experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into filter-and-xml-encoding-fixes

Browse source
This commit is contained in:
Phil Heller 2021-07-29 23:01:47 -06:00
commit 3c5f956805
97 changed files with 2861 additions and 1480 deletions
Download patch file Download diff file Expand all files Collapse all files

4
apps/backend/Makefile.in
View file

@ -152,7 +152,9 @@ install-include: clixon_backend.h clixon_backend_handle.h clixon_backend_transac
.SUFFIXES: .c .o
.c.o:
$(CC) $(INCLUDES) $(CPPFLAGS) -D__PROGRAM__=\"$(APPL)\" $(CFLAGS) -c $<
# Note: CLIXON_CONFIG_SBINDIR is where clixon_restconf is believed to be installed, unless
# overruled by CLICON_RESTCONF_INSTALLDIR option
$(CC) $(INCLUDES) $(CPPFLAGS) -D__PROGRAM__=\"$(APPL)\" -DCLIXON_CONFIG_SBINDIR=\"$(sbindir)\" $(CFLAGS) -c $<
# Just link test programs
test.c :

2
apps/backend/backend_client.c
View file

@ -238,7 +238,7 @@ client_get_streams(clicon_handle h,
cprintf(cb,"</%s>", top);
if (clixon_xml_parse_string(cbuf_get(cb), YB_MODULE, yspec, &x, NULL) < 0){
if (netconf_operation_failed_xml(xret, "protocol", clicon_err_reason)< 0)
if (xret && netconf_operation_failed_xml(xret, "protocol", clicon_err_reason)< 0)
goto done;
goto fail;
}

48
apps/backend/backend_commit.c
View file

@ -132,7 +132,7 @@ generic_validate(clicon_handle h,
cprintf(cb, "Mandatory variable of %s in module %s",
xml_parent(x1)?xml_name(xml_parent(x1)):"",
yang_argument_get(ys_module(ys)));
if (netconf_missing_element_xml(xret, "protocol", xml_name(x1), cbuf_get(cb)) < 0)
if (xret && netconf_missing_element_xml(xret, "protocol", xml_name(x1), cbuf_get(cb)) < 0)
goto done;
goto fail;
}
@ -480,9 +480,9 @@ startup_commit(clicon_handle h,
* and call application callback validations.
* @param[in] h Clicon handle
* @param[in] candidate The candidate database. The wanted backend state
* @param[out] xret Error XML tree. Free with xml_free after use
* @param[out] xret Error XML tree, if retval is 0. Free with xml_free after use
* @retval -1 Error - or validation failed (but cbret not set)
* @retval 0 Validation failed (with cbret set)
* @retval 0 Validation failed (with xret set)
* @retval 1 Validation OK
* @note Need to differentiate between error and validation fail
* (only done for generic_validate)
@ -505,16 +505,19 @@ validate_common(clicon_handle h,
goto done;
}
/* This is the state we are going to */
if (xmldb_get0(h, db, YB_MODULE, NULL, "/", 0, &td->td_target, NULL, NULL) < 0)
if ((ret = xmldb_get0(h, db, YB_MODULE, NULL, "/", 0, &td->td_target, NULL, xret)) < 0)
goto done;
if (ret == 0)
goto fail;
/* Clear flags xpath for get */
xml_apply0(td->td_target, CX_ELMNT, (xml_applyfn_t*)xml_flag_reset,
(void*)(XML_FLAG_MARK|XML_FLAG_CHANGE));
/* 2. Parse xml trees
* This is the state we are going from */
if (xmldb_get0(h, "running", YB_MODULE, NULL, "/", 0, &td->td_src, NULL, NULL) < 0)
if ((ret = xmldb_get0(h, "running", YB_MODULE, NULL, "/", 0, &td->td_src, NULL, xret)) < 0)
goto done;
if (ret == 0)
goto fail;
/* Clear flags xpath for get */
xml_apply0(td->td_src, CX_ELMNT, (xml_applyfn_t*)xml_flag_reset,
(void*)(XML_FLAG_MARK|XML_FLAG_CHANGE));
@ -606,26 +609,45 @@ candidate_validate(clicon_handle h,
if ((td = transaction_new()) == NULL)
goto done;
/* Common steps (with commit) */
if ((ret = validate_common(h, db, td, &xret)) < 1){
if ((ret = validate_common(h, db, td, &xret)) < 0){
/* A little complex due to several sources of validation fails or errors.
* (1) xerr is set -> translate to cbret; (2) cbret set use that; otherwise
* use clicon_err. */
if (xret && clicon_xml2cbuf(cbret, xret, 0, 0, -1) < 0)
* use clicon_err.
* TODO: -1 return should be fatal error, not failed validation
*/
if (!cbuf_len(cbret) &&
netconf_operation_failed(cbret, "application", clicon_err_reason)< 0)
goto done;
goto fail;
}
if (ret == 0){
if (xret == NULL){
clicon_err(OE_CFG, EINVAL, "xret is NULL");
goto done;
}
if (clicon_xml2cbuf(cbret, xret, 0, 0, -1) < 0)
goto done;
plugin_transaction_abort_all(h, td);
if (!cbuf_len(cbret) &&
netconf_operation_failed(cbret, "application", clicon_err_reason)< 0)
goto done;
goto fail;
}
if (xmldb_get0_clear(h, td->td_src) < 0 ||
xmldb_get0_clear(h, td->td_target) < 0){
plugin_transaction_abort_all(h, td);
xmldb_get0_clear(h, td->td_target) < 0)
goto done;
}
plugin_transaction_end_all(h, td);
retval = 1;
done:
if (xret)
xml_free(xret);
if (td){
if (retval < 1)
plugin_transaction_abort_all(h, td);
xmldb_get0_free(h, &td->td_target);
xmldb_get0_free(h, &td->td_src);
transaction_free(td);
}
return retval;
fail:
retval = 0;

5
apps/backend/backend_main.c
View file

@ -747,11 +747,6 @@ main(int argc,
clicon_configfile(h));
goto done;
}
/* Treat unknown XML as anydata */
if (clicon_option_bool(h, "CLICON_YANG_UNKNOWN_ANYDATA") == 1)
xml_bind_yang_unknown_anydata(1);
/* Publish stream on pubsub channels.
* CLICON_STREAM_PUB should be set to URL to where streams are published
* and configure should be run with --enable-publish

21
apps/backend/backend_plugin_restconf.c
View file

@ -245,6 +245,7 @@ restconf_pseudo_process_control(clicon_handle h)
int i;
int nr;
cbuf *cb = NULL;
char *dir = NULL;
nr = 10;
if ((argv = calloc(nr, sizeof(char *))) == NULL){
@ -256,12 +257,18 @@ restconf_pseudo_process_control(clicon_handle h)
clicon_err(OE_UNIX, errno, "cbuf_new");
goto done;
}
/* CLICON_RESTCONF_INSTALLDIR is where we think clixon_restconf is installed
* Problem is where to define it? Now in config file, but maybe it should be in configure?
* Tried Makefile but didnt work on Docker since it was moved around.
/* Try to figure out where clixon_restconf is installed
* If config option CLICON_RESTCONF_INSTALLDIR is installed, use that.
* If not, use the Makefile
* Use PATH?
*/
cprintf(cb, "%s/clixon_restconf", clicon_option_str(h, "CLICON_RESTCONF_INSTALLDIR"));
if ((dir = clicon_option_str(h, "CLICON_RESTCONF_INSTALLDIR")) == NULL){
if ((dir = CLIXON_CONFIG_SBINDIR) == NULL){
clicon_err(OE_RESTCONF, EINVAL, "Both option CLICON_RESTCONF_INSTALLDIR and makefile constant CLIXON_CONFIG_SBINDIR are NULL which make sit not possible to know where clixon_restconf is installed(shouldnt happen)");
goto done;
}
}
cprintf(cb, "%s/clixon_restconf", dir);
argv[i++] = cbuf_get(cb);
argv[i++] = "-f";
argv[i++] = clicon_option_str(h, "CLICON_CONFIGFILE");
@ -270,11 +277,11 @@ restconf_pseudo_process_control(clicon_handle h)
* see restconf_pseudo_set_log which sets flag when process starts
*/
argv[i++] = "-D";
argv[i++] = strdup("0");
argv[i++] = "0";
argv[i++] = "-l";
argv[i++] = strdup("s"); /* There is also log-destination in clixon-restconf.yang */
argv[i++] = "s"; /* There is also log-destination in clixon-restconf.yang */
argv[i++] = "-R";
argv[i++] = strdup("");
argv[i++] = "";
argv[i++] = NULL;
assert(i==nr);
if (clixon_process_register(h, RESTCONF_PROCESS,

