Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

libnetconf4 #442

Merged
merged 134 commits into from
Nov 3, 2023
Merged

libnetconf4 #442

merged 134 commits into from
Nov 3, 2023

Conversation

Roytak
Copy link
Collaborator

@Roytak Roytak commented Oct 19, 2023

New libnetconf2 API

README.md Outdated Show resolved Hide resolved
doc/libnetconf.doc Outdated Show resolved Hide resolved
doc/libnetconf.doc Outdated Show resolved Hide resolved
doc/libnetconf.doc Outdated Show resolved Hide resolved
doc/libnetconf.doc Outdated Show resolved Hide resolved
src/session_client_ssh.c Outdated Show resolved Hide resolved
src/session_client_ssh.c Outdated Show resolved Hide resolved
src/session_client_ssh.c Outdated Show resolved Hide resolved
src/session_server_ssh.c Outdated Show resolved Hide resolved
tests/CMakeLists.txt Outdated Show resolved Hide resolved
roman and others added 29 commits October 26, 2023 15:15
Configuration based on YANG data. Open 2 ssh channels on one
session. Pubkey,interactive,pw,none SSH authentication working. SSH
message callback not a callback anymore, handle SSH messages manually.
ietf-netconf-server and all models it imports added and a libnetconf2 own model
with augments. And finally only local-definition of keys supported. 2 tests.
NBC API changes.
Keystore is a module, which stores asymmetric and symmetric
keys. This commit implements using asymmetric keys stored in the
keystore for authentication over SSH.
Implemented the ability to create a UNIX socket server with YANG
data. Additionally all new tests timeouts are now unified.
Hostkey, address, port (mandatory nodes) and SSH algorithms
ietf-netconf-server YANG nodes now have functions, through which their
YANG data can be created. This data can be used for server
configuration. Test which fails at authentication (as expected) is
provided. Minor bugfixes in server_config.
New API function, which creates the 'client-authentication' subtree of
ietf-netconf-server module, added. Only public key configuration is
supported for now. SSH authentication bugfix.
Added the API calls to create password, none and interactive YANG data
nodes for the client-authentication subtree.
Clients now have to authenticate via all of their configured SSH
authentication method as specified by the ietf-netconf-server module.
config_new now made an internal header, server_config added to installed
ones. Includes reworked.
Client's keys can now be stored in the truststore module and used for
the SSH authentication.
Example server now uses the new API for SSH connection. Minor bugfix in
nc_server_config_ssh_new_address_port.
Added two new API calls, one of them sets the path to the known_hosts
file and the other sets the behaviour of host key checking. Now the
client's host key checking functionality is similar to the one described
in man ssh_config under StrictHostKeyChecking.
Stop using the client tests for now, might be added back later.
ECDSA keys can now be used both as a hostkey and for client
authentication. Three key pairs added for a new test.
Added new macro, which works just like ERRARG did before, but it can
take variadic number (up to 5) of arguments and a session the error happened on.
ERRARG still remains and has an extra session argument.
Added support for new privkey identities - PKCS8 and OpenSSH, which are
missing in the ietf-netconf-server model. Renamed config_new to
config_new_ssh.
Added the option to either use diff YANG data or ordinary
ietf-netconf-server YANG data without any operation for configuring the
server.
Trustore and keystore modules now support diff YANG data. Symmetric-keys
keystore feature disabled. New private header for server configuration.
Also renamed store type from ks_type to store.
Added test for replacing configuration data. Renamed configuration setup
API calls. Added loading JSON from files.
Added identities for libssh's host-key, key exchange, encryption and mac
algs.
src/server_config_ks.c Fixed Show fixed Hide fixed
src/server_config_ks.c Fixed Show fixed Hide fixed
src/server_config_ks.c Fixed Show fixed Hide fixed
src/server_config_ks.c Fixed Show fixed Hide fixed
src/server_config_ks.c Fixed Show fixed Hide fixed
src/server_config_ts.c Fixed Show fixed Hide fixed
src/server_config_ts.c Fixed Show fixed Hide fixed
src/server_config_ts.c Fixed Show fixed Hide fixed
src/server_config_ts.c Fixed Show fixed Hide fixed
.github/workflows/ci.yml Outdated Show resolved Hide resolved
.github/workflows/devel-push.yml Outdated Show resolved Hide resolved
@michalvasko michalvasko merged commit 507f7e0 into devel Nov 3, 2023
10 of 11 checks passed
@michalvasko michalvasko deleted the libnetconf3 branch November 3, 2023 14:03
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants