diff options
| author |   Marek Gradzki <mgradzki@cisco.com> | 2017-11-07 09:21:08 +0100 |
|---|---|---|
| committer | Marek Gradzki <mgradzki@cisco.com> | 2017-11-10 10:00:39 +0100 |
| commit | 0f92e8f1eb7ec29f589ed92c55b049f13cce0f30 (patch) | |
| tree | 30e7fa6562a136755f1e5a9e5348db51c221f59b /infra/northbound/netconf | |
| parent | cccd174ab736465bc36faacfeaa30297acb724a7 (diff) | |
HONEYCOMB-385: bump ODL dependencies to Nitrogen
* guava bumped to 22.0 (same as used by ODL)
* use 4K RSA for SSH server (related to bouncy-castle bump in ODL)
- based on https://git.opendaylight.org/gerrit/#/c/60138/2
- also fixes HC2VPP-207
* removed some yang models from netconf-whitelist.xml,
that are no longer present in ODL dependencies,
* increased timeouts in distro tests, because generating 4K RSA key
my last longer (especially on slow jenkins nodes).
* EmptyMountPointService exposed to enable reuse by notification
and restconf providers
Change-Id: I2ff32bd7f0298716210fcfee4918007a42fab171
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
Diffstat (limited to 'infra/northbound/netconf')
3 files changed, 11 insertions, 46 deletions
diff --git a/infra/northbound/netconf/pom.xml b/infra/northbound/netconf/pom.xml index 1d42e25fe..a727446d5 100644 --- a/infra/northbound/netconf/pom.xml +++ b/infra/northbound/netconf/pom.xml @@ -55,7 +55,6 @@ <artifactId>binding-init</artifactId> <version>${project.version}</version> </dependency> - <dependency> <groupId>io.fd.honeycomb</groupId> <artifactId>minimal-distribution-core</artifactId> diff --git a/infra/northbound/netconf/src/main/java/io/fd/honeycomb/northbound/netconf/NetconfSshServerProvider.java b/infra/northbound/netconf/src/main/java/io/fd/honeycomb/northbound/netconf/NetconfSshServerProvider.java index bc1d95c09..d44b4f221 100644 --- a/infra/northbound/netconf/src/main/java/io/fd/honeycomb/northbound/netconf/NetconfSshServerProvider.java +++ b/infra/northbound/netconf/src/main/java/io/fd/honeycomb/northbound/netconf/NetconfSshServerProvider.java @@ -46,6 +46,11 @@ public final class NetconfSshServerProvider extends ProviderTrait<NetconfSshServ private static final Logger LOG = LoggerFactory.getLogger(NetconfSshServerProvider.class); + // Use RSA for ssh server, see https://git.opendaylight.org/gerrit/#/c/60138/ + private static final String DEFAULT_PRIVATE_KEY_PATH = null; // disable private key serialization + private static final String DEFAULT_ALGORITHM = "RSA"; + private static final int DEFAULT_KEY_SIZE = 4096; + @Inject private NetconfServerDispatcher dispatcher; @Inject @@ -65,6 +70,10 @@ public final class NetconfSshServerProvider extends ProviderTrait<NetconfSshServ return null; } LOG.info("Starting NETCONF SSH"); + + // TODO(HONEYCOMB-414): the logic below is very similar to + // org.opendaylight.netconf.ssh.NetconfNorthboundSshServer (introduced in Carbon), so consider reusing it + // (requires fixing hardcoded private key path). InetAddress sshBindingAddress = null; try { sshBindingAddress = InetAddress.getByName(cfgAttributes.netconfSshBindingAddress.get()); @@ -86,7 +95,8 @@ public final class NetconfSshServerProvider extends ProviderTrait<NetconfSshServ // Only simple authProvider checking ConfigAttributes, checking the config file sshConfigBuilder.setAuthenticator(new SimplelAuthProvider(credentialsCfg)); sshConfigBuilder.setIdleTimeout(Integer.MAX_VALUE); - sshConfigBuilder.setKeyPairProvider(new PEMGeneratorHostKeyProvider()); + sshConfigBuilder.setKeyPairProvider(new PEMGeneratorHostKeyProvider(DEFAULT_PRIVATE_KEY_PATH, + DEFAULT_ALGORITHM, DEFAULT_KEY_SIZE)); localServer.addListener(new SshServerBinder(sshProxyServer, sshConfigBuilder, bindingAddress)); diff --git a/infra/northbound/netconf/src/main/resources/honeycomb-minimal-resources/config/netconf-whitelist.xml b/infra/northbound/netconf/src/main/resources/honeycomb-minimal-resources/config/netconf-whitelist.xml index 7b69a0253..371ee2b18 100644 --- a/infra/northbound/netconf/src/main/resources/honeycomb-minimal-resources/config/netconf-whitelist.xml +++ b/infra/northbound/netconf/src/main/resources/honeycomb-minimal-resources/config/netconf-whitelist.xml @@ -75,50 +75,6 @@ </module> <module> <package> - org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.netconf.northbound.notification.rev150806 - </package> - <description> - This module contains the base YANG definitions for - netconf northbound notifications API - - Directly used for netconf notification binding - </description> - </module> - <module> - <package> - org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.protocol.framework.rev140313 - </package> - <description> - This module contains the base YANG definitions for - protocol framework. - - Required for mounting of netconf devices(Operational read does not work without it) - </description> - </module> - <module> - <package> - org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.netconf.north.mapper.rev150114 - </package> - <description> - This module contains the base YANG definitions for - mapping services plugged into a netconf northbound server - - Required for mounting of netconf devices(Operational read does not work without it) - </description> - </module> - <module> - <package> - org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.controller.config.netconf.auth.rev150715 - </package> - <description> - This module contains the base YANG definitions for - netconf northbound server API - - Required for mounting of netconf devices(Operational read does not work without it) - </description> - </module> - <module> - <package> org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.monitoring.extension.rev131210 </package> <description> |