class IrisConfigStore: def __init__(self): self.objects = ConfigStore.objects self.templates = ConfigStore.templates self.specs = ConfigStore.specs # Custom Database for easy access. self.trunks = ObjectDatabase() self.tunnels = ObjectDatabase() return def SetTunnels(self, objs): return self.tunnels.SetAll(objs) def GetTunnelsVxlan(self): vxlan_tunnels = [] for tun in self.tunnels.GetAllInList(): if tun.IsVxlan(): vxlan_tunnels.append(tun) return vxlan_tunnels def GetTrunkingUplinks(self): return self.trunks.GetAllInList() def SetTrunkingUplinks(self, objs): return self.trunks.SetAll(objs)
def __init__(self): self.objects = ConfigStore.objects self.templates = ConfigStore.templates self.specs = ConfigStore.specs # Custom Database for easy access. self.trunks = ObjectDatabase() self.tunnels = ObjectDatabase() return
def TestCaseSetup(tc): print("TestCaseSetup(): Start") tc.pvtdata = ObjectDatabase() tcp_proxy.SetupProxyArgs(tc) id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] tcp_proxy.init_tcb_inorder(tc, tcb) # set tcb state to ESTABLISHED(1) tcb.state = 1 tcb.SetObjValPd() # 2. Clone objects that are needed for verification rnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr.GetMeta() rnmdpr.GetRingEntries([rnmdpr.pi]) tnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"]) tnmdpr.GetMeta() tnmdpr.GetRingEntries([tnmdpr.pi]) if tc.module.args.cipher_suite == "CCM": brq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_CCM"]) elif tc.module.args.cipher_suite == "CBC": brq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_CBC"]) else: brq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["BRQ_DECRYPT_GCM"]) brq.GetMeta() tlscbid = "TlsCb%04d" % id tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid]) tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_proxy | \ tcp_tls_proxy.tls_debug_dol_sesq_stop if hasattr(tc.module.args, 'reassemble'): if tc.module.args.reassemble == True: print("Enabling reassembly support") tlscb.debug_dol = tlscb.debug_dol | tcp_tls_proxy.tls_debug_dol_dec_reasm_path tlscb.other_fid = 0xffff tlscb.serq_pi = 0 tlscb.serq_ci = 0 tlscb.SetObjValPd() if tc.module.args.key_size == 16: tcp_tls_proxy.tls_aes128_decrypt_setup(tc, tlscb) elif tc.module.args.key_size == 32: tcp_tls_proxy.tls_aes256_decrypt_setup(tc, tlscb) tc.pvtdata.Add(tlscb) tc.pvtdata.Add(rnmdpr) tc.pvtdata.Add(tnmdpr) tc.pvtdata.Add(brq) return
def __init__(self): self.headers = ObjectDatabase() self.packets = ObjectDatabase() self.payloads = ObjectDatabase() self.templates = ObjectDatabase() self.specs = ObjectDatabase() self.testobjects = ObjectDatabase() return
def TestCaseSetup(tc): global ipseccbq global ipseccb global rnmdr global iv global seq tc.pvtdata = ObjectDatabase() tc.pvtdata.seqNo = 0 print("TestCaseSetup(): Sample Implementation.") # 2. Clone objects that are needed for verification rnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMDR"]) rnmdr.GetMeta() rnmdr.GetRingEntries([rnmdr.pi, rnmdr.pi + 1]) rnmdr.GetRingEntryAOL([rnmdr.pi, rnmdr.pi + 1]) id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) IpsecCbHelper.main(id) ipsecid = "IPSECCB%04d" % id ipseccb = tc.infra_data.ConfigStore.objects.db[ipsecid] ipsec_cbq_id = ipsecid + "_IPSECCBQ" ipseccbq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db[ipsec_cbq_id]) ipseccb = tc.infra_data.ConfigStore.objects.db[ipsecid] rnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMPR"]) rnmpr.GetMeta() rnmpr.GetRingEntries([rnmpr.pi]) tnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMDR"]) tnmdr.GetMeta() tnmdr.GetRingEntries([tnmdr.pi]) tnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMPR"]) tnmpr.GetMeta() tnmpr.GetRingEntries([tnmpr.pi]) brq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"]) brq.GetMeta() brq.GetRingEntries([brq.pi]) iv = ipseccb.iv seq = ipseccb.esn_lo tc.pvtdata.Add(rnmdr) tc.pvtdata.Add(rnmpr) tc.pvtdata.Add(tnmdr) tc.pvtdata.Add(tnmpr) tc.pvtdata.Add(brq) return
def TestCaseSetup(tc): tc.pvtdata = ObjectDatabase() tcp_proxy.SetupProxyArgs(tc) id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] tcp_proxy.init_tcb_inorder(tc, tcb) # set tcb state to ESTABLISHED(1) tcb.state = 1 tcb.l7_proxy_type = 0 tcb.debug_dol = 0 tcb.SetObjValPd() # 2. Clone objects that are needed for verification rnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr_big.GetMeta() tnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"]) #tnmdpr_big.GetMeta() brq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"]) #brq.GetMeta() tlscbid = "TlsCb%04d" % id tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid]) tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_proxy | \ tcp_tls_proxy.tls_debug_dol_sesq_stop tlscb.other_fid = 0xffff tlscb.l7_proxy_type = tcp_proxy.l7_proxy_type_REDIR tlscb.serq_pi = 0 tlscb.serq_ci = 0 if tc.module.args.key_size == 16: tcp_tls_proxy.tls_aes128_decrypt_setup(tc, tlscb) elif tc.module.args.key_size == 32: tcp_tls_proxy.tls_aes256_decrypt_setup(tc, tlscb) tc.pvtdata.Add(tlscb) tc.pvtdata.Add(rnmdpr_big) tc.pvtdata.Add(tnmdpr_big) tc.pvtdata.Add(brq) return
