├── .travis.yml ├── Dockerfile ├── README.md ├── cli ├── Makefile.in ├── README ├── VERSION ├── certs │ ├── ca.pem │ ├── client.crt │ └── client.key ├── commands.c ├── commands.h ├── config.guess ├── config.sub ├── configuration.c ├── configuration.h ├── configure ├── configure.in ├── doc │ ├── netopeer-cli.1 │ └── netopeer-cli.1.html ├── install-sh ├── m4 │ └── ax_pthread.m4 ├── main.c ├── netopeer-cli.spec.in ├── readinput.c ├── readinput.h ├── test.c ├── test.h └── tests │ ├── README │ ├── all YANG keywords │ ├── README │ ├── aug-sub-mod1.yang │ ├── basic_tests.xml │ ├── main-mod.yang │ ├── main-mod2.yang │ ├── sub-mod1.yang │ └── sub-mod2.yang │ ├── anyxml │ ├── README │ ├── anyxml-mod.yang │ ├── feat1_feat2_features.xml │ ├── feat1_features.xml │ └── no_features.xml │ ├── choice │ ├── README │ ├── choice-mod.yang │ ├── feat1_features.xml │ └── no_features.xml │ ├── container │ ├── README │ ├── container-mod.yang │ ├── feat1_features.xml │ └── no_features.xml │ ├── ietf-netconf.yang │ └── netopeer-test.yang ├── cov-configure.sh ├── cov-gen-tgz.sh ├── cov-make.sh ├── server ├── Makefile.in ├── README ├── VERSION ├── certs │ ├── ca.key │ ├── ca.pem │ ├── client.crt │ ├── client.key │ ├── server.crt │ └── server.key ├── config.guess ├── config.sub ├── config │ ├── NETCONF-server.xml.in │ ├── Netopeer.xml.in │ ├── datastore.xml │ ├── ietf-inet-types.yang │ ├── ietf-netconf-acm.yin │ ├── ietf-netconf-server.yang │ ├── ietf-x509-cert-to-name.yin │ ├── ietf-yang-types.yang │ └── netopeer-cfgnetopeer.yang ├── configurator │ ├── README │ ├── netopeer-configurator │ ├── netopeer-configurator.1 │ ├── netopeer-configurator.1.html │ ├── netopeer │ │ ├── __init__.py │ │ ├── config.py.in │ │ ├── messages.py │ │ ├── nc_nacm.py │ │ ├── nc_netopeer.py │ │ ├── nc_sshauth.py │ │ ├── nc_tlsauth.py │ │ └── ncmodule.py │ └── setup.py ├── configure ├── configure.in ├── install-sh ├── m4 │ ├── ax_pthread.m4 │ └── ax_python_module.m4 ├── manager │ ├── netopeer-manager.1 │ ├── netopeer-manager.1.html │ └── netopeer-manager.in ├── netopeer-server.8 ├── netopeer-server.8.html ├── netopeer-server.spec.in ├── netopeer.rc.in └── src │ ├── cfgnetopeer_transapi.c │ ├── cfgnetopeer_transapi.h │ ├── config.h.in │ ├── netconf_server_transapi.c │ ├── netconf_server_transapi.h │ ├── server.c │ ├── server.h │ ├── ssh │ ├── cfgnetopeer_transapi_ssh.c │ ├── cfgnetopeer_transapi_ssh.h │ ├── netconf_server_transapi_ssh.c │ ├── netconf_server_transapi_ssh.h │ ├── new_libssh_API_without_kbint_auth │ │ ├── server_ssh.c │ │ └── server_ssh.h │ ├── server_ssh.c │ └── server_ssh.h │ └── tls │ ├── cfgnetopeer_transapi_tls.c │ ├── cfgnetopeer_transapi_tls.h │ ├── netconf_server_transapi_tls.c │ ├── netconf_server_transapi_tls.h │ ├── server_tls.c │ └── server_tls.h └── transAPI ├── cfginterfaces ├── Makefile.in ├── README ├── cfginterfaces-init.c ├── cfginterfaces.c.in ├── cfginterfaces.h ├── cfginterfaces_paths.txt ├── config.guess ├── config.h.in ├── config.sub ├── configure ├── configure.in ├── iface_if.c ├── iface_nm(unused).c ├── install-sh ├── ltmain.sh └── model │ ├── iana-if-type.yin │ ├── iana-if-type@2014-05-08.yang │ ├── ietf-inet-types.yin │ ├── ietf-interfaces-config.rng.in │ ├── ietf-interfaces-gdefs-config.rng │ ├── ietf-interfaces-schematron.xsl │ ├── ietf-interfaces.yin │ ├── ietf-interfaces@2014-05-08.yang │ ├── ietf-ip.yin │ ├── ietf-ip@2014-06-16.yang │ └── ietf-yang-types.yin ├── cfgsystem ├── Makefile.in ├── README ├── base │ ├── common.c │ ├── common.h.in │ ├── date_time.c │ ├── date_time.h │ ├── dns_resolver.c │ ├── dns_resolver.h │ ├── encrypt.c │ ├── encrypt.h │ ├── local_users.c │ ├── local_users.h │ ├── platform.c │ ├── platform.h │ ├── salt.c │ ├── shutdown.c │ └── shutdown.h ├── cfgsystem-init.c ├── cfgsystem.c ├── cfgsystem_paths.txt ├── config.guess ├── config.sub ├── configure ├── configure.in ├── install-sh ├── ltmain.sh └── model │ ├── iana-crypt-hash.yin │ ├── ietf-netconf-acm.yin │ ├── ietf-system.yang │ ├── ietf-system.yin │ └── ietf-yang-types.yin └── turing ├── Makefile.in ├── README ├── config.guess ├── config.sub ├── configure ├── configure.in ├── examples ├── 0n1n-config.xml └── invert-config.xml ├── install-sh ├── ltmain.sh ├── paths ├── turing-machine-config.rng.in ├── turing-machine-gdefs-config.rng ├── turing-machine-schematron.xsl ├── turing-machine.c ├── turing-machine.yang └── turing-machine.yin /.travis.yml: -------------------------------------------------------------------------------- 1 | language: python # support for pip, used to install ncclient 2 | sudo: required 3 | services: 4 | - docker 5 | before_install: 6 | - pip install ncclient 7 | - ssh-keygen -N '' -f $HOME/.ssh/id_rsa 8 | script: 9 | - docker build -t netopeer . 10 | - docker run -d -p 8300:830 --name netopeer netopeer 11 | - while ! docker logs netopeer 2>&1 | grep 'Netopeer server successfully initialized'; do echo '***** init string not found'; sleep 1; done 12 | - sleep 5 13 | - python -c "from ncclient import manager; m = manager.connect(host='127.0.0.1', port=8300, hostkey_verify=False); print(m.get())" 14 | - docker logs netopeer 15 | - docker stop netopeer 16 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM centos:7 2 | 3 | # install required packages 4 | RUN ["yum", "install", "-y", "epel-release"] 5 | RUN ["yum", "install", "-y", "git", "make", "libtool", "libxml2-devel", "file", "libxslt-devel", "libssh-devel", "libcurl-devel", "python-pip", "libxml2-python", "openssh-server", "augeas-devel" ] 6 | RUN ["ssh-keygen", "-A"] 7 | RUN ["pip", "install", "pyang"] 8 | 9 | # clone, build and install libnetconf 10 | RUN set -e -x; \ 11 | git clone https://github.com/CESNET/libnetconf.git /usr/src/libnetconf; \ 12 | cd /usr/src/libnetconf; \ 13 | ./configure --prefix='/usr'; \ 14 | make; \ 15 | make install; \ 16 | ln -s /usr/lib/pkgconfig/libnetconf.pc /usr/lib64/pkgconfig/ 17 | 18 | # build and install netopeer-server 19 | COPY server /usr/src/netopeer/server 20 | RUN set -e -x; \ 21 | cd /usr/src/netopeer/server; \ 22 | ./configure --prefix='/usr'; \ 23 | make; \ 24 | make install; \ 25 | cp -v config/datastore.xml /usr/etc/netopeer/cfgnetopeer/datastore.xml 26 | 27 | # build and install transAPI/cfgsystem 28 | COPY transAPI/cfgsystem /usr/src/netopeer/cfgsystem 29 | RUN set -e -x; \ 30 | cd /usr/src/netopeer/cfgsystem; \ 31 | ./configure --prefix='/usr'; \ 32 | make; \ 33 | make install; \ 34 | sed -i '//d' /usr/etc/netopeer/ietf-system/datastore.xml 35 | 36 | CMD ["/usr/bin/netopeer-server", "-v", "2"] 37 | 38 | # expose ports 39 | EXPOSE 830 40 | -------------------------------------------------------------------------------- /cli/README: -------------------------------------------------------------------------------- 1 | CLI TLS support 2 | --------------- 3 | 4 | If you enable TLS (by configuring with --enable-tls and compiling), 5 | the TLS functionality is enabled. However, in order to make it working, 6 | you must perform a few initial configuration tasks. 7 | 8 | client certificate 9 | With every action that requires verification, you can specify 10 | paths to the client certificate to be used. Also, if you do not 11 | specify any certificate, the default one will be used. To set it 12 | up, use the "cert replaceown" command (netopeer-cli(1)). 13 | 14 | server certificate verification 15 | In order to verify the certificate provided by the server, you 16 | need to specify the Certificate Authority certificates you find 17 | trustworthy and make them accessible to netopeer-cli. Again, you 18 | can explicitly specify the path to a Certificate Authority 19 | trusted store, or use the default directory. To add certificates 20 | to this directory, use the "cert add" command (netopeer-cli(1)). 21 | 22 | Certificate Revocation Lists 23 | For netopeer-cli to check if a certificate was not revocated by 24 | its issuer, use the "crl add" command (netopeer-cli(1)) to provide 25 | CRLs of your trusted CAs for netopeer-cli. 26 | 27 | 28 | Certificates 29 | ~~~~~~~~~~~~ 30 | 31 | The "./certs" directory includes copies of the needed example 32 | client certificates, which will work with the server example 33 | certificates. 34 | -------------------------------------------------------------------------------- /cli/VERSION: -------------------------------------------------------------------------------- 1 | 0.8.0 2 | -------------------------------------------------------------------------------- /cli/certs/ca.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIID7TCCAtWgAwIBAgIJAMtE1NGAR5KoMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYD 3 | VQQGEwJDWjEWMBQGA1UECAwNU291dGggTW9yYXZpYTENMAsGA1UEBwwEQnJubzEP 4 | MA0GA1UECgwGQ0VTTkVUMQwwCgYDVQQLDANUTUMxEzARBgNVBAMMCmV4YW1wbGUg 5 | Q0ExIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVjYUBsb2NhbGhvc3QwHhcNMTQwNzI0 6 | MTQxOTAyWhcNMjQwNzIxMTQxOTAyWjCBjDELMAkGA1UEBhMCQ1oxFjAUBgNVBAgM 7 | DVNvdXRoIE1vcmF2aWExDTALBgNVBAcMBEJybm8xDzANBgNVBAoMBkNFU05FVDEM 8 | MAoGA1UECwwDVE1DMRMwEQYDVQQDDApleGFtcGxlIENBMSIwIAYJKoZIhvcNAQkB 9 | FhNleGFtcGxlY2FAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 10 | CgKCAQEArD3TDHPAMT2Z84orK4lMlarbgooIUCcRZyLe+QM+8KY8Hn+mGaxPEOTS 11 | L3ywszqefB/Utm2hPKLHX684iRC14ID9WDGHxPjvoPArhgFhfV+qnPfxKTgxZC12 12 | uOj4u1V9y+SkTCocFbRfXVBGpojrBuDHXkDMDEWNvr8/52YCv7bGaiBwUHolcLCU 13 | bmtKILCG0RNJyTaJpXQdAeq5Z1SJotpbfYFFtAXB32hVoLug1dzl2tjG9sb1wq3Q 14 | aDExcbC5w6P65qOkNoyym9ne6QlQagCqVDyFn3vcqkRaTjvZmxauCeUxXgJoXkyW 15 | cm0lM1KMHdoTArmchw2Dz0yHHSyDAQIDAQABo1AwTjAdBgNVHQ4EFgQUc1YQIqjZ 16 | sHVwlea0AB4N+ilNI2gwHwYDVR0jBBgwFoAUc1YQIqjZsHVwlea0AB4N+ilNI2gw 17 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAI/1KH60qnw9Xs2RGfi0/ 18 | IKf5EynXt4bQX8EIyVKwSkYKe04zZxYfLIl/Q2HOPYoFmm3daj5ddr0ZS1i4p4fT 19 | UhstjsYWvXs3W/HhVmFUslakkn3PrswhP77fCk6eEJLxdfyJ1C7Uudq2m1isZbKi 20 | h+XF0mG1LxJaDMocSz4eAya7M5brwjy8DoOmA1TnLQFCVcpn+sCr7VC4wE/JqxyV 21 | hBCk/MuGqqM3B1j90bGFZ112ZOecyE0EDSr6IbiRBtmeNbEwOFjKXhNLYdxpBZ9D 22 | 8A/368OckZkCrVLGuJNxK9UwCVTe8IhotHUqU9EqFDmxdV8oIdU/OzUwwNPA/Bd/ 23 | 9g== 24 | -----END CERTIFICATE----- 25 | -------------------------------------------------------------------------------- /cli/certs/client.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIECTCCAvGgAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCQ1ox 3 | FjAUBgNVBAgMDVNvdXRoIE1vcmF2aWExDTALBgNVBAcMBEJybm8xDzANBgNVBAoM 4 | BkNFU05FVDEMMAoGA1UECwwDVE1DMRMwEQYDVQQDDApleGFtcGxlIENBMSIwIAYJ 5 | KoZIhvcNAQkBFhNleGFtcGxlY2FAbG9jYWxob3N0MB4XDTE1MDczMDA3MjcxOFoX 6 | DTM1MDcyNTA3MjcxOFowgYUxCzAJBgNVBAYTAkNaMRYwFAYDVQQIDA1Tb3V0aCBN 7 | b3JhdmlhMQ8wDQYDVQQKDAZDRVNORVQxDDAKBgNVBAsMA1RNQzEXMBUGA1UEAwwO 8 | ZXhhbXBsZSBjbGllbnQxJjAkBgkqhkiG9w0BCQEWF2V4YW1wbGVjbGllbnRAbG9j 9 | YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueCQaNQWoNmF 10 | K6LKu1p8U8ZWdWg/PvDdLsJyzfzl/Qw4UA68SfFNaY06zZl8QB9W02nr5kWeeMY0 11 | VA3adrPgOlvfx3oWlFbkETnMaN4OT3WTQ0Wt6jAWZDzVfopwpJPAzRPxACDftIqF 12 | GagYcF32hZlVNqqnVdbXh0S0EViweqp/dbG4VDUHSNVbglc+u4UbEzNIFXMdEFsJ 13 | ZpkynOmSiTsIATqIhb+2srkVgLwhfkC2qkuHQwAHdubuB07ObM2z01UhyEdDvEYG 14 | HwtYAGDBL2TAcsI0oGeVkRyuOkV0QY0UN7UEFI1yTYw+xZ42HgFx3uGwApCImxhb 15 | j69GBYWFqwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVu 16 | U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUXGpLeLnh2cSDARAV 17 | A7KrBxGYpo8wHwYDVR0jBBgwFoAUc1YQIqjZsHVwlea0AB4N+ilNI2gwDQYJKoZI 18 | hvcNAQELBQADggEBAJPV3RTXFRtNyOU4rjPpYeBAIAFp2aqGc4t2J1c7oPp/1n+l 19 | ZvjnwtlJpZHxMM783e2ryDQ6dkvXDf8kpwKlg3U3mkJ3xKkDdWrM4QwghXdCN519 20 | aa9qmu0zdFL+jUAaWlQ5tsceOrvbusCcbMqiFGk/QfpHqPv52SVWbYyUx7IX7DE+ 21 | UjgsLHycfV/tlcx4ZE6soTzl9VdgSL/zmzG3rjsr58J80rXckLgBhvijgBlIAJvW 22 | fC7D0vaouvBInSFXymdPVoUDZ30cdGLf+hI/i/TfsEMOinLrXVdkSGNo6FXAHKSv 23 | XeB9oFKSzhQ7OPyRyqvEPycUSw/qD6FVr80oDDc= 24 | -----END CERTIFICATE----- 25 | -------------------------------------------------------------------------------- /cli/certs/client.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAueCQaNQWoNmFK6LKu1p8U8ZWdWg/PvDdLsJyzfzl/Qw4UA68 3 | SfFNaY06zZl8QB9W02nr5kWeeMY0VA3adrPgOlvfx3oWlFbkETnMaN4OT3WTQ0Wt 4 | 6jAWZDzVfopwpJPAzRPxACDftIqFGagYcF32hZlVNqqnVdbXh0S0EViweqp/dbG4 5 | VDUHSNVbglc+u4UbEzNIFXMdEFsJZpkynOmSiTsIATqIhb+2srkVgLwhfkC2qkuH 6 | QwAHdubuB07ObM2z01UhyEdDvEYGHwtYAGDBL2TAcsI0oGeVkRyuOkV0QY0UN7UE 7 | FI1yTYw+xZ42HgFx3uGwApCImxhbj69GBYWFqwIDAQABAoIBAQCZN9kR8DGu6V7y 8 | t0Ax68asL8O5B/OKaHWKQ9LqpVrXmikZJOxkbzoGldow/CIFoU+q+Zbwu9aDa65a 9 | 0wiP7Hoa4Py3q5XNNUrOQDyU/OYC7cI0I83WS0lJ2zOJGYj8wKae5Z81IeQFKGHK 10 | 4lsy1OGPAvPRGh7RjUUgRavA2MCwe07rWRuDb/OJFe4Oh56UMEjwMiNBtMNtncog 11 | j1vr/qgRJdf9tf0zlJmLvUJ9+HSFFV9I/97LJyFhb95gAfHkjdVroLVgT3Cho+4P 12 | WtZaKCIGD0OwfOG2nLV4leXvRUk62/LMlB8NI9+JF7Xm+HCKbaWHNWC7mvWSLV58 13 | Zl4AbUWRAoGBANyJ6SFHFRHSPDY026SsdMzXR0eUxBAK7G70oSBKKhY+O1j0ocLE 14 | jI2krHJBhHbLlnvJVyMUaCUOTS5m0uDw9hgSsAqeSL3hL38kxVZw+KNG9Ouno1Fl 15 | KnE/xXHlPQyeGs/P8nAMzHZxQtEsQdQayJEhK2XXHTsy7Q3MxDisfVJ1AoGBANfD 16 | 34gB+OMx6pwj7zk3qWbYXSX8xjCZMR0ciko+h4xeMP2N8B0oyoqC+v1ABMAtJ3wG 17 | sGZd0hV9gwM7OUM3SEwkn6oeg1GemWLcn4rlSmTnZc4aeVwrEWlnSNFX3s4g9l4u 18 | k8Ugu4MVJYqH8HuDQ5Ggl6/QAwPzMSEdCW0O+jOfAoGAIBRbegC5+t6m7Yegz4Ja 19 | dxV1g98K6f58x+MDsQu4tYWV4mmrQgaPH2dtwizvlMwmdpkh+LNWNtWuumowkJHc 20 | akIFo3XExQIFg6wYnGtQb4e5xrGa2xMpKlIJaXjb+YLiCYqJDG2ALFZrTrvuU2kV 21 | 9a5qfqTc1qigvNolTM0iaaUCgYApmrZWhnLUdEKV2wP813PNxfioI4afxlpHD8LG 22 | sCn48gymR6E+Lihn7vuwq5B+8fYEH1ISWxLwW+RQUjIneNhy/jjfV8TgjyFqg7or 23 | 0Sy4KjpiNI6kLBXOakELRNNMkeSPopGR2E7v5rr3bGD9oAD+aqX1G7oJH/KgPPYd 24 | Vl7+ZwKBgQDcHyWYrimjyUgKaQD2GmoO9wdcJYQ59ke9K+OuGlp4ti5arsi7N1tP 25 | B4f09aeELM2ASIuk8Q/Mx0jQFnm8lzRFXdewgvdPoZW/7VufM9O7dGPOc41cm2Dh 26 | yrTcXx/VmUBb+/fnXVEgCv7gylp/wtdTGHQBQJHR81jFBz0lnLj+gg== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /cli/commands.h: -------------------------------------------------------------------------------- 1 | 2 | #include 3 | 4 | #ifndef COMMANDS_H_ 5 | #define COMMANDS_H_ 6 | 7 | char some_msg[4096]; 8 | #define INSTRUCTION(output,format,args...) {snprintf(some_msg,4095,format,##args);fprintf(output,"\n %s",some_msg);} 9 | #define ERROR(function,format,args...) {snprintf(some_msg,4095,format,##args);fprintf(stderr,"%s: %s\n",function,some_msg);} 10 | 11 | #ifdef __GNUC__ 12 | # define UNUSED(x) UNUSED_ ## x __attribute__((__unused__)) 13 | #else 14 | # define UNUSED(x) UNUSED_ ## x 15 | #endif 16 | 17 | int cmd_connect(const char* arg, const char* old_input_file, FILE* output, FILE* input); 18 | int cmd_listen(const char* arg, const char* old_input_file, FILE* output, FILE* input); 19 | int cmd_disconnect(const char* arg, const char* old_input_file, FILE* output, FILE* input); 20 | int cmd_copyconfig (const char *arg, const char* old_input_file, FILE* output, FILE* input); 21 | int cmd_deleteconfig (const char *arg, const char* old_input_file, FILE* output, FILE* input); 22 | int cmd_editconfig (const char *arg, const char* old_input_file, FILE* output, FILE* input); 23 | int cmd_get(const char *arg, const char* old_input_file, FILE* output, FILE* input); 24 | int cmd_getconfig(const char *arg, const char* old_input_file, FILE* output, FILE* input); 25 | int cmd_help(const char* arg, const char* old_input_file, FILE* output, FILE* input); 26 | int cmd_killsession(const char *arg, const char* old_input_file, FILE* output, FILE* input); 27 | int cmd_lock(const char *arg, const char* old_input_file, FILE* output, FILE* input); 28 | int cmd_subscribe(const char *arg, const char* old_input_file, FILE* output, FILE* input); 29 | int cmd_unlock(const char *arg, const char* old_input_file, FILE* output, FILE* input); 30 | int cmd_validate(const char *arg, const char* old_input_file, FILE* output, FILE* input); 31 | int cmd_status(const char* arg, const char* old_input_file, FILE* output, FILE* input); 32 | int cmd_test(const char* arg, const char* old_input_file, FILE* output, FILE* input); 33 | int cmd_auth(const char* arg, const char* old_input_file, FILE* output, FILE* input); 34 | #ifdef ENABLE_TLS 35 | int cmd_cert(const char* arg, const char* old_input_file, FILE* output, FILE* input); 36 | int cmd_crl(const char* arg, const char* old_input_file, FILE* output, FILE* input); 37 | #endif 38 | int cmd_time(const char* arg, const char* old_input_file, FILE* output, FILE* input); 39 | int cmd_knownhosts(const char* arg, const char* old_input_file, FILE* output, FILE* input); 40 | int cmd_quit(const char* arg, const char* old_input_file, FILE* output, FILE* input); 41 | int cmd_debug(const char *arg, const char* old_input_file, FILE* output, FILE* input); 42 | int cmd_verbose(const char *arg, const char* old_input_file, FILE* output, FILE* input); 43 | int cmd_userrpc(const char *arg, const char* old_input_file, FILE* output, FILE* input); 44 | int cmd_commit(const char* arg, const char* old_input_file, FILE* output, FILE* input); 45 | int cmd_getschema(const char* arg, const char* old_input_file, FILE* output, FILE* input); 46 | int cmd_discardchanges(const char* arg, const char* old_input_file, FILE* output, FILE* input); 47 | int cmd_capability(const char *arg, const char* old_input_file, FILE* output, FILE* input); 48 | int cmd_editor(const char *arg, const char* old_input_file, FILE* output, FILE* input); 49 | 50 | typedef struct 51 | { 52 | char *name; /* User printable name of the function. */ 53 | int (*func)(const char*, const char*, FILE*, FILE*); /* Function to call to do the command. */ 54 | char *helpstring; /* Documentation for this function. */ 55 | } COMMAND; 56 | 57 | #endif /* COMMANDS_H_ */ 58 | -------------------------------------------------------------------------------- /cli/configuration.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file configuration.h 3 | * \author Michal Vasko 4 | * @brief Header file for CLI directory and file manipulation 5 | * 6 | * Copyright (C) 2014 CESNET, z.s.p.o. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in 15 | * the documentation and/or other materials provided with the 16 | * distribution. 17 | * 3. Neither the name of the Company nor the names of its contributors 18 | * may be used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * ALTERNATIVELY, provided that this notice is retained in full, this 22 | * product may be distributed under the terms of the GNU General Public 23 | * License (GPL) version 2 or later, in which case the provisions 24 | * of the GPL apply INSTEAD OF those given above. 25 | * 26 | * This software is provided ``as is, and any express or implied 27 | * warranties, including, but not limited to, the implied warranties of 28 | * merchantability and fitness for a particular purpose are disclaimed. 29 | * In no event shall the company or contributors be liable for any 30 | * direct, indirect, incidental, special, exemplary, or consequential 31 | * damages (including, but not limited to, procurement of substitute 32 | * goods or services; loss of use, data, or profits; or business 33 | * interruption) however caused and on any theory of liability, whether 34 | * in contract, strict liability, or tort (including negligence or 35 | * otherwise) arising in any way out of the use of this software, even 36 | * if advised of the possibility of such damage. 37 | */ 38 | 39 | #include 40 | #include 41 | 42 | /** 43 | * @brief The CLI XML config options. 44 | */ 45 | struct cli_options { 46 | struct nc_cpblts* cpblts; 47 | char* config_editor; 48 | int pubkey_auth_pref; 49 | int passwd_auth_pref; 50 | int inter_auth_pref; 51 | char** keys; 52 | int key_count; 53 | }; 54 | 55 | /** 56 | * @brief Finds the current user's netconf dir 57 | * @return NULL on failure, dynamically allocated netconf dir path 58 | * otherwise 59 | */ 60 | char* get_netconf_dir(void); 61 | 62 | /** 63 | * @brief Finds the default certificate and optionally key file, 64 | * the supplied pointers must be empty (*cert == NULL) 65 | * @param[out] cert path to the certificate (and perhaps also key), 66 | * no change on error 67 | * @param[out] key path to the private key, no change if the key 68 | * is included in cert 69 | */ 70 | void get_default_client_cert(char** cert, char** key); 71 | 72 | /** 73 | * @brief Finds the default trusted CA certificate directory 74 | * @return ret_dir == NULL: NULL on failure, dynamically allocated trusted CA dir path 75 | * otherwise, ret_dir != NULL: always NULL, on success *ret_dir is opened trusted CA 76 | * dir, not modified on error 77 | */ 78 | char* get_default_trustedCA_dir(DIR** ret_dir); 79 | 80 | /** 81 | * @brief Finds the default CRL directory 82 | * @return ret_dir == NILL: NULL on failure, dynamically allocated CRL dir path otherwise, 83 | * ret_dir != NULL: always NULL, on success *ret_dir is opened CRL dir, not modified 84 | * on error 85 | */ 86 | char* get_default_CRL_dir(DIR** ret_dir); 87 | 88 | /** 89 | * @brief Checks all the relevant files and directories creating any 90 | * that are missing, sets the saved configuration 91 | */ 92 | void load_config(void); 93 | 94 | /** 95 | * @brief Saves the current configuration and command history 96 | */ 97 | void store_config(void); 98 | -------------------------------------------------------------------------------- /cli/netopeer-cli.spec.in: -------------------------------------------------------------------------------- 1 | Summary: Netopeer CLI client for NETCONF protocol. 2 | Name: netopeer-cli 3 | Version: @PACKAGE_VERSION@ 4 | Release: @RELEASE@ 5 | URL: http://www.liberouter.org/ 6 | Source: https://www.liberouter.org/repo/SOURCES/%{name}-%{version}-%{release}.tar.gz 7 | Group: Liberouter 8 | License: BSD 9 | Vendor: CESNET, z.s.p.o. 10 | Packager: @USERNAME@ <@USERMAIL@> 11 | BuildRoot: %{_tmppath}/%{name}-%{version}-%{release} 12 | 13 | BuildRequires: gcc make pkgconfig @BUILDREQS@ 14 | Requires: libxml2 @REQS@ 15 | Provides: netopeer-cli 16 | 17 | %description 18 | CLI client connecting operator to a NETCONF capable device. This application 19 | is built on the libnetconf library. 20 | 21 | %prep 22 | %setup 23 | 24 | %build 25 | ./configure --prefix=%{_prefix} @CONFIGURE_PARAMS@; 26 | make 27 | 28 | %install 29 | make DESTDIR=$RPM_BUILD_ROOT install 30 | 31 | %post 32 | 33 | %files 34 | %{_bindir}/netopeer-cli 35 | %{_mandir}/man1/* 36 | %{_datadir}/netopeer/*.html 37 | -------------------------------------------------------------------------------- /cli/readinput.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file readinput.h 3 | * \author 4 | * 5 | * Copyright (C) 2015 CESNET, z.s.p.o. 6 | * 7 | * Redistribution and use in source and binary forms, with or without 8 | * modification, are permitted provided that the following conditions 9 | * are met: 10 | * 1. Redistributions of source code must retain the above copyright 11 | * notice, this list of conditions and the following disclaimer. 12 | * 2. Redistributions in binary form must reproduce the above copyright 13 | * notice, this list of conditions and the following disclaimer in 14 | * the documentation and/or other materials provided with the 15 | * distribution. 16 | * 3. Neither the name of the Company nor the names of its contributors 17 | * may be used to endorse or promote products derived from this 18 | * software without specific prior written permission. 19 | * 20 | * ALTERNATIVELY, provided that this notice is retained in full, this 21 | * product may be distributed under the terms of the GNU General Public 22 | * License (GPL) version 2 or later, in which case the provisions 23 | * of the GPL apply INSTEAD OF those given above. 24 | * 25 | * This software is provided ``as is, and any express or implied 26 | * warranties, including, but not limited to, the implied warranties of 27 | * merchantability and fitness for a particular purpose are disclaimed. 28 | * In no event shall the company or contributors be liable for any 29 | * direct, indirect, incidental, special, exemplary, or consequential 30 | * damages (including, but not limited to, procurement of substitute 31 | * goods or services; loss of use, data, or profits; or business 32 | * interruption) however caused and on any theory of liability, whether 33 | * in contract, strict liability, or tort (including negligence or 34 | * otherwise) arising in any way out of the use of this software, even 35 | * if advised of the possibility of such damage. 