From e7f4e5e64679f1c4c028dcb5c150d3c2f30a4f7c Mon Sep 17 00:00:00 2001
From: Rahul Tyagi <rahul.tyagi@ericsson.com>
Date: Fri, 22 Feb 2019 19:59:54 +0000
Subject: [PATCH] INT-885:Enhancing the PNF-sim for netconf over TLS

This commit add a script and a known_hosts file so that
while starting the netopeer2 it readily start listening at
6513 port for tls.

This commit also adds a yang data model for testing of
usecases developed under Netconf over tls usecase.

Signed-off-by: Rahul Tyagi <rahul.tyagi@ericsson.com>
Issue-ID: INT-885
Change-Id: I26b059c293f0684f475f51618d905e10a9efe391
Signed-off-by: Rahul Tyagi <rahul.tyagi@ericsson.com>
---
 test/mocks/pnfsimulator/docker-compose.yml         |  3 +++
 .../pnfsimulator/netopeer_tls_cfg/building.data    | 10 ++++++++
 .../pnfsimulator/netopeer_tls_cfg/building.yang    | 26 ++++++++++++++++++++
 .../netopeer_tls_cfg/test_server_key.pem           | 27 +++++++++++++++++++++
 .../netopeer_tls_cfg/test_server_key.pem.pub       |  9 +++++++
 .../pnfsimulator/netopeer_tls_cfg/update_tls.sh    | 28 ++++++++++++++++++++++
 6 files changed, 103 insertions(+)
 create mode 100644 test/mocks/pnfsimulator/netopeer_tls_cfg/building.data
 create mode 100644 test/mocks/pnfsimulator/netopeer_tls_cfg/building.yang
 create mode 100644 test/mocks/pnfsimulator/netopeer_tls_cfg/test_server_key.pem
 create mode 100644 test/mocks/pnfsimulator/netopeer_tls_cfg/test_server_key.pem.pub
 create mode 100755 test/mocks/pnfsimulator/netopeer_tls_cfg/update_tls.sh

diff --git a/test/mocks/pnfsimulator/docker-compose.yml b/test/mocks/pnfsimulator/docker-compose.yml
index 52ded3574..0a0860d0f 100644
--- a/test/mocks/pnfsimulator/docker-compose.yml
+++ b/test/mocks/pnfsimulator/docker-compose.yml
@@ -20,8 +20,10 @@ services:
     image: sysrepo/sysrepo-netopeer2:latest
     ports:
       - "830:830"
+      - "6513:6513"
     volumes:
       - ./netconf:/netconf
+      - ./netopeer_tls_cfg:/netopeer_tls_cfg
     env_file:
       - ./config/netconf.env
     restart: on-failure
@@ -29,6 +31,7 @@ services:
       - sftp-server
       - ftpes-server-pure-ftpd
       - ftpes-server-vsftpd
+    command: bash -c "/netopeer_tls_cfg/update_tls.sh"
 
