Add the DragonFly cvs id and perform general cleanups on cvs/rcs/sccs ids. Most
[dragonfly.git] / lib / libtacplus / taclib_private.h
CommitLineData
984263bc
MD
1/*-
2 * Copyright (c) 1998, 2001, Juniper Networks, Inc.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $FreeBSD: src/lib/libtacplus/taclib_private.h,v 1.1.1.1.6.1 2002/10/09 08:50:42 pst Exp $
1de703da 27 * $DragonFly: src/lib/libtacplus/taclib_private.h,v 1.2 2003/06/17 04:26:51 dillon Exp $
984263bc
MD
28 */
29
30#ifndef TACLIB_PRIVATE_H
31#define TACLIB_PRIVATE_H
32
33#include "taclib.h"
34
35/* Defaults */
36#define PATH_TACPLUS_CONF "/etc/tacplus.conf"
37#define TACPLUS_PORT 49
38#define TIMEOUT 3 /* In seconds */
39
40/* Limits */
41#define BODYSIZE 8150 /* Maximum message body size */
42#define ERRSIZE 128 /* Maximum error message length */
43#define MAXCONFLINE 1024 /* Maximum config file line length */
44#define MAXSERVERS 10 /* Maximum number of servers to try */
45#define MAXAVPAIRS 255 /* Maximum number of AV pairs */
46
47/* Protocol constants. */
48#define HDRSIZE 12 /* Size of message header */
49
50/* Protocol version number */
51#define TAC_VER_MAJOR 0xc /* Major version number */
52
53/* Protocol packet types */
54#define TAC_AUTHEN 0x01 /* Authentication */
55#define TAC_AUTHOR 0x02 /* Authorization */
56#define TAC_ACCT 0x03 /* Accouting */
57
58/* Protocol header flags */
59#define TAC_UNENCRYPTED 0x01
60#define TAC_SINGLE_CONNECT 0x04
61
62struct tac_server {
63 struct sockaddr_in addr; /* Address of server */
64 char *secret; /* Shared secret */
65 int timeout; /* Timeout in seconds */
66 int flags;
67};
68
69/*
70 * An optional string of bytes specified by the client for inclusion in
71 * a request. The data is always a dynamically allocated copy that
72 * belongs to the library. It is copied into the request packet just
73 * before sending the request.
74 */
75struct clnt_str {
76 void *data;
77 size_t len;
78};
79
80/*
81 * An optional string of bytes from a server response. The data resides
82 * in the response packet itself, and must not be freed.
83 */
84struct srvr_str {
85 const void *data;
86 size_t len;
87};
88
89struct tac_authen_start {
90 u_int8_t action;
91 u_int8_t priv_lvl;
92 u_int8_t authen_type;
93 u_int8_t service;
94 u_int8_t user_len;
95 u_int8_t port_len;
96 u_int8_t rem_addr_len;
97 u_int8_t data_len;
98 unsigned char rest[1];
99};
100
101struct tac_authen_reply {
102 u_int8_t status;
103 u_int8_t flags;
104 u_int16_t msg_len;
105 u_int16_t data_len;
106 unsigned char rest[1];
107};
108
109struct tac_authen_cont {
110 u_int16_t user_msg_len;
111 u_int16_t data_len;
112 u_int8_t flags;
113 unsigned char rest[1];
114};
115
116struct tac_author_request {
117 u_int8_t authen_meth;
118 u_int8_t priv_lvl;
119 u_int8_t authen_type;
120 u_int8_t service;
121 u_int8_t user_len;
122 u_int8_t port_len;
123 u_int8_t rem_addr_len;
124 u_int8_t av_cnt;
125 unsigned char rest[1];
126};
127
128struct tac_author_response {
129 u_int8_t status;
130 u_int8_t av_cnt;
131 u_int16_t msg_len;
132 u_int16_t data_len;
133 unsigned char rest[1];
134};
135
136struct tac_msg {
137 u_int8_t version;
138 u_int8_t type;
139 u_int8_t seq_no;
140 u_int8_t flags;
141 u_int8_t session_id[4];
142 u_int32_t length;
143 union {
144 struct tac_authen_start authen_start;
145 struct tac_authen_reply authen_reply;
146 struct tac_authen_cont authen_cont;
147 struct tac_author_request author_request;
148 struct tac_author_response author_response;
149 unsigned char body[BODYSIZE];
150 } u;
151};
152
153struct tac_handle {
154 int fd; /* Socket file descriptor */
155 struct tac_server servers[MAXSERVERS]; /* Servers to contact */
156 int num_servers; /* Number of valid server entries */
157 int cur_server; /* Server we are currently using */
158 int single_connect; /* Use a single connection */
159 int last_seq_no;
160 char errmsg[ERRSIZE]; /* Most recent error message */
161
162 struct clnt_str user;
163 struct clnt_str port;
164 struct clnt_str rem_addr;
165 struct clnt_str data;
166 struct clnt_str user_msg;
167 struct clnt_str avs[MAXAVPAIRS];
168
169 struct tac_msg request;
170 struct tac_msg response;
171
172 int srvr_pos; /* Scan position in response body */
173 struct srvr_str srvr_msg;
174 struct srvr_str srvr_data;
175 struct srvr_str srvr_avs[MAXAVPAIRS];
176};
177
178#endif