11590Srgrimes/*- 21590Srgrimes * Copyright (c) 1998, 2001, Juniper Networks, Inc. 31590Srgrimes * All rights reserved. 41590Srgrimes * 51590Srgrimes * Redistribution and use in source and binary forms, with or without 61590Srgrimes * modification, are permitted provided that the following conditions 71590Srgrimes * are met: 81590Srgrimes * 1. Redistributions of source code must retain the above copyright 91590Srgrimes * notice, this list of conditions and the following disclaimer. 101590Srgrimes * 2. Redistributions in binary form must reproduce the above copyright 111590Srgrimes * notice, this list of conditions and the following disclaimer in the 121590Srgrimes * documentation and/or other materials provided with the distribution. 131590Srgrimes * 141590Srgrimes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 151590Srgrimes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 161590Srgrimes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 171590Srgrimes * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 181590Srgrimes * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 191590Srgrimes * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 201590Srgrimes * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 211590Srgrimes * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 221590Srgrimes * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 231590Srgrimes * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 241590Srgrimes * SUCH DAMAGE. 251590Srgrimes * 261590Srgrimes * $FreeBSD$ 271590Srgrimes */ 281590Srgrimes 291590Srgrimes#ifndef _TACLIB_H_ 30105243Scharnier#define _TACLIB_H_ 311590Srgrimes 321590Srgrimes#include <sys/types.h> 33105243Scharnier 3427313Scharnierstruct tac_handle; 35105243Scharnier 3699112Sobrien/* Flags for tac_add_server(). */ 3799112Sobrien#define TAC_SRVR_SINGLE_CONNECT 0x04 /* Keep connection open for multiple 381590Srgrimes sessions. */ 3927313Scharnier 40129657Sstefanf/* Disassembly of tac_send_authen() return value. */ 41129657Sstefanf#define TAC_AUTHEN_STATUS(s) ((s) & 0xff) 421590Srgrimes#define TAC_AUTHEN_NOECHO(s) ((s) & (1<<8)) 431590Srgrimes 441590Srgrimes/* Disassembly of tac_send_author() return value. */ 451590Srgrimes#define TAC_AUTHOR_STATUS(s) ((s) & 0xff) 461590Srgrimes#define TAC_AUTHEN_AV_COUNT(s) (((s)>>8) & 0xff) 471590Srgrimes 481590Srgrimes/* Privilege levels */ 491590Srgrimes#define TAC_PRIV_LVL_MIN 0x00 501590Srgrimes#define TAC_PRIV_LVL_USER 0x01 511590Srgrimes#define TAC_PRIV_LVL_ROOT 0x0f 521590Srgrimes#define TAC_PRIV_LVL_MAX 0x0f 531590Srgrimes 541590Srgrimes/* Authentication actions */ 551590Srgrimes#define TAC_AUTHEN_LOGIN 0x01 561590Srgrimes#define TAC_AUTHEN_CHPASS 0x02 571590Srgrimes#define TAC_AUTHEN_SENDPASS 0x03 581590Srgrimes#define TAC_AUTHEN_SENDAUTH 0x04 591590Srgrimes 601590Srgrimes/* Authentication types */ 611590Srgrimes#define TAC_AUTHEN_TYPE_ASCII 0x01 621590Srgrimes#define TAC_AUTHEN_TYPE_PAP 0x02 63105243Scharnier#define TAC_AUTHEN_TYPE_CHAP 0x03 64246783Scharnier#define TAC_AUTHEN_TYPE_ARAP 0x04 651590Srgrimes#define TAC_AUTHEN_TYPE_MSCHAP 0x05 661590Srgrimes 671590Srgrimes/* Authentication services */ 681590Srgrimes#define TAC_AUTHEN_SVC_NONE 