test FEATURE base for unit tests using cmocka
- includes one simple (not finished) test for libnetconf IO.
diff --git a/tests/models/ietf-inet-types.yin b/tests/models/ietf-inet-types.yin
new file mode 100644
index 0000000..2cc5db7
--- /dev/null
+++ b/tests/models/ietf-inet-types.yin
@@ -0,0 +1,448 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module name="ietf-inet-types"
+ xmlns="urn:ietf:params:xml:ns:yang:yin:1"
+ xmlns:inet="urn:ietf:params:xml:ns:yang:ietf-inet-types">
+ <namespace uri="urn:ietf:params:xml:ns:yang:ietf-inet-types"/>
+ <prefix value="inet"/>
+ <organization>
+ <text>IETF NETMOD (NETCONF Data Modeling Language) Working Group</text>
+ </organization>
+ <contact>
+ <text>WG Web: <http://tools.ietf.org/wg/netmod/>
+WG List: <mailto:netmod@ietf.org>
+
+WG Chair: David Kessens
+ <mailto:david.kessens@nsn.com>
+
+WG Chair: Juergen Schoenwaelder
+ <mailto:j.schoenwaelder@jacobs-university.de>
+
+Editor: Juergen Schoenwaelder
+ <mailto:j.schoenwaelder@jacobs-university.de></text>
+ </contact>
+ <description>
+ <text>This module contains a collection of generally useful derived
+YANG data types for Internet addresses and related things.
+
+Copyright (c) 2013 IETF Trust and the persons identified as
+authors of the code. All rights reserved.
+
+Redistribution and use in source and binary forms, with or
+without modification, is permitted pursuant to, and subject
+to the license terms contained in, the Simplified BSD License
+set forth in Section 4.c of the IETF Trust's Legal Provisions
+Relating to IETF Documents
+(http://trustee.ietf.org/license-info).
+
+This version of this YANG module is part of RFC 6991; see
+the RFC itself for full legal notices.</text>
+ </description>
+ <revision date="2013-07-15">
+ <description>
+ <text>This revision adds the following new data types:
+- ip-address-no-zone
+- ipv4-address-no-zone
+- ipv6-address-no-zone</text>
+ </description>
+ <reference>
+ <text>RFC 6991: Common YANG Data Types</text>
+ </reference>
+ </revision>
+ <revision date="2010-09-24">
+ <description>
+ <text>Initial revision.</text>
+ </description>
+ <reference>
+ <text>RFC 6021: Common YANG Data Types</text>
+ </reference>
+ </revision>
+ <typedef name="ip-version">
+ <type name="enumeration">
+ <enum name="unknown">
+ <value value="0"/>
+ <description>
+ <text>An unknown or unspecified version of the Internet
+protocol.</text>
+ </description>
+ </enum>
+ <enum name="ipv4">
+ <value value="1"/>
+ <description>
+ <text>The IPv4 protocol as defined in RFC 791.</text>
+ </description>
+ </enum>
+ <enum name="ipv6">
+ <value value="2"/>
+ <description>
+ <text>The IPv6 protocol as defined in RFC 2460.</text>
+ </description>
+ </enum>
+ </type>
+ <description>
+ <text>This value represents the version of the IP protocol.
+
+In the value set and its semantics, this type is equivalent
+to the InetVersion textual convention of the SMIv2.</text>
+ </description>
+ <reference>
+ <text>RFC 791: Internet Protocol
+RFC 2460: Internet Protocol, Version 6 (IPv6) Specification
+RFC 4001: Textual Conventions for Internet Network Addresses</text>
+ </reference>
+ </typedef>
+ <typedef name="dscp">
+ <type name="uint8">
+ <range value="0..63"/>
+ </type>
+ <description>
+ <text>The dscp type represents a Differentiated Services Code Point
+that may be used for marking packets in a traffic stream.
+In the value set and its semantics, this type is equivalent
+to the Dscp textual convention of the SMIv2.</text>
+ </description>
+ <reference>
+ <text>RFC 3289: Management Information Base for the Differentiated
+ Services Architecture
+RFC 2474: Definition of the Differentiated Services Field
+ (DS Field) in the IPv4 and IPv6 Headers
+RFC 2780: IANA Allocation Guidelines For Values In
+ the Internet Protocol and Related Headers</text>
+ </reference>
+ </typedef>
+ <typedef name="ipv6-flow-label">
+ <type name="uint32">
+ <range value="0..1048575"/>
+ </type>
+ <description>
+ <text>The ipv6-flow-label type represents the flow identifier or Flow
+Label in an IPv6 packet header that may be used to
+discriminate traffic flows.
+
+In the value set and its semantics, this type is equivalent
+to the IPv6FlowLabel textual convention of the SMIv2.</text>
+ </description>
+ <reference>
+ <text>RFC 3595: Textual Conventions for IPv6 Flow Label
+RFC 2460: Internet Protocol, Version 6 (IPv6) Specification</text>
+ </reference>
+ </typedef>
+ <typedef name="port-number">
+ <type name="uint16">
+ <range value="0..65535"/>
+ </type>
+ <description>
+ <text>The port-number type represents a 16-bit port number of an
+Internet transport-layer protocol such as UDP, TCP, DCCP, or
+SCTP. Port numbers are assigned by IANA. A current list of
+all assignments is available from <http://www.iana.org/>.
+
+Note that the port number value zero is reserved by IANA. In
+situations where the value zero does not make sense, it can
+be excluded by subtyping the port-number type.
+In the value set and its semantics, this type is equivalent
+to the InetPortNumber textual convention of the SMIv2.</text>
+ </description>
+ <reference>
+ <text>RFC 768: User Datagram Protocol
+RFC 793: Transmission Control Protocol
+RFC 4960: Stream Control Transmission Protocol
+RFC 4340: Datagram Congestion Control Protocol (DCCP)
+RFC 4001: Textual Conventions for Internet Network Addresses</text>
+ </reference>
+ </typedef>
+ <typedef name="as-number">
+ <type name="uint32"/>
+ <description>
+ <text>The as-number type represents autonomous system numbers
+which identify an Autonomous System (AS). An AS is a set
+of routers under a single technical administration, using
+an interior gateway protocol and common metrics to route
+packets within the AS, and using an exterior gateway
+protocol to route packets to other ASes. IANA maintains
+the AS number space and has delegated large parts to the
+regional registries.
+
+Autonomous system numbers were originally limited to 16
+bits. BGP extensions have enlarged the autonomous system
+number space to 32 bits. This type therefore uses an uint32
+base type without a range restriction in order to support
+a larger autonomous system number space.
+
+In the value set and its semantics, this type is equivalent
+to the InetAutonomousSystemNumber textual convention of
+the SMIv2.</text>
+ </description>
+ <reference>
+ <text>RFC 1930: Guidelines for creation, selection, and registration
+ of an Autonomous System (AS)
+RFC 4271: A Border Gateway Protocol 4 (BGP-4)
+RFC 4001: Textual Conventions for Internet Network Addresses
+RFC 6793: BGP Support for Four-Octet Autonomous System (AS)
+ Number Space</text>
+ </reference>
+ </typedef>
+ <typedef name="ip-address">
+ <type name="union">
+ <type name="inet:ipv4-address"/>
+ <type name="inet:ipv6-address"/>
+ </type>
+ <description>
+ <text>The ip-address type represents an IP address and is IP
+version neutral. The format of the textual representation
+implies the IP version. This type supports scoped addresses
+by allowing zone identifiers in the address format.</text>
+ </description>
+ <reference>
+ <text>RFC 4007: IPv6 Scoped Address Architecture</text>
+ </reference>
+ </typedef>
+ <typedef name="ipv4-address">
+ <type name="string">
+ <pattern value="(([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(%[\p{N}\p{L}]+)?"/>
+ </type>
+ <description>
+ <text>The ipv4-address type represents an IPv4 address in
+dotted-quad notation. The IPv4 address may include a zone
+index, separated by a % sign.
