libnetconf2 2.0.24
NETCONF server and client library in C.
Loading...
Searching...
No Matches
session_server.h File Reference

libnetconf2 session server manipulation More...

#include <libyang/libyang.h>
#include <stdint.h>
#include <openssl/x509.h>
#include <libssh/callbacks.h>
#include <libssh/libssh.h>
#include <libssh/server.h>
#include "netconf.h"
#include "session.h"
Include dependency graph for session_server.h:

Go to the source code of this file.

Macros

#define NC_PSPOLL_BAD_RPC   0x0008
 
#define NC_PSPOLL_ERROR   0x0080
 
#define NC_PSPOLL_NOSESSIONS   0x0001
 
#define NC_PSPOLL_REPLY_ERROR   0x0010
 
#define NC_PSPOLL_RPC   0x0004
 
#define NC_PSPOLL_SESSION_ERROR   0x0040
 
#define NC_PSPOLL_SESSION_TERM   0x0020
 
#define NC_PSPOLL_SSH_CHANNEL   0x0200
 
#define NC_PSPOLL_SSH_MSG   0x00100
 
#define NC_PSPOLL_TIMEOUT   0x0002
 

Typedefs

typedef struct nc_server_reply *(* nc_rpc_clb) (struct lyd_node *rpc, struct nc_session *session)
 Prototype of callbacks that are called if some RPCs are received.
 

Functions

NC_MSG_TYPE nc_accept (int timeout, struct nc_session **session)
 Accept new sessions on all the listening endpoints.
 
NC_MSG_TYPE nc_accept_inout (int fdin, int fdout, const char *username, struct nc_session **session)
 Accept a new session on a pre-established transport session.
 
NC_MSG_TYPE nc_ps_accept_ssh_channel (struct nc_pollsession *ps, struct nc_session **session)
 Accept a new NETCONF session on an SSH session of a running NETCONF session that was polled in ps. Call this function only when nc_ps_poll() on ps returns NC_PSPOLL_SSH_CHANNEL. The new session is only returned in session, it is not added to ps.
 
int nc_ps_add_session (struct nc_pollsession *ps, struct nc_session *session)
 Add a session to a pollsession structure.
 
void nc_ps_clear (struct nc_pollsession *ps, int all, void(*data_free)(void *))
 Remove sessions from a pollsession structure and call nc_session_free() on them.
 
int nc_ps_del_session (struct nc_pollsession *ps, struct nc_session *session)
 Remove a session from a pollsession structure.
 
void nc_ps_free (struct nc_pollsession *ps)
 Free a pollsession structure.
 
struct nc_session * nc_ps_get_session (const struct nc_pollsession *ps, uint16_t idx)
 Get a session from a pollsession structure matching the session ID.
 
struct nc_pollsession * nc_ps_new (void)
 Create an empty structure for polling sessions.
 
int nc_ps_poll (struct nc_pollsession *ps, int timeout, struct nc_session **session)
 Poll sessions and process any received RPCs.
 
uint16_t nc_ps_session_count (struct nc_pollsession *ps)
 Learn the number of sessions in a pollsession structure.
 
int nc_server_add_endpt (const char *name, NC_TRANSPORT_IMPL ti)
 Add a new endpoint.
 
int nc_server_del_endpt (const char *name, NC_TRANSPORT_IMPL ti)
 Stop listening on and remove an endpoint.
 
void nc_server_destroy (void)
 Destroy any dynamically allocated libssh and/or libssl/libcrypto and server resources.
 
int nc_server_endpt_count (void)
 Get the number of currently configured listening endpoints. Note that an ednpoint without address and/or port will be included even though it is not, in fact, listening.
 
int nc_server_endpt_enable_keepalives (const char *endpt_name, int enable)
 Change endpoint keepalives state. Affects only new connections.
 
int nc_server_endpt_set_address (const char *endpt_name, const char *address)
 Change endpoint listening address.
 
int nc_server_endpt_set_keepalives (const char *endpt_name, int idle_time, int max_probes, int probe_interval)
 Change endpoint keepalives parameters. Affects only new connections.
 
int nc_server_endpt_set_perms (const char *endpt_name, mode_t mode, uid_t uid, gid_t gid)
 Change endpoint permissions.
 
int nc_server_endpt_set_port (const char *endpt_name, uint16_t port)
 Change endpoint listening port.
 
void nc_server_get_capab_withdefaults (NC_WD_MODE *basic_mode, int *also_supported)
 Get with-defaults capability extra parameters.
 
const char ** nc_server_get_cpblts (struct ly_ctx *ctx)
 Get all the server capabilities including all the schemas.
 
const char ** nc_server_get_cpblts_version (struct ly_ctx *ctx, LYS_VERSION version)
 Get the server capabilities including the schemas with the specified YANG version.
 
