def test_discard(self):
message = self.test_eap_start()
# Make a message that will be discarded (id here is not sequential)
message = IdentityMessage(self.src_mac, message.message_id + 10,
Eap.RESPONSE, "host1user")
self.sm.event(EventMessageReceived(message, self.PORT_ID_MAC))
self.assertEqual(self.sm.state, self.sm.IDLE)
self.assertEqual(self.eap_output_queue.qsize(), 0)
self.assertEqual(self.radius_output_queue.qsize(), 0)
def test_identity_request_message_packs(self):
expected_packed_message = build_byte_string(
"0180c2000003001906eab88c888e010000050101000501")
message = IdentityMessage(
src_mac=MacAddress.from_string("00:19:06:ea:b8:8c"),
message_id=1,
code=Eap.REQUEST,
identity="")
packed_message = MessagePacker.pack(
message, MacAddress.from_string("01:80:c2:00:00:03"))
self.assertEqual(expected_packed_message, packed_message)
def test_identity_request_message_packs(self): # pylint: disable=invalid-name
expected_packed_message = bytes.fromhex(
"0180c2000003001906eab88c888e010000050101000501")
message = IdentityMessage(
src_mac=MacAddress.from_string("00:19:06:ea:b8:8c"),
message_id=1,
code=Eap.REQUEST,
identity="")
packed_message = MessagePacker.ethernet_pack(
message, MacAddress.from_string("00:19:06:ea:b8:8c"),
MacAddress.from_string("01:80:c2:00:00:03"))
self.assertEqual(expected_packed_message, packed_message)
def test_identity_response_message_packs(self):
expected_packed_message = build_byte_string(
"0180c2000003001422e9545e888e0100001102000011014a6f686e2e4d63477569726b"
)
message = IdentityMessage(
src_mac=MacAddress.from_string("00:14:22:e9:54:5e"),
message_id=0,
code=Eap.RESPONSE,
identity="John.McGuirk")
packed_message = MessagePacker.pack(
message, MacAddress.from_string("01:80:c2:00:00:03"))
self.assertEqual(expected_packed_message, packed_message)
def test_identity_response(self):
_id = self.test_eap_start().message_id
# input EapIdentityResponse
# output EapIdentityResponse on radius_output_q
message = IdentityMessage(self.src_mac, _id, Eap.RESPONSE, "host1user")
self.sm.event(EventMessageReceived(message, self.PORT_ID_MAC))
self.assertEqual(self.sm.state, self.sm.AAA_IDLE)
self.assertEqual(self.eap_output_queue.qsize(), 0)
self.assertEqual(self.radius_output_queue.qsize(), 1)
self.assertIsInstance(self.radius_output_queue.get_nowait()[0],
IdentityMessage)
def test_leave_timeout_failure2_with_identiy_response(self):
self.test_timeout_failure2_from_max_retransmits()
start_eap_q_size = self.eap_output_queue.qsize()
start_radius_q_size = self.radius_output_queue.qsize()
message = IdentityMessage(self.src_mac, 25, Eap.RESPONSE, "host1user")
self.sm.event(EventMessageReceived(message, self.PORT_ID_MAC))
self.assertEqual(self.sm.state, self.sm.AAA_IDLE)
self.assertEqual(self.eap_output_queue.qsize(), start_eap_q_size + 0)
self.assertEqual(self.radius_output_queue.qsize(),
start_radius_q_size + 1)
self.assertIsInstance(self.radius_output_queue.get_nowait()[0],
IdentityMessage)
def send_preemptive_identity_request(self, port_id):
"""
Message (EAP Identity Request) that notifies supplicant that port is using 802.1X
Args:
port_id (str):
"""
_id = get_random_id()
data = IdentityMessage(self.PAE_GROUP_ADDRESS, _id, Eap.REQUEST, "")
self.port_to_eapol_id[port_id] = _id
self.eap_output_messages.put_nowait(
EapQueueMessage(data, self.PAE_GROUP_ADDRESS,
MacAddress.from_string(port_id)))
self.logger.info("sending premptive on port %s", port_id)
def _send_identity_request(self):
"""
Message (EAP Identity Request) that notifies supplicant that port is using 802.1X
Args:
port_id (str):
"""
_id = get_random_id()
self.current_preemtive_eapol_id = _id
data = IdentityMessage(self.PAE_GROUP_ADDRESS, _id, Eap.REQUEST, "")
self.supplicant_output_messages.put_nowait(
EapQueueMessage(data, self.PAE_GROUP_ADDRESS,
MacAddress.from_string(self.port_id)))
return _id
def setUp(self):
src_mac = MacAddress.from_string("00:aa:bb:cc:dd:ee")
self.state_machine = build_state_machine(src_mac)
self.assertEqual(self.state_machine.state, "idle")
message = EapolStartMessage(MacAddress.from_string("00:12:34:56:78:90"))
self.state_machine.event(EventMessageReceived(message))
self.assertEqual(self.state_machine.state, "identity request sent")
self.assertEqual(self.state_machine.output_messages.qsize(), 1)
self.state_machine.output_messages.get()
message = IdentityMessage(MacAddress.from_string("00:12:34:56:78:90"), 1, Eap.RESPONSE, "betelgeuse")
self.state_machine.event(EventMessageReceived(message))
self.assertEqual(self.state_machine.state, "challenge sent")
self.assertEqual(self.state_machine.output_messages.qsize(), 1)
self.state_machine.output_messages.get()
def send_preemptive_identity_request(self, port_id, state_machine=None):
"""
Message (EAP Identity Request) that notifies supplicant that port is using 802.1X
Args:
port_id (str):
"""
_id = get_random_id()
# ID of preemptive reauth attempt must be different to ID of initial authentication.
if state_machine is not None and hasattr(state_machine, 'current_id'):
while _id == state_machine.current_id:
_id = get_random_id()
data = IdentityMessage(self.PAE_GROUP_ADDRESS, _id, Eap.REQUEST, "")
self.port_to_eapol_id[port_id] = _id
self.eap_output_messages.put_nowait(
EapQueueMessage(data, self.PAE_GROUP_ADDRESS,
MacAddress.from_string(port_id)))
self.logger.info("sending premptive on port %s with ID %s", port_id,
_id)
def build_req(self, current_id):
return IdentityMessage(self.src_mac, current_id, Eap.REQUEST, "")
def test_identity_request_received_moves_to_challenge_sent(self):
message = IdentityMessage(MacAddress.from_string("00:12:34:56:78:90"), 1, Eap.RESPONSE, "betelgeuse")
self.state_machine.event(EventMessageReceived(message))
self.assertEqual(self.state_machine.state, "challenge sent")
self.assertEqual(self.state_machine.output_messages.qsize(), 1)