TEST: [WIP] Module to test for perspective network conditions
It covers following conditions for different CORD Apps(Presently for IGMP & TLS).
1. Network lag
2. Out of Order , or rearranged packets.
3. Drop packets or Duplicate packet generation
4. Burst or block of traffic.
Change-Id: I1f2c6a9c192e7caacdf86eb680f17dcf4b144573
diff --git a/src/test/netCondition/__init__.py b/src/test/netCondition/__init__.py
new file mode 100644
index 0000000..4344312
--- /dev/null
+++ b/src/test/netCondition/__init__.py
@@ -0,0 +1,25 @@
+#
+# Copyright 2016-present Ciena Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+import os,sys
+##add the python path to lookup the utils
+working_dir = os.path.dirname(os.path.realpath(sys.argv[-1]))
+utils_dir = os.path.join(working_dir, '../utils')
+fsm_dir = os.path.join(working_dir, '../fsm')
+subscriber_dir = os.path.join(working_dir, '../subscriber')
+__path__.append(utils_dir)
+__path__.append(fsm_dir)
+__path__.append(subscriber_dir)
+
diff --git a/src/test/netCondition/netConditionTest.py b/src/test/netCondition/netConditionTest.py
new file mode 100644
index 0000000..5d64d62
--- /dev/null
+++ b/src/test/netCondition/netConditionTest.py
@@ -0,0 +1,1144 @@
+#
+# Copyright 2016-present Ciena Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+import unittest
+from threading import Timer
+from nose.tools import *
+from nose.twistedtools import reactor, deferred
+from twisted.internet import defer
+from scapy.all import *
+import time, monotonic
+import os, sys
+import tempfile
+import random
+import threading
+from IGMP import *
+from McastTraffic import *
+from Stats import Stats
+from OnosCtrl import OnosCtrl
+from OltConfig import OltConfig
+from Channels import IgmpChannel
+from EapTLS import TLSAuthTest
+from scapy_ssl_tls.ssl_tls import *
+from scapy_ssl_tls.ssl_tls_crypto import *
+log.setLevel('INFO')
+from EapolAAA import *
+from enum import *
+import noseTlsAuthHolder as tlsAuthHolder
+from tls_cert import Key
+from socket import *
+from CordTestServer import cord_test_radius_restart
+import struct
+import scapy
+from CordTestBase import CordTester
+from CordContainer import *
+import re
+from random import randint
+from time import sleep
+
+import json
+from OnosFlowCtrl import OnosFlowCtrl
+from OltConfig import OltConfig
+from threading import current_thread
+import collections
+
+class IGMPTestState:
+
+ def __init__(self, groups = [], df = None, state = 0):
+ self.df = df
+ self.state = state
+ self.counter = 0
+ self.groups = groups
+ self.group_map = {} ##create a send/recv count map
+ for g in groups:
+ self.group_map[g] = (Stats(), Stats())
+
+ def update(self, group, tx = 0, rx = 0, t = 0):
+ self.counter += 1
+ index = 0 if rx == 0 else 1
+ v = tx if rx == 0 else rx
+ if self.group_map.has_key(group):
+ self.group_map[group][index].update(packets = v, t = t)
+
+ def update_state(self):
+ self.state = self.state ^ 1
+
+class netCondition_exchange(unittest.TestCase):
+
+ V_INF1 = 'veth0'
+ V_INF2 = 'veth1'
+ MGROUP1 = '239.1.2.3'
+ MGROUP2 = '239.2.2.3'
+ MINVALIDGROUP1 = '255.255.255.255'
+ MINVALIDGROUP2 = '239.255.255.255'
+ MMACGROUP1 = "01:00:5e:01:02:03"
+ MMACGROUP2 = "01:00:5e:02:02:03"
+ IGMP_DST_MAC = "01:00:5e:00:00:16"
+ IGMP_SRC_MAC = "5a:e1:ac:ec:4d:a1"
+ IP_SRC = '1.2.3.4'
+ IP_DST = '224.0.0.22'
+ NEGATIVE_TRAFFIC_STATUS = 1
+ igmp_eth = Ether(dst = IGMP_DST_MAC, type = ETH_P_IP)
+ igmp_ip = IP(dst = IP_DST)
+ IGMP_TEST_TIMEOUT = 5
+ IGMP_QUERY_TIMEOUT = 60
+ MCAST_TRAFFIC_TIMEOUT = 10
+ TEST_TIMEOUT_DELAY = 340
+ PORT_TX_DEFAULT = 2
+ PORT_RX_DEFAULT = 1
+ max_packets = 100
+ app_igmp = 'org.opencord.igmp'
+ olt_conf_file = os.path.join(os.path.dirname(os.path.realpath(__file__)), '../setup/olt_config.json')
+ ROVER_TEST_TIMEOUT = 10 #3600*86
+ ROVER_TIMEOUT = (ROVER_TEST_TIMEOUT - 100)
+ ROVER_JOIN_TIMEOUT = 60
+
+ app_tls = 'org.opencord.aaa'
+ TLS_TIMEOUT = 20
+ CLIENT_CERT_INVALID = '''-----BEGIN CERTIFICATE-----
+MIIEyTCCA7GgAwIBAgIJAM6l2jUG56pLMA0GCSqGSIb3DQEBCwUAMIGLMQswCQYD
+VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVNvbWV3aGVyZTETMBEGA1UE
+ChMKQ2llbmEgSW5jLjEeMBwGCSqGSIb3DQEJARYPYWRtaW5AY2llbmEuY29tMSYw
+JAYDVQQDEx1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNjAzMTEx
+ODUzMzVaFw0xNzAzMDYxODUzMzVaMIGLMQswCQYDVQQGEwJVUzELMAkGA1UECBMC
+Q0ExEjAQBgNVBAcTCVNvbWV3aGVyZTETMBEGA1UEChMKQ2llbmEgSW5jLjEeMBwG
+CSqGSIb3DQEJARYPYWRtaW5AY2llbmEuY29tMSYwJAYDVQQDEx1FeGFtcGxlIENl
+cnRpZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAL9Jv54TkqycL3U2Fdd/y5NXdnPVXwAVV3m6I3eIffVCv8eS+mwlbl9dnbjo
+qqlGEgA3sEg5HtnKoW81l3PSyV/YaqzUzbcpDlgWlbNkFQ3nVxh61gSU34Fc4h/W
+plSvCkwGSbV5udLtEe6S9IflP2Fu/eXa9vmUtoPqDk66p9U/nWVf2H1GJy7XanWg
+wke+HpQvbzoSfPJS0e5Rm9KErrzaIkJpqt7soW+OjVJitUax7h45RYY1HHHlbMQ0
+ndWW8UDsCxFQO6d7nsijCzY69Y8HarH4mbVtqhg3KJevxD9UMRy6gdtPMDZLah1c
+LHRu14ucOK4aF8oICOgtcD06auUCAwEAAaOCASwwggEoMB0GA1UdDgQWBBQwEs0m
+c8HARTVp21wtiwgav5biqjCBwAYDVR0jBIG4MIG1gBQwEs0mc8HARTVp21wtiwga
+v5biqqGBkaSBjjCBizELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQH
+EwlTb21ld2hlcmUxEzARBgNVBAoTCkNpZW5hIEluYy4xHjAcBgkqhkiG9w0BCQEW
+D2FkbWluQGNpZW5hLmNvbTEmMCQGA1UEAxMdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBB
+dXRob3JpdHmCCQDOpdo1BueqSzAMBgNVHRMEBTADAQH/MDYGA1UdHwQvMC0wK6Ap
+oCeGJWh0dHA6Ly93d3cuZXhhbXBsZS5jb20vZXhhbXBsZV9jYS5jcmwwDQYJKoZI
+hvcNAQELBQADggEBAK+fyAFO8CbH35P5mOX+5wf7+AeC+5pwaFcoCV0zlfwniANp
+jISgcIX9rcetLxeYRAO5com3+qLdd9dGVNL0kwufH4QhlSPErG7OLHHAs4JWVhUo
+bH3lK9lgFVlnCDBtQhslzqScR64SCicWcQEjv3ZMZsJwYLvl8unSaKz4+LVPeJ2L
+opCpmZw/V/S2NhBbe3QjTiRPmDev2gbaO4GCfi/6sCDU7UO3o8KryrkeeMIiFIej
+gfwn9fovmpeqCEyupy2JNNUTJibEuFknwx7JAX+htPL27nEgwV1FYtwI3qLiZqkM
+729wo9cFSslJNZBu+GsBP5LszQSuvNTDWytV+qY=
+-----END CERTIFICATE-----'''
+
+ def onos_aaa_config(self):
+ aaa_dict = {'apps' : { 'org.onosproject.aaa' : { 'AAA' : { 'radiusSecret': 'radius_password',
+ 'radiusIp': '172.17.0.2' } } } }
+ radius_ip = os.getenv('ONOS_AAA_IP') or '172.17.0.2'
+ aaa_dict['apps']['org.onosproject.aaa']['AAA']['radiusIp'] = radius_ip
+ self.onos_ctrl.activate()
+ time.sleep(2)
+ self.onos_load_tls_config(aaa_dict)
+
+ def onos_load_tls_config(self, config):
+ status, code = OnosCtrl.config(config)
+ if status is False:
+ log.info('Configure request for AAA returned status %d' %code)
+ assert_equal(status, True)
+ time.sleep(3)
+
+ @classmethod
+ def setUpClass(cls):
+ cls.olt = OltConfig(olt_conf_file = cls.olt_conf_file)
+ cls.port_map, _ = cls.olt.olt_port_map()
+ OnosCtrl.cord_olt_config(cls.olt.olt_device_data())
+ cls.device_id = OnosCtrl.get_device_id()
+
+ @classmethod
+ def tearDownClass(cls): pass
+
+ def setUp_igmp(self):
+ ''' Activate the igmp app'''
+ apps = self.app_igmp
+ self.onos_ctrl = OnosCtrl(apps)
+# self.onos_ctrl = OnosCtrl(self.app_tls)
+ self.onos_aaa_config()
+ self.onos_ctrl.activate()
+ self.igmp_channel = IgmpChannel()
+
+ def setUp_tls(self):
+ ''' Activate the igmp app'''
+ apps = self.app_tls
+ self.onos_ctrl = OnosCtrl(apps)
+ self.onos_aaa_config()
+
+ def tearDown(self):
+ '''Deactivate the dhcp app'''
+ apps = [self.app_igmp, self.app_tls]
+ for app in apps:
+ onos_ctrl = OnosCtrl(app)
+ onos_ctrl.deactivate()
+# log.info('Restarting the Radius container in the setup after running every subscriber test cases by default')
+# rest = Container('cord-radius', 'cord-test/radius',)
+# rest.restart('cord-radius','10')
+# radius = Radius()
+# radius_ip = radius.ip()
+# print('Radius server is running with IP %s' %radius_ip)
+ #os.system('ifconfig '+INTF_RX_DEFAULT+' up')
+
+ def onos_load_igmp_config(self, config):
+ log.info('onos load config is %s'%config)
+ status, code = OnosCtrl.config(config)
+ if status is False:
+ log.info('JSON request returned status %d' %code)
+ assert_equal(status, True)
+ time.sleep(2)
+
+ def onos_ssm_table_load(self, groups, src_list = ['1.2.3.4'],flag = False):
+ ssm_dict = {'apps' : { 'org.onosproject.igmp' : { 'ssmTranslate' : [] } } }
+ ssm_xlate_list = ssm_dict['apps']['org.onosproject.igmp']['ssmTranslate']
+ if flag: #to maintain seperate group-source pair.
+ for i in range(len(groups)):
+ d = {}
+ d['source'] = src_list[i] or '0.0.0.0'
+ d['group'] = groups[i]
+ ssm_xlate_list.append(d)
+ else:
+ for g in groups:
+ for s in src_list:
+ d = {}
+ d['source'] = s or '0.0.0.0'
+ d['group'] = g
+ ssm_xlate_list.append(d)
+ self.onos_load_igmp_config(ssm_dict)
+ cord_port_map = {}
+ for g in groups:
+ cord_port_map[g] = (self.PORT_TX_DEFAULT, self.PORT_RX_DEFAULT)
+ self.igmp_channel.cord_port_table_load(cord_port_map)
+ time.sleep(2)
+
+ def mcast_ip_range(self,start_ip = '224.0.1.0', end_ip = '224.0.1.100'):
+ start = list(map(int, start_ip.split(".")))
+ end = list(map(int, end_ip.split(".")))
+ temp = start
+ ip_range = []
+ ip_range.append(start_ip)
+ while temp != end:
+ start[3] += 1
+ for i in (3, 2, 1):
+ if temp[i] == 255:
+ temp[i] = 0
+ temp[i-1] += 1
+ ip_range.append(".".join(map(str, temp)))
+ return ip_range
+
+ def random_mcast_ip(self,start_ip = '224.0.1.0', end_ip = '224.0.1.100'):
+ start = list(map(int, start_ip.split(".")))
+ end = list(map(int, end_ip.split(".")))
+ temp = start
+ ip_range = []
+ ip_range.append(start_ip)
+ while temp != end:
+ start[3] += 1
+ for i in (3, 2, 1):
+ if temp[i] == 255:
+ temp[i] = 0
+ temp[i-1] += 1
+ ip_range.append(".".join(map(str, temp)))
+ return random.choice(ip_range)
+
+ def source_ip_range(self,start_ip = '10.10.0.1', end_ip = '10.10.0.100'):
+ start = list(map(int, start_ip.split(".")))
+ end = list(map(int, end_ip.split(".")))
+ temp = start
+ ip_range = []
+ ip_range.append(start_ip)
+ while temp != end:
+ start[3] += 1
+ for i in (3, 2, 1):
+ if temp[i] == 255:
+ temp[i] = 0
+ temp[i-1] += 1
+ ip_range.append(".".join(map(str, temp)))
+ return ip_range
+
+ def randomsourceip(self,start_ip = '10.10.0.1', end_ip = '10.10.0.100'):
+ start = list(map(int, start_ip.split(".")))
