Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #13193 from sartura/sysrepo

Browse source 
Update sysrepo, libyang, libnetconf2 and netopeer2 packages to latest versions
This commit is contained in:
Rosen Penev 2020-08-24 13:06:45 -07:00 committed by GitHub
commit 8f3642e4bb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
19 changed files with 366 additions and 307 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
libs/libnetconf2/Makefile
View file

@ -8,14 +8,14 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=libnetconf2
PKG_VERSION:=1.1.24
PKG_VERSION:=1.1.26
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/CESNET/libnetconf2/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=1a69db028bf970f0dab15ed508b58e0cf0806a7e4492828404b75c97ec8ab306
PKG_HASH:=2ce2b819f3544fd46a3a4c8ba6dd0a3798cab2a63aa347bc1eb5275a2c89b7bd
PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
PKG_MAINTAINER:=Jakov Smolic <jakov.smolic@sartura.hr>
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE

23
libs/libnetconf2/patches/001-cmake_not_updated.patch
View file

@ -1,11 +1,16 @@
--- a/CMakeLists.txt 2020-05-08 13:29:30.903800624 +0300
+++ b/CMakeLists.txt 2020-05-08 13:29:50.943582218 +0300
@@ -153,7 +153,7 @@
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DNC_ENABLED_SSH")
message(STATUS "LibSSH version ${LibSSH_VERSION} found")
- if(LibSSH_VERSION VERSION_EQUAL 0.9.3 OR LibSSH_VERSION VERSION_EQUAL 0.9.4)
+ if(LibSSH_VERSION VERSION_EQUAL 0.9.x)
message(FATAL_ERROR "LibSSH ${LibSSH_VERSION} includes regression bugs and libnetconf2 will NOT work properly, try to use another version")
diff --git a/CMakeLists.txt b/CMakeLists.txt
index f21fec9..5b912af 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -148,7 +148,7 @@ endif()
# dependencies - libssh
if(ENABLE_SSH)
find_package(LibSSH 0.7.0 REQUIRED)
- if(LIBSSH_VERSION VERSION_EQUAL 0.9.3 OR LIBSSH_VERSION VERSION_EQUAL 0.9.4)
+ if(LIBSSH_VERSION VERSION_EQUAL 0.9.x)
message(FATAL_ERROR "LibSSH ${LIBSSH_VERSION} includes regression bugs and libnetconf2 will NOT work properly, try to use another version")
endif()
--
2.26.2

2
libs/libssh/Makefile
View file

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=libssh
PKG_VERSION:=0.9.4
PKG_RELEASE:=2
PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.libssh.org/files/0.9/

41
libs/libssh/patches/0004-channels-Avoid-returning-SSH_AGAIN-from-ssh_channel_.patch Normal file
View file

@ -0,0 +1,41 @@
From 6417f5a3cac8537ac6f6ff7fc1642dfaa0917fb4 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 16 Apr 2020 11:13:34 +0200
Subject: [PATCH] channels: Avoid returning SSH_AGAIN from
ssh_channel_poll_timeout()
This addresses a regression introduced in 3bad0607, partially fixed in 022409e9,
but the function was still able to return SSH_AGAIN, which was not expected by
callers.
Based on discussion in [1] and [2]
[1] https://gitlab.com/libssh/libssh-mirror/-/merge_requests/101
[2] https://www.libssh.org/archive/libssh/2020-03/0000029.html
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
---
src/channels.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/channels.c b/src/channels.c
index bcc1c207..9fe309d0 100644
--- a/src/channels.c
+++ b/src/channels.c
@@ -3116,6 +3116,12 @@ int ssh_channel_poll_timeout(ssh_channel channel, int timeout, int is_stderr)
session->session_state == SSH_SESSION_STATE_ERROR) {
rc = SSH_ERROR;
goto out;
+ } else if (rc == SSH_AGAIN) {
+ /* If the above timeout expired, it is ok and we do not need to
+ * attempt to check the read buffer. The calling functions do not
+ * expect us to return SSH_AGAIN either here. */
+ rc = SSH_OK;
+ goto out;
}
len = ssh_buffer_get_len(stdbuf);
if (len > 0) {
--
2.26.2

