Gitiles
Code Review Sign In
gerrit.opencord.org / aaa / c4781e6163919ebb9240b074c04f5f50a4c1f31e / . / app / src / test / java / org / opencord / aaa / impl / AaaStatisticsTest.java
blob: 0c112920961a5b3630874ec51cc575d499d109a2 [file] [log] [blame]
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]1/*
2 * Copyright 2015-present Open Networking Foundation
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16package org.opencord.aaa.impl;
17
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]18import org.junit.After;
19import org.junit.Before;
20import org.junit.Test;
21import org.onlab.junit.TestUtils;
22import org.onlab.packet.BasePacket;
23import org.onlab.packet.DeserializationException;
24import org.onlab.packet.EAP;
25import org.onlab.packet.Ethernet;
26import org.onlab.packet.IpAddress;
27import org.onlab.packet.RADIUS;
28import org.onlab.packet.RADIUSAttribute;
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame]29import org.onosproject.cluster.ClusterServiceAdapter;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]30import org.onosproject.core.ApplicationId;
31import org.onosproject.core.CoreServiceAdapter;
32import org.onosproject.event.DefaultEventSinkRegistry;
33import org.onosproject.event.Event;
34import org.onosproject.event.EventDeliveryService;
35import org.onosproject.event.EventSink;
36import org.onosproject.net.config.Config;
37import org.onosproject.net.config.NetworkConfigRegistryAdapter;
38import org.onosproject.net.packet.DefaultInboundPacket;
39import org.onosproject.net.packet.InboundPacket;
40import org.onosproject.net.packet.PacketContext;
41import org.onosproject.net.packet.PacketService;
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame]42import org.onosproject.store.cluster.messaging.ClusterCommunicationServiceAdapter;
Jonathan Hart9d1ce802020-01-28 10:45:08 -0800[diff] [blame]43import org.onosproject.store.service.TestStorageService;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]44import org.opencord.aaa.AaaConfig;
45import org.slf4j.Logger;
46
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]47import java.net.InetAddress;
48import java.net.UnknownHostException;
49import java.nio.ByteBuffer;
50
51import static com.google.common.base.Preconditions.checkState;
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]52import static junit.framework.TestCase.fail;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]53import static org.hamcrest.Matchers.is;
54import static org.hamcrest.Matchers.notNullValue;
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]55import static org.junit.Assert.assertNotEquals;
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]56import static org.junit.Assert.assertEquals;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]57import static org.junit.Assert.assertThat;
58import static org.onosproject.net.NetTestTools.connectPoint;
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]59import static org.onosproject.net.intent.TestTools.assertAfter;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]60import static org.slf4j.LoggerFactory.getLogger;
61
62/**
63 * Set of tests of the ONOS application component for AAA Statistics.
64 */
65public class AaaStatisticsTest extends AaaTestBase {
66
67 static final String BAD_IP_ADDRESS = "198.51.100.0";
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]68 static final Long ZERO = (long) 0;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]69
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]70
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]71 private final Logger log = getLogger(getClass());
72 private AaaManager aaaManager;
73 private AaaStatisticsManager aaaStatisticsManager;
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]74 private AaaSupplicantMachineStatsManager aaaSupplicantStatsManager;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]75
76 class AaaManagerWithoutRadiusServer extends AaaManager {
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]77 protected void sendRadiusPacket(RADIUS radiusPacket, InboundPacket inPkt) {
78 super.sendRadiusPacket(radiusPacket, inPkt);
79 aaaManager.aaaStatisticsManager.putOutgoingIdentifierToMap(radiusPacket.getIdentifier());
80 savePacket(radiusPacket);
81 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]82
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]83 // changed the configuration of parent method to protected
84 protected void configureRadiusCommunication() {
85 PacketService pktService = new MockPacketService();
86 ApplicationId appId = new CoreServiceAdapter().registerApplication("org.opencord.aaa");
87 aaaManager.impl = new TestSocketBasedRadiusCommunicator(appId, pktService, aaaManager);
88 }
89 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]90
91 /**
92 * Mocks the AAAConfig class to force usage of an unroutable address for the
93 * RADIUS server.
