This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
laforge gerrit-no-reply at lists.osmocom.orglaforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-hlr/+/15364 ) Change subject: AUC: Add support for setting the AMF separation bit to '1' for EUTRAN ...................................................................... AUC: Add support for setting the AMF separation bit to '1' for EUTRAN Despite LTE/EUTRAN using the same authentication procedure (UMTS AKA) as 3G, there's one difference: The "operator defined" 16bit AMF field is reduced to 15 bits, with the first bit now being used as 'separation bit'. That bit should be '0' for 2G/3G (as it is right now) and '1' for authentication vectores generated for authentication over EUTRAN/EPS. Depends: libosmocore I93850710ab55a605bf61b95063a69682a2899bb1 (OSMO_GSUP_RAT_TYPES_IE) Change-Id: Ic766bc40f6126bb479bd0a05b0e96bec3e240008 --- M include/osmocom/hlr/db.h M src/db_auc.c M src/hlr.c M tests/db/db_test.c M tests/db/db_test.err 5 files changed, 26 insertions(+), 16 deletions(-) Approvals: Jenkins Builder: Verified pespin: Looks good to me, but someone else must approve laforge: Looks good to me, approved diff --git a/include/osmocom/hlr/db.h b/include/osmocom/hlr/db.h index eacc78e..c927099 100644 --- a/include/osmocom/hlr/db.h +++ b/include/osmocom/hlr/db.h @@ -66,7 +66,7 @@ int db_get_auc(struct db_context *dbc, const char *imsi, unsigned int auc_3g_ind, struct osmo_auth_vector *vec, unsigned int num_vec, const uint8_t *rand_auts, - const uint8_t *auts); + const uint8_t *auts, bool separation_bit); #include <osmocom/core/linuxlist.h> #include <osmocom/gsm/protocol/gsm_23_003.h> diff --git a/src/db_auc.c b/src/db_auc.c index e3a840e..ecb9f58 100644 --- a/src/db_auc.c +++ b/src/db_auc.c @@ -189,7 +189,7 @@ int db_get_auc(struct db_context *dbc, const char *imsi, unsigned int auc_3g_ind, struct osmo_auth_vector *vec, unsigned int num_vec, const uint8_t *rand_auts, - const uint8_t *auts) + const uint8_t *auts, bool separation_bit) { struct osmo_sub_auth_data aud2g, aud3g; int64_t subscr_id; @@ -209,6 +209,12 @@ aud3g.u.umts.ind_bitlen, aud3g.u.umts.ind); aud3g.u.umts.ind &= (1U << aud3g.u.umts.ind_bitlen) - 1; } + /* the first bit (bit0) cannot be used as AMF anymore, but has been + * re-appropriated as the separation bit. See 3GPP TS 33.102 Annex H + * together with 3GPP TS 33.401 / 33.402 / 33.501 */ + aud3g.u.umts.amf[0] = aud3g.u.umts.amf[0] & 0x7f; + if (separation_bit) + aud3g.u.umts.amf[0] |= 0x80; LOGAUC(imsi, LOGL_DEBUG, "Calling to generate %u vectors\n", num_vec); rc = auc_compute_vectors(vec, num_vec, &aud2g, &aud3g, rand_auts, auts); diff --git a/src/hlr.c b/src/hlr.c index 1638e67..a71b7e1 100644 --- a/src/hlr.c +++ b/src/hlr.c @@ -233,6 +233,7 @@ { struct osmo_gsup_message gsup_out; struct msgb *msg_out; + bool separation_bit = false; int rc; subscr_create_on_demand(gsup->imsi); @@ -241,10 +242,13 @@ memset(&gsup_out, 0, sizeof(gsup_out)); memcpy(&gsup_out.imsi, &gsup->imsi, sizeof(gsup_out.imsi)); + if (gsup->current_rat_type == OSMO_RAT_EUTRAN_SGS) + separation_bit = true; + rc = db_get_auc(dbc, gsup->imsi, conn->auc_3g_ind, gsup_out.auth_vectors, ARRAY_SIZE(gsup_out.auth_vectors), - gsup->rand, gsup->auts); + gsup->rand, gsup->auts, separation_bit); if (rc <= 0) { gsup_out.message_type = OSMO_GSUP_MSGT_SEND_AUTH_INFO_ERROR; switch (rc) { diff --git a/tests/db/db_test.c b/tests/db/db_test.c index d6060dd..b9b263d 100644 --- a/tests/db/db_test.c +++ b/tests/db/db_test.c @@ -115,7 +115,7 @@ #define ASSERT_DB_GET_AUC(imsi, expect_rc) \ do { \ struct osmo_auth_vector vec[N_VECTORS]; \ - ASSERT_RC(db_get_auc(dbc, imsi, 3, vec, N_VECTORS, NULL, NULL), expect_rc); \ + ASSERT_RC(db_get_auc(dbc, imsi, 3, vec, N_VECTORS, NULL, NULL, false), expect_rc); \ } while (0) /* Not linking the real auc_compute_vectors(), just returning