Gitiles
Code Review Sign In
gerrit.opencord.org / aaa / e66466ad33ebf69e4498b8adadb8c60e24019901 / . / app / src / test / java / org / opencord / aaa / impl / AaaStatisticsTest.java
blob: 573e4ded310e4d30affabf63ea2715fd46f73c3c [file] [log] [blame]
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]1/*
2 * Copyright 2015-present Open Networking Foundation
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16package org.opencord.aaa.impl;
17
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]18import org.junit.After;
19import org.junit.Before;
20import org.junit.Test;
21import org.onlab.junit.TestUtils;
22import org.onlab.packet.BasePacket;
23import org.onlab.packet.DeserializationException;
24import org.onlab.packet.EAP;
25import org.onlab.packet.Ethernet;
26import org.onlab.packet.IpAddress;
27import org.onlab.packet.RADIUS;
28import org.onlab.packet.RADIUSAttribute;
29import org.onosproject.core.ApplicationId;
30import org.onosproject.core.CoreServiceAdapter;
31import org.onosproject.event.DefaultEventSinkRegistry;
32import org.onosproject.event.Event;
33import org.onosproject.event.EventDeliveryService;
34import org.onosproject.event.EventSink;
35import org.onosproject.net.config.Config;
36import org.onosproject.net.config.NetworkConfigRegistryAdapter;
37import org.onosproject.net.packet.DefaultInboundPacket;
38import org.onosproject.net.packet.InboundPacket;
39import org.onosproject.net.packet.PacketContext;
40import org.onosproject.net.packet.PacketService;
Jonathan Hart9d1ce802020-01-28 10:45:08 -0800[diff] [blame]41import org.onosproject.store.service.TestStorageService;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]42import org.opencord.aaa.AaaConfig;
43import org.slf4j.Logger;
44
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]45import java.net.InetAddress;
46import java.net.UnknownHostException;
47import java.nio.ByteBuffer;
48
49import static com.google.common.base.Preconditions.checkState;
50import static org.hamcrest.Matchers.is;
51import static org.hamcrest.Matchers.notNullValue;
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]52import static org.junit.Assert.assertNotEquals;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]53import static org.junit.Assert.assertThat;
54import static org.onosproject.net.NetTestTools.connectPoint;
55import static org.slf4j.LoggerFactory.getLogger;
56
57/**
58 * Set of tests of the ONOS application component for AAA Statistics.
59 */
60public class AaaStatisticsTest extends AaaTestBase {
61
62 static final String BAD_IP_ADDRESS = "198.51.100.0";
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]63 static final Long ZERO = (long) 0;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]64
65 private final Logger log = getLogger(getClass());
66 private AaaManager aaaManager;
67 private AaaStatisticsManager aaaStatisticsManager;
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]68 private AaaSupplicantMachineStatsManager aaaSupplicantStatsManager;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]69
70 class AaaManagerWithoutRadiusServer extends AaaManager {
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]71 protected void sendRadiusPacket(RADIUS radiusPacket, InboundPacket inPkt) {
72 super.sendRadiusPacket(radiusPacket, inPkt);
73 aaaManager.aaaStatisticsManager.putOutgoingIdentifierToMap(radiusPacket.getIdentifier());
74 savePacket(radiusPacket);
75 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]76
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]77 // changed the configuration of parent method to protected
78 protected void configureRadiusCommunication() {
79 PacketService pktService = new MockPacketService();
80 ApplicationId appId = new CoreServiceAdapter().registerApplication("org.opencord.aaa");
81 aaaManager.impl = new TestSocketBasedRadiusCommunicator(appId, pktService, aaaManager);
82 }
83 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]84
85 /**
86 * Mocks the AAAConfig class to force usage of an unroutable address for the
87 * RADIUS server.
88 */
89 static class MockAaaConfig extends AaaConfig {
90 @Override
91 public InetAddress radiusIp() {
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]92 try {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]93 return InetAddress.getByName(BAD_IP_ADDRESS);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]94 } catch (UnknownHostException ex) {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]95 throw new IllegalStateException(ex);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]96 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]97 }
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]98 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]99
100 /**
101 * Mocks the network config registry.
102 */
103 @SuppressWarnings("unchecked")
104 private static final class TestNetworkConfigRegistry extends NetworkConfigRegistryAdapter {
105 @Override
106 public <S, C extends Config<S>> C getConfig(S subject, Class<C> configClass) {
107 AaaConfig aaaConfig = new MockAaaConfig();
108 return (C) aaaConfig;
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]109 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]110 }
111
112 public static class TestEventDispatcher extends DefaultEventSinkRegistry implements EventDeliveryService {
113
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]114 @Override
115 @SuppressWarnings("unchecked")
116 public synchronized void post(Event event) {
117 EventSink sink = getSink(event.getClass());
118 checkState(sink != null, "No sink for event %s", event);
119 sink.process(event);
120 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]121
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]122 @Override
123 public void setDispatchTimeLimit(long millis) {
124 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]125
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]126 @Override
127 public long getDispatchTimeLimit() {
128 return 0;
129 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]130 }
131
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]132 /**
133 * Set up the services required by the AAA application.
134 */
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]135 @Before
136 public void setUp() {
137 aaaManager = new AaaManagerWithoutRadiusServer();
Shubham Sharma4900ce62019-06-19 14:18:50 +0000[diff] [blame]138 aaaManager.radiusOperationalStatusService = new RadiusOperationalStatusManager();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]139 aaaManager.netCfgService = new TestNetworkConfigRegistry();
140 aaaManager.coreService = new CoreServiceAdapter();
141 aaaManager.packetService = new MockPacketService();
142 aaaManager.deviceService = new TestDeviceService();
143 aaaManager.sadisService = new MockSadisService();
144 aaaManager.cfgService = new MockCfgService();
Jonathan Hart9d1ce802020-01-28 10:45:08 -0800[diff] [blame]145 aaaManager.storageService = new TestStorageService();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]146 aaaStatisticsManager = new AaaStatisticsManager();
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]147 aaaSupplicantStatsManager = new AaaSupplicantMachineStatsManager();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]148 TestUtils.setField(aaaStatisticsManager, "eventDispatcher", new TestEventDispatcher());
149 aaaStatisticsManager.activate();
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]150 TestUtils.setField(aaaSupplicantStatsManager, "eventDispatcher", new TestEventDispatcher());
151 aaaSupplicantStatsManager.activate();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]152 aaaManager.aaaStatisticsManager = this.aaaStatisticsManager;
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]153 aaaManager.aaaSupplicantStatsManager = this.aaaSupplicantStatsManager;
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]154 TestUtils.setField(aaaManager, "eventDispatcher", new TestEventDispatcher());
155 aaaManager.activate(new AaaTestBase.MockComponentContext());
156 }
157
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]158 /**
159 * Tear down the AAA application.
160 */
161 @After
162 public void tearDown() {
163 aaaManager.deactivate(new AaaTestBase.MockComponentContext());
164 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]165
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]166 /**
167 * Extracts the RADIUS packet from a packet sent by the supplicant.
168 *
169 * @param radius RADIUS packet sent by the supplicant
170 * @throws DeserializationException if deserialization of the packet contents fails.
171 */
172 private void checkRadiusPacketFromSupplicant(RADIUS radius) throws DeserializationException {
173 assertThat(radius, notNullValue());
174 EAP eap = radius.decapsulateMessage();
175 assertThat(eap, notNullValue());
176 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]177
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]178 /**
179 * Fetches the sent packet at the given index. The requested packet must be the
180 * last packet on the list.
181 *
182 * @param index index into sent packets array
183 * @return packet
184 */
185 private BasePacket fetchPacket(int index) {
186 BasePacket packet = savedPackets.get(index);
187 assertThat(packet, notNullValue());
188 return packet;
189 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]190
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]191 /**
192 * Tests the authentication path through the AAA application.
193 * And counts the aaa Stats for successful transmission.
194 *
195 * @throws DeserializationException if packed deserialization fails.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]196 */
197 @Test
198 public void testAaaStatisticsForAcceptedPackets() throws Exception {
199
200 // (1) Supplicant start up
201 Ethernet startPacket = constructSupplicantStartPacket();
202 sendPacket(startPacket);
203
204 Ethernet responsePacket = (Ethernet) fetchPacket(0);
205 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
206
207 // (2) Supplicant identify
208
209 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
210 sendPacket(identifyPacket);
211
212 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
213 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
214
215 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
216 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
217 is("testuser"));
218 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]219 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]220 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
221
222 // State machine should have been created by now
223
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]224 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]225 assertThat(stateMachine, notNullValue());
226 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
227
228 // (3) RADIUS MD5 challenge
229
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]230 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
231 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5, radiusIdentifyPacket.getIdentifier(),
232 aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]233 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
234
235 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
236 checkRadiusPacket(aaaManager, radiusChallengeMD5Packet, EAP.ATTR_MD5);
237
238 // (4) Supplicant MD5 response
239
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]240 Ethernet md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
241 stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
242 sendPacket(md5RadiusPacket);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]243
244 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
245
246 checkRadiusPacketFromSupplicant(responseMd5RadiusPacket);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]247 //assertThat(responseMd5RadiusPacket.getIdentifier(), is((byte) 9));
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]248 assertThat(responseMd5RadiusPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
249
250 // State machine should be in pending state
251
252 assertThat(stateMachine, notNullValue());
253 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
254
255 // (5) RADIUS Success
256
257 RADIUS successPacket =
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]258 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_ACCEPT, EAP.SUCCESS,
259 responseMd5RadiusPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]260 aaaManager.handleRadiusPacket((successPacket));
261 Ethernet supplicantSuccessPacket = (Ethernet) fetchPacket(4);
262
263 checkRadiusPacket(aaaManager, supplicantSuccessPacket, EAP.SUCCESS);
264
265 // State machine should be in authorized state
266
267 assertThat(stateMachine, notNullValue());
268 assertThat(stateMachine.state(), is(StateMachine.STATE_AUTHORIZED));
269
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]270 //Check for increase of Stats
271 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
272 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthSuccessTrans(), ZERO);
273 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
274 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
275 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
276
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]277 assertNotEquals(aaaStatisticsManager.getAaaStats().getAcceptResponsesRx(), ZERO);
278 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
279 assertNotEquals(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), ZERO);
280 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
281 assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), ZERO);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]282
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]283 // Counts the aaa Statistics count and displays in the log
284 countAaaStatistics();
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]285 }
286
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]287 /**
288 * Tests the count for defected packets.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]289 *
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]290 * @throws DeserializationException if packed deserialization fails.
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]291 */
292 @Test
293 public void testAaaStatisticsForDefectivePackets() throws Exception {
294 // (1) Supplicant start up
295 Ethernet startPacket = constructSupplicantStartPacket();
296 sendPacket(startPacket);
297
298 // (2) Supplicant identify
299
300 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
301 sendPacket(identifyPacket);
302
303 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
304
305 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
306
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]307 // State machine should have been created by now
308
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]309 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]310
311 // (3) RADIUS MD5 challenge
312
313 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]314 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5, radiusIdentifyPacket.getIdentifier(),
315 aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]316 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
317
318 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
319
320 // (4) Supplicant MD5 response
321
322 Ethernet md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]323 stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]324 sendPacket(md5RadiusPacket);
325 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]326
327 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
328
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]329 // (5) RADIUS Rejected
330
331 RADIUS rejectedPacket =
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]332 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_REJECT, EAP.FAILURE,
333 responseMd5RadiusPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]334 aaaManager.handleRadiusPacket((rejectedPacket));
335 Ethernet supplicantRejectedPacket = (Ethernet) fetchPacket(4);
336
337 checkRadiusPacket(aaaManager, supplicantRejectedPacket, EAP.FAILURE);
338
339 // State machine should be in unauthorized state
340 assertThat(stateMachine, notNullValue());
341 assertThat(stateMachine.state(), is(StateMachine.STATE_UNAUTHORIZED));
342 // Calculated the total round trip time
343 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]344
345 //Check for increase of Stats
346 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
347 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthFailureTrans(), ZERO);
348 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
349 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
350 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
351
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]352 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
353 assertNotEquals(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), ZERO);
354 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
355 assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), ZERO);
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]356 assertNotEquals(aaaStatisticsManager.getAaaStats().getRejectResponsesRx(), ZERO);
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]357
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]358 // Counts the aaa Statistics count
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]359 countAaaStatistics();
360
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]361 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]362
363 /*
364 * Tests the retransmitted packet and malformed packet count
365 *
366 * @throws DeserializationException
367 * if packed deserialization fails.