16
libs/libyang/Makefile
View file

@ -8,14 +8,14 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=libyang
PKG_VERSION:=1.0.167
PKG_VERSION:=1.0.184
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/CESNET/libyang/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=2431fa5c7cfbe6a6f2c0873547b976f018438967adfe268726911dd3d95eaa31
PKG_HASH:=1a5637451b73c4c5683837eb4c51371bb084795f653bc1a5fc20fed5541b58bc
PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
PKG_MAINTAINER:=Jakov Smolic <jakov.smolic@sartura.hr>
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
@ -66,11 +66,11 @@ define Package/libyang/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libyang.so* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/lib/libyang
$(INSTALL_DIR) $(1)/usr/lib/libyang/extensions
$(INSTALL_DIR) $(1)/usr/lib/libyang/user_types
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libyang/extensions/* $(1)/usr/lib/libyang/extensions
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libyang/user_types/* $(1)/usr/lib/libyang/user_types
$(INSTALL_DIR) $(1)/usr/lib/libyang1
$(INSTALL_DIR) $(1)/usr/lib/libyang1/extensions
$(INSTALL_DIR) $(1)/usr/lib/libyang1/user_types
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libyang1/extensions/* $(1)/usr/lib/libyang1/extensions
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libyang1/user_types/* $(1)/usr/lib/libyang1/user_types
endef
define Package/libyang-cpp/install

7
net/Netopeer2/Config_keystored.in
View file

@ -1,7 +0,0 @@
if PACKAGE_netopeer2-keystored
config SSH_KEYS
bool "Generate default ssh keys"
default y
endif

128
net/Netopeer2/Makefile
View file

@ -1,128 +0,0 @@
#
# Copyright (C) 2017 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
# Warning by default OpenWrt does not have a root password which is necessery for NETCONF server.
include $(TOPDIR)/rules.mk
PKG_NAME:=Netopeer2
PKG_VERSION:=1.1.27
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/CESNET/Netopeer2/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=e3914aae78d19f445a37ef37408f7ce209ebf0b05deb412b1bc56a021448885f
PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
CMAKE_INSTALL:=1
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/netopeer2-keystored/config
source "$(SOURCE)/Config_keystored.in"
endef
define Package/netopeer2-server
SECTION:=utils
CATEGORY:=Utilities
TITLE:=NETCONF server
URL:=https://github.com/CESNET/Netopeer2
DEPENDS:=+libcurl +libpthread +libyang +libnetconf2 +netopeer2-keystored +libsysrepo +sysrepocfg +sysrepoctl +sysrepo
MENU:=1
endef
define Package/netopeer2-cli
SECTION:=utils
CATEGORY:=Utilities
TITLE:=Netopeer2 cli tool
URL:=https://github.com/CESNET/Netopeer2
DEPENDS:=+libpthread +libyang +libnetconf2 +libopenssl
endef
define Package/netopeer2-keystored
SECTION:=utils
CATEGORY:=Utilities
TITLE:=Netopeer2 key store management
URL:=https://github.com/CESNET/Netopeer2
DEPENDS:=+libopenssl +libsysrepo +sysrepo +sysrepocfg +sysrepoctl +SSH_KEYS:openssh-keygen
MENU:=1
endef
define Package/netopeer2/description
Netopeer2 is a set of tools implementing network configuration tools based on the NETCONF
Protocol. This is the second generation of the toolset, originally available as the Netopeer
project. Netopeer2 is based on the new generation of the NETCONF and YANG libraries -
libyang and libnetconf2. The Netopeer server uses sysrepo as a NETCONF datastore implementation.
endef
CMAKE_OPTIONS += \
-DGENERATE_HOSTKEY:BOOL=OFF \
-DINSTALL_MODULES:BOOL=OFF \
-DCMAKE_BUILD_TYPE=release
#-DKEYSTORED_KEYS_DIR:STRING=/etc/keystored/keys \
define Package/netopeer2-server/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/netopeer2-server $(1)/usr/bin/
$(INSTALL_DIR) $(1)/etc/sysrepo/yang
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-ssh-server@2019-07-02.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-tls-server@2019-07-02.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/iana-crypt-hash@2014-08-06.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-x509-cert-to-name@2014-12-10.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-netconf-server@2019-07-02.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-netconf-monitoring@2010-10-04.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-netconf-acm@2018-02-14.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-netconf-nmda@2019-01-07.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-netconf@2013-09-29.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-datastores@2017-08-17.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-crypto-types@2019-07-02.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/iana-crypt-hash@2014-08-06.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-tcp-server@2019-07-02.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_BIN) ./files/netopeer2-server.default $(1)/etc/uci-defaults/98_netopeer2-server
$(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_BIN) ./files/netopeer2-server.init $(1)/etc/init.d/netopeer2-server
$(INSTALL_DIR) $(1)/usr/share/netopeer2-server
$(INSTALL_DATA) ./files/stock_config.xml $(1)/usr/share/netopeer2-server
endef
define Package/netopeer2-cli/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/netopeer2-cli $(1)/usr/bin/
endef
define Package/netopeer2-keystored/install
$(INSTALL_DIR) $(1)/etc/sysrepo/yang
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-keystore@2019-07-02.yang $(1)/etc/sysrepo/yang/
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_DIR) $(1)/etc/keystored/keys
ifeq ($(CONFIG_SSH_KEYS),y)
$(INSTALL_BIN) ./files/netopeer2-keystored-keygen.default $(1)/etc/uci-defaults/97_netopeer2-keystored
else
$(INSTALL_BIN) ./files/netopeer2-keystored.default $(1)/etc/uci-defaults/97_netopeer2-keystored
#ssh key name is specified in ./files/stock_config.xml file, you will need to provide the ssh keys yourself.
$(INSTALL_DATA) ./files/ssh_host_rsa_key.pem $(1)/etc/keystored/keys
$(INSTALL_DATA) ./files/ssh_host_rsa_key.pub.pem $(1)/etc/keystored/keys
endif
endef
$(eval $(call BuildPackage,netopeer2-server))
$(eval $(call BuildPackage,netopeer2-cli))
$(eval $(call BuildPackage,netopeer2-keystored))

