Examples with RADIUS org.onlab.packet.RADIUS used on opensource projects

Search in sources :

Example 1 with RADIUS

use of org.onlab.packet.RADIUS in project aaa by opencord.

the class AaaStatisticsTest method testAaaStatisticsForAcceptedPackets.

/**
 * Tests the authentication path through the AAA application.
 * And counts the aaa Stats for successful transmission.
 *
 * @throws DeserializationException if packed deserialization fails.
 */
@Test
public void testAaaStatisticsForAcceptedPackets() throws Exception {
    // (1) Supplicant start up
    Ethernet startPacket = constructSupplicantStartPacket();
    sendPacket(startPacket);
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        Ethernet responsePacket = (Ethernet) fetchPacket(0);
        checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
        // (2) Supplicant identify
        Ethernet identifyPacket = null;
        try {
            identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
            sendPacket(identifyPacket);
        } catch (Exception e) {
            log.error(e.getMessage());
            fail();
        }
    });
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        try {
            RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
            checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
            assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
            assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()), is("testuser"));
            IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET, radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
            assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
            // State machine should have been created by now
            StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
            assertThat(stateMachine, notNullValue());
            assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
            // (3) RADIUS MD5 challenge
            RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_MD5, radiusIdentifyPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
            aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
        } catch (Exception e) {
            log.error(e.getMessage());
            fail();
        }
    });
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
        Ethernet radiusChallengeMD5Packet = (Ethernet) fetchPacket(2);
        checkRadiusPacket(aaaManager, radiusChallengeMD5Packet, EAP.ATTR_MD5);
        // (4) Supplicant MD5 response
        Ethernet md5RadiusPacket = null;
        try {
            md5RadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_MD5, stateMachine.challengeIdentifier(), radiusChallengeMD5Packet);
        } catch (Exception e) {
            log.error(e.getMessage());
            fail();
        }
        sendPacket(md5RadiusPacket);
    });
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
        RADIUS responseMd5RadiusPacket = (RADIUS) fetchPacket(3);
        try {
            checkRadiusPacketFromSupplicant(responseMd5RadiusPacket);
        } catch (DeserializationException e) {
            log.error(e.getMessage());
            fail();
        }
        // assertThat(responseMd5RadiusPacket.getIdentifier(), is((byte) 9));
        assertThat(responseMd5RadiusPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
        // State machine should be in pending state
        assertThat(stateMachine, notNullValue());
        assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
        // (5) RADIUS Success
        RADIUS successPacket = constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_ACCEPT, EAP.SUCCESS, responseMd5RadiusPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
        aaaManager.handleRadiusPacket((successPacket));
    });
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
        Ethernet supplicantSuccessPacket = (Ethernet) fetchPacket(4);
        checkRadiusPacket(aaaManager, supplicantSuccessPacket, EAP.SUCCESS);
        // State machine should be in authorized state
        assertThat(stateMachine, notNullValue());
        assertThat(stateMachine.state(), is(StateMachine.STATE_AUTHORIZED));
        // Check for increase of Stats
        assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolAuthSuccessTx(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqRx(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolTransRespNotNak(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolChallengeReqTx(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolValidFramesRx(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolFramesTx(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolReqFramesTx(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolIdRequestFramesTx(), ZERO);
        assertEquals(aaaStatisticsManager.getAaaStats().getInvalidBodyLength(), ZERO);
        assertEquals(aaaStatisticsManager.getAaaStats().getInvalidPktType(), ZERO);
        assertEquals(aaaStatisticsManager.getAaaStats().getEapolPendingReq(), ZERO);
        // Counts the aaa Statistics count and displays in the log
        countAaaStatistics();
    });
}
Also used : RADIUS(org.onlab.packet.RADIUS) Ethernet(org.onlab.packet.Ethernet) IpAddress(org.onlab.packet.IpAddress) DeserializationException(org.onlab.packet.DeserializationException) UnknownHostException(java.net.UnknownHostException) DeserializationException(org.onlab.packet.DeserializationException) Test(org.junit.Test)

Example 2 with RADIUS

use of org.onlab.packet.RADIUS in project aaa by opencord.

the class AaaStatisticsTest method testAaaStatisticsForTimeoutPackets.

