Gitiles
Code Review Sign In
gerrit.opencord.org / aaa / 8d7a9824f434a4fffc1084d4d5bf62999cdfaf74 / . / app / src / test / java / org / opencord / aaa / impl / AaaStatisticsTest.java
blob: adfa05f5430f6dce525d5f0ff38678d60dd5bb78 [file] [log] [blame]
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]1/*
2 * Copyright 2015-present Open Networking Foundation
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16package org.opencord.aaa.impl;
17
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]18import org.junit.After;
19import org.junit.Before;
20import org.junit.Test;
21import org.onlab.junit.TestUtils;
22import org.onlab.packet.BasePacket;
23import org.onlab.packet.DeserializationException;
24import org.onlab.packet.EAP;
25import org.onlab.packet.Ethernet;
26import org.onlab.packet.IpAddress;
27import org.onlab.packet.RADIUS;
28import org.onlab.packet.RADIUSAttribute;
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame]29import org.onosproject.cluster.ClusterServiceAdapter;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]30import org.onosproject.core.ApplicationId;
31import org.onosproject.core.CoreServiceAdapter;
32import org.onosproject.event.DefaultEventSinkRegistry;
33import org.onosproject.event.Event;
34import org.onosproject.event.EventDeliveryService;
35import org.onosproject.event.EventSink;
36import org.onosproject.net.config.Config;
37import org.onosproject.net.config.NetworkConfigRegistryAdapter;
38import org.onosproject.net.packet.DefaultInboundPacket;
39import org.onosproject.net.packet.InboundPacket;
40import org.onosproject.net.packet.PacketContext;
41import org.onosproject.net.packet.PacketService;
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame]42import org.onosproject.store.cluster.messaging.ClusterCommunicationServiceAdapter;
Jonathan Hart9d1ce802020-01-28 10:45:08 -0800[diff] [blame]43import org.onosproject.store.service.TestStorageService;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]44import org.opencord.aaa.AaaConfig;
45import org.slf4j.Logger;
46
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]47import java.net.InetAddress;
48import java.net.UnknownHostException;
49import java.nio.ByteBuffer;
50
51import static com.google.common.base.Preconditions.checkState;
52import static org.hamcrest.Matchers.is;
53import static org.hamcrest.Matchers.notNullValue;
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]54import static org.junit.Assert.assertNotEquals;
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame^]55import static org.junit.Assert.assertEquals;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]56import static org.junit.Assert.assertThat;
57import static org.onosproject.net.NetTestTools.connectPoint;
58import static org.slf4j.LoggerFactory.getLogger;
59
60/**
61 * Set of tests of the ONOS application component for AAA Statistics.
62 */
63public class AaaStatisticsTest extends AaaTestBase {
64
65 static final String BAD_IP_ADDRESS = "198.51.100.0";
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]66 static final Long ZERO = (long) 0;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]67
68 private final Logger log = getLogger(getClass());
69 private AaaManager aaaManager;
70 private AaaStatisticsManager aaaStatisticsManager;
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]71 private AaaSupplicantMachineStatsManager aaaSupplicantStatsManager;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]72
73 class AaaManagerWithoutRadiusServer extends AaaManager {
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]74 protected void sendRadiusPacket(RADIUS radiusPacket, InboundPacket inPkt) {
75 super.sendRadiusPacket(radiusPacket, inPkt);
76 aaaManager.aaaStatisticsManager.putOutgoingIdentifierToMap(radiusPacket.getIdentifier());
77 savePacket(radiusPacket);
78 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]79
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]80 // changed the configuration of parent method to protected
81 protected void configureRadiusCommunication() {
82 PacketService pktService = new MockPacketService();
83 ApplicationId appId = new CoreServiceAdapter().registerApplication("org.opencord.aaa");
84 aaaManager.impl = new TestSocketBasedRadiusCommunicator(appId, pktService, aaaManager);
85 }
86 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]87
88 /**
89 * Mocks the AAAConfig class to force usage of an unroutable address for the
90 * RADIUS server.
91 */
92 static class MockAaaConfig extends AaaConfig {
93 @Override
94 public InetAddress radiusIp() {
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]95 try {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]96 return InetAddress.getByName(BAD_IP_ADDRESS);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]97 } catch (UnknownHostException ex) {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]98 throw new IllegalStateException(ex);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]99 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]100 }
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]101 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]102
103 /**
104 * Mocks the network config registry.
