diff --git a/libs/libnetconf2/Makefile b/libs/libnetconf2/Makefile index 5e5945b580..2ef9d982a7 100644 --- a/libs/libnetconf2/Makefile +++ b/libs/libnetconf2/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libnetconf2 -PKG_VERSION:=1.1.24 +PKG_VERSION:=1.1.26 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/CESNET/libnetconf2/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=1a69db028bf970f0dab15ed508b58e0cf0806a7e4492828404b75c97ec8ab306 +PKG_HASH:=2ce2b819f3544fd46a3a4c8ba6dd0a3798cab2a63aa347bc1eb5275a2c89b7bd -PKG_MAINTAINER:=Mislav Novakovic +PKG_MAINTAINER:=Jakov Smolic PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE diff --git a/libs/libnetconf2/patches/001-cmake_not_updated.patch b/libs/libnetconf2/patches/001-cmake_not_updated.patch index f519b9bd6d..61c8107cf4 100644 --- a/libs/libnetconf2/patches/001-cmake_not_updated.patch +++ b/libs/libnetconf2/patches/001-cmake_not_updated.patch @@ -1,11 +1,16 @@ ---- a/CMakeLists.txt 2020-05-08 13:29:30.903800624 +0300 -+++ b/CMakeLists.txt 2020-05-08 13:29:50.943582218 +0300 -@@ -153,7 +153,7 @@ - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DNC_ENABLED_SSH") - message(STATUS "LibSSH version ${LibSSH_VERSION} found") - -- if(LibSSH_VERSION VERSION_EQUAL 0.9.3 OR LibSSH_VERSION VERSION_EQUAL 0.9.4) -+ if(LibSSH_VERSION VERSION_EQUAL 0.9.x) - message(FATAL_ERROR "LibSSH ${LibSSH_VERSION} includes regression bugs and libnetconf2 will NOT work properly, try to use another version") +diff --git a/CMakeLists.txt b/CMakeLists.txt +index f21fec9..5b912af 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -148,7 +148,7 @@ endif() + # dependencies - libssh + if(ENABLE_SSH) + find_package(LibSSH 0.7.0 REQUIRED) +- if(LIBSSH_VERSION VERSION_EQUAL 0.9.3 OR LIBSSH_VERSION VERSION_EQUAL 0.9.4) ++ if(LIBSSH_VERSION VERSION_EQUAL 0.9.x) + message(FATAL_ERROR "LibSSH ${LIBSSH_VERSION} includes regression bugs and libnetconf2 will NOT work properly, try to use another version") endif() +-- +2.26.2 + diff --git a/libs/libssh/Makefile b/libs/libssh/Makefile index 89890e4a04..ae20994309 100644 --- a/libs/libssh/Makefile +++ b/libs/libssh/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libssh PKG_VERSION:=0.9.4 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://www.libssh.org/files/0.9/ diff --git a/libs/libssh/patches/0004-channels-Avoid-returning-SSH_AGAIN-from-ssh_channel_.patch b/libs/libssh/patches/0004-channels-Avoid-returning-SSH_AGAIN-from-ssh_channel_.patch new file mode 100644 index 0000000000..8dd50bae01 --- /dev/null +++ b/libs/libssh/patches/0004-channels-Avoid-returning-SSH_AGAIN-from-ssh_channel_.patch @@ -0,0 +1,41 @@ +From 6417f5a3cac8537ac6f6ff7fc1642dfaa0917fb4 Mon Sep 17 00:00:00 2001 +From: Jakub Jelen +Date: Thu, 16 Apr 2020 11:13:34 +0200 +Subject: [PATCH] channels: Avoid returning SSH_AGAIN from + ssh_channel_poll_timeout() + +This addresses a regression introduced in 3bad0607, partially fixed in 022409e9, +but the function was still able to return SSH_AGAIN, which was not expected by +callers. + +Based on discussion in [1] and [2] + +[1] https://gitlab.com/libssh/libssh-mirror/-/merge_requests/101 +[2] https://www.libssh.org/archive/libssh/2020-03/0000029.html + +Signed-off-by: Jakub Jelen +Reviewed-by: Anderson Toshiyuki Sasaki +--- + src/channels.