6
apps/cli/cli_common.c
View file

@ -448,7 +448,7 @@ cli_debug_cli(clicon_handle h,
cg_var *cv;
int level;
if ((cv = cvec_find(vars, "level")) == NULL){
if ((cv = cvec_find_var(vars, "level")) == NULL){
if (cvec_len(argv) != 1){
clicon_err(OE_PLUGIN, EINVAL, "Requires either label var or single arg: 0|1");
goto done;
@ -479,7 +479,7 @@ cli_debug_backend(clicon_handle h,
cg_var *cv;
int level;
if ((cv = cvec_find(vars, "level")) == NULL){
if ((cv = cvec_find_var(vars, "level")) == NULL){
if (cvec_len(argv) != 1){
clicon_err(OE_PLUGIN, EINVAL, "Requires either label var or single arg: 0|1");
goto done;
@ -513,7 +513,7 @@ cli_debug_restconf(clicon_handle h,
cg_var *cv;
int level;
if ((cv = cvec_find(vars, "level")) == NULL){
if ((cv = cvec_find_var(vars, "level")) == NULL){
if (cvec_len(argv) != 1){
clicon_err(OE_PLUGIN, EINVAL, "Requires either label var or single arg: 0|1");
goto done;

10
apps/cli/cli_generate.c
View file

@ -626,18 +626,18 @@ yang2cli_var(clicon_handle h,
completionp = clicon_cli_genmodel_completion(h);
if (completionp)
cprintf(cb, "(");
if ((retval = yang2cli_var_sub(h, ys, yrestype, helptext, cvtype,
options, cvv, patterns, fraction_digits, cb)) < 0)
if (yang2cli_var_sub(h, ys, yrestype, helptext, cvtype,
options, cvv, patterns, fraction_digits, cb) < 0)
goto done;
if (completionp){
result = cli_expand_var_generate(h, ys, cvtype,
options, fraction_digits,
cb);
if (result < 0)
goto done;
goto done;
if (result == 0)
yang2cli_helptext(cb, helptext);
cprintf(cb, ")");
yang2cli_helptext(cb, helptext);
cprintf(cb, ")");
}
}
retval = 0;

5
apps/cli/cli_main.c
View file

@ -635,11 +635,6 @@ main(int argc,
goto done;
/* Set default namespace according to CLICON_NAMESPACE_NETCONF_DEFAULT */
xml_nsctx_namespace_netconf_default(h);
/* Treat unknwon XML as anydata */
if (clicon_option_bool(h, "CLICON_YANG_UNKNOWN_ANYDATA") == 1)
xml_bind_yang_unknown_anydata(1);
/* Create top-level and store as option */
if ((yspec = yspec_new()) == NULL)
goto done;

4
apps/cli/cli_show.c
View file

@ -495,8 +495,8 @@ cli_show_config1(clicon_handle h,
cli_xml2cli(xc, prefix, gt, cligen_output); /* cli syntax */
break;
case FORMAT_NETCONF:
cligen_output(stdout, "<rpc xmlns=\"%s\"><edit-config><target><candidate/></target><config>\n",
NETCONF_BASE_NAMESPACE);
cligen_output(stdout, "<rpc xmlns=\"%s\" %s><edit-config><target><candidate/></target><config>\n",
NETCONF_BASE_NAMESPACE, NETCONF_MESSAGE_ID_ATTR);
xc = NULL; /* Dont print xt itself */
while ((xc = xml_child_each(xt, xc, -1)) != NULL)
cli_xml2file(xc, 2, 1, cligen_output);

5
apps/restconf/restconf_api_fcgi.c
View file

@ -220,8 +220,11 @@ restconf_reply_send(void *req0,
return retval;
}
/*!
/*! Get input data from http request, eg such as curl -X PUT http://... <indata>
* @param[in] req Fastcgi request handle
* @retval indata
* @retval NULL Error
* @note: creates a new cbuf which differs from native api where a pointer is returned
*/
cbuf *
restconf_get_indata(void *req0)

6
apps/restconf/restconf_api_native.c
View file

@ -172,9 +172,9 @@ restconf_reply_send(void *req0,
return retval;
}
/*! get input data
* @param[in] req Fastcgi request handle
* @note Pulls up an event buffer and then copies it to a cbuf. This is not efficient.
/*! Get input data from http request, eg such as curl -X PUT http://... <indata>
* @param[in] req Request handle
* @note: reuses cbuf from stream-data
*/
cbuf *
restconf_get_indata(void *req0)

5
apps/restconf/restconf_evhtp.c
View file

@ -396,7 +396,7 @@ restconf_evhtp_reply(restconf_conn *rc,
* [RFC7231]).
*/
if (sd->sd_code != 204 && sd->sd_code > 199)
if (restconf_reply_header(sd, "Content-Length", "%lu", sd->sd_body_len) < 0)
if (restconf_reply_header(sd, "Content-Length", "%zu", sd->sd_body_len) < 0)
goto done;
/* Create reply and write headers */
if (native_send_reply(rc, sd, req) < 0)
@ -515,6 +515,8 @@ restconf_path_root(evhtp_request_t *req,
if (clicon_debug_get())
evhtp_headers_for_each(req->headers_in, evhtp_print_header, h);
/* Query vector, ie the ?a=x&b=y stuff */
if (sd->sd_qvec)
cvec_free(sd->sd_qvec);
if ((sd->sd_qvec = cvec_new(0)) ==NULL){
clicon_err(OE_UNIX, errno, "cvec_new");
evhtp_internal_error(req);
@ -527,6 +529,7 @@ restconf_path_root(evhtp_request_t *req,
clicon_err(OE_CFG, errno, "evbuffer_pullup");
goto done;
}
cbuf_reset(sd->sd_indata);
/* Note the pullup may not be null-terminated */
cbuf_append_buf(sd->sd_indata, buf, len);
}

11
apps/restconf/restconf_lib.c
View file

@ -499,6 +499,14 @@ restconf_insert_attributes(cxobj *xdata,
* @param[in] ys Yang node of (unknown) statement belonging to extension
* @retval 0 OK, all callbacks executed OK
* @retval -1 Error in one callback
* @note This extension adds semantics to YANG according to RFC8040 as follows:
* - The list-stmt is not required to have a key-stmt defined.(NB!!)
* - The if-feature-stmt is ignored if present.
* - The config-stmt is ignored if present.
* - The available identity values for any 'identityref'
* leaf or leaf-list nodes are limited to the module
* containing this extension statement and the modules
* imported into that module.
*/
int
restconf_main_extension_cb(clicon_handle h,
@ -522,6 +530,9 @@ restconf_main_extension_cb(clicon_handle h,
goto ok;
if ((yn = ys_dup(yc)) == NULL)
goto done;
/* yang-data extension: The list-stmt is not required to have a key-stmt defined.
*/
yang_flag_set(yn, YANG_FLAG_NOKEY);
if (yn_insert(yang_parent_get(ys), yn) < 0)
goto done;
ok:

