Add HP Comware config parser (#467)

* Add HP Comware config parser

docs/dev/include_parser_list.md

@@ -11,6 +11,7 @@
 | citrix_netscaler | netutils.config.parser.NetscalerConfigParser |
 | extreme_netiron | netutils.config.parser.NetironConfigParser |
 | fortinet_fortios | netutils.config.parser.FortinetConfigParser |
+| hp_comware | netutils.config.parser.HPComwareConfigParser |
 | juniper_junos | netutils.config.parser.JunosConfigParser |
 | linux | netutils.config.parser.LINUXConfigParser |
 | mikrotik_routeros | netutils.config.parser.RouterOSConfigParser |

docs/user/lib_mapper/netutilsparser.md

@@ -11,6 +11,7 @@
 | citrix_netscaler | → | citrix_netscaler |
 | extreme_netiron | → | extreme_netiron |
 | fortinet_fortios | → | fortinet |
+| hp_comware | → | hp_comware |
 | juniper_junos | → | juniper_junos |
 | linux | → | linux |
 | mikrotik_routeros | → | mikrotik_routeros |

docs/user/lib_mapper/netutilsparser_reverse.md

@@ -12,6 +12,7 @@
 | citrix_netscaler | → | citrix_netscaler |
 | extreme_netiron | → | extreme_netiron |
 | fortinet | → | fortinet_fortios |
+| hp_comware | → | hp_comware |
 | juniper_junos | → | juniper_junos |
 | linux | → | linux |
 | mikrotik_routeros | → | mikrotik_routeros |

netutils/config/compliance.py

@@ -18,6 +18,7 @@
     "citrix_netscaler": parser.NetscalerConfigParser,
     "extreme_netiron": parser.NetironConfigParser,
     "fortinet_fortios": parser.FortinetConfigParser,
+    "hp_comware": parser.HPComwareConfigParser,
     "juniper_junos": parser.JunosConfigParser,
     "linux": parser.LINUXConfigParser,
     "mikrotik_routeros": parser.RouterOSConfigParser,

netutils/config/parser.py

@@ -1612,3 +1612,102 @@ def config_lines_only(self) -> str:
                 config_lines.append(line)
 
         return "\n".join(config_lines)
+
+
+class HPEConfigParser(BaseSpaceConfigParser):
+    """HPE Implementation of ConfigParser Class."""
+
+    regex_banner = re.compile(r"^header\s(\w+)\s+(?P<banner_delimiter>\^C|\S?)")
+
+    def __init__(self, config: str):
+        """Initialize the HPEConfigParser object."""
+        self.delimiter = ""
+        self._banner_end: t.Optional[str] = None
+        super(HPEConfigParser, self).__init__(config)
+
+    def _build_banner(self, config_line: str) -> t.Optional[str]:
+        """
+        Builds a banner configuration based on the given config_line.
+
+        Args:
+            config_line (str): The configuration line to process.
+
+        Returns:
+            Optional[str]: The next configuration line, or None if there are no more lines.
+
+        Raises:
+            ValueError: If the banner end cannot be parsed.
+        """
+        if self.is_banner_one_line(config_line):
+            self._update_config_lines(config_line)
+            try:
+                return next(self.generator_config)
+            except StopIteration:
+                return None
+        self._update_config_lines(config_line)
+        self._current_parents += (config_line,)
+        banner_config = []
+        for line in self.generator_config:
+            if not self.is_banner_end(line):
+                banner_config.append(line)
+            else:
+                banner_config.append(line)
+                line = "\n".join(banner_config)
+                if line.endswith(self.delimiter):
+                    banner, end, _ = line.rpartition(self.delimiter)
+                    line = banner.rstrip() + end
+                self._update_config_lines(line)
+                self._current_parents = self._current_parents[:-1]
+                try:
+                    return next(self.generator_config)
+                except StopIteration:
+                    return None
+        raise ValueError("Unable to parse banner end.")
+
+    def set_delimiter(self, config_line: str) -> None:
+        """Find delimiter character in banner and set self.delimiter to be it."""
+        banner_parsed = self.regex_banner.match(config_line)
+        if banner_parsed and "banner_delimiter" in banner_parsed.groupdict():
+            self.delimiter = banner_parsed.groupdict()["banner_delimiter"]
+            return None
+        raise ValueError("Unable to find banner delimiter.")
+
+    def is_banner_one_line(self, config_line: str) -> bool:
+        """Checks if the given configuration line represents a one-line banner."""
+        self.set_delimiter(config_line.strip())
+        _, _delimeter, banner = config_line.partition(self.delimiter)
+        banner_config_start = banner.lstrip(_delimeter)
+        if _delimeter not in banner_config_start:
+            return False
+        return True
+
+    def is_banner_start(self, line: str) -> bool:
+        """Checks if the given line is the start of a banner."""
+        state = super(HPEConfigParser, self).is_banner_start(line)
+        if state:
+            self.banner_end = line
+        return state
+
+    @property
+    def banner_end(self) -> str:
+        """Get the banner end."""
+        if self._banner_end is None:
+            raise RuntimeError("Banner end not yet set.")
+        return self._banner_end
+
+    @banner_end.setter
+    def banner_end(self, banner_start_line: str) -> None:
+        """Sets the delimiter for the end of the banner."""
+        self.set_delimiter(banner_start_line.strip())
+        self._banner_end = self.delimiter
+
+
+class HPComwareConfigParser(HPEConfigParser, BaseSpaceConfigParser):
+    """HP Comware Implementation of ConfigParser Class."""
+
+    banner_start: t.List[str] = ["header "]
+    comment_chars: t.List[str] = ["#"]
+
+    def _build_banner(self, config_line: str) -> t.Optional[str]:
+        """Build a banner from the given config line."""
+        return super(HPComwareConfigParser, self)._build_banner(config_line)

