RPC for netconf node addition. Supports encrypt option for password encryption.

Change-Id: I34beb880cbe2ccc6a3fe8e5f6cd4253f7e1938f4
Signed-off-by: Atul Gosain <atul.gosain@gmail.com>
Signed-off-by: Atul Gosain <agosain@brocade.com>

diff --git a/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/BaseCallHomeTopology.java b/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/BaseCallHomeTopology.java
index f2d01b753ef4f3e3aa08f3f39b2d87ee051edbaf..0fcfb82fc79e8268e37228fc2ff3a6fb6bab17d2 100644 (file)
--- a/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/BaseCallHomeTopology.java
+++ b/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/BaseCallHomeTopology.java
@@ -9,6 +9,7 @@
 package org.opendaylight.netconf.callhome.mount;
 
 import io.netty.util.concurrent.EventExecutor;
 package org.opendaylight.netconf.callhome.mount;
 
 import io.netty.util.concurrent.EventExecutor;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;


@@ -27,9 +28,11 @@ abstract class BaseCallHomeTopology extends AbstractNetconfTopology {
                          final ThreadPool processingExecutor,
                          final SchemaRepositoryProvider schemaRepositoryProvider,
                          final DataBroker dataBroker,
                          final ThreadPool processingExecutor,
                          final SchemaRepositoryProvider schemaRepositoryProvider,
                          final DataBroker dataBroker,

-                         final DOMMountPointService mountPointService) {
+                         final DOMMountPointService mountPointService,
+                         final AAAEncryptionService encryptionService) {

         super(topologyId, clientDispatcher, eventExecutor, keepaliveExecutor,
         super(topologyId, clientDispatcher, eventExecutor, keepaliveExecutor,

-                processingExecutor, schemaRepositoryProvider, dataBroker, mountPointService);
+              processingExecutor, schemaRepositoryProvider, dataBroker, mountPointService,
+              encryptionService);

         this.mountPointService = mountPointService;
     }
 }
         this.mountPointService = mountPointService;
     }
 }

diff --git a/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountDispatcher.java b/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountDispatcher.java
index 7db83220a2f76b6b1a6518b5dbc1cc545d08a84c..d661a9e5a3f379d744fa09964a0014f82dbac75e 100644 (file)
--- a/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountDispatcher.java
+++ b/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountDispatcher.java
@@ -12,6 +12,7 @@ import io.netty.util.concurrent.EventExecutor;
 import io.netty.util.concurrent.FailedFuture;
 import io.netty.util.concurrent.Future;
 import java.net.InetSocketAddress;
 import io.netty.util.concurrent.FailedFuture;
 import io.netty.util.concurrent.Future;
 import java.net.InetSocketAddress;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;


@@ -42,6 +43,7 @@ public class CallHomeMountDispatcher implements NetconfClientDispatcher, CallHom
     private final CallHomeMountSessionManager sessionManager;
     private final DataBroker dataBroker;
     private final DOMMountPointService mountService;
     private final CallHomeMountSessionManager sessionManager;
     private final DataBroker dataBroker;
     private final DOMMountPointService mountService;

+    private final AAAEncryptionService encryptionService;

 
     protected CallHomeTopology topology;
 
 
     protected CallHomeTopology topology;
 


@@ -56,7 +58,8 @@ public class CallHomeMountDispatcher implements NetconfClientDispatcher, CallHom
     public CallHomeMountDispatcher(final String topologyId, final EventExecutor eventExecutor,
                                    final ScheduledThreadPool keepaliveExecutor, final ThreadPool processingExecutor,
                                    final SchemaRepositoryProvider schemaRepositoryProvider, final DataBroker dataBroker,
     public CallHomeMountDispatcher(final String topologyId, final EventExecutor eventExecutor,
                                    final ScheduledThreadPool keepaliveExecutor, final ThreadPool processingExecutor,
                                    final SchemaRepositoryProvider schemaRepositoryProvider, final DataBroker dataBroker,

-                                   final DOMMountPointService mountService) {
+                                   final DOMMountPointService mountService,
+                                   final AAAEncryptionService encryptionService) {

         this.topologyId = topologyId;
         this.eventExecutor = eventExecutor;
         this.keepaliveExecutor = keepaliveExecutor;
         this.topologyId = topologyId;
         this.eventExecutor = eventExecutor;
         this.keepaliveExecutor = keepaliveExecutor;


@@ -65,6 +68,7 @@ public class CallHomeMountDispatcher implements NetconfClientDispatcher, CallHom
         this.sessionManager = new CallHomeMountSessionManager();
         this.dataBroker = dataBroker;
         this.mountService = mountService;
         this.sessionManager = new CallHomeMountSessionManager();
         this.dataBroker = dataBroker;
         this.mountService = mountService;

+        this.encryptionService = encryptionService;

     }
 
     @Override
     }
 
     @Override


@@ -89,7 +93,7 @@ public class CallHomeMountDispatcher implements NetconfClientDispatcher, CallHom
 
     void createTopology() {
         this.topology = new CallHomeTopology(topologyId, this, eventExecutor, keepaliveExecutor, processingExecutor,
 
     void createTopology() {
         this.topology = new CallHomeTopology(topologyId, this, eventExecutor, keepaliveExecutor, processingExecutor,

-                schemaRepositoryProvider, dataBroker, mountService);
+                schemaRepositoryProvider, dataBroker, mountService, encryptionService);

     }
 
     @Override
     }
 
     @Override

diff --git a/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeTopology.java b/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeTopology.java
index c722f615ceaf91db612e557583de6f1f11cdc5cd..41d121eac324074f11cc1159e43e5802021cdbe5 100644 (file)
--- a/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeTopology.java
+++ b/netconf/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeTopology.java
@@ -9,6 +9,7 @@
 package org.opendaylight.netconf.callhome.mount;
 
 import io.netty.util.concurrent.EventExecutor;
 package org.opendaylight.netconf.callhome.mount;
 
 import io.netty.util.concurrent.EventExecutor;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;


@@ -26,10 +27,11 @@ public class CallHomeTopology extends BaseCallHomeTopology {
                             final EventExecutor eventExecutor,
                             final ScheduledThreadPool keepaliveExecutor, final ThreadPool processingExecutor,
                             final SchemaRepositoryProvider schemaRepositoryProvider,
                             final EventExecutor eventExecutor,
                             final ScheduledThreadPool keepaliveExecutor, final ThreadPool processingExecutor,
                             final SchemaRepositoryProvider schemaRepositoryProvider,

-                            final DataBroker dataBroker, final DOMMountPointService mountPointService) {
+                            final DataBroker dataBroker, final DOMMountPointService mountPointService,
+                            final AAAEncryptionService encryptionService) {

         super(topologyId, clientDispatcher, eventExecutor,
                 keepaliveExecutor, processingExecutor, schemaRepositoryProvider,
         super(topologyId, clientDispatcher, eventExecutor,
                 keepaliveExecutor, processingExecutor, schemaRepositoryProvider,

-                dataBroker, mountPointService);
+                dataBroker, mountPointService, encryptionService);

     }
 
     @Override
     }
 
     @Override

diff --git a/netconf/callhome-provider/src/main/resources/org/opendaylight/blueprint/callhome-topology.xml b/netconf/callhome-provider/src/main/resources/org/opendaylight/blueprint/callhome-topology.xml
index 201c206282143538a087595ab9603a336ace62e4..ed5e6ebe9d79ea687eef4f6950dd9be7260dbfce 100755 (executable)
--- a/netconf/callhome-provider/src/main/resources/org/opendaylight/blueprint/callhome-topology.xml
+++ b/netconf/callhome-provider/src/main/resources/org/opendaylight/blueprint/callhome-topology.xml
@@ -23,6 +23,8 @@
                interface="org.opendaylight.controller.md.sal.binding.api.DataBroker"/>
     <reference id="domMountPointService"
                interface="org.opendaylight.controller.md.sal.dom.api.DOMMountPointService"/>
                interface="org.opendaylight.controller.md.sal.binding.api.DataBroker"/>
     <reference id="domMountPointService"
                interface="org.opendaylight.controller.md.sal.dom.api.DOMMountPointService"/>