105 */
106 @SuppressWarnings("unchecked")
107 private static final class TestNetworkConfigRegistry extends NetworkConfigRegistryAdapter {
108 @Override
109 public <S, C extends Config<S>> C getConfig(S subject, Class<C> configClass) {
110 AaaConfig aaaConfig = new MockAaaConfig();
111 return (C) aaaConfig;
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]112 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]113 }
114
115 public static class TestEventDispatcher extends DefaultEventSinkRegistry implements EventDeliveryService {
116
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]117 @Override
118 @SuppressWarnings("unchecked")
119 public synchronized void post(Event event) {
120 EventSink sink = getSink(event.getClass());
121 checkState(sink != null, "No sink for event %s", event);
122 sink.process(event);
123 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]124
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]125 @Override
126 public void setDispatchTimeLimit(long millis) {
127 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]128
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]129 @Override
130 public long getDispatchTimeLimit() {
131 return 0;
132 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]133 }
134
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]135 /**
136 * Set up the services required by the AAA application.
137 */
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]138 @Before
139 public void setUp() {
140 aaaManager = new AaaManagerWithoutRadiusServer();
Shubham Sharma4900ce62019-06-19 14:18:50 +0000[diff] [blame]141 aaaManager.radiusOperationalStatusService = new RadiusOperationalStatusManager();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]142 aaaManager.netCfgService = new TestNetworkConfigRegistry();
143 aaaManager.coreService = new CoreServiceAdapter();
144 aaaManager.packetService = new MockPacketService();
145 aaaManager.deviceService = new TestDeviceService();
146 aaaManager.sadisService = new MockSadisService();
147 aaaManager.cfgService = new MockCfgService();
Jonathan Hart9d1ce802020-01-28 10:45:08 -0800[diff] [blame]148 aaaManager.storageService = new TestStorageService();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]149 aaaStatisticsManager = new AaaStatisticsManager();
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame]150 aaaStatisticsManager.storageService = new TestStorageService();
151 aaaStatisticsManager.clusterService = new ClusterServiceAdapter();
152 aaaStatisticsManager.leadershipService = new AaaManagerTest.TestLeadershipService();
153 aaaStatisticsManager.clusterCommunicationService = new ClusterCommunicationServiceAdapter();
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]154 aaaSupplicantStatsManager = new AaaSupplicantMachineStatsManager();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]155 TestUtils.setField(aaaStatisticsManager, "eventDispatcher", new TestEventDispatcher());
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame]156 aaaStatisticsManager.activate(new MockComponentContext());
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]157 TestUtils.setField(aaaSupplicantStatsManager, "eventDispatcher", new TestEventDispatcher());
158 aaaSupplicantStatsManager.activate();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]159 aaaManager.aaaStatisticsManager = this.aaaStatisticsManager;
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]160 aaaManager.aaaSupplicantStatsManager = this.aaaSupplicantStatsManager;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]161 TestUtils.setField(aaaManager, "eventDispatcher", new TestEventDispatcher());
162 aaaManager.activate(new AaaTestBase.MockComponentContext());
163 }
164
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]165 /**
166 * Tear down the AAA application.
167 */
168 @After
169 public void tearDown() {
170 aaaManager.deactivate(new AaaTestBase.MockComponentContext());
171 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]172
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]173 /**
174 * Extracts the RADIUS packet from a packet sent by the supplicant.
175 *
176 * @param radius RADIUS packet sent by the supplicant
177 * @throws DeserializationException if deserialization of the packet contents fails.
178 */
179 private void checkRadiusPacketFromSupplicant(RADIUS radius) throws DeserializationException {
180 assertThat(radius, notNullValue());
181 EAP eap = radius.decapsulateMessage();
182 assertThat(eap, notNullValue());
183 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]184
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]185 /**
186 * Fetches the sent packet at the given index. The requested packet must be the
187 * last packet on the list.
188 *
189 * @param index index into sent packets array
190 * @return packet
191 */
192 private BasePacket fetchPacket(int index) {
193 BasePacket packet = savedPackets.get(index);
194 assertThat(packet, notNullValue());
195 return packet;
196 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]197
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]198 /**
199 * Tests the authentication path through the AAA application.