netutils/lib_mapper.py

@@ -375,6 +375,7 @@
     "citrix_netscaler": "citrix_netscaler",
     "extreme_netiron": "extreme_netiron",
     "fortinet_fortios": "fortinet",
+    "hp_comware": "hp_comware",
     "juniper_junos": "juniper_junos",
     "linux": "linux",
     "mikrotik_routeros": "mikrotik_routeros",
@@ -526,6 +527,7 @@
     "citrix_netscaler": "citrix_netscaler",
     "extreme_netiron": "extreme_netiron",
     "fortinet": "fortinet_fortios",
+    "hp_comware": "hp_comware",
     "juniper_junos": "juniper_junos",
     "linux": "linux",
     "mikrotik_routeros": "mikrotik_routeros",

tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_bad_banner_backup.txt

@@ -0,0 +1,5 @@
+#
+header motd "my banner"
+#
+hwtacacs nas-ip 1.1.1.1
+#

tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_bad_banner_feature.py

@@ -0,0 +1,3 @@
+features = [
+    {"name": "header", "ordered": True, "section": ["header "]},
+]

tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_bad_banner_intended.txt

@@ -0,0 +1,9 @@
+#
+header motd ^C
+===================================================
+* GOOD DATA LINE 1
+* BAD DATA LINE 2
+==================================================^C
+#
+hwtacacs nas-ip 1.1.1.4
+#

tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_bad_banner_received.json

@@ -0,0 +1,12 @@
+{
+   "header": {
+      "compliant": false,
+      "missing": "header motd ^C\n===================================================\n* GOOD DATA LINE 1\n* BAD DATA LINE 2\n==================================================^C",
+      "extra": "header motd \"my banner\"",
+      "cannot_parse": true,
+      "unordered_compliant": false,
+      "ordered_compliant": false,
+      "actual": "header motd \"my banner\"",
+      "intended": "header motd ^C\n===================================================\n* GOOD DATA LINE 1\n* BAD DATA LINE 2\n==================================================^C"
+   }
+}

tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_basic_backup.txt

@@ -0,0 +1,48 @@
+sysname HP-JKT-01
+#
+dhcp enable
+dhcp server forbidden-ip 10.10.10.1 10.10.10.100
+dhcp server always-broadcast
+#
+dhcp server ip-pool CKP
+ gateway-list 10.10.10.1
+ domain-name intra.data.co.id
+ expired day 30
+ netbios-type b-node
+#
+bgp 65330
+ router-id 10.10.10.254
+ graceful-restart
+ graceful-restart timer restart 120
+ graceful-restart timer wait-for-rib 360
+ peer 10.20.240.1 description ***Point to Point Connection**
+ peer 10.20.240.1 ebgp-max-hop 10
+ peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==
+  address-family ipv4 unicast
+  balance 4
+  peer 10.30.240.1 enable
+  peer 10.30.240.1 route-policy P2P-FirstTry import
+  peer 10.30.240.1 route-policy P2P-FirstTry export
+#
+snmp-agent
+snmp-agent local-engineid 8000XXX123456789AB503C00000001
+snmp-agent community read RO
+snmp-agent community read read
+snmp-agent community read ro
+#
+acl advanced name HPE
+ rule 1 permit source 10.180.50.254 0 destination 10.1.0.249 0
+ rule 2 permit source 10.180.50.0 0.0.0.127 destination 10.1.4.62 0
+ rule 3 permit source 10.180.50.0 0.0.0.127 destination 10.2.4.62 0
+#
+header motd #
+===================================================
+
+!!! WARNING !!!
+system monitoring for law enforcement and other
+purpose. Unauthorized use of this machine may
+subject you to criminal prosecution and penalties
+
+==================================================#
+#
+return

tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_basic_feature.py

@@ -0,0 +1,7 @@
+features = [
+    {"name": "bgp", "ordered": True, "section": ["bgp "]},
+    {"name": "snmp-agent", "ordered": True, "section": ["snmp-server "]},
+    {"name": "dhcp", "ordered": False, "section": ["dhcp "]},
+    {"name": "header", "ordered": True, "section": ["header "]},
+    {"name": "acl", "ordered": True, "section": ["acl "]},
+]

tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_basic_intended.txt

@@ -0,0 +1,48 @@
+sysname HP-JKT-01
+#
+dhcp enable
+dhcp server forbidden-ip 10.10.10.1 10.10.10.100
+dhcp server always-broadcast
+#
+dhcp server ip-pool CKP
+ gateway-list 10.10.10.1
+ domain-name intra.data.co.id
+ expired day 30
+ netbios-type b-node
+#
+bgp 65330
+ router-id 10.10.10.254
+ graceful-restart
+ graceful-restart timer restart 120
+ graceful-restart timer wait-for-rib 360
+ peer 10.20.240.1 description ***Point to Point Connection**
+ peer 10.20.240.1 ebgp-max-hop 10
+ peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==
+  address-family ipv4 unicast
+  balance 4
+  peer 10.30.240.1 enable
+  peer 10.30.240.1 route-policy P2P-FirstTry import
+  peer 10.30.240.1 route-policy P2P-FirstTry export
+#
+snmp-agent
+snmp-agent local-engineid 8000XXX123456789AB503C00000001
+snmp-agent community read RO
+snmp-agent community read read
+snmp-agent community read ro
+#
+acl advanced name HPE
+ rule 1 permit source 10.180.60.254 0 destination 10.1.0.249 0
+ rule 2 permit source 10.180.60.0 0.0.0.127 destination 10.1.4.62 0
+ rule 3 permit source 10.180.60.0 0.0.0.127 destination 10.2.4.62 0
+#
+header motd #
+===================================================
+
+!!! WARNING !!!
+system monitoring for law enforcement and other
+purpose. Unauthorized use of this machine may
+subject you to criminal prosecution and penalties
+
+==================================================#
+#
+return

tests/unit/mock/config/compliance/compliance/hp_comware/hp_comware_basic_received.json

