├── .github └── workflows │ ├── ci.yml │ └── devel-push.yml ├── .gitignore ├── CMakeLists.txt ├── CMakeModules ├── ABICheck.cmake ├── FindCMocka.cmake ├── FindLibPAM.cmake ├── FindLibSSH.cmake ├── FindLibVAL.cmake ├── FindLibYANG.cmake ├── FindMbedTLS.cmake ├── FindUncrustify.cmake ├── GenCoverage.cmake ├── GenDoc.cmake ├── SourceFormat.cmake ├── UseCompat.cmake └── uninstall.cmake ├── CODINGSTYLE.md ├── Doxyfile.in ├── FAQ.md ├── FindLibNETCONF2.cmake ├── LICENSE ├── README.md ├── SECURITY.md ├── codecov.yml ├── compat ├── check_includes.sh ├── compat.c └── compat.h.in ├── distro ├── README.md ├── config │ └── apkg.toml ├── pkg │ ├── deb │ │ ├── changelog │ │ ├── compat │ │ ├── control │ │ ├── copyright │ │ ├── gbp.conf │ │ ├── libnetconf2-dev.install │ │ ├── libnetconf4.install │ │ ├── rules │ │ ├── source │ │ │ └── format │ │ └── watch │ └── rpm │ │ └── libnetconf2.spec ├── scripts │ ├── make-archive.sh │ └── upstream-version.sh └── tests │ ├── control │ └── test-pkg-config.sh ├── doc ├── cesnet-style.css └── libnetconf.doc ├── examples ├── CMakeLists.txt ├── README.md ├── admin_key ├── admin_key.pub ├── client.c ├── config.json ├── example.h.in └── server.c ├── libnetconf2.pc.in ├── modules ├── iana-crypt-hash@2014-04-04.yang ├── iana-ssh-encryption-algs@2022-06-16.yang ├── iana-ssh-key-exchange-algs@2022-06-16.yang ├── iana-ssh-mac-algs@2022-06-16.yang ├── iana-ssh-public-key-algs@2022-06-16.yang ├── iana-tls-cipher-suite-algs@2022-06-16.yang ├── ietf-crypto-types@2023-12-28.yang ├── ietf-keystore@2023-12-28.yang ├── ietf-netconf-acm@2018-02-14.yang ├── ietf-netconf-monitoring@2010-10-04.yang ├── ietf-netconf-server@2023-12-28.yang ├── ietf-netconf@2013-09-29.yang ├── ietf-ssh-common@2023-12-28.yang ├── ietf-ssh-server@2023-12-28.yang ├── ietf-tcp-client@2023-12-28.yang ├── ietf-tcp-common@2023-12-28.yang ├── ietf-tcp-server@2023-12-28.yang ├── ietf-tls-common@2023-12-28.yang ├── ietf-tls-server@2023-12-28.yang ├── ietf-truststore@2023-12-28.yang ├── ietf-x509-cert-to-name@2014-12-10.yang ├── ietf_netconf@2013-09-29_yang.h ├── ietf_netconf_monitoring@2010-10-04_yang.h └── libnetconf2-netconf-server@2025-01-23.yang ├── nc_client.h.in ├── nc_server.h.in ├── nc_version.h.in ├── src ├── config.h.in ├── io.c ├── log.c ├── log.h ├── log_p.h ├── messages_client.c ├── messages_client.h ├── messages_p.h ├── messages_server.c ├── messages_server.h ├── netconf.h ├── server_config.c ├── server_config.h ├── server_config_ks.c ├── server_config_p.h ├── server_config_ts.c ├── server_config_util.c ├── server_config_util.h ├── server_config_util_ssh.c ├── server_config_util_tls.c ├── session.c ├── session.h ├── session_client.c ├── session_client.h ├── session_client_ch.h ├── session_client_ssh.c ├── session_client_tls.c ├── session_mbedtls.c ├── session_openssl.c ├── session_p.h ├── session_server.c ├── session_server.h ├── session_server_ch.h ├── session_server_ssh.c ├── session_server_tls.c └── session_wrapper.h ├── tests ├── CMakeLists.txt ├── config.h.in ├── data │ ├── 042686bb.0 │ ├── 0b527f1f.0 │ ├── 5412ca73.0 │ ├── 62436b04.0 │ ├── authorized_keys │ ├── client.crt │ ├── client.key │ ├── crl.pem │ ├── ec_server.crt │ ├── ec_server.key │ ├── ec_serverca.pem │ ├── id_ecdsa256 │ ├── id_ecdsa256.pub │ ├── id_ecdsa384 │ ├── id_ecdsa384.pub │ ├── id_ecdsa521 │ ├── id_ecdsa521.pub │ ├── id_ed25519 │ ├── id_ed25519.pub │ ├── key_ecdsa │ ├── key_ecdsa.pub │ ├── key_rsa │ ├── key_rsa.pub │ ├── modules │ │ ├── ietf-netconf-acm.yin │ │ ├── ietf-netconf-monitoring.yin │ │ ├── ietf-netconf-notifications.yin │ │ ├── ietf-netconf-with-defaults.yin │ │ ├── ietf-netconf.yin │ │ ├── module-a-dv.yang │ │ ├── module-a-dv2.yang │ │ ├── module-a.yang │ │ ├── nc-notifications.yin │ │ ├── notif1.yang │ │ └── notifications.yin │ ├── nc10 │ │ └── rpc-lock │ ├── nc11 │ │ └── rpc-lock │ ├── server.crt │ ├── server.key │ ├── serverca.key │ └── serverca.pem ├── library_lsan.supp ├── library_valgrind.supp ├── ln2_test.c ├── ln2_test.h ├── pam │ └── pam_netconf.c ├── test_auth_ssh.c ├── test_authkeys.c ├── test_cert_exp_notif.c ├── test_ch.c ├── test_client_messages.c ├── test_client_monitoring.c ├── test_client_thread.c ├── test_endpt_share_clients.c ├── test_fd_comm.c ├── test_io.c ├── test_ks_ts.c ├── test_pam.c ├── test_replace.c ├── test_runtime_changes.c ├── test_thread_messages.c ├── test_tls.c ├── test_two_channels.c └── test_unix_socket.c └── uncrustify.cfg /.github/workflows/devel-push.yml: -------------------------------------------------------------------------------- 1 | name: libnetconf2 devel push 2 | on: 3 | push: 4 | branches: 5 | - devel 6 | 7 | env: 8 | DEFAULT_PACKAGES: libcmocka-dev zlib1g-dev libssh-dev libssl-dev libpam0g-dev libcurl4-openssl-dev 9 | COVERITY_PROJECT: CESNET%2Flibnetconf2 10 | 11 | jobs: 12 | git-branch: 13 | name: Get git branch 14 | runs-on: ubuntu-latest 15 | outputs: 16 | branch-name: ${{ steps.get-git-branch.outputs.branch-name }} 17 | steps: 18 | - id: get-git-branch 19 | run: | 20 | if ${{ github.event_name == 'push' }} 21 | then export GIT_BRANCH=`echo ${{ github.ref }} | cut -d'/' -f 3` 22 | else 23 | export GIT_BRANCH=${{ github.base_ref }} 24 | fi 25 | echo "branch-name=$GIT_BRANCH" >> $GITHUB_OUTPUT 26 | 27 | build: 28 | name: ${{ matrix.config.name }} 29 | runs-on: ${{ matrix.config.os }} 30 | needs: git-branch 31 | strategy: 32 | fail-fast: false 33 | matrix: 34 | config: 35 | - { 36 | name: "Coverity", 37 | os: "ubuntu-latest", 38 | build-type: "Debug", 39 | dep-build-type: "Debug", 40 | cc: "clang", 41 | options: "-DENABLE_DNSSEC=ON", 42 | packages: "", 43 | snaps: "", 44 | make-prepend: "cov-build --dir cov-int", 45 | make-target: "" 46 | } 47 | - { 48 | name: "Codecov", 49 | os: "ubuntu-latest", 50 | build-type: "Debug", 51 | dep-build-type: "Debug", 52 | cc: "gcc", 53 | options: "-DENABLE_COVERAGE=ON -DENABLE_DNSSEC=ON", 54 | packages: "lcov", 55 | snaps: "", 56 | make-prepend: "", 57 | make-target: "" 58 | } 59 | 60 | steps: 61 | - uses: actions/checkout@main 62 | 63 | - name: Deps-packages 64 | shell: bash 65 | run: | 66 | sudo add-apt-repository ppa:kedazo/libssh-0.7.x -y 67 | sudo apt-get update 68 | sudo apt-get install $DEFAULT_PACKAGES ${{ matrix.config.packages }} 69 | if ${{ matrix.config.snaps != '' }} 70 | then sudo snap install ${{ matrix.config.snaps }} 71 | fi 72 | 73 | - name: Deps-coverity 74 | shell: bash 75 | working-directory: ${{ github.workspace }} 76 | run: | 77 | wget -q https://scan.coverity.com/download/linux64 --post-data "token=$TOKEN&project=$COVERITY_PROJECT" -O coverity-tools.tar.gz 78 | mkdir coverity-tools 79 | tar xzf coverity-tools.tar.gz --strip 1 -C coverity-tools 80 | env: 81 | TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} 82 | if: ${{ matrix.config.name == 'Coverity' }} 83 | 84 | - name: Deps-libyang 85 | shell: bash 86 | run: | 87 | git clone -b ${{ needs.git-branch.outputs.branch-name }} https://github.com/CESNET/libyang.git 88 | cd libyang 89 | mkdir build 90 | cd build 91 | CC=${{ matrix.config.cc }} cmake -DCMAKE_BUILD_TYPE=${{ matrix.config.dep-build-type }} -DENABLE_TESTS=OFF .. 92 | make -j2 93 | sudo make install 94 | 95 | - name: Deps-libval 96 | shell: bash 97 | run: | 98 | git clone https://github.com/DNSSEC-Tools/DNSSEC-Tools.git dnssec-tools 99 | cd dnssec-tools/dnssec-tools/validator 100 | ./configure 101 | make -j2 102 | sudo make install 103 | 104 | - name: Configure 105 | shell: bash 106 | working-directory: ${{ github.workspace }} 107 | run: | 108 | mkdir build 109 | cd build 110 | CC=${{ matrix.config.cc }} cmake -DCMAKE_BUILD_TYPE=${{ matrix.config.build-type }} ${{ matrix.config.options }} .. 111 | 112 | - name: Build 113 | shell: bash 114 | working-directory: ${{ github.workspace }}/build 115 | run: | 116 | export LC_ALL=C.UTF-8 117 | export PATH=/snap/bin:${{ github.workspace }}/coverity-tools/bin:$PATH 118 | ${{ matrix.config.make-prepend }} make ${{ matrix.config.make-target }} 119 | 120 | - name: Test 121 | shell: bash 122 | working-directory: ${{ github.workspace }}/build 123 | run: ctest --output-on-failure 124 | 125 | - name: Upload to Coverity.com 126 | shell: bash 127 | working-directory: ${{ github.workspace }}/build 128 | run: | 129 | tar czvf libnetconf2.tgz cov-int 130 | curl \ 131 | --form token=$TOKEN \ 132 | --form email=mvasko@cesnet.cz \ 133 | --form file=@libnetconf2.tgz \ 134 | --form version="`grep Version ./libnetconf2.pc | cut -d' ' -f 2`" \ 135 | --form description="libnetconf2 NETCONF library" \ 136 | https://scan.coverity.com/builds?project=$COVERITY_PROJECT 137 | env: 138 | TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} 139 | if: ${{ matrix.config.name == 'Coverity' }} 140 | 141 | - name: Upload to Codecov.io 142 | shell: bash 143 | working-directory: ${{ github.workspace }}/build 144 | run: bash <(curl -s https://codecov.io/bash) 145 | if: ${{ matrix.config.name == 'Codecov' }} 146 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /pkg 2 | /build 3 | /doc/html 4 | -------------------------------------------------------------------------------- /CMakeModules/ABICheck.cmake: -------------------------------------------------------------------------------- 1 | # generate API/ABI report 2 | macro(LIB_ABI_CHECK LIB_TARGET LIB_HEADERS LIB_SOVERSION_FULL ABI_BASE_HASH) 3 | # get short hash 4 | string(SUBSTRING "${ABI_BASE_HASH}" 0 8 ABI_BASE_HASH_SHORT) 5 | 6 | # find abi-dumper 7 | find_program(ABI_DUMPER abi-dumper) 8 | find_package_handle_standard_args(abi-dumper DEFAULT_MSG ABI_DUMPER) 9 | if(NOT ABI_DUMPER) 10 | message(FATAL_ERROR "Program abi-dumper not found!") 11 | endif() 12 | 13 | # find abi-checker 14 | find_program(ABI_CHECKER abi-compliance-checker) 15 | find_package_handle_standard_args(abi-compliance-checker DEFAULT_MSG ABI_CHECKER) 16 | if(NOT ABI_CHECKER) 17 | message(FATAL_ERROR "Program abi-compliance-checker not found!") 18 | endif() 19 | 20 | # abi-dump target - generating an ABI dump 21 | set(PUBLIC_HEADERS ${LIB_HEADERS}) 22 | string(PREPEND PUBLIC_HEADERS "${CMAKE_SOURCE_DIR}/") 23 | string(REPLACE ";" "\n${CMAKE_SOURCE_DIR}/" PUBLIC_HEADERS "${PUBLIC_HEADERS}") 24 | file(GENERATE OUTPUT ${CMAKE_BINARY_DIR}/public_headers CONTENT "${PUBLIC_HEADERS}") 25 | add_custom_target(abi-dump 26 | COMMAND ${ABI_DUMPER} ./lib${LIB_TARGET}${CMAKE_SHARED_LIBRARY_SUFFIX} 27 | -o lib${LIB_TARGET}.${LIB_SOVERSION_FULL}.dump 28 | -lver ${LIB_SOVERSION_FULL} -public-headers ${CMAKE_BINARY_DIR}/public_headers 29 | DEPENDS ${LIB_TARGET} 30 | BYPRODUCTS ${CMAKE_BINARY_DIR}/lib${LIB_TARGET}.${LIB_SOVERSION_FULL}.dump 31 | WORKING_DIRECTORY ${CMAKE_BINARY_DIR} 32 | COMMENT "Dumping ABI information of version ${LIB_SOVERSION_FULL} for abi-check") 33 | 34 | # get URL for fetching origin 35 | execute_process(COMMAND git remote get-url origin OUTPUT_VARIABLE ORIGIN_URL OUTPUT_STRIP_TRAILING_WHITESPACE) 36 | 37 | # generate script for generating the base ABI dump 38 | file(GENERATE OUTPUT ${CMAKE_BINARY_DIR}/abibase.sh CONTENT "#!/bin/sh 39 | if [ ! -d abibase ]; then mkdir abibase; fi 40 | cd abibase 41 | if [ ! -f build/lib${LIB_TARGET}.*.dump ]; then 42 | if [ -d .git ] && [ \"${ABI_BASE_HASH}\" != \"`git log --pretty=oneline | cut -d' ' -f1`\" ]; then rm -rf .* 2> /dev/null; fi 43 | if [ ! -d .git ]; then 44 | git init --initial-branch=master 45 | git remote add origin ${ORIGIN_URL} 46 | git fetch origin --depth 1 ${ABI_BASE_HASH} 47 | git reset --hard FETCH_HEAD 48 | fi 49 | if [ ! -d build ]; then mkdir build; fi 50 | cd build 51 | cmake -DCMAKE_BUILD_TYPE=ABICheck .. 52 | make abi-dump 53 | fi 54 | ") 55 | 56 | # abi-check target - check ABI compatibility of current version and the base hash version 57 | add_custom_target(abi-check 58 | COMMAND bash ./abibase.sh 59 | COMMAND ${ABI_CHECKER} -l lib${LIB_TARGET}${CMAKE_SHARED_LIBRARY_SUFFIX} 60 | -old abibase/build/lib${LIB_TARGET}.*.dump 61 | -new ./lib${LIB_TARGET}.${LIB_SOVERSION_FULL}.dump -s 62 | DEPENDS ${LIB_TARGET} abi-dump 63 | BYPRODUCTS ${CMAKE_BINARY_DIR}/compat_reports/lib${LIB_TARGET}${CMAKE_SHARED_LIBRARY_SUFFIX}/*_to_${LIB_SOVERSION_FULL}/compat_report.html 64 | WORKING_DIRECTORY ${CMAKE_BINARY_DIR} 65 | COMMENT "Checking ABI compatibility of version ${LIB_SOVERSION_FULL} and revision ${ABI_BASE_HASH_SHORT}") 66 | endmacro() 67 | -------------------------------------------------------------------------------- /CMakeModules/FindCMocka.cmake: -------------------------------------------------------------------------------- 1 | # - Try to find CMocka 2 | # Once done this will define 3 | # 4 | # CMOCKA_ROOT_DIR - Set this variable to the root installation of CMocka 5 | # 6 | # Read-Only variables: 7 | # CMOCKA_FOUND - system has CMocka 8 | # CMOCKA_INCLUDE_DIR - the CMocka include directory 9 | # CMOCKA_LIBRARIES - Link these to use CMocka 10 | # CMOCKA_DEFINITIONS - Compiler switches required for using CMocka 11 | # 12 | #============================================================================= 13 | # Copyright (c) 2011-2012 Andreas Schneider 14 | # 15 | # Distributed under the OSI-approved BSD License (the "License"); 16 | # see accompanying file Copyright.txt for details. 17 | # 18 | # This software is distributed WITHOUT ANY WARRANTY; without even the 19 | # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 20 | # See the License for more information. 21 | #============================================================================= 22 | # 23 | 24 | find_path(CMOCKA_INCLUDE_DIR 25 | NAMES 26 | cmocka.h 27 | PATHS 28 | ${CMOCKA_ROOT_DIR}/include 29 | ) 30 | 31 | find_library(CMOCKA_LIBRARY 32 | NAMES 33 | cmocka 34 | PATHS 35 | ${CMOCKA_ROOT_DIR}/include 36 | ) 37 | 38 | if(CMOCKA_LIBRARY) 39 | set(CMOCKA_LIBRARIES 40 | ${CMOCKA_LIBRARIES} 41 | ${CMOCKA_LIBRARY} 42 | ) 43 | endif() 44 | 45 | include(FindPackageHandleStandardArgs) 46 | find_package_handle_standard_args(CMocka DEFAULT_MSG CMOCKA_LIBRARIES CMOCKA_INCLUDE_DIR) 47 | 48 | # show the CMOCKA_INCLUDE_DIR and CMOCKA_LIBRARIES variables only in the advanced view 49 | mark_as_advanced(CMOCKA_INCLUDE_DIR CMOCKA_LIBRARIES) 50 | -------------------------------------------------------------------------------- /CMakeModules/FindLibPAM.cmake: -------------------------------------------------------------------------------- 1 | # - Try to find LibPAM 2 | # Once done this will define 3 | # 4 | # LIBPAM_FOUND - system has LibPAM 5 | # LIBPAM_INCLUDE_DIRS - the LibPAM include directory 6 | # LIBPAM_LIBRARIES - link these to use LibPAM 7 | # 8 | # Author Roman Janota 9 | # Copyright (c) 2022 CESNET, z.s.p.o. 10 | # 11 | # Redistribution and use in source and binary forms, with or without 12 | # modification, are permitted provided that the following conditions 13 | # are met: 14 | # 15 | # 1. Redistributions of source code must retain the copyright 16 | # notice, this list of conditions and the following disclaimer. 17 | # 2. Redistributions in binary form must reproduce the copyright 18 | # notice, this list of conditions and the following disclaimer in the 19 | # documentation and/or other materials provided with the distribution. 20 | # 3. The name of the author may not be used to endorse or promote products 21 | # derived from this software without specific prior written permission. 22 | # 23 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 24 | # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 | # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26 | # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 27 | # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 28 | # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 32 | # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 | # 34 | 35 | if(LIBPAM_LIBRARIES AND LIBPAM_INCLUDE_DIRS) 36 | # in cache already 37 | set(LIBPAM_FOUND TRUE) 38 | else() 39 | 40 | find_path(LIBPAM_INCLUDE_DIR 41 | NAMES 42 | security/pam_appl.h 43 | security/pam_modules.h 44 | PATHS 45 | /opt/local/include 46 | /sw/include 47 | ${CMAKE_INCLUDE_PATH} 48 | ${CMAKE_INSTALL_PREFIX}/include 49 | ) 50 | 51 | find_library(LIBPAM_LIBRARY 52 | NAMES 53 | pam 54 | PATHS 55 | /usr/lib 56 | /usr/lib64 57 | /opt/local/lib 58 | /sw/lib 59 | ${CMAKE_LIBRARY_PATH} 60 | ${CMAKE_INSTALL_PREFIX}/lib 61 | ) 62 | 63 | if(LIBPAM_INCLUDE_DIR AND LIBPAM_LIBRARY) 64 | set(LIBPAM_FOUND TRUE) 65 | 66 | # check if the function pam_start_confdir is in pam_appl.h header (added in PAM 1.4) 67 | file(STRINGS ${LIBPAM_INCLUDE_DIR}/security/pam_appl.h PAM_CONFDIR REGEX "pam_start_confdir") 68 | if ("${PAM_CONFDIR}" STREQUAL "") 69 | set(LIBPAM_HAVE_CONFDIR FALSE) 70 | else() 71 | set(LIBPAM_HAVE_CONFDIR TRUE) 72 | endif() 73 | else() 74 | set(LIBPAM_FOUND FALSE) 75 | endif() 76 | 77 | set(LIBPAM_INCLUDE_DIRS ${LIBPAM_INCLUDE_DIR}) 78 | set(LIBPAM_LIBRARIES ${LIBPAM_LIBRARY}) 79 | 80 | include(FindPackageHandleStandardArgs) 81 | find_package_handle_standard_args(LibPAM DEFAULT_MSG LIBPAM_LIBRARIES LIBPAM_INCLUDE_DIRS) 82 | 83 | # show the LIBPAM_INCLUDE_DIRS and LIBPAM_LIBRARIES variables only in the advanced view 84 | mark_as_advanced(LIBPAM_INCLUDE_DIRS LIBPAM_LIBRARIES) 85 | 86 | endif() 87 | -------------------------------------------------------------------------------- /CMakeModules/FindLibSSH.cmake: -------------------------------------------------------------------------------- 1 | # - Try to find LibSSH 2 | # Once done this will define 3 | # 4 | # LIBSSH_FOUND - system has LibSSH 5 | # LIBSSH_INCLUDE_DIRS - the LibSSH include directory 6 | # LIBSSH_LIBRARIES - link these to use LibSSH 7 | # LIBSSH_VERSION - 8 | # 9 | # Author Michal Vasko 10 | # Copyright (c) 2020 CESNET, z.s.p.o. 11 | # 12 | # Redistribution and use in source and binary forms, with or without 13 | # modification, are permitted provided that the following conditions 14 | # are met: 15 | # 16 | # 1. Redistributions of source code must retain the copyright 17 | # notice, this list of conditions and the following disclaimer. 18 | # 2. Redistributions in binary form must reproduce the copyright 19 | # notice, this list of conditions and the following disclaimer in the 20 | # documentation and/or other materials provided with the distribution. 21 | # 3. The name of the author may not be used to endorse or promote products 22 | # derived from this software without specific prior written permission. 23 | # 24 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 25 | # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 26 | # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 27 | # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 28 | # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 29 | # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 30 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 31 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 32 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33 | # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 | # 35 | include(FindPackageHandleStandardArgs) 36 | 37 | if(LIBSSH_LIBRARIES AND LIBSSH_INCLUDE_DIRS) 38 | # in cache already 39 | set(LIBSSH_FOUND TRUE) 40 | else() 41 | find_path(LIBSSH_INCLUDE_DIR 42 | NAMES 43 | libssh/libssh.h 44 | PATHS 45 | /usr/include 46 | /usr/local/include 47 | /opt/local/include 48 | /sw/include 49 | ${CMAKE_INCLUDE_PATH} 50 | ${CMAKE_INSTALL_PREFIX}/include 51 | ) 52 | 53 | find_library(LIBSSH_LIBRARY 54 | NAMES 55 | ssh.so 56 | libssh.so 57 | libssh.dylib 58 | PATHS 59 | /usr/lib 60 | /usr/local/lib 61 | /opt/local/lib 62 | /sw/lib 63 | ${CMAKE_LIBRARY_PATH} 64 | ${CMAKE_INSTALL_PREFIX}/lib 65 | ) 66 | 67 | if(LIBSSH_INCLUDE_DIR AND LIBSSH_LIBRARY) 68 | # learn libssh version 69 | if(EXISTS ${LIBSSH_INCLUDE_DIR}/libssh/libssh_version.h) 70 | set(LIBSSH_HEADER_PATH ${LIBSSH_INCLUDE_DIR}/libssh/libssh_version.h) 71 | else() 72 | set(LIBSSH_HEADER_PATH ${LIBSSH_INCLUDE_DIR}/libssh/libssh.h) 73 | endif() 74 | file(STRINGS ${LIBSSH_HEADER_PATH} LIBSSH_VERSION_MAJOR 75 | REGEX "#define[ ]+LIBSSH_VERSION_MAJOR[ ]+[0-9]+") 76 | if(NOT LIBSSH_VERSION_MAJOR) 77 | message(STATUS "LIBSSH_VERSION_MAJOR not found, assuming libssh is too old and cannot be used!") 78 | set(LIBSSH_INCLUDE_DIR "LIBSSH_INCLUDE_DIR-NOTFOUND") 79 | set(LIBSSH_LIBRARY "LIBSSH_LIBRARY-NOTFOUND") 80 | else() 81 | string(REGEX MATCH "[0-9]+" LIBSSH_VERSION_MAJOR ${LIBSSH_VERSION_MAJOR}) 82 | file(STRINGS ${LIBSSH_HEADER_PATH} LIBSSH_VERSION_MINOR 83 | REGEX "#define[ ]+LIBSSH_VERSION_MINOR[ ]+[0-9]+") 84 | string(REGEX MATCH "[0-9]+" LIBSSH_VERSION_MINOR ${LIBSSH_VERSION_MINOR}) 85 | file(STRINGS ${LIBSSH_HEADER_PATH} LIBSSH_VERSION_PATCH 86 | REGEX "#define[ ]+LIBSSH_VERSION_MICRO[ ]+[0-9]+") 87 | string(REGEX MATCH "[0-9]+" LIBSSH_VERSION_PATCH ${LIBSSH_VERSION_PATCH}) 88 | 89 | set(LIBSSH_VERSION ${LIBSSH_VERSION_MAJOR}.${LIBSSH_VERSION_MINOR}.${LIBSSH_VERSION_PATCH}) 90 | 91 | if(LIBSSH_VERSION VERSION_LESS 0.8.0) 92 | # libssh_threads also needs to be linked for these versions 93 | string(REPLACE "libssh.so" "libssh_threads.so" 94 | LIBSSH_THREADS_LIBRARY 95 | ${LIBSSH_LIBRARY} 96 | ) 97 | string(REPLACE "libssh.dylib" "libssh_threads.dylib" 98 | LIBSSH_THREADS_LIBRARY 99 | ${LIBSSH_THREADS_LIBRARY} 100 | ) 101 | string(REPLACE "ssh.so" "ssh_threads.so" 102 | LIBSSH_THREADS_LIBRARY 103 | ${LIBSSH_THREADS_LIBRARY} 104 | ) 105 | endif() 106 | endif() 107 | endif() 108 | 109 | set(LIBSSH_INCLUDE_DIRS ${LIBSSH_INCLUDE_DIR}) 110 | set(LIBSSH_LIBRARIES ${LIBSSH_LIBRARY} ${LIBSSH_THREADS_LIBRARY}) 111 | mark_as_advanced(LIBSSH_INCLUDE_DIRS LIBSSH_LIBRARIES) 112 | 113 | find_package_handle_standard_args(LibSSH FOUND_VAR LIBSSH_FOUND 114 | REQUIRED_VARS LIBSSH_INCLUDE_DIRS LIBSSH_LIBRARIES 115 | VERSION_VAR LIBSSH_VERSION) 116 | endif() 117 | 118 | -------------------------------------------------------------------------------- /CMakeModules/FindLibVAL.cmake: -------------------------------------------------------------------------------- 1 | # - Try to find LibVAL 2 | # Once done this will define 3 | # 4 | # LIBVAL_FOUND - system has LibVAL 5 | # LIBVAL_INCLUDE_DIRS - the LibVAL include directory 6 | # LIBVAL_LIBRARIES - link these to use LibVAL 7 | # 8 | # Author Michal Vasko 9 | # Copyright (c) 2015 CESNET, z.s.p.o. 10 | # 11 | # Redistribution and use in source and binary forms, with or without 12 | # modification, are permitted provided that the following conditions 13 | # are met: 14 | # 15 | # 1. Redistributions of source code must retain the copyright 16 | # notice, this list of conditions and the following disclaimer. 17 | # 2. Redistributions in binary form must reproduce the copyright 18 | # notice, this list of conditions and the following disclaimer in the 19 | # documentation and/or other materials provided with the distribution. 20 | # 3. The name of the author may not be used to endorse or promote products 21 | # derived from this software without specific prior written permission. 22 | # 23 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 24 | # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 | # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26 | # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 27 | # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 28 | # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 32 | # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 | # 34 | 35 | if(LIBVAL_LIBRARIES AND LIBVAL_INCLUDE_DIRS) 36 | # in cache already 37 | set(LIBVAL_FOUND TRUE) 38 | else() 39 | 40 | find_path(LIBVAL_INCLUDE_DIR 41 | NAMES 42 | validator/validator.h 43 | validator/resolver.h 44 | validator/validator-compat.h 45 | validator/val_dane.h 46 | validator/val_errors.h 47 | PATHS 48 | /usr/include 49 | /usr/local/include 50 | /opt/local/include 51 | /sw/include 52 | ${CMAKE_INCLUDE_PATH} 53 | ${CMAKE_INSTALL_PREFIX}/include 54 | ) 55 | 56 | find_library(LIBVAL_LIBRARY 57 | NAMES 58 | libval-threads 59 | val-threads 60 | PATHS 61 | /usr/lib 62 | /usr/lib64 63 | /usr/local/lib 64 | /usr/local/lib64 65 | /opt/local/lib 66 | /sw/lib 67 | ${CMAKE_LIBRARY_PATH} 68 | ${CMAKE_INSTALL_PREFIX}/lib 69 | ) 70 | 71 | find_library(LIBSRES_LIBRARY 72 | NAMES 73 | libsres 74 | sres 75 | PATHS 76 | /usr/lib 77 | /usr/lib64 78 | /usr/local/lib 79 | /usr/local/lib64 80 | /opt/local/lib 81 | /sw/lib 82 | ${CMAKE_LIBRARY_PATH} 83 | ${CMAKE_INSTALL_PREFIX}/lib 84 | ) 85 | 86 | if(LIBVAL_INCLUDE_DIR AND LIBVAL_LIBRARY AND LIBSRES_LIBRARY) 87 | set(LIBVAL_FOUND TRUE) 88 | else() 89 | set(LIBVAL_FOUND FALSE) 90 | endif() 91 | 92 | set(LIBVAL_INCLUDE_DIRS ${LIBVAL_INCLUDE_DIR}) 93 | set(LIBVAL_LIBRARIES ${LIBSRES_LIBRARY} ${LIBVAL_LIBRARY}) 94 | 95 | include(FindPackageHandleStandardArgs) 96 | find_package_handle_standard_args(LibVAL DEFAULT_MSG LIBVAL_LIBRARIES LIBVAL_INCLUDE_DIRS) 97 | 98 | # show the LIBVAL_INCLUDE_DIRS and LIBVAL_LIBRARIES variables only in the advanced view 99 | mark_as_advanced(LIBVAL_INCLUDE_DIRS LIBVAL_LIBRARIES) 100 | 101 | endif() 102 | 103 | -------------------------------------------------------------------------------- /CMakeModules/FindLibYANG.cmake: -------------------------------------------------------------------------------- 1 | # - Try to find LibYANG 2 | # Once done this will define 3 | # 4 | # LIBYANG_FOUND - system has LibYANG 5 | # LIBYANG_INCLUDE_DIRS - the LibYANG include directory 6 | # LIBYANG_LIBRARIES - Link these to use LibYANG 7 | # LIBYANG_VERSION - SO version of the found libyang library 8 | # 9 | # Author Michal Vasko 10 | # Copyright (c) 2021 CESNET, z.s.p.o. 11 | # 12 | # Redistribution and use in source and binary forms, with or without 13 | # modification, are permitted provided that the following conditions 14 | # are met: 15 | # 16 | # 1. Redistributions of source code must retain the copyright 17 | # notice, this list of conditions and the following disclaimer. 18 | # 2. Redistributions in binary form must reproduce the copyright 19 | # notice, this list of conditions and the following disclaimer in the 20 | # documentation and/or other materials provided with the distribution. 21 | # 3. The name of the author may not be used to endorse or promote products 22 | # derived from this software without specific prior written permission. 