Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RPC edit-config payloads are not fully validated #337

Closed
olofhagsand opened this issue Jun 20, 2022 · 3 comments
Closed

RPC edit-config payloads are not fully validated #337

olofhagsand opened this issue Jun 20, 2022 · 3 comments
Labels
bug fixed please verify

Comments

@olofhagsand
Copy link
Member

It has been observed that if a load file operation (eg cli_load_syntax_file()) loads an invalid XML file (invalid from a YANG perspective), the RPC edit-config operation forwards the invalid XML to the backend, the backend does not check the sanity of the invalid XML, resulting in errors in the datastore.
Example: openconfig-network-instance. If a file contains:

<config>
   <network-instances xmlns="http://openconfig.net/yang/network-instance">
      <network-instance>
         <name>A</name>
         ...
      </network-instance>
   </network-instances>
   <network-instances xmlns="http://openconfig.net/yang/network-instance">
      <network-instance>
         <name>B</name>
         ...
      </network-instance>
   </network-instances>
</config>

where the top-level container "network-instances" are invalid. Only a single container is allowed.
This results in an edit-config with two containers which are not discarded by the backend.
The backend needs to validate the incoming payload
For RFC reference, see RFC 7950 Section 8.3:

8.3.  NETCONF Constraint Enforcement Model
   For configuration data, there are three windows when constraints MUST
   be enforced:
   o  during parsing of RPC payloads
   o  during processing of the <edit-config> operation
olofhagsand added a commit that referenced this issue Jun 20, 2022
@olofhagsand
Fixed: [RPC edit-config payloads are not fully validated](#337)
87c65c3
@olofhagsand
Copy link
Member Author

Added checks of top-level objects at edit-config time.
Note that this is not a full validation, but only a check that the top-level config objects obey basic enumeration rules.
If they are not checked, operations on the datastore may result in invalid XML in the datastore.
Full validation is made at regular validation time, ie "load; validate"
@pheller please verify patch?

@pheller pheller mentioned this issue Jun 21, 2022
Closed
@pheller
Copy link
Contributor

pheller commented Jun 24, 2022 

vagrant@ubuntu2004:~$ cat two-netinst-containers.xml | clixon_netconf -f /usr/local/etc/example.xml -q0
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id=""><rpc-error><error-type>protocol</error-type><error-tag>operation-failed</error-tag><error-app-tag>too-many-elements</error-app-tag><error-severity>error</error-severity><error-path>/rpc/edit-config/config/network-instances</error-path></rpc-error></rpc-reply>]]>]]>

vagrant@ubuntu2004:~$ cat one-netinst-container.xml | clixon_netconf -f /usr/local/etc/example.xml -q0
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id=""><ok/></rpc-reply>]]>]]>

Looks right to me.

@olofhagsand
Copy link
Member Author

Verified, thanks ^

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug fixed please verify
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pheller @olofhagsand