* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* and is available at http://www.eclipse.org/legal/epl-v10.html
*/
-
package org.opendaylight.netconf.topology;
import com.google.common.base.Optional;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import com.google.common.collect.Lists;
-import com.google.common.collect.Sets;
import com.google.common.util.concurrent.FutureCallback;
import com.google.common.util.concurrent.Futures;
import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.ListeningExecutorService;
import com.google.common.util.concurrent.MoreExecutors;
import com.google.common.util.concurrent.Uninterruptibles;
-import io.netty.handler.ssl.SslHandler;
import io.netty.util.concurrent.EventExecutor;
import java.io.File;
-import java.io.IOException;
import java.math.BigDecimal;
import java.net.InetSocketAddress;
import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import java.util.Set;
import java.util.concurrent.TimeUnit;
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.TrustManagerFactory;
import org.opendaylight.aaa.encrypt.AAAEncryptionService;
import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
import org.opendaylight.controller.config.threadpool.ThreadPool;
-import org.opendaylight.controller.md.sal.binding.api.DataBroker;
-import org.opendaylight.controller.md.sal.dom.api.DOMMountPointService;
+import org.opendaylight.mdsal.binding.api.DataBroker;
+import org.opendaylight.mdsal.dom.api.DOMMountPointService;
import org.opendaylight.netconf.api.NetconfMessage;
import org.opendaylight.netconf.client.NetconfClientDispatcher;
import org.opendaylight.netconf.client.NetconfClientSessionListener;
-import org.opendaylight.netconf.client.SslHandlerFactory;
import org.opendaylight.netconf.client.conf.NetconfClientConfiguration;
import org.opendaylight.netconf.client.conf.NetconfReconnectingClientConfiguration;
import org.opendaylight.netconf.client.conf.NetconfReconnectingClientConfigurationBuilder;
+import org.opendaylight.netconf.nettyutil.ReconnectStrategyFactory;
+import org.opendaylight.netconf.nettyutil.TimedReconnectStrategyFactory;
import org.opendaylight.netconf.nettyutil.handler.ssh.authentication.AuthenticationHandler;
import org.opendaylight.netconf.nettyutil.handler.ssh.authentication.LoginPasswordHandler;
import org.opendaylight.netconf.sal.connect.api.DeviceActionFactory;
import org.opendaylight.netconf.sal.connect.netconf.sal.NetconfKeystoreAdapter;
import org.opendaylight.netconf.sal.connect.netconf.schema.YangLibrarySchemaYangSourceProvider;
import org.opendaylight.netconf.sal.connect.util.RemoteDeviceId;
+import org.opendaylight.netconf.sal.connect.util.SslHandlerFactoryImpl;
import org.opendaylight.netconf.topology.api.NetconfTopology;
import org.opendaylight.netconf.topology.api.SchemaRepositoryProvider;
-import org.opendaylight.protocol.framework.ReconnectStrategy;
-import org.opendaylight.protocol.framework.ReconnectStrategyFactory;
-import org.opendaylight.protocol.framework.TimedReconnectStrategy;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.optional.rev190614.NetconfNodeAugmentedOptional;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.NetconfNode;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.Protocol.Name;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.protocol.Specification;
-import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.protocol.specification.TlsCase;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.status.available.capabilities.AvailableCapability.CapabilityOrigin;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.Credentials;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.KeyAuth;
