def main(): parser = Parser(__file__) args = parser.parse_args() session = NetconfSSHSession(args.host, args.port, args.user, args.password) es_nsmap = {'yp': 'urn:ietf:params:xml:ns:yang:ietf-yang-push'} root = lxml.etree.Element( 'establish-subscription', nsmap=es_nsmap, attrib={ 'xmlns': 'urn:ietf:params:xml:ns:yang:ietf-subscribed-notifications' }) datastore = util.leaf_elm('yp:datastore', 'ds:operational') root.append(datastore) datastore_xpath_filter = util.leaf_elm('yp:datastore-xpath-filter', args.xpath) root.append(datastore_xpath_filter) periodic = util.subelm(root, 'yp:periodic') period = util.leaf_elm("yp:period", args.period) periodic.append(period) res = session.send_rpc(root) while True: tree, notif, msg = session.get_notification() print(etree.tounicode(notif, pretty_print=True), end="\n\n")
onboard.append(util.leaf_elm("configuration-handling", "append")) onboard.append(util.leaf_elm("pre-configuration-script", "pre.py")) onboard.append(util.leaf_elm("configuration", "tbd")) onboard.append(util.leaf_elm("post-configuration-script", "post.py")) #print (type(data)) print(etree.tounicode(data, pretty_print=True)) exit() session = NetconfSSHSession("172.17.0.2", "8300", "admin", "admin", debug=True) #reply = session.get_config() #root, reply, replystring = session.send_rpc("<my-cool-rpc/>") #root, reply, replystring = session.send_rpc("<bootstrap/>") root, reply, replystring = session.send_rpc(data) session.close() reply_list = list(reply) for e in reply_list: print(e.tag, e.attrib, e.text) print("\n") dataElem = reply_list[0] dataElem = reply.find("nc:data", namespaces=NSMAP) x = dataElem.find("nc:result", namespaces=NSMAP) if x is not None: print(x.text) else: print("not found")
<srv6-explicit-path operation="create" xmlns="urn:ietf:params:xml:ns:yang:srv6-explicit-path"> <path> <destination>1111:4::2/128</destination> <sr-path> <srv6-segment>1111:3::2</srv6-segment> </sr-path> <encapmode>inline</encapmode> <device>eth0</device> </path> </srv6-explicit-path> </config> </edit-config> """ # Single add result = session.send_rpc(config) print format(etree.tostring(result[0], pretty_print=True)) config = """ <edit-config> <target> <running/> </target> <default-operation>none</default-operation> <test-option>test-then-set</test-option> <error-option>rollback-on-error</error-option> <config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <srv6-explicit-path operation="create" xmlns="urn:ietf:params:xml:ns:yang:srv6-explicit-path"> <path> <destination>2222:4::2/128</destination> <sr-path>
def main(args): if not args: return #print(type(args)) #return #TODO: check if args is a valid IP nsmap_add("sys", "urn:ietf:params:xml:ns:yang:ietf-system") MODEL_NS = "urn:my-urn:my-model" nsmap_add('pfx', MODEL_NS) keyFileToSend = "python/cwCA/intermediate/certs/www.ap.controlware.com.cert.pem" privateKeyFile = "/usr/src/app/python/vendorCA/intermediate/private/www.ownership.vendor1.com.key.pem" fileString = getCertStringfromFile(keyFileToSend) sign = signString(privateKeyFile, b"password", fileString.encode('ascii'), "sha256") #Encode signature so it can be send as a string sign_base64 = base64.b64encode(sign) utf8Signature = sign_base64.decode('utf-8') ownershipRPC = util.elm("ownership") cert = OpenSSL.crypto.load_certificate( OpenSSL.crypto.FILETYPE_PEM, getCertStringfromFile( '/usr/src/app/python/vendorCA/intermediate/certs/www.ownership.vendor1.com.cert.pem' )) #if verifyString(cert, sign, fileString.encode('ascii'),"sha256"): if verifyString( '/usr/src/app/python/vendorCA/intermediate/certs/www.ownership.vendor1.com.cert.pem', sign, fileString.encode('ascii'), "sha256"): ownerCertificate = util.subelm(ownershipRPC, "ownerCertificate") ownerCertificate.append(util.leaf_elm("certificate", fileString)) #ownerCertificate.append(util.leaf_elm("certificateSignature", sign_base64)) ownerCertificate.append( util.leaf_elm("certificateSignature", utf8Signature)) bootstrapRPC = util.elm("bootstrap") bootInfo = util.subelm(bootstrapRPC, "bootInfo") #bootInfo_base64 = base64.b64encode(asnString) bytebootstrapArtifact = buildbootstrapArtifact() bootInfo_base64 = base64.b64encode(bytebootstrapArtifact) utf8BootInfo = bootInfo_base64.decode('utf-8') privateKeyFile = "/usr/src/app/python/cwCA/intermediate/private/www.ap.controlware.com.key.pem" sign = signString(privateKeyFile, b"password", utf8BootInfo.encode('ascii'), "sha256") sign_base64 = base64.b64encode(sign) utf8Signature = sign_base64.decode('utf-8') bootInfo.append(util.leaf_elm("bootInfoASN", utf8BootInfo)) if verifyString( '/usr/src/app/python/cwCA/intermediate/certs/www.ap.controlware.com.cert.pem', sign, utf8BootInfo.encode('ascii'), "sha256"): bootInfo.append(util.leaf_elm("bootInfoSignature", utf8Signature)) #TODO: not hardcode session = NetconfSSHSession(args, "8300", "admin", "admin", debug=True) root, reply, replystring = session.send_rpc(ownershipRPC) root, reply, replystring = session.send_rpc(bootstrapRPC) session.close() dataElem = reply.find("nc:data", namespaces=NSMAP) x = dataElem.find("nc:result", namespaces=NSMAP) if x is not None: print(x.text) else: print("not found")
def add(communicationType): if communicationType == "non persistent sequential": for i in range(1, _NumberOfRuleToBeEnforced + 1): config = """ <edit-config> <target> <running/> </target> <default-operation>none</default-operation> <test-option>test-then-set</test-option> <error-option>rollback-on-error</error-option> <config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <srv6-explicit-path operation="create" xmlns="urn:ietf:params:xml:ns:yang:srv6-explicit-path"> <path> <destination>%s</destination> <sr-path> <srv6-segment>%s</srv6-segment> </sr-path> <encapmode>inline</encapmode> <device>%s</device> </path> </srv6-explicit-path> </config> </edit-config> """ % (_Prefix + str(i) + '/128', _Segments, _Device) session = NetconfSSHSession(_ServerIP, _Port, _Username, _Password) session.send_rpc(config) close_netconf_session(session) elif communicationType == "non persistent bulk": config = """ <edit-config> <target> <running/> </target> <default-operation>none</default-operation> <test-option>test-then-set</test-option> <error-option>rollback-on-error</error-option> <config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <srv6-explicit-path operation="create" xmlns="urn:ietf:params:xml:ns:yang:srv6-explicit-path"> <path> <destination>%s</destination> <sr-path> <srv6-segment>%s</srv6-segment> </sr-path> <encapmode>inline</encapmode> <device>%s</device> </path> """ % (_Prefix + str(1) + '/128', _Segments, _Device) for i in range(2, _NumberOfRuleToBeEnforced + 1): config += """ <path> <destination>%s</destination> <sr-path> <srv6-segment>%s</srv6-segment> </sr-path> <encapmode>inline</encapmode> <device>%s</device> </path> """ % (_Prefix + str(i) + '/128', _Segments, _Device) config += """ </srv6-explicit-path> </config> </edit-config> """ session = NetconfSSHSession(_ServerIP, _Port, _Username, _Password) session.send_rpc(config) close_netconf_session(session) elif communicationType == "persistent Conncection": session = NetconfSSHSession(_ServerIP, _Port, _Username, _Password) for i in range(1, _NumberOfRuleToBeEnforced + 1): config = """ <edit-config> <target> <running/> </target> <default-operation>none</default-operation> <test-option>test-then-set</test-option> <error-option>rollback-on-error</error-option> <config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <srv6-explicit-path operation="create" xmlns="urn:ietf:params:xml:ns:yang:srv6-explicit-path"> <path> <destination>%s</destination> <sr-path> <srv6-segment>%s</srv6-segment> </sr-path> <encapmode>inline</encapmode> <device>%s</device> </path> </srv6-explicit-path> </config> </edit-config> """ % (_Prefix + str(i) + '/128', _Segments, _Device) session.send_rpc(config) close_netconf_session(session)