36 | * 37 | */ 38 | 39 | #ifndef READINPUT_H_ 40 | #define READINPUT_H_ 41 | 42 | void initialize_readline(void); 43 | char* readinput(const char* instruction, const char* tmpfile, FILE* output); 44 | 45 | #endif /* READINPUT_H_ */ 46 | -------------------------------------------------------------------------------- /cli/test.h: -------------------------------------------------------------------------------- 1 | #ifndef _TEST_H_ 2 | #define _TEST_H_ 3 | 4 | struct np_test_capab { 5 | char* capab; 6 | char** attributes; 7 | char** values; 8 | unsigned int attr_count; 9 | 10 | char* not_older_revision; 11 | char* exact_revision; 12 | char** features; 13 | unsigned int feature_count; 14 | char** not_features; 15 | unsigned int not_feature_count; 16 | struct np_test_capab* next; 17 | }; 18 | 19 | struct np_test_var { 20 | char* name; 21 | unsigned int value_range_start; 22 | unsigned int value_range_step; 23 | enum np_test_var_range_op { 24 | ADD, 25 | SUB, 26 | MUL, 27 | DIV 28 | } value_range_op; 29 | char** value_list; 30 | unsigned int value_list_count; 31 | struct np_test_var* next; 32 | }; 33 | 34 | struct np_test_cmd { 35 | unsigned int id; 36 | char* cmd; 37 | char* file; 38 | char* result_err_tag; 39 | char* result_err_msg; 40 | char* result_file; 41 | struct np_test_cmd* next; 42 | }; 43 | 44 | struct np_test { 45 | char* name; 46 | unsigned int count; 47 | struct np_test_capab* required_capabs; 48 | struct np_test_var* vars; 49 | struct np_test_cmd* cmds; 50 | struct np_test* next; 51 | }; 52 | 53 | void np_test_capab_free(struct np_test_capab* capab); 54 | 55 | void np_test_var_free(struct np_test_var* var); 56 | 57 | void np_test_cmd_free(struct np_test_cmd* cmd); 58 | 59 | void np_test_free(struct np_test* test); 60 | 61 | int perform_test(struct np_test* tests, struct np_test_capab* global_capabs, struct np_test_var* global_vars, const struct nc_cpblts* capabs, FILE* output); 62 | 63 | #endif /* _TEST_H_ */ -------------------------------------------------------------------------------- /cli/tests/README: -------------------------------------------------------------------------------- 1 | netopeer-cli tests 2 | ~~~~~~~~~~~~~~~~~~ 3 | 4 | There is a "test" command available in the CLI. 5 | Upon establishing a connection to a server, it 6 | can be used to execute tests of the server. 7 | These are specififed in the form of an XML 8 | file, which can include many different tests. 9 | The format strictly conforms to the 10 | "netopeer-test.yang" model. Example files that 11 | test various NETCONF features can be found in 12 | this directory. 13 | 14 | All the tests in a file can require certain 15 | capabilities or models, or use the same 16 | variables. Variables change their value in 17 | every iteration of a test enabling simple 18 | creation of many instances of nodes. These 19 | global properties are defined first. Specific 20 | test definitions follow in a list. 21 | 22 | Each test must have a unique name that 23 | identifies it. Optionally, there can be 24 | a description and the number of executions 25 | (each possibly with a different variable 26 | value). Then the test-specific capablities and 27 | variables follow. Last is a list of the 28 | commands the test executes. 29 | 30 | Every command has its unique id specifying the 31 | order - lower is executed first. Then the CLI 32 | command itself can be written in two ways, 33 | either simple command that gets executed 34 | directly (as if writing it in the CLI) or 35 | one that uses a config or filter file. The 36 | string "(file)" in the command is replaced 37 | by a temporary file name with the content 38 | separately specified in the command container. 39 | This way the whole test can be in a single 40 | file. Lastly, the expected result after the 41 | command execution is chosen from simple 42 | success, specific data returned, or an error. 43 | Test is interrupted and fails if a single 44 | command finishes with an unexpected result. 45 | -------------------------------------------------------------------------------- /cli/tests/all YANG keywords/README: -------------------------------------------------------------------------------- 1 | all YANG keywords 2 | ~~~~~~~~~~~~~~~~~ 3 | 4 | The included models use every YANG keyword at 5 | least once. The test cases, however, cover only 6 | the commonly used statements and just briefly. 7 | -------------------------------------------------------------------------------- /cli/tests/all YANG keywords/aug-sub-mod1.yang: -------------------------------------------------------------------------------- 1 | module aug-sub-mod1 { 2 | namespace "http://test.org/aug-sub-mod1"; 3 | 4 | prefix asmod; 5 | 6 | import "main-mod" { 7 | prefix "mmod"; 8 | } 9 | 10 | reference "main-mod"; 11 | 12 | organization "some org"; 13 | 14 | augment "/mmod:cont1" { 15 | leaf aug-leaf1 { 16 | type empty; 17 | } 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /cli/tests/all YANG keywords/main-mod.yang: -------------------------------------------------------------------------------- 1 | module main-mod { 2 | namespace "http://test.org/main-mod"; 3 | 4 | prefix mmod; 5 | 6 | include sub-mod1; 7 | include sub-mod2; 8 | 9 | feature feat1; 10 | } 11 | -------------------------------------------------------------------------------- /cli/tests/all YANG keywords/main-mod2.yang: -------------------------------------------------------------------------------- 1 | module main-mod2 { 2 | namespace "http://test.org/main-mod2"; 3 | 4 | prefix mmod2; 5 | 6 | import main-mod { 7 | prefix mmod; 8 | } 9 | 10 | deviation "/mmod:cont1/mmod:leaf1" { 11 | deviate add { 12 | default 10; 13 | } 14 | } 15 | 16 | feature feat2 { 17 | if-feature mmod:feat1; 18 | } 19 | 20 | container cont3 { 21 | if-feature feat2; 22 | presence "it means that this container has a meaning"; 23 | } 24 | 25 | container cont4 { 26 | leaf leaf7 { 27 | config false; 28 | type empty; 29 | } 30 | 31 | leaf-list llist1 { 32 | when "../../cont3"; 33 | min-elements 1; 34 | type mmod:type3; 35 | } 36 | 37 | leaf leaf9 { 38 | type enumeration { 39 | enum "jedna" { 40 | value 1; 41 | } 42 | enum "dva" { 43 | value 2; 44 | } 45 | enum "tri"; 46 | enum "patdesiat" { 47 | value 50; 48 | } 49 | } 50 | } 51 | 52 | choice choic1 { 53 | case case1 { 54 | leaf leaf4 { 55 | type union { 56 | type int32 { 57 | range "100..max"; 58 | } 59 | type string; 60 | } 61 | } 62 | } 63 | container case2 { 64 | leaf leaf5 { 65 | type leafref { 66 | path "../../leaf9"; 67 | } 68 | } 69 | leaf leaf6 { 70 | type instance-identifier { 71 | require-instance true; 72 | } 73 | } 74 | } 75 | } 76 | } 77 | 78 | notification notif1 { 79 | leaf leaf05 { 80 | type identityref { 81 | base mmod:double-derived-ident; 82 | } 83 | } 84 | leaf leaf06 { 85 | type decimal64 { 86 | fraction-digits 9; 87 | } 88 | } 89 | } 90 | } 91 | -------------------------------------------------------------------------------- /cli/tests/all YANG keywords/sub-mod1.yang: -------------------------------------------------------------------------------- 1 | submodule sub-mod1 { 2 | yang-version 1; 3 | 4 | belongs-to "main-mod" { 5 | prefix "mmod"; 6 | } 7 | 8 | revision "2015-03-25" { 9 | description "Initial revision."; 10 | } 11 | 12 | identity new-ident; 13 | 14 | typedef type1 { 15 | type string { 16 | length "10..20 | 25 | 30"; 17 | pattern "[A-Za-z]+" { 18 | error-app-tag invalid-value; 19 | error-message "pattern error"; 20 | } 21 | } 22 | } 23 | 24 | grouping group1 { 25 | leaf group-leaf1 { 26 | type empty; 27 | } 28 | } 29 | 30 | extension ext1 { 31 | argument ext1-arg { 32 | yin-element true; 33 | } 34 | } 35 | 36 | container cont1 { 37 | anyxml data; 38 | 39 | leaf leaf1 { 40 | type int16 { 41 | range "10..20"; 42 | } 43 | } 44 | } 45 | 46 | rpc rpc1 { 47 | input { 48 | leaf input1 { 49 | type string; 50 | } 51 | } 52 | output { 53 | anyxml output1; 54 | } 55 | } 56 | } -------------------------------------------------------------------------------- /cli/tests/all YANG keywords/sub-mod2.yang: -------------------------------------------------------------------------------- 1 | submodule sub-mod2 { 2 | belongs-to "main-mod" { 3 | prefix "mmod"; 4 | } 5 | 6 | include sub-mod1 { 7 | revision-date 2015-03-25; 8 | } 9 | 10 | identity derived-ident { 11 | base new-ident; 12 | } 13 | 14 | identity double-derived-ident { 15 | base derived-ident; 16 | } 17 | 18 | typedef type2 { 19 | type type1 { 20 | length "15"; 21 | } 22 | status deprecated; 23 | } 24 | 25 | typedef type3 { 26 | type type2; 27 | units "unknown"; 28 | status deprecated; 29 | } 30 | 31 | container cont2 { 32 | leaf leaf8 { 33 | type type1; 34 | } 35 | 36 | uses group1 { 37 | refine group-leaf1 { 38 | mandatory true; 39 | } 40 | } 41 | 42 | mmod:ext1 "somearg"; 43 | 44 | list list1 { 45 | key "leaf4"; 46 | unique "leaf5"; 47 | ordered-by user; 48 | max-elements 2; 49 | 50 | leaf leaf4 { 51 | type bits { 52 | bit bit0 { 53 | position 0; 54 | } 55 | bit bit1; 56 | bit bit2; 57 | bit bit10 { 58 | position 10; 59 | } 60 | } 61 | } 62 | 63 | leaf leaf5 { 64 | type string; 65 | } 66 | 67 | must "leaf5 != 'empty'"; 68 | } 69 | } 70 | } 71 | -------------------------------------------------------------------------------- /cli/tests/anyxml/README: -------------------------------------------------------------------------------- 1 | anyxml 2 | ~~~~~~ 3 | 4 | The state node /cont1/axml1 must return 5 | "" for these tests to pass. 6 | -------------------------------------------------------------------------------- /cli/tests/anyxml/anyxml-mod.yang: -------------------------------------------------------------------------------- 1 | module anyxml-mod { 2 | namespace "http://test.org/anyxml-mod"; 3 | 4 | prefix amod; 5 | 6 | feature feat1; 7 | feature feat2; 8 | 9 | container cont1 { 10 | anyxml axml1 { 11 | config false; 12 | mandatory true; 13 | if-feature feat1; 14 | when "../axml3"; 15 | reference "some text somewhere"; 16 | description "MUST return '' !!"; 17 | } 18 | 19 | anyxml axml2 { 20 | if-feature feat1; 21 | if-feature feat2; 22 | status current; 23 | must "../axml4 != '' or . = ''"; 24 | description "must condition - if axml4 is '', 25 | then the same must be in axml2"; 26 | } 27 | 28 | anyxml axml3 { 29 | config true; 30 | mandatory true; 31 | } 32 | 33 | anyxml axml4 { 34 | status deprecated; 35 | } 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /cli/tests/anyxml/feat1_feat2_features.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | urn:ietf:params:netconf:capability:writable-running:1.0 5 | 6 | 7 | urn:ietf:params:netconf:capability:validate:1.1 8 | 9 | 10 | http://test.org/anyxml-mod 11 | feat1 12 | feat2 13 | 14 | 15 | 16 | clean running 17 | 18 | 1 19 | get-config --out=old_config.xml running 20 | 21 | 22 | 23 | 2 24 | edit-config --config=(file) running 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | must, if-feature test 33 | We create "axml4" with a specific content, so adding "axml2" should first result in a validation error, then added successfully since the 'must' condition will be satisfied. 34 | 35 | 1 36 | edit-config --config=(file) running 37 | 38 | 39 | 40 | ... 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 2 51 | edit-config --config=(file) running 52 | 53 | 54 | 55 | wrong 56 | 57 | 58 | 59 | 60 | any 61 | 62 | 63 | 64 | 3 65 | edit-config --config=(file) running 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | operation error test 78 | Just trying to 'create' and existing anyxml, then 'delete' a non-existing one. 79 | 80 | 1 81 | edit-config --config=(file) running 82 | 83 | 84 | 85 | with value 86 | 87 | 88 | 89 | 90 | nc:data-exists 91 | 92 | 93 | 94 | 2 95 | edit-config --config=(file) running 96 | 97 | 98 | 99 | 100 | 101 | 102 | nc:data-missing 103 | 104 | 105 | 106 | 107 | operation test 108 | Any operations within an anyxml must be ignored, but still stored. 109 | 110 | 1 111 | edit-config --config=(file) running 112 | 113 | 114 | 115 | ... 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 2 126 | get-config --filter=(file) running 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | ... 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | restore running 147 | 148 | 1 149 | copy-config --config=old_config.xml running 150 | 151 | 152 | 153 | -------------------------------------------------------------------------------- /cli/tests/anyxml/feat1_features.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | urn:ietf:params:netconf:capability:writable-running:1.0 5 | 6 | 7 | urn:ietf:params:netconf:capability:validate:1.1 8 | 9 | 10 | http://test.org/anyxml-mod 11 | feat1 12 | feat2 13 | 14 | 15 | 16 | clean running 17 | 18 | 1 19 | get-config --out=old_config.xml running 20 | 21 | 22 | 23 | 2 24 | edit-config --config=(file) running 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | config, when test 33 | There should be no configuration and 'when' in "axml1" is not satisfied, so there is nothing to return. 34 | 35 | 1 36 | get --filter=(file) 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | when, if-feature test 45 | We create "axml3" first, so now all the conditions for returning "axml1" are satisfied. 46 | 47 | 1 48 | edit-config --config=(file) running 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 2 60 | get --filter=(file) 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | if-feature test 75 | We cannot create "axml2", 'feat2' is not supported. 76 | 77 | 1 78 | edit-config --config=(file) running 79 | 80 | 81 | 82 | with some content 83 | 84 | 85 | 86 | 87 | any 88 | 89 | 90 | 91 | 92 | restore running 93 | 94 | 1 95 | copy-config --config=old_config.xml running 96 | 97 | 98 | 99 | -------------------------------------------------------------------------------- /cli/tests/anyxml/no_features.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | urn:ietf:params:netconf:capability:writable-running:1.0 5 | 6 | 7 | http://test.org/anyxml-mod 8 | feat1 9 | feat2 10 | 11 | 12 | 13 | clean running 14 | 15 | 1 16 | get-config --out=old_config.xml running 17 | 18 | 19 | 20 | 2 21 | edit-config --config=(file) running 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | mandatory test 30 | "cont1" cannot be created, because "axml3" mandatory child is missing 31 | 32 | 1 33 | edit-config --config=(file) running 34 | 35 | 36 | 37 | 38 | any 39 | 40 | 41 | 42 | 43 | config, if-feature test 44 | We first create "cont1" with "axml3", which satisfies 'when' in "axml1", but we still miss feature 'feat1', so "axml1" cannot be returned as state. 45 | 46 | 1 47 | edit-config --config=(file) running 48 | 49 | 50 | 51 | bla 52 | 53 | 54 | 55 | 56 | 57 | 58 | 2 59 | get --filter=(file) 60 | 61 | 62 | 63 | 64 | 65 | 66 | bla 67 | 68 | 69 | 70 | 71 | 72 | 73 | if-feature test 74 | We cannot create "axml2", because we do not have neither 'feat1' nor 'feat2'. 75 | 76 | 1 77 | edit-config --config=(file) running 78 | 79 | 80 | 81 | with some content 82 | 83 | 84 | 85 | 86 | any 87 | 88 | 89 | 90 | 91 | restore running 92 | 93 | 1 94 | copy-config --config=old_config.xml running 95 | 96 | 97 | 98 | -------------------------------------------------------------------------------- /cli/tests/choice/README: -------------------------------------------------------------------------------- 1 | choice 2 | ~~~~~~ 3 | 4 | The state node /cont1/choice5/leaf10 must 5 | return "test" for these tests to pass. 6 | -------------------------------------------------------------------------------- /cli/tests/choice/choice-mod.yang: -------------------------------------------------------------------------------- 1 | module choice-mod { 2 | namespace "http://test.org/choice-mod"; 3 | 4 | prefix choicmod; 5 | 6 | feature feat1; 7 | 8 | container cont1 { 9 | choice choice1 { 10 | if-feature feat1; 11 | case case1 { 12 | leaf leaf1 { 13 | type string; 14 | } 15 | } 16 | case case2 { 17 | leaf leaf2 { 18 | type int16; 19 | } 20 | } 21 | anyxml anyxm11; 22 | case case3 { 23 | leaf leaf3 { 24 | type string; 25 | default "empty"; 26 | } 27 | leaf leaf4 { 28 | type uint32; 29 | } 30 | } 31 | case case4 { 32 | choice choice2 { 33 | container cont2 { 34 | presence "has presence"; 35 | } 36 | list list1 { 37 | key "leaf5"; 38 | leaf leaf5 { 39 | type string; 40 | } 41 | } 42 | } 43 | } 44 | } 45 | 46 | choice choice3 { 47 | default leaf6; 48 | leaf-list llist1 { 49 | type int32; 50 | } 51 | leaf leaf6 { 52 | type string; 53 | default "test"; 54 | } 55 | case case5 { 56 | when "../../choice1/case4"; 57 | if-feature feat1; 58 | container cont3 { 59 | leaf-list llist2 { 60 | type int64; 61 | } 62 | leaf leaf7 { 63 | type string; 64 | mandatory true; 65 | } 66 | } 67 | } 68 | } 69 | 70 | choice choice4 { 71 | mandatory true; 72 | leaf leaf8 { 73 | type int16; 74 | } 75 | case case6 { 76 | leaf leaf9 { 77 | type boolean; 78 | } 79 | } 80 | } 81 | 82 | choice choice5 { 83 | when "../choice4/leaf9 = 'true'"; 84 | config false; 85 | description "always returns leaf10 with 'test'"; 86 | leaf leaf10 { 87 | type string; 88 | } 89 | case case7 { 90 | leaf leaf11 { 91 | type int8; 92 | } 93 | } 94 | } 95 | } 96 | } 97 | -------------------------------------------------------------------------------- /cli/tests/choice/feat1_features.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | urn:ietf:params:netconf:capability:writable-running:1.0 5 | 6 | 7 | http://test.org/choice-mod 8 | feat1 9 | 10 | 11 | 12 | clean running 13 | 14 | 1 15 | get-config --out=old_config.xml running 16 | 17 | 18 | 19 | 2 20 | edit-config --config=(file) running 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | feature, default, when test 29 | get should return the default for "choice3", default "leaf3" node, but no state 30 | 31 | 32 | urn:ietf:params:netconf:capability:with-defaults:1.0 33 | 34 | 35 | 36 | 1 37 | edit-config --config=(file) running 38 | 39 | 40 | 55 41 | false 42 | 43 | 44 | 45 | 46 | 47 | 2 48 | get --filter=(file) --defaults=report-all 49 | 50 | 51 | 52 | 53 | 54 | 55 55 | false 56 | empty 57 | test 58 | 59 | 60 | 61 | 62 | 63 | when, mandatory test 64 | first fails cause of when, second cause of mandatory 65 | 66 | 1 67 | edit-config --config=(file) running 68 | 69 | 70 | 71 | 20 72 | string 73 | 74 | 75 | 76 | 77 | any 78 | 79 | 80 | 81 | 2 82 | edit-config --config=(file) running 83 | 84 | 85 | 86 | hey 87 | 88 | 89 | 20 90 | 91 | 92 | 93 | 94 | any 95 | 96 | 97 | 98 | 99 | choice test 100 | try to set 2 cases in a choice, then set one (the other should get deleted), check result 101 | 102 | 103 | urn:ietf:params:netconf:capability:with-defaults:1.0 104 | 105 | 106 | 107 | 1 108 | edit-config --config=(file) running 109 | 110 | 111 | hello 112 | 3 113 | 114 | 115 | 116 | any 117 | 118 | 119 | 120 | 2 121 | edit-config --config=(file) running 122 | 123 | 124 | hello 125 | 126 | 127 | 128 | 129 | 130 | 3 131 | get-config --filter=(file) --defaults=report-all running 132 | 133 | 134 | 135 | 136 | 137 | hello 138 | false 139 | 140 | 141 | 142 | 143 | 144 | restore running 145 | 146 | 1 147 | copy-config --config=old_config.xml running 148 | 149 | 150 | 151 | -------------------------------------------------------------------------------- /cli/tests/choice/no_features.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | urn:ietf:params:netconf:capability:writable-running:1.0 5 | 6 | 7 | http://test.org/choice-mod 8 | feat1 9 | 10 | 11 | 12 | clean running 13 | 14 | 1 15 | get-config --out=old_config.xml running 16 | 17 | 18 | 19 | 2 20 | edit-config --config=(file) running 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | mandatory test 29 | "cont1" cannot be created, because "choice4" is mandatory and is missing 30 | 31 | 1 32 | edit-config --config=(file) running 33 | 34 | 35 | 5 36 | 37 | 38 | 39 | any 40 | 41 | 42 | 43 | 44 | default, when test 45 | create "cont1", get should also return the default for "choice3", but not the state node (when not satisfied) 46 | 47 | 48 | urn:ietf:params:netconf:capability:with-defaults:1.0 49 | 50 | 51 | 52 | 1 53 | edit-config --config=(file) running 54 | 55 | 56 | -25 57 | 58 | 59 | 60 | 61 | 62 | 2 63 | get --filter=(file) --defaults=report-all 64 | 65 | 66 | 67 | 68 | 69 | -25 70 | test 71 | 72 | 73 | 74 | 75 | 76 | config, when test 77 | satisfy when, state should get returned now 78 | 79 | 80 | urn:ietf:params:netconf:capability:with-defaults:1.0 81 | 82 | 83 | 84 | 1 85 | edit-config --config=(file) running 86 | 87 | 88 | true 89 | 90 | 91 | 92 | 93 | 94 | 2 95 | get --filter=(file) --defaults=report-all 96 | 97 | 98 | 99 | 100 | 101 | true 102 | test 103 | test 104 | 105 | 106 | 107 | 108 | 109 | restore running 110 | 111 | 1 112 | copy-config --config=old_config.xml running 113 | 114 | 115 | 116 | -------------------------------------------------------------------------------- /cli/tests/container/README: -------------------------------------------------------------------------------- 1 | container 2 | ~~~~~~~~~ 3 | 4 | The state node /cont1/cont2/leaf6 must 5 | return "test" for these tests to pass. 6 | -------------------------------------------------------------------------------- /cli/tests/container/container-mod.yang: -------------------------------------------------------------------------------- 1 | module container-mod { 2 | namespace "http://test.org/container-mod"; 3 | 4 | prefix contmod; 5 | 6 | feature feat1; 7 | 8 | container cont1 { 9 | anyxml axml1; 10 | 11 | choice choice1 { 12 | case case1 { 13 | leaf leaf2 { 14 | type string; 15 | } 16 | } 17 | case case2 { 18 | leaf leaf3 { 19 | type int16; 20 | } 21 | } 22 | } 23 | 24 | container cont2 { 25 | config false; 26 | leaf leaf6 { 27 | description "must contain 'test'"; 28 | type string; 29 | } 30 | } 31 | 32 | container cont3 { 33 | if-feature feat1; 34 | must "../leaf1 = 5"; 35 | when "../case1"; 36 | presence "cont3 presence"; 37 | } 38 | 39 | grouping grouping1 { 40 | leaf leaf4 { 41 | type empty; 42 | } 43 | } 44 | 45 | leaf leaf1 { 46 | type int8; 47 | } 48 | 49 | leaf-list llist1 { 50 | type string; 51 | } 52 | 53 | list list1 { 54 | key "leaf5"; 55 | leaf leaf5 { 56 | type typedef1; 57 | } 58 | } 59 | 60 | typedef typedef1 { 61 | type uint32; 62 | } 63 | 64 | uses grouping1; 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /cli/tests/container/feat1_features.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | urn:ietf:params:netconf:capability:writable-running:1.0 5 | 6 | 7 | http://test.org/container-mod 8 | feat1 9 | 10 | 11 | 12 | clean running 13 | 14 | 1 15 | get-config --out=old_config.xml running 16 | 17 | 18 | 19 | 2 20 | edit-config --config=(file) running 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | if-feature, when, must test 29 | "cont3" cannot be created, because one condition is left unsatisfied, except the last edit-config 30 | 31 | 1 32 | edit-config --config=(file) running 33 | 34 | 35 | 5 36 | 5 37 | 38 | 39 | 40 | 41 | 42 | 2 43 | edit-config --config=(file) running 44 | 45 | 46 | 47 | 48 | 49 | 50 | any 51 | 52 | 53 | 54 | 3 55 | edit-config --config=(file) running 56 | 57 | 58 | def 59 | 4 60 | 61 | 62 | 63 | 64 | 65 | 4 66 | edit-config --config=(file) running 67 | 68 | 69 | 70 | 71 | 72 | 73 | any 74 | 75 | 76 | 77 | 5 78 | edit-config --config=(file) running 79 | 80 | 81 | 5 82 | 83 | 84 | 85 | 86 | 87 | 6 88 | edit-config --config=(file) running 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | restore running 99 | 100 | 1 101 | copy-config --config=old_config.xml running 102 | 103 | 104 | 105 | -------------------------------------------------------------------------------- /cli/tests/container/no_features.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | urn:ietf:params:netconf:capability:writable-running:1.0 5 | 6 | 7 | http://test.org/container-mod 8 | feat1 9 | 10 | 11 | 12 | clean running 13 | 14 | 1 15 | get-config --out=old_config.xml running 16 | 17 | 18 | 19 | 2 20 | edit-config --config=(file) running 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | if-feature, when, must test 29 | "cont3" cannot be created, because no condition is satisfied 30 | 31 | 1 32 | edit-config --config=(file) running 33 | 34 | 35 | 36 | 37 | 38 | 39 | any 40 | 41 | 42 | 43 | 44 | if-feature test 45 | "cont3" cannot be created, because "feat1" is off 46 | 47 | 1 48 | edit-config --config=(file) running 49 | 50 | 51 | abc 52 | 5 53 | 54 | 55 | 20 56 | 57 | 58 | 21 59 | 60 | 61 | 62 | 63 | 64 | 65 | 2 66 | edit-config --config=(file) running 67 | 68 | 69 | 70 | 71 | 72 | 73 | any 74 | 75 | 76 | 77 | 78 | config test 79 | just check that get returns what it should 80 | 81 | 1 82 | get --filter=(file) 83 | 84 | 85 | 86 | 87 | 88 | abc 89 | 5 90 | 91 | 92 | 20 93 | 94 | 95 | 21 96 | 97 | 98 | test 99 | 100 | 101 | 102 | 103 | 104 | 105 | restore running 106 | 107 | 1 108 | copy-config --config=old_config.xml running 109 | 110 | 111 | 112 | -------------------------------------------------------------------------------- /cov-configure.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | cd server 3 | ./configure --enable-tls 4 | cd ../cli 5 | ./configure --enable-tls 6 | cd ../transAPI/cfginterfaces 7 | ./configure 8 | cd ../cfgsystem 9 | ./configure 10 | cd ../turing 11 | ./configure 12 | cd ../.. 13 | -------------------------------------------------------------------------------- /cov-gen-tgz.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | if test "$1" = ""; then 3 | echo "Requires an argument - the path to \"cov-build\"" 4 | exit 1 5 | fi 6 | 7 | ./cov-configure.sh 8 | $1 --dir cov-int ./cov-make.sh 9 | tar czvf netopeer.tgz cov-int 10 | -------------------------------------------------------------------------------- /cov-make.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | cd server 3 | make -B 4 | cd ../cli 5 | make -B 6 | cd ../transAPI/cfginterfaces 7 | make -B 8 | cd ../cfgsystem 9 | make -B 10 | cd ../turing 11 | make -B 12 | cd ../.. 13 | -------------------------------------------------------------------------------- /server/VERSION: -------------------------------------------------------------------------------- 1 | 0.8.0 2 | -------------------------------------------------------------------------------- /server/certs/ca.