2 * Copyright 1998 Juniper Networks, Inc.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #ifndef TACLIB_PRIVATE_H
30 #define TACLIB_PRIVATE_H
35 #define PATH_TACPLUS_CONF "/etc/tacplus.conf"
36 #define TACPLUS_PORT 49
37 #define TIMEOUT 3 /* In seconds */
40 #define BODYSIZE 8150 /* Maximum message body size */
41 #define ERRSIZE 128 /* Maximum error message length */
42 #define MAXCONFLINE 1024 /* Maximum config file line length */
43 #define MAXSERVERS 10 /* Maximum number of servers to try */
45 /* Protocol constants. */
46 #define HDRSIZE 12 /* Size of message header */
48 /* Protocol version number */
49 #define TAC_VER_MAJOR 0xc /* Major version number */
51 /* Protocol packet types */
52 #define TAC_AUTHEN 0x01 /* Authentication */
53 #define TAC_AUTHOR 0x02 /* Authorization */
54 #define TAC_ACCT 0x03 /* Accouting */
56 /* Protocol header flags */
57 #define TAC_UNENCRYPTED 0x01
58 #define TAC_SINGLE_CONNECT 0x04
61 struct sockaddr_in addr; /* Address of server */
62 char *secret; /* Shared secret */
63 int timeout; /* Timeout in seconds */
68 * An optional string of bytes specified by the client for inclusion in
69 * a request. The data is always a dynamically allocated copy that
70 * belongs to the library. It is copied into the request packet just
71 * before sending the request.
79 * An optional string of bytes from a server response. The data resides
80 * in the response packet itself, and must not be freed.
87 struct tac_authen_start {
94 u_int8_t rem_addr_len;
96 unsigned char rest[1];
99 struct tac_authen_reply {
104 unsigned char rest[1];
107 struct tac_authen_cont {
108 u_int16_t user_msg_len;
111 unsigned char rest[1];
119 u_int8_t session_id[4];
122 struct tac_authen_start authen_start;
123 struct tac_authen_reply authen_reply;
124 struct tac_authen_cont authen_cont;
125 unsigned char body[BODYSIZE];
130 int fd; /* Socket file descriptor */
131 struct tac_server servers[MAXSERVERS]; /* Servers to contact */
132 int num_servers; /* Number of valid server entries */
133 int cur_server; /* Server we are currently using */
134 int single_connect; /* Use a single connection */
136 char errmsg[ERRSIZE]; /* Most recent error message */
138 struct clnt_str user;
139 struct clnt_str port;
140 struct clnt_str rem_addr;
141 struct clnt_str data;
142 struct clnt_str user_msg;
144 struct tac_msg request;
145 struct tac_msg response;
147 int srvr_pos; /* Scan position in response body */
148 struct srvr_str srvr_msg;
149 struct srvr_str srvr_data;