Tech/start on ra learning

.github/workflows/e2e_pr.yaml

@@ -0,0 +1,149 @@
+# name: CI for ssh-mapper
+# on: [push, pull_request]
+
+# jobs:
+#   ssh-mapper-dropbear-server:
+#     if: ${{ !contains(github.event.head_commit.message, 'ci skip') }}
+#     runs-on: ubuntu-latest
+#     # strategy:
+#     #   fail-fast: true
+#     steps:
+#       - name: Checkout code
+#         uses: actions/checkout@v4
+
+#       - name: Start learning DropbearSSH server
+#         uses: hoverkraft-tech/[email protected]
+#         with:
+#           cwd: experiments/orchestration
+#           compose-file: "docker-compose-dropbear.yaml"
+#           up-flags: "--build -d"
+
+#       - name: Verify Result
+#         run: |
+#           # wait for the learning to be over
+#           while [ "$( docker container inspect -f '{{.State.Running}}' dropbear-learner )" = "true" ]; do date; echo "still learning"; sleep 5; done
+#           docker logs dropbear-ssh
+#           docker logs dropbear-mapper
+#           echo "pwd: "
+#           pwd
+#           echo "ls: "
+#           ls experiments/orchestration/learner_output_dropbear
+#           experiments/scripts/diff_hyps.sh experiments/results/servers/dropbear experiments/orchestration/learner_output_dropbear 3
+
+#   ssh-mapper-openssh7-server:
+#     if: ${{ !contains(github.event.head_commit.message, 'ci skip') }}
+#     runs-on: ubuntu-latest
+#     # strategy:
+#     #   fail-fast: true
+#     steps:
+#       - name: Checkout code
+#         uses: actions/checkout@v4
+
+#       - name: Start learning OpenSSH7 server
+#         run: pushd experiments/scripts/ && ./start_learning.sh openssh7 && popd
+
+#       - name: Verify Result
+#         run: |
+#           # wait for the learning to be over
+#           while [ "$( docker container inspect -f '{{.State.Running}}' openssh-learner7 )" = "true" ]; do date; echo "still learning"; sleep 5; done
+#           experiments/scripts/diff_hyps.sh experiments/results/servers/openssh7 experiments/orchestration/learner_output_openssh7 3
+
+#   ssh-mapper-openssh8-server:
+#     if: ${{ !contains(github.event.head_commit.message, 'ci skip') }}
+#     runs-on: ubuntu-latest
+#     # strategy:
+#     #   fail-fast: true
+#     steps:
+#       - name: Checkout code
+#         uses: actions/checkout@v4
+
+#       - name: Start learning OpenSSH8 server
+#         run: pushd experiments/scripts/ && ./start_learning.sh openssh8 && popd
+
+#       - name: Verify Result
+#         run: |
+#           # wait for the learning to be over
+#           while [ "$( docker container inspect -f '{{.State.Running}}' openssh-learner8 )" = "true" ]; do date; echo "still learning"; sleep 5; done
+#           experiments/scripts/diff_hyps.sh experiments/results/servers/openssh8 experiments/orchestration/learner_output_openssh8 2
+
+name: CI for SSH Mapper (Mealy Learning)
+on: [push, pull_request]
+
+jobs:
+  # This job performs Mealy learning for the Dropbear SSH server
+  ssh-mapper-dropbear-mealy:
+    # Skip this job if the commit message contains 'ci skip'
+    if: ${{ !contains(github.event.head_commit.message, 'ci skip') }}
+
+    # Use the latest Ubuntu runner provided by GitHub
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        # Uses the official GitHub Action to check out your repository code
+        uses: actions/checkout@v4
+
+      - name: Start learning Dropbear SSH server (Mealy Mode)
+        # Navigate to the scripts directory, execute start_learning.sh for Dropbear, then return.
+        # The start_learning.sh script handles its own pathing to the orchestration directory.
+        run: |
+          echo "Changing directory to experiments/scripts/ and starting learning..."
+          pushd experiments/scripts/
+          ./start_learning.sh dropbear # 'dropbear' as the single argument triggers Mealy learning
+          popd
+          echo "Learning process initiated."
+
+      - name: Verify Learning Result
+        # This step waits for the learner to complete and then verifies its output.
+        run: |
+          echo "--- Verifying Learning Results ---"
+
+          # IMPORTANT: We need to get the exact container ID for robust inspection.
+          # We assume the Docker Compose service for the learner is named 'learner' in your docker-compose-dropbear.yaml.
+          # The docker compose command must be run from the directory where docker-compose.yaml resides.
+          echo "Retrieving Learner Container ID..."
+          pushd experiments/orchestration/ # Temporarily change to the orchestration directory
+          # 'ps -q learner' gets the ID of the 'learner' service in the background
+          LEARNER_CONTAINER_ID=$(docker compose ps -q learner)
+          popd # Return to the repository root
+
+          if [ -z "${LEARNER_CONTAINER_ID}" ]; then
+            echo "Error: Learner container ID could not be found." >&2
+            echo "Please ensure your 'docker-compose-dropbear.yaml' has a service named 'learner' and it starts successfully." >&2
+            exit 1
+          fi
+          echo "Learner Container ID: ${LEARNER_CONTAINER_ID}"
+
+          # Wait for the learning process to be over (i.e., the container stops running)
+          echo "Waiting for learner container to stop..."
+          # The '2>/dev/null || echo "false"' part handles cases where the container might have already stopped
+          # or if 'docker inspect' fails for some other reason, preventing the script from breaking.
+          while [ "$(docker container inspect -f '{{.State.Running}}' "${LEARNER_CONTAINER_ID}" 2>/dev/null || echo "false")" = "true" ]; do
+            date # Print current date/time for progress tracking
+            echo "Still learning... (waiting for container ${LEARNER_CONTAINER_ID} to stop)"
+            sleep 5 # Wait for 5 seconds before checking again
+          done
+          echo "Learner container has stopped."
+
+          # --- Debugging Information (Essential for troubleshooting if verification fails) ---
+          echo "--- Debugging Learner Container Logs ---"
+          echo "Logs for container ${LEARNER_CONTAINER_ID}:"
+          docker logs "${LEARNER_CONTAINER_ID}" || echo "Could not retrieve logs for ${LEARNER_CONTAINER_ID} (it might have been removed)." >&2
+
+          echo "Exit Code for container ${LEARNER_CONTAINER_ID}:"
+          # Get the exit code; || true prevents this debug line from failing the step itself
+          docker inspect -f '{{.State.ExitCode}}' "${LEARNER_CONTAINER_ID}" || true
+          echo "--- End Debugging Learner Container ---"
+
+          # List contents of the output directory to verify files were generated
+          echo "Current working directory before listing output: $(pwd)"
+          echo "Listing contents of output directory: experiments/orchestration/learner_output_dropbear/"
+          # '-laR' provides long listing, all files, and recursive listing for subdirectories
+          ls -laR experiments/orchestration/learner_output_dropbear/ || { echo "Output directory not found or empty." >&2; exit 1; }
+
+          # Run the diff script to verify the generated hypothesis against a golden reference
+          echo "Running hypothesis comparison script..."
+          # This command's exit code determines the success/failure of this entire step
+          experiments/scripts/diff_hyps.sh experiments/results/servers/dropbear experiments/orchestration/learner_output_dropbear 3
+
+          echo "--- CI Verification Complete Successfully! ---"

