Teach NETCONF about YANG 1.1 actions in cluster topology

[netconf.git] / netconf / netconf-topology / src / main / java / org / opendaylight / netconf / topology / AbstractNetconfTopology.java
diff --git a/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/AbstractNetconfTopology.java b/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/AbstractNetconfTopology.java

index 324ec84727551de3c863a0a2c45ec9984b80c2d8..5c73e643a04bc7a1c4d4faac886f94dc4d3ce7b1 100644 (file)
--- a/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/AbstractNetconfTopology.java
+++ b/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/AbstractNetconfTopology.java
@@ -5,51 +5,44 @@
   * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   * and is available at http://www.eclipse.org/legal/epl-v10.html
   */
-
  package org.opendaylight.netconf.topology;
  
-import com.google.common.base.Optional;
+import static java.util.Objects.requireNonNull;
+
+import com.google.common.annotations.VisibleForTesting;
  import com.google.common.base.Preconditions;
  import com.google.common.base.Strings;
  import com.google.common.collect.Lists;
-import com.google.common.collect.Sets;
  import com.google.common.util.concurrent.FutureCallback;
  import com.google.common.util.concurrent.Futures;
  import com.google.common.util.concurrent.ListenableFuture;
  import com.google.common.util.concurrent.ListeningExecutorService;
  import com.google.common.util.concurrent.MoreExecutors;
  import com.google.common.util.concurrent.Uninterruptibles;
-import io.netty.handler.ssl.SslHandler;
  import io.netty.util.concurrent.EventExecutor;
  import java.io.File;
-import java.io.IOException;
  import java.math.BigDecimal;
  import java.net.InetSocketAddress;
  import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
  import java.util.ArrayList;
  import java.util.HashMap;
  import java.util.List;
  import java.util.Map;
-import java.util.Set;
+import java.util.Optional;
  import java.util.concurrent.TimeUnit;
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.TrustManagerFactory;
  import org.opendaylight.aaa.encrypt.AAAEncryptionService;
  import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
  import org.opendaylight.controller.config.threadpool.ThreadPool;
-import org.opendaylight.controller.md.sal.binding.api.DataBroker;
-import org.opendaylight.controller.md.sal.dom.api.DOMMountPointService;
+import org.opendaylight.mdsal.binding.api.DataBroker;
+import org.opendaylight.mdsal.dom.api.DOMMountPointService;
  import org.opendaylight.netconf.api.NetconfMessage;
  import org.opendaylight.netconf.client.NetconfClientDispatcher;
  import org.opendaylight.netconf.client.NetconfClientSessionListener;
-import org.opendaylight.netconf.client.SslHandlerFactory;
  import org.opendaylight.netconf.client.conf.NetconfClientConfiguration;
  import org.opendaylight.netconf.client.conf.NetconfReconnectingClientConfiguration;
  import org.opendaylight.netconf.client.conf.NetconfReconnectingClientConfigurationBuilder;
+import org.opendaylight.netconf.nettyutil.ReconnectStrategyFactory;
+import org.opendaylight.netconf.nettyutil.TimedReconnectStrategyFactory;
  import org.opendaylight.netconf.nettyutil.handler.ssh.authentication.AuthenticationHandler;
  import org.opendaylight.netconf.nettyutil.handler.ssh.authentication.LoginPasswordHandler;
  import org.opendaylight.netconf.sal.connect.api.DeviceActionFactory;
@@ -69,17 +62,15 @@ import org.opendaylight.netconf.sal.connect.netconf.sal.KeepaliveSalFacade;