10
apps/restconf/restconf_main_fcgi.c
View file

@ -375,10 +375,6 @@ main(int argc,
if ((yspec = yspec_new()) == NULL)
goto done;
clicon_dbspec_yang_set(h, yspec);
/* Treat unknown XML as anydata */
if (clicon_option_bool(h, "CLICON_YANG_UNKNOWN_ANYDATA") == 1)
xml_bind_yang_unknown_anydata(1);
/* Initialize plugin module by creating a handle holding plugin and callback lists */
if (clixon_plugin_module_init(h) < 0)
goto done;
@ -423,6 +419,12 @@ main(int argc,
if (yang_spec_parse_module(h, "ietf-restconf", NULL, yspec)< 0)
goto done;
#ifdef YANG_PATCH
/* Load yang restconf patch module */
if (yang_spec_parse_module(h, "ietf-yang-patch", NULL, yspec)< 0)
goto done;
#endif // YANG_PATCH
/* Add netconf yang spec, used as internal protocol */
if (netconf_module_load(h) < 0)
goto done;

107
apps/restconf/restconf_main_native.c
View file

@ -265,7 +265,7 @@ buf_write(char *buf,
}
memcpy(dbgstr, buf, sz);
dbgstr[sz] = '\0';
clicon_debug(1, "%s buflen:%lu buf:%s", __FUNCTION__, buflen, dbgstr);
clicon_debug(1, "%s buflen:%zu buf:%s", __FUNCTION__, buflen, dbgstr);
free(dbgstr);
}
while (totlen < buflen){
@ -467,14 +467,16 @@ alpn_select_proto_cb(SSL *ssl,
inp++;
if (clicon_debug_get()) /* debug print the protoocol */
alpn_proto_dump(__FUNCTION__, (const char*)inp, len);
#ifdef HAVE_LIBEVHTP
if (pref < 10 && len == 8 && strncmp((char*)inp, "http/1.1", len) == 0){
*outlen = len;
*out = inp;
pref = 10;
}
#endif
#ifdef HAVE_LIBNGHTTP2
/* Higher pref than http/1.1 */
else if (pref < 20 && len == 2 && strncmp((char*)inp, "h2", len) == 0){
if (pref < 20 && len == 2 && strncmp((char*)inp, "h2", len) == 0){
*outlen = len;
*out = inp;
pref = 20;
@ -591,15 +593,7 @@ restconf_close_ssl_socket(restconf_conn *rc,
{
int retval = -1;
int ret;
#ifdef HAVE_LIBEVHTP
evhtp_connection_t *evconn;
if ((evconn = rc->rc_evconn) != NULL){
clicon_debug(1, "%s evconn-free (%p)", __FUNCTION__, evconn);
if (evconn)
evhtp_connection_free(evconn); /* evhtp */
}
#endif /* HAVE_LIBEVHTP */
if (rc->rc_ssl != NULL){
if (shutdown && (ret = SSL_shutdown(rc->rc_ssl)) < 0){
#if 0
@ -612,6 +606,10 @@ Note that in this case SSL_ERROR_ZERO_RETURN does not necessarily indicate that
}
SSL_free(rc->rc_ssl);
rc->rc_ssl = NULL;
#ifdef HAVE_LIBEVHTP
if (rc->rc_evconn)
rc->rc_evconn->ssl = NULL;
#endif
}
if (close(rc->rc_s) < 0){
clicon_err(OE_UNIX, errno, "close");
@ -649,7 +647,7 @@ send_badrequest(clicon_handle h,
cprintf(cb, "HTTP/1.1 400 Bad Request\r\nConnection: close\r\n");
if (body){
cprintf(cb, "Content-Type: %s\r\n", media);
cprintf(cb, "Content-Length: %lu\r\n", strlen(body));
cprintf(cb, "Content-Length: %zu\r\n", strlen(body));
}
else
cprintf(cb, "Content-Length: 0\r\n");
@ -687,6 +685,10 @@ restconf_connection(int s,
ssize_t n;
char buf[BUFSIZ]; /* from stdio.h, typically 8K XXX: reduce for test */
int readmore = 1;
int sslerr;
#ifdef HAVE_LIBNGHTTP2
int ret;
#endif
#ifdef HAVE_LIBEVHTP
clicon_handle h;
evhtp_connection_t *evconn = NULL;
@ -708,27 +710,53 @@ restconf_connection(int s,
curl -Ssik --key /var/tmp/./test_restconf_ssl_certs.sh/certs/limited.key --cert /var/tmp/./test_restconf_ssl_certs.sh/certs/limited.crt -X GET https://localhost/restconf/data/example:x
*/
if ((n = SSL_read(rc->rc_ssl, buf, sizeof(buf))) < 0){
clicon_err(OE_XML, errno, "SSL_read");
goto done;
sslerr = SSL_get_error(rc->rc_ssl, n);
clicon_debug(1, "%s SSL_read() n:%zd errno:%d sslerr:%d", __FUNCTION__, n, errno, sslerr);
switch (sslerr){
case SSL_ERROR_WANT_READ: /* 2 */
/* SSL_ERROR_WANT_READ is returned when the last operation was a read operation
* from a nonblocking BIO.
* That is, it can happen if restconf_socket_init() below is called
* with SOCK_NONBLOCK
*/
clicon_debug(1, "%s SSL_read SSL_ERROR_WANT_READ", __FUNCTION__);
usleep(1000);
readmore = 1;
break;
default:
clicon_err(OE_XML, errno, "SSL_read");
goto done;
} /* switch */
continue; /* readmore */
}
}
else{
if ((n = read(rc->rc_s, buf, sizeof(buf))) < 0){ /* XXX atomicio ? */
if (errno == ECONNRESET) {/* Connection reset by peer */
switch(errno){
case ECONNRESET:/* Connection reset by peer */
clicon_debug(1, "%s %d Connection reset by peer", __FUNCTION__, rc->rc_s);
clixon_event_unreg_fd(rc->rc_s, restconf_connection);
close(rc->rc_s);
restconf_conn_free(rc);
goto ok; /* Close socket and ssl */
break;
case EAGAIN:
clicon_debug(1, "%s read EAGAIN", __FUNCTION__);
usleep(1000);
readmore = 1;
break;
default:;
clicon_err(OE_XML, errno, "read");
goto done;
break;
}
clicon_err(OE_XML, errno, "read");
goto done;
continue;
}
}
clicon_debug(1, "%s read:%ld", __FUNCTION__, n);
clicon_debug(1, "%s (ssl)read:%zd", __FUNCTION__, n);
if (n == 0){
clicon_debug(1, "%s n=0 closing socket", __FUNCTION__);
if (restconf_close_ssl_socket(rc, 1) < 0)
if (restconf_close_ssl_socket(rc, 0) < 0)
goto done;
restconf_conn_free(rc);
rc = NULL;
@ -762,7 +790,6 @@ restconf_connection(int s,
clixon_event_unreg_fd(rc->rc_s, restconf_connection);
clicon_debug(1, "%s evconn-free (%p) 2", __FUNCTION__, evconn);
