libnetconf2  3.5.4
NETCONF server and client library in C.
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Groups Pages
Server Configuration Functions

Server-side configuration functions. More...

Collaboration diagram for Server Configuration Functions:

Functions

int nc_server_config_add_address_port (const struct ly_ctx *ctx, const char *endpt_name, NC_TRANSPORT_IMPL transport, const char *address, uint16_t port, struct lyd_node **config)
 Creates new YANG configuration data nodes for address and port. More...
 
int nc_server_config_add_keystore_asym_key (const struct ly_ctx *ctx, NC_TRANSPORT_IMPL ti, const char *asym_key_name, const char *privkey_path, const char *pubkey_path, struct lyd_node **config)
 Creates new YANG data nodes for an asymmetric key in the keystore. More...
 
int nc_server_config_add_keystore_cert (const struct ly_ctx *ctx, const char *asym_key_name, const char *cert_name, const char *cert_path, struct lyd_node **config)
 Creates new YANG data nodes for a certificate in the keystore. More...
 
int nc_server_config_add_truststore_cert (const struct ly_ctx *ctx, const char *cert_bag_name, const char *cert_name, const char *cert_path, struct lyd_node **config)
 Creates new YANG data nodes for a certificate in the truststore. More...
 
int nc_server_config_add_truststore_pubkey (const struct ly_ctx *ctx, const char *pub_bag_name, const char *pubkey_name, const char *pubkey_path, struct lyd_node **config)
 Creates new YANG data nodes for a public key in the truststore. More...
 
int nc_server_config_del_endpt (const char *endpt_name, struct lyd_node **config)
 Deletes an endpoint from the YANG data. More...
 
int nc_server_config_del_keystore_asym_key (const char *asym_key_name, struct lyd_node **config)
 Deletes a keystore's asymmetric key from the YANG data. More...
 
int nc_server_config_del_keystore_cert (const char *asym_key_name, const char *cert_name, struct lyd_node **config)
 Deletes a keystore's certificate from the YANG data. More...
 
int nc_server_config_del_truststore_cert (const char *cert_bag_name, const char *cert_name, struct lyd_node **config)
 Deletes a truststore's certificate from the YANG data. More...
 
int nc_server_config_del_truststore_pubkey (const char *pub_bag_name, const char *pubkey_name, struct lyd_node **config)
 Deletes a truststore's public key from the YANG data. More...
 
int nc_server_config_load_modules (struct ly_ctx **ctx)
 Implements all the required modules and their features in the context. Needs to be called before any other configuration functions. More...
 
int nc_server_config_oper_get_encryption_algs (const struct ly_ctx *ctx, struct lyd_node **encryption_algs)
 Gets the encryption algorithms supported by the server from the 'iana-ssh-encryption-algs' YANG module. More...
 
int nc_server_config_oper_get_hostkey_algs (const struct ly_ctx *ctx, struct lyd_node **hostkey_algs)
 Gets the hostkey algorithms supported by the server from the 'iana-ssh-public-key-algs' YANG module. More...
 
int nc_server_config_oper_get_kex_algs (const struct ly_ctx *ctx, struct lyd_node **kex_algs)
 Gets the key exchange algorithms supported by the server from the 'iana-ssh-key-exchange-algs' YANG module. More...
 
int nc_server_config_oper_get_mac_algs (const struct ly_ctx *ctx, struct lyd_node **mac_algs)
 Gets the MAC algorithms supported by the server from the 'iana-ssh-mac-algs' YANG module. More...
 
int nc_server_config_setup_data (const struct lyd_node *data)
 Configure server based on the given data. More...
 
int nc_server_config_setup_diff (const struct lyd_node *diff)
 Configure server based on the given diff. More...
 
int nc_server_config_setup_path (const struct ly_ctx *ctx, const char *path)
 Configure server based on the given data stored in a file. More...
 

Detailed Description

Server-side configuration functions.

Server Configuration

Function Documentation

int nc_server_config_load_modules ( struct ly_ctx **  ctx)

Implements all the required modules and their features in the context. Needs to be called before any other configuration functions.

If ctx is :

  • NULL: a new context will be created and if the call is successful you have to free it,
  • non NULL: modules will simply be implemented.

Implemented modules: ietf-netconf-server, ietf-x509-cert-to-name, ietf-crypto-types, ietf-tcp-common, ietf-ssh-common, iana-ssh-encryption-algs, iana-ssh-key-exchange-algs, iana-ssh-mac-algs, iana-ssh-public-key-algs, ietf-keystore, ietf-ssh-server, ietf-truststore, ietf-tls-server and libnetconf2-netconf-server.