22
net/Netopeer2/files/netopeer2-keystored-keygen.default
View file

@ -1,22 +0,0 @@
#!/bin/sh
# Warning, problems can occur if the device restarts in the middle of this uci-default script
if [ -x /bin/sysrepoctl ]; then
match=$(sysrepoctl -l | grep "ietf-keystore ")
if [ ! "$match" ]; then
sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-keystore@2019-07-02.yang -o root:root -p 600
if [ -x /bin/sysrepocfg ]; then
sysrepocfg -f xml -d startup -i /usr/share/netopeer2-keystored/stock_key_config.xml ietf-keystore
rm /usr/share/netopeer2-keystored/stock_key_config.xml
fi
#generate ssh keys
if [ ! -f "/etc/keystored/keys/ssh_host_rsa_key.pem" ]; then
ssh-keygen -m pem -t rsa -q -N "" -f /etc/keystored/keys/ssh_host_rsa_key.pem
chmod go-rw /etc/keystored/keys/ssh_host_rsa_key.pem
fi
fi
fi
exit 0

16
net/Netopeer2/files/netopeer2-keystored.default
View file

@ -1,16 +0,0 @@
#!/bin/sh
# Warning, problems can occur if the device restarts in the middle of this uci-default script
if [ -x /bin/sysrepoctl ]; then
match=$(sysrepoctl -l | grep "ietf-keystore ")
if [ ! "$match" ]; then
sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-keystore@2019-07-02.yang -o root:root -p 600
if [ -x /bin/sysrepocfg ]; then
sysrepocfg -f xml -d startup -i /usr/share/netopeer2-keystored/stock_key_config.xml ietf-keystore
rm /usr/share/netopeer2-keystored/stock_key_config.xml
fi
fi
fi
exit 0