23 | # 24 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 25 | # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 26 | # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 27 | # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 28 | # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 29 | # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 30 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 31 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 32 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33 | # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 | # 35 | include(FindPackageHandleStandardArgs) 36 | 37 | if(LIBYANG_LIBRARIES AND LIBYANG_INCLUDE_DIRS) 38 | # in cache already 39 | set(LIBYANG_FOUND TRUE) 40 | else() 41 | find_path(LIBYANG_INCLUDE_DIR 42 | NAMES 43 | libyang/libyang.h 44 | PATHS 45 | /usr/include 46 | /usr/local/include 47 | /opt/local/include 48 | /sw/include 49 | ${CMAKE_INCLUDE_PATH} 50 | ${CMAKE_INSTALL_PREFIX}/include 51 | ) 52 | 53 | find_library(LIBYANG_LIBRARY 54 | NAMES 55 | yang 56 | libyang 57 | PATHS 58 | /usr/lib 59 | /usr/lib64 60 | /usr/local/lib 61 | /usr/local/lib64 62 | /opt/local/lib 63 | /sw/lib 64 | ${CMAKE_LIBRARY_PATH} 65 | ${CMAKE_INSTALL_PREFIX}/lib 66 | ) 67 | 68 | if(LIBYANG_INCLUDE_DIR) 69 | find_path(LY_VERSION_PATH "libyang/version.h" HINTS ${LIBYANG_INCLUDE_DIR}) 70 | if(LY_VERSION_PATH) 71 | file(READ "${LY_VERSION_PATH}/libyang/version.h" LY_VERSION_FILE) 72 | else() 73 | find_path(LY_HEADER_PATH "libyang/libyang.h" HINTS ${LIBYANG_INCLUDE_DIR}) 74 | file(READ "${LY_HEADER_PATH}/libyang/libyang.h" LY_VERSION_FILE) 75 | endif() 76 | string(REGEX MATCH "#define LY_VERSION \"[0-9]+\\.[0-9]+\\.[0-9]+\"" LY_VERSION_MACRO "${LY_VERSION_FILE}") 77 | string(REGEX MATCH "[0-9]+\\.[0-9]+\\.[0-9]+" LIBYANG_VERSION "${LY_VERSION_MACRO}") 78 | endif() 79 | 80 | set(LIBYANG_INCLUDE_DIRS ${LIBYANG_INCLUDE_DIR}) 81 | set(LIBYANG_LIBRARIES ${LIBYANG_LIBRARY}) 82 | mark_as_advanced(LIBYANG_INCLUDE_DIRS LIBYANG_LIBRARIES) 83 | 84 | # handle the QUIETLY and REQUIRED arguments and set LIBYANG_FOUND to TRUE 85 | # if all listed variables are TRUE 86 | find_package_handle_standard_args(LibYANG FOUND_VAR LIBYANG_FOUND 87 | REQUIRED_VARS LIBYANG_LIBRARY LIBYANG_INCLUDE_DIR 88 | VERSION_VAR LIBYANG_VERSION) 89 | endif() 90 | -------------------------------------------------------------------------------- /CMakeModules/FindMbedTLS.cmake: -------------------------------------------------------------------------------- 1 | # - Try to find MbedTLS 2 | # Once done this will define 3 | # 4 | # MBEDTLS_FOUND - MbedTLS was found 5 | # MBEDTLS_INCLUDE_DIRS - MbedTLS include directories 6 | # MBEDTLS_LIBRARIES - link these to use MbedTLS 7 | # MBEDTLS_VERSION - version of MbedTLS 8 | # 9 | # Author Roman Janota 10 | # Copyright (c) 2024 CESNET, z.s.p.o. 11 | # 12 | # Redistribution and use in source and binary forms, with or without 13 | # modification, are permitted provided that the following conditions 14 | # are met: 15 | # 16 | # 1. Redistributions of source code must retain the copyright 17 | # notice, this list of conditions and the following disclaimer. 18 | # 2. Redistributions in binary form must reproduce the copyright 19 | # notice, this list of conditions and the following disclaimer in the 20 | # documentation and/or other materials provided with the distribution. 21 | # 3. The name of the author may not be used to endorse or promote products 22 | # derived from this software without specific prior written permission. 23 | # 24 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 25 | # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 26 | # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 27 | # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 28 | # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 29 | # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 30 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 31 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 32 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33 | # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 | # 35 | include(FindPackageHandleStandardArgs) 36 | 37 | if(MBEDTLS_LIBRARIES AND MBEDTLS_INCLUDE_DIRS) 38 | # in cache already 39 | set(MBEDTLS_FOUND TRUE) 40 | else() 41 | find_path(MBEDTLS_INCLUDE_DIR 42 | NAMES 43 | mbedtls/ssl.h 44 | PATHS 45 | /opt/local/include 46 | /sw/include 47 | ${CMAKE_INCLUDE_PATH} 48 | ${CMAKE_INSTALL_PREFIX}/include 49 | ) 50 | 51 | find_library(MBEDTLS_LIBRARY 52 | NAMES 53 | libmbedtls.so 54 | PATHS 55 | /usr/lib 56 | /usr/lib64 57 | /opt/local/lib 58 | /sw/lib 59 | ${CMAKE_LIBRARY_PATH} 60 | ${CMAKE_INSTALL_PREFIX}/lib 61 | ) 62 | 63 | find_library(MBEDX509_LIBRARY 64 | NAMES 65 | libmbedx509.so 66 | PATHS 67 | /usr/lib 68 | /usr/lib64 69 | /opt/local/lib 70 | /sw/lib 71 | ${CMAKE_LIBRARY_PATH} 72 | ${CMAKE_INSTALL_PREFIX}/lib 73 | ) 74 | 75 | find_library(MBEDCRYPTO_LIBRARY 76 | NAMES 77 | libmbedcrypto.so 78 | PATHS 79 | /usr/lib 80 | /usr/lib64 81 | /opt/local/lib 82 | /sw/lib 83 | ${CMAKE_LIBRARY_PATH} 84 | ${CMAKE_INSTALL_PREFIX}/lib 85 | ) 86 | 87 | if(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARY AND MBEDX509_LIBRARY AND MBEDCRYPTO_LIBRARY) 88 | # learn MbedTLS version 89 | if(EXISTS "${MBEDTLS_INCLUDE_DIR}/mbedtls/build_info.h") 90 | file(STRINGS "${MBEDTLS_INCLUDE_DIR}/mbedtls/build_info.h" MBEDTLS_VERSION 91 | REGEX "#define[ \t]+MBEDTLS_VERSION_STRING[ \t]+\"([0-9]+\.[0-9]+\.[0-9]+)\"") 92 | string(REGEX MATCH "[0-9]+\\.[0-9]+\\.[0-9]+" MBEDTLS_VERSION ${MBEDTLS_VERSION}) 93 | endif() 94 | if(NOT MBEDTLS_VERSION) 95 | message(STATUS "MBEDTLS_VERSION not found, assuming MbedTLS is too old and cannot be used!") 96 | set(MBEDTLS_INCLUDE_DIR "MBEDTLS_INCLUDE_DIR-NOTFOUND") 97 | set(MBEDTLS_LIBRARY "MBEDTLS_LIBRARY-NOTFOUND") 98 | endif() 99 | endif() 100 | 101 | set(MBEDTLS_INCLUDE_DIRS ${MBEDTLS_INCLUDE_DIR}) 102 | set(MBEDTLS_LIBRARIES ${MBEDTLS_LIBRARY} ${MBEDX509_LIBRARY} ${MBEDCRYPTO_LIBRARY}) 103 | 104 | find_package_handle_standard_args(MbedTLS FOUND_VAR MBEDTLS_FOUND 105 | REQUIRED_VARS MBEDTLS_INCLUDE_DIRS MBEDTLS_LIBRARIES 106 | VERSION_VAR MBEDTLS_VERSION) 107 | 108 | # show the MBEDTLS_INCLUDE_DIR and MBEDTLS_LIBRARIES variables only in the advanced view 109 | mark_as_advanced(MBEDTLS_INCLUDE_DIRS MBEDTLS_LIBRARIES) 110 | endif() 111 | -------------------------------------------------------------------------------- /CMakeModules/FindUncrustify.cmake: -------------------------------------------------------------------------------- 1 | # - Find uncrustify 2 | # Find the uncrustify binary. 3 | # 4 | # UNCRUSTIFY - path ot the binary 5 | # UNCRUSTIFY_VERSION - found version 6 | # UNCRUSTIFY_FOUND - True if uncrustify found. 7 | include(FindPackageHandleStandardArgs) 8 | 9 | find_program(UNCRUSTIFY uncrustify) 10 | if(UNCRUSTIFY) 11 | execute_process(COMMAND ${UNCRUSTIFY} --version OUTPUT_STRIP_TRAILING_WHITESPACE OUTPUT_VARIABLE VERSION) 12 | string(FIND ${VERSION} "-" START_IDX) 13 | math(EXPR START_IDX "${START_IDX} + 1") 14 | string(SUBSTRING "${VERSION}" ${START_IDX} -1 VERSION) 15 | 16 | string(FIND ${VERSION} "-" LEN) 17 | string(SUBSTRING "${VERSION}" 0 ${LEN} UNCRUSTIFY_VERSION) 18 | endif() 19 | 20 | # Handle the QUIETLY and REQUIRED arguments and set UNCRUSTIFY_FOUND to TRUE if all listed variables are TRUE. 21 | find_package_handle_standard_args(Uncrustify REQUIRED_VARS UNCRUSTIFY VERSION_VAR UNCRUSTIFY_VERSION) 22 | -------------------------------------------------------------------------------- /CMakeModules/GenCoverage.cmake: -------------------------------------------------------------------------------- 1 | # generate test code coverage report 2 | 3 | # check that coverage tools are available - always use before GEN_COVERAGE 4 | macro(GEN_COVERAGE_ENABLE ENABLE_TESTS) 5 | # make into normal variable 6 | set(TESTS_ENABLED ${ENABLE_TESTS}) 7 | 8 | set(GEN_COVERAGE_ENABLED ON) 9 | if(NOT TESTS_ENABLED) 10 | message(WARNING "You cannot generate coverage when tests are disabled. Enable test by additing parameter -DENABLE_BUILD_TESTS=ON or run cmake with Debug build target.") 11 | set(GEN_COVERAGE_ENABLED OFF) 12 | endif() 13 | 14 | if(GEN_COVERAGE_ENABLED) 15 | find_program(PATH_GCOV NAMES gcov) 16 | if(NOT PATH_GCOV) 17 | message(WARNING "gcov executable not found! Disabling building code coverage report.") 18 | set(GEN_COVERAGE_ENABLED OFF) 19 | endif() 20 | endif() 21 | 22 | if(GEN_COVERAGE_ENABLED) 23 | find_program(PATH_LCOV NAMES lcov) 24 | if(NOT PATH_LCOV) 25 | message(WARNING "lcov executable not found! Disabling building code coverage report.") 26 | set(GEN_COVERAGE_ENABLED OFF) 27 | endif() 28 | endif() 29 | 30 | if(GEN_COVERAGE_ENABLED) 31 | find_program(PATH_GENHTML NAMES genhtml) 32 | if(NOT PATH_GENHTML) 33 | message(WARNING "genhtml executable not found! Disabling building code coverage report.") 34 | set(GEN_COVERAGE_ENABLED OFF) 35 | endif() 36 | endif() 37 | 38 | if(GEN_COVERAGE_ENABLED) 39 | if(NOT CMAKE_COMPILER_IS_GNUCC) 40 | message(WARNING "Compiler is not gcc! Coverage may break the tests!") 41 | endif() 42 | 43 | execute_process( 44 | COMMAND bash "-c" "${CMAKE_C_COMPILER} --version | head -n1 | sed \"s/.* (.*) \\([0-9]\\+.[0-9]\\+.[0-9]\\+ .*\\)/\\1/\"" 45 | OUTPUT_VARIABLE GCC_VERSION_FULL 46 | OUTPUT_STRIP_TRAILING_WHITESPACE 47 | ) 48 | execute_process( 49 | COMMAND bash "-c" "${PATH_GCOV} --version | head -n1 | sed \"s/.* (.*) \\([0-9]\\+.[0-9]\\+.[0-9]\\+ .*\\)/\\1/\"" 50 | OUTPUT_VARIABLE GCOV_VERSION_FULL 51 | OUTPUT_STRIP_TRAILING_WHITESPACE 52 | ) 53 | if(NOT GCC_VERSION_FULL STREQUAL GCOV_VERSION_FULL) 54 | message(WARNING "gcc and gcov versions do not match! Generating coverage may fail with errors.") 55 | endif() 56 | 57 | # add specific required compile flags 58 | set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --coverage -fprofile-arcs -ftest-coverage") 59 | endif() 60 | endmacro() 61 | 62 | # tests are always expected to be in ${CMAKE_SOURCE_DIR}/tests 63 | function(GEN_COVERAGE MATCH_TEST_REGEX EXCLUDE_TEST_REGEX) 64 | if(NOT GEN_COVERAGE_ENABLED) 65 | return() 66 | endif() 67 | 68 | # destination 69 | set(COVERAGE_DIR "${CMAKE_BINARY_DIR}/code_coverage/") 70 | set(COVERAGE_FILE_RAW "${CMAKE_BINARY_DIR}/coverage_raw.info") 71 | set(COVERAGE_FILE_CLEAN "${CMAKE_BINARY_DIR}/coverage_clean.info") 72 | 73 | # test match/exclude 74 | if(MATCH_TEST_REGEX) 75 | set(MATCH_TEST_ARGS -R \"${MATCH_TEST_REGEX}\") 76 | endif() 77 | if(EXCLUDE_TEST_REGEX) 78 | set(EXCLUDE_TEST_ARGS -E \"${EXCLUDE_TEST_REGEX}\") 79 | endif() 80 | 81 | # coverage target 82 | add_custom_target(coverage 83 | COMMENT "Generating code coverage..." 84 | WORKING_DIRECTORY "${CMAKE_BINARY_DIR}" 85 | # Cleanup code counters 86 | COMMAND "${PATH_LCOV}" --directory . --zerocounters --quiet 87 | 88 | # Run tests 89 | COMMAND "${CMAKE_CTEST_COMMAND}" --quiet ${MATCH_TEST_ARGS} ${EXCLUDE_TEST_ARGS} 90 | 91 | # Capture the counters 92 | COMMAND "${PATH_LCOV}" 93 | --directory . 94 | --rc lcov_branch_coverage=1 95 | --rc 'lcov_excl_line=assert' 96 | --capture --quiet 97 | --output-file "${COVERAGE_FILE_RAW}" 98 | # Remove coverage of tests, system headers, etc. 99 | COMMAND "${PATH_LCOV}" 100 | --remove "${COVERAGE_FILE_RAW}" '${CMAKE_SOURCE_DIR}/tests/*' 101 | --rc lcov_branch_coverage=1 102 | --quiet --output-file "${COVERAGE_FILE_CLEAN}" 103 | # Generate HTML report 104 | COMMAND "${PATH_GENHTML}" 105 | --branch-coverage --function-coverage --quiet --title "${PROJECT_NAME}" 106 | --legend --show-details --output-directory "${COVERAGE_DIR}" 107 | "${COVERAGE_FILE_CLEAN}" 108 | # Delete the counters 109 | COMMAND "${CMAKE_COMMAND}" -E remove 110 | ${COVERAGE_FILE_RAW} ${COVERAGE_FILE_CLEAN} 111 | ) 112 | 113 | add_custom_command(TARGET coverage POST_BUILD 114 | WORKING_DIRECTORY "${CMAKE_BINARY_DIR}/tests" 115 | COMMENT "To see the code coverage report, open ${COVERAGE_DIR}index.html" 116 | COMMAND ; 117 | ) 118 | endfunction() 119 | -------------------------------------------------------------------------------- /CMakeModules/GenDoc.cmake: -------------------------------------------------------------------------------- 1 | # Prepare building doxygen documentation 2 | macro(GEN_DOC INPUT_FILES PROJECT_VERSION PROJECT_DESCRIPTION DOC_LOGO) 3 | find_package(Doxygen) 4 | if(DOXYGEN_FOUND) 5 | find_program(DOT_PATH dot PATH_SUFFIXES graphviz2.38/bin graphviz/bin) 6 | if(DOT_PATH) 7 | set(HAVE_DOT "YES") 8 | else() 9 | set(HAVE_DOT "NO") 10 | message(AUTHOR_WARNING "Doxygen: to generate UML diagrams please install graphviz") 11 | endif() 12 | 13 | # target doc 14 | add_custom_target(doc 15 | COMMAND ${DOXYGEN_EXECUTABLE} ${CMAKE_BINARY_DIR}/Doxyfile 16 | WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}) 17 | 18 | # generate list with spaces as separators 19 | string(REPLACE ";" " " DOXY_INPUT "${INPUT_FILES}") 20 | 21 | # make other arguments into variables 22 | set(PROJECT_VERSION ${PROJECT_VERSION}) 23 | set(PROJECT_DESCRIPTION ${PROJECT_DESCRIPTION}) 24 | set(DOC_LOGO ${DOC_LOGO}) 25 | 26 | configure_file(Doxyfile.in Doxyfile) 27 | endif() 28 | endmacro() 29 | -------------------------------------------------------------------------------- /CMakeModules/SourceFormat.cmake: -------------------------------------------------------------------------------- 1 | # format source files with uncrustify 2 | 3 | # check that format checking is available - always use before SOURCE_FORMAT 4 | macro(SOURCE_FORMAT_ENABLE) 5 | if(NOT ${ARGC} EQUAL 1) 6 | message(FATAL_ERROR "source_format_enable() needs the required Uncrustify version!") 7 | endif() 8 | 9 | find_package(Uncrustify ${ARGV0}) 10 | if(UNCRUSTIFY_FOUND) 11 | set(SOURCE_FORMAT_ENABLED TRUE) 12 | else() 13 | set(SOURCE_FORMAT_ENABLED FALSE) 14 | endif() 15 | endmacro() 16 | 17 | # files are expected to be a list and relative paths are resolved wtih respect to CMAKE_SOURCE DIR 18 | macro(SOURCE_FORMAT) 19 | if(NOT ${ARGC}) 20 | message(FATAL_ERROR "source_format() needs a list of files to format!") 21 | endif() 22 | 23 | if(SOURCE_FORMAT_ENABLED) 24 | add_custom_target(format 25 | COMMAND ${UNCRUSTIFY} -c ${CMAKE_SOURCE_DIR}/uncrustify.cfg --no-backup --replace ${ARGN} 26 | WORKING_DIRECTORY ${CMAKE_SOURCE_DIR} 27 | COMMENT "Formating sources with ${UNCRUSTIFY} ...") 28 | 29 | add_custom_target(format-check 30 | COMMAND ${UNCRUSTIFY} -c ${CMAKE_SOURCE_DIR}/uncrustify.cfg --check ${ARGN} 31 | WORKING_DIRECTORY ${CMAKE_SOURCE_DIR} 32 | COMMENT "Checking format of the sources with ${UNCRUSTIFY} ...") 33 | 34 | set(SOURCE_FORMAT_ENABLED TRUE) 35 | endif() 36 | endmacro() 37 | -------------------------------------------------------------------------------- /CMakeModules/UseCompat.cmake: -------------------------------------------------------------------------------- 1 | # - Use compat library providing various functions and macros that may be missing on some systems 2 | # Once done this will define 3 | # 4 | # compatsrc - sources to add to compilation 5 | # 6 | # Additionally, "compat.h" include directory is added and can be included. 7 | # 8 | # Author Michal Vasko 9 | # Copyright (c) 2021 - 2023 CESNET, z.s.p.o. 10 | # 11 | # This source code is licensed under BSD 3-Clause License (the "License"). 12 | # You may not use this file except in compliance with the License. 13 | # You may obtain a copy of the License at 14 | # 15 | # https://opensource.org/licenses/BSD-3-Clause 16 | # 17 | include(CheckSymbolExists) 18 | include(CheckIncludeFile) 19 | include(TestBigEndian) 20 | if(POLICY CMP0075) 21 | cmake_policy(SET CMP0075 NEW) 22 | endif() 23 | 24 | macro(USE_COMPAT) 25 | # compatibility checks 26 | list(APPEND CMAKE_REQUIRED_DEFINITIONS -D_POSIX_C_SOURCE=200809L) 27 | list(APPEND CMAKE_REQUIRED_DEFINITIONS -D_GNU_SOURCE) 28 | list(APPEND CMAKE_REQUIRED_DEFINITIONS -D__BSD_VISIBLE=1) 29 | 30 | check_symbol_exists(_POSIX_TIMERS "unistd.h" HAVE_CLOCK) 31 | if(NOT HAVE_CLOCK) 32 | message(FATAL_ERROR "Missing support for clock_gettime() and similar functions!") 33 | endif() 34 | 35 | set(CMAKE_THREAD_PREFER_PTHREAD TRUE) 36 | find_package(Threads) 37 | list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_THREAD_LIBS_INIT}) 38 | 39 | check_symbol_exists(pthread_mutex_timedlock "pthread.h" HAVE_PTHREAD_MUTEX_TIMEDLOCK) 40 | check_symbol_exists(pthread_mutex_clocklock "pthread.h" HAVE_PTHREAD_MUTEX_CLOCKLOCK) 41 | check_symbol_exists(pthread_rwlock_timedrdlock "pthread.h" HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK) 42 | check_symbol_exists(pthread_rwlock_clockrdlock "pthread.h" HAVE_PTHREAD_RWLOCK_CLOCKRDLOCK) 43 | check_symbol_exists(pthread_rwlock_timedwrlock "pthread.h" HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK) 44 | check_symbol_exists(pthread_rwlock_clockwrlock "pthread.h" HAVE_PTHREAD_RWLOCK_CLOCKWRLOCK) 45 | check_symbol_exists(pthread_cond_clockwait "pthread.h" HAVE_PTHREAD_COND_CLOCKWAIT) 46 | if(HAVE_PTHREAD_MUTEX_CLOCKLOCK) 47 | # can use CLOCK_MONOTONIC only if we have pthread_mutex_clocklock() 48 | check_symbol_exists(_POSIX_MONOTONIC_CLOCK "unistd.h" HAVE_CLOCK_MONOTONIC) 49 | endif() 50 | if(HAVE_CLOCK_MONOTONIC) 51 | set(COMPAT_CLOCK_ID "CLOCK_MONOTONIC") 52 | else() 53 | set(COMPAT_CLOCK_ID "CLOCK_REALTIME") 54 | endif() 55 | 56 | check_symbol_exists(vdprintf "stdio.h;stdarg.h" HAVE_VDPRINTF) 57 | check_symbol_exists(asprintf "stdio.h" HAVE_ASPRINTF) 58 | check_symbol_exists(vasprintf "stdio.h" HAVE_VASPRINTF) 59 | check_symbol_exists(getline "stdio.h" HAVE_GETLINE) 60 | 61 | check_symbol_exists(strndup "string.h" HAVE_STRNDUP) 62 | check_symbol_exists(strnstr "string.h" HAVE_STRNSTR) 63 | check_symbol_exists(strdupa "string.h" HAVE_STRDUPA) 64 | check_symbol_exists(strchrnul "string.h" HAVE_STRCHRNUL) 65 | 66 | check_symbol_exists(get_current_dir_name "unistd.h" HAVE_GET_CURRENT_DIR_NAME) 67 | 68 | check_function_exists(timegm HAVE_TIMEGM) 69 | 70 | # crypt 71 | check_include_file("crypt.h" HAVE_CRYPT_H) 72 | 73 | if(${CMAKE_SYSTEM_NAME} MATCHES "QNX") 74 | list(APPEND CMAKE_REQUIRED_LIBRARIES -llogin) 75 | elseif(NOT APPLE) 76 | list(APPEND CMAKE_REQUIRED_LIBRARIES -lcrypt) 77 | endif() 78 | check_symbol_exists(crypt_r "crypt.h" HAVE_CRYPT_R) 79 | 80 | test_big_endian(IS_BIG_ENDIAN) 81 | 82 | check_include_file("stdatomic.h" HAVE_STDATOMIC) 83 | 84 | list(REMOVE_ITEM CMAKE_REQUIRED_DEFINITIONS -D_POSIX_C_SOURCE=200809L) 85 | list(REMOVE_ITEM CMAKE_REQUIRED_DEFINITIONS -D_GNU_SOURCE) 86 | list(REMOVE_ITEM CMAKE_REQUIRED_DEFINITIONS -D__BSD_VISIBLE=1) 87 | list(REMOVE_ITEM CMAKE_REQUIRED_LIBRARIES ${CMAKE_THREAD_LIBS_INIT}) 88 | 89 | # header and source file (adding the source directly allows for hiding its symbols) 90 | configure_file(${PROJECT_SOURCE_DIR}/compat/compat.h.in ${PROJECT_BINARY_DIR}/compat/compat.h @ONLY) 91 | include_directories(${PROJECT_BINARY_DIR}/compat) 92 | set(compatsrc ${PROJECT_SOURCE_DIR}/compat/compat.c) 93 | endmacro() 94 | -------------------------------------------------------------------------------- /CMakeModules/uninstall.cmake: -------------------------------------------------------------------------------- 1 | cmake_minimum_required(VERSION 3.0.2) 2 | 3 | set(MANIFEST "${CMAKE_CURRENT_BINARY_DIR}/install_manifest.txt") 4 | 5 | if(NOT EXISTS ${MANIFEST}) 6 | message(FATAL_ERROR "Cannot find install manifest: ${MANIFEST}") 7 | endif() 8 | 9 | file(STRINGS ${MANIFEST} files) 10 | foreach(file ${files}) 11 | if(EXISTS ${file} OR IS_SYMLINK ${file}) 12 | message(STATUS "Removing: ${file}") 13 | 14 | execute_process(COMMAND rm -f ${file} 15 | RESULT_VARIABLE result 16 | OUTPUT_QUIET 17 | ERROR_VARIABLE stderr 18 | ERROR_STRIP_TRAILING_WHITESPACE 19 | ) 20 | 21 | if(NOT ${result} EQUAL 0) 22 | message(FATAL_ERROR "${stderr}") 23 | endif() 24 | else() 25 | message(STATUS "Does-not-exist: ${file}") 26 | endif() 27 | endforeach(file) 28 | -------------------------------------------------------------------------------- /CODINGSTYLE.md: -------------------------------------------------------------------------------- 1 | # libnetconf2 Coding Style 2 | 3 | This file describes the coding style used in most C files in the libnetconf2 4 | library. 5 | 6 | ## Basics 7 | 8 | - Use space instead of tabs for indentations. 9 | - There is no strict limit for the line length, However, try to keep lines in a 10 | reasonable length (120 characters). 11 | - Avoid trailing spaces on lines. 12 | - Put one blank line between function definitions. 13 | - Don't mix declarations and code within a block. Similarly, don't use 14 | declarations in iteration statements. 15 | 16 | ## Naming 17 | 18 | Use underscores to separate words in an identifier: `multi_word_name`. 19 | 20 | Use lowercase for most names. Use uppercase for macros, macro parameters and 21 | members of enumerations. 22 | 23 | Do not use names that begin with `_`. If you need a name for "internal use 24 | only", use `__` as a suffix instead of a prefix. 25 | 26 | ## Comments 27 | 28 | Avoid `//` comments. Use `/* ... */` comments, write block comments with the 29 | leading asterisk on each line. You may put the `/*` and `*/` on the same line as 30 | comment text if you prefer. 31 | 32 | ```c 33 | /* 34 | * comment text 35 | */ 36 | ``` 37 | 38 | ## Functions 39 | 40 | Put the return type, function name, and the braces that surround the function's 41 | code on separate lines, all starting in column 0. 42 | 43 | ```c 44 | static int 45 | foo(int arg) 46 | { 47 | ... 48 | } 49 | ``` 50 | 51 | When you need to put the function parameters on multiple lines, start new line 52 | at column after the opening parenthesis from the initial line. 53 | 54 | ```c 55 | static int 56 | my_function(struct my_struct *p1, struct another_struct *p2, 57 | int size) 58 | { 59 | ... 60 | } 61 | ``` 62 | 63 | In the absence of good reasons for another order, the following parameter order 64 | is preferred. One notable exception is that data parameters and their 65 | corresponding size parameters should be paired. 66 | 67 | 1. The primary object being manipulated, if any (equivalent to the "this" 68 | pointer in C++). 69 | 2. Input-only parameters. 70 | 3. Input/output parameters. 71 | 4. Output-only parameters. 72 | 5. Status parameter. 73 | 74 | Functions that destroy an instance of a dynamically-allocated type should accept 75 | and ignore a null pointer argument. Code that calls such a function (including 76 | the C standard library function `free()`) should omit a null-pointer check. We 77 | find that this usually makes code easier to read. 78 | 79 | ### Function Prototypes 80 | 81 | Put the return type and function name on the same line in a function prototype: 82 | 83 | ```c 84 | static const struct int foo(int arg); 85 | ``` 86 | 87 | ## Statements 88 | 89 | - Indent each level of code with 4 spaces. 90 | - Put single space between `if`, `while`, `for`, etc. statements and the 91 | expression that follow them. On the other hand, function calls has no space 92 | between the function name and opening parenthesis. 93 | - Opening code block brace is kept at the same line with the `if`, `while`, 94 | `for` or `switch` statements. 95 | 96 | ```c 97 | if (a) { 98 | x = exp(a); 99 | } else { 100 | return 1; 101 | } 102 | ``` 103 | 104 | - Start switch's cases at the same column as the switch. 105 | 106 | ```c 107 | switch (conn->state) { 108 | case 0: 109 | return "data found"; 110 | case 1: 111 | return "data not found"; 112 | default: 113 | return "unknown error"; 114 | } 115 | ``` 116 | 117 | - Do not put gratuitous parentheses around the expression in a return statement, 118 | that is, write `return 0;` and not `return(0);` 119 | 120 | ## Types 121 | 122 | Use typedefs sparingly. Code is clearer if the actual type is visible at the 123 | point of declaration. Do not, in general, declare a typedef for a struct, union, 124 | or enum. Do not declare a typedef for a pointer type, because this can be very 125 | confusing to the reader. 126 | 127 | Use the `int_t` and `uint_t` types from `` for exact-width 128 | integer types. Use the `PRId`, `PRIu`, and `PRIx` macros from 129 | `` for formatting them with `printf()` and related functions. 130 | 131 | Pointer declarators bind to the variable name, not the type name. Write 132 | `int *x`, not `int* x` and definitely not `int * x`. 133 | 134 | ## Expresions 135 | 136 | Put one space on each side of infix binary and ternary operators: 137 | 138 | ```c 139 | * / % + - << >> < <= > >= == != & ^ | && || ?: = += -= *= /= %= &= ^= |= <<= >>= 140 | ``` 141 | 142 | Do not put any white space around postfix, prefix, or grouping operators with 143 | one exception - `sizeof`, see the note below. 144 | 145 | ```c 146 | () [] -> . ! ~ ++ -- + - * & 147 | ``` 148 | 149 | The "sizeof" operator is unique among C operators in that it accepts two very 150 | different kinds of operands: an expression or a type. In general, prefer to 151 | specify an expression 152 | ```c 153 | int *x = calloc(1, sizeof *x); 154 | ``` 155 | When the operand of sizeof is an expression, there is no need to parenthesize 156 | that operand, and please don't. There is an exception to this rule when you need 157 | to work with partially compatible structures: 158 | 159 | ```c 160 | struct a_s { 161 | uint8_t type; 162 | } 163 | 164 | struct b_s { 165 | uint8_t type; 166 | char *str; 167 | } 168 | 169 | struct c_s { 170 | uint8_t type; 171 | uint8_t *u8; 172 | } 173 | ... 174 | struct a_s *a; 175 | 176 | switch (type) { 177 | case 1: 178 | a = (struct a_s *)calloc(1, sizeof(struct b_s)); 179 | break; 180 | case 2: 181 | a = (struct a_s *)calloc(1, sizeof(struct c_s)); 182 | break; 183 | ... 184 | ``` 185 | -------------------------------------------------------------------------------- /FAQ.md: -------------------------------------------------------------------------------- 1 | # Frequently Asked Questions 2 | 3 | __Q: Having a fresh installation of *netopeer2-server*, when I connect to it I see (or something similar):__ 4 | ``` 5 | [ERR]: LN: Failed to set hostkey "genkey" (/tmp/dvcjwz). 6 | ``` 7 | 8 | __A:__ You are using *libssh* that was compiled with *gcrypt* library 9 | as the crypto backend. It does not support default SSH keys generated 10 | during *netopeer2-server* installation. To fix, disable support for this 11 | backend when compiling *libssh* so that some other one is used. 12 | 13 | __Q: When a new NETCONF session is being created, I see the error:__ 14 | ``` 15 | Starting the SSH session failed () 16 | ``` 17 | 18 | __A:__ The most likely reason for this is that the SSH key that is used 19 | for this session authentication uses an algorithm not supported by 20 | your system. The supported algorithms can be configured but if not, they 21 | are automatically loaded by *libssh* from OpenSSH configuration files 22 | (more info in `ssh_config(5)` and `sshd_config(5)`). 