This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Neels Hofmeyr gerrit-no-reply at lists.osmocom.orgReview at https://gerrit.osmocom.org/7059 ciph command: return more meaningful cause values Instead of just GSM48_REJECT_NETWORK_FAILURE, allow returning GSM48_REJECT_* causes from the vlr_ops.set_ciph_mode() callback. In msc_vlr_set_ciph_mode(), return ILLEGAL_MS if no usable cipher could be determined or PROTOCOL_ERROR for RAN mismatches. This is just a feeble attempt at getting going in the right direction with cause values, while I'm still looking at the Cipher Mode Command code... Change-Id: I4db77fea1a4bcd161218582126a5d83ca171f7cb --- M include/osmocom/msc/vlr.h M src/libmsc/gsm_04_08.c M src/libvlr/vlr_access_req_fsm.c M src/libvlr/vlr_lu_fsm.c M tests/msc_vlr/msc_vlr_test_gsm_ciph.err 5 files changed, 36 insertions(+), 17 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-msc refs/changes/59/7059/1 diff --git a/include/osmocom/msc/vlr.h b/include/osmocom/msc/vlr.h index c4b8cf6..57e3fc9 100644 --- a/include/osmocom/msc/vlr.h +++ b/include/osmocom/msc/vlr.h @@ -212,6 +212,8 @@ int (*tx_cm_serv_acc)(void *msc_conn_ref); int (*tx_cm_serv_rej)(void *msc_conn_ref, enum vlr_proc_arq_result result); + /* \returns 0 on success, positive to return specific GSM48_REJECT_* causes, or negative to + * indicate GSM48_REJECT_NETWORK_FAILURE. */ int (*set_ciph_mode)(void *msc_conn_ref, bool umts_aka, bool retrieve_imeisv); /* UTRAN: send Common Id (when auth+ciph are complete) */ diff --git a/src/libmsc/gsm_04_08.c b/src/libmsc/gsm_04_08.c index 995bbf6..93796d8 100644 --- a/src/libmsc/gsm_04_08.c +++ b/src/libmsc/gsm_04_08.c @@ -3624,7 +3624,7 @@ if (!conn || !conn->vsub) { LOGP(DMM, LOGL_ERROR, "Cannot send Ciphering Mode Command to" " NULL conn/subscriber"); - return -EINVAL; + return GSM48_REJECT_ILLEGAL_MS; } vsub = conn->vsub; @@ -3634,7 +3634,7 @@ LOGP(DMM, LOGL_ERROR, "subscr %s: Cannot send Ciphering Mode" " Command: no auth tuple available\n", vlr_subscr_name(vsub)); - return -EINVAL; + return GSM48_REJECT_ILLEGAL_MS; } switch (conn->via_ran) { @@ -3657,7 +3657,7 @@ LOGP(DMM, LOGL_ERROR, "%s: cannot start ciphering, no intersection " "between MSC-configured and MS-supported A5 algorithms\n", vlr_subscr_name(conn->vsub)); - return -ENOTSUP; + return GSM48_REJECT_ILLEGAL_MS; } /* In case of UMTS AKA, the Kc for ciphering must be derived from the 3G auth @@ -3680,7 +3680,7 @@ #else LOGP(DMM, LOGL_ERROR, "Cannot send Security Mode Control over RAN_UTRAN_IU," " built without Iu support\n"); - return -ENOTSUP; + return GSM48_REJECT_PROTOCOL_ERROR; #endif default: @@ -3689,7 +3689,7 @@ LOGP(DMM, LOGL_ERROR, "%s: cannot start ciphering, unknown RAN type %d\n", vlr_subscr_name(conn->vsub), conn->via_ran); - return -ENOTSUP; + return GSM48_REJECT_PROTOCOL_ERROR; } void msc_rx_sec_mode_compl(struct gsm_subscriber_connection *conn) diff --git a/src/libvlr/vlr_access_req_fsm.c b/src/libvlr/vlr_access_req_fsm.c index 556e694..94ce8fc 100644 --- a/src/libvlr/vlr_access_req_fsm.c +++ b/src/libvlr/vlr_access_req_fsm.c @@ -284,6 +284,7 @@ { struct proc_arq_priv *par = fi->priv; struct vlr_subscr *vsub = par->vsub; + int