config UPDATE add missing CH augments to module

modules/libnetconf2-netconf-server.yang

@@ -254,20 +254,43 @@ module libnetconf2-netconf-server {
   }
 
   // CH auth-attempts and auth-timeout
-  augment "/ncs:netconf-server/ncs:call-home/ncs:netconf-client/ncs:endpoints/ncs:endpoint/ncs:transport/ncs:ssh/ncs:ssh/ncs:ssh-server-parameters/ncs:client-authentication" {
+  augment "/ncs:netconf-server/ncs:call-home/ncs:netconf-client/ncs:endpoints/ncs:endpoint/ncs:transport/
+          ncs:ssh/ncs:ssh/ncs:ssh-server-parameters/ncs:client-authentication" {
     leaf auth-attempts {
       type uint16;
       default 3;
+      description
+        "Represents the number of failed attempts before an authentication is deemed unsuccessful.";
     }
 
     leaf auth-timeout {
       type uint16;
       default 10;
       units "seconds";
+      description
+        "Represents the maximum amount of seconds an authentication can go on for.";
+    }
+  }
+
+  augment "/ncs:netconf-server/ncs:listen/ncs:endpoint/ncs:transport/ncs:ssh/
+          ncs:ssh/ncs:ssh-server-parameters/ncs:client-authentication/ncs:users/ncs:user" {
+    container keyboard-interactive {
+      presence "";
+      leaf pam-config-file-name {
+        type string;
+        mandatory true;
+      }
+      leaf pam-config-file-dir {
+        type string;
+      }
+      description
+        "Keyboard interactive SSH authentication method.";
     }
   }
 
-  augment "/ncs:netconf-server/ncs:listen/ncs:endpoint/ncs:transport/ncs:ssh/ncs:ssh/ncs:ssh-server-parameters/ncs:client-authentication/ncs:users/ncs:user" {
+  // CH KB int
+  augment "/ncs:netconf-server/ncs:call-home/ncs:netconf-client/ncs:endpoints/ncs:endpoint/ncs:transport/
+          ncs:ssh/ncs:ssh/ncs:ssh-server-parameters/ncs:client-authentication/ncs:users/ncs:user" {
     container keyboard-interactive {
       presence "";
       leaf pam-config-file-name {
@@ -277,10 +300,14 @@ module libnetconf2-netconf-server {
       leaf pam-config-file-dir {
         type string;
       }
+      description
+        "Keyboard interactive SSH authentication method.";
     }
   }
 
   augment "/ncs:netconf-server/ncs:listen/ncs:endpoint/ncs:transport" {
+    description
+      "Defines a new transport called UNIX socket.";
     case unix-socket {
       container unix-socket {
         leaf path {
@@ -373,4 +400,48 @@ module libnetconf2-netconf-server {
       }
     }
   }
+
+  // CH CRL
+  augment "/ncs:netconf-server/ncs:call-home/ncs:netconf-client/ncs:endpoints/ncs:endpoint/ncs:transport/
+          ncs:tls/ncs:tls/ncs:tls-server-parameters/ncs:client-authentication" {
+    description
+      "Indicates that the Call Home TLS server is using a Certificate Revocation List
+       to authenticate clients or to deny access for certain certificates.
+       The given Certificate Revocation List must be PEM or DER encoded.";
+
+    reference
+      "RFC 5280:
+         Internet X.509 Public Key Infrastructure Certificate
+         and Certificate Revocation List (CRL) Profile";
+
+    choice certificate-revocation-list {
+      leaf crl-url {
+        type string;
+        description
+          "An URL from which the Certificate Revocation List will be
+           downloaded and used. The HTTP protocol works, but other
+           protocols, such as FTP, may work as well.";
+      }
+
+      leaf crl-path {
+        type string;
+        description
+          "A path to a Certificate Revocation List file.";
+      }
+
+      leaf crl-cert-ext {
+        type empty;
+        description
+          "Indicates that the Certificate Revocation List
+           Distribution Points extension will be used to fetch
+           Certificate Revocation Lists from. This will be done
+           for all the configured Certificate Authority certificates.";
+
+        reference
+          "RFC 5280:
+             Internet X.509 Public Key Infrastructure Certificate
+             and Certificate Revocation List (CRL) Profile, Section 4.2.1.13";
+      }
+    }
+  }
 }