config UPDATE delete choice trees on data creation
diff --git a/src/config_new_ssh.c b/src/config_new_ssh.c
index 6f09c92..290b70c 100644
--- a/src/config_new_ssh.c
+++ b/src/config_new_ssh.c
@@ -65,22 +65,28 @@
goto cleanup;
}
- ret = nc_config_new_create_append(ctx, tree_path, "public-key-format", pubkey_format, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "inline-definition/public-key-format", pubkey_format, config);
if (ret) {
goto cleanup;
}
- ret = nc_config_new_create_append(ctx, tree_path, "public-key", pubkey, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "inline-definition/public-key", pubkey, config);
if (ret) {
goto cleanup;
}
- ret = nc_config_new_create_append(ctx, tree_path, "private-key-format", privkey_format, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "inline-definition/private-key-format", privkey_format, config);
if (ret) {
goto cleanup;
}
- ret = nc_config_new_create_append(ctx, tree_path, "cleartext-private-key", privkey, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "inline-definition/cleartext-private-key", privkey, config);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete keystore choice nodes if present */
+ ret = nc_config_new_check_delete(config, "%s/keystore-reference", tree_path);
if (ret) {
goto cleanup;
}
@@ -101,7 +107,7 @@
NC_CHECK_ARG_RET(NULL, ctx, endpt_name, hostkey_name, privkey_path, config, 1);
if (asprintf(&path, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/ssh/ssh-server-parameters/"
- "server-identity/host-key[name='%s']/public-key/inline-definition", endpt_name, hostkey_name) == -1) {
+ "server-identity/host-key[name='%s']/public-key", endpt_name, hostkey_name) == -1) {
ERRMEM;
path = NULL;
ret = 1;
@@ -131,7 +137,7 @@
if (asprintf(&path, "/ietf-netconf-server:netconf-server/call-home/"
"netconf-client[name='%s']/endpoints/endpoint[name='%s']/ssh/ssh-server-parameters/server-identity/"
- "host-key[name='%s']/public-key/inline-definition", client_name, endpt_name, hostkey_name) == -1) {
+ "host-key[name='%s']/public-key", client_name, endpt_name, hostkey_name) == -1) {
ERRMEM;
path = NULL;
ret = 1;
@@ -182,37 +188,58 @@
}
API int
-nc_server_config_new_ch_ssh_keystore_reference(const struct ly_ctx *ctx, const char *client_name,
- const char *endpt_name, const char *hostkey_name, const char *keystore_reference, struct lyd_node **config)
-{
- NC_CHECK_ARG_RET(NULL, ctx, client_name, endpt_name, hostkey_name, keystore_reference, 1);
- NC_CHECK_ARG_RET(NULL, config, 1);
-
- return nc_config_new_create(ctx, config, keystore_reference, "/ietf-netconf-server:netconf-server/call-home/"
- "netconf-client[name='%s']/endpoints/endpoint[name='%s']/ssh/ssh-server-parameters/server-identity/"
- "host-key[name='%s']/public-key/keystore-reference", client_name, endpt_name, hostkey_name);
-}
-
-API int
-nc_server_config_new_ch_ssh_del_keystore_reference(const char *client_name, const char *endpt_name,
- const char *hostkey_name, struct lyd_node **config)
-{
- NC_CHECK_ARG_RET(NULL, client_name, endpt_name, hostkey_name, config, 1);
-
- return nc_config_new_delete(config, "/ietf-netconf-server:netconf-server/call-home/"
- "netconf-client[name='%s']/endpoints/endpoint[name='%s']/ssh/ssh-server-parameters/server-identity/"
- "host-key[name='%s']/public-key/keystore-reference", client_name, endpt_name, hostkey_name);
-}
-
-API int
nc_server_config_new_ssh_keystore_reference(const struct ly_ctx *ctx, const char *endpt_name, const char *hostkey_name,
const char *keystore_reference, struct lyd_node **config)
{
+ int ret = 0;
+
NC_CHECK_ARG_RET(NULL, ctx, endpt_name, hostkey_name, keystore_reference, config, 1);
- return nc_config_new_create(ctx, config, keystore_reference, "/ietf-netconf-server:netconf-server/listen/"
+ ret = nc_config_new_create(ctx, config, keystore_reference, "/ietf-netconf-server:netconf-server/listen/"
"endpoint[name='%s']/ssh/ssh-server-parameters/server-identity/host-key[name='%s']/public-key/"
"keystore-reference", endpt_name, hostkey_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete inline definition nodes if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/listen/"
+ "endpoint[name='%s']/ssh/ssh-server-parameters/server-identity/host-key[name='%s']/public-key/"
+ "inline-definition", endpt_name, hostkey_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+cleanup:
+ return ret;
+}
+
+API int
+nc_server_config_new_ch_ssh_keystore_reference(const struct ly_ctx *ctx, const char *client_name,
+ const char *endpt_name, const char *hostkey_name, const char *keystore_reference, struct lyd_node **config)