+
+The zone index is used to disambiguate identical address
+values. For link-local addresses, the zone index will
+typically be the interface index number or the name of an
+interface. If the zone index is not present, the default
+zone of the device will be used.
+
+The canonical format for the zone index is the numerical
+format</text>
+ </description>
+ </typedef>
+ <typedef name="ipv6-address">
+ <type name="string">
+ <pattern value="((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(%[\p{N}\p{L}]+)?"/>
+ <pattern value="(([^:]+:){6}(([^:]+:[^:]+)|(.*\..*)))|((([^:]+:)*[^:]+)?::(([^:]+:)*[^:]+)?)(%.+)?"/>
+ </type>
+ <description>
+ <text>The ipv6-address type represents an IPv6 address in full,
+mixed, shortened, and shortened-mixed notation. The IPv6
+address may include a zone index, separated by a % sign.
+
+The zone index is used to disambiguate identical address
+values. For link-local addresses, the zone index will
+typically be the interface index number or the name of an
+interface. If the zone index is not present, the default
+zone of the device will be used.
+
+
+
+The canonical format of IPv6 addresses uses the textual
+representation defined in Section 4 of RFC 5952. The
+canonical format for the zone index is the numerical
+format as described in Section 11.2 of RFC 4007.</text>
+ </description>
+ <reference>
+ <text>RFC 4291: IP Version 6 Addressing Architecture
+RFC 4007: IPv6 Scoped Address Architecture
+RFC 5952: A Recommendation for IPv6 Address Text
+ Representation</text>
+ </reference>
+ </typedef>
+ <typedef name="ip-address-no-zone">
+ <type name="union">
+ <type name="inet:ipv4-address-no-zone"/>
+ <type name="inet:ipv6-address-no-zone"/>
+ </type>
+ <description>
+ <text>The ip-address-no-zone type represents an IP address and is
+IP version neutral. The format of the textual representation
+implies the IP version. This type does not support scoped
+addresses since it does not allow zone identifiers in the
+address format.</text>
+ </description>
+ <reference>
+ <text>RFC 4007: IPv6 Scoped Address Architecture</text>
+ </reference>
+ </typedef>
+ <typedef name="ipv4-address-no-zone">
+ <type name="inet:ipv4-address">
+ <pattern value="[0-9\.]*"/>
+ </type>
+ <description>
+ <text>An IPv4 address without a zone index. This type, derived from
+ipv4-address, may be used in situations where the zone is
+known from the context and hence no zone index is needed.</text>
+ </description>
+ </typedef>
+ <typedef name="ipv6-address-no-zone">
+ <type name="inet:ipv6-address">
+ <pattern value="[0-9a-fA-F:\.]*"/>
+ </type>
+ <description>
+ <text>An IPv6 address without a zone index. This type, derived from
+ipv6-address, may be used in situations where the zone is
+known from the context and hence no zone index is needed.</text>
+ </description>
+ <reference>
+ <text>RFC 4291: IP Version 6 Addressing Architecture
+RFC 4007: IPv6 Scoped Address Architecture
+RFC 5952: A Recommendation for IPv6 Address Text
+ Representation</text>
+ </reference>
+ </typedef>
+ <typedef name="ip-prefix">
+ <type name="union">
+ <type name="inet:ipv4-prefix"/>
+ <type name="inet:ipv6-prefix"/>
+ </type>
+ <description>
+ <text>The ip-prefix type represents an IP prefix and is IP
+version neutral. The format of the textual representations
+implies the IP version.</text>
+ </description>
+ </typedef>
+ <typedef name="ipv4-prefix">
+ <type name="string">
+ <pattern value="(([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))"/>
+ </type>
+ <description>
+ <text>The ipv4-prefix type represents an IPv4 address prefix.
+The prefix length is given by the number following the
+slash character and must be less than or equal to 32.
+
+A prefix length value of n corresponds to an IP address
+mask that has n contiguous 1-bits from the most
+significant bit (MSB) and all other bits set to 0.
+
+The canonical format of an IPv4 prefix has all bits of
+the IPv4 address set to zero that are not part of the
+IPv4 prefix.</text>
+ </description>
+ </typedef>
+ <typedef name="ipv6-prefix">
+ <type name="string">
+ <pattern value="((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8])))"/>
+ <pattern value="(([^:]+:){6}(([^:]+:[^:]+)|(.*\..*)))|((([^:]+:)*[^:]+)?::(([^:]+:)*[^:]+)?)(/.+)"/>
+ </type>
+ <description>
+ <text>The ipv6-prefix type represents an IPv6 address prefix.
+The prefix length is given by the number following the
+slash character and must be less than or equal to 128.
+
+A prefix length value of n corresponds to an IP address
+mask that has n contiguous 1-bits from the most
+significant bit (MSB) and all other bits set to 0.
+
+The IPv6 address should have all bits that do not belong
+to the prefix set to zero.
+
+The canonical format of an IPv6 prefix has all bits of
+the IPv6 address set to zero that are not part of the
+IPv6 prefix. Furthermore, the IPv6 address is represented
+as defined in Section 4 of RFC 5952.</text>
+ </description>
+ <reference>
+ <text>RFC 5952: A Recommendation for IPv6 Address Text
+ Representation</text>
+ </reference>
+ </typedef>
+ <typedef name="domain-name">
+ <type name="string">
+ <pattern value="((([a-zA-Z0-9_]([a-zA-Z0-9\-_]){0,61})?[a-zA-Z0-9]\.)*([a-zA-Z0-9_]([a-zA-Z0-9\-_]){0,61})?[a-zA-Z0-9]\.?)|\."/>
+ <length value="1..253"/>
+ </type>
+ <description>
+ <text>The domain-name type represents a DNS domain name. The
+name SHOULD be fully qualified whenever possible.
+
+Internet domain names are only loosely specified. Section
+3.5 of RFC 1034 recommends a syntax (modified in Section
+2.1 of RFC 1123). The pattern above is intended to allow
+for current practice in domain name use, and some possible
+future expansion. It is designed to hold various types of
+domain names, including names used for A or AAAA records
+(host names) and other records, such as SRV records. Note
+that Internet host names have a stricter syntax (described
+in RFC 952) than the DNS recommendations in RFCs 1034 and
+1123, and that systems that want to store host names in
+schema nodes using the domain-name type are recommended to
+adhere to this stricter standard to ensure interoperability.
+
+The encoding of DNS names in the DNS protocol is limited
+to 255 characters. Since the encoding consists of labels
+prefixed by a length bytes and there is a trailing NULL
+byte, only 253 characters can appear in the textual dotted
+notation.
