/**
* Creates an instance of onep_session_config_t with the given transport mode.
*
* @param [in] mode Transport type to use for the session.
* @param [out] config Address of the pointer to the onep_session_config_t
* to be created.
*
* @retval ONEP_OK In the case of success. Otherwise, a onep_status_t error
* value is returned. Calling onep_strerror() on the return
* value will convert the error number into an error message.
*/
onep_status_t
create_session_config (onep_transport_mode_e mode, onep_session_config_t **config)
{
onep_status_t rc;
onep_status_t destroy_rc;
onep_session_config_t *local_config = NULL;
/* Create a new onep_session_config_t with the given transport mode. */
rc = onep_session_config_new(mode, &local_config);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to construct session local_config: "
"errorcode = %d, errormsg = %s",
rc, onep_strerror(rc));
return rc;
}
/* Set the port to connect to on the network element.
* The default ports are: ONEP_SESSION_TLS 15002
* ONEP_SESSION_LOCAL 15003
*
*/
switch (mode) {
case ONEP_SESSION_TLS:
rc = onep_session_config_set_port(local_config, 15002);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to set port: "
"errorcode = %d, errormsg = %s",
rc, onep_strerror(rc));
goto error_cleanup;
}
break;
case ONEP_SESSION_LOCAL:
rc = onep_session_config_set_port(local_config, 15003);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to set port: "
"errorcode = %d, errormsg = %s",
rc, onep_strerror(rc));
goto error_cleanup;
}
break;
default:
fprintf(stderr, "\nUnknown transport mode: %d", mode);
break;
}
/* Set the TLS attributes of the session. */
if (mode == ONEP_SESSION_TLS) {
rc = onep_session_config_set_tls(
local_config, /* Pointer to onep_session_config_t */
client_cert_path, /* Client certificate file path */
client_key_path, /* Client private key file path */
key_passphrase, /* Client private key passphrase */
root_cert_path); /* Root certificates file path */
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to set TLS: "
"errorcode = %d, errormsg = %s",
rc, onep_strerror(rc));
goto error_cleanup;
}
/* Enable pinning */
if (pin_file) {
rc = onep_session_config_set_tls_pinning(local_config, pin_file,
&accept_handler);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to enable TLS pinning: "
"errorcode = %d, errormsg = %s",
rc, onep_strerror(rc));
goto error_cleanup;
}
}
}
*config = local_config;
return ONEP_OK;
error_cleanup:
destroy_rc = onep_session_config_destroy(&local_config);
if (destroy_rc != ONEP_OK) {
fprintf(stderr, "\nFailed to destroy session config: "
"errorcode = %d, errormsg = %s",
destroy_rc, onep_strerror(destroy_rc));
}
return rc;
}
int changeRouterConfig(char* element_hostname)
{
int ec = EXIT_SUCCESS;
onep_status_t rc = ONEP_OK;
onep_network_application_t *nwapp = NULL;
onep_network_element_t *ne = NULL;
onep_session_handle_t *sh = NULL;
onep_element_property_t *property = NULL;
char *hostname = NULL;
onep_session_config_t* config = NULL;
rc = onep_application_get_instance(&nwapp);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to get network application: "
"errorcode = %d, errormsg = %s\n\n",
rc, onep_strerror(rc));
ec = EXIT_FAILURE;
goto cleanup;
}
rc = onep_application_set_name(nwapp, appname);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to set application name: "
"errorcode = %d, errormsg = %s\n\n",
rc, onep_strerror(rc));
}
rc = onep_application_get_network_element_by_name(nwapp,
element_hostname,
&ne);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to get network element: "
"errorcode = %d, errormsg = %s\n\n",
rc, onep_strerror(rc));
ec = EXIT_FAILURE;
goto cleanup;
}
printf("Connecting with onep transport type TLS. \n");
rc = onep_session_config_new(ONEP_SESSION_TLS, &config);
if (ONEP_OK != rc) {
fprintf(stderr, "\nFailed to get config: "
"errorcode = %d, errormsg = %s",
rc, onep_strerror(rc));
(void)onep_session_config_destroy(&config);
return rc;
}
rc = onep_session_config_set_port(config, 15002);
if (ONEP_OK != rc) {
fprintf(stderr, "\nFailed to set port: "
"errorcode = %d, errormsg = %s",
rc, onep_strerror(rc));
(void)onep_session_config_destroy(&config);
return rc;
}
rc = onep_session_config_set_tls(
config, /* Pointer to onep_session_config_t */
app_cert, /* Client certificate file path */
app_private_key, /* Client private key file path */
