doc BUGFIX many doxygen comment updates and fixes
diff --git a/src/messages_client.h b/src/messages_client.h
index 24a5878..68a93d0 100644
--- a/src/messages_client.h
+++ b/src/messages_client.h
@@ -28,6 +28,9 @@
#include "netconf.h"
+/**
+ * @brief Enumeration of RPC types
+ */
typedef enum {
NC_RPC_UNKNOWN = 0, /**< invalid RPC. */
NC_RPC_GENERIC, /**< user-defined generic RPC. */
@@ -54,25 +57,34 @@
NC_RPC_SUBSCRIBE /**< \<create-subscription\> RPC. */
} NC_RPC_TYPE;
+/**
+ * @brief Enumeration of \<edit-config\> default operation
+ */
typedef enum {
- NC_RPC_EDIT_DFLTOP_UNKNOWN = 0,
- NC_RPC_EDIT_DFLTOP_MERGE,
- NC_RPC_EDIT_DFLTOP_REPLACE,
- NC_RPC_EDIT_DFLTOP_NONE
+ NC_RPC_EDIT_DFLTOP_UNKNOWN = 0, /**< unknown default operation */
+ NC_RPC_EDIT_DFLTOP_MERGE, /**< default operation merge */
+ NC_RPC_EDIT_DFLTOP_REPLACE, /**< default operation replace */
+ NC_RPC_EDIT_DFLTOP_NONE /**< default operation none */
} NC_RPC_EDIT_DFLTOP;
+/**
+ * @brief Enumeration of \<edit-config\> test option
+ */
typedef enum {
- NC_RPC_EDIT_TESTOPT_UNKNOWN = 0,
- NC_RPC_EDIT_TESTOPT_TESTSET,
- NC_RPC_EDIT_TESTOPT_SET,
- NC_RPC_EDIT_TESTOPT_TEST
+ NC_RPC_EDIT_TESTOPT_UNKNOWN = 0, /**< unknown test option */
+ NC_RPC_EDIT_TESTOPT_TESTSET, /**< test-then-set option */
+ NC_RPC_EDIT_TESTOPT_SET, /**< set option */
+ NC_RPC_EDIT_TESTOPT_TEST /**< test-only option */
} NC_RPC_EDIT_TESTOPT;
+/**
+ * @brief Enumeration of \<edit-config\> error option
+ */
typedef enum {
- NC_RPC_EDIT_ERROPT_UNKNOWN = 0,
- NC_RPC_EDIT_ERROPT_STOP,
- NC_RPC_EDIT_ERROPT_CONTINUE,
- NC_RPC_EDIT_ERROPT_ROLLBACK
+ NC_RPC_EDIT_ERROPT_UNKNOWN = 0, /**< unknown error option */
+ NC_RPC_EDIT_ERROPT_STOP, /**< stop-on-error option */
+ NC_RPC_EDIT_ERROPT_CONTINUE, /**< continue-on-error option */
+ NC_RPC_EDIT_ERROPT_ROLLBACK /**< rollback-on-error option */
} NC_RPC_EDIT_ERROPT;
/**
@@ -142,7 +154,7 @@
* @brief NETCONF client rpc-reply object
*/
struct nc_reply {
- NC_RPL type;
+ NC_RPL type; /**< reply type */
};
/**
@@ -196,7 +208,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -211,7 +223,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -229,7 +241,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -249,7 +261,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -269,7 +281,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -285,7 +297,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -299,7 +311,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -313,7 +325,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -329,7 +341,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -343,7 +355,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -362,7 +374,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -375,7 +387,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -390,7 +402,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -406,7 +418,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -423,7 +435,7 @@
*
* Note that functions to create any RPC object do not check validity of the provided
* parameters. It is checked later while sending the RPC via a specific NETCONF session
- * (nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
+ * (#nc_send_rpc()) since the NETCONF capabilities of the session are needed for such a
* check. Created object can be sent via any NETCONF session which supports all the
* needed NETCONF capabilities for the RPC.
*
@@ -439,19 +451,22 @@
/**
* @brief Free the NETCONF RPC object.
+ *
* @param[in] rpc Object to free.
*/
void nc_rpc_free(struct nc_rpc *rpc);
/**
* @brief Free the NETCONF RPC reply object.
- * @param[in] rpc Object to free.