   sftp-server:
     container_name: sftp-server
diff --git a/test/mocks/pnfsimulator/netopeer_tls_cfg/building.data b/test/mocks/pnfsimulator/netopeer_tls_cfg/building.data
new file mode 100644
index 000000000..42e811b2c
--- /dev/null
+++ b/test/mocks/pnfsimulator/netopeer_tls_cfg/building.data
@@ -0,0 +1,10 @@
+{
+  "building:rooms": {
+    "room": [
+      {
+        "room-number": 3,
+        "size": 3
+      }
+    ]
+  }
+}
diff --git a/test/mocks/pnfsimulator/netopeer_tls_cfg/building.yang b/test/mocks/pnfsimulator/netopeer_tls_cfg/building.yang
new file mode 100644
index 000000000..9afe9721e
--- /dev/null
+++ b/test/mocks/pnfsimulator/netopeer_tls_cfg/building.yang
@@ -0,0 +1,26 @@
+module building {
+  yang-version 1.1;
+  namespace "urn:building:test";
+
+  prefix bld;
+
+  organization "building";
+  contact "my buildig address";
+  description "yang model for building";
+  revision "2018-02-13"{
+    description "initial version";
+  }
+
+  container rooms{
+    list room{
+      key room-number;
+      leaf room-number{
+        type uint16;
+      }
+      leaf size {
+        type uint32;
+      }
+    }
+
+  }
+}
diff --git a/test/mocks/pnfsimulator/netopeer_tls_cfg/test_server_key.pem b/test/mocks/pnfsimulator/netopeer_tls_cfg/test_server_key.pem
new file mode 100644
index 000000000..d61c77bdf
--- /dev/null
+++ b/test/mocks/pnfsimulator/netopeer_tls_cfg/test_server_key.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAsdI1TBjzX1PgQXFuPCw5/kQwU7qkrhirMcFAXhI8EoXepPa9
+fKAVuMjHW32P6nNzDpnhFe0YGdNloIEN3hJJ87cVOqj4o7zZMbq3zVG2L8As7MTA
+8tYXm2fSC/0rIxxRRemcGUXM0q+4LEACjZj2pOKonaivF5VbhgNjPCO1Jj/TamUc
+0aViE577C9L9EiObGM+bGbabWk/KWKLsvxUc+sKZXaJ7psTVgpggJAkUszlmwOQg
+FiMSR53E9/CAkQYhzGVCmH44Vs6Hzs3RZjOTbce4wr4ongiA5LbPeSNSCFjy9loK
+paE1rtOjkNBVdiNPCQTmLuODXUTKgkeL+9v/OwIDAQABAoIBAG/4MG1JbL4C/7vV
+pBcpth7Aaznd1eJ2UB4VVOWnT8JOH2L6p1h5KRRhAP9AMkXsCnAQPyZiVAG3FlAZ
+01SZaY2YJDr6uQ3JVW4155TWtgSdWux//Ass+lJ17lJ0SRxjsV13ez6CsDWeRjc+
+2xy0S+KJgqk71XzhJG9fZLYyuddp3U/i3xFPUAcQM9xXKxcaD7g6LJf+a9pt6rim
+Eqq/pjJxDgTsRLARsazYuxrlOB445mvnLiYhOf2/MvI80jIUKaj8BeAhg49UIg/k
+mIh0xdevkcxBFer/BjBjscWaFjx14D6nkFMw7vtCum5KfalLN2edZKAzByOudGD4
+5KnRp3ECgYEA6vnSoNGg9Do80JOpXRGYWhcR1lIDO5yRW5rVagncCcW5Pn/GMtNd
+x2q6k1ks8mXKR9CxZrxZGqeYObZ9a/5SLih7ZkpiVWXG8ZiBIPhP6lnwm5OeIqLa
+hr0BYWcRfrGg1phj5uySZgsVBE+D8jH42O9ccdvrWv1OiryAHfKIcwMCgYEAwbs+
+HfQtvHOQXSYNhtOeA7IetkGy3cKVg2oILNcROvI96hS0MZKt1Rko0UAapx96eCIr
+el7vfdT0eUzNqt2wTKp1zmiG+SnX3fMDJNzMwu/jb/b4wQ20IHWNDnqcqTUVRUnL
+iksLFoHbTxsN5NpEQExcSt/zzP4qi1W2Bmo18WkCgYEAnhrk16LVux9ohiulHONW