+{
+ int ret = 0;
+
+ NC_CHECK_ARG_RET(NULL, ctx, client_name, endpt_name, hostkey_name, keystore_reference, 1);
+ NC_CHECK_ARG_RET(NULL, config, 1);
+
+ ret = nc_config_new_create(ctx, config, keystore_reference, "/ietf-netconf-server:netconf-server/call-home/"
+ "netconf-client[name='%s']/endpoints/endpoint[name='%s']/ssh/ssh-server-parameters/server-identity/"
+ "host-key[name='%s']/public-key/keystore-reference", client_name, endpt_name, hostkey_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete inline definition nodes if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/call-home/"
+ "netconf-client[name='%s']/endpoints/endpoint[name='%s']/ssh/ssh-server-parameters/server-identity/"
+ "host-key[name='%s']/public-key/inline-definition", client_name, endpt_name, hostkey_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+cleanup:
+ return ret;
}
API int
@@ -227,6 +254,17 @@
}
API int
+nc_server_config_new_ch_ssh_del_keystore_reference(const char *client_name, const char *endpt_name,
+ const char *hostkey_name, struct lyd_node **config)
+{
+ NC_CHECK_ARG_RET(NULL, client_name, endpt_name, hostkey_name, config, 1);
+
+ return nc_config_new_delete(config, "/ietf-netconf-server:netconf-server/call-home/"
+ "netconf-client[name='%s']/endpoints/endpoint[name='%s']/ssh/ssh-server-parameters/server-identity/"
+ "host-key[name='%s']/public-key/keystore-reference", client_name, endpt_name, hostkey_name);
+}
+
+API int
nc_server_config_new_ssh_auth_attempts(const struct ly_ctx *ctx, const char *endpt_name, uint16_t auth_attempts,
struct lyd_node **config)
{
@@ -390,6 +428,14 @@
goto cleanup;
}
+ /* delete truststore reference if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/ssh/"
+ "ssh-server-parameters/client-authentication/users/user[name='%s']/public-keys/truststore-reference",
+ endpt_name, user_name);
+ if (ret) {
+ goto cleanup;
+ }
+
cleanup:
free(path);
return ret;
@@ -421,6 +467,14 @@
goto cleanup;
}
+ /* delete truststore reference if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/call-home/netconf-client[name='%s']/"
+ "endpoints/endpoint[name='%s']/ssh/ssh-server-parameters/client-authentication/users/user[name='%s']/"
+ "public-keys/truststore-reference", client_name, endpt_name, user_name);
+ if (ret) {
+ goto cleanup;
+ }
+
cleanup:
free(path);
return ret;
@@ -773,23 +827,55 @@
nc_server_config_new_ssh_truststore_reference(const struct ly_ctx *ctx, const char *endpt_name, const char *user_name,
const char *truststore_reference, struct lyd_node **config)
{
+ int ret = 0;
+
NC_CHECK_ARG_RET(NULL, ctx, endpt_name, user_name, truststore_reference, config, 1);
- return nc_config_new_create(ctx, config, truststore_reference, "/ietf-netconf-server:netconf-server/listen/"
+ ret = nc_config_new_create(ctx, config, truststore_reference, "/ietf-netconf-server:netconf-server/listen/"
"endpoint[name='%s']/ssh/ssh-server-parameters/client-authentication/users/user[name='%s']/public-keys/"
"truststore-reference", endpt_name, user_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete inline definition nodes if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/ssh/"
+ "ssh-server-parameters/client-authentication/users/user[name='%s']/public-keys/inline-definition",
+ endpt_name, user_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+cleanup:
+ return ret;
}
API int
nc_server_config_new_ch_ssh_truststore_reference(const struct ly_ctx *ctx, const char *client_name,
const char *endpt_name, const char *user_name, const char *truststore_reference, struct lyd_node **config)
{
+ int ret = 0;
+
NC_CHECK_ARG_RET(NULL, ctx, client_name, endpt_name, user_name, truststore_reference, 1);
NC_CHECK_ARG_RET(NULL, config, 1);
- return nc_config_new_create(ctx, config, truststore_reference, "/ietf-netconf-server:netconf-server/call-home/"
+ ret = nc_config_new_create(ctx, config, truststore_reference, "/ietf-netconf-server:netconf-server/call-home/"
"netconf-client[name='%s']/endpoints/endpoint[name='%s']/ssh/ssh-server-parameters/client-authentication/"
"users/user[name='%s']/public-keys/truststore-reference", client_name, endpt_name, user_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete inline definition nodes if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/call-home/netconf-client[name='%s']/"
+ "endpoints/endpoint[name='%s']/ssh/ssh-server-parameters/client-authentication/users/user[name='%s']/"
+ "public-keys/inline-definition", client_name, endpt_name, user_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+cleanup:
