Gitiles
Code Review Sign In
gerrit.opencord.org / aaa / c41227cd4337461cd6ba19d92343413e7f6726cb / . / app / src / test / java / org / opencord / aaa / impl / AaaStatisticsTest.java
blob: c9564b0540fd5039e5d684363f9605bb03dde80c [file] [log] [blame]
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]1/*
2 * Copyright 2015-present Open Networking Foundation
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16package org.opencord.aaa.impl;
17
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]18import org.junit.After;
19import org.junit.Before;
20import org.junit.Test;
21import org.onlab.junit.TestUtils;
22import org.onlab.packet.BasePacket;
23import org.onlab.packet.DeserializationException;
24import org.onlab.packet.EAP;
25import org.onlab.packet.Ethernet;
26import org.onlab.packet.IpAddress;
27import org.onlab.packet.RADIUS;
28import org.onlab.packet.RADIUSAttribute;
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame^]29import org.onosproject.cluster.ClusterServiceAdapter;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]30import org.onosproject.core.ApplicationId;
31import org.onosproject.core.CoreServiceAdapter;
32import org.onosproject.event.DefaultEventSinkRegistry;
33import org.onosproject.event.Event;
34import org.onosproject.event.EventDeliveryService;
35import org.onosproject.event.EventSink;
36import org.onosproject.net.config.Config;
37import org.onosproject.net.config.NetworkConfigRegistryAdapter;
38import org.onosproject.net.packet.DefaultInboundPacket;
39import org.onosproject.net.packet.InboundPacket;
40import org.onosproject.net.packet.PacketContext;
41import org.onosproject.net.packet.PacketService;
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame^]42import org.onosproject.store.cluster.messaging.ClusterCommunicationServiceAdapter;
Jonathan Hart9d1ce802020-01-28 10:45:08 -0800[diff] [blame]43import org.onosproject.store.service.TestStorageService;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]44import org.opencord.aaa.AaaConfig;
45import org.slf4j.Logger;
46
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]47import java.net.InetAddress;
48import java.net.UnknownHostException;
49import java.nio.ByteBuffer;
50
51import static com.google.common.base.Preconditions.checkState;
52import static org.hamcrest.Matchers.is;
53import static org.hamcrest.Matchers.notNullValue;
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]54import static org.junit.Assert.assertNotEquals;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]55import static org.junit.Assert.assertThat;
56import static org.onosproject.net.NetTestTools.connectPoint;
57import static org.slf4j.LoggerFactory.getLogger;
58
59/**
60 * Set of tests of the ONOS application component for AAA Statistics.
61 */
62public class AaaStatisticsTest extends AaaTestBase {
63
64 static final String BAD_IP_ADDRESS = "198.51.100.0";
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]65 static final Long ZERO = (long) 0;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]66
67 private final Logger log = getLogger(getClass());
68 private AaaManager aaaManager;
69 private AaaStatisticsManager aaaStatisticsManager;
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]70 private AaaSupplicantMachineStatsManager aaaSupplicantStatsManager;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]71
72 class AaaManagerWithoutRadiusServer extends AaaManager {
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]73 protected void sendRadiusPacket(RADIUS radiusPacket, InboundPacket inPkt) {
74 super.sendRadiusPacket(radiusPacket, inPkt);
75 aaaManager.aaaStatisticsManager.putOutgoingIdentifierToMap(radiusPacket.getIdentifier());
76 savePacket(radiusPacket);
77 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]78
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]79 // changed the configuration of parent method to protected
80 protected void configureRadiusCommunication() {
81 PacketService pktService = new MockPacketService();
82 ApplicationId appId = new CoreServiceAdapter().registerApplication("org.opencord.aaa");
83 aaaManager.impl = new TestSocketBasedRadiusCommunicator(appId, pktService, aaaManager);
84 }
85 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]86
87 /**
88 * Mocks the AAAConfig class to force usage of an unroutable address for the
89 * RADIUS server.
90 */
91 static class MockAaaConfig extends AaaConfig {
92 @Override
93 public InetAddress radiusIp() {
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]94 try {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]95 return InetAddress.getByName(BAD_IP_ADDRESS);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]96 } catch (UnknownHostException ex) {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]97 throw new IllegalStateException(ex);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]98 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]99 }
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]100 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]101
102 /**
103 * Mocks the network config registry.