94 */
95 static class MockAaaConfig extends AaaConfig {
96 @Override
97 public InetAddress radiusIp() {
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]98 try {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]99 return InetAddress.getByName(BAD_IP_ADDRESS);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]100 } catch (UnknownHostException ex) {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]101 throw new IllegalStateException(ex);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]102 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]103 }
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]104 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]105
106 /**
107 * Mocks the network config registry.
108 */
109 @SuppressWarnings("unchecked")
110 private static final class TestNetworkConfigRegistry extends NetworkConfigRegistryAdapter {
111 @Override
112 public <S, C extends Config<S>> C getConfig(S subject, Class<C> configClass) {
113 AaaConfig aaaConfig = new MockAaaConfig();
114 return (C) aaaConfig;
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]115 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]116 }
117
118 public static class TestEventDispatcher extends DefaultEventSinkRegistry implements EventDeliveryService {
119
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]120 @Override
121 @SuppressWarnings("unchecked")
122 public synchronized void post(Event event) {
123 EventSink sink = getSink(event.getClass());
124 checkState(sink != null, "No sink for event %s", event);
125 sink.process(event);
126 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]127
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]128 @Override
129 public void setDispatchTimeLimit(long millis) {
130 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]131
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]132 @Override
133 public long getDispatchTimeLimit() {
134 return 0;
135 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]136 }
137
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]138 /**
139 * Set up the services required by the AAA application.
140 */
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]141 @Before
142 public void setUp() {
143 aaaManager = new AaaManagerWithoutRadiusServer();
Shubham Sharma4900ce62019-06-19 14:18:50 +0000[diff] [blame]144 aaaManager.radiusOperationalStatusService = new RadiusOperationalStatusManager();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]145 aaaManager.netCfgService = new TestNetworkConfigRegistry();
146 aaaManager.coreService = new CoreServiceAdapter();
147 aaaManager.packetService = new MockPacketService();
148 aaaManager.deviceService = new TestDeviceService();
149 aaaManager.sadisService = new MockSadisService();
150 aaaManager.cfgService = new MockCfgService();
Jonathan Hart9d1ce802020-01-28 10:45:08 -0800[diff] [blame]151 aaaManager.storageService = new TestStorageService();
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]152 aaaManager.mastershipService = new MockMastershipService();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]153 aaaStatisticsManager = new AaaStatisticsManager();
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame]154 aaaStatisticsManager.storageService = new TestStorageService();
155 aaaStatisticsManager.clusterService = new ClusterServiceAdapter();
156 aaaStatisticsManager.leadershipService = new AaaManagerTest.TestLeadershipService();
157 aaaStatisticsManager.clusterCommunicationService = new ClusterCommunicationServiceAdapter();
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]158 aaaSupplicantStatsManager = new AaaSupplicantMachineStatsManager();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]159 TestUtils.setField(aaaStatisticsManager, "eventDispatcher", new TestEventDispatcher());
Jonathan Hartc41227c2020-01-28 16:56:49 -0800[diff] [blame]160 aaaStatisticsManager.activate(new MockComponentContext());
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]161 TestUtils.setField(aaaSupplicantStatsManager, "eventDispatcher", new TestEventDispatcher());
162 aaaSupplicantStatsManager.activate();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]163 aaaManager.aaaStatisticsManager = this.aaaStatisticsManager;
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]164 aaaManager.aaaSupplicantStatsManager = this.aaaSupplicantStatsManager;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]165 TestUtils.setField(aaaManager, "eventDispatcher", new TestEventDispatcher());
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]166
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]167 aaaManager.activate(new AaaTestBase.MockComponentContext());
168 }
169
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]170 /**
171 * Tear down the AAA application.
172 */
173 @After
174 public void tearDown() {
175 aaaManager.deactivate(new AaaTestBase.MockComponentContext());
176 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]177
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]178 /**
179 * Extracts the RADIUS packet from a packet sent by the supplicant.
180 *
181 * @param radius RADIUS packet sent by the supplicant
182 * @throws DeserializationException if deserialization of the packet contents fails.
183 */
184 private void checkRadiusPacketFromSupplicant(RADIUS radius) throws DeserializationException {
185 assertThat(radius, notNullValue());
186 EAP eap = radius.decapsulateMessage();
187 assertThat(eap, notNullValue());
188 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]189
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]190 /**
191 * Fetches the sent packet at the given index. The requested packet must be the
192 * last packet on the list.