200 * And counts the aaa Stats for successful transmission.
201 *
202 * @throws DeserializationException if packed deserialization fails.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]203 */
204 @Test
205 public void testAaaStatisticsForAcceptedPackets() throws Exception {
206
207 // (1) Supplicant start up
208 Ethernet startPacket = constructSupplicantStartPacket();
209 sendPacket(startPacket);
210
211 Ethernet responsePacket = (Ethernet) fetchPacket(0);
212 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
213
214 // (2) Supplicant identify
215
216 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
217 sendPacket(identifyPacket);
218
219 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
220 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
221
222 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
223 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
224 is("testuser"));
225 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]226 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]227 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
228
229 // State machine should have been created by now
230
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]231 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]232 assertThat(stateMachine, notNullValue());
233 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
234
235 // (3) RADIUS MD5 challenge
236
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]237 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
238 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5, radiusIdentifyPacket.getIdentifier(),
239 aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]240 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
241
242 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
243 checkRadiusPacket(aaaManager, radiusChallengeMD5Packet, EAP.ATTR_MD5);
244
245 // (4) Supplicant MD5 response
246
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]247 Ethernet md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
248 stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
249 sendPacket(md5RadiusPacket);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]250
251 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
252
253 checkRadiusPacketFromSupplicant(responseMd5RadiusPacket);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]254 //assertThat(responseMd5RadiusPacket.getIdentifier(), is((byte) 9));
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]255 assertThat(responseMd5RadiusPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
256
257 // State machine should be in pending state
258
259 assertThat(stateMachine, notNullValue());
260 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
261
262 // (5) RADIUS Success
263
264 RADIUS successPacket =
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]265 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_ACCEPT, EAP.SUCCESS,
266 responseMd5RadiusPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]267 aaaManager.handleRadiusPacket((successPacket));
268 Ethernet supplicantSuccessPacket = (Ethernet) fetchPacket(4);
269
270 checkRadiusPacket(aaaManager, supplicantSuccessPacket, EAP.SUCCESS);
271
272 // State machine should be in authorized state
273
274 assertThat(stateMachine, notNullValue());
275 assertThat(stateMachine.state(), is(StateMachine.STATE_AUTHORIZED));
276
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]277 //Check for increase of Stats
278 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
279 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthSuccessTrans(), ZERO);
280 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
281 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
282 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame^]283 assertNotEquals(aaaStatisticsManager.getAaaStats().getValidEapolFramesRx(), ZERO);
284 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolFramesTx(), ZERO);
285 assertNotEquals(aaaStatisticsManager.getAaaStats().getReqEapFramesTx(), ZERO);
286 assertNotEquals(aaaStatisticsManager.getAaaStats().getRequestIdFramesTx(), ZERO);
287 assertEquals(aaaStatisticsManager.getAaaStats().getInvalidBodyLength(), ZERO);
288 assertEquals(aaaStatisticsManager.getAaaStats().getInvalidPktType(), ZERO);
289 assertEquals(aaaStatisticsManager.getAaaStats().getPendingResSupp(), ZERO);
290 // Counts the aaa Statistics count and displays in the log
291 countAaaStatistics();
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]292
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]293 }
294
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame^]295 /** Tests invalid packets reaching AAA.
296 * And counts the aaa Stats for successful transmission.
297 * @throws DeserializationException
298 * if packed deserialization fails.
299 */
300 @Test
301 public void testStatisticsForInvalidPackets() throws Exception {
302
303 //Test Authenticator State Machine Status. Should be Pending
304 // (1) Supplicant start up
305 Ethernet startPacket = constructSupplicantStartPacket();
306 sendPacket(startPacket);
307
308 Ethernet responsePacket = (Ethernet) fetchPacket(0);
309 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
310
311 // (2) Supplicant identify
312
313 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
314 sendPacket(identifyPacket);
315
316 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
317 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
318
319 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
320 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
321 is("testuser"));
322 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
323 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
324 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
325
326 // State machine should have been created by now
327
328 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
329 assertThat(stateMachine, notNullValue());
330 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
331
332 // (3) RADIUS NAK challenge
333
334 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
335 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_NAK, radiusIdentifyPacket.getIdentifier(),
336 aaaManager.radiusSecret.getBytes());
337 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
338
339 Ethernet radiusChallengeNakPacket = (Ethernet) fetchPacket(2);
340 checkRadiusPacket(aaaManager, radiusChallengeNakPacket, EAP.ATTR_NAK);
341
342 // (4) Supplicant NAK response
343
344 Ethernet nakRadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_NAK,
345 stateMachine.challengeIdentifier(), radiusChallengeNakPacket);
346 sendPacket(nakRadiusPacket);
347
348 //Statistic Should be increased.