23 | 24 | __Q: When I try to connect to a server I immediately get a timeout after authenticating:__ 25 | 26 | __A:__ You are probably using *libssh* version 0.9.3 that includes this 27 | [regression bug](https://bugs.libssh.org/T211). To solve it, you must use another version. 28 | 29 | __Q: When I connect to a server, after around 10-20 seconds I get disconnected with an error:__ 30 | ``` 31 | [ERR]: LN: Session 1: inactive read timeout elapsed. 32 | ``` 33 | 34 | __A:__ There are 2 most common reasons for this error. Either you are not using 35 | a NETCONF client to connect (but `ssh(1)`, for example) and the messages received 36 | by the server are not properly formatted (even an additional `\n` can cause this problem). 37 | To fix, use a NETCONF client instead. Another reason may be that you are using *libssh* 38 | version 0.9.4. It includes a [regression bug](https://gitlab.com/libssh/libssh-mirror/-/merge_requests/101) 39 | that causes this problem and you must use another version to fix it. 40 | 41 | __Q: When I try to enter authentication tokens, they always echo back even though I set echo off:__ 42 | 43 | __A:__ You are most likely using an older version of *libssh* which contains a bug. 44 | The bug was fixed in *libssh* 0.9.0, so you must use at least that version. 45 | 46 | __Q: When connecting over SSH and using publickey authentication, can I use a certificate:__ 47 | 48 | __A:__ No, it is not possible. There are currently 2 main types of certificates - *X.509v3* and *OpenSSH*. 49 | *X.509v3* certificates for Secure Shell Authentication are a part of *NETCONF* specification 50 | according to [RFC 6187](https://datatracker.ietf.org/doc/html/rfc6187), however using them 51 | is currently not supported by *libssh* (version 0.9.6 as of writing this), which *libnetconf2* depends on. 52 | As per the RFC mentioned before there are currently these `publickey` algorithms for *X.509v3* 53 | supported by *NETCONF*: `x509v3-ssh-dss`, `x509v3-ssh-rsa`, `x509v3-rsa2048-sha256` and the family of 54 | Elliptic Curve Digital Signature Algorithms `x509v3-ecdsa-sha2-*`. *libssh* 0.9.6 supports 55 | these certificate publickey algorithms: `ssh-ed25519-cert-v01@openssh.com`, 56 | `ecdsa-sha2-nistp521-cert-v01@openssh.com`, `ecdsa-sha2-nistp384-cert-v01@openssh.com`, 57 | `ecdsa-sha2-nistp256-cert-v01@openssh.com`, `rsa-sha2-512-cert-v01@openssh.com`, 58 | `rsa-sha2-256-cert-v01@openssh.com`, `ssh-rsa-cert-v01@openssh.com` and `ssh-dss-cert-v01@openssh.com`. 59 | 60 | 61 | On the other hand there is a basic support for *OpenSSH* certificates in *libssh*. 62 | The problem is that they are very minimalistic compared to *X.509v3* certificates 63 | as per this [document](https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD). 64 | So when `publickey` authentication happens only the client's `publickey`, 65 | which is extracted from the certificate, is sent to the server instead of the whole certificate. 66 | This means that the `cert-to-name` process required by *NETCONF* can not take place. Specifically, 67 | OpenSSH certificates are missing important fields such as `Common Name`, `Subject Alternative Name` and so on. 68 | 69 | __Q: I have client-side keepalives and monitoring enabled, but it takes a long time for the client to detect that the connection was terminated:__ 70 | __A:__ Assuming that the network connection is fine or is loopback, then this is the standard TCP behavior. 71 | The client will not immediately detect that the connection was terminated unless 72 | it tries to send some data or unless a specific timeout occurs. 73 | 74 | Even though the server was terminated, its socket remains in a lingering state for some time and continues to reply to incoming 75 | TCP keepalive packets. In particular, this timeout you're encountering is most likely affected by the `tcp_fin_timeout` kernel parameter, 76 | which controls how long the TCP stack waits before timing out a half-closed connection after receiving a FIN packet. 77 | The default value is typically 60 seconds, but it can be configured based on your needs. 78 | -------------------------------------------------------------------------------- /FindLibNETCONF2.cmake: -------------------------------------------------------------------------------- 1 | # - Try to find LibNETCONF2 2 | # Once done this will define 3 | # 4 | # LIBNETCONF2_FOUND - system has LibNETCONF2 5 | # LIBNETCONF2_INCLUDE_DIRS - the LibNETCONF2 include directory 6 | # LIBNETCONF2_LIBRARIES - Link these to use LibNETCONF2 7 | # LIBNETCONF2_VERSION - SO version of the found libNETCONF2 library 8 | # LIBNETCONF2_ENABLED_SSH - LibNETCONF2 was compiled with SSH support 9 | # LIBNETCONF2_ENABLED_TLS - LibNETCONF2 was compiled with TLS support 10 | # 11 | # Author Michal Vasko 12 | # Copyright (c) 2021 CESNET, z.s.p.o. 13 | # 14 | # Redistribution and use in source and binary forms, with or without 15 | # modification, are permitted provided that the following conditions 16 | # are met: 17 | # 18 | # 1. Redistributions of source code must retain the copyright 19 | # notice, this list of conditions and the following disclaimer. 20 | # 2. Redistributions in binary form must reproduce the copyright 21 | # notice, this list of conditions and the following disclaimer in the 22 | # documentation and/or other materials provided with the distribution. 23 | # 3. The name of the author may not be used to endorse or promote products 24 | # derived from this software without specific prior written permission. 25 | # 26 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 27 | # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 28 | # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 29 | # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 30 | # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 31 | # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 32 | # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 33 | # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 34 | # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 35 | # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36 | # 37 | include(FindPackageHandleStandardArgs) 38 | 39 | if(LIBNETCONF2_LIBRARIES AND LIBNETCONF2_INCLUDE_DIRS) 40 | # in cache already 41 | set(LIBNETCONF2_FOUND TRUE) 42 | else() 43 | find_path(LIBNETCONF2_INCLUDE_DIR 44 | NAMES 45 | nc_client.h 46 | nc_server.h 47 | PATHS 48 | /usr/include 49 | /usr/local/include 50 | /opt/local/include 51 | /sw/include 52 | ${CMAKE_INCLUDE_PATH} 53 | ${CMAKE_INSTALL_PREFIX}/include 54 | ) 55 | 56 | find_library(LIBNETCONF2_LIBRARY 57 | NAMES 58 | netconf2 59 | libnetconf2 60 | PATHS 61 | /usr/lib 62 | /usr/lib64 63 | /usr/local/lib 64 | /usr/local/lib64 65 | /opt/local/lib 66 | /sw/lib 67 | ${CMAKE_LIBRARY_PATH} 68 | ${CMAKE_INSTALL_PREFIX}/lib 69 | ) 70 | 71 | if(LIBNETCONF2_INCLUDE_DIR) 72 | find_path(NC_VERSION_PATH "nc_version.h" HINTS ${LIBNETCONF2_INCLUDE_DIR}) 73 | if(NOT NC_VERSION_PATH) 74 | message(STATUS "libnetconf2 version header not found, assuming libnetconf2 is too old and cannot be used!") 75 | set(LIBNETCONF2_INCLUDE_DIR "LIBNETCONF2_INCLUDE_DIR-NOTFOUND") 76 | set(LIBNETCONF2_LIBRARY "LIBNETCONF2_LIBRARY-NOTFOUND") 77 | else() 78 | file(READ "${NC_VERSION_PATH}/nc_version.h" NC_VERSION_FILE) 79 | string(REGEX MATCH "#define NC_VERSION \"[0-9]+\\.[0-9]+\\.[0-9]+\"" NC_VERSION_MACRO "${NC_VERSION_FILE}") 80 | string(REGEX MATCH "[0-9]+\\.[0-9]+\\.[0-9]+" LIBNETCONF2_VERSION "${NC_VERSION_MACRO}") 81 | endif() 82 | endif() 83 | 84 | set(LIBNETCONF2_INCLUDE_DIRS ${LIBNETCONF2_INCLUDE_DIR}) 85 | set(LIBNETCONF2_LIBRARIES ${LIBNETCONF2_LIBRARY}) 86 | mark_as_advanced(LIBNETCONF2_INCLUDE_DIRS LIBNETCONF2_LIBRARIES) 87 | 88 | # handle the QUIETLY and REQUIRED arguments and set SYSREPO_FOUND to TRUE 89 | # if all listed variables are TRUE 90 | find_package_handle_standard_args(LibNETCONF2 FOUND_VAR LIBNETCONF2_FOUND 91 | REQUIRED_VARS LIBNETCONF2_LIBRARY LIBNETCONF2_INCLUDE_DIR 92 | VERSION_VAR LIBNETCONF2_VERSION) 93 | 94 | # check the configured options and make them available through cmake 95 | list(INSERT CMAKE_REQUIRED_INCLUDES 0 "${LIBNETCONF2_INCLUDE_DIR}") 96 | check_symbol_exists("NC_ENABLED_SSH" "nc_client.h" LIBNETCONF2_ENABLED_SSH) 97 | check_symbol_exists("NC_ENABLED_TLS" "nc_client.h" LIBNETCONF2_ENABLED_TLS) 98 | list(REMOVE_AT CMAKE_REQUIRED_INCLUDES 0) 99 | endif() 100 | 101 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2015-2020, CESNET 2 | All rights reserved. 3 | 4 | Redistribution and use in source and binary forms, with or without 5 | modification, are permitted provided that the following conditions are met: 6 | 7 | * Redistributions of source code must retain the above copyright notice, this 8 | list of conditions and the following disclaimer. 9 | 10 | * Redistributions in binary form must reproduce the above copyright notice, 11 | this list of conditions and the following disclaimer in the documentation 12 | and/or other materials provided with the distribution. 13 | 14 | * Neither the name of libnetconf2 nor the names of its 15 | contributors may be used to endorse or promote products derived from 16 | this software without specific prior written permission. 17 | 18 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 21 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 22 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 24 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 25 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 26 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | # Security Policy 2 | 3 | If you discover a security-related issue, please report it based on the instructions below. 4 | 5 | ## Reporting a Vulnerability 6 | 7 | Please **DO NOT** file a public issue, instead report the vulnerability on the relevant 8 | [GitHub security](https://github.com/CESNET/libnetconf2/security) page. If you do not receive any reaction within 48 hours, 9 | please also send an email to [mvasko@cesnet.cz]. 10 | 11 | ## Review Process 12 | 13 | After receiving the report, an initial triage and technical analysis is performed to confirm the report and determine 14 | its scope. We may request additional information in this stage of the process. 15 | 16 | Once a reviewer has confirmed the relevance of the report, a draft security advisory will be created on GitHub. The 17 | draft advisory will be used to discuss the issue with maintainers, the reporter(s), and where applicable, other affected 18 | parties under embargo. 19 | 20 | If the vulnerability is accepted, a timeline for developing a patch, public disclosure, and patch release will be 21 | determined. If there is an embargo period on public disclosure before the patch release, the reporter(s) are expected to 22 | participate in the discussion of the timeline and abide by agreed upon dates for public disclosure. 23 | 24 | Usually, the reasonably complex issues are fixed within hours of being reported. 25 | 26 | ## Supported Versions 27 | 28 | After an issue is fixed, it **WILL NOT** be backported to any released version. Instead, it is kept in the public `devel` 29 | branch, which is periodically merged into the main branch when a new release is due. So, the issue will be fixed in the 30 | next release after it is fixed. 31 | -------------------------------------------------------------------------------- /codecov.yml: -------------------------------------------------------------------------------- 1 | comment: 2 | layout: header, changes, diff 3 | 4 | coverage: 5 | precision: 2 6 | round: nearest 7 | 8 | ignore: 9 | - compat/.* 10 | - tests/.* 11 | - examples/.* 12 | 13 | status: 14 | project: 15 | default: 16 | target: auto 17 | if_no_uploads: error 18 | 19 | patch: 20 | default: 21 | if_no_uploads: error 22 | 23 | changes: true 24 | 25 | parsers: 26 | gcov: 27 | branch_detection: 28 | macro: no 29 | loop: no 30 | conditional: no 31 | method: no 32 | 33 | -------------------------------------------------------------------------------- /compat/check_includes.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | RETVAL=0 4 | 5 | # params - paths to the source files to search 6 | SRC="$*" 7 | 8 | # param FUNC - name of the function in compat to check 9 | check_compat_func () { 10 | FILES=`grep -rE "([^[:alnum:]]|^)$1\([^\)]+\)" --include=\*.{c,h} $SRC | cut -d: -f1 | uniq` 11 | for f in $FILES; do 12 | grep -q "#include \"compat.h\"" $f 13 | if [ $? -ne 0 ]; then 14 | echo "Missing #include \"compat.h\" in file $f for function $1()" 15 | RETVAL=$((RETVAL+1)) 16 | fi 17 | done 18 | } 19 | 20 | check_compat_macro () { 21 | FILES=`grep -rE "([^[:alnum:]]|^)$1([^[:alnum:]]|$)" --include=\*.{c,h} $SRC | cut -d: -f1 | uniq` 22 | for f in $FILES; do 23 | grep -q "#include \"compat.h\"" $f 24 | if [ $? -ne 0 ]; then 25 | echo "Missing #include \"compat.h\" in file $f for macro $1" 26 | RETVAL=$((RETVAL+1)) 27 | fi 28 | done 29 | } 30 | 31 | check_compat_func vdprintf 32 | check_compat_func asprintf 33 | check_compat_func vasprintf 34 | check_compat_func getline 35 | check_compat_func strndup 36 | check_compat_func strnstr 37 | check_compat_func strdupa 38 | check_compat_func strchrnul 39 | check_compat_func get_current_dir_name 40 | check_compat_func pthread_mutex_timedlock 41 | check_compat_func UNUSED 42 | check_compat_macro _PACKED 43 | 44 | exit $RETVAL 45 | -------------------------------------------------------------------------------- /distro/README.md: -------------------------------------------------------------------------------- 1 | # upstream packaging 2 | 3 | This directory contains upstream packaging sources in apkg format. 4 | 5 | apkg tool can be used to build packages directly from this source repo. 6 | 7 | See apkg docs: https://pkg.labs.nic.cz/pages/apkg/ 8 | 9 | 10 | ## RPM-based system (Fedora, CentOS, SUSE, ...) quickstart 11 | 12 | ``` 13 | sudo dnf install -y git rpm-build python3-pip 14 | pip3 install apkg 15 | 16 | apkg build -b 17 | ``` 18 | -------------------------------------------------------------------------------- /distro/config/apkg.toml: -------------------------------------------------------------------------------- 1 | [project] 2 | name = "libnetconf2" 3 | make_archive_script = "distro/scripts/make-archive.sh" 4 | 5 | [upstream] 6 | archive_url = "https://github.com/CESNET/libnetconf2/archive/v{{ version }}/libnetconf2-{{ version }}.tar.gz" 7 | version_script = "distro/scripts/upstream-version.sh" 8 | 9 | [apkg] 10 | compat = 2 11 | -------------------------------------------------------------------------------- /distro/pkg/deb/changelog: -------------------------------------------------------------------------------- 1 | libnetconf2 ({{ version }}-{{ release }}) unstable; urgency=medium 2 | 3 | * upstream packaging 4 | 5 | -- Michal Vaško Fri, 01 Oct 2021 14:29:03 +0200 6 | -------------------------------------------------------------------------------- /distro/pkg/deb/compat: -------------------------------------------------------------------------------- 1 | 10 2 | -------------------------------------------------------------------------------- /distro/pkg/deb/control: -------------------------------------------------------------------------------- 1 | Source: libnetconf2 2 | Section: libs 3 | Homepage: https://github.com/CESNET/libnetconf2/ 4 | Maintainer: CESNET 5 | Priority: optional 6 | Standards-Version: 4.5.0 7 | Build-Depends: cmake, 8 | debhelper (>= 10), 9 | libyang-dev, 10 | libssl-dev (>= 3.0.0), 11 | libssh-dev (>= 0.9.5), 12 | libpam0g-dev, 13 | pkg-config, 14 | libcurl4-openssl-dev (>= 7.30.0) 15 | Vcs-Browser: https://github.com/CESNET/libnetconf2/tree/master 16 | Vcs-Git: https://github.com/CESNET/libnetconf2.git 17 | 18 | Package: libnetconf4 19 | Depends: ${misc:Depends}, 20 | ${shlibs:Depends} 21 | Architecture: any 22 | Description: library implementing NETCONF protocol - runtime 23 | Libnetconf2 implements network communication using NETCONF 24 | protocol specified in IETF RFC 6241. It is based on libnetconf 25 | (which it replaces and makes obsolete) but written from scratch. 26 | . 27 | Both server and client-side functionality is provided. 28 | . 29 | It is implemented in C. 30 | 31 | Package: libnetconf2-dev 32 | Depends: libyang-dev, 33 | libnetconf4 (= ${binary:Version}), 34 | ${misc:Depends} 35 | Section: libdevel 36 | Architecture: any 37 | Description: library implementing NETCONF protocol - development files 38 | Libnetconf2 implements network communication using NETCONF 39 | protocol specified in IETF RFC 6241. It is based on libnetconf 40 | (which it replaces and makes obsolete) but written from scratch. 41 | . 42 | Both server and client-side functionality is provided. 43 | . 44 | This package contains the C headers, a pkgconfig file, and .so entry 45 | point for libnetconf2. 46 | -------------------------------------------------------------------------------- /distro/pkg/deb/copyright: -------------------------------------------------------------------------------- 1 | Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ 2 | Upstream-Name: libnetconf2 3 | License: BSD-3-clause 4 | 5 | Files: * 6 | Copyright: 2015-2021 by CESNET, z.s.p.o. 7 | License: BSD-3-clause 8 | 9 | Files: */ietf-*.yang */ietf-*.h 10 | Copyright: 2011-2018 by the IETF Trust and the persons identified as authors 11 | License: IETF-BSD-3-clause 12 | Redistribution and use in source and binary forms, with or 13 | without modification, is permitted pursuant to, and subject 14 | to the license terms contained in, the Simplified BSD 15 | License set forth in Section 4.c of the IETF Trust's 16 | Legal Provisions Relating to IETF Documents 17 | (http://trustee.ietf.org/license-info). 18 | . 19 | This version of this YANG module is part of RFC 6536; see 20 | the RFC itself for full legal notices. 21 | 22 | License: BSD-3-clause 23 | Redistribution and use in source and binary forms, with or without 24 | modification, are permitted provided that the following conditions are met: 25 | . 26 | * Redistributions of source code must retain the above copyright notice, this 27 | list of conditions and the following disclaimer. 28 | . 29 | * Redistributions in binary form must reproduce the above copyright notice, 30 | this list of conditions and the following disclaimer in the documentation 31 | and/or other materials provided with the distribution. 32 | . 33 | * Neither the name of libyang nor the names of its 34 | contributors may be used to endorse or promote products derived from 35 | this software without specific prior written permission. 36 | . 37 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 38 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 39 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 40 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 41 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 42 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 43 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 44 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 45 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 46 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 47 | -------------------------------------------------------------------------------- /distro/pkg/deb/gbp.conf: -------------------------------------------------------------------------------- 1 | [DEFAULT] 2 | pristine-tar = False 3 | debian-branch = master 4 | upstream-tree = SLOPPY 5 | -------------------------------------------------------------------------------- /distro/pkg/deb/libnetconf2-dev.install: -------------------------------------------------------------------------------- 1 | usr/lib/*/libnetconf2.so 2 | usr/lib/*/pkgconfig/libnetconf2.pc 3 | usr/include/libnetconf2/* 4 | usr/include/nc_client.h 5 | usr/include/nc_server.h 6 | usr/include/nc_version.h 7 | -------------------------------------------------------------------------------- /distro/pkg/deb/libnetconf4.install: -------------------------------------------------------------------------------- 1 | usr/lib/*/libnetconf2.so.* 2 | usr/share/yang/modules/libnetconf2 3 | -------------------------------------------------------------------------------- /distro/pkg/deb/rules: -------------------------------------------------------------------------------- 1 | #!/usr/bin/make -f 2 | #export DH_VERBOSE=1 3 | export DEB_BUILD_MAINT_OPTIONS = hardening=+all 4 | 5 | include /usr/share/dpkg/default.mk 6 | 7 | %: 8 | dh $@ 9 | 10 | override_dh_auto_configure: 11 | dh_auto_configure -- \ 12 | -DCMAKE_BUILD_TYPE:String="Release" 13 | -------------------------------------------------------------------------------- /distro/pkg/deb/source/format: -------------------------------------------------------------------------------- 1 | 3.0 (quilt) 2 | -------------------------------------------------------------------------------- /distro/pkg/deb/watch: -------------------------------------------------------------------------------- 1 | version=4 2 | opts="filenamemangle=s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%libnetconf2-$1.tar.gz%" \ 3 | https://github.com/CESNET/libnetconf2/releases \ 4 | (?:.*?/)?v?(\d[\d.]*)(?:-r\d+)?\.tar\.gz debian uupdate 5 | -------------------------------------------------------------------------------- /distro/pkg/rpm/libnetconf2.spec: -------------------------------------------------------------------------------- 1 | Name: libnetconf2 2 | Version: {{ version }} 3 | Release: {{ release }}%{?dist} 4 | Summary: NETCONF protocol library 5 | Url: https://github.com/CESNET/libnetconf2 6 | Source: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz 7 | License: BSD 8 | 9 | BuildRequires: cmake 10 | BuildRequires: gcc 11 | BuildRequires: libssh-devel 12 | BuildRequires: openssl-devel 13 | BuildRequires: pam-devel 14 | BuildRequires: pkgconfig(libyang) >= 2 15 | BuildRequires: libcurl-devel 16 | 17 | %package devel 18 | Summary: Headers of libnetconf2 library 19 | Conflicts: libnetconf-devel 20 | Requires: %{name}%{?_isa} = %{version}-%{release} 21 | Requires: pkgconfig 22 | 23 | %description devel 24 | Headers of libnetconf library. 25 | 26 | %description 27 | libnetconf2 is a NETCONF library in C intended for building NETCONF clients and 28 | servers. NETCONF is the NETwork CONFiguration protocol introduced by IETF. 29 | 30 | 31 | %prep 32 | %autosetup -p1 33 | 34 | %build 35 | %cmake -DCMAKE_BUILD_TYPE=RELWITHDEBINFO -DENABLE_TESTS=OFF 36 | %cmake_build 37 | 38 | %install 39 | %cmake_install 40 | 41 | 42 | %files 43 | %license LICENSE 44 | %doc README.md FAQ.md 45 | %{_libdir}/libnetconf2.so.* 46 | %{_datadir}/yang/modules/libnetconf2/*.yang 47 | %dir %{_datadir}/yang/modules/libnetconf2/ 48 | 49 | %files devel 50 | %doc CODINGSTYLE.md 51 | %{_libdir}/libnetconf2.so 52 | %{_libdir}/pkgconfig/libnetconf2.pc 53 | %{_includedir}/*.h 54 | %{_includedir}/libnetconf2/*.h 55 | %dir %{_includedir}/libnetconf2/ 56 | 57 | 58 | %changelog 59 | * {{ now }} Jakub Ružička - {{ version }}-{{ release }} 60 | - upstream package 61 | -------------------------------------------------------------------------------- /distro/scripts/make-archive.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # create archive from current source using git 3 | 4 | VERSION=$(git log --oneline -n1 --grep="^VERSION" | rev | cut -d' ' -f1 | rev) 5 | 6 | NAMEVER=libnetconf2-$VERSION 7 | ARCHIVE=$NAMEVER.tar.gz 8 | 9 | git archive --format tgz --output $ARCHIVE --prefix $NAMEVER/ HEAD 10 | mkdir -p pkg/archives/dev/ 11 | mv $ARCHIVE pkg/archives/dev/ 12 | 13 | # apkg expects stdout to list archive files 14 | echo pkg/archives/dev/$ARCHIVE 15 | -------------------------------------------------------------------------------- /distro/scripts/upstream-version.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # get latest upstream libnetconf2 version from github 3 | 4 | RLS_URL=https://api.github.com/repos/CESNET/libnetconf2/releases 5 | VERSION=$(curl -s $RLS_URL | grep tag_name | cut -d '"' -f 4 | sort --version-sort | tail -n 1) 6 | VERSION=${VERSION#v} 7 | echo $VERSION 8 | -------------------------------------------------------------------------------- /distro/tests/control: -------------------------------------------------------------------------------- 1 | Tests: test-pkg-config.sh 2 | -------------------------------------------------------------------------------- /distro/tests/test-pkg-config.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -ex 3 | 4 | version=`pkg-config --modversion libnetconf2` 5 | echo "$version" | grep '2\.[0-9.]\+' 6 | -------------------------------------------------------------------------------- /doc/cesnet-style.css: -------------------------------------------------------------------------------- 1 | /* CESNET blue: #0068a2 */ 2 | 3 | body { 4 | background-color: #fff; 5 | } 6 | 7 | div.header { 8 | background-image: none; 9 | background-color: #fff; 10 | } 11 | 12 | div.contents { 13 | background-color: #fff; 14 | padding: 1.618em 3.236em; 15 | max-width: 60em; 16 | margin: auto; 17 | margin-left: 0; 18 | text-align: justify; 19 | } 20 | 21 | .sm-dox { 22 | background-image: none; 23 | background-color: #0068a2; 24 | border-bottom: 1px solid white; 25 | } 26 | 27 | .sm-dox a { 28 | background-image: none; 29 | border-right: 1px solid white; 30 | color: white; 31 | text-shadow: none; 32 | } 33 | 34 | .sm-dox a:hover { 35 | background-image: none; 36 | background-color: rgba(0,0,0,0.3); 37 | } 38 | 39 | .sm-dox ul a:hover { 40 | background-image: none; 41 | background-color: #ddd; 42 | text-shadow: none; 43 | color: #555; 44 | } 45 | 46 | .navpath ul { 47 | background-image: none; 48 | background-color: #0068a2; 49 | } 50 | 51 | .navpath li.footer { 52 | color: white; 53 | } 54 | img.footer { 55 | height: 20px; 56 | } 57 | 58 | .navpath li.navelem a { 59 | color: white; 60 | text-shadow: none; 61 | } 62 | 63 | #side-nav { 64 | background-color: #343131; 65 | } 66 | 67 | #nav-tree::-webkit-scrollbar { 68 | width: 5px; 69 | } 70 | 71 | #nav-tree::-webkit-scrollbar-track { 72 | background: #333; 73 | border-radius: 50px; 74 | } 75 | 76 | #nav-tree::-webkit-scrollbar-thumb { 77 | background: #ccc; 78 | border-radius: 50px; 79 | } 80 | 81 | #nav-tree { 82 | background: none; 83 | } 84 | 85 | #nav-tree .item { 86 | padding-top: 10px; 87 | padding-bottom: 10px; 88 | } 89 | 90 | #nav-tree .item:hover { 91 | background-color: rgba(255,255,255,0.2); 92 | } 93 | 94 | #nav-tree a { 95 | color: #fff; 96 | font-size: 1.2em; 97 | } 98 | 99 | #nav-tree .selected { 100 | background-image: none; 101 | background-color: #0068a2; 102 | } 103 | 104 | #nav-tree-contents { 105 | margin: 0; 106 | } 107 | -------------------------------------------------------------------------------- /examples/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | if(NOT LIBNETCONF2_VERSION) 2 | message(FATAL_ERROR "Please use the root CMakeLists file instead.") 