From patchwork Mon Oct 28 09:03:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Heiko Thiery X-Patchwork-Id: 1185264 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.133; helo=hemlock.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="B8C66pbq"; dkim-atps=neutral Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 471pgr5B9Vz9sP4 for ; Mon, 28 Oct 2019 20:04:40 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 39E66870F6; Mon, 28 Oct 2019 09:04:39 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dds4UqIRXvFh; Mon, 28 Oct 2019 09:04:35 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by hemlock.osuosl.org (Postfix) with ESMTP id E1268872A6; Mon, 28 Oct 2019 09:04:33 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 3F2EA1BF284 for ; Mon, 28 Oct 2019 09:04:29 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 3B52681D7E for ; Mon, 28 Oct 2019 09:04:29 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bAW+fzYIa6H4 for ; Mon, 28 Oct 2019 09:04:27 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com [209.85.128.67]) by whitealder.osuosl.org (Postfix) with ESMTPS id 2364482C36 for ; Mon, 28 Oct 2019 09:04:27 +0000 (UTC) Received: by mail-wm1-f67.google.com with SMTP id q130so8216088wme.2 for ; Mon, 28 Oct 2019 02:04:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=uNbAXONZnGzFHbFzv3zJlDSqxou0QhY5YmZlPJJcx64=; b=B8C66pbqJc218d31k38RNdd6Ngndn5tlYrcRSZ3avk98MsTToqYlsG6fkm3IzgBOIO XNuxsvLnmXFJ963nXnqTLDK56Y226IBX+X/nDXWCLc1kBp8vpLnuo8+eExP2/GwDg49e NpH1oKE/vKmGQQQyh6bkJ/ZrAbMuMTJBcXC8QFLDvTY0E48QGvvCTUGQB3ZN76vIMIX2 SRzL37f3vqk6jIVwo4ohTlQZPJPBn45RkAvshah3A7cNsm3HiaZNXtCxDaEEsAgzkuJA 1LX//Emht2h0UX0xRsIy6XRaIAYvwkAyrq9fFeFbnA4I+yn9aZU8vS7gzAAEUb+K2I62 zkuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uNbAXONZnGzFHbFzv3zJlDSqxou0QhY5YmZlPJJcx64=; b=SxhZsEnWQyQzXX7I4uM/Ge6llLrOLyJNNjqTR0768L/elaPai/8tgut516l7hdvY9O k7foPAYCuMuyLf4yXmZoolUtFsSNDnjI2NbELrm3bQ6ENqKfHTOYttvo58skb8IrnNqE SXAUcZi97TAoKzAVDXz5zNPJRc0dVmbuJQXFzV/uyMhqL8zDspfGOGAhSBLLykyoP1KV RjwVjKKX1wMPg21eYhd26g6tbbqIS/OOjHflexAhLs2BYxSdxi1g/y5IwcJFUiI+CoCG 5sHhLGpqWkwUkfbsNx+5WcS2FiWPsbeC5glS9yNBVY8+cb2Me7tGFzHfMbnF6agPZ3Tw RJBA== X-Gm-Message-State: APjAAAV0dhJGFYLfZNNbWOZHZ/4iefDqzPVsJrsb9IV8/O4KbFn66t2A LKUzeDkS9eiTjxPQxlHNQoxxAI3E X-Google-Smtp-Source: APXvYqwtdS6mdYGsLs9h6YdfjJxmRh03DtluESKeDdXvGFpUZ3LJnz3Ua+sgGskZwxn3JS8GME9JYg== X-Received: by 2002:a1c:4907:: with SMTP id w7mr14143878wma.62.1572253465227; Mon, 28 Oct 2019 02:04:25 -0700 (PDT) Received: from hthiery01.sab.local ([213.135.10.150]) by smtp.gmail.com with ESMTPSA id 26sm10344909wmi.17.2019.10.28.02.04.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 28 Oct 2019 02:04:24 -0700 (PDT) From: Heiko Thiery To: buildroot@buildroot.org Date: Mon, 28 Oct 2019 10:03:28 +0100 Message-Id: <20191028090329.25432-5-heiko.thiery@gmail.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191028090329.25432-1-heiko.thiery@gmail.com> References: <20191028090329.25432-1-heiko.thiery@gmail.