Added [make netconf ssh port to devices configurable](#152)

clicon · Oct 27, 2024 · 41097e7 · 41097e7
1 parent 7c70c9a
commit 41097e7
Show file tree

Hide file tree

Showing 7 changed files with 36 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,7 +4,8 @@
 Expected: October 2024
 
 ### New features
-
+* Added configurable port for NETCONF over SSH
+  * See [make netconf ssh port to devices configurable](https://github.com/clicon/clixon-controller/issues/152)
 * Added yang domains for mount-point isolation
   * See [Support isolated YANG domains](https://github.com/clicon/clixon-controller/issues/134)
 * New CLI commands:
@@ -19,6 +20,7 @@ Expected: October 2024
   * Use `DATADIR` instead
 * New `[email protected]` revision
   * Added `device-domains`
+  * Added `port` to device-common
 * New `[email protected]` revision
   * Removed defaults for:
     * `CONTROLLER_ACTION_COMMAND`

diff --git a/src/controller_device_handle.c b/src/controller_device_handle.c
@@ -302,6 +302,7 @@ int
 device_handle_connect(device_handle      dh,
                       clixon_client_type socktype,
                       const char        *dest,
+                      const char        *port,
                       int                stricthostkey)
 {
     int                              retval = -1;
@@ -326,7 +327,7 @@ device_handle_connect(device_handle      dh,
         break;
 #ifdef SSH_BIN
     case CLIXON_CLIENT_SSH:
-        if (clixon_client_connect_ssh(h, dest, stricthostkey, &cdh->cdh_pid, &cdh->cdh_socket, &cdh->cdh_sockerr) < 0)
+        if (clixon_client_connect_ssh(h, dest, port, stricthostkey, &cdh->cdh_pid, &cdh->cdh_socket, &cdh->cdh_sockerr) < 0)
             goto err;
 #else
         clixon_err(OE_UNIX, 0, "No ssh bin");

diff --git a/src/controller_device_handle.h b/src/controller_device_handle.h
@@ -56,8 +56,8 @@ int    device_handle_free(device_handle dh);
 int    device_handle_free_all(clixon_handle h);
 device_handle device_handle_find(clixon_handle h, const char *name);
 device_handle device_handle_each(clixon_handle h, device_handle dhprev);
-int    device_handle_connect(device_handle dh, clixon_client_type socktype, const char *dest,
-                             int stricthostkey);
+int    device_handle_connect(device_handle dh, clixon_client_type socktype,
+                             const char *dest, const char *port, int stricthostkey);
 int    device_handle_disconnect(device_handle dh);
 
 /* Accessor functions */

diff --git a/src/controller_netconf.c b/src/controller_netconf.c
@@ -117,6 +117,7 @@ clixon_client_connect_netconf(clixon_handle  h,
  *
  * @param[in]  h             Clixon  handle
  * @param[in]  dest          SSH destination
+ * @param[in]  port          SSH port
  * @param[in]  stricthostkey If set ensure strict hostkey checking. Only for ssh connections
  * @param[out] pid           Sub-process-id
  * @param[out] sock          Stdin/stdout socket
@@ -127,6 +128,7 @@ clixon_client_connect_netconf(clixon_handle  h,
 int
 clixon_client_connect_ssh(clixon_handle h,
                           const char   *dest,
+                          const char   *port,
                           int           stricthostkey,
                           pid_t        *pid,
                           int          *sock,
@@ -140,7 +142,7 @@ clixon_client_connect_ssh(clixon_handle h,
     struct stat st = {0,};
 
     clixon_debug(CLIXON_DBG_MSG | CLIXON_DBG_DETAIL, "%s", dest);
-    nr = 12;  /* NOTE this is hardcoded */
+    nr = 14;  /* NOTE this is hardcoded */
     if ((argv = calloc(nr, sizeof(char *))) == NULL){
         clixon_err(OE_UNIX, errno, "calloc");
         goto done;
@@ -152,6 +154,8 @@ clixon_client_connect_ssh(clixon_handle h,
     }
     argv[i++] = ssh_bin;
     argv[i++] = (char*)dest;
+    argv[i++] = "-p"; /* Disable pseudo-terminal allocation. */
+    argv[i++] = (char*)port;
     argv[i++] = "-T"; /* Disable pseudo-terminal allocation. */
     argv[i++] = "-o";
     if (stricthostkey)