368 */
369 @Test
370 public void testRequestRetransmittedCount() throws Exception {
371
372 // (1) Supplicant start up
373 Ethernet startPacket = constructSupplicantStartPacket();
374 sendPacket(startPacket);
375
376 // (2) Supplicant identify
377
378 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
379 sendPacket(identifyPacket);
380
381 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
382 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
383
384 // again creating pending state for same packet
385 constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
386 sendPacket(identifyPacket);
387 aaaManager.impl.handlePacketFromServer(null);
388 aaaManager.aaaStatisticsManager.calculatePacketRoundtripTime();
389
390 // creating malformed packet
391 final ByteBuffer byteBuffer = ByteBuffer.wrap(startPacket.serialize());
392 InboundPacket inPacket = new DefaultInboundPacket(connectPoint("1", 1),
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]393 startPacket, byteBuffer);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]394
395 PacketContext context = new TestPacketContext(127L, inPacket, null, false);
396 aaaManager.impl.handlePacketFromServer(context);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]397
398 // Check for increase of Stats
399 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
400 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
401
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]402 assertNotEquals(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), ZERO);
403 assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
404 assertNotEquals(aaaStatisticsManager.getAaaStats().getPendingRequests(), ZERO);
405 assertNotEquals(aaaStatisticsManager.getAaaStats().getMalformedResponsesRx(), ZERO);
406 assertNotEquals(aaaStatisticsManager.getAaaStats().getRequestReTx(), ZERO);
407 assertNotEquals(aaaStatisticsManager.getAaaStats().getUnknownTypeRx(), ZERO);
408 assertNotEquals(aaaStatisticsManager.getAaaStats().getUnknownServerRx(), ZERO);
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]409
Shubham Sharma80214c62019-12-18 07:09:59 +0000[diff] [blame]410 countAaaStatistics();
411 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]412
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]413 /**
414 * Tests the authentication path through the AAA application.
415 * And counts the aaa Stats for logoff transactionXZ.
416 *
417 * @throws DeserializationException if packed deserialization fails.
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]418 */
419 @Test
420 public void testAaaStatisticsForLogoffPackets() throws Exception {
421
422 // (1) Supplicant start up
423 Ethernet startPacket = constructSupplicantStartPacket();
424 sendPacket(startPacket);
425
426 Ethernet responsePacket = (Ethernet) fetchPacket(0);
427 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
428
429 // (2) Supplicant identify
430
431 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
432 sendPacket(identifyPacket);
433
434 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
435 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
436
437 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
438 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
439 is("testuser"));
440 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]441 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]442 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
443
444 // State machine should have been created by now
445
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]446 //StateMachine stateMachine = StateMachine.lookupStateMachineBySessionId(SESSION_ID);
447 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]448 assertThat(stateMachine, notNullValue());
449 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
450
451 // (3) RADIUS MD5 challenge
452
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]453 RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(
454 RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5,
455 radiusIdentifyPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]456 aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
457
458 Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
459 checkRadiusPacket(aaaManager, radiusChallengeMD5Packet, EAP.ATTR_MD5);
460
461 // (4) Supplicant MD5 response
462
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]463 Ethernet md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5,
464 stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
465 sendPacket(md5RadiusPacket);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]466
467 RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
468
469 checkRadiusPacketFromSupplicant(responseMd5RadiusPacket);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]470 assertThat(responseMd5RadiusPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
471
472 // State machine should be in pending state
473
474 assertThat(stateMachine, notNullValue());
475 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
476
477 // (5) RADIUS Success
478
479 RADIUS successPacket =
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]480 constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_ACCEPT, EAP.SUCCESS,
481 responseMd5RadiusPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]482 aaaManager.handleRadiusPacket((successPacket));
483 Ethernet supplicantSuccessPacket = (Ethernet) fetchPacket(4);
484
485 checkRadiusPacket(aaaManager, supplicantSuccessPacket, EAP.SUCCESS);
486
487 // State machine should be in authorized state
488
489 assertThat(stateMachine, notNullValue());
490 assertThat(stateMachine.state(), is(StateMachine.STATE_AUTHORIZED));
491
492 // Supplicant trigger EAP Logoff
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]493 Ethernet logoffPacket = constructSupplicantLogoffPacket();
494 sendPacket(logoffPacket);
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]495
496 // State machine should be in logoff state
497 assertThat(stateMachine, notNullValue());
498 assertThat(stateMachine.state(), is(StateMachine.STATE_IDLE));
499
500 //Check for increase in stats
501 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolLogoffRx(), ZERO);
502 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
503 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthSuccessTrans(), ZERO);
504 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
505 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
506 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapPktTxauthChooseEap(), ZERO);
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]507 // Counts the aaa Statistics count
508 countAaaStatistics();
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]509
510 }
511
Andrea Campanellae66466a2020-02-03 14:05:45 +0000[diff] [blame^]512
513 /** Tests the authentication path through the AAA application.
