perl::NetApp::NaServerUser Contributed Perl Documentaperl::NetApp::NaServer(3)



1mNAME0m
	 NaServer ‐ class for managing Network Appliance(r)
		    filers using ONTAPI(tm) APIs.

1mDESCRIPTION0m
	 An NaServer encapsulates an administrative connection to
	 a NetApp filer running ONTAP 6.4 or later.  You construct
	 NaElement objects that represent queries or commands, and
	 use invoke_elem() to send them to the filer (a convenience
	 routine called invoke() can be used to bypass the element
	 construction step.  The return from the call is another
	 NaElement which either has children containing the command
	 results, or an error indication.

	 The following routines are available for setting up
	 administrative connections to a filer.

       1mnew($filer, $majorversion22m, $minorversion)

	 Create a new connection to filer $filer.  Before
	 use, you either need to set the style to "hosts.equiv"
	 or set the username (always "root" at present) and
	 password with set_admin_user().

       1mset_style($style)0m

	 Pass in "LOGIN" to cause the server to use HTTP
	 simple authentication with a username and
	 password.  Pass in "HOSTS" to use the hosts.equiv
	 file on the filer to determine access rights (the
	 username must be root in that case). Pass in "CERTIFICATE"
	  to use certificate based authentication with the
	  DataFabric Manager server.

	  If $style = CERTIFICATE, you can use certificates to
	  authenticate clients who attempt to connect to a server
	  without the need of username and password. This style will
	  internally set the transport type to HTTPS. Verification of
	  the server’s certificate is required in order to properly
	  authenticate the identity of the server. Server certificate
	  (with hostname) verification will be enabled by default using
	  this style. You can disable server certificate (with hostname)
	  verification using set_server_cert_verification() and you can
	  disable only hostname verification using set_hostname_verification().

       4mget_style()0m

	 Get the authentication style

       1mset_admin_user($user, $password)0m

	 Set the admin username and password.  At present
	 $user must always be "root".

       1mset_server_type($type)0m

	 Pass in one of these keywords: "FILER" or "NETCACHE"
	 to indicate whether the server is a filer or a NetCache
	 appliance.

	 If you also use set_port(), call set_port() AFTER calling
	 this routine.

	 The default is "FILER".

       4mget_server_type()0m

	 Get the type of server this server connection applies to.

       1mset_transport_type($scheme)0m

	 Override the default transport type.  The valid transport
	 type are currently "HTTP", "HTTPS".

       4mget_transport_type()0m

	 Retrieve the transport used for this connection.

       1mset_debug_style($style)0m

	       Set the style of debug.

       1mset_port($port)0m

	 Override the default port for this server.  If you
	 also call set_server_type(), you must call it before
	 calling set_port().

       4mget_port()0m

	 Retrieve the port used for the remote server.

       4mis_debugging()0m

	       Check the type of debug style and return the
	       value for different needs.
	       Return 1 if debug style is NA_PRINT_DONT_PARSE
	       else return 0.
       =cut

       sub 4mis_debugging()24m {      my $self = shift;		my $style =
       $self−>{debug_style};	  if ($style ne "NA_NO_DEBUG") {
		 return 1;	}      else {		return 0;      } }
       #============================================================#

       4mget_raw_xml_output()0m

	       Return the raw XML output.

       1mset_raw_xml_output($$)0m

	       Save the raw XML output.

       4muse_https()0m

	  Determines whether https is enabled.

       1minvoke_elem($elt)0m

	 Submit an XML request already encapsulated as
	 an NaElement and return the result in another
	 NaElement.

       1minvoke($api, [$argname, $argval] ...)0m

	  A convenience routine which wraps invoke_elem().
	  It constructs an NaElement with name $api, and
	  for each argument name/value pair, adds a child
	  element to it.  It’s an error to have an even
	  number of arguments to this function.

	  Example: $myserver‐>invoke("snapshot‐create",
				     "snapshot", "mysnapshot",
				     "volume", "vol0");

1mCOPYRIGHT0m
	 Copyright 2002‐2003 Network Appliance, Inc. All rights
	 reserved. Specifications subject to change without notice.

	 This SDK sample code is provided AS IS, with no support or
	 warranties of any kind, including but not limited to
	 warranties of merchantability or fitness of any kind,
	 expressed or implied.	This code is subject to the license
	 agreement that accompanies the SDK.

       1mset_vfiler($vfiler)0m

	 sets the vfiler name. This function is added for vfiler‐tunneling.

       1mset_vserver($vserver) Sets the vserver name. This function is added for0m
       1mvserver−tunneling. However, vserver tunneling actually uses vfiler−tun‐0m
       1mneling. Hence this function internally sets the vfiler name.0m


       4mget_vserver()24m 1mGets the vserver name. This function is added for0m
       1mvserver−tunneling. However, vserver tunneling actually uses vfiler−tun‐0m
       1mneling. Hence this function actually returns the vfiler name. =cut0m

       sub get_vserver () {	 my $self = shift;	return
       $self−>{vfiler}; }

       1mset_originator_id($originator_id) Function to set the originator_id0m
       1mbefore executing any ONTAP API. =cut0m

       sub set_originator_id ($$) {	 my $self = shift;	my $origina‐
       tor_id = shift;

	       $self‐>{originator_id} = $originator_id;
	       return 0;
       }

       4mget_originator_id()24m 1mGets the originator_id for the given server context0m
       1mon which the ONTAP API commands get invoked. =cut0m

       sub get_originator_id () {      my $self = shift;      return
       $self−>{originator_id}; }

       sub set_timeout ($$) {	   my $self = shift;	  my $timeout = shift;
	    $self−>{timeout} = $timeout; }

       sub get_timeout () {	 my $self = shift;	return $self−>{time‐
       out}; }

       4mget_complete_xml_output()24m 1mGets the complete XML output in NaElement0m
       1mformat that is being # returned by the server. =cut0m

       sub 4mget_complete_xml_output()24m {	 my $self = shift;	return
       $self−>{complete_xml_output}; }
       #============================================================#

