NETCONF over TLS support using OpenSSL library APIs. More...

Collaboration diagram for OpenSSL Support:

Functions
status_t	agt_openssl_set_cert_to_name (val_value_t *val, uint32 id)
	Create or replace the cert-to-name entry. More...

status_t	agt_openssl_delete_cert_to_name (uint32 id)
	Delete the cert-to-name entry. More...

status_t	agt_openssl_delete_all_cert_to_name (void)
	Delete all cert-to-name entries. More...

status_t	agt_openssl_check_fingerprint (const xmlChar *fprintstr)
	Check if fingerprint value is OK. More...

status_t	agt_openssl_set_server_keys (int *err_step)
	Update the server keys. More...

void	agt_openssl_set_tls_debug (boolean val)
	Set the TLS Debug parameter. More...

Detailed Description

NETCONF over TLS support using OpenSSL library APIs.

Not used unless with-netconf-tls is true.

Function Documentation

◆ agt_openssl_check_fingerprint()

status_t agt_openssl_check_fingerprint ( const xmlChar * fprintstr )

Check if fingerprint value is OK.

SIL Only – Internal use by u_yumaworks-cert-usermap

Parameters

fprintstr tls-fingerprint to check

Returns: status

Here is the caller graph for this function:

◆ agt_openssl_delete_all_cert_to_name()

status_t agt_openssl_delete_all_cert_to_name ( void )

Delete all cert-to-name entries.

SIL Only – Internal use by u_yumaworks-cert-usermap

Used when /cert-usermap container is deleted

Returns: status

Here is the call graph for this function:

Here is the caller graph for this function:

◆ agt_openssl_delete_cert_to_name()

status_t agt_openssl_delete_cert_to_name ( uint32 id )

Delete the cert-to-name entry.

SIL Only – Internal use by u_yumaworks-cert-usermap

Parameters

id	== key leaf value for the entry to delete

Returns: status

Here is the call graph for this function:

Here is the caller graph for this function:

◆ agt_openssl_set_cert_to_name()

status_t agt_openssl_set_cert_to_name	(	val_value_t *	val,
		uint32	id
	)

Create or replace the cert-to-name entry.

SIL Only – Internal use by u_yumaworks-cert-usermap

Parameters

val	val_value_t representing cert-to-name
id	== key leaf value for this entry

Returns: status

Here is the call graph for this function:

Here is the caller graph for this function:

◆ agt_openssl_set_server_keys()

status_t agt_openssl_set_server_keys ( int * err_step )

Update the server keys.

SIL Only – Internal use by yumaworks-server

Updates the OpenSSL keys using the current values of netconf-tls-certificate and netconf-tls-key values in the server profile

Parameters

[out]

err_step

number identifying step the error happened

only relevant if return status is not NO_ERR
values: 0 = no step started (e.g., TLS disabled) 1 = cert phase 2 = key phase 3 = verify phase

Returns: status

Here is the call graph for this function:

◆ agt_openssl_set_tls_debug()

void agt_openssl_set_tls_debug ( boolean val )

Set the TLS Debug parameter.

Used from yumaworks-server to change the setting at run-time

OK for RPC operation SIL code; Internal use by yumaworks-server

Parameters

val	TRUE to enable TLS Debug mode; FALSE to disable TLS Debug mode

Here is the call graph for this function:

Functions

Detailed Description

Function Documentation

◆ agt_openssl_check_fingerprint()

◆ agt_openssl_delete_all_cert_to_name()

◆ agt_openssl_delete_cert_to_name()

◆ agt_openssl_set_cert_to_name()

◆ agt_openssl_set_server_keys()

◆ agt_openssl_set_tls_debug()