349 assertNotEquals(aaaStatisticsManager.getAaaStats().getPendingResSupp(), ZERO);
350
351 //Test if packet with invalid eapol type recieved.
352 // Supplicant ASF Packet
353 Ethernet invalidPacket = constructSupplicantAsfPacket();
354 sendPacket(invalidPacket);
355 //Statistic Should be increased.
356 assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidPktType(), ZERO);
357 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
358 assertNotEquals(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), ZERO);
359 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
360 assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), ZERO);
361 // Counts the aaa Statistics count and displays in the log
362 countAaaStatistics();
363 }
364
365
366 /** Tests the count for defected packets.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]367 *
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]368 * @throws DeserializationException if packed deserialization fails.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]369 */
370 @Test
371 public void testAaaStatisticsForDefectivePackets() throws Exception {
372 // (1) Supplicant start up
373 Ethernet startPacket = constructSupplicantStartPacket();
374 sendPacket(startPacket);
375
376 // (2) Supplicant identify
377
378 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
379 sendPacket(identifyPacket);
380
381 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
382
383 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
384
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]385 // State machine should have been created by now
386
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]387 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]388
389 // (3) RADIUS MD5 challenge
390
391 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]392 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5, radiusIdentifyPacket.getIdentifier(),
393 aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]394 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
395
396 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
397
398 // (4) Supplicant MD5 response
399
400 Ethernet md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]401 stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]402 sendPacket(md5RadiusPacket);
403 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]404
405 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
406
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]407 // (5) RADIUS Rejected
408
409 RADIUS rejectedPacket =
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]410 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_REJECT, EAP.FAILURE,
411 responseMd5RadiusPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]412 aaaManager.handleRadiusPacket((rejectedPacket));
413 Ethernet supplicantRejectedPacket = (Ethernet) fetchPacket(4);
414
415 checkRadiusPacket(aaaManager, supplicantRejectedPacket, EAP.FAILURE);
416
417 // State machine should be in unauthorized state
418 assertThat(stateMachine, notNullValue());
419 assertThat(stateMachine.state(), is(StateMachine.STATE_UNAUTHORIZED));
420 // Calculated the total round trip time
421 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]422
423 //Check for increase of Stats
424 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
425 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthFailureTrans(), ZERO);
426 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
427 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
428 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
429
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]430 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
431 assertNotEquals(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), ZERO);
432 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
433 assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), ZERO);
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]434 assertNotEquals(aaaStatisticsManager.getAaaStats().getRejectResponsesRx(), ZERO);
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]435
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]436 // Counts the aaa Statistics count
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]437 countAaaStatistics();
438
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]439 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]440
441 /*
442 * Tests the retransmitted packet and malformed packet count
443 *
444 * @throws DeserializationException
445 * if packed deserialization fails.
