Feature Request: Support RFC 6022 (NETCONF Monitoring)

* Added capabilities and schema state, and get-schema rpc * New `clixon-config@2022-11-01.yang` revision * Added option: * `CLICON_NETCONF_MONITORING` * `CLICON_NETCONF_MONITORING_LOCATION`
2022-11-22 13:56:20 +01:00 · 2022-11-22 13:56:20 +01:00 · c94e9dad67
commit c94e9dad67
parent 8ebab16c4c
20 changed files with 1988 additions and 64 deletions
--- a/lib/src/Makefile.in
+++ b/lib/src/Makefile.in
@ -82,7 +82,7 @@ SRC     = clixon_sig.c clixon_uid.c clixon_log.c clixon_err.c clixon_event.c \
 	  clixon_string.c clixon_regex.c clixon_handle.c clixon_file.c \
 	  clixon_xml.c clixon_xml_io.c clixon_xml_sort.c clixon_xml_map.c clixon_xml_vec.c \
 	  clixon_xml_bind.c clixon_json.c clixon_proc.c \
-	  clixon_yang.c clixon_yang_type.c clixon_yang_module.c \
+	  clixon_yang.c clixon_yang_type.c clixon_yang_module.c clixon_netconf_monitoring.c \
 	  clixon_yang_parse_lib.c clixon_yang_sub_parse.c \
          clixon_yang_cardinality.c clixon_xml_changelog.c clixon_xml_nsctx.c \
 	  clixon_path.c clixon_validate.c clixon_validate_minmax.c \
--- a/lib/src/clixon_netconf_lib.c
+++ b/lib/src/clixon_netconf_lib.c
@ -1245,7 +1245,7 @@ netconf_operation_failed_xml(cxobj **xret,
    return retval;
 }

-/*! Create Netconf malformed-message error XML tree according to RFC 6241 App A
+/*! Create Netconf malformed-message error cbuf according to RFC 6241 App A
 *
 * A message could not be handled because it failed to be parsed correctly.  
 * For example, the message is not well-formed XML or it uses an
@ -1259,7 +1259,7 @@ int
 netconf_malformed_message(cbuf  *cb,
                          char  *message)
 {
-    int   retval = -1;
+    int    retval = -1;
    cxobj *xret = NULL;

    if (netconf_malformed_message_xml(&xret, message) < 0)
@ -1332,6 +1332,35 @@ netconf_malformed_message_xml(cxobj **xret,
    return retval;
 }

+/*! Create Netconf data-not-unique error message according to RFC 7950 15.1
+ *
+ * A NETCONF operation would result in configuration data where a
+ * "unique" constraint is invalidated.
+ * @param[out]  xret   Error XML tree. Free with xml_free after use
+ * @param[in]   x      List element containing duplicate
+ * @param[in]   cvk    List of components in x that are non-unique
+ * @see RFC7950 Sec 15.1
+ * @see netconf_data_not_unique_xml  Same but returns XML tree
+ */
+int
+netconf_data_not_unique(cbuf  *cb,
+                        cxobj  *x,
+                        cvec   *cvk)
+{
+    int    retval = -1;
+    cxobj *xret = NULL;
+
+    if (netconf_data_not_unique_xml(&xret, x, cvk) < 0)
+        goto done;
+    if (clixon_xml2cbuf(cb, xret, 0, 0, -1, 0) < 0)
+        goto done;
+    retval = 0;
+ done:
+    if (xret)
+        xml_free(xret);
+    return retval;
+}
+
 /*! Create Netconf data-not-unique error message according to RFC 7950 15.1
 *
 * A NETCONF operation would result in configuration data where a
@ -1714,22 +1743,8 @@ netconf_content_int2str(netconf_content nr)
    return clicon_int2str(netconf_content_map, nr);
 }

-/*! Create Netconf server hello. Single cap and defer individual to querying modules
-
- * @param[in]  h           Clicon handle
- * @param[in]  cb          Msg buffer
- * @param[in]  session_id  Id of client session
- * Lots of dependencies here. regarding the hello protocol.
- * RFC6241 NETCONF Protocol says: (8.1)
- *    MUST send a <hello> element containing a list of that peer's capabilities
- *    MUST send at least the base NETCONF capability, urn:ietf:params:netconf:base:1.1
- *    MAY include capabilities for previous NETCONF versions
- *    A server MUST include a <session-id>  
- *    A client MUST NOT include a <session-id> 
- *    A server receiving <session-id> MUST terminate the NETCONF session.  
- *    A client not receiving <session-id> MUST terminate w/o sending<close-session>
- * the example shows urn:ietf:params:netconf:capability:startup:1.0 
-
+/*! List capabilities
+ *
 * RFC5277 NETCONF Event Notifications
 *  urn:ietf:params:netconf:capability:notification:1.0 is advertised during the capability exchange
 *  
@ -1750,29 +1765,18 @@ netconf_content_int2str(netconf_content nr)
 *   urn:ietf:params:netconf:capability:startup:1.0 (8.7)
 *   urn:ietf:params:netconf:capability:xpath:1.0 (8.9)
 *   urn:ietf:params:netconf:capability:notification:1.0 (RFC5277)
- *
- * @note the hello message is created bythe netconf application, not the 
- *  backend, and backend may implement more modules - please consider if using
- *  library routines for detecting capabilities here. In contrast, yang module 
- * list (RFC7895) is processed by the backend.
- * @note If you add new, remember to encode bodies if needed, see xml_chardata_encode()
- * @note
- * @see yang_modules_state_get
- * @see netconf_module_load
 */
 int
-netconf_hello_server(clicon_handle h,
-                     cbuf         *cb,
-                     uint32_t      session_id)
+netconf_capabilites(clicon_handle h,
+                    cbuf         *cb)
 {
-    int   retval = -1;
-    char *module_set_id;
-    char *ietf_yang_library_revision;
-    char *encstr = NULL;
+    int        retval = -1;
+    char      *encstr = NULL;
+    char      *ietf_yang_library_revision;
    yang_stmt *yspec = clicon_dbspec_yang(h);
+    char      *module_set_id;

    module_set_id = clicon_option_str(h, "CLICON_MODULE_SET_ID");
-    cprintf(cb, "<hello xmlns=\"%s\">", NETCONF_BASE_NAMESPACE);
    cprintf(cb, "<capabilities>");
    if (clicon_option_int(h, "CLICON_NETCONF_BASE_CAPABILITY") > 0){
        /* Each peer MUST send at least the base NETCONF capability, "urn:ietf:params:netconf:base:1.1" 
@ -1810,20 +1814,59 @@ netconf_hello_server(clicon_handle h,
    xml_chardata_cbuf_append(cb, "urn:ietf:params:netconf:capability:with-defaults:1.0?basic-mode=explicit&also-supported=report-all,trim,report-all-tagged");
    cprintf(cb, "</capability>");
    /* RFC5277 Notification Capability */
-    cprintf(cb, "<capability>urn:ietf:params:netconf:capability:notification:1.0</capability>");
+    cprintf(cb, "<capability>%s</capability>", NETCONF_NOTIFICATION_CAPABILITY);
+
    /* It is somewhat arbitrary why some features/capabilities are hardocded and why some are not
     * rfc 6241 Sec 8.4 confirmed-commit capabilities */
    if (if_feature(yspec, "ietf-netconf", "confirmed-commit"))
        cprintf(cb, "<capability>urn:ietf:params:netconf:capability:confirmed-commit:1.1</capability>");
-
    cprintf(cb, "</capabilities>");
+    retval = 0;
+ done:
+    if (encstr)
+        free(encstr);
+    return retval;
+}
+
+/*! Create Netconf server hello. Single cap and defer individual to querying modules
+ * @param[in]  h           Clicon handle
+ * @param[in]  cb          Msg buffer
+ * @param[in]  session_id  Id of client session
+ * Lots of dependencies here. regarding the hello protocol.
+ * RFC6241 NETCONF Protocol says: (8.1)
+ *    MUST send a <hello> element containing a list of that peer's capabilities
+ *    MUST send at least the base NETCONF capability, urn:ietf:params:netconf:base:1.1
+ *    MAY include capabilities for previous NETCONF versions
+ *    A server MUST include a <session-id>  
+ *    A client MUST NOT include a <session-id> 
+ *    A server receiving <session-id> MUST terminate the NETCONF session.  
+ *    A client not receiving <session-id> MUST terminate w/o sending<close-session>
+ * the example shows urn:ietf:params:netconf:capability:startup:1.0 
+ *
+ * @note the hello message is created bythe netconf application, not the 
+ *  backend, and backend may implement more modules - please consider if using
+ *  library routines for detecting capabilities here. In contrast, yang module 
+ * list (RFC7895) is processed by the backend.
+ * @note If you add new, remember to encode bodies if needed, see xml_chardata_encode()
+ * @note
+ * @see yang_modules_state_get
+ * @see netconf_module_load
+ */
+int
+netconf_hello_server(clicon_handle h,
+                     cbuf         *cb,
+                     uint32_t      session_id)
+{
+    int   retval = -1;
+
+    cprintf(cb, "<hello xmlns=\"%s\">", NETCONF_BASE_NAMESPACE);
+    if (netconf_capabilites(h, cb) < 0)
+        goto done;
    if (session_id) 
        cprintf(cb, "<session-id>%lu</session-id>", (long unsigned int)session_id);
    cprintf(cb, "</hello>");
    retval = 0;
 done:
-    if (encstr)
-        free(encstr);
    return retval;
 }

--- a/lib/src/clixon_netconf_monitoring.c
+++ b/lib/src/clixon_netconf_monitoring.c
@ -0,0 +1,179 @@
+/*
+ *
+  ***** BEGIN LICENSE BLOCK *****
+ 
+  Copyright (C) 2009-2019 Olof Hagsand
+  Copyright (C) 2020-2022 Olof Hagsand and Rubicon Communications, LLC(Netgate)
+
+  This file is part of CLIXON.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+
+  Alternatively, the contents of this file may be used under the terms of
+  the GNU General Public License Version 3 or later (the "GPL"),
+  in which case the provisions of the GPL are applicable instead
+  of those above. If you wish to allow use of your version of this file only
+  under the terms of the GPL, and not to allow others to
+  use your version of this file under the terms of Apache License version 2, 
+  indicate your decision by deleting the provisions above and replace them with
+  the  notice and other provisions required by the GPL. If you do not delete
+  the provisions above, a recipient may use your version of this file under
+  the terms of any one of the Apache License version 2 or the GPL.
+
+  ***** END LICENSE BLOCK *****
+
+ * RFC 6022 YANG Module for NETCONF Monitoring
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "clixon_config.h" /* generated by config & autoconf */
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <limits.h>
+#include <ctype.h>
+#include <unistd.h>
+
+/* cligen */
+#include <cligen/cligen.h>
+
+/* clicon */
+#include "clixon_log.h"
+#include "clixon_queue.h"
+#include "clixon_hash.h"
+#include "clixon_handle.h"
+#include "clixon_yang.h"
+#include "clixon_xml.h"
+#include "clixon_xml_io.h"
+#include "clixon_netconf_lib.h"
+#include "clixon_options.h"
+#include "clixon_err.h"
+#include "clixon_netconf_monitoring.h"
+
+/*!
+ * @param[in]     h       Clicon handle
+ * @param[in]     yspec   Yang spec
+ * @param[in,out] cb      CLIgen buffer
+ * @retval       -1       Error (fatal)
+ * @retval        0       OK
+ */
+static int
+yang_modules(clicon_handle h,
+             yang_stmt    *yspec,
+             cbuf         *cb)
+{
+    int        retval = -1;
+    yang_stmt *ym = NULL;
+    yang_stmt *y1;
+    char      *identifier;
+    char      *revision;
+    char      *dir;
+
+    cprintf(cb, "<schemas>");
+    while ((ym = yn_each(yspec, ym)) != NULL) {
+        cprintf(cb, "<schema>");
+        identifier = yang_argument_get(ym);
+        cprintf(cb, "<identifier>%s</identifier>", identifier);
+        cprintf(cb, "<version>");
+        revision = NULL;
+        if ((y1 = yang_find(ym, Y_REVISION, NULL)) != NULL){
+            revision = yang_argument_get(y1);
+            cprintf(cb, "%s", revision);
+        }
+        cprintf(cb, "</version>");
+        cprintf(cb, "<format>yang</format>");
+        if ((y1 = yang_find(ym, Y_NAMESPACE, NULL)) != NULL){
+            cprintf(cb, "<namespace>%s</namespace>", yang_argument_get(y1));
+        }
+        /* A local implementation may have other locations, how to configure? */
+        cprintf(cb, "<location>NETCONF</location>");
+        if ((dir = clicon_option_str(h,"CLICON_NETCONF_MONITORING_LOCATION")) != NULL){
+            if (revision)
+                cprintf(cb, "<location>%s/%s@%s.yang</location>", dir, identifier, revision);