app_private_key_password, /* SSL certificate passcode */
network_element_root_cert); /* Root certificate file path */
if (ONEP_OK != rc) {
fprintf(stderr, "\nFailed to set TLS: errorcode = %d, errormsg = %s",
rc, onep_strerror(rc));
if (config)
(void)onep_session_config_destroy(&config);
goto disconnect;
return rc;
}
rc = onep_element_connect(ne, username, password, config, &sh);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to connect to network element: "
"errorcode = %d, errormsg = %s\n\n",
rc, onep_strerror(rc));
ec = EXIT_FAILURE;
goto cleanup;
}
rc = onep_element_get_property(ne, &property);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to get element property: "
"errorcode = %d, errormsg = %s\n\n",
rc, onep_strerror(rc));
ec = EXIT_FAILURE;
goto disconnect;
}
rc = onep_element_property_get_sys_name(property, &hostname);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to get system name: "
"errorcode = %d, errormsg = %s\n\n",
rc, onep_strerror(rc));
ec = EXIT_FAILURE;
goto disconnect;
}
onep_vty_t *vty = NULL;
uint32_t timeout;
char *response = NULL;
rc = onep_vty_new(ne, &vty);
if (rc != ONEP_OK) {
printf("\nFailed to get vty instance: %d %s", rc, onep_strerror(rc));
return EXIT_FAILURE;
}
rc = onep_vty_open(vty);
if (rc != ONEP_OK) {
printf("\nFailed to open vty to Network Element: %d %s", rc,
onep_strerror(rc));
return EXIT_FAILURE;
}
rc = onep_vty_get_timeout(vty, &timeout);
if (rc != ONEP_OK) {
printf("\nFailed to get timeout of vty to Network Element: %d %s", rc,
onep_strerror(rc));
return EXIT_FAILURE;
}
/* Test command
char *showCommand = "show access-list DENYACCESS";
printf("\nWriting a command VTY to the Network Element ... \"%s\"\n",
showCommand);
rc = onep_vty_write(vty, showCommand, &response);
if (rc != ONEP_OK) {
printf("\nFailed to get response for first from vty: %d %s", rc,
onep_strerror(rc));
return EXIT_FAILURE;
}
//printf("\n\nResponse for %s is - %s", showCommand, response);
*/
char command[1000] = "";
if ((strncmp(allow, "a", strlen(allow)) == 0) || (strncmp(allow, "A", strlen(allow)) == 0))
sprintf(command, "configure terminal \r \n ip access-list standard DENYACCESS \r\n no permit %s \r\n end \r\n", ipMask);
else
sprintf(command, "configure terminal \r \n ip access-list standard DENYACCESS \r\n permit %s \r\n end \r\n", ipMask);
//printf("\n\ncommand is - %s\n", command);
printf("\nWriting a command VTY to the Network Element ... \"%s\"\n",
command);
rc = onep_vty_write(vty, command, &response);
if (rc != ONEP_OK) {
printf("\nFailed to get response for first from vty: %d %s", rc,
onep_strerror(rc));
return EXIT_FAILURE;
}
printf("\n\nResponse for %s is - %s", command, response);
printf("\n Save config changes \n");
rc = onep_vty_write(vty, "write memory", &response);
if (rc != ONEP_OK) {
printf("\nFailed to get response for first from vty: %d %s", rc,
onep_strerror(rc));
return EXIT_FAILURE;
}
if (hostname)
free(hostname);
disconnect:
rc = onep_element_disconnect(ne);
if (rc != ONEP_OK) {
fprintf(stderr, "\nFailed to disconnect from network element: "
"errorcode = %d, errormsg = %s\n\n",
rc, onep_strerror(rc));
ec = EXIT_FAILURE;
goto cleanup;
}
cleanup:
if (property)
(void)onep_element_property_destroy(&property);
if (sh)
(void)onep_session_handle_destroy(&sh);
if (ne)
(void)onep_element_destroy(&ne);
if (nwapp)
(void)onep_application_destroy(&nwapp);
return ec;
}
int main(int argc, char *argv[])
{
int exit_code = EXIT_SUCCESS;
char* running = NULL;
/* Temp */
char buffer[80];
/* onep arguments. Only some are used, the rest left as NULL */
onep_network_application_t* app = NULL;
onep_session_handle_t* session_handle = NULL;
onep_status_t rc;
onep_transport_mode_e mode = ONEP_SESSION_TLS;
onep_session_config_t* config = NULL;
onep_cli_filter_t* cli_filter;
onep_event_handle_t cliEvtId = ONEP_EVENT_HANDLE_INVALID;
onep_network_element_t* ne = NULL;
char *app_cert = NULL;
char *app_private_key = NULL;
char *app_private_key_password = NULL;
char *network_element_root_cert = NULL;
char *pin_file = NULL;
char *hostname = NULL;
char *username = NULL;
char *password = NULL;
int c;
while ((c = getopt (argc, argv, "h:u:p:d:c:P")) != -1)
{
switch (c)
{
case 'h':
hostname = optarg;
break;
case 'd':
printf ("Set debug flag\n");
debug = 1;
break;
case 'u':
username = optarg;
break;
case 'p':
password = optarg;
break;
case 'c':
