diff --git a/CHANGELOG.md b/CHANGELOG.md index 3abef9fb..1e634fcc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -57,6 +57,8 @@ Expected: End of 2022 Users may have to change how they access the system +* Added `PRETTYPRINT_INDENT` compile-time option controlling indentation level for XML,JSON and TEXT + * Default value is `3` * NETCONF: Removed `message-id` from hello protocol following RFC 6241 * See [message-id present on netconf app "hello"](https://github.com/clicon/clixon/issues/369) @@ -64,6 +66,8 @@ Users may have to change how they access the system Developers may need to change their code +* [Code formatting: Change indentation style to space](https://github.com/clicon/clixon/issues/379) + * Applies to all c/h/y/l/sh files and .editorconfig * C API changes * Added `defaults` parameter to `clicon_rpc_get_pageable_list()` * `clicon_rpc_commit()` and `cli_commit` @@ -75,8 +79,6 @@ Developers may need to change their code ### Minor features -* [Code formatting: Change indentation style to space](https://github.com/clicon/clixon/issues/379) - * Applies to all c/h/y/l/sh files and .editorconfig * Added warning if modstate is not present in datastore if `CLICON_XMLDB_MODSTATE` is set. ### Corrected Bugs diff --git a/apps/cli/cli_show.c b/apps/cli/cli_show.c index e7ac5136..1f51cf03 100644 --- a/apps/cli/cli_show.c +++ b/apps/cli/cli_show.c @@ -411,7 +411,7 @@ show_yang(clicon_handle h, * @param[in] state * @param[in] withdefault RFC 6243 with-default modes * @param[in] extdefault with-defaults with propriatary extensions - * @param[in] prefix CLI prefix to prepend cli syntax, eg "set " + * @param[in] prepend CLI prefix to prepend cli syntax, eg "set " * @param[in] xpath XPath * @param[in] nsc Namespace mapping for xpath * @param[in] skiptop If set, do not show object itself, only its children @@ -424,7 +424,7 @@ cli_show_common(clicon_handle h, int state, char *withdefault, char *extdefault, - char *prefix, + char *prepend, char *xpath, cvec *nsc, int skiptop @@ -496,7 +496,7 @@ cli_show_common(clicon_handle h, goto done; break; case FORMAT_CLI: - if (clixon_cli2file(h, stdout, xp, prefix, cligen_output, skiptop) < 0) /* cli syntax */ + if (clixon_cli2file(h, stdout, xp, prepend, cligen_output, skiptop) < 0) /* cli syntax */ goto done; break; case FORMAT_NETCONF: @@ -648,7 +648,7 @@ cli_show_option_withdefault(cvec *argv, * true|false: also print state * Retrieval mode: report-all, trim, explicit, report-all-tagged, * NULL, report-all-tagged-default, report-all-tagged-strip (extended) - * CLI prefix: prepend before cli syntax output + * CLI prefix: prepend before cli syntax output * @code * clispec: * show config, cli_show_config("running","xml"); @@ -675,7 +675,7 @@ cli_show_config(clicon_handle h, enum format_enum format = FORMAT_XML; cvec *nsc = NULL; int pretty = 1; - char *prefix = NULL; + char *prepend = NULL; int state = 0; char *withdefault = NULL; /* RFC 6243 modes */ char *extdefault = NULL; /* with extended tagged modes */ @@ -684,7 +684,7 @@ cli_show_config(clicon_handle h, char *namespace = NULL; if (cvec_len(argv) < 2 || cvec_len(argv) > 8){ - clicon_err(OE_PLUGIN, EINVAL, "Received %d arguments. Expected: [ ]", cvec_len(argv)); + clicon_err(OE_PLUGIN, EINVAL, "Received %d arguments. Expected: [ ]", cvec_len(argv)); goto done; } dbname = cv_string_get(cvec_i(argv, argc++)); @@ -715,11 +715,11 @@ cli_show_config(clicon_handle h, goto done; } if (cvec_len(argv) > argc){ - prefix = cv_string_get(cvec_i(argv, argc++)); + prepend = cv_string_get(cvec_i(argv, argc++)); } if (cli_show_common(h, dbname, format, pretty, state, withdefault, extdefault, - prefix, xpath, nsc, 0) < 0) + prepend, xpath, nsc, 0) < 0) goto done; retval = 0; done: @@ -811,7 +811,7 @@ int cli_show_version(clicon_handle h, * @param[in] h Clixon handle * @param[in] cvv Vector of variables from CLIgen command-line * @param[in] argv String vector of show options, format: - * Generated API PATH + * Generated API PATH (this is added implicitly, not actually given in the cvv) * Name of datastore, such as "running" * -- from here optional: * "text"|"xml"|"json"|"cli"|"netconf" (see format_enum), default: xml @@ -819,7 +819,7 @@ int cli_show_version(clicon_handle h, * true|false: also print state * Retrieval mode: report-all, trim, explicit, report-all-tagged, * NULL, report-all-tagged-default, report-all-tagged-strip (extended) - * CLI prefix: prepend before cli syntax output + * CLI prefix: prepend before cli syntax output * @code * clispec: * show config @datamodelshow, cli_show_auto("candidate", "xml"); @@ -846,7 +846,7 @@ cli_show_auto(clicon_handle h, enum format_enum format = FORMAT_XML; cvec *nsc = NULL; int pretty = 1; - char *prefix = NULL; + char *prepend = NULL; int state = 0; char *withdefault = NULL; /* RFC 6243 modes */ char *extdefault = NULL; /* with extended tagged modes */ @@ -858,7 +858,7 @@ cli_show_auto(clicon_handle h, char *api_path_fmt; /* xml key format */ if (cvec_len(argv) < 2 || cvec_len(argv) > 7){ - clicon_err(OE_PLUGIN, EINVAL, "Received %d arguments. Expected:: * [ ]", cvec_len(argv)); + clicon_err(OE_PLUGIN, EINVAL, "Received %d arguments. Expected:: * [ ]", cvec_len(argv)); goto done; } api_path_fmt = cv_string_get(cvec_i(argv, argc++)); @@ -881,7 +881,7 @@ cli_show_auto(clicon_handle h, goto done; } if (cvec_len(argv) > argc){ - prefix = cv_string_get(cvec_i(argv, argc++)); + prepend = cv_string_get(cvec_i(argv, argc++)); } if ((yspec = clicon_dbspec_yang(h)) == NULL){ clicon_err(OE_FATAL, 0, "No DB_SPEC"); @@ -897,7 +897,7 @@ cli_show_auto(clicon_handle h, } if (cli_show_common(h, dbname, format, pretty, state, withdefault, extdefault, - prefix, xpath, nsc, 0) < 0) + prepend, xpath, nsc, 0) < 0) goto done; retval = 0; done: @@ -925,7 +925,7 @@ cli_show_auto(clicon_handle h, * true|false: also print state * Retrieval mode: report-all, trim, explicit, report-all-tagged, * NULL, report-all-tagged-default, report-all-tagged-strip (extended) - * CLI prefix: prepend before cli syntax output + * CLI prefix: prepend before cli syntax output * @code * clispec: * show config, cli_show_auto_mode("candidate"); @@ -953,7 +953,7 @@ cli_show_auto_mode(clicon_handle h, enum format_enum format = FORMAT_XML; cvec *nsc = NULL; int pretty = 1; - char *prefix = NULL; + char *prepend = NULL; int state = 0; char *withdefault = NULL; /* RFC 6243 modes */ char *extdefault = NULL; /* with extended tagged modes */ @@ -986,7 +986,7 @@ cli_show_auto_mode(clicon_handle h, goto done; } if (cvec_len(argv) > argc){ - prefix = cv_string_get(cvec_i(argv, argc++)); + prepend = cv_string_get(cvec_i(argv, argc++)); } /* Store this as edit-mode */ if (clicon_data_get(h, "cli-edit-mode", &api_path) == 0 && strlen(api_path)) @@ -1006,7 +1006,7 @@ cli_show_auto_mode(clicon_handle h, skiptop = (strcmp(xpath,"/") != 0); if (cli_show_common(h, dbname, format, pretty, state, withdefault, extdefault, - prefix, xpath, nsc, skiptop) < 0) + prepend, xpath, nsc, skiptop) < 0) goto done; retval = 0; done: @@ -1017,6 +1017,7 @@ cli_show_auto_mode(clicon_handle h, return retval; } +#if 1 // OBSOLETE /*! Obsolete Show configuration callback for autocli edit modes using tree working point * * @note Please use cli_show_auto_mode instead, @@ -1050,6 +1051,7 @@ cli_auto_show(clicon_handle h, cvec_free(argv1); return retval; } +#endif /*! Show clixon configuration options as loaded */ diff --git a/include/clixon_custom.h b/include/clixon_custom.h index 13520381..02719d77 100644 --- a/include/clixon_custom.h +++ b/include/clixon_custom.h @@ -179,3 +179,8 @@ * // Here "s" is still open and you can reply on the non-ssl underlying socket */ #define HTTP_ON_HTTPS_REPLY + +/*! Indentation number of spaces for XML, JSON and TEXT pretty-printed output. + * Consider moving to configure.ac(compile-time) or to clixon-config.yang(run-time) + */ +#define PRETTYPRINT_INDENT 3 diff --git a/lib/src/clixon_json.c b/lib/src/clixon_json.c index 8358d630..74b519e5 100644 --- a/lib/src/clixon_json.c +++ b/lib/src/clixon_json.c @@ -77,8 +77,6 @@ #include "clixon_json.h" #include "clixon_json_parse.h" -#define JSON_INDENT 2 /* maybe we should set this programmatically? */ - /* Let xml2json_cbuf_vec() return json array: [a,b]. ALternative is to create a pseudo-object and return that: {top:{a,b}} */ @@ -731,11 +729,11 @@ json_metadata_encoding(cbuf *cb, cprintf(cb, "%s\":", name); if (list) cprintf(cb, "["); - cprintf(cb, "%*s", pretty?((level+1)*JSON_INDENT):0, "{"); + cprintf(cb, "%*s", pretty?((level+1)*PRETTYPRINT_INDENT):0, "{"); cprintf(cb, "\"%s:%s\":%s", modname2, name2, val); - cprintf(cb, "%*s", pretty?((level+1)*JSON_INDENT):0, "}"); + cprintf(cb, "%*s", pretty?((level+1)*PRETTYPRINT_INDENT):0, "}"); if (list) - cprintf(cb, "%*s", pretty?(level*JSON_INDENT):0, "]"); + cprintf(cb, "%*s", pretty?(level*PRETTYPRINT_INDENT):0, "]"); return 0; } @@ -896,7 +894,7 @@ xml2json1_cbuf(cbuf *cb, break; case NO_ARRAY: if (!flat){ - cprintf(cb, "%*s\"", pretty?(level*JSON_INDENT):0, ""); + cprintf(cb, "%*s\"", pretty?(level*PRETTYPRINT_INDENT):0, ""); if (modname) cprintf(cb, "%s:", modname); cprintf(cb, "%s\":%s", xml_name(x), pretty?" ":""); @@ -917,14 +915,14 @@ xml2json1_cbuf(cbuf *cb, break; case FIRST_ARRAY: case SINGLE_ARRAY: - cprintf(cb, "%*s\"", pretty?(level*JSON_INDENT):0, ""); + cprintf(cb, "%*s\"", pretty?(level*PRETTYPRINT_INDENT):0, ""); if (modname) cprintf(cb, "%s:", modname); cprintf(cb, "%s\":%s", xml_name(x), pretty?" ":""); level++; cprintf(cb, "[%s%*s", pretty?"\n":"", - pretty?(level*JSON_INDENT):0, ""); + pretty?(level*PRETTYPRINT_INDENT):0, ""); switch (childt){ case NULL_CHILD: if (nullchild(cb, x, ys) < 0) @@ -943,7 +941,7 @@ xml2json1_cbuf(cbuf *cb, case LAST_ARRAY: level++; cprintf(cb, "%*s", - pretty?(level*JSON_INDENT):0, ""); + pretty?(level*PRETTYPRINT_INDENT):0, ""); switch (childt){ case NULL_CHILD: if (nullchild(cb, x, ys) < 0) @@ -1007,7 +1005,7 @@ xml2json1_cbuf(cbuf *cb, case ANY_CHILD: cprintf(cb, "%s%*s}", pretty?"\n":"", - pretty?(level*JSON_INDENT):0, ""); + pretty?(level*PRETTYPRINT_INDENT):0, ""); break; default: break; @@ -1023,7 +1021,7 @@ xml2json1_cbuf(cbuf *cb, case ANY_CHILD: cprintf(cb, "%s%*s}", pretty?"\n":"", - pretty?(level*JSON_INDENT):0, ""); + pretty?(level*PRETTYPRINT_INDENT):0, ""); level--; break; default: @@ -1040,7 +1038,7 @@ xml2json1_cbuf(cbuf *cb, case ANY_CHILD: cprintf(cb, "%s%*s}", pretty?"\n":"", - pretty?(level*JSON_INDENT):0, ""); + pretty?(level*PRETTYPRINT_INDENT):0, ""); cprintf(cb, "%s",pretty?"\n":""); level--; break; @@ -1048,7 +1046,7 @@ xml2json1_cbuf(cbuf *cb, break; } cprintf(cb, "%*s]", - pretty?(level*JSON_INDENT):0,""); + pretty?(level*PRETTYPRINT_INDENT):0,""); break; default: break; @@ -1095,7 +1093,7 @@ xml2json_cbuf1(cbuf *cb, goto ok; } cprintf(cb, "%*s{%s", - pretty?level*JSON_INDENT:0,"", + pretty?level*PRETTYPRINT_INDENT:0,"", pretty?"\n":""); if (y != NULL){ @@ -1120,7 +1118,7 @@ xml2json_cbuf1(cbuf *cb, goto done; cprintf(cb, "%s%*s}%s", pretty?"\n":"", - pretty?level*JSON_INDENT:0,"", + pretty?level*PRETTYPRINT_INDENT:0,"", pretty?"\n":""); ok: retval = 0; @@ -1239,11 +1237,7 @@ xml2json_cbuf_vec(cbuf *cb, if (xml2json1_cbuf(cb, xp, NO_ARRAY, -#if 1 level, -#else - level+1, -#endif pretty, 1, NULL, NULL) < 0) goto done; diff --git a/lib/src/clixon_text_syntax.c b/lib/src/clixon_text_syntax.c index 71507ca5..b1f9c1b0 100644 --- a/lib/src/clixon_text_syntax.c +++ b/lib/src/clixon_text_syntax.c @@ -71,8 +71,11 @@ /* Size of json read buffer when reading from file*/ #define BUFLEN 1024 -/* Name of xml top object created by parse functions */ -#define TOP_SYMBOL "top" +/* Name of xml top object created by parse functions + * See also DATASTORE_TOP_SYMBOL which is the clixon datastore top symbol. By default also config + */ + +#define TEXT_TOP_SYMBOL "top" /*! x is element and has eactly one child which in turn has none * @see child_type in clixon_json.c @@ -100,7 +103,7 @@ tleaf(cxobj *x) * @param[in] xn XML object to print * @param[in] fn Callback to make print function * @param[in] f File to print to - * @param[in] level Print 4 spaces per level in front of each line + * @param[in] level Print PRETTYPRINT_INDENT spaces per level in front of each line * @param[in] autocliext How to handle autocli extensions: 0: ignore 1: follow * @param[in,out] leafl Leaflist state for keeping track of when [] ends * @param[in,out] leaflname Leaflist state for [] @@ -171,7 +174,7 @@ xml2txt1(cxobj *xn, else{ *leafl = 0; *leaflname = NULL; - (*fn)(f, "%*s\n", 4*(level), "]"); + (*fn)(f, "%*s\n", PRETTYPRINT_INDENT*(level), "]"); } } xc = NULL; /* count children (elements and bodies, not attributes) */ @@ -191,13 +194,13 @@ xml2txt1(cxobj *xn, else cprintf(cb, "%s", value); if (*leafl) /* Skip keyword if leaflist */ - (*fn)(f, "%*s%s\n", 4*level, "", cbuf_get(cb)); + (*fn)(f, "%*s%s\n", PRETTYPRINT_INDENT*level, "", cbuf_get(cb)); else (*fn)(f, "%s;\n", cbuf_get(cb)); break; } case CX_ELMNT: - (*fn)(f, "%*s%s", 4*level, "", xml_name(xn)); + (*fn)(f, "%*s%s", PRETTYPRINT_INDENT*level, "", xml_name(xn)); cvi = NULL; /* Lists only */ while ((cvi = cvec_each(cvk, cvi)) != NULL) { if ((xc = xml_find_type(xn, NULL, cv_string_get(cvi), CX_ELMNT)) != NULL) @@ -211,7 +214,7 @@ xml2txt1(cxobj *xn, goto ok; } if (*leafl == 0){ - (*fn)(f, "%*s", 4*level, ""); + (*fn)(f, "%*s", PRETTYPRINT_INDENT*level, ""); #ifndef TEXT_SYNTAX_NOPREFIX if (prefix) (*fn)(f, "%s:", prefix); @@ -247,10 +250,10 @@ xml2txt1(cxobj *xn, /* Stop leaf-list printing (ie []) if no longer leaflist and same name */ if (yn && yang_keyword_get(yn) != Y_LEAF_LIST && *leafl != 0){ *leafl = 0; - (*fn)(f, "%*s\n", 4*(level+1), "]"); + (*fn)(f, "%*s\n", PRETTYPRINT_INDENT*(level+1), "]"); } if (!tleaf(xn)) - (*fn)(f, "%*s}\n", 4*level, ""); + (*fn)(f, "%*s}\n", PRETTYPRINT_INDENT*level, ""); ok: retval = 0; done: @@ -263,7 +266,7 @@ xml2txt1(cxobj *xn, * * @param[in] f File to print to * @param[in] xn XML object to print - * @param[in] level Print 4 spaces per level in front of each line + * @param[in] level Print PRETTYPRINT_INDENT spaces per level in front of each line * @param[in] fn File print function (if NULL, use fprintf) * @param[in] skiptop 0: Include top object 1: Skip top-object, only children, * @param[in] autocliext How to handle autocli extensions: 0: ignore 1: follow @@ -563,7 +566,7 @@ clixon_text_syntax_parse_file(FILE *fp, textbuf[len++] = ch; if (ret == 0){ if (*xt == NULL) - if ((*xt = xml_new(TOP_SYMBOL, NULL, CX_ELMNT)) == NULL) + if ((*xt = xml_new(TEXT_TOP_SYMBOL, NULL, CX_ELMNT)) == NULL) goto done; if (len){ if ((ret = _text_syntax_parse(ptr, yb, yspec, *xt, xerr)) < 0) diff --git a/lib/src/clixon_xml_io.c b/lib/src/clixon_xml_io.c index 457989b2..3aeb8b92 100644 --- a/lib/src/clixon_xml_io.c +++ b/lib/src/clixon_xml_io.c @@ -80,8 +80,6 @@ */ /* Size of xml read buffer */ #define BUFLEN 1024 -/* Indentation for xml pretty-print. Consider option? */ -#define XML_INDENT 3 /*------------------------------------------------------------------------ * XML printing functions. Output a parse tree to file, string cligen buf @@ -147,7 +145,7 @@ xml2file_recurse(FILE *f, (*fn)(f, "%s=\"%s\"", name, xml_value(x)); break; case CX_ELMNT: - (*fn)(f, "%*s<", pretty?(level*XML_INDENT):0, ""); + (*fn)(f, "%*s<", pretty?(level*PRETTYPRINT_INDENT):0, ""); if (namespace) (*fn)(f, "%s:", namespace); (*fn)(f, "%s", name); @@ -187,7 +185,7 @@ xml2file_recurse(FILE *f, goto done; } if (pretty && hasbody==0) - (*fn)(f, "%*s", level*XML_INDENT, ""); + (*fn)(f, "%*s", level*PRETTYPRINT_INDENT, ""); (*fn)(f, ""; - - description - "Clixon configuration file - ***** BEGIN LICENSE BLOCK ***** - Copyright (C) 2009-2019 Olof Hagsand - Copyright (C) 2020-2022 Olof Hagsand and Rubicon Communications, LLC(Netgate) - - This file is part of CLIXON - - Licensed under the Apache License, Version 2.0 (the \"License\"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an \"AS IS\" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - - Alternatively, the contents of this file may be used under the terms of - the GNU General Public License Version 3 or later (the \"GPL\"), - in which case the provisions of the GPL are applicable instead - of those above. If you wish to allow use of your version of this file only - under the terms of the GPL, and not to allow others to - use your version of this file under the terms of Apache License version 2, - indicate your decision by deleting the provisions above and replace them with - the notice and other provisions required by the GPL. If you do not delete - the provisions above, a recipient may use your version of this file under - the terms of any one of the Apache License version 2 or the GPL. - - ***** END LICENSE BLOCK *****"; - - revision 2022-02-11 { - description - "Added option: - CLICON_LOG_STRING_LIMIT - CLICON_YANG_LIBRARY - Changed default value: - CLICON_MODULE_LIBRARY_RFC7895 to false - Removed (previosly marked) obsolete options: - CLICON_RESTCONF_PATH - CLICON_RESTCONF_PRETTY - CLICON_CLI_GENMODEL - CLICON_CLI_GENMODEL_TYPE - CLICON_CLI_GENMODEL_COMPLETION - CLICON_CLI_AUTOCLI_EXCLUDE - CLICON_CLI_MODEL_TREENAME - Released in Clixon 5.6"; - } - revision 2021-12-05 { - description - "Imported - clixon-autocli.yang - Removed (previosly marked) obsolete options: - CLICON_YANG_LIST_CHECK - Marked as obsolete: - CLICON_CLI_GENMODEL (use autocli/enable-autocli instead) - CLICON_CLI_GENMODEL_TYPE (use autocli/list-keyword-default and compress rules instead) - CLICON_CLI_GENMODEL_COMPLETION (use autocli/completion-default instead) - CLICON_CLI_AUTOCLI_EXCLUDE (use autocli/module-default, rule/enable logic instead) - CLICON_CLI_MODEL_TREENAME (use constant AUTOCLI_TREENAME instead) - Released in Clixon 5.5"; - } - revision 2021-11-11 { - description - "Added option: - CLICON_PLUGIN_CALLBACK_CHECK - CLICON_YANG_AUGMENT_ACCEPT_BROKEN - Modified options: - CLICON_CLI_GENMODEL_TYPE: added OC_COMPRESS enum - CLICON_YANG_DIR: recursive search - Released in Clixon 5.4"; - } - revision 2021-07-11 { - description - "Added option: - CLICON_RESTCONF_HTTP2_PLAIN - Removed default value: - CLICON_RESTCONF_INSTALLDIR - Marked as obsolete: - CLICON_YANG_LIST_CHECK - Released in Clixon 5.3"; - } - revision 2021-05-20 { - description - "Added option: - CLICON_RESTCONF_USER - CLICON_RESTCONF_PRIVILEGES - CLICON_RESTCONF_INSTALLDIR - CLICON_RESTCONF_STARTUP_DONTUPDATE - CLICON_NETCONF_MESSAGE_ID_OPTIONAL - Released in Clixon 5.2"; - } - revision 2021-03-08 { - description - "Added option: - CLICON_NETCONF_HELLO_OPTIONAL - CLICON_CLI_AUTOCLI_EXCLUDE - CLICON_XMLDB_UPGRADE_CHECKOLD - Released in Clixon 5.1"; - } - revision 2020-12-30 { - description - "Added option: - CLICON_ANONYMOUS_USER - Removed obsolete options: - CLICON_RESTCONF_IPV4_ADDR - CLICON_RESTCONF_IPV6_ADDR - CLICON_RESTCONF_HTTP_PORT - CLICON_RESTCONF_HTTPS_PORT - CLICON_SSL_SERVER_CERT - CLICON_SSL_SERVER_KEY - CLICON_SSL_CA_CERT - CLICON_TRANSACTION_MOD - Marked