/**
 * Tests the authentication path through the AAA application.
 *  And counts the aaa Stats for timeout.
 *   @throws DeserializationException
 *  if packed deserialization fails.
 */
@Test
public void testAaaStatisticsForTimeoutPackets() throws Exception {
    // (1) Supplicant start up
    Ethernet startPacket = constructSupplicantStartPacket();
    sendPacket(startPacket);
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        Ethernet responsePacket = (Ethernet) fetchPacket(0);
        checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
        // (2) Supplicant identify
        Ethernet identifyPacket = null;
        try {
            identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
        } catch (Exception e) {
            log.error(e.getMessage());
            fail();
        }
        sendPacket(identifyPacket);
    });
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
        try {
            checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
            assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
            assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()), is("testuser"));
            IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET, radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
            assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
            // State machine should have been created by now
            StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
            assertThat(stateMachine, notNullValue());
            assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
            Thread.sleep((aaaManager.cleanupTimerTimeOutInMins / 2) + 1);
            // State machine should be in timeout state
            assertThat(stateMachine, notNullValue());
            assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
            // Check for increase in stats
            assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolResIdentityMsgTrans(), ZERO);
            assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolStartReqRx(), ZERO);
            countAaaStatistics();
        } catch (Exception e) {
            log.error(e.getMessage());
            fail();
        }
    });
}
Also used : RADIUS(org.onlab.packet.RADIUS) Ethernet(org.onlab.packet.Ethernet) IpAddress(org.onlab.packet.IpAddress) DeserializationException(org.onlab.packet.DeserializationException) UnknownHostException(java.net.UnknownHostException) Test(org.junit.Test)

Example 3 with RADIUS

use of org.onlab.packet.RADIUS in project aaa by opencord.

the class AaaStatisticsTest method testStatisticsForInvalidPackets.

/**
 * Tests invalid packets reaching AAA.
 *  And counts the aaa Stats for successful transmission.
 *   @throws DeserializationException
 *  if packed deserialization fails.
 */
@Test
public void testStatisticsForInvalidPackets() throws Exception {
    // Test Authenticator State Machine Status. Should be Pending
    // (1) Supplicant start up
    Ethernet startPacket = constructSupplicantStartPacket();
    sendPacket(startPacket);
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        Ethernet responsePacket = (Ethernet) fetchPacket(0);
        checkRadiusPacket(aaaManager, responsePacket, EAP.ATTR_IDENTITY);
    });
    // (2) Supplicant identify
    Ethernet identifyPacket = constructSupplicantIdentifyPacket(null, EAP.ATTR_IDENTITY, (byte) 1, null);
    sendPacket(identifyPacket);
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        RADIUS radiusIdentifyPacket = (RADIUS) fetchPacket(1);
        try {
            checkRadiusPacketFromSupplicant(radiusIdentifyPacket);
        } catch (DeserializationException e) {
            log.error(e.getMessage());
            fail();
        }
        assertThat(radiusIdentifyPacket.getCode(), is(RADIUS.RADIUS_CODE_ACCESS_REQUEST));
        assertThat(new String(radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME).getValue()), is("testuser"));
        IpAddress nasIp = IpAddress.valueOf(IpAddress.Version.INET, radiusIdentifyPacket.getAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP).getValue());
        assertThat(nasIp.toString(), is(aaaManager.nasIpAddress.getHostAddress()));
        // State machine should have been created by now
        StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
        assertThat(stateMachine, notNullValue());
        assertThat(stateMachine.state(), is(StateMachine.STATE_PENDING));
        // (3) RADIUS NAK challenge
        RADIUS radiusCodeAccessChallengePacket = constructRadiusCodeAccessChallengePacket(RADIUS.RADIUS_CODE_ACCESS_CHALLENGE, EAP.ATTR_NAK, radiusIdentifyPacket.getIdentifier(), aaaManager.radiusSecret.getBytes());
        aaaManager.handleRadiusPacket(radiusCodeAccessChallengePacket);
    });
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        Ethernet radiusChallengeNakPacket = (Ethernet) fetchPacket(2);
        checkRadiusPacket(aaaManager, radiusChallengeNakPacket, EAP.ATTR_NAK);
        // (4) Supplicant NAK response
        StateMachine stateMachine = aaaManager.getStateMachine(SESSION_ID);
        assertThat(stateMachine, notNullValue());
        Ethernet nakRadiusPacket = null;
        try {
            nakRadiusPacket = constructSupplicantIdentifyPacket(stateMachine, EAP.ATTR_NAK, stateMachine.challengeIdentifier(), radiusChallengeNakPacket);
        } catch (Exception e) {
            log.error(e.getMessage());
            fail();
        }
        sendPacket(nakRadiusPacket);
    });
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        // Statistic Should be increased.
        assertNotEquals(aaaStatisticsManager.getAaaStats().getEapolPendingReq(), ZERO);
        // Test if packet with invalid eapol type recieved.
        // Supplicant ASF Packet
        Ethernet invalidPacket = constructSupplicantAsfPacket();
        sendPacket(invalidPacket);
    });
    // Statistic Should be increased.
    assertAfter(ASSERTION_DELAY, ASSERTION_LENGTH, () -> {
        assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidPktType(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getRadiusAccessRequestsTx(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getRadiusChallengeResponsesRx(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getDroppedResponsesRx(), ZERO);
        assertNotEquals(aaaStatisticsManager.getAaaStats().getInvalidValidatorsRx(), ZERO);
        // Counts the aaa Statistics count and displays in the log
        countAaaStatistics();
    });
}
Also used : RADIUS(org.onlab.packet.RADIUS) Ethernet(org.onlab.packet.Ethernet) IpAddress(org.onlab.packet.IpAddress) DeserializationException(org.onlab.packet.DeserializationException) DeserializationException(org.onlab.packet.DeserializationException) UnknownHostException(java.net.UnknownHostException) Test(org.junit.Test)