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH v5 4/5] package/netopeer2-server: add package X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Heiko Thiery , Heiko Thiery , thomas.petazzoni@bootlin.com Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" From: Heiko Thiery Netopeer2 is a set of tools implementing network configuration tools based on the NETCONF Protocol. This is the second generation of the toolset, originally available as the Netopeer project. Netopeer2 is based on the new generation of the NETCONF and YANG libraries - libyang and libnetconf2. The Netopeer server uses sysrepo as a NETCONF datastore implementation. Signed-off-by: Heiko Thiery --- DEVELOPERS | 1 + package/Config.in | 1 + package/netopeer2-server/Config.in | 51 +++++++++++ package/netopeer2-server/S52netopeer2-server | 90 +++++++++++++++++++ .../netopeer2-server/netopeer2-server.hash | 1 + package/netopeer2-server/netopeer2-server.mk | 33 +++++++ 6 files changed, 177 insertions(+) create mode 100644 package/netopeer2-server/Config.in create mode 100644 package/netopeer2-server/S52netopeer2-server create mode 120000 package/netopeer2-server/netopeer2-server.hash create mode 100644 package/netopeer2-server/netopeer2-server.mk diff --git a/DEVELOPERS b/DEVELOPERS index 0f0089dfaf..217d044930 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -1049,6 +1049,7 @@ N: Heiko Thiery F: package/libnetconf2/ F: package/libyang/ F: package/netopeer2-keystored/ +F: package/netopeer2-server/ F: package/sysrepo/ N: Henrique Camargo diff --git a/package/Config.in b/package/Config.in index 1fcd7dd2d7..aaecef433f 100644 --- a/package/Config.in +++ b/package/Config.in @@ -1660,6 +1660,7 @@ menu "Networking" source "package/nanomsg/Config.in" source "package/neon/Config.in" source "package/netopeer2-keystored/Config.in" + source "package/netopeer2-server/Config.in" source "package/nghttp2/Config.in" source "package/norm/Config.in" source "package/nss-mdns/Config.in" diff --git a/package/netopeer2-server/Config.in b/package/netopeer2-server/Config.in new file mode 100644 index 0000000000..abae534a4b --- /dev/null +++ b/package/netopeer2-server/Config.in @@ -0,0 +1,51 @@ +comment "netopeer2server needs a toolchain w/ C++, threads, dynamic library, host gcc >= 4.8" + depends on BR2_USE_MMU + depends on BR2_STATIC_LIBS || !BR2_INSTALL_LIBSTDCPP \ + || !BR2_TOOLCHAIN_HAS_THREADS || !BR2_HOST_GCC_AT_LEAST_4_8 + depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86" + +config BR2_PACKAGE_NETOPEER2_SERVER + bool "netopeer2-server" + depends on BR2_USE_MMU # sysrepo + depends on !BR2_STATIC_LIBS # sysrepo + depends on BR2_INSTALL_LIBSTDCPP # sysrepo + depends on BR2_TOOLCHAIN_HAS_THREADS + depends on !BR2_STATIC_LIBS + # host-protobuf only builds on certain architectures + depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86" + select BR2_PACKAGE_LIBAVL + select BR2_PACKAGE_LIBEV + select BR2_PACKAGE_LIBYANG + select BR2_PACKAGE_LIBNETCONF2 + select BR2_PACKAGE_PROTOBUF_C + select BR2_PACKAGE_PCRE + select BR2_PACKAGE_PCRE_UCP + select BR2_PACKAGE_SYSREPO + select BR2_PACKAGE_NETOPEER2_KEYSTORED + # at the moment SSH transport is mandatory + select BR2_PACKAGE_NETOPEER2_SERVER_SSH + + help + Netopeer2 is a set of tools implementing network + configuration tools based on the NETCONF Protocol. + + This is the server part. + + https://github.com/CESNET/Netopeer2 + +if BR2_PACKAGE_NETOPEER2_SERVER + +config BR2_PACKAGE_NETOPEER2_SERVER_TLS + bool "TLS transport" + select BR2_PACKAGE_OPENSSL + help + Enable TLS transport layer support. + +config BR2_PACKAGE_NETOPEER2_SERVER_SSH + bool "SSH transport" + select BR2_PACKAGE_LIBSSH + select BR2_PACKAGE_LIBSSH_SERVER + help + Enable SSH transport layer support. + +endif diff --git a/package/netopeer2-server/S52netopeer2-server b/package/netopeer2-server/S52netopeer2-server new file mode 100644 index 0000000000..0bad83325a --- /dev/null +++ b/package/netopeer2-server/S52netopeer2-server @@ -0,0 +1,90 @@ +#!