+    <reference id="encryptionService"
+               interface="org.opendaylight.aaa.encrypt.AAAEncryptionService" />

 
     <bean id="schemaRepository" class="org.opendaylight.netconf.callhome.mount.SchemaRepositoryProviderImpl">
         <argument value="shared-schema-repository-impl"/>
 
     <bean id="schemaRepository" class="org.opendaylight.netconf.callhome.mount.SchemaRepositoryProviderImpl">
         <argument value="shared-schema-repository-impl"/>


@@ -44,6 +46,6 @@
         <argument ref="schemaRepository"/>
         <argument ref="dataBroker"/>
         <argument ref="domMountPointService"/>
         <argument ref="schemaRepository"/>
         <argument ref="dataBroker"/>
         <argument ref="domMountPointService"/>

+        <argument ref="encryptionService"/>

     </bean>
     </bean>

-
-</blueprint>
\ No newline at end of file
+</blueprint>

diff --git a/netconf/callhome-provider/src/test/java/org/opendaylight/netconf/callhome/mount/CallHomeMountDispatcherTest.java b/netconf/callhome-provider/src/test/java/org/opendaylight/netconf/callhome/mount/CallHomeMountDispatcherTest.java
index 1b822413a55c5809679d0b53844f9ae2c18c63c1..9ba4f72c1713a1e36c00fbc6b415cbc7f55ec618 100644 (file)
--- a/netconf/callhome-provider/src/test/java/org/opendaylight/netconf/callhome/mount/CallHomeMountDispatcherTest.java
+++ b/netconf/callhome-provider/src/test/java/org/opendaylight/netconf/callhome/mount/CallHomeMountDispatcherTest.java
@@ -22,6 +22,7 @@ import java.net.InetSocketAddress;
 import java.net.UnknownHostException;
 import org.junit.Before;
 import org.junit.Test;
 import java.net.UnknownHostException;
 import org.junit.Before;
 import org.junit.Test;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;


@@ -53,6 +54,7 @@ public class CallHomeMountDispatcherTest {
     private CallHomeMountSessionManager mockSessMgr;
     private CallHomeTopology mockTopology;
     private CallHomeProtocolSessionContext mockProtoSess;
     private CallHomeMountSessionManager mockSessMgr;
     private CallHomeTopology mockTopology;
     private CallHomeProtocolSessionContext mockProtoSess;

+    private AAAEncryptionService mockEncryptionService;

 
     @Before
     public void setup() {
 
     @Before
     public void setup() {


@@ -66,9 +68,11 @@ public class CallHomeMountDispatcherTest {
         mockSessMgr = mock(CallHomeMountSessionManager.class);
         mockTopology = mock(CallHomeTopology.class);
         mockProtoSess = mock(CallHomeProtocolSessionContext.class);
         mockSessMgr = mock(CallHomeMountSessionManager.class);
         mockTopology = mock(CallHomeTopology.class);
         mockProtoSess = mock(CallHomeProtocolSessionContext.class);

+        mockEncryptionService = mock(AAAEncryptionService.class);

 
         instance = new CallHomeMountDispatcher(topologyId, mockExecutor, mockKeepAlive,
 
         instance = new CallHomeMountDispatcher(topologyId, mockExecutor, mockKeepAlive,

-                mockProcessingExecutor, mockSchemaRepoProvider, mockDataBroker, mockMount) {
+                mockProcessingExecutor, mockSchemaRepoProvider, mockDataBroker, mockMount,
+                mockEncryptionService) {

             @Override
             public CallHomeMountSessionManager getSessionManager() {
                 return mockSessMgr;
             @Override
             public CallHomeMountSessionManager getSessionManager() {
                 return mockSessMgr;

diff --git a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/LoginPassword.java b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/LoginPassword.java
index ec9cd6cbda14db1e8719b4715bbf04ea92032922..8281a79c0444a681e5ab9e4d61acd18ffca1d019 100644 (file)
--- a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/LoginPassword.java
+++ b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/LoginPassword.java
@@ -11,6 +11,7 @@ package org.opendaylight.netconf.nettyutil.handler.ssh.authentication;
 import java.io.IOException;
 import org.apache.sshd.ClientSession;
 import org.apache.sshd.client.future.AuthFuture;
 import java.io.IOException;
 import org.apache.sshd.ClientSession;
 import org.apache.sshd.client.future.AuthFuture;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 
 /**
  * Class Providing username/password authentication option to
 
 /**
  * Class Providing username/password authentication option to


@@ -19,10 +20,16 @@ import org.apache.sshd.client.future.AuthFuture;
 public class LoginPassword extends AuthenticationHandler {
     protected final String username;
     protected final String password;
 public class LoginPassword extends AuthenticationHandler {
     protected final String username;
     protected final String password;

+    protected final AAAEncryptionService encryptionService;

 
     public LoginPassword(String username, String password) {
 
     public LoginPassword(String username, String password) {

+        this(username, password, null);
+    }
+
+    public LoginPassword(final String username, final String password, final AAAEncryptionService encryptionService) {

         this.username = username;
         this.password = password;
         this.username = username;
         this.password = password;

+        this.encryptionService = encryptionService;

     }
 
     @Override
     }
 
     @Override


@@ -32,7 +39,12 @@ public class LoginPassword extends AuthenticationHandler {
 
     @Override
     public AuthFuture authenticate(final ClientSession session) throws IOException {
 
     @Override
     public AuthFuture authenticate(final ClientSession session) throws IOException {

-        session.addPasswordIdentity(password);
+        if (encryptionService != null) {
+            String decryptedPassword = encryptionService.decrypt(password);
+            session.addPasswordIdentity(decryptedPassword);
+        } else {
+            session.addPasswordIdentity(password);
+        }

         return session.auth();
     }
 }
         return session.auth();
     }
 }

diff --git a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/PublicKeyAuth.java b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/PublicKeyAuth.java
index 283089c7d686b9463ab5ff316cbbc57e5d100c6e..420a216bd647f02caff739019969080a38262061 100644 (file)
--- a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/PublicKeyAuth.java
+++ b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/PublicKeyAuth.java
@@ -12,6 +12,7 @@ import java.io.IOException;
 import java.security.KeyPair;
 import org.apache.sshd.ClientSession;
 import org.apache.sshd.client.future.AuthFuture;
 import java.security.KeyPair;
 import org.apache.sshd.ClientSession;
 import org.apache.sshd.client.future.AuthFuture;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.aaa.encrypt.PKIUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.opendaylight.aaa.encrypt.PKIUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;


@@ -23,8 +24,9 @@ public class PublicKeyAuth extends LoginPassword {
     private KeyPair keyPair = null;
     private static final Logger LOG = LoggerFactory.getLogger(PublicKeyAuth.class);
 
     private KeyPair keyPair = null;
     private static final Logger LOG = LoggerFactory.getLogger(PublicKeyAuth.class);
 

-    public PublicKeyAuth(String username, String password, String keyPath, String passPhrase) {
-        super(username, password);
+    public PublicKeyAuth(String username, String password, String keyPath,
+            String passPhrase, AAAEncryptionService encryptionService) {
+        super(username, password, encryptionService);

         try {
             boolean isKeyPathAbsent = Strings.isNullOrEmpty(keyPath);
             passPhrase = Strings.isNullOrEmpty(passPhrase) ? "" : passPhrase;
         try {
             boolean isKeyPathAbsent = Strings.isNullOrEmpty(keyPath);
             passPhrase = Strings.isNullOrEmpty(passPhrase) ? "" : passPhrase;