104 */
105 @SuppressWarnings("unchecked")
106 private static final class TestNetworkConfigRegistry extends NetworkConfigRegistryAdapter {
107 @Override
108 public <S, C extends Config<S>> C getConfig(S subject, Class<C> configClass) {
109 AaaConfig aaaConfig = new MockAaaConfig();
110 return (C) aaaConfig;
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]111 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]112 }
113
114 public static class TestEventDispatcher extends DefaultEventSinkRegistry implements EventDeliveryService {
115
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]116 @Override
117 @SuppressWarnings("unchecked")
118 public synchronized void post(Event event) {
119 EventSink sink = getSink(event.getClass());
120 checkState(sink != null, "No sink for event %s", event);
121 sink.process(event);
122 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]123
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]124 @Override
125 public void setDispatchTimeLimit(long millis) {
126 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]127
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]128 @Override
129 public long getDispatchTimeLimit() {
130 return 0;
131 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]132 }
133
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]134 /**
135 * Set up the services required by the AAA application.
136 */
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]137 @Before
138 public void setUp() {
139 aaaManager = new AaaManagerWithoutRadiusServer();
Shubham Sharma4900ce62019-06-19 14:18:50 +0000[diff] [blame]140 aaaManager.radiusOperationalStatusService = new RadiusOperationalStatusManager();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]141 aaaManager.netCfgService = new TestNetworkConfigRegistry();
142 aaaManager.coreService = new CoreServiceAdapter();
143 aaaManager.packetService = new MockPacketService();
144 aaaManager.deviceService = new TestDeviceService();
145 aaaManager.sadisService = new MockSadisService();
146 aaaManager.cfgService = new MockCfgService();
Jonathan Hart9d1ce802020-01-28 10:45:08 -0800[diff] [blame]147 aaaManager.storageService = new TestStorageService();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]148 aaaStatisticsManager = new AaaStatisticsManager();
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame^]149 aaaStatisticsManager.storageService = new TestStorageService();
150 aaaStatisticsManager.clusterService = new ClusterServiceAdapter();
151 aaaStatisticsManager.leadershipService = new AaaManagerTest.TestLeadershipService();
152 aaaStatisticsManager.clusterCommunicationService = new ClusterCommunicationServiceAdapter();
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]153 aaaSupplicantStatsManager = new AaaSupplicantMachineStatsManager();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]154 TestUtils.setField(aaaStatisticsManager, "eventDispatcher", new TestEventDispatcher());
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame^]155 aaaStatisticsManager.activate(new MockComponentContext());
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]156 TestUtils.setField(aaaSupplicantStatsManager, "eventDispatcher", new TestEventDispatcher());
157 aaaSupplicantStatsManager.activate();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]158 aaaManager.aaaStatisticsManager = this.aaaStatisticsManager;
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]159 aaaManager.aaaSupplicantStatsManager = this.aaaSupplicantStatsManager;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]160 TestUtils.setField(aaaManager, "eventDispatcher", new TestEventDispatcher());
161 aaaManager.activate(new AaaTestBase.MockComponentContext());
162 }
163
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]164 /**
165 * Tear down the AAA application.
166 */
167 @After
168 public void tearDown() {
169 aaaManager.deactivate(new AaaTestBase.MockComponentContext());
170 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]171
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]172 /**
173 * Extracts the RADIUS packet from a packet sent by the supplicant.
174 *
175 * @param radius RADIUS packet sent by the supplicant
176 * @throws DeserializationException if deserialization of the packet contents fails.
177 */
178 private void checkRadiusPacketFromSupplicant(RADIUS radius) throws DeserializationException {
179 assertThat(radius, notNullValue());
180 EAP eap = radius.decapsulateMessage();
181 assertThat(eap, notNullValue());
182 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]183
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]184 /**
185 * Fetches the sent packet at the given index. The requested packet must be the
186 * last packet on the list.
187 *
188 * @param index index into sent packets array
189 * @return packet
190 */
191 private BasePacket fetchPacket(int index) {
192 BasePacket packet = savedPackets.get(index);
193 assertThat(packet, notNullValue());
194 return packet;
195 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]196
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]197 /**
198 * Tests the authentication path through the AAA application.
199 * And counts the aaa Stats for successful transmission.