  import org.opendaylight.netconf.sal.connect.netconf.sal.NetconfKeystoreAdapter;
  import org.opendaylight.netconf.sal.connect.netconf.schema.YangLibrarySchemaYangSourceProvider;
  import org.opendaylight.netconf.sal.connect.util.RemoteDeviceId;
+import org.opendaylight.netconf.sal.connect.util.SslHandlerFactoryImpl;
  import org.opendaylight.netconf.topology.api.NetconfTopology;
  import org.opendaylight.netconf.topology.api.SchemaRepositoryProvider;
-import org.opendaylight.protocol.framework.ReconnectStrategy;
-import org.opendaylight.protocol.framework.ReconnectStrategyFactory;
-import org.opendaylight.protocol.framework.TimedReconnectStrategy;
  import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
  import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.optional.rev190614.NetconfNodeAugmentedOptional;
  import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.NetconfNode;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol;
  import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol.Name;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.protocol.Specification;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.protocol.specification.TlsCase;
  import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.status.available.capabilities.AvailableCapability.CapabilityOrigin;
  import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.Credentials;
  import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.KeyAuth;
@@ -90,9 +81,10 @@ import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev15
  import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.login.pw.unencrypted.LoginPasswordUnencrypted;
  import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
  import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
+import org.opendaylight.yangtools.yang.model.repo.api.EffectiveModelContextFactory;
  import org.opendaylight.yangtools.yang.model.repo.api.SchemaContextFactory;
+import org.opendaylight.yangtools.yang.model.repo.api.SchemaContextFactoryConfiguration;
  import org.opendaylight.yangtools.yang.model.repo.api.SchemaRepository;
-import org.opendaylight.yangtools.yang.model.repo.api.SchemaSourceFilter;
  import org.opendaylight.yangtools.yang.model.repo.api.SourceIdentifier;
  import org.opendaylight.yangtools.yang.model.repo.api.YangTextSchemaSource;
  import org.opendaylight.yangtools.yang.model.repo.spi.PotentialSchemaSource;
@@ -114,6 +106,7 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
      protected static final int DEFAULT_KEEPALIVE_DELAY = 0;
      protected static final boolean DEFAULT_RECONNECT_ON_CHANGED_SCHEMA = false;
      protected static final int DEFAULT_CONCURRENT_RPC_LIMIT = 0;
+    private static final boolean DEFAULT_IS_TCP_ONLY = false;
      private static final int DEFAULT_MAX_CONNECTION_ATTEMPTS = 0;
      private static final int DEFAULT_BETWEEN_ATTEMPTS_TIMEOUT_MILLIS = 2000;
      private static final long DEFAULT_CONNECTION_TIMEOUT_MILLIS = 20000L;
@@ -153,8 +146,9 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
      /**
       * The default factory for creating <code>SchemaContext</code> instances.
       */
-    private static final SchemaContextFactory DEFAULT_SCHEMA_CONTEXT_FACTORY =
-            DEFAULT_SCHEMA_REPOSITORY.createSchemaContextFactory(SchemaSourceFilter.ALWAYS_ACCEPT);
+    private static final EffectiveModelContextFactory DEFAULT_SCHEMA_CONTEXT_FACTORY =
+            DEFAULT_SCHEMA_REPOSITORY.createEffectiveModelContextFactory(
+                SchemaContextFactoryConfiguration.getDefault());
  