def TestCaseSetup(tc): tc.pvtdata = ObjectDatabase() tcp_proxy.SetupProxyArgs(tc) id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] tcp_proxy.init_tcb_inorder(tc, tcb) # set tcb state to ESTABLISHED(1) tcb.state = tcp_proxy.tcp_state_ESTABLISHED tcb.debug_dol_tx |= tcp_proxy.tcp_tx_debug_dol_dont_tx tcb.SetObjValPd() # 2. Clone objects that are needed for verification rnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr.GetMeta() tnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"]) tnmdpr.GetMeta() arq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["CPU0000_ARQ"]) sesqid = "TCPCB%04d_SESQ" % id sesq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[sesqid]) sesq.GetMeta() tlscbid = "TlsCb%04d" % id tlscb_cur = tc.infra_data.ConfigStore.objects.db[tlscbid] #tlscb_cur.debug_dol = (tcp_tls_proxy.tls_debug_dol_leave_in_arq | tcp_tls_proxy.tls_debug_dol_bypass_proxy | tcp_tls_proxy.tls_debug_dol_bypass_barco | tcp_tls_proxy.tls_debug_dol_fake_handshake_msg) tlscb_cur.debug_dol = (tcp_tls_proxy.tls_debug_dol_bypass_proxy | tcp_tls_proxy.tls_debug_dol_bypass_barco | tcp_tls_proxy.tls_debug_dol_arm_loop_ctlr_pkts) tlscb_cur.other_fid = 0xffff tlscb_cur.is_decrypt_flow = 1 tlscb_cur.serq_pi = 0 tlscb_cur.serq_ci = 0 tlscb_cur.SetObjValPd() tlscb = copy.deepcopy(tlscb_cur) tlscb.GetObjValPd() tcpcb = copy.deepcopy(tcb) tcpcb.GetObjValPd() tc.pvtdata.Add(tlscb) tc.pvtdata.Add(rnmdpr) tc.pvtdata.Add(tnmdpr) tc.pvtdata.Add(tcpcb) tc.pvtdata.Add(sesq) tc.pvtdata.Add(arq) return
def TestCaseSetup(tc): tc.pvtdata = ObjectDatabase() tcp_proxy.SetupProxyArgs(tc) id1, id2 = ProxyCbServiceHelper.GetSessionQids(tc.config.flow._FlowObject__session) if tc.config.flow.IsIflow(): id = id1 other_fid = id2 else: id = id2 other_fid = id1 TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] tcp_proxy.init_tcb_inorder(tc, tcb) tcb.debug_dol = 0 # set tcb state to SYN_SENT(2) tcb.state = tcp_proxy.tcp_state_SYN_SENT tcb.SetObjValPd() TcpCbHelper.main(other_fid) tcbid2 = "TcpCb%04d" % (other_fid) logger.info("Configuring %s" % tcbid2) tcb2 = tc.infra_data.ConfigStore.objects.db[tcbid2] tcp_proxy.init_tcb_inorder2(tc, tcb2) tcb2.SetObjValPd() # 2. Clone objects that are needed for verification arq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["CPU0000_ARQ"]) arq.Configure() sesqid = "TCPCB%04d_SESQ" % id sesq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[sesqid]) tlscbid = "TlsCb%04d" % id tlscb_cur = tc.infra_data.ConfigStore.objects.db[tlscbid] tlscb_cur.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_barco tlscb_cur.SetObjValPd() tlscb = copy.deepcopy(tlscb_cur) tcpcb = copy.deepcopy(tcb) tc.pvtdata.Add(tlscb) tc.pvtdata.Add(tcpcb) tc.pvtdata.Add(sesq) tc.pvtdata.Add(arq) return
def TestCaseSetup(tc): global cpurx_dpr tc.SetRetryEnabled(True) tc.pvtdata = ObjectDatabase() # For this test, we'd like app_redir flow miss pipeline to configure # the necessary rawr/rawc CBs so we refrain from doing that here. # Clone objects that are needed for verification cpurx_dpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["CPU_RX_DPR"]) cpurx_dpr.GetMeta() cpurx_dpr.GetRingEntries([cpurx_dpr.pi]) return
def TestCaseSetup(tc): tc.pvtdata = ObjectDatabase() tcp_proxy.SetupProxyArgs(tc) id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] tcp_proxy.init_tcb_inorder(tc, tcb) tcb.l7_proxy_type = tcp_proxy.l7_proxy_type_SPAN tcb.debug_dol |= tcp_proxy.tcp_debug_dol_pkt_to_serq tcb.debug_dol |= tcp_proxy.tcp_debug_dol_pkt_to_l7q if hasattr(tc.module.args, 'atomic_stats') and tc.module.args.atomic_stats: print("Testing atomic stats") tcb.debug_dol |= tcp_proxy.tcp_debug_dol_test_atomic_stats tcb.bytes_rcvd = 0 # set tcb state to ESTABLISHED(1) tcb.state = 1 tcb.SetObjValPd() tlscbid = "TlsCb%04d" % id tlscb = tc.infra_data.ConfigStore.objects.db[tlscbid] tlscb.debug_dol = 0 tlscb.is_decrypt_flow = False tlscb.other_fid = 0xffff tlscb.serq_pi = 0 tlscb.serq_ci = 0 tlscb.SetObjValPd() # 2. Clone objects that are needed for verification rnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr_big.GetMeta() rnmdpr_big.GetRingEntries([rnmdpr_big.pi]) serqid = "TLSCB%04d_SERQ" % id serq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[serqid]) serq.GetMeta() tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid]) tlscb.GetObjValPd() tcpcb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tcbid]) tcpcb.GetObjValPd() tc.pvtdata.Add(tlscb) tc.pvtdata.Add(rnmdpr_big) tc.pvtdata.Add(tcpcb) tc.pvtdata.Add(serq) return