@@ -43,7 +45,7 @@ public class PublicKeyAuth extends LoginPassword {
         if (keyPair != null) {
             session.addPublicKeyIdentity(keyPair);
         }
         if (keyPair != null) {
             session.addPublicKeyIdentity(keyPair);
         }

-        session.addPasswordIdentity(password);
-        return session.auth();
+
+        return super.authenticate(session);

     }
 }
     }
 }

diff --git a/netconf/netconf-topology-config/src/main/resources/org/opendaylight/blueprint/netconf-topology.xml b/netconf/netconf-topology-config/src/main/resources/org/opendaylight/blueprint/netconf-topology.xml
index d095bc0a8e0a50378437ac503c79e1ae12f6a555..3a096e5dbc01032aeadcd3d85172314bd63c8a5b 100755 (executable)
--- a/netconf/netconf-topology-config/src/main/resources/org/opendaylight/blueprint/netconf-topology.xml
+++ b/netconf/netconf-topology-config/src/main/resources/org/opendaylight/blueprint/netconf-topology.xml
@@ -28,14 +28,16 @@
     <reference id="mountPointService"
                interface="org.opendaylight.controller.md.sal.dom.api.DOMMountPointService"
                odl:type="default"/>
     <reference id="mountPointService"
                interface="org.opendaylight.controller.md.sal.dom.api.DOMMountPointService"
                odl:type="default"/>

+    <reference id="encryptionService"
+               interface="org.opendaylight.aaa.encrypt.AAAEncryptionService" />

 
     <bean id="schemaRepository" class="org.opendaylight.netconf.topology.impl.SchemaRepositoryProviderImpl">
         <argument value="shared-schema-repository-impl"/>
     </bean>
 
 
     <bean id="schemaRepository" class="org.opendaylight.netconf.topology.impl.SchemaRepositoryProviderImpl">
         <argument value="shared-schema-repository-impl"/>
     </bean>
 

-    <cm:property-placeholder persistent-id="odl-sb-netconf-client-keypair" update-strategy="none">
+    <cm:property-placeholder persistent-id="org.opendaylight.netconf.topology.sb.keypair" update-strategy="none">

       <cm:default-properties>
       <cm:default-properties>

-        <cm:property name="private-key-path" value=""/>
+        <cm:property name="private-key-path" value="etc/RSA"/>

         <cm:property name="private-key-passphrase" value=""/>
       </cm:default-properties>
     </cm:property-placeholder>
         <cm:property name="private-key-passphrase" value=""/>
       </cm:default-properties>
     </cm:property-placeholder>


@@ -43,7 +45,7 @@
     <bean id="netconfTopology" class="org.opendaylight.netconf.topology.impl.NetconfTopologyImpl"
           init-method="init"
           destroy-method="close">
     <bean id="netconfTopology" class="org.opendaylight.netconf.topology.impl.NetconfTopologyImpl"
           init-method="init"
           destroy-method="close">

-        <cm:managed-properties persistent-id="odl-sb-netconf-client-keypair"
+        <cm:managed-properties persistent-id="org.opendaylight.netconf.topology.sb.keypair"

                            update-strategy="container-managed"/>
         <argument value="topology-netconf"/>
         <argument ref="clientDispatcherDependency"/>
                            update-strategy="container-managed"/>
         <argument value="topology-netconf"/>
         <argument ref="clientDispatcherDependency"/>


@@ -55,10 +57,20 @@
         <argument ref="mountPointService"/>
         <property name="privateKeyPath" value="${private-key-path}"/>
         <property name="privateKeyPassphrase" value="${private-key-passphrase}"/>
         <argument ref="mountPointService"/>
         <property name="privateKeyPath" value="${private-key-path}"/>
         <property name="privateKeyPassphrase" value="${private-key-passphrase}"/>

+        <argument ref="encryptionService" />

     </bean>
 
     <bean id="netconfConnectorFactory" class="org.opendaylight.netconf.topology.impl.NetconfConnectorFactoryImpl"/>
     <service ref="netconfConnectorFactory" interface="org.opendaylight.netconf.topology.api.NetconfConnectorFactory"
              odl:type="default"/>
 
     </bean>
 
     <bean id="netconfConnectorFactory" class="org.opendaylight.netconf.topology.impl.NetconfConnectorFactoryImpl"/>
     <service ref="netconfConnectorFactory" interface="org.opendaylight.netconf.topology.api.NetconfConnectorFactory"
              odl:type="default"/>
 

+    <bean id="netconfNodeRegisterEncryptedRPC"
+          class="org.opendaylight.netconf.sal.connect.util.NetconfTopologyRPCProvider">
+        <argument value="topology-netconf"/>
+        <argument ref="dataBroker"/>
+        <argument ref="encryptionService"/>
+    </bean>
+
+    <odl:rpc-implementation ref="netconfNodeRegisterEncryptedRPC"/>
+

 </blueprint>
 </blueprint>

diff --git a/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/NetconfTopologyManager.java b/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/NetconfTopologyManager.java
index d031379a14bc8ced3e47dafaaa0b4adccb099ae2..1018be37cd88f70baa40415e04a7249769f7dcb5 100644 (file)
--- a/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/NetconfTopologyManager.java
+++ b/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/NetconfTopologyManager.java
@@ -19,6 +19,7 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;
 import javax.annotation.Nonnull;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;
 import javax.annotation.Nonnull;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.cluster.ActorSystemProvider;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.cluster.ActorSystemProvider;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;


@@ -75,7 +76,7 @@ public class NetconfTopologyManager
     private final String topologyId;
     private final Duration writeTxIdleTimeout;
     private final DOMMountPointService mountPointService;
     private final String topologyId;
     private final Duration writeTxIdleTimeout;
     private final DOMMountPointService mountPointService;

-
+    private final AAAEncryptionService encryptionService;

     private ListenerRegistration<NetconfTopologyManager> dataChangeListenerRegistration;
     private String privateKeyPath;
     private String privateKeyPassphrase;
     private ListenerRegistration<NetconfTopologyManager> dataChangeListenerRegistration;
     private String privateKeyPath;
     private String privateKeyPassphrase;


@@ -83,9 +84,12 @@ public class NetconfTopologyManager
     public NetconfTopologyManager(final DataBroker dataBroker, final RpcProviderRegistry rpcProviderRegistry,
                                   final ClusterSingletonServiceProvider clusterSingletonServiceProvider,
                                   final ScheduledThreadPool keepaliveExecutor, final ThreadPool processingExecutor,
     public NetconfTopologyManager(final DataBroker dataBroker, final RpcProviderRegistry rpcProviderRegistry,
                                   final ClusterSingletonServiceProvider clusterSingletonServiceProvider,
                                   final ScheduledThreadPool keepaliveExecutor, final ThreadPool processingExecutor,

-                                  final ActorSystemProvider actorSystemProvider, final EventExecutor eventExecutor,
-                                  final NetconfClientDispatcher clientDispatcher, final String topologyId,
-                                  final Config config, final DOMMountPointService mountPointService) {
+                                  final ActorSystemProvider actorSystemProvider,
+                                  final EventExecutor eventExecutor, final NetconfClientDispatcher clientDispatcher,
+                                  final String topologyId, final Config config,
+                                  final DOMMountPointService mountPointService,
+                                  final AAAEncryptionService encryptionService) {
+

         this.dataBroker = Preconditions.checkNotNull(dataBroker);
         this.rpcProviderRegistry = Preconditions.checkNotNull(rpcProviderRegistry);
         this.clusterSingletonServiceProvider = Preconditions.checkNotNull(clusterSingletonServiceProvider);
         this.dataBroker = Preconditions.checkNotNull(dataBroker);
         this.rpcProviderRegistry = Preconditions.checkNotNull(rpcProviderRegistry);
         this.clusterSingletonServiceProvider = Preconditions.checkNotNull(clusterSingletonServiceProvider);


