Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / 54cffa0b93113de9e4539516e207957c6740873c / . / security / test_bmc_connections.robot
blob: 54ccd0edb119189377b946e8a03e140c5cc394d0 [file] [log] [blame]
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]1*** Settings ***
2Documentation Connections and authentication module stability tests.
3
4Resource ../lib/bmc_redfish_resource.robot
5Resource ../lib/bmc_network_utils.robot
6Resource ../lib/openbmc_ffdc.robot
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]7Resource ../lib/resource.robot
8Resource ../lib/utils.robot
9Resource ../lib/connection_client.robot
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]10Library ../lib/bmc_network_utils.py
11
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]12Library SSHLibrary
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]13Library Collections
Prashanth Kattiee26d5e2021-05-21 00:38:31 -0500[diff] [blame]14Library XvfbRobot
15Library OperatingSystem
16Library Selenium2Library 120 120
17Library Telnet 30 Seconds
18Library Screenshot
19
20Variables ../gui/data/gui_variables.py
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]21
22*** Variables ***
23
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]24${iterations} 10000
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]25${loop_iteration} ${1000}
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]26${hostname} test_hostname
27${MAX_UNAUTH_PER_IP} ${5}
Prashanth Kattiee26d5e2021-05-21 00:38:31 -0500[diff] [blame]28${bmc_url} https://${OPENBMC_HOST}
29
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]30
31*** Test Cases ***
32
33Test Patch Without Auth Token Fails
34 [Documentation] Send patch method without auth token and verify it throws an error.
George Keishing966a4c52020-05-13 10:53:58 -0500[diff] [blame]35 [Tags] Test_Patch_Without_Auth_Token_Fails
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]36
37 Redfish.Patch ${REDFISH_NW_PROTOCOL_URI} body={'HostName': '${hostname}'}
38 ... valid_status_codes=[${HTTP_UNAUTHORIZED}, ${HTTP_FORBIDDEN}]
39
40
41Flood Patch Without Auth Token And Check Stability Of BMC
42 [Documentation] Flood patch method without auth token and check BMC stability.
43 [Tags] Flood_Patch_Without_Auth_Token_And_Check_Stability_Of_BMC
44 @{status_list}= Create List
45
46 FOR ${i} IN RANGE ${1} ${iterations}
47 Log To Console ${i}th iteration
48 Run Keyword And Ignore Error
49 ... Redfish.Patch ${REDFISH_NW_PROTOCOL_URI} body={'HostName': '${hostname}'}
50
51 # Every 100th iteration, check BMC allows patch with auth token.
52 ${status}= Run Keyword If ${i} % 100 == 0 Run Keyword And Return Status
53 ... Login And Configure Hostname
54 Run Keyword If ${status} == False Append To List ${status_list} ${status}
55 END
56 ${verify_count}= Evaluate ${iterations}/100
57 ${fail_count}= Get Length ${status_list}
58
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]59 Should Be Equal ${fail_count} 0
60 ... msg=Patch operation failed ${fail_count} times in ${verify_count} attempts
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]61
62
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]63Verify Uer Cannot Login After 5 Non-Logged In Sessions
64 [Documentation] User should not be able to login when there
65 ... are 5 non-logged in sessions.
66 [Tags] Verify_User_Cannot_Login_After_5_Non-Logged_In_Sessions
67
68 FOR ${i} IN RANGE ${0} ${MAX_UNAUTH_PER_IP}
69 SSHLibrary.Open Connection ${OPENBMC_HOST}
70 Start Process ssh ${OPENBMC_USERNAME}@${OPENBMC_HOST} shell=True
71 END
72
73 SSHLibrary.Open Connection ${OPENBMC_HOST}
74 ${status}= Run Keyword And Return Status SSHLibrary.Login ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]75
Anvesh Kumar Rayankula85df1372020-04-28 05:01:14 -0500[diff] [blame]76 Should Be Equal ${status} ${False}
77
78
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]79Test Post Without Auth Token Fails
80 [Documentation] Send post method without auth token and verify it throws an error.
81 [Tags] Test_Post_Without_Auth_Token_Fails
82
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]83 ${user_info}= Create Dictionary
84 ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]85 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{user_info}
86 ... valid_status_codes=[${HTTP_UNAUTHORIZED}, ${HTTP_FORBIDDEN}]
87
88
89Flood Post Without Auth Token And Check Stability Of BMC
90 [Documentation] Flood post method without auth token and check BMC stability.
91 [Tags] Flood_Post_Without_Auth_Token_And_Check_Stability_Of_BMC
92
93 @{status_list}= Create List
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]94 ${user_info}= Create Dictionary
95 ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]96
97 FOR ${i} IN RANGE ${1} ${iterations}
98 Log To Console ${i}th iteration
99 Run Keyword And Ignore Error
100 ... Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{user_info}
101
102 # Every 100th iteration, check BMC allows post with auth token.