      /**
       * Keeps track of initialized Schema resources.  A Map is maintained in which the key represents the name
@@ -251,10 +245,24 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
  
      @Override
      public ListenableFuture<NetconfDeviceCapabilities> connectNode(final NodeId nodeId, final Node configNode) {
-        LOG.info("Connecting RemoteDevice{{}} , with config {}", nodeId, configNode);
+        LOG.info("Connecting RemoteDevice{{}} , with config {}", nodeId, hideCredentials(configNode));
          return setupConnection(nodeId, configNode);
      }
  
+    /**
+     * Hiding of private credentials from node configuration (credentials data is replaced by asterisks).
+     *
+     * @param nodeConfiguration Node configuration container.
+     * @return String representation of node configuration with credentials replaced by asterisks.
+     */
+    @VisibleForTesting
+    public static String hideCredentials(final Node nodeConfiguration) {
+        final NetconfNode netconfNodeAugmentation = nodeConfiguration.augmentation(NetconfNode.class);
+        final String nodeCredentials = netconfNodeAugmentation.getCredentials().toString();
+        final String nodeConfigurationString = nodeConfiguration.toString();
+        return nodeConfigurationString.replace(nodeCredentials, "***");
+    }
+
      @Override
      public ListenableFuture<Void> disconnectNode(final NodeId nodeId) {
          LOG.debug("Disconnecting RemoteDevice{{}}", nodeId.getValue());
@@ -273,12 +281,12 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
      protected ListenableFuture<NetconfDeviceCapabilities> setupConnection(final NodeId nodeId,
                                                                            final Node configNode) {
          final NetconfNode netconfNode = configNode.augmentation(NetconfNode.class);
+        final NetconfNodeAugmentedOptional nodeOptional = configNode.augmentation(NetconfNodeAugmentedOptional.class);
  
-        Preconditions.checkNotNull(netconfNode.getHost());
-        Preconditions.checkNotNull(netconfNode.getPort());
-        Preconditions.checkNotNull(netconfNode.isTcpOnly());
+        requireNonNull(netconfNode.getHost());
+        requireNonNull(netconfNode.getPort());
  
-        final NetconfConnectorDTO deviceCommunicatorDTO = createDeviceCommunicator(nodeId, netconfNode);
+        final NetconfConnectorDTO deviceCommunicatorDTO = createDeviceCommunicator(nodeId, netconfNode, nodeOptional);
          final NetconfDeviceCommunicator deviceCommunicator = deviceCommunicatorDTO.getCommunicator();
          final NetconfClientSessionListener netconfClientSessionListener = deviceCommunicatorDTO.getSessionListener();
          final NetconfReconnectingClientConfiguration clientConfig =
@@ -305,6 +313,11 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
      }
  
      protected NetconfConnectorDTO createDeviceCommunicator(final NodeId nodeId, final NetconfNode node) {
+        return createDeviceCommunicator(nodeId, node, null);
+    }
+
+    protected NetconfConnectorDTO createDeviceCommunicator(final NodeId nodeId, final NetconfNode node,
+            final NetconfNodeAugmentedOptional nodeOptional) {
          //setup default values since default value is not supported in mdsal
          final long defaultRequestTimeoutMillis = node.getDefaultRequestTimeoutMillis() == null
                  ? DEFAULT_REQUEST_TIMEOUT_MILLIS : node.getDefaultRequestTimeoutMillis();
@@ -365,10 +378,12 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
                      .setSchemaResourcesDTO(schemaResourcesDTO)
                      .setGlobalProcessingExecutor(this.processingExecutor)
                      .setId(remoteDeviceId)
-                    .setSalFacade(salFacade);
-            if (this.deviceActionFactory != null) {
-                netconfDeviceBuilder.setDeviceActionFactory(this.deviceActionFactory);
-            }
+                    .setSalFacade(salFacade)
+                    .setNode(node)
+                    .setEventExecutor(eventExecutor)
+                    .setNodeOptional(nodeOptional)
+                    .setDeviceActionFactory(deviceActionFactory);
+
              device = netconfDeviceBuilder.build();
          }
  
