examples UPDATE use new api
Example server now uses the new API for SSH connection. Minor bugfix in
nc_server_config_ssh_new_address_port.
diff --git a/examples/client.c b/examples/client.c
index 1ebf11c..88c38ff 100644
--- a/examples/client.c
+++ b/examples/client.c
@@ -196,7 +196,7 @@
break;
case SSH:
- session = nc_connect_ssh(SSH_ADDRESS, SSH_PORT, NULL);
+ session = nc_connect_ssh(SSH_ADDRESS, atoi(SSH_PORT), NULL);
break;
case NONE:
diff --git a/examples/config.xml b/examples/config.xml
new file mode 100644
index 0000000..2bf7598
--- /dev/null
+++ b/examples/config.xml
@@ -0,0 +1,119 @@
+<netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server" xmlns:yang="urn:ietf:params:xml:ns:yang:1" yang:operation="none">
+ <listen yang:operation="create">
+ <idle-timeout>10</idle-timeout>
+ <endpoint>
+ <name>default-ssh</name>
+ <ssh>
+ <tcp-server-parameters>
+ <local-address>127.0.0.1</local-address>
+ <local-port>830</local-port>
+ </tcp-server-parameters>
+ <ssh-server-parameters>
+ <server-identity>
+ <host-key>
+ <name>key</name>
+ <public-key>
+ <local-definition>
+ <public-key-format xmlns:ct="urn:ietf:params:xml:ns:yang:ietf-crypto-types">ct:ssh-public-key-format</public-key-format>
+ <public-key>MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6ojtjfDmvyQP1ZkIwBpr
+97eKDuebvpoglRHRdvVuTpf/gU1VArAQmwGh05i6lm8TkVl1noMlIxLJDcWslaeV
+n6KyvsX0HhsQtXwqPqwka5UCv6alwf/ivAvcNpcX1j0t/uIGCI4dSiKnzQCyf0FT
+irzQkjrDZUd3meDhNQTruCalGV4gfNWIq3e1oGuwAn1tLlu9oTrE4HzMpgbNEU6w
+NmsSqpwGxUhYLoSaM7b0dLmqP+ZczSS0Uac0PFNkehGQ2CYIT80f580o4XGtoLCU
+UGkp6YCTL4Z2CeBEaJABWjDIDH+dKYIUBqUpz4Th12gXAP+h+3qI6+9eppeHrfrz
+ARDsfLjwUNxQJse1QSArjAytf0FKtGHrORc7W0TiCFvR0zaoUNLTKk7enTiRQ9rf
+WZOAu44fUvPCaXDE6zXXeaVgoKCo4VHlho36erUcjlEBM+jk28IykbZGtBb6igKv
+Ya1tPSgeYm/zJoFVjQcnr14uci/ft1+Na+hOIEoEEiKxcAPk2b2vBKNlRIW7WLJ3
+u7ZiuQEJTNm6+3cE4+lfwaBCBqBToE+dpzvoUXoMyFFReUFd1O5axu4fXgt00jMa
+OQxmE0v9OmR/pL/PWIflVF4Zz5yVONYaDVc7l+veY0oEZruEPJ0hlEgxuCzLrcMh
+jufl2qE2Q7fQIaav/1NqBVkCAwEAAQ==</public-key>
+ <private-key-format xmlns:ct="urn:ietf:params:xml:ns:yang:ietf-crypto-types">ct:rsa-private-key-format</private-key-format>
+ <cleartext-private-key>MIIJKAIBAAKCAgEA6ojtjfDmvyQP1ZkIwBpr97eKDuebvpoglRHRdvVuTpf/gU1V
+ArAQmwGh05i6lm8TkVl1noMlIxLJDcWslaeVn6KyvsX0HhsQtXwqPqwka5UCv6al
+wf/ivAvcNpcX1j0t/uIGCI4dSiKnzQCyf0FTirzQkjrDZUd3meDhNQTruCalGV4g
+fNWIq3e1oGuwAn1tLlu9oTrE4HzMpgbNEU6wNmsSqpwGxUhYLoSaM7b0dLmqP+Zc
+zSS0Uac0PFNkehGQ2CYIT80f580o4XGtoLCUUGkp6YCTL4Z2CeBEaJABWjDIDH+d
+KYIUBqUpz4Th12gXAP+h+3qI6+9eppeHrfrzARDsfLjwUNxQJse1QSArjAytf0FK
+tGHrORc7W0TiCFvR0zaoUNLTKk7enTiRQ9rfWZOAu44fUvPCaXDE6zXXeaVgoKCo
+4VHlho36erUcjlEBM+jk28IykbZGtBb6igKvYa1tPSgeYm/zJoFVjQcnr14uci/f
+t1+Na+hOIEoEEiKxcAPk2b2vBKNlRIW7WLJ3u7ZiuQEJTNm6+3cE4+lfwaBCBqBT
+oE+dpzvoUXoMyFFReUFd1O5axu4fXgt00jMaOQxmE0v9OmR/pL/PWIflVF4Zz5yV
+ONYaDVc7l+veY0oEZruEPJ0hlEgxuCzLrcMhjufl2qE2Q7fQIaav/1NqBVkCAwEA
+AQKCAgAeRZw75Oszoqj0jfMmMILdD3Cfad+dY3FvLESYESeyt0XAX8XoOed6ymQj
+1qPGxQGGkkBvPEgv1b3jrC8Rhfb3Ct39Z7mRpTar5iHhwwBUboBTUmQ0vR173iAH
+X8sw2Oa17mCO/CDlr8Fu4Xcom7r3vlVBepo72VSjpPYMjN0MANjwhEi3NCyWzTXB
+RgUK3TuZbzfzto0w2Irlpx0S7dAqxfk70jXBgwv2vSDWKfg1lL1X0BkMVX98xpMk
+cjMW2muSqp4KBtTma4GqT6z0f7Y1Bs3lGLZmvPlBXxQVVvkFtiQsENCtSd/h17Gk
+2mb4EbReaaBzwCYqJdRWtlpJ54kzy8U00co+Yn//ZS7sbbIDkqHPnXkpdIr+0rED
+MlOw2Y3vRZCxqZFqfWCW0uzhwKqk2VoYqtDL+ORKG/aG/KTBQ4Y71Uh+7aabPwj5
+R+NaVMjbqmrVeH70eKjoNVgcNYY1C9rGVF1d+LQEm7UsqS0DPp4wN9QKLAqIfuar
+AhQBhZy1R7Sj1r5macD9DsGxsurM4mHZV0LNmYLZiFHjTUb6iRSPD5RBFW80vcNt
+xZ0cxmkLtxrj/DVyExV11Cl0SbZLLa9mScYvxdl/qZutXt3PQyab0NiYxGzCD2Rn
+LkCyxkh1vuHHjhvIWYfbd2VgZB/qGr+o9T07FGfMCu23//fugQKCAQEA9UH38glH
+/rAjZ431sv6ryUEFY8I2FyLTijtvoj9CNGcQn8vJQAHvUPfMdyqDoum6wgcTmG+U
+XA6mZzpGQCiY8JW5CoItgXRoYgNzpvVVe2aLf51QGtNLLEFpNDMpCtI+I+COpAmG
+vWAukku0pZfRjm9eb1ydvTpHlFC9+VhVUsLzw3VtSC5PVW6r65mZcYcB6SFVPap+
+31ENP/9jOMFoymh57lSMZJMxTEA5b0l2miFb9Rp906Zqiud5zv2jIqF6gL70giW3
+ovVxR7LGKKTKIa9pxawHwB6Ithygs7YoJkjF2dm8pZTMZKsQN92K70XGj07SmYRL
+ZpkVD7i+cqbbKQKCAQEA9M6580Rcw6W0twfcy0/iB4U5ZS52EcCjW8vHlL+MpUo7
+YvXadSgV1ZaM28zW/ZGk3wE0zy1YT5s30SQkm0NiWN3t/J0l19ccAOxlPWfjhF7v
+IQZr7XMo5HeaK0Ak5+68J6bx6KgcXmlJOup7INaE8DyGXB6vd4K6957IXyqs3/bf
+JAUmz49hnveCfLFdTVVT/Uq4IoPKfQSbSZc0BvPBsnBCF164l4jllGBaWS302dhg
+W4cgxzG0SZGgNwow4AhB+ygiiS8yvOa7UcHfUObVrzWeeq9mYSQ1PkvUTjkWR2/Y
+8xy7WP0TRBdJOVSs90H51lerEDGNQWvQvI97S9ZOsQKCAQB59u9lpuXtqwxAQCFy
+fSFSuQoEHR2nDcOjF4GhbtHum15yCPaw5QVs/33nuPWze4ZLXReKk9p0mTh5V0p+
+N3IvGlXl+uzEVu5d55eI7LIw5sLymHmwjWjxvimiMtrzLbCHSPHGc5JU9NLUH9/b
+BY/JxGpy+NzcsHHOOQTwTdRIjviIOAo7fgQn2RyX0k+zXE8/7zqjqvji9zyemdNu
+8we4uJICSntyvJwkbj/hrufTKEnBrwXpzfVn1EsH+6w32ZPBGLUhT75txJ8r56SR
+q7l1XPU9vxovmT+lSMFF/Y0j1MbHWnds5H1shoFPNtYTvWBL/gfPHjIc+H23zsiu
+3XlZAoIBAC2xB/Pnpoi9vOUMiqFH36AXtYa1DURy+AqCFlYlClMvb7YgvQ1w1eJv
+nwrHSLk7HdKhnwGsLPduuRRH8q0n/osnoOutSQroE0n41UyIv2ZNccRwNmSzQcai
+rBu2dSz02hlsh2otNl5IuGpOqXyPjXBpW4qGD6n2tH7THALnLC0BHtTSQVQsJsRM
+3gX39LoiWvLDp2qJvplm6rTpi8Rgap6rZSqHe1yNKIxxD2vlr/WY9SMgLXYASO4S
+SBz9wfGOmQIPk6KXNJkdV4kC7nNjIi75iwLLCgjHgUiHTrDq5sWekpeNnUoWsinb
+Tsdsjnv3zHG9GyiClyLGxMbs4M5eyYECggEBAKuC8ZMpdIrjk6tERYB6g0LnQ7mW
+8XYbDFAmLYMLs9yfG2jcjVbsW9Kugsr+3poUUv/q+hNO3jfY4HazhZDa0MalgNPo
+Swr/VNRnkck40x2ovFb989J7yl++zTrnIrax9XRH1V0cNu+Kj7OMwZ2RRfbNv5JB
+dOZPvkfqyIKFmbQgYbtD66rHuzNOfJpzqr/WVLO57/zzW8245NKG2B6B0oXkei/K
+qDY0DAbHR3i3EOj1NPtVI1FC/xX8R9BREaid458bqoHJKuInrGcBjaUI9Cvymv8T