59
net/Netopeer2/files/netopeer2-server.default
View file

@ -1,59 +0,0 @@
#!/bin/sh
# Warning, problems can occur if the device restarts in the middle of this uci-default script
if [ -x /bin/sysrepoctl ]; then
match=$(sysrepoctl -l | grep "ietf-ssh-server ")
if [ ! "$match" ]; then
sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-ssh-server@2019-07-02.yang -p 600
fi
match=$(sysrepoctl -l | grep "ietf-tls-server ")
if [ ! "$match" ]; then
sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-tls-server@2019-07-02.yang -p 600
fi
match=$(sysrepoctl -l | grep "iana-crypt-hash ")
if [ ! "$match" ]; then
sysrepoctl --install --yang=/etc/sysrepo/yang/iana-crypt-hash@2014-08-06.yang -p 600
fi
match=$(sysrepoctl -l | grep "ietf-x509-cert-to-name ")
if [ ! "$match" ]; then
sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-x509-cert-to-name@2014-12-10.yang -p 600
fi
match=$(sysrepoctl -l | grep "ietf-netconf-server ")
if [ ! "$match" ]; then
sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf-server@2019-07-02.yang -o root:root -p 600
sysrepoctl -m ietf-netconf-server -e listen
sysrepoctl -m ietf-netconf-server -e ssh-listen
sysrepoctl -m ietf-netconf-server -e tls-listen
sysrepoctl -m ietf-netconf-server -e call-home
sysrepoctl -m ietf-netconf-server -e ssh-call-home
sysrepoctl -m ietf-netconf-server -e tls-call-home
sysrepoctl -m ietf-netconf -e url
if [ -x /bin/sysrepocfg ]; then
sysrepocfg -f xml -d startup -i /usr/share/netopeer2-server/stock_config.xml ietf-netconf-server
rm /usr/share/netopeer2-server/stock_config.xml
fi
fi
match=$(sysrepoctl -l | grep "ietf-netconf-monitoring ")
if [ ! "$match" ]; then
sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf-monitoring@2010-10-04.yang -o root:root -p 600
fi
match=$(sysrepoctl -l | grep "ietf-netconf-with-defaults ")
if [ ! "$match" ]; then
sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf@2013-09-29.yang -o root:root -p 600
fi
match=$(sysrepoctl -l | grep "ietf-datastores ")
if [ ! "$match" ]; then
sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-datastores@2017-08-17.yang -o root:root -p 600
fi
fi
exit 0

17
net/Netopeer2/files/stock_config.xml
View file

@ -1,17 +0,0 @@
<netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server">
<listen>
<endpoint>
<name>test_ssh_listen_endpt</name>
<ssh>
<address>::</address>
<port>830</port>
<host-keys>
<host-key>
<name>test_ssh_listen_key</name>
<public-key>ssh_host_rsa_key</public-key>
</host-key>
</host-keys>
</ssh>
</endpoint>
</listen>
</netconf-server>

11
net/Netopeer2/patches/001-openss_1.1_support.patch
View file

@ -1,11 +0,0 @@
--- a/cli/commands.c 2020-05-08 16:29:28.284509842 +0300
+++ b/cli/commands.c 2020-05-08 16:29:38.856397844 +0300
@@ -1727,7 +1727,7 @@
BIO_printf(bio_out, "\n");
BIO_printf(bio_out, "Valid until: ");
- ASN1_TIME_print(bio_out, X509_get_notAfter(cert));
+ ASN1_TIME_print(bio_out, X509_get0_notAfter(cert));
BIO_printf(bio_out, "\n");
has_san = 0;

22
net/Netopeer2/patches/010-gcc10.patch
View file

@ -1,22 +0,0 @@
--- a/cli/commands.h
+++ b/cli/commands.h
@@ -17,7 +17,7 @@
#include "cli_version.h"
-char some_msg[4096];
+static char some_msg[4096];
#define INSTRUCTION(format,args...) {snprintf(some_msg,4095,format,##args);printf("\n %s",some_msg);}
#define ERROR(function,format,args...) {snprintf(some_msg,4095,format,##args);fprintf(stderr,"%s: %s\n",function,some_msg);}
--- a/src/log.h
+++ b/src/log.h
@@ -36,7 +36,7 @@ extern uint8_t np2_sr_verbose_level;
/**
* @brief netopeer2 flag whether to print messages to stderr (only if not daemon).
*/
-uint8_t np2_stderr_log;
+extern uint8_t np2_stderr_log;
/**
* @brief internal printing function, follows the levels from libnetconf2