rc; LOGPFSM(fi, "%s()\n", __func__); @@ -292,13 +293,27 @@ return; } - if (vlr_set_ciph_mode(vsub->vlr, fi, par->msc_conn_ref, - par->ciphering_required, - vlr_use_umts_aka(&vsub->last_tuple->vec, par->is_r99), - vsub->vlr->cfg.retrieve_imeisv_ciphered)) { + rc = vlr_set_ciph_mode(vsub->vlr, fi, par->msc_conn_ref, + par->ciphering_required, + vlr_use_umts_aka(&vsub->last_tuple->vec, par->is_r99), + vsub->vlr->cfg.retrieve_imeisv_ciphered); + if (rc) { + enum vlr_proc_arq_result err; LOGPFSML(fi, LOGL_ERROR, "Failed to send Ciphering Mode Command\n"); - proc_arq_fsm_done(fi, VLR_PR_ARQ_RES_SYSTEM_FAILURE); + switch (rc) { + case GSM48_REJECT_ILLEGAL_MS: + err = VLR_PR_ARQ_RES_ILLEGAL_SUBSCR; + break; + case GSM48_REJECT_ILLEGAL_ME: + err = VLR_PR_ARQ_RES_ILLEGAL_EQUIP; + break; + /* TODO: more meaningful causes */ + default: + err = VLR_PR_ARQ_RES_SYSTEM_FAILURE; + break; + } + proc_arq_fsm_done(fi, err); return; } diff --git a/src/libvlr/vlr_lu_fsm.c b/src/libvlr/vlr_lu_fsm.c index b36e4e3..127d488 100644 --- a/src/libvlr/vlr_lu_fsm.c +++ b/src/libvlr/vlr_lu_fsm.c @@ -846,6 +846,7 @@ { struct lu_fsm_priv *lfp = lu_fsm_fi_priv(fi); struct vlr_subscr *vsub = lfp->vsub; + int rc; LOGPFSM(fi, "%s()\n", __func__); @@ -862,13 +863,14 @@ return; } - if (vlr_set_ciph_mode(vsub->vlr, fi, lfp->msc_conn_ref, - lfp->ciphering_required, - vlr_use_umts_aka(&vsub->last_tuple->vec, lfp->is_r99), - vsub->vlr->cfg.retrieve_imeisv_ciphered)) { + rc = vlr_set_ciph_mode(vsub->vlr, fi, lfp->msc_conn_ref, + lfp->ciphering_required, + vlr_use_umts_aka(&vsub->last_tuple->vec, lfp->is_r99), + vsub->vlr->cfg.retrieve_imeisv_ciphered); + if (rc) { LOGPFSML(fi, LOGL_ERROR, "Failed to send Ciphering Mode Command\n"); - lu_fsm_failure(fi, GSM48_REJECT_NETWORK_FAILURE); + lu_fsm_failure(fi, rc > 0? rc : GSM48_REJECT_NETWORK_FAILURE); return; } diff --git a/tests/msc_vlr/msc_vlr_test_gsm_ciph.err b/tests/msc_vlr/msc_vlr_test_gsm_ciph.err index 71c5b28..4786412 100644 --- a/tests/msc_vlr/msc_vlr_test_gsm_ciph.err +++ b/tests/msc_vlr/msc_vlr_test_gsm_ciph.err @@ -1787,9 +1787,9 @@ DMM -> CIPHER MODE COMMAND IMSI:901700000004620 DMSC CLASSMARK 2 unknown, assuming MS doesn't support A5/3 DMM IMSI:901700000004620: cannot start ciphering, no intersection between MSC-configured and MS-supported A5 algorithms -- ERROR sending ciphering mode command: rc=-95 +- ERROR sending ciphering mode command: rc=3 DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: Failed to send Ciphering Mode Command -- sending LU Reject for IMSI:901700000004620, cause 17 +- sending LU Reject for IMSI:901700000004620, cause 3 DVLR vlr_lu_fsm(901700000004620){VLR_ULA_S_WAIT_AUTH}: state_chg to VLR_ULA_S_DONE DMM Subscr_Conn(901700000004620){SUBSCR_CONN_S_NEW}: Received Event SUBSCR_CONN_E_CN_CLOSE DMM Subscr_Conn(901700000004620){SUBSCR_CONN_S_NEW}: SUBSCR_CONN_FROM_LU -- To view, visit https://gerrit.osmocom.org/7059 To unsubscribe, visit https://gerrit.osmocom.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I4db77fea1a4bcd161218582126a5d83ca171f7cb Gerrit-PatchSet: 1 Gerrit-Project: osmo-msc Gerrit-Branch: master Gerrit-Owner: Neels Hofmeyr <nhofmeyr at sysmocom.de>