+ *
+ * @param[in] reply Object to free.
*/
void nc_reply_free(struct nc_reply *reply);
/**
* @brief Free the NETCONF Notification object.
- * @param[in] rpc Object to free.
+ *
+ * @param[in] notif Object to free.
*/
void nc_notif_free(struct nc_notif *notif);
diff --git a/src/messages_server.h b/src/messages_server.h
index bd71dbd..4ee1d11 100644
--- a/src/messages_server.h
+++ b/src/messages_server.h
@@ -27,35 +27,41 @@
#include "netconf.h"
+/**
+ * @brief Enumeration of NETCONF errors
+ */
typedef enum NC_ERROR {
- NC_ERR_UNKNOWN = 0,
- NC_ERR_IN_USE,
- NC_ERR_INVALID_VALUE,
- NC_ERR_TOO_BIG,
- NC_ERR_MISSING_ATTR,
- NC_ERR_BAD_ATTR,
- NC_ERR_UNKNOWN_ATTR,
- NC_ERR_MISSING_ELEM,
- NC_ERR_BAD_ELEM,
- NC_ERR_UNKNOWN_ELEM,
- NC_ERR_UNKNOWN_NS,
- NC_ERR_ACCESS_DENIED,
- NC_ERR_LOCK_DENIED,
- NC_ERR_RES_DENIED,
- NC_ERR_ROLLBACK_FAILED,
- NC_ERR_DATA_EXISTS,
- NC_ERR_DATA_MISSING,
- NC_ERR_OP_NOT_SUPPORTED,
- NC_ERR_OP_FAILED,
- NC_ERR_MALFORMED_MSG
+ NC_ERR_UNKNOWN = 0, /**< unknown error */
+ NC_ERR_IN_USE, /**< in-use error */
+ NC_ERR_INVALID_VALUE, /**< invalid-value error */
+ NC_ERR_TOO_BIG, /**< too-big error */
+ NC_ERR_MISSING_ATTR, /**< missing-attribute error */
+ NC_ERR_BAD_ATTR, /**< bad-attribute error */
+ NC_ERR_UNKNOWN_ATTR, /**< unknown-attribute error */
+ NC_ERR_MISSING_ELEM, /**< missing-element error */
+ NC_ERR_BAD_ELEM, /**< bad-element error */
+ NC_ERR_UNKNOWN_ELEM, /**< unknown-element error */
+ NC_ERR_UNKNOWN_NS, /**< unknown-namespace error */
+ NC_ERR_ACCESS_DENIED, /**< access-denied error */
+ NC_ERR_LOCK_DENIED, /**< lock-denied error */
+ NC_ERR_RES_DENIED, /**< resource-denied error */
+ NC_ERR_ROLLBACK_FAILED, /**< rollback-failed error */
+ NC_ERR_DATA_EXISTS, /**< data-exists error */
+ NC_ERR_DATA_MISSING, /**< data-missing error */
+ NC_ERR_OP_NOT_SUPPORTED, /**< operation-not-supported error */
+ NC_ERR_OP_FAILED, /**< operation-failed error */
+ NC_ERR_MALFORMED_MSG /**< malformed-message error */
} NC_ERR;
+/**
+ * @brief Enumeration of NETCONF error type (layer)
+ */
typedef enum NC_ERROR_TYPE {
- NC_ERR_TYPE_UNKNOWN = 0,
- NC_ERR_TYPE_TRAN,
- NC_ERR_TYPE_RPC,
- NC_ERR_TYPE_PROT,
- NC_ERR_TYPE_APP
+ NC_ERR_TYPE_UNKNOWN = 0, /**< unknown layer */
+ NC_ERR_TYPE_TRAN, /**< transport layer */
+ NC_ERR_TYPE_RPC, /**< RPC layer */
+ NC_ERR_TYPE_PROT, /**< protocol layer */
+ NC_ERR_TYPE_APP /**< application layer */
} NC_ERR_TYPE;
/**
@@ -111,7 +117,7 @@
* - #NC_ERR_INVALID_VALUE
* - #NC_ERR_ACCESS_DENIED
* - #NC_ERR_ROLLBACK_FAILED
- * - #NC_ERR_NOT_SUPPORTED
+ * - #NC_ERR_OP_NOT_SUPPORTED
* - #NC_ERR_TOO_BIG
* - #NC_ERR_RES_DENIED
* - #NC_ERR_OP_FAILED
@@ -135,7 +141,7 @@
* - `uint32_t session_id;` - error \<session-id\> value.