446 */
447 @Test
448 public void testRequestRetransmittedCount() throws Exception {
449
450 // (1) Supplicant start up
451 Ethernet startPacket = constructSupplicantStartPacket();
452 sendPacket(startPacket);
453
454 // (2) Supplicant identify
455
456 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
457 sendPacket(identifyPacket);
458
459 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
460 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
461
462 // again creating pending state for same packet
463 constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
464 sendPacket(identifyPacket);
465 aaaManager.impl.handlePacketFromServer(null);
466 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
467
468 // creating malformed packet
469 final ByteBuffer byteBuffer = ByteBuffer.wrap(startPacket.serialize());
470 InboundPacket inPacket = new DefaultInboundPacket(connectPoint("1", 1),
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]471 startPacket, byteBuffer);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]472
473 PacketContext context = new TestPacketContext(127L, inPacket, null, false);
474 aaaManager.impl.handlePacketFromServer(context);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]475
476 // Check for increase of Stats
477 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
478 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
479
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]480 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
481 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
482 assertNotEquals(aaaStatisticsManager.getAaaStats().getPendingRequests(), ZERO);
483 assertNotEquals(aaaStatisticsManager.getAaaStats().getMalformedResponsesRx(), ZERO);
484 assertNotEquals(aaaStatisticsManager.getAaaStats().getRequestReTx(), ZERO);
485 assertNotEquals(aaaStatisticsManager.getAaaStats().getUnknownTypeRx(), ZERO);
486 assertNotEquals(aaaStatisticsManager.getAaaStats().getUnknownServerRx(), ZERO);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]487
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]488 countAaaStatistics();
489 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]490
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]491 /**
492 * Tests the authentication path through the AAA application.
493 * And counts the aaa Stats for logoff transactionXZ.
494 *
495 * @throws DeserializationException if packed deserialization fails.
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]496 */
497 @Test
498 public void testAaaStatisticsForLogoffPackets() throws Exception {
499
500 // (1) Supplicant start up
501 Ethernet startPacket = constructSupplicantStartPacket();
502 sendPacket(startPacket);
503
504 Ethernet responsePacket = (Ethernet) fetchPacket(0);
505 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
506
507 // (2) Supplicant identify
508
509 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
510 sendPacket(identifyPacket);
511
512 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
513 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
514
515 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
516 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
517 is("testuser"));
518 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]519 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]520 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
521
522 // State machine should have been created by now
523
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]524 //StateMachine stateMachine = StateMachine.lookupStateMachineBySessionId(SESSION_ID);
525 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]526 assertThat(stateMachine, notNullValue());
527 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
528
529 // (3) RADIUS MD5 challenge
530
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]531 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
532 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5,
533 radiusIdentifyPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]534 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
535
536 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
537 checkRadiusPacket(aaaManager, radiusChallengeMD5Packet, EAP.ATTR_MD5);
538
539 // (4) Supplicant MD5 response
540
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]541 Ethernet md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
542 stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
543 sendPacket(md5RadiusPacket);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]544
545 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
546
547 checkRadiusPacketFromSupplicant(responseMd5RadiusPacket);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]548 assertThat(responseMd5RadiusPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
549
550 // State machine should be in pending state
551
552 assertThat(stateMachine, notNullValue());
553 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
554
555 // (5) RADIUS Success
556
557 RADIUS successPacket =
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]558 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_ACCEPT, EAP.SUCCESS,
559 responseMd5RadiusPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]560 aaaManager.handleRadiusPacket((successPacket));
561 Ethernet supplicantSuccessPacket = (Ethernet) fetchPacket(4);
562
563 checkRadiusPacket(aaaManager, supplicantSuccessPacket, EAP.SUCCESS);
564
565 // State machine should be in authorized state
566
567 assertThat(stateMachine, notNullValue());
568 assertThat(stateMachine.state(), is(StateMachine.STATE_AUTHORIZED));
569
570 // Supplicant trigger EAP Logoff
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]571 Ethernet logoffPacket = constructSupplicantLogoffPacket();
572 sendPacket(logoffPacket);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]573
574 // State machine should be in logoff state
575 assertThat(stateMachine, notNullValue());
576 assertThat(stateMachine.state(), is(StateMachine.STATE_IDLE));
577
578 //Check for increase in stats
579 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolLogoffRx(), ZERO);
580 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
581 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthSuccessTrans(), ZERO);
582 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
583 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
584 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame^]585 assertNotEquals(aaaStatisticsManager.getAaaStats().getAuthStateIdle(), ZERO);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]586 // Counts the aaa Statistics count
587 countAaaStatistics();
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]588
589 }
590
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]591
592 /** Tests the authentication path through the AAA application.
593 * And counts the aaa Stats for timeout.
594 * @throws DeserializationException
595 * if packed deserialization fails.