def TestCaseSetup(tc): global cpurx_dpr global rawrcbid global rawccbid global rawrcb global rawccb global redir_span tc.SetRetryEnabled(True) tc.pvtdata = ObjectDatabase() redir_span = getattr(tc.module.args, 'redir_span', False) id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) if redir_span: id = app_redir_shared.app_redir_span_rawrcb_id rawrcbid = "RawrCb%04d" % id rawccbid = "RawcCb%04d" % id RawrCbHelper.main(id) rawrcb = tc.infra_data.ConfigStore.objects.db[rawrcbid] RawcCbHelper.main(id) rawccb = tc.infra_data.ConfigStore.objects.db[rawccbid] # 1. Configure RAWRCB in HBM before packet injection # let HAL fill in defaults for chain_rxq_base, etc. rawrcb.chain_txq_base = 0 rawrcb.chain_rxq_base = 0 rawrcb.rawrcb_flags = app_redir_shared.app_redir_dol_pipeline_loopbk_en rawrcb.SetObjValPd() # 1. Configure RAWCCB in HBM before packet injection # let HAL fill in defaults for my_txq_base, etc. rawccb.my_txq_base = 0 rawccb.SetObjValPd() # 2. Clone objects that are needed for verification cpurx_dpr = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["CPU_RX_DPR"]) cpurx_dpr.GetMeta() cpurx_dpr.GetRingEntries([cpurx_dpr.pi]) rawrcb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[rawrcbid]) rawrcb.GetObjValPd() rawccb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[rawccbid]) rawccb.GetObjValPd() return
class FactoryStoreObject: def __init__(self): self.headers = ObjectDatabase() self.packets = ObjectDatabase() self.payloads = ObjectDatabase() self.templates = ObjectDatabase() self.specs = ObjectDatabase() self.testobjects = ObjectDatabase() return def GetHeaderByScapyId(self, sid): for hdr in self.headers.GetAll(): if hdr.meta.scapy == sid: return hdr return None
def TestCaseSetup(tc): tc.pvtdata = ObjectDatabase() tcp_proxy.SetupProxyArgs(tc) id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] tcp_proxy.init_tcb_inorder(tc, tcb) # set tcb state to ESTABLISHED(1) tcb.state = 1 tcb.SetObjValPd() # 2. Clone objects that are needed for verification rnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr_big.GetMeta() rnmdpr_big.GetRingEntries([rnmdpr_big.pi]) tnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"]) tnmdpr.GetMeta() sesqid = "TCPCB%04d_SESQ" % id sesq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[sesqid]) sesq.GetMeta() tlscbid = "TlsCb%04d" % id tlscb_cur = tc.infra_data.ConfigStore.objects.db[tlscbid] tlscb_cur.debug_dol = (tcp_tls_proxy.tls_debug_dol_bypass_proxy | tcp_tls_proxy.tls_debug_dol_sesq_stop | tcp_tls_proxy.tls_debug_dol_bypass_barco) tlscb_cur.other_fid = 0xffff tlscb_cur.is_decrypt_flow = False tlscb_cur.serq_pi = 0 tlscb_cur.serq_ci = 0 tlscb_cur.SetObjValPd() tlscb = copy.deepcopy(tlscb_cur) tlscb.GetObjValPd() tcpcb = copy.deepcopy(tcb) tcpcb.GetObjValPd() tc.pvtdata.Add(tlscb) tc.pvtdata.Add(rnmdpr_big) tc.pvtdata.Add(tnmdpr) tc.pvtdata.Add(tcpcb) tc.pvtdata.Add(sesq) return
def TestCaseSetup(tc): tc.pvtdata = ObjectDatabase() tcp_proxy.SetupProxyArgs(tc) id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] tcp_proxy.init_tcb_inorder(tc, tcb) tcb.debug_dol |= tcp_proxy.tcp_debug_dol_leave_in_arq # set tcb state to SYN_SENT(2) tcb.state = tcp_proxy.tcp_state_SYN_SENT tcb.SetObjValPd() # 2. Clone objects that are needed for verification rnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr_big.GetMeta() rnmdpr_big.GetRingEntries([rnmdpr_big.pi]) tnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"]) tnmdpr_big.GetMeta() actl = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["CPU0000_TCP_ACTL"]) actl.GetMeta() sesqid = "TCPCB%04d_SESQ" % id sesq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[sesqid]) tlscbid = "TlsCb%04d" % id tlscb_cur = tc.infra_data.ConfigStore.objects.db[tlscbid] tlscb_cur.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_barco tlscb_cur.SetObjValPd() tlscb = copy.deepcopy(tlscb_cur) tcpcb = copy.deepcopy(tcb) tc.pvtdata.Add(tlscb) tc.pvtdata.Add(rnmdpr_big) tc.pvtdata.Add(tnmdpr_big) tc.pvtdata.Add(tcpcb) tc.pvtdata.Add(sesq) tc.pvtdata.Add(actl) return
def TestCaseSetup(tc): global ipseccbq global ipseccb global rnmdr global iv global seq tc.pvtdata = ObjectDatabase() print("TestCaseSetup(): Sample Implementation.") # 1. Configure IPSECCB in HBM before packet injection ipseccb = tc.infra_data.ConfigStore.objects.db["IPSECCB0000"] key_type = types_pb2.CRYPTO_KEY_TYPE_AES128 key_size = 16 key = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' ipseccb.crypto_key.Update(key_type, key_size, key) ipseccb.tunnel_sip4 = 0x0A010001 ipseccb.tunnel_dip4 = 0x0A010002 ipseccb.iv_size = 8 ipseccb.icv_size = 16 ipseccb.block_size = 16 ipseccb.key_index = 0 ipseccb.barco_enc_cmd = 0x30000000 ipseccb.iv = 0xaaaaaaaaaaaaaaaa ipseccb.iv_salt = 0xbbbbbbbb ipseccb.esn_hi = 0 ipseccb.esn_lo = 0 ipseccb.spi = 0 ipseccb.is_nat_t = 1 ipseccb.is_v6 = 0 ipseccb.vrf_vlan = 0x0005 ipseccb.key_index = ipseccb.crypto_key.keyindex ipseccb.SetObjValPd() seq = ipseccb.esn_lo iv = ipseccb.iv # 2. Clone objects that are needed for verification rnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMDR"]) rnmdr.GetMeta() rnmdr.GetRingEntries([rnmdr.pi, rnmdr.pi + 1]) rnmdr.GetRingEntryAOL([rnmdr.pi, rnmdr.pi + 1]) ipseccbq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["IPSECCB0000_IPSECCBQ"]) ipseccb = tc.infra_data.ConfigStore.objects.db["IPSECCB0000"] rnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMPR"]) rnmpr.GetMeta() rnmpr.GetRingEntries([rnmpr.pi]) tnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMDR"]) tnmdr.GetMeta() tnmdr.GetRingEntries([tnmdr.pi]) tnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMPR"]) tnmpr.GetMeta() tnmpr.GetRingEntries([tnmpr.pi]) brq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"]) brq.GetMeta() brq.GetRingEntries([brq.pi]) tc.pvtdata.Add(rnmdr) tc.pvtdata.Add(rnmpr) tc.pvtdata.Add(tnmdr) tc.pvtdata.Add(tnmpr) tc.pvtdata.Add(brq) return
def TestCaseSetup(tc): tc.pvtdata = ObjectDatabase() tc.SetRetryEnabled(True) tcp_proxy.SetupProxyArgs(tc) id1, id2 = ProxyCbServiceHelper.GetSessionQids( tc.config.flow._FlowObject__session) if tc.config.flow.IsIflow(): id = id1 other_fid = id2 else: id = id2 other_fid = id1 TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id logger.info("Configuring %s" % tcbid) # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] tcp_proxy.init_tcb_inorder(tc, tcb) tcb.SetObjValPd() TcpCbHelper.main(other_fid) tcbid2 = "TcpCb%04d" % (other_fid) logger.info("Configuring %s" % tcbid2) tcb2 = tc.infra_data.ConfigStore.objects.db[tcbid2] tcp_proxy.init_tcb_inorder2(tc, tcb2) tcb2.SetObjValPd() # 2. Configure TLS CB in HBM before packet injection tlscbid = "TlsCb%04d" % id tlscbid2 = "TlsCb%04d" % (other_fid) tlscb = tc.infra_data.ConfigStore.objects.db[tlscbid] tlscb2 = tc.infra_data.ConfigStore.objects.db[tlscbid2] tlscb.debug_dol = 0 tlscb2.debug_dol = 0 if tc.pvtdata.bypass_barco: print("Bypassing Barco") tlscb.is_decrypt_flow = False tlscb2.is_decrypt_flow = False tlscb.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_barco tlscb2.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_barco if tc.pvtdata.same_flow: print("Same flow") tlscb.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_proxy tlscb2.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_proxy tlscb.other_fid = 0xffff tlscb2.other_fid = 0xffff else: print("Other flow") tlscb.other_fid = other_fid tlscb2.other_fid = id tlscb.SetObjValPd() tlscb2.SetObjValPd() # 3. Clone objects that are needed for verification tcpcb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tcbid]) tcpcb.GetObjValPd() tc.pvtdata.Add(tcpcb) tcpcb2 = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tcbid2]) tcpcb2.GetObjValPd() tc.pvtdata.Add(tcpcb2) tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid]) tlscb.GetObjValPd() tc.pvtdata.Add(tlscb) other_tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid2]) other_tlscb.GetObjValPd() tc.pvtdata.Add(other_tlscb) rnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr_big.GetMeta() tc.pvtdata.Add(rnmdpr_big) return
class EzAccessStore: # Static variables and methods # Batch client batchClient = None templates = ConfigStore.templates specs = ConfigStore.specs dutNode = 1 configClientDict = dict() testbedSpec = None # Class members def __init__(self, node, parent=None): self.Node = node self.NodeObj = parent self.objects = ConfigStore.objects # Custom Database for easy access. self.trunks = ObjectDatabase() self.dhcprelayObjs = ObjectDatabase() self.dhcpproxyObjs = ObjectDatabase() self.tunnels = ObjectDatabase() self.nexthops = ObjectDatabase() self.nexthopgroups = ObjectDatabase() self.ipsec_encrypt_objs = ObjectDatabase() self.ipsec_decrypt_objs = ObjectDatabase() self.device = None self.underlay_vpc = None self.hostport = None self.switchport = None self.securityprofile = None self.upgrade = None self.dutNode = 1 self.underlay_ips = [] return def SetTunnels(self, objs): if len(objs) == 0: return if defs.TEST_TYPE == "IOTA": self.tunnels.db.clear() return self.tunnels.SetAll(objs) def SetNexthops(self, objs): if len(objs) == 0: return if defs.TEST_TYPE == "IOTA": self.nexthops.db.clear() return self.nexthops.SetAll(objs) def SetNexthopgroups(self, objs): if len(objs) == 0: return if defs.TEST_TYPE == "IOTA": self.nexthopgroups.db.clear() return self.nexthopgroups.SetAll(objs) def SetIpsecEncryptSA(self, objs): if len(objs) == 0: return if defs.TEST_TYPE == "IOTA": self.ipsec_encrypt_objs.db.clear() return self.ipsec_encrypt_objs.SetAll(objs) def SetIpsecDecryptSA(self, objs): if len(objs) == 0: return if defs.TEST_TYPE == "IOTA": self.ipsec_decrypt_objs.db.clear() return self.ipsec_encrypt_objs.SetAll(objs) def SetDevice(self, obj): self.device = obj def GetDevice(self): return self.device def SetHostPort(self, port): self.hostport = port def GetHostPort(self): return self.hostport def SetSwitchPort(self, port): self.switchport = port def GetSwitchPort(self): return self.switchport def SetUnderlayVPC(self, obj): self.underlay_vpc = obj def GetUnderlayVPCId(self): if self.underlay_vpc: return self.underlay_vpc.VPCId else: return -1 def SetSecurityProfile(self, obj): self.securityprofile = obj def GetSecurityProfile(self): return self.securityprofile def SetUpgrade(self, obj): self.upgrade = obj def GetUpgrade(self): return self.upgrade def GetProviderIPAddr(self, count): if self.underlay_vpc: return self.underlay_vpc.GetProviderIPAddr(count) else: return None, -1 def GetSvcMapping(self, ipversion): if self.underlay_vpc: return