+ end = list(map(int, end_ip.split(".")))
+ temp = start
+ ip_range = []
+ ip_range.append(start_ip)
+ while temp != end:
+ start[3] += 1
+ for i in (3, 2, 1):
+ if temp[i] == 255:
+ temp[i] = 0
+ temp[i-1] += 1
+ ip_range.append(".".join(map(str, temp)))
+ return random.choice(ip_range)
+
+ def get_igmp_intf(self):
+ inst = os.getenv('TEST_INSTANCE', None)
+ if not inst:
+ return 'veth0'
+ inst = int(inst) + 1
+ if inst >= self.port_map['uplink']:
+ inst += 1
+ if self.port_map.has_key(inst):
+ return self.port_map[inst]
+ return 'veth0'
+
+ def igmp_verify_join(self, igmpStateList):
+ sendState, recvState = igmpStateList
+ ## check if the send is received for the groups
+ for g in sendState.groups:
+ tx_stats = sendState.group_map[g][0]
+ tx = tx_stats.count
+ assert_greater(tx, 0)
+ rx_stats = recvState.group_map[g][1]
+ rx = rx_stats.count
+ assert_greater(rx, 0)
+ log.info('Receive stats %s for group %s' %(rx_stats, g))
+
+ log.info('IGMP test verification success')
+
+ def igmp_verify_leave(self, igmpStateList, leave_groups):
+ sendState, recvState = igmpStateList[0], igmpStateList[1]
+ ## check if the send is received for the groups
+ for g in sendState.groups:
+ tx_stats = sendState.group_map[g][0]
+ rx_stats = recvState.group_map[g][1]
+ tx = tx_stats.count
+ rx = rx_stats.count
+ assert_greater(tx, 0)
+ if g not in leave_groups:
+ log.info('Received %d packets for group %s' %(rx, g))
+ for g in leave_groups:
+ rx = recvState.group_map[g][1].count
+ assert_equal(rx, 0)
+
+ log.info('IGMP test verification success')
+
+ def mcast_traffic_timer(self):
+ self.mcastTraffic.stopReceives()
+
+ def send_mcast_cb(self, send_state):
+ for g in send_state.groups:
+ send_state.update(g, tx = 1)
+ return 0
+
+ ##Runs in the context of twisted reactor thread
+ def igmp_recv(self, igmpState, iface = 'veth0'):
+ p = self.recv_socket.recv()
+ try:
+ send_time = float(p.payload.load)
+ recv_time = monotonic.monotonic()
+ except:
+ log.info('Unexpected Payload received: %s' %p.payload.load)
+ return 0
+ #log.info( 'Recv in %.6f secs' %(recv_time - send_time))
+ igmpState.update(p.dst, rx = 1, t = recv_time - send_time)
+ return 0
+
+ def send_igmp_join(self, groups, src_list = ['1.2.3.4'], record_type=IGMP_V3_GR_TYPE_INCLUDE,
+ ip_pkt = None, iface = 'veth0', ssm_load = False, delay = 1):
+ if ssm_load is True:
+ self.onos_ssm_table_load(groups, src_list)
+ igmp = IGMPv3(type = IGMP_TYPE_V3_MEMBERSHIP_REPORT, max_resp_code=30,
+ gaddr=self.IP_DST)
+ for g in groups:
+ gr = IGMPv3gr(rtype= record_type, mcaddr=g)
+ gr.sources = src_list
+ igmp.grps.append(gr)
+ if ip_pkt is None:
+ ip_pkt = self.igmp_eth/self.igmp_ip
+ pkt = ip_pkt/igmp
+ IGMPv3.fixup(pkt)
+ sendp(pkt, iface=iface)
+ if delay != 0:
+ time.sleep(delay)
+
+ def send_igmp_join_recvQuery(self, groups, rec_queryCount = None, src_list = ['1.2.3.4'], ip_pkt = None, iface = 'veth0', delay = 2):
+ self.onos_ssm_table_load(groups, src_list)
+ igmp = IGMPv3(type = IGMP_TYPE_V3_MEMBERSHIP_REPORT, max_resp_code=30,
+ gaddr=self.IP_DST)
+ for g in groups:
+ gr = IGMPv3gr(rtype=IGMP_V3_GR_TYPE_INCLUDE, mcaddr=g)
+ gr.sources = src_list
+ gr.sources = src_list
+ igmp.grps.append(gr)
+ if ip_pkt is None:
+ ip_pkt = self.igmp_eth/self.igmp_ip
+ pkt = ip_pkt/igmp
+ IGMPv3.fixup(pkt)
+ if rec_queryCount == None:
+ log.info('Sending IGMP join for group %s and waiting for one query packet and printing the packet' %groups)
+ resp = srp1(pkt, iface=iface)
+ else:
+ log.info('Sending IGMP join for group %s and waiting for periodic query packets and printing one packet' %groups)
+ resp = srp1(pkt, iface=iface)
+# resp = srp1(pkt, iface=iface) if rec_queryCount else srp3(pkt, iface=iface)
+ resp[0].summary()
+ log.info('Sent IGMP join for group %s and received a query packet and printing packet' %groups)
+ if delay != 0:
+ time.sleep(delay)
+
+ def send_igmp_leave(self, groups, src_list = ['1.2.3.4'], ip_pkt = None, iface = 'veth0', delay = 2):
+ log.info('entering into igmp leave function')
+ igmp = IGMPv3(type = IGMP_TYPE_V3_MEMBERSHIP_REPORT, max_resp_code=30,
+ gaddr=self.IP_DST)
+ for g in groups:
+ gr = IGMPv3gr(rtype=IGMP_V3_GR_TYPE_EXCLUDE, mcaddr=g)
+ gr.sources = src_list
+ igmp.grps.append(gr)
+ if ip_pkt is None:
+ ip_pkt = self.igmp_eth/self.igmp_ip
+ pkt = ip_pkt/igmp
+ IGMPv3.fixup(pkt)
+ sendp(pkt, iface = iface)
+ if delay != 0:
+ time.sleep(delay)
+
+ def send_igmp_leave_listening_group_specific_query(self, groups, src_list = ['1.2.3.4'], ip_pkt = None, iface = 'veth0', delay = 2):
+ igmp = IGMPv3(type = IGMP_TYPE_V3_MEMBERSHIP_REPORT, max_resp_code=30,
+ gaddr=self.IP_DST)
+ for g in groups:
+ gr = IGMPv3gr(rtype=IGMP_V3_GR_TYPE_EXCLUDE, mcaddr=g)
+ gr.sources = src_list
+ igmp.grps.append(gr)
+ if ip_pkt is None:
+ ip_pkt = self.igmp_eth/self.igmp_ip
+ pkt = ip_pkt/igmp
+ IGMPv3.fixup(pkt)
+ log.info('Sending IGMP leave for group %s and waiting for one group specific query packet and printing the packet' %groups)
+ resp = srp1(pkt, iface=iface)
+ resp[0].summary()
+ log.info('Sent IGMP leave for group %s and received a group specific query packet and printing packet' %groups)
+ if delay != 0:
+ time.sleep(delay)
+
+ @deferred(timeout=MCAST_TRAFFIC_TIMEOUT+390)
+ def test_netCondition_with_delay_between_igmp_join_and_data_recv(self):
+ self.setUp_igmp()
+ randomDelay = randint(10,300)
+ groups = ['224.0.1.1', '225.0.0.1']
+ self.onos_ssm_table_load(groups)
+ df = defer.Deferred()
+ igmpState = IGMPTestState(groups = groups, df = df)
+ igmpStateRecv = IGMPTestState(groups = groups, df = df)
+ igmpStateList = (igmpState, igmpStateRecv)
+ mcastTraffic = McastTraffic(groups, iface= 'veth2', cb = self.send_mcast_cb, arg = igmpState)
+ self.df = df
+ self.mcastTraffic = mcastTraffic
+ self.recv_socket = L3PacketSocket(iface = 'veth0', type = ETH_P_IP)
+
+ def mcast_traffic_delay_start():
+ mcastTraffic.start()
+
+ def igmp_srp_task(stateList):
+ igmpSendState, igmpRecvState = stateList
+ if not mcastTraffic.isRecvStopped():
+ result = self.igmp_recv(igmpRecvState)
+ reactor.callLater(0, igmp_srp_task, stateList)
+ else:
+ self.mcastTraffic.stop()
+ self.recv_socket.close()
+ self.igmp_verify_join(stateList)
+ self.df.callback(0)
+
+ self.send_igmp_join(groups)
+ log.info('Holding multicast data for a period of random delay = {} secs'.format(randomDelay))
+ t = Timer(randomDelay, mcast_traffic_delay_start)
+ t.start()
+
+ self.test_timer = reactor.callLater(randomDelay+30, self.mcast_traffic_timer)
+ reactor.callLater(randomDelay+10, igmp_srp_task, igmpStateList)
+ return df
+
+ @deferred(timeout=MCAST_TRAFFIC_TIMEOUT+390)
+ def test_netCondition_with_delay_between_data_recv_and_igmp_join(self):
+ self.setUp_igmp()
+ randomDelay = randint(10,300)
+ groups = ['224.0.1.1', '225.0.0.1']
+ self.onos_ssm_table_load(groups)
+ df = defer.Deferred()
+ igmpState = IGMPTestState(groups = groups, df = df)
+ igmpStateRecv = IGMPTestState(groups = groups, df = df)
+ igmpStateList = (igmpState, igmpStateRecv)
+ mcastTraffic = McastTraffic(groups, iface= 'veth2', cb = self.send_mcast_cb, arg = igmpState)
+ self.df = df
+ self.mcastTraffic = mcastTraffic
+ self.recv_socket = L3PacketSocket(iface = 'veth0', type = ETH_P_IP)
+
+ def mcast_join_delay_start():
+ log.info('Holding channel join for a period of random delay = {} secs'.format(randomDelay))
+ self.send_igmp_join(groups)
+
+ def igmp_srp_task(stateList):
+ igmpSendState, igmpRecvState = stateList
+ if not mcastTraffic.isRecvStopped():
+ result = self.igmp_recv(igmpRecvState)
+ reactor.callLater(0, igmp_srp_task, stateList)
+ else:
+ self.mcastTraffic.stop()
+ self.recv_socket.close()
+ self.igmp_verify_join(stateList)
+ self.df.callback(0)
+
+ mcastTraffic.start()
+ t = Timer(randomDelay, mcast_join_delay_start)
+ t.start()
+
+ self.test_timer = reactor.callLater(randomDelay+30, self.mcast_traffic_timer)
+ reactor.callLater(randomDelay+10, igmp_srp_task, igmpStateList)
+ return df
+
+
+ @deferred(timeout=MCAST_TRAFFIC_TIMEOUT+340)
+ def test_netCondition_with_delay_between_igmp_leave_and_data(self):
+ self.setUp_igmp()
+ randomDelay = randint(10,300)
+ groups = ['224.0.1.10', '225.0.0.10']
+ leave_groups = ['224.0.1.10']
+ self.onos_ssm_table_load(groups)
+ df = defer.Deferred()
+ igmpState = IGMPTestState(groups = groups, df = df)
+ igmpStateRecv = IGMPTestState(groups = groups, df = df)
+ igmpStateList = (igmpState, igmpStateRecv)
+ mcastTraffic = McastTraffic(groups, iface= 'veth2', cb = self.send_mcast_cb,
+ arg = igmpState)
+ self.df = df
+ self.mcastTraffic = mcastTraffic
+ self.recv_socket = L3PacketSocket(iface = 'veth0', type = ETH_P_IP)
+
+ def mcast_leave_delay_start():
+ self.send_igmp_leave(leave_groups, delay = 3)
+ join_state = IGMPTestState(groups = leave_groups)
+ status = self.igmp_not_recv_task(self.V_INF1,leave_groups, join_state)
+ log.info('Verified status for igmp recv task %s'%status)
+ assert status == 1 , 'EXPECTED RESULT'
+ self.df.callback(0)
+
+ mcastTraffic.start()
+ self.send_igmp_join(groups)
+ log.info('Holding multicast leave packet for a period of random delay = {} secs'.format(randomDelay))
+ t = Timer(randomDelay+10, mcast_leave_delay_start)
+ t.start()
+ return df
+
+ def igmp_not_recv_task(self, intf, groups, join_state):
+ log.info('entering igmp not recv task loop')
+ recv_socket = L2Socket(iface = intf, type = ETH_P_IP)
+ group_map = {}
+ for g in groups:
+ group_map[g] = [0,0]
+
+ log.info('Verifying join interface should not receive any multicast data')
+ self.NEGATIVE_TRAFFIC_STATUS = 1
+ def igmp_recv_cb(pkt):
+ log.info('Multicast packet %s received for left groups %s' %(pkt[IP].dst, groups))
+ self.NEGATIVE_TRAFFIC_STATUS = 2
+ sniff(prn = igmp_recv_cb, count = 1, lfilter = lambda p: IP in p and p[IP].dst in groups,
+ timeout = 3, opened_socket = recv_socket)
+ recv_socket.close()
+ return self.NEGATIVE_TRAFFIC_STATUS
+
+ ## Its sample test case based on this test case we had added all below scenarios.
+ @deferred(TEST_TIMEOUT_DELAY+50)
+ def test_netCondition_in_eap_tls_with_delay_between_positive_IdReq_and_tlsHelloReq(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ tls = TLSAuthTest()
+ def eap_tls_eapTlsHelloReq_pkt_delay():
+ tls._eapTlsHelloReq()
+ tls._eapTlsCertReq()
+ tls._eapTlsChangeCipherSpec()
+ tls._eapTlsFinished()
+ df.callback(0)
+ def eap_tls_verify(df):
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ log.info('Holding tlsHelloReq packet for a period of random delay = {} secs'.format(randomDelay))
+ t = Timer(randomDelay, eap_tls_eapTlsHelloReq_pkt_delay)
+ t.start()
+ reactor.callLater(0, eap_tls_verify, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+50)
+ def test_netCondition_in_eap_tls_with_delay_between_IdReq_and_tlsHelloReq(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ tls = TLSAuthTest()
+ def eap_tls_eapTlsHelloReq_pkt_delay():
+ log.info('Holding tlsHelloReq packet for a period of random delay = {} secs'.format(randomDelay))
+ tls._eapTlsHelloReq()
+ tls._eapTlsCertReq()
+ tls._eapTlsChangeCipherSpec()
+ tls._eapTlsFinished()
+ df.callback(0)
+ def eap_tls_verify(df):
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ t = Timer(randomDelay, eap_tls_eapTlsHelloReq_pkt_delay)
+ t.start()
+ reactor.callLater(0, eap_tls_verify, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+100)
+ def test_netCondition_in_eap_tls_with_delay_between_tlsHelloReq_and_eapTlsCertReq(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ tls = TLSAuthTest()
+ def eap_tls_eapTlsCertReq_pkt_delay():
+ log.info('Holding eapTlsCertReq packet for a period of random delay = {} secs'.format(randomDelay))
+ tls._eapTlsCertReq_delay()
+ tls._eapTlsChangeCipherSpec()
+ tls._eapTlsFinished()
+ df.callback(0)
+ def eap_tls_verify(df):
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ tls._eapTlsHelloReq()
+ while tls.server_hello_done_received == False:
+ r = tls.eapol_scapy_recv(cb = tls.eapol_server_hello_cb,
+ lfilter =
+ lambda pkt: EAP in pkt and pkt[EAP].type == EAP_TYPE_TLS and \
+ pkt[EAP].code == EAP.REQUEST)
+ if len(r) == 0:
+ tls.tlsFail()
+ t = Timer(randomDelay, eap_tls_eapTlsCertReq_pkt_delay)
+ t.start()
+ reactor.callLater(0, eap_tls_verify, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+50)
+ def test_netCondition_in_eap_tls_with_delay_between_TlsCertReq_and_TlsChangeCipherSpec(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ tls = TLSAuthTest()
+ def eap_tls_TlsChangeCipherSpec_pkt_delay():
+ log.info('Holding TlsChangeCipherSpec packet for a period of random delay = {} secs'.format(randomDelay))
+ tls._eapTlsChangeCipherSpec()
+ tls._eapTlsFinished()
+ df.callback(0)
+ def eap_tls_verify(df):
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ tls._eapTlsHelloReq()
+ tls._eapTlsCertReq()
+ t = Timer(randomDelay, eap_tls_TlsChangeCipherSpec_pkt_delay)
+ t.start()
+ reactor.callLater(0, eap_tls_verify, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+50)
+ def test_netCondition_in_eap_tls_with_no_cert_delay_between_IdReq_and_HelloReq(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ def tls_no_cert_cb():
+ log.info('TLS authentication failed with no certificate')
+ tls = TLSAuthTest(fail_cb = tls_no_cert_cb, client_cert = '')
+ def eap_tls_eapTlsHelloReq_pkt_delay():
+ log.info('Holding HelloReq packet with no cert for a period of random delay = {} secs'.format(randomDelay))
+ tls._eapTlsHelloReq()
+ tls._eapTlsCertReq()
+ assert_equal(tls.failTest, True)
+ tls._eapTlsChangeCipherSpec()
+ tls._eapTlsFinished()
+ df.callback(0)
+ def eap_tls_no_cert(df):
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ t = Timer(randomDelay, eap_tls_eapTlsHelloReq_pkt_delay)
+ t.start()
+ reactor.callLater(0, eap_tls_no_cert, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+100)
+ def test_netCondition_in_eap_tls_with_delay_and_no_cert_between_tlsHelloReq_and_eapTlsCertReq(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ def tls_no_cert_cb():
+ log.info('TLS authentication failed with no certificate')
+ tls = TLSAuthTest(fail_cb = tls_no_cert_cb, client_cert = '')
+ def eap_tls_eapTlsHelloReq_pkt_delay():
+ log.info('Holding eapTlsCertReq packet with no cert for a period of random delay = {} secs'.format(randomDelay))
+ tls._eapTlsCertReq_delay()
+ assert_equal(tls.failTest, True)
+ tls._eapTlsChangeCipherSpec()
+ assert_equal(tls.failTest, True)
+ tls._eapTlsFinished()
+ df.callback(0)
+ def eap_tls_no_cert(df):
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ tls._eapTlsHelloReq()
+ while tls.server_hello_done_received == False:
+ r = tls.eapol_scapy_recv(cb = tls.eapol_server_hello_cb,
+ lfilter =
+ lambda pkt: EAP in pkt and pkt[EAP].type == EAP_TYPE_TLS and \
+ pkt[EAP].code == EAP.REQUEST)
+ if len(r) == 0:
+ tls.tlsFail()
+ t = Timer(randomDelay, eap_tls_eapTlsHelloReq_pkt_delay)
+ t.start()
+ reactor.callLater(0, eap_tls_no_cert, df)
+ return df
+
+
+ @deferred(TEST_TIMEOUT_DELAY+50)
+ def test_netCondition_in_eap_tls_with_delay_and_no_cert_between_TlsCertReq_and_TlsChangeCipherSpec(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ def tls_no_cert_cb():
+ log.info('TLS authentication failed with no certificate')
+ tls = TLSAuthTest(fail_cb = tls_no_cert_cb, client_cert = '')
+ def eap_tls_TlsChangeCipherSpec_pkt_delay():
+ tls._eapTlsChangeCipherSpec()
+ assert_equal(tls.failTest, True)
+ tls._eapTlsFinished()
+ df.callback(0)
+ def eap_tls_no_cert(df):
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ tls._eapTlsHelloReq()
+ tls._eapTlsCertReq()
+ log.info('Holding TlsChangeCipherSpec packet with no cert for a period of random delay = {} secs'.format(randomDelay))
+ t = Timer(randomDelay, eap_tls_TlsChangeCipherSpec_pkt_delay)
+ t.start()
+ reactor.callLater(0, eap_tls_no_cert, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+50)
+ def test_netCondition_in_eap_tls_with_invalid_cert_and_delay_between_IdReq_and_HelloReq(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ def tls_invalid_cert_cb():
+ log.info('TLS authentication failed with invalid certificate')
+ tls = TLSAuthTest(fail_cb = tls_invalid_cert_cb, client_cert = self.CLIENT_CERT_INVALID)
+ def eap_tls_eapTlsHelloReq_pkt_delay():
+ tls._eapTlsHelloReq()
+ tls._eapTlsCertReq()
+ assert_equal(tls.failTest, True)
+ tls._eapTlsChangeCipherSpec()
+ tls._eapTlsFinished()
+ df.callback(0)
+ def eap_tls_invalid_cert(df):
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ log.info('Holding HelloReq packet with invalid cert for a period of random delay = {} secs'.format(randomDelay))
+ t = Timer(randomDelay, eap_tls_eapTlsHelloReq_pkt_delay)
+ t.start()
+ reactor.callLater(0, eap_tls_invalid_cert, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+100)
+ def test_netCondition_in_eap_tls_with_invalid_cert_and_delay_between_tlsHelloReq_and_eapTlsCertReq(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ def tls_invalid_cert_cb():
+ log.info('TLS authentication failed with invalid certificate')
+ tls = TLSAuthTest(fail_cb = tls_invalid_cert_cb, client_cert = self.CLIENT_CERT_INVALID)
+ def eap_tls_eapTlsHelloReq_pkt_delay():
+ log.info('Holding eapTlsCertReq packet with invalid cert for a period of random delay = {} sec, delay ended'.format(randomDelay))
+ tls._eapTlsCertReq_delay()
+ tls._eapTlsChangeCipherSpec()
+ assert_equal(tls.failTest, True)
+ tls._eapTlsFinished()
+ df.callback(0)
+ def eap_tls_invalid_cert(df):
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ tls._eapTlsHelloReq()
+ while tls.server_hello_done_received == False:
+ r = tls.eapol_scapy_recv(cb = tls.eapol_server_hello_cb,
+ lfilter =
+ lambda pkt: EAP in pkt and pkt[EAP].type == EAP_TYPE_TLS and \
+ pkt[EAP].code == EAP.REQUEST)
+ if len(r) == 0:
+ tls.tlsFail()
+
+ log.info('Holding eapTlsCertReq packet with invalid cert for a period of random delay = {} secs'.format(randomDelay))
+ t = Timer(randomDelay, eap_tls_eapTlsHelloReq_pkt_delay)
+ t.start()
+ reactor.callLater(0, eap_tls_invalid_cert, df)
+ return df
+
+
+ @deferred(TEST_TIMEOUT_DELAY+50)
+ def test_netCondition_in_eap_tls_with_invalid_cert_delay_between_TlsCertReq_and_TlsChangeCipherSpec(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ def tls_invalid_cert_cb():
+ log.info('TLS authentication failed with invalid certificate')
+ tls = TLSAuthTest(fail_cb = tls_invalid_cert_cb, client_cert = self.CLIENT_CERT_INVALID)
+ def eap_tls_TlsChangeCipherSpec_pkt_delay():
+ tls._eapTlsChangeCipherSpec()
+ assert_equal(tls.failTest, True)
+ tls._eapTlsFinished()
+ df.callback(0)
+ def eap_tls_invalid_cert(df):
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ tls._eapTlsHelloReq()
+ tls._eapTlsCertReq()
+ log.info('Holding TlsChangeCipherSpec packet with invalid cert for a period of random delay = {} secs'.format(randomDelay))
+ t = Timer(randomDelay, eap_tls_TlsChangeCipherSpec_pkt_delay)
+ t.start()
+ reactor.callLater(0, eap_tls_invalid_cert, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+50)
+ def test_netCondition_in_multiple_eap_tls_requests_with_delay_between_IdReq_and_HelloReq(self):
+ self.setUp_tls()
+ df = defer.Deferred()
+ threads = []
+ clients = 10
+ def eap_tls_eapTlsHelloReq_pkt_delay(df):
+ def multiple_tls_random_delay():
+ randomDelay = randint(10,300)
+ tls = TLSAuthTest(src_mac = 'random')
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ log.info('Holding tlsHelloReq packet for a period of random delay = {} secs'.format(randomDelay))
+ time.sleep(randomDelay)
+ tls._eapTlsHelloReq()
+ tls._eapTlsCertReq()
+ tls._eapTlsChangeCipherSpec()
+ tls._eapTlsFinished()
+ log.info('Authentication successfull for user %d'%i)
+ # Sending multiple tls clients and making random delay in between client and server packets.
+ for i in xrange(clients):
+ thread = threading.Thread(target = multiple_tls_random_delay)
+ time.sleep(randint(1,2))
+ thread.start()
+ threads.append(thread)
+ time.sleep(300)
+ for thread in threads:
+ thread.join()
+ #df.callback(0)
+ reactor.callLater(0, eap_tls_eapTlsHelloReq_pkt_delay, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+450)
+ def test_netCondition_multiple_authentications_tls_with_delay_between_every_auth_complete(self):
+ self.setUp_tls()
+ df = defer.Deferred()
+ threads = []
+ clients = 100
+ def eap_tls_eapTlsHelloReq_pkt_delay(df):
+ def multiple_tls_random_delay():
+ randomDelay = randint(10,300)
+ tls = TLSAuthTest(src_mac = 'random')
+ tls._eapSetup()
+ tls.tlsEventTable.EVT_EAP_SETUP
+ tls._eapStart()
+ tls.tlsEventTable.EVT_EAP_START
+ tls._eapIdReq()
+ tls.tlsEventTable.EVT_EAP_ID_REQ
+ tls._eapTlsHelloReq()
+ tls._eapTlsCertReq()
+ tls._eapTlsChangeCipherSpec()
+ tls._eapTlsFinished()
+ log.info('Authentication successfull for user %d'%i)
+ # Client authendicating multiple times one after other and making random delay in between authendication.
+ for i in xrange(clients):
+# thread = threading.Thread(target = multiple_tls_random_delay)
+ multiple_tls_random_delay()
+ time.sleep(randomDelay)
+ df.callback(0)
+ reactor.callLater(0, eap_tls_eapTlsHelloReq_pkt_delay, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+450)
+ def test_netCondition_multiple_authentications_tls_with_delay_between_every_100_tls_burst(self):
+ self.setUp_tls()
+ randomDelay = randint(10,300)
+ df = defer.Deferred()
+ threads = []
+ tls = []
+ clients = 10
+ def eap_tls_eapTlsHelloReq_pkt_delay(df):
+ def multiple_tls_random_delay():
+ #randomDelay = 3
+ for x in xrange(clients):
+ tls.append(TLSAuthTest(src_mac = 'random'))
+ for x in xrange(clients):
+ tls[x]._eapSetup()
+ tls[x].tlsEventTable.EVT_EAP_SETUP
+ for x in xrange(clients):
+ tls[x]._eapStart()
+ tls[x].tlsEventTable.EVT_EAP_START
+ for x in xrange(clients):
+ tls[x]._eapIdReq()
+ tls[x].tlsEventTable.EVT_EAP_ID_REQ
+ for x in xrange(clients):
+ tls[x]._eapTlsHelloReq()
+ for x in xrange(clients):
+ tls[x]._eapTlsCertReq()
+ for x in xrange(clients):
+ tls[x]._eapTlsChangeCipherSpec()
+ for x in xrange(clients):
+ tls[x]._eapTlsFinished()
+ for x in xrange(clients):
+ log.info('Authentication successfull for user %d'%i)
+ # Client authendicating multiple times one after other and making random delay in between authendication.