as obsolete and moved to clixon-restconf.yang: - CLICON_RESTCONF_PATH - CLICON_RESTCONF_PRETTY"; - } - revision 2020-11-03 { - description - "Added CLICON_BACKEND_RESTCONF_PROCESS - Copied to clixon-restconf.yang and marked as obsolete: - CLICON_RESTCONF_IPV4_ADDR - CLICON_RESTCONF_IPV6_ADDR - CLICON_RESTCONF_HTTP_PORT - CLICON_RESTCONF_HTTPS_PORT - CLICON_SSL_SERVER_CERT - CLICON_SSL_SERVER_KEY - CLICON_SSL_CA_CERT - Removed obsolete option CLICON_TRANSACTION_MOD"; - } - revision 2020-10-01 { - description - "Added: CLICON_CONFIGDIR."; - } - revision 2020-08-17 { - description - "Added: CLICON_RESTCONF_IPV4_ADDR, CLICON_RESTCONF_IPV6_ADDR, - CLICON_RESTCONF_HTTP_PORT, CLICON_RESTCONF_HTTPS_PORT - CLICON_NAMESPACE_NETCONF_DEFAULT, - CLICON_CLI_HELPSTRING_TRUNCATE, CLICON_CLI_HELPSTRING_LINES"; - } - revision 2020-06-17 { - description - "Added: CLICON_CLI_LINES_DEFAULT - Added enum HIDE to CLICON_CLI_GENMODEL - Added CLICON_SSL_SERVER_CERT, CLICON_SSL_SERVER_KEY, CLICON_SSL_CA_CERT - Added CLICON_NACM_DISABLED_ON_EMPTY - Removed default valude of CLICON_NACM_RECOVERY_USER"; - } - revision 2020-04-23 { - description - "Added: CLICON_YANG_UNKNOWN_ANYDATA to treat unknown XML (wrt YANG) as anydata. - Deleted: xml-stats non-config data (replaced by rpc stats in clixon-lib.yang)"; - } - revision 2020-02-22 { - description - "Added: search index extension, - Added: clixon-stats state for clixon XML and memory statistics. - Added: CLICON_CLI_BUF_START and CLICON_CLI_BUF_THRESHOLD for quadratic and linear - growth of CLIgen buffers (cbuf:s) - Added: CLICON_VALIDATE_STATE_XML for controling validation of user state XML - Added: CLICON_CLICON_YANG_LIST_CHECK to skip list key checks"; - } - revision 2019-09-11 { - description - "Added: CLICON_BACKEND_USER: drop of privileges to user, - CLICON_BACKEND_PRIVILEGES: how to drop privileges - CLICON_NACM_CREDENTIALS: If and how to check backend sock privileges with NACM - CLICON_NACM_RECOVERY_USER: Name of NACM recovery user."; - } - revision 2019-06-05 { - description - "Added: CLICON_YANG_REGEXP, CLICON_CLI_TAB_MODE, - CLICON_CLI_HIST_FILE, CLICON_CLI_HIST_SIZE, - CLICON_XML_CHANGELOG, CLICON_XML_CHANGELOG_FILE; - Renamed CLICON_XMLDB_CACHE to CLICON_DATASTORE_CACHE (changed type) - Deleted: CLICON_XMLDB_PLUGIN, CLICON_USE_STARTUP_CONFIG"; - } - revision 2019-03-05{ - description - "Changed URN. Changed top-level symbol to clixon-config. - Released in Clixon 3.10"; - } - revision 2019-02-06 { - description - "Released in Clixon 3.9"; - } - revision 2018-10-21 { - description - "Released in Clixon 3.8"; - } - extension search_index { - description "This list argument acts as a search index using optimized binary search. - "; - } - typedef startup_mode{ - description - "Which method to boot/start clicon backend. - The methods differ in how they reach a running state - Which source database to commit from, if any."; - type enumeration{ - enum none{ - description - "Do not touch running state - Typically after crash when running state and db are synched"; - } - enum init{ - description - "Initialize running state. - Start with a completely clean running state"; - } - enum running{ - description - "Commit running db configuration into running state - After reboot if a persistent running db exists"; - } - enum startup{ - description - "Commit startup configuration into running state - After reboot when no persistent running db exists"; - } - enum running-startup{ - description - "First try running db, if it is empty try startup db."; - } - } - } - typedef datastore_format{ - description - "Datastore format."; - type enumeration{ - enum xml{ - description - "Save and load xmldb as XML - More specifically, such a file looks like: ... provided - DATASTORE_TOP_SYMBOL is 'config'"; - } - enum json{ - description "Save and load xmldb as JSON"; - } - } - } - typedef datastore_cache{ - description - "XML configuration, ie running/candididate/ datastore cache behaviour."; - type enumeration{ - enum nocache{ - description "No cache always work directly with file"; - } - enum cache{ - description "Use in-memory cache. - Make copies when accessing internally."; - } - enum cache-zerocopy{ - description "Use in-memory cache and dont copy. - Fastest but opens up for callbacks changing cache."; - } - } - } - typedef cli_genmodel_type{ - description - "How to generate auto CLI from YANG model, - eg {container c {list a{ key x; leaf x; leaf y;}}"; - type enumeration{ - enum NONE{ - description "No extra keywords: c a "; - } - enum VARS{ - description "Keywords on non-key variables: c a y "; - } - enum ALL{ - description "Keywords on all variables: c a x y "; - } - enum HIDE{ - description "Keywords on non-key variables and hide container around lists: a y "; - } - enum OC_COMPRESS{ - description "See: https://github.com/openconfig/ygot/blob/master/docs/design.md#openconfig-path-compression"; - } - } - } - typedef nacm_mode{ - description - "Mode of RFC8341 Network Configuration Access Control Model. - It is unclear from the RFC whether NACM rules are internal - in a configuration (ie embedded in regular config) or external/OOB - in s separate, specific NACM-config"; - type enumeration{ - enum disabled{ - description "NACM is disabled"; - } - enum internal{ - description "NACM is enabled and available in the regular config"; - } - enum external{ - description "NACM is enabled and available in a separate config"; - } - } - } - typedef regexp_mode{ - description - "The regular expression engine Clixon uses in its validation of - Yang patterns, and in the CLI. - Yang RFC 7950 stipulates XSD XML Schema regexps - according to W3 CXML Schema Part 2: Datatypes Second Edition, - see http://www.w3.org/TR/2004/REC-xmlschema-2-20041028#regexs"; - type enumeration{ - enum posix { - description - "Translate XSD XML Schema regexp:s to Posix regexp. This is - not a complete translation, but can be considered good-enough - for Yang use-cases as defined by openconfig and yang-models - for example."; - } - enum libxml2 { - description - "Use libxml2 XSD XML Schema regexp engine. This is a complete - XSD regexp engine.. - Requires libxml2 to be available at configure time - (HAVE_LIBXML2 should be set)"; - } - } - } - typedef priv_mode{ - description - "Privilege mode, used for dropping (or not) privileges to a