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEogIBAAKCAQEArD3TDHPAMT2Z84orK4lMlarbgooIUCcRZyLe+QM+8KY8Hn+m 3 | GaxPEOTSL3ywszqefB/Utm2hPKLHX684iRC14ID9WDGHxPjvoPArhgFhfV+qnPfx 4 | KTgxZC12uOj4u1V9y+SkTCocFbRfXVBGpojrBuDHXkDMDEWNvr8/52YCv7bGaiBw 5 | UHolcLCUbmtKILCG0RNJyTaJpXQdAeq5Z1SJotpbfYFFtAXB32hVoLug1dzl2tjG 6 | 9sb1wq3QaDExcbC5w6P65qOkNoyym9ne6QlQagCqVDyFn3vcqkRaTjvZmxauCeUx 7 | XgJoXkyWcm0lM1KMHdoTArmchw2Dz0yHHSyDAQIDAQABAoIBAFH65y3hFhQZxuHU 8 | 3LFPG0WNWgdq3YQQ5EaboVcSRW3TIYA+r3c+vS9ESgpSJeRYvUBFAkCGM50huRWA 9 | 177dVkPyASNuB7on5h5K0dxpYdaDpzgpBv7ggRm2TfC66lB343UdcVnTHSTzggRv 10 | BgGT35GZgSsKWlRo8otcifUAZ8SJWRv6UxmX0zuvqSj3Q49ucevb57/CmYdgGxCP 11 | 5flP/fqAdKen8/A03KPaltMERdo5xXbs5f7iBjcCZM1427Ta5cjiBW1zDWU4zbzn 12 | 9+unwWPEuuPaGGtS6500qBJy6mIgM/9nYP9LKz9sJMEVJJZLZc1/2pjbJSNEiNJV 13 | SlJrvbECgYEA2u+xyfMsc2iE+dC8913NvIJnK7v7ixh5eu86SjJoYvflBvnEpPoX 14 | XxWlWUkO5jR1Hk2v1Z4U4hD/OR1kUwAqbN3MdCDd00hkhgVns8AgZtH0aXmdz+xq 15 | M0CKGXU7L/XS5mpiI8g24im1+1/rQjLxxUQjv0nfMxixa/ENmmtuisUCgYEAyWZ2 16 | CzAROlhxjaCbe+WopjG0AevCcrAPAeRgqIOm9sJ51q0cg2B6E/Zn27CvzKxsFzgM 17 | +Vu3MoC0vVMK+Dc3o7idaQ0ew7kY5KO6LY8wDu5s3EGiS0KGJum2iIStE3lee/dd 18 | TDcX6yE/3WYvvNf7w7uN7nme3s3EuSDDKpPFCw0CgYAaSnpxI/CMk1qUnUpz8iHI 19 | p2g4SkS0uWWtK5k2W8NJTzeDlO7WWOoBkxneFPXjEx2VXALnhio/04aylyL7DKQL 20 | mr74mxHIU4MuzOtdHI9HiaLuH5qh42QFb5Sl5fwLkFuZK+FJJrvggN3HqAcaVf/O 21 | jpY0XGyfODHmInZdutT1eQKBgBAVoMPP+PBB8/+tnf1NICT1vzyQCZ2DNg+en6GV 22 | shXu/jAI70gGwnkpqq2+9KtR8egAz/hyPLVJ1iVwpmWgc08eBWRIafaTp8tK0Cmn 23 | T91BaWxFyaJdE72z2KIahoARp1wbK1ZU6BIdO66A5LsePLsrFXDAQdHleRqX5T5X 24 | QttZAoGASjKxjcbfZN9Q4jfvof2tacpdKbof9K03tbcRRkcBBF/mtiK4ER+c7dPU 25 | YcGJwOCT9YofASM0Qnq3F118Ic7DJAB332R1/UMY1krkCLAGfjAndL5XguFLpDQx 26 | c3dqfZ38rGw4GIr/rGJsPInYzkLxTfoYit/9dZjLLoxxvwlLTLs= 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /server/certs/ca.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIID7TCCAtWgAwIBAgIJAMtE1NGAR5KoMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYD 3 | VQQGEwJDWjEWMBQGA1UECAwNU291dGggTW9yYXZpYTENMAsGA1UEBwwEQnJubzEP 4 | MA0GA1UECgwGQ0VTTkVUMQwwCgYDVQQLDANUTUMxEzARBgNVBAMMCmV4YW1wbGUg 5 | Q0ExIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVjYUBsb2NhbGhvc3QwHhcNMTQwNzI0 6 | MTQxOTAyWhcNMjQwNzIxMTQxOTAyWjCBjDELMAkGA1UEBhMCQ1oxFjAUBgNVBAgM 7 | DVNvdXRoIE1vcmF2aWExDTALBgNVBAcMBEJybm8xDzANBgNVBAoMBkNFU05FVDEM 8 | MAoGA1UECwwDVE1DMRMwEQYDVQQDDApleGFtcGxlIENBMSIwIAYJKoZIhvcNAQkB 9 | FhNleGFtcGxlY2FAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 10 | CgKCAQEArD3TDHPAMT2Z84orK4lMlarbgooIUCcRZyLe+QM+8KY8Hn+mGaxPEOTS 11 | L3ywszqefB/Utm2hPKLHX684iRC14ID9WDGHxPjvoPArhgFhfV+qnPfxKTgxZC12 12 | uOj4u1V9y+SkTCocFbRfXVBGpojrBuDHXkDMDEWNvr8/52YCv7bGaiBwUHolcLCU 13 | bmtKILCG0RNJyTaJpXQdAeq5Z1SJotpbfYFFtAXB32hVoLug1dzl2tjG9sb1wq3Q 14 | aDExcbC5w6P65qOkNoyym9ne6QlQagCqVDyFn3vcqkRaTjvZmxauCeUxXgJoXkyW 15 | cm0lM1KMHdoTArmchw2Dz0yHHSyDAQIDAQABo1AwTjAdBgNVHQ4EFgQUc1YQIqjZ 16 | sHVwlea0AB4N+ilNI2gwHwYDVR0jBBgwFoAUc1YQIqjZsHVwlea0AB4N+ilNI2gw 17 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAI/1KH60qnw9Xs2RGfi0/ 18 | IKf5EynXt4bQX8EIyVKwSkYKe04zZxYfLIl/Q2HOPYoFmm3daj5ddr0ZS1i4p4fT 19 | UhstjsYWvXs3W/HhVmFUslakkn3PrswhP77fCk6eEJLxdfyJ1C7Uudq2m1isZbKi 20 | h+XF0mG1LxJaDMocSz4eAya7M5brwjy8DoOmA1TnLQFCVcpn+sCr7VC4wE/JqxyV 21 | hBCk/MuGqqM3B1j90bGFZ112ZOecyE0EDSr6IbiRBtmeNbEwOFjKXhNLYdxpBZ9D 22 | 8A/368OckZkCrVLGuJNxK9UwCVTe8IhotHUqU9EqFDmxdV8oIdU/OzUwwNPA/Bd/ 23 | 9g== 24 | -----END CERTIFICATE----- 25 | -------------------------------------------------------------------------------- /server/certs/client.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIECTCCAvGgAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCQ1ox 3 | FjAUBgNVBAgMDVNvdXRoIE1vcmF2aWExDTALBgNVBAcMBEJybm8xDzANBgNVBAoM 4 | BkNFU05FVDEMMAoGA1UECwwDVE1DMRMwEQYDVQQDDApleGFtcGxlIENBMSIwIAYJ 5 | KoZIhvcNAQkBFhNleGFtcGxlY2FAbG9jYWxob3N0MB4XDTE1MDczMDA3MjcxOFoX 6 | DTM1MDcyNTA3MjcxOFowgYUxCzAJBgNVBAYTAkNaMRYwFAYDVQQIDA1Tb3V0aCBN 7 | b3JhdmlhMQ8wDQYDVQQKDAZDRVNORVQxDDAKBgNVBAsMA1RNQzEXMBUGA1UEAwwO 8 | ZXhhbXBsZSBjbGllbnQxJjAkBgkqhkiG9w0BCQEWF2V4YW1wbGVjbGllbnRAbG9j 9 | YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueCQaNQWoNmF 10 | K6LKu1p8U8ZWdWg/PvDdLsJyzfzl/Qw4UA68SfFNaY06zZl8QB9W02nr5kWeeMY0 11 | VA3adrPgOlvfx3oWlFbkETnMaN4OT3WTQ0Wt6jAWZDzVfopwpJPAzRPxACDftIqF 12 | GagYcF32hZlVNqqnVdbXh0S0EViweqp/dbG4VDUHSNVbglc+u4UbEzNIFXMdEFsJ 13 | ZpkynOmSiTsIATqIhb+2srkVgLwhfkC2qkuHQwAHdubuB07ObM2z01UhyEdDvEYG 14 | HwtYAGDBL2TAcsI0oGeVkRyuOkV0QY0UN7UEFI1yTYw+xZ42HgFx3uGwApCImxhb 15 | j69GBYWFqwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVu 16 | U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUXGpLeLnh2cSDARAV 17 | A7KrBxGYpo8wHwYDVR0jBBgwFoAUc1YQIqjZsHVwlea0AB4N+ilNI2gwDQYJKoZI 18 | hvcNAQELBQADggEBAJPV3RTXFRtNyOU4rjPpYeBAIAFp2aqGc4t2J1c7oPp/1n+l 19 | ZvjnwtlJpZHxMM783e2ryDQ6dkvXDf8kpwKlg3U3mkJ3xKkDdWrM4QwghXdCN519 20 | aa9qmu0zdFL+jUAaWlQ5tsceOrvbusCcbMqiFGk/QfpHqPv52SVWbYyUx7IX7DE+ 21 | UjgsLHycfV/tlcx4ZE6soTzl9VdgSL/zmzG3rjsr58J80rXckLgBhvijgBlIAJvW 22 | fC7D0vaouvBInSFXymdPVoUDZ30cdGLf+hI/i/TfsEMOinLrXVdkSGNo6FXAHKSv 23 | XeB9oFKSzhQ7OPyRyqvEPycUSw/qD6FVr80oDDc= 24 | -----END CERTIFICATE----- 25 | -------------------------------------------------------------------------------- /server/certs/client.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAueCQaNQWoNmFK6LKu1p8U8ZWdWg/PvDdLsJyzfzl/Qw4UA68 3 | SfFNaY06zZl8QB9W02nr5kWeeMY0VA3adrPgOlvfx3oWlFbkETnMaN4OT3WTQ0Wt 4 | 6jAWZDzVfopwpJPAzRPxACDftIqFGagYcF32hZlVNqqnVdbXh0S0EViweqp/dbG4 5 | VDUHSNVbglc+u4UbEzNIFXMdEFsJZpkynOmSiTsIATqIhb+2srkVgLwhfkC2qkuH 6 | QwAHdubuB07ObM2z01UhyEdDvEYGHwtYAGDBL2TAcsI0oGeVkRyuOkV0QY0UN7UE 7 | FI1yTYw+xZ42HgFx3uGwApCImxhbj69GBYWFqwIDAQABAoIBAQCZN9kR8DGu6V7y 8 | t0Ax68asL8O5B/OKaHWKQ9LqpVrXmikZJOxkbzoGldow/CIFoU+q+Zbwu9aDa65a 9 | 0wiP7Hoa4Py3q5XNNUrOQDyU/OYC7cI0I83WS0lJ2zOJGYj8wKae5Z81IeQFKGHK 10 | 4lsy1OGPAvPRGh7RjUUgRavA2MCwe07rWRuDb/OJFe4Oh56UMEjwMiNBtMNtncog 11 | j1vr/qgRJdf9tf0zlJmLvUJ9+HSFFV9I/97LJyFhb95gAfHkjdVroLVgT3Cho+4P 12 | WtZaKCIGD0OwfOG2nLV4leXvRUk62/LMlB8NI9+JF7Xm+HCKbaWHNWC7mvWSLV58 13 | Zl4AbUWRAoGBANyJ6SFHFRHSPDY026SsdMzXR0eUxBAK7G70oSBKKhY+O1j0ocLE 14 | jI2krHJBhHbLlnvJVyMUaCUOTS5m0uDw9hgSsAqeSL3hL38kxVZw+KNG9Ouno1Fl 15 | KnE/xXHlPQyeGs/P8nAMzHZxQtEsQdQayJEhK2XXHTsy7Q3MxDisfVJ1AoGBANfD 16 | 34gB+OMx6pwj7zk3qWbYXSX8xjCZMR0ciko+h4xeMP2N8B0oyoqC+v1ABMAtJ3wG 17 | sGZd0hV9gwM7OUM3SEwkn6oeg1GemWLcn4rlSmTnZc4aeVwrEWlnSNFX3s4g9l4u 18 | k8Ugu4MVJYqH8HuDQ5Ggl6/QAwPzMSEdCW0O+jOfAoGAIBRbegC5+t6m7Yegz4Ja 19 | dxV1g98K6f58x+MDsQu4tYWV4mmrQgaPH2dtwizvlMwmdpkh+LNWNtWuumowkJHc 20 | akIFo3XExQIFg6wYnGtQb4e5xrGa2xMpKlIJaXjb+YLiCYqJDG2ALFZrTrvuU2kV 21 | 9a5qfqTc1qigvNolTM0iaaUCgYApmrZWhnLUdEKV2wP813PNxfioI4afxlpHD8LG 22 | sCn48gymR6E+Lihn7vuwq5B+8fYEH1ISWxLwW+RQUjIneNhy/jjfV8TgjyFqg7or 23 | 0Sy4KjpiNI6kLBXOakELRNNMkeSPopGR2E7v5rr3bGD9oAD+aqX1G7oJH/KgPPYd 24 | Vl7+ZwKBgQDcHyWYrimjyUgKaQD2GmoO9wdcJYQ59ke9K+OuGlp4ti5arsi7N1tP 25 | B4f09aeELM2ASIuk8Q/Mx0jQFnm8lzRFXdewgvdPoZW/7VufM9O7dGPOc41cm2Dh 26 | yrTcXx/VmUBb+/fnXVEgCv7gylp/wtdTGHQBQJHR81jFBz0lnLj+gg== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /server/certs/server.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIECTCCAvGgAwIBAgIBCDANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCQ1ox 3 | FjAUBgNVBAgMDVNvdXRoIE1vcmF2aWExDTALBgNVBAcMBEJybm8xDzANBgNVBAoM 4 | BkNFU05FVDEMMAoGA1UECwwDVE1DMRMwEQYDVQQDDApleGFtcGxlIENBMSIwIAYJ 5 | KoZIhvcNAQkBFhNleGFtcGxlY2FAbG9jYWxob3N0MB4XDTE1MDczMDA3MjU1MFoX 6 | DTM1MDcyNTA3MjU1MFowgYUxCzAJBgNVBAYTAkNaMRYwFAYDVQQIDA1Tb3V0aCBN 7 | b3JhdmlhMQ8wDQYDVQQKDAZDRVNORVQxDDAKBgNVBAsMA1RNQzEXMBUGA1UEAwwO 8 | ZXhhbXBsZSBzZXJ2ZXIxJjAkBgkqhkiG9w0BCQEWF2V4YW1wbGVzZXJ2ZXJAbG9j 9 | YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdI1TBjzX1Pg 10 | QXFuPCw5/kQwU7qkrhirMcFAXhI8EoXepPa9fKAVuMjHW32P6nNzDpnhFe0YGdNl 11 | oIEN3hJJ87cVOqj4o7zZMbq3zVG2L8As7MTA8tYXm2fSC/0rIxxRRemcGUXM0q+4 12 | LEACjZj2pOKonaivF5VbhgNjPCO1Jj/TamUc0aViE577C9L9EiObGM+bGbabWk/K 13 | WKLsvxUc+sKZXaJ7psTVgpggJAkUszlmwOQgFiMSR53E9/CAkQYhzGVCmH44Vs6H 14 | zs3RZjOTbce4wr4ongiA5LbPeSNSCFjy9loKpaE1rtOjkNBVdiNPCQTmLuODXUTK 15 | gkeL+9v/OwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVu 16 | U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU83qEtQDFzDvLoaII 17 | vqiU6k7j1uswHwYDVR0jBBgwFoAUc1YQIqjZsHVwlea0AB4N+ilNI2gwDQYJKoZI 18 | hvcNAQELBQADggEBAJ+QOLi4gPWGofMkLTqSsbv5xRvTw0xa/sJnEeiejtygAu3o 19 | McAsyevSH9EYVPCANxzISPzd9SFaO56HxWgcxLn9vi8ZNvo2wIp9zucNu285ced1 20 | K/2nDZfBmvBxXnj/n7spwqOyuoIc8sR7P7YyI806Qsfhk3ybNZE5UHJFZKDRQKvR 21 | J1t4nk9saeo87kIuNEDfYNdwYZzRfXoGJ5qIJQK+uJJv9noaIhfFowDW/G14Ji5p 22 | Vh/YtvnOPh7aBjOj8jmzk8MqzK+TZgT7GWu48Nd/NaV8g/DNg9hlN047LaNsJly3 23 | NX3+VBlpMnA4rKwl1OnmYSirIVh9RJqNwqe6k/k= 24 | -----END CERTIFICATE----- 25 | -------------------------------------------------------------------------------- /server/certs/server.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEAsdI1TBjzX1PgQXFuPCw5/kQwU7qkrhirMcFAXhI8EoXepPa9 3 | fKAVuMjHW32P6nNzDpnhFe0YGdNloIEN3hJJ87cVOqj4o7zZMbq3zVG2L8As7MTA 4 | 8tYXm2fSC/0rIxxRRemcGUXM0q+4LEACjZj2pOKonaivF5VbhgNjPCO1Jj/TamUc 5 | 0aViE577C9L9EiObGM+bGbabWk/KWKLsvxUc+sKZXaJ7psTVgpggJAkUszlmwOQg 6 | FiMSR53E9/CAkQYhzGVCmH44Vs6Hzs3RZjOTbce4wr4ongiA5LbPeSNSCFjy9loK 7 | paE1rtOjkNBVdiNPCQTmLuODXUTKgkeL+9v/OwIDAQABAoIBAG/4MG1JbL4C/7vV 8 | pBcpth7Aaznd1eJ2UB4VVOWnT8JOH2L6p1h5KRRhAP9AMkXsCnAQPyZiVAG3FlAZ 9 | 01SZaY2YJDr6uQ3JVW4155TWtgSdWux//Ass+lJ17lJ0SRxjsV13ez6CsDWeRjc+ 10 | 2xy0S+KJgqk71XzhJG9fZLYyuddp3U/i3xFPUAcQM9xXKxcaD7g6LJf+a9pt6rim 11 | Eqq/pjJxDgTsRLARsazYuxrlOB445mvnLiYhOf2/MvI80jIUKaj8BeAhg49UIg/k 12 | mIh0xdevkcxBFer/BjBjscWaFjx14D6nkFMw7vtCum5KfalLN2edZKAzByOudGD4 13 | 5KnRp3ECgYEA6vnSoNGg9Do80JOpXRGYWhcR1lIDO5yRW5rVagncCcW5Pn/GMtNd 14 | x2q6k1ks8mXKR9CxZrxZGqeYObZ9a/5SLih7ZkpiVWXG8ZiBIPhP6lnwm5OeIqLa 15 | hr0BYWcRfrGg1phj5uySZgsVBE+D8jH42O9ccdvrWv1OiryAHfKIcwMCgYEAwbs+ 16 | HfQtvHOQXSYNhtOeA7IetkGy3cKVg2oILNcROvI96hS0MZKt1Rko0UAapx96eCIr 17 | el7vfdT0eUzNqt2wTKp1zmiG+SnX3fMDJNzMwu/jb/b4wQ20IHWNDnqcqTUVRUnL 18 | iksLFoHbTxsN5NpEQExcSt/zzP4qi1W2Bmo18WkCgYEAnhrk16LVux9ohiulHONW 19 | 8N9u+BeM51JtGAcxrDzgGo85Gs2czdwc0K6GxdiN/rfxCKtqgqcfCWlVaxfYgo7I 20 | OxiwF17blXx7BVrJICcUlqpX1Ebac5HCmkCYqjJQuj/I6jv1lI7/3rt8M79RF+j5 21 | +PXt7Qq97SZd78nwJrZni4MCgYAiPjZ8lOyAouyhilhZvI3xmUpUbMhw6jQDRnqr 22 | clhZUvgeqAoxuPuA7zGHywzq/WVoVqHYv28Vjs6noiu4R/chlf+8vD0fTYYadRnZ 23 | Ki4HRt+sqrrNZN6x3hVQudt3DSr1VFXl293Z3JonIWETUoE93EFz+qHdWg+rETtb 24 | ZuqiAQKBgD+HI/syLECyO8UynuEaDD7qPl87PJ/CmZLMxa2/ZZUjhaXAW7CJMaS6 25 | 9PIzsLk33y3O4Qer0wx/tEdfnxMTBJrgGt/lFFdAKhSJroZ45l5apiavg1oZYp89 26 | jSd0lVxWSmrBjBZLnqOl336gzaBVkBD5ND+XUPdR1UuVQExJlem4 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /server/config/NETCONF-server.xml.in: -------------------------------------------------------------------------------- 1 | 2 | NETCONF-server 3 | 4 | 5 | @sysconfdir@/netopeer/cfgnetopeer/ietf-x509-cert-to-name.yin 6 | 7 | 8 | @sysconfdir@/netopeer/cfgnetopeer/ietf-netconf-server.yin 9 | @NCSERVER_FEATURES@ 10 | 11 | 12 | 13 | file 14 | @sysconfdir@/netopeer/cfgnetopeer/datastore-server.xml 15 | 16 | 17 | -------------------------------------------------------------------------------- /server/config/Netopeer.xml.in: -------------------------------------------------------------------------------- 1 | 2 | Netopeer 3 | 4 | 5 | @sysconfdir@/netopeer/cfgnetopeer/netopeer-cfgnetopeer.yin 6 | @NETOPEER_FEATURES@ 7 | 8 | 9 | 10 | file 11 | @sysconfdir@/netopeer/cfgnetopeer/datastore.xml 12 | 13 | 14 | -------------------------------------------------------------------------------- /server/config/datastore.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | MIID+TCCAuGgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMCQ1ox 8 | FjAUBgNVBAgMDVNvdXRoIE1vcmF2aWExDTALBgNVBAcMBEJybm8xDzANBgNVBAoM 9 | BkNFU05FVDEMMAoGA1UECwwDVE1DMRMwEQYDVQQDDApleGFtcGxlIENBMSIwIAYJ 10 | KoZIhvcNAQkBFhNleGFtcGxlY2FAbG9jYWxob3N0MB4XDTE0MDcyNDE0MzI0NVoX 11 | DTE1MDcyNDE0MzI0NVowdjELMAkGA1UEBhMCQ1oxFjAUBgNVBAgMDVNvdXRoIE1v 12 | cmF2aWExDzANBgNVBAoMBkNFU05FVDEMMAoGA1UECwwDVE1DMQ8wDQYDVQQDDAZz 13 | ZXJ2ZXIxHzAdBgkqhkiG9w0BCQEWEHNlcnZlckBsb2NhbGhvc3QwggEiMA0GCSqG 14 | SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx0jVMGPNfU+BBcW48LDn+RDBTuqSuGKsx 15 | wUBeEjwShd6k9r18oBW4yMdbfY/qc3MOmeEV7RgZ02WggQ3eEknztxU6qPijvNkx 16 | urfNUbYvwCzsxMDy1hebZ9IL/SsjHFFF6ZwZRczSr7gsQAKNmPak4qidqK8XlVuG 17 | A2M8I7UmP9NqZRzRpWITnvsL0v0SI5sYz5sZtptaT8pYouy/FRz6wpldonumxNWC 18 | mCAkCRSzOWbA5CAWIxJHncT38ICRBiHMZUKYfjhWzofOzdFmM5Ntx7jCviieCIDk 19 | ts95I1IIWPL2WgqloTWu06OQ0FV2I08JBOYu44NdRMqCR4v72/87AgMBAAGjezB5 20 | MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl 21 | cnRpZmljYXRlMB0GA1UdDgQWBBTzeoS1AMXMO8uhogi+qJTqTuPW6zAfBgNVHSME 22 | GDAWgBRzVhAiqNmwdXCV5rQAHg36KU0jaDANBgkqhkiG9w0BAQUFAAOCAQEAnyBQ 23 | x/5caVqR2S0kBD8VG4BER5mIk3biDY2urzKHVG2GubvsFgrct1+vDUToFHyYwZtP 24 | eRBORApiugqIP2WhKTIs1SDJ41X4IDnT/ChNpZ89b31zja1TnuJTzTdXEebBGkb9 25 | ns98BH8Tg2+QIFcNB0eXqIiG5HG++MVoc4WzKB12fvfVJHKm9iHPpAC+EyTVScVv 26 | L5otbwVhwp0MiaMDjEqoUJEbrT4JhtZh1BgCXzhw7LcNOD8Ukr6Q1uRue/jjpJbC 27 | N6ofbnrSras5tJH9QWaW6tT5iDdIlKPExfrwHUqC4YHO0+3Q15yttwfh7wCwNU2H 28 | dP4VfSRdn/LaTmR68Q== 29 | 30 | MIIEowIBAAKCAQEAsdI1TBjzX1PgQXFuPCw5/kQwU7qkrhirMcFAXhI8EoXepPa9 31 | fKAVuMjHW32P6nNzDpnhFe0YGdNloIEN3hJJ87cVOqj4o7zZMbq3zVG2L8As7MTA 32 | 8tYXm2fSC/0rIxxRRemcGUXM0q+4LEACjZj2pOKonaivF5VbhgNjPCO1Jj/TamUc 33 | 0aViE577C9L9EiObGM+bGbabWk/KWKLsvxUc+sKZXaJ7psTVgpggJAkUszlmwOQg 34 | FiMSR53E9/CAkQYhzGVCmH44Vs6Hzs3RZjOTbce4wr4ongiA5LbPeSNSCFjy9loK 35 | paE1rtOjkNBVdiNPCQTmLuODXUTKgkeL+9v/OwIDAQABAoIBAG/4MG1JbL4C/7vV 36 | pBcpth7Aaznd1eJ2UB4VVOWnT8JOH2L6p1h5KRRhAP9AMkXsCnAQPyZiVAG3FlAZ 37 | 01SZaY2YJDr6uQ3JVW4155TWtgSdWux//Ass+lJ17lJ0SRxjsV13ez6CsDWeRjc+ 38 | 2xy0S+KJgqk71XzhJG9fZLYyuddp3U/i3xFPUAcQM9xXKxcaD7g6LJf+a9pt6rim 39 | Eqq/pjJxDgTsRLARsazYuxrlOB445mvnLiYhOf2/MvI80jIUKaj8BeAhg49UIg/k 40 | mIh0xdevkcxBFer/BjBjscWaFjx14D6nkFMw7vtCum5KfalLN2edZKAzByOudGD4 41 | 5KnRp3ECgYEA6vnSoNGg9Do80JOpXRGYWhcR1lIDO5yRW5rVagncCcW5Pn/GMtNd 42 | x2q6k1ks8mXKR9CxZrxZGqeYObZ9a/5SLih7ZkpiVWXG8ZiBIPhP6lnwm5OeIqLa 43 | hr0BYWcRfrGg1phj5uySZgsVBE+D8jH42O9ccdvrWv1OiryAHfKIcwMCgYEAwbs+ 44 | HfQtvHOQXSYNhtOeA7IetkGy3cKVg2oILNcROvI96hS0MZKt1Rko0UAapx96eCIr 45 | el7vfdT0eUzNqt2wTKp1zmiG+SnX3fMDJNzMwu/jb/b4wQ20IHWNDnqcqTUVRUnL 46 | iksLFoHbTxsN5NpEQExcSt/zzP4qi1W2Bmo18WkCgYEAnhrk16LVux9ohiulHONW 47 | 8N9u+BeM51JtGAcxrDzgGo85Gs2czdwc0K6GxdiN/rfxCKtqgqcfCWlVaxfYgo7I 48 | OxiwF17blXx7BVrJICcUlqpX1Ebac5HCmkCYqjJQuj/I6jv1lI7/3rt8M79RF+j5 49 | +PXt7Qq97SZd78nwJrZni4MCgYAiPjZ8lOyAouyhilhZvI3xmUpUbMhw6jQDRnqr 50 | clhZUvgeqAoxuPuA7zGHywzq/WVoVqHYv28Vjs6noiu4R/chlf+8vD0fTYYadRnZ 51 | Ki4HRt+sqrrNZN6x3hVQudt3DSr1VFXl293Z3JonIWETUoE93EFz+qHdWg+rETtb 52 | ZuqiAQKBgD+HI/syLECyO8UynuEaDD7qPl87PJ/CmZLMxa2/ZZUjhaXAW7CJMaS6 53 | 9PIzsLk33y3O4Qer0wx/tEdfnxMTBJrgGt/lFFdAKhSJroZ45l5apiavg1oZYp89 54 | jSd0lVxWSmrBjBZLnqOl336gzaBVkBD5ND+XUPdR1UuVQExJlem4 55 | RSA 56 | 57 | 58 | MIID7TCCAtWgAwIBAgIJAMtE1NGAR5KoMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYD 59 | VQQGEwJDWjEWMBQGA1UECAwNU291dGggTW9yYXZpYTENMAsGA1UEBwwEQnJubzEP 60 | MA0GA1UECgwGQ0VTTkVUMQwwCgYDVQQLDANUTUMxEzARBgNVBAMMCmV4YW1wbGUg 61 | Q0ExIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVjYUBsb2NhbGhvc3QwHhcNMTQwNzI0 62 | MTQxOTAyWhcNMjQwNzIxMTQxOTAyWjCBjDELMAkGA1UEBhMCQ1oxFjAUBgNVBAgM 63 | DVNvdXRoIE1vcmF2aWExDTALBgNVBAcMBEJybm8xDzANBgNVBAoMBkNFU05FVDEM 64 | MAoGA1UECwwDVE1DMRMwEQYDVQQDDApleGFtcGxlIENBMSIwIAYJKoZIhvcNAQkB 65 | FhNleGFtcGxlY2FAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB 66 | CgKCAQEArD3TDHPAMT2Z84orK4lMlarbgooIUCcRZyLe+QM+8KY8Hn+mGaxPEOTS 67 | L3ywszqefB/Utm2hPKLHX684iRC14ID9WDGHxPjvoPArhgFhfV+qnPfxKTgxZC12 68 | uOj4u1V9y+SkTCocFbRfXVBGpojrBuDHXkDMDEWNvr8/52YCv7bGaiBwUHolcLCU 69 | bmtKILCG0RNJyTaJpXQdAeq5Z1SJotpbfYFFtAXB32hVoLug1dzl2tjG9sb1wq3Q 70 | aDExcbC5w6P65qOkNoyym9ne6QlQagCqVDyFn3vcqkRaTjvZmxauCeUxXgJoXkyW 71 | cm0lM1KMHdoTArmchw2Dz0yHHSyDAQIDAQABo1AwTjAdBgNVHQ4EFgQUc1YQIqjZ 72 | sHVwlea0AB4N+ilNI2gwHwYDVR0jBBgwFoAUc1YQIqjZsHVwlea0AB4N+ilNI2gw 73 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAI/1KH60qnw9Xs2RGfi0/ 74 | IKf5EynXt4bQX8EIyVKwSkYKe04zZxYfLIl/Q2HOPYoFmm3daj5ddr0ZS1i4p4fT 75 | UhstjsYWvXs3W/HhVmFUslakkn3PrswhP77fCk6eEJLxdfyJ1C7Uudq2m1isZbKi 76 | h+XF0mG1LxJaDMocSz4eAya7M5brwjy8DoOmA1TnLQFCVcpn+sCr7VC4wE/JqxyV 77 | hBCk/MuGqqM3B1j90bGFZ112ZOecyE0EDSr6IbiRBtmeNbEwOFjKXhNLYdxpBZ9D 78 | 8A/368OckZkCrVLGuJNxK9UwCVTe8IhotHUqU9EqFDmxdV8oIdU/OzUwwNPA/Bd/ 79 | 9g== 80 | 81 | 82 | 83 | 1 84 | 02:E9:38:1F:F6:8B:62:DE:0A:0B:C5:03:81:A8:03:49:A0:00:7F:8B:F3 85 | x509c2n:specified 86 | default_ca 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | -------------------------------------------------------------------------------- /server/configurator/README: -------------------------------------------------------------------------------- 1 | Dynamic netopeer-configurator modules 2 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 3 | 4 | netopeer-configurator(1) dynamically loads any modules 5 | it can find. The search begins by learning the directory 6 | which 'config.py' module is in. This directory is then 7 | searched for 'nc_*.py' files. These must include classes 8 | with the same name as their file name without the 9 | extension and conform to 'ncmodule.py'. All such modules 10 | are imported. 11 | -------------------------------------------------------------------------------- /server/configurator/netopeer-configurator.1: -------------------------------------------------------------------------------- 1 | .\" Process this file with 2 | .\" groff -man -Tascii netopeer-configurator.1 3 | .\" 4 | .TH "netopeer-configurator" 1 "Fri Jun 13 2014" "Netopeer" 5 | .SH NAME 6 | netopeer-configurator \- \fBnetopeer-server\fR's first run configurator 7 | .SH DESCRIPTION 8 | .B netopeer-configurator 9 | is a tool to make 10 | .B netopeer-server 11 | configuration more easy. It is supposed mainly for the configuration before the 12 | first run of the 13 | .BR netopeer-server . 14 | However, it can be used whenever to check the current settings and modify the 15 | selected properties of the 16 | .BR netopeer-server . 17 | .PP 18 | Because the 19 | .B netopeer-configurator 20 | accesses configuration files in the system directories, it is necessary to run 21 | it as the \fIroot\fR user. 22 | .PP 23 | The 24 | .B netopeer-configurator 25 | provides information from the following areas: 26 | .IP Netopeer 27 | Generic configuration of the Netopeer server. It provides information about the 28 | server's binaries and the Netopeer modules. It allows to enable/disable the 29 | installed modules. To install/remove the Netopeer modules, use the 30 | .B netopeer-manager 31 | tool. 32 | .IP NACM 33 | NETCONF Access Control Module. This part allows to change the default settings 34 | of the NACM. It is useful mainly because the NACM by default avoids any write 35 | to the configuration, so via the NETCONF the user is not allowed to specify even 36 | NACM rules. The 37 | .B netopeer-configurator 38 | allows to change the basic settings of the NACM as well as to specify the users 39 | that will be permitted to do anything (all access right in all modules will be 40 | granted). 41 | .IP Intercommunication 42 | Provides information about the communication between the 43 | .B netopeer-server 44 | and 45 | .BR netopeer-agent s. 46 | In case of DBus communication, it also allows to change the groups of users 47 | allowed to connect to the NETCONF server. 48 | .IP "Server Certificate (only with TLS support)" 49 | Provides management of the server certificate utilized by 50 | .B stunnel 51 | , which is executed by 52 | .B netopeer-server . 53 | This certificate is sent to a client for TLS authentication. 54 | .IP "CA Certificates (only with TLS support)" 55 | Provides management of trusted Certificate Authority certificates utilized by 56 | .B stunnel 57 | , which is executed by 58 | .B netopeer-server . 59 | Only certificates with a prefix of \fIca_\fR (trusted CA) or \fIcl_\fR (trusted 60 | client) are recognized in order to be compatible with the 61 | .B cfgsystem 62 | netopeer plugin certificate management. 63 | .IP "CRLs (only with TLS support)" 64 | Provides management of Certificate Revocation Lists utilized by 65 | .B stunnel 66 | , which is executed by 67 | .B netopeer-server . 68 | These CRLs are checked, when determining if a client certificate was not revocated 69 | by its issuer. 70 | .SH "SEE ALSO" 71 | .BR netopeer-agent(1) , 72 | .BR netopeer-cli(1) , 73 | .BR netopeer-manager(1) , 74 | .BR netopeer-server(8) , 75 | .BR stunnel(8) , 76 | .SS Homepage 77 | https://netopeer.googlecode.com 78 | .SH MAILING LIST 79 | To discuss various topics about 80 | .B netopeer-configurator, 81 | join the Netopeer mailing list at . 82 | .SH REPORTING BUGS 83 | Report bugs to the issue tracker at . 84 | .SH AUTHORS 85 | Radek Krejci 86 | .SH COPYRIGHT 87 | Copyright \(co 2014 CESNET, z.s.p.o. 88 | 89 | 90 | -------------------------------------------------------------------------------- /server/configurator/netopeer/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # -*- coding:utf-8 -*- 3 | 4 | import config 5 | 6 | def consolidate_paths(paths): 7 | """Consolidate paths.""" 8 | # path starting and ending with '@' was not replaced, set to '' 9 | for path in paths: 10 | if paths[path] and paths[path][0] == '@' and paths[path][-1] == '@': 11 | paths[path] = '' 12 | 13 | # substitute all paths 14 | while True: 15 | changed = False 16 | for name,path in paths.iteritems(): 17 | for pattern,new in paths.iteritems(): 18 | if '${{{s}}}'.format(s=pattern) in path: 19 | changed = True 20 | path = path.replace('${{{s}}}'.format(s=pattern), new) 21 | paths[name] = path 22 | if not changed: 23 | break 24 | 25 | # when inporting all import only configuring modules 26 | __all__ = ['nacm', 'netopeer', 'dbus', 'sock'] 27 | # consolidate configure paths 28 | consolidate_paths(config.paths) 29 | -------------------------------------------------------------------------------- /server/configurator/netopeer/config.py.in: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # -*- coding:utf-8 -*- 3 | 4 | import string 5 | 6 | # all potentially useful paths 7 | # ./configure creates config.py that is used in runtime 8 | 9 | paths = { 10 | 'prefix' : '@prefix@',\ 11 | 'exec_prefix' : '@exec_prefix@',\ 12 | 'datarootdir' : '@datarootdir@',\ 13 | 'datadir' : '@datadir@',\ 14 | 'bindir' : '@bindir@',\ 15 | 'includedir' : '@includedir@',\ 16 | 'libdir' : '@libdir@',\ 17 | 'mandir' : '@mandir@',\ 18 | 'sysconfdir': '@sysconfdir@',\ 19 | 'cfgdir': '@sysconfdir@/netopeer',\ 20 | 'modulesdir':'@MODULESDIR@',\ 21 | } 22 | 23 | options = { 24 | 'user' : 'root',\ 25 | 'ssh' : '@SSH@',\ 26 | 'tls' : '@TLS@',\ 27 | } 28 | -------------------------------------------------------------------------------- /server/configurator/netopeer/messages.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # -*- coding:utf-8 -*- 3 | 4 | msgs = [] 5 | 6 | def append(msg, severity): 7 | msgs.append((msg,severity)) 8 | 9 | def all(): 10 | return(msgs) 11 | 12 | def last(num=0): 13 | if num == 0: 14 | return(msgs) 15 | elif num >= len(msgs): 16 | return(msgs) 17 | else: 18 | return(msgs[len(msgs)-num:]) 19 | -------------------------------------------------------------------------------- /server/configurator/netopeer/ncmodule.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # -*- coding:utf-8 -*- 3 | 4 | import curses 5 | import os 6 | 7 | # netopeer configurator modules exception 8 | class NCModuleError(Exception): 9 | def __init__(self, name = '', errmsg = ''): 10 | if name: 11 | self.name = name 12 | else: 13 | self.name = '' 14 | if errmsg: 15 | self.errmsg = errmsg 16 | else: 17 | self.errmsg = '' 18 | 19 | def __str__(self): 20 | return(self.name+': '+self.errmsg) 21 | 22 | class NCModuleOff(Exception): 23 | def __init__(self, name = ''): 24 | if name: 25 | self.name = name 26 | else: 27 | self.name = '' 28 | 29 | self.errmsg = 'Module '+self.name+' is turned off' 30 | 31 | def __str__(self): 32 | return(self.errmsg) 33 | 34 | 35 | # base class for netopeer configurator modules 36 | class ncmodule: 37 | # every module should define its name 38 | name = None 39 | all_modules = [] 40 | 41 | # call methods to find files and get current settings 42 | def __init__(self, modules = []): 43 | self.all_modules = modules 44 | if not self.find() or not self.get(): 45 | raise(NCModuleError(self.name, 'Module init failed.')) 