+8N9u+BeM51JtGAcxrDzgGo85Gs2czdwc0K6GxdiN/rfxCKtqgqcfCWlVaxfYgo7I
+OxiwF17blXx7BVrJICcUlqpX1Ebac5HCmkCYqjJQuj/I6jv1lI7/3rt8M79RF+j5
++PXt7Qq97SZd78nwJrZni4MCgYAiPjZ8lOyAouyhilhZvI3xmUpUbMhw6jQDRnqr
+clhZUvgeqAoxuPuA7zGHywzq/WVoVqHYv28Vjs6noiu4R/chlf+8vD0fTYYadRnZ
+Ki4HRt+sqrrNZN6x3hVQudt3DSr1VFXl293Z3JonIWETUoE93EFz+qHdWg+rETtb
+ZuqiAQKBgD+HI/syLECyO8UynuEaDD7qPl87PJ/CmZLMxa2/ZZUjhaXAW7CJMaS6
+9PIzsLk33y3O4Qer0wx/tEdfnxMTBJrgGt/lFFdAKhSJroZ45l5apiavg1oZYp89
+jSd0lVxWSmrBjBZLnqOl336gzaBVkBD5ND+XUPdR1UuVQExJlem4
+-----END RSA PRIVATE KEY-----
diff --git a/test/mocks/pnfsimulator/netopeer_tls_cfg/test_server_key.pem.pub b/test/mocks/pnfsimulator/netopeer_tls_cfg/test_server_key.pem.pub
new file mode 100644
index 000000000..9ccec4a0c
--- /dev/null
+++ b/test/mocks/pnfsimulator/netopeer_tls_cfg/test_server_key.pem.pub
@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdI1TBjzX1PgQXFuPCw5
+/kQwU7qkrhirMcFAXhI8EoXepPa9fKAVuMjHW32P6nNzDpnhFe0YGdNloIEN3hJJ
+87cVOqj4o7zZMbq3zVG2L8As7MTA8tYXm2fSC/0rIxxRRemcGUXM0q+4LEACjZj2
+pOKonaivF5VbhgNjPCO1Jj/TamUc0aViE577C9L9EiObGM+bGbabWk/KWKLsvxUc
++sKZXaJ7psTVgpggJAkUszlmwOQgFiMSR53E9/CAkQYhzGVCmH44Vs6Hzs3RZjOT
+bce4wr4ongiA5LbPeSNSCFjy9loKpaE1rtOjkNBVdiNPCQTmLuODXUTKgkeL+9v/
+OwIDAQAB
+-----END PUBLIC KEY-----
diff --git a/test/mocks/pnfsimulator/netopeer_tls_cfg/update_tls.sh b/test/mocks/pnfsimulator/netopeer_tls_cfg/update_tls.sh
new file mode 100755
index 000000000..30be458c6
--- /dev/null
+++ b/test/mocks/pnfsimulator/netopeer_tls_cfg/update_tls.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+NETOPEER_CONFIG_PATH='/opt/dev/Netopeer2/server/configuration'
+MOUNT_PATH='/netopeer_tls_cfg'
+KEY_PATH='/usr/local/etc/keystored/keys'
+SUBSCRIBE_APP_PATH='/opt/dev/sysrepo/build/examples/application_changes_example'
+
+# This function uploads test_data and model into netopeer2 server
+upload_yang_data_model()
+{
+  sysrepoctl -i -g $MOUNT_PATH/building.yang
+  $SUBSCRIBE_APP_PATH building > /dev/null &
+  sysrepocfg --datastore=running --format=json building --import=$MOUNT_PATH/building.data
+}
+
+# This function configures server/trusted certificates into Netopeer
+configure_tls()
+{
+  sed -i "s/>test</>netconf</g" $NETOPEER_CONFIG_PATH/tls_listen.xml
+  sysrepocfg --datastore=running --format=xml ietf-keystore --merge=$NETOPEER_CONFIG_PATH/load_server_certs.xml
+  sysrepocfg --datastore=running --format=xml ietf-netconf-server --merge=$NETOPEER_CONFIG_PATH/tls_listen.xml
+}
+
+cp $MOUNT_PATH/test_server_key.pem $KEY_PATH
+cp $MOUNT_PATH/test_server_key.pem.pub $KEY_PATH
+configure_tls
+upload_yang_data_model
+
-- 
2.16.6