193 *
194 * @param index index into sent packets array
195 * @return packet
196 */
197 private BasePacket fetchPacket(int index) {
198 BasePacket packet = savedPackets.get(index);
199 assertThat(packet, notNullValue());
200 return packet;
201 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]202
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]203 /**
204 * Tests the authentication path through the AAA application.
205 * And counts the aaa Stats for successful transmission.
206 *
207 * @throws DeserializationException if packed deserialization fails.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]208 */
209 @Test
210 public void testAaaStatisticsForAcceptedPackets() throws Exception {
211
212 // (1) Supplicant start up
213 Ethernet startPacket = constructSupplicantStartPacket();
214 sendPacket(startPacket);
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]215 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]216 Ethernet responsePacket = (Ethernet) fetchPacket(0);
217 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
218
219 // (2) Supplicant identify
220
221 Ethernet identifyPacket = null;
222 try {
223 identifyPacket = constructSupplicantIdentifyPacket(null,
224 EAP.ATTR_IDENTITY, (byte) 1, null);
225 sendPacket(identifyPacket);
226 } catch (Exception e) {
227 log.error(e.getMessage());
228 fail();
229 }
230 });
231 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
232 try {
233 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
234 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
235
236 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
237 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME)
238 .getValue()),
239 is("testuser"));
240 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
241 radiusIdentifyPacket
242 .getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP)
243 .getValue());
244 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
245
246 // State machine should have been created by now
247
248 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
249 assertThat(stateMachine, notNullValue());
250 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
251
252 // (3) RADIUS MD5 challenge
253
254 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
255 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5, radiusIdentifyPacket.getIdentifier(),
256 aaaManager.radiusSecret.getBytes());
257 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
258 } catch (Exception e) {
259 log.error(e.getMessage());
260 fail();
261 }
262 });
263 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
264 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]265 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
266 checkRadiusPacket(aaaManager, radiusChallengeMD5Packet, EAP.ATTR_MD5);
267 // (4) Supplicant MD5 response
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]268
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]269 Ethernet md5RadiusPacket = null;
270 try {
271 md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
272 stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
273 } catch (Exception e) {
274 log.error(e.getMessage());
275 fail();
276 }
277 sendPacket(md5RadiusPacket);
278 });
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]279
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]280
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]281 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]282 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]283 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]284
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]285 try {
286 checkRadiusPacketFromSupplicant(responseMd5RadiusPacket);
287 } catch (DeserializationException e) {
288 log.error(e.getMessage());
289 fail();
290 }
291 //assertThat(responseMd5RadiusPacket.getIdentifier(), is((byte) 9));
292 assertThat(responseMd5RadiusPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]293
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]294 // State machine should be in pending state
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]295
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]296 assertThat(stateMachine, notNullValue());
297 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]298
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]299 // (5) RADIUS Success
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]300
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]301 RADIUS successPacket =
302 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_ACCEPT, EAP.SUCCESS,
303 responseMd5RadiusPacket.getIdentifier(),
304 aaaManager.radiusSecret.getBytes());
305 aaaManager.handleRadiusPacket((successPacket));
306 });
307 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]308 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]309 Ethernet supplicantSuccessPacket = (Ethernet) fetchPacket(4);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]310
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]311 checkRadiusPacket(aaaManager, supplicantSuccessPacket, EAP.SUCCESS);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]312
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]313 // State machine should be in authorized state
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]314
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]315 assertThat(stateMachine, notNullValue());
316 assertThat(stateMachine.state(), is(StateMachine.STATE_AUTHORIZED));
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]317
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]318 //Check for increase of Stats
319 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
320 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthSuccessTrans(), ZERO);
321 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
322 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
323 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
324 assertNotEquals(aaaStatisticsManager.getAaaStats().getValidEapolFramesRx(), ZERO);
325 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolFramesTx(), ZERO);
326 assertNotEquals(aaaStatisticsManager.getAaaStats().getReqEapFramesTx(), ZERO);
327 assertNotEquals(aaaStatisticsManager.getAaaStats().getRequestIdFramesTx(), ZERO);
328 assertEquals(aaaStatisticsManager.getAaaStats().getInvalidBodyLength(), ZERO);
329 assertEquals(aaaStatisticsManager.getAaaStats().getInvalidPktType(), ZERO);
330 assertEquals(aaaStatisticsManager.getAaaStats().getPendingResSupp(), ZERO);
331 // Counts the aaa Statistics count and displays in the log
332 countAaaStatistics();
333 });
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]334
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]335 }
336
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]337 /** Tests invalid packets reaching AAA.
338 * And counts the aaa Stats for successful transmission.
339 * @throws DeserializationException
340 * if packed deserialization fails.
341 */
342 @Test
343 public void testStatisticsForInvalidPackets() throws Exception {
344
345 //Test Authenticator State Machine Status. Should be Pending
346 // (1) Supplicant start up
347 Ethernet startPacket = constructSupplicantStartPacket();
348 sendPacket(startPacket);
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]349 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
350 Ethernet responsePacket = (Ethernet) fetchPacket(0);
351 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
352 });
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]353
354 // (2) Supplicant identify
355
356 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
357 sendPacket(identifyPacket);
358
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]359 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
360 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
361 try {
362 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
363 } catch (DeserializationException e) {
364 log.error(e.getMessage());
365 fail();
366 }
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]367
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]368 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
369 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
370 is("testuser"));
371 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
372 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP)
373 .getValue());
374 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]375
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]376 // State machine should have been created by now
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]377
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]378 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
379 assertThat(stateMachine, notNullValue());
380 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]381
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]382 // (3) RADIUS NAK challenge
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]383
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]384 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
385 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_NAK, radiusIdentifyPacket.getIdentifier(),
386 aaaManager.radiusSecret.getBytes());
387 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
388 });
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]389
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]390 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
391 Ethernet radiusChallengeNakPacket = (Ethernet) fetchPacket(2);
392 checkRadiusPacket(aaaManager, radiusChallengeNakPacket, EAP.ATTR_NAK);
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]393
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]394 // (4) Supplicant NAK response
395 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
396 assertThat(stateMachine, notNullValue());
397 Ethernet nakRadiusPacket = null;
398 try {
399 nakRadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_NAK,
400 stateMachine.challengeIdentifier(),
401 radiusChallengeNakPacket);
402 } catch (Exception e) {
403 log.error(e.getMessage());
404 fail();
405 }
406 sendPacket(nakRadiusPacket);
407 });
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]408
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]409 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
410 //Statistic Should be increased.
411 assertNotEquals(aaaStatisticsManager.getAaaStats().getPendingResSupp(), ZERO);
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]412
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]413 //Test if packet with invalid eapol type recieved.
414 // Supplicant ASF Packet
415 Ethernet invalidPacket = constructSupplicantAsfPacket();
416 sendPacket(invalidPacket);
417 });
418 //Statistic Should be increased.
419 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
420 assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidPktType(), ZERO);
421 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
422 assertNotEquals(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), ZERO);
423 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
424 assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), ZERO);
425 // Counts the aaa Statistics count and displays in the log
426 countAaaStatistics();
427 });
Shubham Sharma8d7a9822020-01-28 10:04:01 +0000[diff] [blame]428 }
429
430
431 /** Tests the count for defected packets.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]432 *
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]433 * @throws DeserializationException if packed deserialization fails.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]434 */
435 @Test
436 public void testAaaStatisticsForDefectivePackets() throws Exception {
437 // (1) Supplicant start up
438 Ethernet startPacket = constructSupplicantStartPacket();
439 sendPacket(startPacket);
440
441 // (2) Supplicant identify
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]442 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]443 Ethernet identifyPacket = null;
444 try {
445 identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
446 sendPacket(identifyPacket);
447 } catch (Exception e) {
448 log.error(e.getMessage());
449 fail();
450 }
451 });
452 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
453 try {
454 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
455
456 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
457
458 // State machine should have been created by now
459
460 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
461
462 // (3) RADIUS MD5 challenge
463
464 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
465 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5, radiusIdentifyPacket.getIdentifier(),
466 aaaManager.radiusSecret.getBytes());
467 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
468 } catch (Exception e) {
469 log.error(e.getMessage());
470 fail();
471 }
472 });
473 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
474 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]475 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]476
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]477 // (4) Supplicant MD5 response
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]478