+ for i in xrange(2):
+ multiple_tls_random_delay()
+ time.sleep(randomDelay)
+ df.callback(0)
+ reactor.callLater(0, eap_tls_eapTlsHelloReq_pkt_delay, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+90)
+ def test_netCondition_with_delay_between_mac_flow_and_traffic(self):
+ df = defer.Deferred()
+ randomDelay = randint(10,300)
+ #self.setUpClass_flows()
+ egress = 1
+ ingress = 2
+ egress_mac = '00:00:00:00:00:01'
+ ingress_mac = '00:00:00:00:00:02'
+ pkt = Ether(src = ingress_mac, dst = egress_mac)/IP()
+ self.success = False
+
+ def mac_recv_task():
+ def recv_cb(pkt):
+ log.info('Pkt seen with ingress mac %s, egress mac %s' %(pkt.src, pkt.dst))
+ self.success = True
+ sniff(count=2, timeout=randomDelay+50, lfilter = lambda p: p.src == ingress_mac,
+ prn = recv_cb, iface = self.port_map[egress])
+
+ thread = threading.Thread(target = mac_recv_task)
+
+ def send_flow_pkt_delay():
+ sendp(pkt, count=50, iface = self.port_map[ingress])
+ thread.join()
+ assert_equal(self.success, True)
+ df.callback(0)
+
+ def creating_mac_flow(df):
+
+ flow = OnosFlowCtrl(deviceId = self.device_id,
+ egressPort = egress,
+ ingressPort = ingress,
+ ethSrc = ingress_mac,
+ ethDst = egress_mac)
+ result = flow.addFlow()
+ assert_equal(result, True)
+ ##wait for flows to be added to ONOS
+ time.sleep(1)
+ thread.start()
+ log.info('Holding a packet to verify if flows are active after {} secs'.format(randomDelay))
+ t = Timer(randomDelay, send_flow_pkt_delay)
+ t.start()
+ reactor.callLater(0, creating_mac_flow, df)
+ return df
+
+
+ @deferred(TEST_TIMEOUT_DELAY+90)
+ def test_netCondition_with_delay_between_ip_flow_and_traffic(self):
+ df = defer.Deferred()
+ randomDelay = randint(10,300)
+ egress = 1
+ ingress = 2
+ egress_map = { 'ether': '00:00:00:00:00:03', 'ip': '192.168.30.1' }
+ ingress_map = { 'ether': '00:00:00:00:00:04', 'ip': '192.168.40.1' }
+ L2 = Ether(src = ingress_map['ether'], dst = egress_map['ether'])
+ L3 = IP(src = ingress_map['ip'], dst = egress_map['ip'])
+ pkt = L2/L3
+
+ def mac_recv_task():
+ def recv_cb(pkt):
+ log.info('Pkt seen with ingress ip %s, egress ip %s' %(pkt[IP].src, pkt[IP].dst))
+ self.success = True
+ sniff(count=2, timeout= randomDelay + 30,
+ lfilter = lambda p: IP in p and p[IP].dst == egress_map['ip'] and p[IP].src == ingress_map['ip'],
+ prn = recv_cb, iface = self.port_map[egress])
+
+ thread = threading.Thread(target = mac_recv_task)
+
+ def send_flow_ip_pkt_delay():
+ sendp(pkt, count=50, iface = self.port_map[ingress])
+ thread.join()
+ assert_equal(self.success, True)
+ df.callback(0)
+
+ def creating_ip_flow(df):
+ flow = OnosFlowCtrl(deviceId = self.device_id,
+ egressPort = egress,
+ ingressPort = ingress,
+ ethType = '0x0800',
+ ipSrc = ('IPV4_SRC', ingress_map['ip']+'/32'),
+ ipDst = ('IPV4_DST', egress_map['ip']+'/32')
+ )
+ result = flow.addFlow()
+ assert_equal(result, True)
+ ##wait for flows to be added to ONOS
+ time.sleep(1)
+ self.success = False
+ ##wait for flows to be added to ONOS
+ time.sleep(1)
+ thread.start()
+ log.info('Holding a packet to verify if flows are active after {} secs'.format(randomDelay))
+ t = Timer(randomDelay, send_flow_ip_pkt_delay)
+ t.start()
+ reactor.callLater(0, creating_ip_flow, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+90)
+ def test_netCondition_with_delay_between_tcp_port_flow_and_traffic(self):
+ df = defer.Deferred()
+ egress = 1
+ ingress = 2
+ egress_map = { 'ether': '00:00:00:00:00:03', 'ip': '192.168.30.1', 'tcp_port': 9500 }
+ ingress_map = { 'ether': '00:00:00:00:00:04', 'ip': '192.168.40.1', 'tcp_port': 9000 }
+ L2 = Ether(src = ingress_map['ether'], dst = egress_map['ether'])
+ L3 = IP(src = ingress_map['ip'], dst = egress_map['ip'])
+ L4 = TCP(sport = ingress_map['tcp_port'], dport = egress_map['tcp_port'])
+ pkt = L2/L3/L4
+
+ def mac_recv_task():
+ def recv_cb(pkt):
+ log.info('Pkt seen with ingress TCP port %s, egress TCP port %s' %(pkt[TCP].sport, pkt[TCP].dport))
+ self.success = True
+ sniff(count=2, timeout= randomDelay+30, lfilter = lambda p: TCP in p and p[TCP].dport == egress_map['tcp_port']
+ and p[TCP].sport == ingress_map['tcp_port'], prn = recv_cb, iface = self.port_map[egress])
+
+ thread = threading.Thread(target = mac_recv_task)
+
+ def send_flow_tcp_pkt_delay():
+ sendp(pkt, count=50, iface = self.port_map[ingress])
+ thread.join()
+ assert_equal(self.success, True)
+ df.callback(0)
+
+ def creating_tcp_flow(df):
+ flow = OnosFlowCtrl(deviceId = self.device_id,
+ egressPort = egress,
+ ingressPort = ingress,
+ tcpSrc = ingress_map['tcp_port'],
+ tcpDst = egress_map['tcp_port']
+ )
+ result = flow.addFlow()
+ assert_equal(result, True)
+ ##wait for flows to be added to ONOS
+ time.sleep(1)
+ self.success = False
+ thread.start()
+ randomDelay = randint(10,300)
+ log.info('Holding a packet to verify if flows are active after {} secs'.format(randomDelay))
+ t = Timer(randomDelay, send_flow_tcp_pkt_delay)
+ t.start()
+ df.callback(0)
+ reactor.callLater(0, creating_tcp_flow, df)
+ return df
+
+ @deferred(TEST_TIMEOUT_DELAY+90)
+ def test_netCondition_with_delay_between_udp_port_flow_and_traffic(self):
+ df = defer.Deferred()
+ randomDelay = randint(10,300)
+ egress = 1
+ ingress = 2
+ egress_map = { 'ether': '00:00:00:00:00:03', 'ip': '192.168.30.1', 'udp_port': 9500 }
+ ingress_map = { 'ether': '00:00:00:00:00:04', 'ip': '192.168.40.1', 'udp_port': 9000 }
+ L2 = Ether(src = ingress_map['ether'], dst = egress_map['ether'])
