141120Sjdp/*- 2103976Spst * Copyright (c) 1998, 2001, Juniper Networks, Inc. 341120Sjdp * All rights reserved. 441120Sjdp * 541120Sjdp * Redistribution and use in source and binary forms, with or without 641120Sjdp * modification, are permitted provided that the following conditions 741120Sjdp * are met: 841120Sjdp * 1. Redistributions of source code must retain the above copyright 941120Sjdp * notice, this list of conditions and the following disclaimer. 1041120Sjdp * 2. Redistributions in binary form must reproduce the above copyright 1141120Sjdp * notice, this list of conditions and the following disclaimer in the 1241120Sjdp * documentation and/or other materials provided with the distribution. 1341120Sjdp * 1441120Sjdp * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1541120Sjdp * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1641120Sjdp * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 1741120Sjdp * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 1841120Sjdp * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 1941120Sjdp * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2041120Sjdp * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2141120Sjdp * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2241120Sjdp * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2341120Sjdp * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2441120Sjdp * SUCH DAMAGE. 2541120Sjdp * 2641120Sjdp * $FreeBSD$ 2741120Sjdp */ 2841120Sjdp 2941120Sjdp#ifndef _TACLIB_H_ 3041120Sjdp#define _TACLIB_H_ 3141120Sjdp 3241120Sjdp#include <sys/types.h> 3341120Sjdp 3441120Sjdpstruct tac_handle; 3541120Sjdp 3641120Sjdp/* Flags for tac_add_server(). */ 3741120Sjdp#define TAC_SRVR_SINGLE_CONNECT 0x04 /* Keep connection open for multiple 3841120Sjdp sessions. */ 3941120Sjdp 4041120Sjdp/* Disassembly of tac_send_authen() return value. */ 4141120Sjdp#define TAC_AUTHEN_STATUS(s) ((s) & 0xff) 4241120Sjdp#define TAC_AUTHEN_NOECHO(s) ((s) & (1<<8)) 4341120Sjdp 44103976Spst/* Disassembly of tac_send_author() return value. */ 45103976Spst#define TAC_AUTHOR_STATUS(s) ((s) & 0xff) 46103976Spst#define TAC_AUTHEN_AV_COUNT(s) (((s)>>8) & 0xff) 47103976Spst 4841120Sjdp/* Privilege levels */ 4941120Sjdp#define TAC_PRIV_LVL_MIN 0x00 5041120Sjdp#define TAC_PRIV_LVL_USER 0x01 5141120Sjdp#define TAC_PRIV_LVL_ROOT 0x0f 5241120Sjdp#define TAC_PRIV_LVL_MAX 0x0f 5341120Sjdp 5441120Sjdp/* Authentication actions */ 5541120Sjdp#define TAC_AUTHEN_LOGIN 0x01 5641120Sjdp#define TAC_AUTHEN_CHPASS 0x02 5741120Sjdp#define TAC_AUTHEN_SENDPASS 0x03 5841120Sjdp#define TAC_AUTHEN_SENDAUTH 0x04 5941120Sjdp 6041120Sjdp/* Authentication types */ 6141120Sjdp#define TAC_AUTHEN_TYPE_ASCII 0x01 6241120Sjdp#define TAC_AUTHEN_TYPE_PAP 0x02 6341120Sjdp#define TAC_AUTHEN_TYPE_CHAP 0x03 6441120Sjdp#define TAC_AUTHEN_TYPE_ARAP 0x04 6541120Sjdp#define TAC_AUTHEN_TYPE_MSCHAP 0x05 6641120Sjdp 6741120Sjdp/* Authentication services */ 6841120Sjdp#define TAC_AUTHEN_SVC_NONE 0x00 6941120Sjdp#define TAC_AUTHEN_SVC_LOGIN 0x01 7041120Sjdp#define TAC_AUTHEN_SVC_ENABLE 0x02 7141120Sjdp#define TAC_AUTHEN_SVC_PPP 0x03 7241120Sjdp#define TAC_AUTHEN_SVC_ARAP 0x04 7341120Sjdp#define TAC_AUTHEN_SVC_PT 0x05 7441120Sjdp#define TAC_AUTHEN_SVC_RCMD 0x06 7541120Sjdp#define TAC_AUTHEN_SVC_X25 0x07 7641120Sjdp#define TAC_AUTHEN_SVC_NASI 0x08 