15#ifndef NC_SESSION_SERVER_H_
16#define NC_SESSION_SERVER_H_
22#include <libyang/libyang.h>
26# include <openssl/x509.h>
30# include <libssh/callbacks.h>
31# include <libssh/libssh.h>
32# include <libssh/server.h>
58typedef struct nc_server_reply *(*nc_rpc_clb)(
struct lyd_node *rpc,
struct nc_session *session);
182 void (*free_user_data)(
void *user_data));
311#define NC_PSPOLL_NOSESSIONS 0x0001
312#define NC_PSPOLL_TIMEOUT 0x0002
313#define NC_PSPOLL_RPC 0x0004
314#define NC_PSPOLL_BAD_RPC 0x0008
315#define NC_PSPOLL_REPLY_ERROR 0x0010
316#define NC_PSPOLL_SESSION_TERM 0x0020
317#define NC_PSPOLL_SESSION_ERROR 0x0040
318#define NC_PSPOLL_ERROR 0x0080
321# define NC_PSPOLL_SSH_MSG 0x00100
322# define NC_PSPOLL_SSH_CHANNEL 0x0200
339int nc_ps_poll(
struct nc_pollsession *ps,
int timeout,
struct nc_session **session);
351void nc_ps_clear(
struct nc_pollsession *ps,
int all,
void (*data_free)(
void *));
411#if defined (NC_ENABLED_SSH) || defined (NC_ENABLED_TLS)
549 const char *username);
560 void *user_data),
void *user_data,
void (*free_user_data)(
void *user_data));
571 const ssh_message msg,
void *user_data),
void *user_data,
void (*free_user_data)(
void *user_data));
582 void *user_data),
void *user_data,
void (*free_user_data)(
void *user_data));
600 char **privkey_data,
NC_SSH_KEY_TYPE *privkey_type),
void *user_data,
void (*free_user_data)(
void *user_data));
718 char **privkey_path,
char **privkey_data,
NC_SSH_KEY_TYPE *privkey_type),
void *user_data,
719 void (*free_user_data)(
void *user_data));
735 int *cert_path_count,
char ***cert_data,
int *cert_data_count),
void *user_data,
void (*free_user_data)(
void *user_data));
761 int *cert_path_count,
char ***cert_data,
int *cert_data_count),
void *user_data,
void (*free_user_data)(
void *user_data));
NC_MSG_TYPE
Enumeration of NETCONF message types.
enum NC_WITHDEFAULTS_MODE NC_WD_MODE
Enumeration of NETCONF with-defaults capability modes.
NC_SESSION_TERM_REASON
Enumeration of reasons of the NETCONF session termination as defined in RFC 6470.
int nc_session_is_callhome(const struct nc_session *session)
Learn whether a session was created using Call Home or not. Works only for server sessions.
NC_MSG_TYPE nc_session_accept_ssh_channel(struct nc_session *orig_session, struct nc_session **session)
Accept a new NETCONF session on an SSH session of a running NETCONF orig_session. Call this function ...
struct nc_pollsession * nc_ps_new(void)
Create an empty structure for polling sessions.
NC_MSG_TYPE nc_accept_inout(int fdin, int fdout, const char *username, struct nc_session **session)
Accept a new session on a pre-established transport session.
int nc_ps_poll(struct nc_pollsession *ps, int timeout, struct nc_session **session)
Poll sessions and process any received RPCs.
void nc_session_set_term_reason(struct nc_session *session, NC_SESSION_TERM_REASON reason)
Set the termination reason for a session. Use only in nc_rpc_clb callbacks.
int nc_ps_del_session(struct nc_pollsession *ps, struct nc_session *session)
Remove a session from a pollsession structure.
struct nc_server_reply *(* nc_rpc_clb)(struct lyd_node *rpc, struct nc_session *session)
Prototype of callbacks that are called if some RPCs are received.
void nc_set_global_rpc_clb(nc_rpc_clb clb)
Set a global nc_rpc_clb that is called if the particular RPC request is received and the private fiel...
NC_MSG_TYPE nc_accept(int timeout, struct nc_session **session)
Accept new sessions on all the listening endpoints.
void nc_session_set_status(struct nc_session *session, NC_STATUS status)
Set the status of a session.
time_t nc_session_get_start_time(const struct nc_session *session)
Get session start time.
void nc_session_set_killed_by(struct nc_session *session, uint32_t sid)
Set the session-id of the session responsible for this session's termination.
int nc_ps_add_session(struct nc_pollsession *ps, struct nc_session *session)
Add a session to a pollsession structure.
void nc_ps_free(struct nc_pollsession *ps)
Free a pollsession structure.
uint16_t nc_ps_session_count(struct nc_pollsession *ps)
Learn the number of sessions in a pollsession structure.
void nc_ps_clear(struct nc_pollsession *ps, int all, void(*data_free)(void *))
Remove sessions from a pollsession structure and call nc_session_free() on them.
