|
libnetconf2
1.1.48
NETCONF library for clients and servers
|
|
libnetconf2
1.1.48
NETCONF library for clients and servers
|
libnetconf2 session server manipulation More...
#include <stdint.h>#include <libyang/libyang.h>#include <openssl/x509.h>#include <libssh/libssh.h>#include <libssh/callbacks.h>#include <libssh/server.h>#include "session.h"#include "netconf.h"Go to the source code of this file.
Macros | |
| #define | NC_PSPOLL_NOSESSIONS 0x0001 |
| #define | NC_PSPOLL_TIMEOUT 0x0002 |
| #define | NC_PSPOLL_RPC 0x0004 |
| #define | NC_PSPOLL_BAD_RPC 0x0008 |
| #define | NC_PSPOLL_REPLY_ERROR 0x0010 |
| #define | NC_PSPOLL_SESSION_TERM 0x0020 |
| #define | NC_PSPOLL_SESSION_ERROR 0x0040 |
| #define | NC_PSPOLL_ERROR 0x0080 |
| #define | NC_PSPOLL_SSH_MSG 0x00100 |
| #define | NC_PSPOLL_SSH_CHANNEL 0x0200 |
Typedefs | |
| typedef struct nc_server_reply *(* | nc_rpc_clb )(struct lyd_node *rpc, struct nc_session *session) |
| Prototype of callbacks that are called if some RPCs are received. More... | |
Functions | |
| void | nc_session_set_term_reason (struct nc_session *session, NC_SESSION_TERM_REASON reason) |
| Set the termination reason for a session. Use only in nc_rpc_clb callbacks. More... | |
| void | nc_session_set_killed_by (struct nc_session *session, uint32_t sid) |
| Set the session-id of the session responsible for this session's termination. More... | |
| void | nc_session_set_status (struct nc_session *session, NC_STATUS status) |
| Set the status of a session. More... | |
| void | nc_set_global_rpc_clb (nc_rpc_clb clb) |
| Set a global nc_rpc_clb that is called if the particular RPC request is received and the private field in the corresponding RPC schema node is NULL. More... | |
| int | nc_server_init (struct ly_ctx *ctx) |
| Initialize libssh and/or libssl/libcrypto and the server using a libyang context. More... | |
| void | nc_server_destroy (void) |
| Destroy any dynamically allocated libssh and/or libssl/libcrypto and server resources. More... | |
| int | nc_server_set_capab_withdefaults (NC_WD_MODE basic_mode, int also_supported) |
| Set the with-defaults capability extra parameters. More... | |
| void | nc_server_get_capab_withdefaults (NC_WD_MODE *basic_mode, int *also_supported) |
| Get with-defaults capability extra parameters. More... | |
| int | nc_server_set_capability (const char *value) |
| Set capability of the server. More... | |
| void | nc_server_set_hello_timeout (uint16_t hello_timeout) |
| Set server timeout for receiving a hello message. More... | |
| uint16_t | nc_server_get_hello_timeout (void) |
| get server timeout for receiving a hello message. More... | |
| void | nc_server_set_idle_timeout (uint16_t idle_timeout) |
| Set server timeout for dropping an idle session. More... | |
| uint16_t | nc_server_get_idle_timeout (void) |
| Get server timeout for dropping an idle session. More... | |
| const char ** | nc_server_get_cpblts (struct ly_ctx *ctx) |
| Get all the server capabilities including all the schemas. More... | |
| const char ** | nc_server_get_cpblts_version (struct ly_ctx *ctx, LYS_VERSION version) |
| Get the server capabilities including the schemas with the specified YANG version. More... | |
| NC_MSG_TYPE | nc_accept_inout (int fdin, int fdout, const char *username, struct nc_session **session) |
| Accept a new session on a pre-established transport session. More... | |
| struct nc_pollsession * | nc_ps_new (void) |
| Create an empty structure for polling sessions. More... | |
| void | nc_ps_free (struct nc_pollsession *ps) |
| Free a pollsession structure. More... | |
| int | nc_ps_add_session (struct nc_pollsession *ps, struct nc_session *session) |
| Add a session to a pollsession structure. More... | |
| int | nc_ps_del_session (struct nc_pollsession *ps, struct nc_session *session) |
| Remove a session from a pollsession structure. More... | |
