From 41097e7ee69232b78469a0362aa5bbc3df7c4956 Mon Sep 17 00:00:00 2001 From: Olof hagsand Date: Sun, 27 Oct 2024 12:31:51 +0100 Subject: [PATCH] Added [make netconf ssh port to devices configurable](https://github.com/clicon/clixon-controller/issues/152) --- CHANGELOG.md | 4 +++- src/controller_device_handle.c | 3 ++- src/controller_device_handle.h | 4 ++-- src/controller_netconf.c | 6 +++++- src/controller_netconf.h | 3 ++- src/controller_rpc.c | 15 +++++++++++++-- yang/clixon-controller@2024-08-01.yang | 9 +++++++++ 7 files changed, 36 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index df87b5f..5e05492 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,8 @@ Expected: October 2024 ### New features - +* Added configurable port for NETCONF over SSH + * See [make netconf ssh port to devices configurable](https://github.com/clicon/clixon-controller/issues/152) * Added yang domains for mount-point isolation * See [Support isolated YANG domains](https://github.com/clicon/clixon-controller/issues/134) * New CLI commands: @@ -19,6 +20,7 @@ Expected: October 2024 * Use `DATADIR` instead * New `clixon-controller@2024-08-01.yang` revision * Added `device-domains` + * Added `port` to device-common * New `clixon-controller-config@2024-08-01.yang` revision * Removed defaults for: * `CONTROLLER_ACTION_COMMAND` diff --git a/src/controller_device_handle.c b/src/controller_device_handle.c index 0d71c4c..9b5eda0 100644 --- a/src/controller_device_handle.c +++ b/src/controller_device_handle.c @@ -302,6 +302,7 @@ int device_handle_connect(device_handle dh, clixon_client_type socktype, const char *dest, + const char *port, int stricthostkey) { int retval = -1; @@ -326,7 +327,7 @@ device_handle_connect(device_handle dh, break; #ifdef SSH_BIN case CLIXON_CLIENT_SSH: - if (clixon_client_connect_ssh(h, dest, stricthostkey, &cdh->cdh_pid, &cdh->cdh_socket, &cdh->cdh_sockerr) < 0) + if (clixon_client_connect_ssh(h, dest, port, stricthostkey, &cdh->cdh_pid, &cdh->cdh_socket, &cdh->cdh_sockerr) < 0) goto err; #else clixon_err(OE_UNIX, 0, "No ssh bin"); diff --git a/src/controller_device_handle.h b/src/controller_device_handle.h index 24ee1db..99e5ecb 100644 --- a/src/controller_device_handle.h +++ b/src/controller_device_handle.h @@ -56,8 +56,8 @@ int device_handle_free(device_handle dh); int device_handle_free_all(clixon_handle h); device_handle device_handle_find(clixon_handle h, const char *name); device_handle device_handle_each(clixon_handle h, device_handle dhprev); -int device_handle_connect(device_handle dh, clixon_client_type socktype, const char *dest, - int stricthostkey); +int device_handle_connect(device_handle dh, clixon_client_type socktype, + const char *dest, const char *port, int stricthostkey); int device_handle_disconnect(device_handle dh); /* Accessor functions */ diff --git a/src/controller_netconf.c b/src/controller_netconf.c index 9878c6a..da1f13f 100644 --- a/src/controller_netconf.c +++ b/src/controller_netconf.c @@ -117,6 +117,7 @@ clixon_client_connect_netconf(clixon_handle h, * * @param[in] h Clixon handle * @param[in] dest SSH destination + * @param[in] port SSH port * @param[in] stricthostkey If set ensure strict hostkey checking. Only for ssh connections * @param[out] pid Sub-process-id * @param[out] sock Stdin/stdout socket @@ -127,6 +128,7 @@ clixon_client_connect_netconf(clixon_handle h, int clixon_client_connect_ssh(clixon_handle h, const char *dest, + const char *port, int stricthostkey, pid_t *pid, int *sock, @@ -140,7 +142,7 @@ clixon_client_connect_ssh(clixon_handle h, struct stat st = {0,}; clixon_debug(CLIXON_DBG_MSG | CLIXON_DBG_DETAIL, "%s", dest); - nr = 12; /* NOTE this is hardcoded */ + nr = 14; /* NOTE this is hardcoded */ if ((argv = calloc(nr, sizeof(char *))) == NULL){ clixon_err(OE_UNIX, errno, "calloc"); goto done; @@ -152,6 +154,8 @@ clixon_client_connect_ssh(clixon_handle h, } argv[i++] = ssh_bin; argv[i++] = (char*)dest; + argv[i++] = "-p"; /* Disable pseudo-terminal allocation. */ + argv[i++] = (char*)port; argv[i++] = "-T"; /* Disable pseudo-terminal allocation. */ argv[i++] = "-o"; if (stricthostkey) diff --git a/src/controller_netconf.h b/src/controller_netconf.h index d120848..4879a39 100644 --- a/src/controller_netconf.h +++ b/src/controller_netconf.h @@ -44,7 +44,8 @@ extern "C" { #endif int clixon_client_connect_netconf(clixon_handle h, pid_t *pid, int *sock); -int clixon_client_connect_ssh(clixon_handle h, const char *dest, int stricthostkey, pid_t *pid, int *sock, int *sockerr); +int clixon_client_connect_ssh(clixon_handle h, const char *dest, const char *port, + int stricthostkey, pid_t *pid, int *sock, int *sockerr); #ifdef __cplusplus } diff --git a/src/controller_rpc.c b/src/controller_rpc.c index c41f2a8..1671ab8 100644 --- a/src/controller_rpc.c +++ b/src/controller_rpc.c @@ -61,6 +61,7 @@ * @param[in] dh Device handle, either NULL or in closed state * @param[in] user Username for ssh login * @param[in] addr Address for ssh to connect to + * @param[in] port Port for ssh to connect to * @param[in] stricthostkey If set ensure strict hostkey checking. Only for ssh * @retval 0 OK * @retval -1 Error @@ -70,6 +71,7 @@ connect_netconf_ssh(clixon_handle h, device_handle dh, char *user, char *addr, + const char *port, int stricthostkey) { int retval = -1; @@ -91,7 +93,7 @@ connect_netconf_ssh(clixon_handle h, if (user) cprintf(cb, "%s@", user); cprintf(cb, "%s", addr); - if (device_handle_connect(dh, CLIXON_CLIENT_SSH, cbuf_get(cb), stricthostkey) < 0) + if (device_handle_connect(dh, CLIXON_CLIENT_SSH, cbuf_get(cb), port, stricthostkey) < 0) goto done; if (device_state_set(dh, CS_CONNECTING) < 0) goto done; @@ -130,6 +132,7 @@ controller_connect(clixon_handle h, device_handle dh; char *type; char *addr; + char *port = "22"; char *user = NULL; char *enablestr; char *yfstr; @@ -201,6 +204,14 @@ controller_connect(clixon_handle h, } if (xb && (str = xml_body(xb)) != NULL) ssh_stricthostkey = strcmp(str, "true") == 0; + if ((xb = xml_find_type(xn, NULL, "port", CX_ELMNT)) == NULL || + xml_flag(xb, XML_FLAG_DEFAULT)){ + if (xdevprofile) + xb = xml_find_type(xdevprofile, NULL, "port", CX_ELMNT); + } + if (xb && (str = xml_body(xb)) != NULL) + port = str; + /* Now dh is either NULL or in closed state and with correct type * First create it if still NULL */ @@ -242,7 +253,7 @@ controller_connect(clixon_handle h, } /* Point of no return: assume errors handled in device_input_cb */ device_handle_tid_set(dh, ct->ct_id); - if (connect_netconf_ssh(h, dh, user, addr, ssh_stricthostkey) < 0) /* match */ + if (connect_netconf_ssh(h, dh, user, addr, port, ssh_stricthostkey) < 0) /* match */ goto done; ok: retval = 1; diff --git a/yang/clixon-controller@2024-08-01.yang b/yang/clixon-controller@2024-08-01.yang index ee4baa6..86cf095 100644 --- a/yang/clixon-controller@2024-08-01.yang +++ b/yang/clixon-controller@2024-08-01.yang @@ -34,6 +34,7 @@ module clixon-controller { revision 2024-08-01 { description "Added device-domains + Added port to device-common Changed mount-point label to device Released in 1.2.0"; } @@ -334,6 +335,14 @@ module clixon-controller { type boolean; default true; } + leaf port { + description + "Transport port, typically for SSH. + RFC6242 stipulates a netconf subsystem over port 830, but in + practice many devices defaults to a netconf subsystem over port 22"; + type uint32; + default 22; + } leaf yang-config{ description "How to bind device configuration to YANG."; type yang-config;