+ return ret;
}
API int
diff --git a/src/config_new_tls.c b/src/config_new_tls.c
index d1e9f81..8e9cb9d 100644
--- a/src/config_new_tls.c
+++ b/src/config_new_tls.c
@@ -69,27 +69,33 @@
goto cleanup;
}
- ret = nc_config_new_create_append(ctx, tree_path, "public-key-format", pubkey_format, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "inline-definition/public-key-format", pubkey_format, config);
if (ret) {
goto cleanup;
}
- ret = nc_config_new_create_append(ctx, tree_path, "public-key", pubkey, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "inline-definition/public-key", pubkey, config);
if (ret) {
goto cleanup;
}
- ret = nc_config_new_create_append(ctx, tree_path, "private-key-format", privkey_format, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "inline-definition/private-key-format", privkey_format, config);
if (ret) {
goto cleanup;
}
- ret = nc_config_new_create_append(ctx, tree_path, "cleartext-private-key", privkey, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "inline-definition/cleartext-private-key", privkey, config);
if (ret) {
goto cleanup;
}
- ret = nc_config_new_create_append(ctx, tree_path, "cert-data", cert, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "inline-definition/cert-data", cert, config);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete keystore if present */
+ ret = nc_config_new_check_delete(config, "%s/keystore-reference", tree_path);
if (ret) {
goto cleanup;
}
@@ -111,7 +117,7 @@
NC_CHECK_ARG_RET(NULL, ctx, endpt_name, privkey_path, certificate_path, config, 1);
if (asprintf(&path, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/"
- "tls/tls-server-parameters/server-identity/certificate/inline-definition", endpt_name) == -1) {
+ "tls/tls-server-parameters/server-identity/certificate", endpt_name) == -1) {
ERRMEM;
path = NULL;
ret = 1;
@@ -151,7 +157,7 @@
if (asprintf(&path, "/ietf-netconf-server:netconf-server/call-home/"
"netconf-client[name='%s']/endpoints/endpoint[name='%s']/tls/tls-server-parameters/server-identity/"
- "certificate/inline-definition", client_name, endpt_name) == -1) {
+ "certificate", client_name, endpt_name) == -1) {
ERRMEM;
path = NULL;
ret = 1;
@@ -188,13 +194,19 @@
int ret = 0;
/* create asymmetric key pair reference */
- ret = nc_config_new_create_append(ctx, tree_path, "asymmetric-key", asym_key_ref, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "keystore-reference/asymmetric-key", asym_key_ref, config);
if (ret) {
goto cleanup;
}
/* create cert reference, this cert has to belong to the asym key */
- ret = nc_config_new_create_append(ctx, tree_path, "certificate", cert_ref, config);
+ ret = nc_config_new_create_append(ctx, tree_path, "keystore-reference/certificate", cert_ref, config);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete inline definition if present */
+ ret = nc_config_new_check_delete(config, "%s/inline-definition", tree_path);
if (ret) {
goto cleanup;
}
@@ -213,7 +225,7 @@
NC_CHECK_ARG_RET(NULL, ctx, endpt_name, asym_key_ref, cert_ref, config, 1);
if (asprintf(&path, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/"
- "tls/tls-server-parameters/server-identity/certificate/keystore-reference", endpt_name) == -1) {
+ "tls/tls-server-parameters/server-identity/certificate", endpt_name) == -1) {
ERRMEM;
path = NULL;
ret = 1;
@@ -250,8 +262,7 @@
NC_CHECK_ARG_RET(NULL, config, 1);
if (asprintf(&path, "/ietf-netconf-server:netconf-server/call-home/netconf-client[name='%s']/endpoints/"
- "endpoint[name='%s']/tls/tls-server-parameters/server-identity/certificate/"
- "keystore-reference", client_name, endpt_name) == -1) {
+ "endpoint[name='%s']/tls/tls-server-parameters/server-identity/certificate", client_name, endpt_name) == -1) {
ERRMEM;
path = NULL;
ret = 1;
@@ -325,6 +336,13 @@
goto cleanup;
}
+ /* delete truststore if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/tls/tls-server-parameters/"
+ "client-authentication/ee-certs/truststore-reference", endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
cleanup:
free(path);
return ret;
@@ -371,6 +389,14 @@
goto cleanup;
}
+ /* delete truststore if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/call-home/netconf-client[name='%s']/"
+ "endpoints/endpoint[name='%s']/tls/tls-server-parameters/"
+ "client-authentication/ee-certs/truststore-reference", client_name, endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
cleanup:
free(path);
return ret;
@@ -397,10 +423,25 @@