@@ -0,0 +1,52 @@
+{
+   "bgp": {
+      "compliant": true,
+      "missing": "",
+      "extra": "",
+      "cannot_parse": true,
+      "unordered_compliant": true,
+      "ordered_compliant": true,
+      "actual": "bgp 65330\n router-id 10.10.10.254\n graceful-restart\n graceful-restart timer restart 120\n graceful-restart timer wait-for-rib 360\n peer 10.20.240.1 description ***Point to Point Connection**\n peer 10.20.240.1 ebgp-max-hop 10\n peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==\n  address-family ipv4 unicast\n  balance 4\n  peer 10.30.240.1 enable\n  peer 10.30.240.1 route-policy P2P-FirstTry import\n  peer 10.30.240.1 route-policy P2P-FirstTry export",
+      "intended": "bgp 65330\n router-id 10.10.10.254\n graceful-restart\n graceful-restart timer restart 120\n graceful-restart timer wait-for-rib 360\n peer 10.20.240.1 description ***Point to Point Connection**\n peer 10.20.240.1 ebgp-max-hop 10\n peer 10.30.240.1 password cipher $x$x$xxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxx==\n  address-family ipv4 unicast\n  balance 4\n  peer 10.30.240.1 enable\n  peer 10.30.240.1 route-policy P2P-FirstTry import\n  peer 10.30.240.1 route-policy P2P-FirstTry export"
+   },
+   "snmp-agent": {
+      "compliant": true,
+      "missing": "",
+      "extra": "",
+      "cannot_parse": true,
+      "unordered_compliant": true,
+      "ordered_compliant": true,
+      "actual": "",
+      "intended": ""
+   },
+   "dhcp": {
+      "compliant": true,
+      "missing": "",
+      "extra": "",
+      "cannot_parse": true,
+      "unordered_compliant": true,
+      "ordered_compliant": true,
+      "actual": "dhcp enable\ndhcp server forbidden-ip 10.10.10.1 10.10.10.100\ndhcp server always-broadcast\ndhcp server ip-pool CKP\n gateway-list 10.10.10.1\n domain-name intra.data.co.id\n expired day 30\n netbios-type b-node",
+      "intended": "dhcp enable\ndhcp server forbidden-ip 10.10.10.1 10.10.10.100\ndhcp server always-broadcast\ndhcp server ip-pool CKP\n gateway-list 10.10.10.1\n domain-name intra.data.co.id\n expired day 30\n netbios-type b-node"
+   },
+   "header": {
+      "compliant": true,
+      "missing": "",
+      "extra": "",
+      "cannot_parse": true,
+      "unordered_compliant": true,
+      "ordered_compliant": true,
+      "actual": "header motd #\n===================================================\n!!! WARNING !!!\nsystem monitoring for law enforcement and other\npurpose. Unauthorized use of this machine may\nsubject you to criminal prosecution and penalties\n==================================================#",
+      "intended": "header motd #\n===================================================\n!!! WARNING !!!\nsystem monitoring for law enforcement and other\npurpose. Unauthorized use of this machine may\nsubject you to criminal prosecution and penalties\n==================================================#"
+   },
+   "acl": {
+      "compliant": false,
+      "missing": "acl advanced name HPE\n rule 1 permit source 10.180.60.254 0 destination 10.1.0.249 0\n rule 2 permit source 10.180.60.0 0.0.0.127 destination 10.1.4.62 0\n rule 3 permit source 10.180.60.0 0.0.0.127 destination 10.2.4.62 0",
+      "extra": "acl advanced name HPE\n rule 1 permit source 10.180.50.254 0 destination 10.1.0.249 0\n rule 2 permit source 10.180.50.0 0.0.0.127 destination 10.1.4.62 0\n rule 3 permit source 10.180.50.0 0.0.0.127 destination 10.2.4.62 0",
+      "cannot_parse": true,
+      "unordered_compliant": false,
+      "ordered_compliant": false,
+      "actual": "acl advanced name HPE\n rule 1 permit source 10.180.50.254 0 destination 10.1.0.249 0\n rule 2 permit source 10.180.50.0 0.0.0.127 destination 10.1.4.62 0\n rule 3 permit source 10.180.50.0 0.0.0.127 destination 10.2.4.62 0",
+      "intended": "acl advanced name HPE\n rule 1 permit source 10.180.60.254 0 destination 10.1.0.249 0\n rule 2 permit source 10.180.60.0 0.0.0.127 destination 10.1.4.62 0\n rule 3 permit source 10.180.60.0 0.0.0.127 destination 10.2.4.62 0"
+   }
+}