Gitiles
Code Review Sign In
gerrit.cesnet.cz / github / CESNET / libnetconf2 / 2eab474f5efdfcf74e9d6c70c45429eda9c336cd / . / modules / ietf-tcp-client@2022-05-24.yang
blob: 4426353e7e902d0dc560ceec49c81dad92ba4082 [file] [log] [blame]
romanc1d2b092023-02-02 08:58:27 +0100[diff] [blame]1module ietf-tcp-client {
2 yang-version 1.1;
3 namespace "urn:ietf:params:xml:ns:yang:ietf-tcp-client";
4 prefix tcpc;
5
6 import ietf-inet-types {
7 prefix inet;
8 reference
9 "RFC 6991: Common YANG Data Types";
10 }
11
12 import ietf-crypto-types {
13 prefix ct;
14 reference
15 "RFC AAAA: YANG Data Types and Groupings for Cryptography";
16 }
17
18 import ietf-tcp-common {
19 prefix tcpcmn;
20 reference
21 "RFC DDDD: YANG Groupings for TCP Clients and TCP Servers";
22 }
23
24 organization
25 "IETF NETCONF (Network Configuration) Working Group and the
26 IETF TCP Maintenance and Minor Extensions (TCPM) Working Group";
27
28 contact
29 "WG Web: https://datatracker.ietf.org/wg/netconf
30 https://datatracker.ietf.org/wg/tcpm
31 WG List: NETCONF WG list <mailto:netconf@ietf.org>
32 TCPM WG list <mailto:tcpm@ietf.org>
33 Authors: Kent Watsen <mailto:kent+ietf@watsen.net>
34 Michael Scharf
35 <mailto:michael.scharf@hs-esslingen.de>";
36
37 description
38 "This module defines reusable groupings for TCP clients that
39 can be used as a basis for specific TCP client instances.
40
41 Copyright (c) 2022 IETF Trust and the persons identified
42 as authors of the code. All rights reserved.
43
44 Redistribution and use in source and binary forms, with
45 or without modification, is permitted pursuant to, and
46 subject to the license terms contained in, the Revised
47 BSD License set forth in Section 4.c of the IETF Trust's
48 Legal Provisions Relating to IETF Documents
49 (https://trustee.ietf.org/license-info).
50
51 This version of this YANG module is part of RFC DDDD
52 (https://www.rfc-editor.org/info/rfcDDDD); see the RFC
53 itself for full legal notices.
54
55 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
56 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
57 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
58 are to be interpreted as described in BCP 14 (RFC 2119)
59 (RFC 8174) when, and only when, they appear in all
60 capitals, as shown here.";
61
62 revision 2022-05-24 {
63 description
64 "Initial version";
65 reference
66 "RFC DDDD: YANG Groupings for TCP Clients and TCP Servers";
67 }
68
69 // Features
70
71 feature local-binding-supported {
72 description
73 "Indicates that the server supports configuring local
74 bindings (i.e., the local address and local port) for
75 TCP clients.";
76 }
77
78 feature tcp-client-keepalives {
79 description
80 "Per socket TCP keepalive parameters are configurable for
81 TCP clients on the server implementing this feature.";
82 }
83
84 feature proxy-connect {
85 description
86 "Proxy connection configuration is configurable for
87 TCP clients on the server implementing this feature.";
88 }
89
90 feature socks5-gss-api {
91 description
92 "Indicates that the server supports authenticating
93 using GSSAPI when initiating TCP connections via
94 and SOCKS Version 5 proxy server.";
95 reference
96 "RFC 1928: SOCKS Protocol Version 5";
97 }
98
99 feature socks5-username-password {
100 description
101 "Indicates that the server supports authenticating using
102 username/password when initiating TCP connections via
103 and SOCKS Version 5 proxy server.";
104 reference
105 "RFC 1928: SOCKS Protocol Version 5";
106 }
107
108 // Groupings
109
110 grouping tcp-client-grouping {
111 description
112 "A reusable grouping for configuring a TCP client.
