From 9d88d2b78f93c86c36455b0c90d4cc4433720ee8 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Sat, 16 Dec 2017 14:25:20 +0000 Subject: [PATCH] Addind replayed UE security capabilities. --- srsepc/hdr/mme/s1ap_common.h | 2 ++ srsepc/src/mme/s1ap.cc | 7 ++++++- srsepc/src/mme/s1ap_nas_transport.cc | 28 +++++++++++++++++++++++----- 3 files changed, 31 insertions(+), 6 deletions(-) diff --git a/srsepc/hdr/mme/s1ap_common.h b/srsepc/hdr/mme/s1ap_common.h index 759f2d316..d09eb0566 100644 --- a/srsepc/hdr/mme/s1ap_common.h +++ b/srsepc/hdr/mme/s1ap_common.h @@ -24,6 +24,7 @@ #include "srslte/common/security.h" #include "srslte/asn1/gtpc_ies.h" #include "srslte/asn1/liblte_s1ap.h" +#include "srslte/asn1/liblte_mme.h" #include namespace srsepc{ @@ -90,6 +91,7 @@ typedef struct{ struct sctp_sndrcvinfo enb_sri; eps_security_ctx_t security_ctxt; erab_ctx_t erabs_ctx[MAX_ERABS_PER_UE]; + LIBLTE_MME_UE_NETWORK_CAPABILITY_STRUCT ue_network_cap; } ue_ctx_t; }//namespace #endif diff --git a/srsepc/src/mme/s1ap.cc b/srsepc/src/mme/s1ap.cc index 0b3bc3e8d..462dc336e 100644 --- a/srsepc/src/mme/s1ap.cc +++ b/srsepc/src/mme/s1ap.cc @@ -368,12 +368,17 @@ s1ap::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *ini } m_s1ap_log->console("Attach request from IMSI: %015lu\n", imsi); m_s1ap_log->info("Attach request from IMSI: %015lu\n", imsi); - + + //Get UE security capabilities + memcpy(&ue_ctx.ue_network_cap, &attach_req.ue_network_cap, sizeof(LIBLTE_MME_UE_NETWORK_CAPABILITY_STRUCT)); + //FIXME use this info uint8_t eps_bearer_id = pdn_con_req.eps_bearer_id; //TODO: Unused uint8_t proc_transaction_id = pdn_con_req.proc_transaction_id; //TODO: Transaction ID unused m_s1ap_log->console("EPS Bearer id: %d\n", eps_bearer_id); + + //Add eNB info to UE ctxt memcpy(&ue_ctx.enb_sri, enb_sri, sizeof(struct sctp_sndrcvinfo)); diff --git a/srsepc/src/mme/s1ap_nas_transport.cc b/srsepc/src/mme/s1ap_nas_transport.cc index 75265691e..513109083 100644 --- a/srsepc/src/mme/s1ap_nas_transport.cc +++ b/srsepc/src/mme/s1ap_nas_transport.cc @@ -266,11 +266,29 @@ s1ap_nas_transport::pack_security_mode_command(srslte::byte_buffer_t *reply_msg, sm_cmd.selected_nas_sec_algs.type_of_eia = LIBLTE_MME_TYPE_OF_INTEGRITY_ALGORITHM_128_EIA1; sm_cmd.nas_ksi.tsc_flag=LIBLTE_MME_TYPE_OF_SECURITY_CONTEXT_FLAG_NATIVE; - sm_cmd.nas_ksi.nas_ksi=0; - - //FIXME UE security cap not used by srsUE. - //sm_cmd.ue_security_cap; - + sm_cmd.nas_ksi.nas_ksi=6; //111 no key available + + //Replay UE security cap + memcpy(sm_cmd.ue_security_cap.eea,ue_ctx->ue_network_cap.eea,8*sizeof(bool)); + memcpy(sm_cmd.ue_security_cap.eia,ue_ctx->ue_network_cap.eia,8*sizeof(bool)); + sm_cmd.ue_security_cap.uea_present = ue_ctx->ue_network_cap.uea_present; + memcpy(sm_cmd.ue_security_cap.uea,ue_ctx->ue_network_cap.uea,8*sizeof(bool)); + sm_cmd.ue_security_cap.uia_present = ue_ctx->ue_network_cap.uia_present; + memcpy(sm_cmd.ue_security_cap.uia,ue_ctx->ue_network_cap.uia,8*sizeof(bool)); + sm_cmd.ue_security_cap.gea_present = false; + //memcpy(sm_cmd.ue_security_cap.gea,ue_ctx->ue_network_cap.gea,8*sizeof(bool)); + /* + typedef struct{ + bool eea[8]; + bool eia[8]; + bool uea[8]; + bool uea_present; + bool uia[8]; + bool uia_present; + bool gea[8]; + bool gea_present; + }LIBLTE_MME_UE_SECURITY_CAPABILITIES_STRUCT; + */ sm_cmd.imeisv_req_present=false; sm_cmd.nonce_ue_present=false; sm_cmd.nonce_mme_present=false;