12 #ifndef __PACKET_TACACS_H__
13 #define __PACKET_TACACS_H__
15 #define TAC_PLUS_HDR_SIZE 12
18 #define MSCHAP_DIGEST_LEN 49
21 FLAGS_UNENCRYPTED = 0x01,
28 TAC_PLUS_AUTHEN = 0x01,
29 TAC_PLUS_AUTHOR = 0x02,
34 #define TAC_PLUS_ENCRYPTED 0x0
35 #define TAC_PLUS_CLEAR 0x1
40 TAC_PLUS_AUTHEN_LOGIN = 0x01,
41 TAC_PLUS_AUTHEN_CHPASS = 0x02,
42 TAC_PLUS_AUTHEN_SENDPASS = 0x03,
43 TAC_PLUS_AUTHEN_SENDAUTH = 0x04
49 TAC_PLUS_PRIV_LVL_MAX = 0x0f,
50 TAC_PLUS_PRIV_LVL_ROOT = 0x0f,
51 TAC_PLUS_PRIV_LVL_USER = 0x01,
52 TAC_PLUS_PRIV_LVL_MIN = 0x00
58 TAC_PLUS_AUTHEN_TYPE_ASCII = 0x01,
59 TAC_PLUS_AUTHEN_TYPE_PAP = 0x02,
60 TAC_PLUS_AUTHEN_TYPE_CHAP = 0x03,
61 TAC_PLUS_AUTHEN_TYPE_ARAP = 0x04,
62 TAC_PLUS_AUTHEN_TYPE_MSCHAP = 0x05
68 TAC_PLUS_AUTHEN_SVC_NONE = 0x00,
69 TAC_PLUS_AUTHEN_SVC_LOGIN = 0x01,
70 TAC_PLUS_AUTHEN_SVC_ENABLE = 0x02,
71 TAC_PLUS_AUTHEN_SVC_PPP = 0x03,
72 TAC_PLUS_AUTHEN_SVC_ARAP = 0x04,
73 TAC_PLUS_AUTHEN_SVC_PT = 0x05,
74 TAC_PLUS_AUTHEN_SVC_RCMD = 0x06,
75 TAC_PLUS_AUTHEN_SVC_X25 = 0x07,
76 TAC_PLUS_AUTHEN_SVC_NASI = 0x08,
77 TAC_PLUS_AUTHEN_SVC_FWPROXY = 0x09
83 TAC_PLUS_AUTHEN_STATUS_PASS = 0x01,
84 TAC_PLUS_AUTHEN_STATUS_FAIL = 0x02,
85 TAC_PLUS_AUTHEN_STATUS_GETDATA = 0x03,
86 TAC_PLUS_AUTHEN_STATUS_GETUSER = 0x04,
87 TAC_PLUS_AUTHEN_STATUS_GETPASS = 0x05,
88 TAC_PLUS_AUTHEN_STATUS_RESTART = 0x06,
89 TAC_PLUS_AUTHEN_STATUS_ERROR = 0x07,
90 TAC_PLUS_AUTHEN_STATUS_FOLLOW = 0x21
94 #define TAC_PLUS_REPLY_FLAG_NOECHO 0x01
96 #define TAC_PLUS_CONTINUE_FLAG_ABORT 0x01
100 TAC_PLUS_AUTHEN_METH_NOT_SET = 0x00,
101 TAC_PLUS_AUTHEN_METH_NONE = 0x01,
102 TAC_PLUS_AUTHEN_METH_KRB5 = 0x02,
103 TAC_PLUS_AUTHEN_METH_LINE = 0x03,
104 TAC_PLUS_AUTHEN_METH_ENABLE = 0x04,
105 TAC_PLUS_AUTHEN_METH_LOCAL = 0x05,
106 TAC_PLUS_AUTHEN_METH_TACACSPLUS = 0x06,
107 TAC_PLUS_AUTHEN_METH_GUEST = 0x08,
108 TAC_PLUS_AUTHEN_METH_RADIUS = 0x10,
109 TAC_PLUS_AUTHEN_METH_KRB4 = 0x11,
110 TAC_PLUS_AUTHEN_METH_RCMD = 0x20
116 TAC_PLUS_AUTHOR_STATUS_PASS_ADD = 0x01,
117 TAC_PLUS_AUTHOR_STATUS_PASS_REPL = 0x02,
118 TAC_PLUS_AUTHOR_STATUS_FAIL = 0x10,
119 TAC_PLUS_AUTHOR_STATUS_ERROR = 0x11,
120 TAC_PLUS_AUTHOR_STATUS_FOLLOW = 0x21
127 TAC_PLUS_ACCT_FLAG_MORE = 0x1,
128 TAC_PLUS_ACCT_FLAG_START = 0x2,
129 TAC_PLUS_ACCT_FLAG_STOP = 0x4,
130 TAC_PLUS_ACCT_FLAG_WATCHDOG = 0x8
134 TAC_PLUS_ACCT_STATUS_SUCCESS = 0x01,
135 TAC_PLUS_ACCT_STATUS_ERROR = 0x02,
136 TAC_PLUS_ACCT_STATUS_FOLLOW = 0x21
140 #define H_VER_OFF (0)
141 #define H_TYPE_OFF (H_VER_OFF+1)
142 #define H_SEQ_NO_OFF (H_TYPE_OFF+1)
143 #define H_FLAGS_OFF (H_SEQ_NO_OFF+1)
144 #define H_SESSION_ID_OFF (H_FLAGS_OFF+1)
145 #define H_LENGTH_OFF (H_SESSION_ID_OFF+4)
147 #define TACPLUS_BODY_OFF 0
149 #define AUTHEN_S_ACTION_OFF (TACPLUS_BODY_OFF)
150 #define AUTHEN_S_PRIV_LVL_OFF (AUTHEN_S_ACTION_OFF+1)
151 #define AUTHEN_S_AUTHEN_TYPE_OFF (AUTHEN_S_PRIV_LVL_OFF+1)
152 #define AUTHEN_S_SERVICE_OFF (AUTHEN_S_AUTHEN_TYPE_OFF+1)
153 #define AUTHEN_S_USER_LEN_OFF (AUTHEN_S_SERVICE_OFF+1)
154 #define AUTHEN_S_PORT_LEN_OFF (AUTHEN_S_USER_LEN_OFF+1)
155 #define AUTHEN_S_REM_ADDR_LEN_OFF (AUTHEN_S_PORT_LEN_OFF+1)
156 #define AUTHEN_S_DATA_LEN_OFF (AUTHEN_S_REM_ADDR_LEN_OFF+1)
157 #define AUTHEN_S_VARDATA_OFF (AUTHEN_S_DATA_LEN_OFF+1)
160 #define AUTHEN_R_STATUS_OFF (TACPLUS_BODY_OFF)
161 #define AUTHEN_R_FLAGS_OFF (AUTHEN_R_STATUS_OFF+1)
162 #define AUTHEN_R_SRV_MSG_LEN_OFF (AUTHEN_R_FLAGS_OFF+1)
163 #define AUTHEN_R_DATA_LEN_OFF (AUTHEN_R_SRV_MSG_LEN_OFF+2)
164 #define AUTHEN_R_VARDATA_OFF (AUTHEN_R_DATA_LEN_OFF+2)
167 #define AUTHEN_C_USER_LEN_OFF (TACPLUS_BODY_OFF)
168 #define AUTHEN_C_DATA_LEN_OFF (AUTHEN_C_USER_LEN_OFF+2)
169 #define AUTHEN_C_FLAGS_OFF (AUTHEN_C_DATA_LEN_OFF+2)
170 #define AUTHEN_C_VARDATA_OFF (AUTHEN_C_FLAGS_OFF+1)
173 #define ACCT_Q_FLAGS_OFF (TACPLUS_BODY_OFF)
174 #define ACCT_Q_METHOD_OFF (ACCT_Q_FLAGS_OFF+1)
175 #define ACCT_Q_PRIV_LVL_OFF (ACCT_Q_METHOD_OFF+1)
176 #define ACCT_Q_AUTHEN_TYPE_OFF (ACCT_Q_PRIV_LVL_OFF+1)
177 #define ACCT_Q_SERVICE_OFF (ACCT_Q_AUTHEN_TYPE_OFF+1)
178 #define ACCT_Q_USER_LEN_OFF (ACCT_Q_SERVICE_OFF+1)
179 #define ACCT_Q_PORT_LEN_OFF (ACCT_Q_USER_LEN_OFF+1)
180 #define ACCT_Q_REM_ADDR_LEN_OFF (ACCT_Q_PORT_LEN_OFF+1)
181 #define ACCT_Q_ARG_CNT_OFF (ACCT_Q_REM_ADDR_LEN_OFF+1)
182 #define ACCT_Q_VARDATA_OFF (ACCT_Q_ARG_CNT_OFF+1)
185 #define ACCT_R_SRV_MSG_LEN_OFF (TACPLUS_BODY_OFF)
186 #define ACCT_R_DATA_LEN_OFF (ACCT_R_SRV_MSG_LEN_OFF+2)
187 #define ACCT_R_STATUS_OFF (ACCT_R_DATA_LEN_OFF+2)
188 #define ACCT_R_VARDATA_OFF (ACCT_R_STATUS_OFF+1)
192 #define AUTHOR_Q_AUTH_METH_OFF (TACPLUS_BODY_OFF)