num_vec. diff --git a/tests/db/db_test.err b/tests/db/db_test.err index a3e4d58..6423550 100644 --- a/tests/db/db_test.err +++ b/tests/db/db_test.err @@ -814,7 +814,7 @@ DAUC IMSI='999999999': No such subscriber -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -2 +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -2 DAUC IMSI='123456789000000': No such subscriber @@ -833,7 +833,7 @@ DAUC IMSI='123456789000000': No 3G Auth Data -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY DAUC IMSI='123456789000000': No 2G Auth Data DAUC IMSI='123456789000000': No 3G Auth Data @@ -852,7 +852,7 @@ } 3G: none -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> 3 +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> 3 DAUC IMSI='123456789000000': No 3G Auth Data DAUC IMSI='123456789000000': Calling to generate 3 vectors DAUC IMSI='123456789000000': Generated 3 vectors @@ -915,7 +915,7 @@ DAUC IMSI='123456789000000': No 3G Auth Data -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY DAUC IMSI='123456789000000': No 2G Auth Data DAUC IMSI='123456789000000': No 3G Auth Data @@ -940,7 +940,7 @@ DAUC IMSI='123456789000000': No 3G Auth Data -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY DAUC IMSI='123456789000000': No 2G Auth Data DAUC IMSI='123456789000000': No 3G Auth Data @@ -963,7 +963,7 @@ .u.umts.ind_bitlen = 5, } -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> 3 +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> 3 DAUC IMSI='123456789000000': No 2G Auth Data DAUC IMSI='123456789000000': Calling to generate 3 vectors DAUC IMSI='123456789000000': Generated 3 vectors @@ -1042,7 +1042,7 @@ DAUC IMSI='123456789000000': No 3G Auth Data -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY DAUC IMSI='123456789000000': No 2G Auth Data DAUC IMSI='123456789000000': No 3G Auth Data @@ -1064,7 +1064,7 @@ .u.umts.ind_bitlen = 5, } -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> 3 +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> 3 DAUC IMSI='123456789000000': No 2G Auth Data DAUC IMSI='123456789000000': Calling to generate 3 vectors DAUC IMSI='123456789000000': Generated 3 vectors @@ -1077,7 +1077,7 @@ DAUC IMSI='123456789000000': No 3G Auth Data -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY DAUC IMSI='123456789000000': No 2G Auth Data DAUC IMSI='123456789000000': No 3G Auth Data @@ -1105,7 +1105,7 @@ .u.umts.ind_bitlen = 5, } -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> 3 +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> 3 DAUC IMSI='123456789000000': Calling to generate 3 vectors DAUC IMSI='123456789000000': Generated 3 vectors DAUC IMSI='123456789000000': Updating SQN=0 in DB @@ -1323,7 +1323,7 @@ DAUC IMSI='123456789000000': No 3G Auth Data -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -ENOKEY +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -ENOKEY DAUC IMSI='123456789000000': No 2G Auth Data DAUC IMSI='123456789000000': No 3G Auth Data @@ -1332,7 +1332,7 @@ db_subscr_get_by_imsi(dbc, imsi0, &g_subscr) --> -ENOENT DAUC Cannot read subscriber from db: IMSI='123456789000000': No such subscriber -db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL) --> -2 +db_get_auc(dbc, imsi0, 3, vec, N_VECTORS, NULL, NULL, false) --> -2 DAUC IMSI='123456789000000': No such subscriber ===== test_subscr_aud: SUCCESS -- To view, visit https://gerrit.osmocom.org/c/osmo-hlr/+/15364 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-hlr Gerrit-Branch: master Gerrit-Change-Id: Ic766bc40f6126bb479bd0a05b0e96bec3e240008 Gerrit-Change-Number: 15364 Gerrit-PatchSet: 3 Gerrit-Owner: laforge <laforge at osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge at osmocom.org> Gerrit-Reviewer: pespin <pespin at sysmocom.de> Gerrit-MessageType: merged -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20191202/dbbc2b7d/attachment.htm>