200 *
201 * @throws DeserializationException if packed deserialization fails.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]202 */
203 @Test
204 public void testAaaStatisticsForAcceptedPackets() throws Exception {
205
206 // (1) Supplicant start up
207 Ethernet startPacket = constructSupplicantStartPacket();
208 sendPacket(startPacket);
209
210 Ethernet responsePacket = (Ethernet) fetchPacket(0);
211 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
212
213 // (2) Supplicant identify
214
215 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
216 sendPacket(identifyPacket);
217
218 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
219 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
220
221 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
222 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
223 is("testuser"));
224 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]225 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]226 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
227
228 // State machine should have been created by now
229
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]230 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]231 assertThat(stateMachine, notNullValue());
232 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
233
234 // (3) RADIUS MD5 challenge
235
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]236 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
237 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5, radiusIdentifyPacket.getIdentifier(),
238 aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]239 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
240
241 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
242 checkRadiusPacket(aaaManager, radiusChallengeMD5Packet, EAP.ATTR_MD5);
243
244 // (4) Supplicant MD5 response
245
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]246 Ethernet md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
247 stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
248 sendPacket(md5RadiusPacket);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]249
250 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
251
252 checkRadiusPacketFromSupplicant(responseMd5RadiusPacket);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]253 //assertThat(responseMd5RadiusPacket.getIdentifier(), is((byte) 9));
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]254 assertThat(responseMd5RadiusPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
255
256 // State machine should be in pending state
257
258 assertThat(stateMachine, notNullValue());
259 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
260
261 // (5) RADIUS Success
262
263 RADIUS successPacket =
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]264 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_ACCEPT, EAP.SUCCESS,
265 responseMd5RadiusPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]266 aaaManager.handleRadiusPacket((successPacket));
267 Ethernet supplicantSuccessPacket = (Ethernet) fetchPacket(4);
268
269 checkRadiusPacket(aaaManager, supplicantSuccessPacket, EAP.SUCCESS);
270
271 // State machine should be in authorized state
272
273 assertThat(stateMachine, notNullValue());
274 assertThat(stateMachine.state(), is(StateMachine.STATE_AUTHORIZED));
275
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]276 //Check for increase of Stats
277 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
278 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthSuccessTrans(), ZERO);
279 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
280 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
281 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
282
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]283 assertNotEquals(aaaStatisticsManager.getAaaStats().getAcceptResponsesRx(), ZERO);
284 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
285 assertNotEquals(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), ZERO);
286 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
287 assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), ZERO);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]288
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]289 // Counts the aaa Statistics count and displays in the log
290 countAaaStatistics();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]291 }
292
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]293 /**
294 * Tests the count for defected packets.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]295 *
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]296 * @throws DeserializationException if packed deserialization fails.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]297 */
298 @Test
299 public void testAaaStatisticsForDefectivePackets() throws Exception {
300 // (1) Supplicant start up
301 Ethernet startPacket = constructSupplicantStartPacket();
302 sendPacket(startPacket);
303
304 // (2) Supplicant identify
305
306 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
307 sendPacket(identifyPacket);
308
309 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
310
311 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
312
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]313 // State machine should have been created by now
314
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]315 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]316
317 // (3) RADIUS MD5 challenge
318
319 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]320 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5, radiusIdentifyPacket.getIdentifier(),
321 aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]322 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
323
324 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
325
326 // (4) Supplicant MD5 response
327
328 Ethernet md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]329 stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]330 sendPacket(md5RadiusPacket);
331 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]332
333 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
334
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]335 // (5) RADIUS Rejected
336
337 RADIUS rejectedPacket =
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]338 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_REJECT, EAP.FAILURE,
339 responseMd5RadiusPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]340 aaaManager.handleRadiusPacket((rejectedPacket));
341 Ethernet supplicantRejectedPacket = (Ethernet) fetchPacket(4);
342
343 checkRadiusPacket(aaaManager, supplicantRejectedPacket, EAP.FAILURE);
344
345 // State machine should be in unauthorized state
346 assertThat(stateMachine, notNullValue());
347 assertThat(stateMachine.state(), is(StateMachine.STATE_UNAUTHORIZED));
348 // Calculated the total round trip time
349 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]350
351 //Check for increase of Stats
352 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
353 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthFailureTrans(), ZERO);
354 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
355 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
356 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
357
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]358 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
359 assertNotEquals(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), ZERO);
360 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
361 assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), ZERO);
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]362 assertNotEquals(aaaStatisticsManager.getAaaStats().getRejectResponsesRx(), ZERO);
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]363
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]364 // Counts the aaa Statistics count
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]365 countAaaStatistics();
366
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]367 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]368
369 /*
370 * Tests the retransmitted packet and malformed packet count
371 *
372 * @throws DeserializationException
373 * if packed deserialization fails.