85
net/netopeer2/Makefile Normal file
View file

@ -0,0 +1,85 @@
#
# Copyright (C) 2017 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
# Warning by default OpenWrt does not have a root password which is necessery for NETCONF server.
include $(TOPDIR)/rules.mk
PKG_NAME:=netopeer2
PKG_VERSION:=1.1.39
PKG_RELEASE:=1
PKG_LICENSE:=BSD-3-Clause
PKG_MAINTAINER:=Jakov Smolic <jakov.smolic@sartura.hr>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/CESNET/Netopeer2/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=e983683eda68792fedd73af54a5c7997496091489aa921f2a9e0dd27f2f6e19a
CMAKE_INSTALL:=1
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
define Package/netopeer2-server
SECTION:=utils
CATEGORY:=Utilities
TITLE:=NETCONF server
URL:=https://github.com/CESNET/Netopeer2
DEPENDS:=+libcurl +libpthread +libyang +libnetconf2 +libsysrepo +sysrepocfg +sysrepoctl +sysrepo
MENU:=1
endef
define Package/netopeer2-cli
SECTION:=utils
CATEGORY:=Utilities
TITLE:=Netopeer2 cli tool
URL:=https://github.com/CESNET/Netopeer2
DEPENDS:=+libpthread +libyang +libnetconf2 +libopenssl
endef
define Package/netopeer2/description
Netopeer2 is a set of tools implementing network configuration tools based on the NETCONF
Protocol. This is the second generation of the toolset, originally available as the Netopeer
project. Netopeer2 is based on the new generation of the NETCONF and YANG libraries -
libyang and libnetconf2. The Netopeer server uses sysrepo as a NETCONF datastore implementation.
endef
CMAKE_OPTIONS += \
-DCMAKE_INSTALL_PREFIX:PATH=/usr \
-DCMAKE_BUILD_TYPE:STRING=Release \
-DGENERATE_HOSTKEY:BOOL=OFF \
-DINSTALL_MODULES:BOOL=OFF \
-DMERGE_LISTEN_CONFIG:BOOL=OFF
define Package/netopeer2-server/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/netopeer2-server $(1)/usr/bin/
$(INSTALL_DIR) $(1)/etc/sysrepo/yang
$(INSTALL_DIR) $(1)/etc/netopeer2/modules
$(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/* $(1)/etc/netopeer2/modules/
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_BIN) ./files/netopeer2-server-setup.default $(1)/etc/uci-defaults/97_netopeer2-server
$(INSTALL_BIN) ./files/netopeer2-server-merge-hostkey.default $(1)/etc/uci-defaults/98_netopeer2-server
$(INSTALL_BIN) ./files/netopeer2-server-merge-config.default $(1)/etc/uci-defaults/99_netopeer2-server
$(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_BIN) ./files/netopeer2-server.init $(1)/etc/init.d/netopeer2-server
endef
define Package/netopeer2-cli/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/netopeer2-cli $(1)/usr/bin/
endef
$(eval $(call BuildPackage,netopeer2-server))
$(eval $(call BuildPackage,netopeer2-cli))

57
net/netopeer2/files/netopeer2-server-merge-config.default Normal file
View file

