netopeer2 icon indicating copy to clipboard operation
netopeer2 copied to clipboard
verified publisher icon CESNET

Query: Revision compatibility for ietf-crypto-types

Open ankit7gup opened this issue 2 years ago • 7 comments

Hi @michalvasko,

We are using O-RAN yang data models for our application. While upgrading to its latest version, we are facing one issue, The ietf-crypto-types used in one of the yang models has revision specified which is not same as already installed in netopeer2. Can you suggest how we can fix this situation.

Seems like ietf-keystore model has dependency on ietf-crypto-types installed with netopeer2.

Thanks!

Regards, Ankit

ankit7gup avatar Aug 16 '23 05:08 ankit7gup

ietf-crypto-types is not being installed (at least in the current devel of netopeer2) so you are free to have several revisions imported of this module.

michalvasko avatar Aug 16 '23 06:08 michalvasko

hi @michalvasko , we are using netopeer2 version 2.1.59, libyang version v2.1.55, libnetconf2 version v2.1.31, sysrepo version v2.2.60.

we imported 2 revision of ietf-crypto-types and try to login to netopeer2 server . Facing below error:

connect The authenticity of the host 'localhost' cannot be established. ssh-rsa key fingerprint is b0:d9:4b:68:b0:d0:fb:41:a1:a3:36:36:88:83:f2:4d:d1:f3:39:c0. Are you sure you want to continue connecting (yes/no)? yes root@localhost password: ly ERROR: Augment target node "private-key-type" in grouping "asymmetric-key-pair-with-certs-grouping" was not found. (Path "/ietf-keystore:keystore/{uses='keystore-grouping'}/asymmetric-keys/asymmetric-key/{uses='ks:asymmetric-key-pair-with-certs-grouping'}/{uses='ct:asymmetric-key-pair-with-certs-grouping'}".) cmd_connect: Connecting to the localhost:830 as user "root" failed.

sysrepoctl -l out put : root@amit-VirtualBox:/home/amit/Documents/3004/cmmgmt/scripts# sysrepoctl -l Sysrepo repository: /etc/sysrepo