uint16_t nc_server_get_hello_timeout (void)
 get server timeout for receiving a hello message.
 
uint16_t nc_server_get_idle_timeout (void)
 Get server timeout for dropping an idle session.
 
int nc_server_init (struct ly_ctx *ctx)
 Initialize libssh and/or libssl/libcrypto and the server using a libyang context.
 
int nc_server_is_endpt (const char *name)
 Check if an endpoint exists.
 
int nc_server_set_capab_withdefaults (NC_WD_MODE basic_mode, int also_supported)
 Set the with-defaults capability extra parameters.
 
int nc_server_set_capability (const char *value)
 Set capability of the server.
 
void nc_server_set_content_id_clb (char *(*content_id_clb)(void *user_data), void *user_data, void(*free_user_data)(void *user_data))
 Set the callback for getting yang-library capability identifier. If none is set, libyang context change count is used.
 
void nc_server_set_hello_timeout (uint16_t hello_timeout)
 Set server timeout for receiving a hello message.
 
void nc_server_set_idle_timeout (uint16_t idle_timeout)
 Set server timeout for dropping an idle session.
 
int nc_server_ssh_add_authkey (const char *pubkey_base64, NC_SSH_KEY_TYPE type, const char *username)
 Add an authorized client SSH public key. This public key can be used for publickey authentication (for any SSH connection, even Call Home) afterwards.
 
int nc_server_ssh_add_authkey_path (const char *pubkey_path, const char *username)
 Add an authorized client SSH public key. This public key can be used for publickey authentication (for any SSH connection, even Call Home) afterwards.
 
int nc_server_ssh_del_authkey (const char *pubkey_path, const char *pubkey_base64, NC_SSH_KEY_TYPE type, const char *username)
 Remove an authorized client SSH public key.
 
int nc_server_ssh_endpt_add_hostkey (const char *endpt_name, const char *name, int16_t idx)
 Add endpoint SSH host keys the server will identify itself with. Only the name is set, the key itself wil be retrieved using a callback.
 
int nc_server_ssh_endpt_del_hostkey (const char *endpt_name, const char *name, int16_t idx)
 Delete endpoint SSH host key. Their order is preserved.
 
int nc_server_ssh_endpt_get_auth_methods (const char *endpt_name)
 Get endpoint accepted SSH authentication methods.
 
int nc_server_ssh_endpt_mod_hostkey (const char *endpt_name, const char *name, const char *new_name)
 Modify endpoint SSH host key.
 
int nc_server_ssh_endpt_mov_hostkey (const char *endpt_name, const char *key_mov, const char *key_after)
 Move endpoint SSH host key.
 
int nc_server_ssh_endpt_set_auth_attempts (const char *endpt_name, uint16_t auth_attempts)
 Set endpoint SSH authentication attempts of every client. 3 by default.
 
int nc_server_ssh_endpt_set_auth_methods (const char *endpt_name, int auth_methods)
 Set endpoint accepted SSH authentication methods. All (publickey, password, interactive) are supported by default.
 
int nc_server_ssh_endpt_set_auth_timeout (const char *endpt_name, uint16_t auth_timeout)
 Set endpoint SSH authentication timeout. 30 seconds by default.
 
void nc_server_ssh_set_hostkey_clb (int(*hostkey_clb)(const char *name, void *user_data, char **privkey_path, char **privkey_data, NC_SSH_KEY_TYPE *privkey_type), void *user_data, void(*free_user_data)(void *user_data))
 Set the callback for retrieving host keys. Any RSA, DSA, and ECDSA keys can be added. However, a maximum of one key of each type will be used during SSH authentication, later keys replacing the earlier ones.
 
void nc_server_ssh_set_interactive_auth_clb (int(*interactive_auth_clb)(const struct nc_session *session, const ssh_message msg, void *user_data), void *user_data, void(*free_user_data)(void *user_data))
 Set the callback for SSH interactive authentication. If none is set, local system users are used.
 
void nc_server_ssh_set_passwd_auth_clb (int(*passwd_auth_clb)(const struct nc_session *session, const char *password, void *user_data), void *user_data, void(*free_user_data)(void *user_data))
 Set the callback for SSH password authentication. If none is set, local system users are used.
 
void nc_server_ssh_set_pubkey_auth_clb (int(*pubkey_auth_clb)(const struct nc_session *session, ssh_key key, void *user_data), void *user_data, void(*free_user_data)(void *user_data))
 Set the callback for SSH public key authentication. If none is set, local system users are used.
 
int nc_server_tls_endpt_add_ctn (const char *endpt_name, uint32_t id, const char *fingerprint, NC_TLS_CTN_MAPTYPE map_type, const char *name)
 Add a cert-to-name entry.
 
