-
Notifications
You must be signed in to change notification settings - Fork 228
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Converting RSA pub named key to to VI objects #3972
Conversation
Codecov Report
@@ Coverage Diff @@
## master #3972 +/- ##
============================================
+ Coverage 74.95% 74.97% +0.02%
- Complexity 24272 24306 +34
============================================
Files 2031 2033 +2
Lines 97295 97409 +114
Branches 11591 11598 +7
============================================
+ Hits 72927 73035 +108
Misses 19087 19087
- Partials 5281 5287 +6
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewable status: 0 of 12 files reviewed, all discussions resolved (waiting on @progwriter)
a discussion (no related file):
Can be reviewed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 6 of 12 files at r1, 6 of 7 files at r2.
Reviewable status: all files reviewed, 5 unresolved discussions (waiting on @haverma)
projects/batfish/src/main/antlr4/org/batfish/grammar/cisco/Cisco_crypto.g4, line 526 at r2 (raw file):
; ckpn_null
is this rule still necessary? by which I mean, with your change did we full implement the parse subtree under named key
? If yes, no need to keep it around. If not, the presence of ADDRESS
worries me (antlr will choose longest matching rule, IIRC)
projects/batfish/src/main/java/org/batfish/grammar/cisco/CiscoControlPlaneExtractor.java, line 1960 at r2 (raw file):
@Override public void enterCkp_named_key(Ckp_named_keyContext ctx) { _currentCryptoNamedRsaPubKey = new CryptoNamedRsaPubKey(ctx.name.getText());
use computeifAbsent
- that's our standard pattern. then you only need to clear _currentX
back to null on exit
.
projects/batfish/src/main/java/org/batfish/grammar/cisco/CiscoControlPlaneExtractor.java, line 1978 at r2 (raw file):
_configuration .getCryptoNamedRsaPubKeys() .put(_currentCryptoNamedRsaPubKey.getName(), _currentCryptoNamedRsaPubKey);
reset _currentCryptoNamedRsaPubKey
back to null
projects/batfish/src/main/java/org/batfish/representation/cisco/CiscoConfiguration.java, line 3493 at r2 (raw file):
IkePhase1Key ikePhase1Key = toIkePhase1Key(cryptoNamedRsaPubKey); ikePhase1KeysBuilder.put( String.format("~%s_%s~", PREFIX_RSA_PUB, cryptoNamedRsaPubKey.getName()),
Can you factor this out into a static function and use both here and in cisco conversions? This will ensure that key name and map key match.
projects/batfish/src/main/java/org/batfish/representation/cisco/CryptoNamedRsaPubKey.java, line 8 at r2 (raw file):
import org.batfish.datamodel.Ip; public class CryptoNamedRsaPubKey implements Serializable {
worth javadocing.
also, is the crypto prefix necessary here? I'd just call it NamedRsaPubKey
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
addressed comments, and also added calls to define and self reference the new NamedRsaPubKey
Cisco structure
Reviewable status: 7 of 14 files reviewed, all discussions resolved (waiting on @progwriter)
projects/batfish/src/main/antlr4/org/batfish/grammar/cisco/Cisco_crypto.g4, line 526 at r2 (raw file):
Previously, progwriter (Victor Heorhiadi) wrote…
is this rule still necessary? by which I mean, with your change did we full implement the parse subtree under
named key
? If yes, no need to keep it around. If not, the presence ofADDRESS
worries me (antlr will choose longest matching rule, IIRC)
removed the rule, handling the NO
version of the commands in the respective branches
projects/batfish/src/main/java/org/batfish/grammar/cisco/CiscoControlPlaneExtractor.java, line 1960 at r2 (raw file):
Previously, progwriter (Victor Heorhiadi) wrote…
use
computeifAbsent
- that's our standard pattern. then you only need to clear_currentX
back to null onexit
.
done
projects/batfish/src/main/java/org/batfish/grammar/cisco/CiscoControlPlaneExtractor.java, line 1978 at r2 (raw file):
Previously, progwriter (Victor Heorhiadi) wrote…
reset
_currentCryptoNamedRsaPubKey
back to null
done
projects/batfish/src/main/java/org/batfish/representation/cisco/CiscoConfiguration.java, line 3493 at r2 (raw file):
Previously, progwriter (Victor Heorhiadi) wrote…
Can you factor this out into a static function and use both here and in cisco conversions? This will ensure that key name and map key match.
done
projects/batfish/src/main/java/org/batfish/representation/cisco/CryptoNamedRsaPubKey.java, line 8 at r2 (raw file):
Previously, progwriter (Victor Heorhiadi) wrote…
worth javadocing.
also, is the crypto prefix necessary here? I'd just call itNamedRsaPubKey
done
makes sense, renamed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 7 of 7 files at r3.
Reviewable status: complete! all files reviewed, all discussions resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewable status: 11 of 14 files reviewed, all discussions resolved (waiting on @progwriter)
projects/batfish/src/main/java/org/batfish/representation/cisco/CiscoConfiguration.java, line 3864 at r4 (raw file):
CiscoStructureUsage.IPSEC_PROFILE_TRANSFORM_SET); markConcreteStructure(CiscoStructureType.KEYRING, CiscoStructureUsage.ISAKMP_PROFILE_KEYRING); markConcreteStructure(
missed in the last commit, now testing the number of referrers as well
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 3 of 3 files at r4.
Reviewable status: complete! all files reviewed, all discussions resolved
* rsa pub key parsing and conversion
to be reviewed after #3971
PR contents:
IkePhase1Key
andIkePhase1Policy