+ L3 = IP(src = ingress_map['ip'], dst = egress_map['ip'])
+ L4 = UDP(sport = ingress_map['udp_port'], dport = egress_map['udp_port'])
+ pkt = L2/L3/L4
+
+ def mac_recv_task():
+ def recv_cb(pkt):
+ log.info('Pkt seen with ingress UDP port %s, egress UDP port %s' %(pkt[UDP].sport, pkt[UDP].dport))
+ self.success = True
+ sniff(count=2, timeout=randomDelay + 30,
+ lfilter = lambda p: UDP in p and p[UDP].dport == egress_map['udp_port']
+ and p[UDP].sport == ingress_map['udp_port'], prn = recv_cb, iface = self.port_map[egress])
+
+ thread = threading.Thread(target = mac_recv_task)
+
+ def send_flow_udp_pkt_delay():
+ sendp(pkt, count=50, iface = self.port_map[ingress])
+ thread.join()
+ assert_equal(self.success, True)
+ df.callback(0)
+
+ def creating_udp_flow(df):
+ flow = OnosFlowCtrl(deviceId = self.device_id,
+ egressPort = egress,
+ ingressPort = ingress,
+ udpSrc = ingress_map['udp_port'],
+ udpDst = egress_map['udp_port']
+ )
+ result = flow.addFlow()
+ assert_equal(result, True)
+ ##wait for flows to be added to ONOS
+ time.sleep(1)
+ self.success = False
+ thread.start()
+ log.info('Holding a packet to verify if flows are active after {} secs'.format(randomDelay))
+ t = Timer(randomDelay, send_flow_udp_pkt_delay)
+ t.start()
+
+ df.callback(0)
+ reactor.callLater(0, creating_udp_flow, df)
+ return df
+
diff --git a/src/test/setup/cord-test.py b/src/test/setup/cord-test.py
index 2613d99..6fc35a8 100755
--- a/src/test/setup/cord-test.py
+++ b/src/test/setup/cord-test.py
@@ -51,7 +51,7 @@
IMAGE = 'cord-test/nose'
ALL_TESTS = ('tls', 'dhcp', 'dhcprelay','igmp', 'subscriber',
'cordSubscriber', 'vrouter', 'flows', 'proxyarp', 'acl', 'xos', 'fabric',
- 'cbench', 'cluster')
+ 'cbench', 'cluster', 'netCondition')
def __init__(self, tests, instance = 0, num_instances = 1, ctlr_ip = None,
name = '', image = IMAGE, prefix = '', tag = 'candidate',
diff --git a/src/test/utils/EapTLS.py b/src/test/utils/EapTLS.py
index f4e7346..c9cf599 100644
--- a/src/test/utils/EapTLS.py
+++ b/src/test/utils/EapTLS.py
@@ -223,7 +223,7 @@
def tlsFail(self):
##Force a failure
- log.info('entering into testFail funciton')
+ log.info('entering into testFail function')
self.nextEvent = self.tlsEventTable.EVT_EAP_TLS_FINISHED
self.nextState = self.tlsStateTable.ST_EAP_TLS_FINISHED
self.failTest = True
@@ -407,7 +407,6 @@
if len(r) == 0:
self.tlsFail()
return r
-
log.info('Sending client certificate request')
rex_pem = re.compile(r'\-+BEGIN[^\-]+\-+(.*?)\-+END[^\-]+\-+', re.DOTALL)
if self.client_cert:
@@ -456,6 +455,65 @@
assert_equal(status, True)
self.nextEvent = self.tlsEventTable.EVT_EAP_TLS_CHANGE_CIPHER_SPEC
+ def _eapTlsCertReq_delay(self):
+ self.server_hello_done_received = True
+ log.info('Sending client certificate request')
+ rex_pem = re.compile(r'\-+BEGIN[^\-]+\-+(.*?)\-+END[^\-]+\-+', re.DOTALL)
+
+ if self.client_cert:
+ der_cert = rex_pem.findall(self.client_cert)[0].decode("base64")
+ client_certificate_list = TLSHandshake()/TLSCertificateList(
+ certificates=[TLSCertificate(data=x509.X509Cert(der_cert))])
+ else:
+ client_certificate_list = TLSHandshake()/TLSCertificateList(certificates=[])
+
+ client_certificate = TLSRecord(version="TLS_1_0")/client_certificate_list
+ kex_data = self.tls_ctx.get_client_kex_data()
+ client_key_ex_data = TLSHandshake()/kex_data
+ client_key_ex = TLSRecord()/client_key_ex_data
+
+ if self.client_cert:
+ self.load_tls_record(str(client_certificate))
+ self.pkt_history.append(str(client_certificate_list))
+
+ self.load_tls_record(str(client_key_ex))
+ self.pkt_history.append(str(client_key_ex_data))
+ verify_signature = self.get_verify_signature(self.client_priv_key)
+
+ if self.invalid_cert_req_handshake:
+ log.info("Sending 'certificate-request' type of handshake message instead of 'certificate-verify' type")
+ client_cert_verify = TLSHandshake(type=TLSHandshakeType.CERTIFICATE_REQUEST)/verify_signature
+ else:
+ client_cert_verify = TLSHandshake(type=TLSHandshakeType.CERTIFICATE_VERIFY)/verify_signature
+
+ if self.incorrect_tlsrecord_type_cert_req:
+ log.info("Sending TLS Record type as ALERT instead of HANDSHAKE in certificate request packet")
+ client_cert_record = TLSRecord(content_type=TLSContentType.ALERT)/client_cert_verify
+ else:
+ client_cert_record = TLSRecord(content_type=TLSContentType.HANDSHAKE)/client_cert_verify
+
+ self.pkt_history.append(str(client_cert_verify))
+ #log.info('TLS ctxt: %s' %self.tls_ctx)
+ client_ccs = TLSRecord(version="TLS_1_0")/TLSChangeCipherSpec()
+ enc_handshake_msg = self.get_encrypted_handshake_msg()
+
+ if self.invalid_content_type:
+ handshake_msg = str(TLSRecord(content_type=self.invalid_content_type)/enc_handshake_msg)
+ else:
+ handshake_msg = str(TLSRecord(content_type=TLSContentType.HANDSHAKE)/enc_handshake_msg)
+ reqdata = str(TLS.from_records([client_certificate, client_key_ex, client_cert_record, client_ccs]))
+ reqdata += handshake_msg
+ log.info("------> Sending Client Hello TLS Certificate payload of len %d ----------->" %len(reqdata))
+
+ if self.dont_send_client_certificate:
+ log.info('\nSkipping sending client certificate part')
+ pass
+ else:
+ status = self.eapFragmentSend(EAP_RESPONSE, self.server_hello_done_eap_id, TLS_LENGTH_INCLUDED,
+ payload = reqdata, fragsize = 1024)
+ assert_equal(status, True)
+ self.nextEvent = self.tlsEventTable.EVT_EAP_TLS_CHANGE_CIPHER_SPEC
+
def _eapTlsChangeCipherSpec(self):
def eapol_cb(pkt):
r = str(pkt)