374 */
375 @Test
376 public void testRequestRetransmittedCount() throws Exception {
377
378 // (1) Supplicant start up
379 Ethernet startPacket = constructSupplicantStartPacket();
380 sendPacket(startPacket);
381
382 // (2) Supplicant identify
383
384 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
385 sendPacket(identifyPacket);
386
387 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
388 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
389
390 // again creating pending state for same packet
391 constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
392 sendPacket(identifyPacket);
393 aaaManager.impl.handlePacketFromServer(null);
394 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
395
396 // creating malformed packet
397 final ByteBuffer byteBuffer = ByteBuffer.wrap(startPacket.serialize());
398 InboundPacket inPacket = new DefaultInboundPacket(connectPoint("1", 1),
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]399 startPacket, byteBuffer);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]400
401 PacketContext context = new TestPacketContext(127L, inPacket, null, false);
402 aaaManager.impl.handlePacketFromServer(context);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]403
404 // Check for increase of Stats
405 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
406 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
407
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]408 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
409 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
410 assertNotEquals(aaaStatisticsManager.getAaaStats().getPendingRequests(), ZERO);
411 assertNotEquals(aaaStatisticsManager.getAaaStats().getMalformedResponsesRx(), ZERO);
412 assertNotEquals(aaaStatisticsManager.getAaaStats().getRequestReTx(), ZERO);
413 assertNotEquals(aaaStatisticsManager.getAaaStats().getUnknownTypeRx(), ZERO);
414 assertNotEquals(aaaStatisticsManager.getAaaStats().getUnknownServerRx(), ZERO);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]415
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]416 countAaaStatistics();
417 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]418
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]419 /**
420 * Tests the authentication path through the AAA application.
421 * And counts the aaa Stats for logoff transactionXZ.
422 *
423 * @throws DeserializationException if packed deserialization fails.
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]424 */
425 @Test
426 public void testAaaStatisticsForLogoffPackets() throws Exception {
427
428 // (1) Supplicant start up
429 Ethernet startPacket = constructSupplicantStartPacket();
430 sendPacket(startPacket);
431
432 Ethernet responsePacket = (Ethernet) fetchPacket(0);
433 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
434
435 // (2) Supplicant identify
436
437 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
438 sendPacket(identifyPacket);
439
440 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
441 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
442
443 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
444 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
445 is("testuser"));
446 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]447 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]448 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
449
450 // State machine should have been created by now
451
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]452 //StateMachine stateMachine = StateMachine.lookupStateMachineBySessionId(SESSION_ID);
453 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]454 assertThat(stateMachine, notNullValue());
455 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
456
457 // (3) RADIUS MD5 challenge
458
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]459 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
460 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5,
461 radiusIdentifyPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]462 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
463
464 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
465 checkRadiusPacket(aaaManager, radiusChallengeMD5Packet, EAP.ATTR_MD5);
466
467 // (4) Supplicant MD5 response
468
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]469 Ethernet md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
470 stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
471 sendPacket(md5RadiusPacket);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]472
473 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
474
475 checkRadiusPacketFromSupplicant(responseMd5RadiusPacket);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]476 assertThat(responseMd5RadiusPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
477
478 // State machine should be in pending state
479
480 assertThat(stateMachine, notNullValue());
481 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
482
483 // (5) RADIUS Success
484
485 RADIUS successPacket =
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]486 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_ACCEPT, EAP.SUCCESS,
487 responseMd5RadiusPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]488 aaaManager.handleRadiusPacket((successPacket));
489 Ethernet supplicantSuccessPacket = (Ethernet) fetchPacket(4);
490
491 checkRadiusPacket(aaaManager, supplicantSuccessPacket, EAP.SUCCESS);
492
493 // State machine should be in authorized state
494
495 assertThat(stateMachine, notNullValue());
496 assertThat(stateMachine.state(), is(StateMachine.STATE_AUTHORIZED));
497
498 // Supplicant trigger EAP Logoff
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]499 Ethernet logoffPacket = constructSupplicantLogoffPacket();
500 sendPacket(logoffPacket);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]501
502 // State machine should be in logoff state
503 assertThat(stateMachine, notNullValue());
504 assertThat(stateMachine.state(), is(StateMachine.STATE_IDLE));
505
506 //Check for increase in stats
507 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolLogoffRx(), ZERO);
508 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
509 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthSuccessTrans(), ZERO);
510 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
511 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
512 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]513 // Counts the aaa Statistics count
514 countAaaStatistics();
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]515
516 }
517
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]518
519 /** Tests the authentication path through the AAA application.
