def main():
parser = Parser(__file__)
args = parser.parse_args()
session = NetconfSSHSession(args.host, args.port, args.user, args.password)
es_nsmap = {'yp': 'urn:ietf:params:xml:ns:yang:ietf-yang-push'}
root = lxml.etree.Element(
'establish-subscription',
nsmap=es_nsmap,
attrib={
'xmlns':
'urn:ietf:params:xml:ns:yang:ietf-subscribed-notifications'
})
datastore = util.leaf_elm('yp:datastore', 'ds:operational')
root.append(datastore)
datastore_xpath_filter = util.leaf_elm('yp:datastore-xpath-filter',
args.xpath)
root.append(datastore_xpath_filter)
periodic = util.subelm(root, 'yp:periodic')
period = util.leaf_elm("yp:period", args.period)
periodic.append(period)
res = session.send_rpc(root)
while True:
tree, notif, msg = session.get_notification()
print(etree.tounicode(notif, pretty_print=True), end="\n\n")
onboard.append(util.leaf_elm("configuration-handling", "append"))
onboard.append(util.leaf_elm("pre-configuration-script", "pre.py"))
onboard.append(util.leaf_elm("configuration", "tbd"))
onboard.append(util.leaf_elm("post-configuration-script", "post.py"))
#print (type(data))
print(etree.tounicode(data, pretty_print=True))
exit()
session = NetconfSSHSession("172.17.0.2", "8300", "admin", "admin", debug=True)
#reply = session.get_config()
#root, reply, replystring = session.send_rpc("<my-cool-rpc/>")
#root, reply, replystring = session.send_rpc("<bootstrap/>")
root, reply, replystring = session.send_rpc(data)
session.close()
reply_list = list(reply)
for e in reply_list:
print(e.tag, e.attrib, e.text)
print("\n")
dataElem = reply_list[0]
dataElem = reply.find("nc:data", namespaces=NSMAP)
x = dataElem.find("nc:result", namespaces=NSMAP)
if x is not None:
print(x.text)
else:
print("not found")
<srv6-explicit-path operation="create" xmlns="urn:ietf:params:xml:ns:yang:srv6-explicit-path">
<path>
<destination>1111:4::2/128</destination>
<sr-path>
<srv6-segment>1111:3::2</srv6-segment>
</sr-path>
<encapmode>inline</encapmode>
<device>eth0</device>
</path>
</srv6-explicit-path>
</config>
</edit-config>
"""
# Single add
result = session.send_rpc(config)
print format(etree.tostring(result[0], pretty_print=True))
config = """
<edit-config>
<target>
<running/>
</target>
<default-operation>none</default-operation>
<test-option>test-then-set</test-option>
<error-option>rollback-on-error</error-option>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<srv6-explicit-path operation="create" xmlns="urn:ietf:params:xml:ns:yang:srv6-explicit-path">
<path>
<destination>2222:4::2/128</destination>
<sr-path>
def main(args):
if not args:
return
#print(type(args))
#return
#TODO: check if args is a valid IP
nsmap_add("sys", "urn:ietf:params:xml:ns:yang:ietf-system")
MODEL_NS = "urn:my-urn:my-model"
nsmap_add('pfx', MODEL_NS)
keyFileToSend = "python/cwCA/intermediate/certs/www.ap.controlware.com.cert.pem"
privateKeyFile = "/usr/src/app/python/vendorCA/intermediate/private/www.ownership.vendor1.com.key.pem"
fileString = getCertStringfromFile(keyFileToSend)
sign = signString(privateKeyFile, b"password", fileString.encode('ascii'),
"sha256")
#Encode signature so it can be send as a string
sign_base64 = base64.b64encode(sign)
utf8Signature = sign_base64.decode('utf-8')
ownershipRPC = util.elm("ownership")
cert = OpenSSL.crypto.load_certificate(
OpenSSL.crypto.FILETYPE_PEM,
getCertStringfromFile(
'/usr/src/app/python/vendorCA/intermediate/certs/www.ownership.vendor1.com.cert.pem'
))
#if verifyString(cert, sign, fileString.encode('ascii'),"sha256"):
if verifyString(
'/usr/src/app/python/vendorCA/intermediate/certs/www.ownership.vendor1.com.cert.pem',
sign, fileString.encode('ascii'), "sha256"):
ownerCertificate = util.subelm(ownershipRPC, "ownerCertificate")
ownerCertificate.append(util.leaf_elm("certificate", fileString))
#ownerCertificate.append(util.leaf_elm("certificateSignature", sign_base64))
ownerCertificate.append(
util.leaf_elm("certificateSignature", utf8Signature))