self.underlay_vpc.GetSvcMapping(ipversion) else: return None, -1 def IsBitwMode(self): return self.device.IsBitwMode() def IsHostMode(self): return self.device.IsHostMode() def IsDeviceEncapTypeMPLS(self): return self.device.IsEncapTypeMPLS() def IsDeviceEncapTypeVXLAN(self): return self.device.IsEncapTypeVXLAN() def IsDeviceLearningEnabled(self): return self.device.IsLearningEnabled() def IsBridgingEnabled(self): return self.device.IsBridgingEnabled() def IsDeviceOverlayRoutingEnabled(self): if self.device is None: return False return self.device.IsOverlayRoutingEnabled() def GetDeviceEncapType(self): return self.device.EncapType def GetWorkloadTunnels(self): tunnels = [] for tun in self.tunnels.GetAllInList(): if tun.IsWorkload(): tunnels.append(tun) return tunnels def GetIgwNonNatTunnels(self): tunnels = [] for tun in self.tunnels.GetAllInList(): if tun.IsIgw() and tun.IsNat() is False: tunnels.append(tun) return tunnels def GetIgwNatTunnels(self): tunnels = [] for tun in self.tunnels.GetAllInList(): if tun.IsIgw() and tun.IsNat(): tunnels.append(tun) return tunnels def GetSvcTunnels(self, remote=False): tunnels = [] for tun in self.tunnels.GetAllInList(): if tun.IsSvc() and tun.Remote is remote: tunnels.append(tun) return tunnels def GetIpsecTunnels(self): tunnels = [] for tun in self.tunnels.GetAllInList(): if tun.IsIpsec(): tunnels.append(tun) return tunnels def GetIpsecTunnelModeTunnels(self): tunnels = [] for tun in self.tunnels.GetAllInList(): if tun.IsIpsecTunnelMode(): tunnels.append(tun) return tunnels def GetIpsecTransportModeTunnels(self): tunnels = [] for tun in self.tunnels.GetAllInList(): if tun.IsIpsecTransportMode(): tunnels.append(tun) return tunnels def GetUnderlayTunnels(self, ecmp=False): tunnels = [] for tun in self.tunnels.GetAllInList(): if ecmp is False: if tun.IsUnderlay(): tunnels.append(tun) elif ecmp is True: if tun.IsUnderlayEcmp(): tunnels.append(tun) return tunnels def GetOverlayTunnels(self): tunnels = [] for tun in self.tunnels.GetAllInList(): if tun.IsOverlay(): tunnels.append(tun) return tunnels def GetUnderlayNexthops(self, ecmp=False): nhops = [] for nh in self.nexthops.GetAllInList(): if ecmp is False: if nh.IsUnderlay(): nhops.append(nh) if ecmp is True: if nh.IsUnderlayEcmp(): nhops.append(nh) return nhops def GetUnderlayNhGroups(self): nhgs = [] for nhg in self.nexthopgroups.GetAllInList(): if nhg.IsUnderlay(): nhgs.append(nhg) return nhgs def GetOverlayNexthops(self, ecmp=False): nhops = [] for nh in self.nexthops.GetAllInList(): if nh.IsOverlay(): nhops.append(nh) return nhops def GetDualEcmpNexthops(self): nhops = [] for nh in self.nexthops.GetAllInList(): if nh.IsOverlay() and nh.DualEcmp: nhops.append(nh) return nhops def GetOverlayNhGroups(self): nhgs = [] for nhg in self.nexthopgroups.GetAllInList(): if nhg.IsOverlay(): nhgs.append(nhg) return nhgs def GetDualEcmpNhGroups(self): nhgs = [] for nhg in self.nexthopgroups.GetAllInList(): if nhg.IsOverlay() and nhg.DualEcmp: nhgs.append(nhg) return nhgs def GetIpsecEncryptSAs(self): encrypt_sas = [] for obj in self.ipsec_encrypt_objs.GetAllInList(): encrypt_sas.append(obj) return encrypt_sas def GetIpsecDecryptSAs(self): decrypt_sas = [] for obj in self.ipsec_decrypt_objs.GetAllInList(): decrypt_sas.append(obj) return decrypt_sas @staticmethod def SetTestbedSpec(tbspec): EzAccessStore.testbedSpec = tbspec @staticmethod def GetTestbedSpec(): return EzAccessStore.testbedSpec def GetDhcpRelayObjects(self): return self.dhcprelayObjs.GetAllInList() def SetDhcpRelayObjects(self, objs): return self.dhcprelayObjs.SetAll(objs) def GetDhcpProxyObjects(self): return self.dhcpproxyObjs.GetAllInList() def SetDhcpProxyObjects(self, objs): return self.dhcpproxyObjs.SetAll(objs) def GetTrunkingUplinks(self): return self.trunks.GetAllInList() def SetTrunkingUplinks(self, objs): return self.trunks.SetAll(objs) def GetNodeUuid(self, node): if node in self.uuid_map: node_uuid = self.uuid_map[node] node_uuid = node_uuid.replace('.', '') if node_uuid == '': return None return int(node_uuid, 16) return None def SetUnderlayIPs(self, underlay_ips): self.underlay_ips = underlay_ips def GetUnderlayIPs(self): return self.underlay_ips def GetLoopbackIp(self): for ip in self.underlay_ips: if 'Loopback' in ip.Name: return ip.IP return None def GetLoopbackRemoteTEP(self): for ip in self.underlay_ips: if 'Loopback' in ip.Name: return ip.RemoteTEP return None def GetUnderlayIp(self, intf_name): for ip in self.underlay_ips: if ip.Name == intf_name: return ip.IP return None def GetUnderlayMaskLen(self, intf_name): for ip in self.underlay_ips: if ip.Name == intf_name: return ip.MaskLen return None def GetUnderlayBGPRemoteASN(self, intf_name): for ip in self.underlay_ips: if ip.Name == intf_name: return getattr(ip, "BGPRemoteASN", None) return None def GetUnderlayNexthop(self, intf_name): for ip in self.underlay_ips: if ip.Name == intf_name: return getattr(ip, "Nexthop", None) return None @staticmethod def SetBatchClient(obj): EzAccessStore.batchClient = obj @staticmethod def GetBatchClient(): return EzAccessStore.batchClient @staticmethod def SetDUTNode(node): EzAccessStore.dutNode = node @staticmethod def GetDUTNode(): return EzAccessStore.dutNode @staticmethod def SetUuidMap(uuid_map): EzAccessStore.uuid_map = uuid_map @staticmethod def GetUuidMap(node): return EzAccessStore.uuid_map @staticmethod def SetConfigClientDict(obj): EzAccessStore.configClientDict = obj return @staticmethod def GetConfigClient(objType): return EzAccessStore.configClientDict.get(objType.name.lower(), None)