int nc_server_tls_endpt_add_trusted_cert_list (const char *endpt_name, const char *name)
 Add a trusted certificate list. Can be both a CA or a client one. Can be safely used together with nc_server_tls_endpt_set_trusted_ca_paths().
 
void nc_server_tls_endpt_clear_crls (const char *endpt_name)
 Destroy and clean CRLs. Certificates, private keys, and CTN entries are not affected.
 
int nc_server_tls_endpt_del_ctn (const char *endpt_name, int64_t id, const char *fingerprint, NC_TLS_CTN_MAPTYPE map_type, const char *name)
 Remove a cert-to-name entry.
 
int nc_server_tls_endpt_del_trusted_cert_list (const char *endpt_name, const char *name)
 Remove a trusted certificate.
 
int nc_server_tls_endpt_get_ctn (const char *endpt_name, uint32_t *id, char **fingerprint, NC_TLS_CTN_MAPTYPE *map_type, char **name)
 Get a cert-to-name entry.
 
int nc_server_tls_endpt_set_crl_paths (const char *endpt_name, const char *crl_file, const char *crl_dir)
 Set Certificate Revocation List locations. There can only be one file and one directory, they are replaced if already set.
 
int nc_server_tls_endpt_set_server_cert (const char *endpt_name, const char *name)
 Set the server TLS certificate. Only the name is set, the certificate itself wil be retrieved using a callback.
 
int nc_server_tls_endpt_set_trusted_ca_paths (const char *endpt_name, const char *ca_file, const char *ca_dir)
 Set trusted Certificate Authority certificate locations. There can only be one file and one directory, they are replaced if already set. Can be safely used with nc_server_tls_endpt_add_trusted_cert() or its _path variant.
 
void nc_server_tls_set_server_cert_chain_clb (int(*cert_chain_clb)(const char *name, void *user_data, char ***cert_paths, int *cert_path_count, char ***cert_data, int *cert_data_count), void *user_data, void(*free_user_data)(void *user_data))
 Set the callback for retrieving server certificate chain.
 
void nc_server_tls_set_server_cert_clb (int(*cert_clb)(const char *name, void *user_data, char **cert_path, char **cert_data, char **privkey_path, char **privkey_data, NC_SSH_KEY_TYPE *privkey_type), void *user_data, void(*free_user_data)(void *user_data))
 Set the callback for retrieving server certificate and matching private key.
 
void nc_server_tls_set_trusted_cert_list_clb (int(*cert_list_clb)(const char *name, void *user_data, char ***cert_paths, int *cert_path_count, char ***cert_data, int *cert_data_count), void *user_data, void(*free_user_data)(void *user_data))
 Set the callback for retrieving trusted certificates.
 
void nc_server_tls_set_verify_clb (int(*verify_clb)(const struct nc_session *session))
 Set TLS authentication additional verify callback.
 
NC_MSG_TYPE nc_session_accept_ssh_channel (struct nc_session *orig_session, struct nc_session **session)
 Accept a new NETCONF session on an SSH session of a running NETCONF orig_session. Call this function only when nc_ps_poll() returns NC_PSPOLL_SSH_CHANNEL on orig_session.
 
void nc_session_dec_notif_status (struct nc_session *session)
 Decrease session notification subscription flag count. Supports multiple subscriptions on one session.
 
const X509 * nc_session_get_client_cert (const struct nc_session *session)
 Get client certificate.
 
int nc_session_get_notif_status (const struct nc_session *session)
 Get session notification subscription flag.
 
time_t nc_session_get_start_time (const struct nc_session *session)
 Get session start time.
 
void nc_session_inc_notif_status (struct nc_session *session)
 Increase session notification subscription flag count. Supports multiple subscriptions on one session.
 
int nc_session_is_callhome (const struct nc_session *session)
 Learn whether a session was created using Call Home or not. Works only for server sessions.
 
void nc_session_set_killed_by (struct nc_session *session, uint32_t sid)
 Set the session-id of the session responsible for this session's termination.
 
void nc_session_set_status (struct nc_session *session, NC_STATUS status)
 Set the status of a session.
 
void nc_session_set_term_reason (struct nc_session *session, NC_SESSION_TERM_REASON reason)
 Set the termination reason for a session. Use only in nc_rpc_clb callbacks.
 
void nc_set_global_rpc_clb (nc_rpc_clb clb)
 Set a global nc_rpc_clb that is called if the particular RPC request is received and the private field in the corresponding RPC schema node is NULL.
 

Detailed Description

libnetconf2 session server manipulation

Author
Michal Vasko mvask.nosp@m.o@ce.nosp@m.snet..nosp@m.cz

Copyright (c) 2015 - 2021 CESNET, z.s.p.o.

This source code is licensed under BSD 3-Clause License (the "License"). You may not use this file except in compliance with the License. You may obtain a copy of the License at

https://opensource.org/licenses/BSD-3-Clause

Definition in file session_server.h.