bootstrapRPC = util.elm("bootstrap")
bootInfo = util.subelm(bootstrapRPC, "bootInfo")
#bootInfo_base64 = base64.b64encode(asnString)
bytebootstrapArtifact = buildbootstrapArtifact()
bootInfo_base64 = base64.b64encode(bytebootstrapArtifact)
utf8BootInfo = bootInfo_base64.decode('utf-8')
privateKeyFile = "/usr/src/app/python/cwCA/intermediate/private/www.ap.controlware.com.key.pem"
sign = signString(privateKeyFile, b"password",
utf8BootInfo.encode('ascii'), "sha256")
sign_base64 = base64.b64encode(sign)
utf8Signature = sign_base64.decode('utf-8')
bootInfo.append(util.leaf_elm("bootInfoASN", utf8BootInfo))
if verifyString(
'/usr/src/app/python/cwCA/intermediate/certs/www.ap.controlware.com.cert.pem',
sign, utf8BootInfo.encode('ascii'), "sha256"):
bootInfo.append(util.leaf_elm("bootInfoSignature", utf8Signature))
#TODO: not hardcode
session = NetconfSSHSession(args, "8300", "admin", "admin", debug=True)
root, reply, replystring = session.send_rpc(ownershipRPC)
root, reply, replystring = session.send_rpc(bootstrapRPC)
session.close()
dataElem = reply.find("nc:data", namespaces=NSMAP)
x = dataElem.find("nc:result", namespaces=NSMAP)
if x is not None:
print(x.text)
else:
print("not found")
def add(communicationType):
if communicationType == "non persistent sequential":
for i in range(1, _NumberOfRuleToBeEnforced + 1):
config = """
<edit-config>
<target>
<running/>
</target>
<default-operation>none</default-operation>
<test-option>test-then-set</test-option>
<error-option>rollback-on-error</error-option>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<srv6-explicit-path operation="create" xmlns="urn:ietf:params:xml:ns:yang:srv6-explicit-path">
<path>
<destination>%s</destination>
<sr-path>
<srv6-segment>%s</srv6-segment>
</sr-path>
<encapmode>inline</encapmode>
<device>%s</device>
</path>
</srv6-explicit-path>
</config>
</edit-config>
""" % (_Prefix + str(i) + '/128', _Segments, _Device)
session = NetconfSSHSession(_ServerIP, _Port, _Username, _Password)
session.send_rpc(config)
close_netconf_session(session)
elif communicationType == "non persistent bulk":
config = """
<edit-config>
<target>
<running/>
</target>
<default-operation>none</default-operation>
<test-option>test-then-set</test-option>
<error-option>rollback-on-error</error-option>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<srv6-explicit-path operation="create" xmlns="urn:ietf:params:xml:ns:yang:srv6-explicit-path">
<path>
<destination>%s</destination>
<sr-path>
<srv6-segment>%s</srv6-segment>
</sr-path>
<encapmode>inline</encapmode>
<device>%s</device>
</path>
""" % (_Prefix + str(1) + '/128', _Segments, _Device)
for i in range(2, _NumberOfRuleToBeEnforced + 1):
config += """
<path>
<destination>%s</destination>
<sr-path>
<srv6-segment>%s</srv6-segment>
</sr-path>
<encapmode>inline</encapmode>
<device>%s</device>
</path>
""" % (_Prefix + str(i) + '/128', _Segments, _Device)
config += """
</srv6-explicit-path>
</config>
</edit-config>
"""
session = NetconfSSHSession(_ServerIP, _Port, _Username, _Password)
session.send_rpc(config)
close_netconf_session(session)
elif communicationType == "persistent Conncection":
session = NetconfSSHSession(_ServerIP, _Port, _Username, _Password)
for i in range(1, _NumberOfRuleToBeEnforced + 1):
config = """
<edit-config>
<target>
<running/>
</target>
<default-operation>none</default-operation>
<test-option>test-then-set</test-option>
<error-option>rollback-on-error</error-option>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<srv6-explicit-path operation="create" xmlns="urn:ietf:params:xml:ns:yang:srv6-explicit-path">
<path>
<destination>%s</destination>
<sr-path>
<srv6-segment>%s</srv6-segment>
</sr-path>
<encapmode>inline</encapmode>
<device>%s</device>
</path>
</srv6-explicit-path>
</config>
</edit-config>
""" % (_Prefix + str(i) + '/128', _Segments, _Device)
session.send_rpc(config)
close_netconf_session(session)