def TestCaseSetup(tc): skip_config = False if hasattr(tc.module.args, 'skip_config') and tc.module.args.skip_config: logger.info("skipping config") skip_config = True tc.pvtdata = ObjectDatabase() if hasattr(tc.module.args, 'rnmdr_big_pi'): tc.pvtdata.rnmdr_big_pi = tc.module.args.rnmdr_big_pi else: tc.pvtdata.rnmdr_big_pi = None if hasattr(tc.module.args, 'rnmdr_big_ci'): tc.pvtdata.rnmdr_big_ci = tc.module.args.rnmdr_big_ci else: tc.pvtdata.rnmdr_big_ci = None tcp_proxy.SetupProxyArgs(tc) id1, id2 = ProxyCbServiceHelper.GetSessionQids( tc.config.flow._FlowObject__session) if tc.config.flow.IsIflow(): id = id1 other_fid = id2 else: id = id2 other_fid = id1 TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id logger.info("Configuring %s" % tcbid) # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] if not skip_config: tcp_proxy.init_tcb_inorder(tc, tcb) if tc.pvtdata.serq_full: tcb.serq_pi = 5 tcb.serq_ci = 6 else: if tc.pvtdata.serq_pi: tcb.serq_pi = tc.pvtdata.serq_pi if tc.pvtdata.serq_ci: tcb.serq_ci = tc.pvtdata.serq_ci tcb.SetObjValPd() else: tc.pvtdata.flow1_bytes_rxed = 0 tc.pvtdata.flow1_bytes_txed = 0 tc.pvtdata.flow2_bytes_rxed = 0 tc.pvtdata.flow2_bytes_txed = 0 TcpCbHelper.main(other_fid) tcbid2 = "TcpCb%04d" % (other_fid) logger.info("Configuring %s" % tcbid2) tcb2 = tc.infra_data.ConfigStore.objects.db[tcbid2] if not skip_config: tcp_proxy.init_tcb_inorder2(tc, tcb2) tcb2.SetObjValPd() tc.pvtdata.tcb1 = tcb tc.pvtdata.tcb2 = tcb2 # 2. Configure TLS CB in HBM before packet injection tlscbid = "TlsCb%04d" % id tlscbid2 = "TlsCb%04d" % (other_fid) tlscb = tc.infra_data.ConfigStore.objects.db[tlscbid] tlscb2 = tc.infra_data.ConfigStore.objects.db[tlscbid2] if tc.pvtdata.serq_full: tlscb.serq_pi = 5 tlscb.serq_ci = 6 tlscb2.serq_pi = 5 tlscb2.serq_ci = 6 else: tlscb.serq_pi = 0 tlscb.serq_pi = 0 tlscb.serq_ci = 0 tlscb.serq_ci = 0 tlscb2.serq_pi = 0 tlscb2.serq_pi = 0 tlscb2.serq_ci = 0 tlscb2.serq_ci = 0 tlscb.debug_dol = 0 tlscb2.debug_dol = 0 tlscb.other_fid = other_fid tlscb2.other_fid = id if tc.pvtdata.bypass_barco: logger.info("Bypassing Barco") tlscb.is_decrypt_flow = False tlscb2.is_decrypt_flow = False tlscb.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_barco tlscb2.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_barco if not skip_config: tlscb.SetObjValPd() tlscb2.SetObjValPd() if skip_config: return # 3. Clone objects that are needed for verification tcpcb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tcbid]) tcpcb.GetObjValPd() tc.pvtdata.Add(tcpcb) tcpcb2 = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tcbid2]) tcpcb2.GetObjValPd() tc.pvtdata.Add(tcpcb2) tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid]) tlscb.GetObjValPd() tc.pvtdata.Add(tlscb) other_tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid2]) other_tlscb.GetObjValPd() tc.pvtdata.Add(other_tlscb) rnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr_big.GetMeta() if tc.pvtdata.sem_full and tc.pvtdata.sem_full == 'nmdr': rnmdpr_big.pi = 0 rnmdpr_big.ci = 2 # ring size of 2, so can hold 1 entry rnmdpr_big.SetMeta() else: setMeta = False if tc.pvtdata.rnmdr_big_pi is not None: rnmdpr_big.pi = tc.pvtdata.rnmdr_big_pi setMeta = True if tc.pvtdata.rnmdr_big_ci is not None: rnmdpr_big.ci = tc.pvtdata.rnmdr_big_ci setMeta = True if setMeta: rnmdpr_big.SetMeta() tc.pvtdata.Add(rnmdpr_big) if tc.pvtdata.test_ooo_queue: ooo_rx_wring = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["OOO_RX"]) ooo_rx_wring.GetMeta() tc.pvtdata.Add(ooo_rx_wring) tnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"]) tnmdpr_big.GetMeta() tc.pvtdata.Add(tnmdpr_big) return
def TestCaseSetup(tc): global ipseccbq global ipseccb global rnmdr global iv global seq tc.pvtdata = ObjectDatabase() print("TestCaseSetup(): Sample Implementation.") # 1. Configure IPSECCB in HBM before packet injection id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) IpsecCbHelper.main(id) ipsecid = "IPSECCB%04d" % id ipseccb = tc.infra_data.ConfigStore.objects.db[ipsecid] key_type = types_pb2.CRYPTO_KEY_TYPE_AES128 key_size = 16 key = b'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc' sip6 = b'\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xaa' dip6 = b'\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\xbb' ipseccb.crypto_key.Update(key_type, key_size, key) ipseccb.tunnel_sip4 = 0x0A010001 ipseccb.tunnel_dip4 = 0x0A010002 ipseccb.iv_size = 8 ipseccb.icv_size = 16 ipseccb.block_size = 16 ipseccb.key_index = 0 