596 */
597 @Test
598 public void testAaaStatisticsForTimeoutPackets() throws Exception {
599
600 // (1) Supplicant start up
601 Ethernet startPacket = constructSupplicantStartPacket();
602 sendPacket(startPacket);
603
604 Ethernet responsePacket = (Ethernet) fetchPacket(0);
605 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
606
607 // (2) Supplicant identify
608
609 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
610 sendPacket(identifyPacket);
611
612 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
613 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
614
615 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
616 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
617 is("testuser"));
618 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
619 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
620 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
621
622 // State machine should have been created by now
623
624 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
625 assertThat(stateMachine, notNullValue());
626 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
627 Thread.sleep((aaaManager.cleanupTimerTimeOutInMins / 2) + 1);
628
629 // State machine should be in timeout state
630 assertThat(stateMachine, notNullValue());
631 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
632
633 //Check for increase in stats
634 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
635 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
636 countAaaStatistics();
637
638 }
639
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]640 // Calculates the AAA statistics count.
641 public void countAaaStatistics() {
642 assertThat(aaaStatisticsManager.getAaaStats().getAcceptResponsesRx(), notNullValue());
643 assertThat(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), notNullValue());
644 assertThat(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), notNullValue());
645 assertThat(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), notNullValue());
646 assertThat(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), notNullValue());
647 assertThat(aaaStatisticsManager.getAaaStats().getMalformedResponsesRx(), notNullValue());
648 assertThat(aaaStatisticsManager.getAaaStats().getPendingRequests(), notNullValue());
649 assertThat(aaaStatisticsManager.getAaaStats().getRejectResponsesRx(), notNullValue());
650 assertThat(aaaStatisticsManager.getAaaStats().getRequestReTx(), notNullValue());
651 assertThat(aaaStatisticsManager.getAaaStats().getRequestRttMilis(), notNullValue());
652 assertThat(aaaStatisticsManager.getAaaStats().getUnknownServerRx(), notNullValue());
653 assertThat(aaaStatisticsManager.getAaaStats().getUnknownTypeRx(), notNullValue());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]654
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]655 }
656
657 /*
Andrea Campanella7e0e7e32020-02-13 14:39:55 +0100[diff] [blame]658 * Mock implementation of SocketBasedRadiusCommunicator class.
659 *
660 */
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]661 class TestSocketBasedRadiusCommunicator extends SocketBasedRadiusCommunicator {
662
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]663 TestSocketBasedRadiusCommunicator(ApplicationId appId, PacketService pktService, AaaManager aaaManager) {
664 super(appId, pktService, aaaManager);
665 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]666
Andrea Campanella7e0e7e32020-02-13 14:39:55 +0100[diff] [blame]667 /**
668 * Wait 10 millis to simulate a non 0 rtt.
669 *
670 * @throws InterruptedException
671 */
672 private void waitPacket() throws InterruptedException {
673 synchronized (this) {
674 this.wait(10);
675 }
676 }
677
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]678 // Implementation of socketBasedRadiusCommunicator--> run() method
679 public void handlePacketFromServer(PacketContext context) {
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]680 RADIUS incomingPkt = (RADIUS) fetchPacket(savedPackets.size() - 1);
681 try {
Andrea Campanella7e0e7e32020-02-13 14:39:55 +0100[diff] [blame]682 // wait a couple of millis to avoid rtt being 0
683 waitPacket();
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]684 if (context == null) {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]685 aaaStatisticsManager.handleRoundtripTime(incomingPkt.getIdentifier());
686 aaaManager.handleRadiusPacket(incomingPkt);
687 } else if (null != context) {
688 aaaManager.checkForPacketFromUnknownServer("100.100.100.0");
689 aaaStatisticsManager.handleRoundtripTime(incomingPkt.getIdentifier());
690 aaaManager.handleRadiusPacket(incomingPkt);
691 incomingPkt =
692 RADIUS.deserializer().deserialize(incomingPkt.generateAuthCode(), 0, 1);
693 }
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]694 } catch (DeserializationException dex) {
695 aaaManager.aaaStatisticsManager.getAaaStats().increaseMalformedResponsesRx();
696 aaaStatisticsManager.getAaaStats().countDroppedResponsesRx();
697 log.error("Cannot deserialize packet", dex);
Andrea Campanella7e0e7e32020-02-13 14:39:55 +0100[diff] [blame]698 } catch (InterruptedException inte) {
699 Thread.currentThread().interrupt();
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]700 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]701 }
702
703 }
704
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]705}