3 | endif() 4 | 5 | # correct RPATH usage on OS X 6 | set(CMAKE_MACOSX_RPATH TRUE) 7 | 8 | # include all the library headers 9 | include_directories(BEFORE "${CMAKE_SOURCE_DIR}/src") 10 | 11 | # generate example header 12 | include_directories(BEFORE ${CMAKE_CURRENT_BINARY_DIR}) 13 | configure_file(example.h.in example.h) 14 | 15 | # list of all the examples 16 | set(examples server client) 17 | 18 | foreach(app_name IN LISTS examples) 19 | add_executable(${app_name} ${app_name}.c) 20 | target_link_libraries(${app_name} netconf2) 21 | endforeach(app_name) 22 | -------------------------------------------------------------------------------- /examples/admin_key: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW 3 | QyNTUxOQAAACDq+Oq6bYOgbFoTtSTKJrod3LgmJnrjuiXzlD7P2Dt+cAAAAJC1rL1gtay9 4 | YAAAAAtzc2gtZWQyNTUxOQAAACDq+Oq6bYOgbFoTtSTKJrod3LgmJnrjuiXzlD7P2Dt+cA 5 | AAAEAQm84SEphEUZEbuCRmXrMcYyv70wNEVziE/SbBC6+trOr46rptg6BsWhO1JMomuh3c 6 | uCYmeuO6JfOUPs/YO35wAAAADXJvbWFuQHBjdmFza28= 7 | -----END OPENSSH PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /examples/admin_key.pub: -------------------------------------------------------------------------------- 1 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOr46rptg6BsWhO1JMomuh3cuCYmeuO6JfOUPs/YO35w test@libnetconf2 2 | -------------------------------------------------------------------------------- /examples/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "ietf-netconf-server:netconf-server": { 3 | "listen": { 4 | "idle-timeout": 10, 5 | "endpoints": { 6 | "endpoint": [ 7 | { 8 | "name": "ssh-password-auth-endpt", 9 | "ssh": { 10 | "tcp-server-parameters": { 11 | "local-address": "127.0.0.1", 12 | "local-port": 10000 13 | }, 14 | "ssh-server-parameters": { 15 | "server-identity": { 16 | "host-key": [ 17 | { 18 | "name": "key", 19 | "public-key": { 20 | "inline-definition": { 21 | "public-key-format": "ietf-crypto-types:ssh-public-key-format", 22 | "public-key": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDRIB2eNSRWU+HNWRUGKr76ghCLg8RaMlUCps9lBjnc6ggaJl2Q+TOLn8se2wAdK3lYBMz3dcqR+SlU7eB8wJAc=", 23 | "private-key-format": "ietf-crypto-types:ec-private-key-format", 24 | "cleartext-private-key": "MHcCAQEEICQ2fr9Jt2xluom0YQQ7HseE8YTo5reZRVcQENKUWOrooAoGCCqGSM49AwEHoUQDQgAENEgHZ41JFZT4c1ZFQYqvvqCEIuDxFoyVQKmz2UGOdzqCBomXZD5M4ufyx7bAB0reVgEzPd1ypH5KVTt4HzAkBw==" 25 | } 26 | } 27 | } 28 | ] 29 | }, 30 | "client-authentication": { 31 | "users": { 32 | "user": [ 33 | { 34 | "name": "admin", 35 | "password": "$0$admin" 36 | } 37 | ] 38 | } 39 | } 40 | } 41 | } 42 | }, 43 | { 44 | "name": "ssh-pubkey-auth-endpt", 45 | "ssh": { 46 | "tcp-server-parameters": { 47 | "local-address": "127.0.0.1", 48 | "local-port": 10001 49 | }, 50 | "ssh-server-parameters": { 51 | "server-identity": { 52 | "host-key": [ 53 | { 54 | "name": "key", 55 | "public-key": { 56 | "inline-definition": { 57 | "public-key-format": "ietf-crypto-types:ssh-public-key-format", 58 | "public-key": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDRIB2eNSRWU+HNWRUGKr76ghCLg8RaMlUCps9lBjnc6ggaJl2Q+TOLn8se2wAdK3lYBMz3dcqR+SlU7eB8wJAc=", 59 | "private-key-format": "ietf-crypto-types:ec-private-key-format", 60 | "cleartext-private-key": "MHcCAQEEICQ2fr9Jt2xluom0YQQ7HseE8YTo5reZRVcQENKUWOrooAoGCCqGSM49AwEHoUQDQgAENEgHZ41JFZT4c1ZFQYqvvqCEIuDxFoyVQKmz2UGOdzqCBomXZD5M4ufyx7bAB0reVgEzPd1ypH5KVTt4HzAkBw==" 61 | } 62 | } 63 | } 64 | ] 65 | }, 66 | "client-authentication": { 67 | "users": { 68 | "user": [ 69 | { 70 | "name": "admin", 71 | "public-keys": { 72 | "inline-definition": { 73 | "public-key": [ 74 | { 75 | "name": "admin_key.pub", 76 | "public-key-format": "ietf-crypto-types:ssh-public-key-format", 77 | "public-key": "AAAAC3NzaC1lZDI1NTE5AAAAIOr46rptg6BsWhO1JMomuh3cuCYmeuO6JfOUPs/YO35w" 78 | } 79 | ] 80 | } 81 | } 82 | } 83 | ] 84 | } 85 | } 86 | } 87 | } 88 | } 89 | ] 90 | } 91 | } 92 | } 93 | } 94 | -------------------------------------------------------------------------------- /examples/example.h.in: -------------------------------------------------------------------------------- 1 | /** 2 | * @file example.h 3 | * @author Roman Janota 4 | * @brief libnetconf2 example header 5 | * 6 | * @copyright 7 | * Copyright (c) 2022 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #ifndef _EXAMPLE_H_ 17 | #define _EXAMPLE_H_ 18 | 19 | #include 20 | 21 | /* directory with library YANG modules */ 22 | #define MODULES_DIR "@CMAKE_SOURCE_DIR@/modules" 23 | 24 | /* directory with examples source code and this header */ 25 | #define EXAMPLES_DIR "@CMAKE_SOURCE_DIR@/examples" 26 | 27 | /* SSH listening IP address */ 28 | #define SSH_ADDRESS "127.0.0.1" 29 | 30 | /* SSH 'password' authentication exptected username and password */ 31 | #define SSH_USERNAME "admin" 32 | 33 | /* time in microseconds to sleep for if there are no new RPCs and no new sessions */ 34 | #define BACKOFF_TIMEOUT_USECS 100 35 | 36 | #define ERR_MSG_CLEANUP(msg) \ 37 | rc = 1; \ 38 | fprintf(stderr, "%s", msg); \ 39 | goto cleanup 40 | 41 | #endif 42 | -------------------------------------------------------------------------------- /libnetconf2.pc.in: -------------------------------------------------------------------------------- 1 | prefix=@CMAKE_INSTALL_PREFIX@ 2 | includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@ 3 | libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@ 4 | 5 | Name: @PROJECT_NAME@ 6 | Description: @LIBNETCONF2_DESCRIPTION@ 7 | Version: @LIBNETCONF2_VERSION@ 8 | Libs: -L${libdir} -lnetconf2 9 | Cflags: -I${includedir} 10 | 11 | LN2_MAX_THREAD_COUNT=@MAX_PSPOLL_THREAD_COUNT@ 12 | LN2_SCHEMAS_DIR=@YANG_MODULE_DIR@ 13 | -------------------------------------------------------------------------------- /modules/iana-crypt-hash@2014-04-04.yang: -------------------------------------------------------------------------------- 1 | module iana-crypt-hash { 2 | namespace "urn:ietf:params:xml:ns:yang:iana-crypt-hash"; 3 | prefix ianach; 4 | 5 | organization "IANA"; 6 | contact 7 | " Internet Assigned Numbers Authority 8 | 9 | Postal: ICANN 10 | 4676 Admiralty Way, Suite 330 11 | Marina del Rey, CA 90292 12 | 13 | Tel: +1 310 823 9358 14 | E-Mail: iana&iana.org"; 15 | description 16 | "This YANG module defines a typedef for storing passwords 17 | using a hash function, and features to indicate which hash 18 | functions are supported by an implementation. 19 | 20 | The latest revision of this YANG module can be obtained from 21 | the IANA web site. 22 | 23 | Requests for new values should be made to IANA via 24 | email (iana&iana.org). 25 | 26 | Copyright (c) 2014 IETF Trust and the persons identified as 27 | authors of the code. All rights reserved. 28 | 29 | Redistribution and use in source and binary forms, with or 30 | without modification, is permitted pursuant to, and subject 31 | to the license terms contained in, the Simplified BSD License 32 | set forth in Section 4.c of the IETF Trust's Legal Provisions 33 | Relating to IETF Documents 34 | (http://trustee.ietf.org/license-info). 35 | 36 | The initial version of this YANG module is part of RFC XXXX; 37 | see the RFC itself for full legal notices."; 38 | // RFC Ed.: replace XXXX with actual RFC number and remove this 39 | // note. 40 | 41 | // RFC Ed.: update the date below with the date of RFC publication 42 | // and remove this note. 43 | revision 2014-04-04 { 44 | description 45 | "Initial revision."; 46 | reference 47 | "RFC XXXX: A YANG Data Model for System Management"; 48 | } 49 | 50 | typedef crypt-hash { 51 | type string { 52 | pattern 53 | '$0$.*' 54 | + '|$1$[a-zA-Z0-9./]{1,8}$[a-zA-Z0-9./]{22}' 55 | + '|$5$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{43}' 56 | + '|$6$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{86}'; 57 | } 58 | description 59 | "The crypt-hash type is used to store passwords using 60 | a hash function. The algorithms for applying the hash 61 | function and encoding the result are implemented in 62 | various UNIX systems as the function crypt(3). 63 | 64 | A value of this type matches one of the forms: 65 | 66 | $0$ 67 | $$$ 68 | $$$$ 69 | 70 | The '$0$' prefix signals that the value is clear text. When 71 | such a value is received by the server, a hash value is 72 | calculated, and the string '$$$' or 73 | $$$$ is prepended to the result. This 74 | value is stored in the configuration data store. 75 | 76 | If a value starting with '$$', where is not '0', is 77 | received, the server knows that the value already represents a 78 | hashed value, and stores it as is in the data store. 79 | 80 | When a server needs to verify a password given by a user, it 81 | finds the stored password hash string for that user, extracts 82 | the salt, and calculates the hash with the salt and given 83 | password as input. If the calculated hash value is the same 84 | as the stored value, the password given by the client is 85 | accepted. 86 | 87 | This type defines the following hash functions: 88 | 89 | id | hash function | feature 90 | ---+---------------+------------------- 91 | 1 | MD5 | crypt-hash-md5 92 | 5 | SHA-256 | crypt-hash-sha-256 93 | 6 | SHA-512 | crypt-hash-sha-512 94 | 95 | The server indicates support for the different hash functions 96 | by advertising the corresponding feature."; 97 | reference 98 | "IEEE Std 1003.1-2008 - crypt() function 99 | RFC 1321: The MD5 Message-Digest Algorithm 100 | FIPS.180-3.2008: Secure Hash Standard"; 101 | } 102 | 103 | feature crypt-hash-md5 { 104 | description 105 | "Indicates that the device supports the MD5 106 | hash function in 'crypt-hash' values"; 107 | reference "RFC 1321: The MD5 Message-Digest Algorithm"; 108 | } 109 | 110 | feature crypt-hash-sha-256 { 111 | description 112 | "Indicates that the device supports the SHA-256 113 | hash function in 'crypt-hash' values"; 114 | reference "FIPS.180-3.2008: Secure Hash Standard"; 115 | } 116 | 117 | feature crypt-hash-sha-512 { 118 | description 119 | "Indicates that the device supports the SHA-512 120 | hash function in 'crypt-hash' values"; 121 | reference "FIPS.180-3.2008: Secure Hash Standard"; 122 | } 123 | 124 | } 125 | -------------------------------------------------------------------------------- /modules/iana-ssh-mac-algs@2022-06-16.yang: -------------------------------------------------------------------------------- 1 | module iana-ssh-mac-algs { 2 | yang-version 1.1; 3 | namespace "urn:ietf:params:xml:ns:yang:iana-ssh-mac-algs"; 4 | prefix sshma; 5 | 6 | organization 7 | "Internet Assigned Numbers Authority (IANA)"; 8 | 9 | contact 10 | "Postal: ICANN 11 | 12025 Waterfront Drive, Suite 300 12 | Los Angeles, CA 90094-2536 13 | United States of America 14 | Tel: +1 310 301 5800 15 | Email: iana@iana.org"; 16 | 17 | description 18 | "This module defines identities for the MAC algorithms 19 | defined in the 'MAC Algorithm Names' sub-registry of the 20 | 'Secure Shell (SSH) Protocol Parameters' registry maintained 21 | by IANA. 22 | 23 | Copyright (c) 2022 IETF Trust and the persons identified as 24 | authors of the code. All rights reserved. 25 | 26 | Redistribution and use in source and binary forms, with 27 | or without modification, is permitted pursuant to, and 28 | subject to the license terms contained in, the Revised 29 | BSD License set forth in Section 4.c of the IETF Trust's 30 | Legal Provisions Relating to IETF Documents 31 | (https://trustee.ietf.org/license-info). 32 | 33 | The initial version of this YANG module is part of RFC EEEE 34 | (https://www.rfc-editor.org/info/rfcEEEE); see the RFC 35 | itself for full legal notices."; 36 | 37 | revision 2022-06-16 { 38 | description 39 | "Reflects contents of the MAC algorithms registry on 40 | June 16, 2022."; 41 | reference 42 | "RFC EEEE: YANG Groupings for SSH Clients and SSH Servers"; 43 | } 44 | 45 | // Typedefs 46 | 47 | typedef mac-algorithm-ref { 48 | type identityref { 49 | base "mac-alg-base"; 50 | } 51 | description 52 | "A reference to a SSH mac algorithm identifier."; 53 | } 54 | 55 | // Identities 56 | 57 | identity mac-alg-base { 58 | description 59 | "Base identity used to identify message authentication 60 | code (MAC) algorithms."; 61 | } 62 | 63 | identity hmac-sha1 { 64 | base mac-alg-base; 65 | description 66 | "HMAC-SHA1"; 67 | reference 68 | "RFC 4253: 69 | The Secure Shell (SSH) Transport Layer Protocol"; 70 | } 71 | 72 | identity hmac-sha1-96 { 73 | base mac-alg-base; 74 | description 75 | "HMAC-SHA1-96"; 76 | reference 77 | "RFC 4253: 78 | The Secure Shell (SSH) Transport Layer Protocol"; 79 | } 80 | 81 | identity hmac-md5 { 82 | base mac-alg-base; 83 | description 84 | "HMAC-MD5"; 85 | reference 86 | "RFC 4253: 87 | The Secure Shell (SSH) Transport Layer Protocol"; 88 | } 89 | 90 | identity hmac-md5-96 { 91 | base mac-alg-base; 92 | description 93 | "HMAC-MD5-96"; 94 | reference 95 | "RFC 4253: 96 | The Secure Shell (SSH) Transport Layer Protocol"; 97 | } 98 | 99 | identity none { 100 | base mac-alg-base; 101 | description 102 | "NONE"; 103 | reference 104 | "RFC 4253: 105 | The Secure Shell (SSH) Transport Layer Protocol"; 106 | } 107 | 108 | identity aead-aes-128-gcm { 109 | base mac-alg-base; 110 | description 111 | "AEAD_AES_128_GCM"; 112 | reference 113 | "RFC 5647: 114 | AES Galois Counter Mode for the 115 | Secure Shell Transport Layer Protocol"; 116 | } 117 | 118 | identity aead-aes-256-gcm { 119 | base mac-alg-base; 120 | description 121 | "AEAD_AES_256_GCM"; 122 | reference 123 | "RFC 5647: 124 | AES Galois Counter Mode for the 125 | Secure Shell Transport Layer Protocol"; 126 | } 127 | 128 | identity hmac-sha2-256 { 129 | base mac-alg-base; 130 | description 131 | "HMAC-SHA2-256"; 132 | reference 133 | "RFC 6668: 134 | SHA-2 Data Integrity Verification for the 135 | Secure Shell (SSH) Transport Layer Protocol"; 136 | } 137 | 138 | identity hmac-sha2-512 { 139 | base mac-alg-base; 140 | description 141 | "HMAC-SHA2-512"; 142 | reference 143 | "RFC 6668: 144 | SHA-2 Data Integrity Verification for the 145 | Secure Shell (SSH) Transport Layer Protocol"; 146 | } 147 | 148 | // Protocol-accessible Nodes 149 | 150 | container supported-algorithms { 151 | config false; 152 | description 153 | "A container for a list of MAC algorithms 154 | supported by the server."; 155 | leaf-list supported-algorithm { 156 | type mac-algorithm-ref; 157 | description 158 | "A MAC algorithm supported by the server."; 159 | } 160 | } 161 | 162 | } 163 | -------------------------------------------------------------------------------- /modules/ietf-tcp-common@2023-12-28.yang: -------------------------------------------------------------------------------- 1 | module ietf-tcp-common { 2 | yang-version 1.1; 3 | namespace "urn:ietf:params:xml:ns:yang:ietf-tcp-common"; 4 | prefix tcpcmn; 5 | 6 | organization 7 | "IETF NETCONF (Network Configuration) Working Group and the 8 | IETF TCP Maintenance and Minor Extensions (TCPM) Working Group"; 9 | 10 | contact 11 | "WG Web: https://datatracker.ietf.org/wg/netconf 12 | https://datatracker.ietf.org/wg/tcpm 13 | WG List: NETCONF WG list 14 | TCPM WG list 15 | Authors: Kent Watsen 16 | Michael Scharf 17 | "; 18 | 19 | description 20 | "This module define a reusable 'grouping' that is common 21 | to both TCP-clients and TCP-servers. This grouping statement 22 | is used by both the 'ietf-tcp-client' and 'ietf-tcp-server' 23 | modules. 24 | 25 | Copyright (c) 2023 IETF Trust and the persons identified 26 | as authors of the code. All rights reserved. 27 | 28 | Redistribution and use in source and binary forms, with 29 | or without modification, is permitted pursuant to, and 30 | subject to the license terms contained in, the Revised 31 | BSD License set forth in Section 4.c of the IETF Trust's 32 | Legal Provisions Relating to IETF Documents 33 | (https://trustee.ietf.org/license-info). 34 | 35 | This version of this YANG module is part of RFC DDDD 36 | (https://www.rfc-editor.org/info/rfcDDDD); see the RFC 37 | itself for full legal notices. 38 | 39 | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 40 | 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 41 | 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document 42 | are to be interpreted as described in BCP 14 (RFC 2119) 43 | (RFC 8174) when, and only when, they appear in all 44 | capitals, as shown here."; 45 | 46 | revision 2023-12-28 { 47 | description 48 | "Initial version"; 49 | reference 50 | "RFC DDDD: YANG Groupings for TCP Clients and TCP Servers"; 51 | } 52 | 53 | // Features 54 | 55 | feature keepalives-supported { 56 | description 57 | "Indicates that keepalives are supported."; 58 | } 59 | 60 | // Groupings 61 | 62 | grouping tcp-common-grouping { 63 | description 64 | "A reusable grouping for configuring TCP parameters common 65 | to TCP connections as well as the operating system as a 66 | whole."; 67 | container keepalives { 68 | if-feature "keepalives-supported"; 69 | description 70 | "Configures the keep-alive policy, to proactively test the 71 | aliveness of the TCP peer. An unresponsive TCP peer is 72 | dropped after approximately (idle-time + max-probes * 73 | probe-interval) seconds. Further guidance can be found 74 | in Section 2.1.5 of RFC DDDD."; 75 | reference 76 | "RFC 9293: 77 | Transmission Control Protocol (TCP), Section 3.8.4.."; 78 | leaf idle-time { 79 | type uint16 { 80 | range "1..max"; 81 | } 82 | units "seconds"; 83 | default 7200; 84 | description 85 | "Sets the amount of time after which if no data has been 86 | received from the TCP peer, a TCP-level probe message 87 | will be sent to test the aliveness of the TCP peer. 88 | Two hours (7200 seconds) is safe value, per RFC 1122."; 89 | reference 90 | "RFC 1122: 91 | Requirements for Internet Hosts -- Communication Layers"; 92 | } 93 | leaf max-probes { 94 | type uint16 { 95 | range "1..max"; 96 | } 97 | default 9; 98 | description 99 | "Sets the maximum number of sequential keep-alive probes 100 | that can fail to obtain a response from the TCP peer 101 | before assuming the TCP peer is no longer alive."; 102 | } 103 | leaf probe-interval { 104 | type uint16 { 105 | range "1..max"; 106 | } 107 | units "seconds"; 108 | default 75; 109 | description 110 | "Sets the time interval between failed probes. The interval 111 | SHOULD be significantly longer than one second in order to 112 | avoid harm on a congested link."; 113 | } 114 | } // container keepalives 115 | } // grouping tcp-common-grouping 116 | 117 | } 118 | -------------------------------------------------------------------------------- /modules/ietf-tcp-server@2023-12-28.yang: -------------------------------------------------------------------------------- 1 | module ietf-tcp-server { 2 | yang-version 1.1; 3 | namespace "urn:ietf:params:xml:ns:yang:ietf-tcp-server"; 4 | prefix tcps; 5 | 6 | import ietf-inet-types { 7 | prefix inet; 8 | reference 9 | "RFC 6991: Common YANG Data Types"; 10 | } 11 | 12 | import ietf-tcp-common { 13 | prefix tcpcmn; 14 | reference 15 | "RFC DDDD: YANG Groupings for TCP Clients and TCP Servers"; 16 | } 17 | 18 | organization 19 | "IETF NETCONF (Network Configuration) Working Group and the 20 | IETF TCP Maintenance and Minor Extensions (TCPM) Working Group"; 21 | 22 | contact 23 | "WG Web: https://datatracker.ietf.org/wg/netconf 24 | https://datatracker.ietf.org/wg/tcpm 25 | WG List: NETCONF WG list 26 | TCPM WG list 27 | Authors: Kent Watsen 28 | Michael Scharf 29 | "; 30 | 31 | description 32 | "This module defines reusable groupings for TCP servers that 33 | can be used as a basis for specific TCP server instances. 34 | 35 | Copyright (c) 2023 IETF Trust and the persons identified 36 | as authors of the code. All rights reserved. 37 | 38 | Redistribution and use in source and binary forms, with 39 | or without modification, is permitted pursuant to, and 40 | subject to the license terms contained in, the Revised 41 | BSD License set forth in Section 4.c of the IETF Trust's 42 | Legal Provisions Relating to IETF Documents 43 | (https://trustee.ietf.org/license-info). 44 | 45 | This version of this YANG module is part of RFC DDDD 46 | (https://www.rfc-editor.org/info/rfcDDDD); see the RFC 47 | itself for full legal notices. 48 | 49 | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 50 | 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 51 | 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document 52 | are to be interpreted as described in BCP 14 (RFC 2119) 53 | (RFC 8174) when, and only when, they appear in all 54 | capitals, as shown here."; 55 | 56 | revision 2023-12-28 { 57 | description 58 | "Initial version"; 59 | reference 60 | "RFC DDDD: YANG Groupings for TCP Clients and TCP Servers"; 61 | } 62 | 63 | // Features 64 | 65 | feature tcp-server-keepalives { 66 | description 67 | "Per socket TCP keepalive parameters are configurable for 68 | TCP servers on the server implementing this feature."; 69 | reference 70 | "RFC 9293: Transmission Control Protocol (TCP)"; 71 | } 72 | 73 | // Groupings 74 | 75 | grouping tcp-server-grouping { 76 | description 77 | "A reusable grouping for configuring a TCP server. 78 | 79 | Note that this grouping uses fairly typical descendant 80 | node names such that a stack of 'uses' statements will 81 | have name conflicts. It is intended that the consuming 82 | data model will resolve the issue (e.g., by wrapping 83 | the 'uses' statement in a container called 84 | 'tcp-server-parameters'). This model purposely does 85 | not do this itself so as to provide maximum flexibility 86 | to consuming models."; 87 | leaf local-address { 88 | type inet:ip-address; 89 | mandatory true; 90 | description 91 | "The local IP address to listen on for incoming 92 | TCP client connections. INADDR_ANY (0.0.0.0) or 93 | INADDR6_ANY (0:0:0:0:0:0:0:0 a.k.a. ::) MUST be 94 | used when the server is to listen on all IPv4 or 95 | IPv6 addresses, respectively."; 96 | } 97 | leaf local-port { 98 | type inet:port-number; 99 | default "0"; 100 | description 101 | "The local port number to listen on for incoming TCP 102 | client connections. An invalid default value (0) 103 | is used (instead of 'mandatory true') so that an 104 | application level data model may 'refine' it with 105 | an application specific default port number value."; 106 | } 107 | uses tcpcmn:tcp-common-grouping { 108 | refine "keepalives" { 109 | if-feature "tcp-server-keepalives"; 110 | description 111 | "Add an if-feature statement so that implementations 112 | can choose to support TCP server keepalives."; 113 | } 114 | } 115 | } 116 | } 117 | -------------------------------------------------------------------------------- /nc_client.h.in: -------------------------------------------------------------------------------- 1 | /** 2 | * @file nc_client.h 3 | * @author Radek Krejci 4 | * @brief libnetconf2's main public header for NETCONF clients. 5 | * 6 | * @copyright 7 | * Copyright (c) 2015 - 2021 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #ifndef NC_CLIENT_H_ 17 | #define NC_CLIENT_H_ 18 | 19 | #ifdef __cplusplus 20 | extern "C" { 21 | #endif 22 | 23 | @SSH_TLS_MACRO@ 24 | 25 | #include 26 | #include 27 | #include 28 | #include 29 | #include 30 | 31 | #ifdef __cplusplus 32 | } 33 | #endif 34 | 35 | #endif /* NC_CLIENT_H_ */ 36 | -------------------------------------------------------------------------------- /nc_server.h.in: -------------------------------------------------------------------------------- 1 | /** 2 | * @file nc_server.h 3 | * @author Radek Krejci 4 | * @brief libnetconf2's main public header for NETCONF servers. 5 | * 6 | * @copyright 7 | * Copyright (c) 2015 - 2021 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #ifndef NC_SERVER_H_ 17 | #define NC_SERVER_H_ 18 | 19 | #ifdef __cplusplus 20 | extern "C" { 21 | #endif 22 | 23 | @SSH_TLS_MACRO@ 24 | 25 | #include 26 | #include 27 | #include 28 | #include 29 | #include 30 | #include 31 | 32 | #ifdef __cplusplus 33 | } 34 | #endif 35 | 36 | #endif /* NC_SERVER_H_ */ 37 | -------------------------------------------------------------------------------- /nc_version.h.in: -------------------------------------------------------------------------------- 1 | /** 2 | * @file nc_version.h 3 | * @author Michal Vasko 4 | * @brief libnetconf2 version information 5 | * 6 | * @copyright 7 | * Copyright (c) 2021 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #ifndef NC_VERSION_H_ 17 | #define NC_VERSION_H_ 18 | 19 | #ifdef __cplusplus 20 | extern "C" { 21 | #endif 22 | 23 | #define NC_VERSION_MAJOR @LIBNETCONF2_MAJOR_SOVERSION@ /**< libnetconf2 major version number */ 24 | #define NC_VERSION_MINOR @LIBNETCONF2_MINOR_SOVERSION@ /**< libnetconf2 minor version number */ 25 | #define NC_VERSION_MICRO @LIBNETCONF2_MICRO_SOVERSION@ /**< libnetconf2 micro version number */ 26 | #define NC_VERSION "@LIBNETCONF2_SOVERSION_FULL@" /**< libnetconf2 version string */ 27 | 28 | #ifdef __cplusplus 29 | } 30 | #endif 31 | 32 | #endif /* NC_VERSION_H_ */ 33 | -------------------------------------------------------------------------------- /src/config.h.in: -------------------------------------------------------------------------------- 1 | /** 2 | * @file config.h 3 | * @author Radek Krejci 4 | * @author Michal Vasko 5 | * @brief libnetconf2 various configuration settings. 6 | * 7 | * @copyright 8 | * Copyright (c) 2015 - 2024 CESNET, z.s.p.o. 9 | * 10 | * This source code is licensed under BSD 3-Clause License (the "License"). 11 | * You may not use this file except in compliance with the License. 