|
libnetconf2
1.1.48
NETCONF library for clients and servers
|
|
libnetconf2
1.1.48
NETCONF library for clients and servers
|
TLS settings for the Call Home functionality. More...
Functions | |
| int | nc_server_tls_ch_client_endpt_set_server_cert (const char *client_name, const char *endpt_name, const char *name) |
| Set the server Call Home TLS certificate. Only the name is set, the certificate itself wil be retrieved using a callback. More... | |
| int | nc_server_tls_ch_client_endpt_add_trusted_cert_list (const char *client_name, const char *endpt_name, const char *name) |
| Add a Call Home trusted certificate list. Can be both a CA or a client one. More... | |
| int | nc_server_tls_ch_client_endpt_del_trusted_cert_list (const char *client_name, const char *endpt_name, const char *name) |
| Remove a set Call Home trusted certificate list. CRLs and CTN entries are not affected. More... | |
| int | nc_server_tls_ch_client_endpt_set_trusted_ca_paths (const char *client_name, const char *endpt_name, const char *ca_file, const char *ca_dir) |
| Set trusted Call Home Certificate Authority certificate locations. There can only be one file and one directory, they are replaced if already set. More... | |
| int | nc_server_tls_ch_client_endpt_set_crl_paths (const char *client_name, const char *endpt_name, const char *crl_file, const char *crl_dir) |
| Set Call Home Certificate Revocation List locations. There can only be one file and one directory, they are replaced if already set. More... | |
| void | nc_server_tls_ch_client_endpt_clear_crls (const char *client_name, const char *endpt_name) |
| Destroy and clean Call Home CRLs. Call Home certificates, private keys, and CTN entries are not affected. More... | |
| int | nc_server_tls_ch_client_endpt_add_ctn (const char *client_name, const char *endpt_name, uint32_t id, const char *fingerprint, NC_TLS_CTN_MAPTYPE map_type, const char *name) |
| Add a cert-to-name entry. More... | |
| int | nc_server_tls_ch_client_endpt_del_ctn (const char *client_name, const char *endpt_name, int64_t id, const char *fingerprint, NC_TLS_CTN_MAPTYPE map_type, const char *name) |
| Remove a Call Home cert-to-name entry. More... | |
| int | nc_server_tls_ch_client_endpt_get_ctn (const char *client_name, const char *endpt_name, uint32_t *id, char **fingerprint, NC_TLS_CTN_MAPTYPE *map_type, char **name) |
| Get a Call Home cert-to-name entry. More... | |
TLS settings for the Call Home functionality.
| int nc_server_tls_ch_client_endpt_set_server_cert | ( | const char * | client_name, |
| const char * | endpt_name, | ||
| const char * | name | ||
| ) |
Set the server Call Home TLS certificate. Only the name is set, the certificate itself wil be retrieved using a callback.
| [in] | client_name | Existing Call Home client name. |
| [in] | endpt_name | Existing endpoint name of the client. |
| [in] | name | Arbitrary certificate name. |
| int nc_server_tls_ch_client_endpt_add_trusted_cert_list | ( | const char * | client_name, |
| const char * | endpt_name, | ||
| const char * | name | ||
| ) |
Add a Call Home trusted certificate list. Can be both a CA or a client one.
| [in] | client_name | Existing Call Home client name. |
| [in] | endpt_name | Existing endpoint name of the client. |
| [in] | name | Arbitary name identifying this certificate list. |
| int nc_server_tls_ch_client_endpt_del_trusted_cert_list | ( | const char * | client_name, |
| const char * | endpt_name, | ||
| const char * | name | ||
| ) |
Remove a set Call Home trusted certificate list. CRLs and CTN entries are not affected.
| [in] | client_name | Existing Call Home client name. |
| [in] | endpt_name | Existing endpoint name of the client. |
| [in] | name | Name of the certificate list to delete. NULL deletes all the lists. |
| int nc_server_tls_ch_client_endpt_set_trusted_ca_paths | ( | const char * | client_name, |
| const char * | endpt_name, | ||
| const char * | ca_file, | ||
| const char * | ca_dir | ||
| ) |
Set trusted Call Home Certificate Authority certificate locations. There can only be one file and one directory, they are replaced if already set.