193 #define AUTHOR_Q_PRIV_LVL_OFF (AUTHOR_Q_AUTH_METH_OFF+1)
194 #define AUTHOR_Q_AUTHEN_TYPE_OFF (AUTHOR_Q_PRIV_LVL_OFF+1)
195 #define AUTHOR_Q_SERVICE_OFF (AUTHOR_Q_AUTHEN_TYPE_OFF+1)
196 #define AUTHOR_Q_USER_LEN_OFF (AUTHOR_Q_SERVICE_OFF+1)
197 #define AUTHOR_Q_PORT_LEN_OFF (AUTHOR_Q_USER_LEN_OFF+1)
198 #define AUTHOR_Q_REM_ADDR_LEN_OFF (AUTHOR_Q_PORT_LEN_OFF+1)
199 #define AUTHOR_Q_ARGC_OFF (AUTHOR_Q_REM_ADDR_LEN_OFF+1)
200 #define AUTHOR_Q_VARDATA_OFF (AUTHOR_Q_ARGC_OFF+1)
203 #define AUTHOR_R_STATUS_OFF (TACPLUS_BODY_OFF)
204 #define AUTHOR_R_ARGC_OFF (AUTHOR_R_STATUS_OFF+1)
205 #define AUTHOR_R_SRV_MSG_LEN_OFF (AUTHOR_R_ARGC_OFF+1)
206 #define AUTHOR_R_DATA_LEN_OFF (AUTHOR_R_SRV_MSG_LEN_OFF+2)
207 #define AUTHOR_R_VARDATA_OFF (AUTHOR_R_DATA_LEN_OFF+2)
232 } tacplus_authen_start ;
240 } tacplus_authen_continue ;
249 } tacplus_authen_reply;
254 tacplus_authen_start s;
255 tacplus_authen_continue c;
256 tacplus_authen_reply r;
257 } tacplus_authen_pkt;
262 u_char authen_method;
265 u_char authen_service;
271 } tacplus_author_request;
279 } tacplus_author_reply;
282 tacplus_author_request q;
283 tacplus_author_reply r;
284 } tacplus_author_pkt;
289 u_char authen_method;
292 u_char authen_service;
298 } tacplus_account_request;
305 } tacplus_account_reply;
308 tacplus_account_request q;
309 tacplus_account_reply r;
310 } tacplus_account_pkt;
316 tacplus_authen_pkt authen;
317 tacplus_author_pkt author;
318 tacplus_account_pkt acct;
326 {TAC_PLUS_AUTHEN,
"Authentication"},
327 {TAC_PLUS_AUTHOR,
"Authorization" },
328 {TAC_PLUS_ACCT,
"Accounting" },
331 static const value_string tacplus_authen_action_vals[] = {
332 {TAC_PLUS_AUTHEN_LOGIN,
"Inbound Login"},
333 {TAC_PLUS_AUTHEN_CHPASS,
"Change password request"},
334 {TAC_PLUS_AUTHEN_SENDPASS,
"Send password request"},
335 {TAC_PLUS_AUTHEN_SENDAUTH,
"Outbound Request (SENDAUTH)"},
339 static const value_string tacplus_authen_priv_lvl_vals[] = {
340 {TAC_PLUS_PRIV_LVL_MAX,
"LVL_MAX"},
341 {TAC_PLUS_PRIV_LVL_ROOT,
"LVL_ROOT"},
342 {TAC_PLUS_PRIV_LVL_USER,
"LVL_USER"},
343 {TAC_PLUS_PRIV_LVL_MIN,
"LVL_MIN"},
347 static const value_string tacplus_authen_type_vals[] = {
348 {TAC_PLUS_AUTHEN_TYPE_ASCII,
"ASCII"},
349 {TAC_PLUS_AUTHEN_TYPE_PAP,
"PAP"},
350 {TAC_PLUS_AUTHEN_TYPE_CHAP,
"CHAP"},
351 {TAC_PLUS_AUTHEN_TYPE_ARAP,
