IETF Logo Mail Archive

[netmod] can a 'must' statement point to a 'choice' node?

Kent Watsen <kwatsen@juniper.net> Tue, 17 October 2017 20:43 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 892BA1330AF for <netmod@ietfa.amsl.com>; Tue, 17 Oct 2017 13:43:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NNnczZXnqgcL for <netmod@ietfa.amsl.com>; Tue, 17 Oct 2017 13:43:41 -0700 (PDT)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0132.outbound.protection.outlook.com [104.47.36.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CEA07132331 for <netmod@ietf.org>; Tue, 17 Oct 2017 13:43:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=WcCOVscnHAf/56eeJo0Q333KgrEYPsw7UlLHk1jQ5kU=; b=VHAaMwxjNtKtkohrI5l9dvyt2dRqfnu7qlKsQj0v1oGAEJcSVGWLx61cyRUTqBsRzc/OH5ihgH3bC0ssjX0d0cCTKDw09tAdGM3baryh6J1aZF20TPSviGdGGckDOJkDPxYvfM11+p32hlTjrLZlfvfd47DbSBTyX2IsGPp3y/Q=
Received: from BLUPR05MB275.namprd05.prod.outlook.com (10.141.22.149) by BLUPR05MB274.namprd05.prod.outlook.com (10.141.22.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.2; Tue, 17 Oct 2017 20:43:39 +0000
Received: from BLUPR05MB275.namprd05.prod.outlook.com ([10.141.22.149]) by BLUPR05MB275.namprd05.prod.outlook.com ([10.141.22.149]) with mapi id 15.20.0156.004; Tue, 17 Oct 2017 20:43:39 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: can a 'must' statement point to a 'choice' node?
Thread-Index: AQHTR4icwUSa9YanyUOWmcXwY5xHbg==
Date: Tue, 17 Oct 2017 20:43:39 +0000
Message-ID: <5A9EB15B-469A-4A63-8884-C97F935F31FB@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
authentication-results: spf=none (sender IP is ) smtp.mailfrom=kwatsen@juniper.net;
x-originating-ip: [66.129.241.11]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BLUPR05MB274; 6:3ccoOn08aD2mgbHH4cxKQopEtmi1uR4t31gvL+Khr1Bgc7oErqySCulrKOzQTpHaaFcPdYRE7tXioBok4AzlOR152FCcAtfTya5v96Ox4J9TrhnU+fU4JmaejfXXa82jKlzvs8qnWVmVPTKeTeTqMvjwErQM90Lotr6xbv/gnbg9vfyhqsn95/+2cqee+nKrF0N7KLcA5tZknSUZPoYDkpVT4gUN3lGSRvJkgdI8cWMkLIhiS7f56sZN0BkEPcH35a88cyX2QC0SKrhLmjqu11OuwlXu9fehCJO11DYiXIZHlM/dXev+Ba/YlWAs/+z52jVZruQJKvF8LdGz3BN91g==; 5:KR2FJNTvt4oWwZ61ShknducEUzYlnE/PdQytdRzx2Q7UMrwtCd+gzo/nA3d1rTEqsGSc863VWNHcVjl26Qh9JOaRcF+8CZHHJZWazPqufuP1Jtp7oarVYdRAe/PX0/A9g215EBes+CbyiAyp63ioyGu6NNsck6QrOuxhVDDygtY=; 24:zFK7Wa1RbwoS+nsK84NBW7Hx/fHtVtqypejRAO6JcFeWhMGFdhYRLj3q1cLs/18GZzmJkyIuksdLlt0/I6vmMdp12uUrA9vueLC/pBsdbmg=; 7:PRMSbT+860hU8A+xDEGlgzOkZEuqNprQK8LyZzk4724q0Jv+h+2ZfI9hBBC8YxtDruRecv70ntW81qZzuDtV0jdQy8eSs0PsCFF6VUVJkOFS3s6dvgcgjvHKygsCU798XgOUdnIBE9ZcWChOL22ngYXlCqXEL0rzjTGRwnNTmzW2vQYtIBp1evFyJLGAqVmbyA2Hr1U/4kDAcHeQpbJcJtLBzzNRuxN/WaFSFbMEmrA=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 40538529-053b-4452-2845-08d5159fbf25
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254152)(48565401081)(2017052603199)(201703131423075)(201703031133081)(201702281549075); SRVR:BLUPR05MB274;
x-ms-traffictypediagnostic: BLUPR05MB274:
x-exchange-antispam-report-test: UriScan:(158342451672863);
x-microsoft-antispam-prvs: <BLUPR05MB274B8B928F50799606BF929A54C0@BLUPR05MB274.namprd05.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(100000703101)(100105400095)(6055026)(6041248)(20161123564025)(20161123560025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123562025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:BLUPR05MB274; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:BLUPR05MB274;
x-forefront-prvs: 04631F8F77
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(346002)(39860400002)(376002)(199003)(189002)(2501003)(7736002)(6916009)(305945005)(6512007)(102836003)(6116002)(3846002)(83506001)(5660300001)(99286003)(106356001)(8676002)(83716003)(58126008)(478600001)(1730700003)(81156014)(81166006)(14454004)(25786009)(86362001)(2351001)(316002)(105586002)(8936002)(33656002)(82746002)(101416001)(66066001)(3660700001)(68736007)(77096006)(5640700003)(2900100001)(2906002)(97736004)(53936002)(189998001)(36756003)(50986999)(3280700002)(54356999)(6486002)(6506006)(6436002); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR05MB274; H:BLUPR05MB275.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <C38F971F6D00A24193FFE16A979018B2@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 40538529-053b-4452-2845-08d5159fbf25
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Oct 2017 20:43:39.2409 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR05MB274
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/S8zHnEbhVuUY7YYY4DhQ-BDcHHY>
Subject: [netmod] can a 'must' statement point to a 'choice' node?
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Oct 2017 20:43:42 -0000

I'm getting mixed results from pyang and yanglint.  Can the XPath used
in a 'must' statement point to a 'choice' node?  

In the below YANG snippet from the zerotouch draft, the idea is that, if
at least one URI is specified, then a hash needs to be present as well, 
but any hash is okay, including hash-types that are augmented into the
choice node in the future.

K.  // contributor


        container boot-image {

          leaf-list uri {
            type inet:uri;
            must '../hash-algorithm' {     <------- THIS ONE HERE
              description
                "A hash is needed in order to validate the downloaded
                 image.";
            }
            ordered-by user;
            description
              "An ordered list of URIs to where the boot-image file
               MAY be obtained.  Deployments MUST know in which URI
               schemes (http, ftp, etc.) a device supports.  If a
               secure scheme (e.g., https) is provided, a device MAY
               establish a provisional connection to the server, by
               blindly accepting the server's credentials (e.g., its
               TLS certificate)";
          }

          choice hash-algorithm {
            must '../uri' {  <----- DOES THIS GENERATE A CIRCULAR EVAL?
              description
                "A uri is needed in order to downloaded an image to
                 validate.";
            }
            description
              "Identifies the hash algorithm used.";
            leaf sha256 {
              type yang:hex-string;
              description
                "The hex-encoded SHA-256 hash over the boot image
                 file.  This is used by the device to verify a 
                 downloaded boot image file.";
              reference "RFC 6234: US Secure Hash Algorithms.";
            }
          }
        }

v2.23.0 | Report a Bug | By Email