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]479 Ethernet md5RadiusPacket = null;
480 try {
481 md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
482 stateMachine.challengeIdentifier(),
483 radiusChallengeMD5Packet);
484 } catch (Exception e) {
485 log.error(e.getMessage());
486 fail();
487 }
488 sendPacket(md5RadiusPacket);
489 });
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]490
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]491 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
492 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]493
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]494 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]495
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]496 // (5) RADIUS Rejected
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]497
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]498 RADIUS rejectedPacket =
499 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_REJECT, EAP.FAILURE,
500 responseMd5RadiusPacket.getIdentifier(),
501 aaaManager.radiusSecret.getBytes());
502 aaaManager.handleRadiusPacket((rejectedPacket));
503 });
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]504
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]505 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]506 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]507 Ethernet supplicantRejectedPacket = (Ethernet) fetchPacket(4);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]508
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]509 checkRadiusPacket(aaaManager, supplicantRejectedPacket, EAP.FAILURE);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]510
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]511 // State machine should be in unauthorized state
512 assertThat(stateMachine, notNullValue());
513 assertThat(stateMachine.state(), is(StateMachine.STATE_UNAUTHORIZED));
514 // Calculated the total round trip time
515 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]516
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]517 //Check for increase of Stats
518 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
519 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthFailureTrans(), ZERO);
520 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
521 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
522 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
523
524 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
525 assertNotEquals(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), ZERO);
526 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
527 assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), ZERO);
528 assertNotEquals(aaaStatisticsManager.getAaaStats().getRejectResponsesRx(), ZERO);
529
530 // Counts the aaa Statistics count
531 countAaaStatistics();
532 });
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]533
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]534 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]535
536 /*
537 * Tests the retransmitted packet and malformed packet count
538 *
539 * @throws DeserializationException
540 * if packed deserialization fails.
541 */
542 @Test
543 public void testRequestRetransmittedCount() throws Exception {
544
545 // (1) Supplicant start up
546 Ethernet startPacket = constructSupplicantStartPacket();
547 sendPacket(startPacket);
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]548 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
549 // (2) Supplicant identify
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]550
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]551 Ethernet identifyPacket = null;
552 try {
553 identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
554 sendPacket(identifyPacket);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]555
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]556 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
557 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]558
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]559 // again creating pending state for same packet
560 constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
561 sendPacket(identifyPacket);
562 } catch (Exception e) {
563 log.error(e.getMessage());
564 fail();
565 }
566 });
567 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
568 aaaManager.impl.handlePacketFromServer(null);
569 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]570
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]571 // creating malformed packet
572 final ByteBuffer byteBuffer = ByteBuffer.wrap(startPacket.serialize());
573 InboundPacket inPacket = new DefaultInboundPacket(connectPoint("1", 1),
574 startPacket, byteBuffer);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]575
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]576 PacketContext context = new TestPacketContext(127L, inPacket, null, false);
577 aaaManager.impl.handlePacketFromServer(context);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]578
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]579 // Check for increase of Stats
580 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
581 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]582
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]583 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
584 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
585 assertNotEquals(aaaStatisticsManager.getAaaStats().getPendingRequests(), ZERO);
586 assertNotEquals(aaaStatisticsManager.getAaaStats().getMalformedResponsesRx(), ZERO);
587 assertNotEquals(aaaStatisticsManager.getAaaStats().getRequestReTx(), ZERO);
588 assertNotEquals(aaaStatisticsManager.getAaaStats().getUnknownTypeRx(), ZERO);
589 assertNotEquals(aaaStatisticsManager.getAaaStats().getUnknownServerRx(), ZERO);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]590
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]591 countAaaStatistics();
592 });
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]593 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]594
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]595 /**
596 * Tests the authentication path through the AAA application.
597 * And counts the aaa Stats for logoff transactionXZ.
598 *
599 * @throws DeserializationException if packed deserialization fails.