nc_server_config_new_tls_client_cert_truststore_ref(const struct ly_ctx *ctx, const char *endpt_name,
const char *cert_bag_ref, struct lyd_node **config)
{
+ int ret = 0;
+
NC_CHECK_ARG_RET(NULL, ctx, endpt_name, cert_bag_ref, config, 1);
- return nc_config_new_create(ctx, config, cert_bag_ref, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/tls/"
+ ret = nc_config_new_create(ctx, config, cert_bag_ref, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/tls/"
"tls-server-parameters/client-authentication/ee-certs/truststore-reference", endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete inline definition if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/tls/"
+ "tls-server-parameters/client-authentication/ee-certs/inline-definition", endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+cleanup:
+ return ret;
}
API int
@@ -416,11 +457,27 @@
nc_server_config_new_ch_tls_client_cert_truststore_ref(const struct ly_ctx *ctx, const char *client_name,
const char *endpt_name, const char *cert_bag_ref, struct lyd_node **config)
{
+ int ret = 0;
+
NC_CHECK_ARG_RET(NULL, ctx, client_name, endpt_name, cert_bag_ref, config, 1);
- return nc_config_new_create(ctx, config, cert_bag_ref, "/ietf-netconf-server:netconf-server/call-home/"
+ ret = nc_config_new_create(ctx, config, cert_bag_ref, "/ietf-netconf-server:netconf-server/call-home/"
"netconf-client[name='%s']/endpoints/endpoint[name='%s']/tls/tls-server-parameters/"
"client-authentication/ee-certs/truststore-reference", client_name, endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete inline definition if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/call-home/"
+ "netconf-client[name='%s']/endpoints/endpoint[name='%s']/tls/"
+ "tls-server-parameters/client-authentication/ee-certs/inline-definition", client_name, endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+cleanup:
+ return ret;
}
API int
@@ -457,6 +514,13 @@
goto cleanup;
}
+ /* delete truststore if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/tls/tls-server-parameters/"
+ "client-authentication/ca-certs/truststore-reference", endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
cleanup:
free(path);
return ret;
@@ -503,6 +567,14 @@
goto cleanup;
}
+ /* delete truststore if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/call-home/netconf-client[name='%s']/"
+ "endpoints/endpoint[name='%s']/tls/tls-server-parameters/"
+ "client-authentication/ca-certs/truststore-reference", client_name, endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
cleanup:
free(path);
return ret;
@@ -529,10 +601,25 @@
nc_server_config_new_tls_client_ca_truststore_ref(const struct ly_ctx *ctx, const char *endpt_name,
const char *cert_bag_ref, struct lyd_node **config)
{
+ int ret = 0;
+
NC_CHECK_ARG_RET(NULL, ctx, endpt_name, cert_bag_ref, config, 1);
- return nc_config_new_create(ctx, config, cert_bag_ref, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/tls/"
+ ret = nc_config_new_create(ctx, config, cert_bag_ref, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/tls/"
"tls-server-parameters/client-authentication/ca-certs/truststore-reference", endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete inline definition if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/listen/endpoint[name='%s']/tls/"
+ "tls-server-parameters/client-authentication/ca-certs/inline-definition", endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+cleanup:
+ return ret;
}
API int
@@ -548,11 +635,27 @@
nc_server_config_new_ch_tls_client_ca_truststore_ref(const struct ly_ctx *ctx, const char *client_name,
const char *endpt_name, const char *cert_bag_ref, struct lyd_node **config)
{
+ int ret = 0;
+
NC_CHECK_ARG_RET(NULL, ctx, client_name, endpt_name, cert_bag_ref, config, 1);
- return nc_config_new_create(ctx, config, cert_bag_ref, "/ietf-netconf-server:netconf-server/call-home/"
+ ret = nc_config_new_create(ctx, config, cert_bag_ref, "/ietf-netconf-server:netconf-server/call-home/"
"netconf-client[name='%s']/endpoints/endpoint[name='%s']/tls/tls-server-parameters/"
"client-authentication/ca-certs/truststore-reference", client_name, endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+ /* delete inline definition if present */
+ ret = nc_config_new_check_delete(config, "/ietf-netconf-server:netconf-server/call-home/"
+ "netconf-client[name='%s']/endpoints/endpoint[name='%s']/tls/tls-server-parameters/"
+ "client-authentication/ca-certs/inline-definition", client_name, endpt_name);
+ if (ret) {
+ goto cleanup;
+ }
+
+cleanup:
+ return ret;
}
API int