ASR_BASE
Change-Id: Icf3719cc0afe3eeb3edc7fa80a2eb5199ca9dda1
diff --git a/external/subpack/net/netopeer2/files/netopeer2-server-merge-config.default b/external/subpack/net/netopeer2/files/netopeer2-server-merge-config.default
new file mode 100644
index 0000000..b727156
--- /dev/null
+++ b/external/subpack/net/netopeer2/files/netopeer2-server-merge-config.default
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+# avoid problems with sudo path
+SYSREPOCFG=`which sysrepocfg`
+KS_KEY_NAME=genkey
+
+# check that there is no listen/Call Home configuration yet
+SERVER_CONFIG=`$SYSREPOCFG -X -x "/ietf-netconf-server:netconf-server/listen/endpoint[1]/name | /ietf-netconf-server:netconf-server/call-home/netconf-client[1]/name"`
+if [ -z "$SERVER_CONFIG" ]; then
+
+# import default config
+CONFIG="<netconf-server xmlns=\"urn:ietf:params:xml:ns:yang:ietf-netconf-server\">
+ <listen>
+ <endpoint>
+ <name>default-ssh</name>
+ <ssh>
+ <tcp-server-parameters>
+ <local-address>::</local-address>
+ <keepalives>
+ <idle-time>1</idle-time>
+ <max-probes>10</max-probes>
+ <probe-interval>5</probe-interval>
+ </keepalives>
+ </tcp-server-parameters>
+ <ssh-server-parameters>
+ <server-identity>
+ <host-key>
+ <name>default-key</name>
+ <public-key>
+ <keystore-reference>$KS_KEY_NAME</keystore-reference>
+ </public-key>
+ </host-key>
+ </server-identity>
+ <client-authentication>
+ <supported-authentication-methods>
+ <publickey/>
+ <passsword/>
+ <other>interactive</other>
+ </supported-authentication-methods>
+ <users/>
+ </client-authentication>
+ </ssh-server-parameters>
+ </ssh>
+ </endpoint>
+ </listen>
+</netconf-server>"
+TMPFILE=`mktemp -u`
+printf -- "$CONFIG" > $TMPFILE
+# apply it to startup and running
+$SYSREPOCFG --edit=$TMPFILE -d startup -f xml -m ietf-netconf-server -v2
+$SYSREPOCFG -C startup -m ietf-netconf-server -v2
+# remove the tmp file
+rm $TMPFILE
+
+fi
diff --git a/external/subpack/net/netopeer2/files/netopeer2-server-merge-hostkey.default b/external/subpack/net/netopeer2/files/netopeer2-server-merge-hostkey.default
new file mode 100644
index 0000000..6da8240
--- /dev/null
+++ b/external/subpack/net/netopeer2/files/netopeer2-server-merge-hostkey.default
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+# avoid problems with sudo path
+SYSREPOCFG=`which sysrepocfg`
+OPENSSL=`which openssl`
+
+# check that there is no SSH key with this name yet
+KEYSTORE_KEY=`$SYSREPOCFG -X -x "/ietf-keystore:keystore/asymmetric-keys/asymmetric-key[name='genkey']/name"`
+if [ -z "$KEYSTORE_KEY" ]; then
+
+# generate a new key
+PRIVPEM=`$OPENSSL genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -outform PEM 2>/dev/null`
+# remove header/footer
+PRIVKEY=`grep -v -- "-----" - <<STDIN
+$PRIVPEM
+STDIN`
+# get public key
+PUBPEM=`$OPENSSL rsa -pubout 2>/dev/null <<STDIN
+$PRIVPEM
+STDIN`
+# remove header/footer
+PUBKEY=`grep -v -- "-----" - <<STDIN
+$PUBPEM
+STDIN`
+
+# generate edit config
+CONFIG="<keystore xmlns=\"urn:ietf:params:xml:ns:yang:ietf-keystore\">
+ <asymmetric-keys>
+ <asymmetric-key>
+ <name>genkey</name>
+ <algorithm>rsa2048</algorithm>
+ <public-key>$PUBKEY</public-key>
+ <private-key>$PRIVKEY</private-key>
+ </asymmetric-key>
+ </asymmetric-keys>
+</keystore>"
+TMPFILE=`mktemp -u`
+printf -- "$CONFIG" > $TMPFILE
+# apply it to startup and running
+$SYSREPOCFG --edit=$TMPFILE -d startup -f xml -m ietf-keystore -v2
+$SYSREPOCFG -C startup -m ietf-keystore -v2
+# remove the tmp file
+rm $TMPFILE
+
+fi
diff --git a/external/subpack/net/netopeer2/files/netopeer2-server-setup.default b/external/subpack/net/netopeer2/files/netopeer2-server-setup.default
new file mode 100644
index 0000000..759b35f
--- /dev/null