| struct nc_session * | nc_ps_get_session (const struct nc_pollsession *ps, uint16_t idx) |
| Get a session from a pollsession structure matching the session ID. More... | |
| uint16_t | nc_ps_session_count (struct nc_pollsession *ps) |
| Learn the number of sessions in a pollsession structure. More... | |
| int | nc_ps_poll (struct nc_pollsession *ps, int timeout, struct nc_session **session) |
| Poll sessions and process any received RPCs. More... | |
| void | nc_ps_clear (struct nc_pollsession *ps, int all, void(*data_free)(void *)) |
| Remove sessions from a pollsession structure and call nc_session_free() on them. More... | |
| int | nc_server_add_endpt (const char *name, NC_TRANSPORT_IMPL ti) |
| Add a new endpoint. More... | |
| int | nc_server_del_endpt (const char *name, NC_TRANSPORT_IMPL ti) |
| Stop listening on and remove an endpoint. More... | |
| int | nc_server_endpt_count (void) |
| Get the number of currently configured listening endpoints. Note that an ednpoint without address and/or port will be included even though it is not, in fact, listening. More... | |
| int | nc_server_is_endpt (const char *name) |
| Check if an endpoint exists. More... | |
| int | nc_server_endpt_set_address (const char *endpt_name, const char *address) |
| Change endpoint listening address. More... | |
| int | nc_server_endpt_set_port (const char *endpt_name, uint16_t port) |
| Change endpoint listening port. More... | |
| int | nc_server_endpt_set_perms (const char *endpt_name, mode_t mode, uid_t uid, gid_t gid) |
| Change endpoint permissions. More... | |
| int | nc_server_endpt_enable_keepalives (const char *endpt_name, int enable) |
| Change endpoint keepalives state. Affects only new connections. More... | |
| int | nc_server_endpt_set_keepalives (const char *endpt_name, int idle_time, int max_probes, int probe_interval) |
| Change endpoint keepalives parameters. Affects only new connections. More... | |
| NC_MSG_TYPE | nc_accept (int timeout, struct nc_session **session) |
| Accept new sessions on all the listening endpoints. More... | |
| NC_MSG_TYPE | nc_session_accept_ssh_channel (struct nc_session *orig_session, struct nc_session **session) |
Accept a new NETCONF session on an SSH session of a running NETCONF orig_session. Call this function only when nc_ps_poll() returns NC_PSPOLL_SSH_CHANNEL on orig_session. More... | |
| NC_MSG_TYPE | nc_ps_accept_ssh_channel (struct nc_pollsession *ps, struct nc_session **session) |
Accept a new NETCONF session on an SSH session of a running NETCONF session that was polled in ps. Call this function only when nc_ps_poll() on ps returns NC_PSPOLL_SSH_CHANNEL. The new session is only returned in session, it is not added to ps. More... | |
| int | nc_server_ssh_add_authkey (const char *pubkey_base64, NC_SSH_KEY_TYPE type, const char *username) |
| Add an authorized client SSH public key. This public key can be used for publickey authentication (for any SSH connection, even Call Home) afterwards. More... | |
| int | nc_server_ssh_add_authkey_path (const char *pubkey_path, const char *username) |
| Add an authorized client SSH public key. This public key can be used for publickey authentication (for any SSH connection, even Call Home) afterwards. More... | |
| int | nc_server_ssh_del_authkey (const char *pubkey_path, const char *pubkey_base64, NC_SSH_KEY_TYPE type, const char *username) |
| Remove an authorized client SSH public key. More... | |
| void | nc_server_ssh_set_passwd_auth_clb (int(*passwd_auth_clb)(const struct nc_session *session, const char *password, void *user_data), void *user_data, void(*free_user_data)(void *user_data)) |
| Set the callback for SSH password authentication. If none is set, local system users are used. More... | |
| void | nc_server_ssh_set_interactive_auth_clb (int(*interactive_auth_clb)(const struct nc_session *session, const ssh_message msg, void *user_data), void *user_data, void(*free_user_data)(void *user_data)) |
