Esempio n. 1
0
    def StreamChannel(self):
        global dev_id

        # Prepare an authentication request.
        login = auth_pb2.Auth()
        login.user_name = "admin"
        login.passwd = "admin"
        self.streamChannelRequest.other.Pack(login)

        def request():
            while True:
                if self.sendRequest:
                    self.sendRequest = False
                    yield self.streamChannelRequest
                else:
                    yield p4runtime_pb2.StreamMessageRequest()

        return self.stub.StreamChannel(request())
    def process_streamChannel(self, request_iterator, context):
        peer_key = context.peer()
        userAuthenticated = False
        login = False

        while True:

            try:
                req = next(request_iterator)
            except grpc.RpcError as e:  # End of connection
                if login is not False:
                    ConnectionArray.remove(peer_key)
                return

            if userAuthenticated:
                packet_in = ConnectionArray.getPacketInFromBuffer(
                    login.user_name)
                if packet_in is not False:
                    print "Packet-in: server => controller %.9f" % time.time()
                    yield packet_in.packetInResponse

            # Authentication message.
            if req.HasField(
                    "other"
            ) and req.other.type_url == "type.googleapis.com/Auth":
                ServerConfig.print_debug(
                    "Received authentication message from {}({}):".format(
                        context.peer(),
                        ConnectionArray.getUsername(context.peer())))
                ServerConfig.print_debug(req)

                # Add the connection to the pool.
                login = auth_pb2.Auth.FromString(req.other.value)
                ConnectionArray.add(peer_key, login.user_name)
                username = ConnectionArray.getUsername(context.peer())

                # Authenticate the current connection if it isn't authenticated yet.
                # Keep in mind that an user with the CONNECTED state is not authenticated.
                if ConnectionArray.isConnected(context.peer()) is True:
                    if Auth.authenticate(login.user_name,
                                         login.passwd) is True:
                        userAuthenticated = True
                        ConnectionArray.authenticate(context.peer())
                    else:
                        context.set_code(grpc.StatusCode.PERMISSION_DENIED)
                        context.set_details("Invalid username or password")
                        yield p4runtime_pb2.StreamMessageResponse()

                # TODO: send authentication success message for testing purposes.
                succ = auth_pb2.Auth()
                succ.user_name = "Auth success"
                succ.passwd = ""
                resp = p4runtime_pb2.StreamMessageResponse()
                resp.other.Pack(succ)
                yield resp

            # Arbitration update.
            elif req.HasField("arbitration"):
                ServerConfig.print_debug(
                    "Received master arbitration message from peer '{}' ({}):".
                    format(context.peer(),
                           ConnectionArray.getUsername(context.peer())))
                ServerConfig.print_debug(req)
                yield RPC_mgmt.MasterArbitration(self, req, context)

            # Packet-out message.
            elif req.HasField("packet"):
                print req
                packet = req.packet
                print "Packet-out: controller => server %.9f" % time.time()
                ServerConfig.print_debug(
                    "Packet-out arrived from the controller, for switch {} input port {}"
                    .format(packet.metadata[0].metadata_id,
                            hexlify(packet.metadata[0].value)))
                # print "Payload: {}".format(hexlify(packet.payload)) # we need to be quick
                RPC_mgmt.ProcessPacketOut(packet)
Esempio n. 3
0
    def process_streamChannel(self, request_iterator, context):
        peer_key = context.peer()
        userAuthenticated = False
        login = False

        while True:
            try:
                req = next(request_iterator)
            except grpc.RpcError as e:  # End of connection
                if login is not False:
                    ConnectionArray.remove(peer_key)
                return

            if userAuthenticated:
                packet_in = ConnectionArray.getPacketInFromBuffer(
                    login.user_name)
                if packet_in is not False:
                    # -------- Begin Info Flow Control -------- #
                    print "EXPT: vIFC Start %.9f" % time.time()
                    ifc_result = VerifyEvent.verify_event_packet_in(
                        packet_in.packetInResponse.packet, context)
                    print "EXPT: vIFC Finish %.9f" % time.time()

                    if ifc_result[0] == VIFC_RESPONSE_BLOCK:
                        print "IFC Blocked Flow"
                        context.set_code(grpc.StatusCode.CANCELLED)
                        context.set_details(
                            "Attempted CAP Attack block by vIFC")
                        ServerLog.print_log(
                            "IFC Blocked flow of Packet-in (%d) was being sent to (%s): %.9f"
                            % (packet_in.packet_id, login.user_name,
                               time.time()))
                    else:
                        if ifc_result[0] == VIFC_RESPONSE_WARN:
                            print "IFC Warned Flow: {}".format(ifc_result[1])
                            ServerLog.print_log(
                                "IFC Warned flow of Packet-in (%d) sent to (%s): %.9f"
                                % (packet_in.packet_id, login.user_name,
                                   time.time()))

                        print "EXPT: Packet-in (%d): server => controller: %.9f" % (
                            packet_in.packet_id, time.time())
                        print packet_in.packetInResponse
                        yield packet_in.packetInResponse
                        ServerLog.print_log(
                            "Packet-in (%d) sent to (%s): %.9f" %
                            (packet_in.packet_id, login.user_name,
                             time.time()))
                    # --------- End Info Flow Control --------- #

            # Authentication message.
            if req.HasField(
                    "other"
            ) and req.other.type_url == "type.googleapis.com/Auth":
                ServerConfig.print_debug(
                    "Received authentication message from {}({}):".format(
                        context.peer(),
                        ConnectionArray.getUsername(context.peer())))
                ServerConfig.print_debug(req)

                # Add the connection to the pool.
                login = auth_pb2.Auth.FromString(req.other.value)
                ConnectionArray.add(peer_key, login.user_name)
                username = ConnectionArray.getUsername(context.peer())

                # Authenticate the current connection if it isn't authenticated yet.
                # Keep in mind that an user with the CONNECTED state is not authenticated.
                if ConnectionArray.isConnected(context.peer()) is True:
                    if Auth.authenticate(login.user_name,
                                         login.passwd) is True:
                        userAuthenticated = True
                        ConnectionArray.authenticate(context.peer())
                    else:
                        context.set_code(grpc.StatusCode.PERMISSION_DENIED)
                        context.set_details("Invalid username or password")
                        yield p4runtime_pb2.StreamMessageResponse()

                succ = auth_pb2.Auth()
                succ.user_name = "Auth success"
                succ.passwd = ""
                resp = p4runtime_pb2.StreamMessageResponse()
                resp.other.Pack(succ)
                yield resp

            # Arbitration update.
            elif req.HasField("arbitration"):
                ServerConfig.print_debug(
                    "Received master arbitration message from peer '{}' ({}):".
                    format(context.peer(),
                           ConnectionArray.getUsername(context.peer())))
                ServerConfig.print_debug(req)
                yield RPC_mgmt.MasterArbitration(self, req, context)

            # Packet-out message.
            elif req.HasField("packet"):
                packet = req.packet
                print "EXPT: Packet-out: controller => server %.9f" % time.time(
                )

                ServerConfig.print_debug(
                    "Packet-out arrived from the controller, for switch {} input port {}"
                    .format(packet.metadata[0].metadata_id,
                            hexlify(packet.metadata[0].value)))

                # -------- Begin Info Flow Control -------- #
                print "EXPT: vIFC Start %.9f" % time.time()
                ifc_result = VerifyEvent.verify_event_packet_out(
                    packet, context)
                print "EXPT: vIFC Finish %.9f" % time.time()
                if ifc_result[0] == VIFC_RESPONSE_BLOCK:
                    print "IFC Blocked Flow"
                elif ifc_result[0] == VIFC_RESPONSE_WARN:
                    print "IFC Warned Flow: {}".format(ifc_result[1])
                # --------- End Info Flow Control --------- #

                # print "Payload: {}".format(hexlify(packet.payload)) # we need to be quick
                RPC_mgmt.ProcessPacketOut(packet)
                print "EXPT: Packet-out: server => interface %.9f" % time.time(
                )
                ServerLog.print_log(
                    "Packet-out from (%s) to switch (%d): %.9f" %
                    (login.user_name, int(
                        packet.metadata[0].metadata_id), time.time()))