t session_id[4]; 120 u_int32_t length; 121 union { 122 struct tac_authen_start authen_start; 123 struct tac_authen_reply authen_reply; 124 struct tac_authen_cont authen_cont; 125 unsigned char body[BODYSIZE]; 126 } u; 127}; 128 129struct tac_handle { 130 int fd; /* Socket file descriptor */ 131 struct tac_server servers[MAXSERVERS]; /* Servers to contact */ 132 int num_servers; /* Number of valid server entries */ 133 int cur_server; /* Server we are currently using */ 134 int single_connect; /* Use a single connection */ 135 int last_seq_no; 136 char errmsg[ERRSIZE]; /* Most recent error message */ 137 138 struct clnt_str user; 139 struct clnt_str port; 140 struct clnt_str rem_addr; 141 struct clnt_str data; 142 struct clnt_str user_msg; 143 144 struct tac_msg request; 145 struct tac_msg response; 146 147 int srvr_pos; /* Scan position in response body */ 148 struct srvr_str srvr_msg; 149 struct srvr_str srvr_data; 150}; 151 152#endif 153