+
+The description clause of schema nodes using the domain-name
+type MUST describe when and how these names are resolved to
+IP addresses. Note that the resolution of a domain-name value
+may require to query multiple DNS records (e.g., A for IPv4
+and AAAA for IPv6). The order of the resolution process and
+which DNS record takes precedence can either be defined
+explicitly or may depend on the configuration of the
+resolver.
+
+Domain-name values use the US-ASCII encoding. Their canonical
+format uses lowercase US-ASCII characters. Internationalized
+domain names MUST be A-labels as per RFC 5890.</text>
+ </description>
+ <reference>
+ <text>RFC 952: DoD Internet Host Table Specification
+RFC 1034: Domain Names - Concepts and Facilities
+RFC 1123: Requirements for Internet Hosts -- Application
+ and Support
+RFC 2782: A DNS RR for specifying the location of services
+ (DNS SRV)
+RFC 5890: Internationalized Domain Names in Applications
+ (IDNA): Definitions and Document Framework</text>
+ </reference>
+ </typedef>
+ <typedef name="host">
+ <type name="union">
+ <type name="inet:ip-address"/>
+ <type name="inet:domain-name"/>
+ </type>
+ <description>
+ <text>The host type represents either an IP address or a DNS
+domain name.</text>
+ </description>
+ </typedef>
+ <typedef name="uri">
+ <type name="string"/>
+ <description>
+ <text>The uri type represents a Uniform Resource Identifier
+(URI) as defined by STD 66.
+
+Objects using the uri type MUST be in US-ASCII encoding,
+and MUST be normalized as described by RFC 3986 Sections
+6.2.1, 6.2.2.1, and 6.2.2.2. All unnecessary
+percent-encoding is removed, and all case-insensitive
+characters are set to lowercase except for hexadecimal
+digits, which are normalized to uppercase as described in
+Section 6.2.2.1.
+
+The purpose of this normalization is to help provide
+unique URIs. Note that this normalization is not
+sufficient to provide uniqueness. Two URIs that are
+textually distinct after this normalization may still be
+equivalent.
+
+Objects using the uri type may restrict the schemes that
+they permit. For example, 'data:' and 'urn:' schemes
+might not be appropriate.
+
+A zero-length URI is not a valid URI. This can be used to
+express 'URI absent' where required.
+
+In the value set and its semantics, this type is equivalent
+to the Uri SMIv2 textual convention defined in RFC 5017.</text>
+ </description>
+ <reference>
+ <text>RFC 3986: Uniform Resource Identifier (URI): Generic Syntax
+RFC 3305: Report from the Joint W3C/IETF URI Planning Interest
+ Group: Uniform Resource Identifiers (URIs), URLs,
+ and Uniform Resource Names (URNs): Clarifications
+ and Recommendations
+RFC 5017: MIB Textual Conventions for Uniform Resource
+ Identifiers (URIs)</text>
+ </reference>
+ </typedef>
+</module>
diff --git a/tests/models/ietf-netconf-acm.yin b/tests/models/ietf-netconf-acm.yin
new file mode 100644
index 0000000..390ec0c
--- /dev/null
+++ b/tests/models/ietf-netconf-acm.yin
@@ -0,0 +1,446 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module xmlns="urn:ietf:params:xml:ns:yang:yin:1" xmlns:nacm="urn:ietf:params:xml:ns:yang:ietf-netconf-acm" xmlns:yang="urn:ietf:params:xml:ns:yang:ietf-yang-types" name="ietf-netconf-acm">
+ <namespace uri="urn:ietf:params:xml:ns:yang:ietf-netconf-acm"/>
+ <prefix value="nacm"/>
+ <import module="ietf-yang-types">
+ <prefix value="yang"/>
+ </import>
+ <organization>
+ <text>IETF NETCONF (Network Configuration) Working Group</text>
+ </organization>
+ <contact>
+ <text>WG Web: <http://tools.ietf.org/wg/netconf/>
+WG List: <mailto:netconf@ietf.org>
+
+WG Chair: Mehmet Ersue
+ <mailto:mehmet.ersue@nsn.com>
+
+WG Chair: Bert Wijnen
+ <mailto:bertietf@bwijnen.net>
+
+Editor: Andy Bierman
+ <mailto:andy@yumaworks.com>
+
+Editor: Martin Bjorklund
+ <mailto:mbj@tail-f.com></text>
+ </contact>
+ <description>
+ <text>NETCONF Access Control Model.
+
+Copyright (c) 2012 IETF Trust and the persons identified as
+authors of the code. All rights reserved.
+
+Redistribution and use in source and binary forms, with or
+without modification, is permitted pursuant to, and subject
+to the license terms contained in, the Simplified BSD
+License set forth in Section 4.c of the IETF Trust's
+Legal Provisions Relating to IETF Documents
+(http://trustee.ietf.org/license-info).
+
+This version of this YANG module is part of RFC 6536; see
+the RFC itself for full legal notices.</text>
+ </description>
+ <revision date="2012-02-22">
+ <description>
+ <text>Initial version</text>
+ </description>
+ <reference>
+ <text>RFC 6536: Network Configuration Protocol (NETCONF)
+ Access Control Model</text>
+ </reference>
+ </revision>
+ <extension name="default-deny-write">
+ <description>
+ <text>Used to indicate that the data model node
+represents a sensitive security system parameter.
+
+If present, and the NACM module is enabled (i.e.,
+/nacm/enable-nacm object equals 'true'), the NETCONF server
+will only allow the designated 'recovery session' to have
+write access to the node. An explicit access control rule is
+required for all other users.
+
+The 'default-deny-write' extension MAY appear within a data
+definition statement. It is ignored otherwise.</text>
+ </description>
+ </extension>
+ <extension name="default-deny-all">
+ <description>
+ <text>Used to indicate that the data model node
+controls a very sensitive security system parameter.
+
+If present, and the NACM module is enabled (i.e.,
+/nacm/enable-nacm object equals 'true'), the NETCONF server
+will only allow the designated 'recovery session' to have
+read, write, or execute access to the node. An explicit
+access control rule is required for all other users.
+
+The 'default-deny-all' extension MAY appear within a data
+definition statement, 'rpc' statement, or 'notification'
+statement. It is ignored otherwise.</text>
+ </description>
+ </extension>
+ <typedef name="user-name-type">
+ <type name="string">
+ <length value="1..max"/>
+ </type>
+ <description>
+ <text>General Purpose Username string.</text>
+ </description>
+ </typedef>
+ <typedef name="matchall-string-type">
+ <type name="string">
+ <pattern value="\*"/>
+ </type>
+ <description>
+ <text>The string containing a single asterisk '*' is used
+to conceptually represent all possible values
+for the particular leaf using this data type.</text>
+ </description>
+ </typedef>
+ <typedef name="access-operations-type">
+ <type name="bits">
+ <bit name="create">
+ <description>
+ <text>Any protocol operation that creates a
+new data node.</text>
+ </description>
+ </bit>
+ <bit name="read">
+ <description>
+ <text>Any protocol operation or notification that
+returns the value of a data node.</text>
+ </description>
+ </bit>
+ <bit name="update">
+ <description>
+ <text>Any protocol operation that alters an existing
+data node.</text>
+ </description>
+ </bit>
+ <bit name="delete">
+ <description>
+ <text>Any protocol operation that removes a data node.</text>
+ </description>
+ </bit>
+ <bit name="exec">
+ <description>
+ <text>Execution access to the specified protocol operation.</text>
+ </description>
+ </bit>
+ </type>
+ <description>
+ <text>NETCONF Access Operation.</text>
+ </description>
+ </typedef>
+ <typedef name="group-name-type">
+ <type name="string">
+ <length value="1..max"/>
+ <pattern value="[^\*].*"/>
+ </type>
+ <description>
+ <text>Name of administrative group to which
+users can be assigned.</text>
+ </description>
+ </typedef>
+ <typedef name="action-type">
+ <type name="enumeration">
+ <enum name="permit">
+ <description>
+ <text>Requested action is permitted.</text>
+ </description>
+ </enum>
+ <enum name="deny">
+ <description>
+ <text>Requested action is denied.</text>
+ </description>
+ </enum>
+ </type>
+ <description>
+ <text>Action taken by the server when a particular
+rule matches.</text>
+ </description>
+ </typedef>
+ <typedef name="node-instance-identifier">
+ <type name="yang:xpath1.0"/>
+ <description>
+ <text>Path expression used to represent a special
+data node instance identifier string.