non-provileged - user after initialization"; - type enumeration{ - enum none { - description - "Make no drop/change in privileges."; - } - enum drop_perm { - description - "After initialization, drop privileges permanently to a uid"; - } - enum drop_temp { - description - "After initialization, drop privileges temporarily to a euid"; - } - } - } - typedef nacm_cred_mode{ - description - "How NACM user should be matched with unix socket peer credentials. - This means nacm user must match socket peer user accessing the - backend socket. For IP sockets only mode none makes sense."; - type enumeration{ - enum none { - description - "Dont match NACM user to any user credentials. Any user can pose - as any other user. Set this for IP sockets, or dont use NACM."; - } - enum exact { - description - "Exact match between NACM user and unix socket peer user."; - } - enum except { - description - "Exact match between NACM user and unix socket peer user, except - for root and www user (restconf)."; - } - } - } - typedef socket_address_family { - description "Address family for internal socket"; - type enumeration{ - enum UNIX { - description "Unix domain socket"; - } - enum IPv4 { - description "IPv4"; - } - enum IPv6 { - description "IPv6"; - } - } - } - container clixon-config { - container restconf { - uses clrc:clixon-restconf; - } - container autocli { - uses autocli:clixon-autocli; - } - leaf-list CLICON_FEATURE { - description - "Supported features as used by YANG feature/if-feature - value is: :, where and - are either names, or the special character '*'. - *:* means enable all features - :* means enable all features in the specified module - *: means enable the specific feature in all modules"; - type string; - } - leaf-list CLICON_YANG_DIR { - ordered-by user; - type string; - description - "Yang directory path for finding module and submodule files. - A list of these options should be in the configuration. - When loading a Yang module, Clixon searches this list in the order - they appear. - Note since Clixon 5.4 such a directory is searched recursively, not just the - directory itself. - Ensure that YANG_INSTALLDIR (default - /usr/local/share/clixon) is present in the path"; - } - leaf CLICON_CONFIGFILE{ - type string; - description - "Location of the main configuration-file. - Default is CLIXON_DEFAULT_CONFIG=/usr/local/etc/clicon.xml set in configure. - Note that due to bootstrapping, this value is not actually read from file - and therefore a default value would be meaningless."; - } - leaf CLICON_CONFIGDIR{ - type string; - description - "Location of directory of extra configuration files. - If not given, only main configfile is read. - If given, and if the directory exists, all files in this directory will be loaded - AFTER the main config file (CLICON_CONFIGFILE) in the following way: - - leaf values are overwritten - - leaf-list values are appended - The files in this directory will be loaded alphabetically. - If the dir is given but does not exist will result in an error. - You can override file setting with -E command-line option. - Note that due to bootstraping this value is only meaningful in the main config file"; - } - leaf CLICON_YANG_MAIN_FILE { - type string; - description - "If specified load a yang module in a specific absolute filename. - This corresponds to the -y command-line option in most CLixon - programs."; - } - leaf CLICON_YANG_MAIN_DIR { - type string; - description - "If given, load all modules in this directory (all .yang files) - See also CLICON_YANG_DIR which specifies a path of dirs"; - } - leaf CLICON_YANG_MODULE_MAIN { - type string; - description - "Option used to construct initial yang file: - [@]"; - } - leaf CLICON_YANG_MODULE_REVISION { - type string; - description - "Option used to construct initial yang file: - [@]. - Used together with CLICON_YANG_MODULE_MAIN"; - } - leaf CLICON_YANG_REGEXP { - type regexp_mode; - default posix; - description - "The regular expression engine Clixon uses in its validation of - Yang patterns, and in the CLI. - There is a 'good-enough' posix translation mode and a complete - libxml2 mode"; - } - leaf CLICON_YANG_UNKNOWN_ANYDATA{ - type boolean; - default false; - description - "Treat unknown XML/JSON nodes as anydata when loading from startup db. - This does not apply to namespaces, which means a top-level node: xxx:yyy - is accepted only if yyy is unknown, not xxx. - Note that this option has several caveats which needs to be fixed. Please - use with care. - The primary issue is that the unknown->anydata handling is not restricted to - only loading from startup but may occur in other circumstances as well. This - means that sanity checks of erroneous XML/JSON may not be properly signalled."; - } - leaf CLICON_BACKEND_DIR { - type string; - description - "Location of backend .so plugins. Load all .so - plugins in this dir as backend plugins"; - } - leaf CLICON_BACKEND_REGEXP { - type string; - description - "Regexp of matching backend plugins in CLICON_BACKEND_DIR"; - default "(.so)$"; - } - leaf CLICON_NETCONF_DIR{ - type string; - description "Location of netconf (frontend) .so plugins"; - } - leaf CLICON_NETCONF_HELLO_OPTIONAL { - type boolean; - default false; - description - "This option relates to RFC 6241 Sec 8.1 Capabilies Exchange where it says: - When the NETCONF session is opened, each peer (both client and server) MUST - send a element... - If true, an RPC can be processed directly with no preceeding hello message. - This is legacy clixon but invalid according to the RFC. - If false, NETCONF hello messages are mandatory before any RPC can be processed. - That is, if clixon receives an rpc with no previous hello message, an error - is returned, which conforms to the RFC. - Note this applies only to external NETCONF, not the internal (IPC) netconf"; - } - leaf CLICON_NETCONF_MESSAGE_ID_OPTIONAL { - type boolean; - default false; - description - "This option relates to RFC 6241 Sec 4.1 Element - The element has a mandatory attribute 'message-id', which is a - string chosen by the sender of the RPC. - If true, an RPC can be sent without a message-id. - This applies to both external NETCONF and internal (IPC) netconf"; - } - leaf CLICON_RESTCONF_DIR { - type string; - description - "Location of restconf (frontend) .so plugins. Load all .so - plugins in this dir as restconf code plugins - Note: This cannot be moved to clixon-restconf.yang because it is needed - early in the bootstrapping phase, before clixon-restconf.yang config may - be loaded."; - } - leaf CLICON_RESTCONF_INSTALLDIR { - type string; - description - "If set, path to dir of clixon-restconf daemon binary as used by backend if - started internally (run-time). - If this path is not set, clixon_restconf will be looked for according to - configured installdir: $(sbindir) (install-time) - Since programs can be moved around at install/cross-compile time the installed - dir may be difficult to know at install time, which is the reason why - CLICON_RESTCONF_INSTALLDIR exists, in order to override the Makefile - installdir. - Note on the installdir, DESTDIR is not included since according to man pages: - by specifying DESTDIR should not change the operation of the software in - any way, so its value should not be included in any file contents. "; - } - leaf CLICON_RESTCONF_STARTUP_DONTUPDATE { - type boolean; - default false; - description - "According to RFC 8040 Sec 1.4: - If the NETCONF server supports :startup, the RESTCONF server MUST automatically - update the [...] startup configuration [...] as a consequence of a RESTCONF - edit operation. - Setting this option disables this behaviour, ie the startup configuration is NOT - automatically updated. - If this option is false, the startup is autoamtically updated following the RFC"; - } - leaf CLICON_RESTCONF_USER { - type string; - description - "Run clixon_daemon as this user - When drop privileges is used, the daemon will drop privileges to this user. - In pre-5.2 code this was configured as compile-time constant WWWUSER with - default value www-data - See also CLICON_PRIVILEGES setting"; - default www-data; - } - leaf CLICON_RESTCONF_PRIVILEGES { - type priv_mode; - default drop_perm; - description - "Restconf privileges mode. - If drop_perm or drop_temp then drop privileges to CLICON_RESTCONF_USER. - If the platform does not support getresuid and accompanying functions, the mode - must be set to 'none'. - "; - } - leaf CLICON_RESTCONF_HTTP2_PLAIN { - type boolean; - default false; - description - "Applies to plain (non-tls) http/2 ie when clixon is configured with --enable-nghttp2 - If false, disable direct and upgrade for plain(non-tls) HTTP/2. - If true, allow direct and upgrade for plain(non-tls) HTTP/2. - It may especially useful to disable in http/1 + http/2 mode to avoid the complex - upgrade/switch from http/1 to http/2. - Note this also disables plain http/2 in prior-knowledge, that is, in http/2-only mode. - HTTP/2 in https(TLS) is unaffected"; - } - leaf CLICON_CLI_DIR { - type string; - description - "Directory containing frontend cli loadable plugins. Load all .so - plugins in this directory as CLI object plugins"; - } - leaf CLICON_CLISPEC_DIR { - type string; - description - "Directory containing frontend cligen spec files. Load all .cli - files in this directory as CLI specification files. - See also CLICON_CLISPEC_FILE."; - } - leaf CLICON_CLISPEC_FILE { - type string; - description - "Specific frontend cligen spec file as alternative or complement - to CLICON_CLISPEC_DIR. Also available as -c in clixon_cli."; - } - leaf CLICON_CLI_MODE { - type string; - default "base"; - description - "Startup CLI mode. This should match a CLICON_MODE variable set in - one of the clispec files"; - } - leaf CLICON_CLI_VARONLY { - type int32; - default 1; - description - "Dont include keys in cvec in cli vars callbacks, - ie a & k in 'a k ' ignored - (consider boolean)"; - } - leaf CLICON_CLI_LINESCROLLING { - type int32; - default 1; - description - "Set to 0 if you want CLI to wrap to next line. - Set to 1 if you want CLI to scroll sideways when approaching - right margin"; - } - leaf CLICON_CLI_LINES_DEFAULT { - type int32; - default 24; - description - "Set to number of CLI terminal rows for scrolling. 0 means unlimited. - The number is set statically UNLESS: - - there is no terminal, such as file input, in which case nr lines is 0 - - there is a terminal sufficiently powerful to read the number of lines from - ioctl calls. - In other words, this setting is used ONLY on raw terminals such as serial - consoles."; - } - leaf CLICON_CLI_TAB_MODE { - type int8; - default 0; - description - "Set CLI tab mode. This is a bitfield of three bits: - bit 1: 0: shows short info of available commands - 1: has same output as , ie line per command - bit 2: 0: On , select a command over a if both exist - 1: Commands and vars have same preference. - bit 3: 0: On , never complete more than one level per - 1: Complete all levels at once if possible. - "; - } - leaf CLICON_CLI_UTF8 { - type int8; - default 0; - description - "Set to 1 to enable CLIgen UTF-8 experimental mode. - Note that this feature is EXPERIMENTAL and may not properly handle - scrolling, control characters, etc - (consider boolean)"; - } - leaf CLICON_CLI_HIST_FILE { - type string; - default "~/.clixon_cli_history"; - description - "Name of CLI history file. If not given, history is not saved. - The number of lines is saved is given by CLICON_CLI_HIST_SIZE."; - } - leaf CLICON_CLI_HIST_SIZE { - type int32; - default 300; - description - "Number of lines to save in CLI history. - Also, if CLICON_CLI_HIST_FILE is set, also the size in lines - of the saved history."; - } - leaf CLICON_CLI_BUF_START { - type uint32; - default 256; - description - "CLIgen buffer (cbuf) initial size. - When the buffer needs to grow, the allocation grows quadratic up to a threshold - after which linear growth continues. - See CLICON_CLI_BUF_THRESHOLD"; - } - leaf CLICON_CLI_BUF_THRESHOLD { - type uint32; - default 65536; - description - "CLIgen buffer (cbuf) threshold size. - When the buffer exceeds the threshold, the allocation grows by adding the threshold - value to the buffer length. - If 0, the growth continues with quadratic growth. - See CLICON_CLI_BUF_THRESHOLD"; - } - leaf CLICON_CLI_HELPSTRING_TRUNCATE { - type boolean; - default false; - description - "CLIgen help string on query (?): Truncate help string on right margin mode - This only applies if you have long help strings, such as when generating them from a - spec such as the autocli"; - } - leaf CLICON_CLI_HELPSTRING_LINES { - type int32; - default 0; - description - "CLIgen help string on query (?) limit of number of lines to show, 0 means unlimited. - This only applies if you have multi-line help strings, such as when generating - from a spec, such as in the autocli."; - } - leaf CLICON_SOCK_FAMILY { - type socket_address_family; - default UNIX; - description - "Address family for communicating with clixon_backend with one of: - Note IPv6 not implemented. - Note that UNIX socket makes credential check as follows: - (1) client needs rw access to the socket - (2) NACM credentials can be checked according to CLICON_NACM_CREDENTIALS - Warning: Only UNIX (not IPv4) sockets have credential mechanism. - "; - } - leaf CLICON_SOCK { - type string; - mandatory true; - description - "String description of Clixon Internal (IPC) socket that connects a clixon - client to the clixon backend. This string is dependent on family. - If CLICON_SOCK_FAMILY is: - - UNIX: The value is a Unix socket path - - IPv4: IPv4 address string - - IPv6: IPv6 address string (NYI)"; - } - leaf CLICON_SOCK_PORT { - type int32; - default 4535; - description - "Inet socket port for communicating with clixon_backend - (only IPv4|IPv6)"; - } - leaf CLICON_SOCK_GROUP { - type string; - default "clicon"; - description - "Group membership to access clixon_backend unix socket and gid for - deamon"; - } - leaf CLICON_BACKEND_USER { - type string; - description - "User name for backend (both foreground and daemonized). - If you set this value the backend if started as root will lower - the privileges after initialization. - The ownership of files created by the backend will also be set to this - user (eg datastores). - It also sets the backend unix socket owner to this user, but its group - is set by CLICON_SOCK_GROUP. - See also CLICON_BACKEND_PRIVILEGES setting"; - } - leaf CLICON_BACKEND_PRIVILEGES { - type priv_mode; - default none; - description - "Backend privileges mode. - If CLICON_BACKEND_USER user is set, mode can be set to drop_perm or - drop_temp."; - } - leaf CLICON_BACKEND_PIDFILE { - type string; - mandatory true; - description "Process-id file of backend daemon"; - } - leaf CLICON_BACKEND_RESTCONF_PROCESS { - type boolean; - default false; - description - "If set, enable process-control of restconf daemon, ie start/stop restconf - daemon internally from backend daemon. - Also, if set, restconf daemon queries backend for its config - if not set, restconf daemon reads its config from main config file - It uses clixon-restconf.yang for config and clixon-lib.yang for RPC - Process control of restconf daemon is as follows: - - on RPC start, if enable is true, start the service, if false, error or ignore it - - on RPC stop, stop the service - - on backend start make the state as configured - - on enable change, make the state as configured - Disable if you start the restconf daemon by other means."; - } - leaf CLICON_AUTOCOMMIT { - type int32; - default 0; - description - "Set if all configuration changes are committed automatically - on every edit change. Explicit commit commands unnecessary - (consider boolean)"; - } - leaf CLICON_XMLDB_DIR { - type string; - mandatory true; - description - "Directory where \"running\", \"candidate\" and \"startup\" are placed."; - } - leaf CLICON_DATASTORE_CACHE { - type datastore_cache; - default cache; - description - "Clixon datastore cache behaviour. There are three values: no cache, - cache with copy, or cache without copy. - Note: 'cache' is default value and supported with regressions etc. - Others are experimental (in Clixon 5.5)"; - } - leaf CLICON_XMLDB_FORMAT { - type datastore_format; - default xml; - description "XMLDB datastore format."; - } - leaf CLICON_XMLDB_PRETTY { - type boolean; - default true; - description - "XMLDB datastore pretty print. - If set, insert spaces and line-feeds making the XML/JSON human - readable. If not set, make the XML/JSON more compact."; - } - leaf CLICON_XMLDB_MODSTATE { - type boolean; - default false; - description - "If set, tag datastores with RFC 7895 YANG Module Library - info. When loaded at startup, a check is made if the system - yang modules match. - See also CLICON_MODULE_LIBRARY_RFC7895"; - } - leaf CLICON_XMLDB_UPGRADE_CHECKOLD { - type boolean; - default true; - description - "Controls behavior of check of startup in upgrade scenarios. - If set, yang bind and check datastore syntax against the old Yang. - The old yang must be accessible via YANG_DIR. - Will fail startup if old yang not found or if old config does not match. - If not set, no yang check of old config is made until it is upgraded to new yang."; - } - leaf CLICON_XML_CHANGELOG { - type boolean; - default false; - description "If true enable automatic upgrade using yang clixon - changelog."; - } - leaf CLICON_XML_CHANGELOG_FILE { - type string; - description "Name of file with module revision changelog. - If CLICON_XML_CHANGELOG is true, Clixon - reads the module changelog from this file."; - } - leaf CLICON_VALIDATE_STATE_XML { - type boolean; - default false; - description - "Validate user state callback content. - Users may register state callbacks using ca_statedata callback - When set, the XML returned from the callback is validated after merging with - the running db. If it fails, an internal error is returned to the originating - user. - If the option is not set, the XML returned by the user is not validated. - Note that enabling currently causes a large performance overhead for large - lists, therefore it is recommended to enable it during development and debugging - but disable it in production, until this has been resolved."; - } - leaf CLICON_PLUGIN_CALLBACK_CHECK { - type int32; - default 0; - description - "Debug option. - If >0, make a check of resources before and after each plugin callback code - to check if the plugin violated resources. - This is primarily intended for development and debugging but may also be enabled - in a running system. - If 1, errors will be logged to syslog as WARNINGs. - If 2, the program will abort using assert() on first error - The checks are currently made by plugin_context_check() and include: - - termios settings - - signal vectors - The checks will be made for all callbacks as defined in struct clixon_plugin_api - as well as the CLIgen