yc.o sync (#1588)

* Cronjob - daily check of IETF modules. --------- Co-authored-by: Miroslav Kovac <[email protected]>
YangModels · Oct 6, 2024 · da0b16e · da0b16e
1 parent 92189ac
commit da0b16e
Show file tree

Hide file tree

Showing 5 changed files with 362 additions and 76 deletions.
diff --git a/...les/[email protected] → ...les/[email protected] b/...les/[email protected] → ...les/[email protected]
@@ -23,7 +23,7 @@ module ietf-system-datastore {
              <mailto:[email protected]>";
   description
     "This module defines a new YANG identity that uses the
-     ds:datastore identity defined in [RFC8342].
+     ds:conventional identity defined in [RFC8342].
 
      Copyright (c) 2024 IETF Trust and the persons identified
      as authors of the code. All rights reserved.
@@ -39,7 +39,7 @@ module ietf-system-datastore {
      (https://www.rfc-editor.org/info/rfcXXXX); see the RFC
      itself for full legal notices.";
 
-  revision 2024-06-18 {
+  revision 2024-09-29 {
     description
       "Initial version.";
     reference

diff --git a/experimental/ietf-extracted-YANG-modules/[email protected] b/experimental/ietf-extracted-YANG-modules/[email protected]
@@ -258,7 +258,7 @@ module ietf-system-secure-tacacs {
        and requested by the TLS server when establishing a TLS
        session, these credentials are passed in the Certificate
        message.";
-     choice ref-or-explicit {
+    choice ref-or-explicit {
       description
         "A choice between a reference of explicit configuration.";
       case ref {
@@ -347,11 +347,10 @@ module ietf-system-secure-tacacs {
          using configured external PSKs.";
     }
   }
-
   grouping server-authentication-with-ref {
     description
       "Specifies how the TLS client can authenticate TLS servers.";
-     choice ref-or-explicit {
+    choice ref-or-explicit {
       description
         "A choice between a reference of explicit configuration.";
       case ref {
@@ -371,37 +370,6 @@ module ietf-system-secure-tacacs {
     }
   }
 
-  grouping test-peer-aliveness {
-    description
-      "Configures the keep-alive policy to proactively test
-       the aliveness of the TLS server.  An unresponsive TLS
-       server is dropped after approximately max-wait
-       * max-attempts seconds.";
-    reference
-      "RFC 6520: Transport Layer Security (TLS) and Datagram
-                 Transport Layer Security (DTLS) Heartbeat
-                 Extension";
-    leaf max-wait {
-      type uint16 {
-        range "1..max";
-      }
-      units "seconds";
-      default "30";
-      description
-        "Sets the amount of time in seconds after which if no data
-         has been received from the TLS server, a TLS-level message
-         will be sent to test the aliveness of the TLS server.";
-    }
-    leaf max-attempts {
-      type uint8;
-      default "3";
-      description
-        "Sets the maximum number of sequential keep-alive messages
-         that can fail to obtain a response from the TLS server
-         before assuming the TLS server is no longer alive.";
-    }
-  }
-
   grouping hello-params {
     description
       "Configurable parameters for the TLS hello message.";
@@ -424,32 +392,6 @@ module ietf-system-secure-tacacs {
     }
   }
 
-  grouping keepalives {
-    description
-      "Configures the keepalive policy for the TLS client.";
-    nacm:default-deny-write;
-    leaf peer-allowed-to-send {
-      type empty;
-      description
-        "Indicates that the remote TLS server is allowed to send
-         HeartbeatRequest messages to this TLS client.";
-      reference
-        "RFC 6520: Transport Layer Security (TLS) and Datagram
-                   Transport Layer Security (DTLS) Heartbeat
-                   Extension";
-    }
-    container test-peer-aliveness {
-      presence "Indicates that the TLS client proactively tests the
-                aliveness of the remote TLS server.";
-      description
-        "Configures the keep-alive policy to proactively test the
-         aliveness of the TLS server.  An unresponsive TLS server is
-         dropped after approximately max-wait * max-attempts
-         seconds.";
-      uses test-peer-aliveness;
-    }
-  }
-
   grouping tls-client {
     description
       "A grouping for configuring a TLS client without any
@@ -480,12 +422,6 @@ module ietf-system-secure-tacacs {
         "Configurable parameters for the TLS hello message.";
       uses hello-params;
     }
-    container keepalives {
-      if-feature "tlsc:tls-client-keepalives";
-      description
-        "Configures the keepalive policy for the TLS client.";
-      uses keepalives;
-    }
   }
 
