Description
Invoke PUT request to:
http://192.168.56.25:8181/rests/data/network-topology:network-topology/topology=topology-netconf/node=17830-sim-device
with payload:
{
"node": [
{
"node-id": "17830-sim-device",
"netconf-node-topology:login-password": {
"username": "admin",
"password": "YWRtaW4K"
},
"netconf-node-topology:schemaless": false,
"netconf-node-topology:port": 17830,
"netconf-node-topology:tcp-only": false,
"netconf-node-topology:keepalive-delay": 0,
"netconf-node-topology:host": "192.168.56.25"
}
]
}
You can see error in karaf console:
10:06:07.667 INFO [CM Configuration Updater (Update: pid=org.ops4j.pax.logging)] Logging configuration changed. (Event Admin service unavailable - no notification sent).
10:06:15.792 INFO [opendaylight-cluster-data-notification-dispatcher-66] RemoteDevice{Uri{value=17830-sim-device}} was already configured, disconnecting
10:06:15.799 INFO [opendaylight-cluster-data-notification-dispatcher-66] Connecting RemoteDevice{Uri{value=17830-sim-device}}, with config Node{nodeId=Uri
{value=17830-sim-device}
, augmentation=[NetconfNode{actorResponseWaitTime=5, betweenAttemptsTimeoutMillis=2000, concurrentRpcLimit=0, connectionTimeoutMillis=20000, credentials=***, defaultRequestTimeoutMillis=60000, host=Host{ipAddress=IpAddress{ipv4Address=Ipv4Address
{value=192.168.56.25}
}}, keepaliveDelay=0, lockDatastore=true, maxConnectionAttempts=0, port=PortNumber{value=17830}, reconnectOnChangedSchema=false, schemaCacheDirectory=schema, schemaless=false, sleepFactor=1.5, tcpOnly=false}]}
10:06:15.802 INFO [opendaylight-cluster-data-notification-dispatcher-66] Concurrent rpc limit is smaller than 1, no limit will be enforced for device RemoteDeviceId[name=17830-sim-device, address=/192.168.56.25:17830]
10:06:15.803 ERROR [opendaylight-cluster-data-notification-dispatcher-66] Failed to decrypt encoded data
javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher
at com.sun.crypto.provider.CipherCore.prepareInputBuffer(CipherCore.java:891) ~[?:?]
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:730) ~[?:?]
at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:436) ~[?:?]
at javax.crypto.Cipher.doFinal(Cipher.java:2205) ~[?:?]
at org.opendaylight.aaa.encrypt.impl.AAAEncryptionServiceImpl.decrypt(AAAEncryptionServiceImpl.java:154) ~[?:?]
at org.opendaylight.netconf.topology.spi.NetconfClientConfigurationBuilderFactoryImpl.setSshParametersFromCredentials(NetconfClientConfigurationBuilderFactoryImpl.java:106) ~[bundleFile:?]
at org.opendaylight.netconf.topology.spi.NetconfClientConfigurationBuilderFactoryImpl.createClientConfigurationBuilder(NetconfClientConfigurationBuilderFactoryImpl.java:74) ~[bundleFile:?]
at org.opendaylight.netconf.topology.spi.NetconfNodeHandler.<init>(NetconfNodeHandler.java:193) ~[bundleFile:?]
at org.opendaylight.netconf.topology.spi.AbstractNetconfTopology.lockedEnsureNode(AbstractNetconfTopology.java:124) ~[bundleFile:?]
at org.opendaylight.netconf.topology.spi.AbstractNetconfTopology.ensureNode(AbstractNetconfTopology.java:91) ~[bundleFile:?]
at org.opendaylight.netconf.topology.impl.NetconfTopologyImpl.ensureNode(NetconfTopologyImpl.java:143) ~[?:?]
at org.opendaylight.netconf.topology.impl.NetconfTopologyImpl.onDataTreeChanged(NetconfTopologyImpl.java:129) ~[?:?]
at org.opendaylight.mdsal.binding.dom.adapter.BindingDOMDataTreeChangeListenerAdapter.onDataTreeChanged(BindingDOMDataTreeChangeListenerAdapter.java:44) ~[bundleFile:?]
at org.opendaylight.controller.cluster.datastore.DataTreeChangeListenerActor.dataTreeChanged(DataTreeChangeListenerActor.java:90) ~[bundleFile:?]
at org.opendaylight.controller.cluster.datastore.DataTreeChangeListenerActor.handleReceive(DataTreeChangeListenerActor.java:45) ~[bundleFile:?]
at akka.japi.pf.UnitCaseStatement.apply(CaseStatements.scala:24) [bundleFile:?]
at akka.japi.pf.UnitCaseStatement.apply(CaseStatements.scala:20) [bundleFile:?]
at scala.PartialFunction.applyOrElse(PartialFunction.scala:214) [bundleFile:?]
at scala.PartialFunction.applyOrElse$(PartialFunction.scala:213) [bundleFile:?]
at akka.japi.pf.UnitCaseStatement.applyOrElse(CaseStatements.scala:20) [bundleFile:?]
at scala.PartialFunction$OrElse.applyOrElse(PartialFunction.scala:269) [bundleFile:?]
at scala.PartialFunction$OrElse.applyOrElse(PartialFunction.scala:270) [bundleFile:?]
at akka.actor.Actor.aroundReceive(Actor.scala:537) [bundleFile:?]
at akka.actor.Actor.aroundReceive$(Actor.scala:535) [bundleFile:?]
at akka.actor.AbstractActor.aroundReceive(AbstractActor.scala:220) [bundleFile:?]
at akka.actor.ActorCell.receiveMessage(ActorCell.scala:579) [bundleFile:?]
at akka.actor.ActorCell.invoke(ActorCell.scala:547) [bundleFile:?]
at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:270) [bundleFile:?]
at akka.dispatch.Mailbox.run(Mailbox.scala:231) [bundleFile:?]
at akka.dispatch.Mailbox.exec(Mailbox.scala:243) [bundleFile:?]
at java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:373) [?:?]
at java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1182) [?:?]
at java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1655) [?:?]
at java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1622) [?:?]
at java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:165) [?:?]
Note that the password when fails to decrypt is returned untouched, the revision on which bug is present is:
fedba3cac1c141c2b2bfb61ccf8a5622977254d4
Attachments
Issue Links
- blocks
-
NETCONF-1115 Handle unencrypted password in login-password for topology node
-
- Confirmed
-
| # | Subject | Branch | Project | Status | CR | V |
|---|---|---|---|---|---|---|
| 109834,3 | Create Unit Test for EncryptService's Failed Decryption | master | aaa | Status: MERGED | +2 | +1 |
