GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
Net::TacacsPlus::Packet(3) User Contributed Perl Documentation Net::TacacsPlus::Packet(3)

Net::TacacsPlus::Packet - Tacacs+ packet object

        # construct authentication START packet
        
        $pkt = Net::TacacsPlus::Packet->new(
                #header
                'type' => TAC_PLUS_AUTHEN,
                'seq_no' => 1,
                'flags' => 0,
                'session_id' => $session_id,
                #start
                'action' => TAC_PLUS_AUTHEN_LOGIN,
                'authen_type' => TAC_PLUS_AUTHEN_TYPE_(ASCII|PAP),
                'key' => $secret,
                );
        
        
        # construct authentication CONTINUE packet
        
        $pkt = Net::TacacsPlus::Packet->new(
                #header
                'type' => TAC_PLUS_AUTHEN,
                'seq_no' => 3,
                'session_id' => $session_id,
                #continue
                'user_msg' => $username,
                'data' => '',
                'key' => $secret,
                );
        
        # construct authentication REPLY packet from received raw packet
        
        $reply = Net::TacacsPlus::Packet->new(
                        'type' => TAC_PLUS_AUTHEN,
                        'raw' => $raw_reply,
                        'key' => $secret,
                        );

        # construct authorization REQUEST packet

        $pkt = Net::TacacsPlus::Packet->new(
                #header
                'type' => TAC_PLUS_AUTHOR,
                'seq_no' => 1,
                'session_id' => $session_id,
                #request
                'user' => $username,
                'args' => $args, # arrayref
                'key' => $secret,
                );

        # construct authorization RESPONSE packet from received raw packet

        $response = Net::TacacsPlus::Packet->new(
                        'type' => TAC_PLUS_AUTHOR,
                        'raw' => $raw_reply,
                        'key' => $secret,
                        );

        # construct accounting REQUEST packet

        $pkt = Net::TacacsPlus::Packet->new(
                #header
                'type' => TAC_PLUS_ACCT,
                'seq_no' => 1,
                'session_id' => $session_id,
                #request
                'acct_flags' => TAC_PLUS_ACCT_FLAG_*,
                'user' => $username,
                'args' => $args, # arrayref
                'key' => $secret,
                );

        # construct accounting REPLY packet from received raw packet

        $reply = Net::TacacsPlus::Packet->new(
                        'type' => TAC_PLUS_ACCT,
                        'raw' => $raw_reply,
                        'key' => $secret,
                        );

Library to create and manipulate Tacacs+ packets. Object can be build from parameters or from raw received packet.

Jozef Kutej <jkutej@cpan.org>

Authorization and Accounting contributed by Rubio Vaughan <rubio@passim.net>

1.06

tac-rfc.1.78.txt, Net::TacacsPlus::Client

new( somekey => somevalue )
1. if constructing from parameters need this parameters:

for header:

        'type'      : TAC_PLUS_(AUTHEN|AUTHOR|ACCT) 
        'seq_no'    : sequencenumber
        'flags'     : TAC_PLUS_(UNENCRYPTED_FLAG|SINGLE_CONNECT_FLAG)
        'session_id': session id
    

for authentication START body:

        'action'     : TAC_PLUS_AUTHEN_(LOGIN|CHPASS|SENDPASS|SENDAUTH)
        'authen_type': TAC_PLUS_AUTHEN_TYPE_(ASCII|PAP)
        'key'        : encryption key
    

for authentication CONTINUE body: 'user_msg': msg required by server 'data' : data required by server 'key' : encryption key

for authorization REQUEST body: 'user': username 'args': authorization arguments 'key' : encryption key

for accounting REQUEST body: 'acct_flags': TAC_PLUS_ACCT_FLAG_(MORE|START|STOP|WATCHDOG) 'user' : username 'args' : authorization arguments 'key' : encryption key

2. if constructing from received raw packet

for AUTHEN reply, AUTHOR response and ACCT reply:

        'type': TAC_PLUS_(AUTHEN|AUTHOR|ACCT)
        'raw' : raw packet
        'key' : encryption key
    
check_reply($snd, $rcv)
compare send and reply packet for errors

$snd - packet object that was send $rcv - packet object that was received afterwards

checks sequence number, session id, version and flags

decode_raw($raw_pkt)
From raw packet received create reply object: Net::TacacsPlus::Packet::AuthenReplyBody or Net::TacacsPlus::Packet::AuthorResponseBody or Net::TacacsPlus::Packet::AccountReplyBody
raw( )
return binary representation of whole packet.
raw_xor_body($data)
XOR $data by pseudo pas.
compute_pseudo_pad( $sess_id,$key,$version,$seq_no,$length )
compute md5 hash from parameters truncated to $length

        pseudo_pad = {MD5_1 [,MD5_2 [ ... ,MD5_n]]} truncated to len(data)
    

The first MD5 hash is generated by concatenating the session_id, the secret key, the version number and the sequence number and then running MD5 over that stream. All of those input values are available in the packet header, except for the secret key which is a shared secret between the TACACS+ client and daemon.

server_msg( )
returns last server msg
seq_no()
Return packet sequence number.
session_id()
Return packet session id.
version()
Return version from packet header
flags()
Return flags from packet header.
args()
Return arguments returned by server in authorization response packet.
status( )
returns status of packet. it is used in REPLY packets received from server.

status is one of:

        TAC_PLUS_AUTHEN_STATUS_PASS        => 0x01,
        TAC_PLUS_AUTHEN_STATUS_FAIL        => 0x02,
        TAC_PLUS_AUTHEN_STATUS_GETDATA     => 0x03,
        TAC_PLUS_AUTHEN_STATUS_GETUSER     => 0x04,
        TAC_PLUS_AUTHEN_STATUS_GETPASS     => 0x05,
        TAC_PLUS_AUTHEN_STATUS_RESTART     => 0x06,
        TAC_PLUS_AUTHEN_STATUS_ERROR       => 0x07,
        TAC_PLUS_AUTHEN_STATUS_FOLLOW      => 0x21,
        TAC_PLUS_AUTHOR_STATUS_PASS_ADD    => 0x01,
        TAC_PLUS_AUTHOR_STATUS_PASS_REPL   => 0x02,
        TAC_PLUS_AUTHOR_STATUS_FAIL        => 0x10,
        TAC_PLUS_AUTHOR_STATUS_ERROR       => 0x11,
        TAC_PLUS_AUTHOR_STATUS_FOLLOW      => 0x21,
        TAC_PLUS_ACCT_STATUS_SUCCESS       => 0x01,
        TAC_PLUS_ACCT_STATUS_ERROR         => 0x02,
        TAC_PLUS_ACCT_STATUS_FOLLOW        => 0x21,
    
send()
Send out packet.
type()
Returns packet type taken from packet header eg. $self->header->type;

Copyright (C) 2006 by Jozef Kutej

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.

2011-07-02 perl v5.32.1

Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.