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]600 */
601 @Test
602 public void testAaaStatisticsForLogoffPackets() throws Exception {
603
604 // (1) Supplicant start up
605 Ethernet startPacket = constructSupplicantStartPacket();
606 sendPacket(startPacket);
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]607 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
608 Ethernet responsePacket = (Ethernet) fetchPacket(0);
609 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]610
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]611 // (2) Supplicant identify
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]612
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]613 Ethernet identifyPacket = null;
614 try {
615 identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
616 } catch (Exception e) {
617 log.error(e.getMessage());
618 fail();
619 }
620 sendPacket(identifyPacket);
621 });
622 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
623 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
624 try {
625 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
626 } catch (Exception e) {
627 log.error(e.getMessage());
628 fail();
629 }
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]630
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]631 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
632 assertThat(new String(radiusIdentifyPacket
633 .getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME)
634 .getValue()),
635 is("testuser"));
636 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
637 radiusIdentifyPacket
638 .getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP)
639 .getValue());
640 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]641
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]642 // State machine should have been created by now
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]643
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]644 //StateMachine stateMachine = StateMachine.lookupStateMachineBySessionId(SESSION_ID);
645 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
646 assertThat(stateMachine, notNullValue());
647 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]648
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]649 // (3) RADIUS MD5 challenge
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]650
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]651 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
652 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5,
653 radiusIdentifyPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
654 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
655 });
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]656 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
657 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
658 checkRadiusPacket(aaaManager, radiusChallengeMD5Packet, EAP.ATTR_MD5);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]659
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]660 // (4) Supplicant MD5 response
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]661
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]662 Ethernet md5RadiusPacket = null;
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]663 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
664
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]665 try {
666 md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
667 stateMachine.challengeIdentifier(),
668 radiusChallengeMD5Packet);
669 } catch (Exception e) {
670 log.error(e.getMessage());
671 fail();
672 }
673 sendPacket(md5RadiusPacket);
674 });
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]675
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]676 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
677 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]678
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]679 try {
680 checkRadiusPacketFromSupplicant(responseMd5RadiusPacket);
681 } catch (DeserializationException e) {
682 log.error(e.getMessage());
683 fail();
684 }
685 assertThat(responseMd5RadiusPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]686
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]687 // State machine should be in pending state
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]688 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]689 assertThat(stateMachine, notNullValue());
690 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]691
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]692 // (5) RADIUS Success
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]693
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]694 RADIUS successPacket =
695 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_ACCEPT, EAP.SUCCESS,
696 responseMd5RadiusPacket.getIdentifier(),
697 aaaManager.radiusSecret.getBytes());
698 aaaManager.handleRadiusPacket((successPacket));
699 });
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]700
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]701 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
702 Ethernet supplicantSuccessPacket = (Ethernet) fetchPacket(4);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]703
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]704 checkRadiusPacket(aaaManager, supplicantSuccessPacket, EAP.SUCCESS);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]705
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]706 // State machine should be in authorized state
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]707 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]708
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]709 assertThat(stateMachine, notNullValue());
710 assertThat(stateMachine.state(), is(StateMachine.STATE_AUTHORIZED));
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]711
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]712 // Supplicant trigger EAP Logoff
713 Ethernet logoffPacket = constructSupplicantLogoffPacket();
714 sendPacket(logoffPacket);
715 });
716 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
717 // State machine should be in logoff state
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]718 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
719
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]720 assertThat(stateMachine, notNullValue());
721 assertThat(stateMachine.state(), is(StateMachine.STATE_IDLE));
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]722
Matteo Scandolo9510e5d2020-09-24 17:31:52 -0700[diff] [blame]723 //Check for increase in stats
724 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolLogoffRx(), ZERO);
725 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
726 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthSuccessTrans(), ZERO);
727 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
728 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
729 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
730 assertNotEquals(aaaStatisticsManager.getAaaStats().getAuthStateIdle(), ZERO);
731 // Counts the aaa Statistics count
732 countAaaStatistics();
733 });
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]734
735 }
736
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]737
738 /** Tests the authentication path through the AAA application.
739 * And counts the aaa Stats for timeout.
740 * @throws DeserializationException
741 * if packed deserialization fails.
742 */
743 @Test
744 public void testAaaStatisticsForTimeoutPackets() throws Exception {
745
746 // (1) Supplicant start up
747 Ethernet startPacket = constructSupplicantStartPacket();
748 sendPacket(startPacket);
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]749 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
750 Ethernet responsePacket = (Ethernet) fetchPacket(0);
751 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]752
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]753 // (2) Supplicant identify
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]754
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]755 Ethernet identifyPacket = null;
756 try {
757 identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
758 } catch (Exception e) {
759 log.error(e.getMessage());
760 fail();
761 }
762 sendPacket(identifyPacket);
763 });
764 assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
765 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
766 try {
767 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]768
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]769
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]770 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
771 assertThat(new String(radiusIdentifyPacket
772 .getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME)
773 .getValue()),
774 is("testuser"));
775 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
776 radiusIdentifyPacket
777 .getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP)
778 .getValue());
779 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]780
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]781 // State machine should have been created by now
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]782
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]783 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
784 assertThat(stateMachine, notNullValue());
785 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
786 Thread.sleep((aaaManager.cleanupTimerTimeOutInMins / 2) + 1);
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]787
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]788 // State machine should be in timeout state
789 assertThat(stateMachine, notNullValue());
790 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]791
Andrea Campanellac4781e62020-10-08 12:58:45 +0200[diff] [blame^]792 //Check for increase in stats
793 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
794 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
795 countAaaStatistics();
796 } catch (Exception e) {
797 log.error(e.getMessage());
798 fail();
799 }
800 });
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame]801
802 }
803
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]804 // Calculates the AAA statistics count.
