2 * SPDX-License-Identifier: BSD-2-Clause
4 * Copyright (c) 1998, 2001, Juniper Networks, Inc.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include <sys/types.h>
38 /* Flags for tac_add_server(). */
39 #define TAC_SRVR_SINGLE_CONNECT 0x04 /* Keep connection open for multiple
42 /* Disassembly of tac_send_authen() return value. */
43 #define TAC_AUTHEN_STATUS(s) ((s) & 0xff)
44 #define TAC_AUTHEN_NOECHO(s) ((s) & (1<<8))
46 /* Disassembly of tac_send_author() return value. */
47 #define TAC_AUTHOR_STATUS(s) ((s) & 0xff)
48 #define TAC_AUTHEN_AV_COUNT(s) (((s)>>8) & 0xff)
50 /* Privilege levels */
51 #define TAC_PRIV_LVL_MIN 0x00
52 #define TAC_PRIV_LVL_USER 0x01
53 #define TAC_PRIV_LVL_ROOT 0x0f
54 #define TAC_PRIV_LVL_MAX 0x0f
56 /* Authentication actions */
57 #define TAC_AUTHEN_LOGIN 0x01
58 #define TAC_AUTHEN_CHPASS 0x02
59 #define TAC_AUTHEN_SENDPASS 0x03
60 #define TAC_AUTHEN_SENDAUTH 0x04
62 /* Authentication types */
63 #define TAC_AUTHEN_TYPE_NOT_SET 0x00
64 #define TAC_AUTHEN_TYPE_ASCII 0x01
65 #define TAC_AUTHEN_TYPE_PAP 0x02
66 #define TAC_AUTHEN_TYPE_CHAP 0x03
67 #define TAC_AUTHEN_TYPE_ARAP 0x04
68 #define TAC_AUTHEN_TYPE_MSCHAP 0x05
70 /* Authentication services */
71 #define TAC_AUTHEN_SVC_NONE 0x00
72 #define TAC_AUTHEN_SVC_LOGIN 0x01
73 #define TAC_AUTHEN_SVC_ENABLE 0x02
74 #define TAC_AUTHEN_SVC_PPP 0x03
75 #define TAC_AUTHEN_SVC_ARAP 0x04
76 #define TAC_AUTHEN_SVC_PT 0x05
77 #define TAC_AUTHEN_SVC_RCMD 0x06
78 #define TAC_AUTHEN_SVC_X25 0x07
79 #define TAC_AUTHEN_SVC_NASI 0x08
80 #define TAC_AUTHEN_SVC_FWPROXY 0x09
82 /* Authentication reply status codes */
83 #define TAC_AUTHEN_STATUS_PASS 0x01
84 #define TAC_AUTHEN_STATUS_FAIL 0x02
85 #define TAC_AUTHEN_STATUS_GETDATA 0x03
86 #define TAC_AUTHEN_STATUS_GETUSER 0x04
87 #define TAC_AUTHEN_STATUS_GETPASS 0x05
88 #define TAC_AUTHEN_STATUS_RESTART 0x06
89 #define TAC_AUTHEN_STATUS_ERROR 0x07
90 #define TAC_AUTHEN_STATUS_FOLLOW 0x21
92 /* Authorization authenticatication methods */
93 #define TAC_AUTHEN_METH_NOT_SET 0x00
94 #define TAC_AUTHEN_METH_NONE 0x01
95 #define TAC_AUTHEN_METH_KRB5 0x02
96 #define TAC_AUTHEN_METH_LINE 0x03
97 #define TAC_AUTHEN_METH_ENABLE 0x04
98 #define TAC_AUTHEN_METH_LOCAL 0x05
99 #define TAC_AUTHEN_METH_TACACSPLUS 0x06
100 #define TAC_AUTHEN_METH_RCMD 0x20
101 /* If adding more, see comments in protocol_version() in taclib.c */
103 /* Authorization status */
104 #define TAC_AUTHOR_STATUS_PASS_ADD 0x01
105 #define TAC_AUTHOR_STATUS_PASS_REPL 0x02
106 #define TAC_AUTHOR_STATUS_FAIL 0x10
107 #define TAC_AUTHOR_STATUS_ERROR 0x11
109 /* Accounting actions */
110 #define TAC_ACCT_MORE 0x1
111 #define TAC_ACCT_START 0x2
112 #define TAC_ACCT_STOP 0x4
113 #define TAC_ACCT_WATCHDOG 0x8
115 /* Accounting status */
116 #define TAC_ACCT_STATUS_SUCCESS 0x1
117 #define TAC_ACCT_STATUS_ERROR 0x2
118 #define TAC_ACCT_STATUS_FOLLOW 0x21
121 int tac_add_server(struct tac_handle *,
122 const char *, int, const char *, int, int);
123 void tac_close(struct tac_handle *);
124 int tac_config(struct tac_handle *, const char *);
125 int tac_create_authen(struct tac_handle *, int, int, int);
126 void *tac_get_data(struct tac_handle *, size_t *);
127 char *tac_get_msg(struct tac_handle *);
128 struct tac_handle *tac_open(void);
129 int tac_send_authen(struct tac_handle *);
130 int tac_set_data(struct tac_handle *,
131 const void *, size_t);
132 int tac_set_msg(struct tac_handle *, const char *);
133 int tac_set_port(struct tac_handle *, const char *);
134 int tac_set_priv(struct tac_handle *, int);
135 int tac_set_rem_addr(struct tac_handle *, const char *);
136 int tac_set_user(struct tac_handle *, const char *);
137 const char *tac_strerror(struct tac_handle *);
138 int tac_send_author(struct tac_handle *);
139 int tac_create_author(struct tac_handle *, int, int, int);
140 int tac_set_av(struct tac_handle *, u_int, const char *);
141 char *tac_get_av(struct tac_handle *, u_int);
142 char *tac_get_av_value(struct tac_handle *, const char *);
143 void tac_clear_avs(struct tac_handle *);
144 int tac_create_acct(struct tac_handle *, int, int, int, int);
145 int tac_send_acct(struct tac_handle *);
148 #endif /* _TACLIB_H_ */