* - #NC_ERR_DATA_EXISTS
* - #NC_ERR_DATA_MISSING
- * - #NC_ERR_MALFORMED_MESSAGE
+ * - #NC_ERR_MALFORMED_MSG
* - no additional arguments
* @return Server error structure, NULL on error.
*/
@@ -164,7 +170,7 @@
*
* @param[in] err Error to modify.
* @param[in] error_message New value of \<error-message\>.
- * @param[in] lang Optional language of \p error-message.
+ * @param[in] lang Optional language of \p error_message.
* @return 0 on success, -1 on error.
*/
int nc_err_set_msg(struct nc_server_error *err, const char *error_message, const char *lang);
@@ -173,7 +179,7 @@
* @brief Set the \<session-id\> element of an error. Any previous value will be overwritten.
*
* @param[in] err Error to modify.
- * @param[in] session-id New value of \<session-id\>.
+ * @param[in] session_id New value of \<session-id\>.
* @return 0 on success, -1 on error.
*/
int nc_err_set_sid(struct nc_server_error *err, uint32_t session_id);
diff --git a/src/netconf.h b/src/netconf.h
index 01b0331..4322d07 100644
--- a/src/netconf.h
+++ b/src/netconf.h
@@ -126,7 +126,7 @@
/**
* @brief Free all the resources allocated by libssh.
*
- * Must be called before nc_tls_destroy() (if called) as libssh uses libcrypto as well.
+ * Must be called before #nc_tls_destroy() (if called) as libssh uses libcrypto as well.
*/
void nc_ssh_destroy(void);
diff --git a/src/session.h b/src/session.h
index 4c1cf70..59aef84 100644
--- a/src/session.h
+++ b/src/session.h
@@ -25,24 +25,30 @@
#ifdef ENABLE_SSH
+/**
+ * @brief Enumeration of NETCONF SSH authentication methods
+ */
typedef enum {
- NC_SSH_AUTH_PUBLICKEY = 0x01,
- NC_SSH_AUTH_PASSWORD = 0x02,
- NC_SSH_AUTH_INTERACTIVE = 0x04
+ NC_SSH_AUTH_PUBLICKEY = 0x01, /**< publickey SSH authentication */
+ NC_SSH_AUTH_PASSWORD = 0x02, /**< password SSH authentication */
+ NC_SSH_AUTH_INTERACTIVE = 0x04 /**< interactive SSH authentication */
} NC_SSH_AUTH_TYPE;
#endif /* ENABLE_SSH */
#ifdef ENABLE_TLS
+/**
+ * @brief Enumeration of cert-to-name mapping types
+ */
typedef enum {
- NC_TLS_CTN_UNKNOWN = 0,
- NC_TLS_CTN_SPECIFIED,
- NC_TLS_CTN_SAN_RFC822_NAME,
- NC_TLS_CTN_SAN_DNS_NAME,
- NC_TLS_CTN_SAN_IP_ADDRESS,
- NC_TLS_CTN_SAN_ANY,
- NC_TLS_CTN_COMMON_NAME
+ NC_TLS_CTN_UNKNOWN = 0, /**< unknown mapping */
+ NC_TLS_CTN_SPECIFIED, /**< username explicitly specified */
+ NC_TLS_CTN_SAN_RFC822_NAME, /**< email address as username */
+ NC_TLS_CTN_SAN_DNS_NAME, /**< DNS name as username */
+ NC_TLS_CTN_SAN_IP_ADDRESS, /**< IP address as username */
+ NC_TLS_CTN_SAN_ANY, /**< any certificate Subject Alternative Name as username */
+ NC_TLS_CTN_COMMON_NAME /**< common name as username */
} NC_TLS_CTN_MAPTYPE;
#endif /* ENABLE_TLS */
@@ -81,7 +87,6 @@
* @brief Get session status.
*
* @param[in] session Session to get the information from.
- *
* @return Session status.
*/
NC_STATUS nc_session_get_status(const struct nc_session *session);
@@ -90,7 +95,6 @@
* @brief Get session ID.
*
* @param[in] session Session to get the information from.
- *
* @return Session ID.