callbacks. - See https://clixon-docs.readthedocs.io/en/latest/backend.html#plugin-callback-guidelines"; - } - leaf CLICON_YANG_AUGMENT_ACCEPT_BROKEN { - type boolean; - default false; - description - "Debug option. If enabled, accept broken augments on the form: - augment { ... } - where is an XPath which MUST be an existing node but for many - yangmodels do not. - There are several cases why this may be the case: - - syntax errors, - - features that need to be enabled - - wrong XPaths, etc - This option should be enabled only for passing some testcases it should - normally never be enabled in system YANGs that are used in a system."; - } - leaf CLICON_NAMESPACE_NETCONF_DEFAULT { - type boolean; - default false; - description - "Undefine if you want to ensure strict namespace assignment on all netconf - and XML statements according to the standard RFC 6241. - If defined, top-level rpc calls need not have namespaces (eg using xmlns=) - since the default NETCONF namespace will be assumed. (This is not standard). - See rfc6241 3.1: urn:ietf:params:xml:ns:netconf:base:1.0."; - - } - leaf CLICON_STARTUP_MODE { - type startup_mode; - description "Which method to boot/start clicon backend"; - } - leaf CLICON_ANONYMOUS_USER { - type string; - default "anonymous"; - description - "Name of anonymous user. - The current only case where such a user is used is in RESTCONF authentication when - auth-type=none and no known user is known."; - } - leaf CLICON_NACM_MODE { - type nacm_mode; - default disabled; - description - "RFC8341 network access configuration control model (NACM) mode: disabled, - in regular (internal) config or separate external file given by CLICON_NACM_FILE"; - } - leaf CLICON_NACM_FILE { - type string; - description - "RFC8341 NACM external configuration file (if CLIXON_NACM_MODE is external)"; - } - leaf CLICON_NACM_CREDENTIALS { - type nacm_cred_mode; - default except; - description - "Verify nacm user credentials with unix socket peer cred. - This means nacm user must match unix user accessing the backend - socket."; - } - leaf CLICON_NACM_RECOVERY_USER { - type string; - description - "RFC8341 defines a 'recovery session' as outside its scope. Clixon - defines this user as having special admin rights to exempt from - all access control enforcements. - Note setting of CLICON_NACM_CREDENTIALS is important, if set to - exact for example, this user must exist and be used, otherwise - another user (such as root or www) can pose as the recovery user."; - } - leaf CLICON_NACM_DISABLED_ON_EMPTY { - type boolean; - default false; - description - "RFC 8341 and ietf-netconf-acm@2018-02-14.yang defines enable-nacm as true by - default. Since also write-default is deny by default it leads to that empty - configs can not be edited. - This means that a startup config must always have a NACM configuration or - that the NACM recovery session is used to edit an empty config. - If this option is set, Clixon disables NACM if a datastore does NOT contain a - NACM config on load."; - } - leaf CLICON_YANG_LIBRARY { - type boolean; - default true; - description - "Enable YANG library support as state data according to RFC8525. - If enabled, module info will appear when doing netconf get or - restconf GET. - The module state data is on the form: - ... - If CLICON_MODULE_LIBRARY_RFC7895 is set (as well), the module state uses RFC7895 - instead where the modile state is on the form: - ... - See also CLICON_XMLDB_MODSTATE where the module state info is used to tag datastores - with module information."; - } - leaf CLICON_MODULE_LIBRARY_RFC7895 { - type boolean; - default false; - description - "Enable RFC 7895 YANG Module library support as state data, instead of RFC8525. - Note CLICON_YANG_LIBRARY must be enabled for this to have effect. - See also CLICON_YANG_LIBRARY and CLICON_MODULE_SET_ID"; - status obsolete; - } - leaf CLICON_MODULE_SET_ID { - type string; - default "0"; - description - "Only if CLICON_YANG_LIBRARY enabled. - Contains a server-specific identifier representing the current set of modules - and submodules. The server MUST change the value of this leaf if the - information represented by the 'module' list instances has changed. - The /yang-library/content-id state-data leaf is set with this value - If CLICON_MODULE_LIBRARY_RFC7895 is enabled, it sets the modules-state/module-set-id - instead"; - } - leaf CLICON_STREAM_DISCOVERY_RFC5277 { - type boolean; - default false; - description "Enable event stream discovery as described in RFC 5277 - sections 3.2. If enabled, available streams will appear - when doing netconf get or restconf GET"; - } - leaf CLICON_STREAM_DISCOVERY_RFC8040 { - type boolean; - default false; - description - "Enable monitoring information for the RESTCONF protocol from RFC 8040"; - } - leaf CLICON_STREAM_PATH { - type string; - default "streams"; - description "Stream path appended to CLICON_STREAM_URL to form - stream subscription URL."; - } - leaf CLICON_STREAM_URL { - type string; - default "https://localhost"; - description "Prepend this to CLICON_STREAM_PATH to form URL. - See RFC 8040 Sec 9.3 location leaf: - 'Contains a URL that represents the entry point for - establishing notification delivery via server-sent events.' - Prepend this constant to name of stream. - Example: https://localhost/streams/NETCONF. Note this is the - external URL, not local behind a reverse-proxy. - Note that -s command-line option to clixon_restconf - should correspond to last path of url (eg 'streams')"; - } - leaf CLICON_STREAM_PUB { - type string; - description "For stream publish using eg nchan, the base address - to publish to. Example value: http://localhost/pub - Example: stream NETCONF would then be pushed to - http://localhost/pub/NETCONF. - Note this may be a local/provate URL behind reverse-proxy. - If not given, do NOT enable stream publishing using NCHAN."; - } - leaf CLICON_STREAM_RETENTION { - type uint32; - default 3600; - units s; - description "Retention for stream replay buffers in seconds, ie how much - data to store before dropping. 0 means no retention"; - - } - leaf CLICON_LOG_STRING_LIMIT { - type uint32; - default 0; - description - "Length limitation of debug and log strings. - Especially useful for dynamic debug strings, such as packet dumps. - 0 means no limit"; - - } - } -}