       4mset_server_cert_verification()24m 1mEnables or disables server certificate0m
       1mverification by the client. Server certificate verification is enabled0m
       1mby default when style is set to CERTIFICATE. Hostname verification is0m
       1menabled by default during server certificate verification. =cut0m

       sub set_server_cert_verification ($$) {	    my $self = shift;	   my
       $enable = shift;

	       if ($enable != 0 and $enable != 1) {
		       return $self‐>fail_response(13001,
			       "in NaServer::set_server_cert_verification:
				       invalid argument $enable specified");
	       }
	       if (!$self‐>use_https()) {
		       return $self‐>fail_response(13001,
			       "in NaServer::set_server_cert_verification: server certificate verification can only be enabled or disabled for HTTPS transport type");
	       }
	       # To verify the DFM Server certificate signature, we need to
	       # add SHA‐256 digest. This digest is available in Net::SSLeay 1.36 library
	       # compiled with OPENSSL_VERSION_NUMBER >= 0x0090800fL.
	       if ($add_sha_256_digest && $enable && $Net::SSLeay::VERSION >= 1.36 &&
			       Net::SSLeay::OPENSSL_VERSION_NUMBER() >= 0x0090800f) {
		       eval Net::SSLeay::EVP_add_digest(Net::SSLeay::EVP_sha256());
		       $add_sha_256_digest = 0;
	       }
	       $self‐>{enable_server_cert_verification} = $enable;
	       $self‐>{enable_hostname_verification} = $enable;
	       return undef;
       }

       #============================================================#

       4mis_server_cert_verification_enabled()24m 1mDetermines whether server cer‐0m
       1mtificate verification is enabled or not. Returns 1 if it is enabled,0m
       1melse returns 0. =cut0m

       sub is_server_cert_verification_enabled($) {	 my $self = shift;
	    return ($self−>{enable_server_cert_verification}); }

       #============================================================#

       4mset_client_cert_and_key()24m 1mSets the client certificate and key files0m
       1mthat are required for client authentication by the server using cer‐0m
       1mtificates. If key file is not defined, then the certificate file will0m
       1mbe used as the key file. =cut0m

       sub set_client_cert_and_key ($$$$) {	 my $self = shift;	my
       $cert_file = shift;	my $key_file = shift;	   my $key_passwd =
       shift;	   my $err_reason;	my $ctx = $self−>{ctx};

	       if ($ctx eq "") {
		       return $self‐>fail_response(13001,
		       "in NaServer::set_client_cert_and_key: SSL context not initialized");
	       }

	       if (!$cert_file) {
		       return $self‐>fail_response(13001,
		       "in NaServer::set_client_cert_and_key: certificate file not specified");
	       }

	       if (!(Net::SSLeay::CTX_use_certificate_chain_file($ctx, $cert_file))) {
		       $err_reason =  $self‐>get_cert_err_reason(&Net::SSLeay::ERR_get_error);
		       return $self‐>fail_response(13001,
		       "in NaServer::set_client_cert_and_key: failed to load certificate file: " . $err_reason);
	       }

	       if (!$key_file) {
		       $key_file = $cert_file;
	       }
	       if (!$key_passwd) {
		       $key_passwd = "";
	       }

	       Net::SSLeay::CTX_set_default_passwd_cb($ctx, sub {$key_passwd});

	       if (!(Net::SSLeay::CTX_use_PrivateKey_file($ctx, $key_file, &Net::SSLeay::FILETYPE_PEM))) {
		       $err_reason =  $self‐>get_cert_err_reason(&Net::SSLeay::ERR_get_error);
		       return $self‐>fail_response(13001,
		       "in NaServer::set_client_cert_and_key: failed to load key file: " . $err_reason);
	       }
	       return undef;
       }

       #============================================================#

       4mset_ca_certs()24m 1mSpecifies the certificates of the Certificate Authori‐0m
       1mties (CAs) that are trusted by this application and that will be used0m
       1mto verify the remote server certificate.0m


       4mset_hostname_verification()24m 1mEnables or disables hostname verification0m
       1mby the client during server certificate the server certificate. =cut0m

       sub set_hostname_verification ($$) {	 my $self = shift;	my
       $enable = shift;

	       if ($enable != 0 and $enable != 1) {
		       return $self‐>fail_response(13001,
			       "in NaServer::set_hostname_verification:
				       invalid argument $enable specified");
	       }
	       if ($self‐>{enable_server_cert_verification} == 0) {
		       return $self‐>fail_response(13001,
			       "in NaServer::set_hostname_verification: server certificate verification is not enabled");
	       }
	       $self‐>{enable_hostname_verification} = $enable;
	       return undef;
       }

       #============================================================#

       4mis_hostname_verification_enabled()24m 1mDetermines whether hostname verifi‐0m
       1mcation is enabled or not. Returns 1 if it is enabled, else returns 00m
       1m=cut0m

       sub is_hostname_verification_enabled ($) {      my $self = shift;
	    return ($self−>{enable_hostname_verification}); }

       #============================================================#

       4mverify_server_certificate()24m 1mSubroutine which verifies the common name0m
       1min the server certificate against the given hostname. This subroutine0m
       1mreturns "undef" on success.0m




perl v5.8.8			  2012‐05‐13	     perl::NetApp::NaServer(3)