NC_MSG_TYPE nc_ps_accept_ssh_channel(struct nc_pollsession *ps, struct nc_session **session)
Accept a new NETCONF session on an SSH session of a running NETCONF session that was polled in ps....
void nc_session_dec_notif_status(struct nc_session *session)
Decrease session notification subscription flag count. Supports multiple subscriptions on one session...
int nc_session_get_notif_status(const struct nc_session *session)
Get session notification subscription flag.
void nc_session_inc_notif_status(struct nc_session *session)
Increase session notification subscription flag count. Supports multiple subscriptions on one session...
struct nc_session * nc_ps_get_session(const struct nc_pollsession *ps, uint16_t idx)
Get a session from a pollsession structure matching the session ID.
int nc_server_ssh_endpt_del_hostkey(const char *endpt_name, const char *name, int16_t idx)
Delete endpoint SSH host key. Their order is preserved.
int nc_server_ssh_endpt_set_auth_attempts(const char *endpt_name, uint16_t auth_attempts)
Set endpoint SSH authentication attempts of every client. 3 by default.
void nc_server_ssh_set_pubkey_auth_clb(int(*pubkey_auth_clb)(const struct nc_session *session, ssh_key key, void *user_data), void *user_data, void(*free_user_data)(void *user_data))
Set the callback for SSH public key authentication. If none is set, local system users are used.
void nc_server_ssh_set_hostkey_clb(int(*hostkey_clb)(const char *name, void *user_data, char **privkey_path, char **privkey_data, NC_SSH_KEY_TYPE *privkey_type), void *user_data, void(*free_user_data)(void *user_data))
Set the callback for retrieving host keys. Any RSA, DSA, and ECDSA keys can be added....
int nc_server_ssh_add_authkey_path(const char *pubkey_path, const char *username)
Add an authorized client SSH public key. This public key can be used for publickey authentication (fo...
int nc_server_ssh_endpt_set_auth_methods(const char *endpt_name, int auth_methods)
Set endpoint accepted SSH authentication methods. All (publickey, password, interactive) are supporte...
int nc_server_ssh_endpt_get_auth_methods(const char *endpt_name)
Get endpoint accepted SSH authentication methods.
void nc_server_ssh_set_interactive_auth_clb(int(*interactive_auth_clb)(const struct nc_session *session, const ssh_message msg, void *user_data), void *user_data, void(*free_user_data)(void *user_data))
Set the callback for SSH interactive authentication. If none is set, local system users are used.
int nc_server_ssh_del_authkey(const char *pubkey_path, const char *pubkey_base64, NC_SSH_KEY_TYPE type, const char *username)
Remove an authorized client SSH public key.
int nc_server_ssh_add_authkey(const char *pubkey_base64, NC_SSH_KEY_TYPE type, const char *username)
Add an authorized client SSH public key. This public key can be used for publickey authentication (fo...
int nc_server_ssh_endpt_mov_hostkey(const char *endpt_name, const char *key_mov, const char *key_after)
Move endpoint SSH host key.
int nc_server_ssh_endpt_add_hostkey(const char *endpt_name, const char *name, int16_t idx)
Add endpoint SSH host keys the server will identify itself with. Only the name is set,...
int nc_server_ssh_endpt_mod_hostkey(const char *endpt_name, const char *name, const char *new_name)
Modify endpoint SSH host key.
int nc_server_ssh_endpt_set_auth_timeout(const char *endpt_name, uint16_t auth_timeout)
Set endpoint SSH authentication timeout. 30 seconds by default.
void nc_server_ssh_set_passwd_auth_clb(int(*passwd_auth_clb)(const struct nc_session *session, const char *password, void *user_data), void *user_data, void(*free_user_data)(void *user_data))
Set the callback for SSH password authentication. If none is set, local system users are used.
void nc_server_tls_set_verify_clb(int(*verify_clb)(const struct nc_session *session))
Set TLS authentication additional verify callback.
int nc_server_tls_endpt_set_server_cert(const char *endpt_name, const char *name)
Set the server TLS certificate. Only the name is set, the certificate itself wil be retrieved using a...
void nc_server_tls_set_trusted_cert_list_clb(int(*cert_list_clb)(const char *name, void *user_data, char ***cert_paths, int *cert_path_count, char ***cert_data, int *cert_data_count), void *user_data, void(*free_user_data)(void *user_data))
Set the callback for retrieving trusted certificates.
int nc_server_tls_endpt_add_trusted_cert_list(const char *endpt_name, const char *name)
Add a trusted certificate list. Can be both a CA or a client one. Can be safely used together with nc...
int nc_server_tls_endpt_del_ctn(const char *endpt_name, int64_t id, const char *fingerprint, NC_TLS_CTN_MAPTYPE map_type, const char *name)
Remove a cert-to-name entry.
