|
Unix VPS
Support
FAQ
Network
Miscellaneous
|
| Net::TacacsPlus::Packet(3) | User Contributed Perl Documentation | Net::TacacsPlus::Packet(3) |
NAME
Net::TacacsPlus::Packet - Tacacs+ packet object
SYNOPSIS
# construct authentication START packet
$pkt = Net::TacacsPlus::Packet->new(
#header
'type' => TAC_PLUS_AUTHEN,
'seq_no' => 1,
'flags' => 0,
'session_id' => $session_id,
#start
'action' => TAC_PLUS_AUTHEN_LOGIN,
'authen_type' => TAC_PLUS_AUTHEN_TYPE_(ASCII|PAP),
'key' => $secret,
);
# construct authentication CONTINUE packet
$pkt = Net::TacacsPlus::Packet->new(
#header
'type' => TAC_PLUS_AUTHEN,
'seq_no' => 3,
'session_id' => $session_id,
#continue
'user_msg' => $username,
'data' => '',
'key' => $secret,
);
# construct authentication REPLY packet from received raw packet
$reply = Net::TacacsPlus::Packet->new(
'type' => TAC_PLUS_AUTHEN,
'raw' => $raw_reply,
'key' => $secret,
);
# construct authorization REQUEST packet
$pkt = Net::TacacsPlus::Packet->new(
#header
'type' => TAC_PLUS_AUTHOR,
'seq_no' => 1,
'session_id' => $session_id,
#request
'user' => $username,
'args' => $args, # arrayref
'key' => $secret,
);
# construct authorization RESPONSE packet from received raw packet
$response = Net::TacacsPlus::Packet->new(
'type' => TAC_PLUS_AUTHOR,
'raw' => $raw_reply,
'key' => $secret,
);
# construct accounting REQUEST packet
$pkt = Net::TacacsPlus::Packet->new(
#header
'type' => TAC_PLUS_ACCT,
'seq_no' => 1,
'session_id' => $session_id,
#request
'acct_flags' => TAC_PLUS_ACCT_FLAG_*,
'user' => $username,
'args' => $args, # arrayref
'key' => $secret,
);
# construct accounting REPLY packet from received raw packet
$reply = Net::TacacsPlus::Packet->new(
'type' => TAC_PLUS_ACCT,
'raw' => $raw_reply,
'key' => $secret,
);
DESCRIPTION
Library to create and manipulate Tacacs+ packets. Object can be build from parameters or from raw received packet.
AUTHOR
Jozef Kutej <jkutej@cpan.org>
Authorization and Accounting contributed by Rubio Vaughan <rubio@passim.net>
VERSION
1.06
SEE ALSO
tac-rfc.1.78.txt, Net::TacacsPlus::Client
METHODS
- new( somekey => somevalue )
- 1. if constructing from parameters need this parameters:
for header:
'type' : TAC_PLUS_(AUTHEN|AUTHOR|ACCT) 'seq_no' : sequencenumber 'flags' : TAC_PLUS_(UNENCRYPTED_FLAG|SINGLE_CONNECT_FLAG) 'session_id': session idfor authentication START body:
'action' : TAC_PLUS_AUTHEN_(LOGIN|CHPASS|SENDPASS|SENDAUTH) 'authen_type': TAC_PLUS_AUTHEN_TYPE_(ASCII|PAP) 'key' : encryption keyfor authentication CONTINUE body: 'user_msg': msg required by server 'data' : data required by server 'key' : encryption key
for authorization REQUEST body: 'user': username 'args': authorization arguments 'key' : encryption key
for accounting REQUEST body: 'acct_flags': TAC_PLUS_ACCT_FLAG_(MORE|START|STOP|WATCHDOG) 'user' : username 'args' : authorization arguments 'key' : encryption key
2. if constructing from received raw packet
for AUTHEN reply, AUTHOR response and ACCT reply:
'type': TAC_PLUS_(AUTHEN|AUTHOR|ACCT) 'raw' : raw packet 'key' : encryption key - check_reply($snd, $rcv)
- compare send and reply packet for errors
$snd - packet object that was send $rcv - packet object that was received afterwards
checks sequence number, session id, version and flags
- decode_raw($raw_pkt)
- From raw packet received create reply object: Net::TacacsPlus::Packet::AuthenReplyBody or Net::TacacsPlus::Packet::AuthorResponseBody or Net::TacacsPlus::Packet::AccountReplyBody
- raw( )
- return binary representation of whole packet.
- raw_xor_body($data)
- XOR $data by pseudo pas.
- compute_pseudo_pad( $sess_id,$key,$version,$seq_no,$length )
- compute md5 hash from parameters truncated to
$length
pseudo_pad = {MD5_1 [,MD5_2 [ ... ,MD5_n]]} truncated to len(data)The first MD5 hash is generated by concatenating the session_id, the secret key, the version number and the sequence number and then running MD5 over that stream. All of those input values are available in the packet header, except for the secret key which is a shared secret between the TACACS+ client and daemon.
- server_msg( )
- returns last server msg
- seq_no()
- Return packet sequence number.
- session_id()
- Return packet session id.
- version()
- Return version from packet header
- flags()
- Return flags from packet header.
- args()
- Return arguments returned by server in authorization response packet.
- status( )
- returns status of packet. it is used in REPLY packets received from
server.
status is one of:
TAC_PLUS_AUTHEN_STATUS_PASS => 0x01, TAC_PLUS_AUTHEN_STATUS_FAIL => 0x02, TAC_PLUS_AUTHEN_STATUS_GETDATA => 0x03, TAC_PLUS_AUTHEN_STATUS_GETUSER => 0x04, TAC_PLUS_AUTHEN_STATUS_GETPASS => 0x05, TAC_PLUS_AUTHEN_STATUS_RESTART => 0x06, TAC_PLUS_AUTHEN_STATUS_ERROR => 0x07, TAC_PLUS_AUTHEN_STATUS_FOLLOW => 0x21, TAC_PLUS_AUTHOR_STATUS_PASS_ADD => 0x01, TAC_PLUS_AUTHOR_STATUS_PASS_REPL => 0x02, TAC_PLUS_AUTHOR_STATUS_FAIL => 0x10, TAC_PLUS_AUTHOR_STATUS_ERROR => 0x11, TAC_PLUS_AUTHOR_STATUS_FOLLOW => 0x21, TAC_PLUS_ACCT_STATUS_SUCCESS => 0x01, TAC_PLUS_ACCT_STATUS_ERROR => 0x02, TAC_PLUS_ACCT_STATUS_FOLLOW => 0x21, - send()
- Send out packet.
- type()
- Returns packet type taken from packet header eg. $self->header->type;
COPYRIGHT AND LICENSE
Copyright (C) 2006 by Jozef Kutej
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.
| 2011-07-02 | perl v5.40.2 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.