def StreamChannel(self):
global dev_id
# Prepare an authentication request.
login = auth_pb2.Auth()
login.user_name = "admin"
login.passwd = "admin"
self.streamChannelRequest.other.Pack(login)
def request():
while True:
if self.sendRequest:
self.sendRequest = False
yield self.streamChannelRequest
else:
yield p4runtime_pb2.StreamMessageRequest()
return self.stub.StreamChannel(request())
def process_streamChannel(self, request_iterator, context):
peer_key = context.peer()
userAuthenticated = False
login = False
while True:
try:
req = next(request_iterator)
except grpc.RpcError as e: # End of connection
if login is not False:
ConnectionArray.remove(peer_key)
return
if userAuthenticated:
packet_in = ConnectionArray.getPacketInFromBuffer(
login.user_name)
if packet_in is not False:
print "Packet-in: server => controller %.9f" % time.time()
yield packet_in.packetInResponse
# Authentication message.
if req.HasField(
"other"
) and req.other.type_url == "type.googleapis.com/Auth":
ServerConfig.print_debug(
"Received authentication message from {}({}):".format(
context.peer(),
ConnectionArray.getUsername(context.peer())))
ServerConfig.print_debug(req)
# Add the connection to the pool.
login = auth_pb2.Auth.FromString(req.other.value)
ConnectionArray.add(peer_key, login.user_name)
username = ConnectionArray.getUsername(context.peer())
# Authenticate the current connection if it isn't authenticated yet.
# Keep in mind that an user with the CONNECTED state is not authenticated.
if ConnectionArray.isConnected(context.peer()) is True:
if Auth.authenticate(login.user_name,
login.passwd) is True:
userAuthenticated = True
ConnectionArray.authenticate(context.peer())
else:
context.set_code(grpc.StatusCode.PERMISSION_DENIED)
context.set_details("Invalid username or password")
yield p4runtime_pb2.StreamMessageResponse()
# TODO: send authentication success message for testing purposes.
succ = auth_pb2.Auth()
succ.user_name = "Auth success"
succ.passwd = ""
resp = p4runtime_pb2.StreamMessageResponse()
resp.other.Pack(succ)
yield resp
# Arbitration update.
elif req.HasField("arbitration"):
ServerConfig.print_debug(
"Received master arbitration message from peer '{}' ({}):".
format(context.peer(),
ConnectionArray.getUsername(context.peer())))
ServerConfig.print_debug(req)
yield RPC_mgmt.MasterArbitration(self, req, context)
# Packet-out message.
elif req.HasField("packet"):
print req
packet = req.packet
print "Packet-out: controller => server %.9f" % time.time()
ServerConfig.print_debug(
"Packet-out arrived from the controller, for switch {} input port {}"
.format(packet.metadata[0].metadata_id,
hexlify(packet.metadata[0].value)))
# print "Payload: {}".format(hexlify(packet.payload)) # we need to be quick
RPC_mgmt.ProcessPacketOut(packet)
def process_streamChannel(self, request_iterator, context):
peer_key = context.peer()
userAuthenticated = False
login = False
while True:
try:
req = next(request_iterator)
except grpc.RpcError as e: # End of connection
if login is not False:
ConnectionArray.remove(peer_key)
return
if userAuthenticated:
packet_in = ConnectionArray.getPacketInFromBuffer(
login.user_name)
if packet_in is not False:
# -------- Begin Info Flow Control -------- #
print "EXPT: vIFC Start %.9f" % time.time()
ifc_result = VerifyEvent.verify_event_packet_in(
packet_in.packetInResponse.packet, context)
print "EXPT: vIFC Finish %.9f" % time.time()
if ifc_result[0] == VIFC_RESPONSE_BLOCK:
print "IFC Blocked Flow"
context.set_code(grpc.StatusCode.CANCELLED)
context.set_details(
"Attempted CAP Attack block by vIFC")
ServerLog.print_log(
"IFC Blocked flow of Packet-in (%d) was being sent to (%s): %.9f"
% (packet_in.packet_id, login.user_name,
time.time()))
else:
if ifc_result[0] == VIFC_RESPONSE_WARN:
print "IFC Warned Flow: {}".format(ifc_result[1])
ServerLog.print_log(
"IFC Warned flow of Packet-in (%d) sent to (%s): %.9f"
% (packet_in.packet_id, login.user_name,
time.time()))
print "EXPT: Packet-in (%d): server => controller: %.9f" % (
packet_in.packet_id, time.time())
print packet_in.packetInResponse
yield packet_in.packetInResponse
ServerLog.print_log(
"Packet-in (%d) sent to (%s): %.9f" %
(packet_in.packet_id, login.user_name,
time.time()))
# --------- End Info Flow Control --------- #
# Authentication message.
if req.HasField(
"other"
) and req.other.type_url == "type.googleapis.com/Auth":
ServerConfig.print_debug(
"Received authentication message from {}({}):".format(
context.peer(),
ConnectionArray.getUsername(context.peer())))
ServerConfig.print_debug(req)
# Add the connection to the pool.
login = auth_pb2.Auth.FromString(req.other.value)
ConnectionArray.add(peer_key, login.user_name)
username = ConnectionArray.getUsername(context.peer())
# Authenticate the current connection if it isn't authenticated yet.
# Keep in mind that an user with the CONNECTED state is not authenticated.
if ConnectionArray.isConnected(context.peer()) is True:
if Auth.authenticate(login.user_name,
login.passwd) is True:
userAuthenticated = True
ConnectionArray.authenticate(context.peer())
else:
context.set_code(grpc.StatusCode.PERMISSION_DENIED)
context.set_details("Invalid username or password")
yield p4runtime_pb2.StreamMessageResponse()
succ = auth_pb2.Auth()
succ.user_name = "Auth success"
succ.passwd = ""
resp = p4runtime_pb2.StreamMessageResponse()
resp.other.Pack(succ)
yield resp
# Arbitration update.
elif req.HasField("arbitration"):
ServerConfig.print_debug(
"Received master arbitration message from peer '{}' ({}):".
format(context.peer(),
ConnectionArray.getUsername(context.peer())))
ServerConfig.print_debug(req)
yield RPC_mgmt.MasterArbitration(self, req, context)
# Packet-out message.
elif req.HasField("packet"):
packet = req.packet
print "EXPT: Packet-out: controller => server %.9f" % time.time(
)
ServerConfig.print_debug(
"Packet-out arrived from the controller, for switch {} input port {}"
.format(packet.metadata[0].metadata_id,
hexlify(packet.metadata[0].value)))
# -------- Begin Info Flow Control -------- #
print "EXPT: vIFC Start %.9f" % time.time()
ifc_result = VerifyEvent.verify_event_packet_out(
packet, context)
print "EXPT: vIFC Finish %.9f" % time.time()
if ifc_result[0] == VIFC_RESPONSE_BLOCK:
print "IFC Blocked Flow"
elif ifc_result[0] == VIFC_RESPONSE_WARN:
print "IFC Warned Flow: {}".format(ifc_result[1])
# --------- End Info Flow Control --------- #
# print "Payload: {}".format(hexlify(packet.payload)) # we need to be quick
RPC_mgmt.ProcessPacketOut(packet)
print "EXPT: Packet-out: server => interface %.9f" % time.time(
)
ServerLog.print_log(
"Packet-out from (%s) to switch (%d): %.9f" %
(login.user_name, int(
packet.metadata[0].metadata_id), time.time()))