def test_vstart_expired_server_cert(request, instance): """ Test error when volttron is started with expired server cert when RMQ server is already running :param request: pytest request object :parma instance: volttron instance for testing """ # replace certs crts = instance.certsobj try: # overwrite certificates with quick expiry certs (root_ca, server_cert_name, admin_cert_name) = \ Certs.get_admin_cert_names(instance.instance_name) crts.create_ca_signed_cert(server_cert_name, type='server', fqdn=fqdn, valid_days=0.0001) gevent.sleep(9) try: instance.startup_platform(vip_address=get_rand_vip(), timeout=10) except Exception as e: assert e.message.startswith("Platform startup failed. Please check volttron.log") assert not (instance.is_running()) # Rabbitmq log would show # "TLS server: In state certify received CLIENT ALERT: Fatal - # Certificate Expired" except Exception as e: pytest.fail("Test failed with exception: {}".format(e))
def test_vstart_expired_admin_cert(request, instance): """ Test error when volttron is started with expired admin cert when RMQ server is already running :param request: pytest request object :param instance: volttron instance for testing """ # replace certs crts = instance.certsobj try: # overwrite certificates with quick expiry certs (root_ca, server_cert_name, admin_cert_name) = Certs.get_admin_cert_names(instance.instance_name) crts.create_ca_signed_cert(admin_cert_name, type='client', fqdn=fqdn, valid_days=0.0001) gevent.sleep(20) instance.startup_platform(vip_address=get_rand_vip()) gevent.sleep(5) assert instance.is_running() # MGMT PLUGIN DOES NOT COMPLAIN ABOUT EXPIRED ADMIN CERT?? May be because we send the password too ? cmd = ['volttron-ctl', 'rabbitmq', 'list-users'] process = subprocess.Popen(cmd, env=instance.env, stdout=subprocess.PIPE, stderr=subprocess.PIPE) except Exception as e: pytest.fail("Test failed with exception: {}".format(e))
def test_vctl_shutdown_on_rmq_stop(request): """ Test for fix issue# 1886 :param volttron_instance_rmq: :return: """ address = get_rand_vip() volttron_instance = build_wrapper(address, messagebus='rmq', ssl_auth=True) agent_uuid = volttron_instance.install_agent( agent_dir=get_examples("ListenerAgent"), start=True) assert agent_uuid is not None agent_pid = volttron_instance.agent_pid(agent_uuid) assert agent_pid is not None and agent_pid > 0 # Stop RabbitMQ server rmq_cfg = RMQConfig() stop_rabbit(rmq_home=rmq_cfg.rmq_home, env=volttron_instance.env) gevent.sleep(5) # Shtudown platform cmd = ['volttron-ctl', 'shutdown', '--platform'] execute_command(cmd, env=volttron_instance.env) gevent.sleep(2) # Check that installed agent and platform is not running assert not psutil.pid_exists(agent_pid) assert volttron_instance.is_running() == False
def get_n_volttron_instances(n, should_start=True, address_file=True): get_n_volttron_instances.count = n instances = [] vip_addresses = [] web_addresses = [] instances = [] addr_config = dict() names = [] for i in range(0, n): address = get_rand_vip() web_address = "http://{}".format(get_rand_ip_and_port()) vip_addresses.append(address) web_addresses.append(web_address) nm = 'platform{}'.format(i + 1) names.append(nm) for i in range(0, n): address = vip_addresses[i] web_address = web_addresses[i] wrapper = PlatformWrapper() addr_file = os.path.join(wrapper.volttron_home, 'external_address.json') if address_file: with open(addr_file, 'w') as f: json.dump(web_addresses, f) gevent.sleep(.1) wrapper.startup_platform(address, bind_web_address=web_address, instance_name=names[i], setupmode=True) wrapper.skip_cleanup = True instances.append(wrapper) gevent.sleep(11) for i in range(0, n): instances[i].shutdown_platform() gevent.sleep(1) # del instances[:] for i in range(0, n): address = vip_addresses.pop(0) web_address = web_addresses.pop(0) print address, web_address instances[i].startup_platform(address, bind_web_address=web_address, instance_name=names[i]) instances[i].allow_all_connections() gevent.sleep(11) instances = instances if n > 1 else instances[0] get_n_volttron_instances.instances = instances return instances
def build_n_volttron_instances(n, bad_config=False, add_my_address=True): build_n_volttron_instances.count = n instances = [] vip_addresses = [] instances = [] addr_config = dict() names = [] for i in range(0, n): address = get_rand_vip() vip_addresses.append(address) nm = 'platform{}'.format(i + 1) names.append(nm) for i in range(0, n): address = vip_addresses[i] wrapper = PlatformWrapper() wrapper.startup_platform(address, instance_name=names[i]) wrapper.skip_cleanup = True instances.append(wrapper) gevent.sleep(1) for i in range(0, n): instances[i].shutdown_platform() for i in range(0, n): addr_config.clear() for j in range(0, n): if j != i or (j == i and add_my_address): name = names[j] addr_config[name] = dict() addr_config[name]['instance-name'] = names[j] if bad_config: addr_config[name]['vip-address123'] = vip_addresses[j] else: addr_config[name]['vip-address'] = vip_addresses[j] addr_config[name]['serverkey'] = instances[j].serverkey address_file = os.path.join(instances[i].volttron_home, 'external_platform_discovery.json') if address_file: with open(address_file, 'w') as f: json.dump(addr_config, f) gevent.sleep(1) for i in range(0, n): address = vip_addresses.pop(0) instances[i].startup_platform(address, instance_name=names[i]) instances[i].allow_all_connections() gevent.sleep(11) instances = instances if n > 1 else instances[0] build_n_volttron_instances.instances = instances return instances