restconf_conn_free(rc);
evhtp_connection_free(evconn);
goto ok;
} /* connection_parse_nobev */
clicon_debug(1, "%s connection_parse OK", __FUNCTION__);
@ -866,9 +893,14 @@ restconf_connection(int s,
#endif /* HAVE_LIBEVHTP */
#ifdef HAVE_LIBNGHTTP2
case HTTP_2:
if (http2_recv(rc, (unsigned char *)buf, n) < 0)
if ((ret = http2_recv(rc, (unsigned char *)buf, n)) < 0)
goto done;
//notused sd = restconf_stream_find(rc, 0); /* default stream */
if (ret == 0){
restconf_close_ssl_socket(rc, 1);
if (restconf_conn_free(rc) < 0)
goto done;
goto ok;
}
/* There may be more data frames */
readmore++;
break;
@ -988,7 +1020,7 @@ ssl_alpn_check(clicon_handle h,
}
if (alpn != NULL){
cprintf(cberr, "<errors xmlns=\"urn:ietf:params:xml:ns:yang:ietf-restconf\"><error><error-type>protocol</error-type><error-tag>malformed-message</error-tag><error-message>ALPN: protocol not recognized: %s</error-message></error></errors>", alpn);
clicon_log(LOG_NOTICE, "Warning: %s", cbuf_get(cberr));
clicon_log(LOG_INFO, "%s Warning: %s", __FUNCTION__, cbuf_get(cberr));
if (send_badrequest(h, rc->rc_s, rc->rc_ssl,
"application/yang-data+xml",
cbuf_get(cberr)) < 0)
@ -996,17 +1028,9 @@ ssl_alpn_check(clicon_handle h,
}
else{
/* XXX Sending badrequest here gives a segv in SSL_shutdown() later or a SIGPIPE here */
clicon_log(LOG_NOTICE, "Warning: ALPN: No protocol selected");
clicon_log(LOG_INFO, "%s Warning: ALPN: No protocol selected", __FUNCTION__);
}
restconf_conn_free(rc);
#ifdef HAVE_LIBEVHTP
{
evhtp_connection_t *evconn;
if ((evconn = rc->rc_evconn) != NULL)
evhtp_connection_free(evconn); /* evhtp */
}
#endif /* HAVE_LIBEVHTP */
if (rc->rc_ssl){
/* nmap ssl-known-key SEGV at s->method->ssl_shutdown(s);
* OR OpenSSL error: : SSL_shutdown, err: SSL_ERROR_SYSCALL(5)
@ -1014,7 +1038,7 @@ ssl_alpn_check(clicon_handle h,
if ((ret = SSL_shutdown(rc->rc_ssl)) < 0){
int e = SSL_get_error(rc->rc_ssl, ret);
if (e == SSL_ERROR_SYSCALL){
clicon_log(LOG_NOTICE, "Warning: SSL_shutdown SSL_ERROR_SYSCALL");
clicon_log(LOG_INFO, "%s Warning: SSL_shutdown SSL_ERROR_SYSCALL", __FUNCTION__);
/* Continue */
}
else {
@ -1024,6 +1048,7 @@ ssl_alpn_check(clicon_handle h,
}
SSL_free(rc->rc_ssl);
}
restconf_conn_free(rc);
}
retval = 0; /* ALPN not OK */
done:
@ -1194,7 +1219,9 @@ restconf_accept_client(int fd,
} /* SSL_accept */
} /* while(readmore) */
/* Sets data and len to point to the client's requested protocol for this connection. */
#ifndef OPENSSL_NO_NEXTPROTONEG
SSL_get0_next_proto_negotiated(rc->rc_ssl, &alpn, &alpnlen);
#endif /* !OPENSSL_NO_NEXTPROTONEG */
if (alpn == NULL) {
/* Returns a pointer to the selected protocol in data with length len. */
SSL_get0_alpn_selected(rc->rc_ssl, &alpn, &alpnlen);
@ -1559,7 +1586,7 @@ restconf_openssl_init(clicon_handle h,
}
int status = setrlimit(RLIMIT_CORE, &rlp);
if (status != 0) {
clicon_log(LOG_NOTICE, "%s: setrlimit() failed, %s", __func__, strerror(errno));
clicon_log(LOG_INFO, "%s: setrlimit() failed, %s", __FUNCTION__, strerror(errno));
}
}
@ -1671,10 +1698,6 @@ restconf_clixon_init(clicon_handle h,
if ((yspec = yspec_new()) == NULL)
goto done;
clicon_dbspec_yang_set(h, yspec);
/* Treat unknown XML as anydata */
if (clicon_option_bool(h, "CLICON_YANG_UNKNOWN_ANYDATA") == 1)
xml_bind_yang_unknown_anydata(1);
/* Load restconf plugins before yangs are loaded (eg extension callbacks) */
if ((dir = clicon_restconf_dir(h)) != NULL)
if (clixon_plugins_load(h, CLIXON_PLUGIN_INIT, dir, NULL) < 0)
@ -1714,6 +1737,12 @@ restconf_clixon_init(clicon_handle h,
if (yang_spec_parse_module(h, "ietf-restconf", NULL, yspec)< 0)
goto done;
#ifdef YANG_PATCH
/* Load yang restconf patch module */
if (yang_spec_parse_module(h, "ietf-yang-patch", NULL, yspec)< 0)
goto done;
#endif // YANG_PATCH
/* Add netconf yang spec, used as internal protocol */
if (netconf_module_load(h) < 0)
goto done;
@ -1733,7 +1762,7 @@ restconf_clixon_init(clicon_handle h,
if (clicon_nsctx_global_set(h, nsctx_global) < 0)
goto done;
if (inline_config != NULL && strlen(inline_config)){
clicon_debug(1, "%s using restconf inline config", __FUNCTION__);
clicon_debug(1, "%s reading from inline config", __FUNCTION__);
if ((ret = clixon_xml_parse_string(inline_config, YB_MODULE, yspec, &xrestconf, &xerr)) < 0)
goto done;
if (ret == 0){
@ -1755,6 +1784,7 @@ restconf_clixon_init(clicon_handle h,
goto done;
}
else if (clicon_option_bool(h, "CLICON_BACKEND_RESTCONF_PROCESS") == 0){
clicon_debug(1, "%s reading from clixon config", __FUNCTION__);
/* If not read from backend, try to get restconf config from local config-file */
if ((xrestconf = clicon_conf_restconf(h)) != NULL){
/*! Basic config init, set auth-type, pretty, etc ret 0 means disabled */
@ -1772,6 +1802,7 @@ restconf_clixon_init(clicon_handle h,
/* If no local config, or it is disabled, try to query backend of config.
*/
else {
clicon_debug(1, "%s reading from backend datastore config", __FUNCTION__);
if ((ret = restconf_clixon_backend(h, xrestconfp)) < 0)
goto done;
if (ret == 0)