@ -0,0 +1,57 @@
#!/bin/sh
set -e
# avoid problems with sudo path
SYSREPOCFG=`which sysrepocfg`
KS_KEY_NAME=genkey
# check that there is no listen/Call Home configuration yet
SERVER_CONFIG=`$SYSREPOCFG -X -x "/ietf-netconf-server:netconf-server/listen/endpoint[1]/name | /ietf-netconf-server:netconf-server/call-home/netconf-client[1]/name"`
if [ -z "$SERVER_CONFIG" ]; then
# import default config
CONFIG="<netconf-server xmlns=\"urn:ietf:params:xml:ns:yang:ietf-netconf-server\">
<listen>
<endpoint>
<name>default-ssh</name>
<ssh>
<tcp-server-parameters>
<local-address>0.0.0.0</local-address>
<keepalives>
<idle-time>1</idle-time>
<max-probes>10</max-probes>
<probe-interval>5</probe-interval>
</keepalives>
</tcp-server-parameters>
<ssh-server-parameters>
<server-identity>
<host-key>
<name>default-key</name>
<public-key>
<keystore-reference>$KS_KEY_NAME</keystore-reference>
</public-key>
</host-key>
</server-identity>
<client-authentication>
<supported-authentication-methods>
<publickey/>
<passsword/>
<other>interactive</other>
</supported-authentication-methods>
<users/>
</client-authentication>
</ssh-server-parameters>
</ssh>
</endpoint>
</listen>
</netconf-server>"
TMPFILE=`mktemp -u`
printf -- "$CONFIG" > $TMPFILE
# apply it to startup and running
$SYSREPOCFG --edit=$TMPFILE -d startup -f xml -m ietf-netconf-server -v2
$SYSREPOCFG -C startup -m ietf-netconf-server -v2
# remove the tmp file
rm $TMPFILE
fi

47
net/netopeer2/files/netopeer2-server-merge-hostkey.default Normal file
View file

@ -0,0 +1,47 @@
#!/bin/sh
set -e
# avoid problems with sudo path
SYSREPOCFG=`which sysrepocfg`
OPENSSL=`which openssl`
# check that there is no SSH key with this name yet
KEYSTORE_KEY=`$SYSREPOCFG -X -x "/ietf-keystore:keystore/asymmetric-keys/asymmetric-key[name='genkey']/name"`
if [ -z "$KEYSTORE_KEY" ]; then
# generate a new key
PRIVPEM=`$OPENSSL genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -outform PEM 2>/dev/null`
# remove header/footer
PRIVKEY=`grep -v -- "-----" - <<STDIN
$PRIVPEM
STDIN`
# get public key
PUBPEM=`$OPENSSL rsa -pubout 2>/dev/null <<STDIN
$PRIVPEM
STDIN`
# remove header/footer
PUBKEY=`grep -v -- "-----" - <<STDIN
$PUBPEM
STDIN`
# generate edit config
CONFIG="<keystore xmlns=\"urn:ietf:params:xml:ns:yang:ietf-keystore\">
<asymmetric-keys>
<asymmetric-key>
<name>genkey</name>
<algorithm>rsa2048</algorithm>
<public-key>$PUBKEY</public-key>
<private-key>$PRIVKEY</private-key>
</asymmetric-key>
</asymmetric-keys>
</keystore>"
TMPFILE=`mktemp -u`
printf -- "$CONFIG" > $TMPFILE
# apply it to startup and running
$SYSREPOCFG --edit=$TMPFILE -d startup -f xml -m ietf-keystore -v2
$SYSREPOCFG -C startup -m ietf-keystore -v2
# remove the tmp file
rm $TMPFILE
fi

