GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  NET::TACACSPLUS::PACKET (3)

.ds Aq ’

NAME

Net::TacacsPlus::Packet - Tacacs+ packet object

CONTENTS

SYNOPSIS



        # construct authentication START packet
       
        $pkt = Net::TacacsPlus::Packet->new(
                #header
                type => TAC_PLUS_AUTHEN,
                seq_no => 1,
                flags => 0,
                session_id => $session_id,
                #start
                action => TAC_PLUS_AUTHEN_LOGIN,
                authen_type => TAC_PLUS_AUTHEN_TYPE_(ASCII|PAP),
                key => $secret,
                );
       
       
        # construct authentication CONTINUE packet
       
        $pkt = Net::TacacsPlus::Packet->new(
                #header
                type => TAC_PLUS_AUTHEN,
                seq_no => 3,
                session_id => $session_id,
                #continue
                user_msg => $username,
                data => ,
                key => $secret,
                );
       
        # construct authentication REPLY packet from received raw packet
       
        $reply = Net::TacacsPlus::Packet->new(
                        type => TAC_PLUS_AUTHEN,
                        raw => $raw_reply,
                        key => $secret,
                        );

        # construct authorization REQUEST packet

        $pkt = Net::TacacsPlus::Packet->new(
                #header
                type => TAC_PLUS_AUTHOR,
                seq_no => 1,
                session_id => $session_id,
                #request
                user => $username,
                args => $args, # arrayref
                key => $secret,
                );

        # construct authorization RESPONSE packet from received raw packet

        $response = Net::TacacsPlus::Packet->new(
                        type => TAC_PLUS_AUTHOR,
                        raw => $raw_reply,
                        key => $secret,
                        );

        # construct accounting REQUEST packet

        $pkt = Net::TacacsPlus::Packet->new(
                #header
                type => TAC_PLUS_ACCT,
                seq_no => 1,
                session_id => $session_id,
                #request
                acct_flags => TAC_PLUS_ACCT_FLAG_*,
                user => $username,
                args => $args, # arrayref
                key => $secret,
                );

        # construct accounting REPLY packet from received raw packet

        $reply = Net::TacacsPlus::Packet->new(
                        type => TAC_PLUS_ACCT,
                        raw => $raw_reply,
                        key => $secret,
                        );



DESCRIPTION

Library to create and manipulate Tacacs+ packets. Object can be build from parameters or from raw received packet.

AUTHOR

Jozef Kutej <jkutej@cpan.org>

Authorization and Accounting contributed by Rubio Vaughan <rubio@passim.net>

VERSION

1.06

SEE ALSO

tac-rfc.1.78.txt, Net::TacacsPlus::Client

METHODS

new( somekey => somevalue ) 1. if constructing from parameters need this parameters:

for header:



        type      : TAC_PLUS_(AUTHEN|AUTHOR|ACCT)
        seq_no    : sequencenumber
        flags     : TAC_PLUS_(UNENCRYPTED_FLAG|SINGLE_CONNECT_FLAG)
        session_id: session id



for authentication START body:



        action     : TAC_PLUS_AUTHEN_(LOGIN|CHPASS|SENDPASS|SENDAUTH)
        authen_type: TAC_PLUS_AUTHEN_TYPE_(ASCII|PAP)
        key        : encryption key



for authentication CONTINUE body:       
        ’user_msg’: msg required by server
        ’data’ : data required by server
        ’key’ : encryption key

for authorization REQUEST body:
        ’user’: username
        ’args’: authorization arguments
        ’key’ : encryption key

for accounting REQUEST body:
        ’acct_flags’: TAC_PLUS_ACCT_FLAG_(MORE|START|STOP|WATCHDOG)
        ’user’ : username
        ’args’ : authorization arguments
        ’key’ : encryption key

2. if constructing from received raw packet

for AUTHEN reply, AUTHOR response and ACCT reply:



        type: TAC_PLUS_(AUTHEN|AUTHOR|ACCT)
        raw : raw packet
        key : encryption key



check_reply($snd, $rcv) compare send and reply packet for errors

$snd - packet object that was send $rcv - packet object that was received afterwards

checks sequence number, session id, version and flags

decode_raw($raw_pkt) From raw packet received create reply object: Net::TacacsPlus::Packet::AuthenReplyBody or Net::TacacsPlus::Packet::AuthorResponseBody or Net::TacacsPlus::Packet::AccountReplyBody
raw( ) return binary representation of whole packet.
raw_xor_body($data) XOR $data by pseudo pas.
compute_pseudo_pad( $sess_id,$key,$version,$seq_no,$length ) compute md5 hash from parameters truncated to $length



        pseudo_pad = {MD5_1 [,MD5_2 [ ... ,MD5_n]]} truncated to len(data)



The first MD5 hash is generated by concatenating the session_id, the secret key, the version number and the sequence number and then running MD5 over that stream. All of those input values are available in the packet header, except for the secret key which is a shared secret between the TACACS+ client and daemon.

server_msg( ) returns last server msg
seq_no() Return packet sequence number.
session_id() Return packet session id.
version() Return version from packet header
flags() Return flags from packet header.
args() Return arguments returned by server in authorization response packet.
status( ) returns status of packet. it is used in REPLY packets received from server.

status is one of:



        TAC_PLUS_AUTHEN_STATUS_PASS        => 0x01,
        TAC_PLUS_AUTHEN_STATUS_FAIL        => 0x02,
        TAC_PLUS_AUTHEN_STATUS_GETDATA     => 0x03,
        TAC_PLUS_AUTHEN_STATUS_GETUSER     => 0x04,
        TAC_PLUS_AUTHEN_STATUS_GETPASS     => 0x05,
        TAC_PLUS_AUTHEN_STATUS_RESTART     => 0x06,
        TAC_PLUS_AUTHEN_STATUS_ERROR       => 0x07,
        TAC_PLUS_AUTHEN_STATUS_FOLLOW      => 0x21,
        TAC_PLUS_AUTHOR_STATUS_PASS_ADD    => 0x01,
        TAC_PLUS_AUTHOR_STATUS_PASS_REPL   => 0x02,
        TAC_PLUS_AUTHOR_STATUS_FAIL        => 0x10,
        TAC_PLUS_AUTHOR_STATUS_ERROR       => 0x11,
        TAC_PLUS_AUTHOR_STATUS_FOLLOW      => 0x21,
        TAC_PLUS_ACCT_STATUS_SUCCESS       => 0x01,
        TAC_PLUS_ACCT_STATUS_ERROR         => 0x02,
        TAC_PLUS_ACCT_STATUS_FOLLOW        => 0x21,



send() Send out packet.
type() Returns packet type taken from packet header eg. $self->header->type;

COPYRIGHT AND LICENSE

Copyright (C) 2006 by Jozef Kutej

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.

Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 NET::TACACSPLUS::PACKET (3) 2011-07-02

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.