549
apps/restconf/restconf_methods.c
View file

@ -74,6 +74,7 @@
#include "restconf_api.h"
#include "restconf_err.h"
#include "restconf_methods.h"
#include "restconf_methods_post.h"
/*! REST OPTIONS method
* According to restconf
@ -513,11 +514,12 @@ api_data_write(clicon_handle h,
/* Create text buffer for transfer to backend */
if ((cbx = cbuf_new()) == NULL)
goto done;
cprintf(cbx, "<rpc xmlns=\"%s\" username=\"%s\" xmlns:%s=\"%s\">",
cprintf(cbx, "<rpc xmlns=\"%s\" username=\"%s\" xmlns:%s=\"%s\" %s>",
NETCONF_BASE_NAMESPACE,
username?username:"",
NETCONF_BASE_PREFIX,
NETCONF_BASE_NAMESPACE); /* bind nc to netconf namespace */
NETCONF_BASE_NAMESPACE, /* bind nc to netconf namespace */
NETCONF_MESSAGE_ID_ATTR);
cprintf(cbx, "<edit-config");
/* RFC8040 Sec 1.4:
* If this is a "data" request and the NETCONF server supports :startup,
@ -578,6 +580,536 @@ api_data_write(clicon_handle h,
return retval;
} /* api_data_write */
#ifdef YANG_PATCH
/*! YANG PATCH method
* @param[in] h Clixon handle
* @param[in] req Generic Www handle
* @param[in] api_path0 According to restconf (Sec 3.5.3.1 in rfc8040)
* @param[in] pcvec Vector of path ie DOCUMENT_URI element
* @param[in] pi Offset, where to start pcvec
* @param[in] qvec Vector of query string (QUERY_STRING)
* @param[in] data Stream input data
* @param[in] pretty Set to 1 for pretty-printed xml/json output
* @param[in] media_out Output media
* Netconf: <edit-config> (nc:operation="merge")
* See RFC8072
* YANG patch can be used to "create", "delete", "insert", "merge", "move", "replace", and/or
"remove" a resource within the target resource.
* Currently "move" not supported
*/
static int
api_data_yang_patch(clicon_handle h,
void *req,
char *api_path0,
cvec *pcvec,
int pi,
cvec *qvec,
char *data,
int pretty,
restconf_media media_out,
ietf_ds_t ds)
{
int retval = -1;
int i;
cxobj *xdata0 = NULL; /* Original -d data struct (including top symbol) */
cbuf *cbx = NULL;
cxobj *xtop = NULL; /* top of api-path */
cxobj *xbot = NULL; /* bottom of api-path */
yang_stmt *ybot = NULL; /* yang of xbot */
cxobj *xbot_tmp = NULL;
yang_stmt *yspec;
char *api_path;
cxobj *xret = NULL;
cxobj *xretcom = NULL; /* return from commit */
cxobj *xretdis = NULL; /* return from discard-changes */
cxobj *xerr = NULL; /* malloced must be freed */
int ret;
cvec *nsc = NULL;
yang_bind yb;
char *xpath = NULL;
const int temp_str_malloc_size = 5000;
char *path_orig_1 = NULL;
clicon_debug(1, "%s api_path:\"%s\"", __FUNCTION__, api_path0);
if ((yspec = clicon_dbspec_yang(h)) == NULL){
clicon_err(OE_FATAL, 0, "No DB_SPEC");
goto done;
}
api_path=api_path0;
/* strip /... from start */
for (i=0; i<pi; i++)
api_path = index(api_path+1, '/');
/* Translate yang-patch path to xpath: xpath (cbpath) and namespace context (nsc) */
char yang_patch_path[] = "/ietf-yang-patch:yang-patch";
if ((ret = api_path2xpath(yang_patch_path, yspec, &xpath, &nsc, &xerr)) < 0)
goto done;
if (ret == 0){ /* validation failed */
if (api_return_err0(h, req, xerr, pretty, media_out, 0) < 0)
goto done;
goto ok;
}
/* Create config top-of-tree */
if ((xtop = xml_new(NETCONF_INPUT_CONFIG, NULL, CX_ELMNT)) == NULL)
goto done;
/* Translate yang-patch path to xml in the form of xtop/xbot */
xbot = xtop;
if ((ret = api_path2xml(yang_patch_path, yspec, xtop, YC_DATANODE, 1, &xbot, &ybot, &xerr)) < 0)
goto done;
if (ret == 0){ /* validation failed */
if (api_return_err(h, req, xerr, pretty, media_out, 0) < 0)
goto done;
goto ok;
}
yb = YB_MODULE;
if ((ret = clixon_json_parse_string(data, yb, yspec, &xbot, &xerr)) < 0){
if (netconf_malformed_message_xml(&xerr, clicon_err_reason) < 0)
goto done;
if (api_return_err0(h, req, xerr, pretty, media_out, 0) < 0)
goto done;
goto ok;
}
if (ret == 0){
if (api_return_err0(h, req, xerr, pretty, media_out, 0) < 0)
goto done;
goto ok;
}
/*
* RFC 8072 2.1: The message-body MUST identify exactly one resource instance
*/
int nrchildren0 = 0;
cxobj *x = NULL;
if (xml_child_nr_type(xbot, CX_ELMNT) - nrchildren0 != 1){
if (netconf_malformed_message_xml(&xerr, "The message-body MUST contain exactly one instance of the expected data resource") < 0)
goto done;
if (api_return_err0(h, req, xerr, pretty, media_out, 0) < 0)
goto done;
goto ok;
}
size_t veclen;
cxobj **vec = NULL;
while ((x = xml_child_each(xbot, x, CX_ELMNT)) != NULL){
ret = xpath_vec(x, nsc, "edit", &vec, &veclen);
if (xml_flag(x, XML_FLAG_MARK)){
xml_flag_reset(x, XML_FLAG_MARK);
continue;
}
}
path_orig_1 = malloc(temp_str_malloc_size);
if (path_orig_1 == NULL) {
goto done;
} else {
strcpy(path_orig_1, restconf_uripath(h));
}
// Loop through the edits
for (int i = 0; i < veclen; i++) {
cxobj *xn = vec[i];
// Get target
char *target_val = NULL;
cxobj **target_vec = NULL;
size_t target_veclen;
ret = xpath_vec(xn, nsc, "target", &target_vec, &target_veclen);
if (ret < 0) {
goto done;
}
for (int j = 0; j < target_veclen; j++) {
cxobj *target_xn = target_vec[j];
target_val = xml_body(target_xn);
}
// Get operation
char *op_val = NULL;
cxobj **operation_vec = NULL;
size_t operation_veclen;
ret = xpath_vec(xn, nsc, "operation", &operation_vec, &operation_veclen);
if (ret < 0) {
goto done;
}
for (int j = 0; j < operation_veclen; j++) {
cxobj *operation_xn = operation_vec[j];
op_val = xml_body(operation_xn);
}
// Get "point" and "where" for insert operations
char *point_val = NULL;
cxobj **point_vec = NULL;
size_t point_veclen;
if (strcmp(op_val, "insert") == 0) {
ret = xpath_vec(xn, nsc, "point", &point_vec, &point_veclen);
if (ret < 0) {
goto done;
}
for (int j = 0; j < point_veclen; j++) {
cxobj *point_xn = point_vec[j];
point_val = xml_body(point_xn);
}
}
char *where_val = NULL;
cxobj **where_vec = NULL;
size_t where_veclen;
if (strcmp(op_val, "insert") == 0) {
ret = xpath_vec(xn, nsc, "where", &where_vec, &where_veclen);
if (ret < 0) {
goto done;
}
for (int j = 0; j < where_veclen; j++) {
cxobj *where_xn = where_vec[j];
where_val = xml_body(where_xn);
}
}
// Construct request URI
char* simple_patch_request_uri = NULL;
simple_patch_request_uri = malloc(temp_str_malloc_size);
strcpy(simple_patch_request_uri, path_orig_1);
int plain_patch_val = 0;
char* api_path_target = NULL;
api_path_target = malloc(temp_str_malloc_size);
strcpy(api_path_target, api_path);
if (strcmp(op_val, "merge") == 0) {
plain_patch_val = 1;
strcat(api_path_target, target_val);
strcat(simple_patch_request_uri, target_val);
}
if (xerr)
xml_free(xerr);
if ((xtop = xml_new(NETCONF_INPUT_CONFIG, NULL, CX_ELMNT)) == NULL)
goto done;
// Get key field
/* Translate api_path to xml in the form of xtop/xbot */
xbot_tmp = xtop;
if ((ret = api_path2xml(api_path_target, yspec, xtop, YC_DATANODE, 1, &xbot_tmp, &ybot, &xerr)) < 0)
goto done;
if (ret == 0){ /* validation failed */
if (api_return_err0(h, req, xerr, pretty, media_out, 0) < 0)
goto done;
goto ok;
}
char *key_node_id = xml_name(xbot_tmp);
char *path = NULL;
if ((path = restconf_param_get(h, "REQUEST_URI")) != NULL){
for (int i1 = 0; i1 <pi; i1++)
path = index(path+1, '/');
}
const char colon[2] = ":";
char *modname = strtok(&(path[1]), colon);
cxobj **key_vec = NULL;
key_vec = xml_childvec_get(xbot_tmp);
cxobj *key_xn = NULL;
if (key_vec != NULL) {
key_xn = key_vec[0];
}
// Get values (for "delete", there are no values)
cxobj **values_vec = NULL;
size_t values_veclen;
xpath_vec(xn, nsc, "value", &values_vec, &values_veclen);
key_node_id = NULL;
// Loop through the values
for (int j = 0; j < values_veclen; j++) {
cxobj *values_xn = values_vec[j];
cxobj** values_child_vec = xml_childvec_get(values_xn);
if (key_node_id == NULL)
key_node_id = xml_name(*values_child_vec);
char *patch_header = NULL;
patch_header = malloc(temp_str_malloc_size);
if (patch_header == NULL) {
goto done;
}
strcpy(patch_header, modname);
strcat(patch_header, ":");
strcat(patch_header, key_node_id);
cxobj *x_simple_patch = xml_new(patch_header, NULL, CX_ELMNT);
if (x_simple_patch == NULL)
goto done;
int value_vec_len = xml_child_nr(*values_child_vec);
cxobj** value_vec = xml_childvec_get(*values_child_vec);
cxobj * value_vec_tmp = NULL;
// For "replace", delete the item and then POST it
// TODO - in an ordered list, insert it into its original position
if (strcmp(op_val,"replace") == 0) {
char *delete_req_uri = malloc(temp_str_malloc_size);
if (delete_req_uri == NULL)
break;
