From 1e1e1420b13461dc4d33875338abba87e49ea9a4 Mon Sep 17 00:00:00 2001 From: Bedran Karakoc Date: Fri, 1 Oct 2021 19:08:53 +0200 Subject: [PATCH] Return AUTS in authentication failure for case AUTH_SYNCH_FAILURE --- srsenb/hdr/stack/ngap/ngap_ue_bearer_manager.h | 3 +-- srsenb/src/stack/ngap/ngap_ue.cc | 2 +- srsenb/src/stack/ngap/ngap_ue_bearer_manager.cc | 6 ++---- srsenb/src/stack/ngap/ngap_ue_proc.cc | 2 +- srsue/hdr/stack/upper/nas_5g.h | 2 +- srsue/src/stack/upper/nas_5g.cc | 15 +++++++++++---- srsue/src/stack/upper/pcsc_usim.cc | 4 ++-- 7 files changed, 19 insertions(+), 15 deletions(-) diff --git a/srsenb/hdr/stack/ngap/ngap_ue_bearer_manager.h b/srsenb/hdr/stack/ngap/ngap_ue_bearer_manager.h index 1be0fa4e8..91f2d9855 100644 --- a/srsenb/hdr/stack/ngap/ngap_ue_bearer_manager.h +++ b/srsenb/hdr/stack/ngap/ngap_ue_bearer_manager.h @@ -41,7 +41,7 @@ public: std::vector tunnels; }; - ngap_ue_bearer_manager(rrc_interface_ngap_nr* rrc_, gtpu_interface_rrc* gtpu_, srslog::basic_logger& logger_); + ngap_ue_bearer_manager(gtpu_interface_rrc* gtpu_, srslog::basic_logger& logger_); ~ngap_ue_bearer_manager(); int add_pdu_session(uint16_t rnti, @@ -58,7 +58,6 @@ public: private: gtpu_interface_rrc* gtpu = nullptr; - rrc_interface_ngap_nr* rrc = nullptr; std::map pdu_session_list; srslog::basic_logger& logger; diff --git a/srsenb/src/stack/ngap/ngap_ue.cc b/srsenb/src/stack/ngap/ngap_ue.cc index b3fa39137..875b784d6 100644 --- a/srsenb/src/stack/ngap/ngap_ue.cc +++ b/srsenb/src/stack/ngap/ngap_ue.cc @@ -29,7 +29,7 @@ ngap::ue::ue(ngap* ngap_ptr_, srslog::basic_logger& logger_) : logger(logger_), ngap_ptr(ngap_ptr_), - bearer_manager(rrc_ptr_, gtpu_ptr_, logger_), + bearer_manager(gtpu_ptr_, logger_), initial_context_setup_proc(this, rrc_ptr_, &ctxt, logger_), ue_context_release_proc(this, rrc_ptr_, &ctxt, &bearer_manager, logger_), ue_pdu_session_res_setup_proc(this, rrc_ptr_, &ctxt, &bearer_manager, logger_) diff --git a/srsenb/src/stack/ngap/ngap_ue_bearer_manager.cc b/srsenb/src/stack/ngap/ngap_ue_bearer_manager.cc index 7b1dccb5a..68944c3d6 100644 --- a/srsenb/src/stack/ngap/ngap_ue_bearer_manager.cc +++ b/srsenb/src/stack/ngap/ngap_ue_bearer_manager.cc @@ -13,10 +13,8 @@ #include "srsenb/hdr/stack/ngap/ngap_ue_bearer_manager.h" namespace srsenb { -ngap_ue_bearer_manager::ngap_ue_bearer_manager(rrc_interface_ngap_nr* rrc_, - gtpu_interface_rrc* gtpu_, - srslog::basic_logger& logger_) : - gtpu(gtpu_), rrc(rrc_), logger(logger_) +ngap_ue_bearer_manager::ngap_ue_bearer_manager(gtpu_interface_rrc* gtpu_, srslog::basic_logger& logger_) : + gtpu(gtpu_), logger(logger_) {} ngap_ue_bearer_manager::~ngap_ue_bearer_manager(){}; diff --git a/srsenb/src/stack/ngap/ngap_ue_proc.cc b/srsenb/src/stack/ngap/ngap_ue_proc.cc index 698beba11..750cf5ac9 100644 --- a/srsenb/src/stack/ngap/ngap_ue_proc.cc +++ b/srsenb/src/stack/ngap/ngap_ue_proc.cc @@ -82,7 +82,7 @@ proc_outcome_t ngap_ue_ue_context_release_proc::init(const asn1::ngap_nr::ue_con // TODO: How to approach erasing users ? bearer_manager->reset_pdu_sessions(ue_ctxt->rnti); rrc->release_bearers(ue_ctxt->rnti); - parent->send_initial_ctxt_setup_response(); + parent->send_ue_ctxt_release_complete(); return proc_outcome_t::success; } diff --git a/srsue/hdr/stack/upper/nas_5g.h b/srsue/hdr/stack/upper/nas_5g.h index 6c1a4e120..3278ddad8 100644 --- a/srsue/hdr/stack/upper/nas_5g.h +++ b/srsue/hdr/stack/upper/nas_5g.h @@ -125,7 +125,7 @@ private: int send_registration_request(); int send_authentication_response(const uint8_t res[16]); int send_security_mode_reject(const srsran::nas_5g::cause_5gmm_t::cause_5gmm_type_::options cause); - int