diff options
| author | pst <pst@FreeBSD.org> | 2002-09-25 23:18:51 +0000 |
|---|---|---|
| committer | pst <pst@FreeBSD.org> | 2002-09-25 23:18:51 +0000 |
| commit | 91648a15549c3af714c84517495e7f1093c53a07 (patch) | |
| tree | c44b602a3373c774dcba3c1d92b44d5c442d3c92 /lib/libtacplus/taclib_private.h | |
| parent | 436cfa19831cbf8a0e28bcc3fba9b09701e8c0ae (diff) | |
| download | FreeBSD-src-91648a15549c3af714c84517495e7f1093c53a07.zip FreeBSD-src-91648a15549c3af714c84517495e7f1093c53a07.tar.gz | |
Enhance TACACS+ library to fully support authorization requests in
addition to existing authentication. No change to the existing
APIs to preseve both binary and API compatibility, so I am not
inclined to bump the library version number unless someone thinks
this is necessary.
Submitted by: Paul Fraley <fraley@juniper.net>
MFC after: 2 weeks
Diffstat (limited to 'lib/libtacplus/taclib_private.h')
| -rw-r--r-- | lib/libtacplus/taclib_private.h | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/lib/libtacplus/taclib_private.h b/lib/libtacplus/taclib_private.h index 830fc92..bbc1990 100644 --- a/lib/libtacplus/taclib_private.h +++ b/lib/libtacplus/taclib_private.h @@ -1,5 +1,5 @@ /*- - * Copyright 1998 Juniper Networks, Inc. + * Copyright (c) 1998, 2001, Juniper Networks, Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -41,6 +41,7 @@ #define ERRSIZE 128 /* Maximum error message length */ #define MAXCONFLINE 1024 /* Maximum config file line length */ #define MAXSERVERS 10 /* Maximum number of servers to try */ +#define MAXAVPAIRS 255 /* Maximum number of AV pairs */ /* Protocol constants. */ #define HDRSIZE 12 /* Size of message header */ @@ -111,6 +112,26 @@ struct tac_authen_cont { unsigned char rest[1]; }; +struct tac_author_request { + u_int8_t authen_meth; + u_int8_t priv_lvl; + u_int8_t authen_type; + u_int8_t service; + u_int8_t user_len; + u_int8_t port_len; + u_int8_t rem_addr_len; + u_int8_t av_cnt; + unsigned char rest[1]; +}; + +struct tac_author_response { + u_int8_t status; + u_int8_t av_cnt; + u_int16_t msg_len; + u_int16_t data_len; + unsigned char rest[1]; +}; + struct tac_msg { u_int8_t version; u_int8_t type; @@ -122,6 +143,8 @@ struct tac_msg { struct tac_authen_start authen_start; struct tac_authen_reply authen_reply; struct tac_authen_cont authen_cont; + struct tac_author_request author_request; + struct tac_author_response author_response; unsigned char body[BODYSIZE]; } u; }; @@ -140,6 +163,7 @@ struct tac_handle { struct clnt_str rem_addr; struct clnt_str data; struct clnt_str user_msg; + struct clnt_str avs[MAXAVPAIRS]; struct tac_msg request; struct tac_msg response; @@ -147,6 +171,7 @@ struct tac_handle { int srvr_pos; /* Scan position in response body */ struct srvr_str srvr_msg; struct srvr_str srvr_data; + struct srvr_str srvr_avs[MAXAVPAIRS]; }; #endif |
