Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / 7d45e3d08ec5f817dcf32c2910666cbd560af956 / . / security / test_bmc_connections.robot
blob: a87e69a3e8a5bbcae079bafef93fbf46897ea0dc [file] [log] [blame]
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]1*** Settings ***
2Documentation Connections and authentication module stability tests.
3
4Resource ../lib/bmc_redfish_resource.robot
5Resource ../lib/bmc_network_utils.robot
6Resource ../lib/openbmc_ffdc.robot
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]7Resource ../lib/resource.robot
8Resource ../lib/utils.robot
9Resource ../lib/connection_client.robot
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]10Library ../lib/bmc_network_utils.py
11
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]12Library SSHLibrary
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]13Library OperatingSystem
14Library Collections
15
16*** Variables ***
17
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]18${iterations} 10000
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]19${loop_iteration} ${1000}
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]20${hostname} test_hostname
21${MAX_UNAUTH_PER_IP} ${5}
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]22
23*** Test Cases ***
24
25Test Patch Without Auth Token Fails
26 [Documentation] Send patch method without auth token and verify it throws an error.
George Keishing966a4c52020-05-13 10:53:58 -0500[diff] [blame]27 [Tags] Test_Patch_Without_Auth_Token_Fails
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]28
29 Redfish.Patch ${REDFISH_NW_PROTOCOL_URI} body={'HostName': '${hostname}'}
30 ... valid_status_codes=[${HTTP_UNAUTHORIZED}, ${HTTP_FORBIDDEN}]
31
32
33Flood Patch Without Auth Token And Check Stability Of BMC
34 [Documentation] Flood patch method without auth token and check BMC stability.
35 [Tags] Flood_Patch_Without_Auth_Token_And_Check_Stability_Of_BMC
36 @{status_list}= Create List
37
38 FOR ${i} IN RANGE ${1} ${iterations}
39 Log To Console ${i}th iteration
40 Run Keyword And Ignore Error
41 ... Redfish.Patch ${REDFISH_NW_PROTOCOL_URI} body={'HostName': '${hostname}'}
42
43 # Every 100th iteration, check BMC allows patch with auth token.
44 ${status}= Run Keyword If ${i} % 100 == 0 Run Keyword And Return Status
45 ... Login And Configure Hostname
46 Run Keyword If ${status} == False Append To List ${status_list} ${status}
47 END
48 ${verify_count}= Evaluate ${iterations}/100
49 ${fail_count}= Get Length ${status_list}
50
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]51 Should Be Equal ${fail_count} 0
52 ... msg=Patch operation failed ${fail_count} times in ${verify_count} attempts
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]53
54
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]55Verify Uer Cannot Login After 5 Non-Logged In Sessions
56 [Documentation] User should not be able to login when there
57 ... are 5 non-logged in sessions.
58 [Tags] Verify_User_Cannot_Login_After_5_Non-Logged_In_Sessions
59
60 FOR ${i} IN RANGE ${0} ${MAX_UNAUTH_PER_IP}
61 SSHLibrary.Open Connection ${OPENBMC_HOST}
62 Start Process ssh ${OPENBMC_USERNAME}@${OPENBMC_HOST} shell=True
63 END
64
65 SSHLibrary.Open Connection ${OPENBMC_HOST}
66 ${status}= Run Keyword And Return Status SSHLibrary.Login ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]67
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]68 Should Be Equal ${status} ${False}
69
70
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]71Test Post Without Auth Token Fails
72 [Documentation] Send post method without auth token and verify it throws an error.
73 [Tags] Test_Post_Without_Auth_Token_Fails
74
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]75 ${user_info}= Create Dictionary
76 ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]77 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{user_info}
78 ... valid_status_codes=[${HTTP_UNAUTHORIZED}, ${HTTP_FORBIDDEN}]
79
80
81Flood Post Without Auth Token And Check Stability Of BMC
82 [Documentation] Flood post method without auth token and check BMC stability.
83 [Tags] Flood_Post_Without_Auth_Token_And_Check_Stability_Of_BMC
84
85 @{status_list}= Create List
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]86 ${user_info}= Create Dictionary
87 ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]88
89 FOR ${i} IN RANGE ${1} ${iterations}
90 Log To Console ${i}th iteration
91 Run Keyword And Ignore Error
92 ... Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{user_info}
93
94 # Every 100th iteration, check BMC allows post with auth token.
95 ${status}= Run Keyword If ${i} % 100 == 0 Run Keyword And Return Status
96 ... Login And Create User
97 Run Keyword If ${status} == False Append To List ${status_list} ${status}
98 END
99 ${verify_count}= Evaluate ${iterations}/100
100 ${fail_count}= Get Length ${status_list}
101
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]102 Should Be Equal ${fail_count} 0
103 ... msg=Post operation failed ${fail_count} times in ${verify_count} attempts
104
105
106Make Large Number Of Wrong SSH Login Attempts And Check Stability
107 [Documentation] Check BMC stability with large number of SSH wrong login requests.
108 [Tags] Make_Large_Number_Of_Wrong_SSH_Login_Attempts_And_Check_Stability
109 [Setup] Set Account Lockout Threshold
110 [Teardown] FFDC On Test Case Fail
111
112 SSHLibrary.Open Connection ${OPENBMC_HOST}
113 @{ssh_status_list}= Create List
114 FOR ${i} IN RANGE ${loop_iteration}
115 Log To Console ${i}th iteration
116 ${invalid_password}= Catenate ${OPENBMC_PASSWORD}${i}
117 Run Keyword and Ignore Error
118 ... Open Connection And Log In ${OPENBMC_USERNAME} ${invalid_password}
119
120 # Every 100th iteration Login with correct credentials
121 ${status}= Run keyword If ${i} % ${100} == ${0} Run Keyword And Return Status
122 ... Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
123 Run Keyword If ${status} == ${False} Append To List ${ssh_status_list} ${status}
124 SSHLibrary.Close Connection
125 END
126
127 ${valid_login_count}= Evaluate ${iterations}/100
128 ${fail_count}= Get Length ${ssh_status_list}
129 Should Be Equal ${fail_count} ${0}
130 ... msg= Login Failed ${fail_count} times in ${valid_login_count} attempts.
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]131
132
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]133*** Keywords ***
134
135Login And Configure Hostname
136 [Documentation] Login and configure hostname
137
138 [Teardown] Redfish.Logout
139
140 Redfish.Login
141
142 Redfish.patch ${REDFISH_NW_PROTOCOL_URI} body={'HostName': '${hostname}'}
143 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NO_CONTENT}]
144
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]145
146Login And Create User
147 [Documentation] Login and create user
148
149 [Teardown] Redfish.Logout
150
151 Redfish.Login
152
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]153 ${user_info}= Create Dictionary
154 ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
155 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{user_info}
156 ... valid_status_codes=[${HTTP_OK}]
157
158
159Set Account Lockout Threshold
160 [Documentation] Set user account lockout threshold.
161
162 [Teardown] Redfish.Logout
163
164 Redfish.Login
165 Redfish.Patch /redfish/v1/AccountService body=[('AccountLockoutThreshold', 0)]