@@ -97,6 +101,8 @@ public class NetconfTopologyManager
         this.topologyId = Preconditions.checkNotNull(topologyId);
         this.writeTxIdleTimeout = Duration.apply(config.getWriteTransactionIdleTimeout(), TimeUnit.SECONDS);
         this.mountPointService = mountPointService;
         this.topologyId = Preconditions.checkNotNull(topologyId);
         this.writeTxIdleTimeout = Duration.apply(config.getWriteTransactionIdleTimeout(), TimeUnit.SECONDS);
         this.mountPointService = mountPointService;

+        this.encryptionService = Preconditions.checkNotNull(encryptionService);
+

     }
 
     // Blueprint init method
     }
 
     // Blueprint init method


@@ -284,7 +290,8 @@ public class NetconfTopologyManager
                 .setSchemaResourceDTO(NetconfTopologyUtils.setupSchemaCacheDTO(node))
                 .setIdleTimeout(writeTxIdleTimeout)
                 .setPrivateKeyPath(privateKeyPath)
                 .setSchemaResourceDTO(NetconfTopologyUtils.setupSchemaCacheDTO(node))
                 .setIdleTimeout(writeTxIdleTimeout)
                 .setPrivateKeyPath(privateKeyPath)

-                .setPrivateKeyPassphrase(privateKeyPassphrase);
+                .setPrivateKeyPassphrase(privateKeyPassphrase)
+                .setEncryptionService(encryptionService);

 
         return builder.build();
     }
 
         return builder.build();
     }

diff --git a/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/RemoteDeviceConnectorImpl.java b/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/RemoteDeviceConnectorImpl.java
index 57bd458bf514e1614ba6c2589f4d29b9aa384bd2..acf3854a83c7289b3b9bd91ae56b1b2217043d16 100644 (file)
--- a/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/RemoteDeviceConnectorImpl.java
+++ b/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/RemoteDeviceConnectorImpl.java
@@ -26,6 +26,7 @@ import java.util.Map;
 import java.util.Objects;
 import java.util.Optional;
 import javax.annotation.Nullable;
 import java.util.Objects;
 import java.util.Optional;
 import javax.annotation.Nullable;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.md.sal.dom.api.DOMMountPointService;
 import org.opendaylight.netconf.api.NetconfMessage;
 import org.opendaylight.netconf.client.NetconfClientSessionListener;
 import org.opendaylight.controller.md.sal.dom.api.DOMMountPointService;
 import org.opendaylight.netconf.api.NetconfMessage;
 import org.opendaylight.netconf.client.NetconfClientSessionListener;


@@ -80,7 +81,7 @@ public class RemoteDeviceConnectorImpl implements RemoteDeviceConnector {
     private final Timeout actorResponseWaitTime;
     private final String privateKeyPath;
     private final String privateKeyPassphrase;
     private final Timeout actorResponseWaitTime;
     private final String privateKeyPath;
     private final String privateKeyPassphrase;

-
+    private final AAAEncryptionService encryptionService;

     private NetconfConnectorDTO deviceCommunicatorDTO;
 
     public RemoteDeviceConnectorImpl(final NetconfTopologySetup netconfTopologyDeviceSetup,
     private NetconfConnectorDTO deviceCommunicatorDTO;
 
     public RemoteDeviceConnectorImpl(final NetconfTopologySetup netconfTopologyDeviceSetup,


@@ -93,6 +94,7 @@ public class RemoteDeviceConnectorImpl implements RemoteDeviceConnector {
         this.mountService = mountService;
         this.privateKeyPath = netconfTopologyDeviceSetup.getPrivateKeyPath();
         this.privateKeyPassphrase = netconfTopologyDeviceSetup.getPrivateKeyPassphrase();
         this.mountService = mountService;
         this.privateKeyPath = netconfTopologyDeviceSetup.getPrivateKeyPath();
         this.privateKeyPassphrase = netconfTopologyDeviceSetup.getPrivateKeyPassphrase();

+        this.encryptionService = netconfTopologyDeviceSetup.getEncryptionService();

     }
 
     @Override
     }
 
     @Override


@@ -285,7 +287,8 @@ public class RemoteDeviceConnectorImpl implements RemoteDeviceConnector {
                             .node.credentials.credentials.LoginPassword) credentials).getUsername(),
                     ((org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf
                             .node.credentials.credentials.LoginPassword) credentials).getPassword(),
                             .node.credentials.credentials.LoginPassword) credentials).getUsername(),
                     ((org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf
                             .node.credentials.credentials.LoginPassword) credentials).getPassword(),

-                    this.privateKeyPath, this.privateKeyPassphrase);
+                    this.privateKeyPath, this.privateKeyPassphrase, encryptionService);
+

         } else {
             throw new IllegalStateException(remoteDeviceId + ": Only login/password authentication is supported");
         }
         } else {
             throw new IllegalStateException(remoteDeviceId + ": Only login/password authentication is supported");
         }

diff --git a/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/utils/NetconfTopologySetup.java b/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/utils/NetconfTopologySetup.java
index 9ba578f7025b788502b9bc649bb6ff26e5626a98..6eb78007afab6f9a9ec1e28daac7e3d7fccc1f84 100644 (file)
--- a/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/utils/NetconfTopologySetup.java
+++ b/netconf/netconf-topology-singleton/src/main/java/org/opendaylight/netconf/topology/singleton/impl/utils/NetconfTopologySetup.java
@@ -10,6 +10,7 @@ package org.opendaylight.netconf.topology.singleton.impl.utils;
 
 import akka.actor.ActorSystem;
 import io.netty.util.concurrent.EventExecutor;
 
 import akka.actor.ActorSystem;
 import io.netty.util.concurrent.EventExecutor;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;


@@ -38,6 +39,7 @@ public class NetconfTopologySetup {
     private final Duration idleTimeout;
     private final String privateKeyPath;
     private final String privateKeyPassphrase;
     private final Duration idleTimeout;
     private final String privateKeyPath;
     private final String privateKeyPassphrase;

+    private final AAAEncryptionService encryptionService;

 
     private NetconfTopologySetup(final NetconfTopologySetupBuilder builder) {
         this.clusterSingletonServiceProvider = builder.getClusterSingletonServiceProvider();
 
     private NetconfTopologySetup(final NetconfTopologySetupBuilder builder) {
         this.clusterSingletonServiceProvider = builder.getClusterSingletonServiceProvider();


@@ -55,6 +57,7 @@ public class NetconfTopologySetup {
         this.idleTimeout = builder.getIdleTimeout();
         this.privateKeyPath = builder.getPrivateKeyPath();
         this.privateKeyPassphrase = builder.getPrivateKeyPassphrase();
         this.idleTimeout = builder.getIdleTimeout();
         this.privateKeyPath = builder.getPrivateKeyPath();
         this.privateKeyPassphrase = builder.getPrivateKeyPassphrase();

+        this.encryptionService = builder.getEncryptionService();

