fix reset of NAS counters after receiving security mode command

- reported by cpetersgit
- reset only needed after receiving initial security mode command
master
Andre Puschmann 6 years ago
parent f458d58527
commit 1fab8e6702

@ -130,6 +130,7 @@ private:
bool have_guti; bool have_guti;
bool have_ctxt; bool have_ctxt;
nas_sec_ctxt ctxt; nas_sec_ctxt ctxt;
bool auth_request;
uint32_t ip_addr; uint32_t ip_addr;
uint8_t eps_bearer_id; uint8_t eps_bearer_id;

@ -46,7 +46,7 @@ namespace srsue {
********************************************************************/ ********************************************************************/
nas::nas() nas::nas()
: state(EMM_STATE_DEREGISTERED), have_guti(false), have_ctxt(false), ip_addr(0), eps_bearer_id(0) : state(EMM_STATE_DEREGISTERED), have_guti(false), have_ctxt(false), auth_request(false), ip_addr(0), eps_bearer_id(0)
{ {
ctxt.rx_count = 0; ctxt.rx_count = 0;
ctxt.tx_count = 0; ctxt.tx_count = 0;
@ -781,6 +781,7 @@ void nas::parse_authentication_request(uint32_t lcid, byte_buffer_t *pdu, const
nas_log->info("Network authentication successful\n"); nas_log->info("Network authentication successful\n");
send_authentication_response(res, res_len, sec_hdr_type); send_authentication_response(res, res_len, sec_hdr_type);
nas_log->info_hex(ctxt.k_asme, 32, "Generated k_asme:\n"); nas_log->info_hex(ctxt.k_asme, 32, "Generated k_asme:\n");
auth_request = true;
} else if (auth_result == AUTH_SYNCH_FAILURE) { } else if (auth_result == AUTH_SYNCH_FAILURE) {
nas_log->error("Network authentication synchronization failure.\n"); nas_log->error("Network authentication synchronization failure.\n");
send_authentication_failure(LIBLTE_MME_EMM_CAUSE_SYNCH_FAILURE, res); send_authentication_failure(LIBLTE_MME_EMM_CAUSE_SYNCH_FAILURE, res);
@ -818,7 +819,6 @@ void nas::parse_identity_request(uint32_t lcid, byte_buffer_t *pdu) {
void nas::parse_security_mode_command(uint32_t lcid, byte_buffer_t *pdu) void nas::parse_security_mode_command(uint32_t lcid, byte_buffer_t *pdu)
{ {
if (!pdu) { if (!pdu) {
nas_log->error("Invalid PDU\n"); nas_log->error("Invalid PDU\n");
return; return;
@ -867,9 +867,12 @@ void nas::parse_security_mode_command(uint32_t lcid, byte_buffer_t *pdu)
return; return;
} }
// Reset counters (as per 24.301 5.4.3.2) // Reset counters (as per 24.301 5.4.3.2), only needed for initial security mode command
if (auth_request) {
ctxt.rx_count = 0; ctxt.rx_count = 0;
ctxt.tx_count = 0; ctxt.tx_count = 0;
auth_request = false;
}
ctxt.cipher_algo = (CIPHERING_ALGORITHM_ID_ENUM) sec_mode_cmd.selected_nas_sec_algs.type_of_eea; ctxt.cipher_algo = (CIPHERING_ALGORITHM_ID_ENUM) sec_mode_cmd.selected_nas_sec_algs.type_of_eea;
ctxt.integ_algo = (INTEGRITY_ALGORITHM_ID_ENUM) sec_mode_cmd.selected_nas_sec_algs.type_of_eia; ctxt.integ_algo = (INTEGRITY_ALGORITHM_ID_ENUM) sec_mode_cmd.selected_nas_sec_algs.type_of_eia;

Loading…
Cancel
Save