+
+A node-instance-identifier value is an
+unrestricted YANG instance-identifier expression.
+All the same rules as an instance-identifier apply
+except predicates for keys are optional. If a key
+predicate is missing, then the node-instance-identifier
+represents all possible server instances for that key.
+
+This XPath expression is evaluated in the following context:
+
+ o The set of namespace declarations are those in scope on
+ the leaf element where this type is used.
+
+ o The set of variable bindings contains one variable,
+ 'USER', which contains the name of the user of the current
+ session.
+
+ o The function library is the core function library, but
+ note that due to the syntax restrictions of an
+ instance-identifier, no functions are allowed.
+
+ o The context node is the root node in the data tree.</text>
+ </description>
+ </typedef>
+ <container name="nacm">
+ <nacm:default-deny-all/>
+ <description>
+ <text>Parameters for NETCONF Access Control Model.</text>
+ </description>
+ <leaf name="enable-nacm">
+ <type name="boolean"/>
+ <default value="true"/>
+ <description>
+ <text>Enables or disables all NETCONF access control
+enforcement. If 'true', then enforcement
+is enabled. If 'false', then enforcement
+is disabled.</text>
+ </description>
+ </leaf>
+ <leaf name="read-default">
+ <type name="action-type"/>
+ <default value="permit"/>
+ <description>
+ <text>Controls whether read access is granted if
+no appropriate rule is found for a
+particular read request.</text>
+ </description>
+ </leaf>
+ <leaf name="write-default">
+ <type name="action-type"/>
+ <default value="deny"/>
+ <description>
+ <text>Controls whether create, update, or delete access
+is granted if no appropriate rule is found for a
+particular write request.</text>
+ </description>
+ </leaf>
+ <leaf name="exec-default">
+ <type name="action-type"/>
+ <default value="permit"/>
+ <description>
+ <text>Controls whether exec access is granted if no appropriate
+rule is found for a particular protocol operation request.</text>
+ </description>
+ </leaf>
+ <leaf name="enable-external-groups">
+ <type name="boolean"/>
+ <default value="true"/>
+ <description>
+ <text>Controls whether the server uses the groups reported by the
+NETCONF transport layer when it assigns the user to a set of
+NACM groups. If this leaf has the value 'false', any group
+names reported by the transport layer are ignored by the
+server.</text>
+ </description>
+ </leaf>
+ <leaf name="denied-operations">
+ <type name="yang:zero-based-counter32"/>
+ <config value="false"/>
+ <mandatory value="true"/>
+ <description>
+ <text>Number of times since the server last restarted that a
+protocol operation request was denied.</text>
+ </description>
+ </leaf>
+ <leaf name="denied-data-writes">
+ <type name="yang:zero-based-counter32"/>
+ <config value="false"/>
+ <mandatory value="true"/>
+ <description>
+ <text>Number of times since the server last restarted that a
+protocol operation request to alter
+a configuration datastore was denied.</text>
+ </description>
+ </leaf>
+ <leaf name="denied-notifications">
+ <type name="yang:zero-based-counter32"/>
+ <config value="false"/>
+ <mandatory value="true"/>
+ <description>
+ <text>Number of times since the server last restarted that
+a notification was dropped for a subscription because
+access to the event type was denied.</text>
+ </description>
+ </leaf>
+ <container name="groups">
+ <description>
+ <text>NETCONF Access Control Groups.</text>
+ </description>
+ <list name="group">
+ <key value="name"/>
+ <description>
+ <text>One NACM Group Entry. This list will only contain
+configured entries, not any entries learned from
+any transport protocols.</text>
+ </description>
+ <leaf name="name">
+ <type name="group-name-type"/>
+ <description>
+ <text>Group name associated with this entry.</text>
+ </description>
+ </leaf>
+ <leaf-list name="user-name">
+ <type name="user-name-type"/>
+ <description>
+ <text>Each entry identifies the username of
+a member of the group associated with
+this entry.</text>
+ </description>
+ </leaf-list>
+ </list>
+ </container>
+ <list name="rule-list">
+ <key value="name"/>
+ <ordered-by value="user"/>
+ <description>
+ <text>An ordered collection of access control rules.</text>
+ </description>
+ <leaf name="name">
+ <type name="string">
+ <length value="1..max"/>
+ </type>
+ <description>
+ <text>Arbitrary name assigned to the rule-list.</text>
+ </description>
+ </leaf>
+ <leaf-list name="group">
+ <type name="union">
+ <type name="matchall-string-type"/>
+ <type name="group-name-type"/>
+ </type>
+ <description>
+ <text>List of administrative groups that will be
+assigned the associated access rights
+defined by the 'rule' list.
+
+The string '*' indicates that all groups apply to the
+entry.</text>
+ </description>
+ </leaf-list>
+ <list name="rule">
+ <key value="name"/>
+ <ordered-by value="user"/>
+ <description>
+ <text>One access control rule.
+
+Rules are processed in user-defined order until a match is
+found. A rule matches if 'module-name', 'rule-type', and
+'access-operations' match the request. If a rule
+matches, the 'action' leaf determines if access is granted
+or not.</text>
+ </description>
+ <leaf name="name">
+ <type name="string">
+ <length value="1..max"/>
+ </type>
+ <description>
+ <text>Arbitrary name assigned to the rule.</text>
+ </description>
+ </leaf>
+ <leaf name="module-name">
+ <type name="union">
+ <type name="matchall-string-type"/>
+ <type name="string"/>
+ </type>
+ <default value="*"/>
+ <description>
+ <text>Name of the module associated with this rule.
+
+This leaf matches if it has the value '*' or if the
+object being accessed is defined in the module with the
+specified module name.</text>
+ </description>
+ </leaf>
+ <choice name="rule-type">
+ <description>
+ <text>This choice matches if all leafs present in the rule
+match the request. If no leafs are present, the
+choice matches all requests.</text>
+ </description>
+ <case name="protocol-operation">
+ <leaf name="rpc-name">
+ <type name="union">
+ <type name="matchall-string-type"/>
+ <type name="string"/>
+ </type>
+ <description>
+ <text>This leaf matches if it has the value '*' or if
+its value equals the requested protocol operation
+name.</text>
+ </description>
+ </leaf>
+ </case>
+ <case name="notification">
+ <leaf name="notification-name">
+ <type name="union">
+ <type name="matchall-string-type"/>
+ <type name="string"/>
+ </type>
+ <description>
+ <text>This leaf matches if it has the value '*' or if its
+value equals the requested notification name.</text>
+ </description>
+ </leaf>
+ </case>
+ <case name="data-node">
+ <leaf name="path">
+ <type name="node-instance-identifier"/>
+ <mandatory value="true"/>
+ <description>
+ <text>Data Node Instance Identifier associated with the
+data node controlled by this rule.