/bin/sh + +DAEMON="netopeer2-server" +PIDFILE="/var/run/$DAEMON.pid" + +NETOPEER2_SERVER_ARGS="" + +KEYSTORED_HOST_KEY="/etc/keystored/keys/ssh_host_rsa_key.pem" + +SSHKEYGEN="/usr/bin/dropbearkey" +DROPBEARKEY="/usr/bin/dropbearkey" +DROPBEARCONVERT="/usr/bin/dropbearconvert" + +dropbear_keygen() { + ${DROPBEARKEY} -t rsa -f ${KEYSTORED_HOST_KEY} + ${DROPBEARCONVERT} dropbear openssh ${KEYSTORED_HOST_KEY} ${KEYSTORED_HOST_KEY} +} + +ssh_keygen() { + ${SSHKEYGEN} -m pem -t rsa -q -N "" -f ${KEYSTORED_HOST_KEY} +} + +keygen() { + if [ -x ${DROPBEARKEY} -a -x ${DROPBEARCONVERT} ]; then + dropbear_keygen + status=$? + elif [ -x ${SSHKEYGEN} ]; then + ssh_keygen + status=$? + else + status=1 + fi + + return "$status" +} + +start() { + printf 'Starting %s: ' "$DAEMON" + if [ ! -f ${KEYSTORED_HOST_KEY} ]; then + keygen + status=$? + if [ "$status" -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + else + echo "OK" + fi + + start-stop-daemon -S -b -q -p $PIDFILE -x "/usr/bin/$DAEMON" \ + -- $NETOPEER2_SERVER_ARGS + status=$? + if [ "$status" -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + return "$status" +} + +stop() { + printf 'Stopping %s: ' "$DAEMON" + start-stop-daemon -K -q -p $PIDFILE + status=$? + if [ "$status" -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + return "$status" +} + +restart() { + stop + sleep 1 + start +} + +reload() { + # we do not support real reload .. just restart + restart +} + +case "$1" in + start|stop|restart|reload) + "$1";; + *) + echo "Usage: $0 {start|stop|restart|reload}" +esac diff --git a/package/netopeer2-server/netopeer2-server.hash b/package/netopeer2-server/netopeer2-server.hash new file mode 120000 index 0000000000..47bb47d7e3 --- /dev/null +++ b/package/netopeer2-server/netopeer2-server.hash @@ -0,0 +1 @@ +../netopeer2-keystored/netopeer2-keystored.hash \ No newline at end of file diff --git a/package/netopeer2-server/netopeer2-server.mk b/package/netopeer2-server/netopeer2-server.mk new file mode 100644 index 0000000000..449c2082d3 --- /dev/null +++ b/package/netopeer2-server/netopeer2-server.mk @@ -0,0 +1,33 @@ +################################################################################ +# +# netopeer2-server +# +################################################################################ + +NETOPEER2_SERVER_VERSION = 0.7-r2 +NETOPEER2_SERVER_SOURCE = netopeer2-$(NETOPEER2_SERVER_VERSION).tar.gz +NETOPEER2_SERVER_SITE = $(call github,CESNET,Netopeer2,v$(NETOPEER2_SERVER_VERSION)) +NETOPEER2_SERVER_DL_SUBDIR = netopeer2 +NETOPEER2_SERVER_LICENSE = BSD-3-Clause +NETOPEER2_SERVER_LICENSE_FILES = LICENSE +NETOPEER2_SERVER_SUBDIR = server +NETOPEER2_SERVER_DEPENDENCIES = libyang sysrepo + +NETOPEER2_SERVER_CONF_OPTS = \ + -DENABLE_CONFIGURATION=ON \ + -DKEYSTORED_KEYS_DIR=/etc/keystored/keys + +define NETOPEER2_SERVER_INSTALL_INIT_SYSV + $(INSTALL) -m 755 -D package/netopeer2-server/S52netopeer2-server \ + $(TARGET_DIR)/etc/init.d/S52netopeer2-server +endef + +define NETOPEER2_SERVER_PERMISSIONS + /etc/sysrepo/data/ietf-netconf-server.persist f 600 0 0 - - - - - + /etc/sysrepo/data/ietf-netconf-server.running f 600 0 0 - - - - - + /etc/sysrepo/data/ietf-netconf-server.running.lock f 600 0 0 - - - - - + /etc/sysrepo/data/ietf-netconf-server.startup f 600 0 0 - - - - - + /etc/sysrepo/data/ietf-netconf-server.startup.lock f 600 0 0 - - - - - +endef + +$(eval $(cmake-package))