strcpy(delete_req_uri, simple_patch_request_uri);
strcat(delete_req_uri, target_val);
// Delete the object with the old values
ret = api_data_delete(h, req, delete_req_uri, pi, pretty, YANG_DATA_JSON, ds );
free(delete_req_uri);
// Now insert the object with the new values
char *json_simple_patch = malloc(temp_str_malloc_size);
if (json_simple_patch == NULL)
goto done;
memset(json_simple_patch, 0, temp_str_malloc_size);
for (int k = 0; k < value_vec_len; k++) {
if (value_vec[k] != NULL) {
value_vec_tmp = xml_dup(value_vec[k]);
xml_addsub(x_simple_patch, value_vec_tmp);
}
}
cbuf* cb = cbuf_new();
xml2json_cbuf(cb, x_simple_patch, 1);
// Some ugly text processing to get the JSON to match what api_data_post() expects
char *json_simple_patch_tmp = cbuf_get(cb);
int brace_count = 0;
for (int l = 0; l < strlen(json_simple_patch_tmp); l++) {
char c = json_simple_patch_tmp[l];
if (c == '{') {
brace_count++;
if (brace_count == 2) {
json_simple_patch[strlen(json_simple_patch)] = '[';
}
}
json_simple_patch[strlen(json_simple_patch)] = c;
}
/* strip /... from end */
char *post_req_uri = malloc(temp_str_malloc_size);
if (post_req_uri == NULL)
break;
memset(post_req_uri, 0, temp_str_malloc_size);
if (post_req_uri == NULL)
break;
int idx = strlen(target_val);
for (int l = strlen(target_val); l>= 0; l--) {
if (target_val[l] == '/') {
idx = l;
break;
}
}
strncpy(post_req_uri, target_val, idx);
strcat(simple_patch_request_uri, post_req_uri);
free(post_req_uri);
for (int l = strlen(json_simple_patch); l>= 0; l--) {
char c = json_simple_patch[l];
if (c == '}') {
json_simple_patch[l] = ']';
json_simple_patch[l + 1] = '}';
break;
}
}
// Send the POST request
ret = api_data_post(h, req, simple_patch_request_uri, pi, qvec, json_simple_patch, pretty, YANG_DATA_JSON, media_out, ds );
if (value_vec_tmp != NULL)
free(value_vec_tmp);
free(x_simple_patch);
free(patch_header); // NULL check was already done before
if (ret != 0)
goto done;
break;
}
// For "create", put all the data values into a single POST request
if (strcmp(op_val,"create") == 0) {
for (int k = 0; k < value_vec_len; k++) {
if (value_vec[k] != NULL) {
value_vec_tmp = xml_dup(value_vec[k]);
xml_addsub(x_simple_patch, value_vec_tmp);
}
}
// Send the POST request
cbuf* cb = cbuf_new();
xml2json_cbuf(cb, x_simple_patch, 1);
char *json_simple_patch = cbuf_get(cb);
ret = api_data_post(h, req, simple_patch_request_uri, pi, qvec, json_simple_patch, pretty, YANG_DATA_JSON, media_out, ds );
if (value_vec_tmp != NULL)
free(value_vec_tmp);
free(x_simple_patch);
free(patch_header); // NULL check was already done before
if (ret != 0)
goto done;
break;
}
// For "insert", make a api_data_post request
if (strcmp(op_val, "insert") == 0) {
char *json_simple_patch = malloc(temp_str_malloc_size);
if (json_simple_patch == NULL)
goto done;
memset(json_simple_patch, 0, temp_str_malloc_size);
// Loop through the XML, and get each value
for (int k = 0; k < value_vec_len; k++) {
if (value_vec[k] != NULL) {
value_vec_tmp = xml_dup(value_vec[k]);
xml_addsub(x_simple_patch, value_vec_tmp);
}
}
cbuf* cb = cbuf_new();
xml2json_cbuf(cb, x_simple_patch, 1);
// Some ugly text processing to get the JSON to match what api_data_post() expects
char *json_simple_patch_tmp = cbuf_get(cb);
int brace_count = 0;
for (int l = 0; l < strlen(json_simple_patch_tmp); l++) {
char c = json_simple_patch_tmp[l];
if (c == '{') {
brace_count++;
if (brace_count == 2) {
json_simple_patch[strlen(json_simple_patch)] = '[';
}
}
json_simple_patch[strlen(json_simple_patch)] = c;
}
for (int l = strlen(json_simple_patch); l>= 0; l--) {
char c = json_simple_patch[l];
if (c == '}') {
json_simple_patch[l] = ']';
json_simple_patch[l + 1] = '}';
break;
}
}
// Set the insert attributes
cvec* qvec_tmp = NULL;
qvec_tmp = cvec_new(0);
if (qvec_tmp == NULL)
goto done;
cg_var *cv;
if ((cv = cvec_add(qvec_tmp, CGV_STRING)) == NULL){
goto done;
}
cv_name_set(cv, "insert");
cv_string_set(cv, where_val);
char *point_str = malloc(temp_str_malloc_size);
if (point_str == NULL)
goto done;
memset(point_str, 0, temp_str_malloc_size);
strcpy(point_str, api_path);
strcat(point_str, point_val);
if ((cv = cvec_add(qvec_tmp, CGV_STRING)) == NULL){
goto done;
}
cv_name_set(cv, "point");
cv_string_set(cv, point_str);
// Send the POST request
ret = api_data_post(h, req, simple_patch_request_uri, pi, qvec_tmp, json_simple_patch, pretty, YANG_DATA_JSON, media_out, ds );
if (cb != NULL)
cbuf_free(cb);
if (value_vec_tmp != NULL)
free(value_vec_tmp);
free(point_str); // NULL check was already done above
free(json_simple_patch); // NULL check was already done above
free(patch_header); // NULL check was already done before
if (x_simple_patch != NULL)
free(x_simple_patch);
break;
}
// For merge", make single simple patch requests for each value
if (strcmp(op_val,"merge") == 0) {
if (key_xn != NULL)
xml_addsub(x_simple_patch, key_xn);
char *json_simple_patch = malloc(temp_str_malloc_size);
if (json_simple_patch == NULL)
goto done;
// Loop through the XML, create JSON from each one, and submit a simple patch
for (int k = 0; k < value_vec_len; k++) {
if (value_vec[k] != NULL) {
value_vec_tmp = xml_dup(value_vec[k]);
xml_addsub(x_simple_patch, value_vec_tmp);
}
cbuf* cb = cbuf_new();
xml2json_cbuf(cb, x_simple_patch, 1);
// Some ugly text processing to get the JSON to match what api_data_write() expects for a simple patch
char *json_simple_patch_tmp = cbuf_get(cb);
memset(json_simple_patch, 0, temp_str_malloc_size);
int brace_count = 0;
for (int l = 0; l < strlen(json_simple_patch_tmp); l++) {
char c = json_simple_patch_tmp[l];
if (c == '{') {
brace_count++;
if (brace_count == 2) {
json_simple_patch[strlen(json_simple_patch)] = '[';
}
}
json_simple_patch[strlen(json_simple_patch)] = c;
}
for (int l = strlen(json_simple_patch); l>= 0; l--) {
char c = json_simple_patch[l];
if (c == '}') {
json_simple_patch[l] = ']';
json_simple_patch[l + 1] = '}';
break;
}
}
if (value_vec_tmp != NULL)
free(value_vec_tmp);
// Send the simple patch request
ret = api_data_write(h, req, simple_patch_request_uri, pcvec, pi, qvec, json_simple_patch, pretty, YANG_DATA_JSON, media_out, plain_patch_val, ds );
cbuf_free(cb);
}
free(json_simple_patch); // NULL check was already done above
free(patch_header); // NULL check was already done before
if (x_simple_patch != NULL)
free(x_simple_patch);
}
}
if ((strcmp(op_val, "delete") == 0) ||
(strcmp(op_val, "remove") == 0)) {
strcat(simple_patch_request_uri, target_val);
if (strcmp(op_val, "delete") == 0) {
// TODO - send error
} else {
// TODO - do not send error
}
api_data_delete(h, req, simple_patch_request_uri, pi, pretty, YANG_DATA_JSON, ds);
}
if (simple_patch_request_uri)
free(simple_patch_request_uri);
if (api_path_target)
free(api_path_target);
}
ok:
retval = 0;
done:
if (path_orig_1 != NULL)
free(path_orig_1);
if (vec)
free(vec);
if (xpath)
free(xpath);
if (nsc)
xml_nsctx_free(nsc);
if (xret)
xml_free(xret);
if (xerr)
xml_free(xerr);
if (xretcom)
xml_free(xretcom);
if (xretdis)
xml_free(xretdis);
if (xtop)
xml_free(xtop);
if (xdata0)
xml_free(xdata0);
if (cbx)
cbuf_free(cbx);
return retval;
}
#endif // YANG_PATCH
/*! Generic REST PUT method
* @param[in] h Clixon handle
* @param[in] req Generic Www handle
@ -671,10 +1203,16 @@ api_data_patch(clicon_handle h,
ret = api_data_write(h, req, api_path0, pcvec, pi, qvec, data, pretty,
media_in, media_out, 1, ds);
break;
case YANG_PATCH_XML:
case YANG_PATCH_JSON: /* RFC 8072 patch */
case YANG_PATCH_XML:
#ifdef YANG_PATCH
ret = api_data_yang_patch(h, req, api_path0, pcvec, pi, qvec, data, pretty,
media_out, ds);
#else
ret = restconf_notimplemented(h, req, pretty, media_out);
#endif
break;
break;
default:
ret = restconf_unsupported_media(h, req, pretty, media_out);
break;
@ -753,11 +1291,12 @@ api_data_delete(clicon_handle h,
/* For internal XML protocol: add username attribute for access control
*/
username = clicon_username_get(h);
cprintf(cbx, "<rpc xmlns=\"%s\" username=\"%s\" xmlns:%s=\"%s\">",
cprintf(cbx, "<rpc xmlns=\"%s\" username=\"%s\" xmlns:%s=\"%s\" %s>",
NETCONF_BASE_NAMESPACE,
username?username:"",
NETCONF_BASE_PREFIX,
NETCONF_BASE_NAMESPACE); /* bind nc to netconf namespace */
NETCONF_BASE_NAMESPACE,
NETCONF_MESSAGE_ID_ATTR); /* bind nc to netconf namespace */
cprintf(cbx, "<edit-config");
/* RFC8040 Sec 1.4:

16
apps/restconf/restconf_methods_post.c
View file

@ -155,6 +155,7 @@ api_data_post(clicon_handle h,
cvec *qvec,
char *data,
int pretty,
restconf_media media_in,
restconf_media media_out,
ietf_ds_t ds)
{
@ -178,7 +179,6 @@ api_data_post(clicon_handle h,
cxobj *x;
char *username;
int ret;
restconf_media media_in;
int nrchildren0 = 0;
yang_bind yb;
@ -231,7 +231,6 @@ api_data_post(clicon_handle h,
* If xbot is top-level (api_path=null) it does not have a spec therefore look for
* top-level (yspec) otherwise assume parent (xbot) is populated.
*/
media_in = restconf_content_type(h);
switch (media_in){
case YANG_DATA_XML:
if ((ret = clixon_xml_parse_string(data, yb, yspec, &xbot, &xerr)) < 0){
@ -336,11 +335,12 @@ api_data_post(clicon_handle h,
/* For internal XML protocol: add username attribute for access control
*/
username = clicon_username_get(h);
cprintf(cbx, "<rpc xmlns=\"%s\" username=\"%s\" xmlns:%s=\"%s\">",
cprintf(cbx, "<rpc xmlns=\"%s\" username=\"%s\" xmlns:%s=\"%s\" %s>",
NETCONF_BASE_NAMESPACE,
username?username:"",
NETCONF_BASE_PREFIX,
NETCONF_BASE_NAMESPACE); /* bind nc to netconf namespace */
NETCONF_BASE_NAMESPACE,
NETCONF_MESSAGE_ID_ATTR); /* bind nc to netconf namespace */
cprintf(cbx, "<edit-config");
/* RFC8040 Sec 1.4:
@ -755,13 +755,13 @@ api_operations_post(clicon_handle h,
* <rpc username="foo"><myfn xmlns="uri"/>
*/
if ((username = clicon_username_get(h)) != NULL){
if (clixon_xml_parse_va(YB_NONE, NULL, &xtop, NULL, "<rpc xmlns=\"%s\" username=\"%s\"/>",
NETCONF_BASE_NAMESPACE, username) < 0)
if (clixon_xml_parse_va(YB_NONE, NULL, &xtop, NULL, "<rpc xmlns=\"%s\" username=\"%s\" %s/>",
NETCONF_BASE_NAMESPACE, username, NETCONF_MESSAGE_ID_ATTR) < 0)
goto done;
}
else
if (clixon_xml_parse_va(YB_NONE, NULL, &xtop, NULL, "<rpc xmlns=\"%s\"/>",
NETCONF_BASE_NAMESPACE) < 0)
if (clixon_xml_parse_va(YB_NONE, NULL, &xtop, NULL, "<rpc xmlns=\"%s\" %s/>",
NETCONF_BASE_NAMESPACE, NETCONF_MESSAGE_ID_ATTR) < 0)
goto done;
if (xml_rootchild(xtop, 0, &xtop) < 0)
goto done;

1
apps/restconf/restconf_methods_post.h
View file

@ -44,6 +44,7 @@
int api_data_post(clicon_handle h, void *req, char *api_path,
int pi, cvec *qvec, char *data,
int pretty,
restconf_media media_in,
restconf_media media_out, ietf_ds_t ds);
int api_operations_post(clicon_handle h, void *req, char *api_path,

8
apps/restconf/restconf_native.c
View file

@ -177,6 +177,14 @@ restconf_conn_free(restconf_conn *rc)
clicon_err(OE_RESTCONF, EINVAL, "rc is NULL");
return -1;
}
#ifdef HAVE_LIBNGHTTP2
if (rc->rc_ngsession)
nghttp2_session_del(rc->rc_ngsession);
#endif
#ifdef HAVE_LIBEVHTP
if (rc->rc_evconn)
evhtp_connection_free(rc->rc_evconn); /* evhtp */
#endif
/* Free all streams */
while ((sd = rc->rc_streams) != NULL) {
DELQ(sd, rc->rc_streams, restconf_stream_data *);

