Re: [netmod] can a 'must' statement point to a 'choice' node?

Martin Bjorklund <mbj@tail-f.com> Wed, 18 October 2017 06:35 UTC

Return-Path: <mbj@tail-f.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4326B1321F5 for <netmod@ietfa.amsl.com>; Tue, 17 Oct 2017 23:35:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dl82p2dMX5Un for <netmod@ietfa.amsl.com>; Tue, 17 Oct 2017 23:35:29 -0700 (PDT)
Received: from mail.tail-f.com (mail.tail-f.com [46.21.102.45]) by ietfa.amsl.com (Postfix) with ESMTP id A074D1241F3 for <netmod@ietf.org>; Tue, 17 Oct 2017 23:35:29 -0700 (PDT)
Received: from localhost (unknown [173.38.220.41]) by mail.tail-f.com (Postfix) with ESMTPSA id AFAE41AE030A; Wed, 18 Oct 2017 08:35:25 +0200 (CEST)
Date: Wed, 18 Oct 2017 08:33:58 +0200 (CEST)
Message-Id: <20171018.083358.809136696875122578.mbj@tail-f.com>
To: kwatsen@juniper.net
Cc: netmod@ietf.org
From: Martin Bjorklund <mbj@tail-f.com>
In-Reply-To: <5A9EB15B-469A-4A63-8884-C97F935F31FB@juniper.net>
References: <5A9EB15B-469A-4A63-8884-C97F935F31FB@juniper.net>
X-Mailer: Mew version 6.7 on Emacs 24.5 / Mule 6.0 (HANACHIRUSATO)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/20QCdDpPMmMcDL-AF0Bjy1Pgfa0>
Subject: Re: [netmod] can a 'must' statement point to a 'choice' node?
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Oct 2017 06:35:31 -0000

Kent Watsen <kwatsen@juniper.net> wrote:
> 
> I'm getting mixed results from pyang and yanglint.  Can the XPath used
> in a 'must' statement point to a 'choice' node?  

No, since the choice node is not present in the data tree.  And note
that pyang doesn't validate XPath expressions (except for syntax).

> In the below YANG snippet from the zerotouch draft, the idea is that, if
> at least one URI is specified, then a hash needs to be present as well, 
> but any hash is okay, including hash-types that are augmented into the
> choice node in the future.

This can't be expressed, unless you also add a container 'hash', or
make the hash a single leaf of type identityref.


/martin


> 
> K.  // contributor
> 
> 
>         container boot-image {
> 
>           leaf-list uri {
>             type inet:uri;
>             must '../hash-algorithm' {     <------- THIS ONE HERE
>               description
>                 "A hash is needed in order to validate the downloaded
>                  image.";
>             }
>             ordered-by user;
>             description
>               "An ordered list of URIs to where the boot-image file
>                MAY be obtained.  Deployments MUST know in which URI
>                schemes (http, ftp, etc.) a device supports.  If a
>                secure scheme (e.g., https) is provided, a device MAY
>                establish a provisional connection to the server, by
>                blindly accepting the server's credentials (e.g., its
>                TLS certificate)";
>           }
> 
>           choice hash-algorithm {
>             must '../uri' {  <----- DOES THIS GENERATE A CIRCULAR EVAL?
>               description
>                 "A uri is needed in order to downloaded an image to
>                  validate.";
>             }
>             description
>               "Identifies the hash algorithm used.";
>             leaf sha256 {
>               type yang:hex-string;
>               description
>                 "The hex-encoded SHA-256 hash over the boot image
>                  file.  This is used by the device to verify a 
>                  downloaded boot image file.";
>               reference "RFC 6234: US Secure Hash Algorithms.";
>             }
>           }
>         }
> 
> 
> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://www.ietf.org/mailman/listinfo/netmod
>