Note that the SSH authentication depends on the value of the 'local-users-supported' feature in the ietf-ssh-server module. If the feature, and its dependent if-features, are disabled, the SSH authentication will use the system users. Otherwise, the SSH authentication will use the local users from the configuration (the default).

Parameters
[in,out]ctxOptional context in which the modules will be implemented. Created if *ctx is null.
Returns
0 on success, 1 on error.
int nc_server_config_setup_diff ( const struct lyd_node *  diff)

Configure server based on the given diff.

Context must already have implemented the required modules, see nc_server_config_load_modules().

Parameters
[in]diffYANG diff belonging to either ietf-netconf-server, ietf-keystore or ietf-truststore modules. The top level node HAS to have an operation (create, replace, delete or none).
Returns
0 on success, 1 on error.
int nc_server_config_setup_data ( const struct lyd_node *  data)

Configure server based on the given data.

Behaves as if all the nodes in data had the replace operation. That means that the current configuration will be deleted and just the given data will be applied. Context must already have implemented the required modules, see nc_server_config_load_modules().

Parameters
[in]dataYANG data belonging to either ietf-netconf-server, ietf-keystore or ietf-truststore modules. This data must be valid. No node can have an operation attribute.
Returns
0 on success, 1 on error.
int nc_server_config_setup_path ( const struct ly_ctx *  ctx,
const char *  path 
)

Configure server based on the given data stored in a file.

Wrapper around nc_server_config_setup_data() hiding work with parsing the data. Context must already have implemented the required modules, see nc_server_config_load_modules().

Parameters
[in]ctxlibyang context.
[in]pathPath to a file with ietf-netconf-server, ietf-keystore or ietf-truststore YANG data. This data must be valid. No node can have an operation attribute.
Returns
0 on success, 1 on error.
int nc_server_config_add_address_port ( const struct ly_ctx *  ctx,
const char *  endpt_name,
NC_TRANSPORT_IMPL  transport,
const char *  address,
uint16_t  port,
struct lyd_node **  config 
)

Creates new YANG configuration data nodes for address and port.

Parameters
[in]ctxlibyang context.
[in]endpt_nameArbitrary identifier of the endpoint. If an endpoint with this identifier already exists, its contents might be changed.
[in]transportEither SSH or TLS transport for the given endpoint.
[in]addressNew listening address.
[in]portNew listening port.
[in,out]configConfiguration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.
Returns
0 on success, non-zero otherwise.
int nc_server_config_del_endpt ( const char *  endpt_name,
struct lyd_node **  config 
)

Deletes an endpoint from the YANG data.

Parameters
[in]endpt_nameOptional identifier of an endpoint to be deleted. If NULL, all of the endpoints will be deleted.
[in,out]configModified configuration YANG data tree.
Returns
0 on success, non-zero otherwise.
int nc_server_config_add_keystore_asym_key ( const struct ly_ctx *  ctx,
NC_TRANSPORT_IMPL  ti,
const char *  asym_key_name,
const char *  privkey_path,
const char *  pubkey_path,
struct lyd_node **  config 
)

Creates new YANG data nodes for an asymmetric key in the keystore.

Parameters
[in]ctxlibyang context.
[in]tiTransport in which the key pair will be used. Either SSH or TLS.
[in]asym_key_nameIdentifier of the asymmetric key pair. This identifier is used to reference the key pair.
[in]privkey_pathPath to a private key file.
[in]pubkey_pathOptional path a public key file. If not supplied, it will be generated from the private key.
[in,out]configConfiguration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.
Returns
0 on success, non-zero otherwise.
int nc_server_config_del_keystore_asym_key ( const char *  asym_key_name,
struct lyd_node **  config 
)

Deletes a keystore's asymmetric key from the YANG data.

Parameters
[in]asym_key_nameOptional identifier of the asymmetric key to be deleted. If NULL, all of the asymmetric keys in the keystore will be deleted.
[in,out]configConfiguration YANG data tree.
Returns
0 on success, non-zero otherwise.
int nc_server_config_add_keystore_cert ( const struct ly_ctx *  ctx,
const char *  asym_key_name,
const char *  cert_name,
const char *  cert_path,
struct lyd_node **  config 
)

Creates new YANG data nodes for a certificate in the keystore.

A certificate can not exist without its asymmetric key, so you must create an asymmetric key with the same identifier you pass to this function.

Parameters
[in]ctxlibyang context.
[in]asym_key_nameArbitrary identifier of the asymmetric key. If an asymmetric key pair with this name already exists, its contents will be changed.
[in]cert_nameArbitrary identifier of the key pair's certificate. If a certificate with this name already exists, its contents will be changed.
[in]cert_pathPath to the PEM encoded certificate file.
[in,out]configConfiguration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.
Returns
0 on success, non-zero otherwise.
int nc_server_config_del_keystore_cert ( const char *  asym_key_name,
const char *  cert_name,
struct lyd_node **  config 
)

Deletes a keystore's certificate from the YANG data.