514 * And counts the aaa Stats for timeout.
515 * @throws DeserializationException
516 * if packed deserialization fails.
517 */
518 @Test
519 public void testAaaStatisticsForTimeoutPackets() throws Exception {
520
521 // (1) Supplicant start up
522 Ethernet startPacket = constructSupplicantStartPacket();
523 sendPacket(startPacket);
524
525 Ethernet responsePacket = (Ethernet) fetchPacket(0);
526 checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
527
528 // (2) Supplicant identify
529
530 Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
531 sendPacket(identifyPacket);
532
533 RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
534 checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
535
536 assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
537 assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()),
538 is("testuser"));
539 IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET,
540 radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
541 assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
542
543 // State machine should have been created by now
544
545 StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
546 assertThat(stateMachine, notNullValue());
547 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
548 Thread.sleep((aaaManager.cleanupTimerTimeOutInMins / 2) + 1);
549
550 // State machine should be in timeout state
551 assertThat(stateMachine, notNullValue());
552 assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
553
554 //Check for increase in stats
555 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
556 assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqTrans(), ZERO);
557 countAaaStatistics();
558
559 }
560
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]561 // Calculates the AAA statistics count.
562 public void countAaaStatistics() {
563 assertThat(aaaStatisticsManager.getAaaStats().getAcceptResponsesRx(), notNullValue());
564 assertThat(aaaStatisticsManager.getAaaStats().getAccessRequestsTx(), notNullValue());
565 assertThat(aaaStatisticsManager.getAaaStats().getChallengeResponsesRx(), notNullValue());
566 assertThat(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), notNullValue());
567 assertThat(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), notNullValue());
568 assertThat(aaaStatisticsManager.getAaaStats().getMalformedResponsesRx(), notNullValue());
569 assertThat(aaaStatisticsManager.getAaaStats().getPendingRequests(), notNullValue());
570 assertThat(aaaStatisticsManager.getAaaStats().getRejectResponsesRx(), notNullValue());
571 assertThat(aaaStatisticsManager.getAaaStats().getRequestReTx(), notNullValue());
572 assertThat(aaaStatisticsManager.getAaaStats().getRequestRttMilis(), notNullValue());
573 assertThat(aaaStatisticsManager.getAaaStats().getUnknownServerRx(), notNullValue());
574 assertThat(aaaStatisticsManager.getAaaStats().getUnknownTypeRx(), notNullValue());
Shubham Sharma2b3fb692019-12-12 10:19:10 +0000[diff] [blame]575
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]576 }
577
578 /*
579 * Mock implementation of SocketBasedRadiusCommunicator class.
580 *
581 */
582 class TestSocketBasedRadiusCommunicator extends SocketBasedRadiusCommunicator {
583
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]584 TestSocketBasedRadiusCommunicator(ApplicationId appId, PacketService pktService, AaaManager aaaManager) {
585 super(appId, pktService, aaaManager);
586 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]587
588 // Implementation of socketBasedRadiusCommunicator--> run() method
589 public void handlePacketFromServer(PacketContext context) {
590
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]591 RADIUS incomingPkt = (RADIUS) fetchPacket(savedPackets.size() - 1);
592 try {
593 if (context == null) {
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]594 aaaStatisticsManager.handleRoundtripTime(incomingPkt.getIdentifier());
595 aaaManager.handleRadiusPacket(incomingPkt);
596 } else if (null != context) {
597 aaaManager.checkForPacketFromUnknownServer("100.100.100.0");
598 aaaStatisticsManager.handleRoundtripTime(incomingPkt.getIdentifier());
599 aaaManager.handleRadiusPacket(incomingPkt);
600 incomingPkt =
601 RADIUS.deserializer().deserialize(incomingPkt.generateAuthCode(), 0, 1);
602 }
Jonathan Hart612651f2019-11-25 09:21:43 -0800[diff] [blame]603 } catch (DeserializationException dex) {
604 aaaManager.aaaStatisticsManager.getAaaStats().increaseMalformedResponsesRx();
605 aaaStatisticsManager.getAaaStats().countDroppedResponsesRx();
606 log.error("Cannot deserialize packet", dex);
607 }
Shubham Sharmacf5e5032019-11-26 11:09:21 +0000[diff] [blame]608 }
609
610 }
611
Kartikey Dubeyadeb26e2019-10-01 12:18:35 +0000[diff] [blame]612}