@@ -440,8 +455,8 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
       */
      private NetconfDevice.SchemaResourcesDTO createSchemaResourcesDTO(final String moduleSchemaCacheDirectory) {
          final SharedSchemaRepository repository = new SharedSchemaRepository(moduleSchemaCacheDirectory);
-        final SchemaContextFactory contextFactory
-                = repository.createSchemaContextFactory(SchemaSourceFilter.ALWAYS_ACCEPT);
+        final EffectiveModelContextFactory contextFactory
+                = repository.createEffectiveModelContextFactory(SchemaContextFactoryConfiguration.getDefault());
          setSchemaRegistry(repository);
          setSchemaContextFactory(contextFactory);
          final FilesystemSchemaSourceCache<YangTextSchemaSource> deviceCache =
@@ -490,37 +505,41 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
                  ? DEFAULT_MAX_CONNECTION_ATTEMPTS : node.getMaxConnectionAttempts();
          final int betweenAttemptsTimeoutMillis = node.getBetweenAttemptsTimeoutMillis() == null
                  ? DEFAULT_BETWEEN_ATTEMPTS_TIMEOUT_MILLIS : node.getBetweenAttemptsTimeoutMillis();
+        final boolean useTcp = node.isTcpOnly() == null ? DEFAULT_IS_TCP_ONLY : node.isTcpOnly();
          final BigDecimal sleepFactor = node.getSleepFactor() == null ? DEFAULT_SLEEP_FACTOR : node.getSleepFactor();
  
          final InetSocketAddress socketAddress = getSocketAddress(node.getHost(), node.getPort().getValue());
  
          final ReconnectStrategyFactory sf = new TimedReconnectStrategyFactory(eventExecutor,
                  maxConnectionAttempts, betweenAttemptsTimeoutMillis, sleepFactor);
-        final ReconnectStrategy strategy = sf.createReconnectStrategy();
  
-        final NetconfReconnectingClientConfigurationBuilder reconnectingClientConfigurationBuilder =
-                NetconfReconnectingClientConfigurationBuilder.create();
-
-        if (node.isTcpOnly() || node.getProtocol() == null || node.getProtocol().getName() == Name.SSH) {
-            final AuthenticationHandler authHandler = getHandlerFromCredentials(node.getCredentials());
-            reconnectingClientConfigurationBuilder
-                .withAuthHandler(authHandler)
-                .withProtocol(node.isTcpOnly() ? NetconfClientConfiguration.NetconfClientProtocol.TCP :
-                    NetconfClientConfiguration.NetconfClientProtocol.SSH);
-        } else if (node.getProtocol().getName() == Name.TLS) {
-            final SslHandlerFactory sslHandlerFactory = new SslHandlerFactoryImpl(keystoreAdapter,
-                    node.getProtocol().getSpecification());
-            reconnectingClientConfigurationBuilder
-                .withSslHandlerFactory(sslHandlerFactory)
+        final NetconfReconnectingClientConfigurationBuilder reconnectingClientConfigurationBuilder;
+        final Protocol protocol = node.getProtocol();
+        if (useTcp) {
+            reconnectingClientConfigurationBuilder = NetconfReconnectingClientConfigurationBuilder.create()
+                    .withProtocol(NetconfClientConfiguration.NetconfClientProtocol.TCP)
+                    .withAuthHandler(getHandlerFromCredentials(node.getCredentials()));
+        } else if (protocol == null || protocol.getName() == Name.SSH) {
+            reconnectingClientConfigurationBuilder = NetconfReconnectingClientConfigurationBuilder.create()
+                    .withProtocol(NetconfClientConfiguration.NetconfClientProtocol.SSH)
+                    .withAuthHandler(getHandlerFromCredentials(node.getCredentials()));
+        } else if (protocol.getName() == Name.TLS) {
+            reconnectingClientConfigurationBuilder = NetconfReconnectingClientConfigurationBuilder.create()
+                .withSslHandlerFactory(new SslHandlerFactoryImpl(keystoreAdapter, protocol.getSpecification()))
                  .withProtocol(NetconfClientConfiguration.NetconfClientProtocol.TLS);
          } else {
-            throw new IllegalStateException("Unsupported protocol type: " + node.getProtocol().getName().getClass());
+            throw new IllegalStateException("Unsupported protocol type: " + protocol.getName());
+        }
+
+        if (node.getOdlHelloMessageCapabilities() != null) {
+            reconnectingClientConfigurationBuilder
+                    .withOdlHelloCapabilities(node.getOdlHelloMessageCapabilities().getCapability());
          }
  
          return reconnectingClientConfigurationBuilder
                  .withAddress(socketAddress)
                  .withConnectionTimeoutMillis(clientConnectionTimeoutMillis)
-                .withReconnectStrategy(strategy)
+                .withReconnectStrategy(sf.createReconnectStrategy())
                  .withConnectStrategyFactory(sf)
                  .withSessionListener(listener)
                  .build();
@@ -570,7 +589,7 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
          // if none of yang-module-capabilities or non-module-capabilities is specified
          // just return absent
          if (node.getYangModuleCapabilities() == null && node.getNonModuleCapabilities() == null) {
-            return Optional.absent();
+            return Optional.empty();
          }
  
          final List<String> capabilities = new ArrayList<>();
@@ -597,32 +616,6 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
              .fromStrings(capabilities, CapabilityOrigin.UserDefined), overrideYangModuleCaps, overrideNonModuleCaps));
      }
  
-    private static final class TimedReconnectStrategyFactory implements ReconnectStrategyFactory {
-        private final Long connectionAttempts;
-        private final EventExecutor executor;
-        private final double sleepFactor;
-        private final int minSleep;
-
-        TimedReconnectStrategyFactory(final EventExecutor executor, final Long maxConnectionAttempts,
-                                      final int minSleep, final BigDecimal sleepFactor) {
-            if (maxConnectionAttempts != null && maxConnectionAttempts > 0) {
-                connectionAttempts = maxConnectionAttempts;
-            } else {
-                connectionAttempts = null;
-            }
-
-            this.sleepFactor = sleepFactor.doubleValue();
-            this.executor = executor;
-            this.minSleep = minSleep;
-        }
-
-        @Override
-        public ReconnectStrategy createReconnectStrategy() {
-            return new TimedReconnectStrategy(executor, minSleep,
-                    minSleep, sleepFactor, null /*maxSleep*/, connectionAttempts, null /*deadline*/);
-        }
-    }
-
      protected static class NetconfConnectorDTO implements AutoCloseable {
  
          private final NetconfDeviceCommunicator communicator;
@@ -652,50 +645,4 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
              facade.close();
          }
      }
-
-    private static final class SslHandlerFactoryImpl implements SslHandlerFactory {
-        private final NetconfKeystoreAdapter keystoreAdapter;
-        private final Optional<Specification> specOptional;
-
-        SslHandlerFactoryImpl(final NetconfKeystoreAdapter keystoreAdapter, final Specification specification) {
-            this.keystoreAdapter = keystoreAdapter;
-            this.specOptional = Optional.fromNullable(specification);
-        }
-
-        @Override
-        public SslHandler createSslHandler() {
-            try {
-                final KeyStore keyStore = keystoreAdapter.getJavaKeyStore();
-
-                final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
-                kmf.init(keyStore, "".toCharArray());
-
-                final TrustManagerFactory tmf =
-                        TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-                tmf.init(keyStore);
-
-                final SSLContext sslCtx = SSLContext.getInstance("TLS");
-                sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
-                final SSLEngine engine = sslCtx.createSSLEngine();
-                engine.setUseClientMode(true);
-
-                final Set<String> protocols = Sets.newHashSet(engine.getSupportedProtocols());
-                if (specOptional.isPresent()) {
-                    final Specification specification = specOptional.get();
-                    if (!(specification instanceof TlsCase)) {
-                        throw new IllegalArgumentException("Cannot get TLS specification from: " + specification);
-                    }
-                    protocols.removeAll(((TlsCase)specification).getTls().getExcludedVersions());
-                }
-
-                engine.setEnabledProtocols(protocols.toArray(new String[0]));
-                engine.setEnabledCipherSuites(engine.getSupportedCipherSuites());
-                engine.setEnableSessionCreation(true);
-
-                return new SslHandler(engine);
-            } catch (GeneralSecurityException | IOException exc) {
-                throw new IllegalStateException(exc);
-            }
-        }
-    }
  }