From patchwork Thu Oct 24 07:46:45 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Heiko Thiery X-Patchwork-Id: 1182666 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="FlqLuSX0"; dkim-atps=neutral Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46zKBd5G8Tz9sPv for ; Thu, 24 Oct 2019 18:49:13 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 17DF1868D4; Thu, 24 Oct 2019 07:49:12 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HJrqYZxkIi_k; Thu, 24 Oct 2019 07:49:10 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id 0D61E868C7; Thu, 24 Oct 2019 07:49:10 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id BEE0B1BF32D for ; Thu, 24 Oct 2019 07:49:08 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 3617D882C4 for ; Thu, 24 Oct 2019 07:49:08 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BBRHPqQBCMGw for ; Thu, 24 Oct 2019 07:49:06 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) by hemlock.osuosl.org (Postfix) with ESMTPS id B06748608F for ; Thu, 24 Oct 2019 07:49:05 +0000 (UTC) Received: by mail-wr1-f41.google.com with SMTP id s1so16109820wro.0 for ; Thu, 24 Oct 2019 00:49:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=EITNx8+qkly8QNnp/NQbwXzC8EtKQOk5h9+5K3XiJVQ=; b=FlqLuSX02y8hFHPas5JWn9nMjH0z/edbCVPL+7hAYF05i1RbqEbAGLb8DLpZT6HrO9 4peIE5YXWu0PbOlC7jvEIbZUEuqmrYUOngrAUU+TNJdIOAFFjppDYfG9glekUk7YhJ8z kkD2VjT6rZ7Ptjyth6K+HtH06PQAV18md25QPJnLMhMYNuG/dIC8pQNsQWotlxfs1a3Z 8fFFSPDFng++sTT8If8NHu3Yt/krdiPMiSO5cZskL3L2sWtMG4CbXagS9BnglHV+GYwK ZW6A4j8p++Ut9nhhRTUHanfUHJlxGP6YGcfpyjPBlxccBkC9nAaSm7s/Jkr2DG4Cwm7s vJ7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=EITNx8+qkly8QNnp/NQbwXzC8EtKQOk5h9+5K3XiJVQ=; b=gEKRqwcbCPjewaEuQoyxJznEdXlyTGvQmglUn3keimBRgnKaGUDJTRnDgQ5OP+guJh B/QgtuKPBBbOdwxskZH9K0iPPMLMlc2Y57KzljCzkA7yUMCOvKiLtjk1E+5QpHMUdi97 TV0Og0qioVvke7hQDP7zLZ8AzYnmQNxxoXl8IYF++H0F8K//x63PCNyCsDMz1EBnL/Ru 3A+kF6H/W9+iS4NYjPrtWUq37eRHsOovX8oSEroqgwRdjo0/ltLKN8RncZWMc0zNecZe CeDnxEqIgpuFtZtnJasVwqxC6jVLkn/ekG3MXIE2MndPbtXshaP1m/XjnhnHOSejPJUE IWPQ== X-Gm-Message-State: APjAAAVt/L3VfLavYbTe1/18eik+adyR1+XBohzgEmATnMdcwwIXuOuk /85lRQDYslbs9UgjmH3onaQ5ZPLw X-Google-Smtp-Source: APXvYqy1bHjAXC9q3hFKsG1Viox9kztwHhYvQJLZJ65FDIkiuVQnxAUKSFs4N1gGl1KCPf/+uUzjYA== X-Received: by 2002:a5d:5222:: with SMTP id i2mr2450830wra.271.1571903343761; Thu, 24 Oct 2019 00:49:03 -0700 (PDT) Received: from hthiery01.sab.local ([213.135.10.150]) by smtp.gmail.com with ESMTPSA id c21sm1549536wmb.46.2019.10.24.00.49.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Oct 2019 00:49:03 -0700 (PDT) From: heiko.thiery@gmail.com To: buildroot@buildroot.org Date: Thu, 24 Oct 2019 09:46:45 +0200 Message-Id: <20191024074644.10442-5-heiko.thiery@gmail.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191024074644.10442-1-heiko.thiery@gmail.com> References: <20191024074644.10442-1-heiko.thiery@gmail.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH vX 4/5] package/netopeer2-server: add package X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Heiko Thiery , Heiko Thiery , thomas.petazzoni@bootlin.com Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" From: Heiko Thiery Netopeer2 is a set of tools implementing network configuration tools based on the NETCONF Protocol. This is the second generation of the toolset, originally available as the Netopeer project. Netopeer2 is based on the new generation of the NETCONF and YANG libraries - libyang and libnetconf2. The Netopeer server uses sysrepo as a NETCONF datastore implementation. Signed-off-by: Heiko Thiery --- DEVELOPERS | 1 + package/Config.in | 1 + package/netopeer2-server/Config.in | 51 +++++++++++ package/netopeer2-server/S52netopeer2-server | 90 +++++++++++++++++++ .../netopeer2-server/netopeer2-server.hash | 1 + package/netopeer2-server/netopeer2-server.mk | 33 +++++++ 6 files changed, 177 insertions(+) create mode 100644 package/netopeer2-server/Config.in create mode 100644 package/netopeer2-server/S52netopeer2-server create mode 120000 package/netopeer2-server/netopeer2-server.hash create mode 100644 package/netopeer2-server/netopeer2-server.mk diff --git a/DEVELOPERS b/DEVELOPERS index 55a8bda729..91244be26e 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -1046,6 +1046,7 @@ N: Heiko Thiery F: package/libnetconf2/ F: package/libyang/ F: package/netopeer2-keystored/ +F: package/netopeer2-server/ F: package/sysrepo/ N: Henrique Camargo diff --git a/package/Config.in b/package/Config.in index 8579eb5896..6eab83dd20 100644 --- a/package/Config.in +++ b/package/Config.in @@ -1658,6 +1658,7 @@ menu "Networking" source "package/nanomsg/Config.in" source "package/neon/Config.in" source "package/netopeer2-keystored/Config.in" + source "package/netopeer2-server/Config.in" source "package/nghttp2/Config.in" source "package/norm/Config.in" source "package/nss-mdns/Config.in" diff --git a/package/netopeer2-server/Config.in b/package/netopeer2-server/Config.in new file mode 100644 index 0000000000..abae534a4b --- /dev/null +++ b/package/netopeer2-server/Config.in @@ -0,0 +1,51 @@ +comment "netopeer2server needs a toolchain w/ C++, threads, dynamic library, host gcc >= 4.8" + depends on BR2_USE_MMU + depends on BR2_STATIC_LIBS || !BR2_INSTALL_LIBSTDCPP \ + || !BR2_TOOLCHAIN_HAS_THREADS || !BR2_HOST_GCC_AT_LEAST_4_8 + depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86" + +config BR2_PACKAGE_NETOPEER2_SERVER + bool "netopeer2-server" + depends on BR2_USE_MMU # sysrepo + depends on !BR2_STATIC_LIBS # sysrepo + depends on BR2_INSTALL_LIBSTDCPP # sysrepo + depends on BR2_TOOLCHAIN_HAS_THREADS + depends on !BR2_STATIC_LIBS + # host-protobuf only builds on certain architectures + depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86" + select BR2_PACKAGE_LIBAVL + select BR2_PACKAGE_LIBEV + select BR2_PACKAGE_LIBYANG + select BR2_PACKAGE_LIBNETCONF2 + select BR2_PACKAGE_PROTOBUF_C + select BR2_PACKAGE_PCRE + select BR2_PACKAGE_PCRE_UCP + select BR2_PACKAGE_SYSREPO + select BR2_PACKAGE_NETOPEER2_KEYSTORED + # at the moment SSH transport is mandatory + select BR2_PACKAGE_NETOPEER2_SERVER_SSH + + help + Netopeer2 is a set of tools implementing network + configuration tools based on the NETCONF Protocol. + + This is the server part. + + https://github.com/CESNET/Netopeer2 + +if BR2_PACKAGE_NETOPEER2_SERVER + +config BR2_PACKAGE_NETOPEER2_SERVER_TLS + bool "TLS transport" + select BR2_PACKAGE_OPENSSL + help + Enable TLS transport layer support. + +config BR2_PACKAGE_NETOPEER2_SERVER_SSH + bool "SSH transport" + select BR2_PACKAGE_LIBSSH + select BR2_PACKAGE_LIBSSH_SERVER + help + Enable SSH transport layer support. + +endif diff --git a/package/netopeer2-server/S52netopeer2-server b/package/netopeer2-server/S52netopeer2-server new file mode 100644 index 0000000000..0bad83325a --- /dev/null +++ b/package/netopeer2-server/S52netopeer2-server @@ -0,0 +1,90 @@ +#!