This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Max gerrit-no-reply at lists.osmocom.orgHello Jenkins Builder, I'd like you to reexamine a change. Please visit https://gerrit.osmocom.org/460 to look at the new patch set (#6). SGSN: add preliminary support for GPRS encryption It is already functional enough to allow testing with real phones. However, note - there are several limitations in the current implementation: * only default value for IOV-UI is supported at the moment * AUTN-based key material is not supported Related: OS#1582 Change-Id: I8900b906693496e4e6b35be5a86937c58039ed9e --- M openbsc/include/openbsc/gprs_gmm.h M openbsc/include/openbsc/gprs_llc.h M openbsc/include/openbsc/gprs_sgsn.h M openbsc/src/gprs/gprs_gmm.c M openbsc/src/gprs/gprs_llc.c M openbsc/src/gprs/gprs_sgsn.c 6 files changed, 28 insertions(+), 31 deletions(-) git pull ssh://gerrit.osmocom.org:29418/openbsc refs/changes/60/460/6 diff --git a/openbsc/include/openbsc/gprs_gmm.h b/openbsc/include/openbsc/gprs_gmm.h index 58449cb..8a3ffea 100644 --- a/openbsc/include/openbsc/gprs_gmm.h +++ b/openbsc/include/openbsc/gprs_gmm.h @@ -15,7 +15,8 @@ int gsm0408_gprs_rcvmsg_gb(struct msgb *msg, struct gprs_llc_llme *llme, bool drop_cipherable); int gsm0408_gprs_force_reattach(struct sgsn_mm_ctx *mmctx); -int gsm0408_gprs_force_reattach_oldmsg(struct msgb *msg); +int gsm0408_gprs_force_reattach_oldmsg(struct msgb *msg, + struct gprs_llc_llme *llme); void gsm0408_gprs_access_granted(struct sgsn_mm_ctx *mmctx); void gsm0408_gprs_access_denied(struct sgsn_mm_ctx *mmctx, int gmm_cause); void gsm0408_gprs_access_cancelled(struct sgsn_mm_ctx *mmctx, int gmm_cause); diff --git a/openbsc/include/openbsc/gprs_llc.h b/openbsc/include/openbsc/gprs_llc.h index 73870af..8a44741 100644 --- a/openbsc/include/openbsc/gprs_llc.h +++ b/openbsc/include/openbsc/gprs_llc.h @@ -216,7 +216,8 @@ /* Chapter 7.2.1.2 LLGMM-RESET.req */ int gprs_llgmm_reset(struct gprs_llc_llme *llme); -int gprs_llgmm_reset_oldmsg(struct msgb* oldmsg, uint8_t sapi); +int gprs_llgmm_reset_oldmsg(struct msgb* oldmsg, uint8_t sapi, + struct gprs_llc_llme *llme); /* 04.64 Chapter 7.2.1.1 LLGMM-ASSIGN */ int gprs_llgmm_assign(struct gprs_llc_llme *llme, diff --git a/openbsc/include/openbsc/gprs_sgsn.h b/openbsc/include/openbsc/gprs_sgsn.h index 3f91fb6..ce7b04b 100644 --- a/openbsc/include/openbsc/gprs_sgsn.h +++ b/openbsc/include/openbsc/gprs_sgsn.h @@ -356,9 +356,6 @@ char *gprs_pdpaddr2str(uint8_t *pdpa, uint8_t len); -/* Force re-attachment based on msgb meta data */ -int sgsn_force_reattach_oldmsg(struct msgb *oldmsg); - /* * ctrl interface related work */ diff --git a/openbsc/src/gprs/gprs_gmm.c