def StreamChannelMock(request_iterator, context):
for req in request_iterator:
if req.HasField('arbitration'):
rep = p4runtime_pb2.StreamMessageResponse()
rep.arbitration.CopyFrom(req.arbitration)
rep.arbitration.status.code = code_pb2.ALREADY_EXISTS
yield rep
def test_packet_in(self):
# In this tests we will send a packet-in message from the servicer and check if
# packet_in.sniff method works
msg = p4runtime_pb2.StreamMessageResponse()
msg.packet.payload = b'Random packet-in payload'
md = p4runtime_pb2.PacketMetadata()
md.metadata_id = 1
md.value = b'\x00\x01'
msg.packet.metadata.append(md)
# Have to sniff the packet in another thread since this blocks the thread
packet_in = sh.PacketIn()
captured_packet = []
def _sniff_packet(captured_packet):
captured_packet += packet_in.sniff(timeout=1)
_t = Thread(target=_sniff_packet, args=(captured_packet, ))
_t.start()
# TODO: modify the servicer to send stream message?
sh.client.stream_in_q["packet"].put(msg)
_t.join()
self.assertEqual(len(captured_packet), 1)
self.assertEqual(captured_packet[0], msg)
def sniffer_thread():
global packetLim
sniffer_instance = Sniffer(ServerConfig.PACKETIN_IFACE, 1500)
newPacketIn = PacketInStruct()
c_packet_id = 0
print "Sniffer Thread Started"
while True:
pack_data = sniffer_instance.recv_packet_in()
if (pack_data != False) and pack_data[0] >= 0 and pack_data[0] < len(
packetLim) and (not packetLim[pack_data[0]]):
packetLim[pack_data[0]] = True
newPacketIn = PacketInStruct()
newPacketIn.packetInResponse = p4runtime_pb2.StreamMessageResponse(
)
newPacketIn.packetInResponse.packet.payload = pack_data[2]
newPacketIn.metadata = newPacketIn.packetInResponse.packet.metadata.add(
)
newPacketIn.metadata.metadata_id = pack_data[0]
newPacketIn.metadata.value = pack_data[1]
newPacketIn.packet_id = c_packet_id
c_packet_id = c_packet_id + 1
print "EXPT: Packet-in (%d): interface => server %.9f" % (
c_packet_id, time.time())
ConnectionArray.sendPacketInToBuffer(newPacketIn)
def __init__(self):
self.packetInResponse = p4runtime_pb2.StreamMessageResponse()
self.packetInResponse.packet.payload = " "
self.metadata = self.packetInResponse.packet.metadata.add()
self.metadata.metadata_id = 0
self.metadata.value = " "
self.packet_id = 0
def StreamChannel(self, request_iterator, context):
for req in request_iterator:
if req.HasField('arbitration'):
rep = p4runtime_pb2.StreamMessageResponse()
rep.arbitration.CopyFrom(req.arbitration)
rep.arbitration.status.code = code_pb2.OK
yield rep
elif req.HasField('packet'):
self.stored_packet_out.put(req)
def process_streamChannel(self, request_iterator, context):
peer_key = context.peer()
userAuthenticated = False
login = False
while True:
try:
req = next(request_iterator)
except grpc.RpcError as e: # End of connection
if login is not False:
ConnectionArray.remove(peer_key)
return
if userAuthenticated:
packet_in = ConnectionArray.getPacketInFromBuffer(
login.user_name)
if packet_in is not False:
# -------- Begin Info Flow Control -------- #
print "EXPT: vIFC Start %.9f" % time.time()
ifc_result = VerifyEvent.verify_event_packet_in(
packet_in.packetInResponse.packet, context)
print "EXPT: vIFC Finish %.9f" % time.time()
if ifc_result[0] == VIFC_RESPONSE_BLOCK:
print "IFC Blocked Flow"
context.set_code(grpc.StatusCode.CANCELLED)
context.set_details(
"Attempted CAP Attack block by vIFC")
ServerLog.print_log(
"IFC Blocked flow of Packet-in (%d) was being sent to (%s): %.9f"
% (packet_in.packet_id, login.user_name,
time.time()))
else:
if ifc_result[0] == VIFC_RESPONSE_WARN:
print "IFC Warned Flow: {}".format(ifc_result[1])
ServerLog.print_log(
"IFC Warned flow of Packet-in (%d) sent to (%s): %.9f"
% (packet_in.packet_id, login.user_name,
time.time()))
print "EXPT: Packet-in (%d): server => controller: %.9f" % (
packet_in.packet_id, time.time())
print packet_in.packetInResponse
yield packet_in.packetInResponse
ServerLog.print_log(
"Packet-in (%d) sent to (%s): %.9f" %
(packet_in.packet_id, login.user_name,
time.time()))