46 | 47 | # find configuration/binary files 48 | def find(self): 49 | return(True) 50 | 51 | # get current configuration 52 | def get(self): 53 | return(True) 54 | 55 | # write current configuration to files 56 | def update(self): 57 | return(True) 58 | 59 | # check for unsaved configuration changes 60 | def unsaved_changes(self): 61 | return(False) 62 | 63 | # refresh content window after save 64 | def refresh(self, window, focus, height, width): 65 | return(True) 66 | 67 | def get_editable(self, y, x, stdscr, window, variable, color = None, tabcompletepath = False): 68 | os.environ['ESCDELAY'] = '25' 69 | index = 0 70 | 71 | if color is None: 72 | color = curses.color_pair(0) 73 | 74 | while True: 75 | # how much to erase 76 | blocklen = len(variable) 77 | try: 78 | # repaint 79 | window.addstr(y,x, variable[:index], color) 80 | window.addstr(variable[index:index+1], color | curses.A_REVERSE) 81 | window.addstr(variable[index+1:], color) 82 | window.refresh() 83 | except curses.error: 84 | pass 85 | 86 | # get next key 87 | c = stdscr.getch() 88 | if c == ord('\n'): 89 | break 90 | elif c == 27: # ESC 91 | return('') 92 | elif c == curses.KEY_LEFT: 93 | if index > 0: 94 | index = index-1 95 | elif c == curses.KEY_RIGHT: 96 | if index < len(variable): 97 | index = index+1 98 | elif c == curses.KEY_BACKSPACE: 99 | if index > 0: 100 | variable = variable[:index-1] + variable[index:] 101 | index = index-1 102 | elif c == curses.KEY_DC: 103 | if index < len(variable): 104 | variable = variable[:index] + variable[index+1:] 105 | elif index == (len(variable)-1): 106 | variable = variable[:index] 107 | index = index-1 108 | elif c == curses.KEY_HOME: 109 | index = 0 110 | elif c == curses.KEY_END: 111 | index = len(variable) 112 | elif c == ord('\t') and tabcompletepath: 113 | (dir, hint) = os.path.split(variable) 114 | toadd = '' 115 | if os.path.isdir(dir): 116 | files = os.listdir(dir) 117 | matches = [] 118 | for item in files: 119 | if item[:len(hint)] == hint: 120 | isdir = os.path.isdir(os.path.join(dir, item)) 121 | matches.append((item, isdir)) 122 | 123 | if len(matches) == 1: 124 | toadd = matches[0][0][len(hint):] 125 | if matches[0][1]: 126 | toadd += '/' 127 | elif len(matches) > 1: 128 | paths = [i[0] for i in matches] 129 | toadd = os.path.commonprefix(paths)[len(hint):] 130 | 131 | variable += toadd 132 | index = len(variable) 133 | elif c > 31 and c < 256: # skip wierd characters in ASCII 134 | if index == 0: 135 | variable = chr(c)+variable 136 | else: 137 | variable = variable[:index]+chr(c)+variable[index:] 138 | index = index+1 139 | 140 | # erase 141 | for xx in range(x, blocklen+x): 142 | window.delch(y,xx) 143 | 144 | return(variable) 145 | -------------------------------------------------------------------------------- /server/configurator/setup.py: -------------------------------------------------------------------------------- 1 | from distutils.core import setup 2 | 3 | setup(name='netopeer-configurator', 4 | version='0.9.0', 5 | author='Radek Krejci', 6 | author_email='rkrejci@cesnet.cz', 7 | description='Tool for the first configuration of the netopeer-server NETCONF server.', 8 | url='https://netopeer.googlecode.com', 9 | scripts=['netopeer-configurator'], 10 | packages=['netopeer'], 11 | platforms=['Linux'], 12 | license='BSD License', 13 | ) -------------------------------------------------------------------------------- /server/m4/ax_python_module.m4: -------------------------------------------------------------------------------- 1 | # =========================================================================== 2 | # http://www.gnu.org/software/autoconf-archive/ax_python_module.html 3 | # =========================================================================== 4 | # 5 | # SYNOPSIS 6 | # 7 | # AX_PYTHON_MODULE(modname[, fatal]) 8 | # 9 | # DESCRIPTION 10 | # 11 | # Checks for Python module. 12 | # 13 | # If fatal is non-empty then absence of a module will trigger an error. 14 | # 15 | # LICENSE 16 | # 17 | # Copyright (c) 2008 Andrew Collier 18 | # 19 | # Copying and distribution of this file, with or without modification, are 20 | # permitted in any medium without royalty provided the copyright notice 21 | # and this notice are preserved. This file is offered as-is, without any 22 | # warranty. 23 | 24 | #serial 6 25 | 26 | AU_ALIAS([AC_PYTHON_MODULE], [AX_PYTHON_MODULE]) 27 | AC_DEFUN([AX_PYTHON_MODULE],[ 28 | if test -z $PYTHON; 29 | then 30 | PYTHON="python" 31 | fi 32 | PYTHON_NAME=`basename $PYTHON` 33 | AC_MSG_CHECKING($PYTHON_NAME module: $1) 34 | $PYTHON -c "import $1" 2>/dev/null 35 | if test $? -eq 0; 36 | then 37 | AC_MSG_RESULT(yes) 38 | eval AS_TR_CPP(HAVE_PYMOD_$1)=yes 39 | else 40 | AC_MSG_RESULT(no) 41 | eval AS_TR_CPP(HAVE_PYMOD_$1)=no 42 | # 43 | if test -n "$2" 44 | then 45 | AC_MSG_ERROR(failed to find required module $1) 46 | exit 1 47 | fi 48 | fi 49 | ]) 50 | -------------------------------------------------------------------------------- /server/manager/netopeer-manager.1: -------------------------------------------------------------------------------- 1 | .\" Process this file with 2 | .\" groff -man -Tascii netopeer-manager.1 3 | .\" 4 | .TH "netopeer-manager" 1 "Thu Jun 5 2014" "Netopeer" 5 | .SH NAME 6 | netopeer-manager \- Modules manager for the \fBnetopeer-server\fR 7 | .SH SYNOPSIS 8 | .B netopeer-manager [\-\-help] 9 | .I 10 | .B [ 11 | .I 12 | .B ] 13 | .SH DESCRIPTION 14 | .B netopeer-manager 15 | provides access to the configuration of the 16 | .B netopeer-server 17 | modules. The 18 | .B netopeer-server 19 | modules extends its functionality to control another devices or applications 20 | via transAPI or just by storing configuration data. 21 | .SH OPTIONS 22 | .PP 23 | .B \-\-help 24 | .RS 25 | Prints the generic description and a list of commands. Detailed description and 26 | list of \fIarguments\fR for the specific \fIcommand\fR are displayed by using 27 | \fI\-\-help\fR argument of the \fIcommand\fR. 28 | .RE 29 | .SH COMMANDS 30 | .SS add 31 | .PP 32 | Add a new \fBnetopeer-server\fR module. Added module is enabled by default and 33 | it will be loaded by the \fBnetopeer-server\fR during its next start. 34 | .PP 35 | .B add [\-\-help] \-\-name \fINAME\fP (\-\-model \fIMODEL\fP | \-\-augment \fIAUGMENT\fP | \-\-import \fIIMPORT\fP) [\-\-transapi \fITRANSAPI\fP] [\-\-features \fIFEATURE\fP [\fIFEATURE\fP ...]] [\-\-datastore \fIDATASTORE\fP] 36 | .RS 4 37 | .PP 38 | .B \-\-name 39 | .I NAME 40 | .RS 4 41 | Specifies the name of the \fBnetopeer-server\fR module. The \fINAME\fR is used 42 | as an identifier of the module in the \fBnetopeer-server\fR configuration. 43 | .RE 44 | .PP 45 | .B \-\-model 46 | \fIMODEL\fR 47 | .RS 4 48 | Specifies path (absolute or relative) to the module's main data model in YIN 49 | format. In this option, the whole module configuration is created. 50 | .RE 51 | .PP 52 | .B \-\-augment 53 | \fIAUGMENT\fR 54 | .RS 4 55 | Specifies path (absolute or relative) to an augment model of the main data 56 | model in YIN format. This model is always appended at the end of the model list. 57 | .RE 58 | .PP 59 | .B \-\-import 60 | \fIIMPORT\fR 61 | .RS 4 62 | Specifies path (absolute or relative) to a model in YIN format that is imported 63 | by the main model. This model is always prepended at the beginning of the model list. 64 | .RE 65 | .PP 66 | .B \-\-transapi 67 | \fITRANSAPI\fR 68 | .RS 4 69 | Optional parameter to specify path to the transAPI module related to the module's 70 | main data model. If the transAPI module is not specified, \fBnetopeer-server\fR 71 | will allow the configuration data manipulation according to the data model, but 72 | the changes will not be applied to any device. This part of the process is 73 | handled just by the transAPI module. 74 | .RE 75 | .PP 76 | .B \-\-features 77 | \fIFEATURE\fR [\fIFEATURE\fR ...] 78 | .RS 4 79 | Data model can define various features that extend its basic functionality. By 80 | default, \fBnetopeer-server\fR supposes all features to be disabled. This option 81 | explicitly specifies list of features to enable. If one want to enable all 82 | features, value \fI*\fR can be used. 83 | .RE 84 | .PP 85 | .B \-\-datastore 86 | \fIDATASTORE\fP 87 | .RS 4 88 | Specifies path to the file where the configuration data will be stored. If not 89 | specified, datastore is implemented as \fIempty\fR and it will not able to store 90 | any configuration data. 91 | .RE 92 | .RE 93 | .SS list 94 | .PP 95 | Print the list of all \fBnetopeer-server\fR's modules. 96 | .PP 97 | .B list [\-\-help] [\-\-name \fINAME\fP] 98 | .RS 4 99 | .PP 100 | .B \-\-name 101 | .I NAME 102 | .RS 4 103 | If specified, it is the name of the main \fBnetopeer-server\fR module for which 104 | the list of extending data models will be printed. 105 | .RE 106 | .RE 107 | .SS rm 108 | .PP 109 | Remove the specified \fBnetopeer-server\fR main module. 110 | .PP 111 | .B rm [\-\-help] \-\-name \fINAME\fP [\-\-model \fIMODEL\fP] 112 | .RS 4 113 | .PP 114 | .B \-\-name 115 | .I NAME 116 | .RS 4 117 | Specifies the name of the main \fBnetopeer-server\fR module to remove. 118 | .RE 119 | .PP 120 | .B \-\-model 121 | \fIMODEL\fP 122 | .RS 4 123 | If specified, only this extending model will be removed instead of the whole module. 124 | .RE 125 | .RE 126 | .SH YIN FORMAT 127 | YIN is an alternative XML-based syntax to YANG language. Both, YANG and YIN, are 128 | defined in \fIRFC 6020\fR. 129 | .PP 130 | To convert YANG to YIN format, which is required by the Netopeer tools, we 131 | recommend to use \fBpyang(1)\fR: 132 | .PP 133 | .RS 4 134 | \fC$ pyang -f yin data-model.yang -o data-model.yin \fR 135 | .RE 136 | .SH "SEE ALSO" 137 | .BR netopeer-agent(1) , 138 | .BR netopeer-cli(1) , 139 | .BR netopeer-configurator(1) , 140 | .BR netopeer-server(1) , 141 | .BR pyang(1) , 142 | .br 143 | RFC 6020 (YANG Data Modeling Language) 144 | .br 145 | https://netopeer.googlecode.com (Netopeer homepage) 146 | .ad 147 | .SH MAILING LIST 148 | To discuss various topics about 149 | .B netopeer-manager, 150 | join the Netopeer mailing list at . 151 | .SH REPORTING BUGS 152 | Report bugs to the issue tracker at . 153 | .SH AUTHORS 154 | Radek Krejci 155 | .SH COPYRIGHT 156 | Copyright \(co 2014 CESNET, z.s.p.o. 157 | 158 | 159 | -------------------------------------------------------------------------------- /server/netopeer-server.8: -------------------------------------------------------------------------------- 1 | .\" Process this file with 2 | .\" groff -man -Tascii netopeer-server.8 3 | .\" 4 | .TH "netopeer-server" 8 "Fri Jun 6 2014" "Netopeer" 5 | .SH NAME 6 | netopeer-server \- NETCONF protocol server 7 | .SH SYNOPSIS 8 | .B netopeer-server [\-dhV] [-v 9 | .IB level ] 10 | .SH DESCRIPTION 11 | .B netopeer-server 12 | is the NETCONF protocol server running as a system daemon. The 13 | .B netopeer-server 14 | is based on the libnetconf library. It provides an environment to run transAPI 15 | modules for configuration a specific device or application according to its 16 | data model. 17 | .SH OPTIONS 18 | .PP 19 | .B \-d 20 | .RS 21 | Run in daemon mode. 22 | .RE 23 | .PP 24 | .B \-h 25 | .RS 26 | Show help. 27 | .RE 28 | .PP 29 | .B \-V 30 | .RS 31 | Show program version. 32 | .RE 33 | .PP 34 | .B \-v 35 | .I level 36 | .RS 37 | Set the verbosity level. Possible values are from 0 (default) to 3. This 38 | overrides any 39 | .B NETOPEER_VERBOSE 40 | environment variable. 41 | .RE 42 | .SH ENVIRONMENT 43 | .IP NETOPEER_VERBOSE 44 | Set the verbosity level. Possible values are from 0 (default) to 3. Overridden 45 | by the 46 | .B \-v 47 | option. 48 | .SH FILES 49 | .PP 50 | .I /etc/netopeer/modules.conf.d/ 51 | .RS 52 | Directory where the modules configuration files are stored. Note, that they 53 | usually refers to various files in other locations. 54 | .RE 55 | .PP 56 | .I /etc/netopeer/cfgnetopeer/* 57 | .RS 58 | Datastores, data models and validators for the 59 | .B netopeer-server 60 | internal modules. 61 | .RE 62 | .SS libnetconf files 63 | .I /var/lib/libnetconf/datastore-acm.xml 64 | .RS 65 | Datastore file for the internal NETCONF Access Control module. 66 | .RE 67 | .PP 68 | .I /dev/shm/sem.NCDS_FLOCK_* 69 | .RS 70 | Datastores locks used internally by the \fBlibnetconf\fR library. 71 | .RE 72 | .SH NETOPEER MODULES 73 | TBD 74 | .SH TROUBLESHOOTING 75 | .SS Datastores dead lock 76 | .PP 77 | When the server crashes or is terminated with SIGKILL, it may happen that the 78 | internal datastore locks stay locked. In such a case, the next time the 79 | .B netopeer-server 80 | (or any other libnetconf based application) tries to access the configuration 81 | datastores, it freezes. To solve this problem, release the locks manually 82 | removing the 83 | .I /dev/shm/sem.NCDS_FLOCK_* 84 | files. 85 | .SH "SEE ALSO" 86 | .BR netopeer-cli(1) , 87 | .BR netopeer-configurator(1) , 88 | .BR netopeer-manager(1) , 89 | .SS Homepage 90 | https://github.com/CESNET/netopeer 91 | .SH REPORTING BUGS 92 | Report bugs or any issues to the issue tracker at . 93 | .SH AUTHORS 94 | Radek Krejci 95 | .SH COPYRIGHT 96 | Copyright \(co 2015 CESNET, z.s.p.o. 97 | 98 | 99 | -------------------------------------------------------------------------------- /server/netopeer-server.spec.in: -------------------------------------------------------------------------------- 1 | Summary: Netopeer - NETCONF implementation. Server part. 2 | Name: netopeer-server 3 | Version: %(cut -f1 ./VERSION | tr -d '\n') 4 | Release: @RELEASE@ 5 | URL: http://www.liberouter.org/ 6 | Source: https://www.liberouter.org/repo/SOURCES/%{name}-%{version}-%{release}.tar.gz 7 | Group: Liberouter 8 | License: BSD 9 | Vendor: CESNET, z.s.p.o. 10 | Packager: @USERNAME@ <@USERMAIL@> 11 | BuildRoot: %{_tmppath}/%{name}-%{version}-%{release} 12 | 13 | BuildRequires: gcc make doxygen pkgconfig 14 | BuildRequires: @BUILDREQS@ 15 | Requires: @REQS@ 16 | 17 | %description 18 | Netopeer project implements NETCONF protocol for remote configuration of 19 | network devices. This package contains its server part. 20 | 21 | %prep 22 | %setup 23 | 24 | %build 25 | ./configure --with-distro=@DISTRO@ --prefix=%{_prefix} --sysconfdir=%{_sysconfdir} --with-rpm @CONFIGURE_PARAMS@; 26 | make 27 | make doc 28 | 29 | %install 30 | make DESTDIR=$RPM_BUILD_ROOT install 31 | 32 | %postun 33 | 34 | %files 35 | %{_bindir}/netopeer-server 36 | %{_bindir}/netopeer-manager 37 | %{_bindir}/netopeer-configurator 38 | %{_prefix}/lib/python*/site-packages/netopeer* 39 | %{_sysconfdir}/netopeer/* 40 | %{_sysconfdir}/init.d/netopeer.rc 41 | %{_mandir}/man1/* 42 | %{_mandir}/man8/* 43 | %{_datadir}/netopeer/*.html 44 | 45 | -------------------------------------------------------------------------------- /server/netopeer.rc.in: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # netopeer.rc: Netopeer init script 4 | # Copyright (c) 2006-2012 CESNET, z.s.p.o. 5 | # Author(s): David Kupka 6 | # 7 | # This script is written according to SysV init principles. 8 | # 9 | # To activate this script at the boot time simple copy this file (and 10 | # rename it to 'netopeer' - without any suffix) into the /etc/rc.d/init.d 11 | # directory. Then run chkconfig: 12 | # 13 | # chkconfig --add netopeer 14 | # 15 | # Output is logged in /var/log/netopeer file. 16 | # 17 | # Two lines below this clause are used by chkconfig(8) to set it to run 18 | # in the boot time. The first of those two lines tells chkconfig what 19 | # runlevels the service should be started in by default, as well as the 20 | # start and stop priority levels. The second line contains a description 21 | # for the service. 22 | # 23 | # chkconfig: 345 50 80 24 | # description: Netopeer startup script 25 | 26 | BINDIR="@prefix@/bin/" 27 | LOGFILE="/var/log/netopeer" 28 | NETOPEER=netopeer-server 29 | 30 | #include functions 31 | . /etc/init.d/functions 32 | 33 | case "$1" in 34 | start ) 35 | echo "== Starting Netopeer ==" >> $LOGFILE 36 | date >> $LOGFILE 37 | 38 | if [ `ps -C netopeer-server | wc -l` -eq 2 ]; then 39 | echo "Failed: Netopeer is already running." >> $LOGFILE; 40 | failure; echo "Netopeer is already running."; 41 | exit 1; 42 | fi 43 | 44 | $BINDIR$NETOPEER -d 45 | 46 | # for server to start 47 | sleep 5; 48 | 49 | if [ `ps -C netopeer-server | wc -l` -lt 2 ]; then 50 | echo "Failure: Netopeer failed to start." >> $LOGFILE; 51 | failure; echo "Netopeer failed to start."; 52 | exit 1; 53 | fi 54 | 55 | success; echo "== Netopeer start =="; 56 | echo "Success: Netopeer started ==" >> $LOGFILE; 57 | ;; 58 | 59 | stop ) 60 | echo "== Stopping Netopeer ==" >> $LOGFILE 61 | date >> $LOGFILE 62 | 63 | if [ `ps -C netopeer-server | wc -l` -lt 2 ]; then 64 | echo "Failure: Netopeer is not running." >> $LOGFILE; 65 | failure; echo "Netopeer is not running."; 66 | exit 1; 67 | fi 68 | 69 | killall -15 netopeer-server 70 | 71 | sleep 5; 72 | 73 | if [ `ps -C netopeer-server | wc -l` -eq 2 ]; then 74 | killall -9 netopeer-server 75 | sleep 1; 76 | 77 | 78 | if [ `ps -C netopeer-server | wc -l` -eq 2 ]; then 79 | echo "Failure: Netopeer is still running." >> $LOGFILE; 80 | failure; echo "Netopeer is still running."; 81 | exit 1; 82 | fi 83 | fi 84 | 85 | success; echo "== Netopeer stop =="; 86 | echo "Success: Netopeer stopped ==" >> $LOGFILE; 87 | ;; 88 | 89 | restart|reload ) 90 | $0 stop 91 | $0 start 92 | ;; 93 | 94 | status ) 95 | if [ `ps -C netopeer-server | wc -l` -eq 2 ]; then 96 | echo "Netopeer is running."; 97 | else 98 | echo "Netopeer is stopped."; 99 | fi 100 | ;; 101 | * ) 102 | # Display usage of this script 103 | echo "Usage: $0 {start|stop|restart|reload|status}" 104 | ;; 105 | esac 106 | -------------------------------------------------------------------------------- /server/src/cfgnetopeer_transapi.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file cfgnetopeer_transapi.h 3 | * @author Michal Vasko 4 | * @author David Kupka 5 | * @brief NETCONF device module header to configure netconf server 6 | * 7 | * Copyright (C) 2011-2015 CESNET, z.s.p.o. 8 | * 9 | * Redistribution and use in source and binary forms, with or without 10 | * modification, are permitted provided that the following conditions 11 | * are met: 12 | * 1. Redistributions of source code must retain the above copyright 13 | * notice, this list of conditions and the following disclaimer. 14 | * 2. Redistributions in binary form must reproduce the above copyright 15 | * notice, this list of conditions and the following disclaimer in 16 | * the documentation and/or other materials provided with the 17 | * distribution. 18 | * 3. Neither the name of the Company nor the names of its contributors 19 | * may be used to endorse or promote products derived from this 20 | * software without specific prior written permission. 21 | * 22 | * ALTERNATIVELY, provided that this notice is retained in full, this 23 | * product may be distributed under the terms of the GNU General Public 24 | * License (GPL) version 2 or later, in which case the provisions 25 | * of the GPL apply INSTEAD OF those given above. 26 | * 27 | * This software is provided ``as is, and any express or implied 28 | * warranties, including, but not limited to, the implied warranties of 29 | * merchantability and fitness for a particular purpose are disclaimed. 30 | * In no event shall the company or contributors be liable for any 31 | * direct, indirect, incidental, special, exemplary, or consequential 32 | * damages (including, but not limited to, procurement of substitute 33 | * goods or services; loss of use, data, or profits; or business 34 | * interruption) however caused and on any theory of liability, whether 35 | * in contract, strict liability, or tort (including negligence or 36 | * otherwise) arising in any way out of the use of this software, even 37 | * if advised of the possibility of such damage. 38 | */ 39 | 40 | #ifndef _CFGNETOPEER_TRANSAPI_H_ 41 | #define _CFGNETOPEER_TRANSAPI_H_ 42 | 43 | #include "netconf_server_transapi.h" 44 | 45 | struct np_options { 46 | uint8_t verbose; 47 | uint32_t idle_timeout; 48 | uint16_t max_sessions; 49 | uint16_t response_time; 50 | 51 | struct np_options_ssh* ssh_opts; 52 | struct np_options_tls* tls_opts; 53 | 54 | struct np_module { 55 | char* name; /**< Module name, same as filename (without .xml extension) in MODULES_CFG_DIR */ 56 | struct ncds_ds* ds; /**< pointer to datastore returned by libnetconf */ 57 | ncds_id id; /**< Related datastore ID */ 58 | struct np_module* prev, *next; 59 | } *modules; 60 | 61 | pthread_mutex_t binds_lock; 62 | uint8_t binds_change_flag; 63 | struct np_bind_addr* binds; 64 | }; 65 | 66 | /** 67 | * @brief Load module configuration, add module to library (and enlink to list) 68 | * 69 | * @param module Module to enable 70 | * @param add Enlink module to list of active modules? 71 | * 72 | * @return EXIT_SUCCES or EXIT_FAILURE 73 | */ 74 | int module_enable(struct np_module* module, int add); 75 | 76 | /** 77 | * @brief Stop module, remove it from library (and destroy) 78 | * 79 | * @param module Module to disable 80 | * @param destroy Unlink and free module? 81 | * 82 | * @return EXIT_SUCCESS or EXIT_FAILURE 83 | */ 84 | int module_disable(struct np_module* module, int destroy); 85 | 86 | #endif /* _CFGNETOPEER_TRANSAPI_H_ */ 87 | -------------------------------------------------------------------------------- /server/src/config.h.in: -------------------------------------------------------------------------------- 1 | /** 2 | * @file config.h 3 | * @author Michal Vasko 4 | * @brief Netopeer compilation configuration 5 | * 6 | * Copyright (C) 2015 CESNET, z.s.p.o. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in 15 | * the documentation and/or other materials provided with the 16 | * distribution. 17 | * 3. Neither the name of the Company nor the names of its contributors 18 | * may be used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * ALTERNATIVELY, provided that this notice is retained in full, this 22 | * product may be distributed under the terms of the GNU General Public 23 | * License (GPL) version 2 or later, in which case the provisions 24 | * of the GPL apply INSTEAD OF those given above. 25 | * 26 | * This software is provided ``as is, and any express or implied 27 | * warranties, including, but not limited to, the implied warranties of 28 | * merchantability and fitness for a particular purpose are disclaimed. 29 | * In no event shall the company or contributors be liable for any 30 | * direct, indirect, incidental, special, exemplary, or consequential 31 | * damages (including, but not limited to, procurement of substitute 32 | * goods or services; loss of use, data, or profits; or business 33 | * interruption) however caused and on any theory of liability, whether 34 | * in contract, strict liability, or tort (including negligence or 35 | * otherwise) arising in any way out of the use of this software, even 36 | * if advised of the possibility of such damage. 37 | */ 38 | 39 | #ifndef _CONFIG_H_ 40 | #define _CONFIG_H_ 41 | 42 | #ifdef __GNUC__ 43 | # define UNUSED(x) UNUSED_ ## x __attribute__((__unused__)) 44 | #else 45 | # define UNUSED(x) UNUSED_ ## x 46 | #endif 47 | 48 | #ifdef NP_SSH 49 | # include 50 | # include "./ssh/server_ssh.h" 51 | # include "./ssh/cfgnetopeer_transapi_ssh.h" 52 | # include "./ssh/netconf_server_transapi_ssh.h" 53 | #endif 54 | 55 | #ifdef NP_TLS 56 | # include 57 | # include "./tls/server_tls.h" 58 | # include "./tls/cfgnetopeer_transapi_tls.h" 59 | # include "./tls/netconf_server_transapi_tls.h" 60 | #endif 61 | 62 | #ifndef MODULES_CFG_DIR 63 | # define MODULES_CFG_DIR "/etc/netopeer/modules.conf.d/" 64 | #endif 65 | 66 | /* maximal value from the sizes of specific client implementations */ 67 | #define CLIENT_STRUCT_MAX_SIZE @CLIENT_STRUCT_SIZE@ 68 | 69 | /* the initial size of the reading buffer */ 70 | #define BASE_READ_BUFFER_SIZE 2048 71 | 72 | /* sleeping before retrying non-blocking reads */ 73 | #define READ_SLEEP 100 74 | 75 | /* end tags of NETCONF messages */ 76 | #define NC_V10_END_MSG "]]>]]>" 77 | #define NC_V11_END_MSG "\n##\n" 78 | 79 | /* environment variable with verbose level */ 80 | #define ENVIRONMENT_VERBOSE "NETOPEER_VERBOSE" 81 | 82 | /* names of the 2 base netopeer static transapi modules */ 83 | #define NETOPEER_MODULE_NAME "Netopeer" 84 | #define NCSERVER_MODULE_NAME "NETCONF-server" 85 | 86 | /* every number-of-secs will the last sent or received data timestamp be checked */ 87 | #define CALLHOME_PERIODIC_LINGER_CHECK 5 88 | 89 | #endif /* _CONFIG_H_ */ 90 | -------------------------------------------------------------------------------- /server/src/netconf_server_transapi.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file netconf_server_transapi.h 3 | * @author Michal Vasko 4 | * @brief Header for the ietf-netconf-server transapi module 5 | * 6 | * Copyright (C) 2015 CESNET, z.s.p.o. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in 15 | * the documentation and/or other materials provided with the 16 | * distribution. 17 | * 3. Neither the name of the Company nor the names of its contributors 18 | * may be used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * ALTERNATIVELY, provided that this notice is retained in full, this 22 | * product may be distributed under the terms of the GNU General Public 23 | * License (GPL) version 2 or later, in which case the provisions 24 | * of the GPL apply INSTEAD OF those given above. 25 | * 26 | * This software is provided ``as is, and any express or implied 27 | * warranties, including, but not limited to, the implied warranties of 28 | * merchantability and fitness for a particular purpose are disclaimed. 29 | * In no event shall the company or contributors be liable for any 30 | * direct, indirect, incidental, special, exemplary, or consequential 31 | * damages (including, but not limited to, procurement of substitute 32 | * goods or services; loss of use, data, or profits; or business 33 | * interruption) however caused and on any theory of liability, whether 34 | * in contract, strict liability, or tort (including negligence or 35 | * otherwise) arising in any way out of the use of this software, even 36 | * if advised of the possibility of such damage. 