.gitignore

@@ -27,4 +27,5 @@ ssh-mapper/paramiko.egg-info/**
 ssh-mapper/build/**
 ssh-mapper/dist/**
 ssh-mapper/mapper/__pycache__/**
-ssh-learner/target/**
+ssh-learner/target/**
+__pycache__/

README.md

@@ -29,7 +29,54 @@ The hacked version of paramiko can be found in manualparamiko directory. This fi
 Timing variances were a nuisance. Timing is controlled at various places:
 - The time.sleep() in mapper/mapper.py (controls set timeout between runs)
 - read_multiple_responses() in manualparamiko/transport.py (has both a timeout between responses and total timeout -in case of multiple responses- argument). 
-- Timeout based on the type of message can be set in the individual read_multiple_responses-calls. 
+- Timeout based on the type of message can be set in the individual read_multiple_responses-calls.
+
+# Orchestration
+
+Since the components were containerized to make it easy to run and not worry about missing dependencies.
+
+The Mapper and Learner have their Dockerfiles in their own directories. The ssh servers, dropbear and openssh, have their dockerfiles sitting in the `experiments/orchestration/dockerfiles` directory.
+
+In order to start learning most of the setup has been orchestrated with the help of the docker-compose files. All the learners have volume mappings so the learner outputs are available on the host machine. If you need to change or add any extra arguments for any learner or the mapper, you will have to edit the corresponding compose file.
+
+There is a script to simplify the starting of the learning setup where the `ssh-key` pair is also generated which can be used by the mapper. The containers are built locally and then the learning starts.
+
+
+`cd experiments/scripts`
+
+`./start_learning.sh`
+
+<code>
+Usage:
+  ./start_learning.sh <SUT>
+  ./start_learning.sh <SUT> <learning_algorithm>
+
+  <SUT>          : Required. The SSH server to experiment with.
+                        Must be one of: 'openssh7', 'openssh8', 'dropbear'.
+  <learning_algorithm> : Optional. Specifies the Register Automata (RA) learning algorithm.
+                        If provided, RA learning mode is activated.
+                        Known algorithms: RALAMBDA RASTAR. Ignored if not applicable.
+
+Examples:
+Mealy Learning:
+./start_learning.sh openssh8
+./start_learning.sh dropbear
+
+RA Learning:
+./start_learning.sh dropbear RALAMBDA
+./start_learning.sh openssh8 RASTAR
+</code>
+
+Whichever learner setup is run, based on the docker-compose file, the results will be generated in the volume mapped in each file, for instance:
+
+<u>Mealy learning dropbear:</u> `experiments/orchestration/learner_output_dropbear`
+
+<u>Mealy learning openssh7:</u> `experiments/orchestration/learner_output_openssh7`
+
+<u>RA learning dropbear:</u> `experiments/orchestration/learner_output_ra_dropbear`
+
+<u>RA learning openssh7:</u> `experiments/orchestration/learner_output_openssh7_ra`
+
 
