From: Razvan Becheriu Date: Fri, 20 Jun 2025 09:45:05 +0000 (+0300) Subject: [#3907] use tls for control-socket X-Git-Tag: Kea-3.0.0~9 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=4bc838732cd61062958df9a3c4ca6fdc6b0492c5;p=thirdparty%2Fkea.git [#3907] use tls for control-socket --- diff --git a/src/share/yang/modules/hashes/kea-dhcp-types@2025-06-25.hash b/src/share/yang/modules/hashes/kea-dhcp-types@2025-06-25.hash index f5f48f8c64..49f90d9c78 100644 --- a/src/share/yang/modules/hashes/kea-dhcp-types@2025-06-25.hash +++ b/src/share/yang/modules/hashes/kea-dhcp-types@2025-06-25.hash @@ -1 +1 @@ -ec657a2afa392ed8e02c27bca52a0dd56d8fad7bf7a1c713bba087f5149060b2 +8a7f2f7a5acbcc5ae32ae21d5e88ee2bb20548bdb0f84bed357b1a7e86da80dc diff --git a/src/share/yang/modules/hashes/kea-types@2025-06-25.hash b/src/share/yang/modules/hashes/kea-types@2025-06-25.hash index 0b5ae735ed..ce221eed5b 100644 --- a/src/share/yang/modules/hashes/kea-types@2025-06-25.hash +++ b/src/share/yang/modules/hashes/kea-types@2025-06-25.hash @@ -1 +1 @@ -64d66c96f2375efd9481e08bab2da362b8f607974666d787324f7fb730f82ada +b4e86b82d8cff06fb0c4a06ec30e6f77db01271b25ffe2bd3f3e2c7f7f4ba340 diff --git a/src/share/yang/modules/kea-dhcp-types@2025-06-25.yang b/src/share/yang/modules/kea-dhcp-types@2025-06-25.yang index 178783e0eb..3de29cf2a7 100644 --- a/src/share/yang/modules/kea-dhcp-types@2025-06-25.yang +++ b/src/share/yang/modules/kea-dhcp-types@2025-06-25.yang @@ -131,14 +131,14 @@ module kea-dhcp-types { grouping deprecated-control-socket { container control-socket { presence ""; - uses kea:control-socket-info; + uses kea:control-socket-data; } } grouping control-sockets { description "Control sockets grouping."; list control-sockets { - key "socket-type"; + key socket-type; description "List of control sockets."; uses kea:control-socket-data; } diff --git a/src/share/yang/modules/kea-types@2025-06-25.yang b/src/share/yang/modules/kea-types@2025-06-25.yang index a9ef323689..81e6659d4d 100644 --- a/src/share/yang/modules/kea-types@2025-06-25.yang +++ b/src/share/yang/modules/kea-types@2025-06-25.yang @@ -45,12 +45,32 @@ module kea-types { grouping control-sockets { description "Control sockets grouping."; list control-sockets { - key "socket-type"; + key socket-type; description "List of control sockets."; uses control-socket-data; } } + grouping control-socket-tls { + description "Control socket TLS parameters."; + leaf trust-anchor { + type string; + description "TLS trust anchor (Certificate Authority)."; + } + leaf cert-file { + type string; + description "TLS server certificate file name."; + } + leaf key-file { + type string; + description "TLS server private key file name."; + } + leaf cert-required { + type boolean; + description "TLS require client certificates flag."; + } + } + grouping control-socket-info { description "Control socket parameters."; leaf socket-name { @@ -71,6 +91,9 @@ module kea-types { type user-context; description "Control socket user context."; } + uses control-socket-tls; + uses http-headers; + uses authentication; } grouping control-socket-data { @@ -102,22 +125,7 @@ module kea-types { type string; description "HTTP/HTTPS socket port."; } - leaf trust-anchor { - type string; - description "TLS trust anchor (Certificate Authority)."; - } - leaf cert-file { - type string; - description "TLS server certificate file name."; - } - leaf key-file { - type string; - description "TLS server private key file name."; - } - leaf cert-required { - type boolean; - description "TLS require client certificates flag."; - } + uses control-socket-tls; uses http-headers; uses authentication; }