void nc_server_tls_set_server_cert_clb(int(*cert_clb)(const char *name, void *user_data, char **cert_path, char **cert_data, char **privkey_path, char **privkey_data, NC_SSH_KEY_TYPE *privkey_type), void *user_data, void(*free_user_data)(void *user_data))
Set the callback for retrieving server certificate and matching private key.
int nc_server_tls_endpt_set_crl_paths(const char *endpt_name, const char *crl_file, const char *crl_dir)
Set Certificate Revocation List locations. There can only be one file and one directory,...
int nc_server_tls_endpt_add_ctn(const char *endpt_name, uint32_t id, const char *fingerprint, NC_TLS_CTN_MAPTYPE map_type, const char *name)
Add a cert-to-name entry.
int nc_server_tls_endpt_get_ctn(const char *endpt_name, uint32_t *id, char **fingerprint, NC_TLS_CTN_MAPTYPE *map_type, char **name)
Get a cert-to-name entry.
void nc_server_tls_endpt_clear_crls(const char *endpt_name)
Destroy and clean CRLs. Certificates, private keys, and CTN entries are not affected.
int nc_server_tls_endpt_del_trusted_cert_list(const char *endpt_name, const char *name)
Remove a trusted certificate.
int nc_server_tls_endpt_set_trusted_ca_paths(const char *endpt_name, const char *ca_file, const char *ca_dir)
Set trusted Certificate Authority certificate locations. There can only be one file and one directory...
void nc_server_tls_set_server_cert_chain_clb(int(*cert_chain_clb)(const char *name, void *user_data, char ***cert_paths, int *cert_path_count, char ***cert_data, int *cert_data_count), void *user_data, void(*free_user_data)(void *user_data))
Set the callback for retrieving server certificate chain.
const X509 * nc_session_get_client_cert(const struct nc_session *session)
Get client certificate.
void nc_server_destroy(void)
Destroy any dynamically allocated libssh and/or libssl/libcrypto and server resources.
int nc_server_endpt_set_keepalives(const char *endpt_name, int idle_time, int max_probes, int probe_interval)
Change endpoint keepalives parameters. Affects only new connections.
int nc_server_endpt_set_perms(const char *endpt_name, mode_t mode, uid_t uid, gid_t gid)
Change endpoint permissions.
int nc_server_endpt_enable_keepalives(const char *endpt_name, int enable)
Change endpoint keepalives state. Affects only new connections.
int nc_server_endpt_set_port(const char *endpt_name, uint16_t port)
Change endpoint listening port.
int nc_server_endpt_count(void)
Get the number of currently configured listening endpoints. Note that an ednpoint without address and...
void nc_server_set_hello_timeout(uint16_t hello_timeout)
Set server timeout for receiving a hello message.
int nc_server_set_capability(const char *value)
Set capability of the server.
void nc_server_get_capab_withdefaults(NC_WD_MODE *basic_mode, int *also_supported)
Get with-defaults capability extra parameters.
int nc_server_add_endpt(const char *name, NC_TRANSPORT_IMPL ti)
Add a new endpoint.
int nc_server_is_endpt(const char *name)
Check if an endpoint exists.
int nc_server_del_endpt(const char *name, NC_TRANSPORT_IMPL ti)
Stop listening on and remove an endpoint.
void nc_server_set_idle_timeout(uint16_t idle_timeout)
Set server timeout for dropping an idle session.
const char ** nc_server_get_cpblts(struct ly_ctx *ctx)
Get all the server capabilities including all the schemas.
int nc_server_endpt_set_address(const char *endpt_name, const char *address)
Change endpoint listening address.
int nc_server_set_capab_withdefaults(NC_WD_MODE basic_mode, int also_supported)
Set the with-defaults capability extra parameters.
const char ** nc_server_get_cpblts_version(struct ly_ctx *ctx, LYS_VERSION version)
Get the server capabilities including the schemas with the specified YANG version.
void nc_server_set_content_id_clb(char *(*content_id_clb)(void *user_data), void *user_data, void(*free_user_data)(void *user_data))
Set the callback for getting yang-library capability identifier. If none is set, libyang context chan...
uint16_t nc_server_get_hello_timeout(void)
get server timeout for receiving a hello message.
uint16_t nc_server_get_idle_timeout(void)
Get server timeout for dropping an idle session.
int nc_server_init(struct ly_ctx *ctx)
Initialize libssh and/or libssl/libcrypto and the server using a libyang context.
libnetconf2's general public functions and structures definitions.
libnetconf2 session manipulation
NC_TLS_CTN_MAPTYPE
Enumeration of cert-to-name mapping types.
NC_STATUS
Enumeration of possible session statuses.
NC_SSH_KEY_TYPE
Enumeration of SSH key types.
NC_TRANSPORT_IMPL
Enumeration of transport implementations (ways how libnetconf implements NETCONF transport protocol)