113
114 Note that this grouping uses fairly typical descendant
115 node names such that a stack of 'uses' statements will
116 have name conflicts. It is intended that the consuming
117 data model will resolve the issue (e.g., by wrapping
118 the 'uses' statement in a container called
119 'tcp-client-parameters'). This model purposely does
120 not do this itself so as to provide maximum flexibility
121 to consuming models.";
122
123 leaf remote-address {
124 type inet:host;
125 mandatory true;
126 description
127 "The IP address or hostname of the remote peer to
128 establish a connection with. If a domain name is
129 configured, then the DNS resolution should happen on
130 each connection attempt. If the DNS resolution
131 results in multiple IP addresses, the IP addresses
132 are tried according to local preference order until
133 a connection has been established or until all IP
134 addresses have failed.";
135 }
136 leaf remote-port {
137 type inet:port-number;
138 default "0";
139 description
140 "The IP port number for the remote peer to establish a
141 connection with. An invalid default value (0) is used
142 (instead of 'mandatory true') so that as application
143 level data model may 'refine' it with an application
144 specific default port number value.";
145 }
146 leaf local-address {
147 if-feature "local-binding-supported";
148 type inet:ip-address;
149 description
150 "The local IP address/interface (VRF?) to bind to for when
151 connecting to the remote peer. INADDR_ANY ('0.0.0.0') or
152 INADDR6_ANY ('0:0:0:0:0:0:0:0' a.k.a. '::') MAY be used to
153 explicitly indicate the implicit default, that the server
154 can bind to any IPv4 or IPv6 addresses, respectively.";
155 }
156 leaf local-port {
157 if-feature "local-binding-supported";
158 type inet:port-number;
159 default "0";
160 description
161 "The local IP port number to bind to for when connecting
162 to the remote peer. The port number '0', which is the
163 default value, indicates that any available local port
164 number may be used.";
165 }
166 container proxy-server {
167 if-feature "proxy-connect";
168 presence
169 "Indicates that a proxy connection has been configured.
170 Present so that the mandatory descendant nodes do not
171 imply that this node must be configured.";
172 choice proxy-type {
173 mandatory true;
174 description
175 "Selects a proxy connection protocol.";
176 case socks4 {
177 container socks4-parameters {
178 leaf remote-address {
179 type inet:ip-address;
180 mandatory true;
181 description
182 "The IP address of the proxy server.";
183 }
184 leaf remote-port {
185 type inet:port-number;
186 default "1080";
187 description
188 "The IP port number for the proxy server.";
189 }
190 description
191 "Parameters for connecting to a TCP-based proxy
192 server using the SOCKS4 protocol.";
193 reference
194 "SOCKS, Proceedings: 1992 Usenix Security Symposium.";
195 }
196 }
197 case socks4a {
198 container socks4a-parameters {
199 leaf remote-address {
200 type inet:host;
201 mandatory true;
202 description
203 "The IP address or hostname of the proxy server.";
204 }
205 leaf remote-port {
206 type inet:port-number;
207 default "1080";
208 description
209 "The IP port number for the proxy server.";
210 }
211 description
212 "Parameters for connecting to a TCP-based proxy
213 server using the SOCKS4a protocol.";
214 reference
215 "SOCKS Proceedings:
216 1992 Usenix Security Symposium.
217 OpenSSH message:
218 SOCKS 4A: A Simple Extension to SOCKS 4 Protocol
219 https://www.openssh.com/txt/socks4a.protocol";
220 }
221 }
222 case socks5 {
223 container socks5-parameters {
224 leaf remote-address {
225 type inet:host;
226 mandatory true;
227 description
228 "The IP address or hostname of the proxy server.";
229 }
230 leaf remote-port {
231 type inet:port-number;
232 default "1080";
233 description
234 "The IP port number for the proxy server.";
235 }
236 container authentication-parameters {
237 presence
238 "Indicates that an authentication mechanism
239 has been configured. Present so that the
240 mandatory descendant nodes do not imply that
241 this node must be configured.";
242 description
243 "A container for SOCKS Version 5 authentication
244 mechanisms.
245
246 A complete list of methods is defined at:
247 https://www.iana.org/assignments/socks-methods
248 /socks-methods.xhtml.";
249 reference
250 "RFC 1928: SOCKS Protocol Version 5";
251 choice auth-type {
252 mandatory true;
253 description
254 "A choice amongst supported SOCKS Version 5
255 authentication mechanisms.";
256 case gss-api {
257 if-feature "socks5-gss-api";
258 container gss-api {
259 description
260 "Contains GSS-API configuration. Defines
261 as an empty container to enable specific
262 GSS-API configuration to be augmented in
263 by future modules.";
264 reference
265 "RFC 1928: SOCKS Protocol Version 5
266 RFC 2743: Generic Security Service
267 Application Program Interface
268 Version 2, Update 1";
269 }
270 }
271 case username-password {
272 if-feature "socks5-username-password";
273 container username-password {
274 leaf username {
275 type string;
276 mandatory true;
277 description
278 "The 'username' value to use for client
279 identification.";
280 }
281 uses ct:password-grouping {
282 description
283 "The password to be used for client
284 authentication.";
285 }
286 description
287 "Contains Username/Password configuration.";
288 reference
289 "RFC 1929: Username/Password Authentication
290 for SOCKS V5";
291 }
292 }
293 }
294 }
295 description
296 "Parameters for connecting to a TCP-based proxy server
297 using the SOCKS5 protocol.";
298 reference
299 "RFC 1928: SOCKS Protocol Version 5";
300 }
301 }
302 }
303 description
304 "Proxy server settings.";
305 }
306
307 uses tcpcmn:tcp-common-grouping {
308 augment "keepalives" {
309 if-feature "tcp-client-keepalives";
310 description
311 "Add an if-feature statement so that implementations
312 can choose to support TCP client keepalives.";
313 }
314 }
315 }
316}