This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
lynxis lazus gerrit-no-reply at lists.osmocom.orglynxis lazus has uploaded this change for review. ( https://gerrit.osmocom.org/11150 Change subject: gprs_gmm: Fix missing Security Command for 3G when attaching ...................................................................... gprs_gmm: Fix missing Security Command for 3G when attaching Introduce a new FSM step in GMM Attach to send the Security Command to the RNC after completing the Authentication. Fixes: f7198d7dbb84 ("gprs_gmm: introduce a GMM Attach Request FSM") Change-Id: I1e12b0a32e58c6f78dba7b548f7d7016567229db --- M include/osmocom/sgsn/gprs_gmm_attach.h M src/gprs/gprs_gmm.c M src/gprs/gprs_gmm_attach.c 3 files changed, 43 insertions(+), 3 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-sgsn refs/changes/50/11150/1 diff --git a/include/osmocom/sgsn/gprs_gmm_attach.h b/include/osmocom/sgsn/gprs_gmm_attach.h index 22fbd6f..0aa2123 100644 --- a/include/osmocom/sgsn/gprs_gmm_attach.h +++ b/include/osmocom/sgsn/gprs_gmm_attach.h @@ -11,6 +11,7 @@ ST_RETRIEVE_AUTH, ST_AUTH, ST_ASK_VLR, + ST_IU_SECURITY_CMD, ST_ACCEPT, ST_REJECT }; @@ -20,6 +21,7 @@ E_IDEN_RESP_RECV, E_AUTH_RESP_RECV_SUCCESS, E_AUTH_RESP_RECV_RESYNC, + E_IU_SECURITY_CMD_COMPLETE, E_ATTACH_ACCEPTED, E_ATTACH_ACCEPT_SENT, E_ATTACH_COMPLETE_RECV, diff --git a/src/gprs/gprs_gmm.c b/src/gprs/gprs_gmm.c index a363c70..9dad9a7 100644 --- a/src/gprs/gprs_gmm.c +++ b/src/gprs/gprs_gmm.c @@ -205,7 +205,7 @@ REQUIRE_MM /* Continue authentication here */ mm->iu.ue_ctx->integrity_active = 1; - rc = gsm48_gmm_authorize(mm); + osmo_fsm_inst_dispatch(mm->gmm_att_req.fsm, E_IU_SECURITY_CMD_COMPLETE, NULL); break; default: LOGP(DRANAP, LOGL_NOTICE, "Unknown event received: %i\n", type); diff --git a/src/gprs/gprs_gmm_attach.c b/src/gprs/gprs_gmm_attach.c index 272fec7..e77faa4 100644 --- a/src/gprs/gprs_gmm_attach.c +++ b/src/gprs/gprs_gmm_attach.c @@ -157,7 +157,11 @@ switch (event) { case E_AUTH_RESP_RECV_SUCCESS: sgsn_auth_request(ctx); - osmo_fsm_inst_state_chg(fi, ST_ACCEPT, sgsn->cfg.timers.T3350, 3350); + if (ctx->ran_type == MM_CTX_T_UTRAN_Iu && !ctx->iu.ue_ctx->integrity_active) { + osmo_fsm_inst_state_chg(fi, ST_IU_SECURITY_CMD, sgsn->cfg.timers.T3350, 3350); + } else { + osmo_fsm_inst_state_chg(fi, ST_ACCEPT, sgsn->cfg.timers.T3350, 3350); + } break; case E_AUTH_RESP_RECV_RESYNC: if (ctx->gmm_att_req.auth_reattempt <= 1) @@ -228,6 +232,32 @@ } } +static void st_iu_security_cmd_on_enter(struct osmo_fsm_inst *fi, uint32_t prev_state) +{ +#ifdef BUILD_IU + struct sgsn_mm_ctx *ctx = fi->priv; + int rc = 0; + + /* TODO: shouldn't this set always? not only when the integrity_active? */ + if (ctx->iu.ue_ctx->integrity_active) { + osmo_fsm_inst_state_chg(fi, ST_ACCEPT, sgsn->cfg.timers.T3350, 3350); + return; + } + + ranap_iu_tx_sec_mode_cmd(ctx->iu.ue_ctx, &ctx->auth_triplet.vec, 0, ctx->iu.new_key); + ctx->iu.new_key = 0; +#endif +} + +static void st_iu_security_cmd(struct osmo_fsm_inst *fi, uint32_t event, void *data) +{ + switch(event) { + case E_IU_SECURITY_CMD_COMPLETE: + osmo_fsm_inst_state_chg(fi, ST_ACCEPT, sgsn->cfg.timers.T3350, 3350); + break; + } +} + static struct osmo_fsm_state gmm_attach_req_fsm_states[] = { /* default state for non-DTX and DTX when SPEECH is in progress */ [ST_INIT] = { @@ -252,11 +282,18 @@ }, [ST_AUTH] = { .in_event_mask = X(E_AUTH_RESP_RECV_SUCCESS) | X(E_AUTH_RESP_RECV_RESYNC), - .out_state_mask = X(ST_INIT) | X(ST_AUTH) | X(ST_ACCEPT) | X(ST_ASK_VLR) | X(ST_REJECT), + .out_state_mask = X(ST_INIT) | X(ST_AUTH) | X(ST_IU_SECURITY_CMD) | X(ST_ACCEPT) | X(ST_ASK_VLR) | X(ST_REJECT), .name = "Authenticate", .onenter = st_auth_on_enter, .action = st_auth, }, + [ST_IU_SECURITY_CMD] = { + .in_event_mask = X(E_IU_SECURITY_CMD_COMPLETE), + .out_state_mask = X(ST_INIT) | X(ST_AUTH) | X(ST_ACCEPT) | X(ST_REJECT), + .name = "IuSecurityCommand", + .onenter = st_iu_security_cmd_on_enter, + .action = st_iu_security_cmd, + }, [ST_ACCEPT] = { .in_event_mask = X(E_ATTACH_COMPLETE_RECV), .out_state_mask = X(ST_INIT) | X(ST_REJECT), @@ -280,6 +317,7 @@ { E_ATTACH_ACCEPTED, "Attach accepted" }, { E_ATTACH_ACCEPT_SENT, "Attach accept sent" }, { E_ATTACH_COMPLETE_RECV, "Attach complete received." }, + { E_IU_SECURITY_CMD_COMPLETE, "IU Security Command Complete received." }, { E_REJECT, "Reject the MS"}, { E_VLR_ANSWERED, "VLR answered"}, { 0, NULL } -- To view, visit https://gerrit.osmocom.org/11150 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: I1e12b0a32e58c6f78dba7b548f7d7016567229db Gerrit-Change-Number: 11150 Gerrit-PatchSet: 1 Gerrit-Owner: lynxis lazus <lynxis at fe80.eu> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20180928/01068f60/attachment.htm>