Skip to content

Commit

Permalink
Install advancetls package to support crl. (#318)
Browse files Browse the repository at this point in the history 
Install advancetls package to support crl.

#### Why I did it
Support certificate revocation list.

#### How I did it
Install advancetls package to support crl.
Improve make file.

#### How to verify it
Manually test.
Add new UT.

#### Work item tracking
Microsoft ADO (number only): 27146924

#### Which release branch to backport (provide reason below if selected)

<!--
- Note we only backport fixes to a release branch, *not* features!
- Please also provide a reason for the backporting below.
- e.g.
- [x] 202006
-->

- [ ] 201811
- [ ] 201911
- [ ] 202006
- [ ] 202012
- [ ] 202106
- [ ] 202111

#### Description for the changelog
Upgrade crypto package to v0.24.0 to support crl

#### Link to config_db schema for YANG module changes
<!--
Provide a link to config_db schema for the table for which YANG model
is defined
Link should point to correct section on https://github.com/Azure/SONiC/wiki/Configuration.
-->

#### A picture of a cute animal (not mandatory but encouraged)
  • Loading branch information
@liuh-80
liuh-80 authored Nov 19, 2024
1 parent 883d617 commit e0f0924
Show file tree
Hide file tree
Showing 4 changed files with 145 additions and 56 deletions.
47 changes: 36 additions & 11 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,18 +49,18 @@ go.mod:

$(GO_DEPS): go.mod $(PATCHES) swsscommon_wrap
$(GO) mod vendor
$(GO) mod download golang.org/x/[email protected]
$(GO) mod download github.com/jipanyang/[email protected]
cp -r $(GOPATH)/pkg/mod/golang.org/x/[email protected]/* vendor/golang.org/x/crypto/
cp -r $(GOPATH)/pkg/mod/github.com/jipanyang/[email protected]/* vendor/github.com/jipanyang/gnxi/

# Apply patch from sonic-mgmt-common, ignore glog.patch because glog version changed
sed -i 's/patch -d $${DEST_DIR}\/github.com\/golang\/glog/\#patch -d $${DEST_DIR}\/github.com\/golang\/glog/g' $(MGMT_COMMON_DIR)/patches/apply.sh
$(MGMT_COMMON_DIR)/patches/apply.sh vendor
sed -i 's/#patch -d $${DEST_DIR}\/github.com\/golang\/glog/patch -d $${DEST_DIR}\/github.com\/golang\/glog/g' $(MGMT_COMMON_DIR)/patches/apply.sh

chmod -R u+w vendor
patch -d vendor -p0 < patches/gnmi_cli.all.patch
patch -d vendor -p0 < patches/gnmi_set.patch
patch -d vendor -p0 < patches/gnmi_get.patch
patch -d vendor -p0 < patches/gnmi_path.patch
patch -d vendor -p0 < patches/gnmi_xpath.patch
git apply patches/0001-Updated-to-filter-and-write-to-file.patch

touch $@

go-deps: $(GO_DEPS)
Expand All @@ -69,28 +69,53 @@ go-deps-clean:
$(RM) -r vendor

sonic-gnmi: $(GO_DEPS)
# advancetls 1.0.0 release need following patch to build by go-1.19
# patch -d vendor -p0 < patches/0002-Fix-advance-tls-build-with-go-119.patch
# build service first which depends on advancetls
ifeq ($(CROSS_BUILD_ENVIRON),y)
$(GO) build -o ${GOBIN}/telemetry -mod=vendor $(BLD_FLAGS) github.com/sonic-net/sonic-gnmi/telemetry
ifneq ($(ENABLE_DIALOUT_VALUE),0)
$(GO) build -o ${GOBIN}/dialout_client_cli -mod=vendor $(BLD_FLAGS) github.com/sonic-net/sonic-gnmi/dialout/dialout_client_cli
endif
$(GO) build -o ${GOBIN}/gnmi_get -mod=vendor github.com/jipanyang/gnxi/gnmi_get
$(GO) build -o ${GOBIN}/gnmi_set -mod=vendor github.com/jipanyang/gnxi/gnmi_set
$(GO) build -o ${GOBIN}/gnmi_cli -mod=vendor github.com/openconfig/gnmi/cmd/gnmi_cli
$(GO) build -o ${GOBIN}/gnoi_client -mod=vendor github.com/sonic-net/sonic-gnmi/gnoi_client
$(GO) build -o ${GOBIN}/gnmi_dump -mod=vendor github.com/sonic-net/sonic-gnmi/gnmi_dump
else
$(GO) install -mod=vendor $(BLD_FLAGS) github.com/sonic-net/sonic-gnmi/telemetry
ifneq ($(ENABLE_DIALOUT_VALUE),0)
$(GO) install -mod=vendor $(BLD_FLAGS) github.com/sonic-net/sonic-gnmi/dialout/dialout_client_cli
endif
$(GO) install -mod=vendor github.com/sonic-net/sonic-gnmi/gnoi_client
$(GO) install -mod=vendor github.com/sonic-net/sonic-gnmi/gnmi_dump
endif