| Set the callback for SSH interactive authentication. If none is set, local system users are used. More... | |
| void | nc_server_ssh_set_pubkey_auth_clb (int(*pubkey_auth_clb)(const struct nc_session *session, ssh_key key, void *user_data), void *user_data, void(*free_user_data)(void *user_data)) |
| Set the callback for SSH public key authentication. If none is set, local system users are used. More... | |
| void | nc_server_ssh_set_hostkey_clb (int(*hostkey_clb)(const char *name, void *user_data, char **privkey_path, char **privkey_data, NC_SSH_KEY_TYPE *privkey_type), void *user_data, void(*free_user_data)(void *user_data)) |
| Set the callback for retrieving host keys. Any RSA, DSA, and ECDSA keys can be added. However, a maximum of one key of each type will be used during SSH authentication, later keys replacing the earlier ones. More... | |
| int | nc_server_ssh_endpt_add_hostkey (const char *endpt_name, const char *name, int16_t idx) |
| Add endpoint SSH host keys the server will identify itself with. Only the name is set, the key itself wil be retrieved using a callback. More... | |
| int | nc_server_ssh_endpt_del_hostkey (const char *endpt_name, const char *name, int16_t idx) |
| Delete endpoint SSH host key. Their order is preserved. More... | |
| int | nc_server_ssh_endpt_mov_hostkey (const char *endpt_name, const char *key_mov, const char *key_after) |
| Move endpoint SSH host key. More... | |
| int | nc_server_ssh_endpt_mod_hostkey (const char *endpt_name, const char *name, const char *new_name) |
| Modify endpoint SSH host key. More... | |
| int | nc_server_ssh_endpt_set_auth_methods (const char *endpt_name, int auth_methods) |
| Set endpoint accepted SSH authentication methods. All (publickey, password, interactive) are supported by default. More... | |
| int | nc_server_ssh_endpt_get_auth_methods (const char *endpt_name) |
| Get endpoint accepted SSH authentication methods. More... | |
| int | nc_server_ssh_endpt_set_auth_attempts (const char *endpt_name, uint16_t auth_attempts) |
| Set endpoint SSH authentication attempts of every client. 3 by default. More... | |
| int | nc_server_ssh_endpt_set_auth_timeout (const char *endpt_name, uint16_t auth_timeout) |
| Set endpoint SSH authentication timeout. 30 seconds by default. More... | |
| int | nc_server_tls_endpt_set_server_cert (const char *endpt_name, const char *name) |
| Set the server TLS certificate. Only the name is set, the certificate itself wil be retrieved using a callback. More... | |
| void | nc_server_tls_set_server_cert_clb (int(*cert_clb)(const char *name, void *user_data, char **cert_path, char **cert_data, char **privkey_path, char **privkey_data, NC_SSH_KEY_TYPE *privkey_type), void *user_data, void(*free_user_data)(void *user_data)) |
| Set the callback for retrieving server certificate and matching private key. More... | |
| void | nc_server_tls_set_server_cert_chain_clb (int(*cert_chain_clb)(const char *name, void *user_data, char ***cert_paths, int *cert_path_count, char ***cert_data, int *cert_data_count), void *user_data, void(*free_user_data)(void *user_data)) |
| Set the callback for retrieving server certificate chain. More... | |
| int | nc_server_tls_endpt_add_trusted_cert_list (const char *endpt_name, const char *name) |
| Add a trusted certificate list. Can be both a CA or a client one. Can be safely used together with nc_server_tls_endpt_set_trusted_ca_paths(). More... | |
| void | nc_server_tls_set_trusted_cert_list_clb (int(*cert_list_clb)(const char *name, void *user_data, char ***cert_paths, int *cert_path_count, char ***cert_data, int *cert_data_count), void *user_data, void(*free_user_data)(void *user_data)) |
| Set the callback for retrieving trusted certificates. More... | |
| int | nc_server_tls_endpt_del_trusted_cert_list (const char *endpt_name, const char *name) |
| Remove a trusted certificate. More... | |