520 * And counts the aaa Stats for timeout.
521 * @throws DeserializationException
522 * if packed deserialization fails.
523 */
524 @Test
525 public void testAaaStatisticsForTimeoutPackets() throws Exception {
526
527 // (1) Supplicant start up
528 Ethernet startPacket = constructSupplicantStartPacket();
529 sendPacket(startPacket);
530
531 Ethernet responsePacket = (Ethernet) fetchPacket(0);
532 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
533
534 // (2) Supplicant identify
535
536 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
537 sendPacket(identifyPacket);
538
539 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
540 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
541
542 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
543 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
544 is("testuser"));
545 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
546 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
547 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
548
549 // State machine should have been created by now
550
551 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
552 assertThat(stateMachine, notNullValue());
553 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
554 Thread.sleep((aaaManager.cleanupTimerTimeOutInMins / 2) + 1);
555
556 // State machine should be in timeout state
557 assertThat(stateMachine, notNullValue());
558 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
559
560 //Check for increase in stats
561 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
562 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
563 countAaaStatistics();
564
565 }
566
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]567 // Calculates the AAA statistics count.
568 public void countAaaStatistics() {
569 assertThat(aaaStatisticsManager.getAaaStats().getAcceptResponsesRx(), notNullValue());
570 assertThat(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), notNullValue());
571 assertThat(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), notNullValue());
572 assertThat(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), notNullValue());
573 assertThat(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), notNullValue());
574 assertThat(aaaStatisticsManager.getAaaStats().getMalformedResponsesRx(), notNullValue());
575 assertThat(aaaStatisticsManager.getAaaStats().getPendingRequests(), notNullValue());
576 assertThat(aaaStatisticsManager.getAaaStats().getRejectResponsesRx(), notNullValue());
577 assertThat(aaaStatisticsManager.getAaaStats().getRequestReTx(), notNullValue());
578 assertThat(aaaStatisticsManager.getAaaStats().getRequestRttMilis(), notNullValue());
579 assertThat(aaaStatisticsManager.getAaaStats().getUnknownServerRx(), notNullValue());
580 assertThat(aaaStatisticsManager.getAaaStats().getUnknownTypeRx(), notNullValue());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]581
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]582 }
583
584 /*
585 * Mock implementation of SocketBasedRadiusCommunicator class.
586 *
587 */
588 class TestSocketBasedRadiusCommunicator extends SocketBasedRadiusCommunicator {
589
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]590 TestSocketBasedRadiusCommunicator(ApplicationId appId, PacketService pktService, AaaManager aaaManager) {
591 super(appId, pktService, aaaManager);
592 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]593
594 // Implementation of socketBasedRadiusCommunicator--> run() method
595 public void handlePacketFromServer(PacketContext context) {
596
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]597 RADIUS incomingPkt = (RADIUS) fetchPacket(savedPackets.size() - 1);
598 try {
599 if (context == null) {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]600 aaaStatisticsManager.handleRoundtripTime(incomingPkt.getIdentifier());
601 aaaManager.handleRadiusPacket(incomingPkt);
602 } else if (null != context) {
603 aaaManager.checkForPacketFromUnknownServer("100.100.100.0");
604 aaaStatisticsManager.handleRoundtripTime(incomingPkt.getIdentifier());
605 aaaManager.handleRadiusPacket(incomingPkt);
606 incomingPkt =
607 RADIUS.deserializer().deserialize(incomingPkt.generateAuthCode(), 0, 1);
608 }
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]609 } catch (DeserializationException dex) {
610 aaaManager.aaaStatisticsManager.getAaaStats().increaseMalformedResponsesRx();
611 aaaStatisticsManager.getAaaStats().countDroppedResponsesRx();
612 log.error("Cannot deserialize packet", dex);
613 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]614 }
615
616 }
617
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]618}