| [in] | client_name | Existing Call Home client name. |
| [in] | endpt_name | Existing endpoint name of the client. |
| [in] | ca_file | Path to a trusted CA cert store file in PEM format. Can be NULL. |
| [in] | ca_dir | Path to a trusted CA cert store hashed directory (c_rehash utility can be used to create hashes) with PEM files. Can be NULL. |
| int nc_server_tls_ch_client_endpt_set_crl_paths | ( | const char * | client_name, |
| const char * | endpt_name, | ||
| const char * | crl_file, | ||
| const char * | crl_dir | ||
| ) |
Set Call Home Certificate Revocation List locations. There can only be one file and one directory, they are replaced if already set.
| [in] | client_name | Existing Call Home client name. |
| [in] | endpt_name | Existing endpoint name of the client. |
| [in] | crl_file | Path to a CRL store file in PEM format. Can be NULL. |
| [in] | crl_dir | Path to a CRL store hashed directory (c_rehash utility can be used to create hashes) with PEM files. Can be NULL. |
| void nc_server_tls_ch_client_endpt_clear_crls | ( | const char * | client_name, |
| const char * | endpt_name | ||
| ) |
Destroy and clean Call Home CRLs. Call Home certificates, private keys, and CTN entries are not affected.
| [in] | client_name | Existing Call Home client name. |
| [in] | endpt_name | Existing endpoint name of the client. |
| int nc_server_tls_ch_client_endpt_add_ctn | ( | const char * | client_name, |
| const char * | endpt_name, | ||
| uint32_t | id, | ||
| const char * | fingerprint, | ||
| NC_TLS_CTN_MAPTYPE | map_type, | ||
| const char * | name | ||
| ) |
Add a cert-to-name entry.
It is possible to add an entry step-by-step, specifying first only ip and in later calls fingerprint, map_type, and optionally name spearately.
| [in] | client_name | Existing Call Home client name. |
| [in] | endpt_name | Existing endpoint name of the client. |
| [in] | id | Priority of the entry. It must be unique. If already exists, the entry with this id is modified. |
| [in] | fingerprint | Matching certificate fingerprint. If NULL, kept temporarily unset. |
| [in] | map_type | Type of username-certificate mapping. If 0, kept temporarily unset. |
| [in] | name | Specific username used only if map_type == NC_TLS_CTN_SPECIFED. |
| int nc_server_tls_ch_client_endpt_del_ctn | ( | const char * | client_name, |
| const char * | endpt_name, | ||
| int64_t | id, | ||
| const char * | fingerprint, | ||
| NC_TLS_CTN_MAPTYPE | map_type, | ||
| const char * | name | ||
| ) |
Remove a Call Home cert-to-name entry.
| [in] | client_name | Existing Call Home client name. |
| [in] | endpt_name | Existing endpoint name of the client. |
| [in] | id | Priority of the entry. -1 matches all the priorities. |
| [in] | fingerprint | Fingerprint fo the entry. NULL matches all the fingerprints. |
| [in] | map_type | Mapping type of the entry. 0 matches all the mapping types. |
| [in] | name | Specific username for the entry. NULL matches all the usernames. |
| int nc_server_tls_ch_client_endpt_get_ctn | ( | const char * | client_name, |
| const char * | endpt_name, | ||
| uint32_t * | id, | ||
| char ** | fingerprint, | ||
| NC_TLS_CTN_MAPTYPE * | map_type, | ||
| char ** | name | ||
| ) |
Get a Call Home cert-to-name entry.
If a parameter is NULL, it is ignored. If its dereferenced value is NULL, it is filled and returned. If the value is set, it is used as a filter. Returns first matching entry.
| [in] | client_name | Existing Call Home client name. |
| [in] | endpt_name | Existing endpoint name of the client. |
| [in,out] | id | Priority of the entry. |
| [in,out] | fingerprint | Fingerprint fo the entry. |
| [in,out] | map_type | Mapping type of the entry. |
| [in,out] | name | Specific username for the entry. |
1.8.5 
