mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-23 21:21:05 +01:00
b3e7694832
Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/
197 lines
5.3 KiB
C
197 lines
5.3 KiB
C
/*-
|
|
* SPDX-License-Identifier: BSD-2-Clause
|
|
*
|
|
* Copyright (c) 1998, 2001, Juniper Networks, Inc.
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#ifndef TACLIB_PRIVATE_H
|
|
#define TACLIB_PRIVATE_H
|
|
|
|
#include "taclib.h"
|
|
|
|
/* Defaults */
|
|
#define PATH_TACPLUS_CONF "/etc/tacplus.conf"
|
|
#define TACPLUS_PORT 49
|
|
#define TIMEOUT 3 /* In seconds */
|
|
|
|
/* Limits */
|
|
#define BODYSIZE 8150 /* Maximum message body size */
|
|
#define ERRSIZE 128 /* Maximum error message length */
|
|
#define MAXCONFLINE 1024 /* Maximum config file line length */
|
|
#define MAXSERVERS 10 /* Maximum number of servers to try */
|
|
#define MAXAVPAIRS 255 /* Maximum number of AV pairs */
|
|
|
|
/* Protocol constants. */
|
|
#define HDRSIZE 12 /* Size of message header */
|
|
|
|
/* Protocol version number */
|
|
#define TAC_VER_MAJOR 0xc /* Major version number */
|
|
|
|
/* Protocol packet types */
|
|
#define TAC_AUTHEN 0x01 /* Authentication */
|
|
#define TAC_AUTHOR 0x02 /* Authorization */
|
|
#define TAC_ACCT 0x03 /* Accouting */
|
|
|
|
/* Protocol header flags */
|
|
#define TAC_UNENCRYPTED 0x01
|
|
#define TAC_SINGLE_CONNECT 0x04
|
|
|
|
struct tac_str {
|
|
char *data;
|
|
size_t len;
|
|
};
|
|
|
|
struct tac_authen_start {
|
|
u_int8_t action;
|
|
u_int8_t priv_lvl;
|
|
u_int8_t authen_type;
|
|
u_int8_t service;
|
|
u_int8_t user_len;
|
|
u_int8_t port_len;
|
|
u_int8_t rem_addr_len;
|
|
u_int8_t data_len;
|
|
unsigned char rest[1];
|
|
};
|
|
|
|
struct tac_authen_reply {
|
|
u_int8_t status;
|
|
u_int8_t flags;
|
|
u_int16_t msg_len;
|
|
u_int16_t data_len;
|
|
unsigned char rest[1];
|
|
};
|
|
|
|
struct tac_authen_cont {
|
|
u_int16_t user_msg_len;
|
|
u_int16_t data_len;
|
|
u_int8_t flags;
|
|
unsigned char rest[1];
|
|
};
|
|
|
|
struct tac_author_request {
|
|
u_int8_t authen_meth;
|
|
u_int8_t priv_lvl;
|
|
u_int8_t authen_type;
|
|
u_int8_t service;
|
|
u_int8_t user_len;
|
|
u_int8_t port_len;
|
|
u_int8_t rem_addr_len;
|
|
u_int8_t av_cnt;
|
|
unsigned char rest[1];
|
|
};
|
|
|
|
struct tac_author_response {
|
|
u_int8_t status;
|
|
u_int8_t av_cnt;
|
|
u_int16_t msg_len;
|
|
u_int16_t data_len;
|
|
unsigned char rest[1];
|
|
};
|
|
|
|
struct tac_acct_start {
|
|
u_int8_t action;
|
|
u_int8_t authen_action;
|
|
u_int8_t priv_lvl;
|
|
u_int8_t authen_type;
|
|
u_int8_t authen_service;
|
|
u_int8_t user_len;
|
|
u_int8_t port_len;
|
|
u_int8_t rem_addr_len;
|
|
u_int8_t av_cnt;
|
|
unsigned char rest[1];
|
|
};
|
|
|
|
struct tac_acct_reply {
|
|
u_int16_t msg_len;
|
|
u_int16_t data_len;
|
|
u_int8_t status;
|
|
unsigned char rest[1];
|
|
};
|
|
|
|
struct tac_msg {
|
|
u_int8_t version;
|
|
u_int8_t type;
|
|
u_int8_t seq_no;
|
|
u_int8_t flags;
|
|
u_int8_t session_id[4];
|
|
u_int32_t length;
|
|
union {
|
|
struct tac_authen_start authen_start;
|
|
struct tac_authen_reply authen_reply;
|
|
struct tac_authen_cont authen_cont;
|
|
struct tac_author_request author_request;
|
|
struct tac_author_response author_response;
|
|
struct tac_acct_start acct_start;
|
|
struct tac_acct_reply acct_reply;
|
|
unsigned char body[BODYSIZE];
|
|
} u;
|
|
};
|
|
|
|
struct tac_server {
|
|
struct sockaddr_in addr; /* Address of server */
|
|
char *secret; /* Shared secret */
|
|
int timeout; /* Timeout in seconds */
|
|
int flags;
|
|
unsigned int navs;
|
|
struct tac_str avs[MAXAVPAIRS];
|
|
};
|
|
|
|
struct tac_handle {
|
|
int fd; /* Socket file descriptor */
|
|
struct tac_server servers[MAXSERVERS]; /* Servers to contact */
|
|
int num_servers; /* Number of valid server entries */
|
|
int cur_server; /* Server we are currently using */
|
|
int single_connect; /* Use a single connection */
|
|
int last_seq_no;
|
|
char errmsg[ERRSIZE]; /* Most recent error message */
|
|
|
|
struct tac_str user;
|
|
struct tac_str port;
|
|
struct tac_str rem_addr;
|
|
struct tac_str data;
|
|
struct tac_str user_msg;
|
|
struct tac_str avs[MAXAVPAIRS];
|
|
|
|
struct tac_msg request;
|
|
struct tac_msg response;
|
|
|
|
int srvr_pos; /* Scan position in response body */
|
|
unsigned int srvr_navs;
|
|
struct tac_str srvr_msg;
|
|
struct tac_str srvr_data;
|
|
struct tac_str srvr_avs[MAXAVPAIRS];
|
|
};
|
|
|
|
#define is_alpha(ch) /* alphabetical */ \
|
|
(((ch) >= 'A' && (ch) <= 'Z') || ((ch) >= 'a' && (ch) <= 'z'))
|
|
#define is_num(ch) /* numerical */ \
|
|
((ch) >= '0' && (ch) <= '9')
|
|
#define is_alnum(ch) /* alphanumerical */ \
|
|
(is_alpha(ch) || is_num(ch))
|
|
#define is_arg(ch) /* valid in an argument name */ \
|
|
(is_alnum(ch) || (ch) == '_' || (ch) == '-')
|
|
|
|
#endif
|