From bc787787e74692d8a7499c3ec2c0e2ff5379c0bd Mon Sep 17 00:00:00 2001 From: Robert Varga Date: Mon, 29 Jan 2024 18:20:33 +0100 Subject: [PATCH] Obsolete non-transport ssh-host-key Update the model layout to make 'transport' choice mandatory and make ssh-host-key obsolete. JIRA: NETCONF-1243 Change-Id: I178d5d8d7858d6c4074214ac8cce598f5c2b6ec1 Signed-off-by: Robert Varga --- .../mount/CallHomeMountSshAuthProvider.java | 38 +++++++------------ .../mount/CallHomeMountStatusReporter.java | 16 ++++---- .../tls/CallHomeMountTlsAuthProvider.java | 8 ++-- .../yang/odl-netconf-callhome-server.yang | 32 +++++++++++----- 4 files changed, 48 insertions(+), 46 deletions(-) diff --git a/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountSshAuthProvider.java b/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountSshAuthProvider.java index c1df4d4def..d4a5857f28 100644 --- a/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountSshAuthProvider.java +++ b/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountSshAuthProvider.java @@ -26,14 +26,13 @@ import org.opendaylight.mdsal.binding.api.DataTreeModification; import org.opendaylight.mdsal.common.api.LogicalDatastoreType; import org.opendaylight.netconf.callhome.server.ssh.CallHomeSshAuthProvider; import org.opendaylight.netconf.callhome.server.ssh.CallHomeSshAuthSettings; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.NetconfCallhomeServer; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.credentials.Credentials; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.AllowedDevices; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.Global; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.Global.MountPointNamingStrategy; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.Device; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.device.transport.Ssh; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.device.transport.ssh.SshClientParams; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.NetconfCallhomeServer; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.credentials.Credentials; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.AllowedDevices; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.Global; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.Global.MountPointNamingStrategy; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.allowed.devices.Device; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.allowed.devices.device.transport.Ssh; import org.opendaylight.yangtools.concepts.Registration; import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; import org.osgi.service.component.annotations.Activate; @@ -80,18 +79,14 @@ public final class CallHomeMountSshAuthProvider implements CallHomeSshAuthProvid @Override public CallHomeSshAuthSettings provideAuth(final SocketAddress remoteAddress, final PublicKey serverKey) { - Device deviceSpecific = deviceConfig.get(serverKey); - String id; - Credentials deviceCred; + final String id; + final Credentials deviceCred; + final var deviceSpecific = deviceConfig.get(serverKey); if (deviceSpecific != null) { id = deviceSpecific.getUniqueId(); - if (deviceSpecific.getTransport() instanceof Ssh ssh) { - final SshClientParams clientParams = ssh.getSshClientParams(); - deviceCred = clientParams.getCredentials(); - } else { - deviceCred = deviceSpecific.getCredentials(); - } + deviceCred = deviceSpecific.getTransport() instanceof Ssh ssh ? ssh.getSshClientParams().getCredentials() + : null; } else { String syntheticId = fromRemoteAddress(remoteAddress); if (globalConfig.allowedUnknownKeys()) { @@ -109,8 +104,7 @@ public final class CallHomeMountSshAuthProvider implements CallHomeSshAuthProvid } } - final Credentials credentials = deviceCred != null ? deviceCred : globalConfig.getCredentials(); - + final var credentials = deviceCred != null ? deviceCred : globalConfig.getCredentials(); if (credentials == null) { LOG.info("No credentials found for {}, rejecting.", id); return null; @@ -183,11 +177,7 @@ public final class CallHomeMountSshAuthProvider implements CallHomeSshAuthProvid } private static String getHostPublicKey(final Device device) { - if (device.getTransport() instanceof Ssh ssh) { - return ssh.getSshClientParams().getHostKey(); - } else { - return device.getSshHostKey(); - } + return device.getTransport() instanceof Ssh ssh ? ssh.nonnullSshClientParams().getHostKey() : null; } abstract void addDevice(String publicKey, Device device); diff --git a/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountStatusReporter.java b/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountStatusReporter.java index d279ff90f0..6244662068 100644 --- a/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountStatusReporter.java +++ b/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/CallHomeMountStatusReporter.java @@ -25,14 +25,14 @@ import org.opendaylight.mdsal.binding.api.DataTreeModification; import org.opendaylight.mdsal.common.api.CommitInfo; import org.opendaylight.mdsal.common.api.LogicalDatastoreType; import org.opendaylight.netconf.callhome.server.CallHomeStatusRecorder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.NetconfCallhomeServer; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.AllowedDevices; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.Device; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.Device.DeviceStatus; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.DeviceBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.DeviceKey; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.device.transport.SshBuilder; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.device.transport.ssh.SshClientParamsBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.NetconfCallhomeServer; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.AllowedDevices; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.allowed.devices.Device; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.allowed.devices.Device.DeviceStatus; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.allowed.devices.DeviceBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.allowed.devices.DeviceKey; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.allowed.devices.device.transport.SshBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.allowed.devices.device.transport.ssh.SshClientParamsBuilder; import org.opendaylight.yangtools.concepts.Registration; import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; import org.osgi.service.component.annotations.Activate; diff --git a/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/CallHomeMountTlsAuthProvider.java b/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/CallHomeMountTlsAuthProvider.java index 843c0d9060..0f73840a0c 100644 --- a/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/CallHomeMountTlsAuthProvider.java +++ b/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/CallHomeMountTlsAuthProvider.java @@ -38,10 +38,10 @@ import org.opendaylight.netconf.client.SslHandlerFactory; import org.opendaylight.netconf.client.mdsal.api.SslHandlerFactoryProvider; import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore; import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificate; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.NetconfCallhomeServer; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.AllowedDevices; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.Device; -import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.netconf.callhome.server.allowed.devices.device.transport.Tls; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.NetconfCallhomeServer; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.AllowedDevices; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.allowed.devices.Device; +import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev240129.netconf.callhome.server.allowed.devices.device.transport.Tls; import org.opendaylight.yangtools.concepts.Registration; import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; import org.osgi.service.component.annotations.Activate; diff --git a/netconf/callhome-model/src/main/yang/odl-netconf-callhome-server.yang b/netconf/callhome-model/src/main/yang/odl-netconf-callhome-server.yang index dab83dd79e..74989cf6b7 100644 --- a/netconf/callhome-model/src/main/yang/odl-netconf-callhome-server.yang +++ b/netconf/callhome-model/src/main/yang/odl-netconf-callhome-server.yang @@ -12,6 +12,14 @@ module odl-netconf-callhome-server { description "This module defines the northbound interface for OpenDaylight NETCONF Callhome."; + revision 2024-01-29 { + description + "A number of improvements to the sematics of this model. In concrete terms: + - every device now has to have a transport + - previously-deprecated 'ssh-host-key' is now obsolete + - 'credentials; is obsoleted as well"; + } + revision 2023-04-28 { description "This revision integrates device-status leaf, formerly hosted in callhome-device.yang"; } @@ -57,8 +65,8 @@ module odl-netconf-callhome-server { leaf mount-point-naming-strategy { type enumeration { - enum IP_PORT; - enum IP_ONLY; + enum IP_PORT; + enum IP_ONLY; } default IP_PORT; description "Mount name will be chosen as per this strategy in the absence of per device settings. Default is IP_PORT"; @@ -73,17 +81,11 @@ module odl-netconf-callhome-server { description "Identifier of device, which will be used to identify device."; type string; } - leaf ssh-host-key { - description "BASE-64 encoded public key which device will use during connection. - Deprecated, a 'host-key' from the 'ssh-client-params' containers should be used instead."; - status deprecated; - type string; - } - unique ssh-host-key; - uses credentials; choice transport { description "Provides connectivity details for one of the supported transport protocols"; + mandatory true; + case ssh { container ssh-client-params { leaf host-key { @@ -123,6 +125,16 @@ module odl-netconf-callhome-server { } default DISCONNECTED; } + + leaf ssh-host-key { + description "Obsolete, a 'host-key' from the 'ssh-client-params' containers should be used instead."; + status obsolete; + type string; + } + unique ssh-host-key; + uses credentials { + status obsolete; + } } } } -- 2.36.6