37 | */ 38 | 39 | #ifndef _NETCONF_SERVER_TRANSAPI_H_ 40 | #define _NETCONF_SERVER_TRANSAPI_H_ 41 | 42 | #include 43 | 44 | struct np_bind_addr { 45 | NC_TRANSPORT transport; 46 | char* addr; 47 | unsigned int port; 48 | struct np_bind_addr* next; 49 | }; 50 | 51 | struct ch_app { 52 | NC_TRANSPORT transport; 53 | char* name; 54 | struct ch_server { 55 | char* address; 56 | uint16_t port; 57 | uint8_t active; 58 | struct ch_server* next; 59 | struct ch_server* prev; 60 | } *servers; 61 | uint8_t start_server; /* 0 first-listed, 1 last-connected */ 62 | uint8_t rec_interval; /* reconnect-strategy/interval-secs */ 63 | uint8_t rec_count; /* reconnect-strategy/count-max */ 64 | uint8_t connection; /* 0 persistent, 1 periodic */ 65 | uint8_t rep_timeout; /* connection-type/periodic/timeout-mins */ 66 | uint8_t rep_linger; /* connection-type/periodic/linger-secs */ 67 | pthread_t thread; 68 | struct client_struct* client; 69 | struct ch_app *next; 70 | struct ch_app *prev; 71 | }; 72 | 73 | int callback_srv_netconf_srv_call_home_srv_applications_srv_application(XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error, NC_TRANSPORT transport); 74 | 75 | int callback_srv_netconf_srv_listen_srv_port(XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error, NC_TRANSPORT transport); 76 | 77 | int callback_srv_netconf_srv_listen_srv_interface(XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error, NC_TRANSPORT transport); 78 | 79 | #endif /* _NETCONF_SERVER_TRANSAPI_H_ */ 80 | -------------------------------------------------------------------------------- /server/src/server.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file server.h 3 | * @author Michal Vasko 4 | * @brief Netopeer server header 5 | * 6 | * Copyright (C) 2015 CESNET, z.s.p.o. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in 15 | * the documentation and/or other materials provided with the 16 | * distribution. 17 | * 3. Neither the name of the Company nor the names of its contributors 18 | * may be used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * ALTERNATIVELY, provided that this notice is retained in full, this 22 | * product may be distributed under the terms of the GNU General Public 23 | * License (GPL) version 2 or later, in which case the provisions 24 | * of the GPL apply INSTEAD OF those given above. 25 | * 26 | * This software is provided ``as is, and any express or implied 27 | * warranties, including, but not limited to, the implied warranties of 28 | * merchantability and fitness for a particular purpose are disclaimed. 29 | * In no event shall the company or contributors be liable for any 30 | * direct, indirect, incidental, special, exemplary, or consequential 31 | * damages (including, but not limited to, procurement of substitute 32 | * goods or services; loss of use, data, or profits; or business 33 | * interruption) however caused and on any theory of liability, whether 34 | * in contract, strict liability, or tort (including negligence or 35 | * otherwise) arising in any way out of the use of this software, even 36 | * if advised of the possibility of such damage. 37 | */ 38 | 39 | #ifndef _SERVER_H_ 40 | #define _SERVER_H_ 41 | 42 | #include 43 | #include 44 | #include 45 | 46 | #include "netconf_server_transapi.h" 47 | #include "cfgnetopeer_transapi.h" 48 | 49 | #include "config.h" 50 | 51 | /* for each client */ 52 | struct client_struct { 53 | NC_TRANSPORT transport; 54 | 55 | int sock; 56 | struct sockaddr_storage saddr; 57 | volatile pthread_t tid; 58 | char* username; 59 | volatile int to_free; 60 | struct client_struct* next; 61 | 62 | char __padding[((((CLIENT_STRUCT_MAX_SIZE) - 2*sizeof(int)) - sizeof(struct sockaddr_storage)) - 3*sizeof(void*)) - sizeof(NC_TRANSPORT)]; 63 | }; 64 | 65 | /* one global structure */ 66 | struct np_state { 67 | /* locked when adding/removing clients */ 68 | pthread_mutex_t global_lock; 69 | struct client_struct* clients; 70 | struct np_state_tls* tls_state; 71 | }; 72 | 73 | struct ntf_thread_config { 74 | struct nc_session* session; 75 | nc_rpc* subscribe_rpc; 76 | }; 77 | 78 | struct np_sock { 79 | struct pollfd* pollsock; 80 | NC_TRANSPORT* transport; 81 | unsigned int count; 82 | }; 83 | 84 | unsigned int timeval_diff(struct timeval tv1, struct timeval tv2); 85 | 86 | void* client_notif_thread(void* arg); 87 | 88 | void np_client_detach(struct client_struct** root, struct client_struct* del_client); 89 | 90 | #endif /* _SERVER_H_ */ -------------------------------------------------------------------------------- /server/src/ssh/cfgnetopeer_transapi_ssh.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file cfgnetopeer_transapi_ssh.h 3 | * @author Michal Vasko 4 | * @brief Netopeer cfgnetopeer transapi module SSH part header 5 | * 6 | * Copyright (C) 2015 CESNET, z.s.p.o. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in 15 | * the documentation and/or other materials provided with the 16 | * distribution. 17 | * 3. Neither the name of the Company nor the names of its contributors 18 | * may be used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * ALTERNATIVELY, provided that this notice is retained in full, this 22 | * product may be distributed under the terms of the GNU General Public 23 | * License (GPL) version 2 or later, in which case the provisions 24 | * of the GPL apply INSTEAD OF those given above. 25 | * 26 | * This software is provided ``as is, and any express or implied 27 | * warranties, including, but not limited to, the implied warranties of 28 | * merchantability and fitness for a particular purpose are disclaimed. 29 | * In no event shall the company or contributors be liable for any 30 | * direct, indirect, incidental, special, exemplary, or consequential 31 | * damages (including, but not limited to, procurement of substitute 32 | * goods or services; loss of use, data, or profits; or business 33 | * interruption) however caused and on any theory of liability, whether 34 | * in contract, strict liability, or tort (including negligence or 35 | * otherwise) arising in any way out of the use of this software, even 36 | * if advised of the possibility of such damage. 37 | */ 38 | 39 | #ifndef _CFGNETOPEER_TRANSAPI_SSH_H_ 40 | #define _CFGNETOPEER_TRANSAPI_SSH_H_ 41 | 42 | struct np_options_ssh { 43 | uint8_t server_key_change_flag; // flag to communicate server key change 44 | char* rsa_key; 45 | char* dsa_key; 46 | pthread_mutex_t client_keys_lock; 47 | struct np_auth_key { 48 | char* path; 49 | char* username; 50 | struct np_auth_key* next; 51 | struct np_auth_key* prev; 52 | } *client_auth_keys; 53 | uint8_t password_auth_enabled; 54 | uint8_t auth_attempts; 55 | uint16_t auth_timeout; 56 | }; 57 | 58 | int netopeer_transapi_init_ssh(void); 59 | 60 | int callback_n_netopeer_n_ssh_n_server_keys_n_rsa_key(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr UNUSED(old_node), xmlNodePtr new_node, struct nc_err** error); 61 | 62 | int callback_n_netopeer_n_ssh_n_server_keys_n_dsa_key(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr UNUSED(old_node), xmlNodePtr new_node, struct nc_err** error); 63 | 64 | int callback_n_netopeer_n_ssh_n_client_auth_keys_n_client_auth_key(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error); 65 | 66 | int callback_n_netopeer_n_ssh_n_password_auth_enabled(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr UNUSED(old_node), xmlNodePtr new_node, struct nc_err** error); 67 | 68 | int callback_n_netopeer_n_ssh_n_auth_attempts(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr UNUSED(old_node), xmlNodePtr new_node, struct nc_err** error); 69 | 70 | int callback_n_netopeer_n_ssh_n_auth_timeout(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr UNUSED(old_node), xmlNodePtr new_node, struct nc_err** error); 71 | 72 | void netopeer_transapi_close_ssh(void); 73 | 74 | #endif /* _CFGNETOPEER_TRANSAPI_SSH_H_ */ -------------------------------------------------------------------------------- /server/src/ssh/netconf_server_transapi_ssh.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file netconf_server_transapi_ssh.h 3 | * @author Michal Vasko 4 | * @brief Netopeer ietf-netconf-server transapi module SSH part header 5 | * 6 | * Copyright (C) 2015-2015 CESNET, z.s.p.o. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in 15 | * the documentation and/or other materials provided with the 16 | * distribution. 17 | * 3. Neither the name of the Company nor the names of its contributors 18 | * may be used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * ALTERNATIVELY, provided that this notice is retained in full, this 22 | * product may be distributed under the terms of the GNU General Public 23 | * License (GPL) version 2 or later, in which case the provisions 24 | * of the GPL apply INSTEAD OF those given above. 25 | * 26 | * This software is provided ``as is, and any express or implied 27 | * warranties, including, but not limited to, the implied warranties of 28 | * merchantability and fitness for a particular purpose are disclaimed. 29 | * In no event shall the company or contributors be liable for any 30 | * direct, indirect, incidental, special, exemplary, or consequential 31 | * damages (including, but not limited to, procurement of substitute 32 | * goods or services; loss of use, data, or profits; or business 33 | * interruption) however caused and on any theory of liability, whether 34 | * in contract, strict liability, or tort (including negligence or 35 | * otherwise) arising in any way out of the use of this software, even 36 | * if advised of the possibility of such damage. 37 | */ 38 | 39 | #ifndef _NETCONF_SERVER_TRANSAPI_SSH_H_ 40 | #define _NETCONF_SERVER_TRANSAPI_SSH_H_ 41 | 42 | int np_ssh_chapp_linger_check(struct ch_app* app); 43 | 44 | int server_transapi_init_ssh(void); 45 | 46 | int callback_srv_netconf_srv_ssh_srv_listen_srv_port(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error); 47 | 48 | int callback_srv_netconf_srv_ssh_srv_listen_srv_interface(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error); 49 | 50 | int callback_srv_netconf_srv_ssh_srv_call_home_srv_applications_srv_application(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error); 51 | 52 | void server_transapi_close_ssh(void); 53 | 54 | #endif 55 | -------------------------------------------------------------------------------- /server/src/ssh/new_libssh_API_without_kbint_auth/server_ssh.h: -------------------------------------------------------------------------------- 1 | #ifndef _SERVER_SSH_H_ 2 | #define _SERVER_SSH_H_ 3 | 4 | #include 5 | #include 6 | #include 7 | 8 | /* for each SSH channel of each SSH session */ 9 | struct chan_struct { 10 | ssh_channel ssh_chan; 11 | int chan_in[2]; // pipe - libssh channel read, libnetconf write 12 | int chan_out[2]; // pipe - libssh channel write, libnetconf read 13 | int netconf_subsystem; 14 | struct nc_session* nc_sess; 15 | volatile struct timeval last_rpc_time; // timestamp of the last RPC either in or out 16 | volatile int to_free; // is this channel valid? 17 | volatile int last_send; 18 | struct chan_struct* next; 19 | }; 20 | 21 | /* for each client */ 22 | struct client_struct_ssh { 23 | NC_TRANSPORT transport; 24 | 25 | int sock; 26 | struct sockaddr_storage saddr; 27 | char* username; 28 | struct client_ch_struct* callhome_st; 29 | volatile int to_free; 30 | struct client_struct* next; 31 | 32 | /* 33 | * when accessing or adding/removing ssh_chans 34 | */ 35 | pthread_mutex_t client_lock; 36 | volatile struct timeval conn_time; // timestamp of the new connection 37 | int auth_attempts; // number of failed auth attempts 38 | struct chan_struct* ssh_chans; 39 | ssh_session ssh_sess; 40 | ssh_event ssh_evt; 41 | }; 42 | 43 | struct ncsess_thread_config { 44 | struct chan_struct* chan; 45 | struct client_struct_ssh* client; 46 | }; 47 | 48 | void np_ssh_client_netconf_rpc(struct client_struct_ssh* client); 49 | 50 | int np_ssh_client_data(struct client_struct_ssh* client, char** to_send, int* to_send_size); 51 | 52 | void np_ssh_init(void); 53 | 54 | ssh_bind np_ssh_server_id_check(ssh_bind sshbind); 55 | 56 | int np_ssh_session_count(void); 57 | 58 | int np_ssh_kill_session(const char* sid, struct client_struct_ssh* cur_client); 59 | 60 | int np_ssh_create_client(struct client_struct_ssh* new_client, ssh_bind sshbind); 61 | 62 | void np_ssh_cleanup(void); 63 | 64 | void client_free_ssh(struct client_struct_ssh* client); 65 | 66 | #endif /* _SERVER_SSH_H_ */ 67 | -------------------------------------------------------------------------------- /server/src/ssh/server_ssh.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file server_ssh.h 3 | * @author Michal Vasko 4 | * @brief Netopeer server SSH part header 5 | * 6 | * Copyright (C) 2015 CESNET, z.s.p.o. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in 15 | * the documentation and/or other materials provided with the 16 | * distribution. 17 | * 3. Neither the name of the Company nor the names of its contributors 18 | * may be used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * ALTERNATIVELY, provided that this notice is retained in full, this 22 | * product may be distributed under the terms of the GNU General Public 23 | * License (GPL) version 2 or later, in which case the provisions 24 | * of the GPL apply INSTEAD OF those given above. 25 | * 26 | * This software is provided ``as is, and any express or implied 27 | * warranties, including, but not limited to, the implied warranties of 28 | * merchantability and fitness for a particular purpose are disclaimed. 29 | * In no event shall the company or contributors be liable for any 30 | * direct, indirect, incidental, special, exemplary, or consequential 31 | * damages (including, but not limited to, procurement of substitute 32 | * goods or services; loss of use, data, or profits; or business 33 | * interruption) however caused and on any theory of liability, whether 34 | * in contract, strict liability, or tort (including negligence or 35 | * otherwise) arising in any way out of the use of this software, even 36 | * if advised of the possibility of such damage. 37 | */ 38 | 39 | #ifndef _SERVER_SSH_H_ 40 | #define _SERVER_SSH_H_ 41 | 42 | #include 43 | #include 44 | #include 45 | 46 | /* for each SSH channel of each SSH session */ 47 | struct chan_struct { 48 | ssh_channel ssh_chan; 49 | int netconf_subsystem; 50 | struct nc_session* nc_sess; 51 | volatile struct timeval last_rpc_time; // timestamp of the last RPC either in or out 52 | volatile int to_free; // is this channel valid? 53 | struct chan_struct* next; 54 | }; 55 | 56 | /* for each client */ 57 | struct client_struct_ssh { 58 | NC_TRANSPORT transport; 59 | 60 | int sock; 61 | struct sockaddr_storage saddr; 62 | pthread_t tid; 63 | char* username; 64 | volatile int to_free; 65 | struct client_struct* next; 66 | 67 | volatile struct timeval conn_time; // timestamp of the new connection 68 | int auth_attempts; // number of failed auth attempts 69 | int authenticated; 70 | struct chan_struct* ssh_chans; 71 | ssh_session ssh_sess; 72 | int new_ssh_msg; 73 | }; 74 | 75 | struct ncsess_thread_config { 76 | struct chan_struct* chan; 77 | struct client_struct_ssh* client; 78 | }; 79 | 80 | int np_ssh_client_netconf_rpc(struct client_struct_ssh* client); 81 | 82 | int np_ssh_client_transport(struct client_struct_ssh* client); 83 | 84 | void np_ssh_init(void); 85 | 86 | ssh_bind np_ssh_server_id_check(ssh_bind sshbind); 87 | 88 | int np_ssh_session_count(void); 89 | 90 | int np_ssh_kill_session(const char* sid, struct client_struct_ssh* cur_client); 91 | 92 | int np_ssh_create_client(struct client_struct_ssh* new_client, ssh_bind sshbind); 93 | 94 | void np_ssh_cleanup(void); 95 | 96 | void client_free_ssh(struct client_struct_ssh* client); 97 | 98 | #endif /* _SERVER_SSH_H_ */ 99 | -------------------------------------------------------------------------------- /server/src/tls/cfgnetopeer_transapi_tls.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file cfgnetopeer_transapi_tls.h 3 | * @author Michal Vasko 4 | * @brief Netopeer cfgnetopeer transapi module TLS part header 5 | * 6 | * Copyright (C) 2011-2015 CESNET, z.s.p.o. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in 15 | * the documentation and/or other materials provided with the 16 | * distribution. 17 | * 3. Neither the name of the Company nor the names of its contributors 18 | * may be used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * ALTERNATIVELY, provided that this notice is retained in full, this 22 | * product may be distributed under the terms of the GNU General Public 23 | * License (GPL) version 2 or later, in which case the provisions 24 | * of the GPL apply INSTEAD OF those given above. 25 | * 26 | * This software is provided ``as is, and any express or implied 27 | * warranties, including, but not limited to, the implied warranties of 28 | * merchantability and fitness for a particular purpose are disclaimed. 29 | * In no event shall the company or contributors be liable for any 30 | * direct, indirect, incidental, special, exemplary, or consequential 31 | * damages (including, but not limited to, procurement of substitute 32 | * goods or services; loss of use, data, or profits; or business 33 | * interruption) however caused and on any theory of liability, whether 34 | * in contract, strict liability, or tort (including negligence or 35 | * otherwise) arising in any way out of the use of this software, even 36 | * if advised of the possibility of such damage. 37 | */ 38 | 39 | #ifndef _CFGNETOPEER_TRANSAPI_TLS_H_ 40 | #define _CFGNETOPEER_TRANSAPI_TLS_H_ 41 | 42 | typedef enum { 43 | CTN_MAP_TYPE_SPECIFIED, 44 | CTN_MAP_TYPE_SAN_RFC822_NAME, 45 | CTN_MAP_TYPE_SAN_DNS_NAME, 46 | CTN_MAP_TYPE_SAN_IP_ADDRESS, 47 | CTN_MAP_TYPE_SAN_ANY, 48 | CTN_MAP_TYPE_COMMON_NAME 49 | } CTN_MAP_TYPE; 50 | 51 | struct np_options_tls { 52 | pthread_mutex_t tls_ctx_lock; 53 | uint8_t tls_ctx_change_flag; 54 | char* server_cert; /* All certificates are stored in base64-encoded DER format */ 55 | char* server_key; 56 | uint8_t server_key_type; /* 1 - RSA, 0 - DSA */ 57 | struct np_trusted_cert { /* Must contain the server certificate CA chain certificates! */ 58 | char* cert; 59 | uint8_t client_cert; 60 | struct np_trusted_cert* next; 61 | struct np_trusted_cert* prev; 62 | } *trusted_certs; 63 | 64 | pthread_mutex_t crl_dir_lock; 65 | char* crl_dir; 66 | 67 | pthread_mutex_t ctn_map_lock; 68 | struct np_ctn_item { 69 | uint32_t id; 70 | char* fingerprint; 71 | CTN_MAP_TYPE map_type; 72 | char* name; 73 | struct np_ctn_item* next; 74 | struct np_ctn_item* prev; 75 | } *ctn_map; 76 | }; 77 | 78 | int netopeer_transapi_init_tls(void); 79 | 80 | int callback_n_netopeer_n_tls_n_server_cert(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr UNUSED(old_node), xmlNodePtr new_node, struct nc_err** error); 81 | 82 | int callback_n_netopeer_n_tls_n_server_key(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr UNUSED(old_node), xmlNodePtr new_node, struct nc_err** error); 83 | 84 | int callback_n_netopeer_n_tls_n_trusted_ca_certs_n_trusted_ca_cert(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error); 85 | 86 | int callback_n_netopeer_n_tls_n_trusted_client_certs_n_trusted_client_cert(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error); 87 | 88 | int callback_n_netopeer_n_tls_n_crl_dir(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr UNUSED(old_node), xmlNodePtr new_node, struct nc_err** error); 89 | 90 | int callback_n_netopeer_n_tls_n_cert_maps_n_cert_to_name(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error); 91 | 92 | void netopeer_transapi_close_tls(void); 93 | 94 | #endif /* _CFGNETOPEER_TRANSAPI_TLS_H_ */ -------------------------------------------------------------------------------- /server/src/tls/netconf_server_transapi_tls.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file netconf_server_transapi_tls.h 3 | * @author Michal Vasko 4 | * @brief Netopeer ietf-netconf-server transapi module TLS part header 5 | * 6 | * Copyright (C) 2011-2015 CESNET, z.s.p.o. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in 15 | * the documentation and/or other materials provided with the 16 | * distribution. 17 | * 3. Neither the name of the Company nor the names of its contributors 18 | * may be used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * ALTERNATIVELY, provided that this notice is retained in full, this 22 | * product may be distributed under the terms of the GNU General Public 23 | * License (GPL) version 2 or later, in which case the provisions 24 | * of the GPL apply INSTEAD OF those given above. 25 | * 26 | * This software is provided ``as is, and any express or implied 27 | * warranties, including, but not limited to, the implied warranties of 28 | * merchantability and fitness for a particular purpose are disclaimed. 29 | * In no event shall the company or contributors be liable for any 30 | * direct, indirect, incidental, special, exemplary, or consequential 31 | * damages (including, but not limited to, procurement of substitute 32 | * goods or services; loss of use, data, or profits; or business 33 | * interruption) however caused and on any theory of liability, whether 34 | * in contract, strict liability, or tort (including negligence or 35 | * otherwise) arising in any way out of the use of this software, even 36 | * if advised of the possibility of such damage. 37 | */ 38 | 39 | #ifndef _NETCONF_SERVER_TRANSAPI_TLS_H_ 40 | #define _NETCONF_SERVER_TRANSAPI_TLS_H_ 41 | 42 | int np_tls_chapp_linger_check(struct ch_app* app); 43 | 44 | int server_transapi_init_tls(void); 45 | 46 | int callback_srv_netconf_srv_tls_srv_listen_srv_port(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error); 47 | 48 | int callback_srv_netconf_srv_tls_srv_listen_srv_interface(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error); 49 | 50 | int callback_srv_netconf_srv_tls_srv_call_home_srv_applications_srv_application(void** UNUSED(data), XMLDIFF_OP op, xmlNodePtr old_node, xmlNodePtr new_node, struct nc_err** error); 51 | 52 | void server_transapi_close_tls(void); 53 | 54 | #endif /* _NETCONF_SERVER_TRANSAPI_TLS_H_ */ 55 | -------------------------------------------------------------------------------- /server/src/tls/server_tls.h: -------------------------------------------------------------------------------- 1 | /** 2 | * @file server_tls.h 3 | * @author Michal Vasko 4 | * @brief Netopeer server TLS part header 5 | * 6 | * Copyright (C) 2015 CESNET, z.s.p.o. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in 15 | * the documentation and/or other materials provided with the 16 | * distribution. 17 | * 3. Neither the name of the Company nor the names of its contributors 18 | * may be used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * ALTERNATIVELY, provided that this notice is retained in full, this 22 | * product may be distributed under the terms of the GNU General Public 23 | * License (GPL) version 2 or later, in which case the provisions 24 | * of the GPL apply INSTEAD OF those given above. 25 | * 26 | * This software is provided ``as is, and any express or implied 27 | * warranties, including, but not limited to, the implied warranties of 28 | * merchantability and fitness for a particular purpose are disclaimed. 29 | * In no event shall the company or contributors be liable for any 30 | * direct, indirect, incidental, special, exemplary, or consequential 31 | * damages (including, but not limited to, procurement of substitute 32 | * goods or services; loss of use, data, or profits; or business 33 | * interruption) however caused and on any theory of liability, whether 34 | * in contract, strict liability, or tort (including negligence or 35 | * otherwise) arising in any way out of the use of this software, even 36 | * if advised of the possibility of such damage. 