 # Trimming script (mypydot)
 The python pydot package was altered to merge edges between the same nodes. 

experiments/orchestration/docker-compose-dropbear-ra.yaml

@@ -0,0 +1,52 @@
+version: "3.8"
+
+services:
+  dropbear-ssh-ra:
+    build:
+      context: .
+      dockerfile: dockerfiles/Dockerfile.dropbear
+    container_name: dropbear-ssh-ra
+    ports:
+      - "2222:22"
+    networks:
+      - dropbear_network_ra
+    volumes:
+      - ./ssh-keys/learner-ssh.pub:/root/.ssh/id_rsa.pub:ro
+      - ./ssh-keys/learner-ssh:/root/.ssh/id_rsa:ro
+    entrypoint: ["sh", "-c", "cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys && /usr/local/sbin/dropbear -F -E -j -k -s"]
+
+
+  dropbear-mapper-ra:
+    build:
+      context: ../../ssh-mapper
+      dockerfile: Dockerfile
+    container_name: dropbear-mapper-ra
+    ports:
+      - "8080:8080"
+    depends_on:
+      - dropbear-ssh-ra
+    networks:
+      - dropbear_network_ra
+    volumes:
+      - ./ssh-keys/learner-ssh.pub:/root/.ssh/id_rsa.pub:ro
+      - ./ssh-keys/learner-ssh:/root/.ssh/id_rsa:ro
+    command: -l 0.0.0.0:8080 -s dropbear-ssh-ra:22 -f server
+
+  dropbear-learner-ra:
+    build:
+      context: ../../ssh-learner
+      dockerfile: Dockerfile
+    container_name: dropbear-learner-ra
+    networks:
+      - dropbear_network_ra
+    depends_on:
+      - dropbear-ssh-ra
+      - dropbear-mapper-ra
+    volumes:
+      - ./learner_output_ra_dropbear:/app/output_folder
+      - ../../ssh-learner/inputs/alphabets/servers/:/app/inputs/alphabets/servers/
+    command: ["java", "-cp", "./ssh-learner.jar:./lib/*", "learner.RALearnerMain", "state-fuzzer-server", "-connect", "dropbear-mapper-ra:8080", "-alphabet", "/app/inputs/alphabets/servers/ra_input.xml", "-output", "/app/output_folder", "-sshMapperAddress", "dropbear-mapper-ra:8080", "-debug", "-learningAlgorithm", "${LEARNING_ALGORITHM}", "-equivalenceAlgorithms", "IO_RANDOM_WALK"]
+
+networks:
+  dropbear_network_ra:
+    driver: bridge

experiments/orchestration/docker-compose-dropbear.yaml

@@ -0,0 +1,52 @@
+version: "3.8"
+
+services:
+  dropbear-ssh:
+    build:
+      context: .
+      dockerfile: dockerfiles/Dockerfile.dropbear
+    container_name: dropbear-ssh
+    # ports:
+    #   - "2222:22"
+    networks:
+      - dropbear_network
+    volumes:
+      - ./ssh-keys/learner-ssh.pub:/root/.ssh/id_rsa.pub:ro
+      - ./ssh-keys/learner-ssh:/root/.ssh/id_rsa:ro
+    entrypoint: ["sh", "-c", "cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys && /usr/local/sbin/dropbear -F -E -j -k -s"]
+
+
+  dropbear-mapper:
+    build:
+      context: ../../ssh-mapper
+      dockerfile: Dockerfile
+    container_name: dropbear-mapper
+    # ports:
+    #   - "8080:8080"
+    depends_on:
+      - dropbear-ssh
+    networks:
+      - dropbear_network
+    volumes:
+      - ./ssh-keys/learner-ssh.pub:/root/.ssh/id_rsa.pub:ro
+      - ./ssh-keys/learner-ssh:/root/.ssh/id_rsa:ro
+    command: -l 0.0.0.0:8080 -s dropbear-ssh:22 -f server
+
+  dropbear-learner:
+    build:
+      context: ../../ssh-learner
+      dockerfile: Dockerfile
+    container_name: dropbear-learner
+    networks:
+      - dropbear_network
+    depends_on:
+      - dropbear-ssh
+      - dropbear-mapper
+    volumes:
+      - ./learner_output_dropbear:/app/output_folder
+      - ../../ssh-learner/inputs/alphabets/servers/:/app/inputs/alphabets/servers/
+    command: ["java", "-cp", "./ssh-learner.jar:./lib/*", "learner.Main", "state-fuzzer-server", "-connect", "dropbear-mapper:8080", "-alphabet", "/app/inputs/alphabets/servers/trans_auth.xml", "-output", "/app/output_folder", "-sshMapperAddress", "dropbear-mapper:8080", "-debug", "-roundLimit", "3"]
+
+networks:
+  dropbear_network:
+    driver: bridge