+bstUgD6NPbJR4Sm6vrLeUqzjWZP3t1+Z6DjXmnpR2vvhMU/FWb//21p/88o=</cleartext-private-key>
+ </local-definition>
+ </public-key>
+ </host-key>
+ </server-identity>
+ <client-authentication>
+ <users>
+ <user>
+ <name>admin</name>
+ <password>$6$xyz$WwFC0nTow5jwJwMYeOZItipYgZidye/O7Z2kxRP3cPttku.GHre0y/51bO2uJlRjQwLNRddSA5fuJG5X1F8Dd1</password>
+ <public-keys>
+ <local-definition>
+ <public-key>
+ <name>client</name>
+ <public-key-format xmlns:ct="urn:ietf:params:xml:ns:yang:ietf-crypto-types">ct:ssh-public-key-format</public-key-format>
+ <public-key>AAAAB3NzaC1yc2EAAAADAQABAAABAQDPavVALiM7QwTIUAndO8E9GOkSDQWjuEwkzbJ3kOBPa7kkq71UOZFeecDjFb9eipkljfFys/JYHGQaYVF8/svT0KV5h7HlutRdF6yvqSEbjpbTORb27pdHX3iFEyDCwCIoq9vMeX+wyXnteyn01GpIL0ig0WAnvkqX/SPjuplX5ZItUSr0MhXM7fNSX50BD6G8IO0/djUcdMUcjTjGv73SxB9ZzLvxnhXuUJbzEJJJLj6qajyEIVaJSa73vA33JCD8qzarrsuITojVLPDFmeHwSAoB5dP86yop6e6ypuXzKxxef6yNXcE8oTj8UFYBIXsgIP2nBvWk41EaK0Vk3YFl</public-key>
+ </public-key>
+ </local-definition>
+ </public-keys>
+ </user>
+ </users>
+ </client-authentication>
+ <transport-params>
+ <host-key>
+ <host-key-alg xmlns:sshpka="urn:ietf:params:xml:ns:yang:iana-ssh-public-key-algs">sshpka:rsa-sha2-512</host-key-alg>
+ </host-key>
+ <key-exchange>
+ <key-exchange-alg xmlns:sshkea="urn:ietf:params:xml:ns:yang:iana-ssh-key-exchange-algs">sshkea:curve25519-sha256</key-exchange-alg>
+ </key-exchange>
+ <encryption>
+ <encryption-alg xmlns:sshea="urn:ietf:params:xml:ns:yang:iana-ssh-encryption-algs">sshea:aes256-ctr</encryption-alg>
+ </encryption>
+ <mac>
+ <mac-alg xmlns:sshma="urn:ietf:params:xml:ns:yang:iana-ssh-mac-algs">sshma:hmac-sha2-512</mac-alg>
+ </mac>
+ </transport-params>
+ </ssh-server-parameters>
+ </ssh>
+ </endpoint>
+ </listen>
+</netconf-server>
\ No newline at end of file
diff --git a/examples/example.h.in b/examples/example.h.in
index 5aa11f3..6e214f0 100644
--- a/examples/example.h.in
+++ b/examples/example.h.in
@@ -24,11 +24,14 @@
/* directory with examples source code and this header */
#define EXAMPLES_DIR "@CMAKE_SOURCE_DIR@/examples"
+/* directory with tests and more importantly test key pairs */
+#define TESTS_DIR "@CMAKE_SOURCE_DIR@/tests"
+
/* SSH listening IP address */
#define SSH_ADDRESS "127.0.0.1"
/* SSH listening port */
-#define SSH_PORT 830
+#define SSH_PORT "830"
/* SSH 'password' authentication exptected username and password */
#define SSH_USERNAME "admin"
diff --git a/examples/server.c b/examples/server.c
index d30dfc8..6c94b8e 100644
--- a/examples/server.c
+++ b/examples/server.c
@@ -206,11 +206,12 @@
init(struct ly_ctx **context, struct nc_pollsession **ps, const char *path, NC_TRANSPORT_IMPL server_type)
{
int rc = 0;