"ARAP"},
352 {TAC_PLUS_AUTHEN_TYPE_MSCHAP,
"MS-CHAP"},
355 static const value_string tacplus_authen_service_vals[] = {
356 {TAC_PLUS_AUTHEN_SVC_NONE,
"TAC_PLUS_AUTHEN_SVC_NONE"},
357 {TAC_PLUS_AUTHEN_SVC_LOGIN,
"Login" },
358 {TAC_PLUS_AUTHEN_SVC_ENABLE,
"ENABLE"},
359 {TAC_PLUS_AUTHEN_SVC_PPP,
"PPP" },
360 {TAC_PLUS_AUTHEN_SVC_ARAP,
"ARAP" },
361 {TAC_PLUS_AUTHEN_SVC_PT,
"TAC_PLUS_AUTHEN_SVC_PT"},
362 {TAC_PLUS_AUTHEN_SVC_RCMD,
"TAC_PLUS_AUTHEN_SVC_RCMD"},
363 {TAC_PLUS_AUTHEN_SVC_X25,
"TAC_PLUS_AUTHEN_SVC_X25"},
364 {TAC_PLUS_AUTHEN_SVC_NASI,
"TAC_PLUS_AUTHEN_SVC_NASI"},
365 {TAC_PLUS_AUTHEN_SVC_FWPROXY,
"TAC_PLUS_AUTHEN_SVC_FWPROXY"},
368 static const value_string tacplus_reply_status_vals[] = {
369 {TAC_PLUS_AUTHEN_STATUS_PASS,
"Authentication Passed"},
370 {TAC_PLUS_AUTHEN_STATUS_FAIL,
"Authentication Failed"},
371 {TAC_PLUS_AUTHEN_STATUS_GETDATA,
"Send Data"},
372 {TAC_PLUS_AUTHEN_STATUS_GETUSER,
"Send Username"},
373 {TAC_PLUS_AUTHEN_STATUS_GETPASS,
"Send Password"},
374 {TAC_PLUS_AUTHEN_STATUS_RESTART,
"Restart Authentication Sequence"},
375 {TAC_PLUS_AUTHEN_STATUS_ERROR,
"Unrecoverable Error"},
376 {TAC_PLUS_AUTHEN_STATUS_FOLLOW,
"Use Alternate Server"},
381 {TAC_PLUS_AUTHEN_METH_NOT_SET,
"NOT_SET"},
382 {TAC_PLUS_AUTHEN_METH_NONE,
"NONE"},
383 {TAC_PLUS_AUTHEN_METH_KRB5,
"KRB5"},
384 {TAC_PLUS_AUTHEN_METH_LINE,
"LINE"},
385 {TAC_PLUS_AUTHEN_METH_ENABLE,
"ENABLE"},
386 {TAC_PLUS_AUTHEN_METH_LOCAL,
"LOCAL"},
387 {TAC_PLUS_AUTHEN_METH_TACACSPLUS,
"TACACSPLUS"},
388 {TAC_PLUS_AUTHEN_METH_GUEST,
"GUEST"},
389 {TAC_PLUS_AUTHEN_METH_RADIUS,
"RADIUS"},
390 {TAC_PLUS_AUTHEN_METH_KRB4,
"KRB4"},
391 {TAC_PLUS_AUTHEN_METH_RCMD,
"RCMD"},
395 {TAC_PLUS_AUTHOR_STATUS_PASS_ADD,
"PASS_ADD"},
396 {TAC_PLUS_AUTHOR_STATUS_PASS_REPL,
"PASS_REPL"},
397 {TAC_PLUS_AUTHOR_STATUS_FAIL,
"FAIL"},
398 {TAC_PLUS_AUTHOR_STATUS_ERROR,
"ERROR"},
399 {TAC_PLUS_AUTHOR_STATUS_FOLLOW,
"FOLLOW"},
403 {TAC_PLUS_ACCT_STATUS_SUCCESS,
"Success"},
404 {TAC_PLUS_ACCT_STATUS_ERROR,
"Error"},
405 {TAC_PLUS_ACCT_STATUS_FOLLOW,
"Follow"},
408 #ifdef __TAC_ACCOUNTING__
410 {TAC_PLUS_ACCT_FLAG_MORE,
"More (deprecated)"},
411 {TAC_PLUS_ACCT_FLAG_START,
"Start"},
412 {TAC_PLUS_ACCT_FLAG_STOP,
"Stop"},
413 {TAC_PLUS_ACCT_FLAG_WATCHDOG,
"Update"},
Definition: value_string.h:26