b/openbsc/src/gprs/gprs_gmm.c index e531bef..64cf8d6 100644 --- a/openbsc/src/gprs/gprs_gmm.c +++ b/openbsc/src/gprs/gprs_gmm.c @@ -416,9 +416,9 @@ return gsm48_gmm_sendmsg(msg, 1, mm, false); } -/* Section 9.4.9: Authentication and Ciphering Request */ +/* 3GPP TS 24.008 Section 9.4.9: Authentication and Ciphering Request */ static int gsm48_tx_gmm_auth_ciph_req(struct sgsn_mm_ctx *mm, uint8_t *rnd, - uint8_t key_seq, uint8_t algo) + uint8_t key_seq, bool force_standby) { struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 AUTH CIPH REQ"); struct gsm48_hdr *gh; @@ -435,9 +435,11 @@ gh->msg_type = GSM48_MT_GMM_AUTH_CIPH_REQ; acreq = (struct gsm48_auth_ciph_req *) msgb_put(msg, sizeof(*acreq)); - acreq->ciph_alg = algo & 0xf; + acreq->ciph_alg = mm->ciph_algo & 0xf; + /* § 10.5.5.10: */ acreq->imeisv_req = 0x1; - acreq->force_stby = 0x0; + /* § 10.5.5.7: */ + acreq->force_stby = force_standby; /* 3GPP TS 24.008 § 10.5.5.19: */ acreq->ac_ref_nr = rand(); mm->auth_ref = acreq->ac_ref_nr; @@ -447,11 +449,11 @@ m_rand = msgb_put(msg, 16+1); m_rand[0] = GSM48_IE_GMM_AUTH_RAND; memcpy(m_rand + 1, rnd, 16); - + /* § 10.5.1.2: */ m_cksn = msgb_put(msg, 1); m_cksn[0] = (GSM48_IE_GMM_CIPH_CKSN << 4) | (key_seq & 0x07); } - + /* FIXME: add AUTN for 3g auth according to 3GPP TS 24.008 § 10.5.3.1.1 */ /* FIXME: make sure we don't send any other messages to the MS */ return gsm48_gmm_sendmsg(msg, 1, mm, false); @@ -645,8 +647,7 @@ mmctx_timer_start(ctx, 3360, sgsn->cfg.timers.T3360); return gsm48_tx_gmm_auth_ciph_req(ctx, at->vec.rand, - at->key_seq, - GPRS_ALGO_GEA0); + at->key_seq, false); } if (ctx->auth_state == SGSN_AUTH_AUTHENTICATE && ctx->is_authenticated && @@ -1354,7 +1355,7 @@ } /* Force the MS to re-attach */ - rc = sgsn_force_reattach_oldmsg(msg); + rc = gsm0408_gprs_force_reattach_oldmsg(msg, llme); /* TLLI unassignment */ gprs_llgmm_unassign(llme); @@ -1533,8 +1534,7 @@ } at = &mm->auth_triplet; - gsm48_tx_gmm_auth_ciph_req(mm, at->vec.rand, at->key_seq, - GPRS_ALGO_GEA0); + gsm48_tx_gmm_auth_ciph_req(mm, at->vec.rand, at->key_seq, false); osmo_timer_schedule(&mm->timer, sgsn->cfg.timers.T3360, 0); break; case 3370: /* waiting for IDENTITY RESPONSE */ @@ -2093,7 +2093,7 @@ if (gh->msg_type == GSM48_MT_GSM_STATUS) return 0; - return sgsn_force_reattach_oldmsg(msg); + return gsm0408_gprs_force_reattach_oldmsg(msg, llme); } switch (gh->msg_type) { @@ -2127,10 +2127,11 @@ return rc; } -int gsm0408_gprs_force_reattach_oldmsg(struct msgb *msg) +int gsm0408_gprs_force_reattach_oldmsg(struct msgb *msg, + struct gprs_llc_llme *llme) { int rc; - gprs_llgmm_reset_oldmsg(msg, GPRS_SAPI_GMM); + gprs_llgmm_reset_oldmsg(msg, GPRS_SAPI_GMM, llme); rc = gsm48_tx_gmm_detach_req_oldmsg( msg, GPRS_DET_T_MT_REATT_REQ, GMM_CAUSE_IMPL_DETACHED); diff --git a/openbsc/src/gprs/gprs_llc.c b/openbsc/src/gprs/gprs_llc.c index fb4f02e..115519d 100644 --- a/openbsc/src/gprs/gprs_llc.c +++ b/openbsc/src/gprs/gprs_llc.c @@ -621,7 +621,8 @@ case GPRS_SAPI_SNDCP9: case GPRS_SAPI_SNDCP11: /* Ask an upper layer for help. */ - return sgsn_force_reattach_oldmsg(msg); + return gsm0408_gprs_force_reattach_oldmsg(msg, + lle->llme); default: break; } @@ -780,13 +781,12 @@ int gprs_llgmm_reset(struct gprs_llc_llme *llme) { struct msgb *msg = msgb_alloc_headroom(4096, 1024, "LLC_XID"); - int random = rand(); struct gprs_llc_lle *lle = &llme->lle[1]; - + llme->iov_ui = rand(); /* First XID component must be RESET */ msgb_put_xid_par(msg, GPRS_LLC_XID_T_RESET, 0, NULL); /* randomly select new IOV-UI */ - msgb_put_xid_par(msg, GPRS_LLC_XID_T_IOV_UI, 4, (uint8_t *) &random); + msgb_put_xid_par(msg, GPRS_LLC_XID_T_IOV_UI, 4, (uint8_t *) &llme->iov_ui); /* Reset some of the LLC parameters. See GSM 04.64, 8.5.3.1 */ lle->vu_recv = 0; @@ -798,15 +798,16 @@ return gprs_llc_tx_xid(lle, msg, 1); } -int gprs_llgmm_reset_oldmsg(struct msgb* oldmsg, uint8_t sapi) +int gprs_llgmm_reset_oldmsg(struct msgb* oldmsg, uint8_t sapi, + struct gprs_llc_llme *llme) { struct msgb *msg = msgb_alloc_headroom(4096, 1024, "LLC_XID"); - int random = rand(); + llme->iov_ui = rand(); /* First XID component must be RESET */ msgb_put_xid_par(msg, GPRS_LLC_XID_T_RESET, 0, NULL); /* randomly select new IOV-UI */ - msgb_put_xid_par(msg, GPRS_LLC_XID_T_IOV_UI, 4, (uint8_t *) &random); + msgb_put_xid_par(msg, GPRS_LLC_XID_T_IOV_UI, 4, (uint8_t *) &llme->iov_ui); /* FIXME: Start T200, wait for XID response */ diff --git a/openbsc/src/gprs/gprs_sgsn.c b/openbsc/src/gprs/gprs_sgsn.c index 711887e..c2f2d5b 100644 --- a/openbsc/src/gprs/gprs_sgsn.c +++ b/openbsc/src/gprs/gprs_sgsn.c @@ -169,6 +169,7 @@ ctx->gb.tlli = tlli; ctx->mm_state = GMM_DEREGISTERED; ctx->auth_triplet.key_seq = GSM_KEY_SEQ_INVAL; + ctx->ciph_algo = sgsn->cfg.cipher; ctx->ctrg = rate_ctr_group_alloc(ctx, &mmctx_ctrg_desc, tlli); INIT_LLIST_HEAD(&ctx->pdp_list); @@ -602,11 +603,6 @@ } return num; -} - -int sgsn_force_reattach_oldmsg(struct msgb *oldmsg) -{ - return gsm0408_gprs_force_reattach_oldmsg(oldmsg); } void sgsn_update_subscriber_data(struct sgsn_mm_ctx *mmctx) -- To view, visit https://gerrit.osmocom.org/460 To unsubscribe, visit https://gerrit.osmocom.org/settings Gerrit-MessageType: newpatchset Gerrit-Change-Id: I8900b906693496e4e6b35be5a86937c58039ed9e Gerrit-PatchSet: 6 Gerrit-Project: openbsc Gerrit-Branch: master Gerrit-Owner: Max <msuraev at sysmocom.de> Gerrit-Reviewer: Jenkins Builder