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/channels.c b/src/channels.c +index bcc1c207..9fe309d0 100644 +--- a/src/channels.c ++++ b/src/channels.c +@@ -3116,6 +3116,12 @@ int ssh_channel_poll_timeout(ssh_channel channel, int timeout, int is_stderr) + session->session_state == SSH_SESSION_STATE_ERROR) { + rc = SSH_ERROR; + goto out; ++ } else if (rc == SSH_AGAIN) { ++ /* If the above timeout expired, it is ok and we do not need to ++ * attempt to check the read buffer. The calling functions do not ++ * expect us to return SSH_AGAIN either here. */ ++ rc = SSH_OK; ++ goto out; + } + len = ssh_buffer_get_len(stdbuf); + if (len > 0) { +-- +2.26.2 + diff --git a/libs/libyang/Makefile b/libs/libyang/Makefile index c47330eac2..f03917dcbe 100644 --- a/libs/libyang/Makefile +++ b/libs/libyang/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libyang -PKG_VERSION:=1.0.167 +PKG_VERSION:=1.0.184 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/CESNET/libyang/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=2431fa5c7cfbe6a6f2c0873547b976f018438967adfe268726911dd3d95eaa31 +PKG_HASH:=1a5637451b73c4c5683837eb4c51371bb084795f653bc1a5fc20fed5541b58bc -PKG_MAINTAINER:=Mislav Novakovic +PKG_MAINTAINER:=Jakov Smolic PKG_LICENSE:=BSD-3-Clause PKG_LICENSE_FILES:=LICENSE @@ -66,11 +66,11 @@ define Package/libyang/install $(INSTALL_DIR) $(1)/usr/lib $(CP) $(PKG_INSTALL_DIR)/usr/lib/libyang.so* $(1)/usr/lib/ - $(INSTALL_DIR) $(1)/usr/lib/libyang - $(INSTALL_DIR) $(1)/usr/lib/libyang/extensions - $(INSTALL_DIR) $(1)/usr/lib/libyang/user_types - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libyang/extensions/* $(1)/usr/lib/libyang/extensions - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libyang/user_types/* $(1)/usr/lib/libyang/user_types + $(INSTALL_DIR) $(1)/usr/lib/libyang1 + $(INSTALL_DIR) $(1)/usr/lib/libyang1/extensions + $(INSTALL_DIR) $(1)/usr/lib/libyang1/user_types + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libyang1/extensions/* $(1)/usr/lib/libyang1/extensions + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libyang1/user_types/* $(1)/usr/lib/libyang1/user_types endef define Package/libyang-cpp/install diff --git a/net/Netopeer2/Config_keystored.in b/net/Netopeer2/Config_keystored.in deleted file mode 100644 index 73252507e5..0000000000 --- a/net/Netopeer2/Config_keystored.in +++ /dev/null @@ -1,7 +0,0 @@ -if PACKAGE_netopeer2-keystored - -config SSH_KEYS - bool "Generate default ssh keys" - default y - -endif diff --git a/net/Netopeer2/Makefile b/net/Netopeer2/Makefile deleted file mode 100644 index 76767f42f5..0000000000 --- a/net/Netopeer2/Makefile +++ /dev/null @@ -1,128 +0,0 @@ -# -# Copyright (C) 2017 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -# Warning by default OpenWrt does not have a root password which is necessery for NETCONF server. - -include $(TOPDIR)/rules.mk - -PKG_NAME:=Netopeer2 -PKG_VERSION:=1.1.27 -PKG_RELEASE:=2 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://codeload.github.com/CESNET/Netopeer2/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=e3914aae78d19f445a37ef37408f7ce209ebf0b05deb412b1bc56a021448885f - -PKG_MAINTAINER:=Mislav Novakovic -PKG_LICENSE:=BSD-3-Clause -PKG_LICENSE_FILES:=LICENSE - -CMAKE_INSTALL:=1 -PKG_BUILD_PARALLEL:=1 - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/cmake.mk - -define Package/netopeer2-keystored/config - source "$(SOURCE)/Config_keystored.in" -endef - -define Package/netopeer2-server - SECTION:=utils - CATEGORY:=Utilities - TITLE:=NETCONF server - URL:=https://github.com/CESNET/Netopeer2 - DEPENDS:=+libcurl +libpthread +libyang +libnetconf2 +netopeer2-keystored +libsysrepo +sysrepocfg +sysrepoctl +sysrepo - MENU:=1 -endef - -define Package/netopeer2-cli - SECTION:=utils - CATEGORY:=Utilities - TITLE:=Netopeer2 cli tool - URL:=https://github.com/CESNET/Netopeer2 - DEPENDS:=+libpthread +libyang +libnetconf2 +libopenssl -endef - -define Package/netopeer2-keystored - SECTION:=utils - CATEGORY:=Utilities - TITLE:=Netopeer2 key store management - URL:=https://github.com/CESNET/Netopeer2 - DEPENDS:=+libopenssl +libsysrepo +sysrepo +sysrepocfg +sysrepoctl +SSH_KEYS:openssh-keygen - MENU:=1 -endef - -define Package/netopeer2/description - Netopeer2 is a set of tools implementing network configuration tools based on the NETCONF - Protocol. This is the second generation of the toolset, originally available as the Netopeer - project. Netopeer2 is based on the new generation of the NETCONF and YANG libraries - - libyang and libnetconf2. The Netopeer server uses sysrepo as a NETCONF datastore implementation. -endef - -CMAKE_OPTIONS += \ - -DGENERATE_HOSTKEY:BOOL=OFF \ - -DINSTALL_MODULES:BOOL=OFF \ - -DCMAKE_BUILD_TYPE=release - -#-DKEYSTORED_KEYS_DIR:STRING=/etc/keystored/keys \ - -define Package/netopeer2-server/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/netopeer2-server $(1)/usr/bin/ - - $(INSTALL_DIR) $(1)/etc/sysrepo/yang - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-ssh-server@2019-07-02.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-tls-server@2019-07-02.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/iana-crypt-hash@2014-08-06.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-x509-cert-to-name@2014-12-10.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-netconf-server@2019-07-02.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-netconf-monitoring@2010-10-04.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-netconf-acm@2018-02-14.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-netconf-nmda@2019-01-07.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-netconf@2013-09-29.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-datastores@2017-08-17.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-crypto-types@2019-07-02.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/iana-crypt-hash@2014-08-06.yang $(1)/etc/sysrepo/yang/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-tcp-server@2019-07-02.yang $(1)/etc/sysrepo/yang/ - - $(INSTALL_DIR) $(1)/etc/uci-defaults - $(INSTALL_BIN) ./files/netopeer2-server.default $(1)/etc/uci-defaults/98_netopeer2-server - - $(INSTALL_DIR) $(1)/etc/init.d/ - $(INSTALL_BIN) ./files/netopeer2-server.init $(1)/etc/init.d/netopeer2-server - - $(INSTALL_DIR) $(1)/usr/share/netopeer2-server - $(INSTALL_DATA) ./files/stock_config.xml $(1)/usr/share/netopeer2-server -endef - -define Package/netopeer2-cli/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/netopeer2-cli $(1)/usr/bin/ -endef - -define Package/netopeer2-keystored/install - $(INSTALL_DIR) $(1)/etc/sysrepo/yang - $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/ietf-keystore@2019-07-02.yang $(1)/etc/sysrepo/yang/ - - $(INSTALL_DIR) $(1)/etc/uci-defaults - - $(INSTALL_DIR) $(1)/etc/keystored/keys -ifeq ($(CONFIG_SSH_KEYS),y) - $(INSTALL_BIN) ./files/netopeer2-keystored-keygen.default $(1)/etc/uci-defaults/97_netopeer2-keystored -else - $(INSTALL_BIN) ./files/netopeer2-keystored.default $(1)/etc/uci-defaults/97_netopeer2-keystored - #ssh key name is specified in ./files/stock_config.xml file, you will need to provide the ssh keys yourself. - $(INSTALL_DATA) ./files/ssh_host_rsa_key.pem $(1)/etc/keystored/keys - $(INSTALL_DATA) ./files/ssh_host_rsa_key.pub.pem $(1)/etc/keystored/keys -endif - -endef - -$(eval $(call BuildPackage,netopeer2-server)) -$(eval $(call BuildPackage,netopeer2-cli)) -$(eval $(call BuildPackage,netopeer2-keystored)) diff --git a/net/Netopeer2/files/netopeer2-keystored-keygen.default b/net/Netopeer2/files/netopeer2-keystored-keygen.default deleted file mode 100644 index aa8bb99311..0000000000 --- a/net/Netopeer2/files/netopeer2-keystored-keygen.default +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh - -# Warning, problems can occur if the device restarts in the middle of this uci-default script - -if [ -x /bin/sysrepoctl ]; then - match=$(sysrepoctl -l | grep "ietf-keystore ") - if [ ! "$match" ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-keystore@2019-07-02.yang -o root:root -p 600 - if [ -x /bin/sysrepocfg ]; then - sysrepocfg -f xml -d startup -i /usr/share/netopeer2-keystored/stock_key_config.xml ietf-keystore - rm /usr/share/netopeer2-keystored/stock_key_config.xml - fi - - #generate ssh keys - if [ ! -f "/etc/keystored/keys/ssh_host_rsa_key.pem" ]; then - ssh-keygen -m pem -t rsa -q -N "" -f /etc/keystored/keys/ssh_host_rsa_key.pem - chmod go-rw /etc/keystored/keys/ssh_host_rsa_key.pem - fi - fi -fi - -exit 0 diff --git a/net/Netopeer2/files/netopeer2-keystored.default b/net/Netopeer2/files/netopeer2-keystored.default deleted file mode 100644 index 4ec74e929a..0000000000 --- a/net/Netopeer2/files/netopeer2-keystored.default +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh - -# Warning, problems can occur if the device restarts in the middle of this uci-default script - -if [ -x /bin/sysrepoctl ]; then - match=$(sysrepoctl -l | grep "ietf-keystore ") - if [ ! "$match" ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-keystore@2019-07-02.yang -o root:root -p 600 - if [ -x /bin/sysrepocfg ]; then - sysrepocfg -f xml -d startup -i /usr/share/netopeer2-keystored/stock_key_config.xml ietf-keystore - rm /usr/share/netopeer2-keystored/stock_key_config.xml - fi - fi -fi - -exit 0 diff --git a/net/Netopeer2/files/netopeer2-server.default b/net/Netopeer2/files/netopeer2-server.default deleted file mode 100644 index ec91d20424..0000000000 --- a/net/Netopeer2/files/netopeer2-server.default +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/sh - -# Warning, problems can occur if the device restarts in the middle of this uci-default script - -if [ -x /bin/sysrepoctl ]; then - match=$(sysrepoctl -l | grep "ietf-ssh-server ") - if [ ! "$match" ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-ssh-server@2019-07-02.yang -p 600 - fi - - match=$(sysrepoctl -l | grep "ietf-tls-server ") - if [ ! "$match" ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-tls-server@2019-07-02.yang -p 600 - fi - - match=$(sysrepoctl -l | grep "iana-crypt-hash ") - if [ ! "$match" ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/iana-crypt-hash@2014-08-06.yang -p 600 - fi - - match=$(sysrepoctl -l | grep "ietf-x509-cert-to-name ") - if [ ! "$match" ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-x509-cert-to-name@2014-12-10.yang -p 600 - fi - - match=$(sysrepoctl -l | grep "ietf-netconf-server ") - if [ ! "$match" ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf-server@2019-07-02.yang -o root:root -p 600 - sysrepoctl -m ietf-netconf-server -e listen - sysrepoctl -m ietf-netconf-server -e ssh-listen - sysrepoctl -m ietf-netconf-server -e tls-listen - sysrepoctl -m ietf-netconf-server -e call-home - sysrepoctl -m ietf-netconf-server -e ssh-call-home - sysrepoctl -m ietf-netconf-server -e tls-call-home - sysrepoctl -m ietf-netconf -e url - if [ -x /bin/sysrepocfg ]; then - sysrepocfg -f xml -d startup -i /usr/share/netopeer2-server/stock_config.xml ietf-netconf-server - rm /usr/share/netopeer2-server/stock_config.xml - fi - fi - - match=$(sysrepoctl -l | grep "ietf-netconf-monitoring ") - if [ ! "$match" ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf-monitoring@2010-10-04.yang -o root:root -p 600 - fi - - match=$(sysrepoctl -l | grep "ietf-netconf-with-defaults ") - if [ ! "$match" ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-netconf@2013-09-29.yang -o root:root -p 600 - fi - - match=$(sysrepoctl -l | grep "ietf-datastores ") - if [ ! "$match" ]; then - sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-datastores@2017-08-17.yang -o root:root -p 600 - fi - -fi - -exit 0 diff --git a/net/Netopeer2/files/stock_config.xml b/net/Netopeer2/files/stock_config.xml deleted file mode 100644 index 45766846a2..0000000000 --- a/net/Netopeer2/files/stock_config.xml +++ /dev/null @@ -1,17 +0,0 @@ - - - - test_ssh_listen_endpt - -
::
- 830 - - - test_ssh_listen_key - ssh_host_rsa_key - - - - - - diff --git a/net/Netopeer2/patches/001-openss_1.1_support.patch b/net/Netopeer2/patches/001-openss_1.1_support.patch deleted file mode 100644 index 5069ef9bf0..0000000000 --- a/net/Netopeer2/patches/001-openss_1.1_support.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/cli/commands.c 2020-05-08 16:29:28.284509842 +0300 -+++ b/cli/commands.c 2020-05-08 16:29:38.856397844 +0300 -@@ -1727,7 +1727,7 @@ - BIO_printf(bio_out, "\n"); - - BIO_printf(bio_out, "Valid until: "); -- ASN1_TIME_print(bio_out, X509_get_notAfter(cert)); -+ ASN1_TIME_print(bio_out, X509_get0_notAfter(cert)); - BIO_printf(bio_out, "\n"); - - has_san = 0; diff --git a/net/Netopeer2/patches/010-gcc10.patch b/net/Netopeer2/patches/010-gcc10.patch deleted file mode 100644 index 6086289833..0000000000 --- a/net/Netopeer2/patches/010-gcc10.patch +++ /dev/null @@ -1,22 +0,0 @@ ---- a/cli/commands.h -+++ b/cli/commands.h -@@ -17,7 +17,7 @@ - - #include "cli_version.h" - --char some_msg[4096]; -+static char some_msg[4096]; - #define INSTRUCTION(format,args...) {snprintf(some_msg,4095,format,##args);printf("\n %s",some_msg);} - #define ERROR(function,format,args...) {snprintf(some_msg,4095,format,##args);fprintf(stderr,"%s: %s\n",function,some_msg);} - ---- a/src/log.h -+++ b/src/log.h -@@ -36,7 +36,7 @@ extern uint8_t np2_sr_verbose_level; - /** - * @brief netopeer2 flag whether to print messages to stderr (only if not daemon). - */ --uint8_t np2_stderr_log; -+extern uint8_t np2_stderr_log; - - /** - * @brief internal printing function, follows the levels from libnetconf2 diff --git a/net/netopeer2/Makefile b/net/netopeer2/Makefile new file mode 100644 index 0000000000..6418140733 --- /dev/null +++ b/net/netopeer2/Makefile @@ -0,0 +1,85 @@ +# +# Copyright (C) 2017 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +# Warning by default OpenWrt does not have a root password which is necessery for NETCONF server. + +include $(TOPDIR)/rules.mk + +PKG_NAME:=netopeer2 +PKG_VERSION:=1.1.39 +PKG_RELEASE:=1 + +PKG_LICENSE:=BSD-3-Clause +PKG_MAINTAINER:=Jakov Smolic + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://codeload.github.com/CESNET/Netopeer2/tar.gz/v$(PKG_VERSION)? +PKG_HASH:=e983683eda68792fedd73af54a5c7997496091489aa921f2a9e0dd27f2f6e19a + +CMAKE_INSTALL:=1 + +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk + +define Package/netopeer2-server + SECTION:=utils + CATEGORY:=Utilities + TITLE:=NETCONF server + URL:=https://github.com/CESNET/Netopeer2 + DEPENDS:=+libcurl +libpthread +libyang +libnetconf2 +libsysrepo +sysrepocfg +sysrepoctl +sysrepo + MENU:=1 +endef + +define Package/netopeer2-cli + SECTION:=utils + CATEGORY:=Utilities + TITLE:=Netopeer2 cli tool + URL:=https://github.com/CESNET/Netopeer2 + DEPENDS:=+libpthread +libyang +libnetconf2 +libopenssl +endef + +define Package/netopeer2/description + Netopeer2 is a set of tools implementing network configuration tools based on the NETCONF + Protocol. This is the second generation of the toolset, originally available as the Netopeer + project. Netopeer2 is based on the new generation of the NETCONF and YANG libraries - + libyang and libnetconf2. The Netopeer server uses sysrepo as a NETCONF datastore implementation. +endef + +CMAKE_OPTIONS += \ + -DCMAKE_INSTALL_PREFIX:PATH=/usr \ + -DCMAKE_BUILD_TYPE:STRING=Release \ + -DGENERATE_HOSTKEY:BOOL=OFF \ + -DINSTALL_MODULES:BOOL=OFF \ + -DMERGE_LISTEN_CONFIG:BOOL=OFF + +define Package/netopeer2-server/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/netopeer2-server $(1)/usr/bin/ + + $(INSTALL_DIR) $(1)/etc/sysrepo/yang + $(INSTALL_DIR) $(1)/etc/netopeer2/modules + $(INSTALL_DATA) $(PKG_BUILD_DIR)/modules/* $(1)/etc/netopeer2/modules/ + + $(INSTALL_DIR) $(1)/etc/uci-defaults + $(INSTALL_BIN) ./files/netopeer2-server-setup.default $(1)/etc/uci-defaults/97_netopeer2-server + $(INSTALL_BIN) ./files/netopeer2-server-merge-hostkey.default $(1)/etc/uci-defaults/98_netopeer2-server + $(INSTALL_BIN) ./files/netopeer2-server-merge-config.default $(1)/etc/uci-defaults/99_netopeer2-server + + $(INSTALL_DIR) $(1)/etc/init.d/ + $(INSTALL_BIN) ./files/netopeer2-server.init $(1)/etc/init.d/netopeer2-server +endef + +define Package/netopeer2-cli/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/netopeer2-cli $(1)/usr/bin/ +endef + +$(eval $(call BuildPackage,netopeer2-server)) +$(eval $(call BuildPackage,netopeer2-cli)) diff --git a/net/netopeer2/files/netopeer2-server-merge-config.default b/net/netopeer2/files/netopeer2-server-merge-config.default new file mode 100644 index 0000000000..3c140e690d --- /dev/null +++ b/net/netopeer2/files/netopeer2-server-merge-config.default @@ -0,0 +1,57 @@ +#!