# download and apply patch for gnmi client, which will break advancetls
# backup crypto and gnxi
mkdir backup_crypto
cp -r vendor/golang.org/x/crypto/* backup_crypto/

# download and patch crypto and gnxi
$(GO) mod download golang.org/x/[email protected]
cp -r $(GOPATH)/pkg/mod/golang.org/x/[email protected]/* vendor/golang.org/x/crypto/
chmod -R u+w vendor
patch -d vendor -p0 < patches/gnmi_cli.all.patch
patch -d vendor -p0 < patches/gnmi_set.patch
patch -d vendor -p0 < patches/gnmi_get.patch
git apply patches/0001-Updated-to-filter-and-write-to-file.patch

ifeq ($(CROSS_BUILD_ENVIRON),y)
$(GO) build -o ${GOBIN}/gnmi_get -mod=vendor github.com/jipanyang/gnxi/gnmi_get
$(GO) build -o ${GOBIN}/gnmi_set -mod=vendor github.com/jipanyang/gnxi/gnmi_set
$(GO) build -o ${GOBIN}/gnmi_cli -mod=vendor github.com/openconfig/gnmi/cmd/gnmi_cli
else
$(GO) install -mod=vendor github.com/jipanyang/gnxi/gnmi_get
$(GO) install -mod=vendor github.com/jipanyang/gnxi/gnmi_set
$(GO) install -mod=vendor github.com/openconfig/gnmi/cmd/gnmi_cli
$(GO) install -mod=vendor github.com/sonic-net/sonic-gnmi/gnoi_client
$(GO) install -mod=vendor github.com/sonic-net/sonic-gnmi/gnmi_dump
endif

# restore old version
rm -rf vendor/golang.org/x/crypto/
mv backup_crypto/ vendor/golang.org/x/crypto/

swsscommon_wrap:
make -C swsscommon

Expand Down
24 changes: 14 additions & 10 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@ require (
github.com/go-redis/redis v6.15.6+incompatible
github.com/godbus/dbus/v5 v5.1.0
github.com/gogo/protobuf v1.3.2
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
github.com/golang/protobuf v1.5.0
github.com/golang/glog v1.2.0
github.com/golang/protobuf v1.5.4
github.com/google/gnxi v0.0.0-20191016182648-6697a080bc2d
github.com/jipanyang/gnmi v0.0.0-20180820232453-cb4d464fa018
github.com/jipanyang/gnxi v0.0.0-20181221084354-f0a90cca6fd0
Expand All @@ -22,10 +22,11 @@ require (
github.com/openconfig/gnmi v0.0.0-20200617225440-d2b4e6a45802
github.com/openconfig/gnoi v0.0.0-20211029052138-349b3dcd04ec
github.com/openconfig/ygot v0.7.1
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b
google.golang.org/grpc v1.33.2
google.golang.org/protobuf v1.26.0
golang.org/x/crypto v0.24.0
golang.org/x/net v0.26.0
google.golang.org/grpc v1.64.1
google.golang.org/grpc/security/advancedtls v1.0.0
google.golang.org/protobuf v1.34.1
gopkg.in/yaml.v2 v2.2.8
)

Expand All @@ -37,7 +38,7 @@ require (
github.com/cenkalti/backoff/v4 v4.0.0 // indirect
github.com/go-redis/redis/v7 v7.0.0-beta.3.0.20190824101152-d19aba07b476 // indirect
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect
github.com/google/go-cmp v0.5.5 // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/maruel/natural v1.1.1 // indirect
github.com/onsi/ginkgo v1.10.3 // indirect
github.com/onsi/gomega v1.7.1 // indirect
Expand All @@ -46,10 +47,13 @@ require (
github.com/stretchr/testify v1.9.0 // indirect
go4.org/intern v0.0.0-20211027215823-ae77deb06f29 // indirect
go4.org/unsafe/assume-no-moving-gc v0.0.0-20230525183740-e7c30c78aeb2 // indirect
golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac // indirect
golang.org/x/text v0.3.3 // indirect
golang.org/x/sys v0.26.0 // indirect
golang.org/x/text v0.16.0 // indirect
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013 // indirect
inet.af/netaddr v0.0.0-20230525184311-b8eac61e914a // indirect
)

replace github.com/Azure/sonic-mgmt-common => ../sonic-mgmt-common
replace (
github.com/Azure/sonic-mgmt-common => ../sonic-mgmt-common
golang.org/x/crypto => golang.org/x/crypto v0.24.0
)
Loading

0 comments on commit e0f0924

Please sign in to comment.