protected ListenableFuture<NetconfDeviceCapabilities> setupConnection(final NodeId nodeId,
final Node configNode) {
final NetconfNode netconfNode = configNode.augmentation(NetconfNode.class);
+ final NetconfNodeAugmentedOptional nodeOptional = configNode.augmentation(NetconfNodeAugmentedOptional.class);
Preconditions.checkNotNull(netconfNode.getHost());
Preconditions.checkNotNull(netconfNode.getPort());
Preconditions.checkNotNull(netconfNode.isTcpOnly());
- final NetconfConnectorDTO deviceCommunicatorDTO = createDeviceCommunicator(nodeId, netconfNode);
+ final NetconfConnectorDTO deviceCommunicatorDTO = createDeviceCommunicator(nodeId, netconfNode, nodeOptional);
final NetconfDeviceCommunicator deviceCommunicator = deviceCommunicatorDTO.getCommunicator();
final NetconfClientSessionListener netconfClientSessionListener = deviceCommunicatorDTO.getSessionListener();
final NetconfReconnectingClientConfiguration clientConfig =
}
protected NetconfConnectorDTO createDeviceCommunicator(final NodeId nodeId, final NetconfNode node) {
+ return createDeviceCommunicator(nodeId, node, null);
+ }
+
+ protected NetconfConnectorDTO createDeviceCommunicator(final NodeId nodeId, final NetconfNode node,
+ final NetconfNodeAugmentedOptional nodeOptional) {
//setup default values since default value is not supported in mdsal
final long defaultRequestTimeoutMillis = node.getDefaultRequestTimeoutMillis() == null
? DEFAULT_REQUEST_TIMEOUT_MILLIS : node.getDefaultRequestTimeoutMillis();
.setSchemaResourcesDTO(schemaResourcesDTO)
.setGlobalProcessingExecutor(this.processingExecutor)
.setId(remoteDeviceId)
- .setSalFacade(salFacade);
+ .setSalFacade(salFacade)
+ .setNode(node)
+ .setEventExecutor(eventExecutor)
+ .setNodeOptional(nodeOptional);
if (this.deviceActionFactory != null) {
netconfDeviceBuilder.setDeviceActionFactory(this.deviceActionFactory);
}
final ReconnectStrategyFactory sf = new TimedReconnectStrategyFactory(eventExecutor,
maxConnectionAttempts, betweenAttemptsTimeoutMillis, sleepFactor);
- final ReconnectStrategy strategy = sf.createReconnectStrategy();
-
- final NetconfReconnectingClientConfigurationBuilder reconnectingClientConfigurationBuilder =
- NetconfReconnectingClientConfigurationBuilder.create();
- if (node.isTcpOnly() || node.getProtocol() == null || node.getProtocol().getName() == Name.SSH) {
- final AuthenticationHandler authHandler = getHandlerFromCredentials(node.getCredentials());
- reconnectingClientConfigurationBuilder
- .withAuthHandler(authHandler)
- .withProtocol(node.isTcpOnly() ? NetconfClientConfiguration.NetconfClientProtocol.TCP :
- NetconfClientConfiguration.NetconfClientProtocol.SSH);
- } else if (node.getProtocol().getName() == Name.TLS) {
- final SslHandlerFactory sslHandlerFactory = new SslHandlerFactoryImpl(keystoreAdapter,
- node.getProtocol().getSpecification());
- reconnectingClientConfigurationBuilder
- .withSslHandlerFactory(sslHandlerFactory)
+ final NetconfReconnectingClientConfigurationBuilder reconnectingClientConfigurationBuilder;
+ final Protocol protocol = node.getProtocol();
+ if (node.isTcpOnly()) {
+ reconnectingClientConfigurationBuilder = NetconfReconnectingClientConfigurationBuilder.create()
+ .withProtocol(NetconfClientConfiguration.NetconfClientProtocol.TCP)
+ .withAuthHandler(getHandlerFromCredentials(node.getCredentials()));
+ } else if (protocol == null || protocol.getName() == Name.SSH) {
+ reconnectingClientConfigurationBuilder = NetconfReconnectingClientConfigurationBuilder.create()
+ .withProtocol(NetconfClientConfiguration.NetconfClientProtocol.SSH)
+ .withAuthHandler(getHandlerFromCredentials(node.getCredentials()));
+ } else if (protocol.getName() == Name.TLS) {
+ reconnectingClientConfigurationBuilder = NetconfReconnectingClientConfigurationBuilder.create()
