cosmetic prep: tell vlr_ops.set_ciph_mode() whether UMTS AKA is used
In case of UMTS AKA, the Kc for ciphering must be derived from the 3G auth tokens. tuple->vec.kc was calculated from the GSM algorithm and is not necessarily a match for the UMTS AKA tokens. To decide (in an upcoming patch) whether to use UMTS AKA derived Kc or the Kc from the auth vector, the set_ciph_mode() from vlr_ops needs to know whether UMTS AKA is being used. This could possibly derived from the msc_conn_ref, but all flags are already available in the vlr_lu_fsm and vlr_access_req_fsm. Hence add a umts_aka flag to the set_ciph_mode() callback invocation. The VLR FSMs thus decide whether UMTS AKA or GSM AKA is to be used during Ciphering Mode Command, which makes more sense than re-implementing the same decision process in the MSC. I considered placing the Kc derivation in vlr_set_ciph_mode() and only tell the MSC's set_ciph_mode() implementation the precise keys it should use, but the RAN particulars, and whether a Kc is used at all, rather belong with the MSC. Related: OS#2745 Prepares: If04e405426c55a81341747a9b450a69188525d5c Change-Id: I983c48347faf4ee1b405d8174b4e006c904157cf
This commit is contained in:
parent
e3d72d7827
commit
2ef2da54ab
|
@ -207,7 +207,7 @@ struct vlr_ops {
|
|||
int (*tx_cm_serv_rej)(void *msc_conn_ref, enum vlr_proc_arq_result result);
|
||||
|
||||
int (*set_ciph_mode)(void *msc_conn_ref, enum vlr_ciph ciph_mode,
|
||||
bool retrieve_imeisv);
|
||||
bool umts_aka, bool retrieve_imeisv);
|
||||
|
||||
/* UTRAN: send Common Id (when auth+ciph are complete) */
|
||||
int (*tx_common_id)(void *msc_conn_ref);
|
||||
|
@ -433,6 +433,7 @@ int vlr_set_ciph_mode(struct vlr_instance *vlr,
|
|||
struct osmo_fsm_inst *fi,
|
||||
void *msc_conn_ref,
|
||||
enum vlr_ciph ciph_mode,
|
||||
bool umts_aka,
|
||||
bool retrieve_imeisv);
|
||||
|
||||
bool vlr_use_umts_aka(struct osmo_auth_vector *vec, bool is_r99);
|
||||
|
|
|
@ -3388,6 +3388,7 @@ osmo_static_assert(sizeof(((struct gsm0808_encrypt_info*)0)->key) >= sizeof(((st
|
|||
/* VLR asks us to start using ciphering */
|
||||
static int msc_vlr_set_ciph_mode(void *msc_conn_ref,
|
||||
enum vlr_ciph ciph,
|
||||
bool umts_aka,
|
||||
bool retrieve_imeisv)
|
||||
{
|
||||
struct gsm_subscriber_connection *conn = msc_conn_ref;
|
||||
|
|
|
@ -1096,6 +1096,7 @@ int vlr_set_ciph_mode(struct vlr_instance *vlr,
|
|||
struct osmo_fsm_inst *fi,
|
||||
void *msc_conn_ref,
|
||||
enum vlr_ciph ciph_mode,
|
||||
bool umts_aka,
|
||||
bool retrieve_imeisv)
|
||||
{
|
||||
switch (ciph_mode) {
|
||||
|
@ -1108,6 +1109,7 @@ int vlr_set_ciph_mode(struct vlr_instance *vlr,
|
|||
ciph_mode, vlr_ciph_name(ciph_mode));
|
||||
return vlr->ops.set_ciph_mode(msc_conn_ref,
|
||||
ciph_mode,
|
||||
umts_aka,
|
||||
retrieve_imeisv);
|
||||
|
||||
case VLR_CIPH_A5_2:
|
||||
|
|
|
@ -294,6 +294,7 @@ static void _proc_arq_vlr_node2(struct osmo_fsm_inst *fi)
|
|||
|
||||
if (vlr_set_ciph_mode(vsub->vlr, fi, par->msc_conn_ref,
|
||||
par->ciphering_required,
|
||||
vlr_use_umts_aka(&vsub->last_tuple->vec, par->is_r99),
|
||||
vsub->vlr->cfg.retrieve_imeisv_ciphered)) {
|
||||
LOGPFSML(fi, LOGL_ERROR,
|
||||
"Failed to send Ciphering Mode Command\n");
|
||||
|
|
|
@ -826,8 +826,15 @@ static void vlr_loc_upd_post_auth(struct osmo_fsm_inst *fi)
|
|||
return;
|
||||
}
|
||||
|
||||
if (!vsub->last_tuple) {
|
||||
LOGPFSML(fi, LOGL_ERROR, "No auth tuple available\n");
|
||||
vlr_lu_compl_fsm_failure(fi, GSM48_REJECT_NETWORK_FAILURE);
|
||||
return;
|
||||
}
|
||||
|
||||
if (vlr_set_ciph_mode(vsub->vlr, fi, lfp->msc_conn_ref,
|
||||
lfp->ciphering_required,
|
||||
vlr_use_umts_aka(&vsub->last_tuple->vec, lfp->is_r99),
|
||||
vsub->vlr->cfg.retrieve_imeisv_ciphered)) {
|
||||
LOGPFSML(fi, LOGL_ERROR,
|
||||
"Failed to send Ciphering Mode Command\n");
|
||||
|
|
|
@ -665,7 +665,7 @@ static int fake_vlr_tx_auth_rej(void *msc_conn_ref)
|
|||
}
|
||||
|
||||
static int fake_vlr_tx_ciph_mode_cmd(void *msc_conn_ref, enum vlr_ciph ciph,
|
||||
bool retrieve_imeisv)
|
||||
bool umts_aka, bool retrieve_imeisv)
|
||||
{
|
||||
/* FIXME: we actually would like to see the message bytes checked here,
|
||||
* not possible while msc_vlr_set_ciph_mode() calls
|
||||
|
|
Loading…
Reference in New Issue