     }
 
     public ClusterSingletonServiceProvider getClusterSingletonServiceProvider() {
     }
 
     public ClusterSingletonServiceProvider getClusterSingletonServiceProvider() {


@@ -117,6 +120,10 @@ public class NetconfTopologySetup {
         return privateKeyPassphrase;
     }
 
         return privateKeyPassphrase;
     }
 

+    public AAAEncryptionService getEncryptionService() {
+        return encryptionService;
+    }
+

     public static class NetconfTopologySetupBuilder {
 
         private ClusterSingletonServiceProvider clusterSingletonServiceProvider;
     public static class NetconfTopologySetupBuilder {
 
         private ClusterSingletonServiceProvider clusterSingletonServiceProvider;


@@ -134,6 +141,7 @@ public class NetconfTopologySetup {
         private Duration idleTimeout;
         private String privateKeyPath;
         private String privateKeyPassphrase;
         private Duration idleTimeout;
         private String privateKeyPath;
         private String privateKeyPassphrase;

+        private AAAEncryptionService encryptionService;

 
         public NetconfTopologySetupBuilder() {
         }
 
         public NetconfTopologySetupBuilder() {
         }


@@ -279,6 +287,15 @@ public class NetconfTopologySetup {
             return this.privateKeyPassphrase;
         }
 
             return this.privateKeyPassphrase;
         }
 

+        private AAAEncryptionService getEncryptionService() {
+            return this.encryptionService;
+        }
+
+        public NetconfTopologySetupBuilder setEncryptionService(final AAAEncryptionService encryptionService) {
+            this.encryptionService = encryptionService;
+            return this;
+        }
+

         public static NetconfTopologySetupBuilder create() {
             return new NetconfTopologySetupBuilder();
         }
         public static NetconfTopologySetupBuilder create() {
             return new NetconfTopologySetupBuilder();
         }

diff --git a/netconf/netconf-topology-singleton/src/main/resources/org/opendaylight/blueprint/netconf-topology-singleton.xml b/netconf/netconf-topology-singleton/src/main/resources/org/opendaylight/blueprint/netconf-topology-singleton.xml
index 26de967c7516d61aa815118fd703c39b03065596..ecab8350da0bdc0759a9e67a6615581925a60b82 100644 (file)
--- a/netconf/netconf-topology-singleton/src/main/resources/org/opendaylight/blueprint/netconf-topology-singleton.xml
+++ b/netconf/netconf-topology-singleton/src/main/resources/org/opendaylight/blueprint/netconf-topology-singleton.xml
@@ -40,17 +40,20 @@ and is available at http://www.eclipse.org/legal/epl-v10.html
             binding-class="org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.topology.singleton.config.rev170419.Config"
     />
 
             binding-class="org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.topology.singleton.config.rev170419.Config"
     />
 

-    <cm:property-placeholder persistent-id="odl-sb-netconf-client-keypair" update-strategy="none">
+    <cm:property-placeholder persistent-id="org.opendaylight.netconf.topology.sb.keypair" update-strategy="none">

         <cm:default-properties>
             <cm:property name="private-key-path" value=""/>
             <cm:property name="private-key-passphrase" value=""/>
         </cm:default-properties>
     </cm:property-placeholder>
 
         <cm:default-properties>
             <cm:property name="private-key-path" value=""/>
             <cm:property name="private-key-passphrase" value=""/>
         </cm:default-properties>
     </cm:property-placeholder>
 

+    <reference id="encryptionService"
+               interface="org.opendaylight.aaa.encrypt.AAAEncryptionService" />
+

     <bean id="netconfTopologyManager"
           class="org.opendaylight.netconf.topology.singleton.impl.NetconfTopologyManager"
           init-method="init" destroy-method="close">
     <bean id="netconfTopologyManager"
           class="org.opendaylight.netconf.topology.singleton.impl.NetconfTopologyManager"
           init-method="init" destroy-method="close">

-        <cm:managed-properties persistent-id="odl-sb-netconf-client-keypair"
+        <cm:managed-properties persistent-id="org.opendaylight.netconf.topology.sb.keypair"

                                update-strategy="container-managed"/>
         <argument ref="dataBroker"/>
         <argument ref="rpcRegistry"/>
                                update-strategy="container-managed"/>
         <argument ref="dataBroker"/>
         <argument ref="rpcRegistry"/>


@@ -65,8 +68,19 @@ and is available at http://www.eclipse.org/legal/epl-v10.html
         <argument ref="mountPointService"/>
         <property name="privateKeyPath" value="${private-key-path}"/>
         <property name="privateKeyPassphrase" value="${private-key-passphrase}"/>
         <argument ref="mountPointService"/>
         <property name="privateKeyPath" value="${private-key-path}"/>
         <property name="privateKeyPassphrase" value="${private-key-passphrase}"/>

+        <argument ref="encryptionService" />

     </bean>
     <service ref="netconfTopologyManager"
              interface="org.opendaylight.netconf.topology.singleton.api.NetconfTopologySingletonService"/>
 
     </bean>
     <service ref="netconfTopologyManager"
              interface="org.opendaylight.netconf.topology.singleton.api.NetconfTopologySingletonService"/>
 

+    <bean id="netconfNodeRegisterEncryptedRPC"
+          class="org.opendaylight.netconf.sal.connect.util.NetconfTopologyRPCProvider"
+          >
+        <argument value="topology-netconf"/>
+        <argument ref="dataBroker"/>
+        <argument ref="encryptionService"/>
+    </bean>
+
+    <odl:rpc-implementation ref="netconfNodeRegisterEncryptedRPC"/>
+

 </blueprint>
 </blueprint>

diff --git a/netconf/netconf-topology-singleton/src/test/java/org/opendaylight/netconf/topology/singleton/impl/NetconfTopologyManagerTest.java b/netconf/netconf-topology-singleton/src/test/java/org/opendaylight/netconf/topology/singleton/impl/NetconfTopologyManagerTest.java
index 817a58a5eca7eabd5800507c92c0aa00d33e5b83..0353f889ab5ed16b222c3f483d62efc3a7f2a71a 100644 (file)
--- a/netconf/netconf-topology-singleton/src/test/java/org/opendaylight/netconf/topology/singleton/impl/NetconfTopologyManagerTest.java
+++ b/netconf/netconf-topology-singleton/src/test/java/org/opendaylight/netconf/topology/singleton/impl/NetconfTopologyManagerTest.java
@@ -32,6 +32,7 @@ import javax.annotation.Nonnull;
 import org.junit.Before;
 import org.junit.Test;
 import org.mockito.Mock;
 import org.junit.Before;
 import org.junit.Test;
 import org.mockito.Mock;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.cluster.ActorSystemProvider;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.cluster.ActorSystemProvider;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;


@@ -84,11 +85,13 @@ public class NetconfTopologyManagerTest {
         final EventExecutor eventExecutor = mock(EventExecutor.class);
         final NetconfClientDispatcher clientDispatcher = mock(NetconfClientDispatcher.class);
         final DOMMountPointService mountPointService = mock(DOMMountPointService.class);
         final EventExecutor eventExecutor = mock(EventExecutor.class);
         final NetconfClientDispatcher clientDispatcher = mock(NetconfClientDispatcher.class);
         final DOMMountPointService mountPointService = mock(DOMMountPointService.class);

+        final AAAEncryptionService encryptionService = mock(AAAEncryptionService.class);

 
         final Config config = new ConfigBuilder().setWriteTransactionIdleTimeout(0).build();
         netconfTopologyManager = new NetconfTopologyManager(dataBroker, rpcProviderRegistry,
                 clusterSingletonServiceProvider, keepaliveExecutor, processingExecutor,
 
         final Config config = new ConfigBuilder().setWriteTransactionIdleTimeout(0).build();
         netconfTopologyManager = new NetconfTopologyManager(dataBroker, rpcProviderRegistry,
                 clusterSingletonServiceProvider, keepaliveExecutor, processingExecutor,

-                actorSystemProvider, eventExecutor, clientDispatcher, topologyId, config, mountPointService);
+                actorSystemProvider, eventExecutor, clientDispatcher, topologyId, config,
+                mountPointService, encryptionService);

     }
 
     @Test
     }
 
     @Test

diff --git a/netconf/netconf-topology/pom.xml b/netconf/netconf-topology/pom.xml
index e22777b876f815e47177af7e43443c9105794422..5468dd00ba6ec0f651379b20dba1fdfc9ac368b1 100644 (file)
--- a/netconf/netconf-topology/pom.xml
+++ b/netconf/netconf-topology/pom.xml
@@ -82,6 +82,11 @@
             <groupId>org.opendaylight.yangtools</groupId>
             <artifactId>yang-model-api</artifactId>
         </dependency>
             <groupId>org.opendaylight.yangtools</groupId>
             <artifactId>yang-model-api</artifactId>
         </dependency>

+        <dependency>
+            <groupId>org.opendaylight.aaa</groupId>
+            <artifactId>aaa-encrypt-service</artifactId>
+            <version>0.7.0-SNAPSHOT</version>
+        </dependency>

     </dependencies>
 
     <build>
     </dependencies>
 
     <build>

diff --git a/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/AbstractNetconfTopology.java b/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/AbstractNetconfTopology.java
index a1b89a850a4627633ead36e2bb99984042216ea5..4362b92e645cf67aff50e4c7c666b0ebcd32b106 100644 (file)
--- a/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/AbstractNetconfTopology.java
+++ b/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/AbstractNetconfTopology.java
@@ -24,6 +24,7 @@ import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;


@@ -160,20 +161,20 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
     protected final SharedSchemaRepository sharedSchemaRepository;
     protected final DataBroker dataBroker;
     protected final DOMMountPointService mountPointService;
     protected final SharedSchemaRepository sharedSchemaRepository;
     protected final DataBroker dataBroker;
     protected final DOMMountPointService mountPointService;

-

     protected SchemaSourceRegistry schemaRegistry = DEFAULT_SCHEMA_REPOSITORY;
     protected SchemaRepository schemaRepository = DEFAULT_SCHEMA_REPOSITORY;
     protected SchemaContextFactory schemaContextFactory = DEFAULT_SCHEMA_CONTEXT_FACTORY;
     protected String privateKeyPath;
     protected String privateKeyPassphrase;
     protected SchemaSourceRegistry schemaRegistry = DEFAULT_SCHEMA_REPOSITORY;
     protected SchemaRepository schemaRepository = DEFAULT_SCHEMA_REPOSITORY;
     protected SchemaContextFactory schemaContextFactory = DEFAULT_SCHEMA_CONTEXT_FACTORY;
     protected String privateKeyPath;
     protected String privateKeyPassphrase;

-
+    protected final AAAEncryptionService encryptionService;

     protected final HashMap<NodeId, NetconfConnectorDTO> activeConnectors = new HashMap<>();
 
     protected AbstractNetconfTopology(final String topologyId, final NetconfClientDispatcher clientDispatcher,
                                       final EventExecutor eventExecutor, final ScheduledThreadPool keepaliveExecutor,
                                       final ThreadPool processingExecutor,
                                       final SchemaRepositoryProvider schemaRepositoryProvider,
     protected final HashMap<NodeId, NetconfConnectorDTO> activeConnectors = new HashMap<>();
 
     protected AbstractNetconfTopology(final String topologyId, final NetconfClientDispatcher clientDispatcher,
                                       final EventExecutor eventExecutor, final ScheduledThreadPool keepaliveExecutor,
                                       final ThreadPool processingExecutor,
                                       final SchemaRepositoryProvider schemaRepositoryProvider,

-                                      final DataBroker dataBroker, final DOMMountPointService mountPointService) {
+                                      final DataBroker dataBroker, final DOMMountPointService mountPointService,
+                                      final AAAEncryptionService encryptionService) {

         this.topologyId = topologyId;
         this.clientDispatcher = clientDispatcher;
         this.eventExecutor = eventExecutor;
         this.topologyId = topologyId;
         this.clientDispatcher = clientDispatcher;
         this.eventExecutor = eventExecutor;


@@ -182,6 +183,7 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
         this.sharedSchemaRepository = schemaRepositoryProvider.getSharedSchemaRepository();
         this.dataBroker = dataBroker;
         this.mountPointService = mountPointService;
         this.sharedSchemaRepository = schemaRepositoryProvider.getSharedSchemaRepository();
         this.dataBroker = dataBroker;
         this.mountPointService = mountPointService;

+        this.encryptionService = encryptionService;

     }
 
     public void setSchemaRegistry(final SchemaSourceRegistry schemaRegistry) {
     }
 
     public void setSchemaRegistry(final SchemaSourceRegistry schemaRegistry) {


@@ -214,7 +216,7 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
     }
 
     protected ListenableFuture<NetconfDeviceCapabilities> setupConnection(final NodeId nodeId,
     }
 
     protected ListenableFuture<NetconfDeviceCapabilities> setupConnection(final NodeId nodeId,

-                                                                        final Node configNode) {
+                                                                          final Node configNode) {

         final NetconfNode netconfNode = configNode.getAugmentation(NetconfNode.class);
 
         Preconditions.checkNotNull(netconfNode.getHost());
         final NetconfNode netconfNode = configNode.getAugmentation(NetconfNode.class);
 
         Preconditions.checkNotNull(netconfNode.getHost());


@@ -248,7 +250,7 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
     }
 
     protected NetconfConnectorDTO createDeviceCommunicator(final NodeId nodeId,
     }
 
     protected NetconfConnectorDTO createDeviceCommunicator(final NodeId nodeId,

-                                                         final NetconfNode node) {
+                                                           final NetconfNode node) {

         //setup default values since default value is not supported in mdsal
         final Long defaultRequestTimeoutMillis = node.getDefaultRequestTimeoutMillis() == null
                 ? DEFAULT_REQUEST_TIMEOUT_MILLIS : node.getDefaultRequestTimeoutMillis();
         //setup default values since default value is not supported in mdsal
         final Long defaultRequestTimeoutMillis = node.getDefaultRequestTimeoutMillis() == null
                 ? DEFAULT_REQUEST_TIMEOUT_MILLIS : node.getDefaultRequestTimeoutMillis();


@@ -440,7 +442,7 @@ public abstract class AbstractNetconfTopology implements NetconfTopology {
                             .netconf.node.credentials.credentials.LoginPassword) credentials).getUsername(),
                     ((org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114
                             .netconf.node.credentials.credentials.LoginPassword) credentials).getPassword(),
                             .netconf.node.credentials.credentials.LoginPassword) credentials).getUsername(),
                     ((org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114
                             .netconf.node.credentials.credentials.LoginPassword) credentials).getPassword(),

-                    privateKeyPath, privateKeyPassphrase);
+                     privateKeyPath, privateKeyPassphrase, encryptionService);

         } else {
             throw new IllegalStateException("Only login/password authentification is supported");
         }
         } else {
             throw new IllegalStateException("Only login/password authentification is supported");
         }

diff --git a/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/impl/NetconfTopologyImpl.java b/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/impl/NetconfTopologyImpl.java
index 1798b9c951dc0b97a30739b5dba218e72ace7f8f..263e524bd7541a10a28ce10a6eff13223ae272e2 100644 (file)
--- a/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/impl/NetconfTopologyImpl.java
+++ b/netconf/netconf-topology/src/main/java/org/opendaylight/netconf/topology/impl/NetconfTopologyImpl.java
@@ -13,6 +13,7 @@ import com.google.common.util.concurrent.Futures;
 import io.netty.util.concurrent.EventExecutor;
 import java.util.Collection;
 import javax.annotation.Nonnull;
 import io.netty.util.concurrent.EventExecutor;
 import java.util.Collection;
 import javax.annotation.Nonnull;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;


@@ -52,10 +53,11 @@ public class NetconfTopologyImpl extends AbstractNetconfTopology
     public NetconfTopologyImpl(final String topologyId, final NetconfClientDispatcher clientDispatcher,
                                final EventExecutor eventExecutor, final ScheduledThreadPool keepaliveExecutor,
                                final ThreadPool processingExecutor,
     public NetconfTopologyImpl(final String topologyId, final NetconfClientDispatcher clientDispatcher,
                                final EventExecutor eventExecutor, final ScheduledThreadPool keepaliveExecutor,
                                final ThreadPool processingExecutor,

-                               final SchemaRepositoryProvider schemaRepositoryProvider, final DataBroker dataBroker,
-                               final DOMMountPointService mountPointService) {
+                               final SchemaRepositoryProvider schemaRepositoryProvider,
+                               final DataBroker dataBroker, final DOMMountPointService mountPointService,
+                               final AAAEncryptionService encryptionService) {

         super(topologyId, clientDispatcher, eventExecutor, keepaliveExecutor, processingExecutor,
         super(topologyId, clientDispatcher, eventExecutor, keepaliveExecutor, processingExecutor,

-                schemaRepositoryProvider, dataBroker, mountPointService);
+                schemaRepositoryProvider, dataBroker, mountPointService, encryptionService);

     }
 
     @Override
     }
 
     @Override


@@ -101,8 +103,6 @@ public class NetconfTopologyImpl extends AbstractNetconfTopology
                 dataBroker.registerDataTreeChangeListener(
                         new DataTreeIdentifier<>(LogicalDatastoreType.CONFIGURATION,
                                 TopologyUtil.createTopologyListPath(topologyId).child(Node.class)), this);
                 dataBroker.registerDataTreeChangeListener(
                         new DataTreeIdentifier<>(LogicalDatastoreType.CONFIGURATION,
                                 TopologyUtil.createTopologyListPath(topologyId).child(Node.class)), this);

-
-

     }
 
     @Override
     }
 
     @Override

diff --git a/netconf/netconf-topology/src/test/java/org/opendaylight/netconf/topology/impl/NetconfTopologyImplTest.java b/netconf/netconf-topology/src/test/java/org/opendaylight/netconf/topology/impl/NetconfTopologyImplTest.java
index 11a8fa6a425d2e67910fa7abe7605e8ca9551554..fa4ac32e158553dd37cb4198cc46bf3f6a4b6906 100644 (file)
--- a/netconf/netconf-topology/src/test/java/org/opendaylight/netconf/topology/impl/NetconfTopologyImplTest.java
+++ b/netconf/netconf-topology/src/test/java/org/opendaylight/netconf/topology/impl/NetconfTopologyImplTest.java
@@ -29,6 +29,7 @@ import org.junit.Before;
 import org.junit.Test;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
 import org.junit.Test;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;

+import org.opendaylight.aaa.encrypt.AAAEncryptionService;

 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
 import org.opendaylight.controller.config.threadpool.ScheduledThreadPool;
 import org.opendaylight.controller.config.threadpool.ThreadPool;
 import org.opendaylight.controller.md.sal.binding.api.DataBroker;


@@ -89,6 +90,9 @@ public class NetconfTopologyImplTest {
     @Mock
     private DOMMountPointService mountPointService;
 
     @Mock
     private DOMMountPointService mountPointService;
 

+    @Mock
+    private AAAEncryptionService encryptionService;
+

     private TestingNetconfTopologyImpl topology;
     private TestingNetconfTopologyImpl spyTopology;
 
     private TestingNetconfTopologyImpl topology;
     private TestingNetconfTopologyImpl spyTopology;
 


@@ -105,7 +109,7 @@ public class NetconfTopologyImplTest {
 
         topology = new TestingNetconfTopologyImpl(TOPOLOGY_ID, mockedClientDispatcher,
                 mockedEventExecutor, mockedKeepaliveExecutor, mockedProcessingExecutor, mockedSchemaRepositoryProvider,
 
         topology = new TestingNetconfTopologyImpl(TOPOLOGY_ID, mockedClientDispatcher,
                 mockedEventExecutor, mockedKeepaliveExecutor, mockedProcessingExecutor, mockedSchemaRepositoryProvider,

-                dataBroker, mountPointService);
+                dataBroker, mountPointService, encryptionService);

 
         spyTopology = spy(topology);
     }
 
         spyTopology = spy(topology);
     }


@@ -193,9 +197,11 @@ public class NetconfTopologyImplTest {
                                           final ScheduledThreadPool keepaliveExecutor,
                                           final ThreadPool processingExecutor,
                                           final SchemaRepositoryProvider schemaRepositoryProvider,
                                           final ScheduledThreadPool keepaliveExecutor,
                                           final ThreadPool processingExecutor,
                                           final SchemaRepositoryProvider schemaRepositoryProvider,

-                                          final DataBroker dataBroker, final DOMMountPointService mountPointService) {
+                                          final DataBroker dataBroker, final DOMMountPointService mountPointService,
+                                          final AAAEncryptionService encryptionService) {

             super(topologyId, clientDispatcher, eventExecutor, keepaliveExecutor,
             super(topologyId, clientDispatcher, eventExecutor, keepaliveExecutor,

-                    processingExecutor, schemaRepositoryProvider, dataBroker, mountPointService);
+                    processingExecutor, schemaRepositoryProvider, dataBroker,
+                  mountPointService, encryptionService);

         }
 
         @Override
         }
 
         @Override

diff --git a/netconf/sal-netconf-connector/src/main/java/org/opendaylight/netconf/sal/connect/util/NetconfTopologyRPCProvider.java b/netconf/sal-netconf-connector/src/main/java/org/opendaylight/netconf/sal/connect/util/NetconfTopologyRPCProvider.java
new file mode 100644 (file)
index 0000000..a26401e
--- /dev/null
+++ b/netconf/sal-netconf-connector/src/main/java/org/opendaylight/netconf/sal/connect/util/NetconfTopologyRPCProvider.java
@@ -0,0 +1,107 @@
+/*
+ * Copyright (c) 2017 Brocade Communication Systems and others.  All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v10.html
+ */
+package org.opendaylight.netconf.sal.connect.util;
+
+import com.google.common.base.Preconditions;
+import com.google.common.util.concurrent.CheckedFuture;
+import com.google.common.util.concurrent.FutureCallback;
+import com.google.common.util.concurrent.Futures;
+import com.google.common.util.concurrent.SettableFuture;
+import java.util.concurrent.Future;
+import org.opendaylight.aaa.encrypt.AAAEncryptionService;
+import org.opendaylight.controller.md.sal.binding.api.DataBroker;
+import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
+import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
+import org.opendaylight.controller.md.sal.common.api.data.TransactionCommitFailedException;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.AddNetconfNodeInput;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.NetconfNode;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.NetconfNodeBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.NetconfNodeTopologyService;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.LoginPassword;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.LoginPasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NetworkTopology;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.TopologyId;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.Topology;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.TopologyKey;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.NodeKey;
+import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
+import org.opendaylight.yangtools.yang.common.RpcResult;
+import org.opendaylight.yangtools.yang.common.RpcResultBuilder;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class NetconfTopologyRPCProvider implements NetconfNodeTopologyService {
+    private final AAAEncryptionService encryptionService;
+    private final DataBroker dataBroker;
+    private final String topologyId;
+    private static final Logger LOG = LoggerFactory.getLogger(NetconfTopologyRPCProvider.class);
+
+    public NetconfTopologyRPCProvider(final DataBroker dataBroker,
+                                      final AAAEncryptionService encryptionService,
+                                      final String topologyId) {
+        this.dataBroker = dataBroker;
+        this.encryptionService = Preconditions.checkNotNull(encryptionService);
+        this.topologyId = Preconditions.checkNotNull(topologyId);
+    }
+
+    @Override
+    public Future<RpcResult<Void>> addNetconfNode(AddNetconfNodeInput input) {
+        NetconfNode node = this.encryptPassword(input);
+        final SettableFuture<RpcResult<Void>> futureResult = SettableFuture.create();
+        NodeId nodeId = new NodeId(input.getNodeId());
+        writeToConfigDS(node, nodeId, topologyId, futureResult);
+        return futureResult;
+    }
+
+    private NetconfNode encryptPassword(AddNetconfNodeInput input) {
+        NetconfNodeBuilder builder = new NetconfNodeBuilder();
+        builder.fieldsFrom(input);
+
+        boolean encrypt = input.isEncrypt();
+        LoginPassword loginPassword = (LoginPassword) input.getCredentials();
+        if (encrypt) {
+            String encryptedPassword = encryptionService.encrypt(loginPassword.getPassword());
+            LoginPassword newCreds = new LoginPasswordBuilder().setPassword(encryptedPassword)
+                    .setUsername(loginPassword.getUsername()).build();
+            builder.setCredentials(newCreds);
+        }
+
+        NetconfNode node = builder.build();
+        return node;
+    }
+
+    private void writeToConfigDS(NetconfNode node, NodeId nodeId, String topologyId,
+                                 final SettableFuture<RpcResult<Void>> futureResult) {
+
+        WriteTransaction writeTransaction = dataBroker.newWriteOnlyTransaction();
+        final InstanceIdentifier<NetworkTopology> networkTopologyId =
+                InstanceIdentifier.builder(NetworkTopology.class).build();
+        final InstanceIdentifier<NetconfNode> niid = networkTopologyId.child(Topology.class,
+                new TopologyKey(new TopologyId(topologyId))).child(Node.class,
+                new NodeKey(nodeId)).augmentation(NetconfNode.class);
+        writeTransaction.merge(LogicalDatastoreType.CONFIGURATION, niid, node, true);
+        final CheckedFuture<Void, TransactionCommitFailedException> future = writeTransaction.submit();
+        Futures.addCallback(future, new FutureCallback<Void>() {
+
+            @Override
+            public void onSuccess(Void result) {
+                LOG.info("add-netconf-node RPC: Added netconf node successfully.");
+                futureResult.set(RpcResultBuilder.<Void>success().build());
+            }
+
+            @Override
+            public void onFailure(Throwable exception) {
+                LOG.error("add-netconf-node RPC: Unable to add netconf node.", exception);
+                futureResult.setException(exception);
+            }
+        });
+    }
+
+}

diff --git a/netconf/sal-netconf-connector/src/main/yang/netconf-node-topology.yang b/netconf/sal-netconf-connector/src/main/yang/netconf-node-topology.yang
index 446d81540619401d3c66af4f31560ed26dd88599..7839d508d237e5d649ee7c37b340996fe6582d96 100644 (file)
--- a/netconf/sal-netconf-connector/src/main/yang/netconf-node-topology.yang
+++ b/netconf/sal-netconf-connector/src/main/yang/netconf-node-topology.yang
@@ -272,10 +272,24 @@ module netconf-node-topology {
 
     }
 
 
     }
 

+    rpc add-netconf-node {
+        input {
+            uses netconf-node-fields;
+            leaf node-id {
+                type string;
+            }
+            leaf encrypt {
+                type boolean;
+                default false;
+            }
+        }
+    }
+

     augment "/nt:network-topology/nt:topology/nt:node" {
         when "../../nt:topology-types/topology-netconf";
         ext:augment-identifier "netconf-node";
 
         uses netconf-node-fields;
     }
     augment "/nt:network-topology/nt:topology/nt:node" {
         when "../../nt:topology-types/topology-netconf";
         ext:augment-identifier "netconf-node";
 
         uses netconf-node-fields;
     }

+

 }
 }

diff --git a/netconf/sal-netconf-connector/src/test/java/org/opendaylight/netconf/sal/connect/netconf/util/NetconfTopologyRPCProviderTest.java b/netconf/sal-netconf-connector/src/test/java/org/opendaylight/netconf/sal/connect/netconf/util/NetconfTopologyRPCProviderTest.java
new file mode 100644 (file)
index 0000000..5ece53f
--- /dev/null
+++ b/netconf/sal-netconf-connector/src/test/java/org/opendaylight/netconf/sal/connect/netconf/util/NetconfTopologyRPCProviderTest.java
@@ -0,0 +1,88 @@
+/*
+ * Copyright (c) 2017 Brocade Communication Systems and others.  All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v10.html
+ */
+package org.opendaylight.netconf.sal.connect.netconf.util;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.mockito.Mockito.when;
+
+import java.lang.reflect.Method;
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+import org.opendaylight.aaa.encrypt.AAAEncryptionService;
+import org.opendaylight.controller.md.sal.binding.api.DataBroker;
+import org.opendaylight.netconf.sal.connect.util.NetconfTopologyRPCProvider;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Ipv4Address;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.AddNetconfNodeInput;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.AddNetconfNodeInputBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.NetconfNode;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.LoginPassword;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.credentials.credentials.LoginPasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
+
+public class NetconfTopologyRPCProviderTest {
+    private static final NodeId NODE_ID = new NodeId("testing-node");
+    private static final String TOPOLOGY_ID = "testing-topology";
+    private static final String TEST_PWD =  "test";
+    private static final String ENC_PWD = "4o9/Hn3Pi4150YrP12N/1g==";
+
+    @Mock
+    private DataBroker dataBroker;
+
+    @Mock
+    private AAAEncryptionService encryptionService;
+
+    NetconfTopologyRPCProvider rpcProvider ;
+
+    @Before
+    public void setUp() {
+        MockitoAnnotations.initMocks(this);
+        when(encryptionService.encrypt(TEST_PWD)).thenReturn(ENC_PWD);
+        rpcProvider = new NetconfTopologyRPCProvider(dataBroker, encryptionService, TOPOLOGY_ID);
+    }
+
+    @Test
+    public void testEncryptPassword() throws Exception {
+
+        NetconfNode node = invokeEncryption(true);
+        assertNotEquals(TEST_PWD, ((LoginPassword)node.getCredentials()).getPassword());
+
+        node = invokeEncryption(false);
+        assertEquals(TEST_PWD, ((LoginPassword)node.getCredentials()).getPassword());
+    }
+
+    private NetconfNode invokeEncryption(boolean encrypt) throws Exception {
+        Method method = null;
+
+        method = NetconfTopologyRPCProvider.class.getDeclaredMethod("encryptPassword", AddNetconfNodeInput.class);
+
+        method.setAccessible(true);
+        NetconfNode node = null;
+
+        node = (NetconfNode)method.invoke(rpcProvider, getInput(encrypt));
+
+        return node;
+    }
+
+    private AddNetconfNodeInput getInput(boolean encrypt) {
+        AddNetconfNodeInputBuilder builder = new AddNetconfNodeInputBuilder();
+        builder.setCredentials(new LoginPasswordBuilder().setPassword(TEST_PWD).setUsername("test").build());
+        builder.setHost(new Host(new IpAddress(new Ipv4Address("10.18.16.188"))));
+        builder.setPort(new PortNumber(830));
+        builder.setTcpOnly(false);
+        builder.setNodeId(NODE_ID.toString());
+        builder.setEncrypt(encrypt);
+        return builder.build();
+    }
+
+}