+
+Configuration data or state data instance
+identifiers start with a top-level data node. A
+complete instance identifier is required for this
+type of path value.
+
+The special value '/' refers to all possible
+datastore contents.</text>
+ </description>
+ </leaf>
+ </case>
+ </choice>
+ <leaf name="access-operations">
+ <type name="union">
+ <type name="matchall-string-type"/>
+ <type name="access-operations-type"/>
+ </type>
+ <default value="*"/>
+ <description>
+ <text>Access operations associated with this rule.
+
+This leaf matches if it has the value '*' or if the
+bit corresponding to the requested operation is set.</text>
+ </description>
+ </leaf>
+ <leaf name="action">
+ <type name="action-type"/>
+ <mandatory value="true"/>
+ <description>
+ <text>The access control action associated with the
+rule. If a rule is determined to match a
+particular request, then this object is used
+to determine whether to permit or deny the
+request.</text>
+ </description>
+ </leaf>
+ <leaf name="comment">
+ <type name="string"/>
+ <description>
+ <text>A textual description of the access rule.</text>
+ </description>
+ </leaf>
+ </list>
+ </list>
+ </container>
+</module>
diff --git a/tests/models/ietf-netconf.yin b/tests/models/ietf-netconf.yin
new file mode 100644
index 0000000..bb7ae31
--- /dev/null
+++ b/tests/models/ietf-netconf.yin
@@ -0,0 +1,1032 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module name="ietf-netconf"
+ xmlns="urn:ietf:params:xml:ns:yang:yin:1"
+ xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"
+ xmlns:inet="urn:ietf:params:xml:ns:yang:ietf-inet-types"
+ xmlns:nacm="urn:ietf:params:xml:ns:yang:ietf-netconf-acm">
+ <namespace uri="urn:ietf:params:xml:ns:netconf:base:1.0"/>
+ <prefix value="nc"/>
+ <import module="ietf-inet-types">
+ <prefix value="inet"/>
+ </import>
+ <import module="ietf-netconf-acm">
+ <prefix value="nacm"/>
+ </import>
+ <organization>
+ <text>IETF NETCONF (Network Configuration) Working Group</text>
+ </organization>
+ <contact>
+ <text>WG Web: <http://tools.ietf.org/wg/netconf/>
+WG List: <netconf@ietf.org>
+
+WG Chair: Bert Wijnen
+ <bertietf@bwijnen.net>
+
+WG Chair: Mehmet Ersue
+ <mehmet.ersue@nsn.com>
+
+Editor: Martin Bjorklund
+ <mbj@tail-f.com>
+
+Editor: Juergen Schoenwaelder
+ <j.schoenwaelder@jacobs-university.de>
+
+Editor: Andy Bierman
+ <andy.bierman@brocade.com></text>
+ </contact>
+ <description>
+ <text>NETCONF Protocol Data Types and Protocol Operations.
+
+Copyright (c) 2011 IETF Trust and the persons identified as
+the document authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or
+without modification, is permitted pursuant to, and subject
+to the license terms contained in, the Simplified BSD License
+set forth in Section 4.c of the IETF Trust's Legal Provisions
+Relating to IETF Documents
+(http://trustee.ietf.org/license-info).
+
+This version of this YANG module is part of RFC 6241; see
+the RFC itself for full legal notices.</text>
+ </description>
+ <revision date="2011-06-01">
+ <description>
+ <text>Initial revision;
+2013-09-29: Updated to include NACM attributes,
+as specified in RFC 6536: sec 3.2.5 and 3.2.8</text>
+ </description>
+ <reference>
+ <text>RFC 6241: Network Configuration Protocol</text>
+ </reference>
+ </revision>
+ <extension name="get-filter-element-attributes">
+ <description>
+ <text>If this extension is present within an 'anyxml'
+statement named 'filter', which must be conceptually
+defined within the RPC input section for the <get>
+and <get-config> protocol operations, then the
+following unqualified XML attribute is supported
+within the <filter> element, within a <get> or
+<get-config> protocol operation:
+
+ type : optional attribute with allowed
+ value strings 'subtree' and 'xpath'.
+ If missing, the default value is 'subtree'.
+
+If the 'xpath' feature is supported, then the
+following unqualified XML attribute is
+also supported:
+
+ select: optional attribute containing a
+ string representing an XPath expression.
+ The 'type' attribute must be equal to 'xpath'
+ if this attribute is present.</text>
+ </description>
+ </extension>
+ <feature name="writable-running">
+ <description>
+ <text>NETCONF :writable-running capability;
+If the server advertises the :writable-running
+capability for a session, then this feature must
+also be enabled for that session. Otherwise,
+this feature must not be enabled.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.2</text>
+ </reference>
+ </feature>
+ <feature name="candidate">
+ <description>
+ <text>NETCONF :candidate capability;
+If the server advertises the :candidate
+capability for a session, then this feature must
+also be enabled for that session. Otherwise,
+this feature must not be enabled.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.3</text>
+ </reference>
+ </feature>
+ <feature name="confirmed-commit">
+ <if-feature name="candidate"/>
+ <description>
+ <text>NETCONF :confirmed-commit:1.1 capability;
+If the server advertises the :confirmed-commit:1.1
+capability for a session, then this feature must
+also be enabled for that session. Otherwise,
+this feature must not be enabled.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.4</text>
+ </reference>
+ </feature>
+ <feature name="rollback-on-error">
+ <description>
+ <text>NETCONF :rollback-on-error capability;
+If the server advertises the :rollback-on-error
+capability for a session, then this feature must
+also be enabled for that session. Otherwise,
+this feature must not be enabled.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.5</text>
+ </reference>
+ </feature>
+ <feature name="validate">
+ <description>
+ <text>NETCONF :validate:1.1 capability;
+If the server advertises the :validate:1.1
+capability for a session, then this feature must
+also be enabled for that session. Otherwise,
+this feature must not be enabled.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.6</text>
+ </reference>
+ </feature>
+ <feature name="startup">
+ <description>
+ <text>NETCONF :startup capability;
+If the server advertises the :startup
+capability for a session, then this feature must
+also be enabled for that session. Otherwise,
+this feature must not be enabled.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.7</text>
+ </reference>
+ </feature>
+ <feature name="url">
+ <description>
+ <text>NETCONF :url capability;
+If the server advertises the :url
+capability for a session, then this feature must
+also be enabled for that session. Otherwise,
+this feature must not be enabled.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.8</text>
+ </reference>
+ </feature>
+ <feature name="xpath">
+ <description>
+ <text>NETCONF :xpath capability;
+If the server advertises the :xpath
+capability for a session, then this feature must
+also be enabled for that session. Otherwise,
+this feature must not be enabled.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.9</text>
+ </reference>
+ </feature>
+ <typedef name="session-id-type">
+ <type name="uint32">
+ <range value="1..max"/>
+ </type>
+ <description>
+ <text>NETCONF Session Id</text>
+ </description>
+ </typedef>
+ <typedef name="session-id-or-zero-type">
+ <type name="uint32"/>
+ <description>
+ <text>NETCONF Session Id or Zero to indicate none</text>
+ </description>
+ </typedef>
+ <typedef name="error-tag-type">