*/
uint32_t nc_session_get_id(const struct nc_session *session);
@@ -99,7 +103,6 @@
* @brief Get session transport used.
*
* @param[in] session Session to get the information from.
- *
* @return Session transport.
*/
NC_TRANSPORT_IMPL nc_session_get_ti(const struct nc_session *session);
@@ -108,7 +111,6 @@
* @brief Get session username.
*
* @param[in] session Session to get the information from.
- *
* @return Session username.
*/
const char *nc_session_get_username(const struct nc_session *session);
@@ -117,7 +119,6 @@
* @brief Get session host.
*
* @param[in] session Session to get the information from.
- *
* @return Session host.
*/
const char *nc_session_get_host(const struct nc_session *session);
@@ -126,7 +127,6 @@
* @brief Get session port.
*
* @param[in] session Session to get the information from.
- *
* @return Session port.
*/
uint16_t nc_session_get_port(const struct nc_session *session);
@@ -135,7 +135,6 @@
* @brief Get session capabilities.
*
* @param[in] session Session to get the information from.
- *
* @return Session capabilities.
*/
const char **nc_session_get_cpblts(const struct nc_session *session);
@@ -145,7 +144,6 @@
*
* @param[in] session Session to check.
* @param[in] capab Capability to look for, capability with any additional suffix will match.
- *
* @return Matching capability, NULL if none found.
*/
const char *nc_session_cpblt(const struct nc_session *session, const char *capab);
diff --git a/src/session_client.c b/src/session_client.c
index 206d7b6..3f92af0 100644
--- a/src/session_client.c
+++ b/src/session_client.c
@@ -1048,6 +1048,11 @@
msgtype = nc_recv_notif(session, 0, ¬if);
if (msgtype == NC_MSG_NOTIF) {
notif_clb(session, notif);
+ if (!strcmp(notif->tree->schema->name, "notificationComplete")
+ && !strcmp(notif->tree->schema->module->name, "nc-notifications")) {
+ nc_notif_free(notif);
+ break;
+ }
nc_notif_free(notif);
}
diff --git a/src/session_client.h b/src/session_client.h
index fec2aac..625a505 100644
--- a/src/session_client.h
+++ b/src/session_client.h
@@ -87,8 +87,7 @@
*
* @param[in] pub_key Path to the public key.
* @param[in] priv_key Path to the private key.
- *
- * @return EXIT_SUCCESS on success, EXIT_FAILURE otherwise.
+ * @return 0 on success, -1 on error.
*/
int nc_client_ssh_add_keypair(const char *pub_key, const char *priv_key);
@@ -98,7 +97,6 @@
* Function is provided only via nc_client.h header file and only when libnetconf2 is compiled with libssh support.
*
* @param[in] idx Index of the keypair starting with 0.
- *
* @return 0 on success, -1 on error.
*/
int nc_client_ssh_del_keypair(int idx);
@@ -116,7 +114,6 @@
* @param[in] idx Index of the specific keypair.
* @param[out] pub_key Path to the public key.
* @param[out] priv_key Path to the private key.
- *
* @return 0 on success, -1 on error.
*/
int nc_client_ssh_get_keypair(int idx, const char **pub_key, const char **priv_key);
@@ -137,7 +134,6 @@
* Function is provided only via nc_client.h header file and only when libnetconf2 is compiled with libssh support.
*
* @param[in] auth_type Authentication method to retrieve the prefrence of.
- *
* @return Preference of the \p auth_type.
*/
int16_t nc_client_ssh_get_auth_pref(NC_SSH_AUTH_TYPE auth_type);
diff --git a/src/session_client_ch.h b/src/session_client_ch.h
index 13dbc23..19f6211 100644
--- a/src/session_client_ch.h
+++ b/src/session_client_ch.h
@@ -38,7 +38,7 @@
* non-blocking call, -1 for infinite waiting.
* @param[in] ctx Session context to use. Can be NULL.
* @param[out] session New session.
- * @return 0 on timeout, 1 on success, -1 on error.
+ * @return 1 on success, 0 on timeout, -1 on error.
*/
int nc_accept_callhome(int timeout, struct ly_ctx *ctx, struct nc_session **session);
@@ -73,8 +73,7 @@
*
* @param[in] pub_key Path to the public key.
* @param[in] priv_key Path to the private key.
