summaryrefslogtreecommitdiffstats
path: root/lib/libtacplus/taclib.h
blob: 46b9a59d80a4ac5da8691878d4c38e23504a7706 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
/*-
 * Copyright (c) 1998, 2001, Juniper Networks, Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 *	$FreeBSD$
 */

#ifndef _TACLIB_H_
#define _TACLIB_H_

#include <sys/types.h>

struct tac_handle;

/* Flags for tac_add_server(). */
#define TAC_SRVR_SINGLE_CONNECT	0x04	/* Keep connection open for multiple
					   sessions. */

/* Disassembly of tac_send_authen() return value. */
#define	TAC_AUTHEN_STATUS(s)	((s) & 0xff)
#define TAC_AUTHEN_NOECHO(s)	((s) & (1<<8))

/* Disassembly of tac_send_author() return value. */
#define	TAC_AUTHOR_STATUS(s)	((s) & 0xff)
#define TAC_AUTHEN_AV_COUNT(s)	(((s)>>8) & 0xff)

/* Privilege levels */
#define TAC_PRIV_LVL_MIN	0x00
#define TAC_PRIV_LVL_USER	0x01
#define TAC_PRIV_LVL_ROOT	0x0f
#define TAC_PRIV_LVL_MAX	0x0f

/* Authentication actions */
#define TAC_AUTHEN_LOGIN	0x01
#define TAC_AUTHEN_CHPASS	0x02
#define TAC_AUTHEN_SENDPASS	0x03
#define TAC_AUTHEN_SENDAUTH	0x04

/* Authentication types */
#define TAC_AUTHEN_TYPE_ASCII	0x01
#define TAC_AUTHEN_TYPE_PAP	0x02
#define TAC_AUTHEN_TYPE_CHAP	0x03
#define TAC_AUTHEN_TYPE_ARAP	0x04
#define TAC_AUTHEN_TYPE_MSCHAP	0x05

/* Authentication services */
#define TAC_AUTHEN_SVC_NONE	0x00
#define TAC_AUTHEN_SVC_LOGIN	0x01
#define TAC_AUTHEN_SVC_ENABLE	0x02
#define TAC_AUTHEN_SVC_PPP	0x03
#define TAC_AUTHEN_SVC_ARAP	0x04
#define TAC_AUTHEN_SVC_PT	0x05
#define TAC_AUTHEN_SVC_RCMD	0x06
#define TAC_AUTHEN_SVC_X25	0x07
#define TAC_AUTHEN_SVC_NASI	0x08
#define TAC_AUTHEN_SVC_FWPROXY	0x09

/* Authentication reply status codes */
#define TAC_AUTHEN_STATUS_PASS		0x01
#define TAC_AUTHEN_STATUS_FAIL		0x02
#define TAC_AUTHEN_STATUS_GETDATA	0x03
#define TAC_AUTHEN_STATUS_GETUSER	0x04
#define TAC_AUTHEN_STATUS_GETPASS	0x05
#define TAC_AUTHEN_STATUS_RESTART	0x06
#define TAC_AUTHEN_STATUS_ERROR		0x07
#define TAC_AUTHEN_STATUS_FOLLOW	0x21

/* Authorization authenticatication methods */
#define TAC_AUTHEN_METH_NOT_SET         0x00
#define TAC_AUTHEN_METH_NONE            0x01
#define TAC_AUTHEN_METH_KRB5            0x02
#define TAC_AUTHEN_METH_LINE            0x03
#define TAC_AUTHEN_METH_ENABLE          0x04
#define TAC_AUTHEN_METH_LOCAL           0x05
#define TAC_AUTHEN_METH_TACACSPLUS      0x06
#define TAC_AUTHEN_METH_RCMD            0x20
/* If adding more, see comments in protocol_version() in taclib.c */

/* Authorization status */
#define TAC_AUTHOR_STATUS_PASS_ADD      0x01
#define TAC_AUTHOR_STATUS_PASS_REPL     0x02
#define TAC_AUTHOR_STATUS_FAIL          0x10
#define TAC_AUTHOR_STATUS_ERROR         0x11

/* Accounting actions */
#define TAC_ACCT_MORE			0x1
#define TAC_ACCT_START			0x2
#define TAC_ACCT_STOP			0x4
#define TAC_ACCT_WATCHDOG		0x8

/* Accounting status */
#define TAC_ACCT_STATUS_SUCCESS		0x1
#define TAC_ACCT_STATUS_ERROR		0x2
#define TAC_ACCT_STATUS_FOLLOW		0x21

__BEGIN_DECLS
int			 tac_add_server(struct tac_handle *,
			    const char *, int, const char *, int, int);
void			 tac_close(struct tac_handle *);
int			 tac_config(struct tac_handle *, const char *);
int			 tac_create_authen(struct tac_handle *, int, int, int);
void			*tac_get_data(struct tac_handle *, size_t *);
char			*tac_get_msg(struct tac_handle *);
struct tac_handle	*tac_open(void);
int			 tac_send_authen(struct tac_handle *);
int			 tac_set_data(struct tac_handle *,
			    const void *, size_t);
int			 tac_set_msg(struct tac_handle *, const char *);
int			 tac_set_port(struct tac_handle *, const char *);
int			 tac_set_priv(struct tac_handle *, int);
int			 tac_set_rem_addr(struct tac_handle *, const char *);
int			 tac_set_user(struct tac_handle *, const char *);
const char		*tac_strerror(struct tac_handle *);
int			 tac_send_author(struct tac_handle *);
int			 tac_create_author(struct tac_handle *, int, int, int);
int			 tac_set_av(struct tac_handle *, u_int, const char *);
char			*tac_get_av(struct tac_handle *, u_int);
char			*tac_get_av_value(struct tac_handle *, const char *);
void			 tac_clear_avs(struct tac_handle *);
int			 tac_create_acct(struct tac_handle *, int, int, int, int);
int			 tac_send_acct(struct tac_handle *);
__END_DECLS

#endif /* _TACLIB_H_ */
OpenPOWER on IntegriCloud