send_authentication_failure(const srsran::nas_5g::cause_5gmm_t::cause_5gmm_type_::options cause); + int send_authentication_failure(const srsran::nas_5g::cause_5gmm_t::cause_5gmm_type_::options cause, const uint8_t res_star[16]); int send_security_mode_complete(const srsran::nas_5g::security_mode_command_t& security_mode_command); int send_registration_complete(); int send_pdu_session_establishment_request(uint32_t transaction_identity, diff --git a/srsue/src/stack/upper/nas_5g.cc b/srsue/src/stack/upper/nas_5g.cc index 74ebe1fcf..4e226b2b8 100644 --- a/srsue/src/stack/upper/nas_5g.cc +++ b/srsue/src/stack/upper/nas_5g.cc @@ -454,7 +454,7 @@ int nas_5g::send_security_mode_complete(const srsran::nas_5g::security_mode_comm return SRSRAN_SUCCESS; } -int nas_5g::send_authentication_failure(const cause_5gmm_t::cause_5gmm_type_::options cause) +int nas_5g::send_authentication_failure(const cause_5gmm_t::cause_5gmm_type_::options cause, const uint8_t res[16]) { unique_byte_buffer_t pdu = srsran::make_byte_buffer(); if (!pdu) { @@ -464,6 +464,13 @@ int nas_5g::send_authentication_failure(const cause_5gmm_t::cause_5gmm_type_::op nas_5gs_msg nas_msg; authentication_failure_t& auth_fail = nas_msg.set_authentication_failure(); + auth_fail.cause_5gmm.cause_5gmm = cause; + + if (cause == cause_5gmm_t::cause_5gmm_type::synch_failure) { + auth_fail.authentication_failure_parameter_present = true; + auth_fail.authentication_failure_parameter.auth_failure.resize(14); + memcpy(auth_fail.authentication_failure_parameter.auth_failure.data(), res, 14); + } if (nas_msg.pack(pdu) != SRSASN_SUCCESS) { logger.error("Failed to pack authentication failure."); @@ -655,7 +662,7 @@ int nas_5g::send_identity_response(srsran::nas_5g::identity_type_5gs_t::identity nas_5gs_msg nas_msg; identity_response_t& identity_response = nas_msg.set_identity_response(); - + switch (identity_type) { case (identity_type_5gs_t::identity_types_::suci): { srsran::nas_5g::mobile_identity_5gs_t::suci_s& suci = identity_response.mobile_identity.set_suci(); @@ -805,10 +812,10 @@ int nas_5g::handle_authentication_request(authentication_request_t& authenticati } else if (auth_result == AUTH_FAILED) { logger.error("Network authentication failure."); - send_authentication_failure(cause_5gmm_t::cause_5gmm_type::mac_failure); + send_authentication_failure(cause_5gmm_t::cause_5gmm_type::mac_failure, res_star); } else if (auth_result == AUTH_SYNCH_FAILURE) { logger.error("Network authentication synchronization failure."); - send_authentication_failure(cause_5gmm_t::cause_5gmm_type::synch_failure); + send_authentication_failure(cause_5gmm_t::cause_5gmm_type::synch_failure, res_star); } else { logger.error("Unhandled authentication failure cause"); } diff --git a/srsue/src/stack/upper/pcsc_usim.cc b/srsue/src/stack/upper/pcsc_usim.cc index 3cc963b1e..cded6369a 100644 --- a/srsue/src/stack/upper/pcsc_usim.cc +++ b/srsue/src/stack/upper/pcsc_usim.cc @@ -181,7 +181,7 @@ auth_result_t pcsc_usim::generate_authentication_response_5g(uint8_t* rand, case -2: logger.info("SCARD: USIM synchronization failure, AUTS generated"); logger.debug(auts, AKA_AUTS_LEN, "AUTS"); - memcpy(res, auts, AKA_AUTS_LEN); + memcpy(res_star, auts, AKA_AUTS_LEN); res_len = AKA_AUTS_LEN; return AUTH_SYNCH_FAILURE; default: @@ -213,7 +213,7 @@ auth_result_t pcsc_usim::generate_authentication_response_5g(uint8_t* rand, // Generate K_seaf security_generate_k_seaf(k_ausf, serving_network_name, k_seaf); logger.debug(k_seaf, 32, "K SEAF"); - // Generate K_seaf + // Generate K_amf security_generate_k_amf(k_ausf, imsi_str.c_str(), abba, abba_len, k_amf); logger.debug(k_amf, 32, "K AMF");