libnetconf2  3.5.1
NETCONF server and client library in C.
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Groups Pages
Client TLS

Client-side settings for TLS connections. More...

Collaboration diagram for Client TLS:

Functions

void nc_client_tls_get_cert_key_paths (const char **client_cert, const char **client_key)
 Get client authentication identity - a certificate and a private key. More...
 
void nc_client_tls_get_crl_paths (const char **crl_file, const char **crl_dir)
 Deprecated. More...
 
void nc_client_tls_get_trusted_ca_paths (const char **ca_file, const char **ca_dir)
 Get client trusted CA certificates paths. More...
 
int nc_client_tls_set_cert_key_paths (const char *client_cert, const char *client_key)
 Set client authentication identity - a certificate and a private key. More...
 
int nc_client_tls_set_crl_paths (const char *crl_file, const char *crl_dir)
 Deprecated. More...
 
int nc_client_tls_set_trusted_ca_paths (const char *ca_file, const char *ca_dir)
 Set client trusted CA certificates paths. More...
 
struct nc_session * nc_connect_libssl (void *tls, struct ly_ctx *ctx)
 Deprecated. Should not be needed. More...
 
struct nc_session * nc_connect_tls (const char *host, uint16_t port, struct ly_ctx *ctx)
 Connect to the NETCONF server using TLS transport (via libssl) More...
 

Detailed Description

Client-side settings for TLS connections.

Function Documentation

int nc_client_tls_set_cert_key_paths ( const char *  client_cert,
const char *  client_key 
)

Set client authentication identity - a certificate and a private key.

Parameters
[in]client_certPath to the file containing the client certificate.
[in]client_keyPath to the file containing the private key for the client_cert. If NULL, key is expected to be stored with client_cert.
Returns
0 on success, -1 on error.
void nc_client_tls_get_cert_key_paths ( const char **  client_cert,
const char **  client_key 
)

Get client authentication identity - a certificate and a private key.

Parameters
[out]client_certPath to the file containing the client certificate. Can be NULL.
[out]client_keyPath to the file containing the private key for the client_cert. Can be NULL.
int nc_client_tls_set_trusted_ca_paths ( const char *  ca_file,
const char *  ca_dir 
)

Set client trusted CA certificates paths.

Parameters
[in]ca_fileLocation of the CA certificate file used to verify server certificates. For more info, see the documentation for SSL_CTX_load_verify_locations() from OpenSSL.
[in]ca_dirLocation of the CA certificates directory used to verify the server certificates. For more info, see the documentation for SSL_CTX_load_verify_locations() from OpenSSL.
Returns
0 on success, -1 on error.
void nc_client_tls_get_trusted_ca_paths ( const char **  ca_file,
const char **  ca_dir 
)

Get client trusted CA certificates paths.

Parameters
[out]ca_fileLocation of the CA certificate file used to verify server certificates. Can be NULL.
[out]ca_dirLocation of the CA certificates directory used to verify the server certificates. Can be NULL.
int nc_client_tls_set_crl_paths ( const char *  crl_file,
const char *  crl_dir 
)

Deprecated.

void nc_client_tls_get_crl_paths ( const char **  crl_file,
const char **  crl_dir 
)

Deprecated.

struct nc_session* nc_connect_tls ( const char *  host,
uint16_t  port,
struct ly_ctx *  ctx 
)

Connect to the NETCONF server using TLS transport (via libssl)

TLS session is created with the certificates set using nc_client_tls_* functions, which must be called beforehand! If the caller needs to use specific TLS session properties, they are supposed to use nc_connect_libssl().

Parameters
[in]hostHostname or address (both Ipv4 and IPv6 are accepted) of the target server. 'localhost' is used by default if NULL is specified. It is verified by TLS when connecting to it.
[in]portPort number of the target server. Default value 6513 is used if 0 is specified.
[in,out]ctxOptional custom context to use for the session. If not set, a default context is created. Any YANG modules not present in the context and supported by the server are loaded using <get-schema> (if supported) and/or by searching the searchpath (see nc_client_set_schema_searchpath()).
Returns
Created NETCONF session object or NULL on error.
struct nc_session* nc_connect_libssl ( void *  tls,
struct ly_ctx *  ctx 
)

Deprecated. Should not be needed.