- *
- * @return EXIT_SUCCESS on success, EXIT_FAILURE otherwise.
+ * @return 0 on success, -1 on error.
*/
int nc_client_ssh_ch_add_keypair(const char *pub_key, const char *priv_key);
@@ -84,7 +83,6 @@
* Function is provided only via nc_client.h header file and only when libnetconf2 is compiled with libssh support.
*
* @param[in] idx Index of the keypair starting with 0.
- *
* @return 0 on success, -1 on error.
*/
int nc_client_ssh_ch_del_keypair(int idx);
@@ -102,7 +100,6 @@
* @param[in] idx Index of the specific keypair.
* @param[out] pub_key Path to the public key.
* @param[out] priv_key Path to the private key.
- *
* @return 0 on success, -1 on error.
*/
int nc_client_ssh_ch_get_keypair(int idx, const char **pub_key, const char **priv_key);
@@ -123,7 +120,6 @@
* Function is provided only via nc_client.h header file and only when libnetconf2 is compiled with libssh support.
*
* @param[in] auth_type Authentication method to retrieve the prefrence of.
- *
* @return Preference of the \p auth_type.
*/
int16_t nc_client_ssh_ch_get_auth_pref(NC_SSH_AUTH_TYPE auth_type);
@@ -173,7 +169,6 @@
* @param[in] client_cert Path to the file containing the client certificate.
* @param[in] client_key Path to the file containing the private key for the \p client_cert.
* If NULL, key is expected to be stored with \p client_cert.
- *
* @return 0 on success, -1 on error.
*/
int nc_client_tls_ch_set_cert_key_paths(const char *client_cert, const char *client_key);
diff --git a/src/session_server.c b/src/session_server.c
index 00f80f5..071e336 100644
--- a/src/session_server.c
+++ b/src/session_server.c
@@ -537,7 +537,7 @@
}
}
- return 1;
+ return -1;
}
/* must be called holding the session lock! */
diff --git a/src/session_server.h b/src/session_server.h
index 0168e6e..58580a4 100644
--- a/src/session_server.h
+++ b/src/session_server.h
@@ -124,7 +124,7 @@
* @brief Set server timeout for dropping an idle session.
*
* @param[in] idle_timeout Idle session timeout. 0 to never drop a session
- * because of inactivity.
+ * because of inactivity.
*/
void nc_server_set_idle_timeout(uint16_t idle_timeout);
@@ -167,7 +167,7 @@
*
* @param[in] ps Pollsession structure to modify.
* @param[in] session Session to remove from \p ps.
- * @return 0 on success, 1 if not found, -1 on error.
+ * @return 0 on success, -1 on not found.
*/
int nc_ps_del_session(struct nc_pollsession *ps, struct nc_session *session);
@@ -198,10 +198,10 @@
* @brief Lock server context.
*
* @param[in] timeout Timeout in milliseconds. 0 for non-blocking call, -1 for
- * infinite waiting.
+ * infinite waiting.
* @param[out] elapsed Elapsed milliseconds will be added to this variable.
- * Can be NULL.
- * @return 0 on elapsed timeout, 1 on success, -1 on error.
+ * Can be NULL.
+ * @return 1 on success, 0 on elapsed timeout, -1 on error.
*/
int nc_ctx_lock(int timeout, int *elapsed);
@@ -230,11 +230,11 @@
/**
* @brief Accept a new NETCONF session on an SSH session of a running NETCONF session
- * that was polled in \p ps. Call this function only when nc_ps_poll() on \p ps returns 5.
+ * that was polled in \p ps. Call this function only when nc_ps_poll() on \p ps returns 5.
*
* @param[in] ps Unmodified pollsession structure from the previous nc_ps_poll() call.
* @param[out] session New session.
- * @return 1 on success, -1 on error.
+ * @return 0 on success, -1 on error.
*/
int nc_ps_accept_ssh_channel(struct nc_pollsession *ps, struct nc_session **session);
@@ -242,7 +242,7 @@
* @brief Add a new SSH endpoint and start listening on it.
*
* @param[in] name Arbitrary unique endpoint name. There can be a TLS endpoint with
- * the same name.
+ * the same name.
* @param[in] address IP address to listen on.
* @param[in] port Port to listen on.
* @return 0 on success, -1 on error.
