Kent Watsen <[email protected]> wrote:
>
> I'm getting mixed results from pyang and yanglint. Can the XPath used
> in a 'must' statement point to a 'choice' node?
No, since the choice node is not present in the data tree. And note
that pyang doesn't validate XPath expressions (except for syntax).
> In the below YANG snippet from the zerotouch draft, the idea is that, if
> at least one URI is specified, then a hash needs to be present as well,
> but any hash is okay, including hash-types that are augmented into the
> choice node in the future.
This can't be expressed, unless you also add a container 'hash', or
make the hash a single leaf of type identityref.
/martin
>
> K. // contributor
>
>
> container boot-image {
>
> leaf-list uri {
> type inet:uri;
> must '../hash-algorithm' { <------- THIS ONE HERE
> description
> "A hash is needed in order to validate the downloaded
> image.";
> }
> ordered-by user;
> description
> "An ordered list of URIs to where the boot-image file
> MAY be obtained. Deployments MUST know in which URI
> schemes (http, ftp, etc.) a device supports. If a
> secure scheme (e.g., https) is provided, a device MAY
> establish a provisional connection to the server, by
> blindly accepting the server's credentials (e.g., its
> TLS certificate)";
> }
>
> choice hash-algorithm {
> must '../uri' { <----- DOES THIS GENERATE A CIRCULAR EVAL?
> description
> "A uri is needed in order to downloaded an image to
> validate.";
> }
> description
> "Identifies the hash algorithm used.";
> leaf sha256 {
> type yang:hex-string;
> description
> "The hex-encoded SHA-256 hash over the boot image
> file. This is used by the device to verify a
> downloaded boot image file.";
> reference "RFC 6234: US Secure Hash Algorithms.";
> }
> }
> }
>
>
> _______________________________________________
> netmod mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/netmod
>
_______________________________________________
netmod mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/netmod