12 | * You may obtain a copy of the License at 13 | * 14 | * https://opensource.org/licenses/BSD-3-Clause 15 | */ 16 | 17 | #ifndef NC_CONFIG_H_ 18 | #define NC_CONFIG_H_ 19 | 20 | /* 21 | * Mark all objects as hidden and export only objects explicitly marked to be part of the public API or 22 | * those marked as mock objects for testing purpose 23 | */ 24 | #define API __attribute__((visibility("default"))) 25 | #define MOCK __attribute__((visibility("default"))) 26 | 27 | /* 28 | * Support for getpeereid 29 | */ 30 | #cmakedefine HAVE_GETPEEREID 31 | 32 | /* 33 | * Support for shadow file manipulation 34 | */ 35 | #cmakedefine HAVE_SHADOW 36 | 37 | /* 38 | * Support for terminal in/out 39 | */ 40 | #cmakedefine HAVE_TERMIOS 41 | 42 | /* 43 | * Support for keyboard-interactive SSH authentication method 44 | */ 45 | #cmakedefine HAVE_LIBPAM 46 | 47 | /* 48 | * Use MbedTLS as TLS back-end 49 | */ 50 | #cmakedefine HAVE_MBEDTLS 51 | 52 | /* 53 | * Location of installed YANG modules on the system 54 | */ 55 | #define NC_SERVER_SEARCH_DIR "@YANG_MODULE_DIR@" 56 | 57 | /* 58 | * Location of installed YANG modules on the system 59 | */ 60 | #define NC_CLIENT_SEARCH_DIR "@CLIENT_SEARCH_DIR@" 61 | 62 | /* 63 | * Inactive read timeout 64 | */ 65 | #define NC_READ_INACT_TIMEOUT @READ_INACTIVE_TIMEOUT@ 66 | 67 | /* 68 | * Active read timeout in seconds 69 | * (also used for internal RPC reply timeout) 70 | */ 71 | #define NC_READ_ACT_TIMEOUT @READ_ACTIVE_TIMEOUT@ 72 | 73 | /* 74 | * pspoll structure queue size (also found in nc_server.h) 75 | */ 76 | #define NC_PS_QUEUE_SIZE @MAX_PSPOLL_THREAD_COUNT@ 77 | 78 | /* Microseconds after which tasks are repeated until the full timeout elapses. 79 | * A millisecond (1000) should be divisible by this number without remain. 80 | */ 81 | #define NC_TIMEOUT_STEP @TIMEOUT_STEP@ 82 | 83 | /* Portability feature-check macros. */ 84 | #cmakedefine HAVE_PTHREAD_RWLOCKATTR_SETKIND_NP 85 | 86 | #endif /* NC_CONFIG_H_ */ 87 | -------------------------------------------------------------------------------- /src/log.c: -------------------------------------------------------------------------------- 1 | /** 2 | * @file log.c 3 | * @author Radek Krejci 4 | * @author Michal Vasko 5 | * @brief libnetconf2 - log functions 6 | * 7 | * @copyright 8 | * Copyright (c) 2015 - 2024 CESNET, z.s.p.o. 9 | * 10 | * This source code is licensed under BSD 3-Clause License (the "License"). 11 | * You may not use this file except in compliance with the License. 12 | * You may obtain a copy of the License at 13 | * 14 | * https://opensource.org/licenses/BSD-3-Clause 15 | */ 16 | 17 | #define _GNU_SOURCE /* pthread_rwlock_t */ 18 | 19 | #include "log_p.h" 20 | 21 | #include 22 | #include 23 | #include 24 | 25 | #include 26 | 27 | #ifdef NC_ENABLED_SSH_TLS 28 | #include 29 | #endif /* NC_ENABLED_SSH_TLS */ 30 | 31 | #include "compat.h" 32 | #include "config.h" 33 | #include "log.h" 34 | #include "session_p.h" 35 | 36 | #define NC_MSG_SIZE 256 37 | 38 | /** 39 | * @brief libnetconf verbose level variable 40 | */ 41 | ATOMIC_T verbose_level = 0; 42 | 43 | void (*print_clb)(const struct nc_session *session, NC_VERB_LEVEL level, const char *msg); 44 | 45 | API void 46 | nc_verbosity(NC_VERB_LEVEL level) 47 | { 48 | ATOMIC_STORE_RELAXED(verbose_level, level); 49 | ly_log_level((LY_LOG_LEVEL)level); 50 | } 51 | 52 | struct { 53 | NC_VERB_LEVEL level; 54 | const char *label; 55 | } verb[] = { 56 | {NC_VERB_ERROR, "[ERR]"}, 57 | {NC_VERB_WARNING, "[WRN]"}, 58 | {NC_VERB_VERBOSE, "[INF]"}, 59 | {NC_VERB_DEBUG, "[DBG]"}, 60 | {NC_VERB_DEBUG_LOWLVL, "[DBL]"} 61 | }; 62 | 63 | #ifdef NC_ENABLED_SSH_TLS 64 | 65 | static void 66 | nc_libssh_log_cb(int priority, const char *UNUSED(function), const char *buffer, void *UNUSED(userdata)) 67 | { 68 | static char last_msg[NC_MSG_SIZE] = {0}; 69 | static struct timespec last_print = {0}, cur_time; 70 | 71 | /* check for repeated messages and do not print them */ 72 | if (!strncmp(last_msg, buffer, NC_MSG_SIZE - 1)) { 73 | nc_realtime_get(&cur_time); 74 | if (last_print.tv_sec && (nc_time_diff(&cur_time, &last_print) < 1000)) { 75 | /* print another repeated message only after 1s */ 76 | return; 77 | } 78 | 79 | last_print = cur_time; 80 | } else { 81 | /* store the last message */ 82 | strncpy(last_msg, buffer, NC_MSG_SIZE - 1); 83 | memset(&last_print, 0, sizeof last_print); 84 | } 85 | 86 | /* print the message */ 87 | nc_log_printf(NULL, priority, "SSH: %s", buffer); 88 | } 89 | 90 | API void 91 | nc_libssh_thread_verbosity(int level) 92 | { 93 | ssh_set_log_callback(nc_libssh_log_cb); 94 | ssh_set_log_level(level); 95 | } 96 | 97 | #endif /* NC_ENABLED_SSH_TLS */ 98 | 99 | void 100 | nc_log_vprintf(const struct nc_session *session, NC_VERB_LEVEL level, const char *format, va_list args) 101 | { 102 | va_list args2; 103 | char *msg; 104 | void *mem; 105 | int req_len; 106 | 107 | msg = malloc(NC_MSG_SIZE); 108 | if (!msg) { 109 | return; 110 | } 111 | 112 | va_copy(args2, args); 113 | 114 | req_len = vsnprintf(msg, NC_MSG_SIZE - 1, format, args); 115 | if (req_len == -1) { 116 | goto cleanup; 117 | } else if (req_len >= NC_MSG_SIZE - 1) { 118 | /* the length is not enough */ 119 | ++req_len; 120 | mem = realloc(msg, req_len); 121 | if (!mem) { 122 | goto cleanup; 123 | } 124 | msg = mem; 125 | 126 | /* now print the full message */ 127 | req_len = vsnprintf(msg, req_len, format, args2); 128 | if (req_len == -1) { 129 | goto cleanup; 130 | } 131 | } 132 | 133 | if (print_clb) { 134 | print_clb(session, level, msg); 135 | } else if (session && session->id) { 136 | fprintf(stderr, "Session %" PRIu32 " %s: %s\n", session->id, verb[level].label, msg); 137 | } else { 138 | fprintf(stderr, "%s: %s\n", verb[level].label, msg); 139 | } 140 | 141 | cleanup: 142 | free(msg); 143 | va_end(args2); 144 | } 145 | 146 | void 147 | nc_log_printf(const struct nc_session *session, NC_VERB_LEVEL level, const char *format, ...) 148 | { 149 | va_list ap; 150 | 151 | va_start(ap, format); 152 | nc_log_vprintf(session, level, format, ap); 153 | va_end(ap); 154 | } 155 | 156 | API void 157 | nc_set_print_clb_session(void (*clb)(const struct nc_session *, NC_VERB_LEVEL, const char *)) 158 | { 159 | print_clb = clb; 160 | } 161 | -------------------------------------------------------------------------------- /src/log.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file log.h 3 | * @author Radek Krejci 4 | * @brief libnetconf2 logger 5 | * 6 | * @copyright 7 | * Copyright (c) 2015 - 2021 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #ifndef NC_LOG_H_ 17 | #define NC_LOG_H_ 18 | 19 | struct nc_session; 20 | 21 | #ifdef __cplusplus 22 | extern "C" { 23 | #endif 24 | 25 | /** 26 | * @addtogroup misc 27 | * @{ 28 | */ 29 | 30 | /** 31 | * @brief Verbosity levels. 32 | */ 33 | typedef enum NC_VERB_LEVEL { 34 | NC_VERB_ERROR = 0, /**< Print only error messages. */ 35 | NC_VERB_WARNING = 1, /**< Print error and warning messages. */ 36 | NC_VERB_VERBOSE = 2, /**< Besides errors and warnings, print some other verbose messages. */ 37 | NC_VERB_DEBUG = 3, /**< Print almost all messages including some development debug messages. */ 38 | NC_VERB_DEBUG_LOWLVL = 4 /**< Print all messages including low level debug messages. */ 39 | } NC_VERB_LEVEL; 40 | 41 | /** 42 | * @brief Set libnetconf's verbosity level. 43 | * 44 | * This level is set for libnetconf2 and alo libyang that is used internally. libyang 45 | * verbose level can be set explicitly, but must be done so after calling this function. 46 | * However, if debug verbosity is used, selecting displayed libyang debug message groups 47 | * must be done explicitly. 48 | * 49 | * @param[in] level Enabled verbosity level (includes all the levels with higher priority). 50 | */ 51 | void nc_verbosity(NC_VERB_LEVEL level); 52 | 53 | #ifdef NC_ENABLED_SSH_TLS 54 | 55 | /** 56 | * @brief Set libssh verbosity level. 57 | * 58 | * libssh verbosity is set separately because it defines more verbose levels than libnetconf2. 59 | * Also, you need to set this for every thread unlike libnetconf verbosity. 60 | * 61 | * Values: 62 | * - 0 - no logging, 63 | * - 1 - rare conditions or warnings, 64 | * - 2 - API-accessible entrypoints, 65 | * - 3 - packet id and size, 66 | * - 4 - functions entering and leaving. 67 | * 68 | * @param[in] level libssh verbosity level. 69 | */ 70 | void nc_libssh_thread_verbosity(int level); 71 | 72 | #endif /* NC_ENABLED_SSH_TLS */ 73 | 74 | /** 75 | * @brief Set libnetconf print callback. 76 | * 77 | * The callback is not set per-session, it is a global resource. It might be called with 78 | * a NULL session parameter. 79 | * 80 | * @param[in] clb Callback that is called for every message. 81 | */ 82 | void nc_set_print_clb_session(void (*clb)(const struct nc_session *, NC_VERB_LEVEL, const char *)); 83 | 84 | /** @} */ 85 | 86 | #ifdef __cplusplus 87 | } 88 | #endif 89 | 90 | #endif /* NC_LOG_H_ */ 91 | -------------------------------------------------------------------------------- /src/log_p.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file log_p.h 3 | * @author Radek Krejci 4 | * @author Michal Vasko 5 | * @brief libnetconf2 logger 6 | * 7 | * @copyright 8 | * Copyright (c) 2015 - 2024 CESNET, z.s.p.o. 9 | * 10 | * This source code is licensed under BSD 3-Clause License (the "License"). 11 | * You may not use this file except in compliance with the License. 12 | * You may obtain a copy of the License at 13 | * 14 | * https://opensource.org/licenses/BSD-3-Clause 15 | */ 16 | 17 | #ifndef NC_LOG_PRIVATE_H_ 18 | #define NC_LOG_PRIVATE_H_ 19 | 20 | #include 21 | 22 | #include "compat.h" 23 | #include "log.h" 24 | 25 | /* 26 | * libnetconf's message printing 27 | */ 28 | 29 | /** 30 | * @brief Internal printing function 31 | * 32 | * @param[in] session Optional NETCONF session that generated the message 33 | * @param[in] level Verbose level 34 | * @param[in] format Formatting string 35 | */ 36 | void nc_log_printf(const struct nc_session *session, NC_VERB_LEVEL level, const char *format, ...); 37 | 38 | /** 39 | * @brief Internal printing function with va_list 40 | * 41 | * @param[in] session Optional NETCONF session that generated the message 42 | * @param[in] level Verbose level 43 | * @param[in] format Formatting string 44 | * @param[in] args va_list with arguments 45 | */ 46 | void nc_log_vprintf(const struct nc_session *session, NC_VERB_LEVEL level, const char *format, va_list args); 47 | 48 | /** 49 | * @brief Verbose level variable 50 | */ 51 | extern ATOMIC_T verbose_level; 52 | 53 | /* 54 | * Verbose printing macros 55 | */ 56 | #define ERR(session, ...) nc_log_printf(session, NC_VERB_ERROR, __VA_ARGS__) 57 | #define WRN(session, ...) if(ATOMIC_LOAD_RELAXED(verbose_level)>=NC_VERB_WARNING){nc_log_printf(session, NC_VERB_WARNING, __VA_ARGS__);} 58 | #define VRB(session, ...) if(ATOMIC_LOAD_RELAXED(verbose_level)>=NC_VERB_VERBOSE){nc_log_printf(session, NC_VERB_VERBOSE, __VA_ARGS__);} 59 | #define DBG(session, ...) if(ATOMIC_LOAD_RELAXED(verbose_level)>=NC_VERB_DEBUG){nc_log_printf(session, NC_VERB_DEBUG, __VA_ARGS__);} 60 | #define DBL(session, ...) if(ATOMIC_LOAD_RELAXED(verbose_level)>=NC_VERB_DEBUG_LOWLVL){nc_log_printf(session, NC_VERB_DEBUG_LOWLVL, __VA_ARGS__);} 61 | 62 | #define ERRMEM ERR(NULL, "%s: memory reallocation failed (%s:%d).", __func__, __FILE__, __LINE__) 63 | #define ERRINITSRV ERR(NULL, "%s: server not initialized.", __func__) 64 | #define ERRINT ERR(NULL, "%s: internal error (%s:%d).", __func__, __FILE__, __LINE__) 65 | #define ERRARG(session, ARG) ERR(session, "Invalid argument %s (%s()).", #ARG, __func__) 66 | 67 | #define NC_CHECK_SRV_INIT_RET(RET) if (!ATOMIC_LOAD_RELAXED(server_opts.new_session_id)) {ERRINITSRV; return (RET);} 68 | #define NC_CHECK_ERRMEM_RET(COND, RET) if ((COND)) {ERRMEM; return (RET);} 69 | #define NC_CHECK_ERRMEM_GOTO(COND, RET, GOTO) if ((COND)) {ERRMEM; RET; goto GOTO;} 70 | 71 | #define GETMACRO1(_1, NAME, ...) NAME 72 | #define GETMACRO2(_1, _2, NAME, ...) NAME 73 | #define GETMACRO3(_1, _2, _3, NAME, ...) NAME 74 | #define GETMACRO4(_1, _2, _3, _4, NAME, ...) NAME 75 | #define GETMACRO5(_1, _2, _3, _4, _5, NAME, ...) NAME 76 | #define GETMACRO6(_1, _2, _3, _4, _5, _6, NAME, ...) NAME 77 | #define GETMACRO7(_1, _2, _3, _4, _5, _6, _7, NAME, ...) NAME 78 | #define GETMACRO8(_1, _2, _3, _4, _5, _6, _7, _8, NAME, ...) NAME 79 | 80 | #define NC_CHECK_ARG_RET1(session, ARG, RETVAL) if (!(ARG)) {ERRARG(session, ARG);return RETVAL;} 81 | #define NC_CHECK_ARG_RET2(session, ARG1, ARG2, RETVAL)\ 82 | NC_CHECK_ARG_RET1(session, ARG1, RETVAL);\ 83 | NC_CHECK_ARG_RET1(session, ARG2, RETVAL) 84 | #define NC_CHECK_ARG_RET3(session, ARG1, ARG2, ARG3, RETVAL)\ 85 | NC_CHECK_ARG_RET2(session, ARG1, ARG2, RETVAL);\ 86 | NC_CHECK_ARG_RET1(session, ARG3, RETVAL) 87 | #define NC_CHECK_ARG_RET4(session, ARG1, ARG2, ARG3, ARG4, RETVAL)\ 88 | NC_CHECK_ARG_RET3(session, ARG1, ARG2, ARG3, RETVAL);\ 89 | NC_CHECK_ARG_RET1(session, ARG4, RETVAL) 90 | #define NC_CHECK_ARG_RET5(session, ARG1, ARG2, ARG3, ARG4, ARG5, RETVAL)\ 91 | NC_CHECK_ARG_RET4(session, ARG1, ARG2, ARG3, ARG4, RETVAL);\ 92 | NC_CHECK_ARG_RET1(session, ARG5, RETVAL) 93 | #define NC_CHECK_ARG_RET6(session, ARG1, ARG2, ARG3, ARG4, ARG5, ARG6, RETVAL)\ 94 | NC_CHECK_ARG_RET5(session, ARG1, ARG2, ARG3, ARG4, ARG5, RETVAL);\ 95 | NC_CHECK_ARG_RET1(session, ARG6, RETVAL) 96 | #define NC_CHECK_ARG_RET7(session, ARG1, ARG2, ARG3, ARG4, ARG5, ARG6, ARG7, RETVAL)\ 97 | NC_CHECK_ARG_RET6(session, ARG1, ARG2, ARG3, ARG4, ARG5, ARG6, RETVAL);\ 98 | NC_CHECK_ARG_RET1(session, ARG7, RETVAL) 99 | 100 | /** 101 | * @brief Function's parameters checking macro 102 | * 103 | * @param session Session that is logged. 104 | * @param ... Parameters of the function to check. The last parameter is the value that is returned on error. 105 | */ 106 | #define NC_CHECK_ARG_RET(session, ...) GETMACRO8(__VA_ARGS__, NC_CHECK_ARG_RET7, NC_CHECK_ARG_RET6, NC_CHECK_ARG_RET5,\ 107 | NC_CHECK_ARG_RET4, NC_CHECK_ARG_RET3, NC_CHECK_ARG_RET2, NC_CHECK_ARG_RET1, DUMMY) (session, __VA_ARGS__) 108 | 109 | #endif /* NC_LOG_PRIVATE_H_ */ 110 | -------------------------------------------------------------------------------- /src/netconf.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file netconf.h 3 | * @author Radek Krejci 4 | * @author Michal Vasko 5 | * @brief libnetconf2's general public functions and structures definitions. 6 | * 7 | * @copyright 8 | * Copyright (c) 2015 - 2025 CESNET, z.s.p.o. 9 | * 10 | * This source code is licensed under BSD 3-Clause License (the "License"). 11 | * You may not use this file except in compliance with the License. 12 | * You may obtain a copy of the License at 13 | * 14 | * https://opensource.org/licenses/BSD-3-Clause 15 | */ 16 | 17 | #ifndef NC_NETCONF_H_ 18 | #define NC_NETCONF_H_ 19 | 20 | #ifdef __cplusplus 21 | extern "C" { 22 | #endif 23 | 24 | /** 25 | * @addtogroup misc 26 | * @{ 27 | */ 28 | 29 | /** @brief Base NETCONF namespace */ 30 | #define NC_NS_BASE "urn:ietf:params:xml:ns:netconf:base:1.0" 31 | /** @brief Notifications namespace */ 32 | #define NC_NS_NOTIF "urn:ietf:params:xml:ns:netconf:notification:1.0" 33 | 34 | /** @brief Default NETCONF over SSH port */ 35 | #define NC_PORT_SSH 830 36 | /** @brief Default NETCONF over SSH Call Home port */ 37 | #define NC_PORT_CH_SSH 4334 38 | 39 | /** @brief Default NETCONF over TLS port */ 40 | #define NC_PORT_TLS 6513 41 | /** @brief Default NETCONF over TLS Call Home port */ 42 | #define NC_PORT_CH_TLS 4335 43 | 44 | /** 45 | * @brief Set RPC callback to a schema node. 46 | * 47 | * @param[in] node const struct lysc_node *node 48 | * @param[in] cb nc_rpc_clb cb 49 | */ 50 | #define nc_set_rpc_callback(node, cb) (node->priv = cb) 51 | 52 | /** 53 | * @brief Enumeration of reasons of the NETCONF session termination as defined in RFC 6470. 54 | */ 55 | typedef enum { 56 | NC_SESSION_TERM_ERR = -1, /**< error return code for function getting the session termination reason */ 57 | NC_SESSION_TERM_NONE = 0, /**< session still running */ 58 | NC_SESSION_TERM_CLOSED, /**< closed by client in a normal fashion */ 59 | NC_SESSION_TERM_KILLED, /**< session was terminated by \ operation */ 60 | NC_SESSION_TERM_DROPPED, /**< transport layer connection was unexpectedly closed */ 61 | NC_SESSION_TERM_TIMEOUT, /**< terminated because of inactivity */ 62 | NC_SESSION_TERM_BADHELLO, /**< \ message was invalid */ 63 | NC_SESSION_TERM_OTHER /**< terminated for some other reason */ 64 | } NC_SESSION_TERM_REASON; 65 | 66 | /** 67 | * @brief Enumeration of NETCONF message types. 68 | */ 69 | typedef enum { 70 | NC_MSG_ERROR, /**< error return value */ 71 | NC_MSG_WOULDBLOCK, /**< timeout return value */ 72 | NC_MSG_NONE, /**< no message at input or message was processed internally */ 73 | NC_MSG_HELLO, /**< \ message */ 74 | NC_MSG_BAD_HELLO, /**< \ message parsing failed */ 75 | NC_MSG_RPC, /**< \ message */ 76 | NC_MSG_REPLY, /**< \ message */ 77 | NC_MSG_REPLY_ERR_MSGID, /**< \ message with missing or wrong message-id attribute value */ 78 | NC_MSG_NOTIF /**< \ message */ 79 | } NC_MSG_TYPE; 80 | 81 | /** 82 | * @brief Messages of NETCONF message type enum. 83 | */ 84 | extern const char *nc_msgtype2str[]; 85 | 86 | /** 87 | * @brief Enumeration of the supported types of datastores defined by NETCONF 88 | */ 89 | typedef enum { 90 | NC_DATASTORE_ERROR = 0, /**< error state of functions returning the datastore type */ 91 | NC_DATASTORE_CONFIG, /**< value describing that the datastore is set as config */ 92 | NC_DATASTORE_URL, /**< value describing that the datastore data should be given from the URL */ 93 | NC_DATASTORE_RUNNING, /**< base NETCONF's datastore containing the current device configuration */ 94 | NC_DATASTORE_STARTUP, /**< separated startup datastore as defined in Distinct Startup Capability */ 95 | NC_DATASTORE_CANDIDATE /**< separated working datastore as defined in Candidate Configuration Capability */ 96 | } NC_DATASTORE; 97 | 98 | /** 99 | * @brief Enumeration of NETCONF with-defaults capability modes. 100 | */ 101 | typedef enum { 102 | NC_WD_UNKNOWN = 0, /**< invalid mode */ 103 | NC_WD_ALL, /**< report-all mode */ 104 | NC_WD_ALL_TAG, /**< report-all-tagged mode */ 105 | NC_WD_TRIM, /**< trim mode */ 106 | NC_WD_EXPLICIT /**< explicit mode */ 107 | } NC_WD_MODE; 108 | 109 | /** 110 | * @brief Enumeration of NETCONF (both server and client) rpc-reply types. 111 | */ 112 | typedef enum { 113 | NC_RPL_OK, /**< OK rpc-reply */ 114 | NC_RPL_DATA, /**< DATA rpc-reply */ 115 | NC_RPL_ERROR, /**< ERROR rpc-reply */ 116 | NC_RPL_NOTIF /**< notification (client-only) */ 117 | } NC_RPL; 118 | 119 | /** 120 | * @brief Enumeration of function parameter treatments. 121 | */ 122 | typedef enum { 123 | NC_PARAMTYPE_CONST, /**< use the parameter directly, do not free */ 124 | NC_PARAMTYPE_FREE, /**< use the parameter directly, free afterwards */ 125 | NC_PARAMTYPE_DUP_AND_FREE /**< make a copy of the argument, free afterwards */ 126 | } NC_PARAMTYPE; 127 | 128 | /** @} Miscellaneous */ 129 | 130 | #ifdef __cplusplus 131 | } 132 | #endif 133 | 134 | #endif /* NC_NETCONF_H_ */ 135 | -------------------------------------------------------------------------------- /src/session_server_ch.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file session_server_ch.h 3 | * @author Michal Vasko 4 | * @brief libnetconf2 Call Home session server manipulation 5 | * 6 | * @copyright 7 | * Copyright (c) 2015 - 2021 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #ifndef NC_SESSION_SERVER_CH_H_ 17 | #define NC_SESSION_SERVER_CH_H_ 18 | 19 | #ifdef __cplusplus 20 | extern "C" { 21 | #endif 22 | 23 | #include 24 | #include 25 | #include 26 | 27 | #include "netconf.h" 28 | #include "session.h" 29 | 30 | #ifdef NC_ENABLED_SSH_TLS 31 | 32 | /** 33 | * @defgroup server_ch Server-side Call Home 34 | * @ingroup server 35 | * 36 | * @brief Call Home functionality for server-side applications. 37 | * @{ 38 | */ 39 | 40 | /** @} Server-side Call Home */ 41 | 42 | /** 43 | * @defgroup server_ch_functions Server-side Call Home Functions 44 | * @ingroup server_ch 45 | * 46 | * @brief Server-side Call Home functions. 47 | * @{ 48 | */ 49 | 50 | /** 51 | * @brief Check if a Call Home client exists. 52 | * 53 | * @param[in] name Client name. 54 | * @return 0 if does not exists, non-zero otherwise. 55 | */ 56 | int nc_server_ch_is_client(const char *name); 57 | 58 | /** 59 | * @brief Check if an endpoint of a Call Home client exists. 60 | * 61 | * @param[in] client_name Client name. 62 | * @param[in] endpt_name Endpoint name. 63 | * @return 0 if does not exists, non-zero otherwise. 64 | */ 65 | int nc_server_ch_client_is_endpt(const char *client_name, const char *endpt_name); 66 | 67 | /** 68 | * @brief Callback for getting a locked context for new Call Home sessions. 69 | * 70 | * @param[in] cb_data Arbitrary ctx callback data. 71 | * @return Context for the session to use during its lifetime; 72 | * @return NULL on error and session fails to be created. 73 | */ 74 | typedef const struct ly_ctx *(*nc_server_ch_session_acquire_ctx_cb)(void *cb_data); 75 | 76 | /** 77 | * @brief Callback for releasing a locked context for Call Home sessions. 78 | * 79 | * @param[in] cb_data Arbitrary ctx callback data. 80 | */ 81 | typedef void (*nc_server_ch_session_release_ctx_cb)(void *cb_data); 82 | 83 | /** 84 | * @brief Callback for new Call Home sessions. 85 | * 86 | * @param[in] client_name Name of the CH client which established the session. 87 | * @param[in] new_session New established CH session, the pointer is internally discarded afterwards. 88 | * @param[in] user_data Arbitrary new session callback data. 89 | * @return 0 on success; 90 | * @return non-zero on error and @p new_session is freed. 91 | */ 92 | typedef int (*nc_server_ch_new_session_cb)(const char *client_name, struct nc_session *new_session, void *user_data); 93 | 94 | /** 95 | * @brief Dispatch a thread connecting to a listening NETCONF client and creating Call Home sessions. 96 | * 97 | * @param[in] client_name Existing client name. 98 | * @param[in] acquire_ctx_cb Callback for acquiring new session context. 99 | * @param[in] release_ctx_cb Callback for releasing session context. 100 | * @param[in] ctx_cb_data Arbitrary user data passed to @p acquire_ctx_cb and @p release_ctx_cb. 101 | * @param[in] new_session_cb Callback called for every established session on the client. 102 | * @param[in] new_session_cb_data Arbitrary user data passed to @p new_session_cb. 103 | * @return 0 if the thread was successfully created, -1 on error. 104 | */ 105 | int nc_connect_ch_client_dispatch(const char *client_name, nc_server_ch_session_acquire_ctx_cb acquire_ctx_cb, 106 | nc_server_ch_session_release_ctx_cb release_ctx_cb, void *ctx_cb_data, nc_server_ch_new_session_cb new_session_cb, 107 | void *new_session_cb_data); 108 | 109 | /** 110 | * @brief Set callbacks and their data for Call Home threads. 111 | * 112 | * If set, Call Home threads will be dispatched automatically upon creation of new Call Home clients. 113 | * 114 | * @param[in] acquire_ctx_cb Callback for acquiring new session context. 115 | * @param[in] release_ctx_cb Callback for releasing session context. 116 | * @param[in] ctx_cb_data Arbitrary user data passed to @p acquire_ctx_cb and @p release_ctx_cb. 117 | * @param[in] new_session_cb Callback called for every established Call Home session. 118 | * @param[in] new_session_cb_data Arbitrary user data passed to @p new_session_cb. 119 | */ 120 | void nc_server_ch_set_dispatch_data(nc_server_ch_session_acquire_ctx_cb acquire_ctx_cb, 121 | nc_server_ch_session_release_ctx_cb release_ctx_cb, void *ctx_cb_data, nc_server_ch_new_session_cb new_session_cb, 122 | void *new_session_cb_data); 123 | 124 | /** @} Server-side Call Home Functions */ 125 | 126 | #endif /* NC_ENABLED_SSH_TLS */ 127 | 128 | #ifdef __cplusplus 129 | } 130 | #endif 131 | 132 | #endif /* NC_SESSION_SERVER_CH_H_ */ 133 | -------------------------------------------------------------------------------- /tests/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # headers test for including compat.h 2 | add_test(NAME headers 3 | COMMAND ${CMAKE_SOURCE_DIR}/compat/check_includes.sh ${CMAKE_SOURCE_DIR}/src/) 4 | 5 | # format 6 | if(${SOURCE_FORMAT_ENABLED}) 7 | add_test(NAME format WORKING_DIRECTORY ${CMAKE_BINARY_DIR} COMMAND cmake --build ${CMAKE_BINARY_DIR} --target format-check) 8 | endif() 9 | 10 | foreach(src IN LISTS libsrc) 11 | list(APPEND test_srcs "../${src}") 12 | endforeach() 13 | add_library(testobj OBJECT ${test_srcs} ${compatsrc}) 14 | 15 | set(TEST_SRC "ln2_test.c") 16 | set(NEXT_TEST_PORT 10050) 17 | 18 | macro(get_test_ports PORT_COUNT PORT_DEFINITIONS) 19 | if (NOT ${PORT_COUNT}) 20 | set(${PORT_COUNT} 1) 21 | endif() 22 | 23 | SET(PORT_INDEX 0) 24 | while(PORT_INDEX LESS ${${PORT_COUNT}}) 25 | list(APPEND ${PORT_DEFINITIONS} "TEST_PORT_${PORT_INDEX}=${NEXT_TEST_PORT}") 26 | math(EXPR PORT_INDEX "${PORT_INDEX} + 1") 27 | math(EXPR NEXT_TEST_PORT "${NEXT_TEST_PORT} + 1") 28 | endwhile() 29 | set(NEXT_TEST_PORT ${NEXT_TEST_PORT} PARENT_SCOPE) 30 | endmacro() 31 | 32 | function(libnetconf2_test) 33 | cmake_parse_arguments(TEST "" "NAME;PORT_COUNT" "WRAP_FUNCS" ${ARGN}) 34 | 35 | add_executable(${TEST_NAME} $ ${TEST_SRC} ${TEST_NAME}.c) 36 | target_link_libraries(${TEST_NAME} ${CMOCKA_LIBRARIES} ${LIBYANG_LIBRARIES} netconf2) 37 | target_include_directories(${TEST_NAME} PRIVATE ${CMOCKA_INCLUDE_DIR}) 38 | 39 | # wrap functions 40 | if(TEST_WRAP_FUNCS) 41 | set(wrap_link_flags "-Wl") 42 | foreach(mock_func IN LISTS TEST_WRAP_FUNCS) 43 | set(wrap_link_flags "${wrap_link_flags},--wrap=${mock_func}") 44 | endforeach() 45 | set_target_properties(${TEST_NAME} PROPERTIES LINK_FLAGS "${wrap_link_flags}") 46 | endif() 47 | 48 | # create a test, generate port numbers and set them as env vars for the test 49 | add_test(NAME ${TEST_NAME} COMMAND $) 50 | get_test_ports(TEST_PORT_COUNT TEST_PORT_DEFINITIONS) 51 | set_tests_properties(${TEST_NAME} PROPERTIES ENVIRONMENT "${TEST_PORT_DEFINITIONS}") 52 | 53 | # do the same for valgrind tests 54 | if(ENABLE_VALGRIND_TESTS) 55 | add_test(${TEST_NAME}_valgrind valgrind --leak-check=full --show-leak-kinds=all --error-exitcode=1 56 | --suppressions=${PROJECT_SOURCE_DIR}/tests/library_valgrind.supp ${CMAKE_BINARY_DIR}/tests/${TEST_NAME}) 57 | get_test_ports(TEST_PORT_COUNT VALGRIND_TEST_PORT_DEFINITIONS) 58 | set_tests_properties(${TEST_NAME}_valgrind PROPERTIES ENVIRONMENT "${VALGRIND_TEST_PORT_DEFINITIONS}") 59 | endif() 60 | endfunction() 61 | 62 | # all the tests that don't require SSH and TLS 63 | libnetconf2_test(NAME test_client_messages) 64 | libnetconf2_test(NAME test_client_thread) 65 | libnetconf2_test(NAME test_fd_comm) 66 | libnetconf2_test(NAME test_io) 67 | libnetconf2_test(NAME test_thread_messages) 68 | libnetconf2_test(NAME test_unix_socket) 69 | 70 | # tests depending on SSH/TLS 71 | if(ENABLE_SSH_TLS) 72 | libnetconf2_test(NAME test_auth_ssh) 73 | libnetconf2_test(NAME test_authkeys) 74 | libnetconf2_test(NAME test_cert_exp_notif) 75 | libnetconf2_test(NAME test_ch PORT_COUNT 2) 76 | libnetconf2_test(NAME test_client_monitoring) 77 | libnetconf2_test(NAME test_endpt_share_clients PORT_COUNT 4) 78 | libnetconf2_test(NAME test_ks_ts) 79 | if (LIBPAM_HAVE_CONFDIR) 80 | libnetconf2_test(NAME test_pam WRAP_FUNCS pam_start) 81 | endif() 82 | libnetconf2_test(NAME test_replace) 83 | libnetconf2_test(NAME test_runtime_changes PORT_COUNT 2) 84 | libnetconf2_test(NAME test_tls) 85 | libnetconf2_test(NAME test_two_channels) 86 | endif() 87 | 88 | include_directories(${CMAKE_SOURCE_DIR}/src ${PROJECT_BINARY_DIR}) 89 | configure_file("${PROJECT_SOURCE_DIR}/tests/config.h.in" "${PROJECT_BINARY_DIR}/tests/config.h" ESCAPE_QUOTES @ONLY) 90 | 91 | # compile PAM test module 92 | add_library(pam_netconf SHARED ${CMAKE_SOURCE_DIR}/tests/pam/pam_netconf.c) 93 | set_target_properties(pam_netconf PROPERTIES PREFIX "") 94 | target_link_libraries(pam_netconf ${LIBPAM_LIBRARIES}) 95 | 96 | # generate PAM configuration file 97 | file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/netconf.conf 98 | "#%PAM-1.4\n" 99 | "auth required ${CMAKE_CURRENT_BINARY_DIR}/pam_netconf.so\n" 100 | "account required ${CMAKE_CURRENT_BINARY_DIR}/pam_netconf.so\n" 101 | "password required ${CMAKE_CURRENT_BINARY_DIR}/pam_netconf.so\n" 102 | ) 103 | -------------------------------------------------------------------------------- /tests/config.h.in: -------------------------------------------------------------------------------- 1 | /** 2 | * @file config.h 3 | * @author Radek Krejci 4 | * @brief cmocka tests configuration header. 