Kent Watsen <[email protected]> wrote:
> 
> I'm getting mixed results from pyang and yanglint.  Can the XPath used
> in a 'must' statement point to a 'choice' node?  

No, since the choice node is not present in the data tree.  And note
that pyang doesn't validate XPath expressions (except for syntax).

> In the below YANG snippet from the zerotouch draft, the idea is that, if
> at least one URI is specified, then a hash needs to be present as well, 
> but any hash is okay, including hash-types that are augmented into the
> choice node in the future.

This can't be expressed, unless you also add a container 'hash', or
make the hash a single leaf of type identityref.


/martin


> 
> K.  // contributor
> 
> 
>         container boot-image {
> 
>           leaf-list uri {
>             type inet:uri;
>             must '../hash-algorithm' {     <------- THIS ONE HERE
>               description
>                 "A hash is needed in order to validate the downloaded
>                  image.";
>             }
>             ordered-by user;
>             description
>               "An ordered list of URIs to where the boot-image file
>                MAY be obtained.  Deployments MUST know in which URI
>                schemes (http, ftp, etc.) a device supports.  If a
>                secure scheme (e.g., https) is provided, a device MAY
>                establish a provisional connection to the server, by
>                blindly accepting the server's credentials (e.g., its
>                TLS certificate)";
>           }
> 
>           choice hash-algorithm {
>             must '../uri' {  <----- DOES THIS GENERATE A CIRCULAR EVAL?
>               description
>                 "A uri is needed in order to downloaded an image to
>                  validate.";
>             }
>             description
>               "Identifies the hash algorithm used.";
>             leaf sha256 {
>               type yang:hex-string;
>               description
>                 "The hex-encoded SHA-256 hash over the boot image
>                  file.  This is used by the device to verify a 
>                  downloaded boot image file.";
>               reference "RFC 6234: US Secure Hash Algorithms.";
>             }
>           }
>         }
> 
> 
> _______________________________________________
> netmod mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/netmod
> 

_______________________________________________
netmod mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/netmod

Reply via email to