103 ${status}= Run Keyword If ${i} % 100 == 0 Run Keyword And Return Status
104 ... Login And Create User
105 Run Keyword If ${status} == False Append To List ${status_list} ${status}
106 END
107 ${verify_count}= Evaluate ${iterations}/100
108 ${fail_count}= Get Length ${status_list}
109
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]110 Should Be Equal ${fail_count} 0
111 ... msg=Post operation failed ${fail_count} times in ${verify_count} attempts
112
113
114Make Large Number Of Wrong SSH Login Attempts And Check Stability
115 [Documentation] Check BMC stability with large number of SSH wrong login requests.
116 [Tags] Make_Large_Number_Of_Wrong_SSH_Login_Attempts_And_Check_Stability
117 [Setup] Set Account Lockout Threshold
118 [Teardown] FFDC On Test Case Fail
119
120 SSHLibrary.Open Connection ${OPENBMC_HOST}
121 @{ssh_status_list}= Create List
122 FOR ${i} IN RANGE ${loop_iteration}
123 Log To Console ${i}th iteration
124 ${invalid_password}= Catenate ${OPENBMC_PASSWORD}${i}
125 Run Keyword and Ignore Error
126 ... Open Connection And Log In ${OPENBMC_USERNAME} ${invalid_password}
127
128 # Every 100th iteration Login with correct credentials
129 ${status}= Run keyword If ${i} % ${100} == ${0} Run Keyword And Return Status
130 ... Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
131 Run Keyword If ${status} == ${False} Append To List ${ssh_status_list} ${status}
132 SSHLibrary.Close Connection
133 END
134
135 ${valid_login_count}= Evaluate ${iterations}/100
136 ${fail_count}= Get Length ${ssh_status_list}
137 Should Be Equal ${fail_count} ${0}
138 ... msg= Login Failed ${fail_count} times in ${valid_login_count} attempts.
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]139
140
Prashanth Kattiee26d5e2021-05-21 00:38:31 -0500[diff] [blame]141Test Stability On Large Number Of Wrong Login Attempts To GUI
142 [Documentation] Test stability on large number of wrong login attempts to GUI.
143 [Tags] Test_Stability_On_Large_Number_Of_Wrong_Login_Attempts_To_GUI
144
145 @{status_list}= Create List
146
147 # Open headless browser.
148 Start Virtual Display
149 ${browser_ID}= Open Browser ${bmc_url} alias=browser1
150 Set Window Size 1920 1080
151
152 Go To ${bmc_url}
153
154 FOR ${i} IN RANGE ${1} ${iterations}
155 Log To Console ${i}th login
156 Run Keyword And Ignore Error Login to GUI With Wrong Credentials
157
158 # Every 100th iteration, check BMC GUI is responsive.
159 ${status}= Run Keyword If ${i} % 100 == 0 Run Keyword And Return Status
160 ... Open Browser ${bmc_url}
161 Append To List ${status_list} ${status}
162 Run Keyword If '${status}' == 'True' Run Keywords Close Browser AND Switch Browser browser1
163 END
164
165 ${fail_count}= Count Values In List ${status_list} False
166 Run Keyword If ${fail_count} > ${0} FAIL Could not open BMC GUI ${fail_count} times
167
168
Prashanth Kattifa699cf2020-04-06 10:13:33 -0500[diff] [blame]169*** Keywords ***
170
171Login And Configure Hostname
172 [Documentation] Login and configure hostname
173
174 [Teardown] Redfish.Logout
175
176 Redfish.Login
177
178 Redfish.patch ${REDFISH_NW_PROTOCOL_URI} body={'HostName': '${hostname}'}
179 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NO_CONTENT}]
180
Prashanth Katti91e59712020-04-14 08:12:09 -0500[diff] [blame]181
182Login And Create User
183 [Documentation] Login and create user
184
185 [Teardown] Redfish.Logout
186
187 Redfish.Login
188
Anvesh Kumar Rayankula3cddd032020-03-26 04:16:13 -0500[diff] [blame]189 ${user_info}= Create Dictionary
190 ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
191 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{user_info}
192 ... valid_status_codes=[${HTTP_OK}]
193
194
195Set Account Lockout Threshold
196 [Documentation] Set user account lockout threshold.
197
198 [Teardown] Redfish.Logout
199
200 Redfish.Login
201 Redfish.Patch /redfish/v1/AccountService body=[('AccountLockoutThreshold', 0)]
Prashanth Kattiee26d5e2021-05-21 00:38:31 -0500[diff] [blame]202
203
204Login to GUI With Incorrect Credentials
205 [Documentation] Login to GUI With Wrong Credentials.
206
207 Input Text ${xpath_textbox_username} root
208 Input Password ${xpath_textbox_password} incorrect_password
209 Click Button ${xpath_login_button}