+ <type name="enumeration">
+ <enum name="in-use">
+ <description>
+ <text>The request requires a resource that
+already is in use.</text>
+ </description>
+ </enum>
+ <enum name="invalid-value">
+ <description>
+ <text>The request specifies an unacceptable value for one
+or more parameters.</text>
+ </description>
+ </enum>
+ <enum name="too-big">
+ <description>
+ <text>The request or response (that would be generated) is
+too large for the implementation to handle.</text>
+ </description>
+ </enum>
+ <enum name="missing-attribute">
+ <description>
+ <text>An expected attribute is missing.</text>
+ </description>
+ </enum>
+ <enum name="bad-attribute">
+ <description>
+ <text>An attribute value is not correct; e.g., wrong type,
+out of range, pattern mismatch.</text>
+ </description>
+ </enum>
+ <enum name="unknown-attribute">
+ <description>
+ <text>An unexpected attribute is present.</text>
+ </description>
+ </enum>
+ <enum name="missing-element">
+ <description>
+ <text>An expected element is missing.</text>
+ </description>
+ </enum>
+ <enum name="bad-element">
+ <description>
+ <text>An element value is not correct; e.g., wrong type,
+out of range, pattern mismatch.</text>
+ </description>
+ </enum>
+ <enum name="unknown-element">
+ <description>
+ <text>An unexpected element is present.</text>
+ </description>
+ </enum>
+ <enum name="unknown-namespace">
+ <description>
+ <text>An unexpected namespace is present.</text>
+ </description>
+ </enum>
+ <enum name="access-denied">
+ <description>
+ <text>Access to the requested protocol operation or
+data model is denied because authorization failed.</text>
+ </description>
+ </enum>
+ <enum name="lock-denied">
+ <description>
+ <text>Access to the requested lock is denied because the
+lock is currently held by another entity.</text>
+ </description>
+ </enum>
+ <enum name="resource-denied">
+ <description>
+ <text>Request could not be completed because of
+insufficient resources.</text>
+ </description>
+ </enum>
+ <enum name="rollback-failed">
+ <description>
+ <text>Request to roll back some configuration change (via
+rollback-on-error or <discard-changes> operations)
+was not completed for some reason.</text>
+ </description>
+ </enum>
+ <enum name="data-exists">
+ <description>
+ <text>Request could not be completed because the relevant
+data model content already exists. For example,
+a 'create' operation was attempted on data that
+already exists.</text>
+ </description>
+ </enum>
+ <enum name="data-missing">
+ <description>
+ <text>Request could not be completed because the relevant
+data model content does not exist. For example,
+a 'delete' operation was attempted on
+data that does not exist.</text>
+ </description>
+ </enum>
+ <enum name="operation-not-supported">
+ <description>
+ <text>Request could not be completed because the requested
+operation is not supported by this implementation.</text>
+ </description>
+ </enum>
+ <enum name="operation-failed">
+ <description>
+ <text>Request could not be completed because the requested
+operation failed for some reason not covered by
+any other error condition.</text>
+ </description>
+ </enum>
+ <enum name="partial-operation">
+ <description>
+ <text>This error-tag is obsolete, and SHOULD NOT be sent
+by servers conforming to this document.</text>
+ </description>
+ </enum>
+ <enum name="malformed-message">
+ <description>
+ <text>A message could not be handled because it failed to
+be parsed correctly. For example, the message is not
+well-formed XML or it uses an invalid character set.</text>
+ </description>
+ </enum>
+ </type>
+ <description>
+ <text>NETCONF Error Tag</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Appendix A</text>
+ </reference>
+ </typedef>
+ <typedef name="error-severity-type">
+ <type name="enumeration">
+ <enum name="error">
+ <description>
+ <text>Error severity</text>
+ </description>
+ </enum>
+ <enum name="warning">
+ <description>
+ <text>Warning severity</text>
+ </description>
+ </enum>
+ </type>
+ <description>
+ <text>NETCONF Error Severity</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 4.3</text>
+ </reference>
+ </typedef>
+ <typedef name="edit-operation-type">
+ <type name="enumeration">
+ <enum name="merge">
+ <description>
+ <text>The configuration data identified by the
+element containing this attribute is merged
+with the configuration at the corresponding
+level in the configuration datastore identified
+by the target parameter.</text>
+ </description>
+ </enum>
+ <enum name="replace">
+ <description>
+ <text>The configuration data identified by the element
+containing this attribute replaces any related
+configuration in the configuration datastore
+identified by the target parameter. If no such
+configuration data exists in the configuration
+datastore, it is created. Unlike a
+<copy-config> operation, which replaces the
+entire target configuration, only the configuration
+actually present in the config parameter is affected.</text>
+ </description>
+ </enum>
+ <enum name="create">
+ <description>
+ <text>The configuration data identified by the element
+containing this attribute is added to the
+configuration if and only if the configuration
+data does not already exist in the configuration
+datastore. If the configuration data exists, an
+<rpc-error> element is returned with an
+<error-tag> value of 'data-exists'.</text>
+ </description>
+ </enum>
+ <enum name="delete">
+ <description>
+ <text>The configuration data identified by the element
+containing this attribute is deleted from the
+configuration if and only if the configuration
+data currently exists in the configuration
+datastore. If the configuration data does not
+exist, an <rpc-error> element is returned with
+an <error-tag> value of 'data-missing'.</text>
+ </description>
+ </enum>
+ <enum name="remove">
+ <description>
+ <text>The configuration data identified by the element
+containing this attribute is deleted from the
+configuration if the configuration
+data currently exists in the configuration
+datastore. If the configuration data does not
+exist, the 'remove' operation is silently ignored
+by the server.</text>
+ </description>
+ </enum>
+ </type>
+ <default value="merge"/>
+ <description>
+ <text>NETCONF 'operation' attribute values</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 7.2</text>
+ </reference>
+ </typedef>
+ <rpc name="get-config">
+ <description>
+ <text>Retrieve all or part of a specified configuration.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 7.1</text>
+ </reference>
+ <input>
+ <container name="source">
+ <description>
+ <text>Particular configuration to retrieve.</text>
+ </description>
+ <choice name="config-source">
+ <mandatory value="true"/>
+ <description>
+ <text>The configuration to retrieve.</text>
+ </description>
+ <leaf name="candidate">
+ <if-feature name="candidate"/>
+ <type name="empty"/>
+ <description>
+ <text>The candidate configuration is the config source.</text>
+ </description>
+ </leaf>
+ <leaf name="running">
+ <type name="empty"/>
+ <description>
+ <text>The running configuration is the config source.</text>
+ </description>
+ </leaf>
+ <leaf name="startup">
+ <if-feature name="startup"/>
+ <type name="empty"/>
+ <description>
+ <text>The startup configuration is the config source.
+This is optional-to-implement on the server because
+not all servers will support filtering for this
+datastore.</text>
+ </description>
+ </leaf>
+ </choice>
+ </container>
+ <anyxml name="filter">
+ <description>
+ <text>Subtree or XPath filter to use.</text>
+ </description>
+ <nc:get-filter-element-attributes/>
+ </anyxml>
+ </input>
+ <output>
+ <anyxml name="data">
+ <description>
+ <text>Copy of the source datastore subset that matched
+the filter criteria (if any). An empty data container
+indicates that the request did not produce any results.</text>
+ </description>
+ </anyxml>
+ </output>
+ </rpc>
+ <rpc name="edit-config">
+ <description>
+ <text>The <edit-config> operation loads all or part of a specified
+configuration to the specified target configuration.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 7.2</text>
+ </reference>
+ <input>
+ <container name="target">
+ <description>
+ <text>Particular configuration to edit.</text>
+ </description>
+ <choice name="config-target">
+ <mandatory value="true"/>
+ <description>
+ <text>The configuration target.</text>
+ </description>
+ <leaf name="candidate">
+ <if-feature name="candidate"/>
+ <type name="empty"/>
+ <description>
+ <text>The candidate configuration is the config target.</text>
+ </description>
+ </leaf>
+ <leaf name="running">
+ <if-feature name="writable-running"/>
+ <type name="empty"/>
+ <description>
+ <text>The running configuration is the config source.</text>
+ </description>
+ </leaf>
+ </choice>
+ </container>
+ <leaf name="default-operation">
+ <type name="enumeration">
+ <enum name="merge">
+ <description>
+ <text>The default operation is merge.</text>
+ </description>
+ </enum>
+ <enum name="replace">
+ <description>
+ <text>The default operation is replace.</text>
+ </description>
+ </enum>
+ <enum name="none">
+ <description>
+ <text>There is no default operation.</text>
+ </description>
+ </enum>
+ </type>
+ <default value="merge"/>
+ <description>
+ <text>The default operation to use.</text>
+ </description>
+ </leaf>
+ <leaf name="test-option">
+ <if-feature name="validate"/>
+ <type name="enumeration">
+ <enum name="test-then-set">
+ <description>
+ <text>The server will test and then set if no errors.</text>
+ </description>
+ </enum>
+ <enum name="set">
+ <description>
+ <text>The server will set without a test first.</text>
+ </description>
+ </enum>
+ <enum name="test-only">
+ <description>
+ <text>The server will only test and not set, even
+if there are no errors.</text>
+ </description>
+ </enum>
+ </type>
+ <default value="test-then-set"/>
+ <description>
+ <text>The test option to use.</text>
+ </description>
+ </leaf>
+ <leaf name="error-option">
+ <type name="enumeration">
+ <enum name="stop-on-error">
+ <description>
+ <text>The server will stop on errors.</text>
+ </description>
+ </enum>
+ <enum name="continue-on-error">
+ <description>
+ <text>The server may continue on errors.</text>
+ </description>
+ </enum>
+ <enum name="rollback-on-error">
+ <description>
+ <text>The server will roll back on errors.
+This value can only be used if the 'rollback-on-error'
+feature is supported.</text>
+ </description>
+ </enum>
+ </type>
+ <default value="stop-on-error"/>
+ <description>
+ <text>The error option to use.</text>
+ </description>
+ </leaf>
+ <choice name="edit-content">
+ <mandatory value="true"/>
+ <description>
+ <text>The content for the edit operation.</text>
+ </description>
+ <anyxml name="config">
+ <description>
+ <text>Inline Config content.</text>
+ </description>
+ </anyxml>
+ <leaf name="url">
+ <if-feature name="url"/>
+ <type name="inet:uri"/>
+ <description>
+ <text>URL-based config content.</text>
+ </description>
+ </leaf>
+ </choice>
+ </input>
+ </rpc>
+ <rpc name="copy-config">
+ <description>
+ <text>Create or replace an entire configuration datastore with the
+contents of another complete configuration datastore.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 7.3</text>
+ </reference>
+ <input>
+ <container name="target">
+ <description>
+ <text>Particular configuration to copy to.</text>
+ </description>
+ <choice name="config-target">
+ <mandatory value="true"/>
+ <description>
+ <text>The configuration target of the copy operation.</text>
+ </description>
+ <leaf name="candidate">
+ <if-feature name="candidate"/>
+ <type name="empty"/>
+ <description>
+ <text>The candidate configuration is the config target.</text>
+ </description>
+ </leaf>
+ <leaf name="running">
+ <if-feature name="writable-running"/>
+ <type name="empty"/>
+ <description>
+ <text>The running configuration is the config target.
+This is optional-to-implement on the server.</text>
+ </description>
+ </leaf>
+ <leaf name="startup">
+ <if-feature name="startup"/>
+ <type name="empty"/>
+ <description>
+ <text>The startup configuration is the config target.</text>
+ </description>
+ </leaf>
+ <leaf name="url">
+ <if-feature name="url"/>
+ <type name="inet:uri"/>
+ <description>
+ <text>The URL-based configuration is the config target.</text>
+ </description>
+ </leaf>
+ </choice>
+ </container>
+ <container name="source">
+ <description>
+ <text>Particular configuration to copy from.</text>
+ </description>
+ <choice name="config-source">
+ <mandatory value="true"/>
+ <description>
+ <text>The configuration source for the copy operation.</text>
+ </description>
+ <leaf name="candidate">
+ <if-feature name="candidate"/>
+ <type name="empty"/>
+ <description>
+ <text>The candidate configuration is the config source.</text>
+ </description>
+ </leaf>
+ <leaf name="running">
+ <type name="empty"/>
+ <description>
+ <text>The running configuration is the config source.</text>
+ </description>
+ </leaf>
+ <leaf name="startup">
+ <if-feature name="startup"/>
+ <type name="empty"/>
+ <description>
+ <text>The startup configuration is the config source.</text>
+ </description>
+ </leaf>
+ <leaf name="url">
+ <if-feature name="url"/>
+ <type name="inet:uri"/>
+ <description>
+ <text>The URL-based configuration is the config source.</text>
+ </description>
+ </leaf>
+ <anyxml name="config">
+ <description>
+ <text>Inline Config content: <config> element. Represents
+an entire configuration datastore, not
+a subset of the running datastore.</text>
+ </description>
+ </anyxml>
+ </choice>
+ </container>
+ </input>
+ </rpc>
+ <rpc name="delete-config">
+ <nacm:default-deny-all/>
+ <description>
+ <text>Delete a configuration datastore.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 7.4</text>
+ </reference>
+ <input>
+ <container name="target">
+ <description>
+ <text>Particular configuration to delete.</text>
+ </description>
+ <choice name="config-target">
+ <mandatory value="true"/>
+ <description>
+ <text>The configuration target to delete.</text>
+ </description>
+ <leaf name="startup">
+ <if-feature name="startup"/>
+ <type name="empty"/>
+ <description>
+ <text>The startup configuration is the config target.</text>
+ </description>
+ </leaf>
+ <leaf name="url">
+ <if-feature name="url"/>
+ <type name="inet:uri"/>
+ <description>
+ <text>The URL-based configuration is the config target.</text>
+ </description>
+ </leaf>
+ </choice>
+ </container>
+ </input>
+ </rpc>
+ <rpc name="lock">
+ <description>
+ <text>The lock operation allows the client to lock the configuration
+system of a device.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 7.5</text>
+ </reference>
+ <input>
+ <container name="target">
+ <description>
+ <text>Particular configuration to lock.</text>
+ </description>
+ <choice name="config-target">
