2 * SPDX-License-Identifier: BSD-2-Clause
4 * Copyright (c) 1998, 2001, Juniper Networks, Inc.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 #include <sys/types.h>
36 /* Flags for tac_add_server(). */
37 #define TAC_SRVR_SINGLE_CONNECT 0x04 /* Keep connection open for multiple
40 /* Disassembly of tac_send_authen() return value. */
41 #define TAC_AUTHEN_STATUS(s) ((s) & 0xff)
42 #define TAC_AUTHEN_NOECHO(s) ((s) & (1<<8))
44 /* Disassembly of tac_send_author() return value. */
45 #define TAC_AUTHOR_STATUS(s) ((s) & 0xff)
46 #define TAC_AUTHEN_AV_COUNT(s) (((s)>>8) & 0xff)
48 /* Privilege levels */
49 #define TAC_PRIV_LVL_MIN 0x00
50 #define TAC_PRIV_LVL_USER 0x01
51 #define TAC_PRIV_LVL_ROOT 0x0f
52 #define TAC_PRIV_LVL_MAX 0x0f
54 /* Authentication actions */
55 #define TAC_AUTHEN_LOGIN 0x01
56 #define TAC_AUTHEN_CHPASS 0x02
57 #define TAC_AUTHEN_SENDPASS 0x03
58 #define TAC_AUTHEN_SENDAUTH 0x04
60 /* Authentication types */
61 #define TAC_AUTHEN_TYPE_NOT_SET 0x00
62 #define TAC_AUTHEN_TYPE_ASCII 0x01
63 #define TAC_AUTHEN_TYPE_PAP 0x02
64 #define TAC_AUTHEN_TYPE_CHAP 0x03
65 #define TAC_AUTHEN_TYPE_ARAP 0x04
66 #define TAC_AUTHEN_TYPE_MSCHAP 0x05
68 /* Authentication services */
69 #define TAC_AUTHEN_SVC_NONE 0x00
70 #define TAC_AUTHEN_SVC_LOGIN 0x01
71 #define TAC_AUTHEN_SVC_ENABLE 0x02
72 #define TAC_AUTHEN_SVC_PPP 0x03
73 #define TAC_AUTHEN_SVC_ARAP 0x04
74 #define TAC_AUTHEN_SVC_PT 0x05
75 #define TAC_AUTHEN_SVC_RCMD 0x06
76 #define TAC_AUTHEN_SVC_X25 0x07
77 #define TAC_AUTHEN_SVC_NASI 0x08
78 #define TAC_AUTHEN_SVC_FWPROXY 0x09
80 /* Authentication reply status codes */
81 #define TAC_AUTHEN_STATUS_PASS 0x01
82 #define TAC_AUTHEN_STATUS_FAIL 0x02
83 #define TAC_AUTHEN_STATUS_GETDATA 0x03
84 #define TAC_AUTHEN_STATUS_GETUSER 0x04
85 #define TAC_AUTHEN_STATUS_GETPASS 0x05
86 #define TAC_AUTHEN_STATUS_RESTART 0x06
87 #define TAC_AUTHEN_STATUS_ERROR 0x07
88 #define TAC_AUTHEN_STATUS_FOLLOW 0x21
90 /* Authorization authenticatication methods */
91 #define TAC_AUTHEN_METH_NOT_SET 0x00
92 #define TAC_AUTHEN_METH_NONE 0x01
93 #define TAC_AUTHEN_METH_KRB5 0x02
94 #define TAC_AUTHEN_METH_LINE 0x03
95 #define TAC_AUTHEN_METH_ENABLE 0x04
96 #define TAC_AUTHEN_METH_LOCAL 0x05
97 #define TAC_AUTHEN_METH_TACACSPLUS 0x06
98 #define TAC_AUTHEN_METH_RCMD 0x20
99 /* If adding more, see comments in protocol_version() in taclib.c */
101 /* Authorization status */
102 #define TAC_AUTHOR_STATUS_PASS_ADD 0x01
103 #define TAC_AUTHOR_STATUS_PASS_REPL 0x02
104 #define TAC_AUTHOR_STATUS_FAIL 0x10
105 #define TAC_AUTHOR_STATUS_ERROR 0x11
107 /* Accounting actions */
108 #define TAC_ACCT_MORE 0x1
109 #define TAC_ACCT_START 0x2
110 #define TAC_ACCT_STOP 0x4
111 #define TAC_ACCT_WATCHDOG 0x8
113 /* Accounting status */
114 #define TAC_ACCT_STATUS_SUCCESS 0x1
115 #define TAC_ACCT_STATUS_ERROR 0x2
116 #define TAC_ACCT_STATUS_FOLLOW 0x21
119 int tac_add_server(struct tac_handle *,
120 const char *, int, const char *, int, int);
121 void tac_close(struct tac_handle *);
122 int tac_config(struct tac_handle *, const char *);
123 int tac_create_authen(struct tac_handle *, int, int, int);
124 void *tac_get_data(struct tac_handle *, size_t *);
125 char *tac_get_msg(struct tac_handle *);
126 struct tac_handle *tac_open(void);
127 int tac_send_authen(struct tac_handle *);
128 int tac_set_data(struct tac_handle *,
129 const void *, size_t);
130 int tac_set_msg(struct tac_handle *, const char *);
131 int tac_set_port(struct tac_handle *, const char *);
132 int tac_set_priv(struct tac_handle *, int);
133 int tac_set_rem_addr(struct tac_handle *, const char *);
134 int tac_set_user(struct tac_handle *, const char *);
135 const char *tac_strerror(struct tac_handle *);
136 int tac_send_author(struct tac_handle *);
137 int tac_create_author(struct tac_handle *, int, int, int);
138 int tac_set_av(struct tac_handle *, u_int, const char *);
139 char *tac_get_av(struct tac_handle *, u_int);
140 char *tac_get_av_value(struct tac_handle *, const char *);
141 void tac_clear_avs(struct tac_handle *);
142 int tac_create_acct(struct tac_handle *, int, int, int, int);
143 int tac_send_acct(struct tac_handle *);
146 #endif /* _TACLIB_H_ */
projects / FreeBSD / FreeBSD.git / blob