106
net/netopeer2/files/netopeer2-server-setup.default Normal file
View file

@ -0,0 +1,106 @@
#!/bin/sh
# Warning, problems can occur if the device restarts in the middle of this uci-default script
# install YANG modules
SYSREPOCTL=`which sysrepoctl`
MODDIR="/etc/netopeer2/modules"
PERMS=600
OWNER=root
GROUP=root
# array of modules to install
MODULES="\
ietf-netconf-acm@2018-02-14.yang
ietf-netconf@2013-09-29.yang -e writable-running -e candidate -e rollback-on-error -e validate -e startup -e url -e xpath
ietf-netconf-monitoring@2010-10-04.yang
ietf-netconf-nmda@2019-01-07.yang -e origin -e with-defaults
nc-notifications@2008-07-14.yang
notifications@2008-07-14.yang
ietf-x509-cert-to-name@2014-12-10.yang
ietf-crypto-types@2019-07-02.yang
ietf-keystore@2019-07-02.yang -e keystore-supported
ietf-truststore@2019-07-02.yang -e truststore-supported -e x509-certificates
ietf-tcp-common@2019-07-02.yang -e keepalives-supported
ietf-ssh-server@2019-07-02.yang -e local-client-auth-supported
ietf-tls-server@2019-07-02.yang -e local-client-auth-supported
ietf-netconf-server@2019-07-02.yang -e ssh-listen -e tls-listen -e ssh-call-home -e tls-call-home"
# functions
INSTALL_MODULE() {
local module=`echo "$1" | sed 's/\s.*$//'`
$SYSREPOCTL -a -i $MODDIR/$module -s $MODDIR -p $PERMS -o $OWNER -g $GROUP -v2
local rc=$?
if [ $rc -ne 0 ]; then
exit $rc
fi
}
UPDATE_MODULE() {
$SYSREPOCTL -a -U $MODDIR/$1 -s $MODDIR -p $PERMS -o $OWNER -g $GROUP -v2
local rc=$?
if [ $rc -ne 0 ]; then
exit $rc
fi
}
ENABLE_FEATURE() {
$SYSREPOCTL -a -c $1 -e $2 -v2
local rc=$?
if [ $rc -ne 0 ]; then
exit $rc
fi
}
ENABLE_FEATURES() {
# parse sysrepoctl features and add extra space at the end for easier matching
local sctl_features="`echo "$SCTL_MODULE" | sed 's/\([^|]*|\)\{6\}\(.*\)/\2/'` "
# parse features we want to enable
local features=`echo "$1" | sed 's/[^ ]* \(.*\)/\1/'`
while [ "${features:0:3}" = "-e " ]; do
# skip "-e "
features=${features:3}
# parse feature
local feature=`echo "$features" | sed 's/\([^[:space:]]*\).*/\1/'`
# enable feature if not already
sctl_feature=`echo "$sctl_features" | grep " ${feature} "`
if [ -z "$sctl_feature" ]; then
# enable feature
ENABLE_FEATURE $name $feature
fi
# next iteration, skip this feature
features=`echo "$features" | sed 's/[^[:space:]]* \(.*\)/\1/'`
done
}
# get current modules
SCTL_MODULES=`$SYSREPOCTL -l`
IFS=$'\n'
for i in $MODULES; do
name=`echo "$i" | sed 's/\([^@]*\).*/\1/'`
SCTL_MODULE=`echo "$SCTL_MODULES" | grep "^$name \+|[^|]*| I"`
if [ -z "$SCTL_MODULE" ]; then
# install module
INSTALL_MODULE "$i"
ENABLE_FEATURES "$i"
continue
fi
sctl_revision=`echo "$SCTL_MODULE" | sed 's/[^|]*| \([^ ]*\).*/\1/'`
revision=`echo "$i" | sed 's/[^@]*@\([^\.]*\).*/\1/'`
if [ "$sctl_revision" \< "$revision" ]; then
# update module without any features
file=`echo "$i" | cut -d' ' -f 1`
UPDATE_MODULE $file
fi
ENABLE_FEATURES "$i"
done
unset IFS
exit 0

2
net/Netopeer2/files/netopeer2-server.init → net/netopeer2/files/netopeer2-server.init
View file

@ -4,7 +4,7 @@ START=99
STOP=11
USE_PROCD=1
PROG=/bin/netopeer2-server
PROG=/usr/bin/netopeer2-server
start_service() {
procd_open_instance

6
net/sysrepo/Makefile
View file

@ -8,14 +8,14 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=sysrepo
PKG_VERSION:=1.4.58
PKG_VERSION:=1.4.70
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/sysrepo/sysrepo/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=9c134658a5b812cd86b9113c30fc01be5a094616f473e747032ccf614af9e4dd
PKG_HASH:=f0f894d4ed98ce9d20fda219378b844731d796e95115c07f4c067d853e20ca36
PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
PKG_MAINTAINER:=Jakov Smolic <jakov.smolic@sartura.hr>
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE