mirror of
https://github.com/novatiq/packages.git
synced 2026-04-30 07:28:39 +01:00
netopeer2: update to 1.1.39
Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr>
This commit is contained in:
Jakov Smolic
@@ -0,0 +1,57 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
# avoid problems with sudo path
|
||||
SYSREPOCFG=`which sysrepocfg`
|
||||
KS_KEY_NAME=genkey
|
||||
|
||||
# check that there is no listen/Call Home configuration yet
|
||||
SERVER_CONFIG=`$SYSREPOCFG -X -x "/ietf-netconf-server:netconf-server/listen/endpoint[1]/name | /ietf-netconf-server:netconf-server/call-home/netconf-client[1]/name"`
|
||||
if [ -z "$SERVER_CONFIG" ]; then
|
||||
|
||||
# import default config
|
||||
CONFIG="<netconf-server xmlns=\"urn:ietf:params:xml:ns:yang:ietf-netconf-server\">
|
||||
<listen>
|
||||
<endpoint>
|
||||
<name>default-ssh</name>
|
||||
<ssh>
|
||||
<tcp-server-parameters>
|
||||
<local-address>0.0.0.0</local-address>
|
||||
<keepalives>
|
||||
<idle-time>1</idle-time>
|
||||
<max-probes>10</max-probes>
|
||||
<probe-interval>5</probe-interval>
|
||||
</keepalives>
|
||||
</tcp-server-parameters>
|
||||
<ssh-server-parameters>
|
||||
<server-identity>
|
||||
<host-key>
|
||||
<name>default-key</name>
|
||||
<public-key>
|
||||
<keystore-reference>$KS_KEY_NAME</keystore-reference>
|
||||
</public-key>
|
||||
</host-key>
|
||||
</server-identity>
|
||||
<client-authentication>
|
||||
<supported-authentication-methods>
|
||||
<publickey/>
|
||||
<passsword/>
|
||||
<other>interactive</other>
|
||||
</supported-authentication-methods>
|
||||
<users/>
|
||||
</client-authentication>
|
||||
</ssh-server-parameters>
|
||||
</ssh>
|
||||
</endpoint>
|
||||
</listen>
|
||||
</netconf-server>"
|
||||
TMPFILE=`mktemp -u`
|
||||
printf -- "$CONFIG" > $TMPFILE
|
||||
# apply it to startup and running
|
||||
$SYSREPOCFG --edit=$TMPFILE -d startup -f xml -m ietf-netconf-server -v2
|
||||
$SYSREPOCFG -C startup -m ietf-netconf-server -v2
|
||||
# remove the tmp file
|
||||
rm $TMPFILE
|
||||
|
||||
fi
|
||||
@@ -0,0 +1,47 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
# avoid problems with sudo path
|
||||
SYSREPOCFG=`which sysrepocfg`
|
||||
OPENSSL=`which openssl`
|
||||
|
||||
# check that there is no SSH key with this name yet
|
||||
KEYSTORE_KEY=`$SYSREPOCFG -X -x "/ietf-keystore:keystore/asymmetric-keys/asymmetric-key[name='genkey']/name"`
|
||||
if [ -z "$KEYSTORE_KEY" ]; then
|
||||
|
||||
# generate a new key
|
||||
PRIVPEM=`$OPENSSL genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -outform PEM 2>/dev/null`
|
||||
# remove header/footer
|
||||
PRIVKEY=`grep -v -- "-----" - <<STDIN
|
||||
$PRIVPEM
|
||||
STDIN`
|
||||
# get public key
|
||||
PUBPEM=`$OPENSSL rsa -pubout 2>/dev/null <<STDIN
|
||||
$PRIVPEM
|
||||
STDIN`
|
||||
# remove header/footer
|
||||
PUBKEY=`grep -v -- "-----" - <<STDIN
|
||||
$PUBPEM
|
||||
STDIN`
|
||||
|
||||
# generate edit config
|
||||
CONFIG="<keystore xmlns=\"urn:ietf:params:xml:ns:yang:ietf-keystore\">
|
||||
<asymmetric-keys>
|
||||
<asymmetric-key>
|
||||
<name>genkey</name>
|
||||
<algorithm>rsa2048</algorithm>
|
||||
<public-key>$PUBKEY</public-key>
|
||||
<private-key>$PRIVKEY</private-key>
|
||||
</asymmetric-key>
|
||||
</asymmetric-keys>
|
||||
</keystore>"
|
||||
TMPFILE=`mktemp -u`
|
||||
printf -- "$CONFIG" > $TMPFILE
|
||||
# apply it to startup and running
|
||||
$SYSREPOCFG --edit=$TMPFILE -d startup -f xml -m ietf-keystore -v2
|
||||
$SYSREPOCFG -C startup -m ietf-keystore -v2
|
||||
# remove the tmp file
|
||||
rm $TMPFILE
|
||||
|
||||
fi
|
||||
@@ -0,0 +1,106 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Warning, problems can occur if the device restarts in the middle of this uci-default script
|
||||
|
||||
# install YANG modules
|
||||
SYSREPOCTL=`which sysrepoctl`
|
||||
MODDIR="/etc/netopeer2/modules"
|
||||
PERMS=600
|
||||
OWNER=root
|
||||
GROUP=root
|
||||
|
||||
# array of modules to install
|
||||
MODULES="\
|
||||
ietf-netconf-acm@2018-02-14.yang
|
||||
ietf-netconf@2013-09-29.yang -e writable-running -e candidate -e rollback-on-error -e validate -e startup -e url -e xpath
|
||||
ietf-netconf-monitoring@2010-10-04.yang
|
||||
ietf-netconf-nmda@2019-01-07.yang -e origin -e with-defaults
|
||||
nc-notifications@2008-07-14.yang
|
||||
notifications@2008-07-14.yang
|
||||
ietf-x509-cert-to-name@2014-12-10.yang
|
||||
ietf-crypto-types@2019-07-02.yang
|
||||
ietf-keystore@2019-07-02.yang -e keystore-supported
|
||||
ietf-truststore@2019-07-02.yang -e truststore-supported -e x509-certificates
|
||||
ietf-tcp-common@2019-07-02.yang -e keepalives-supported
|
||||
ietf-ssh-server@2019-07-02.yang -e local-client-auth-supported
|
||||
ietf-tls-server@2019-07-02.yang -e local-client-auth-supported
|
||||
ietf-netconf-server@2019-07-02.yang -e ssh-listen -e tls-listen -e ssh-call-home -e tls-call-home"
|
||||
|
||||
# functions
|
||||
INSTALL_MODULE() {
|
||||
local module=`echo "$1" | sed 's/\s.*$//'`
|
||||
$SYSREPOCTL -a -i $MODDIR/$module -s $MODDIR -p $PERMS -o $OWNER -g $GROUP -v2
|
||||
local rc=$?
|
||||
if [ $rc -ne 0 ]; then
|
||||
exit $rc
|
||||
fi
|
||||
}
|
||||
|
||||
UPDATE_MODULE() {
|
||||
$SYSREPOCTL -a -U $MODDIR/$1 -s $MODDIR -p $PERMS -o $OWNER -g $GROUP -v2
|
||||
local rc=$?
|
||||
if [ $rc -ne 0 ]; then
|
||||
exit $rc
|
||||
fi
|
||||
}
|
||||
|
||||
ENABLE_FEATURE() {
|
||||
$SYSREPOCTL -a -c $1 -e $2 -v2
|
||||
local rc=$?
|
||||
if [ $rc -ne 0 ]; then
|
||||
exit $rc
|
||||
fi
|
||||
}
|
||||
|
||||
ENABLE_FEATURES() {
|
||||
# parse sysrepoctl features and add extra space at the end for easier matching
|
||||
local sctl_features="`echo "$SCTL_MODULE" | sed 's/\([^|]*|\)\{6\}\(.*\)/\2/'` "
|
||||
# parse features we want to enable
|
||||
local features=`echo "$1" | sed 's/[^ ]* \(.*\)/\1/'`
|
||||
while [ "${features:0:3}" = "-e " ]; do
|
||||
# skip "-e "
|
||||
features=${features:3}
|
||||
# parse feature
|
||||
local feature=`echo "$features" | sed 's/\([^[:space:]]*\).*/\1/'`
|
||||
|
||||
# enable feature if not already
|
||||
sctl_feature=`echo "$sctl_features" | grep " ${feature} "`
|
||||
if [ -z "$sctl_feature" ]; then
|
||||
# enable feature
|
||||
ENABLE_FEATURE $name $feature
|
||||
fi
|
||||
|
||||
# next iteration, skip this feature
|
||||
features=`echo "$features" | sed 's/[^[:space:]]* \(.*\)/\1/'`
|
||||
done
|
||||
}
|
||||
|
||||
# get current modules
|
||||
SCTL_MODULES=`$SYSREPOCTL -l`
|
||||
|
||||
IFS=$'\n'
|
||||
for i in $MODULES; do
|
||||
name=`echo "$i" | sed 's/\([^@]*\).*/\1/'`
|
||||
|
||||
SCTL_MODULE=`echo "$SCTL_MODULES" | grep "^$name \+|[^|]*| I"`
|
||||
if [ -z "$SCTL_MODULE" ]; then
|
||||
# install module
|
||||
INSTALL_MODULE "$i"
|
||||
ENABLE_FEATURES "$i"
|
||||
continue
|
||||
fi
|
||||
|
||||
sctl_revision=`echo "$SCTL_MODULE" | sed 's/[^|]*| \([^ ]*\).*/\1/'`
|
||||
revision=`echo "$i" | sed 's/[^@]*@\([^\.]*\).*/\1/'`
|
||||
if [ "$sctl_revision" \< "$revision" ]; then
|
||||
# update module without any features
|
||||
file=`echo "$i" | cut -d' ' -f 1`
|
||||
UPDATE_MODULE $file
|
||||
fi
|
||||
|
||||
ENABLE_FEATURES "$i"
|
||||
done
|
||||
|
||||
unset IFS
|
||||
|
||||
exit 0
|
||||
@@ -0,0 +1,21 @@
|
||||
#!/bin/sh /etc/rc.common
|
||||
|
||||
START=99
|
||||
STOP=11
|
||||
|
||||
USE_PROCD=1
|
||||
PROG=/usr/bin/netopeer2-server
|
||||
|
||||
start_service() {
|
||||
procd_open_instance
|
||||
procd_set_param command $PROG
|
||||
procd_append_param command -d -v 0
|
||||
procd_set_param respawn
|
||||
procd_close_instance
|
||||
}
|
||||
|
||||
stop_service()
|
||||
{
|
||||
service_stop ${PROG}
|
||||
rm /var/run/netopeer2-server.pid
|
||||
}
|
||||
Reference in New Issue
Block a user