78
apps/restconf/restconf_nghttp2.c
View file

@ -182,15 +182,23 @@ session_send_callback(nghttp2_session *session,
ssize_t totlen = 0;
int s;
SSL *ssl;
int sslerr;
clicon_debug(1, "%s buflen:%lu", __FUNCTION__, buflen);
clicon_debug(1, "%s buflen:%zu", __FUNCTION__, buflen);
s = rc->rc_s;
ssl = rc->rc_ssl;
while (totlen < buflen){
if (ssl){
if ((len = SSL_write(ssl, buf+totlen, buflen-totlen)) <= 0){
er = errno;
switch (SSL_get_error(ssl, len)){
sslerr = SSL_get_error(ssl, len);
clicon_debug(1, "%s errno:;%d sslerr:%d", __FUNCTION__, errno, sslerr);
switch (sslerr){
case SSL_ERROR_WANT_WRITE: /* 3 */
clicon_debug(1, "%s write SSL_ERROR_WANT_WRITE", __FUNCTION__);
usleep(1000);
continue;
break;
case SSL_ERROR_SYSCALL: /* 5 */
if (er == ECONNRESET) {/* Connection reset by peer */
if (ssl)
@ -200,8 +208,12 @@ session_send_callback(nghttp2_session *session,
goto ok; /* Close socket and ssl */
}
else if (er == EAGAIN){
/* same as want_write above, but different behaviour on different
* platforms, linux here, freebsd want_write, or possibly differnt
* ssl lib versions?
*/
clicon_debug(1, "%s write EAGAIN", __FUNCTION__);
usleep(10000);
usleep(1000);
continue;
}
else{
@ -247,7 +259,7 @@ session_send_callback(nghttp2_session *session,
clicon_debug(1, "%s retval:%d", __FUNCTION__, retval);
return retval;
}
clicon_debug(1, "%s retval:%lu", __FUNCTION__, totlen);
clicon_debug(1, "%s retval:%zd", __FUNCTION__, totlen);
return totlen;
}
@ -367,7 +379,7 @@ restconf_sd_read(nghttp2_session *session,
#endif
assert(cbuf_len(cb) > sd->sd_body_offset);
remain = cbuf_len(cb) - sd->sd_body_offset;
clicon_debug(1, "%s length:%lu totlen:%d, offset:%lu remain:%lu",
clicon_debug(1, "%s length:%zu totlen:%d, offset:%zu remain:%zu",
__FUNCTION__,
length,
cbuf_len(cb),
@ -383,7 +395,7 @@ restconf_sd_read(nghttp2_session *session,
}
memcpy(buf, cbuf_get(cb) + sd->sd_body_offset, len);
sd->sd_body_offset += len;
clicon_debug(1, "%s retval:%lu", __FUNCTION__, len);
clicon_debug(1, "%s retval:%zu", __FUNCTION__, len);
return len;
}
@ -397,7 +409,7 @@ restconf_submit_response(nghttp2_session *session,
nghttp2_data_provider data_prd;
nghttp2_error ngerr;
cg_var *cv;
nghttp2_nv *hdrs;
nghttp2_nv *hdrs = NULL;
nghttp2_nv *hdr;
int i = 0;
char valstr[16];
@ -437,6 +449,8 @@ restconf_submit_response(nghttp2_session *session,
retval = 0;
done:
clicon_debug(1, "%s retval:%d", __FUNCTION__, retval);
if (hdrs)
free(hdrs);
return retval;
}
@ -469,7 +483,7 @@ http2_exec(restconf_conn *rc,
* [RFC7231]).
*/
if (sd->sd_code != 204 && sd->sd_code > 199)
if (restconf_reply_header(sd, "Content-Length", "%lu", sd->sd_body_len) < 0)
if (restconf_reply_header(sd, "Content-Length", "%zu", sd->sd_body_len) < 0)
goto done;
if (sd->sd_code){
if (restconf_submit_response(session, rc, stream_id, sd) < 0)
@ -821,6 +835,20 @@ on_extension_chunk_recv_callback(nghttp2_session *session,
return 0;
}
/*! Library provides the error code, and message for debugging purpose.
*/
static int
error_callback(nghttp2_session *session,
const char *msg,
size_t len,
void *user_data)
{
// restconf_conn *rc = (restconf_conn *)user_data;
clicon_debug(1, "%s", __FUNCTION__);
return 0;
}
#if (NGHTTP2_VERSION_NUM > 0x011201) /* Unsure of version number */
/*! Library provides the error code, and message for debugging purpose.
*/
static int
@ -835,9 +863,16 @@ error_callback2(nghttp2_session *session,
clicon_err(OE_NGHTTP2, lib_error_code, "%s", msg);
return 0;
}
#endif
/*
* XXX see session_recv
/*! Process an HTTP/2 request received in buffer, process request and send reply
*
* @param[in] rc Restconf connection
* @param[in] buf Character buffer
* @param[in] n Lenght of buf
* @retval 1 OK
* @retval 0 Invald request
* @retval -1 Fatal error
*/
int
http2_recv(restconf_conn *rc,
@ -855,6 +890,18 @@ http2_recv(restconf_conn *rc,
}
/* may make additional pending frames */
if ((ngerr = nghttp2_session_mem_recv(rc->rc_ngsession, buf, n)) < 0){
if (ngerr == NGHTTP2_ERR_BAD_CLIENT_MAGIC){
/* :enum:`NGHTTP2_ERR_BAD_CLIENT_MAGIC`
* Invalid client magic was detected. This error only returns
* when |session| was configured as server and
* `nghttp2_option_set_no_recv_client_magic()` is not used with
* nonzero value. */
clicon_log(LOG_INFO, "%s Received bad client magic byte strin", __FUNCTION__);
/* unsure if this does anything, byt does not seem to hurt */
if ((ngerr = nghttp2_session_terminate_session(rc->rc_ngsession, ngerr)) < 0)
clicon_err(OE_NGHTTP2, ngerr, "nghttp2_session_terminate_session %d", ngerr);
goto fail;
}
clicon_err(OE_NGHTTP2, ngerr, "nghttp2_session_mem_recv");
goto done;
}
@ -866,9 +913,13 @@ http2_recv(restconf_conn *rc,
clicon_err(OE_NGHTTP2, ngerr, "nghttp2_session_send");
goto done;
}
retval = 0;
retval = 1; /* OK */
done:
clicon_debug(1, "%s retval:%d", __FUNCTION__, retval);
return retval;
fail:
retval = 0;
goto done;
}
/* Send HTTP/2 client connection header, which includes 24 bytes
@ -930,10 +981,13 @@ http2_session_init(restconf_conn *rc)
nghttp2_session_callbacks_set_unpack_extension_callback(callbacks, unpack_extension_callback);
#endif
nghttp2_session_callbacks_set_on_extension_chunk_recv_callback(callbacks, on_extension_chunk_recv_callback);
nghttp2_session_callbacks_set_error_callback(callbacks, error_callback);
#if (NGHTTP2_VERSION_NUM > 0x011201) /* Unsure of version number */
nghttp2_session_callbacks_set_error_callback2(callbacks, error_callback2);
#endif
/* Create session for server use, register callbacks */
if ((ngerr = nghttp2_session_server_new(&session, callbacks, rc)) < 0){
if ((ngerr = nghttp2_session_server_new3(&session, callbacks, rc, NULL, NULL)) < 0){
clicon_err(OE_NGHTTP2, ngerr, "nghttp2_session_server_new");
goto done;
}

6
apps/restconf/restconf_root.c
View file

@ -331,7 +331,7 @@ api_data(clicon_handle h,
retval = api_data_get(h, req, api_path, pcvec, pi, qvec, pretty, media_out, ds);
}
else if (strcmp(request_method, "POST")==0) {
retval = api_data_post(h, req, api_path, pi, qvec, data, pretty, media_out, ds);
retval = api_data_post(h, req, api_path, pi, qvec, data, pretty, restconf_content_type(h), media_out, ds);
}
else if (strcmp(request_method, "PUT")==0) {
if (read_only)
@ -588,6 +588,10 @@ api_root_restconf(clicon_handle h,
retval = 0;
done:
clicon_debug(1, "%s retval:%d", __FUNCTION__, retval);
#ifdef WITH_RESTCONF_FCGI
if (cb)
cbuf_free(cb);
#endif
if (xerr)
xml_free(xerr);
if (username)

4
apps/restconf/restconf_stream_fcgi.c
View file

@ -269,8 +269,8 @@ restconf_stream(clicon_handle h,
clicon_err(OE_XML, errno, "cbuf_new");
goto done;
}
cprintf(cb, "<rpc xmlns=\"%s\"><create-subscription xmlns=\"%s\"><stream>%s</stream>",
NETCONF_BASE_NAMESPACE, EVENT_RFC5277_NAMESPACE, name);
cprintf(cb, "<rpc xmlns=\"%s\" %s><create-subscription xmlns=\"%s\"><stream>%s</stream>",
NETCONF_BASE_NAMESPACE, NETCONF_MESSAGE_ID_ATTR, EVENT_RFC5277_NAMESPACE, name);
/* Print all fields */
for (i=0; i<cvec_len(qvec); i++){
cv = cvec_i(qvec, i);