[PATCH] osmo-gsm-tester[master]: osmo_hlr.py: fix auth algo mapping, properly indicate COMP128v1

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Neels Hofmeyr gerrit-no-reply at lists.osmocom.org
Thu Dec 14 14:59:47 UTC 2017


osmo_hlr.py: fix auth algo mapping, properly indicate COMP128v1

So far the resources.conf says we're using XOR, but we wrongly map 'xor' to 1,
which is actually comp128v1 in enum osmo_auth_algo from libosmocore (which
osmo-hlr uses to interpret the numbers from the hlr.db).

This explains why our "xor" tests are succeeding even though libosmocore
doesn't support XOR at all: we were using comp128v1 all the while.

Fix the auth algo mapping:
- define correct mappings, copying enum osmo_auth_algo, in util.py
- add a function to get the enum value from name, in util.py
- use this in osmo_hlr.py

Change subscriber_add() API to take the algorithm string instead of a number.
The number is libosmocore internal and we should not expose it within our API
beyond above dict. There are no callers using this parameter yet anyway.

Adjust resources.conf to indicate COMP128v1 which we are actually using and
which means we're still using algorithm number 1 after this change.

BTW, osmo-nitb uses the ctrl interface which interprets the names, so is not
vulnerable to mapping wrong numbers and needs no fix. (If osmo-hlr featured
similar CTRL, which it doesn't yet, this code could be more robust.)

Related: OS#2758
Change-Id: I7a6ce92468a6ae46136ad4f62381da261fd196c8
---
M example/resources.conf
M src/osmo_gsm_tester/osmo_hlr.py
M src/osmo_gsm_tester/schema.py
M src/osmo_gsm_tester/util.py
4 files changed, 26 insertions(+), 24 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/osmo-gsm-tester refs/changes/58/5358/2

diff --git a/example/resources.conf b/example/resources.conf
index 35e3a2d..bec17b4 100644
--- a/example/resources.conf
+++ b/example/resources.conf
@@ -71,7 +71,7 @@
   path: '/sierra_1'
   imsi: '901700000009031'
   ki: '80A37E6FDEA931EAC92FFA5F671EFEAD'
-  auth_algo: 'xor'
+  auth_algo: 'comp128v1'
   ciphers: [a5_0, a5_1]
   features: ['sms', 'voice', 'ussd', 'gprs']
 
@@ -79,7 +79,7 @@
   path: '/sierra_2'
   imsi: '901700000009029'
   ki: '00969E283349D354A8239E877F2E0866'
-  auth_algo: 'xor'
+  auth_algo: 'comp128v1'
   ciphers: [a5_0, a5_1]
   features: ['sms', 'voice', 'ussd', 'gprs']
 
@@ -87,7 +87,7 @@
   path: '/gobi_0'
   imsi: '901700000009030'
   ki: 'BB70807226393CDBAC8DD3439FF54252'
-  auth_algo: 'xor'
+  auth_algo: 'comp128v1'
   ciphers: [a5_0, a5_1]
   features: ['sms', 'ussd', 'gprs']
 
@@ -95,6 +95,6 @@
   path: '/gobi_3'
   imsi: '901700000009032'
   ki: '2F70DCA43C45ACB97E947FDD0C7CA30A'
-  auth_algo: 'xor'
+  auth_algo: 'comp128v1'
   ciphers: [a5_0, a5_1]
   features: ['gprs']
diff --git a/src/osmo_gsm_tester/osmo_hlr.py b/src/osmo_gsm_tester/osmo_hlr.py
index f7dd80a..20eaf02 100644
--- a/src/osmo_gsm_tester/osmo_hlr.py
+++ b/src/osmo_gsm_tester/osmo_hlr.py
@@ -32,10 +32,6 @@
     process = None
     next_subscriber_id = 1
 
-    AUTH_ALGO_NONE = 0
-    AUTH_ALGO_XOR = 1
-    AUTH_ALGO_COMP128v1 = 2
-
     def __init__(self, suite_run, ip_address):
         super().__init__(log.C_RUN, 'osmo-hlr_%s' % ip_address.get('addr'))
         self.suite_run = suite_run
@@ -107,25 +103,23 @@
             log.ctx(proc)
             raise log.Error('Exited in error')
 
