diff options
author | pst <pst@FreeBSD.org> | 2002-09-25 23:18:51 +0000 |
---|---|---|
committer | pst <pst@FreeBSD.org> | 2002-09-25 23:18:51 +0000 |
commit | 91648a15549c3af714c84517495e7f1093c53a07 (patch) | |
tree | c44b602a3373c774dcba3c1d92b44d5c442d3c92 /lib/libtacplus/taclib.h | |
parent | 436cfa19831cbf8a0e28bcc3fba9b09701e8c0ae (diff) | |
download | FreeBSD-src-91648a15549c3af714c84517495e7f1093c53a07.zip FreeBSD-src-91648a15549c3af714c84517495e7f1093c53a07.tar.gz |
Enhance TACACS+ library to fully support authorization requests in
addition to existing authentication. No change to the existing
APIs to preseve both binary and API compatibility, so I am not
inclined to bump the library version number unless someone thinks
this is necessary.
Submitted by: Paul Fraley <fraley@juniper.net>
MFC after: 2 weeks
Diffstat (limited to 'lib/libtacplus/taclib.h')
-rw-r--r-- | lib/libtacplus/taclib.h | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/lib/libtacplus/taclib.h b/lib/libtacplus/taclib.h index 0da1b08..2ef36b9 100644 --- a/lib/libtacplus/taclib.h +++ b/lib/libtacplus/taclib.h @@ -1,5 +1,5 @@ /*- - * Copyright 1998 Juniper Networks, Inc. + * Copyright (c) 1998, 2001, Juniper Networks, Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -41,6 +41,10 @@ struct tac_handle; #define TAC_AUTHEN_STATUS(s) ((s) & 0xff) #define TAC_AUTHEN_NOECHO(s) ((s) & (1<<8)) +/* Disassembly of tac_send_author() return value. */ +#define TAC_AUTHOR_STATUS(s) ((s) & 0xff) +#define TAC_AUTHEN_AV_COUNT(s) (((s)>>8) & 0xff) + /* Privilege levels */ #define TAC_PRIV_LVL_MIN 0x00 #define TAC_PRIV_LVL_USER 0x01 @@ -82,6 +86,23 @@ struct tac_handle; #define TAC_AUTHEN_STATUS_ERROR 0x07 #define TAC_AUTHEN_STATUS_FOLLOW 0x21 +/* Authorization authenticatication methods */ +#define TAC_AUTHEN_METH_NOT_SET 0x00 +#define TAC_AUTHEN_METH_NONE 0x01 +#define TAC_AUTHEN_METH_KRB5 0x02 +#define TAC_AUTHEN_METH_LINE 0x03 +#define TAC_AUTHEN_METH_ENABLE 0x04 +#define TAC_AUTHEN_METH_LOCAL 0x05 +#define TAC_AUTHEN_METH_TACACSPLUS 0x06 +#define TAC_AUTHEN_METH_RCMD 0x20 +/* If adding more, see comments in protocol_version() in taclib.c */ + +/* Authorization status */ +#define TAC_AUTHOR_STATUS_PASS_ADD 0x01 +#define TAC_AUTHOR_STATUS_PASS_REPL 0x02 +#define TAC_AUTHOR_STATUS_FAIL 0x10 +#define TAC_AUTHOR_STATUS_ERROR 0x11 + __BEGIN_DECLS int tac_add_server(struct tac_handle *, const char *, int, const char *, int, int); @@ -100,6 +121,12 @@ int tac_set_priv(struct tac_handle *, int); int tac_set_rem_addr(struct tac_handle *, const char *); int tac_set_user(struct tac_handle *, const char *); const char *tac_strerror(struct tac_handle *); +int tac_send_author(struct tac_handle *); +int tac_create_author(struct tac_handle *, int, int, int); +int tac_set_av(struct tac_handle *, u_int, const char *); +char *tac_get_av(struct tac_handle *, u_int); +char *tac_get_av_value(struct tac_handle *, const char *); +void tac_clear_avs(struct tac_handle *); __END_DECLS #endif /* _TACLIB_H_ */ |