37 | */ 38 | 39 | #ifndef _SERVER_TLS_H_ 40 | #define _SERVER_TLS_H_ 41 | 42 | #include 43 | #include 44 | #include 45 | #include 46 | 47 | /* for each client */ 48 | struct client_struct_tls { 49 | NC_TRANSPORT transport; 50 | 51 | int sock; 52 | struct sockaddr_storage saddr; 53 | pthread_t tid; 54 | char* username; 55 | volatile int to_free; 56 | struct client_struct* next; 57 | 58 | SSL* tls; 59 | X509* cert; 60 | struct nc_session* nc_sess; 61 | volatile struct timeval last_rpc_time; // timestamp of the last RPC either in or out 62 | }; 63 | 64 | struct np_state_tls { 65 | int last_tls_idx; 66 | pthread_mutex_t* tls_mutex_buf; 67 | }; 68 | 69 | int np_tls_client_netconf_rpc(struct client_struct_tls* client); 70 | 71 | int np_tls_client_transport(struct client_struct_tls* client); 72 | 73 | void np_tls_thread_cleanup(void); 74 | 75 | void np_tls_init(void); 76 | 77 | SSL_CTX* np_tls_server_id_check(SSL_CTX* ctx); 78 | 79 | int np_tls_session_count(void); 80 | 81 | int np_tls_kill_session(const char* sid, struct client_struct_tls* cur_client); 82 | 83 | int np_tls_create_client(struct client_struct_tls* new_client, SSL_CTX* tlsctx); 84 | 85 | void np_tls_cleanup(void); 86 | 87 | void client_free_tls(struct client_struct_tls* client); 88 | 89 | #endif /* _SERVER_TLS_H_ */ -------------------------------------------------------------------------------- /transAPI/cfginterfaces/Makefile.in: -------------------------------------------------------------------------------- 1 | PKGNAME = @PROJECTNAME@ 2 | TARGET = @PROJECTNAME@ 3 | MODULE = $(TARGET).la 4 | 5 | # Various configurable paths (remember to edit Makefile.in, not Makefile) 6 | prefix = @prefix@ 7 | exec_prefix = @exec_prefix@ 8 | datarootdir = @datarootdir@ 9 | datadir = @datadir@ 10 | bindir = @bindir@ 11 | includedir = @includedir@ 12 | libdir = @libdir@ 13 | mandir = @mandir@ 14 | libtool = @libtool@ 15 | sysconfdir = @sysconfdir@ 16 | NETOPEER_DIR = @NETOPEER_DIR@ 17 | 18 | CC = @CC@ 19 | INSTALL = @INSTALL@ 20 | INSTALL_PROGRAM = @INSTALL_PROGRAM@ 21 | INSTALL_DATA = @INSTALL_DATA@ 22 | LIBS = @LIBS@ 23 | CFLAGS = -Wall @CFLAGS@ 24 | CPPFLAGS = @CPPFLAGS@ 25 | LIBTOOL = $(libtool) --tag=CC --quiet 26 | NETOPEER_MANAGER = @NETOPEER_MANAGER@ 27 | 28 | MODEL = model/ietf-interfaces.yin \ 29 | model/ietf-ip.yin \ 30 | model/iana-if-type.yin \ 31 | model/ietf-interfaces-config.rng \ 32 | model/ietf-interfaces-gdefs-config.rng \ 33 | model/ietf-interfaces-schematron.xsl 34 | 35 | SRCS = $(TARGET).c \ 36 | iface_if.c 37 | 38 | OBJDIR = .obj 39 | LOBJS = $(SRCS:%.c=$(OBJDIR)/%.lo) 40 | 41 | all: $(MODULE) $(TARGET)-init 42 | 43 | $(TARGET)-init: $(SRCS) $(TARGET)-init.c 44 | $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $^ $(LIBS) 45 | 46 | $(MODULE): $(LOBJS) 47 | $(LIBTOOL) --mode=link $(CC) $(CFLAGS) $(CPPFLAGS) $(LIBS) -avoid-version -module -shared -export-dynamic --mode=link -o $@ $^ -rpath $(libdir) 48 | 49 | $(OBJDIR)/%.lo: %.c 50 | @[ -d $$(dirname $@) ] || \ 51 | (mkdir -p $$(dirname $@)) 52 | $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) -fPIC -shared -c $< -o $@ 53 | 54 | .PHONY: install 55 | install: $(MODULE) $(TARGET)-init 56 | $(INSTALL) -m 775 -d $(DESTDIR)/$(libdir) 57 | $(LIBTOOL) --mode=install cp $(MODULE) $(DESTDIR)/$(libdir)/; 58 | $(INSTALL) -d $(NETOPEER_DIR)/ietf-interfaces/ 59 | @for i in $(MODEL); do \ 60 | $(INSTALL_DATA) -m 600 $$i $(NETOPEER_DIR)/ietf-interfaces/; \ 61 | done 62 | if test -n "$(NETOPEER_MANAGER)"; then \ 63 | if test -n "`$(NETOPEER_MANAGER) list | grep "^ietf-interfaces ("`"; then \ 64 | $(NETOPEER_MANAGER) rm --name ietf-interfaces; \ 65 | fi; \ 66 | $(NETOPEER_MANAGER) add --name ietf-interfaces \ 67 | --model $(NETOPEER_DIR)/ietf-interfaces/ietf-interfaces.yin \ 68 | --transapi $(DESTDIR)/$(libdir)/cfginterfaces.so \ 69 | --datastore $(NETOPEER_DIR)/ietf-interfaces/datastore.xml; \ 70 | $(NETOPEER_MANAGER) add --name ietf-interfaces \ 71 | --augment $(NETOPEER_DIR)/ietf-interfaces/ietf-ip.yin \ 72 | --features ipv4-non-contiguous-netmasks ipv6-privacy-autoconf; \ 73 | $(NETOPEER_MANAGER) add --name ietf-interfaces \ 74 | --import $(NETOPEER_DIR)/ietf-interfaces/iana-if-type.yin; \ 75 | fi 76 | ./$(TARGET)-init $(NETOPEER_DIR)/ietf-interfaces/datastore.xml ipv4-non-contiguous-netmasks ipv6-privacy-autoconf 77 | 78 | .PHONY: uninstall 79 | uninstall: 80 | $(LIBTOOL) --mode=uninstall rm -rf $(DESTDIR)/$(libdir)/$(MODULE); 81 | rm -rf $(NETOPEER_DIR)/ietf-interfaces/ 82 | if test -n "$(NETOPEER_MANAGER)"; then \ 83 | if test -n "`$(NETOPEER_MANAGER) list | grep "^ietf-interfaces ("`"; then \ 84 | $(NETOPEER_MANAGER) rm --name ietf-interfaces; \ 85 | fi; \ 86 | fi 87 | 88 | .PHONY: clean 89 | clean: 90 | $(LIBTOOL) --mode clean rm -f $(LOBJS) 91 | $(LIBTOOL) --mode clean rm -f $(MODULE) 92 | rm -rf $(MODULE) $(TARGET)-init $(OBJDIR) 93 | -------------------------------------------------------------------------------- /transAPI/cfginterfaces/README: -------------------------------------------------------------------------------- 1 | cfginterfaces 2 | ------------- 3 | 4 | Implemented distribution support: 5 | - SUSE-based (tested on OpenSUSE) 6 | - RedHat-based (tested on Scientific Linux) 7 | - Debian-based (tested on Ubuntu) 8 | 9 | Since NetworkManager is not used for configuration, but 10 | traditional ifcfg-* scripts, only interfaces with an 11 | existing ifcfg configuration file are managed by 12 | cfginterfaces module, the rest is ignored. Nevertheless, 13 | even unmanaged interfaces are displayed in the 14 | "interfaces-state" tree. 15 | 16 | Note that even though ifcfg scripts may exist, they are not 17 | neccessarily used. Make sure that NetworkManager is not 18 | overriding the configuration. Morover, some avahi software 19 | (avahi-daemon, avahi-autoipd) is interfering with this module 20 | onfiguration and is therefore killed during cfginterfaces 21 | initialization. 22 | 23 | Lastly, configuration files "/etc/sysctl.conf/" and the ifcfg 24 | file for every network interface are monitored. This means 25 | that if there are any changes made to these files, 26 | the running configuration is updated to reflect the changes. 27 | However, they are considered applied and the corresponding 28 | callbacks are NOT called. Also, some monitored files may 29 | not exist, if those interfaces do not have their ifcfg files, 30 | so the warning messages are safe to be ignored. 31 | 32 | 33 | Model node semantics 34 | -------------------- 35 | 36 | With if-mib feature not supported, all the other features 37 | and nodes are behaving in the way described in the model 38 | with the exceptions mentioned below. 39 | 40 | /interfaces/interface/ipv4 41 | /interfaces/interface/ipv4/enabled 42 | 43 | With "ipv4" container missing altogether, IPv4 on the 44 | specific interface should be disabled. However, this is not 45 | currently possible on linux and therefore only all the the 46 | IPv4 addresses are flushed leaving the interface without any 47 | valid address and thus technically disabling IPv4. 48 | 49 | With "ipv4" container present and "enabled" child node 50 | either missing or set to "true", static routing is enabled 51 | with manually assigned IPv4 addresses from the 52 | configuration. If there are none set, this configuration 53 | equals having IPv4 disabled on this interface (missing 54 | "ipv4" container). 55 | 56 | Having "ipv4" container and "enabled" set to "false", DHCP 57 | client is started and manages this interface. Nevertheless, 58 | note that any "address" nodes are still valid and these IPv4 59 | addresses are assigned to the interface in addition to any 60 | addresses received by DHCP. Specially for loopback interfaces, 61 | any DHCP changes are ignored. 62 | 63 | /interfaces-state/interface/higher-layer-if 64 | /interfaces-state/interface/lower-layer-if 65 | 66 | These entries are never added to the state and are not 67 | supported. 68 | 69 | /interfaces-state/statistics/discontinuity-time 70 | 71 | This timestamp is generated/checked only while asking the 72 | server for its value, which makes it unable to be completely 73 | accurate. Usually, the timestamp returned represents 74 | no-later-than time of the discontinuity occurence. Note that 75 | even this may not hold, especially if there are long 76 | intervals between separate reads of this node. 77 | 78 | 79 | Troubleshooting 80 | --------------- 81 | 82 | RedHat 83 | 84 | /interfaces/interface/ipv6/autoconf/create-temporary-addresses 85 | /interfaces/interface/ipv6/autoconf/temporary-valid-lifetime 86 | /interfaces/interface/ipv6/autoconf/temporary-preferred-lifetime 87 | 88 | These autoconf nodes (ipv6-privacy-autoconf feature) may not 89 | have any effect or disappear after reboot. To address this 90 | issue, add "IPV6_PRIVACY=rfc3041" line to every interface 91 | ifcfg file that should support it. 92 | 93 | 94 | SUSE 95 | 96 | /interfaces/interface/ipv4/forwarding 97 | /interfaces/interface/ipv6/enabled 98 | /interfaces/interface/ipv6/forwarding 99 | /interfaces/interface/ipv6/mtu 100 | /interfaces/interface/ipv6/dup-addr-detect-transmits 101 | 102 | These nodes are set permanently by writing them into 103 | "/etc/sysctl.conf". On OpenSUSE, these settings may be 104 | overwritten during boot by SuSEfirewall2. If this happens, 105 | look into the config file "/etc/sysconfig/SuSEfirewall2" or 106 | simply run either "systemctl restart systemd-sysctl.service" 107 | or "sysctl -p" after each boot to re-apply these settings. 108 | 109 | 110 | cfginterfaces-init 111 | ------------------ 112 | 113 | This small utility is able to read the current interface 114 | configuration and store it as the startup configuration data 115 | to be used in the netopeer-server. 116 | 117 | The tool is automatically used with 'make install' is the 118 | Netopeer server (netopeer-manager(1)) is already installed, 119 | so after that you do not need to run it manually. 120 | 121 | Usage: 122 | ./cfginterfaces-init ... 123 | -------------------------------------------------------------------------------- /transAPI/cfginterfaces/cfginterfaces.h: -------------------------------------------------------------------------------- 1 | #ifndef _CFGINTERFACES_H_ 2 | #define _CFGINTERFACES_H_ 3 | 4 | #include 5 | 6 | struct device_stats { 7 | char reset_time[21]; /* discontinuity time (reset time) */ 8 | char in_octets[16]; /* total bytes received */ 9 | char in_pkts[16]; /* total packets received */ 10 | /* missing in-broadcast-pkts */ 11 | char in_mult_pkts[16]; /* multicast packets received */ 12 | char in_discards[16]; /* no space in linux buffers */ 13 | char in_errors[16]; /* bad packets received */ 14 | /* missing in-unknown-protos */ 15 | char out_octets[16]; /* total bytes transmitted */ 16 | char out_pkts[16]; /* total packets transmitted */ 17 | /* missing out-broadcast-pkts */ 18 | /* missing out-multicast-pkts */ 19 | char out_discards[16]; /* no space available in linux */ 20 | char out_errors[16]; /* packet transmit problems */ 21 | }; 22 | 23 | struct ip_addrs { 24 | unsigned int count; 25 | char** ip; 26 | char** prefix_or_mac; 27 | char** origin; 28 | char** status_or_state; 29 | char* is_router; 30 | }; 31 | 32 | void iface_cleanup(void); 33 | 34 | /* config */ 35 | int iface_enabled(const char* if_name, unsigned char boolean, char** msg); 36 | 37 | int iface_ipv4_forwarding(const char* if_name, unsigned char boolean, char** msg); 38 | int iface_ipv4_mtu(const char* if_name, unsigned int mtu, char** msg); 39 | int iface_ipv4_ip(const char* if_name, const char* ip, unsigned char prefix, XMLDIFF_OP op, char** msg); 40 | int iface_ipv4_neighbor(const char* if_name, const char* ip, const char* mac, XMLDIFF_OP op, char** msg); 41 | int iface_ipv4_enabled(const char* if_name, unsigned char enabled, xmlNodePtr node, unsigned char is_loopback, char** msg); 42 | 43 | int iface_ipv6_forwarding(const char* if_name, unsigned char boolean, char** msg); 44 | int iface_ipv6_mtu(const char* if_name, unsigned int mtu, char** msg); 45 | int iface_ipv6_ip(const char* if_name, const char* ip, unsigned char prefix, XMLDIFF_OP op, char** msg); 46 | int iface_ipv6_neighbor(const char* if_name, const char* ip, const char* mac, XMLDIFF_OP op, char** msg); 47 | int iface_ipv6_dup_addr_det(const char* if_name, unsigned int dup_addr_det, char** msg); 48 | int iface_ipv6_creat_glob_addr(const char* if_name, unsigned char boolean, char** msg); 49 | int iface_ipv6_creat_temp_addr(const char* if_name, unsigned char boolean, char** msg); 50 | int iface_ipv6_temp_val_lft(const char* if_name, unsigned int temp_val_lft, char** msg); 51 | int iface_ipv6_temp_pref_lft(const char* if_name, unsigned int temp_pref_lft, char** msg); 52 | int iface_ipv6_enabled(const char* if_name, unsigned char boolean, char** msg); 53 | 54 | /* state */ 55 | char** iface_get_ifcs(unsigned char config, unsigned int* dev_count, char** msg); 56 | 57 | char* iface_get_type(const char* if_name, char** msg); 58 | char* iface_get_operstatus(const char* if_name, char** msg); 59 | char* iface_get_lastchange(const char* if_name, char** msg); 60 | char* iface_get_hwaddr(const char* if_name, char** msg); 61 | char* iface_get_speed(const char* if_name, char** msg); 62 | int iface_get_stats(const char* if_name, struct device_stats* stats, char** msg); 63 | 64 | int iface_get_ipv4_presence(unsigned char config, const char* if_name, char** msg); 65 | char* iface_get_ipv4_enabled(const char* if_name, char** msg); 66 | char* iface_get_ipv4_forwarding(unsigned char config, const char* if_name, char** msg); 67 | char* iface_get_ipv4_mtu(unsigned char config, const char* if_name, char** msg); 68 | int iface_get_ipv4_ipaddrs(unsigned char config, const char* if_name, struct ip_addrs* ips, char** msg); 69 | int iface_get_ipv4_neighs(unsigned char config, const char* if_name, struct ip_addrs* neighs, char** msg); 70 | 71 | int iface_get_ipv6_presence(unsigned char config, const char* if_name, char** msg); 72 | char* iface_get_ipv6_forwarding(unsigned char config, const char* if_name, char** msg); 73 | char* iface_get_ipv6_mtu(unsigned char config, const char* if_name, char** msg); 74 | int iface_get_ipv6_ipaddrs(unsigned char config, const char* if_name, struct ip_addrs* ips, char** msg); 75 | int iface_get_ipv6_neighs(unsigned char config, const char* if_name, struct ip_addrs* neighs, char** msg); 76 | 77 | /* init (get config functions) */ 78 | char* iface_get_enabled(unsigned char config, const char* if_name, char** msg); 79 | 80 | char* iface_get_ipv6_dup_addr_det(unsigned char config, const char* if_name, char** msg); 81 | char* iface_get_ipv6_creat_glob_addr(unsigned char config, const char* if_name, char** msg); 82 | char* iface_get_ipv6_creat_temp_addr(unsigned char config, const char* if_name, char** msg); 83 | char* iface_get_ipv6_temp_val_lft(unsigned char config, const char* if_name, char** msg); 84 | char* iface_get_ipv6_temp_pref_lft(unsigned char config, const char* if_name, char** msg); 85 | 86 | #endif /* _CFGINTERFACES_H_ */ 87 | -------------------------------------------------------------------------------- /transAPI/cfginterfaces/cfginterfaces_paths.txt: -------------------------------------------------------------------------------- 1 | if=urn:ietf:params:xml:ns:yang:ietf-interfaces 2 | ip=urn:ietf:params:xml:ns:yang:ietf-ip 3 | /if:interfaces/if:interface 4 | /if:interfaces/if:interface/ip:ipv4 5 | /if:interfaces/if:interface/ip:ipv4/ip:enabled 6 | /if:interfaces/if:interface/ip:ipv4/ip:forwarding 7 | /if:interfaces/if:interface/ip:ipv4/ip:mtu 8 | /if:interfaces/if:interface/ip:ipv4/ip:address 9 | /if:interfaces/if:interface/ip:ipv4/ip:neighbor 10 | /if:interfaces/if:interface/ip:ipv6 11 | /if:interfaces/if:interface/ip:ipv6/ip:enabled 12 | /if:interfaces/if:interface/ip:ipv6/ip:forwarding 13 | /if:interfaces/if:interface/ip:ipv6/ip:mtu 14 | /if:interfaces/if:interface/ip:ipv6/ip:address 15 | /if:interfaces/if:interface/ip:ipv6/ip:neighbor 16 | /if:interfaces/if:interface/ip:ipv6/ip:dup-addr-detect-transmits 17 | /if:interfaces/if:interface/ip:ipv6/ip:autoconf/ip:create-global-addresses 18 | /if:interfaces/if:interface/ip:ipv6/ip:autoconf/ip:create-temporary-addresses 19 | /if:interfaces/if:interface/ip:ipv6/ip:autoconf/ip:temporary-valid-lifetime 20 | /if:interfaces/if:interface/ip:ipv6/ip:autoconf/ip:temporary-preferred-lifetime 21 | /if:interfaces/if:interface/if:link-up-down-trap-enable 22 | /if:interfaces/if:interface/if:enabled -------------------------------------------------------------------------------- /transAPI/cfginterfaces/config.h.in: -------------------------------------------------------------------------------- 1 | #ifndef _CONFIG_H_ 2 | #define _CONFIG_H_ 3 | 4 | #define @DISTRO@ 5 | 6 | /* avahi SW presence */ 7 | #define @AVAHI_DAEMON@ 8 | #define @AVAHI_AUTOIPD@ 9 | 10 | /* installed DHCP client (this command followed by the interface will be executed) */ 11 | #define DHCP_CLIENT_RENEW "@DHCP_CLIENT_RENEW@" 12 | #define DHCP_CLIENT_RELEASE "@DHCP_CLIENT_RELEASE@" 13 | 14 | /* path to the device statistics file */ 15 | #define DEV_STATS_PATH "/proc/net/dev" 16 | 17 | /* directory with ifcfg scripts (on Debian a single file) */ 18 | #define IFCFG_FILES_PATH "@IFCFG_FILES@" 19 | 20 | /* directory with additional bash scripts (executed by if(up/down), not used on Debian) */ 21 | #define IFCFG_SCRIPTS_PATH "@IFCFG_SCRIPTS@" 22 | 23 | /* sysctl script */ 24 | #define SYSCTL_CONF_PATH "@SYSCTL_CONF@" 25 | 26 | #endif /* _CONFIG_H_ */ 27 | -------------------------------------------------------------------------------- /transAPI/cfginterfaces/model/ietf-inet-types.yin: -------------------------------------------------------------------------------- 1 | 2 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | -------------------------------------------------------------------------------- /transAPI/cfginterfaces/model/ietf-interfaces-config.rng.in: -------------------------------------------------------------------------------- 1 | 2 | truefalseenableddisabledtruefalsetruefalse68032truefalsetruefalse12800128truefalsetruefalse 3 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/Makefile.in: -------------------------------------------------------------------------------- 1 | PKGNAME = @PROJECTNAME@ 2 | TARGET = @PROJECTNAME@ 3 | MODULE = $(TARGET).la 4 | 5 | # Various configurable paths (remember to edit Makefile.in, not Makefile) 6 | prefix = @prefix@ 7 | exec_prefix = @exec_prefix@ 8 | datarootdir = @datarootdir@ 9 | datadir = @datadir@ 10 | bindir = @bindir@ 11 | includedir = @includedir@ 12 | libdir = @libdir@ 13 | mandir = @mandir@ 14 | libtool = @libtool@ 15 | sysconfdir = @sysconfdir@ 16 | NETOPEER_DIR = @NETOPEER_DIR@ 17 | 18 | CC = @CC@ 19 | INSTALL = @INSTALL@ 20 | INSTALL_PROGRAM = @INSTALL_PROGRAM@ 21 | INSTALL_DATA = @INSTALL_DATA@ 22 | LIBS = @LIBS@ 23 | CFLAGS = -Wall -Wno-unused-result @CFLAGS@ 24 | CPPFLAGS = @CPPFLAGS@ -DNETOPEER_DIR=\"$(NETOPEER_DIR)\" 25 | LIBTOOL = $(libtool) --tag=CC --quiet 26 | NETOPEER_MANAGER = @NETOPEER_MANAGER@ 27 | 28 | MODEL = model/ietf-system.yin \ 29 | model/iana-crypt-hash.yin \ 30 | model/ietf-system-config.rng \ 31 | model/ietf-system-gdefs-config.rng \ 32 | model/ietf-system-schematron.xsl 33 | 34 | SRCS = $(TARGET).c \ 35 | base/common.c \ 36 | base/date_time.c \ 37 | base/platform.c \ 38 | base/dns_resolver.c \ 39 | base/shutdown.c \ 40 | base/encrypt.c \ 41 | base/salt.c \ 42 | base/local_users.c 43 | 44 | OBJDIR = .obj 45 | LOBJS = $(SRCS:%.c=$(OBJDIR)/%.lo) 46 | 47 | all: $(MODULE) $(TARGET)-init 48 | 49 | $(TARGET)-init: $(SRCS) $(TARGET)-init.c 50 | $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $^ $(LIBS) 51 | 52 | $(MODULE): $(LOBJS) 53 | $(LIBTOOL) --mode=link $(CC) $(CFLAGS) $(CPPFLAGS) $(LIBS) -avoid-version -module -shared -export-dynamic --mode=link -o $@ $^ -rpath $(libdir) 54 | 55 | $(OBJDIR)/%.lo: %.c 56 | @[ -d $$(dirname $@) ] || \ 57 | (mkdir -p $$(dirname $@)) 58 | $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) -fPIC -shared -c $< -o $@ 59 | 60 | .PHONY: install 61 | install: $(MODULE) $(TARGET)-init 62 | $(INSTALL) -m 775 -d $(DESTDIR)/$(libdir) 63 | $(LIBTOOL) --mode=install cp $(MODULE) $(DESTDIR)/$(libdir)/; 64 | $(INSTALL) -d $(NETOPEER_DIR)/ietf-system/ 65 | @for i in $(MODEL); do \ 66 | $(INSTALL_DATA) -m 600 $$i $(NETOPEER_DIR)/ietf-system/; \ 67 | done 68 | if test -n "$(NETOPEER_MANAGER)"; then \ 69 | if test -n "`$(NETOPEER_MANAGER) list | grep "^ietf-system ("`"; then \ 70 | $(NETOPEER_MANAGER) rm --name ietf-system; \ 71 | fi; \ 72 | $(NETOPEER_MANAGER) add --name ietf-system \ 73 | --model $(NETOPEER_DIR)/ietf-system/ietf-system.yin \ 74 | --transapi $(DESTDIR)/$(libdir)/cfgsystem.so \ 75 | --features @FEATURES@ \ 76 | --datastore $(NETOPEER_DIR)/ietf-system/datastore.xml; \ 77 | fi; \ 78 | ./$(TARGET)-init $(NETOPEER_DIR)/ietf-system/datastore.xml @FEATURES@ 79 | 80 | .PHONY: uninstall 81 | uninstall: 82 | $(LIBTOOL) --mode=uninstall rm -rf $(DESTDIR)/$(libdir)/$(MODULE); 83 | rm -rf $(NETOPEER_DIR)/ietf-system/ 84 | if test -n "$(NETOPEER_MANAGER)"; then \ 85 | if test -n "`$(NETOPEER_MANAGER) list | grep "^ietf-system ("`"; then \ 86 | $(NETOPEER_MANAGER) rm --name ietf-system; \ 87 | fi; \ 88 | fi 89 | 90 | .PHONY: clean 91 | clean: 92 | $(LIBTOOL) --mode clean rm -f $(LOBJS) 93 | $(LIBTOOL) --mode clean rm -f $(MODULE) 94 | rm -rf $(MODULE) $(TARGET)-init $(OBJDIR) 95 | 96 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/README: -------------------------------------------------------------------------------- 1 | Use on your own risk, it can harm your system configuration files. 2 | 3 | cfgsystem.so 4 | ------------ 5 | 6 | TransAPI module primarily intended for the Netopeer server, but in general 7 | for libnetconf based NETCONF servers. The module should correctly work on 8 | RHEL, SUSE and Debian based distros. 9 | 10 | Install 11 | ~~~~~~~ 12 | 13 | $ ./configure 14 | $ make 15 | # make install 16 | 17 | configure options: 18 | 19 | --with-netopeer-confdir=DIR 20 | 21 | If you changed the sysconfdir of the Netopeer server, please reflect 22 | this change in this option. By default, the Netopeer server stores its 23 | configuration files in ${sysconfdir}/netopeer/ directory. Instead of the 24 | complete path, you can alternatively specify the sysconfdir value 25 | (--sysconfdir=DIR) in the same way as in case of the Netopeer server. 26 | 27 | --with-[useradd|userdel|shutdown]=PATH 28 | 29 | On some distros (RHEL based) when a normal user builds (run configure) 30 | it is unable to detect, that these tools are available when you are 31 | root. Therefore, if configure cannot detect those tools, you can specify 32 | them manually. Otherwise, configure switches off the functionality of the 33 | cfgsystem that depends on that tools. 34 | 35 | Functionality 36 | ~~~~~~~~~~~~~ 37 | 38 | This module implements ietf-system data model as defined in RFC 7317. It 39 | implements only the folowing features of the data model: 40 | 41 | - authentication - configuration of the user authentication by manipulating 42 | with the sshd_config of SSH daemon listening for the NETCONF connections 43 | and basic certificate management. 44 | - local-users - configuration of local user authentication by manipulating 45 | with the /etc/passwd, /etc/shadow and ~/.ssh/authorized_keys files. 46 | - ntp - configuration of usage NTP server(s) by manipulating with 47 | /etc/ntp.conf file and the ntp (or ntpd on RHEL based distros) service. 48 | - timezone-name - allows timezone configuration using TZ database. 49 | 50 | The module also allows configuration of 51 | - DNS resolver by manipulating with the /etc/resolv.conf. 52 | 53 | For the detailed description of content for the specific configuration 54 | element, please read the RFC 7317. 55 | 56 | !!environment variables: 57 | 58 | cfgsystem relies on retrieving some information from the environment 59 | variables exported by netopeer-server(8), namely: 60 | 61 | SSHD_PID - PID number of the sshd process 62 | 63 | File monitoring 64 | ~~~~~~~~~~~~~~~ 65 | 66 | 4 files are monitored: 67 | 68 | - /etc/passwd 69 | - /etc/shadow 70 | - /etc/ntp.conf 71 | - /etc/resolv.conf 72 | 73 | Any changes to these files outside this module are reflected in the running 74 | configuration. However, no callbacks are called for these changes and it is 75 | assumed that they were applied outside cfgsystem (some other application, 76 | a user, e.c.). 77 | 78 | cfgsystem-init 79 | -------------- 80 | 81 | This small utility is able to load all the configurations managed by the 82 | ietf-system model and store them as the startup configuration data for use 83 | in the netopeer-server. 84 | 85 | The tool is automatically used with 'make install' when the Netopeer server 86 | (netopeer-manager(1)) is already installed, so after that you don't need to run 87 | it manually. 88 | 89 | Remember, that having empty startup datastore on netopeer-server startup with 90 | the cfgsystem module enabled causes removing all current configuration settings 91 | (NTP and DNS servers, users,...)! 92 | 93 | Usage: 94 | ./cfgsystem-init ... 95 | 96 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/base/common.h.in: -------------------------------------------------------------------------------- 1 | /** 2 | * \file common.h 3 | * \brief Internal header file for cfgsystem module 4 | * \author Radek Krejci 5 | * \date 2014 6 | * 7 | * Copyright (C) 2014 CESNET 8 | * 9 | * LICENSE TERMS 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions 13 | * are met: 14 | * 1. Redistributions of source code must retain the above copyright 15 | * notice, this list of conditions and the following disclaimer. 16 | * 2. Redistributions in binary form must reproduce the above copyright 17 | * notice, this list of conditions and the following disclaimer in 18 | * the documentation and/or other materials provided with the 19 | * distribution. 20 | * 3. Neither the name of the Company nor the names of its contributors 21 | * may be used to endorse or promote products derived from this 22 | * software without specific prior written permission. 23 | * 24 | * ALTERNATIVELY, provided that this notice is retained in full, this 25 | * product may be distributed under the terms of the GNU General Public 26 | * License (GPL) version 2 or later, in which case the provisions 27 | * of the GPL apply INSTEAD OF those given above. 