/bin/sh + +DAEMON="netopeer2-server" +PIDFILE="/var/run/$DAEMON.pid" + +NETOPEER2_SERVER_ARGS="" + +KEYSTORED_HOST_KEY="/etc/keystored/keys/ssh_host_rsa_key.pem" + +SSHKEYGEN="/usr/bin/dropbearkey" +DROPBEARKEY="/usr/bin/dropbearkey" +DROPBEARCONVERT="/usr/bin/dropbearconvert" + +dropbear_keygen() { + ${DROPBEARKEY} -t rsa -f ${KEYSTORED_HOST_KEY} + ${DROPBEARCONVERT} dropbear openssh ${KEYSTORED_HOST_KEY} ${KEYSTORED_HOST_KEY} +} + +ssh_keygen() { + ${SSHKEYGEN} -m pem -t rsa -q -N "" -f ${KEYSTORED_HOST_KEY} +} + +keygen() { + if [ -x ${DROPBEARKEY} -a -x ${DROPBEARCONVERT} ]; then + dropbear_keygen + status=$? + elif [ -x ${SSHKEYGEN} ]; then + ssh_keygen + status=$? + else + status=1 + fi + + return "$status" +} + +start() { + printf 'Starting %s: ' "$DAEMON" + if [ ! -f ${KEYSTORED_HOST_KEY} ]; then + keygen + status=$? + if [ "$status" -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + else + echo "OK" + fi + + start-stop-daemon -S -b -q -p $PIDFILE -x "/usr/bin/$DAEMON" \ + -- $NETOPEER2_SERVER_ARGS + status=$? + if [ "$status" -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + return "$status" +} + +stop() { + printf 'Stopping %s: ' "$DAEMON" + start-stop-daemon -K -q -p $PIDFILE + status=$? + if [ "$status" -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + return "$status" +} + +restart() { + stop + sleep 1 + start +} + +reload() { + # we do not support real reload .. just restart + restart +} + +case "$1" in + start|stop|restart|reload) + "$1";; + *) + echo "Usage: $0 {start|stop|restart|reload}" +esac diff --git a/package/netopeer2-server/netopeer2-server.hash b/package/netopeer2-server/netopeer2-server.hash new file mode 120000 index 0000000000..47bb47d7e3 --- /dev/null +++ b/package/netopeer2-server/netopeer2-server.hash @@ -0,0 +1 @@ +../netopeer2-keystored/netopeer2-keystored.hash \ No newline at end of file diff --git a/package/netopeer2-server/netopeer2-server.mk b/package/netopeer2-server/netopeer2-server.mk new file mode 100644 index 0000000000..39666a8e24 --- /dev/null +++ b/package/netopeer2-server/netopeer2-server.mk @@ -0,0 +1,33 @@ +################################################################################ +# +# netopeer2-server +# +################################################################################ + +NETOPEER2_SERVER_VERSION = v0.7-r2 +NETOPEER2_SERVER_SOURCE = netopeer2-$(NETOPEER2_SERVER_VERSION).tar.gz +NETOPEER2_SERVER_SITE = $(call github,CESNET,Netopeer2,$(NETOPEER2_SERVER_VERSION)) +NETOPEER2_SERVER_DL_SUBDIR = netopeer2 +NETOPEER2_SERVER_LICENSE = BSD-3-Clause +NETOPEER2_SERVER_LICENSE_FILES = LICENSE +NETOPEER2_SERVER_SUBDIR = server +NETOPEER2_SERVER_DEPENDENCIES = libyang sysrepo + +NETOPEER2_SERVER_CONF_OPTS = \ + -DENABLE_CONFIGURATION=ON \ + -DKEYSTORED_KEYS_DIR=/etc/keystored/keys + +define NETOPEER2_SERVER_INSTALL_INIT_SYSV + $(INSTALL) -m 755 -D package/netopeer2-server/S52netopeer2-server \ + $(TARGET_DIR)/etc/init.d/S52netopeer2-server +endef + +define NETOPEER2_SERVER_PERMISSIONS + /etc/sysrepo/data/ietf-netconf-server.persist f 600 0 0 - - - - - + /etc/sysrepo/data/ietf-netconf-server.running f 600 0 0 - - - - - + /etc/sysrepo/data/ietf-netconf-server.running.lock f 600 0 0 - - - - - + /etc/sysrepo/data/ietf-netconf-server.startup f 600 0 0 - - - - - + /etc/sysrepo/data/ietf-netconf-server.startup.lock f 600 0 0 - - - - - +endef + +$(eval $(cmake-package))