@@ -259,7 +259,7 @@
/**
* @brief Set endpoint SSH host keys the server will identify itself with. Each of RSA, DSA, and
- * ECDSA keys can be set. If the particular type was already set, it is replaced.
+ * ECDSA keys can be set. If the particular type was already set, it is replaced.
*
* @param[in] privkey_path Path to a private key.
* @return 0 on success, -1 on error.
@@ -276,7 +276,7 @@
/**
* @brief Set endpoint accepted SSH authentication methods. All (publickey, password, interactive)
- * are supported by default.
+ * are supported by default.
*
* @param[in] auth_methods Accepted authentication methods bit field of NC_SSH_AUTH_TYPE.
* @return 0 on success, -1 on error.
@@ -301,7 +301,7 @@
/**
* @brief Add an endpoint authorized client SSH public key. This public key can be used for
- * publickey authentication afterwards.
+ * publickey authentication afterwards.
*
* @param[in] pubkey_path Path to the public key.
* @param[in] username Username that the client with the public key must use.
@@ -318,11 +318,6 @@
*/
int nc_server_ssh_endpt_del_authkey(const char *endpt_name, const char *pubkey_path, const char *username);
-/**
- * @brief Free all the various SSH server options (excluding Call Home).
- */
-void nc_server_ssh_destroy_opts(void);
-
#endif /* ENABLE_SSH */
#ifdef ENABLE_TLS
@@ -331,7 +326,7 @@
* @brief Add a new TLS endpoint and start listening on it.
*
* @param[in] name Arbitrary unique endpoint name. There can be an SSH endpoint with
- * the same name.
+ * the same name.
* @param[in] address IP address to listen on.
* @param[in] port Port to listen on.
* @return 0 on success, -1 on error.
@@ -348,7 +343,8 @@
/**
* @brief Set server TLS certificate. Alternative to nc_tls_server_set_cert_path().
- * There can only be one certificate for each key type, it is replaced if already set.
+ * There can only be one certificate for each key type, it is replaced if
+ * already set.
*
* @param[in] cert Base64-encoded certificate in ASN.1 DER encoding.
* @return 0 on success, -1 on error.
@@ -357,7 +353,8 @@
/**
* @brief Set server TLS certificate. Alternative to nc_tls_server_set_cert().
- * There can only be one certificate for each key type, it is replaced if already set.
+ * There can only be one certificate for each key type, it is replaced if
+ * already set.
*
* @param[in] cert_path Path to a certificate file in PEM format.
* @return 0 on success, -1 on error.
@@ -366,8 +363,8 @@
/**
* @brief Set server TLS private key matching the certificate.
- * Alternative to nc_tls_server_set_key_path(). There can only be one of every key
- * type, it is replaced if already set.
+ * Alternative to nc_tls_server_set_key_path(). There can only be one of
+ * every key type, it is replaced if already set.
*
* @param[in] privkey Base64-encoded certificate in ASN.1 DER encoding.
* @param[in] is_rsa Whether \p privkey are the data of an RSA (1) or DSA (0) key.
@@ -377,8 +374,8 @@
/**
* @brief Set server TLS private key matching the certificate.
- * Alternative to nc_tls_server_set_key_path(). There can only be one of every key
- * type, it is replaced if already set.
+ * Alternative to nc_tls_server_set_key_path(). There can only be one of
+ * every key type, it is replaced if already set.
*
* @param[in] privkey_path Path to a private key file in PEM format.
* @return 0 on success, -1 on error.
@@ -388,7 +385,7 @@
/**
* @brief Add a trusted certificate. Can be both a CA or a client one.
*
- * @param[in] cert Base64-enocded certificate in ASN.1DER encoding.
+ * @param[in] cert Base64-enocded certificate in ASN.1 DER encoding.
* @return 0 on success, -1 on error.
*/
int nc_server_tls_endpt_add_trusted_cert(const char *endpt_name, const char *cert);
@@ -403,36 +400,37 @@
/**
* @brief Set trusted Certificate Authority certificate locations. There can only be
- * one file and one directory, they are replaced if already set.
+ * one file and one directory, they are replaced if already set.
*
* @param[in] cacert_file_path Path to a trusted CA cert store file in PEM format.
- * Can be NULL.
+ * Can be NULL.