ipseccb.barco_enc_cmd = 0x30000000 ipseccb.iv = 0xaaaaaaaaaaaaaaaa ipseccb.iv_salt = 0xbbbbbbbb ipseccb.esn_hi = 0 ipseccb.esn_lo = 0 ipseccb.spi = 0 ipseccb.is_nat_t = 0 ipseccb.is_v6 = 0 ipseccb.key_index = ipseccb.crypto_key.keyindex ipseccb.sip6.ip_af = 2 ipseccb.sip6.v6_addr = sip6 ipseccb.dip6.ip_af = 2 ipseccb.dip6.v6_addr = dip6 ipseccb.SetObjValPd() # 2. Clone objects that are needed for verification rnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMDR"]) rnmdr.GetMeta() rnmdr.GetRingEntries([rnmdr.pi, rnmdr.pi + 1]) rnmdr.GetRingEntryAOL([rnmdr.pi, rnmdr.pi + 1]) ipsec_cbq_id = ipsecid + "_IPSECCBQ" ipseccbq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db[ipsec_cbq_id]) ipseccb = tc.infra_data.ConfigStore.objects.db[ipsecid] rnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMPR"]) rnmpr.GetMeta() rnmpr.GetRingEntries([rnmpr.pi]) tnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMDR"]) tnmdr.GetMeta() tnmdr.GetRingEntries([tnmdr.pi]) tnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMPR"]) tnmpr.GetMeta() tnmpr.GetRingEntries([tnmpr.pi]) brq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"]) brq.GetMeta() brq.GetRingEntries([brq.pi]) iv = ipseccb.iv seq = ipseccb.esn_lo tc.pvtdata.Add(rnmdr) tc.pvtdata.Add(rnmpr) tc.pvtdata.Add(tnmdr) tc.pvtdata.Add(tnmpr) tc.pvtdata.Add(brq) return
def TestCaseSetup(tc): global rnmdpr_big global proxyrcbid global proxyccbid global proxyrcb global proxyccb global redir_span tc.SetRetryEnabled(True) redir_span = getattr(tc.module.args, 'redir_span', False) tc.pvtdata = ObjectDatabase() tcp_proxy.SetupProxyArgs(tc) id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] tcp_proxy.init_tcb_inorder(tc, tcb) # set tcb state to ESTABLISHED(1) tcb.state = 1 tcb.l7_proxy_type = 0 tcb.debug_dol = 0 if redir_span: tcb.debug_dol_tx |= tcp_proxy.tcp_tx_debug_dol_dont_tx tcb.SetObjValPd() _proxyrcb_id = id ProxyrCbHelper.main(_proxyrcb_id) proxyrcbid = "ProxyrCb%04d" % _proxyrcb_id # 1. Configure PROXYRCB in HBM before packet injection proxyrcb = tc.infra_data.ConfigStore.objects.db[proxyrcbid] # let HAL fill in defaults for chain_rxq_base, etc. proxyrcb.my_txq_base = 0 proxyrcb.chain_rxq_base = 0 proxyrcb.redir_span = redir_span proxyrcb.proxyrcb_flags = app_redir_shared.app_redir_dol_pipeline_loopbk_en # fill in flow key proxyrcb.FlowKeyBuild(tc.config.flow) print("vrf %d flow sport %d dport %d" % (proxyrcb.vrf, proxyrcb.sport, proxyrcb.dport)) proxyrcb.SetObjValPd() tlscbid = "TlsCb%04d" % id tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid]) tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_proxy tlscb.other_fid = 0xffff tlscb.l7_proxy_type = tcp_proxy.l7_proxy_type_REDIR if redir_span: tlscb.l7_proxy_type = tcp_proxy.l7_proxy_type_SPAN tlscb.serq_pi = 0 tlscb.serq_ci = 0 if tc.module.args.key_size == 16: tcp_tls_proxy.tls_aes128_decrypt_setup(tc, tlscb) elif tc.module.args.key_size == 32: tcp_tls_proxy.tls_aes256_decrypt_setup(tc, tlscb) _proxyccb_id = id ProxycCbHelper.main(_proxyccb_id) proxyccbid = "ProxycCb%04d" % _proxyccb_id # 1. Configure PROXYCCB in HBM before packet injection proxyccb = tc.infra_data.ConfigStore.objects.db[proxyccbid] # let HAL fill in defaults for my_txq_base, etc. proxyccb.redir_span = redir_span proxyccb.my_txq_base = 0 proxyccb.chain_txq_base = 0 proxyccb.chain_txq_lif = app_redir_shared.service_lif_tcp_proxy proxyccb.chain_txq_qtype = 0 proxyccb.chain_txq_qid = id proxyccb.chain_txq_ring = 0 proxyccb.proxyccb_flags = app_redir_shared.app_redir_chain_desc_add_aol_offset | \ app_redir_shared.app_redir_dol_skip_chain_doorbell proxyccb.SetObjValPd() # 2. Clone objects that are needed for verification rnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr_big.GetMeta() proxyrcb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[proxyrcbid]) proxyrcb.GetObjValPd() proxyccb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[proxyccbid]) proxyccb.GetObjValPd() return
def __init__(self): self.objects = ObjectDatabase() self.templates = ObjectDatabase() self.specs = ObjectDatabase() return
def TestCaseSetup(tc): tc.pvtdata = ObjectDatabase() tcp_proxy.SetupProxyArgs(tc) skip_config = False if hasattr(tc.module.args, 'skip_config') and tc.module.args.skip_config: print("skipping config") skip_config = True #id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) id1, id2 = ProxyCbServiceHelper.GetSessionQids(tc.config.flow._FlowObject__session) if tc.config.flow.IsIflow(): id = id1 other_fid = id2 else: id = id2 other_fid = id1 TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] if not skip_config: tcp_proxy.init_tcb_inorder(tc, tcb) # set tcb state to ESTABLISHED(1) tcb.state = 1 tcb.SetObjValPd() else: tc.pvtdata.flow1_bytes_rxed = 0 tc.pvtdata.flow1_bytes_txed = 0 tc.pvtdata.flow2_bytes_rxed = 0 tc.pvtdata.flow2_bytes_txed = 0 TcpCbHelper.main(other_fid) tcbid2 = "TcpCb%04d" % (other_fid) logger.info("Configuring %s" % tcbid2) tcb2 = tc.infra_data.ConfigStore.objects.db[tcbid2] if not skip_config: tcp_proxy.init_tcb_inorder2(tc, tcb2) tcb2.SetObjValPd() tc.pvtdata.tcb1 = tcb tc.pvtdata.tcb2 = tcb2 tlscbid = "TlsCb%04d" % id tlscbid2 = "TlsCb%04d" % (other_fid) tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid]) #tlscb = tc.infra_data.ConfigStore.objects.db[tlscbid] #tlscb2 = tc.infra_data.ConfigStore.objects.db[tlscbid2] tlscb2 = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid2]) tlscb.serq_pi = 0 tlscb.serq_pi = 0 tlscb.serq_ci = 0 tlscb.serq_ci = 0 tlscb2.serq_pi = 0 tlscb2.serq_pi = 0 tlscb2.serq_ci = 0 tlscb2.serq_ci = 0 tlscb.debug_dol = 0 tlscb2.debug_dol = 0 #tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_proxy | \ # tcp_tls_proxy.tls_debug_dol_sesq_stop #tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_proxy #If 'use_random_iv' is set, set the corresponding debug-dol flag to indicate #datapath to pick a random value from DRBG as IV. if hasattr(tc.module.args, 'use_random_iv') and tc.module.args.use_random_iv == 1: tlscb.debug_dol |= tcp_tls_proxy.tls_debug_dol_explicit_iv_use_random tlscb2.debug_dol |= tcp_tls_proxy.tls_debug_dol_explicit_iv_use_random if tc.pvtdata.same_flow: tlscb.other_fid = 0xffff tlscb2.other_fid = 0xffff else: tlscb.other_fid = other_fid tlscb2.other_fid = id if not skip_config: if tc.module.args.key_size == 16: tcp_tls_proxy.tls_aes128_encrypt_setup(tc, tlscb) tcp_tls_proxy.tls_aes128_encrypt_setup(tc, tlscb2) elif tc.module.args.key_size == 32: tcp_tls_proxy.tls_aes256_encrypt_setup(tc, tlscb) tcp_tls_proxy.tls_aes256_encrypt_setup(tc, tlscb2) tlscb.SetObjValPd() tlscb2.SetObjValPd() if skip_config: return # 2. Clone objects that are needed for verification rnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr.GetMeta() rnmdpr.GetRingEntries([rnmdpr.pi]) tnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"]) tnmdpr.GetMeta() tnmdpr.GetRingEntries([tnmdpr.pi]) print("snapshot1: tnmdpr_alloc %d enc_requests %d" % (tlscb.tnmdpr_alloc, tlscb.enc_requests)) print("snapshot1: rnmdpr_free %d enc_completions %d" % (tlscb.rnmdpr_free, tlscb.enc_completions)) if tc.module.args.cipher_suite == "CCM": brq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_CCM"]) elif tc.module.args.cipher_suite == "CBC": brq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_CBC"]) else: brq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"]) tcpcb = copy.deepcopy(tcb) tcpcb.GetObjValPd() tc.pvtdata.Add(tcpcb) tcpcb2 = copy.deepcopy(tcb2) tcpcb2.GetObjValPd() tc.pvtdata.Add(tcpcb2) tlscb.GetObjValPd() tc.pvtdata.Add(tlscb) tlscb2.GetObjValPd() tc.pvtdata.Add(tlscb2) tc.pvtdata.Add(rnmdpr) tc.pvtdata.Add(tnmdpr) return
def __init__(self, node, parent=None): self.Node = node self.NodeObj = parent self.objects = ConfigStore.objects # Custom Database for easy access. self.trunks = ObjectDatabase() self.dhcprelayObjs = ObjectDatabase() self.dhcpproxyObjs = ObjectDatabase() self.tunnels = ObjectDatabase() self.nexthops = ObjectDatabase() self.nexthopgroups = ObjectDatabase() self.ipsec_encrypt_objs = ObjectDatabase() self.ipsec_decrypt_objs = ObjectDatabase() self.device = None self.underlay_vpc = None self.hostport = None self.switchport = None self.securityprofile = None self.upgrade = None self.dutNode = 1 self.underlay_ips = [] return
def TestCaseSetup(tc): tc.pvtdata = ObjectDatabase() tcp_proxy.SetupProxyArgs(tc) id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session) TcpCbHelper.main(id) tcbid = "TcpCb%04d" % id # 1. Configure TCB in HBM before packet injection tcb = tc.infra_data.ConfigStore.objects.db[tcbid] tcp_proxy.init_tcb_inorder(tc, tcb) tcb.debug_dol_tx |= tcp_proxy.tcp_tx_debug_dol_dont_send_ack # set tcb state to ESTABLISHED(1) tcb.state = 1 tcb.SetObjValPd() # 2. Clone objects that are needed for verification rnmdpr_big = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"]) rnmdpr_big.GetMeta() rnmdpr_big.GetRingEntries([rnmdpr_big.pi]) tnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"]) tnmdpr.GetMeta() brq = copy.deepcopy( tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"]) brq.GetMeta() brq.GetRingEntries([brq.pi]) tcpcb = copy.deepcopy(tcb) tcpcb.GetObjValPd() tlscbid = "TlsCb%04d" % id tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid]) # Key Setup key_type = types_pb2.CRYPTO_KEY_TYPE_AES128 key_size = 16 key = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' tlscb.crypto_key.Update(key_type, key_size, key) # TLS-CB Setup tlscb.command = 0x30000000 tlscb.crypto_key_idx = tlscb.crypto_key.keyindex tlscb.salt = 0x12345678 tlscb.explicit_iv = 0xfedcba9876543210 tlscb.enc_requests = 0 tlscb.enc_completions = 0 tlscb.serq_pi = 0 tlscb.serq_ci = 0 tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_barco | \ tcp_tls_proxy.tls_debug_dol_bypass_proxy | \ tcp_tls_proxy.tls_debug_dol_sesq_stop tlscb.other_fid = 0xffff tlscb.is_decrypt_flow = False tlscb.SetObjValPd() tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid]) tlscb.GetObjValPd() tc.pvtdata.Add(tlscb) tc.pvtdata.Add(rnmdpr_big) tc.pvtdata.Add(tnmdpr) tc.pvtdata.Add(tcpcb) tc.pvtdata.Add(brq) return