- const char *config_file_path = EXAMPLES_DIR "/config.xml";
+ const char *hostkey_path = TESTS_DIR "/data/server.key";
+ struct lyd_node *config = NULL;
if (path) {
/* if a path is supplied, then use it */
- config_file_path = path;
+ hostkey_path = path;
}
if (server_type == NC_TI_UNIX) {
@@ -235,10 +236,29 @@
ERR_MSG_CLEANUP("Error loading modules required for configuration of the server.\n");
}
- /* parse YANG data from a file, configure the server based on the parsed YANG configuration data */
- rc = nc_server_config_setup_path(*context, config_file_path);
+ /* this is where the YANG configuration data gets generated,
+ * start by creating hostkey configuration data */
+ rc = nc_server_config_ssh_new_hostkey(hostkey_path, NULL, *context, "endpt", "hostkey", &config);
if (rc) {
- ERR_MSG_CLEANUP("Error setting the path to the configuration data.\n");
+ ERR_MSG_CLEANUP("Error creating new hostkey configuration data.\n");
+ }
+
+ /* create address and port configuration data */
+ rc = nc_server_config_ssh_new_address_port(SSH_ADDRESS, SSH_PORT, *context, "endpt", &config);
+ if (rc) {
+ ERR_MSG_CLEANUP("Error creating new address and port configuration data.\n");
+ }
+
+ /* create client authentication configuration data */
+ rc = nc_server_config_ssh_new_client_auth_password(SSH_PASSWORD, *context, "endpt", SSH_USERNAME, &config);
+ if (rc) {
+ ERR_MSG_CLEANUP("Error creating client authentication configuration data.\n");
+ }
+
+ /* apply the created configuration data */
+ rc = nc_server_config_setup(config);
+ if (rc) {
+ ERR_MSG_CLEANUP("Application of configuration data failed.\n");
}
/* initialize the server */
@@ -259,6 +279,7 @@
signal(SIGINT, sigint_handler);
cleanup:
+ lyd_free_all(config);
return rc;
}
@@ -269,7 +290,7 @@
struct ly_ctx *context = NULL;
struct nc_session *session, *new_session;
struct nc_pollsession *ps = NULL;
- const char *unix_socket_path = NULL, *config_file_path = NULL;
+ const char *unix_socket_path = NULL, *hostkey_path = NULL;
struct option options[] = {
{"help", no_argument, NULL, 'h'},
@@ -301,8 +322,8 @@
break;
case 's':
- config_file_path = optarg;
- if (init(&context, &ps, config_file_path, NC_TI_LIBSSH)) {
+ hostkey_path = optarg;
+ if (init(&context, &ps, hostkey_path, NC_TI_LIBSSH)) {
ERR_MSG_CLEANUP("Failed to initialize a SSH server\n");
goto cleanup;
}
diff --git a/src/config_new.c b/src/config_new.c
index edf290a..0224a00 100644
--- a/src/config_new.c
+++ b/src/config_new.c
@@ -336,7 +336,8 @@
ret = lyd_new_term(new_tree, NULL, "local-port", port, 0, NULL);
}
- if (ret) {
+ if (ret && (ret != LY_EEXIST) && (ret != LY_ENOT)) {
+ /* only fail if there was actually an error */
goto cleanup;
}