5 | * 6 | * Copyright (c) 2015 CESNET, z.s.p.o. 7 | * 8 | * This source code is licensed under BSD 3-Clause License (the "License"). 9 | * You may not use this file except in compliance with the License. 10 | * You may obtain a copy of the License at 11 | * 12 | * https://opensource.org/licenses/BSD-3-Clause 13 | */ 14 | 15 | #ifdef __GNUC__ 16 | # define UNUSED(x) UNUSED_ ## x __attribute__((__unused__)) 17 | #else 18 | # define UNUSED(x) UNUSED_ ## x 19 | #endif 20 | 21 | #define TESTS_DIR "@CMAKE_SOURCE_DIR@/tests" 22 | #define MODULES_DIR "@CMAKE_SOURCE_DIR@/modules" 23 | #define BUILD_DIR "@CMAKE_BINARY_DIR@" 24 | 25 | #cmakedefine HAVE_MBEDTLS 26 | 27 | @SSH_MACRO@ 28 | @TLS_MACRO@ 29 | 30 | 31 | /* nc_server.h local includes (not to use the installed ones) */ 32 | #include "netconf.h" 33 | #include "log.h" 34 | #include "messages_server.h" 35 | #include "server_config.h" 36 | #include "session_server.h" 37 | #include "session_server_ch.h" 38 | 39 | /* nc_client.h local includes (not to use the installed ones) */ 40 | #include "messages_client.h" 41 | #include "session_client.h" 42 | #include "session_client_ch.h" 43 | -------------------------------------------------------------------------------- /tests/data/042686bb.0: -------------------------------------------------------------------------------- 1 | serverca.pem -------------------------------------------------------------------------------- /tests/data/0b527f1f.0: -------------------------------------------------------------------------------- 1 | ec_serverca.pem -------------------------------------------------------------------------------- /tests/data/5412ca73.0: -------------------------------------------------------------------------------- 1 | server.crt -------------------------------------------------------------------------------- /tests/data/62436b04.0: -------------------------------------------------------------------------------- 1 | client.crt -------------------------------------------------------------------------------- /tests/data/authorized_keys: -------------------------------------------------------------------------------- 1 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOr46rptg6BsWhO1JMomuh3cuCYmeuO6JfOUPs/YO35w test@libnetconf2 2 | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIY62KY++anyNuwrmQu2jQdyB9pYZMGEGyf5zl15jRJC7OGPq+TGqRgwFOoBylYtuPrFWGlM+zktqUMn19+5qPo= test@libnetconf2 -------------------------------------------------------------------------------- /tests/data/client.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIEQDCCAygCCQCV65JgDvfWkDANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJD 3 | WjETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UEBwwEQnJubzEPMA0GA1UECgwG 4 | Q0VTTkVUMQwwCgYDVQQLDANUTUMxETAPBgNVBAMMCHNlcnZlcmNhMB4XDTE4MTEw 5 | NTA3MzAzOVoXDTI4MTEwMjA3MzAzOVowYTELMAkGA1UEBhMCQ1oxEzARBgNVBAgM 6 | ClNvbWUtU3RhdGUxDTALBgNVBAcMBEJybm8xDzANBgNVBAoMBkNFU05FVDEMMAoG 7 | A1UECwwDVE1DMQ8wDQYDVQQDDAZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4IC 8 | DwAwggIKAoICAQC+kqPqDL9GbWmqVQhp4qla4vYo4kFuh2HG48b7RLp/4l/guik4 9 | Hvq2aDVFD9sBcs3FeQbjoLH1Q4doUr8jG6VwJsfovE5SD3T8dVLs2dtpW0OyXTcc 10 | b0I9lOVDMz6f6IUBe/m5vk8XNbdUII0NJ8y1dQ51VH3e784Bzu7PSdaMaFac4fkw 11 | 8kJA9LxkWkv2FDFC7IBcVjRgtb/15EwODH849O6+VPEgX5gdozNj5bL45rKDBvvx 12 | 0KjD7dFBGAIHbSjmjp7HHadfYKqvtQnMb83fRcK6wohxNP3vy13wBTtSOlvOg16G 13 | b+2ZB0Or7wgOw19ZvEIcNgswPwhHfZQNcYMNVLCu02BSzwdY00IEqNM0J5B/W//K 14 | JF3uFF/ZqP7D2wO7w8j5UL2lpuxF7YrGecNT1Kr7ggHdkzcLlekkNu7wNWKAZlJ6 15 | +Kbun8PqZbamGXLG2Ur1aZDkyKyD9nyMzsRneAlxO+HbQhLojimUbsMm+wgL89zc 16 | hLYkL/DSmsJlryA4qhvzHaaONBw4DV5UhSbLDpZtXVfrn+MAm8hLpqf+gUCThsFN 17 | 8kDp9h9Tg9v01ai9jGb941HkFtGYUWHS5drSz3ZLnSI6i1/wKdbs9ns9YqDMqq2c 18 | 305v5h7taMN0b40KuGSIME4K4cOsdfCprFYGZQgKjaadQwrsm4k1Jl7kMwIDAQAB 19 | MA0GCSqGSIb3DQEBCwUAA4IBAQAtwH2u1o16jkABlqEGDIvAJSMwBmZzNTNHgOXt 20 | WDlkzWGsj+L1wc/DNjDRBkE31h4h7ASthhqi1nzzHYQ1hhPVhUUqI532AS/V7EPs 21 | Bg3f+BI8gxqQ31TUBEQ4Ll6FtW36nqpJOe6Uui2rH2FonuUg2Av5BvDRil42Tu7f 22 | YW4WpSU3e00HiGJ0J0t+QjoKRnnoLJJqlmzk8Y4aIlQim7Azvrlo1WEtOhI3L9UE 23 | 1GEqxLjRB45P36FSe1wfkgt7xmD0Xjy33Wh6Ae2Fvx7OfJ0K1zy0LHr4rDDJ3tLT 24 | qjPqHIFhaa73jGXwXk8sZnbAk542Oa6C6AjzNFyqV7T5Q5lg 25 | -----END CERTIFICATE----- 26 | -------------------------------------------------------------------------------- /tests/data/client.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIJKQIBAAKCAgEAvpKj6gy/Rm1pqlUIaeKpWuL2KOJBbodhxuPG+0S6f+Jf4Lop 3 | OB76tmg1RQ/bAXLNxXkG46Cx9UOHaFK/IxulcCbH6LxOUg90/HVS7NnbaVtDsl03 4 | HG9CPZTlQzM+n+iFAXv5ub5PFzW3VCCNDSfMtXUOdVR93u/OAc7uz0nWjGhWnOH5 5 | MPJCQPS8ZFpL9hQxQuyAXFY0YLW/9eRMDgx/OPTuvlTxIF+YHaMzY+Wy+Oaygwb7 6 | 8dCow+3RQRgCB20o5o6exx2nX2Cqr7UJzG/N30XCusKIcTT978td8AU7UjpbzoNe 7 | hm/tmQdDq+8IDsNfWbxCHDYLMD8IR32UDXGDDVSwrtNgUs8HWNNCBKjTNCeQf1v/ 8 | yiRd7hRf2aj+w9sDu8PI+VC9pabsRe2KxnnDU9Sq+4IB3ZM3C5XpJDbu8DVigGZS 9 | evim7p/D6mW2phlyxtlK9WmQ5Misg/Z8jM7EZ3gJcTvh20IS6I4plG7DJvsIC/Pc 10 | 3IS2JC/w0prCZa8gOKob8x2mjjQcOA1eVIUmyw6WbV1X65/jAJvIS6an/oFAk4bB 11 | TfJA6fYfU4Pb9NWovYxm/eNR5BbRmFFh0uXa0s92S50iOotf8CnW7PZ7PWKgzKqt 12 | nN9Ob+Ye7WjDdG+NCrhkiDBOCuHDrHXwqaxWBmUICo2mnUMK7JuJNSZe5DMCAwEA 13 | AQKCAgA3X963LHsL2NECSHEIa28wVJCYcp32oun7Y8Y2ztKuRDX907oUb5QEGqWX 14 | 6rKFajl2buNckx4CmVuoKZsWdXsN6obeDpFncMxaazDsV6VUqMsz8bgI0B9cS36O 15 | lz5UMrkrJD39BdpvcRFTJZ42u2DVPS01VJa6h83BYsKrgtYPuGWqclL5MPulajev 16 | pTk7SMTDoHrv2bCghU9BANREpMb24tzYe1ARSxWlTv2owl7NyiMGxanBqxLO07Sh 17 | CHvWcpaW38wtKWWv5iPSqHUvbTFR9jBOGiaRVoeO/PXPv4VsMD7q8+ssfyt38s9s 18 | Dym1OHnlVjmTfvSjUT1zoH67pUchv/RUsUT8SR2zvK2Cm9xwEG+Nn2izuUZwCjxp 19 | Pouan6ZZrCnJut0PKWbEpeEzwKWgEx3r+tYeoV+svkePKKU3oQEUgzACAA5PHRZT 20 | GiaFBHznb57HZaw5xXCmm1g3k31wP0MEnLebEeFtFvqcc0LWQ6uN5UZtpZNM393n 21 | w87CVIZqX0miuB7GsDsZwg8ODWy7nEsAppeoudFg81Gy0jrVluI72le2sYGU4SRe 22 | TBjAf/9H6GF+rYWYgWFfkDeQp31Vx3gkJC6V+lSdMh6OMa8A+vk47alwQbX5kbLJ 23 | AqtSFjOCWLDhUB650huOnk9PyhoK85D+hd9Tx924TByeegXO2QKCAQEA/QptsVKV 24 | fUlfKN2HVntPP6+y/fnR2nSGRWP91KP1I1/PyG+FSXGxR1ngXFpn5TByD5CFBEhv 25 | 0PX8pUjbC1cgNC7WJuy2B0g4Cn4m25yiMPz7g1Ngt+JkWH3E57AeSYCqUUm41Qb0 26 | PUA1zZDE4izvEzweTp04ZFk/1+oPQDeol0oIFhrlrxDSYRjpgDcwPWrQvRnmqfQL 27 | C1aB9+ulHqLIzvhpsWBg4+mYsMfFGX6P+f0NxWFH2hVZoax2STcupAXiRcUbzTO9 28 | z6Yan6DydHv0dS3XcReOFhgB1fRC4hbnJPRZxH1rJ6H0PzmN6vfKeWzZ60Uflyti 29 | r100P+Mh2rUobwKCAQEAwM0w282zqmn71pqmCUrC153uRY1eXRtGmDkuLvpPO0N9 30 | LPLo1AblboIdxXw4pUBzmxtO+J8L+rYzi+sorNhL0GuOHulgVSe27WMfEXeGOhay 31 | m0qGiEEs1s2Ctgj7MdzHzW2moiMOJUgnBIQraJ9JF7KGwMoblUsFE3EeIF2sy8qk 32 | tHugxfx/HUouCx5m8Fsh0HMkvsJMZvmJPMihsVYL57UxGTuKMPsNGpNfdyKgHo3G 33 | 0t+0yR81EPsfnhxoLbGlvgA9Bcn5I2tU9WyYI+e5LdbsXg2EAltXY4YHyg+GRFnL 34 | 2ZrPNfm5Wrh2P5w0xepGflwW0QfL1CVPJz9+0c86fQKCAQB4FgDkzGqBYNa2UBuw 35 | YSjE8p8hhPOglvg56jBGP+FQfmHfn31D057sW6zsZ0MzM4CN/moCFFZsdrEFx8Oc 36 | aCayXR/orSHd5tohsKjERFt8oDLEqkcWPWydymIuChj1jQhHN5NuFbTHdLeT7QZi 37 | yCxVloxThq2CghCYaU3/jeqGke2wf+dM49DTn70AyjAslYqmk6oyMc0j/lQD0mM0 38 | XNCr2JxgP3r77po2Gzhg1v2BCCUG7RnqV4OIBI7GRFfwI5K0xcxh4BJOf2fXJcyq 39 | l0D2c2DxHNqjhZUpcphjL7dWhFgttc+qqWN+tdOyFRKT+aKZ0t4hIcfdrX/kaehh 40 | IOQlAoIBAQCCEmyh/db2Y2Yp1E+r+SoWOVAk0EkXW213CSylOO33N4Ldrktxr+1d 41 | bp8TOskkg6T6waO3i+WTERUZkl7wrUQIqmdJZ308Nfztjm/JYu/FhMaeidrVVdMg 42 | X6mNkeWWMDMD3rQKsse6U0EvhNOcU8oGGMVcj32obOJRyYDfqRMIsgAIW1eN+tjv 43 | M7p4edxMz86ySNxDbeYJmtQBlAGyGDET82PaeBa1EMo4YbCIOW347wFyBsZ64Xj1 44 | qdYc32FRYoZE9vg0TZytTp4UrVy+7Hg7+sGgelHTHTiJxkS/B1Y4CrTCa/Tbn0xz 45 | bfso0wOvemxwl0Q1ZaMXzsvl2KqAdeQpAoIBAQC9tvBTKaBxcaijwLqa+lKOQZnO 46 | 4MxQsCX5hcXyBJPPhEjP8J3MoyEOGQZK1gu6fRnDuOhgEFqBHJAGIEvLYId2qP3f 47 | 4/wZp4as4BYrEPBplwehrh9ufG8NrY4v9vSFzWkNCvuiOgGxmmzo9CPDRvMHSjnx 48 | R1FqAc4PfMqU7LYEX9MKgu5KwCzp8Ot6Y5ifm1hXr2x7ARxe/S3zdvIpaB/aY9TC 49 | D/gWkXVplQDGrLwcguleMy4ZUKuD6L9QLbBBjN18ua5yHfCfw3flSgC9hBxazqce 50 | WChZob9ttZIXX/W0sefNjQjo0etQFakkGYAZihK34fUnCSuMVQDWWxdl1wJA 51 | -----END RSA PRIVATE KEY----- 52 | -------------------------------------------------------------------------------- /tests/data/crl.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN X509 CRL----- 2 | MIIB2zCBxAIBATANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJDWjETMBEGA1UE 3 | CAwKU29tZS1TdGF0ZTENMAsGA1UEBwwEQnJubzEPMA0GA1UECgwGQ0VTTkVUMQww 4 | CgYDVQQLDANUTUMxETAPBgNVBAMMCHNlcnZlcmNhFw0yMzA2MTUxMTMxMzBaFw0z 5 | MzA2MTIxMTMxMzBaMBwwGgIJAJXrkmAO99aQFw0yMzA2MTIxNDAzMTJaoA8wDTAL 6 | BgNVHRQEBAICEAUwDQYJKoZIhvcNAQELBQADggEBAMbxn/kkds6i60o31eQvaI49 7 | XXQiEnZ+15r8ehkeKv4VOQBeHbddrYuhoaESdVLeB2wzphbLLPAOsUvqHxtM4eO2 8 | faDDhpquHL3eKsHZA5UyAl9vEHyzONXiSoJvVNvC5dtQHflgUtqKwOnhrvxlUBqV 9 | pcwVWfqE+opm19f8iNaA4OgFn9dFyaRnpgzWILGOykzW+aEzmCpkVYeUgR1RqBm5 10 | bgpzQBma2Mg9AjWIeTwGozoANt/Q7GJhdmeZEp41iDc1HElFMUyYspClaYfRKzuE 11 | VvrHeKOFQIjhQcoPO6oH5QwYgXKUBFuTJD5who3hHbu+6u3upaJ6RZGcwVa+Ly8= 12 | -----END X509 CRL----- 13 | -------------------------------------------------------------------------------- /tests/data/ec_server.crt: -------------------------------------------------------------------------------- 1 | Certificate: 2 | Data: 3 | Version: 1 (0x0) 4 | Serial Number: 3 (0x3) 5 | Signature Algorithm: sha256WithRSAEncryption 6 | Issuer: C=CZ, ST=Some-State, O=CESNET, OU=TMC, CN=clientca 7 | Validity 8 | Not Before: Nov 13 09:26:01 2024 GMT 9 | Not After : Nov 11 09:26:01 2034 GMT 10 | Subject: C=CZ, ST=Some-State, O=CESNET, OU=TMC, CN=127.0.0.1 11 | Subject Public Key Info: 12 | Public Key Algorithm: id-ecPublicKey 13 | Public-Key: (256 bit) 14 | pub: 15 | 04:21:8f:4c:09:ed:6c:ef:8e:17:09:f6:71:15:df: 16 | 6b:bc:55:ee:62:b8:06:66:b0:83:d0:31:6a:58:eb: 17 | ca:1d:ed:3a:d7:a5:35:f9:c1:83:e7:2a:e7:3a:0b: 18 | a8:0d:8e:d8:48:91:44:f0:33:70:a2:a4:fa:14:b7: 19 | 6e:74:cf:e3:13 20 | ASN1 OID: prime256v1 21 | NIST CURVE: P-256 22 | Signature Algorithm: sha256WithRSAEncryption 23 | Signature Value: 24 | c1:b3:2c:22:63:44:7e:ed:bc:59:0b:88:36:a6:a3:b5:9c:13: 25 | 25:e9:35:17:a8:ed:51:a6:54:98:46:fa:68:cf:82:af:85:1e: 26 | 66:ff:86:64:f6:b7:cb:2f:2a:7d:f1:f0:f0:5c:85:40:86:99: 27 | 0f:12:2f:7c:14:9b:27:25:ed:6b:5a:a7:80:8b:8e:e0:17:7b: 28 | d0:a0:45:aa:d3:6d:b8:8b:cc:46:c7:b7:01:8b:fa:bc:2e:5d: 29 | 18:77:c0:87:9b:37:16:a1:b0:3c:cc:72:44:4a:3e:c3:0f:6f: 30 | 60:5e:ae:a1:0d:08:54:49:96:f0:aa:84:9a:00:da:63:bd:0a: 31 | fb:d7:93:3e:8a:e5:c0:64:31:01:c7:14:47:0f:94:d4:4e:c9: 32 | c2:3d:28:7b:18:60:64:c7:d1:1f:f8:47:86:f5:68:ea:bf:e6: 33 | b5:f1:43:19:e1:55:c1:20:73:7e:71:9f:9e:08:9b:7c:4c:5c: 34 | 61:62:6f:3f:64:1d:d6:f2:52:42:fe:a6:c9:5d:ce:24:8a:f8: 35 | d7:2b:a6:0f:ca:ec:4a:92:da:31:f3:d3:fd:01:5f:ea:2a:c5: 36 | d6:0e:b0:04:43:f9:60:71:e4:42:6d:43:34:d2:9b:31:59:9e: 37 | c8:b9:6b:b2:67:0a:ff:fb:f4:a7:27:ec:c0:2d:83:b0:1e:03: 38 | 9d:a0:05:f8 39 | -----BEGIN CERTIFICATE----- 40 | MIICUjCCAToCAQMwDQYJKoZIhvcNAQELBQAwVDELMAkGA1UEBhMCQ1oxEzARBgNV 41 | BAgMClNvbWUtU3RhdGUxDzANBgNVBAoMBkNFU05FVDEMMAoGA1UECwwDVE1DMREw 42 | DwYDVQQDDAhjbGllbnRjYTAeFw0yNDExMTMwOTI2MDFaFw0zNDExMTEwOTI2MDFa 43 | MFUxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMQ8wDQYDVQQKDAZD 44 | RVNORVQxDDAKBgNVBAsMA1RNQzESMBAGA1UEAwwJMTI3LjAuMC4xMFkwEwYHKoZI 45 | zj0CAQYIKoZIzj0DAQcDQgAEIY9MCe1s744XCfZxFd9rvFXuYrgGZrCD0DFqWOvK 46 | He0616U1+cGD5yrnOguoDY7YSJFE8DNwoqT6FLdudM/jEzANBgkqhkiG9w0BAQsF 47 | AAOCAQEAwbMsImNEfu28WQuINqajtZwTJek1F6jtUaZUmEb6aM+Cr4UeZv+GZPa3 48 | yy8qffHw8FyFQIaZDxIvfBSbJyXta1qngIuO4Bd70KBFqtNtuIvMRse3AYv6vC5d 49 | GHfAh5s3FqGwPMxyREo+ww9vYF6uoQ0IVEmW8KqEmgDaY70K+9eTPorlwGQxAccU 50 | Rw+U1E7Jwj0oexhgZMfRH/hHhvVo6r/mtfFDGeFVwSBzfnGfngibfExcYWJvP2Qd 51 | 1vJSQv6myV3OJIr41yumD8rsSpLaMfPT/QFf6irF1g6wBEP5YHHkQm1DNNKbMVme 52 | yLlrsmcK//v0pyfswC2DsB4DnaAF+A== 53 | -----END CERTIFICATE----- 54 | -------------------------------------------------------------------------------- /tests/data/ec_server.key: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHcCAQEEIFIFZl3hkDpo1uqLRK8UeFo9Tm6tfgBjlvM1TcRZixy+oAoGCCqGSM49 3 | AwEHoUQDQgAEIY9MCe1s744XCfZxFd9rvFXuYrgGZrCD0DFqWOvKHe0616U1+cGD 4 | 5yrnOguoDY7YSJFE8DNwoqT6FLdudM/jEw== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /tests/data/ec_serverca.pem: -------------------------------------------------------------------------------- 1 | Certificate: 2 | Data: 3 | Version: 3 (0x2) 4 | Serial Number: 0 (0x0) 5 | Signature Algorithm: sha256WithRSAEncryption 6 | Issuer: C=CZ, ST=Some-State, O=CESNET, OU=TMC, CN=clientca 7 | Validity 8 | Not Before: Oct 25 11:00:37 2024 GMT 9 | Not After : Oct 23 11:00:37 2034 GMT 10 | Subject: C=CZ, ST=Some-State, O=CESNET, OU=TMC, CN=clientca 11 | Subject Public Key Info: 12 | Public Key Algorithm: rsaEncryption 13 | Public-Key: (2048 bit) 14 | Modulus: 15 | 00:d3:59:56:1b:a0:75:ce:50:66:ce:60:77:69:87: 16 | 8f:bc:6a:42:83:6c:64:49:89:10:54:59:2a:cd:c7: 17 | 85:83:a2:dd:66:33:72:e9:2f:46:54:9c:a0:8b:f7: 18 | c7:76:01:d4:be:2a:54:6a:63:24:2a:65:a0:90:fe: 19 | 63:71:33:ce:76:76:37:fa:6f:1c:66:86:d9:19:1f: 20 | 2a:72:a4:ac:f9:56:95:58:d0:f5:c3:1d:c0:a9:c2: 21 | fe:89:cb:ac:04:18:a0:fa:14:eb:18:42:46:7b:fc: 22 | fe:a6:b6:26:70:c0:45:c4:79:9c:53:b9:0b:71:d4: 23 | c8:74:93:86:80:a5:76:38:16:0e:7f:a5:2e:bc:c4: 24 | 4f:e5:7a:cd:ef:41:0b:02:9e:3d:f0:d8:62:aa:2c: 25 | 89:68:51:22:44:6a:c2:2f:bc:77:10:20:38:dd:f0: 26 | 5b:cb:31:a2:3c:9e:27:a2:3f:d1:61:25:14:35:05: 27 | ab:10:0f:f1:f9:49:40:e5:16:8f:e3:69:32:51:f9: 28 | 01:20:ce:b1:18:e7:1f:11:76:ec:3c:74:f7:99:bd: 29 | a1:4e:53:6f:89:a4:95:6a:73:ae:6d:9a:7e:f3:78: 30 | 11:df:bd:89:5b:e6:a1:c1:0b:92:57:ba:ba:6d:b0: 31 | 8e:d7:5c:60:c0:ae:ca:e0:6d:31:6b:07:f1:98:8a: 32 | 66:2f 33 | Exponent: 65537 (0x10001) 34 | X509v3 extensions: 35 | X509v3 Basic Constraints: critical 36 | CA:TRUE 37 | X509v3 Key Usage: critical 38 | Certificate Sign 39 | X509v3 Subject Key Identifier: 40 | CD:59:B8:BB:EB:BA:27:B2:66:3C:1C:05:76:9B:71:8A:68:EA:30:FD 41 | Signature Algorithm: sha256WithRSAEncryption 42 | Signature Value: 43 | a6:2d:e1:9e:04:a5:0c:9d:6b:82:b9:f2:59:85:9f:ef:e4:ea: 44 | eb:b9:ab:70:73:50:fa:1d:5d:0b:d7:7f:3e:32:f6:e5:27:01: 45 | 47:69:3a:a2:a2:d2:e0:4d:16:ad:9d:98:3c:ed:81:05:c6:12: 46 | a1:92:85:95:7f:22:e7:d2:77:fe:53:be:fe:2c:74:2c:24:7b: 47 | 66:97:8c:0b:00:88:3e:96:87:1c:6a:0e:70:98:81:10:c1:84: 48 | f4:98:4b:60:77:9c:24:a7:b2:a5:44:e8:05:da:a5:6c:62:77: 49 | 68:f9:2e:73:3c:c6:2c:ad:3a:ff:4a:67:a0:da:23:84:ea:bc: 50 | d9:cb:f9:45:13:e3:38:26:c7:f1:60:95:f3:3f:2f:81:98:0b: 51 | 58:60:72:5f:c9:ef:1f:76:b2:05:03:8d:4f:3a:a8:eb:0a:c5: 52 | a8:fd:a3:5f:a8:29:83:cb:9e:cb:13:24:a6:4a:33:95:22:fc: 53 | 26:90:dc:97:2c:53:ac:24:1a:60:d6:aa:e4:cd:14:12:84:61: 54 | ea:15:28:5a:79:f3:18:1e:bb:77:03:61:2c:b4:b6:d5:c5:99: 55 | 7c:a7:7c:8a:1b:c8:a0:2c:50:53:5d:fb:b4:81:23:bf:0a:b1: 56 | 9f:f0:b0:d3:ed:08:e2:4d:a7:50:44:be:3a:a0:c0:2c:70:0c: 57 | e4:c8:71:15 58 | -----BEGIN CERTIFICATE----- 59 | MIIDZTCCAk2gAwIBAgIBADANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJDWjET 60 | MBEGA1UECAwKU29tZS1TdGF0ZTEPMA0GA1UECgwGQ0VTTkVUMQwwCgYDVQQLDANU 61 | TUMxETAPBgNVBAMMCGNsaWVudGNhMB4XDTI0MTAyNTExMDAzN1oXDTM0MTAyMzEx 62 | MDAzN1owVDELMAkGA1UEBhMCQ1oxEzARBgNVBAgMClNvbWUtU3RhdGUxDzANBgNV 63 | BAoMBkNFU05FVDEMMAoGA1UECwwDVE1DMREwDwYDVQQDDAhjbGllbnRjYTCCASIw 64 | DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANNZVhugdc5QZs5gd2mHj7xqQoNs 65 | ZEmJEFRZKs3HhYOi3WYzcukvRlScoIv3x3YB1L4qVGpjJCploJD+Y3EzznZ2N/pv 66 | HGaG2RkfKnKkrPlWlVjQ9cMdwKnC/onLrAQYoPoU6xhCRnv8/qa2JnDARcR5nFO5 67 | C3HUyHSThoCldjgWDn+lLrzET+V6ze9BCwKePfDYYqosiWhRIkRqwi+8dxAgON3w 68 | W8sxojyeJ6I/0WElFDUFqxAP8flJQOUWj+NpMlH5ASDOsRjnHxF27Dx095m9oU5T 69 | b4mklWpzrm2afvN4Ed+9iVvmocELkle6um2wjtdcYMCuyuBtMWsH8ZiKZi8CAwEA 70 | AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAgQwHQYDVR0OBBYE 71 | FM1ZuLvruieyZjwcBXabcYpo6jD9MA0GCSqGSIb3DQEBCwUAA4IBAQCmLeGeBKUM 72 | nWuCufJZhZ/v5Orruatwc1D6HV0L138+MvblJwFHaTqiotLgTRatnZg87YEFxhKh 73 | koWVfyLn0nf+U77+LHQsJHtml4wLAIg+loccag5wmIEQwYT0mEtgd5wkp7KlROgF 74 | 2qVsYndo+S5zPMYsrTr/Smeg2iOE6rzZy/lFE+M4JsfxYJXzPy+BmAtYYHJfye8f 75 | drIFA41POqjrCsWo/aNfqCmDy57LEySmSjOVIvwmkNyXLFOsJBpg1qrkzRQShGHq 76 | FShaefMYHrt3A2EstLbVxZl8p3yKG8igLFBTXfu0gSO/CrGf8LDT7QjiTadQRL46 77 | oMAscAzkyHEV 78 | -----END CERTIFICATE----- 79 | -------------------------------------------------------------------------------- /tests/data/id_ecdsa256: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS 3 | 1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQSGOtimPvmp8jbsK5kLto0HcgfaWGTB 4 | hBsn+c5deY0SQuzhj6vkxqkYMBTqAcpWLbj6xVhpTPs5LalDJ9ffuaj6AAAAqCh4tAQoeL 5 | QEAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIY62KY++anyNuwr 6 | mQu2jQdyB9pYZMGEGyf5zl15jRJC7OGPq+TGqRgwFOoBylYtuPrFWGlM+zktqUMn19+5qP 7 | oAAAAgBf3u7SBWmpDCm7esp1VnpoflXGytRAxp85nsb4Hhbd0AAAANcm9tYW5AcGN2YXNr 8 | bwECAw== 9 | -----END OPENSSH PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /tests/data/id_ecdsa256.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIY62KY++anyNuwrmQu2jQdyB9pYZMGEGyf5zl15jRJC7OGPq+TGqRgwFOoBylYtuPrFWGlM+zktqUMn19+5qPo= test@libnetconf2 2 | -------------------------------------------------------------------------------- /tests/data/id_ecdsa384: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAiAAAABNlY2RzYS 3 | 1zaGEyLW5pc3RwMzg0AAAACG5pc3RwMzg0AAAAYQQSz1JFAWiAmtKwWSyCXdZUwNTS/m+c 4 | CpiUPC3vHZ82S1g2ihbQpN4IAIAAfRTER+rnV5/qClDmCjBsOSIaw86VcIykwAqcNy0x0i 5 | vGoyfpVL4/9CZfVSf/hwITxfbCK5MAAADYCMDKzgjAys4AAAATZWNkc2Etc2hhMi1uaXN0 6 | cDM4NAAAAAhuaXN0cDM4NAAAAGEEEs9SRQFogJrSsFksgl3WVMDU0v5vnAqYlDwt7x2fNk 7 | tYNooW0KTeCACAAH0UxEfq51ef6gpQ5gowbDkiGsPOlXCMpMAKnDctMdIrxqMn6VS+P/Qm 8 | X1Un/4cCE8X2wiuTAAAAMCpWDy26Bm4HFbLLgn/Jf8iJ/V5V5RXOnW994Jbh2w2b0gT9c5 9 | CfLHjENUhHF3zI9QAAAA1yb21hbkBwY3Zhc2tvAQID 10 | -----END OPENSSH PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /tests/data/id_ecdsa384.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBBLPUkUBaICa0rBZLIJd1lTA1NL+b5wKmJQ8Le8dnzZLWDaKFtCk3ggAgAB9FMRH6udXn+oKUOYKMGw5IhrDzpVwjKTACpw3LTHSK8ajJ+lUvj/0Jl9VJ/+HAhPF9sIrkw== test@libnetconf2 2 | -------------------------------------------------------------------------------- /tests/data/id_ecdsa521: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAArAAAABNlY2RzYS 3 | 1zaGEyLW5pc3RwNTIxAAAACG5pc3RwNTIxAAAAhQQBdWbNJ1cbOVb9jkjFVe3ef8hM2Jc3 4 | Fgrx1uScbWjzRyLFELbVxgMdQhVShobGyl28Sw4tQPXBPk2iJuZ1is8Jk0gA89GJqKLAbI 5 | O6MVOc6Swx3jR9VP0jOxEWN0dt+swYkZYPNsmSCtVl49w+li+759b5jIWUKNX+jwLua0DG 6 | oykzIy4AAAEQGOm95hjpveYAAAATZWNkc2Etc2hhMi1uaXN0cDUyMQAAAAhuaXN0cDUyMQ 7 | AAAIUEAXVmzSdXGzlW/Y5IxVXt3n/ITNiXNxYK8dbknG1o80cixRC21cYDHUIVUoaGxspd 8 | vEsOLUD1wT5NoibmdYrPCZNIAPPRiaiiwGyDujFTnOksMd40fVT9IzsRFjdHbfrMGJGWDz 9 | bJkgrVZePcPpYvu+fW+YyFlCjV/o8C7mtAxqMpMyMuAAAAQgG2S26e7KJI+Old8/A2JPPz 10 | 9Lbtwgjb09LYZhkRzCELq/9yjY3HvBEOFF3c5WbEn+Opn+MJP1JmQ5UxEUPybDl+egAAAA 11 | 1yb21hbkBwY3Zhc2tvAQIDBAU= 12 | -----END OPENSSH PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /tests/data/id_ecdsa521.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAF1Zs0nVxs5Vv2OSMVV7d5/yEzYlzcWCvHW5JxtaPNHIsUQttXGAx1CFVKGhsbKXbxLDi1A9cE+TaIm5nWKzwmTSADz0YmoosBsg7oxU5zpLDHeNH1U/SM7ERY3R236zBiRlg82yZIK1WXj3D6WL7vn1vmMhZQo1f6PAu5rQMajKTMjLg== test@libnetconf2 2 | -------------------------------------------------------------------------------- /tests/data/id_ed25519: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW 3 | QyNTUxOQAAACDq+Oq6bYOgbFoTtSTKJrod3LgmJnrjuiXzlD7P2Dt+cAAAAJC1rL1gtay9 4 | YAAAAAtzc2gtZWQyNTUxOQAAACDq+Oq6bYOgbFoTtSTKJrod3LgmJnrjuiXzlD7P2Dt+cA 5 | AAAEAQm84SEphEUZEbuCRmXrMcYyv70wNEVziE/SbBC6+trOr46rptg6BsWhO1JMomuh3c 6 | uCYmeuO6JfOUPs/YO35wAAAADXJvbWFuQHBjdmFza28= 7 | -----END OPENSSH PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /tests/data/id_ed25519.pub: -------------------------------------------------------------------------------- 1 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOr46rptg6BsWhO1JMomuh3cuCYmeuO6JfOUPs/YO35w test@libnetconf2 2 | -------------------------------------------------------------------------------- /tests/data/key_ecdsa: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHcCAQEEICQ2fr9Jt2xluom0YQQ7HseE8YTo5reZRVcQENKUWOrooAoGCCqGSM49 3 | AwEHoUQDQgAENEgHZ41JFZT4c1ZFQYqvvqCEIuDxFoyVQKmz2UGOdzqCBomXZD5M 4 | 4ufyx7bAB0reVgEzPd1ypH5KVTt4HzAkBw== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /tests/data/key_ecdsa.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDRIB2eNSRWU+HNWRUGKr76ghCLg8RaMlUCps9lBjnc6ggaJl2Q+TOLn8se2wAdK3lYBMz3dcqR+SlU7eB8wJAc= vasko@pcvasko 2 | -------------------------------------------------------------------------------- /tests/data/key_rsa: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAz2r1QC4jO0MEyFAJ3TvBPRjpEg0Fo7hMJM2yd5DgT2u5JKu9 3 | VDmRXnnA4xW/XoqZJY3xcrPyWBxkGmFRfP7L09CleYex5brUXResr6khG46W0zkW 4 | 9u6XR194hRMgwsAiKKvbzHl/sMl57Xsp9NRqSC9IoNFgJ75Kl/0j47qZV+WSLVEq 5 | 9DIVzO3zUl+dAQ+hvCDtP3Y1HHTFHI04xr+90sQfWcy78Z4V7lCW8xCSSS4+qmo8 6 | hCFWiUmu97wN9yQg/Ks2q67LiE6I1SzwxZnh8EgKAeXT/OsqKenusqbl8yscXn+s 7 | jV3BPKE4/FBWASF7ICD9pwb1pONRGitFZN2BZQIDAQABAoIBAQC1jeTQYdI67EXC 8 | ZLTNrqFNroFMaJOYJBiaWmat2+VL/3nWzHDzyVQiQyaAXyfcRCsbQSyn/zTQxUEm 9 | Cis+4vRdGpPNVeZ0tN1wAuoH9F3jdiM1DhK44E0Qj1O5/+08Ktt7iDrjtzH699A+ 10 | /ADUqh3Bw4mqIrss7pbyhQSmME5LLTbaWikZ8LgtUiF9f5JWzsqjPb6Yd8JEg0O+ 11 | 5lDngLfgEYevKCJxxBMtQQQ6gZCjQQWmir+/0NBezSHsoltPlw1m8Vs8Y5zz684y 12 | v33J/qxDM7+rbGbte2fSQ06OuK7abCZMyfXyWdp4cQpG1JZRxGp4Y8vQKvsU5ZOQ 13 | UT/v7ur9AoGBAO+Li/vUzU3GlL7mxBlPTg5LavItWq6C7Rnwftjql7yPxrQ/+m5R 14 | Za0YujnqvZq5SpdpljCZbF9KYrFr92wgFqlt5uYptI4eD0/6xALEUcJJIlllTjiK 15 | tJmuyFkkD45WEn1IlDGAURQiDn6aqd40odlPsv4L5EdnQEQQz6Kfv6JLAoGBAN2q 16 | chHTKv1PBXfqRm0ABYSPyFhki2RqI4DWsbwykFXn3qP7tDDnmR/VMsAbApgTVW77 17 | LGffJ7DZXsqgzujwcqvLBKf8Wl5MRJg2jTe0GkKEBYqhGWNzBhuIwnIcKu/6HsEd 18 | FfCD93hwUPaVTBE+2ckXQVb9RSUCpGarXKk9cZ0PAoGBAJ/Hku29OdwA80KKpo7D 19 | SStbvtAe1HfGuOQueE2z3NZXiJC+hAqFnK5i6gSrwSCtK0XnldiA3bqJ4V66x2SF 20 | 2tfUiMlJVDffcRNGDuxRir9vDMxYOF6alnBUFyruVLn6S4bpnH+QOYSWWtizzU58 21 | CODsulWeFPxTsJg2Jmkw6SAVAoGANWBGqX4k2uw9T9vM65BWw83vm0FSw3I/bFXG 22 | ZJ/0W4tC9E+22xPZrm2jE9ktLbtyFhBLaBO3NgGRrs88I6FKq41uaJj+lbhdyB1S 23 | sfgfXqb1wqT6PRVEgjrTP7ECsdiTsUK0tr7AR3McO9RFhd2Ribec1zqTfM7/EW3w 24 | GRyfkAcCgYAtw6KO+5fXHE79v9pUdZAJ4PAc/KdHjv0zE9s5snwUrh7TO5fIB62d 25 | i6nPBWLwD5InDZ9sNgxzTBt+0o2N6PsvKQFtfEBemKimmZShMytFkx9/KTRNR9se 26 | 2qcBMiJsdAaz6hHUliYVWV3Ui+Uy+vYh5reuEhcvEjEzT6ySaCrZfg== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /tests/data/key_rsa.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPavVALiM7QwTIUAndO8E9GOkSDQWjuEwkzbJ3kOBPa7kkq71UOZFeecDjFb9eipkljfFys/JYHGQaYVF8/svT0KV5h7HlutRdF6yvqSEbjpbTORb27pdHX3iFEyDCwCIoq9vMeX+wyXnteyn01GpIL0ig0WAnvkqX/SPjuplX5ZItUSr0MhXM7fNSX50BD6G8IO0/djUcdMUcjTjGv73SxB9ZzLvxnhXuUJbzEJJJLj6qajyEIVaJSa73vA33JCD8qzarrsuITojVLPDFmeHwSAoB5dP86yop6e6ypuXzKxxef6yNXcE8oTj8UFYBIXsgIP2nBvWk41EaK0Vk3YFl vasko@pcvasko 2 | -------------------------------------------------------------------------------- /tests/data/modules/ietf-netconf-with-defaults.yin: -------------------------------------------------------------------------------- 1 | 2 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | IETF NETCONF (Network Configuration Protocol) Working Group 13 | 14 | 15 | WG Web: <http://tools.ietf.org/wg/netconf/> 16 | 17 | WG List: <netconf@ietf.org> 18 | 19 | WG Chair: Bert Wijnen 20 | <bertietf@bwijnen.net> 21 | 22 | WG Chair: Mehmet Ersue 23 | <mehmet.ersue@nsn.com> 24 | 25 | Editor: Andy Bierman 26 | <andy.bierman@brocade.com> 27 | 28 | Editor: Balazs Lengyel 29 | <balazs.lengyel@ericsson.com> 30 | 31 | 32 | This module defines an extension to the NETCONF protocol 33 | that allows the NETCONF client to control how default 34 | values are handled by the server in particular NETCONF 35 | operations. 36 | 37 | Copyright (c) 2011 IETF Trust and the persons identified as 38 | the document authors. All rights reserved. 39 | 40 | Redistribution and use in source and binary forms, with or 41 | without modification, is permitted pursuant to, and subject 42 | to the license terms contained in, the Simplified BSD License 43 | set forth in Section 4.c of the IETF Trust's Legal Provisions 44 | Relating to IETF Documents 45 | (http://trustee.ietf.org/license-info). 46 | 47 | This version of this YANG module is part of RFC 6243; see 48 | the RFC itself for full legal notices. 49 | 50 | 51 | 52 | Initial version. 53 | 54 | 55 | RFC 6243: With-defaults Capability for NETCONF 56 | 57 | 58 | 59 | 60 | Possible modes to report default data. 61 | 62 | 63 | RFC 6243; Section 3. 64 | 65 | 66 | 67 | 68 | All default data is reported. 69 | 70 | 71 | RFC 6243; Section 3.1 72 | 73 | 74 | 75 | 76 | All default data is reported. 77 | Any nodes considered to be default data 78 | will contain a 'default' XML attribute, 79 | set to 'true' or '1'. 80 | 81 | 82 | RFC 6243; Section 3.4 83 | 84 | 85 | 86 | 87 | Values are not reported if they contain the default. 88 | 89 | 90 | RFC 6243; Section 3.2 91 | 92 | 93 | 94 | 95 | Report values that contain the definition of 96 | explicitly set data. 97 | 98 | 99 | RFC 6243; Section 3.3 100 | 101 | 102 | 103 | 104 | 105 | 106 | Contains the <with-defaults> parameter for control 107 | of defaults in NETCONF retrieval operations. 108 | 109 | 110 | 111 | The explicit defaults processing mode requested. 112 | 113 | 114 | RFC 6243; Section 4.5.1 115 | 116 | 117 | 118 | 119 | 120 | 121 | Adds the <with-defaults> parameter to the 122 | input of the NETCONF <get-config> operation. 123 | 124 | 125 | RFC 6243; Section 4.5.1 126 | 127 | 128 | 129 | 130 | 131 | Adds the <with-defaults> parameter to 132 | the input of the NETCONF <get> operation. 133 | 134 | 135 | RFC 6243; Section 4.5.1 136 | 137 | 138 | 139 | 140 | 141 | Adds the <with-defaults> parameter to 142 | the input of the NETCONF <copy-config> operation. 143 | 144 | 145 | RFC 6243; Section 4.5.1 146 | 147 | 148 | 149 | 150 | -------------------------------------------------------------------------------- /tests/data/modules/module-a-dv.yang: -------------------------------------------------------------------------------- 1 | module module-a-dv { 2 | 3 | namespace "urn:jmu:params:xml:ns:yang:module-a-dv"; 4 | prefix dv; 5 | 6 | import module-a { 7 | prefix a; 8 | } 9 | 10 | description 11 | "Contains some deviations to module-a"; 12 | 13 | deviation "/a:top/a:hidden" { 14 | deviate not-supported; 15 | } 16 | } -------------------------------------------------------------------------------- /tests/data/modules/module-a-dv2.yang: -------------------------------------------------------------------------------- 1 | module module-a-dv2 { 2 | 3 | namespace "urn:jmu:params:xml:ns:yang:module-a-dv2"; 4 | prefix dv2; 5 | 6 | import module-a { 7 | prefix a; 8 | } 9 | 10 | description 11 | "Contains some deviations to module-a"; 12 | 13 | deviation "/a:top/a:type" { 14 | deviate add { 15 | default "admin"; 16 | must "count(.) = 1"; 17 | } 18 | } 19 | 20 | } 21 | 22 | -------------------------------------------------------------------------------- /tests/data/modules/module-a.yang: -------------------------------------------------------------------------------- 1 | module module-a { 2 | 3 | namespace "urn:jmu:params:xml:ns:yang:module-a"; 4 | prefix a; 5 | 6 | description "This is a simple user module"; 7 | 8 | container top { 9 | 10 | leaf name { 11 | type string; 12 | } 13 | 14 | leaf type { 15 | type string; 16 | } 17 | 18 | leaf hidden { 19 | type boolean; 20 | } 21 | 22 | } 23 | } -------------------------------------------------------------------------------- /tests/data/modules/nc-notifications.yin: -------------------------------------------------------------------------------- 1 | 2 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | IETF NETCONF WG 17 | 18 | 19 | netconf@ietf.org 20 | 21 | 22 | Conversion of the 'manageEvent' XSD in the NETCONF 23 | Notifications RFC. 24 | 25 | 26 | RFC 5277 27 | 28 | 29 | 30 | RFC 5277 version. 31 | 32 | 33 | 34 | 35 | Top-level element in the notification namespace 36 | 37 | 38 | 39 | 40 | The list of event streams supported by the system. When 41 | a query is issued, the returned set of streams is 42 | determined based on user privileges. 43 | 44 | 45 | 46 | Stream name, description and other information. 47 | 48 | 49 | 50 | 51 | 52 | The name of the event stream. If this is the default 53 | NETCONF stream, this must have the value 'NETCONF'. 54 | 55 | 56 | 57 | 58 | 59 | A description of the event stream, including such 60 | information as the type of events that are sent over 61 | this stream. 62 | 63 | 64 | 65 | 66 | 67 | 68 | A description of the event stream, including such 69 | information as the type of events that are sent over 70 | this stream. 71 | 72 | 73 | 74 | 75 | 76 | 77 | The timestamp of the creation of the log used to support 78 | the replay function on this stream. Note that this might 79 | be earlier then the earliest available notification in 80 | the log. This object is updated if the log resets for 81 | some reason. This object MUST be present if replay is 82 | supported. 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | This notification is sent to signal the end of a replay 92 | portion of a subscription. 93 | 94 | 95 | 96 | 97 | This notification is sent to signal the end of a notification 98 | subscription. It is sent in the case that stopTime was 99 | specified during the creation of the subscription.. 100 | 101 | 102 | 103 | -------------------------------------------------------------------------------- /tests/data/modules/notif1.yang: -------------------------------------------------------------------------------- 1 | module notif1 { 2 | namespace "n1"; 3 | prefix "n1"; 4 | 5 | notification n1 { 6 | leaf first { 7 | type string; 8 | } 9 | } 10 | } -------------------------------------------------------------------------------- /tests/data/modules/notifications.yin: -------------------------------------------------------------------------------- 1 | 2 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | IETF NETCONF WG 13 | 14 | 15 | netconf@ops.ietf.org 16 | 17 | 18 | Conversion of the 'ncEvent' XSD in the 19 | NETCONF Notifications RFC. 20 | 21 | 22 | RFC 5277. 23 | 24 | 25 | 26 | RFC 5277 version. 27 | 28 | 29 | 30 | 31 | The name of an event stream. 32 | 33 | 34 | 35 | 36 | 37 | The command to create a notification subscription. It 38 | takes as argument the name of the notification stream 39 | and filter. Both of those options limit the content of 40 | the subscription. In addition, there are two time-related 41 | parameters, startTime and stopTime, which can be used to 42 | select the time interval of interest to the notification 43 | replay feature. 44 | 45 | 46 | 47 | 48 | An optional parameter that indicates which stream of events 49 | is of interest. If not present, then events in the default 50 | NETCONF stream will be sent. 51 | 52 | 53 | 54 | 55 | 56 | 57 | An optional parameter that indicates which subset of all 58 | possible events is of interest. The format of this 59 | parameter is the same as that of the filter parameter 60 | in the NETCONF protocol operations. If not present, 61 | all events not precluded by other parameters will 62 | be sent. 63 | 64 | 65 | 66 | 67 | A parameter used to trigger the replay feature and 68 | indicates that the replay should start at the time 69 | specified. If start time is not present, this is not a 70 | replay subscription. 71 | 72 | 73 | 74 | 75 | 76 | An optional parameter used with the optional replay 77 | feature to indicate the newest notifications of 78 | interest. If stop time is not present, the notifications 79 | will continue until the subscription is terminated. 80 | Must be used with startTime. 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | internal struct to start a notification 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | -------------------------------------------------------------------------------- /tests/data/nc10/rpc-lock: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | ]]>]]> 10 | -------------------------------------------------------------------------------- /tests/data/nc11/rpc-lock: -------------------------------------------------------------------------------- 1 | 2 | #11 3 | 6 | ## 7 | 8 | -------------------------------------------------------------------------------- /tests/data/server.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIETjCCAzYCFEO1ljvG2ET9vb1itRsNMb8xN0R3MA0GCSqGSIb3DQEBCwUAMGMx 3 | CzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQHDARCcm5v 4 | MQ8wDQYDVQQKDAZDRVNORVQxDDAKBgNVBAsMA1RNQzERMA8GA1UEAwwIc2VydmVy 5 | Y2EwHhcNMjEwOTAzMTExNjMyWhcNMzEwOTAxMTExNjMyWjBkMQswCQYDVQQGEwJD 6 | WjETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UEBwwEQnJubzEPMA0GA1UECgwG 7 | Q0VTTkVUMQwwCgYDVQQLDANUTUMxEjAQBgNVBAMMCTEyNy4wLjAuMTCCAiIwDQYJ 8 | KoZIhvcNAQEBBQADggIPADCCAgoCggIBAOqI7Y3w5r8kD9WZCMAaa/e3ig7nm76a 9 | IJUR0Xb1bk6X/4FNVQKwEJsBodOYupZvE5FZdZ6DJSMSyQ3FrJWnlZ+isr7F9B4b 10 | ELV8Kj6sJGuVAr+mpcH/4rwL3DaXF9Y9Lf7iBgiOHUoip80Asn9BU4q80JI6w2VH 11 | d5ng4TUE67gmpRleIHzViKt3taBrsAJ9bS5bvaE6xOB8zKYGzRFOsDZrEqqcBsVI 12 | WC6EmjO29HS5qj/mXM0ktFGnNDxTZHoRkNgmCE/NH+fNKOFxraCwlFBpKemAky+G 13 | dgngRGiQAVowyAx/nSmCFAalKc+E4ddoFwD/oft6iOvvXqaXh6368wEQ7Hy48FDc 14 | UCbHtUEgK4wMrX9BSrRh6zkXO1tE4ghb0dM2qFDS0ypO3p04kUPa31mTgLuOH1Lz 15 | wmlwxOs113mlYKCgqOFR5YaN+nq1HI5RATPo5NvCMpG2RrQW+ooCr2GtbT0oHmJv 16 | 8yaBVY0HJ69eLnIv37dfjWvoTiBKBBIisXAD5Nm9rwSjZUSFu1iyd7u2YrkBCUzZ 17 | uvt3BOPpX8GgQgagU6BPnac76FF6DMhRUXlBXdTuWsbuH14LdNIzGjkMZhNL/Tpk 18 | f6S/z1iH5VReGc+clTjWGg1XO5fr3mNKBGa7hDydIZRIMbgsy63DIY7n5dqhNkO3 19 | 0CGmr/9TagVZAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAEjP2Zed4zY/nProMy67 20 | JyI3vV2fDYpYUkPD7ofSjFHjQc3ooXfBCF6Ho0dCdBTpof6kGIjfDmhcKoVcPqr8 21 | A/EA1pEGOB0RZkCjrwEnbAVdIb/5QP6nLtm7M5md3dEF+rttfBwisH6CV4XbXXZc 22 | t/cNP+MPK2sXevCK2w8Xbt9nHeI/MXZoUW3WNGFwlRNlmQxCIoI0hnge9Gyb0WcT 23 | ciHvhm8WtUQI1Ff3DLDgcQZQ1oOhci+ocBJVhC9l9lDCOpu93coyM7PD4CbVTFxf 24 | nPnOy81525W6ya0nmZOKafG20bdc+T1LqMXM+uR5hBHsg9K6UbREHEoP3pLYW7zg 25 | 0Aw= 26 | -----END CERTIFICATE----- 27 | -------------------------------------------------------------------------------- /tests/data/server.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIJKAIBAAKCAgEA6ojtjfDmvyQP1ZkIwBpr97eKDuebvpoglRHRdvVuTpf/gU1V 3 | ArAQmwGh05i6lm8TkVl1noMlIxLJDcWslaeVn6KyvsX0HhsQtXwqPqwka5UCv6al 4 | wf/ivAvcNpcX1j0t/uIGCI4dSiKnzQCyf0FTirzQkjrDZUd3meDhNQTruCalGV4g 5 | fNWIq3e1oGuwAn1tLlu9oTrE4HzMpgbNEU6wNmsSqpwGxUhYLoSaM7b0dLmqP+Zc 6 | zSS0Uac0PFNkehGQ2CYIT80f580o4XGtoLCUUGkp6YCTL4Z2CeBEaJABWjDIDH+d 7 | KYIUBqUpz4Th12gXAP+h+3qI6+9eppeHrfrzARDsfLjwUNxQJse1QSArjAytf0FK 8 | tGHrORc7W0TiCFvR0zaoUNLTKk7enTiRQ9rfWZOAu44fUvPCaXDE6zXXeaVgoKCo 9 | 4VHlho36erUcjlEBM+jk28IykbZGtBb6igKvYa1tPSgeYm/zJoFVjQcnr14uci/f 10 | t1+Na+hOIEoEEiKxcAPk2b2vBKNlRIW7WLJ3u7ZiuQEJTNm6+3cE4+lfwaBCBqBT 11 | oE+dpzvoUXoMyFFReUFd1O5axu4fXgt00jMaOQxmE0v9OmR/pL/PWIflVF4Zz5yV 12 | ONYaDVc7l+veY0oEZruEPJ0hlEgxuCzLrcMhjufl2qE2Q7fQIaav/1NqBVkCAwEA 13 | AQKCAgAeRZw75Oszoqj0jfMmMILdD3Cfad+dY3FvLESYESeyt0XAX8XoOed6ymQj 14 | 1qPGxQGGkkBvPEgv1b3jrC8Rhfb3Ct39Z7mRpTar5iHhwwBUboBTUmQ0vR173iAH 15 | X8sw2Oa17mCO/CDlr8Fu4Xcom7r3vlVBepo72VSjpPYMjN0MANjwhEi3NCyWzTXB 16 | RgUK3TuZbzfzto0w2Irlpx0S7dAqxfk70jXBgwv2vSDWKfg1lL1X0BkMVX98xpMk 17 | cjMW2muSqp4KBtTma4GqT6z0f7Y1Bs3lGLZmvPlBXxQVVvkFtiQsENCtSd/h17Gk 18 | 2mb4EbReaaBzwCYqJdRWtlpJ54kzy8U00co+Yn//ZS7sbbIDkqHPnXkpdIr+0rED 19 | MlOw2Y3vRZCxqZFqfWCW0uzhwKqk2VoYqtDL+ORKG/aG/KTBQ4Y71Uh+7aabPwj5 20 | R+NaVMjbqmrVeH70eKjoNVgcNYY1C9rGVF1d+LQEm7UsqS0DPp4wN9QKLAqIfuar 21 | AhQBhZy1R7Sj1r5macD9DsGxsurM4mHZV0LNmYLZiFHjTUb6iRSPD5RBFW80vcNt 22 | xZ0cxmkLtxrj/DVyExV11Cl0SbZLLa9mScYvxdl/qZutXt3PQyab0NiYxGzCD2Rn 23 | LkCyxkh1vuHHjhvIWYfbd2VgZB/qGr+o9T07FGfMCu23//fugQKCAQEA9UH38glH 24 | /rAjZ431sv6ryUEFY8I2FyLTijtvoj9CNGcQn8vJQAHvUPfMdyqDoum6wgcTmG+U 25 | XA6mZzpGQCiY8JW5CoItgXRoYgNzpvVVe2aLf51QGtNLLEFpNDMpCtI+I+COpAmG 26 | vWAukku0pZfRjm9eb1ydvTpHlFC9+VhVUsLzw3VtSC5PVW6r65mZcYcB6SFVPap+ 27 | 31ENP/9jOMFoymh57lSMZJMxTEA5b0l2miFb9Rp906Zqiud5zv2jIqF6gL70giW3 28 | ovVxR7LGKKTKIa9pxawHwB6Ithygs7YoJkjF2dm8pZTMZKsQN92K70XGj07SmYRL 29 | ZpkVD7i+cqbbKQKCAQEA9M6580Rcw6W0twfcy0/iB4U5ZS52EcCjW8vHlL+MpUo7 30 | YvXadSgV1ZaM28zW/ZGk3wE0zy1YT5s30SQkm0NiWN3t/J0l19ccAOxlPWfjhF7v 31 | IQZr7XMo5HeaK0Ak5+68J6bx6KgcXmlJOup7INaE8DyGXB6vd4K6957IXyqs3/bf 32 | JAUmz49hnveCfLFdTVVT/Uq4IoPKfQSbSZc0BvPBsnBCF164l4jllGBaWS302dhg 33 | W4cgxzG0SZGgNwow4AhB+ygiiS8yvOa7UcHfUObVrzWeeq9mYSQ1PkvUTjkWR2/Y 34 | 8xy7WP0TRBdJOVSs90H51lerEDGNQWvQvI97S9ZOsQKCAQB59u9lpuXtqwxAQCFy 35 | fSFSuQoEHR2nDcOjF4GhbtHum15yCPaw5QVs/33nuPWze4ZLXReKk9p0mTh5V0p+ 36 | N3IvGlXl+uzEVu5d55eI7LIw5sLymHmwjWjxvimiMtrzLbCHSPHGc5JU9NLUH9/b 37 | BY/JxGpy+NzcsHHOOQTwTdRIjviIOAo7fgQn2RyX0k+zXE8/7zqjqvji9zyemdNu 38 | 8we4uJICSntyvJwkbj/hrufTKEnBrwXpzfVn1EsH+6w32ZPBGLUhT75txJ8r56SR 39 | q7l1XPU9vxovmT+lSMFF/Y0j1MbHWnds5H1shoFPNtYTvWBL/gfPHjIc+H23zsiu 40 | 3XlZAoIBAC2xB/Pnpoi9vOUMiqFH36AXtYa1DURy+AqCFlYlClMvb7YgvQ1w1eJv 41 | nwrHSLk7HdKhnwGsLPduuRRH8q0n/osnoOutSQroE0n41UyIv2ZNccRwNmSzQcai 42 | rBu2dSz02hlsh2otNl5IuGpOqXyPjXBpW4qGD6n2tH7THALnLC0BHtTSQVQsJsRM 43 | 3gX39LoiWvLDp2qJvplm6rTpi8Rgap6rZSqHe1yNKIxxD2vlr/WY9SMgLXYASO4S 44 | SBz9wfGOmQIPk6KXNJkdV4kC7nNjIi75iwLLCgjHgUiHTrDq5sWekpeNnUoWsinb 45 | Tsdsjnv3zHG9GyiClyLGxMbs4M5eyYECggEBAKuC8ZMpdIrjk6tERYB6g0LnQ7mW 46 | 8XYbDFAmLYMLs9yfG2jcjVbsW9Kugsr+3poUUv/q+hNO3jfY4HazhZDa0MalgNPo 47 | Swr/VNRnkck40x2ovFb989J7yl++zTrnIrax9XRH1V0cNu+Kj7OMwZ2RRfbNv5JB 48 | dOZPvkfqyIKFmbQgYbtD66rHuzNOfJpzqr/WVLO57/zzW8245NKG2B6B0oXkei/K 49 | qDY0DAbHR3i3EOj1NPtVI1FC/xX8R9BREaid458bqoHJKuInrGcBjaUI9Cvymv8T 50 | bstUgD6NPbJR4Sm6vrLeUqzjWZP3t1+Z6DjXmnpR2vvhMU/FWb//21p/88o= 51 | -----END RSA PRIVATE KEY----- 52 | -------------------------------------------------------------------------------- /tests/data/serverca.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpgIBAAKCAQEAyMrKraqraFGklO2itRIEWxfuzWo1IwxZ22aJmeXDLeomt689 3 | 3NXelMLaC3swQ+hu49JjiIY81DXvbVgmIgLm7cAz5tHTHuJbfdI4Q6gyic4aOpy2 4 | s3s1/vYz+1TvEUFCiPXEsJrH72he/z9nBxL8vY6Eg8U8EG8NvKp9zyCKA7vmNSgQ 5 | OtuyF18fesYHAnvQjNXO5q6diPXdHOr2bjTRUvARGbWlv4Rvf81RwUkRsWoF/0pg 6 | lV/TxnW2MoHnn3apxb/kmH92CQ+GWKxq5SkhvbkYePlA87kgKnDtXl4wEXIhYwM5 7 | 1kafRhhlAKN+qYeV9teBqGpjsZRYesrh3mXHlQIDAQABAoIBAQC0eeI2usKaX1fJ 8 | LNckXW9g2WAhbicYu49ArydbFrOaX24xh+fYyLrph0IpM66sOw0A5SflnJKsQ1ZT 9 | N/n+dBFQ/YMpIsvaZKbLrto3pcTXLFNS/20QYdyksHMEotDG95twM0d5XYX74BoS 10 | 3tAiAaT+VE0zi2Jzev4j6DJwq9ShiPclZFcpAbyVqi77ruJLID0j+lxLEOsTpN9h 11 | Y/36CMwfAVe8OwiBl8vOAjEf3ssNz0iesEIB/Rx0rmg0dNquuYvJmF7pJNdQNq7Q 12 | 5fOM5Ww0iwqb8lzIU9fkMwFhljcxtc51nrr6mg8kKT1A0cDu4dJuYa6Od+IkW0nP 13 | ozE7JDo5AoGBAPgfEwtsr/w5OFDtwiO+9wRxug+M6zuczeYIvK/FtDSghnZv18MK 14 | HZJx6omApdgqF10ya5VuZg6VGBCO7DF20wORWriI7zPXIY0QBIw5zzEnMpw/wW6J 15 | GSQ3KBBgVJKiSsv0pmf7h+pt2Tz/leh4bIgV7gryYyy2x+M0S5qk30EjAoGBAM8q 16 | /PdTwpE8AKEr5LgQvSUpSXKl2tLewyK6XL7FMNIQxe8frlIeF+jgPsNFlWaVl+e6 17 | qDksEqlltn2rmBRYVsSWFytpOHyVAfFtoJw1Qpa7bx3cYqA+jgIw3Lrva3AdircW 18 | DG9sLjk4V3y5FJogXuNbeYj/exUq4CTzRwMoXIvnAoGBAOyHWvVaIA3WUkw7ywWe 19 | hwZSj+dBFAHZAiMXEyCQ3LAKkwQWrF1+qCAxvj5kSDTgMzOh3BMwkdO256DpTln9 20 | Bz1wdEZUK4uEurQpn9w5Q718u29eC7yerzvp5KRv4E+ErL7vMy8PBktBeoT+tN5O 21 | 5k94cFs5I7e9aqG5+ZSrNTR3AoGBAIln7djtiUNjFNfRkSY0k/+t3rVYJEdw0OSb 22 | zyAJElSCI4Zy8OAubZVcBsTlxi4AUny0ZRdmkAojGGNKCNiVrxc8pal5ZKnc+yjy 23 | mXCCMuRe9VhM8G1wkCgL2Jt0aUI3leXRjfXpPs9c+0oSSAPiLI2IAphHO4/SnFBl 24 | u1fw0VFJAoGBAK+yZBxqo3nJqYhhPyvNUyEkDZJnuhcc7mQJsPd4AbgmeN/3izbI 25 | 2Rvn1wzkqz5LoCvAWAg51gWJBO99XvuT/J0ob4w494NtUYJdSq8Bg7dkebhdaAXl 26 | lBXCI5kOmboHCaTsbJlXglxv7p6zkctU844p2Ki8XlkAbQTL+uQgZ6fE 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /tests/data/serverca.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDnDCCAoSgAwIBAgIJAIjf7UNx4uabMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNV 3 | BAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQHDARCcm5vMQ8wDQYD 4 | VQQKDAZDRVNORVQxDDAKBgNVBAsMA1RNQzERMA8GA1UEAwwIc2VydmVyY2EwHhcN 5 | MTgxMTA1MDcyNjM5WhcNMjgxMTAyMDcyNjM5WjBjMQswCQYDVQQGEwJDWjETMBEG 6 | A1UECAwKU29tZS1TdGF0ZTENMAsGA1UEBwwEQnJubzEPMA0GA1UECgwGQ0VTTkVU 7 | MQwwCgYDVQQLDANUTUMxETAPBgNVBAMMCHNlcnZlcmNhMIIBIjANBgkqhkiG9w0B 8 | AQEFAAOCAQ8AMIIBCgKCAQEAyMrKraqraFGklO2itRIEWxfuzWo1IwxZ22aJmeXD 9 | Leomt6893NXelMLaC3swQ+hu49JjiIY81DXvbVgmIgLm7cAz5tHTHuJbfdI4Q6gy 10 | ic4aOpy2s3s1/vYz+1TvEUFCiPXEsJrH72he/z9nBxL8vY6Eg8U8EG8NvKp9zyCK 11 | A7vmNSgQOtuyF18fesYHAnvQjNXO5q6diPXdHOr2bjTRUvARGbWlv4Rvf81RwUkR 12 | sWoF/0pglV/TxnW2MoHnn3apxb/kmH92CQ+GWKxq5SkhvbkYePlA87kgKnDtXl4w 13 | EXIhYwM51kafRhhlAKN+qYeV9teBqGpjsZRYesrh3mXHlQIDAQABo1MwUTAdBgNV 14 | HQ4EFgQU60nJ4q3ItcfaOOBjJSqadAPiMg8wHwYDVR0jBBgwFoAU60nJ4q3Itcfa 15 | OOBjJSqadAPiMg8wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEA 16 | xIqIQ5SCXnKslZfrXiAEbB5dglxVOSa8me5a/70uHK/27JZ6veeIgRqZ4VgPHnBC 17 | a3m6EHr+mnTjjqSUcGIUiKV3g2Dumw8paqZC+Qv+Ib/NKquS1lO2Ry1wHBtXzn5K 18 | KHHyM1bWMDaDszirw2+pp22VdRrPZNA9NWXheEDYOLyQekyL2CfidhxhaXvUZyWg 19 | alLyF2XRZ5/jAT+NjfWw39EmWPUGk13Jm83OaFc1VdrXNCiD0sGCQ+BTCllDinQv 20 | R08yzd4fzA3YXthvX1dBu1SvqQAGOS7gssRCyv9uWI6MXta25X91eY1ZMz1euJ04 21 | mB8EdyYiZc0kzrb9dv5d0g== 22 | -----END CERTIFICATE----- 23 | -------------------------------------------------------------------------------- /tests/library_lsan.supp: -------------------------------------------------------------------------------- 1 | leak:libpam.so 2 | -------------------------------------------------------------------------------- /tests/library_valgrind.supp: -------------------------------------------------------------------------------- 1 | { 2 | ld 3 | Memcheck:Leak 4 | match-leak-kinds: reachable 5 | fun:calloc 6 | fun:_dlerror_run 7 | fun:dlopen@@GLIBC_2.2.5 8 | fun:lyext_load_plugins 9 | fun:ly_ctx_new 10 | } 11 | { 12 | CI:test_pam:__wrap_pam_start 13 | Memcheck:Leak 14 | match-leak-kinds: definite 15 | fun:malloc 16 | ... 17 | fun:ln2_glob_test_server_thread 18 | fun:ln2_glob_test_server_thread 19 | } 20 | { 21 | test_pam:__wrap_pam_start 22 | Memcheck:Leak 23 | match-leak-kinds: definite 24 | fun:malloc 25 | ... 26 | fun:ln2_glob_test_server_thread 27 | } 28 | -------------------------------------------------------------------------------- /tests/ln2_test.c: -------------------------------------------------------------------------------- 1 | /** 2 | * @file ln2_test.c 3 | * @author Roman Janota 4 | * @brief base source for libnetconf2 testing 5 | * 6 | * @copyright 7 | * Copyright (c) 2024 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #define _GNU_SOURCE 17 | 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | 25 | #include "ln2_test.h" 26 | 27 | int 28 | ln2_glob_test_get_ports(int port_count, ...) 29 | { 30 | va_list ap; 31 | int i, ret = 0, *port_ptr; 32 | const char **port_str_ptr, *env; 33 | char *env_name = NULL; 34 | 35 | va_start(ap, port_count); 36 | 37 | for (i = 0; i < port_count; i++) { 38 | port_ptr = va_arg(ap, int *); 39 | port_str_ptr = va_arg(ap, const char **); 40 | 41 | if (asprintf(&env_name, "TEST_PORT_%d", i) == -1) { 42 | ret = 1; 43 | goto cleanup; 44 | } 45 | 46 | /* try to get the env variable, which is set by CTest */ 47 | env = getenv(env_name); 48 | free(env_name); 49 | if (!env) { 50 | /* the default value will be used instead */ 51 | continue; 52 | } 53 | 54 | *port_ptr = atoi(env); 55 | *port_str_ptr = env; 56 | } 57 | 58 | cleanup: 59 | va_end(ap); 60 | return ret; 61 | } 62 | 63 | void * 64 | ln2_glob_test_server_thread(void *arg) 65 | { 66 | int ret; 67 | NC_MSG_TYPE msgtype; 68 | struct nc_session *session = NULL; 69 | struct nc_pollsession *ps = NULL; 70 | struct ln2_test_ctx *test_ctx = arg; 71 | 72 | ps = nc_ps_new(); 73 | assert(ps); 74 | 75 | /* wait for the client to be ready to connect */ 76 | pthread_barrier_wait(&test_ctx->barrier); 77 | 78 | /* accept a session and add it to the poll session structure */ 79 | msgtype = nc_accept(NC_ACCEPT_TIMEOUT, test_ctx->ctx, &session); 80 | if (msgtype != NC_MSG_HELLO) { 81 | SETUP_FAIL_LOG; 82 | nc_ps_free(ps); 83 | return NULL; 84 | } 85 | 86 | ret = nc_ps_add_session(ps, session); 87 | assert(!ret); 88 | 89 | /* poll until the session is terminated by the client */ 90 | do { 91 | ret = nc_ps_poll(ps, NC_PS_POLL_TIMEOUT, NULL); 92 | assert(ret & NC_PSPOLL_RPC); 93 | } while (!(ret & NC_PSPOLL_SESSION_TERM)); 94 | 95 | nc_ps_clear(ps, 1, NULL); 96 | nc_ps_free(ps); 97 | return NULL; 98 | } 99 | 100 | int 101 | ln2_glob_test_setup(struct ln2_test_ctx **test_ctx) 102 | { 103 | int ret; 104 | 105 | *test_ctx = calloc(1, sizeof **test_ctx); 106 | if (!*test_ctx) { 107 | SETUP_FAIL_LOG; 108 | ret = 1; 109 | goto cleanup; 110 | } 111 | 112 | /* set verbosity */ 113 | nc_verbosity(NC_VERB_VERBOSE); 114 | 115 | /* initialize server */ 116 | ret = nc_server_init(); 117 | if (ret) { 118 | SETUP_FAIL_LOG; 119 | goto cleanup; 120 | } 121 | 122 | /* initialize client */ 123 | ret = nc_client_init(); 124 | if (ret) { 125 | SETUP_FAIL_LOG; 126 | goto cleanup; 127 | } 128 | 129 | /* init barrier */ 130 | ret = pthread_barrier_init(&(*test_ctx)->barrier, NULL, 2); 131 | if (ret) { 132 | SETUP_FAIL_LOG; 133 | goto cleanup; 134 | } 135 | 136 | /* create libyang context */ 137 | ret = ly_ctx_new(MODULES_DIR, 0, &(*test_ctx)->ctx); 138 | if (ret) { 139 | SETUP_FAIL_LOG; 140 | goto cleanup; 141 | } 142 | 143 | /* load default yang modules */ 144 | ret = nc_server_init_ctx(&(*test_ctx)->ctx); 145 | if (ret) { 146 | SETUP_FAIL_LOG; 147 | goto cleanup; 148 | } 149 | ret = nc_server_config_load_modules(&(*test_ctx)->ctx); 150 | if (ret) { 151 | SETUP_FAIL_LOG; 152 | goto cleanup; 153 | } 154 | 155 | cleanup: 156 | return ret; 157 | } 158 | 159 | int 160 | ln2_glob_test_teardown(void **state) 161 | { 162 | struct ln2_test_ctx *test_ctx = *state; 163 | 164 | nc_client_destroy(); 165 | nc_server_destroy(); 166 | 167 | if (test_ctx->free_test_data) { 168 | test_ctx->free_test_data(test_ctx->test_data); 169 | } 170 | 171 | pthread_barrier_destroy(&test_ctx->barrier); 172 | ly_ctx_destroy(test_ctx->ctx); 173 | free(test_ctx); 174 | 175 | return 0; 176 | } 177 | 178 | void 179 | ln2_glob_test_free_test_data(void *test_data) 180 | { 181 | free(test_data); 182 | } 183 | -------------------------------------------------------------------------------- /tests/ln2_test.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file ln2_test.h 3 | * @author Roman Janota 4 | * @brief base header for libnetconf2 testing 5 | * 6 | * @copyright 7 | * Copyright (c) 2024 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #ifndef _LN2_TEST_H_ 17 | #define _LN2_TEST_H_ 18 | 19 | #include 20 | #include 21 | 22 | #include "tests/config.h" 23 | 24 | #define NC_ACCEPT_TIMEOUT 2000 25 | #define NC_PS_POLL_TIMEOUT 2000 26 | 27 | #define SETUP_FAIL_LOG \ 28 | fprintf(stderr, "Setup fail in %s:%d.\n", __FILE__, __LINE__) 29 | 30 | /** 31 | * @brief Test context used for sharing data between the test and the server/client threads. 32 | */ 33 | struct ln2_test_ctx { 34 | pthread_barrier_t barrier; /**< Barrier for synchronizing the client and the server. */ 35 | struct ly_ctx *ctx; /**< libyang context. */ 36 | void *test_data; /**< Arbitrary test data. */ 37 | void (*free_test_data)(void *); /**< Callback for freeing the test data. */ 38 | }; 39 | 40 | /** 41 | * @brief Try to obtain ports from the TEST_PORT_X environment variables. 42 | * 43 | * @param[in] port_count Number of ports needed by the test. 44 | * @param[in] ... @p port_count number of (int *, const char **) pairs, which will be filled with the port numbers. 45 | * @return 0 on success, 1 on error. 46 | */ 47 | int ln2_glob_test_get_ports(int port_count, ...); 48 | 49 | /** 50 | * @brief Default server thread for the tests. 51 | * 52 | * @param[in] arg Test context. 53 | * @return NULL. 54 | */ 55 | void * ln2_glob_test_server_thread(void *arg); 56 | 57 | /** 58 | * @brief Default setup of the test context (init server, client, libyang context and a barrier). 59 | * 60 | * @param[out] test_ctx Test context. 61 | * @return 0 on success, non-zero on error. 62 | */ 63 | int ln2_glob_test_setup(struct ln2_test_ctx **test_ctx); 64 | 65 | /** 66 | * @brief Default teardown of the test context (destroy server, client, test data, libyang context and a barrier). 67 | * 68 | * @param[in] state Test context. 69 | * @return 0. 70 | */ 71 | int ln2_glob_test_teardown(void **state); 72 | 73 | /** 74 | * @brief Default callback for freeing test data. 75 | * 76 | * @param[in] test_data Test data. 77 | */ 78 | void ln2_glob_test_free_test_data(void *test_data); 79 | 80 | #endif 81 | -------------------------------------------------------------------------------- /tests/test_client_monitoring.c: -------------------------------------------------------------------------------- 1 | /** 2 | * @file test_client_monitoring.c 3 | * @author Roman Janota 4 | * @brief libnetconf2 client monitoring thread test 5 | * 6 | * @copyright 7 | * Copyright (c) 2024 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #define _GNU_SOURCE 17 | 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | 26 | #include 27 | 28 | #include "ln2_test.h" 29 | #include "session_p.h" 30 | 31 | #include 32 | 33 | int TEST_PORT = 10050; 34 | const char *TEST_PORT_STR = "10050"; 35 | 36 | void 37 | monitoring_clb(struct nc_session *sess, void *user_data) 38 | { 39 | pthread_barrier_t *barrier = user_data; 40 | 41 | /* signal the main thread that the monitoring callback was called */ 42 | pthread_barrier_wait(barrier); 43 | printf("Session with ID %d disconnected by the server.