def test_expired_ca_cert_after_vstart(request, instance): """ Test error when CA cert expires after volttron has started. Once CA cert expires, can't install agent or can't get agent status. CA certificate needs to be recreated and client certs have to :param request: pytest request object :param instance: instance of volttron using rmq and ssl """ crts = instance.certsobj try: (root_ca, server_cert_name, admin_cert_name) = \ Certs.get_admin_cert_names(instance.instance_name) data = {'C': 'US', 'ST': 'Washington', 'L': 'Richland', 'O': 'pnnl', 'OU': 'volttron', 'CN': instance.instance_name + "_root_ca"} crts.create_root_ca(valid_days=0.0005, **data) print("current time after root ca:{}".format(datetime.datetime.utcnow())) copy(crts.cert_file(crts.root_ca_name), crts.cert_file(crts.trusted_ca_name)) crts.create_signed_cert_files(server_cert_name, cert_type='server', fqdn=fqdn) crts.create_signed_cert_files(admin_cert_name, cert_type='client') instance.startup_platform(vip_address=get_rand_vip()) print("current time after platform start:{}".format(datetime.datetime.utcnow())) gevent.sleep(30) # wait for CA to expire # Can't install new agent with pytest.raises(RuntimeError) as exec_info: agent = instance.install_agent( agent_dir=get_examples("ListenerAgent"), vip_identity="listener2", start=True) assert exec_info.type is RuntimeError except Exception as e: pytest.fail("Test failed with exception: {}".format(e)) finally: # can't do clean shutdown with expired ca. terminate process # and clean up manually instance.p_process.terminate() stop_rabbit(rmq_home=instance.rabbitmq_config_obj.rmq_home, env=instance.env, quite=True) if not instance.skip_cleanup: shutil.rmtree(instance.volttron_home)
def test_expired_server_cert_after_vstart(request, instance): """ Test error when server cert expires after volttron has started :param request: pytest request object :param instance: instance of volttron using rmq and ssl """ crts = instance.certsobj try: (root_ca, server_cert_name, admin_cert_name) = \ Certs.get_admin_cert_names(instance.instance_name) crts.create_signed_cert_files(server_cert_name, cert_type='server', fqdn=fqdn, valid_days=0.0004) # 34.5 seconds print("current time:{}".format(datetime.datetime.utcnow())) instance.startup_platform(vip_address=get_rand_vip()) print("current time:{}".format(datetime.datetime.utcnow())) agent = instance.install_agent( agent_dir=get_examples("ListenerAgent"), vip_identity="listener1", start=True) gevent.sleep(20) print("Attempting agent install after server certificate expiry") with pytest.raises(RuntimeError) as exec_info: agent = instance.install_agent( agent_dir=get_examples("ListenerAgent"), vip_identity="listener2", start=True) pytest.fail("Agent install should fail") assert exec_info.type is RuntimeError # Restore server cert and restart rmq ssl, wait for 30 seconds for volttron to reconnect crts.create_signed_cert_files(server_cert_name, cert_type='server', fqdn=fqdn) restart_ssl(rmq_home=instance.rabbitmq_config_obj.rmq_home, env=instance.env) gevent.sleep(15) # test setup sets the volttron reconnect wait to 5 seconds # status of first agent would still be fine and it would # continue to publish hearbeat. assert instance.is_agent_running(agent) instance.remove_agent(agent) except Exception as e: pytest.fail("Test failed with exception: {}".format(e))
def test_vstart_expired_ca_cert(request, instance): """ Test error when volttron is started with expired CA cert when rabbitmq server is already running :param request: pytest request object :parma instance: volttron instance for testing """ crts = instance.certsobj try: # overwrite certificates with quick expiry certs (root_ca, server_cert_name, admin_cert_name) = \ Certs.get_admin_cert_names(instance.instance_name) data = {'C': 'US', 'ST': 'Washington', 'L': 'Richland', 'O': 'pnnl', 'OU': 'volttron', 'CN': instance.instance_name+"_root_ca"} crts.create_root_ca(valid_days=0.0001, **data) copy(crts.cert_file(crts.root_ca_name), crts.cert_file(crts.trusted_ca_name)) crts.create_ca_signed_cert(server_cert_name, type='server', fqdn=fqdn) crts.create_ca_signed_cert(admin_cert_name, type='client') gevent.sleep(9) print("Attempting to start volttron after cert expiry") try: # it fails fast. send a timeout instead of waiting for default timeout instance.startup_platform(vip_address=get_rand_vip(), timeout=10) pytest.fail("platform should not start") except Exception as e: assert e.message.startswith("Platform startup failed. Please check volttron.log") assert not (instance.is_running()) # Rabbitmq log would show Fatal certificate expired except Exception as e: pytest.fail("Test failed with exception: {}".format(e))
def test_vstart_without_rmq_init(request, instance): """ Test error where volttron is started with message bus as rmq but without any certs :param request: pytest request object :parma instance: volttron instance for testing """ try: assert instance.instance_name == os.path.basename(instance.volttron_home), \ "instance name doesn't match volttron_home basename" os.rename( os.path.join(instance.volttron_home, "certificates"), os.path.join(instance.volttron_home, "certs_backup") ) try: instance.startup_platform(vip_address=get_rand_vip()) pytest.fail("Instance should not start without certs, but it does!") except Exception as e: assert e.message.startswith("Platform startup failed. Please check volttron.log") assert not (instance.is_running()) except Exception as e: pytest.fail("Test failed with exception: {}".format(e))