/bin/sh + +set -e + +# avoid problems with sudo path +SYSREPOCFG=`which sysrepocfg` +KS_KEY_NAME=genkey + +# check that there is no listen/Call Home configuration yet +SERVER_CONFIG=`$SYSREPOCFG -X -x "/ietf-netconf-server:netconf-server/listen/endpoint[1]/name | /ietf-netconf-server:netconf-server/call-home/netconf-client[1]/name"` +if [ -z "$SERVER_CONFIG" ]; then + +# import default config +CONFIG=" + + + default-ssh + + + 0.0.0.0 + + 1 + 10 + 5 + + + + + + default-key + + $KS_KEY_NAME + + + + + + + + interactive + + + + + + + +" +TMPFILE=`mktemp -u` +printf -- "$CONFIG" > $TMPFILE +# apply it to startup and running +$SYSREPOCFG --edit=$TMPFILE -d startup -f xml -m ietf-netconf-server -v2 +$SYSREPOCFG -C startup -m ietf-netconf-server -v2 +# remove the tmp file +rm $TMPFILE + +fi diff --git a/net/netopeer2/files/netopeer2-server-merge-hostkey.default b/net/netopeer2/files/netopeer2-server-merge-hostkey.default new file mode 100644 index 0000000000..6da8240392 --- /dev/null +++ b/net/netopeer2/files/netopeer2-server-merge-hostkey.default @@ -0,0 +1,47 @@ +#!/bin/sh + +set -e + +# avoid problems with sudo path +SYSREPOCFG=`which sysrepocfg` +OPENSSL=`which openssl` + +# check that there is no SSH key with this name yet +KEYSTORE_KEY=`$SYSREPOCFG -X -x "/ietf-keystore:keystore/asymmetric-keys/asymmetric-key[name='genkey']/name"` +if [ -z "$KEYSTORE_KEY" ]; then + +# generate a new key +PRIVPEM=`$OPENSSL genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -outform PEM 2>/dev/null` +# remove header/footer +PRIVKEY=`grep -v -- "-----" - </dev/null < + + + genkey + rsa2048 + $PUBKEY + $PRIVKEY + + +" +TMPFILE=`mktemp -u` +printf -- "$CONFIG" > $TMPFILE +# apply it to startup and running +$SYSREPOCFG --edit=$TMPFILE -d startup -f xml -m ietf-keystore -v2 +$SYSREPOCFG -C startup -m ietf-keystore -v2 +# remove the tmp file +rm $TMPFILE + +fi diff --git a/net/netopeer2/files/netopeer2-server-setup.default b/net/netopeer2/files/netopeer2-server-setup.default new file mode 100644 index 0000000000..759b35f74a --- /dev/null +++ b/net/netopeer2/files/netopeer2-server-setup.default @@ -0,0 +1,106 @@ +#!/bin/sh + +# Warning, problems can occur if the device restarts in the middle of this uci-default script + +# install YANG modules +SYSREPOCTL=`which sysrepoctl` +MODDIR="/etc/netopeer2/modules" +PERMS=600 +OWNER=root +GROUP=root + +# array of modules to install +MODULES="\ +ietf-netconf-acm@2018-02-14.yang +ietf-netconf@2013-09-29.yang -e writable-running -e candidate -e rollback-on-error -e validate -e startup -e url -e xpath +ietf-netconf-monitoring@2010-10-04.yang +ietf-netconf-nmda@2019-01-07.yang -e origin -e with-defaults +nc-notifications@2008-07-14.yang +notifications@2008-07-14.yang +ietf-x509-cert-to-name@2014-12-10.yang +ietf-crypto-types@2019-07-02.yang +ietf-keystore@2019-07-02.yang -e keystore-supported +ietf-truststore@2019-07-02.yang -e truststore-supported -e x509-certificates +ietf-tcp-common@2019-07-02.yang -e keepalives-supported +ietf-ssh-server@2019-07-02.yang -e local-client-auth-supported +ietf-tls-server@2019-07-02.yang -e local-client-auth-supported +ietf-netconf-server@2019-07-02.yang -e ssh-listen -e tls-listen -e ssh-call-home -e tls-call-home" + +# functions +INSTALL_MODULE() { + local module=`echo "$1" | sed 's/\s.