NAME

Net::TacacsPlus::Packet - Tacacs+ packet object

SYNOPSIS

# construct START packet

$pkt = Net::TacacsPlus::Packet->new(
	#header
	'type' => TAC_PLUS_AUTHEN,
	'seq_no' => 1,
	'flags' => 0,
	'session_id' => $session_id,
	#start
	'action' => TAC_PLUS_AUTHEN_LOGIN,
	'authen_type' => TAC_PLUS_AUTHEN_TYPE_(ASCII|PAP),
	'key' => $secret,
	);


# construct CONTINUE packet

$pkt = Net::TacacsPlus::Packet->new(
	#header
	'type' => TAC_PLUS_AUTHEN,
	'seq_no' => 3,
	'session_id' => $session_id,
	#continue
	'user_msg' => $username,
	'data' => '',
	'key' => $secret,
	);

# construct REPLY packet from received raw packet

$reply = Net::TacacsPlus::Packet->new(
		'raw_authen_reply' => $raw_reply,
		'key' => $secret,
		);

DESCRIPTION

Library to create and manipulate Tacacs+ packets. Object can be build from parameters or from raw received packet.

AUTHOR

Jozef Kutej <jozef.kutej@hp.com>

VERSION

1.0

METHODS

new( somekey => somevalue )

1. if constructing from parameters need this parameters:

for header:

'type': TAC_PLUS_(AUTHEN|AUTHOR|ACCT) 
'seq_no': sequencenumber
'flags': TAC_PLUS_(UNENCRYPTED_FLAG|SINGLE_CONNECT_FLAG)
'session_id': session id

for START body:

'action' => TAC_PLUS_AUTHEN_(LOGIN|CHPASS|SENDPASS|SENDAUTH)
'authen_type' => TAC_PLUS_AUTHEN_TYPE_(ASCII|PAP)
'key': encryption key

for CONTINUE body: 'user_msg': msg required by server 'data' => data required by server 'key': encryption key

2. if constructing from received raw packet

for AUTHEN reply:

'raw_authen_reply': raw packet
'key': encryption key

check_reply($snd, $rcv)

compare send and reply packet for errors

$snd - packet object that was send $rcv - packet object that was received afterwards

checks sequence number, session id, version and flags

raw( )

return binary representation of whole packet.

server_msg( )

returns last server msg

status( )

returns status of packet. it is used in REPLY packets received from server.

status is one of:

TAC_PLUS_AUTHEN_STATUS_PASS     => 0x01,
TAC_PLUS_AUTHEN_STATUS_FAIL     => 0x02,
TAC_PLUS_AUTHEN_STATUS_GETDATA  => 0x03,
TAC_PLUS_AUTHEN_STATUS_GETUSER  => 0x04,
TAC_PLUS_AUTHEN_STATUS_GETPASS  => 0x05,
TAC_PLUS_AUTHEN_STATUS_RESTART  => 0x06,
TAC_PLUS_AUTHEN_STATUS_ERROR    => 0x07,
TAC_PLUS_AUTHEN_STATUS_FOLLOW   => 0x21,

NAME

Net::TacacsPlus::PacketHeader

DESCRIPTION

3. The TACACS+ packet header

All TACACS+ packets always begin with the following 12 byte header. The header is always cleartext and describes the remainder of the packet:

 1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8

+----------------+----------------+----------------+----------------+
|major  | minor  |                |                |                |
|version| version|      type      |     seq_no     |   flags        |
+----------------+----------------+----------------+----------------+
|                                                                   |
|                            session_id                             |
+----------------+----------------+----------------+----------------+
|                                                                   |
|                              length                               |
+----------------+----------------+----------------+----------------+

METHODS

new( somekey => somevalue)

Construct tacacs+ packet header object

1. if constructing from parameters:

'version': protocol version
'type': TAC_PLUS_(AUTHEN|AUTHOR|ACCT) 
'seq_no': sequencenumber
'flags': TAC_PLUS_(UNENCRYPTED_FLAG|SINGLE_CONNECT_FLAG)
'session_id': session id

2. if constructing from raw packet

'raw_header': raw packet

raw()

returns raw binary representation of header.

NOTE For complete binary header, length of body must be added.

NAME

Net::TacacsPlus::PacketAuthenReplyBody;

DESCRIPTION

7. The authentication REPLY packet body

The TACACS+ daemon sends only one type of authentication packet (a REPLY packet) to the client. The REPLY packet body looks as follows:

 1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8

+----------------+----------------+----------------+----------------+
|     status     |      flags     |        server_msg len           |
+----------------+----------------+----------------+----------------+
|           data len              |        server_msg ...
+----------------+----------------+----------------+----------------+
|           data ...
+----------------+----------------+

METHODS

new( somekey => somevalue)

Construct tacacs+ authentication packet body object

Parameters:

'raw_body': raw body

NAME

Net::TacacsPlus::PacketAuthenStartBody;

DESCRIPTION

The authentication START packet body

 1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8

+----------------+----------------+----------------+----------------+
|    action      |    priv_lvl    |  authen_type   |     service    |
+----------------+----------------+----------------+----------------+
|    user len    |    port len    |  rem_addr len  |    data len    |
+----------------+----------------+----------------+----------------+
|    user ...
+----------------+----------------+----------------+----------------+
|    port ...
+----------------+----------------+----------------+----------------+
|    rem_addr ...
+----------------+----------------+----------------+----------------+
|    data...
+----------------+----------------+----------------+----------------+

METHODS

new( somekey => somevalue)

Construct tacacs+ authentication START packet body object

Parameters:

action: TAC_PLUS_AUTHEN_[^_]+$
priv_lvl: TAC_PLUS_PRIV_LVL_*
authen_type: TAC_PLUS_AUTHEN_TYPE_*
service: TAC_PLUS_AUTHEN_SVC_*
user: username
password: password
port: port dft. 'Virtual00'
rem_addr: our ip address

NAME

Net::TacacsPlus::PacketAuthenContinueBody;

DESCRIPTION

8.  The authentication CONTINUE packet body

This packet is sent from the NAS to the daemon following the  receipt
of a REPLY packet.


      1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8  1 2 3 4 5 6 7 8

     +----------------+----------------+----------------+----------------+
     |          user_msg len           |            data len             |
     +----------------+----------------+----------------+----------------+
     |     flags      |  user_msg ...
     +----------------+----------------+----------------+----------------+
     |    data ...
     +----------------+

METHODS

new( somekey => somevalue)

Construct tacacs+ authentication CONTINUE packet body object

Parameters:

'user_msg': user message requested by server
'data': data requested by server
'flags': TAC_PLUS_CONTINUE_FLAG_ABORT

COPYRIGHT AND LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.

To install Net::TacacsPlus::Packet, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::TacacsPlus::Packet

CPAN shell

perl -MCPAN -e shell
install Net::TacacsPlus::Packet

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

DESCRIPTION

AUTHOR

VERSION

SEE ALSO

METHODS

NAME

DESCRIPTION

METHODS

NAME

DESCRIPTION

METHODS

NAME

DESCRIPTION

METHODS

NAME

DESCRIPTION

METHODS

COPYRIGHT AND LICENSE

Module Install Instructions