0x00 69105243Scharnier#define TAC_AUTHEN_SVC_LOGIN 0x01 70105243Scharnier#define TAC_AUTHEN_SVC_ENABLE 0x02 711590Srgrimes#define TAC_AUTHEN_SVC_PPP 0x03 721590Srgrimes#define TAC_AUTHEN_SVC_ARAP 0x04 731590Srgrimes#define TAC_AUTHEN_SVC_PT 0x05 741590Srgrimes#define TAC_AUTHEN_SVC_RCMD 0x06 751590Srgrimes#define TAC_AUTHEN_SVC_X25 0x07 761590Srgrimes#define TAC_AUTHEN_SVC_NASI 0x08 77246783Scharnier#define TAC_AUTHEN_SVC_FWPROXY 0x09 781590Srgrimes 791590Srgrimes/* Authentication reply status codes */ 801590Srgrimes#define TAC_AUTHEN_STATUS_PASS 0x01 811590Srgrimes#define TAC_AUTHEN_STATUS_FAIL 0x02 821590Srgrimes#define TAC_AUTHEN_STATUS_GETDATA 0x03 831590Srgrimes#define TAC_AUTHEN_STATUS_GETUSER 0x04 841590Srgrimes#define TAC_AUTHEN_STATUS_GETPASS 0x05 851590Srgrimes#define TAC_AUTHEN_STATUS_RESTART 0x06 861590Srgrimes#define TAC_AUTHEN_STATUS_ERROR 0x07 871590Srgrimes#define TAC_AUTHEN_STATUS_FOLLOW 0x21 881590Srgrimes 891590Srgrimes/* Authorization authenticatication methods */ 901590Srgrimes#define TAC_AUTHEN_METH_NOT_SET 0x00 91#define TAC_AUTHEN_METH_NONE 0x01 92#define TAC_AUTHEN_METH_KRB5 0x02 93#define TAC_AUTHEN_METH_LINE 0x03 94#define TAC_AUTHEN_METH_ENABLE 0x04 95#define TAC_AUTHEN_METH_LOCAL 0x05 96#define TAC_AUTHEN_METH_TACACSPLUS 0x06 97#define TAC_AUTHEN_METH_RCMD 0x20 98/* If adding more, see comments in protocol_version() in taclib.c */ 99 100/* Authorization status */ 101#define TAC_AUTHOR_STATUS_PASS_ADD 0x01 102#define TAC_AUTHOR_STATUS_PASS_REPL 0x02 103#define TAC_AUTHOR_STATUS_FAIL 0x10 104#define TAC_AUTHOR_STATUS_ERROR 0x11 105 106/* Accounting actions */ 107#define TAC_ACCT_MORE 0x1 108#define TAC_ACCT_START 0x2 109#define TAC_ACCT_STOP 0x4 110#define TAC_ACCT_WATCHDOG 0x8 111 112/* Accounting status */ 113#define TAC_ACCT_STATUS_SUCCESS 0x1 114#define TAC_ACCT_STATUS_ERROR 0x2 115#define TAC_ACCT_STATUS_FOLLOW 0x21 116 117__BEGIN_DECLS 118int tac_add_server(struct tac_handle *, 119 const char *, int, const char *, int, int); 120void tac_close(struct tac_handle *); 121int tac_config(struct tac_handle *, const char *); 122int tac_create_authen(struct tac_handle *, int, int, int); 123void *tac_get_data(struct tac_handle *, size_t *); 124char *tac_get_msg(struct tac_handle *); 125struct tac_handle *tac_open(void); 126int tac_send_authen(struct tac_handle *); 127int tac_set_data(struct tac_handle *, 128 const void *, size_t); 129int tac_set_msg(struct tac_handle *, const char *); 130int tac_set_port(struct tac_handle *, const char *); 131int tac_set_priv(struct tac_handle *, int); 132int tac_set_rem_addr(struct tac_handle *, const char *); 133int tac_set_user(struct tac_handle *, const char *); 134const char *tac_strerror(struct tac_handle *); 135int tac_send_author(struct tac_handle *); 136int tac_create_author(struct tac_handle *, int, int, int); 137int tac_set_av(struct tac_handle *, u_int, const char *); 138char *tac_get_av(struct tac_handle *, u_int); 139char *tac_get_av_value(struct tac_handle *, const char *); 140void tac_clear_avs(struct tac_handle *); 141int tac_create_acct(struct tac_handle *, int, int, int, int); 142int tac_send_acct(struct tac_handle *); 143__END_DECLS 144 145#endif /* _TACLIB_H_ */ 146