This configuration holds the private key location and its pass phrase.
While we inject these values, they are not used anywhere.
JIRA: NETCONF-960
Change-Id: I0a5fd425a59137ac4d0dac5e2f2fd630c4f202bb
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
<artifactId>netconf-topology</artifactId>
</dependency>
</dependencies>
-
- <build>
- <plugins>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>build-helper-maven-plugin</artifactId>
- <executions>
- <execution>
- <id>attach-artifacts</id>
- <goals>
- <goal>attach-artifact</goal>
- </goals>
- <phase>package</phase>
- <configuration>
- <artifacts>
- <artifact>
- <file>${project.build.directory}/classes/initial/odl-sb-netconf-client-keypair.cfg
- </file>
- <type>cfg</type>
- <classifier>config</classifier>
- </artifact>
- </artifacts>
- </configuration>
- </execution>
- </executions>
- </plugin>
- </plugins>
- </build>
</project>
-->
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:odl="http://opendaylight.org/xmlns/blueprint/v1.0.0"
- xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.1.0"
odl:use-default-for-reference-types="true">
<reference id="clientDispatcherDependency"
<reference id="baseSchemas"
interface="org.opendaylight.netconf.sal.connect.netconf.schema.mapping.BaseNetconfSchemas"/>
- <cm:property-placeholder persistent-id="org.opendaylight.netconf.topology.sb.keypair" update-strategy="none">
- <cm:default-properties>
- <cm:property name="private-key-path" value=""/>
- <cm:property name="private-key-passphrase" value=""/>
- </cm:default-properties>
- </cm:property-placeholder>
-
<bean id="netconfTopology" class="org.opendaylight.netconf.topology.impl.NetconfTopologyImpl"
init-method="init"
destroy-method="close">
- <cm:managed-properties persistent-id="org.opendaylight.netconf.topology.sb.keypair"
- update-strategy="container-managed"/>
<argument value="topology-netconf"/>
<argument ref="clientDispatcherDependency"/>
<argument ref="eventExecutor"/>
<argument ref="schemaManager"/>
<argument ref="dataBroker"/>
<argument ref="mountPointService"/>
- <property name="privateKeyPath" value="${private-key-path}"/>
- <property name="privateKeyPassphrase" value="${private-key-passphrase}"/>
<argument ref="encryptionService" />
<argument ref="rpcProviderService" />
<argument ref="baseSchemas"/>
+++ /dev/null
-# This configuration provides the provision to enable key based authentication for netconf southbound client.
-# The configuration file should be created by name odl-sb-netconf-client-keypair.cfg inside controller/etc directory.
-# Following configurations should be done in this file
-# private-key-path - Path for private key file. (Paths are identified relative to controller directory).
-# eg. If private key file exists in controller/etc/id_rsa, the path can be mentioned as etc/id_rsa
-# private-key-passphrase - Passphrase that was used to encrypt the private key.
-# In case of no passphrase, keep it blank or unassigned.
-
-private-key-path=etc/RSA-PK
-private-key-passphrase=abc
.setSchemaResourceDTO(resourceManager.getSchemaResources(netconfNode.getSchemaCacheDirectory(),
deviceId))
.setIdleTimeout(writeTxIdleTimeout)
- .setPrivateKeyPath(privateKeyPath)
- .setPrivateKeyPassphrase(privateKeyPassphrase)
.setEncryptionService(encryptionService)
.build();
}
private final NetconfTopologySetup netconfTopologyDeviceSetup;
private final RemoteDeviceId remoteDeviceId;
- private final String privateKeyPath;
- private final String privateKeyPassphrase;
private final AAAEncryptionService encryptionService;
private final NetconfKeystoreAdapter keystoreAdapter;
private final DeviceActionFactory deviceActionFactory;
this.netconfTopologyDeviceSetup = requireNonNull(netconfTopologyDeviceSetup);
this.remoteDeviceId = remoteDeviceId;
this.deviceActionFactory = requireNonNull(deviceActionFactory);
- privateKeyPath = netconfTopologyDeviceSetup.getPrivateKeyPath();
- privateKeyPassphrase = netconfTopologyDeviceSetup.getPrivateKeyPassphrase();
encryptionService = netconfTopologyDeviceSetup.getEncryptionService();
keystoreAdapter = new NetconfKeystoreAdapter(netconfTopologyDeviceSetup.getDataBroker());
}
private final String topologyId;
private final NetconfDevice.SchemaResourcesDTO schemaResourceDTO;
private final Duration idleTimeout;
- private final String privateKeyPath;
- private final String privateKeyPassphrase;
private final AAAEncryptionService encryptionService;
private final BaseNetconfSchemas baseSchemas;
NetconfTopologySetup(final NetconfTopologySetupBuilder builder) {
- this.clusterSingletonServiceProvider = builder.getClusterSingletonServiceProvider();
- this.rpcProviderRegistry = builder.getRpcProviderRegistry();
- this.actionProviderRegistry = builder.getActionProviderRegistry();
- this.dataBroker = builder.getDataBroker();
- this.instanceIdentifier = builder.getInstanceIdentifier();
- this.node = builder.getNode();
- this.keepaliveExecutor = builder.getKeepaliveExecutor();
- this.processingExecutor = builder.getProcessingExecutor();
- this.actorSystem = builder.getActorSystem();
- this.eventExecutor = builder.getEventExecutor();
- this.netconfClientDispatcher = builder.getNetconfClientDispatcher();
- this.topologyId = builder.getTopologyId();
- this.schemaResourceDTO = builder.getSchemaResourceDTO();
- this.idleTimeout = builder.getIdleTimeout();
- this.privateKeyPath = builder.getPrivateKeyPath();
- this.privateKeyPassphrase = builder.getPrivateKeyPassphrase();
- this.encryptionService = builder.getEncryptionService();
- this.baseSchemas = builder.getBaseSchemas();
+ clusterSingletonServiceProvider = builder.getClusterSingletonServiceProvider();
+ rpcProviderRegistry = builder.getRpcProviderRegistry();
+ actionProviderRegistry = builder.getActionProviderRegistry();
+ dataBroker = builder.getDataBroker();
+ instanceIdentifier = builder.getInstanceIdentifier();
+ node = builder.getNode();
+ keepaliveExecutor = builder.getKeepaliveExecutor();
+ processingExecutor = builder.getProcessingExecutor();
+ actorSystem = builder.getActorSystem();
+ eventExecutor = builder.getEventExecutor();
+ netconfClientDispatcher = builder.getNetconfClientDispatcher();
+ topologyId = builder.getTopologyId();
+ schemaResourceDTO = builder.getSchemaResourceDTO();
+ idleTimeout = builder.getIdleTimeout();
+ encryptionService = builder.getEncryptionService();
+ baseSchemas = builder.getBaseSchemas();
}
public ClusterSingletonServiceProvider getClusterSingletonServiceProvider() {
return idleTimeout;
}
- public String getPrivateKeyPath() {
- return privateKeyPath;
- }
-
- public String getPrivateKeyPassphrase() {
- return privateKeyPassphrase;
- }
-
public AAAEncryptionService getEncryptionService() {
return encryptionService;
}
private NetconfClientDispatcher netconfClientDispatcher;
private NetconfDevice.SchemaResourcesDTO schemaResourceDTO;
private Duration idleTimeout;
- private String privateKeyPath;
- private String privateKeyPassphrase;
private AAAEncryptionService encryptionService;
private BaseNetconfSchemas baseSchemas;
}
public NetconfTopologySetupBuilder setNetconfClientDispatcher(final NetconfClientDispatcher clientDispatcher) {
- this.netconfClientDispatcher = clientDispatcher;
+ netconfClientDispatcher = clientDispatcher;
return this;
}
return idleTimeout;
}
- public NetconfTopologySetupBuilder setPrivateKeyPath(final String privateKeyPath) {
- this.privateKeyPath = privateKeyPath;
- return this;
- }
-
- public String getPrivateKeyPath() {
- return this.privateKeyPath;
- }
-
- public NetconfTopologySetupBuilder setPrivateKeyPassphrase(final String privateKeyPassphrase) {
- this.privateKeyPassphrase = privateKeyPassphrase;
- return this;
- }
-
- public String getPrivateKeyPassphrase() {
- return this.privateKeyPassphrase;
- }
-
AAAEncryptionService getEncryptionService() {
- return this.encryptionService;
+ return encryptionService;
}
public NetconfTopologySetupBuilder setEncryptionService(final AAAEncryptionService encryptionService) {
-->
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:odl="http://opendaylight.org/xmlns/blueprint/v1.0.0"
- xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.1.0"
odl:use-default-for-reference-types="true">
<reference id="dataBroker"
binding-class="org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.topology.singleton.config.rev170419.Config"
/>
- <cm:property-placeholder persistent-id="org.opendaylight.netconf.topology.sb.keypair" update-strategy="none">
- <cm:default-properties>
- <cm:property name="private-key-path" value=""/>
- <cm:property name="private-key-passphrase" value=""/>
- </cm:default-properties>
- </cm:property-placeholder>
-
<reference id="encryptionService"
interface="org.opendaylight.aaa.encrypt.AAAEncryptionService" />
<bean id="netconfTopologyManager"
class="org.opendaylight.netconf.topology.singleton.impl.NetconfTopologyManager"
init-method="init" destroy-method="close">
- <cm:managed-properties persistent-id="org.opendaylight.netconf.topology.sb.keypair"
- update-strategy="container-managed"/>
<argument ref="baseSchemas"/>
<argument ref="dataBroker"/>
<argument ref="rpcRegistry"/>
<argument value="topology-netconf"/>
<argument ref="singletonConfig"/>
<argument ref="mountPointService"/>
- <property name="privateKeyPath" value="${private-key-path}"/>
- <property name="privateKeyPassphrase" value="${private-key-passphrase}"/>
<argument ref="encryptionService" />
<argument ref="rpcProvider" />
<argument ref="deviceActionFactory"/>
protected final DataBroker dataBroker;
protected final DOMMountPointService mountPointService;
protected final String topologyId;
- protected String privateKeyPath;
- protected String privateKeyPassphrase;
protected final AAAEncryptionService encryptionService;
protected final HashMap<NodeId, NetconfConnectorDTO> activeConnectors = new HashMap<>();
return List.of();
}
- /**
- * Sets the private key path from location specified in configuration file using blueprint.
- */
- public void setPrivateKeyPath(final String privateKeyPath) {
- this.privateKeyPath = privateKeyPath;
- }
-
- /**
- * Sets the private key passphrase from location specified in configuration file using blueprint.
- */
- public void setPrivateKeyPassphrase(final String privateKeyPassphrase) {
- this.privateKeyPassphrase = privateKeyPassphrase;
- }
-
public NetconfReconnectingClientConfiguration getClientConfig(final NetconfClientSessionListener listener,
final NetconfNode node, final NodeId nodeId) {
final ReconnectStrategyFactory sf = new TimedReconnectStrategyFactory(eventExecutor,