Internet Info 1994 March

home *** CD-ROM | disk | FTP | other *** search

/ Internet Info 1994 March / Internet Info CD-ROM (Walnut Creek) (March 1994).iso / networking / cisco / tacacsd.shar / xtacacsd / xtacacsd.c < prev

Wrap

C/C++ Source or Header | 1992-08-07 | 22.1 KB | 939 lines

#define DEBUG1 /* * TACACS daemon suitable for using on Un*x systems. * * Janruary 1989, Greg Satz * * Copyright (c) 1989 by cisco Systems, Inc. * All rights reserved. */ #include <sys/types.h> #include <sys/socket.h> #include <sys/ioctl.h> #include <sys/file.h> #include <netinet/in.h> #include <stdio.h> #include <errno.h> #include <pwd.h> #include <netdb.h> #include <sys/syslog.h> #include <utmp.h> #ifdef SYSV #include <fcntl.h> #define index strchr #endif /* * TACACS protocol defintions */ #define uchar unsigned char #define ulong unsigned long #include "tacacs.h" #define oresponse namelen #define oreason pwlen #define TIMEOUT (5*60) #define TACACS_PORT 49 #define SEC_IN_DAY (24*60*60) /* seconds in a day */ #define WARNING_PERIOD 14 /* days of expiration warning */ #define PASSWD_LENGTH 14 /* length of password for crypt */ #define SOME_ARBITRARILY_LARGE_NUMBER 100 int debug; /* debugging flag */ int logging; /* syslog logging flag */ int stand; /* running standalone or not */ char *file; /* validation filename */ char *wtmpfile; /* wtmp format filename */ FILE *wtmpf; unsigned long querytime; /* time query came in */ struct sockaddr_in from; int fromlen; struct hostent *hp; char buf[BUFSIZ]; char *monthname[] = {"Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"}; long days_ere_month[] = {0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334}; /* * main * We can be called from inetd or via the rc scripts directly * Parse arguments are act appropiately. */ main (argc, argv) int argc; char **argv; { int c, on = 1, s; struct servent *sp; tacacstype *tp; extern char *optarg; debug = 0; /* no debugging */ logging = 0; /* no logging */ stand = 0; /* under inetd */ file = NULL; /* /etc/passwd */ wtmpfile = NULL; wtmpf = NULL; #ifdef LOG_LOCAL6 openlog("tacacsd", LOG_PID, LOG_LOCAL6); #else openlog("tacacsd", LOG_PID); #endif while ((c = getopt(argc, argv, "df:lsw:")) != EOF) switch (c) { case 'd': /* debug */ debug = 1; break; case 'f': /* file name */ file = optarg; break; case 'l': /* logging */ logging = 1; break; case 's': /* stand-alone */ stand = 1; break; case 'w': wtmpfile = optarg; break; default: fprintf(stderr, "%s: illegal switch\n", argv[0]); exit(1); } if (debug) syslog(LOG_DEBUG, "server starting"); if (stand) { /* * Background ourselves and let go of controlling tty */ if (!debug) { if (fork()) exit(0); for (c = 0; c < getdtablesize(); c++) (void) close(c); (void) open("/", O_RDONLY); (void) dup2(0, 1); (void) dup2(0, 2); #ifndef SYSV c = open("/dev/tty", O_RDWR); if (c >= 0) { ioctl(c, TIOCNOTTY, (char *)0); (void) close(c); } #endif #ifdef LOG_LOCAL6 openlog("tacacsd", LOG_PID, LOG_LOCAL6); #else openlog("tacacsd", LOG_PID); #endif } } if (stand) { /* * Pick up a socket */ if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { syslog(LOG_ERR, "socket: %m\n"); exit(1); } /* * Get port we need to pay attention to */ bzero((caddr_t)&from, sizeof(from)); #ifdef sun from.sin_family = AF_INET; from.sin_addr.s_addr = INADDR_ANY; #endif sp = getservbyname("tacacs", "udp"); if (sp == NULL) from.sin_port = ntohs(TACACS_PORT); else from.sin_port = ntohs(sp->s_port); if (bind(s, &from, sizeof(from)) < 0) { syslog(LOG_ERR, "bind: %m\n"); exit(1); } } else { s = 0; if (ioctl(s, FIONBIO, &on) < 0) { syslog(LOG_ERR, "ioctl(FIONBIO): %m\n"); exit(1); } } /* * For 4.3BSD machines, this routine sets the file the pw routines use * to the given argument. We emulate it for others. */ if (file != NULL) setpwfile(file); if (wtmpfile != NULL) { wtmpf = fopen(wtmpfile, "a+"); if (!wtmpf) fprintf(stderr, "\nCan't open wtmp file \"%s\"",wtmpfile); } if (!stand) alarm(TIMEOUT); again: fromlen = sizeof(from); c = recvfrom(s, buf, sizeof(buf), 0, (caddr_t)&from, &fromlen); if (c <= 0) { if (errno == EINTR && stand) goto again; syslog(LOG_ERR, "recvfrom: %m\n"); exit(1); } #ifdef DEBUG hp = gethostbyaddr(&from.sin_addr, sizeof (struct in_addr), AF_INET); fprintf(stderr, "main: received validation request from %s\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr)); #endif if (logging) { hp = gethostbyaddr(&from.sin_addr, sizeof (struct in_addr), AF_INET); syslog(LOG_INFO, "validation request from %s", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr)); #ifdef DEBUG fprintf(stderr, "main: logged validation request\r\n"); #endif } tp = (tacacstype *)buf; if (tp->version == TA_VERSION) old_process(s, &from, tp); else if (tp->version == XTA_VERSION) new_process(s, &from, tp); else if (logging) syslog(LOG_INFO, "illegal version specified: %d\n", tp->version); if (stand) goto again; exit(0); } /* * pw_verify * verify the provided name/password. */ pw_verify (name, passwd, ppw) #ifdef SYSV char name[SOME_ARBITRARILY_LARGE_NUMBER]; char passwd[SOME_ARBITRARILY_LARGE_NUMBER]; #else char *name, *passwd; #endif struct passwd **ppw; { struct passwd *pw; #ifdef DEBUG fprintf(stderr, "pw_verify: calling setpwent\r\n"); #endif setpwent(); if (file != NULL) setpwfile(file); #ifdef DEBUG fprintf(stderr, "pw_verify: returned from setpwent\r\n"); #endif pw = getpwnam(name); #ifdef DEBUG fprintf(stderr, "pw_verify: returned %x from getpwnam\r\n", pw); #endif #ifdef DEBUG if (pw) fprintf(stderr, "password: user %8.8s, password %13.13s\r\n", pw->pw_name, pw->pw_passwd); #endif /* * Verify the entry. */ if (pw != NULL && *passwd != '\0' && *pw->pw_passwd != '\0') { #ifdef SYSV strcpy(passwd, (char *)crypt(passwd, pw->pw_passwd)); #else passwd = (char *)crypt(passwd, pw->pw_passwd); #endif #ifdef DEBUG fprintf(stderr, "encrypted: real %s, query %s\r\n", pw->pw_passwd, passwd); #endif *ppw = pw; if (strcmp(passwd, pw->pw_passwd) == 0) return(1); } *ppw = NULL; return(0); } /* * process * Perform necessary stuff to do a query operation. Return ANSWER. */ old_process (s, client, tp) int s; struct sockaddr_in *client; tacacstype *tp; { #ifdef SYSV char name[SOME_ARBITRARILY_LARGE_NUMBER]; char passwd[SOME_ARBITRARILY_LARGE_NUMBER]; #else char *name, *passwd; #endif struct passwd *pw; int expired; querytime = time(NULL); #ifdef DEBUG fprintf(stderr, "process: starting\r\n"); fprintf(stderr, "process: namelen %d, pwdlen %d\r\n", tp->namelen, tp->pwlen); #endif #ifndef SYSV name = (char *)malloc(tp->namelen+1); #ifdef DEBUG fprintf(stderr, "process: malloc returned (name)\r\n"); if (name == NULL) fprintf(stderr, "process: malloc failed on name (%d bytes)\r\n", tp->namelen+1); #endif passwd = (char *)malloc(tp->pwlen+1); #ifdef DEBUG if (passwd == NULL) fprintf(stderr, "process: malloc failed on passwd (%d bytes)\r\n", tp->pwlen+1); #endif if (name == NULL || passwd == NULL) return; #endif /* not SYSV */ strncpy(name, (char *)(tp + 1), tp->namelen); name[tp->namelen] = '\0'; strncpy(passwd, (char *)(tp + 1) + tp->namelen, tp->pwlen); if (tp->pwlen > PASSWD_LENGTH) tp->pwlen = PASSWD_LENGTH; passwd[tp->pwlen] = '\0'; #ifdef DEBUG fprintf(stderr, "packet: %s %s\r\n", (char *)(tp + 1), (char *)(tp + 1) + tp->namelen); fprintf(stderr, "local: %s %s\r\n", name, passwd); #endif /* * Assume failure */ tp->oresponse = TA_A_REJECTED; tp->oreason = TA_A_DENIED; if (pw_verify(name, passwd, &pw)) { tp->oresponse = TA_A_ACCEPTED; tp->oreason = TA_A_NONE; /* * Now check the expiration time. */ expired = check_expiration(pw->pw_shell); if (expired == 2) { tp->oresponse = TA_A_DENIED; tp->oreason = TA_A_EXPIRING; } else if (expired == 1) tp->oreason = TA_A_EXPIRING; } #ifdef DEBUG fprintf(stderr, "process: logging query result\r\n"); #endif if (logging) { if (pw != NULL) syslog(LOG_INFO, "login query for %s (%s) %s\n", name, pw->pw_gecos, tp->oresponse == TA_A_ACCEPTED ? "accepted" : "rejected"); else syslog(LOG_INFO, "login query for %s %s\n", name, tp->oresponse == TA_A_ACCEPTED ? "accepted" : "rejected"); } tp->type = TA_ANSWER; #ifdef DEBUG fprintf(stderr, "process: sending query result to client\r\n"); #endif if (sendto(s, buf, sizeof(tacacstype), 0, client, sizeof(struct sockaddr_in)) != sizeof(tacacstype)) syslog(LOG_ERR, "write: %m\n"); #ifndef SYSV free(name); free(passwd); #endif #ifdef DEBUG fprintf(stderr, "process: done\r\n"); #endif } /* * new_process * Perform necessary stuff to do a query operation. Return ANSWER. */ new_process (s, client, tp) int s; struct sockaddr_in *client; xtacacstype *tp; { #ifdef DEBUG fprintf(stderr, "new_process: start\r\n"); #endif querytime = time(NULL); switch (tp->type) { case XTA_SLIPADDR: case XTA_LOGIN: xlogin(s, client, tp); break; case XTA_CONNECT: xconnect(s, client, tp); break; case XTA_ENABLE: xenable(s, client, tp); break; case XTA_LOGOUT: xlogout(s, client, tp); break; case XTA_RELOAD: xreload(s, client, tp); break; case XTA_SLIPON: xslipon(s, client, tp); break; case XTA_SLIPOFF: xslipoff(s, client, tp); break; default: if (logging) syslog(LOG_INFO, "illegal type specified: %d", tp->type); } } check_expiration(date) char *date; { long day, month, year, leaps, now, expiration, warning; char monthstr[10]; /* * If no date or a shell, let it pass. (Backward compatability.) */ if (!date || (strlen(date) == 0) || (*date == '/')) return(0); /* * Parse date string. Fail it upon error. */ if (sscanf(date, "%s %d %d", monthstr, &day, &year) != 3) return(2); /* * Compute the expiration date in days. */ for (month = 0; month < 12; month++) if (strncmp(monthstr, monthname[month], 3) == 0) break; if (month > 11) return(2); leaps = (year-1969)/4 + (((year % 4) == 0) && (month > 2)); expiration = (((year-1970)*365) + days_ere_month[month] + (day-1) + leaps); warning = expiration - WARNING_PERIOD; /* * Get the current time (to the day) */ now = querytime/SEC_IN_DAY; if (now > expiration) return(2); if (now > warning) return(1); return(0); } #ifndef BSD43 /* * setpwfile * Hack to get around the default for the pw routines using /etc/passwd */ #include <sys/stat.h> setpwfile (file) char *file; { FILE *f; struct stat pwbuf, fbuf; int i; char *c; if (stat("/etc/passwd", &pwbuf) < 0) { syslog(LOG_ERR, "stat: %m\n"); exit(1); } setpwent(); /* open /etc/passwd */ /* * This loop assumes