| int | nc_server_tls_endpt_set_trusted_ca_paths (const char *endpt_name, const char *ca_file, const char *ca_dir) |
| Set trusted Certificate Authority certificate locations. There can only be one file and one directory, they are replaced if already set. Can be safely used with nc_server_tls_endpt_add_trusted_cert() or its _path variant. More... | |
| int | nc_server_tls_endpt_set_crl_paths (const char *endpt_name, const char *crl_file, const char *crl_dir) |
| Set Certificate Revocation List locations. There can only be one file and one directory, they are replaced if already set. More... | |
| void | nc_server_tls_endpt_clear_crls (const char *endpt_name) |
| Destroy and clean CRLs. Certificates, private keys, and CTN entries are not affected. More... | |
| int | nc_server_tls_endpt_add_ctn (const char *endpt_name, uint32_t id, const char *fingerprint, NC_TLS_CTN_MAPTYPE map_type, const char *name) |
| Add a cert-to-name entry. More... | |
| int | nc_server_tls_endpt_del_ctn (const char *endpt_name, int64_t id, const char *fingerprint, NC_TLS_CTN_MAPTYPE map_type, const char *name) |
| Remove a cert-to-name entry. More... | |
| int | nc_server_tls_endpt_get_ctn (const char *endpt_name, uint32_t *id, char **fingerprint, NC_TLS_CTN_MAPTYPE *map_type, char **name) |
| Get a cert-to-name entry. More... | |
| const X509 * | nc_session_get_client_cert (const struct nc_session *session) |
| Get client certificate. More... | |
| void | nc_server_tls_set_verify_clb (int(*verify_clb)(const struct nc_session *session)) |
| Set TLS authentication additional verify callback. More... | |
| time_t | nc_session_get_start_time (const struct nc_session *session) |
| Get session start time. More... | |
| void | nc_session_set_notif_status (struct nc_session *session, int notif_status) |
| Set session notification subscription flag. More... | |
| int | nc_session_get_notif_status (const struct nc_session *session) |
| Get session notification subscription flag. More... | |
| int | nc_session_is_callhome (const struct nc_session *session) |
| Learn whether a session was created using Call Home or not. Works only for server sessions. More... | |
libnetconf2 session server manipulation
This source code is licensed under BSD 3-Clause License (the "License"). You may not use this file except in compliance with the License. You may obtain a copy of the License at
https://opensource.org/licenses/BSD-3-Clause
Definition in file session_server.h.
| NC_MSG_TYPE nc_accept | ( | int | timeout, |
| struct nc_session ** | session | ||
| ) |
Accept new sessions on all the listening endpoints.
Once a new (TCP/IP) conection is established a different (quite long) timeout is used for waiting for transport-related data, which means this call can block for much longer that timeout, but only with slow/faulty/malicious clients.
| [in] | timeout | Timeout for receiving a new connection in milliseconds, 0 for non-blocking call, -1 for infinite waiting. |
| [out] | session | New session. |
| NC_MSG_TYPE nc_session_accept_ssh_channel | ( | struct nc_session * | orig_session, |
| struct nc_session ** | session | ||
| ) |
Accept a new NETCONF session on an SSH session of a running NETCONF orig_session. Call this function only when nc_ps_poll() returns NC_PSPOLL_SSH_CHANNEL on orig_session.
| [in] | orig_session | Session that has a new SSH channel ready. |
| [out] | session | New session. |
| NC_MSG_TYPE nc_ps_accept_ssh_channel | ( | struct nc_pollsession * | ps, |
| struct nc_session ** | session | ||
| ) |
Accept a new NETCONF session on an SSH session of a running NETCONF session that was polled in ps. Call this function only when nc_ps_poll() on ps returns NC_PSPOLL_SSH_CHANNEL. The new session is only returned in session, it is not added to ps.
| [in] | ps | Unmodified pollsession structure from the previous nc_ps_poll() call. |
| [out] | session | New session. |
1.8.5