diff --git a/src/controller_netconf.h b/src/controller_netconf.h
@@ -44,7 +44,8 @@ extern "C" {
 #endif
 
 int clixon_client_connect_netconf(clixon_handle h, pid_t *pid, int *sock);
-int clixon_client_connect_ssh(clixon_handle h, const char *dest, int stricthostkey, pid_t *pid, int *sock, int *sockerr);
+int clixon_client_connect_ssh(clixon_handle h, const char *dest, const char *port,
+                              int stricthostkey, pid_t *pid, int *sock, int *sockerr);
 
 #ifdef __cplusplus
 }

diff --git a/src/controller_rpc.c b/src/controller_rpc.c
@@ -61,6 +61,7 @@
  * @param[in]  dh            Device handle, either NULL or in closed state
  * @param[in]  user          Username for ssh login
  * @param[in]  addr          Address for ssh to connect to
+ * @param[in]  port          Port for ssh to connect to
  * @param[in]  stricthostkey If set ensure strict hostkey checking. Only for ssh
  * @retval     0    OK
  * @retval    -1    Error
@@ -70,6 +71,7 @@ connect_netconf_ssh(clixon_handle h,
                     device_handle dh,
                     char         *user,
                     char         *addr,
+                    const char   *port,
                     int           stricthostkey)
 {
     int   retval = -1;
@@ -91,7 +93,7 @@ connect_netconf_ssh(clixon_handle h,
     if (user)
         cprintf(cb, "%s@", user);
     cprintf(cb, "%s", addr);
-    if (device_handle_connect(dh, CLIXON_CLIENT_SSH, cbuf_get(cb), stricthostkey) < 0)
+    if (device_handle_connect(dh, CLIXON_CLIENT_SSH, cbuf_get(cb), port, stricthostkey) < 0)
         goto done;
     if (device_state_set(dh, CS_CONNECTING) < 0)
         goto done;
@@ -130,6 +132,7 @@ controller_connect(clixon_handle           h,
     device_handle dh;
     char         *type;
     char         *addr;
+    char         *port = "22";
     char         *user = NULL;
     char         *enablestr;
     char         *yfstr;
@@ -201,6 +204,14 @@ controller_connect(clixon_handle           h,
     }
     if (xb && (str = xml_body(xb)) != NULL)
         ssh_stricthostkey = strcmp(str, "true") == 0;
+    if ((xb = xml_find_type(xn, NULL, "port", CX_ELMNT)) == NULL ||
+        xml_flag(xb, XML_FLAG_DEFAULT)){
+        if (xdevprofile)
+            xb = xml_find_type(xdevprofile, NULL, "port", CX_ELMNT);
+    }
+    if (xb && (str = xml_body(xb)) != NULL)
+        port = str;
+
     /* Now dh is either NULL or in closed state and with correct type
      * First create it if still NULL
      */
@@ -242,7 +253,7 @@ controller_connect(clixon_handle           h,
     }
     /* Point of no return: assume errors handled in device_input_cb */
     device_handle_tid_set(dh, ct->ct_id);
-    if (connect_netconf_ssh(h, dh, user, addr, ssh_stricthostkey) < 0) /* match */
+    if (connect_netconf_ssh(h, dh, user, addr, port, ssh_stricthostkey) < 0) /* match */
         goto done;
  ok:
     retval = 1;

diff --git a/yang/[email protected] b/yang/[email protected]
@@ -34,6 +34,7 @@ module clixon-controller {
     revision 2024-08-01 {
         description
              "Added device-domains
+              Added port to device-common
               Changed mount-point label to device
               Released in 1.2.0";
     }
@@ -334,6 +335,14 @@ module clixon-controller {
             type boolean;
             default true;
         }
+        leaf port {
+            description
+                "Transport port, typically for SSH.
+                 RFC6242 stipulates a netconf subsystem over port 830, but in
+                 practice many devices defaults to a netconf subsystem over port 22";
+            type uint32;
+            default 22;
+        }
         leaf yang-config{
             description "How to bind device configuration to YANG.";
             type yang-config;