# --------- End Info Flow Control --------- #
# Authentication message.
if req.HasField(
"other"
) and req.other.type_url == "type.googleapis.com/Auth":
ServerConfig.print_debug(
"Received authentication message from {}({}):".format(
context.peer(),
ConnectionArray.getUsername(context.peer())))
ServerConfig.print_debug(req)
# Add the connection to the pool.
login = auth_pb2.Auth.FromString(req.other.value)
ConnectionArray.add(peer_key, login.user_name)
username = ConnectionArray.getUsername(context.peer())
# Authenticate the current connection if it isn't authenticated yet.
# Keep in mind that an user with the CONNECTED state is not authenticated.
if ConnectionArray.isConnected(context.peer()) is True:
if Auth.authenticate(login.user_name,
login.passwd) is True:
userAuthenticated = True
ConnectionArray.authenticate(context.peer())
else:
context.set_code(grpc.StatusCode.PERMISSION_DENIED)
context.set_details("Invalid username or password")
yield p4runtime_pb2.StreamMessageResponse()
succ = auth_pb2.Auth()
succ.user_name = "Auth success"
succ.passwd = ""
resp = p4runtime_pb2.StreamMessageResponse()
resp.other.Pack(succ)
yield resp
# Arbitration update.
elif req.HasField("arbitration"):
ServerConfig.print_debug(
"Received master arbitration message from peer '{}' ({}):".
format(context.peer(),
ConnectionArray.getUsername(context.peer())))
ServerConfig.print_debug(req)
yield RPC_mgmt.MasterArbitration(self, req, context)
# Packet-out message.
elif req.HasField("packet"):
packet = req.packet
print "EXPT: Packet-out: controller => server %.9f" % time.time(
)
ServerConfig.print_debug(
"Packet-out arrived from the controller, for switch {} input port {}"
.format(packet.metadata[0].metadata_id,
hexlify(packet.metadata[0].value)))
# -------- Begin Info Flow Control -------- #
print "EXPT: vIFC Start %.9f" % time.time()
ifc_result = VerifyEvent.verify_event_packet_out(
packet, context)
print "EXPT: vIFC Finish %.9f" % time.time()
if ifc_result[0] == VIFC_RESPONSE_BLOCK:
print "IFC Blocked Flow"
elif ifc_result[0] == VIFC_RESPONSE_WARN:
print "IFC Warned Flow: {}".format(ifc_result[1])
# --------- End Info Flow Control --------- #
# print "Payload: {}".format(hexlify(packet.payload)) # we need to be quick
RPC_mgmt.ProcessPacketOut(packet)
print "EXPT: Packet-out: server => interface %.9f" % time.time(
)
ServerLog.print_log(
"Packet-out from (%s) to switch (%d): %.9f" %
(login.user_name, int(
packet.metadata[0].metadata_id), time.time()))
def MasterArbitration(self, request, context):
resp = p4runtime_pb2.StreamMessageResponse()
request.arbitration.device_id = 1
resp.arbitration.CopyFrom(request.arbitration)
resp.arbitration.status.code = code_pb2.OK
return resp
