Replaced all usages of whitelist as its considered non-technical term
with allowlist.
JIRA: NETCONF-1185
Change-Id: Id6f827ae1b1fb4c2c3e52e69ec2c60ab3c19b25d
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
(cherry picked from commit
169d7d71cb8c5f90bb7a10ebd68cc51569ce504d)
Netconf Call Home Server uses device provided SSH server key (host key)
to identify device. The pairing of name and server key is configured in
``/odl-netconf-callhome-server:netconf-callhome-server/allowed-devices``.
Netconf Call Home Server uses device provided SSH server key (host key)
to identify device. The pairing of name and server key is configured in
``/odl-netconf-callhome-server:netconf-callhome-server/allowed-devices``.
-This list is colloquially called a whitelist.
+This list is colloquially called a allowlist.
-If the Call-Home Server finds the SSH host key in the whitelist, it continues
+If the Call-Home Server finds the SSH host key in the allowlist, it continues
to negotiate a NETCONF connection over an SSH session. If the SSH host key is
not found, the connection between the Call Home server and the device is dropped
immediately. In either case, the device that connects to the Call home server
to negotiate a NETCONF connection over an SSH session. If the SSH host key is
not found, the connection between the Call Home server and the device is dropped
immediately. In either case, the device that connects to the Call home server
Rogue Devices
'''''''''''''
Rogue Devices
'''''''''''''
-Devices which are not on the whitelist might try to connect to the Call-Home Server. In
+Devices which are not on the allowlist might try to connect to the Call-Home Server. In
these cases, the server will keep a record by instantiating an operational device. There
will be no corresponding config device for these rogues. They can be identified readily
because their device id, rather than being user-supplied, will be of the form
these cases, the server will keep a record by instantiating an operational device. There
will be no corresponding config device for these rogues. They can be identified readily
because their device id, rather than being user-supplied, will be of the form
return rxTransaction.read(LogicalDatastoreType.OPERATIONAL, IetfZeroTouchCallHomeServerProvider.ALL_DEVICES)
.get().orElse(null);
} catch (ExecutionException | InterruptedException e) {
return rxTransaction.read(LogicalDatastoreType.OPERATIONAL, IetfZeroTouchCallHomeServerProvider.ALL_DEVICES)
.get().orElse(null);
} catch (ExecutionException | InterruptedException e) {
- LOG.error("Error trying to read the whitelist devices", e);
+ LOG.error("Error trying to read the allowlist devices", e);
keyString = device.getSshHostKey();
}
if (keyString == null) {
keyString = device.getSshHostKey();
}
if (keyString == null) {
- LOG.info("Whitelist device {} does not have a host key, skipping it", device.getUniqueId());
+ LOG.info("Allowlist device {} does not have a host key, skipping it", device.getUniqueId());
- LOG.error("No match found for the failed auth device (should have been filtered by whitelist). Key: {}",
+ LOG.error("No match found for the failed auth device (should have been filtered by allowlist). Key: {}",
readAndUpdateStatus(confDevice);
}
} catch (ExecutionException | InterruptedException e) {
readAndUpdateStatus(confDevice);
}
} catch (ExecutionException | InterruptedException e) {
- LOG.error("Error trying to read the whitelist devices", e);
+ LOG.error("Error trying to read the allowlist devices", e);