2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 1998, 2001, Juniper Networks, Inc.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 #ifndef TACLIB_PRIVATE_H
32 #define TACLIB_PRIVATE_H
37 #define PATH_TACPLUS_CONF "/etc/tacplus.conf"
38 #define TACPLUS_PORT 49
39 #define TIMEOUT 3 /* In seconds */
42 #define BODYSIZE 8150 /* Maximum message body size */
43 #define ERRSIZE 128 /* Maximum error message length */
44 #define MAXCONFLINE 1024 /* Maximum config file line length */
45 #define MAXSERVERS 10 /* Maximum number of servers to try */
46 #define MAXAVPAIRS 255 /* Maximum number of AV pairs */
48 /* Protocol constants. */
49 #define HDRSIZE 12 /* Size of message header */
51 /* Protocol version number */
52 #define TAC_VER_MAJOR 0xc /* Major version number */
54 /* Protocol packet types */
55 #define TAC_AUTHEN 0x01 /* Authentication */
56 #define TAC_AUTHOR 0x02 /* Authorization */
57 #define TAC_ACCT 0x03 /* Accouting */
59 /* Protocol header flags */
60 #define TAC_UNENCRYPTED 0x01
61 #define TAC_SINGLE_CONNECT 0x04
64 struct sockaddr_in addr; /* Address of server */
65 char *secret; /* Shared secret */
66 int timeout; /* Timeout in seconds */
71 * An optional string of bytes specified by the client for inclusion in
72 * a request. The data is always a dynamically allocated copy that
73 * belongs to the library. It is copied into the request packet just
74 * before sending the request.
82 * An optional string of bytes from a server response. The data resides
83 * in the response packet itself, and must not be freed.
90 struct tac_authen_start {
97 u_int8_t rem_addr_len;
99 unsigned char rest[1];
102 struct tac_authen_reply {
107 unsigned char rest[1];
110 struct tac_authen_cont {
111 u_int16_t user_msg_len;
114 unsigned char rest[1];
117 struct tac_author_request {
118 u_int8_t authen_meth;
120 u_int8_t authen_type;
124 u_int8_t rem_addr_len;
126 unsigned char rest[1];
129 struct tac_author_response {
134 unsigned char rest[1];
137 struct tac_acct_start {
139 u_int8_t authen_action;
141 u_int8_t authen_type;
142 u_int8_t authen_service;
145 u_int8_t rem_addr_len;
147 unsigned char rest[1];
150 struct tac_acct_reply {
154 unsigned char rest[1];
162 u_int8_t session_id[4];
165 struct tac_authen_start authen_start;
166 struct tac_authen_reply authen_reply;
167 struct tac_authen_cont authen_cont;
168 struct tac_author_request author_request;
169 struct tac_author_response author_response;
170 struct tac_acct_start acct_start;
171 struct tac_acct_reply acct_reply;
172 unsigned char body[BODYSIZE];
177 int fd; /* Socket file descriptor */
178 struct tac_server servers[MAXSERVERS]; /* Servers to contact */
179 int num_servers; /* Number of valid server entries */
180 int cur_server; /* Server we are currently using */
181 int single_connect; /* Use a single connection */
183 char errmsg[ERRSIZE]; /* Most recent error message */
185 struct clnt_str user;
186 struct clnt_str port;
187 struct clnt_str rem_addr;
188 struct clnt_str data;
189 struct clnt_str user_msg;
190 struct clnt_str avs[MAXAVPAIRS];
192 struct tac_msg request;
193 struct tac_msg response;
195 int srvr_pos; /* Scan position in response body */
196 struct srvr_str srvr_msg;
197 struct srvr_str srvr_data;
198 struct srvr_str srvr_avs[MAXAVPAIRS];