experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

RFC 8525:

Browse source 
- Change from RFC 7805: Remove revision if empty instead of sending empty revision
RFC 6022
  - Added cli identity to RFC6022 transport
  - Added source-host for natove restconf, bit no other sessions
This commit is contained in:
Olof hagsand 2023-01-15 22:29:08 +01:00
parent 21785a5d3e
commit 000cb866c2
17 changed files with 100 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

11
apps/backend/backend_client.c
View file

@ -192,10 +192,13 @@ backend_monitoring_state_get(clicon_handle h,
for (ce = backend_client_list(h); ce; ce = ce->ce_next){
cprintf(cb, "<session>");
cprintf(cb, "<session-id>%u</session-id>", ce->ce_id);
if (ce->ce_transport)
cprintf(cb, "<transport xmlns:%s=\"%s\">%s</transport>",
CLIXON_LIB_PREFIX, CLIXON_LIB_NS,
ce->ce_transport);
if (ce->ce_transport == NULL){
clicon_err(OE_XML, 0, "Mandatory element transport missing");
goto done;
}
cprintf(cb, "<transport xmlns:%s=\"%s\">%s</transport>",
CLIXON_LIB_PREFIX, CLIXON_LIB_NS,
ce->ce_transport);
cprintf(cb, "<username>%s</username>", ce->ce_username);
if (ce->ce_source_host)
cprintf(cb, "<source-host>%s</source-host>", ce->ce_source_host);

14
apps/cli/cli_main.c
View file

@ -167,7 +167,8 @@ cli_terminate(clicon_handle h)
cvec *nsctx;
cxobj *x;
clicon_rpc_close_session(h);
if (clicon_data_get(h, "session-transport", NULL) == 0)
clicon_rpc_close_session(h);
if ((yspec = clicon_dbspec_yang(h)) != NULL)
ys_free(yspec);
if ((yspec = clicon_config_yang(h)) != NULL)
@ -805,6 +806,12 @@ main(int argc,
goto done;
/* Experimental utf8 mode */
cligen_utf8_set(cli_cligen(h), clicon_option_int(h,"CLICON_CLI_UTF8"));
/* Set RFC6022 session parameters that will be sent in first hello,
* @see clicon_hello_req
*/
clicon_data_set(h, "session-transport", "cl:cli");
/* Launch interfactive event loop, unless -1 */
if (restarg != NULL && strlen(restarg)){
char *mode = cli_syntax_mode(h);
@ -818,11 +825,6 @@ main(int argc,
if (evalresult < 0)
goto done;
}
/* Set RFC6022 session parameters that will be sent in first hello,
* @see clicon_hello_req
*/
clicon_data_set(h, "session-transport", "cl:cli");
clicon_data_set(h, "session-source-host", "localhost");
/* Go into event-loop unless -1 command-line */
if (!once){

6
apps/restconf/restconf_main_fcgi.c
View file

@ -572,11 +572,17 @@ main(int argc,
clicon_err(OE_UNIX, errno, "chmod");
goto done;
}
/* Drop privileges if started as root to CLICON_RESTCONF_USER
* and use drop mode: CLICON_RESTCONF_PRIVILEGES
*/
if (restconf_drop_privileges(h) < 0)
goto done;
/* Set RFC6022 session parameters that will be sent in first hello,
* @see clicon_hello_req
*/
clicon_data_set(h, "session-transport", "cl:restconf");
if (FCGX_InitRequest(req, sock, 0) != 0){
clicon_err(OE_CFG, errno, "FCGX_InitRequest");
goto done;

36
apps/restconf/restconf_main_native.c
View file

@ -540,22 +540,43 @@ restconf_accept_client(int fd,
struct sockaddr from = {0,};
socklen_t len;
char *name = NULL;
void *addr;
clicon_debug(1, "%s %d", __FUNCTION__, fd);
if ((rsock = (restconf_socket *)arg) == NULL){
clicon_err(OE_YANG, EINVAL, "rsock is NULL");
goto done;
}
clicon_debug(1, "%s type:%s addr:%s port:%hu", __FUNCTION__,
rsock->rs_addrtype,
rsock->rs_addrstr,
rsock->rs_port);
h = rsock->rs_h;
len = sizeof(from);
if ((s = accept(rsock->rs_ss, &from, &len)) < 0){
clicon_err(OE_UNIX, errno, "accept");
goto done;
}
switch (from.sa_family){
case AF_INET:{
struct sockaddr_in *in = (struct sockaddr_in *)&from;
addr = &(in->sin_addr);
break;
}
case AF_INET6:{
struct sockaddr_in6 *in6 = (struct sockaddr_in6 *)&from;
addr = &(in6->sin6_addr);
break;
}
}
if ((rsock->rs_from_addr = calloc(INET6_ADDRSTRLEN, 1)) == NULL){
clicon_err(OE_UNIX, errno, "calloc");
goto done;
}
if (inet_ntop(from.sa_family, addr, rsock->rs_from_addr, INET6_ADDRSTRLEN) < 0)
goto done;
clicon_debug(1, "%s type:%s from:%s, dest:%s port:%hu", __FUNCTION__,
rsock->rs_addrtype,
rsock->rs_from_addr,
rsock->rs_addrstr,
rsock->rs_port);
clicon_data_set(h, "session-source-host", rsock->rs_from_addr);
/* Accept SSL */
if (restconf_ssl_accept_client(h, s, rsock, NULL) < 0)
goto done;
@ -601,6 +622,8 @@ restconf_native_terminate(clicon_handle h)
free(rsock->rs_addrstr);
if (rsock->rs_addrtype)
free(rsock->rs_addrtype);
if (rsock->rs_from_addr)
free(rsock->rs_from_addr);
free(rsock);
}
if (rn->rn_ctx)
@ -1285,6 +1308,11 @@ main(int argc,
if (restconf_drop_privileges(h) < 0)
goto done;
/* Set RFC6022 session parameters that will be sent in first hello,
* @see clicon_hello_req
*/
clicon_data_set(h, "session-transport", "cl:restconf");
/* Main event loop */
if (clixon_event_loop(h) < 0)
goto done;

2
apps/restconf/restconf_native.h
View file

@ -155,6 +155,8 @@ typedef struct restconf_socket{
* Set in restconf_callhome_cb
*/
restconf_conn *rs_conns; /* List of transient connect sockets */
char *rs_from_addr; /* From IP address as seen by accept */
} restconf_socket;
/* Restconf handle

2
apps/snmp/snmp_main.c
View file

@ -525,7 +525,7 @@ main(int argc,
* used by the client, even though new TCP sessions are created for
* each message sent to the backend.
*/
if (clicon_hello_req(h, "cl:snmp", "localhost", &id) < 0)
if (clicon_hello_req(h, "cl:snmp", NULL, &id) < 0)
goto done;
clicon_session_id_set(h, id);