Module Name | Revision | Flags | Owner | Startup Perms | Submodules | Features

iana-crypt-hash | 2014-08-06 | i | | | |
iana-hardware | 2018-03-13 | I | root:root | 600 | |
iana-if-type | 2017-01-19 | I | root:root | 600 | |
ietf-crypto-types | 2019-07-02 | i | | | |
ietf-crypto-types | 2019-04-29 | i | | | |
ietf-datastores | 2018-02-14 | I | root:root | 444 | |
ietf-dhcpv6-types | 2018-09-04 | I | root:root | 600 | |
ietf-factory-default | 2020-08-31 | I | root:root | 600 | | factory-default-datastore
ietf-hardware | 2018-03-13 | I | root:root | 600 | |
ietf-inet-types | 2013-07-15 | I | root:root | 444 | |
ietf-interfaces | 2018-02-20 | I | root:root | 600 | |
ietf-ip | 2018-02-22 | I | root:root | 600 | |
ietf-keystore | 2019-07-02 | I | root:root | 600 | | keystore-supported
ietf-netconf | 2013-09-29 | I | root:root | 600 | | writable-running candidate confirmed-commit rollback-on-error validate startup url xpath ietf-netconf-acm | 2018-02-14 | I | root:root | 600 | |
ietf-netconf-monitoring | 2010-10-04 | I | root:root | 600 | |
ietf-netconf-nmda | 2019-01-07 | I | root:root | 600 | | origin with-defaults
ietf-netconf-notifications | 2012-02-06 | I | root:root | 644 | |
ietf-netconf-server | 2019-07-02 | I | root:root | 600 | | ssh-listen tls-listen ssh-call-home tls-call-home
ietf-netconf-with-defaults | 2011-06-01 | I | root:root | 444 | |
ietf-network-instance | 2019-01-21 | I | root:root | 600 | |
ietf-origin | 2018-02-14 | I | root:root | 444 | |
ietf-restconf | 2017-01-26 | I | root:root | 600 | |
ietf-ssh-common | 2019-07-02 | i | | | |
ietf-ssh-server | 2019-07-02 | I | root:root | 600 | | local-client-auth-supported
ietf-subscribed-notifications | 2019-09-09 | I | root:root | 600 | | encode-xml replay subtree xpath
ietf-tcp-client | 2019-07-02 | i | | | |
ietf-tcp-common | 2019-07-02 | I | root:root | 600 | | keepalives-supported
ietf-tcp-server | 2019-07-02 | i | | | |
ietf-tls-common | 2019-07-02 | i | | | |
ietf-tls-server | 2019-07-02 | I | root:root | 600 | | local-client-auth-supported
ietf-truststore | 2019-07-02 | I | root:root | 600 | | truststore-supported x509-certificates
ietf-x509-cert-to-name | 2014-12-10 | I | root:root | 600 | |
ietf-yang-library | 2019-01-04 | I | root:root | 644 | |
ietf-yang-metadata | 2016-08-05 | i | | | |
ietf-yang-patch | 2017-02-22 | i | | | |
ietf-yang-push | 2019-09-09 | I | root:root | 600 | | on-change
ietf-yang-schema-mount | 2019-01-14 | I | root:root | 644 | |
ietf-yang-structure-ext | 2020-06-17 | i | | | |
ietf-yang-types | 2013-07-15 | I | root:root | 444 | |
nc-notifications | 2008-07-14 | I | root:root | 600 | |
notifications | 2008-07-14 | I | root:root | 600 | |
o-ran-ald | 2019-07-03 | I | root:root | 600 | |
o-ran-ald-port | 2021-03-22 | I | root:root | 600 | |
o-ran-antenna-calibration | 2021-07-26 | I | root:root | 660 | |
o-ran-beamforming | 2021-07-26 | I | root:root | 660 | |
o-ran-compression-factors | 2021-03-22 | I | root:root | 600 | |
o-ran-delay-management | 2020-08-10 | I | root:root | 660 | |
o-ran-dhcp | 2021-03-22 | I | root:root | 660 | |
o-ran-ecpri-delay | 2021-07-26 | I | root:root | 660 | |
o-ran-ethernet-forwarding | 2020-04-17 | I | root:root | 600 | |
o-ran-externalio | 2019-07-03 | I | root:root | 660 | |
o-ran-fan | 2019-07-03 | I | root:root | 660 | |
o-ran-file-management | 2021-07-26 | I | root:root | 660 | |
o-ran-fm | 2021-03-22 | I | root:root | 600 | |
o-ran-hardware | 2021-03-22 | I | root:root | 600 | |
o-ran-interfaces | 2021-03-22 | I | root:root | 600 | |
o-ran-lbm | 2021-03-22 | I | root:root | 660 | |
o-ran-module-cap | 2021-07-26 | I | root:root | 600 | |
o-ran-mplane-int | 2021-07-26 | I | root:root | 660 | |
o-ran-operations | 2021-07-26 | I | root:root | 660 | |
o-ran-performance-management | 2021-12-01 | I | root:root | 660 | |
o-ran-processing-element | 2020-04-17 | I | root:root | 600 | |
o-ran-shared-cell | 2020-12-10 | I | root:root | 600 | |
o-ran-software-management | 2021-07-26 | I | root:root | 660 | |
o-ran-supervision | 2021-03-22 | I | root:root | 660 | |
o-ran-sync | 2021-03-22 | I | root:root | 660 | |
o-ran-trace | 2019-07-03 | I | root:root | 660 | |
o-ran-transceiver | 2019-07-03 | I | root:root | 660 | |
o-ran-troubleshooting | 2019-02-04 | I | root:root | 660 | |
o-ran-udp-echo | 2019-02-04 | I | root:root | 660 | |
o-ran-uplane-conf | 2021-07-26 | I | root:root | 600 | |
o-ran-usermgmt | 2020-12-10 | I | root:root | 600 | |
o-ran-ves-subscribed-notifications | 2020-12-10 | I | root:root | 600 | |
o-ran-wg4-features | 2021-07-26 | I | root:root | 600 | |
sysrepo-factory-default | 2023-02-23 | I | root:root | 600 | |
sysrepo-monitoring | 2022-08-19 | I | root:root | 600 | |
sysrepo-plugind | 2022-08-26 | I | root:root | 644 | |
vendor-specific-thresholds | 2023-06-20 | I | root:root | 660 | |
yang | 2022-06-16 | I | root:root | 444 | |

Flags meaning: I - Installed/i - Imported; R - Replay support

amitdalodiya avatar Aug 16 '23 10:08 amitdalodiya

So it seems you may have to import by revision (change some YANG modules) for it to work correctly.

michalvasko avatar Aug 17 '23 05:08 michalvasko

We are using O-RAN yang data models, which we are not supposed to change. Should ietf-keystore model be imported by revision?

ankit7gup avatar Aug 17 '23 06:08 ankit7gup

One solution would be to modify ietf-keystore to import ietf-crypto-types by revision.

michalvasko avatar Aug 17 '23 06:08 michalvasko

ok, thanks! We will try this.

ankit7gup avatar Aug 17 '23 06:08 ankit7gup

@ankit7gup Is this same issue I saw in https://github.com/CESNET/netopeer2/issues/1411? My workaround was to modify the O-RAN data model (which worked). I only had this problem with o-ran-filemanagement.yang, but I did notice that there is a CR to remove the old revision dependency, so maybe this will be fixed in latest / next version (I didn't check).

sjd-xlnx avatar Aug 18 '23 12:08 sjd-xlnx