+            else
+                cprintf(cb, "<location>%s/%s.yang</location>", dir, identifier);
+        }
+        cprintf(cb, "</schema>");
+    }
+    cprintf(cb, "</schemas>");
+    retval = 0;
+    //done:
+    return retval;
+}
+
+/*! Get modules state according to RFC 7895
+ * @param[in]     h       Clicon handle
+ * @param[in]     yspec   Yang spec
+ * @param[in]     xpath   XML Xpath
+ * @param[in]     nsc     XML Namespace context for xpath
+ * @param[in]     brief   Just name, revision and uri (no cache)
+ * @param[in,out] xret    Existing XML tree, merge x into this
+ * @retval       -1       Error (fatal)
+ * @retval        0       Statedata callback failed
+ * @retval        1       OK
+ * 2.1
+ *   netconf-state
+ *       /capabilities
+ *       /datastores
+ *       /schemas
+ *       /sessions
+ *       /statistics
+ */
+int
+netconf_monitoring_state_get(clicon_handle h,
+                             yang_stmt    *yspec,
+                             char         *xpath,
+                             cvec         *nsc,
+                             int           brief,
+                             cxobj       **xret)
+{
+    int   retval = -1;
+    cbuf *cb = NULL;
+    
+    if ((cb = cbuf_new()) ==NULL){
+        clicon_err(OE_XML, errno, "cbuf_new");
+        goto done;
+    }
+    /* capabilities 2.1.1 */
+    cprintf(cb, "<netconf-state xmlns=\"%s\">", NETCONF_MONITORING_NAMESPACE);
+    if (netconf_capabilites(h, cb) < 0)
+        goto done;
+
+    /* datastores 2.1.2 */
+    // XXX
+
+    /* schemas 2.1.3 */
+    if (yang_modules(h, yspec, cb) < 0)
+        goto done;
+
+    /* sessions 2.1.4 */
+    // XXX
+
+    /* statistics 2.1.5 */
+    // XXX
+    
+    cprintf(cb, "</netconf-state>");
+    if (clixon_xml_parse_string(cbuf_get(cb), YB_MODULE, yspec, xret, NULL) < 0)
+        goto done;
+    retval = 1;
+ done:
+    clicon_debug(1, "%s %d", __FUNCTION__, retval);
+    if (cb)
+        cbuf_free(cb);
+    return retval;
+    // fail:
+    //    retval = 0;
+    //    goto done;
+}
--- a/lib/src/clixon_stream.c
+++ b/lib/src/clixon_stream.c
@ -80,6 +80,7 @@
 #include "clixon_yang.h"
 #include "clixon_xml.h"
 #include "clixon_xml_io.h"
+#include "clixon_netconf_lib.h"
 #include "clixon_options.h"
 #include "clixon_data.h"
 #include "clixon_xpath_ctx.h"
@ -585,7 +586,7 @@ stream_notify(clicon_handle h,
    }
    /* From RFC5277 */
    cprintf(cb, "<notification xmlns=\"%s\"><eventTime>%s</eventTime>%s</notification>",
-            NOTIFICATION_RFC5277_NAMESPACE, timestr, str);
+            NETCONF_NOTIFICATION_NAMESPACE, timestr, str);
    if (clixon_xml_parse_string(cbuf_get(cb), YB_MODULE, yspec, &xev, NULL) < 0)
        goto done;
    if (xml_rootchild(xev, 0, &xev) < 0)
@ -649,7 +650,7 @@ stream_notify_xml(clicon_handle h,
        goto done;
    }
    cprintf(cb, "<notification xmlns=\"%s\"><eventTime>%s</eventTime>NULL</notification>",
-            NOTIFICATION_RFC5277_NAMESPACE,
+            NETCONF_NOTIFICATION_NAMESPACE,
            timestr); /* XXX str is always NULL */
    if (clixon_xml_parse_string(cbuf_get(cb), YB_NONE, yspec, &xev, NULL) < 0)
        goto done;