+++ b/external/subpack/net/netopeer2/files/netopeer2-server-setup.default
@@ -0,0 +1,106 @@
+#!/bin/sh
+
+# Warning, problems can occur if the device restarts in the middle of this uci-default script
+
+# install YANG modules
+SYSREPOCTL=`which sysrepoctl`
+MODDIR="/etc/netopeer2/modules"
+PERMS=600
+OWNER=root
+GROUP=root
+
+# array of modules to install
+MODULES="\
+ietf-netconf-acm@2018-02-14.yang
+ietf-netconf@2013-09-29.yang -e writable-running -e candidate -e rollback-on-error -e validate -e startup -e url -e xpath
+ietf-netconf-monitoring@2010-10-04.yang
+ietf-netconf-nmda@2019-01-07.yang -e origin -e with-defaults
+nc-notifications@2008-07-14.yang
+notifications@2008-07-14.yang
+ietf-x509-cert-to-name@2014-12-10.yang
+ietf-crypto-types@2019-07-02.yang
+ietf-keystore@2019-07-02.yang -e keystore-supported
+ietf-truststore@2019-07-02.yang -e truststore-supported -e x509-certificates
+ietf-tcp-common@2019-07-02.yang -e keepalives-supported
+ietf-ssh-server@2019-07-02.yang -e local-client-auth-supported
+ietf-tls-server@2019-07-02.yang -e local-client-auth-supported
+ietf-netconf-server@2019-07-02.yang -e ssh-listen -e tls-listen -e ssh-call-home -e tls-call-home"
+
+# functions
+INSTALL_MODULE() {
+ local module=`echo "$1" | sed 's/\s.*$//'`
+ $SYSREPOCTL -a -i $MODDIR/$module -s $MODDIR -p $PERMS -o $OWNER -g $GROUP -v2
+ local rc=$?
+ if [ $rc -ne 0 ]; then
+ exit $rc
+ fi
+}
+
+UPDATE_MODULE() {
+ $SYSREPOCTL -a -U $MODDIR/$1 -s $MODDIR -p $PERMS -o $OWNER -g $GROUP -v2
+ local rc=$?
+ if [ $rc -ne 0 ]; then
+ exit $rc
+ fi
+}
+
+ENABLE_FEATURE() {
+ $SYSREPOCTL -a -c $1 -e $2 -v2
+ local rc=$?
+ if [ $rc -ne 0 ]; then
+ exit $rc
+ fi
+}
+
+ENABLE_FEATURES() {
+ # parse sysrepoctl features and add extra space at the end for easier matching
+ local sctl_features="`echo "$SCTL_MODULE" | sed 's/\([^|]*|\)\{6\}\(.*\)/\2/'` "
+ # parse features we want to enable
+ local features=`echo "$1" | sed 's/[^ ]* \(.*\)/\1/'`
+ while [ "${features:0:3}" = "-e " ]; do
+ # skip "-e "
+ features=${features:3}
+ # parse feature
+ local feature=`echo "$features" | sed 's/\([^[:space:]]*\).*/\1/'`
+
+ # enable feature if not already
+ sctl_feature=`echo "$sctl_features" | grep " ${feature} "`
+ if [ -z "$sctl_feature" ]; then
+ # enable feature
+ ENABLE_FEATURE $name $feature
+ fi
+
+ # next iteration, skip this feature
+ features=`echo "$features" | sed 's/[^[:space:]]* \(.*\)/\1/'`
+ done
+}
+
+# get current modules
+SCTL_MODULES=`$SYSREPOCTL -l`
+
+IFS=$'\n'
+for i in $MODULES; do
+ name=`echo "$i" | sed 's/\([^@]*\).*/\1/'`
+
+ SCTL_MODULE=`echo "$SCTL_MODULES" | grep "^$name \+|[^|]*| I"`
+ if [ -z "$SCTL_MODULE" ]; then
+ # install module
+ INSTALL_MODULE "$i"
+ ENABLE_FEATURES "$i"
+ continue
+ fi
+
+ sctl_revision=`echo "$SCTL_MODULE" | sed 's/[^|]*| \([^ ]*\).*/\1/'`
+ revision=`echo "$i" | sed 's/[^@]*@\([^\.]*\).*/\1/'`
+ if [ "$sctl_revision" \< "$revision" ]; then
+ # update module without any features
+ file=`echo "$i" | cut -d' ' -f 1`
+ UPDATE_MODULE $file
+ fi
+
+ ENABLE_FEATURES "$i"
+done
+
+unset IFS
+
+exit 0
diff --git a/external/subpack/net/netopeer2/files/netopeer2-server.init b/external/subpack/net/netopeer2/files/netopeer2-server.init
new file mode 100644
index 0000000..97dadae
--- /dev/null
+++ b/external/subpack/net/netopeer2/files/netopeer2-server.init
@@ -0,0 +1,21 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+STOP=11
+
+USE_PROCD=1
+PROG=/usr/bin/netopeer2-server
+
+start_service() {
+ procd_open_instance
+ procd_set_param command $PROG
+ procd_append_param command -d -v 0
+ procd_set_param respawn
+ procd_close_instance
+}
+
+stop_service()
+{
+ service_stop ${PROG}
+ rm /var/run/netopeer2-server.pid
+}