+ .withSslHandlerFactory(new SslHandlerFactoryImpl(keystoreAdapter, protocol.getSpecification()))
.withProtocol(NetconfClientConfiguration.NetconfClientProtocol.TLS);
} else {
- throw new IllegalStateException("Unsupported protocol type: " + node.getProtocol().getName().getClass());
+ throw new IllegalStateException("Unsupported protocol type: " + protocol.getName());
}
+
if (node.getOdlHelloMessageCapabilities() != null) {
reconnectingClientConfigurationBuilder
.withOdlHelloCapabilities(node.getOdlHelloMessageCapabilities().getCapability());
return reconnectingClientConfigurationBuilder
.withAddress(socketAddress)
.withConnectionTimeoutMillis(clientConnectionTimeoutMillis)
- .withReconnectStrategy(strategy)
+ .withReconnectStrategy(sf.createReconnectStrategy())
.withConnectStrategyFactory(sf)
.withSessionListener(listener)
.build();
.fromStrings(capabilities, CapabilityOrigin.UserDefined), overrideYangModuleCaps, overrideNonModuleCaps));
}
- private static final class TimedReconnectStrategyFactory implements ReconnectStrategyFactory {
- private final Long connectionAttempts;
- private final EventExecutor executor;
- private final double sleepFactor;
- private final int minSleep;
-
- TimedReconnectStrategyFactory(final EventExecutor executor, final Long maxConnectionAttempts,
- final int minSleep, final BigDecimal sleepFactor) {
- if (maxConnectionAttempts != null && maxConnectionAttempts > 0) {
- connectionAttempts = maxConnectionAttempts;
- } else {
- connectionAttempts = null;
- }
-
- this.sleepFactor = sleepFactor.doubleValue();
- this.executor = executor;
- this.minSleep = minSleep;
- }
-
- @Override
- public ReconnectStrategy createReconnectStrategy() {
- return new TimedReconnectStrategy(executor, minSleep,
- minSleep, sleepFactor, null /*maxSleep*/, connectionAttempts, null /*deadline*/);
- }
- }
-
protected static class NetconfConnectorDTO implements AutoCloseable {
private final NetconfDeviceCommunicator communicator;
facade.close();
}
}
-
- private static final class SslHandlerFactoryImpl implements SslHandlerFactory {
- private final NetconfKeystoreAdapter keystoreAdapter;
- private final Optional<Specification> specOptional;
-
- SslHandlerFactoryImpl(final NetconfKeystoreAdapter keystoreAdapter, final Specification specification) {
- this.keystoreAdapter = keystoreAdapter;
- this.specOptional = Optional.fromNullable(specification);
- }
-
- @Override
- public SslHandler createSslHandler() {
- try {
- final KeyStore keyStore = keystoreAdapter.getJavaKeyStore();
-
- final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
- kmf.init(keyStore, "".toCharArray());
-
- final TrustManagerFactory tmf =
- TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- tmf.init(keyStore);
-
- final SSLContext sslCtx = SSLContext.getInstance("TLS");
- sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
- final SSLEngine engine = sslCtx.createSSLEngine();
- engine.setUseClientMode(true);
-
- final Set<String> protocols = Sets.newHashSet(engine.getSupportedProtocols());
- if (specOptional.isPresent()) {
- final Specification specification = specOptional.get();
- if (!(specification instanceof TlsCase)) {
- throw new IllegalArgumentException("Cannot get TLS specification from: " + specification);
- }
- protocols.removeAll(((TlsCase)specification).getTls().getExcludedVersions());
- }
-
- engine.setEnabledProtocols(protocols.toArray(new String[0]));
- engine.setEnabledCipherSuites(engine.getSupportedCipherSuites());
- engine.setEnableSessionCreation(true);
-
- return new SslHandler(engine);
- } catch (GeneralSecurityException | IOException exc) {
- throw new IllegalStateException(exc);
- }
- }
- }
}