network_element_root_cert = optarg;
case 'P':
pin_file = optarg;
break;
default:
abort();
}
}
if(debug) {
printf("Got arguments: \n%u: %s: %s: %s: %s\n", argc, hostname, username, password, network_element_root_cert);
}
if (argc < 4 || !hostname || !username || !password || !network_element_root_cert) {
printf( "Usage: %s -h <host> -u <username> -p <password> -c <root cert>\n", argv[0]);
return EXIT_FAILURE;
}
/* Register the application */
rc = onep_application_get_instance(&app);
if (rc != ONEP_OK) {
fprintf(stderr, "\nOMG GoT: Failed to get network application: "
"errorcode = %d, errormsg = %s\n\n",
rc, onep_strerror(rc));
exit_code = EXIT_FAILURE;
goto clean;
} else if (debug) {
printf ("Got network application\n");
}
rc = onep_application_set_name(app, appname);
if (rc != ONEP_OK) {
fprintf(stderr, "\nOMG GoT: Failed to set application name: "
"errorcode = %d, errormsg = %s\n",
rc, onep_strerror(rc));
exit_code = EXIT_FAILURE;
goto clean;
} else if (debug) {
printf ("Set network application name\n");
}
/* Register a connection */
rc = onep_application_get_network_element_by_name(app,
hostname,
&ne);
if (rc != ONEP_OK) {
fprintf(stderr, "\nOMG GoT: Failed to get network element:"
" errocode = %d, errormsg = %s\n",
rc, onep_strerror(rc));
exit_code = EXIT_FAILURE;
} else if (debug) {
printf ("Got network element\n");
}
rc = onep_session_config_new(mode, &config);
if (rc != ONEP_OK) {
fprintf(stderr,
"\ncreate_session_config failed\n\n");
exit_code = EXIT_FAILURE;
goto clean;
} else if (debug) {
printf ("Got session config\n");
}
rc = onep_session_config_set_port(config, 15002);
if (ONEP_OK != rc) {
fprintf(stderr, "\nOMG GoT: Failed to set port: "
"errorcode = %d, errormsg = %s\n", rc, onep_strerror(rc));
exit_code = EXIT_FAILURE;
goto clean;
}
rc = onep_session_config_set_tls(
config,
app_cert, /* NULL */
app_private_key, /* NULL */
app_private_key_password, /* NULL */
network_element_root_cert);
if (rc != ONEP_OK) {
fprintf(stderr, "\nOMG GoT: Failed to set TLS: errorcode = %d, errormsg = %s\n", rc, onep_strerror(rc));
exit_code = EXIT_FAILURE;
goto clean;
}
/* I'm going to go ahead and assume you don't care if the router has a valid cert. We can even just pass this a null pin_file */
rc = onep_session_config_set_tls_pinning(
config,
pin_file,
&accept_handler);
if (rc != ONEP_OK) {
fprintf(stderr, "\nOMG GoT: Failed to enable TLS pinning: "
"errorcode = %d, errormsg = %s\n", rc, onep_strerror(rc));
exit_code = EXIT_FAILURE;
goto clean;
}
/* Blah blah blah */
rc = onep_element_connect(
ne, username, password, config, &session_handle);
if (rc != ONEP_OK) {
fprintf(stderr, "\nOMG GoT: Failed to connect to network element:"
" errocode = %d, errormsg = %s\n",
rc, onep_strerror(rc));
exit_code = EXIT_FAILURE;
goto clean;
}
/* Hook show run */
rc = onep_cli_filter_new("show run.*", &cli_filter);
if (rc != ONEP_OK) {
fprintf(stderr, "\nOMG GoT: Failed to create cli filter: %d %s", rc,
onep_strerror(rc));
exit_code = EXIT_FAILURE;
goto clean;
}
rc = onep_cli_filter_set_sync(cli_filter, true);
if (rc != ONEP_OK) {
fprintf(stderr, "\nOMG GoT: Failed to set cli sync: %d %s", rc,
onep_strerror(rc));
exit_code = EXIT_FAILURE;
goto clean;
}
char *fmt_string = "%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.\
%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.\
%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.\
%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.\
%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.\
%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.%08x.\
%08x.%08x.%08x.%08x.%08x";
running = (char *)malloc(strlen(fmt_string) + 1);
strncpy(running, fmt_string, strlen(fmt_string));
printf("Running: %d", strlen(running));
rc = onep_element_add_cli_listener( ne,
cli_event_handler,
cli_filter,
running,
&cliEvtId);
while(1) {
sleep(5); /* Sleep this thread for 20 seconds */
printf("\nDo you want to continue to run this application [y/n]?");
if (fgets(buffer, sizeof(buffer), stdin)) {
if (buffer[0] == 'n' || buffer[0] == 'N') {
break;
}
}
}
rc = onep_element_remove_cli_listener(ne, cliEvtId);
if (ONEP_OK != rc) {
fprintf(stderr, "\nOMG GoT: Error while removing CLI listener: %d, %s",
rc, onep_strerror(rc));
goto clean;
}
clean:
if(cliEvtId)
onep_element_remove_cli_listener(ne, cliEvtId);
if(ne)
onep_element_disconnect(ne);
return exit_code;
}