that the stdio file buffers are contiguous * which isn't true for 4.3, but then we won't be here. */ for (f = stderr + 1; f < stdin + getdtablesize(); f++) if (f->_flag & (_IOREAD|_IOWRT|_IORW) && fstat(fileno(f), &fbuf) >= 0 && pwbuf.st_dev == fbuf.st_dev && pwbuf.st_ino == fbuf.st_ino) { freopen(file, "r", f); fprintf(stderr, "hit at %d\n", fileno(f)); return; } syslog(LOG_ERR, "couldn't find /etc/passwd to replace"); exit(1); } #endif #ifdef SYSV getdtablesize() { return(_NFILE); } #endif wtmp_entry (line, name, host) char *line, *name, *host; { struct utmp entry; if (wtmpf == NULL) return; bzero(&entry, sizeof entry); if (strlen(line) < sizeof entry.ut_line) strcpy(entry.ut_line, line); else bcopy(line, entry.ut_line, sizeof entry.ut_line); if (strlen(name) < sizeof entry.ut_name) strcpy(entry.ut_name, name); else bcopy(name, entry.ut_name, sizeof entry.ut_name); if (strlen(host) < sizeof entry.ut_host) strcpy(entry.ut_host, host); else bcopy(host, entry.ut_host, sizeof entry.ut_host); entry.ut_time = querytime; if (fwrite(&entry, sizeof entry, 1, wtmpf) != 1) { if (logging) syslog(LOG_ERR, "couldn't write syslog file"); } else fflush(wtmpf); #ifdef DEBUG1 fprintf(stderr, "\nwtmp: %s, %s %s %d", line, name, host, querytime); #endif } xlogin (s, client, tp) int s; struct sockaddr_in *client; xtacacstype *tp; { #ifdef SYSV char name[SOME_ARBITRARILY_LARGE_NUMBER]; char passwd[SOME_ARBITRARILY_LARGE_NUMBER]; #else char *name, *passwd; #endif struct passwd *pw; int expired; char linename[20]; #ifdef DEBUG fprintf(stderr, "xlogin: starting\r\n"); fprintf(stderr, "xlogin: namelen %d, pwdlen %d\r\n", tp->namelen, tp->pwlen); #endif #ifndef SYSV name = (char *)malloc(tp->namelen+1); #ifdef DEBUG fprintf(stderr, "xlogin: malloc returned (name)\r\n"); if (name == NULL) fprintf(stderr, "xlogin: malloc failed on name (%d bytes)\r\n", tp->namelen+1); #endif passwd = (char *)malloc(tp->pwlen+1); #ifdef DEBUG if (passwd == NULL) fprintf(stderr, "xlogin: malloc failed on passwd (%d bytes)\r\n", tp->pwlen+1); #endif if (name == NULL || passwd == NULL) return; #endif /* not SYSV */ strncpy(name, ((char *)tp)+XTACACSSIZE, tp->namelen); name[tp->namelen] = '\0'; strncpy(passwd, ((char *)tp)+XTACACSSIZE + tp->namelen, tp->pwlen); if (tp->pwlen > PASSWD_LENGTH) tp->pwlen = PASSWD_LENGTH; passwd[tp->pwlen] = '\0'; #ifdef DEBUG fprintf(stderr, "packet: %s %s\r\n", (char *)(tp + 1), (char *)(tp + 1) + tp->namelen); fprintf(stderr, "local: %s %s\r\n", name, passwd); #endif #ifdef DEBUG1 fprintf(stderr, "\nxlogin: user %s on tty%o, host %s", name, tp->lport, hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr)); #endif /* * Assume failure */ tp->response = TA_A_REJECTED; tp->reason = TA_A_DENIED; if (pw_verify(name, passwd, &pw)) { tp->response = XTA_A_ACCEPTED; tp->reason = XTA_A_NONE; tp->uuid = pw->pw_uid; tp->accesslist = pw->pw_gid; tp->flags = xta_getflags(pw->pw_gecos); /* * Now check the expiration time. */ expired = check_expiration(pw->pw_shell); if (expired == 2) { tp->response = TA_A_DENIED; tp->reason = TA_A_EXPIRING; } else if (expired == 1) tp->reason = TA_A_EXPIRING; } #ifdef DEBUG fprintf(stderr, "xlogin: logging query result\r\n"); #endif sprintf(linename, "TTY%o", tp->lport); if (tp->response == TA_A_ACCEPTED && tp->type == XTA_LOGIN) wtmp_entry(linename, name, hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr)); #ifdef DEBUG fprintf(stderr, "xlogin: sending query result to client\r\n"); #endif if (logging && tp->type == XTA_LOGIN) { if (pw != NULL) syslog(LOG_INFO, "xlogin query from %s %s for %s (%s) %s\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr), linename, name, pw->pw_gecos, tp->response == TA_A_ACCEPTED ? "accepted" : "rejected"); else syslog(LOG_INFO, "xlogin query from %s %s for %s %s\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr), linename, name, tp->response == TA_A_ACCEPTED ? "accepted" : "rejected"); } if (logging && tp->type == XTA_SLIPADDR) { if (pw != NULL) syslog(LOG_INFO, "slipaddress from %s %s for %s (%s) %s\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr), linename, name, pw->pw_gecos, tp->response == TA_A_ACCEPTED ? "accepted" : "rejected"); else syslog(LOG_INFO, "slipaddress from %s %s for %s %s\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr), linename, name, tp->response == TA_A_ACCEPTED ? "accepted" : "rejected"); } tp->type = TA_ANSWER; if (sendto(s, buf, XTACACSSIZE, 0, client, sizeof(struct sockaddr_in)) != XTACACSSIZE) syslog(LOG_ERR, "write: %m\n"); #ifndef SYSV free(name); free(passwd); #endif #ifdef DEBUG fprintf(stderr, "xlogin: done\r\n"); #endif } xconnect(s, client, tp) int s; struct sockaddr_in *client; xtacacstype *tp; { struct hostent *hp1; char *name = ((char *)tp)+XTACACSSIZE; name[tp->namelen] = 0; hp1 = gethostbyaddr(&tp->dhost, sizeof (struct in_addr), AF_INET); #ifdef DEBUG1 fprintf(stderr, "\nxconnect: user %.*s(%d) to %s:%d", tp->namelen, ((char *)tp)+XTACACSSIZE, tp->uuid, hp1 ? hp1->h_name : (char *)inet_ntoa(tp->dhost), tp->dport); #endif if (logging) syslog(LOG_INFO, "xconnect from %s tty%o for %s (%d) to %s:%d\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr), tp->lport, name, tp->uuid, hp1 ? hp1->h_name : (char *)inet_ntoa(tp->dhost), tp->dport); replyok (s, client, tp); } xenable (s, client, tp) int s; struct sockaddr_in *client; xtacacstype *tp; { #ifdef SYSV char name[SOME_ARBITRARILY_LARGE_NUMBER]; char passwd[SOME_ARBITRARILY_LARGE_NUMBER]; #else char *name, *passwd; #endif struct passwd *pw; int expired; char linename[20]; #ifndef SYSV name = (char *)malloc(tp->namelen+1); passwd = (char *)malloc(tp->pwlen+1); if (name == NULL || passwd == NULL) return; #endif /* not SYSV */ sprintf(linename, "TTY%o", tp->lport); strncpy(name, (char *)(tp + 1), tp->namelen); name[tp->namelen] = '\0'; strncpy(passwd, (char *)(tp + 1) + tp->namelen, tp->pwlen); if (tp->pwlen > PASSWD_LENGTH) tp->pwlen = PASSWD_LENGTH; passwd[tp->pwlen] = '\0'; #ifdef DEBUG1 fprintf(stderr, "\nxenable: user %s on tty%o, host %s", name, tp->lport, hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr)); #endif /* * Assume failure */ tp->response = TA_A_REJECTED; tp->reason = TA_A_DENIED; if (pw_verify("$enable$", passwd, &pw)) { tp->response = XTA_A_ACCEPTED; tp->reason = XTA_A_NONE; tp->uuid = pw->pw_uid; tp->accesslist = pw->pw_gid; tp->flags = xta_getflags(pw->pw_gecos); /* * Now check the expiration time. */ expired = check_expiration(pw->pw_shell); if (expired == 2) { tp->response = TA_A_DENIED; tp->reason = TA_A_EXPIRING; } else if (expired == 1) tp->reason = TA_A_EXPIRING; } sprintf(linename, "TTY%o", tp->lport); tp->type = TA_ANSWER; if (logging) syslog(LOG_INFO, "xenable from %s %s for %s %s\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr), linename, name, tp->response == TA_A_ACCEPTED ? "accepted" : "rejected"); if (sendto(s, buf, XTACACSSIZE, 0, client, sizeof(struct sockaddr_in)) != XTACACSSIZE) syslog(LOG_ERR, "write: %m\n"); #ifndef SYSV free(name); free(passwd); #endif } xlogout (s, client, tp) int s; struct sockaddr_in *client; xtacacstype *tp; { char *name = ((char *)tp)+XTACACSSIZE; char linename[20]; char *reason; switch(tp->reason) { case XTA_R_IDLE: reason = "Idle-timeout"; break; case XTA_R_DROP: reason = "Carrier-Drop"; break; case XTA_R_BAD: reason = "Bad-Passwords"; break; case XTA_R_QUIT: reason = ""; break; default: reason = "Unknown-reason"; break; } name[tp->namelen] = 0; #ifdef DEBUG1 fprintf(stderr, "\nxlogout: user %s(%d) line %o %s", name, tp->uuid, tp->lport, reason); #endif sprintf(linename, "TTY%o", tp->lport); if (logging) syslog(LOG_INFO, "xlogout from %s %s, user %s(%d) %s\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr), linename, name, tp->uuid, reason); wtmp_entry(linename, "", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr)); replyok (s, client, tp); } xreload(s, client, tp) int s; struct sockaddr_in *client; xtacacstype *tp; { #ifdef DEBUG1 fprintf(stderr, "\nxreload: host %s", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr)); #endif if (logging) syslog(LOG_INFO, "system reload from %s\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr)); wtmp_entry("~", "", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr)); replyok (s, client, tp); } xslipon(s, client, tp) int s; struct sockaddr_in *client; xtacacstype *tp; { struct hostent *hp1; char linename[20]; char *name = (char *) (tp + 1); name[tp->namelen] = 0; hp1 = gethostbyaddr(&tp->dhost, sizeof (struct in_addr), AF_INET); #ifdef DEBUG1 fprintf(stderr, "\nxslipon: user %.*s(%d) line %o slip address %s", tp->namelen, ((char *)tp)+XTACACSSIZE, tp->uuid, tp->lport, hp1 ? hp1->h_name : (char *)inet_ntoa(tp->dhost)); #endif sprintf(linename, "SLIP%o", tp->lport); wtmp_entry(linename, name, hp1 ? hp1->h_name : (char *)inet_ntoa(tp->dhost)); if (logging) syslog(LOG_INFO, "xslipon from %s %s for user %s(%d) address %s\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr), linename, name, tp->uuid, hp1 ? hp1->h_name : (char *)inet_ntoa(tp->dhost)); replyok (s, client, tp); } xslipoff(s, client, tp) int s; struct sockaddr_in *client; xtacacstype *tp; { struct hostent *hp1; char linename[20]; char *name; hp1 = gethostbyaddr(&tp->dhost, sizeof (struct in_addr), AF_INET); #ifdef DEBUG1 fprintf(stderr, "\nxslipoff: user %.*s(%d) line %o slip address %s", tp->namelen, ((char *)tp)+XTACACSSIZE, tp->uuid, tp->lport, hp1 ? hp1->h_name : (char *)inet_ntoa(tp->dhost)); #endif sprintf(linename, "SLIP%o", tp->lport); wtmp_entry(linename, "", hp1 ? hp1->h_name : (char *)inet_ntoa(tp->dhost)); name = (char *) (((char *)tp)+XTACACSSIZE); name[tp->namelen] = 0; if (logging) if (logging) syslog(LOG_INFO, "xslip off from %s %s for %s(%d) address %s\n", hp ? hp->h_name : (char *)inet_ntoa(from.sin_addr), linename, name, tp->uuid, hp1 ? hp1->h_name : (char *)inet_ntoa(tp->dhost)); replyok (s, client, tp); } xta_getflags (string) char * string; { return(0); } /* * Send an "ok" reply to client (for things like reload, logout) */ replyok (s, client, tp) int s; struct sockaddr_in *client; xtacacstype *tp; { tp->response = XTA_A_ACCEPTED; tp->reason = XTA_A_NONE; tp->type = TA_ANSWER; if (sendto(s, buf, XTACACSSIZE, 0, client, sizeof(struct sockaddr_in)) != XTACACSSIZE) syslog(LOG_ERR, "write: %m\n"); }