Parameters
[in]asym_key_nameIdentifier of an existing asymmetric key pair.
[in]cert_nameOptional identifier of a certificate to be deleted. If NULL, all of the certificates belonging to the asymmetric key pair will be deleted.
[in,out]configConfiguration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.
Returns
0 on success, non-zero otherwise.
int nc_server_config_add_truststore_pubkey ( const struct ly_ctx *  ctx,
const char *  pub_bag_name,
const char *  pubkey_name,
const char *  pubkey_path,
struct lyd_node **  config 
)

Creates new YANG data nodes for a public key in the truststore.

Parameters
[in]ctxlibyang context.
[in]pub_bag_nameArbitrary identifier of the public key bag. This name is used to reference the public keys in the bag. If a public key bag with this name already exists, its contents will be changed.
[in]pubkey_nameArbitrary identifier of the public key. If a public key with this name already exists in the given bag, its contents will be changed.
[in]pubkey_pathPath to a file containing a public key.
[in,out]configConfiguration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.
Returns
0 on success, non-zero otherwise.
int nc_server_config_del_truststore_pubkey ( const char *  pub_bag_name,
const char *  pubkey_name,
struct lyd_node **  config 
)

Deletes a truststore's public key from the YANG data.

Parameters
[in]pub_bag_nameIdentifier of an existing public key bag.
[in]pubkey_nameOptional identifier of a public key to be deleted. If NULL, all of the public keys in the given bag will be deleted.
[in,out]configConfiguration YANG data tree.
Returns
0 on success, non-zero otherwise.
int nc_server_config_add_truststore_cert ( const struct ly_ctx *  ctx,
const char *  cert_bag_name,
const char *  cert_name,
const char *  cert_path,
struct lyd_node **  config 
)

Creates new YANG data nodes for a certificate in the truststore.

Parameters
[in]ctxlibyang context.
[in]cert_bag_nameArbitrary identifier of the certificate bag. This name is used to reference the certificates in the bag. If a certificate bag with this name already exists, its contents will be changed.
[in]cert_nameArbitrary identifier of the certificate. If a certificate with this name already exists in the given bag, its contents will be changed.
[in]cert_pathPath to a file containing a PEM encoded certificate.
[in,out]configConfiguration YANG data tree. If *config is NULL, it will be created. Otherwise the new YANG data will be added to the previous data and may override it.
Returns
0 on success, non-zero otherwise.
int nc_server_config_del_truststore_cert ( const char *  cert_bag_name,
const char *  cert_name,
struct lyd_node **  config 
)

Deletes a truststore's certificate from the YANG data.

Parameters
[in]cert_bag_nameIdentifier of an existing certificate bag.
[in]cert_nameOptional identifier of a certificate to be deleted. If NULL, all of the certificates in the given bag will be deleted.
[in,out]configConfiguration YANG data tree.
Returns
0 on success, non-zero otherwise.
int nc_server_config_oper_get_hostkey_algs ( const struct ly_ctx *  ctx,
struct lyd_node **  hostkey_algs 
)

Gets the hostkey algorithms supported by the server from the 'iana-ssh-public-key-algs' YANG module.

Parameters
[in]ctxlibyang context.
[out]hostkey_algsContainer with leaf-lists containing the supported algorithms.
Returns
0 on success, non-zero otherwise.
int nc_server_config_oper_get_kex_algs ( const struct ly_ctx *  ctx,
struct lyd_node **  kex_algs 
)

Gets the key exchange algorithms supported by the server from the 'iana-ssh-key-exchange-algs' YANG module.

Parameters
[in]ctxlibyang context.
[out]kex_algsContainer with leaf-lists containing the supported algorithms.
Returns
0 on success, non-zero otherwise.
int nc_server_config_oper_get_encryption_algs ( const struct ly_ctx *  ctx,
struct lyd_node **  encryption_algs 
)

Gets the encryption algorithms supported by the server from the 'iana-ssh-encryption-algs' YANG module.

Parameters
[in]ctxlibyang context.
[out]encryption_algsContainer with leaf-lists containing the supported algorithms.
Returns
0 on success, non-zero otherwise.
int nc_server_config_oper_get_mac_algs ( const struct ly_ctx *  ctx,
struct lyd_node **  mac_algs 
)

Gets the MAC algorithms supported by the server from the 'iana-ssh-mac-algs' YANG module.

Parameters
[in]ctxlibyang context.
[out]mac_algsContainer with leaf-lists containing the supported algorithms.
Returns
0 on success, non-zero otherwise.