\n", nc_session_get_id(sess)); 44 | nc_session_free(sess, NULL); 45 | } 46 | 47 | static void * 48 | client_thread(void *arg) 49 | { 50 | int ret; 51 | struct nc_session *session = NULL; 52 | struct ln2_test_ctx *test_ctx = arg; 53 | pthread_barrier_t monitoring_barrier; 54 | 55 | /* initialize the barrier */ 56 | ret = pthread_barrier_init(&monitoring_barrier, NULL, 2); 57 | assert_int_equal(ret, 0); 58 | 59 | /* start the monitoring thread */ 60 | ret = nc_client_monitoring_thread_start(monitoring_clb, &monitoring_barrier, NULL); 61 | assert_int_equal(ret, 0); 62 | 63 | /* skip all hostkey and known_hosts checks */ 64 | nc_client_ssh_set_knownhosts_mode(NC_SSH_KNOWNHOSTS_SKIP); 65 | 66 | /* set the search path for the schemas */ 67 | ret = nc_client_set_schema_searchpath(MODULES_DIR); 68 | assert_int_equal(ret, 0); 69 | 70 | /* set the client's username */ 71 | ret = nc_client_ssh_set_username("test_client_monitoring"); 72 | assert_int_equal(ret, 0); 73 | 74 | /* add the client's key pair */ 75 | ret = nc_client_ssh_add_keypair(TESTS_DIR "/data/key_rsa.pub", TESTS_DIR "/data/key_rsa"); 76 | assert_int_equal(ret, 0); 77 | 78 | /* wait for the server to be ready and connect */ 79 | pthread_barrier_wait(&test_ctx->barrier); 80 | session = nc_connect_ssh("127.0.0.1", TEST_PORT, NULL); 81 | assert_non_null(session); 82 | 83 | /* wait for the monitoring thread callback to be called */ 84 | pthread_barrier_wait(&monitoring_barrier); 85 | 86 | /* stop the monitoring thread */ 87 | nc_client_monitoring_thread_stop(); 88 | 89 | pthread_barrier_destroy(&monitoring_barrier); 90 | return NULL; 91 | } 92 | 93 | void * 94 | server_thread(void *arg) 95 | { 96 | int ret; 97 | NC_MSG_TYPE msgtype; 98 | struct nc_session *session = NULL; 99 | struct nc_pollsession *ps = NULL; 100 | struct ln2_test_ctx *test_ctx = arg; 101 | int fd; 102 | struct linger ling = {1, 0}; 103 | 104 | ps = nc_ps_new(); 105 | assert_non_null(ps); 106 | 107 | /* wait for the client to be ready to connect */ 108 | pthread_barrier_wait(&test_ctx->barrier); 109 | 110 | /* accept a session and add it to the poll session structure */ 111 | msgtype = nc_accept(NC_ACCEPT_TIMEOUT, test_ctx->ctx, &session); 112 | assert_int_equal(msgtype, NC_MSG_HELLO); 113 | 114 | /* get the session's fd */ 115 | fd = ssh_get_fd(session->ti.libssh.session); 116 | assert_int_not_equal(fd, -1); 117 | 118 | /* set the socket to close immediately */ 119 | ret = setsockopt(fd, SOL_SOCKET, SO_LINGER, &ling, sizeof(ling)); 120 | assert_int_equal(ret, 0); 121 | 122 | /* add the session to the poll session */ 123 | ret = nc_ps_add_session(ps, session); 124 | assert_int_equal(ret, 0); 125 | 126 | /* poll until the client stops sending messages */ 127 | do { 128 | ret = nc_ps_poll(ps, NC_PS_POLL_TIMEOUT, NULL); 129 | } while ((ret & NC_PSPOLL_RPC)); 130 | 131 | /* free the session (it will close the socket -> client needs to detect this) */ 132 | nc_ps_clear(ps, 1, NULL); 133 | nc_ps_free(ps); 134 | return NULL; 135 | } 136 | 137 | static void 138 | test_nc_client_monitoring(void **state) 139 | { 140 | int ret, i; 141 | pthread_t tids[2]; 142 | 143 | ret = pthread_create(&tids[0], NULL, client_thread, *state); 144 | assert_int_equal(ret, 0); 145 | ret = pthread_create(&tids[1], NULL, server_thread, *state); 146 | assert_int_equal(ret, 0); 147 | 148 | for (i = 0; i < 2; i++) { 149 | pthread_join(tids[i], NULL); 150 | } 151 | } 152 | 153 | static int 154 | setup(void **state) 155 | { 156 | int ret; 157 | struct lyd_node *tree = NULL; 158 | struct ln2_test_ctx *test_ctx; 159 | 160 | /* global setup */ 161 | ret = ln2_glob_test_setup(&test_ctx); 162 | assert_int_equal(ret, 0); 163 | 164 | *state = test_ctx; 165 | 166 | /* add endpoint */ 167 | ret = nc_server_config_add_address_port(test_ctx->ctx, "endpt", NC_TI_SSH, "127.0.0.1", TEST_PORT, &tree); 168 | assert_int_equal(ret, 0); 169 | 170 | /* add hostkey */ 171 | ret = nc_server_config_add_ssh_hostkey(test_ctx->ctx, "endpt", "hostkey", TESTS_DIR "/data/key_ecdsa", NULL, &tree); 172 | assert_int_equal(ret, 0); 173 | 174 | /* add the test client */ 175 | ret = nc_server_config_add_ssh_user_pubkey(test_ctx->ctx, "endpt", "test_client_monitoring", "pubkey", TESTS_DIR "/data/key_rsa.pub", &tree); 176 | assert_int_equal(ret, 0); 177 | 178 | /* configure the server based on the data */ 179 | ret = nc_server_config_setup_data(tree); 180 | assert_int_equal(ret, 0); 181 | 182 | lyd_free_all(tree); 183 | 184 | return 0; 185 | } 186 | 187 | int 188 | main(void) 189 | { 190 | const struct CMUnitTest tests[] = { 191 | cmocka_unit_test_setup_teardown(test_nc_client_monitoring, setup, ln2_glob_test_teardown) 192 | }; 193 | 194 | /* try to get ports from the environment, otherwise use the default */ 195 | if (ln2_glob_test_get_ports(1, &TEST_PORT, &TEST_PORT_STR)) { 196 | return 1; 197 | } 198 | 199 | setenv("CMOCKA_TEST_ABORT", "1", 1); 200 | return cmocka_run_group_tests(tests, NULL, NULL); 201 | } 202 | -------------------------------------------------------------------------------- /tests/test_client_thread.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file test_client_thread.c 3 | * \author Radek Krejci 4 | * \brief libnetconf2 tests - threads functions in client 5 | * 6 | * Copyright (c) 2017 CESNET, z.s.p.o. 7 | * 8 | * This source code is licensed under BSD 3-Clause License (the "License"). 9 | * You may not use this file except in compliance with the License. 10 | * You may obtain a copy of the License at 11 | * 12 | * https://opensource.org/licenses/BSD-3-Clause 13 | */ 14 | 15 | #define _GNU_SOURCE 16 | 17 | #include 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | 25 | #include 26 | 27 | #include "ln2_test.h" 28 | 29 | #define nc_assert(cond) if (!(cond)) { fprintf(stderr, "assert failed (%s:%d)\n", __FILE__, __LINE__); exit(1); } 30 | 31 | static void * 32 | thread(void *arg) 33 | { 34 | /* default search path is NULL */ 35 | nc_assert(nc_client_get_schema_searchpath() == NULL); 36 | 37 | /* use the context shared from the main thread */ 38 | nc_client_set_thread_context(arg); 39 | 40 | /* check that we have now the search path set in main thread */ 41 | nc_assert(strcmp(nc_client_get_schema_searchpath(), "/tmp") == 0); 42 | /* and change it to check it later in main thread */ 43 | nc_assert(nc_client_set_schema_searchpath("/etc") == 0) 44 | 45 | return NULL; 46 | } 47 | 48 | int 49 | main(void) 50 | { 51 | void *arg; 52 | pthread_t t; 53 | int r; 54 | 55 | /* 56 | * TEST sharing the thread context 57 | */ 58 | nc_assert(nc_client_set_schema_searchpath("/tmp") == 0) 59 | 60 | /* get the context for sharing */ 61 | arg = nc_client_get_thread_context(); 62 | 63 | /* create new thread and provide the context */ 64 | r = pthread_create(&t, NULL, &thread, arg); 65 | nc_assert(r == 0); 66 | 67 | pthread_join(t, NULL); 68 | 69 | /* check the changed search path value from the thread */ 70 | nc_assert(strcmp(nc_client_get_schema_searchpath(), "/etc") == 0); 71 | 72 | /* cleanup */ 73 | nc_client_destroy(); 74 | 75 | return EXIT_SUCCESS; 76 | } 77 | -------------------------------------------------------------------------------- /tests/test_io.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file test_io.c 3 | * \author Radek Krejci 4 | * \brief libnetconf2 tests - input/output functions 5 | * 6 | * Copyright (c) 2015 CESNET, z.s.p.o. 7 | * 8 | * This source code is licensed under BSD 3-Clause License (the "License"). 9 | * You may not use this file except in compliance with the License. 10 | * You may obtain a copy of the License at 11 | * 12 | * https://opensource.org/licenses/BSD-3-Clause 13 | */ 14 | 15 | #define _GNU_SOURCE 16 | 17 | #include 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | #include 26 | #include 27 | #include 28 | 29 | #include 30 | #include 31 | 32 | #include 33 | #include 34 | 35 | #include "ln2_test.h" 36 | 37 | struct wr { 38 | struct nc_session *session; 39 | struct nc_rpc *rpc; 40 | }; 41 | 42 | static int 43 | setup_write(void **state) 44 | { 45 | (void) state; /* unused */ 46 | int fd, pipes[2]; 47 | struct wr *w; 48 | 49 | w = malloc(sizeof *w); 50 | w->session = calloc(1, sizeof *w->session); 51 | ly_ctx_new(TESTS_DIR "/data/modules", 0, &w->session->ctx); 52 | 53 | /* ietf-netconf */ 54 | fd = open(TESTS_DIR "/data/modules/ietf-netconf.yin", O_RDONLY); 55 | if (fd == -1) { 56 | free(w->session); 57 | free(w); 58 | return -1; 59 | } 60 | 61 | lys_parse_fd(w->session->ctx, fd, LYS_IN_YIN, NULL); 62 | close(fd); 63 | 64 | assert_return_code(pipe(pipes), errno); 65 | 66 | w->session->status = NC_STATUS_RUNNING; 67 | w->session->version = NC_VERSION_10; 68 | w->session->opts.client.msgid = 999; 69 | w->session->ti_type = NC_TI_FD; 70 | w->session->io_lock = malloc(sizeof *w->session->io_lock); 71 | pthread_mutex_init(w->session->io_lock, NULL); 72 | w->session->ti.fd.in = pipes[0]; 73 | w->session->ti.fd.out = pipes[1]; 74 | 75 | /* get rpc to write */ 76 | w->rpc = nc_rpc_lock(NC_DATASTORE_RUNNING); 77 | assert_non_null(w->rpc); 78 | 79 | *state = w; 80 | 81 | return 0; 82 | } 83 | 84 | static int 85 | teardown_write(void **state) 86 | { 87 | struct wr *w = (struct wr *)*state; 88 | 89 | nc_rpc_free(w->rpc); 90 | close(w->session->ti.fd.in); 91 | w->session->ti.fd.in = -1; 92 | close(w->session->ti.fd.out); 93 | w->session->ti.fd.out = -1; 94 | nc_session_free(w->session, NULL); 95 | free(w); 96 | *state = NULL; 97 | 98 | return 0; 99 | } 100 | 101 | static void 102 | test_write_rpc(void **state) 103 | { 104 | struct wr *w = (struct wr *)*state; 105 | uint64_t msgid; 106 | NC_MSG_TYPE type; 107 | 108 | w->session->side = NC_CLIENT; 109 | 110 | do { 111 | type = nc_send_rpc(w->session, w->rpc, 1000, &msgid); 112 | } while (type == NC_MSG_WOULDBLOCK); 113 | 114 | assert_int_equal(type, NC_MSG_RPC); 115 | 116 | assert_int_equal(write(w->session->ti.fd.out, "\n", 1), 1); 117 | } 118 | 119 | static void 120 | test_write_rpc_10(void **state) 121 | { 122 | struct wr *w = (struct wr *)*state; 123 | 124 | w->session->version = NC_VERSION_10; 125 | 126 | return test_write_rpc(state); 127 | } 128 | 129 | static void 130 | test_write_rpc_11(void **state) 131 | { 132 | struct wr *w = (struct wr *)*state; 133 | 134 | w->session->version = NC_VERSION_11; 135 | 136 | return test_write_rpc(state); 137 | } 138 | 139 | static void 140 | test_write_rpc_bad(void **state) 141 | { 142 | struct wr *w = (struct wr *)*state; 143 | uint64_t msgid; 144 | NC_MSG_TYPE type; 145 | 146 | w->session->side = NC_SERVER; 147 | pthread_mutex_init(&w->session->opts.server.rpc_lock, NULL); 148 | pthread_cond_init(&w->session->opts.server.rpc_cond, NULL); 149 | w->session->opts.server.rpc_inuse = 0; 150 | 151 | do { 152 | type = nc_send_rpc(w->session, w->rpc, 1000, &msgid); 153 | } while (type == NC_MSG_WOULDBLOCK); 154 | 155 | assert_int_equal(type, NC_MSG_ERROR); 156 | } 157 | 158 | static void 159 | test_write_rpc_10_bad(void **state) 160 | { 161 | struct wr *w = (struct wr *)*state; 162 | 163 | w->session->version = NC_VERSION_10; 164 | 165 | return test_write_rpc_bad(state); 166 | } 167 | 168 | static void 169 | test_write_rpc_11_bad(void **state) 170 | { 171 | struct wr *w = (struct wr *)*state; 172 | 173 | w->session->version = NC_VERSION_11; 174 | 175 | return test_write_rpc_bad(state); 176 | } 177 | 178 | int 179 | main(void) 180 | { 181 | const struct CMUnitTest io[] = { 182 | cmocka_unit_test_setup_teardown(test_write_rpc_10, setup_write, teardown_write), 183 | cmocka_unit_test_setup_teardown(test_write_rpc_10_bad, setup_write, teardown_write), 184 | cmocka_unit_test_setup_teardown(test_write_rpc_11, setup_write, teardown_write), 185 | cmocka_unit_test_setup_teardown(test_write_rpc_11_bad, setup_write, teardown_write) 186 | }; 187 | 188 | return cmocka_run_group_tests(io, NULL, NULL); 189 | } 190 | -------------------------------------------------------------------------------- /tests/test_pam.c: -------------------------------------------------------------------------------- 1 | /** 2 | * @file test_pam.c 3 | * @author Roman Janota 4 | * @brief libnetconf2 SSH Keyboard Interactive auth using PAM test 5 | * 6 | * @copyright 7 | * Copyright (c) 2023 - 2024 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #define _GNU_SOURCE 17 | 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | 26 | #include 27 | 28 | #include 29 | 30 | #include "ln2_test.h" 31 | 32 | int TEST_PORT = 10050; 33 | const char *TEST_PORT_STR = "10050"; 34 | 35 | /* mock pam_start to just call pam_start_confdir instead */ 36 | int __real_pam_start(const char *service_name, const char *user, const struct pam_conv *pam_conversation, pam_handle_t **pamh); 37 | int 38 | __wrap_pam_start(const char *service_name, const char *user, const struct pam_conv *pam_conversation, pam_handle_t **pamh) 39 | { 40 | return pam_start_confdir(service_name, user, pam_conversation, BUILD_DIR "/tests", pamh); 41 | } 42 | 43 | static char * 44 | auth_interactive(const char *UNUSED(auth_name), const char *UNUSED(instruction), 45 | const char *prompt, int UNUSED(echo), void *UNUSED(priv)) 46 | { 47 | /* send the replies to keyboard-interactive authentication */ 48 | if (strstr(prompt, "backwards")) { 49 | return strdup("tset"); 50 | } else if (strstr(prompt, "1+1")) { 51 | return strdup("2"); 52 | } else { 53 | return NULL; 54 | } 55 | } 56 | 57 | static void * 58 | client_thread(void *arg) 59 | { 60 | int ret; 61 | struct nc_session *session = NULL; 62 | struct ln2_test_ctx *test_ctx = arg; 63 | 64 | /* skip all hostkey and known_hosts checks */ 65 | nc_client_ssh_set_knownhosts_mode(NC_SSH_KNOWNHOSTS_SKIP); 66 | 67 | ret = nc_client_set_schema_searchpath(MODULES_DIR); 68 | assert_int_equal(ret, 0); 69 | 70 | ret = nc_client_ssh_set_username("test"); 71 | assert_int_equal(ret, 0); 72 | 73 | /* set keyboard-interactive authentication callback */ 74 | nc_client_ssh_set_auth_interactive_clb(auth_interactive, NULL); 75 | 76 | pthread_barrier_wait(&test_ctx->barrier); 77 | session = nc_connect_ssh("127.0.0.1", TEST_PORT, NULL); 78 | assert_non_null(session); 79 | 80 | nc_session_free(session, NULL); 81 | return NULL; 82 | } 83 | 84 | static void 85 | test_nc_pam(void **state) 86 | { 87 | int ret, i; 88 | pthread_t tids[2]; 89 | 90 | assert_non_null(state); 91 | 92 | ret = pthread_create(&tids[0], NULL, client_thread, *state); 93 | assert_int_equal(ret, 0); 94 | ret = pthread_create(&tids[1], NULL, ln2_glob_test_server_thread, *state); 95 | assert_int_equal(ret, 0); 96 | 97 | for (i = 0; i < 2; i++) { 98 | pthread_join(tids[i], NULL); 99 | } 100 | } 101 | 102 | static int 103 | setup_f(void **state) 104 | { 105 | int ret; 106 | struct lyd_node *tree = NULL; 107 | struct ln2_test_ctx *test_ctx; 108 | 109 | ret = ln2_glob_test_setup(&test_ctx); 110 | assert_int_equal(ret, 0); 111 | 112 | *state = test_ctx; 113 | 114 | ret = nc_server_config_add_address_port(test_ctx->ctx, "endpt", NC_TI_SSH, "127.0.0.1", TEST_PORT, &tree); 115 | assert_int_equal(ret, 0); 116 | 117 | ret = nc_server_config_add_ssh_hostkey(test_ctx->ctx, "endpt", "hostkey", TESTS_DIR "/data/key_ecdsa", NULL, &tree); 118 | assert_int_equal(ret, 0); 119 | 120 | ret = nc_server_config_add_ssh_user_interactive(test_ctx->ctx, "endpt", "test", &tree); 121 | assert_int_equal(ret, 0); 122 | 123 | ret = nc_server_ssh_set_pam_conf_filename("netconf.conf"); 124 | assert_int_equal(ret, 0); 125 | 126 | /* configure the server based on the data */ 127 | ret = nc_server_config_setup_data(tree); 128 | assert_int_equal(ret, 0); 129 | 130 | lyd_free_all(tree); 131 | 132 | return 0; 133 | } 134 | 135 | int 136 | main(void) 137 | { 138 | const struct CMUnitTest tests[] = { 139 | cmocka_unit_test_setup_teardown(test_nc_pam, setup_f, ln2_glob_test_teardown) 140 | }; 141 | 142 | /* try to get ports from the environment, otherwise use the default */ 143 | if (ln2_glob_test_get_ports(1, &TEST_PORT, &TEST_PORT_STR)) { 144 | return 1; 145 | } 146 | 147 | setenv("CMOCKA_TEST_ABORT", "1", 1); 148 | return cmocka_run_group_tests(tests, NULL, NULL); 149 | } 150 | -------------------------------------------------------------------------------- /tests/test_replace.c: -------------------------------------------------------------------------------- 1 | /** 2 | * @file test_replace.c 3 | * @author Roman Janota 4 | * @brief libnetconf2 Non-diff YANG data configuration test 5 | * 6 | * @copyright 7 | * Copyright (c) 2023 - 2024 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #define _GNU_SOURCE 17 | 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | 26 | #include 27 | 28 | #include "ln2_test.h" 29 | 30 | int TEST_PORT = 10050; 31 | const char *TEST_PORT_STR = "10050"; 32 | 33 | static void * 34 | client_thread(void *arg) 35 | { 36 | int ret; 37 | struct nc_session *session = NULL; 38 | struct ln2_test_ctx *test_ctx = arg; 39 | 40 | /* skip all hostkey and known_hosts checks */ 41 | nc_client_ssh_set_knownhosts_mode(NC_SSH_KNOWNHOSTS_SKIP); 42 | 43 | /* set directory where to search for modules */ 44 | ret = nc_client_set_schema_searchpath(MODULES_DIR); 45 | assert_int_equal(ret, 0); 46 | 47 | /* set ssh username */ 48 | ret = nc_client_ssh_set_username("new_client"); 49 | assert_int_equal(ret, 0); 50 | 51 | /* add client's key pair */ 52 | ret = nc_client_ssh_add_keypair(TESTS_DIR "/data/key_rsa.pub", TESTS_DIR "/data/key_rsa"); 53 | assert_int_equal(ret, 0); 54 | 55 | /* wait for the server to reach polling */ 56 | pthread_barrier_wait(&test_ctx->barrier); 57 | 58 | /* connect */ 59 | session = nc_connect_ssh("127.0.0.1", TEST_PORT, NULL); 60 | assert_non_null(session); 61 | 62 | nc_session_free(session, NULL); 63 | return NULL; 64 | } 65 | 66 | static void 67 | nc_test_replace(void **state) 68 | { 69 | int ret, i; 70 | pthread_t tids[2]; 71 | 72 | assert_non_null(state); 73 | 74 | ret = pthread_create(&tids[0], NULL, client_thread, *state); 75 | assert_int_equal(ret, 0); 76 | ret = pthread_create(&tids[1], NULL, ln2_glob_test_server_thread, *state); 77 | assert_int_equal(ret, 0); 78 | 79 | for (i = 0; i < 2; i++) { 80 | pthread_join(tids[i], NULL); 81 | } 82 | } 83 | 84 | static int 85 | setup_f(void **state) 86 | { 87 | int ret; 88 | struct lyd_node *old_tree = NULL, *new_tree = NULL; 89 | struct ln2_test_ctx *test_ctx; 90 | 91 | ret = ln2_glob_test_setup(&test_ctx); 92 | assert_int_equal(ret, 0); 93 | 94 | *state = test_ctx; 95 | 96 | ret = nc_server_config_add_address_port(test_ctx->ctx, "old", NC_TI_SSH, "127.0.0.1", TEST_PORT, &old_tree); 97 | assert_int_equal(ret, 0); 98 | 99 | ret = nc_server_config_add_ssh_hostkey(test_ctx->ctx, "old", "old_key", TESTS_DIR "/data/key_rsa", NULL, &old_tree); 100 | assert_int_equal(ret, 0); 101 | 102 | ret = nc_server_config_add_ssh_user_password(test_ctx->ctx, "old", "old_client", "passwd", &old_tree); 103 | assert_int_equal(ret, 0); 104 | 105 | /* configure the server based on the yang data, treat them as if every node had replace operation */ 106 | ret = nc_server_config_setup_data(old_tree); 107 | assert_int_equal(ret, 0); 108 | 109 | ret = nc_server_config_add_address_port(test_ctx->ctx, "new", NC_TI_SSH, "127.0.0.1", TEST_PORT, &new_tree); 110 | assert_int_equal(ret, 0); 111 | 112 | ret = nc_server_config_add_ssh_hostkey(test_ctx->ctx, "new", "new_key", TESTS_DIR "/data/key_rsa", NULL, &new_tree); 113 | assert_int_equal(ret, 0); 114 | 115 | ret = nc_server_config_add_ssh_user_pubkey(test_ctx->ctx, "new", "new_client", "pubkey", TESTS_DIR "/data/key_rsa.pub", &new_tree); 116 | assert_int_equal(ret, 0); 117 | 118 | /* configure the server based on the yang data, meaning 119 | * everything configured will be deleted and only the new data applied 120 | */ 121 | ret = nc_server_config_setup_data(new_tree); 122 | assert_int_equal(ret, 0); 123 | 124 | lyd_free_all(old_tree); 125 | lyd_free_all(new_tree); 126 | 127 | return 0; 128 | } 129 | 130 | int 131 | main(void) 132 | { 133 | const struct CMUnitTest tests[] = { 134 | cmocka_unit_test_setup_teardown(nc_test_replace, setup_f, ln2_glob_test_teardown), 135 | }; 136 | 137 | /* try to get ports from the environment, otherwise use the default */ 138 | if (ln2_glob_test_get_ports(1, &TEST_PORT, &TEST_PORT_STR)) { 139 | return 1; 140 | } 141 | 142 | setenv("CMOCKA_TEST_ABORT", "1", 1); 143 | return cmocka_run_group_tests(tests, NULL, NULL); 144 | } 145 | -------------------------------------------------------------------------------- /tests/test_two_channels.c: -------------------------------------------------------------------------------- 1 | /** 2 | * @file test_two_channels.c 3 | * @author Roman Janota 4 | * @brief libnetconf2 Openning a new session on an established SSH channel test. 5 | * 6 | * @copyright 7 | * Copyright (c) 2023 - 2024 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | #define _GNU_SOURCE 16 | 17 | #include 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | 26 | #include 27 | 28 | #include "ln2_test.h" 29 | 30 | #define BACKOFF_TIMEOUT_USECS 100 31 | 32 | int TEST_PORT = 10050; 33 | const char *TEST_PORT_STR = "10050"; 34 | 35 | static void * 36 | server_thread(void *arg) 37 | { 38 | int ret, del_session_count = 0, sleep_count = 0; 39 | NC_MSG_TYPE msgtype; 40 | struct nc_session *session, *new_session; 41 | struct nc_pollsession *ps; 42 | struct ln2_test_ctx *test_ctx = arg; 43 | 44 | ps = nc_ps_new(); 45 | assert_non_null(ps); 46 | 47 | while (del_session_count < 2) { 48 | msgtype = nc_accept(0, test_ctx->ctx, &new_session); 49 | 50 | if (msgtype == NC_MSG_HELLO) { 51 | ret = nc_ps_add_session(ps, new_session); 52 | assert_int_equal(ret, 0); 53 | } 54 | 55 | ret = nc_ps_poll(ps, 0, &session); 56 | 57 | if (ret & NC_PSPOLL_SESSION_TERM) { 58 | nc_ps_del_session(ps, session); 59 | nc_session_free(session, NULL); 60 | del_session_count++; 61 | } else if (ret & NC_PSPOLL_SSH_CHANNEL) { 62 | msgtype = nc_session_accept_ssh_channel(session, &new_session); 63 | if (msgtype == NC_MSG_HELLO) { 64 | ret = nc_ps_add_session(ps, new_session); 65 | assert_int_equal(ret, 0); 66 | } 67 | } else if (ret & NC_PS_POLL_TIMEOUT) { 68 | usleep(BACKOFF_TIMEOUT_USECS); 69 | sleep_count++; 70 | assert_int_not_equal(sleep_count, 50000); 71 | } 72 | } 73 | 74 | nc_ps_free(ps); 75 | return NULL; 76 | } 77 | 78 | static void * 79 | client_thread(void *arg) 80 | { 81 | int ret; 82 | struct nc_session *session_cl1, *session_cl2; 83 | 84 | (void) arg; 85 | 86 | /* skip all hostkey and known_hosts checks */ 87 | nc_client_ssh_set_knownhosts_mode(NC_SSH_KNOWNHOSTS_SKIP); 88 | 89 | ret = nc_client_set_schema_searchpath(MODULES_DIR); 90 | assert_int_equal(ret, 0); 91 | 92 | ret = nc_client_ssh_add_keypair(TESTS_DIR "/data/id_ed25519.pub", TESTS_DIR "/data/id_ed25519"); 93 | assert_int_equal(ret, 0); 94 | 95 | ret = nc_client_ssh_set_username("client_1"); 96 | assert_int_equal(ret, 0); 97 | 98 | session_cl1 = nc_connect_ssh("127.0.0.1", TEST_PORT, NULL); 99 | assert_non_null(session_cl1); 100 | 101 | ret = nc_client_ssh_set_username("client_2"); 102 | assert_int_equal(ret, 0); 103 | 104 | ret = nc_client_ssh_del_keypair(0); 105 | assert_int_equal(ret, 0); 106 | 107 | ret = nc_client_ssh_add_keypair(TESTS_DIR "/data/id_ecdsa521.pub", TESTS_DIR "/data/id_ecdsa521"); 108 | assert_int_equal(ret, 0); 109 | 110 | session_cl2 = nc_connect_ssh_channel(session_cl1, NULL); 111 | assert_non_null(session_cl2); 112 | 113 | nc_session_free(session_cl1, NULL); 114 | nc_session_free(session_cl2, NULL); 115 | return NULL; 116 | } 117 | 118 | static void 119 | test_nc_two_channels(void **state) 120 | { 121 | int ret, i; 122 | pthread_t tids[2]; 123 | 124 | ret = pthread_create(&tids[0], NULL, client_thread, *state); 125 | assert_int_equal(ret, 0); 126 | ret = pthread_create(&tids[1], NULL, server_thread, *state); 127 | assert_int_equal(ret, 0); 128 | 129 | for (i = 0; i < 2; i++) { 130 | pthread_join(tids[i], NULL); 131 | } 132 | } 133 | 134 | static int 135 | setup_f(void **state) 136 | { 137 | int ret; 138 | struct lyd_node *tree = NULL; 139 | struct ln2_test_ctx *test_ctx; 140 | 141 | ret = ln2_glob_test_setup(&test_ctx); 142 | assert_int_equal(ret, 0); 143 | 144 | *state = test_ctx; 145 | 146 | ret = nc_server_config_add_address_port(test_ctx->ctx, "endpt", NC_TI_SSH, "127.0.0.1", TEST_PORT, &tree); 147 | assert_int_equal(ret, 0); 148 | 149 | ret = nc_server_config_add_ssh_hostkey(test_ctx->ctx, "endpt", "hostkey", TESTS_DIR "/data/key_ecdsa", NULL, &tree); 150 | assert_int_equal(ret, 0); 151 | 152 | ret = nc_server_config_add_ssh_user_pubkey(test_ctx->ctx, "endpt", "client_1", "pubkey", TESTS_DIR "/data/id_ed25519.pub", &tree); 153 | assert_int_equal(ret, 0); 154 | 155 | ret = nc_server_config_add_ssh_user_pubkey(test_ctx->ctx, "endpt", "client_2", "pubkey", TESTS_DIR "/data/id_ecdsa521.pub", &tree); 156 | assert_int_equal(ret, 0); 157 | 158 | ret = nc_server_config_setup_data(tree); 159 | assert_int_equal(ret, 0); 160 | 161 | lyd_free_all(tree); 162 | 163 | return 0; 164 | } 165 | 166 | int 167 | main(void) 168 | { 169 | const struct CMUnitTest tests[] = { 170 | cmocka_unit_test_setup_teardown(test_nc_two_channels, setup_f, ln2_glob_test_teardown), 171 | }; 172 | 173 | /* try to get ports from the environment, otherwise use the default */ 174 | if (ln2_glob_test_get_ports(1, &TEST_PORT, &TEST_PORT_STR)) { 175 | return 1; 176 | } 177 | 178 | setenv("CMOCKA_TEST_ABORT", "1", 1); 179 | return cmocka_run_group_tests(tests, NULL, NULL); 180 | } 181 | -------------------------------------------------------------------------------- /tests/test_unix_socket.c: -------------------------------------------------------------------------------- 1 | /** 2 | * @file test_unix_socket.c 3 | * @author Roman Janota 4 | * @brief libnetconf2 UNIX socket test 5 | * 6 | * @copyright 7 | * Copyright (c) 2022 - 2024 CESNET, z.s.p.o. 8 | * 9 | * This source code is licensed under BSD 3-Clause License (the "License"). 10 | * You may not use this file except in compliance with the License. 11 | * You may obtain a copy of the License at 12 | * 13 | * https://opensource.org/licenses/BSD-3-Clause 14 | */ 15 | 16 | #define _GNU_SOURCE 17 | 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | 26 | #include 27 | 28 | #include "ln2_test.h" 29 | 30 | static void * 31 | client_thread(void *arg) 32 | { 33 | int ret = 0; 34 | struct nc_session *session = NULL; 35 | struct ln2_test_ctx *test_ctx = arg; 36 | 37 | ret = nc_client_set_schema_searchpath(MODULES_DIR); 38 | assert_int_equal(ret, 0); 39 | 40 | pthread_barrier_wait(&test_ctx->barrier); 41 | session = nc_connect_unix("/tmp/nc2_test_unix_sock", NULL); 42 | assert_non_null(session); 43 | 44 | nc_session_free(session, NULL); 45 | return NULL; 46 | } 47 | 48 | static void 49 | test_nc_connect_unix_socket(void **state) 50 | { 51 | int ret, i; 52 | pthread_t tids[2]; 53 | 54 | assert_non_null(state); 55 | 56 | ret = pthread_create(&tids[0], NULL, client_thread, *state); 57 | assert_int_equal(ret, 0); 58 | ret = pthread_create(&tids[1], NULL, ln2_glob_test_server_thread, *state); 59 | assert_int_equal(ret, 0); 60 | 61 | for (i = 0; i < 2; i++) { 62 | pthread_join(tids[i], NULL); 63 | } 64 | } 65 | 66 | static int 67 | setup_f(void **state) 68 | { 69 | int ret; 70 | struct lyd_node *tree = NULL; 71 | struct ln2_test_ctx *test_ctx; 72 | 73 | ret = ln2_glob_test_setup(&test_ctx); 74 | assert_int_equal(ret, 0); 75 | 76 | *state = test_ctx; 77 | 78 | /* create the UNIX socket */ 79 | ret = nc_server_add_endpt_unix_socket_listen("unix", "/tmp/nc2_test_unix_sock", 0700, -1, -1); 80 | assert_int_equal(ret, 0); 81 | 82 | lyd_free_all(tree); 83 | return 0; 84 | } 85 | 86 | int 87 | main(void) 88 | { 89 | const struct CMUnitTest tests[] = { 90 | cmocka_unit_test_setup_teardown(test_nc_connect_unix_socket, setup_f, ln2_glob_test_teardown), 91 | }; 92 | 93 | setenv("CMOCKA_TEST_ABORT", "1", 1); 94 | return cmocka_run_group_tests(tests, NULL, NULL); 95 | } 96 | --------------------------------------------------------------------------------