   grouping tcp-server-info {
@@ -512,6 +448,38 @@ module ietf-system-secure-tacacs {
     }
   }
 
+  // currently not used
+
+  grouping tls-grouping-reuse {
+    description
+      "A grouping for TLS with TLS1.2 and keepalive removed.";
+    uses tlsc:tls-client-grouping {
+      refine "client-identity/auth-type/tls12-psk" {
+        if-feature "not tlsc:client-ident-tls12-psk";
+      }
+      refine "server-authentication/tls12-psks" {
+        if-feature "not tlsc:server-auth-tls12-psk";
+      }
+      refine "hello-params/tls-versions/min" {
+        must "not(derived-from-or-self(current(), "
+           + "'tlscmn:tls12'))" {
+          error-message
+                "TLS 1.2 is not supported as min TLS version";
+        }
+      }
+      refine "hello-params/tls-versions/max" {
+        must "not(derived-from-or-self(current(), "
+           + "'tlscmn:tls12'))" {
+          error-message
+                "TLS 1.2 is not supported as max TLS version";
+        }
+      }
+      refine "keepalives" {
+        if-feature "not tlsc:tls-client-keepalives";
+      }
+    }
+  }
+
   augment "/sys:system/sys-tcs-plus:tacacs-plus" {
     description
       "A list of client credentials to be referenced.";
@@ -571,9 +539,8 @@ module ietf-system-secure-tacacs {
     }
   }
 
-  augment
-    "/sys:system/sys-tcs-plus:tacacs-plus/sys-tcs-plus:server"
-  + "/sys-tcs-plus:security" {
+  augment "/sys:system/sys-tcs-plus:tacacs-plus/sys-tcs-plus:server"
+        + "/sys-tcs-plus:security" {
     description
       "Adds TLS case.";
     case tls {

diff --git a/standard/iana/yang-parameters.xml b/standard/iana/yang-parameters.xml
@@ -4,7 +4,7 @@
 <registry xmlns="http://www.iana.org/assignments" id="yang-parameters">
   <title>YANG Parameters</title>
   <created>2010-06-10</created>
-  <updated>2024-09-27</updated>
+  <updated>2024-10-02</updated>
 
   <registry id="yang-parameters-1">
     <title>YANG Module Names</title>
@@ -1229,15 +1229,15 @@ and <xref type="registry" data="safi-namespace">Subsequent Address Family Identi
       <xref type="rfc" data="rfc8561"/>
       <notes/>
     </record>
-    <record date="2024-04-04">
+    <record date="2024-04-04" updated="2024-10-02">
       <name>ietf-microwave-topology</name>
       <iana>N</iana>
-      <file type="yang"/>
+      <file type="yang">[email protected]</file>
       <namespace>urn:ietf:params:xml:ns:yang:ietf-microwave-topology</namespace>
       <prefix>mwt</prefix>
       <module/>
-      <xref type="draft" data="RFC-ietf-ccamp-mw-topo-yang-12"/>
-      <notes><xref type="draft" data="RFC-ietf-ccamp-mw-topo-yang-12"/>'s module file will be posted upon the document's publication as an RFC.</notes>
+      <xref type="rfc" data="rfc9656"/>
+      <notes/>
     </record>
     <record date="2019-02-01">
       <name>ietf-microwave-types</name>

diff --git a/standard/ietf/RFC/ietf-microwave-topology.yang b/standard/ietf/RFC/ietf-microwave-topology.yang
@@ -0,0 +1 @@
+ietf-microwave-topology@2024-09-30.yang