* @param[in] cacert_dir_path Path to a trusted CA cert store hashed directory
- * (c_rehash utility can be used to create hashes) with PEM files. Can be NULL.
+ * (c_rehash utility can be used to create hashes) with PEM files.
+ * Can be NULL.
* @return 0 on success, -1 on error.
*/
int nc_server_tls_endpt_set_trusted_cacert_locations(const char *endpt_name, const char *cacert_file_path, const char *cacert_dir_path);
/**
* @brief Destroy and clean all the set certificates and private keys. CRLs and
- * CTN entries are not affected.
+ * CTN entries are not affected.
*/
void nc_server_tls_endpt_clear_certs(const char *endpt_name);
/**
* @brief Set Certificate Revocation List locations. There can only be one file
- * and one directory, they are replaced if already set.
+ * and one directory, they are replaced if already set.
*
* @param[in] crl_file_path Path to a CRL store file in PEM format. Can be NULL.
* @param[in] crl_dir_path Path to a CRL store hashed directory (c_rehash utility
- * can be used to create hashes) with PEM files. Can be NULL.
+ * can be used to create hashes) with PEM files. Can be NULL.
* @return 0 on success, -1 on error.
*/
int nc_server_tls_endpt_set_crl_locations(const char *endpt_name, const char *crl_file_path, const char *crl_dir_path);
/**
* @brief Destroy and clean CRLs. Certificates, priavte keys, and CTN entries are
- * not affected.
+ * not affected.
*/
void nc_server_tls_endpt_clear_crls(const char *endpt_name);
diff --git a/src/session_server_ch.h b/src/session_server_ch.h
index 946622a..480162c 100644
--- a/src/session_server_ch.h
+++ b/src/session_server_ch.h
@@ -36,8 +36,8 @@
*
* @param[in] host Host the client is listening on.
* @param[in] port Port the client is listening on.
- * @param[in] timeout Timeout for transport-related operations, 0 for non-blocking
- * call, -1 for infinite waiting.
+ * @param[in] timeout Timeout for transport-related operations in milliseconds.
+ * 0 for non-blocking call, -1 for infinite waiting.
* @param[out] session New Call Home session.
* @return 1 on success, 0 on timeout, -1 on error.
*/
@@ -45,7 +45,7 @@
/**
* @brief Set Call Home SSH host keys the server will identify itself with. Each of RSA, DSA, and
- * ECDSA keys can be set. If the particular type was already set, it is replaced.
+ * ECDSA keys can be set. If the particular type was already set, it is replaced.
*
* @param[in] privkey_path Path to a private key.
* @return 0 on success, -1 on error.
@@ -62,7 +62,7 @@
/**
* @brief Set accepted Call Home SSH authentication methods. All (publickey, password, interactive)
- * are supported by default.
+ * are supported by default.
*
* @param[in] auth_methods Accepted authentication methods bit field of NC_SSH_AUTH_TYPE.
* @return 0 on success, -1 on error.
@@ -87,7 +87,7 @@
/**
* @brief Add an authorized Call Home client SSH public key. This public key can be used for
- * publickey authentication afterwards.
+ * publickey authentication afterwards.
*
* @param[in] pubkey_path Path to the public key.
* @param[in] username Username that the client with the public key must use.
@@ -106,7 +106,7 @@
/**
* @brief Clear all the SSH Call Home options. Afterwards a new set of options
- * can be set for the next client to connect.
+ * can be set for the next client to connect to.
*/
void nc_server_ssh_ch_clear_opts(void);
@@ -119,8 +119,8 @@
*
* @param[in] host Host the client is listening on.
* @param[in] port Port the client is listening on.
- * @param[in] timeout Timeout for transport-related operations, 0 for non-blocking
- * call, -1 for infinite waiting.
+ * @param[in] timeout Timeout for transport-related operations in milliseconds.
+ * 0 for non-blocking call, -1 for infinite waiting.
* @param[out] session New Call Home session.
* @return 1 on success, 0 on timeout, -1 on error.
*/
@@ -128,7 +128,7 @@
/**
* @brief Set server Call Home TLS certificate. Alternative to nc_tls_server_set_cert_path().
- * There can only be one certificate for each key type, it is replaced if already set.
+ * There can only be one certificate for each key type, it is replaced if already set.
*
* @param[in] cert Base64-encoded certificate in ASN.1 DER encoding.