+ <mandatory value="true"/>
+ <description>
+ <text>The configuration target to lock.</text>
+ </description>
+ <leaf name="candidate">
+ <if-feature name="candidate"/>
+ <type name="empty"/>
+ <description>
+ <text>The candidate configuration is the config target.</text>
+ </description>
+ </leaf>
+ <leaf name="running">
+ <type name="empty"/>
+ <description>
+ <text>The running configuration is the config target.</text>
+ </description>
+ </leaf>
+ <leaf name="startup">
+ <if-feature name="startup"/>
+ <type name="empty"/>
+ <description>
+ <text>The startup configuration is the config target.</text>
+ </description>
+ </leaf>
+ </choice>
+ </container>
+ </input>
+ </rpc>
+ <rpc name="unlock">
+ <description>
+ <text>The unlock operation is used to release a configuration lock,
+previously obtained with the 'lock' operation.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 7.6</text>
+ </reference>
+ <input>
+ <container name="target">
+ <description>
+ <text>Particular configuration to unlock.</text>
+ </description>
+ <choice name="config-target">
+ <mandatory value="true"/>
+ <description>
+ <text>The configuration target to unlock.</text>
+ </description>
+ <leaf name="candidate">
+ <if-feature name="candidate"/>
+ <type name="empty"/>
+ <description>
+ <text>The candidate configuration is the config target.</text>
+ </description>
+ </leaf>
+ <leaf name="running">
+ <type name="empty"/>
+ <description>
+ <text>The running configuration is the config target.</text>
+ </description>
+ </leaf>
+ <leaf name="startup">
+ <if-feature name="startup"/>
+ <type name="empty"/>
+ <description>
+ <text>The startup configuration is the config target.</text>
+ </description>
+ </leaf>
+ </choice>
+ </container>
+ </input>
+ </rpc>
+ <rpc name="get">
+ <description>
+ <text>Retrieve running configuration and device state information.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 7.7</text>
+ </reference>
+ <input>
+ <anyxml name="filter">
+ <description>
+ <text>This parameter specifies the portion of the system
+configuration and state data to retrieve.</text>
+ </description>
+ <nc:get-filter-element-attributes/>
+ </anyxml>
+ </input>
+ <output>
+ <anyxml name="data">
+ <description>
+ <text>Copy of the running datastore subset and/or state
+data that matched the filter criteria (if any).
+An empty data container indicates that the request did not
+produce any results.</text>
+ </description>
+ </anyxml>
+ </output>
+ </rpc>
+ <rpc name="close-session">
+ <description>
+ <text>Request graceful termination of a NETCONF session.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 7.8</text>
+ </reference>
+ </rpc>
+ <rpc name="kill-session">
+ <nacm:default-deny-all/>
+ <description>
+ <text>Force the termination of a NETCONF session.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 7.9</text>
+ </reference>
+ <input>
+ <leaf name="session-id">
+ <type name="session-id-type"/>
+ <mandatory value="true"/>
+ <description>
+ <text>Particular session to kill.</text>
+ </description>
+ </leaf>
+ </input>
+ </rpc>
+ <rpc name="commit">
+ <if-feature name="candidate"/>
+ <description>
+ <text>Commit the candidate configuration as the device's new
+current configuration.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.3.4.1</text>
+ </reference>
+ <input>
+ <leaf name="confirmed">
+ <if-feature name="confirmed-commit"/>
+ <type name="empty"/>
+ <description>
+ <text>Requests a confirmed commit.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.3.4.1</text>
+ </reference>
+ </leaf>
+ <leaf name="confirm-timeout">
+ <if-feature name="confirmed-commit"/>
+ <type name="uint32">
+ <range value="1..max"/>
+ </type>
+ <units name="seconds"/>
+ <default value="600"/>
+ <description>
+ <text>The timeout interval for a confirmed commit.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.3.4.1</text>
+ </reference>
+ </leaf>
+ <leaf name="persist">
+ <if-feature name="confirmed-commit"/>
+ <type name="string"/>
+ <description>
+ <text>This parameter is used to make a confirmed commit
+persistent. A persistent confirmed commit is not aborted
+if the NETCONF session terminates. The only way to abort
+a persistent confirmed commit is to let the timer expire,
+or to use the <cancel-commit> operation.
+
+The value of this parameter is a token that must be given
+in the 'persist-id' parameter of <commit> or
+<cancel-commit> operations in order to confirm or cancel
+the persistent confirmed commit.
+
+The token should be a random string.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.3.4.1</text>
+ </reference>
+ </leaf>
+ <leaf name="persist-id">
+ <if-feature name="confirmed-commit"/>
+ <type name="string"/>
+ <description>
+ <text>This parameter is given in order to commit a persistent
+confirmed commit. The value must be equal to the value
+given in the 'persist' parameter to the <commit> operation.
+If it does not match, the operation fails with an
+'invalid-value' error.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.3.4.1</text>
+ </reference>
+ </leaf>
+ </input>
+ </rpc>
+ <rpc name="discard-changes">
+ <if-feature name="candidate"/>
+ <description>
+ <text>Revert the candidate configuration to the current
+running configuration.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.3.4.2</text>
+ </reference>
+ </rpc>
+ <rpc name="cancel-commit">
+ <if-feature name="confirmed-commit"/>
+ <description>
+ <text>This operation is used to cancel an ongoing confirmed commit.
+If the confirmed commit is persistent, the parameter
+'persist-id' must be given, and it must match the value of the
+'persist' parameter.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.4.4.1</text>
+ </reference>
+ <input>
+ <leaf name="persist-id">
+ <type name="string"/>
+ <description>
+ <text>This parameter is given in order to cancel a persistent
+confirmed commit. The value must be equal to the value
+given in the 'persist' parameter to the <commit> operation.
+If it does not match, the operation fails with an
+'invalid-value' error.</text>
+ </description>
+ </leaf>
+ </input>
+ </rpc>
+ <rpc name="validate">
+ <if-feature name="validate"/>
+ <description>
+ <text>Validates the contents of the specified configuration.</text>
+ </description>
+ <reference>
+ <text>RFC 6241, Section 8.6.4.1</text>
+ </reference>
+ <input>
+ <container name="source">
+ <description>
+ <text>Particular configuration to validate.</text>
+ </description>
+ <choice name="config-source">
+ <mandatory value="true"/>
+ <description>
+ <text>The configuration source to validate.</text>
+ </description>
+ <leaf name="candidate">
+ <if-feature name="candidate"/>
+ <type name="empty"/>
+ <description>
+ <text>The candidate configuration is the config source.</text>
+ </description>
+ </leaf>
+ <leaf name="running">
+ <type name="empty"/>
+ <description>
+ <text>The running configuration is the config source.</text>
+ </description>
+ </leaf>
+ <leaf name="startup">
+ <if-feature name="startup"/>
+ <type name="empty"/>
+ <description>
+ <text>The startup configuration is the config source.</text>
+ </description>
+ </leaf>
+ <leaf name="url">
+ <if-feature name="url"/>
+ <type name="inet:uri"/>
+ <description>
+ <text>The URL-based configuration is the config source.</text>
+ </description>
+ </leaf>
+ <anyxml name="config">
+ <description>
+ <text>Inline Config content: <config> element. Represents
+an entire configuration datastore, not
+a subset of the running datastore.</text>
+ </description>
+ </anyxml>
+ </choice>
+ </container>
+ </input>
+ </rpc>
+</module>