-    def subscriber_add(self, modem, msisdn=None, algo=None):
+    def subscriber_add(self, modem, msisdn=None, algo_str=None):
         if msisdn is None:
             msisdn = self.suite_run.resources_pool.next_msisdn(modem)
         modem.set_msisdn(msisdn)
         subscriber_id = self.next_subscriber_id
         self.next_subscriber_id += 1
 
-        if not algo:
-            alg_str = modem.auth_algo()
-            if alg_str is None or alg_str == 'none':
-                algo = self.AUTH_ALGO_NONE
-            elif alg_str == 'comp128v1':
-                algo = self.AUTH_ALGO_COMP128v1
-            elif alg_str == 'xor':
-                algo = self.AUTH_ALGO_XOR
-        if algo != self.AUTH_ALGO_NONE and not modem.ki():
-            raise log.Error("Auth algo %r selected and no KI specified" % algo)
+        if algo_str is None:
+            algo_str = modem.auth_algo() or util.OSMO_AUTH_ALGO_NONE
 
-        self.log('Add subscriber', msisdn=msisdn, imsi=modem.imsi(), subscriber_id=subscriber_id, algo=algo)
+        if algo_str != util.OSMO_AUTH_ALGO_NONE and not modem.ki():
+            raise log.Error("Auth algo %r selected but no KI specified" % algo_str)
+
+        algo = util.osmo_auth_algo_by_name(algo_str)
+
+        self.log('Add subscriber', msisdn=msisdn, imsi=modem.imsi(), subscriber_id=subscriber_id,
+                 algo_str=algo_str, algo=algo)
         conn = sqlite3.connect(self.db_file)
         try:
             c = conn.cursor()
diff --git a/src/osmo_gsm_tester/schema.py b/src/osmo_gsm_tester/schema.py
index f92d1db..6c0b2b7 100644
--- a/src/osmo_gsm_tester/schema.py
+++ b/src/osmo_gsm_tester/schema.py
@@ -20,7 +20,7 @@
 import re
 
 from . import log
-from .util import is_dict, is_list, str2bool
+from .util import is_dict, is_list, str2bool, ENUM_OSMO_AUTH_ALGO
 
 KEY_RE = re.compile('[a-zA-Z][a-zA-Z0-9_]*')
 IPV4_RE = re.compile('([0-9]{1,3}.){3}[0-9]{1,3}')
@@ -62,9 +62,8 @@
     match_re('MSISDN', MSISDN_RE, val)
 
 def auth_algo(val):
-    if val in ('none', 'xor', 'comp128v1'):
-        return
-    raise ValueError('Unknown Authentication Algorithm: %r' % val)
+    if val not in ENUM_OSMO_AUTH_ALGO:
+        raise ValueError('Unknown Authentication Algorithm: %r' % val)
 
 def uint(val):
     n = int(val)
diff --git a/src/osmo_gsm_tester/util.py b/src/osmo_gsm_tester/util.py
index ed1a258..edf7599 100644
--- a/src/osmo_gsm_tester/util.py
+++ b/src/osmo_gsm_tester/util.py
@@ -32,6 +32,15 @@
 import readline
 import subprocess
 
+# This mirrors enum osmo_auth_algo in libosmocore/include/osmocom/crypt/auth.h
+# so that the index within the tuple matches the enum value.
+OSMO_AUTH_ALGO_NONE = 'none'
+ENUM_OSMO_AUTH_ALGO = (OSMO_AUTH_ALGO_NONE, 'comp128v1', 'comp128v2', 'comp128v3', 'xor', 'milenage')
+
+def osmo_auth_algo_by_name(algo_str):
+    'Return enum osmo_auth_algo numeric value as from libosmocore, raise ValueError if not defined.'
+    return ENUM_OSMO_AUTH_ALGO.index(algo_str.lower())
+
 def prepend_library_path(path):
     lp = os.getenv('LD_LIBRARY_PATH')
     if not lp:

-- 
To view, visit https://gerrit.osmocom.org/5358
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I7a6ce92468a6ae46136ad4f62381da261fd196c8
Gerrit-PatchSet: 2
Gerrit-Project: osmo-gsm-tester
Gerrit-Branch: master
Gerrit-Owner: Neels Hofmeyr <nhofmeyr at sysmocom.de>
Gerrit-Reviewer: Jenkins Builder



More information about the gerrit-log mailing list