28 | * 29 | * This software is provided ``as is'', and any express or implied 30 | * warranties, including, but not limited to, the implied warranties of 31 | * merchantability and fitness for a particular purpose are disclaimed. 32 | * In no event shall the company or contributors be liable for any 33 | * direct, indirect, incidental, special, exemplary, or consequential 34 | * damages (including, but not limited to, procurement of substitute 35 | * goods or services; loss of use, data, or profits; or business 36 | * interruption) however caused and on any theory of liability, whether 37 | * in contract, strict liability, or tort (including negligence or 38 | * otherwise) arising in any way out of the use of this software, even 39 | * if advised of the possibility of such damage. 40 | * 41 | */ 42 | 43 | #ifndef COMMON_H_ 44 | #define COMMON_H_ 45 | 46 | #define AUGEAS_NTP_CONF "/etc/ntp.conf" 47 | #define AUGEAS_DNS_CONF "/etc/resolv.conf" 48 | #define AUGEAS_LOGIN_CONF "/etc/login.defs" 49 | 50 | #define USERADD_PATH "@USERADD@" 51 | #define USERDEL_PATH "@USERDEL@" 52 | 53 | #define SHUTDOWN_PATH "@SHUTDOWN@" 54 | 55 | /** 56 | * @brief init augeas structures needed for cfgsystem module 57 | * @param msg[out] error message in case of error. 58 | * @return EXIT_SUCCESS or EXIT_FAILURE 59 | */ 60 | int augeas_init(char** msg); 61 | 62 | /** 63 | * @brief save all changes in configuration files covered by cfgsystem's auageas 64 | * @param msg[out] error message in case of error. 65 | * @return EXIT_SUCCESS or EXIT_FAILURE 66 | */ 67 | int augeas_save(char** msg); 68 | 69 | /** 70 | * @brief close augeas structures used by cfgsystem module 71 | */ 72 | void augeas_close(void); 73 | 74 | #endif /* COMMON_H_ */ 75 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/base/date_time.h: -------------------------------------------------------------------------------- 1 | /*! 2 | * \file date_time.h 3 | * \brief Functions for date/time/timezone manipulation 4 | * \author Miroslav Brabenec 5 | * \author Tomas Cejka 6 | * \date 2013 7 | */ 8 | /* 9 | * Copyright (C) 2013 CESNET 10 | * 11 | * LICENSE TERMS 12 | * 13 | * Redistribution and use in source and binary forms, with or without 14 | * modification, are permitted provided that the following conditions 15 | * are met: 16 | * 1. Redistributions of source code must retain the above copyright 17 | * notice, this list of conditions and the following disclaimer. 18 | * 2. Redistributions in binary form must reproduce the above copyright 19 | * notice, this list of conditions and the following disclaimer in 20 | * the documentation and/or other materials provided with the 21 | * distribution. 22 | * 3. Neither the name of the Company nor the names of its contributors 23 | * may be used to endorse or promote products derived from this 24 | * software without specific prior written permission. 25 | * 26 | * ALTERNATIVELY, provided that this notice is retained in full, this 27 | * product may be distributed under the terms of the GNU General Public 28 | * License (GPL) version 2 or later, in which case the provisions 29 | * of the GPL apply INSTEAD OF those given above. 30 | * 31 | * This software is provided ``as is'', and any express or implied 32 | * warranties, including, but not limited to, the implied warranties of 33 | * merchantability and fitness for a particular purpose are disclaimed. 34 | * In no event shall the company or contributors be liable for any 35 | * direct, indirect, incidental, special, exemplary, or consequential 36 | * damages (including, but not limited to, procurement of substitute 37 | * goods or services; loss of use, data, or profits; or business 38 | * interruption) however caused and on any theory of liability, whether 39 | * in contract, strict liability, or tort (including negligence or 40 | * otherwise) arising in any way out of the use of this software, even 41 | * if advised of the possibility of such damage. 42 | * 43 | */ 44 | 45 | #ifndef DATE_TIME_H_ 46 | #define DATE_TIME_H_ 47 | 48 | #include 49 | #include 50 | 51 | #include 52 | 53 | /** 54 | * @brief set the /etc/localtime file to right timezone 55 | * @param name[in] name of new timezone (e.g. "Europe/Prague") 56 | * file with this name has to be in /usr/share/zomeinfo/ folder 57 | * @param errmsg[out] error message in case of error. 58 | * @return EXIT_SUCCESS or EXIT_FAILURE 59 | */ 60 | int tz_set(const char *name, char** errmsg); 61 | 62 | /** 63 | * @brief set the /etc/localtime file to right timezone 64 | * @param offset[in] GMT/UTC offset in minutes (e.g. -120) 65 | * @param errmsg[out] error message in case of error. 66 | * @return EXIT_SUCCESS or EXIT_FAILURE 67 | */ 68 | int set_gmt_offset(int offset, char** errmsg); 69 | 70 | /** 71 | * @brief return boot time as seconds since Epoch 72 | * @return boot time, 0 on failure 73 | */ 74 | time_t boottime_get(void); 75 | 76 | /** 77 | * @brief start ntp service on your system 78 | * @return EXIT_SUCCESS or EXIT_FAILURE 79 | */ 80 | int ntp_start(void); 81 | 82 | /** 83 | * @brief stop ntp service on your system 84 | * @return EXIT_SUCCESS or EXIT_FAILURE 85 | */ 86 | int ntp_stop(void); 87 | 88 | /** 89 | * @brief restart ntp service on your system 90 | * @return EXIT_SUCCESS or EXIT_FAILURE 91 | */ 92 | int ntp_restart(void); 93 | 94 | /** 95 | * @brief check the status of ntp service on your system 96 | * @return 1 ntp running 97 | * @return 0 ntp not running or checking failed 98 | */ 99 | int ntp_status(void); 100 | 101 | /** 102 | * @brief Get current (real) configuration of the ntp part in XML format. 103 | * @param ns[in] XML namespace for the XML subtree being created. 104 | * @param errmsg[out] error message in case of error. 105 | * @return Created XML subtree or NULL on failure. 106 | */ 107 | xmlNodePtr ntp_getconfig(xmlNsPtr ns, char** errmsg); 108 | 109 | /** 110 | * @brief add new NTP server config to be used 111 | * @param udp_address[in] NTP server address 112 | * @param association_type[in] association type ('server', 'peer', 'pool'). 113 | * @param iburst[in] whether to set iburst option 114 | * @param prefer[in] whether to set prefer option 115 | * @param msg[out] error message in case of an error 116 | * @return EXIT_SUCCESS or EXIT_FAILURE 117 | */ 118 | int ntp_add_server(const char* udp_address, const char* association_type, bool iburst, bool prefer, char** msg); 119 | 120 | /** 121 | * @brief remove the NTP server 122 | * @param udp_address[in] address of the NTP server to be removed 123 | * @param association_type[in[ association type ('server', 'peer', 'pool') of 124 | * the NTP server to be removed 125 | * @param iburst[in] whether it had iburst option set 126 | * @param prefer[in] whether it had prefer option set 127 | * @param msg error message in case of an error 128 | * @return EXIT_SUCCESS or EXIT_FAILURE 129 | */ 130 | int ntp_rm_server(const char* udp_address, const char* association_type, bool iburst, bool prefer, char** msg); 131 | 132 | /** 133 | * @brief resolve an URL in both IPv4 and IPv6 134 | * @param server_name[in] URL of a server 135 | * @param msg[out] error message in case of an error 136 | * @return NULL terminated list of IP addresses or NULL in case of error. 137 | */ 138 | char** ntp_resolve_server(const char* server_name, char** msg); 139 | 140 | /** 141 | * @brief get the current timezone offset 142 | * @return timezone offset in minutes, cannot fail 143 | */ 144 | long tz_get_offset(void); 145 | 146 | /** 147 | * @brief get the current timezone 148 | * @return timezone identification, cannot fail 149 | */ 150 | const char* tz_get(void); 151 | 152 | #endif /* DATE_TIME_H_ */ 153 | 154 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/base/encrypt.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 1990 - 1993, Julianne Frances Haugh 3 | * Copyright (c) 1996 - 2000, Marek Michałkiewicz 4 | * Copyright (c) 2005 , Tomasz Kłoczko 5 | * Copyright (c) 2007 - 2010, Nicolas François 6 | * All rights reserved. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in the 15 | * documentation and/or other materials provided with the distribution. 16 | * 3. The name of the copyright holders or contributors may not be used to 17 | * endorse or promote products derived from this software without 18 | * specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 23 | * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 | * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | */ 32 | 33 | #ident "$Id: encrypt.c 3231 2010-08-22 13:04:54Z nekral-guest $" 34 | 35 | #define _XOPEN_SOURCE 36 | #include 37 | #include 38 | #include 39 | #include 40 | 41 | /*@exposed@*/char *pw_encrypt(const char *clear, const char *salt) 42 | { 43 | static char cipher[128]; 44 | char *cp; 45 | 46 | cp = crypt(clear, salt); 47 | if (!cp) { 48 | /* 49 | * Single Unix Spec: crypt() may return a null pointer, 50 | * and set errno to indicate an error. The caller doesn't 51 | * expect us to return NULL, so... 52 | */ 53 | return (NULL); 54 | } 55 | 56 | /* The GNU crypt does not return NULL if the algorithm is not 57 | * supported, and return a DES encrypted password. */ 58 | if ((NULL != salt) && (salt[0] == '$') && (strlen(cp) <= 13)) { 59 | return (NULL); 60 | } 61 | 62 | if (strlen(cp) != 13) { 63 | return cp; /* nonstandard crypt() in libc, better bail out */ 64 | } 65 | 66 | strcpy(cipher, cp); 67 | 68 | return cipher; 69 | } 70 | 71 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/base/encrypt.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file encrypt.h 3 | * \brief Internal header file for encryption functions from salt.c and encrypt.c 4 | * \author Radek Krejci 5 | * \date 2014 6 | * 7 | * Copyright (C) 2014 CESNET 8 | * 9 | * LICENSE TERMS 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions 13 | * are met: 14 | * 1. Redistributions of source code must retain the above copyright 15 | * notice, this list of conditions and the following disclaimer. 16 | * 2. Redistributions in binary form must reproduce the above copyright 17 | * notice, this list of conditions and the following disclaimer in 18 | * the documentation and/or other materials provided with the 19 | * distribution. 20 | * 3. Neither the name of the Company nor the names of its contributors 21 | * may be used to endorse or promote products derived from this 22 | * software without specific prior written permission. 23 | * 24 | * ALTERNATIVELY, provided that this notice is retained in full, this 25 | * product may be distributed under the terms of the GNU General Public 26 | * License (GPL) version 2 or later, in which case the provisions 27 | * of the GPL apply INSTEAD OF those given above. 28 | * 29 | * This software is provided ``as is'', and any express or implied 30 | * warranties, including, but not limited to, the implied warranties of 31 | * merchantability and fitness for a particular purpose are disclaimed. 32 | * In no event shall the company or contributors be liable for any 33 | * direct, indirect, incidental, special, exemplary, or consequential 34 | * damages (including, but not limited to, procurement of substitute 35 | * goods or services; loss of use, data, or profits; or business 36 | * interruption) however caused and on any theory of liability, whether 37 | * in contract, strict liability, or tort (including negligence or 38 | * otherwise) arising in any way out of the use of this software, even 39 | * if advised of the possibility of such damage. 40 | * 41 | */ 42 | 43 | #ifndef ENCRYPT_H 44 | #define ENCRYPT_H_ 45 | 46 | /** 47 | * @brief prepare salt for the crypt() function 48 | * @param meth[in] Encryption method (MD5, DES, SHA256, SHA512) 49 | * @param arg[in] number of rounds in case of SHA encryption 50 | * @return created salt 51 | */ 52 | const char *crypt_make_salt(const char *meth, void *arg); 53 | 54 | /** 55 | * @brief wrapper for crypt() with error handling 56 | * @param clear[in] plain text password 57 | * @param salt[in] salt for hashing the password 58 | * @return encrypted password including algorithm id, its parameters and salt 59 | */ 60 | char *pw_encrypt(const char *clear, const char *salt); 61 | 62 | #endif /* ENCRYPT_H */ 63 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/base/local_users.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file local_users.c 3 | * \brief Functions for manipulation with local users 4 | * \author Michal Vasko 5 | * \date 2013 6 | * 7 | * Copyright (C) 2013 CESNET 8 | * 9 | * LICENSE TERMS 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions 13 | * are met: 14 | * 1. Redistributions of source code must retain the above copyright 15 | * notice, this list of conditions and the following disclaimer. 16 | * 2. Redistributions in binary form must reproduce the above copyright 17 | * notice, this list of conditions and the following disclaimer in 18 | * the documentation and/or other materials provided with the 19 | * distribution. 20 | * 3. Neither the name of the Company nor the names of its contributors 21 | * may be used to endorse or promote products derived from this 22 | * software without specific prior written permission. 23 | * 24 | * ALTERNATIVELY, provided that this notice is retained in full, this 25 | * product may be distributed under the terms of the GNU General Public 26 | * License (GPL) version 2 or later, in which case the provisions 27 | * of the GPL apply INSTEAD OF those given above. 28 | * 29 | * This software is provided ``as is'', and any express or implied 30 | * warranties, including, but not limited to, the implied warranties of 31 | * merchantability and fitness for a particular purpose are disclaimed. 32 | * In no event shall the company or contributors be liable for any 33 | * direct, indirect, incidental, special, exemplary, or consequential 34 | * damages (including, but not limited to, procurement of substitute 35 | * goods or services; loss of use, data, or profits; or business 36 | * interruption) however caused and on any theory of liability, whether 37 | * in contract, strict liability, or tort (including negligence or 38 | * otherwise) arising in any way out of the use of this software, even 39 | * if advised of the possibility of such damage. 40 | * 41 | */ 42 | 43 | #ifndef LOCAL_USERS_H_ 44 | #define LOCAL_USERS_H_ 45 | 46 | #include 47 | 48 | /** 49 | * @brief Get current (real) configuration of the authentication part in XML format. 50 | * @param ns[in] XML namespace for the XML subtree being created. 51 | * @param errmsg[out] error message in case of error. 52 | * @return Created XML subtree or NULL on failure. 53 | */ 54 | xmlNodePtr users_getxml(xmlNsPtr ns, char** msg); 55 | 56 | /** 57 | * @brief Add new user. 58 | * @param name[in] username 59 | * @param passwd[in] password for the user, can be NULL (not set), $0$plaintext 60 | * (it will be encrypted), $X$hash (already encrypted using algorithm X). 61 | * @param msg[out] error message in case of error. 62 | * @return stored (encrypted) password 63 | */ 64 | const char* users_add(const char *name, const char *passwd, char **msg); 65 | 66 | /** 67 | * @brief remove the specified user 68 | * @param name[in] username of user to remove 69 | * @param msg[out] error message in case of error. 70 | * @return EXIT_SUCCESS or EXIT_FAILURE 71 | */ 72 | int users_rm(const char *name, char **msg); 73 | 74 | /** 75 | * @brief change password of the user 76 | * @param name[in] username 77 | * @param passwd[in] password for the user, can be NULL (not set), $0$plaintext 78 | * (it will be encrypted), $X$hash (already encrypted using algorithm X). 79 | * @param msg[out] error message in case of error. 80 | * @return stored (encrypted) password 81 | */ 82 | const char* users_mod(const char *name, const char *passwd, char **msg); 83 | 84 | /** 85 | * @brief Add authorized key for the specified user 86 | * @param username[in] name of the user where add the authorized key 87 | * @param id[in] id of the key, it is stored as a comment for the key 88 | * @param algorithm[in] used algorithm for the key data 89 | * @param pem[in] authorized key data, in format stored by openSSH (algoithm data) 90 | * @param msg[out] error message in case of error. 91 | * @return EXIT_SUCCESS or EXIT_FAILURE 92 | */ 93 | int authkey_add(const char *username, const char *id, const char *algorithm, const char *pem, char **msg); 94 | 95 | /** 96 | * @brief Remove authorized key 97 | * @param username[in] name of the user where manipulate with authorized keys 98 | * @param id[in] id of the key to remove, it is stored as the key's comment 99 | * @param msg[out] error message in case of error. 100 | * @return EXIT_SUCCESS or EXIT_FAILURE 101 | */ 102 | int authkey_rm(const char *username, const char*id, char **msg); 103 | 104 | /** 105 | * @brief enable local-users authentication. 106 | * 107 | * It sets 'yes' to PasswordAuthentication option in sshd_config of the SSH 108 | * daemon listening for incoming NETCONF connections. 109 | * 110 | * @param msg[out] error message in case of error. 111 | * @return EXIT_SUCCESS or EXIT_FAILURE 112 | */ 113 | int auth_enable(char **msg); 114 | 115 | /** 116 | * @brief disable local-users authentication. 117 | * 118 | * It sets 'no' to PasswordAuthentication option in sshd_config of the SSH 119 | * daemon listening for incoming NETCONF connections. Users can be still 120 | * authenticated via SSH keys. 121 | * 122 | * @param msg[out] error message in case of error. 123 | * @return EXIT_SUCCESS or EXIT_FAILURE 124 | */ 125 | int auth_disable(char **msg); 126 | 127 | #endif /* LOCAL_USERS_H_ */ 128 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/base/platform.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file platform.c 3 | * \brief Functions for getting onformation about platform 4 | * \author Michal Vasko 5 | * \author Tomas Cejka 6 | * \date 2013 7 | * 8 | * Copyright (C) 2013 CESNET 9 | * 10 | * LICENSE TERMS 11 | * 12 | * Redistribution and use in source and binary forms, with or without 13 | * modification, are permitted provided that the following conditions 14 | * are met: 15 | * 1. Redistributions of source code must retain the above copyright 16 | * notice, this list of conditions and the following disclaimer. 17 | * 2. Redistributions in binary form must reproduce the above copyright 18 | * notice, this list of conditions and the following disclaimer in 19 | * the documentation and/or other materials provided with the 20 | * distribution. 21 | * 3. Neither the name of the Company nor the names of its contributors 22 | * may be used to endorse or promote products derived from this 23 | * software without specific prior written permission. 24 | * 25 | * ALTERNATIVELY, provided that this notice is retained in full, this 26 | * product may be distributed under the terms of the GNU General Public 27 | * License (GPL) version 2 or later, in which case the provisions 28 | * of the GPL apply INSTEAD OF those given above. 29 | * 30 | * This software is provided ``as is'', and any express or implied 31 | * warranties, including, but not limited to, the implied warranties of 32 | * merchantability and fitness for a particular purpose are disclaimed. 33 | * In no event shall the company or contributors be liable for any 34 | * direct, indirect, incidental, special, exemplary, or consequential 35 | * damages (including, but not limited to, procurement of substitute 36 | * goods or services; loss of use, data, or profits; or business 37 | * interruption) however caused and on any theory of liability, whether 38 | * in contract, strict liability, or tort (including negligence or 39 | * otherwise) arising in any way out of the use of this software, even 40 | * if advised of the possibility of such damage. 41 | * 42 | */ 43 | 44 | #define _GNU_SOURCE 45 | #define _XOPEN_SOURCE 700 46 | 47 | #include 48 | #include 49 | #include 50 | #include 51 | #include 52 | #include 53 | #include 54 | 55 | #include "platform.h" 56 | 57 | #define REDHAT_RELEASE_PATH "/etc/redhat-release" 58 | #define SUSE_RELEASE_PATH "/etc/SuSE-release" 59 | #define DEBIAN_RELEASE_PATH "/etc/debian_version" 60 | 61 | #define REDHAT_HOSTNAME_PATH "/etc/sysconfig/network" 62 | #define SUSE_HOSTNAME_PATH "/etc/HOSTNAME" 63 | #define DEBIAN_HOSTNAME_PATH "/etc/hostname" 64 | 65 | DISTRO distribution_id = 0; 66 | 67 | static struct utsname kernel; 68 | static char kernel_filled = 0; 69 | 70 | static void fill_kernel(void) 71 | { 72 | if (uname(&kernel) == -1) { 73 | nc_verb_error("uname(2) failed (%s).", strerror(errno)); 74 | return; 75 | } 76 | 77 | kernel_filled = 1; 78 | } 79 | 80 | void identity_detect(void) 81 | { 82 | int file_ok; 83 | 84 | /* RHEL, CentOS, Scientific Linux, Fedora */ 85 | file_ok = access(REDHAT_RELEASE_PATH, F_OK); /*"/etc/redhat-release"*/ 86 | if (file_ok == 0) { 87 | distribution_id = REDHAT; 88 | return; 89 | } 90 | 91 | /* SuSE, openSUSE */ 92 | file_ok = access(SUSE_RELEASE_PATH, F_OK); /*"/etc/SuSE-release"*/ 93 | if (file_ok == 0) { 94 | distribution_id = SUSE; 95 | return; 96 | } 97 | 98 | /* Debian, Ubuntu */ 99 | file_ok = access(DEBIAN_RELEASE_PATH, F_OK); /*"/etc/debian_version"*/ 100 | if (file_ok == 0) { 101 | distribution_id = DEBIAN; 102 | return; 103 | } 104 | 105 | distribution_id = UNKNOWN; 106 | } 107 | 108 | const char* get_nodename(void) 109 | { 110 | if (!kernel_filled) { 111 | fill_kernel(); 112 | } 113 | return kernel.nodename; 114 | } 115 | 116 | const char* get_os_release(void) 117 | { 118 | if (!kernel_filled) { 119 | fill_kernel(); 120 | } 121 | return kernel.release; 122 | } 123 | 124 | const char* get_os_version(void) 125 | { 126 | if (!kernel_filled) { 127 | fill_kernel(); 128 | } 129 | return kernel.version; 130 | } 131 | 132 | /* co všechno nechám vracet nclc_get_os_machine */ 133 | const char* get_os_machine(void) 134 | { 135 | if (!kernel_filled) { 136 | fill_kernel(); 137 | } 138 | return kernel.machine; 139 | } 140 | 141 | const char* get_sysname(void) 142 | { 143 | if (!kernel_filled) { 144 | fill_kernel(); 145 | } 146 | return kernel.sysname; 147 | } 148 | 149 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/base/platform.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file platform.c 3 | * \brief Functions for getting onformation about platform 4 | * \author Michal Vasko 5 | * \author Tomas Cejka 6 | * \date 2013 7 | * 8 | * Copyright (C) 2013 CESNET 9 | * 10 | * LICENSE TERMS 11 | * 12 | * Redistribution and use in source and binary forms, with or without 13 | * modification, are permitted provided that the following conditions 14 | * are met: 15 | * 1. Redistributions of source code must retain the above copyright 16 | * notice, this list of conditions and the following disclaimer. 17 | * 2. Redistributions in binary form must reproduce the above copyright 18 | * notice, this list of conditions and the following disclaimer in 19 | * the documentation and/or other materials provided with the 20 | * distribution. 21 | * 3. Neither the name of the Company nor the names of its contributors 22 | * may be used to endorse or promote products derived from this 23 | * software without specific prior written permission. 24 | * 25 | * ALTERNATIVELY, provided that this notice is retained in full, this 26 | * product may be distributed under the terms of the GNU General Public 27 | * License (GPL) version 2 or later, in which case the provisions 28 | * of the GPL apply INSTEAD OF those given above. 29 | * 30 | * This software is provided ``as is'', and any express or implied 31 | * warranties, including, but not limited to, the implied warranties of 32 | * merchantability and fitness for a particular purpose are disclaimed. 33 | * In no event shall the company or contributors be liable for any 34 | * direct, indirect, incidental, special, exemplary, or consequential 35 | * damages (including, but not limited to, procurement of substitute 36 | * goods or services; loss of use, data, or profits; or business 37 | * interruption) however caused and on any theory of liability, whether 38 | * in contract, strict liability, or tort (including negligence or 39 | * otherwise) arising in any way out of the use of this software, even 40 | * if advised of the possibility of such damage. 