diff options
| author | syrinx <syrinx@FreeBSD.org> | 2009-12-11 07:53:44 +0000 |
|---|---|---|
| committer | syrinx <syrinx@FreeBSD.org> | 2009-12-11 07:53:44 +0000 |
| commit | c5bdafde93e935fa27a3919a5d935c893d58c173 (patch) | |
| tree | f345d4d4a5390c125ee6b526c3d8bac3984aca9a /lib/libtacplus/libtacplus.3 | |
| parent | 2e6099f49402daa4b66bfb4e4a8279609e318955 (diff) | |
| download | FreeBSD-src-c5bdafde93e935fa27a3919a5d935c893d58c173.zip FreeBSD-src-c5bdafde93e935fa27a3919a5d935c893d58c173.tar.gz | |
Add support for TACACS+ accounting to libtacplus(3).
Submitted by: Michael Pounov misho@aitbg.com
OKed by: emaste
Diffstat (limited to 'lib/libtacplus/libtacplus.3')
| -rw-r--r-- | lib/libtacplus/libtacplus.3 | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/lib/libtacplus/libtacplus.3 b/lib/libtacplus/libtacplus.3 index 9ce6c4a..1f6d6ac 100644 --- a/lib/libtacplus/libtacplus.3 +++ b/lib/libtacplus/libtacplus.3 @@ -44,6 +44,8 @@ .Fn tac_create_authen "struct tac_handle *h" "int action" "int type" "int service" .Ft int .Fn tac_create_author "struct tac_handle *h" "int method" "int type" "int service" +.Ft int +.Fn tac_create_acct "struct tac_handle *h" "int acct" "int action" "int type" "int service" .Ft char * .Fn tac_get_av "struct tac_handle *h" "u_int index" .Ft char * @@ -59,6 +61,8 @@ .Ft int .Fn tac_send_author "struct tac_handle *h" .Ft int +.Fn tac_send_acct "struct tac_handle *h" +.Ft int .Fn tac_set_av "struct tac_handle *h" "u_int index" "const char *av_pair" .Ft int .Fn tac_set_data "struct tac_handle *h" "const void *data" "size_t data_len" @@ -193,6 +197,20 @@ TACACS+ protocol specification. The .In taclib.h header file contains symbolic constants for these values. +.Sh CREATING A TACACS+ ACCOUNTING REQUEST +To begin constructing a new accounting request, call +.Fn tac_create_acct . +The +.Va acct , +.Va action , +.Va type , +and +.Va service +arguments must be set to appropriate values as defined in the +TACACS+ protocol specification. +The +.In taclib.h +header file contains symbolic constants for these values. .Sh SETTING OPTIONAL PARAMETERS ON A REQUEST After creating a request, various optional parameters may be attached to it through calls to @@ -354,6 +372,29 @@ include: .Pp The number of AV pairs received is obtained using .Fn TAC_AUTHEN_AV_COUNT . +.Sh SENDING THE ACCOUNTING REQUEST AND RECEIVING THE RESPONSE +After the TACACS+ authorization request has been constructed, it +is sent by means of +.Fn tac_send_acct . +This function connects to a server if not already connected, sends +the request, and waits for a reply. +On failure, +.Fn tac_send_acct +returns \-1. +Otherwise, it returns the TACACS+ status code +Possible status codes, defined in +.In taclib.h , +include: +.Pp +.Bl -item -compact -offset indent +.It +.Dv TAC_ACCT_STATUS_SUCCESS +.It +.Dv TAC_ACCT_STATUS_ERROR +.It +.Dv TAC_ACCT_STATUS_FOLLOW +.El +.Pp .Sh EXTRACTING INFORMATION FROM THE SERVER'S AUTHORIZATION RESPONSE Like an authentication response packet, an authorization response packet from the @@ -418,10 +459,14 @@ which can be retrieved using .It .Fn tac_create_author .It +.Fn tac_create_acct +.It .Fn tac_send_authen .It .Fn tac_send_author .It +.Fn tac_send_acct +.It .Fn tac_set_av .It .Fn tac_set_data |