*$//'` + $SYSREPOCTL -a -i $MODDIR/$module -s $MODDIR -p $PERMS -o $OWNER -g $GROUP -v2 + local rc=$? + if [ $rc -ne 0 ]; then + exit $rc + fi +} + +UPDATE_MODULE() { + $SYSREPOCTL -a -U $MODDIR/$1 -s $MODDIR -p $PERMS -o $OWNER -g $GROUP -v2 + local rc=$? + if [ $rc -ne 0 ]; then + exit $rc + fi +} + +ENABLE_FEATURE() { + $SYSREPOCTL -a -c $1 -e $2 -v2 + local rc=$? + if [ $rc -ne 0 ]; then + exit $rc + fi +} + +ENABLE_FEATURES() { + # parse sysrepoctl features and add extra space at the end for easier matching + local sctl_features="`echo "$SCTL_MODULE" | sed 's/\([^|]*|\)\{6\}\(.*\)/\2/'` " + # parse features we want to enable + local features=`echo "$1" | sed 's/[^ ]* \(.*\)/\1/'` + while [ "${features:0:3}" = "-e " ]; do + # skip "-e " + features=${features:3} + # parse feature + local feature=`echo "$features" | sed 's/\([^[:space:]]*\).*/\1/'` + + # enable feature if not already + sctl_feature=`echo "$sctl_features" | grep " ${feature} "` + if [ -z "$sctl_feature" ]; then + # enable feature + ENABLE_FEATURE $name $feature + fi + + # next iteration, skip this feature + features=`echo "$features" | sed 's/[^[:space:]]* \(.*\)/\1/'` + done +} + +# get current modules +SCTL_MODULES=`$SYSREPOCTL -l` + +IFS=$'\n' +for i in $MODULES; do + name=`echo "$i" | sed 's/\([^@]*\).*/\1/'` + + SCTL_MODULE=`echo "$SCTL_MODULES" | grep "^$name \+|[^|]*| I"` + if [ -z "$SCTL_MODULE" ]; then + # install module + INSTALL_MODULE "$i" + ENABLE_FEATURES "$i" + continue + fi + + sctl_revision=`echo "$SCTL_MODULE" | sed 's/[^|]*| \([^ ]*\).*/\1/'` + revision=`echo "$i" | sed 's/[^@]*@\([^\.]*\).*/\1/'` + if [ "$sctl_revision" \< "$revision" ]; then + # update module without any features + file=`echo "$i" | cut -d' ' -f 1` + UPDATE_MODULE $file + fi + + ENABLE_FEATURES "$i" +done + +unset IFS + +exit 0 diff --git a/net/Netopeer2/files/netopeer2-server.init b/net/netopeer2/files/netopeer2-server.init similarity index 90% rename from net/Netopeer2/files/netopeer2-server.init rename to net/netopeer2/files/netopeer2-server.init index 6b2c133b30..97dadae9a6 100644 --- a/net/Netopeer2/files/netopeer2-server.init +++ b/net/netopeer2/files/netopeer2-server.init @@ -4,7 +4,7 @@ START=99 STOP=11 USE_PROCD=1 -PROG=/bin/netopeer2-server +PROG=/usr/bin/netopeer2-server start_service() { procd_open_instance diff --git a/net/sysrepo/Makefile b/net/sysrepo/Makefile index d3eb3878ba..a8a60bfd00 100644 --- a/net/sysrepo/Makefile +++ b/net/sysrepo/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sysrepo -PKG_VERSION:=1.4.58 +PKG_VERSION:=1.4.70 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/sysrepo/sysrepo/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=9c134658a5b812cd86b9113c30fc01be5a094616f473e747032ccf614af9e4dd +PKG_HASH:=f0f894d4ed98ce9d20fda219378b844731d796e95115c07f4c067d853e20ca36 -PKG_MAINTAINER:=Mislav Novakovic +PKG_MAINTAINER:=Jakov Smolic PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE