summaryrefslogtreecommitdiffstats
path: root/infra/northbound/netconf/src/main
diff options
context:
space:
mode:
authorMarek Gradzki <mgradzki@cisco.com>2017-11-07 09:21:08 +0100
committerMarek Gradzki <mgradzki@cisco.com>2017-11-10 10:00:39 +0100
commit0f92e8f1eb7ec29f589ed92c55b049f13cce0f30 (patch)
tree30e7fa6562a136755f1e5a9e5348db51c221f59b /infra/northbound/netconf/src/main
parentcccd174ab736465bc36faacfeaa30297acb724a7 (diff)
HONEYCOMB-385: bump ODL dependencies to Nitrogen
* guava bumped to 22.0 (same as used by ODL) * use 4K RSA for SSH server (related to bouncy-castle bump in ODL) - based on https://git.opendaylight.org/gerrit/#/c/60138/2 - also fixes HC2VPP-207 * removed some yang models from netconf-whitelist.xml, that are no longer present in ODL dependencies, * increased timeouts in distro tests, because generating 4K RSA key my last longer (especially on slow jenkins nodes). * EmptyMountPointService exposed to enable reuse by notification and restconf providers Change-Id: I2ff32bd7f0298716210fcfee4918007a42fab171 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
Diffstat (limited to 'infra/northbound/netconf/src/main')
-rw-r--r--infra/northbound/netconf/src/main/java/io/fd/honeycomb/northbound/netconf/NetconfSshServerProvider.java12
-rw-r--r--infra/northbound/netconf/src/main/resources/honeycomb-minimal-resources/config/netconf-whitelist.xml44
2 files changed, 11 insertions, 45 deletions
diff --git a/infra/northbound/netconf/src/main/java/io/fd/honeycomb/northbound/netconf/NetconfSshServerProvider.java b/infra/northbound/netconf/src/main/java/io/fd/honeycomb/northbound/netconf/NetconfSshServerProvider.java
index bc1d95c09..d44b4f221 100644
--- a/infra/northbound/netconf/src/main/java/io/fd/honeycomb/northbound/netconf/NetconfSshServerProvider.java
+++ b/infra/northbound/netconf/src/main/java/io/fd/honeycomb/northbound/netconf/NetconfSshServerProvider.java
@@ -46,6 +46,11 @@ public final class NetconfSshServerProvider extends ProviderTrait<NetconfSshServ
private static final Logger LOG = LoggerFactory.getLogger(NetconfSshServerProvider.class);
+ // Use RSA for ssh server, see https://git.opendaylight.org/gerrit/#/c/60138/
+ private static final String DEFAULT_PRIVATE_KEY_PATH = null; // disable private key serialization
+ private static final String DEFAULT_ALGORITHM = "RSA";
+ private static final int DEFAULT_KEY_SIZE = 4096;
+
@Inject
private NetconfServerDispatcher dispatcher;
@Inject
@@ -65,6 +70,10 @@ public final class NetconfSshServerProvider extends ProviderTrait<NetconfSshServ
return null;
}
LOG.info("Starting NETCONF SSH");
+
+ // TODO(HONEYCOMB-414): the logic below is very similar to
+ // org.opendaylight.netconf.ssh.NetconfNorthboundSshServer (introduced in Carbon), so consider reusing it
+ // (requires fixing hardcoded private key path).
InetAddress sshBindingAddress = null;
try {
sshBindingAddress = InetAddress.getByName(cfgAttributes.netconfSshBindingAddress.get());
@@ -86,7 +95,8 @@ public final class NetconfSshServerProvider extends ProviderTrait<NetconfSshServ
// Only simple authProvider checking ConfigAttributes, checking the config file
sshConfigBuilder.setAuthenticator(new SimplelAuthProvider(credentialsCfg));
sshConfigBuilder.setIdleTimeout(Integer.MAX_VALUE);
- sshConfigBuilder.setKeyPairProvider(new PEMGeneratorHostKeyProvider());
+ sshConfigBuilder.setKeyPairProvider(new PEMGeneratorHostKeyProvider(DEFAULT_PRIVATE_KEY_PATH,
+ DEFAULT_ALGORITHM, DEFAULT_KEY_SIZE));
localServer.addListener(new SshServerBinder(sshProxyServer, sshConfigBuilder, bindingAddress));
diff --git a/infra/northbound/netconf/src/main/resources/honeycomb-minimal-resources/config/netconf-whitelist.xml b/infra/northbound/netconf/src/main/resources/honeycomb-minimal-resources/config/netconf-whitelist.xml
index 7b69a0253..371ee2b18 100644
--- a/infra/northbound/netconf/src/main/resources/honeycomb-minimal-resources/config/netconf-whitelist.xml
+++ b/infra/northbound/netconf/src/main/resources/honeycomb-minimal-resources/config/netconf-whitelist.xml
@@ -75,50 +75,6 @@
</module>
<module>
<package>
- org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.netconf.northbound.notification.rev150806
- </package>
- <description>
- This module contains the base YANG definitions for
- netconf northbound notifications API
-
- Directly used for netconf notification binding
- </description>
- </module>
- <module>
- <package>
- org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.protocol.framework.rev140313
- </package>
- <description>
- This module contains the base YANG definitions for
- protocol framework.
-
- Required for mounting of netconf devices(Operational read does not work without it)
- </description>
- </module>
- <module>
- <package>
- org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.netconf.north.mapper.rev150114
- </package>
- <description>
- This module contains the base YANG definitions for
- mapping services plugged into a netconf northbound server
-
- Required for mounting of netconf devices(Operational read does not work without it)
- </description>
- </module>
- <module>
- <package>
- org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.config.netconf.auth.rev150715
- </package>
- <description>
- This module contains the base YANG definitions for
- netconf northbound server API
-
- Required for mounting of netconf devices(Operational read does not work without it)
- </description>
- </module>
- <module>
- <package>
org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.monitoring.extension.rev131210
</package>
<description>