session UPDATE support for modules ignored when creating hello

Author: michalvasko

…[email protected] …[email protected]modules/[email protected] renamed to modules/[email protected] modules/[email protected] renamed to modules/[email protected]

@@ -31,6 +31,10 @@ module libnetconf2-netconf-server {
     prefix tlss;
   }
 
+  revision "2025-01-23" {
+    description "Added a list of YANG modules skipped in the server <hello> message.";
+  }
+
   revision "2024-07-09" {
     description "Second revision.";
   }
@@ -428,11 +432,11 @@ module libnetconf2-netconf-server {
       if-feature "ct:certificate-expiration-notification";
 
       description
-        "Container for the certificate expiration notification intervals.
-         Its child nodes describe the ability to set the time intervals for the certificate
-         expiration notifications. These intervals are given in the form of an anchor and a period.
-         By default, these notifications are generated 3, 2, and 1 month; 2 weeks; 7, 6, 5, 4, 3, 2 and 1 day before a certificate expires.
-         Additionally, notifications are generated on the day of expiration and every day thereafter.
+        "Container for the certificate expiration notification intervals. Its child nodes describe the ability to set
+         the time intervals for the certificate expiration notifications. These intervals are given in the form of an
+         anchor and a period. By default, these notifications are generated 3, 2, and 1 month; 2 weeks; 7, 6, 5, 4, 3,
+         2 and 1 day before a certificate expires. Additionally, notifications are generated on the day of expiration
+         and every day thereafter.
 
          Simplified example of YANG data that describe the default intervals:
 
@@ -471,5 +475,12 @@ module libnetconf2-netconf-server {
         }
       }
     }
+
+    leaf-list ignored-hello-module {
+      type string;
+
+      description
+        "List of implemented sysrepo YANG modules that will not be reported the NETCONF server in its <hello> messages.";
+    }
   }
 }

src/server_config.c

@@ -4014,13 +4014,20 @@ nc_server_config_parse_netconf_server(const struct lyd_node *node, enum nc_opera
 }
 
 int
-nc_server_config_ln2_netconf_server(const struct lyd_node *node, enum nc_operation op)
+nc_server_config_ln2_netconf_server(const struct lyd_node *UNUSED(node), enum nc_operation op)
 {
-    (void) node;
+    uint32_t i;
 
     assert((op == NC_OP_CREATE) || (op == NC_OP_DELETE));
 
     if (op == NC_OP_DELETE) {
+        /* delete ignored modules */
+        for (i = 0; i < server_opts.ignored_mod_count; ++i) {
+            free(server_opts.ignored_modules[i]);
+        }
+        free(server_opts.ignored_modules);
+        server_opts.ignored_modules = NULL;
+        server_opts.ignored_mod_count = 0;
 
 #ifdef NC_ENABLED_SSH_TLS
         /* delete the intervals */
@@ -4163,6 +4170,45 @@ nc_server_config_interval(const struct lyd_node *node, enum nc_operation op)
 
 #endif /* NC_ENABLED_SSH_TLS */
 
+static int
+nc_server_config_ignored_module(const struct lyd_node *node, enum nc_operation op)
+{
+    int ret = 0;
+    const char *mod_name;
+    uint16_t i;
+
+    assert(!strcmp(LYD_NAME(node), "ignored-hello-module"));
+
+    mod_name = lyd_get_value(node);
+
+    if (op == NC_OP_CREATE) {
+        /* add the module */
+        ret = nc_server_config_realloc(mod_name, (void **)&server_opts.ignored_modules,
+                sizeof *server_opts.ignored_modules, &server_opts.ignored_mod_count);
+    } else {
+        /* find the module */
+        for (i = 0; i < server_opts.ignored_mod_count; ++i) {
+            if (!strcmp(server_opts.ignored_modules[i], mod_name)) {
+                break;
+            }
+        }
+        assert(i < server_opts.ignored_mod_count);
+
+        /* remove the module by replacing it with the last */
+        free(server_opts.ignored_modules[i]);
+        if (i < server_opts.ignored_mod_count - 1) {
+            server_opts.ignored_modules[i] = server_opts.ignored_modules[server_opts.ignored_mod_count - 1];
+        }
+        --server_opts.ignored_mod_count;
+        if (!server_opts.ignored_mod_count) {
+            free(server_opts.ignored_modules);
+            server_opts.ignored_modules = NULL;
+        }
+    }
+
+    return ret;
+}
+
 static int
 nc_server_config_parse_libnetconf2_netconf_server(const struct lyd_node *node, enum nc_operation op)
 {
@@ -4177,6 +4223,9 @@ nc_server_config_parse_libnetconf2_netconf_server(const struct lyd_node *node, e
         ret = nc_server_config_interval(node, op);
     }
 #endif /* NC_ENABLED_SSH_TLS */
+    else if (!strcmp(name, "ignored-hello-module")) {
+        ret = nc_server_config_ignored_module(node, op);
+    }
 
     if (ret) {
         ERR(NULL, "Configuring node \"%s\" failed.", LYD_NAME(node));

src/session.c

@@ -1205,6 +1205,11 @@ nc_server_get_cpblts_version(const struct ly_ctx *ctx, LYS_VERSION version)
     /* models */
     u = 0;
     while ((mod = ly_ctx_get_module_iter(ctx, &u))) {
+        if (nc_server_is_mod_ignored(mod->name)) {
+            /* ignored, not part of the cababilities */
+            continue;
+        }
+
         if (!strcmp(mod->name, "ietf-yang-library")) {
             if (!mod->revision || (strcmp(mod->revision, "2016-06-21") && strcmp(mod->revision, "2019-01-04"))) {
                 ERR(NULL, "Unknown \"ietf-yang-library\" revision, only 2016-06-21 and 2019-01-04 are supported.");

src/session_p.h

@@ -1238,6 +1238,14 @@ int nc_session_tls_crl_from_cert_ext_fetch(void *leaf_cert, void *cert_store, vo
 
 #endif /* NC_ENABLED_SSH_TLS */
 
+/**
+ * @brief Check whether a module is not ignored by the server.
+ *
+ * @param[in] mod_name Module name to check.
+ * @return Whether the module is ignored.
+ */
+int nc_server_is_mod_ignored(const char *mod_name);
+
 /**
  * Functions
  * - io.c

src/session_server.c

@@ -4080,3 +4080,17 @@ nc_server_notif_cert_expiration_thread_stop(int wait)
 }
 
 #endif /* NC_ENABLED_SSH_TLS */
+
+int
+nc_server_is_mod_ignored(const char *mod_name)
+{
+    uint16_t i;
+
+    for (i = 0; i < server_opts.ignored_mod_count; ++i) {
+        if (!strcmp(server_opts.ignored_modules[i], mod_name)) {
+            return 1;
+        }
+    }
+
+    return 0;
+}