41 | * 42 | */ 43 | 44 | #ifndef PLATFORM_H_ 45 | #define PLATFORM_H_ 46 | 47 | /** 48 | * @brief enumeration of linux distribution 49 | * - UNKNOWN - distribution type not detected 50 | * - REDHAT - fedora, sciencific linux 51 | * - SUSE - openSuSE 52 | * - DEBIAN - debian, ubuntu 53 | */ 54 | typedef enum { 55 | UNKNOWN,/*0*/ 56 | REDHAT, /*1*/ 57 | SUSE, /*2*/ 58 | DEBIAN /*3*/ 59 | } DISTRO; 60 | 61 | /** 62 | * @brief set global variables distribution_id and version_id 63 | */ 64 | void identity_detect(void); 65 | 66 | /** 67 | * @brief return same information as uname -n 68 | * @return node network name or NULL on failure 69 | */ 70 | const char* get_nodename(void); 71 | 72 | /** 73 | * @brief return same information as uname -r 74 | * @return kernel release or NULL on failure 75 | */ 76 | const char* get_os_release(void); 77 | 78 | /** 79 | * @brief return same information as uname -v 80 | * @return kernel version or NULL on failure 81 | */ 82 | const char* get_os_version(void); 83 | 84 | /** 85 | * @brief return same information as uname -m 86 | * @return machine hardware name or NULL on failure 87 | */ 88 | const char* get_os_machine(void); 89 | 90 | /** 91 | * @brief return same information uname -s 92 | * @return NIS or YP domain name or NULL on failure 93 | */ 94 | const char* get_sysname(void); 95 | 96 | #endif /* PLATFORM_H_ */ 97 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/base/shutdown.c: -------------------------------------------------------------------------------- 1 | /** 2 | * \file shutdown.c 3 | * \brief Functions for shutdown 4 | * \author Michal Vasko 5 | * \date 2013 6 | * 7 | * Copyright (C) 2013 CESNET 8 | * 9 | * LICENSE TERMS 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions 13 | * are met: 14 | * 1. Redistributions of source code must retain the above copyright 15 | * notice, this list of conditions and the following disclaimer. 16 | * 2. Redistributions in binary form must reproduce the above copyright 17 | * notice, this list of conditions and the following disclaimer in 18 | * the documentation and/or other materials provided with the 19 | * distribution. 20 | * 3. Neither the name of the Company nor the names of its contributors 21 | * may be used to endorse or promote products derived from this 22 | * software without specific prior written permission. 23 | * 24 | * ALTERNATIVELY, provided that this notice is retained in full, this 25 | * product may be distributed under the terms of the GNU General Public 26 | * License (GPL) version 2 or later, in which case the provisions 27 | * of the GPL apply INSTEAD OF those given above. 28 | * 29 | * This software is provided ``as is'', and any express or implied 30 | * warranties, including, but not limited to, the implied warranties of 31 | * merchantability and fitness for a particular purpose are disclaimed. 32 | * In no event shall the company or contributors be liable for any 33 | * direct, indirect, incidental, special, exemplary, or consequential 34 | * damages (including, but not limited to, procurement of substitute 35 | * goods or services; loss of use, data, or profits; or business 36 | * interruption) however caused and on any theory of liability, whether 37 | * in contract, strict liability, or tort (including negligence or 38 | * otherwise) arising in any way out of the use of this software, even 39 | * if advised of the possibility of such damage. 40 | * 41 | */ 42 | 43 | #define _BSD_SOURCE 44 | #define _GNU_SOURCE 45 | 46 | #include 47 | #include 48 | #include 49 | #include 50 | #include 51 | 52 | #include 53 | 54 | #include "shutdown.h" 55 | #include "common.h" 56 | 57 | /** 58 | * @brief test shutdown usability 59 | * @return 0 success 60 | * @return 1 file not found or execute permission denied 61 | * @return 2 failed to actually try to shutdown 62 | */ 63 | static int test_shutdown(void) { 64 | int ret; 65 | 66 | if (eaccess(SHUTDOWN_PATH, X_OK) != 0) { 67 | return 1; 68 | } 69 | 70 | /* Fork shutdown */ 71 | if ((ret = fork()) == 0) { 72 | /* Child */ 73 | if (WEXITSTATUS(system(SHUTDOWN_PATH " -P +1"))) { 74 | exit(1); 75 | } 76 | 77 | exit(0); 78 | 79 | } else if (ret == -1) { 80 | /* Parent fork fail */ 81 | return 1; 82 | } 83 | 84 | usleep(10000); 85 | if (WEXITSTATUS(system(SHUTDOWN_PATH " -c"))) { 86 | return 2; 87 | } 88 | 89 | return 0; 90 | } 91 | 92 | int run_shutdown(bool shutdown, char** msg) { 93 | int ret; 94 | 95 | ret = test_shutdown(); 96 | if (ret == 1) { 97 | asprintf(msg, "Could not access \"%s\": %s", SHUTDOWN_PATH, strerror(errno)); 98 | return EXIT_FAILURE; 99 | } else if (ret == 2) { 100 | asprintf(msg, "Failed to successfully execute shutdown program."); 101 | return EXIT_FAILURE; 102 | } 103 | 104 | /* Fork shutdown */ 105 | if ((ret = fork()) == 0) { 106 | /* Child */ 107 | usleep(10000); 108 | if (WEXITSTATUS(system(shutdown ? (SHUTDOWN_PATH " -P now") : (SHUTDOWN_PATH " -r now")))) { 109 | nc_verb_error("Executing %s failed: %s", SHUTDOWN_PATH, strerror(errno)); 110 | exit(1); 111 | } 112 | 113 | exit(0); 114 | 115 | } else if (ret == -1) { 116 | /* Parent fail */ 117 | asprintf(msg, "Fork failed."); 118 | return EXIT_FAILURE; 119 | } 120 | 121 | return EXIT_SUCCESS; 122 | } 123 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/base/shutdown.h: -------------------------------------------------------------------------------- 1 | /** 2 | * \file shutdown.c 3 | * \brief Functions for shutdown 4 | * \author Michal Vasko 5 | * \date 2013 6 | * 7 | * Copyright (C) 2013 CESNET 8 | * 9 | * LICENSE TERMS 10 | * 11 | * Redistribution and use in source and binary forms, with or without 12 | * modification, are permitted provided that the following conditions 13 | * are met: 14 | * 1. Redistributions of source code must retain the above copyright 15 | * notice, this list of conditions and the following disclaimer. 16 | * 2. Redistributions in binary form must reproduce the above copyright 17 | * notice, this list of conditions and the following disclaimer in 18 | * the documentation and/or other materials provided with the 19 | * distribution. 20 | * 3. Neither the name of the Company nor the names of its contributors 21 | * may be used to endorse or promote products derived from this 22 | * software without specific prior written permission. 23 | * 24 | * ALTERNATIVELY, provided that this notice is retained in full, this 25 | * product may be distributed under the terms of the GNU General Public 26 | * License (GPL) version 2 or later, in which case the provisions 27 | * of the GPL apply INSTEAD OF those given above. 28 | * 29 | * This software is provided ``as is'', and any express or implied 30 | * warranties, including, but not limited to, the implied warranties of 31 | * merchantability and fitness for a particular purpose are disclaimed. 32 | * In no event shall the company or contributors be liable for any 33 | * direct, indirect, incidental, special, exemplary, or consequential 34 | * damages (including, but not limited to, procurement of substitute 35 | * goods or services; loss of use, data, or profits; or business 36 | * interruption) however caused and on any theory of liability, whether 37 | * in contract, strict liability, or tort (including negligence or 38 | * otherwise) arising in any way out of the use of this software, even 39 | * if advised of the possibility of such damage. 40 | * 41 | */ 42 | 43 | #ifndef SHUTDOWN_H_ 44 | #define SHUTDOWN_H_ 45 | 46 | #include 47 | 48 | /** 49 | * @brief shutdown or reboot the system 50 | * @param shutdown[in] true for shutdown, false for reboot 51 | * @param msg[out] error message in case of error. 52 | * @return EXIT_SUCCESS or EXIT_FAILURE 53 | */ 54 | int run_shutdown(bool shutdown, char** msg); 55 | 56 | #endif /* SHUTDOWN_H_ */ 57 | -------------------------------------------------------------------------------- /transAPI/cfgsystem/cfgsystem_paths.txt: -------------------------------------------------------------------------------- 1 | systemns=urn:ietf:params:xml:ns:yang:ietf-system 2 | /systemns:system/systemns:hostname 3 | /systemns:system/systemns:clock/systemns:timezone-name 4 | /systemns:system/systemns:clock/systemns:timezone-utc-offset 5 | /systemns:system/systemns:ntp/systemns:server 6 | /systemns:system/systemns:ntp/systemns:enabled 7 | /systemns:system/systemns:ntp 8 | /systemns:system/systemns:dns-resolver/systemns:search 9 | /systemns:system/systemns:dns-resolver/systemns:server 10 | /systemns:system/systemns:dns-resolver/systemns:options/systemns:timeout 11 | /systemns:system/systemns:dns-resolver/systemns:options/systemns:attempts 12 | /systemns:system/systemns:dns-resolver 13 | /systemns:system/systemns:authentication/systemns:user/systemns:authorized-key 14 | /systemns:system/systemns:authentication/systemns:user 15 | /systemns:system/systemns:authentication/systemns:user-authentication-order -------------------------------------------------------------------------------- /transAPI/cfgsystem/model/iana-crypt-hash.yin: -------------------------------------------------------------------------------- 1 | 2 | 5 | 6 | 7 | 8 | IANA 9 | 10 | 11 | Internet Assigned Numbers Authority 12 | 13 | Postal: ICANN 14 | 12025 Waterfront Drive, Suite 300 15 | Los Angeles, CA 90094-2536 16 | United States 17 | 18 | Tel: +1 310 301 5800 19 | E-Mail: iana@iana.org> 20 | 21 | 22 | This YANG module defines a type for storing passwords 23 | using a hash function and features to indicate which hash 24 | functions are supported by an implementation. 25 | 26 | The latest revision of this YANG module can be obtained from 27 | the IANA web site. 28 | 29 | Requests for new values should be made to IANA via 30 | email (iana@iana.org). 31 | 32 | Copyright (c) 2014 IETF Trust and the persons identified as 33 | authors of the code. All rights reserved. 34 | 35 | Redistribution and use in source and binary forms, with or 36 | without modification, is permitted pursuant to, and subject 37 | to the license terms contained in, the Simplified BSD License 38 | set forth in Section 4.c of the IETF Trust's Legal Provisions 39 | Relating to IETF Documents 40 | (http://trustee.ietf.org/license-info). 41 | 42 | The initial version of this YANG module is part of RFC 7317; 43 | see the RFC itself for full legal notices. 44 | 45 | 46 | 47 | Initial revision. 48 | 49 | 50 | RFC 7317: A YANG Data Model for System Management 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | The crypt-hash type is used to store passwords using 59 | a hash function. The algorithms for applying the hash 60 | function and encoding the result are implemented in 61 | various UNIX systems as the function crypt(3). 62 | 63 | A value of this type matches one of the forms: 64 | 65 | $0$<clear text password> 66 | $<id>$<salt>$<password hash> 67 | $<id>$<parameter>$<salt>$<password hash> 68 | 69 | The '$0$' prefix signals that the value is clear text. When 70 | such a value is received by the server, a hash value is 71 | calculated, and the string '$<id>$<salt>$' or 72 | $<id>$<parameter>$<salt>$ is prepended to the result. This 73 | value is stored in the configuration data store. 74 | 75 | If a value starting with '$<id>$', where <id> is not '0', is 76 | received, the server knows that the value already represents a 77 | hashed value and stores it 'as is' in the data store. 78 | 79 | When a server needs to verify a password given by a user, it 80 | finds the stored password hash string for that user, extracts 81 | the salt, and calculates the hash with the salt and given 82 | password as input. If the calculated hash value is the same 83 | as the stored value, the password given by the client is 84 | accepted. 85 | 86 | This type defines the following hash functions: 87 | 88 | id | hash function | feature 89 | ---+---------------+------------------- 90 | 1 | MD5 | crypt-hash-md5 91 | 5 | SHA-256 | crypt-hash-sha-256 92 | 6 | SHA-512 | crypt-hash-sha-512 93 | 94 | The server indicates support for the different hash functions 95 | by advertising the corresponding feature. 96 | 97 | 98 | IEEE Std 1003.1-2008 - crypt() function 99 | RFC 1321: The MD5 Message-Digest Algorithm 100 | FIPS.180-4.2012: Secure Hash Standard (SHS) 101 | 102 | 103 | 104 | 105 | Indicates that the device supports the MD5 106 | hash function in 'crypt-hash' values. 107 | 108 | 109 | RFC 1321: The MD5 Message-Digest Algorithm 110 | 111 | 112 | 113 | 114 | Indicates that the device supports the SHA-256 115 | hash function in 'crypt-hash' values. 116 | 117 | 118 | FIPS.180-4.2012: Secure Hash Standard (SHS) 119 | 120 | 121 | 122 | 123 | Indicates that the device supports the SHA-512 124 | hash function in 'crypt-hash' values. 125 | 126 | 127 | FIPS.180-4.2012: Secure Hash Standard (SHS) 128 | 129 | 130 | 131 | -------------------------------------------------------------------------------- /transAPI/turing/Makefile.in: -------------------------------------------------------------------------------- 1 | PKGNAME = @PROJECTNAME@ 2 | TARGET = @PROJECTNAME@.la 3 | 4 | # Various configurable paths (remember to edit Makefile.in, not Makefile) 5 | prefix = @prefix@ 6 | exec_prefix = @exec_prefix@ 7 | datarootdir = @datarootdir@ 8 | datadir = @datadir@ 9 | bindir = @bindir@ 10 | includedir = @includedir@ 11 | libdir = @libdir@ 12 | mandir = @mandir@ 13 | libtool = @libtool@ 14 | 15 | CC = @CC@ 16 | INSTALL = @INSTALL@ 17 | INSTALL_PROGRAM = @INSTALL_PROGRAM@ 18 | INSTALL_DATA = @INSTALL_DATA@ 19 | LIBS = @LIBS@ 20 | CFLAGS = -Wall -pthread @CFLAGS@ 21 | CPPFLAGS = @CPPFLAGS@ 22 | LIBTOOL = $(libtool) --tag=CC --quiet 23 | 24 | NETOPEER_MANAGER = @NETOPEER_MANAGER@ 25 | NETOPEER_DIR = @NETOPEER_DIR@ 26 | 27 | MODEL = turing-machine.yin \ 28 | turing-machine-config.rng \ 29 | turing-machine-gdefs-config.rng \ 30 | turing-machine-schematron.xsl 31 | 32 | SRCS = @PROJECTNAME@.c 33 | OBJDIR = .obj 34 | LOBJS = $(SRCS:%.c=$(OBJDIR)/%.lo) 35 | 36 | all: $(TARGET) 37 | 38 | $(TARGET): $(LOBJS) 39 | $(LIBTOOL) --mode=link $(CC) $(CFLAGS) $(CPPFLAGS) $(LIBS) -avoid-version -module -shared -export-dynamic --mode=link -o $@ $^ -rpath $(libdir) 40 | 41 | $(OBJDIR)/%.lo: %.c 42 | @[ -d $$(dirname $@) ] || \ 43 | (mkdir -p $$(dirname $@)) 44 | $(LIBTOOL) --mode=compile $(CC) $(CFLAGS) $(CPPFLAGS) -fPIC -shared -c $< -o $@ 45 | 46 | .PHONY: install 47 | install: $(TARGET) 48 | $(INSTALL) -m 775 -d $(DESTDIR)/$(libdir) 49 | $(LIBTOOL) --mode=install cp $(TARGET) $(DESTDIR)/$(libdir)/; 50 | $(INSTALL) -d $(NETOPEER_DIR)/turing-machine/ 51 | @for i in $(MODEL); do \ 52 | $(INSTALL_DATA) -m 600 $$i $(NETOPEER_DIR)/$(PKGNAME)/; \ 53 | done 54 | if test -n "$(NETOPEER_MANAGER)"; then \ 55 | if test -n "`$(NETOPEER_MANAGER) list | grep "^$(PKGNAME) ("`"; then \ 56 | $(NETOPEER_MANAGER) rm --name $(PKGNAME); \ 57 | fi; \ 58 | $(NETOPEER_MANAGER) add --name $(PKGNAME) \ 59 | --model $(NETOPEER_DIR)/$(PKGNAME)/$(PKGNAME).yin \ 60 | --transapi $(DESTDIR)/$(libdir)/$(PKGNAME).so \ 61 | --datastore $(NETOPEER_DIR)/$(PKGNAME)/datastore.xml; \ 62 | fi 63 | 64 | .PHONY: uninstall 65 | uninstall: 66 | $(LIBTOOL) --mode=uninstall rm -rf $(DESTDIR)/$(libdir)/$(TARGET); 67 | rm -rf $(NETOPEER_DIR)/$(PKGNAME)/ 68 | if test -n "$(NETOPEER_MANAGER)"; then \ 69 | if test -n "`$(NETOPEER_MANAGER) list | grep "^$(PKGNAME) ("`"; then \ 70 | $(NETOPEER_MANAGER) rm --name $(PKGNAME); \ 71 | fi; \ 72 | fi 73 | 74 | .PHONY: clean 75 | clean: 76 | $(LIBTOOL) --mode clean rm -f $(LOBJS) 77 | $(LIBTOOL) --mode clean rm -f $(TARGET) 78 | rm -rf $(TARGET) $(OBJDIR) 79 | 80 | -------------------------------------------------------------------------------- /transAPI/turing/README: -------------------------------------------------------------------------------- 1 | turing-machine transAPI module 2 | ============================== 3 | 4 | Implementation of the turing-machine YANG module available from [1]. 5 | 6 | 7 | Installation 8 | ------------ 9 | 10 | $ ./configure 11 | $ make 12 | # make install 13 | 14 | 15 | Examples 16 | -------- 17 | 18 | Example transition function are placed in the 'examples' directory in the 19 | format accepted by the operation. 20 | 21 | 22 | [1] - https://code.google.com/p/pyang/wiki/Tutorial 23 | 24 | -------------------------------------------------------------------------------- /transAPI/turing/configure.in: -------------------------------------------------------------------------------- 1 | AC_PREREQ([2.63]) 2 | AC_INIT([turing-machine], [1.0], [BUG-REPORT-ADDRESS]) 3 | AC_CONFIG_SRCDIR([turing-machine.c]) 4 | 5 | PROJECTNAME=turing-machine 6 | AC_SUBST(PROJECTNAME) 7 | 8 | # --enable-debug option 9 | AC_ARG_ENABLE([debug], 10 | AC_HELP_STRING([--enable-debug],[Compile with debug options]), 11 | CFLAGS="$CFLAGS -g -DDEBUG", 12 | CFLAGS="$CFLAGS -O3" 13 | ) 14 | 15 | AC_ARG_WITH([netopeer-confdir], 16 | [AC_HELP_STRING([--with-netopeer-confdir=DIR], [Netopeer server configuration directory (by default ${sysconfdir}/netopeer/)])], 17 | [NETOPEER_DIR="$withval"], 18 | [NETOPEER_DIR="${sysconfdir}/netopeer/"] 19 | ) 20 | AC_SUBST(NETOPEER_DIR) 21 | 22 | # --with-libxml2=path-to-libxml2-git-repository 23 | AC_ARG_WITH([libxml2], 24 | [AC_HELP_STRING([--with-libxml2], [specific libxml2 location])], 25 | [ 26 | AC_CHECK_PROG([XML2_CONFIG], [xml2-config], [yes], [no], [$withval]) 27 | if test "$XML2_CONFIG" = "no"; then 28 | AC_MSG_ERROR([Missing development package of libxml2.]) 29 | fi 30 | CFLAGS="`$withval/xml2-config --cflags` $CFLAGS" 31 | LDFLAGS="`$withval/xml2-config --libs` $LDFLAGS" 32 | WITH_LIBXML2="$withval" 33 | ] 34 | ) 35 | 36 | # Checks for programs. 37 | AC_PROG_CC 38 | AC_PROG_INSTALL 39 | 40 | # Use libtool 41 | AC_PROG_LIBTOOL 42 | # Always use ./libtool unless overridden from command-line 43 | if test -z "$libtool"; then 44 | libtool='./libtool' 45 | fi 46 | AC_SUBST(libtool) 47 | 48 | AC_PATH_PROG(NETOPEER_MANAGER, [netopeer-manager], []) 49 | AC_SUBST(NETOPEER_MANAGER) 50 | 51 | # Checks for libraries. 52 | export PKG_CONFIG_PATH=/usr/local/${libdir##*/}/pkgconfig:$PKG_CONFIG_PATH 53 | 54 | PKG_CHECK_MODULES(LIBNETCONF, libnetconf) 55 | CPPFLAGS="$CPPFLAGS $LIBNETCONF_CFLAGS" 56 | LIBS="$LIBS $LIBNETCONF_LIBS" 57 | LIBNETCONF_DATADIR="`$PKG_CONFIG --variable=datadir libnetconf`" 58 | AC_SUBST(LIBNETCONF_DATADIR) 59 | 60 | # Check for libxml2. 61 | if test -z "$WITH_LIBXML2" ; then 62 | AC_CHECK_PROG([XML2_CONFIG], [xml2-config], [yes], [no]) 63 | if test "$XML2_CONFIG" = "no"; then 64 | AC_MSG_ERROR([Missing development package of libxml2.]) 65 | fi 66 | AC_CHECK_LIB([xml2], [main], [LIBS="`xml2-config --libs` $LIBS" CFLAGS="`xml2-config --cflags` $CFLAGS"], AC_MSG_ERROR([Libxml2 not found ])) 67 | fi 68 | 69 | # Checks for header files. 70 | AC_CHECK_HEADERS([stdlib.h libnetconf.h]) 71 | 72 | # Checks for typedefs, structures, and compiler characteristics. 73 | #AC_TYPE_UINT32_T 74 | 75 | # Checks for library functions. 76 | #AC_CHECK_FUNCS([strdup]) 77 | 78 | AC_CONFIG_FILES([Makefile turing-machine-config.rng]) 79 | AC_OUTPUT 80 | -------------------------------------------------------------------------------- /transAPI/turing/examples/0n1n-config.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 0 8 | 0 9 | 10 | 11 | 1 12 | 13 | right 14 | 15 | 16 | 17 | 18 | 19 | 1 20 | 0 21 | 22 | 23 | 1 24 | 0 25 | right 26 | 27 | 28 | 29 | 30 | 31 | 1 32 | 1 33 | 34 | 35 | 2 36 | 1 37 | right 38 | 39 | 40 | 41 | 42 | 43 | 2 44 | 1 45 | 46 | 47 | 2 48 | 1 49 | right 50 | 51 | 52 | 53 | 54 | 55 | 2 56 | 57 | 58 | 59 | 3 60 | 61 | left 62 | 63 | 64 | 65 | 66 | 67 | 3 68 | 1 69 | 70 | 71 | 4 72 | 73 | left 74 | 75 | 76 | 77 | 78 | 79 | 4 80 | 81 | 82 | 83 | 7 84 | 85 | right 86 | 87 | 88 | 89 | 90 | 91 | 4 92 | 1 93 | 94 | 95 | 5 96 | 1 97 | left 98 | 99 | 100 | 101 | 102 | 103 | 5 104 | 1 105 | 106 | 107 | 5 108 | 1 109 | left 110 | 111 | 112 | 113 | 114 | 115 | 5 116 | 0 117 | 118 | 119 | 6 120 | 0 121 | left 122 | 123 | 124 | 125 | 126 | 127 | 6 128 | 0 129 | 130 | 131 | 6 132 | 0 133 | left 134 | 135 | 136 | 137 | 138 | 139 | 6 140 | 141 | 142 | 143 | 0 144 | 145 | right 146 | 147 | 148 | 149 | 150 | -------------------------------------------------------------------------------- /transAPI/turing/examples/invert-config.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 0 8 | 0 9 | 10 | 11 | 0 12 | 1 13 | 14 | 15 | 16 | 17 | 18 | 0 19 | 1 20 | 21 | 22 | 0 23 | 0 24 | 25 | 26 | 27 | 28 | 29 | 0 30 | 31 | 32 | 33 | 1 34 | 35 | 36 | 37 | 38 | -------------------------------------------------------------------------------- /transAPI/turing/paths: -------------------------------------------------------------------------------- 1 | tm=http://example.net/turing-machine 2 | /tm:turing-machine/tm:transition-function/tm:delta 3 | -------------------------------------------------------------------------------- /transAPI/turing/turing-machine-config.rng.in: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /transAPI/turing/turing-machine-gdefs-config.rng: -------------------------------------------------------------------------------- 1 | 2 | leftright011 3 | -------------------------------------------------------------------------------- /transAPI/turing/turing-machine.yang: -------------------------------------------------------------------------------- 1 | module turing-machine { 2 | 3 | namespace "http://example.net/turing-machine"; 4 | 5 | prefix "tm"; 6 | 7 | description 8 | "Data model for the Turing Machine."; 9 | 10 | revision 2013-12-27 { 11 | description 12 | "Initial revision."; 13 | } 14 | 15 | /* Typedefs */ 16 | 17 | typedef tape-symbol { 18 | type string { 19 | length "0..1"; 20 | } 21 | description 22 | "Type of symbols appearing in tape cells. 23 | 24 | A blank is represented as an empty string where necessary."; 25 | } 26 | 27 | typedef cell-index { 28 | type int64; 29 | description 30 | "Type for indexing tape cells."; 31 | } 32 | 33 | typedef state-index { 34 | type uint16; 35 | description 36 | "Type for indexing states of the control unit."; 37 | } 38 | 39 | typedef head-dir { 40 | type enumeration { 41 | enum left; 42 | enum right; 43 | } 44 | default "right"; 45 | description 46 | "Possible directions for moving the read/write head, one cell 47 | to the left or right (default)."; 48 | } 49 | 50 | /* Groupings */ 51 | 52 | grouping tape-cells { 53 | description 54 | "The tape of the Turing Machine is represented as a sparse 55 | array."; 56 | list cell { 57 | key "coord"; 58 | description 59 | "List of non-blank cells."; 60 | leaf coord { 61 | type cell-index; 62 | description 63 | "Coordinate (index) of the tape cell."; 64 | } 65 | leaf symbol { 66 | type tape-symbol { 67 | length "1"; 68 | } 69 | description 70 | "Symbol appearing in the tape cell. 71 | 72 | Blank (empty string) is not allowed here because the 73 | 'cell' list only contains non-blank cells."; 74 | } 75 | } 76 | } 77 | 78 | /* State data and Configuration */ 79 | 80 | container turing-machine { 81 | description 82 | "State data and configuration of a Turing Machine."; 83 | leaf state { 84 | type state-index; 85 | config "false"; 86 | mandatory "true"; 87 | description 88 | "Current state of the control unit. 89 | 90 | The initial state is 0."; 91 | } 92 | leaf head-position { 93 | type cell-index; 94 | config "false"; 95 | mandatory "true"; 96 | description 97 | "Position of tape read/write head."; 98 | } 99 | container tape { 100 | config "false"; 101 | description 102 | "The contents of the tape."; 103 | uses tape-cells; 104 | } 105 | container transition-function { 106 | description 107 | "The Turing Machine is configured by specifying the 108 | transition function."; 109 | list delta { 110 | key "label"; 111 | unique "input/state input/symbol"; 112 | description 113 | "The list of transition rules."; 114 | leaf label { 115 | type string; 116 | description 117 | "An arbitrary label of the transition rule."; 118 | } 119 | container input { 120 | description 121 | "Input parameters (arguments) of the transition rule."; 122 | leaf state { 123 | type state-index; 124 | mandatory "true"; 125 | description 126 | "Current state of the control unit."; 127 | } 128 | leaf symbol { 129 | type tape-symbol; 130 | mandatory "true"; 131 | description 132 | "Symbol read from the tape cell."; 133 | } 134 | } 135 | container output { 136 | description 137 | "Output values of the transition rule."; 138 | leaf state { 139 | type state-index; 140 | description 141 | "New state of the control unit. If this leaf is not 142 | present, the state doesn't change."; 143 | } 144 | leaf symbol { 145 | type tape-symbol; 146 | description 147 | "Symbol to be written to the tape cell. If this leaf is 148 | not present, the symbol doesn't change."; 149 | } 150 | leaf head-move { 151 | type head-dir; 152 | description 153 | "Move the head one cell to the left or right"; 154 | } 155 | } 156 | } 157 | } 158 | } 159 | 160 | /* RPCs */ 161 | 162 | rpc initialize { 163 | description 164 | "Initialize the Turing Machine as follows: 165 | 166 | 1. Put the control unit into the initial state (0). 167 | 168 | 2. Move the read/write head to the tape cell with coordinate 169 | zero. 170 | 171 | 3. Write the string from the 'tape-content' input parameter to 172 | the tape, character by character, starting at cell 0. The 173 | tape is othewise empty."; 174 | input { 175 | leaf tape-content { 176 | type string; 177 | default ""; 178 | description 179 | "The string with which the tape shall be initialized. The 180 | leftmost symbol will be at tape coordinate 0."; 181 | } 182 | } 183 | } 184 | 185 | rpc run { 186 | description 187 | "Start the Turing Machine operation."; 188 | } 189 | 190 | /* Notifications */ 191 | 192 | notification halted { 193 | description 194 | "The Turing Machine has halted. This means that there is no 195 | transition rule for the current state and tape symbol."; 196 | leaf state { 197 | type state-index; 198 | mandatory "true"; 199 | description 200 | "The state of the control unit in which the machine has 201 | halted."; 202 | } 203 | } 204 | } 205 | --------------------------------------------------------------------------------