* @return 0 on success, -1 on error.
@@ -137,7 +137,7 @@
/**
* @brief Set server Call Home TLS certificate. Alternative to nc_tls_server_set_cert().
- * There can only be one certificate for each key type, it is replaced if already set.
+ * There can only be one certificate for each key type, it is replaced if already set.
*
* @param[in] cert_path Path to a certificate file in PEM format.
* @return 0 on success, -1 on error.
@@ -146,8 +146,8 @@
/**
* @brief Set server Call Home TLS private key matching the certificate.
- * Alternative to nc_tls_server_set_key_path(). There can only be one of every key
- * type, it is replaced if already set.
+ * Alternative to nc_tls_server_set_key_path(). There can only be one of every key
+ * type, it is replaced if already set.
*
* @param[in] privkey Base64-encoded certificate in ASN.1 DER encoding.
* @param[in] is_rsa Whether \p privkey are the data of an RSA (1) or DSA (0) key.
@@ -157,8 +157,8 @@
/**
* @brief Set server Call Home TLS private key matching the certificate.
- * Alternative to nc_tls_server_set_key_path(). There can only be one of every key
- * type, it is replaced if already set.
+ * Alternative to nc_tls_server_set_key_path(). There can only be one of every key
+ * type, it is replaced if already set.
*
* @param[in] privkey_path Path to a private key file in PEM format.
* @return 0 on success, -1 on error.
@@ -168,7 +168,7 @@
/**
* @brief Add a Call Home trusted certificate. Can be both a CA or a client one.
*
- * @param[in] cert Base64-enocded certificate in ASN.1DER encoding.
+ * @param[in] cert Base64-enocded certificate in ASN.1 DER encoding.
* @return 0 on success, -1 on error.
*/
int nc_server_tls_ch_add_trusted_cert(const char *cert);
@@ -183,36 +183,37 @@
/**
* @brief Set trusted Call Home Certificate Authority certificate locations. There
- * can only be one file and one directory, they are replaced if already set.
+ * can only be one file and one directory, they are replaced if already set.
*
* @param[in] cacert_file_path Path to a trusted CA cert store file in PEM format.
- * Can be NULL.
+ * Can be NULL.
* @param[in] cacert_dir_path Path to a trusted CA cert store hashed directory
- * (c_rehash utility can be used to create hashes) with PEM files. Can be NULL.
+ * (c_rehash utility can be used to create hashes)
+ * with PEM files. Can be NULL.
* @return 0 on success, -1 on error.
*/
int nc_server_tls_ch_set_trusted_cacert_locations(const char *cacert_file_path, const char *cacert_dir_path);
/**
* @brief Destroy and clean all the set Call Home certificates and private keys.
- * CRLs and CTN entries are not affected.
+ * CRLs and CTN entries are not affected.
*/
void nc_server_tls_ch_clear_certs(void);
/**
* @brief Set Call Home Certificate Revocation List locations. There can only be
- * one file and one directory, they are replaced if already set.
+ * one file and one directory, they are replaced if already set.
*
* @param[in] crl_file_path Path to a CRL store file in PEM format. Can be NULL.
* @param[in] crl_dir_path Path to a CRL store hashed directory (c_rehash utility
- * can be used to create hashes) with PEM files. Can be NULL.
+ * can be used to create hashes) with PEM files. Can be NULL.
* @return 0 on success, -1 on error.
*/
int nc_server_tls_ch_set_crl_locations(const char *crl_file_path, const char *crl_dir_path);
/**
* @brief Destroy and clean Call Home CRLs. Call Home certificates, private keys,
- * and CTN entries are not affected.
+ * and CTN entries are not affected.
*/
void nc_server_tls_ch_clear_crls(void);
@@ -240,7 +241,7 @@
/**
* @brief Clear all the TLS Call Home options. Afterwards a new set of options
- * can be set for the next client to connect.
+ * can be set for the next client to connect.
*/
void nc_server_tls_ch_clear_opts(void);
diff --git a/src/session_server_tls.c b/src/session_server_tls.c
index 57e00fe..f06584d 100644
--- a/src/session_server_tls.c
+++ b/src/session_server_tls.c
@@ -24,6 +24,7 @@
#include <string.h>
#include <poll.h>
+#include <unistd.h>
#include <openssl/ssl.h>
#include <openssl/evp.h>