805 public void countAaaStatistics() {
806 assertThat(aaaStatisticsManager.getAaaStats().getAcceptResponsesRx(), notNullValue());
807 assertThat(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), notNullValue());
808 assertThat(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), notNullValue());
809 assertThat(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), notNullValue());
810 assertThat(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), notNullValue());
811 assertThat(aaaStatisticsManager.getAaaStats().getMalformedResponsesRx(), notNullValue());
812 assertThat(aaaStatisticsManager.getAaaStats().getPendingRequests(), notNullValue());
813 assertThat(aaaStatisticsManager.getAaaStats().getRejectResponsesRx(), notNullValue());
814 assertThat(aaaStatisticsManager.getAaaStats().getRequestReTx(), notNullValue());
815 assertThat(aaaStatisticsManager.getAaaStats().getRequestRttMilis(), notNullValue());
816 assertThat(aaaStatisticsManager.getAaaStats().getUnknownServerRx(), notNullValue());
817 assertThat(aaaStatisticsManager.getAaaStats().getUnknownTypeRx(), notNullValue());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]818
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]819 }
820
821 /*
Andrea Campanella7e0e7e32020-02-13 14:39:55 +0100[diff] [blame]822 * Mock implementation of SocketBasedRadiusCommunicator class.
823 *
824 */
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]825 class TestSocketBasedRadiusCommunicator extends SocketBasedRadiusCommunicator {
826
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]827 TestSocketBasedRadiusCommunicator(ApplicationId appId, PacketService pktService, AaaManager aaaManager) {
828 super(appId, pktService, aaaManager);
829 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]830
Andrea Campanella7e0e7e32020-02-13 14:39:55 +0100[diff] [blame]831 /**
832 * Wait 10 millis to simulate a non 0 rtt.
833 *
834 * @throws InterruptedException
835 */
836 private void waitPacket() throws InterruptedException {
837 synchronized (this) {
838 this.wait(10);
839 }
840 }
841
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]842 // Implementation of socketBasedRadiusCommunicator--> run() method
843 public void handlePacketFromServer(PacketContext context) {
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]844 RADIUS incomingPkt = (RADIUS) fetchPacket(savedPackets.size() - 1);
845 try {
Andrea Campanella7e0e7e32020-02-13 14:39:55 +0100[diff] [blame]846 // wait a couple of millis to avoid rtt being 0
847 waitPacket();
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]848 if (context == null) {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]849 aaaStatisticsManager.handleRoundtripTime(incomingPkt.getIdentifier());
850 aaaManager.handleRadiusPacket(incomingPkt);
851 } else if (null != context) {
852 aaaManager.checkForPacketFromUnknownServer("100.100.100.0");
853 aaaStatisticsManager.handleRoundtripTime(incomingPkt.getIdentifier());
854 aaaManager.handleRadiusPacket(incomingPkt);
855 incomingPkt =
856 RADIUS.deserializer().deserialize(incomingPkt.generateAuthCode(), 0, 1);
857 }
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]858 } catch (DeserializationException dex) {
859 aaaManager.aaaStatisticsManager.getAaaStats().increaseMalformedResponsesRx();
860 aaaStatisticsManager.getAaaStats().countDroppedResponsesRx();
861 log.error("Cannot deserialize packet", dex);
Andrea Campanella7e0e7e32020-02-13 14:39:55 +0100[diff] [blame]862 } catch (InterruptedException inte) {
863 Thread.currentThread().interrupt();
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]864 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]865 }
866
867 }
868
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]869}