7741120Sjdp#define TAC_AUTHEN_SVC_FWPROXY 0x09 7841120Sjdp 7941120Sjdp/* Authentication reply status codes */ 8041120Sjdp#define TAC_AUTHEN_STATUS_PASS 0x01 8141120Sjdp#define TAC_AUTHEN_STATUS_FAIL 0x02 8241120Sjdp#define TAC_AUTHEN_STATUS_GETDATA 0x03 8341120Sjdp#define TAC_AUTHEN_STATUS_GETUSER 0x04 8441120Sjdp#define TAC_AUTHEN_STATUS_GETPASS 0x05 8541120Sjdp#define TAC_AUTHEN_STATUS_RESTART 0x06 8641120Sjdp#define TAC_AUTHEN_STATUS_ERROR 0x07 8741120Sjdp#define TAC_AUTHEN_STATUS_FOLLOW 0x21 8841120Sjdp 89103976Spst/* Authorization authenticatication methods */ 90103976Spst#define TAC_AUTHEN_METH_NOT_SET 0x00 91103976Spst#define TAC_AUTHEN_METH_NONE 0x01 92103976Spst#define TAC_AUTHEN_METH_KRB5 0x02 93103976Spst#define TAC_AUTHEN_METH_LINE 0x03 94103976Spst#define TAC_AUTHEN_METH_ENABLE 0x04 95103976Spst#define TAC_AUTHEN_METH_LOCAL 0x05 96103976Spst#define TAC_AUTHEN_METH_TACACSPLUS 0x06 97103976Spst#define TAC_AUTHEN_METH_RCMD 0x20 98103976Spst/* If adding more, see comments in protocol_version() in taclib.c */ 99103976Spst 100103976Spst/* Authorization status */ 101103976Spst#define TAC_AUTHOR_STATUS_PASS_ADD 0x01 102103976Spst#define TAC_AUTHOR_STATUS_PASS_REPL 0x02 103103976Spst#define TAC_AUTHOR_STATUS_FAIL 0x10 104103976Spst#define TAC_AUTHOR_STATUS_ERROR 0x11 105103976Spst 106200399Ssyrinx/* Accounting actions */ 107200399Ssyrinx#define TAC_ACCT_MORE 0x1 108200399Ssyrinx#define TAC_ACCT_START 0x2 109200399Ssyrinx#define TAC_ACCT_STOP 0x4 110200399Ssyrinx#define TAC_ACCT_WATCHDOG 0x8 111200399Ssyrinx 112200399Ssyrinx/* Accounting status */ 113200399Ssyrinx#define TAC_ACCT_STATUS_SUCCESS 0x1 114200399Ssyrinx#define TAC_ACCT_STATUS_ERROR 0x2 115200399Ssyrinx#define TAC_ACCT_STATUS_FOLLOW 0x21 116200399Ssyrinx 11741120Sjdp__BEGIN_DECLS 11841120Sjdpint tac_add_server(struct tac_handle *, 11941120Sjdp const char *, int, const char *, int, int); 12041120Sjdpvoid tac_close(struct tac_handle *); 12141120Sjdpint tac_config(struct tac_handle *, const char *); 12241120Sjdpint tac_create_authen(struct tac_handle *, int, int, int); 12341120Sjdpvoid *tac_get_data(struct tac_handle *, size_t *); 12441120Sjdpchar *tac_get_msg(struct tac_handle *); 12541120Sjdpstruct tac_handle *tac_open(void); 12641120Sjdpint tac_send_authen(struct tac_handle *); 12741120Sjdpint tac_set_data(struct tac_handle *, 12841120Sjdp const void *, size_t); 12941120Sjdpint tac_set_msg(struct tac_handle *, const char *); 13041120Sjdpint tac_set_port(struct tac_handle *, const char *); 13141120Sjdpint tac_set_priv(struct tac_handle *, int); 13241120Sjdpint tac_set_rem_addr(struct tac_handle *, const char *); 13341120Sjdpint tac_set_user(struct tac_handle *, const char *); 13441120Sjdpconst char *tac_strerror(struct tac_handle *); 135103976Spstint tac_send_author(struct tac_handle *); 136103976Spstint tac_create_author(struct tac_handle *, int, int, int); 137103976Spstint tac_set_av(struct tac_handle *, u_int, const char *); 138103976Spstchar *tac_get_av(struct tac_handle *, u_int); 139103976Spstchar *tac_get_av_value(struct tac_handle *, const char *); 140103976Spstvoid tac_clear_avs(struct tac_handle *); 141200399Ssyrinxint tac_create_acct(struct tac_handle *, int, int, int, int); 142200399Ssyrinxint tac_send_acct(struct tac_handle *); 14341120Sjdp__END_DECLS 14441120Sjdp 14541120Sjdp#endif /* _TACLIB_H_ */ 146