Example 4 with RADIUS

use of org.onlab.packet.RADIUS in project aaa by opencord.

the class PortBasedRadiusCommunicator method handleIPv4PacketFromServer.

/**
 * Handles IP packets from RADIUS server.
 *
 * @param context Context for the packet
 */
private void handleIPv4PacketFromServer(PacketContext context) {
    // Extract the original Ethernet frame from the packet information
    InboundPacket pkt = context.inPacket();
    Ethernet ethPkt = pkt.parsed();
    if (ethPkt == null) {
        return;
    }
    IPv4 ipv4Packet = (IPv4) ethPkt.getPayload();
    if (ipv4Packet.getProtocol() == IPv4.PROTOCOL_UDP) {
        UDP udpPacket = (UDP) ipv4Packet.getPayload();
        if (udpPacket.getSourcePort() == radiusServerPort) {
            // This packet is RADIUS packet from the server.
            RADIUS radiusMsg;
            try {
                radiusMsg = RADIUS.deserializer().deserialize(udpPacket.serialize(), 8, udpPacket.getLength() - 8);
                aaaManager.aaaStatisticsManager.handleRoundtripTime(radiusMsg.getIdentifier());
                aaaManager.handleRadiusPacket(radiusMsg);
            } catch (DeserializationException dex) {
                log.error("Cannot deserialize packet", dex);
            }
        }
    }
}
Also used : UDP(org.onlab.packet.UDP) RADIUS(org.onlab.packet.RADIUS) InboundPacket(org.onosproject.net.packet.InboundPacket) Ethernet(org.onlab.packet.Ethernet) IPv4(org.onlab.packet.IPv4) DeserializationException(org.onlab.packet.DeserializationException)

Example 5 with RADIUS

use of org.onlab.packet.RADIUS in project aaa by opencord.

the class RadiusOperationalStatusManager method checkServerStatusUsingFakeAccessRequest.

public void checkServerStatusUsingFakeAccessRequest() throws InterruptedException {
    RADIUS radiusDummyAccessRequest;
    // identifier = 1 for fake accessRequest
    radiusDummyAccessRequest = new RADIUS(RADIUS.RADIUS_CODE_ACCESS_REQUEST, AAA_REQUEST_ID_FAKE_ACCESS_REQUEST);
    radiusDummyAccessRequest.setIdentifier(AAA_REQUEST_ID_FAKE_ACCESS_REQUEST);
    radiusDummyAccessRequest.setAttribute(RADIUSAttribute.RADIUS_ATTR_USERNAME, DUMMY_USER.getBytes());
    radiusDummyAccessRequest.setAttribute(RADIUSAttribute.RADIUS_ATTR_NAS_IP, address);
    radiusDummyAccessRequest.addMessageAuthenticator(secret);
    setOutTimeInMillis(radiusDummyAccessRequest.getIdentifier());
    impl.sendRadiusPacket(radiusDummyAccessRequest, null);
    synchronized (fakeAccessRequestPacketRecieved) {
        fakeAccessRequestPacketRecieved.wait(operationalStatusServerTimeoutInMillis);
    }
}
Also used : RADIUS(org.onlab.packet.RADIUS)

Aggregations

RADIUS (org.onlab.packet.RADIUS)12 DeserializationException (org.onlab.packet.DeserializationException)9 Ethernet (org.onlab.packet.Ethernet)8 UnknownHostException (java.net.UnknownHostException)7 Test (org.junit.Test)7 IpAddress (org.onlab.packet.IpAddress)5 InboundPacket (org.onosproject.net.packet.InboundPacket)2 ByteBuffer (java.nio.ByteBuffer)1 AtomicReference (java.util.concurrent.atomic.AtomicReference)1 EAP (org.onlab.packet.EAP)1 IPv4 (org.onlab.packet.IPv4)1 UDP (org.onlab.packet.UDP)1 DefaultInboundPacket (org.onosproject.net.packet.DefaultInboundPacket)1 PacketContext (org.onosproject.net.packet.PacketContext)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial