diff --git a/include/osmocom/msc/vlr.h b/include/osmocom/msc/vlr.h index b328b70d3..83c8e1bf6 100644 --- a/include/osmocom/msc/vlr.h +++ b/include/osmocom/msc/vlr.h @@ -65,6 +65,8 @@ enum vlr_lu_event { VLR_ULA_E_ID_IMSI, /* IMSI recieved from MS */ VLR_ULA_E_ID_IMEI, /* IMEI received from MS */ VLR_ULA_E_ID_IMEISV, /* IMEISV received from MS */ + VLR_ULA_E_HLR_IMEI_ACK, /* Check_IMEI_VLR result from HLR */ + VLR_ULA_E_HLR_IMEI_NACK,/* Check_IMEI_VLR result from HLR */ VLR_ULA_E_HLR_LU_RES, /* HLR UpdateLocation result */ VLR_ULA_E_UPD_HLR_COMPL,/* UpdatE_HLR_VLR result */ VLR_ULA_E_LU_COMPL_SUCCESS,/* Location_Update_Completion_VLR result */ diff --git a/src/libvlr/vlr.c b/src/libvlr/vlr.c index 887602c10..451c5217d 100644 --- a/src/libvlr/vlr.c +++ b/src/libvlr/vlr.c @@ -657,6 +657,28 @@ int vlr_subscr_req_sai(struct vlr_subscr *vsub, return vlr_subscr_tx_gsup_message(vsub, &gsup_msg); } +/* Initiate Check_IMEI_VLR Procedure (23.018 Chapter 7.1.2.9) */ +int vlr_subscr_tx_req_check_imei(const struct vlr_subscr *vsub) +{ + struct osmo_gsup_message gsup_msg = {0}; + uint8_t imei_enc[GSM23003_IMEI_NUM_DIGITS+2]; /* +2: IE header */ + int len; + + /* Encode IMEI */ + len = gsm48_encode_bcd_number(imei_enc, sizeof(imei_enc), 0, vsub->imei); + if (len < 1) { + LOGVSUBP(LOGL_ERROR, vsub, "Error: cannot encode IMEI '%s'\n", vsub->imei); + return -ENOSPC; + } + gsup_msg.imei_enc = imei_enc; + gsup_msg.imei_enc_len = len; + + /* Send CHECK_IMEI_REQUEST */ + gsup_msg.message_type = OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST; + OSMO_STRLCPY_ARRAY(gsup_msg.imsi, vsub->imsi); + return vlr_tx_gsup_message(vsub->vlr, &gsup_msg); +} + /* Tell HLR that authentication failure occurred */ int vlr_subscr_tx_auth_fail_rep(const struct vlr_subscr *vsub) { @@ -991,6 +1013,29 @@ static int vlr_subscr_handle_cancel_req(struct vlr_subscr *vsub, return rc; } +/* Handle Check_IMEI_VLR result and error from HLR */ +static int vlr_subscr_handle_check_imei(struct vlr_subscr *vsub, const struct osmo_gsup_message *gsup) +{ + if (!vsub->lu_fsm) { + LOGVSUBP(LOGL_ERROR, vsub, "Rx %s without LU in progress\n", + osmo_gsup_message_type_name(gsup->message_type)); + return -ENODEV; + } + + if (gsup->message_type == OSMO_GSUP_MSGT_CHECK_IMEI_RESULT) { + if (gsup->imei_result == OSMO_GSUP_IMEI_RESULT_ACK) + osmo_fsm_inst_dispatch(vsub->lu_fsm, VLR_ULA_E_HLR_IMEI_ACK, NULL); + else + osmo_fsm_inst_dispatch(vsub->lu_fsm, VLR_ULA_E_HLR_IMEI_NACK, NULL); + } else { + LOGVSUBP(LOGL_ERROR, vsub, "Check_IMEI_VLR failed; gmm_cause: %s\n", + get_value_string(gsm48_gmm_cause_names, gsup->cause)); + osmo_fsm_inst_dispatch(vsub->lu_fsm, VLR_ULA_E_HLR_IMEI_NACK, NULL); + } + + return 0; +} + /* Incoming handler for GSUP from HLR. * Keep this function non-static for direct invocation by unit tests. */ int vlr_gsupc_read_cb(struct osmo_gsup_client *gsupc, struct msgb *msg) @@ -1060,6 +1105,10 @@ int vlr_gsupc_read_cb(struct osmo_gsup_client *gsupc, struct msgb *msg) gsup.message_type); rc = -GMM_CAUSE_MSGT_NOTEXIST_NOTIMPL; break; + case OSMO_GSUP_MSGT_CHECK_IMEI_ERROR: + case OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: + rc = vlr_subscr_handle_check_imei(vsub, &gsup); + break; default: /* Forward message towards MSC */ rc = vlr->ops.forward_gsup_msg(vsub, &gsup); diff --git a/src/libvlr/vlr_core.h b/src/libvlr/vlr_core.h index c249dffd0..41b880011 100644 --- a/src/libvlr/vlr_core.h +++ b/src/libvlr/vlr_core.h @@ -7,5 +7,6 @@ struct osmo_gsup_message; int vlr_subscr_req_lu(struct vlr_subscr *vsub) __attribute__((warn_unused_result)); int vlr_subscr_req_sai(struct vlr_subscr *vsub, const uint8_t *auts, const uint8_t *auts_rand) __attribute__((warn_unused_result)); +int vlr_subscr_tx_req_check_imei(const struct vlr_subscr *vsub); void vlr_subscr_update_tuples(struct vlr_subscr *vsub, const struct osmo_gsup_message *gsup); diff --git a/src/libvlr/vlr_lu_fsm.c b/src/libvlr/vlr_lu_fsm.c index 8640d2b14..a97e97ada 100644 --- a/src/libvlr/vlr_lu_fsm.c +++ b/src/libvlr/vlr_lu_fsm.c @@ -653,6 +653,8 @@ static const struct value_string fsm_lu_event_names[] = { OSMO_VALUE_STRING(VLR_ULA_E_ID_IMSI), OSMO_VALUE_STRING(VLR_ULA_E_ID_IMEI), OSMO_VALUE_STRING(VLR_ULA_E_ID_IMEISV), + OSMO_VALUE_STRING(VLR_ULA_E_HLR_IMEI_ACK), + OSMO_VALUE_STRING(VLR_ULA_E_HLR_IMEI_NACK), OSMO_VALUE_STRING(VLR_ULA_E_HLR_LU_RES), OSMO_VALUE_STRING(VLR_ULA_E_UPD_HLR_COMPL), OSMO_VALUE_STRING(VLR_ULA_E_LU_COMPL_SUCCESS), @@ -1229,9 +1231,17 @@ static void lu_fsm_wait_lu_compl(struct osmo_fsm_inst *fi, uint32_t event, LU_COMPL_VLR_E_NEW_TMSI_ACK, NULL); break; case VLR_ULA_E_ID_IMEI: + /* Got the IMEI from ME, now send it to HLR */ + vlr_subscr_tx_req_check_imei(lfp->vsub); + break; + case VLR_ULA_E_HLR_IMEI_ACK: osmo_fsm_inst_dispatch(lfp->lu_compl_vlr_fsm, LU_COMPL_VLR_E_IMEI_CHECK_ACK, NULL); break; + case VLR_ULA_E_HLR_IMEI_NACK: + osmo_fsm_inst_dispatch(lfp->lu_compl_vlr_fsm, + LU_COMPL_VLR_E_IMEI_CHECK_NACK, NULL); + break; case VLR_ULA_E_LU_COMPL_SUCCESS: lu_fsm_discard_lu_compl_fsm(fi); @@ -1362,7 +1372,9 @@ static const struct osmo_fsm_state vlr_lu_fsm_states[] = { S(VLR_ULA_E_LU_COMPL_FAILURE) | S(VLR_ULA_E_NEW_TMSI_ACK) | S(VLR_ULA_E_ID_IMEI) | - S(VLR_ULA_E_ID_IMEISV), + S(VLR_ULA_E_ID_IMEISV) | + S(VLR_ULA_E_HLR_IMEI_ACK) | + S(VLR_ULA_E_HLR_IMEI_NACK), .out_state_mask = S(VLR_ULA_S_DONE), .name = OSMO_STRINGIFY(VLR_ULA_S_WAIT_LU_COMPL), .action = lu_fsm_wait_lu_compl, diff --git a/tests/msc_vlr/msc_vlr_test_gsm_authen.c b/tests/msc_vlr/msc_vlr_test_gsm_authen.c index 46dd9a1c6..f6f1ab69e 100644 --- a/tests/msc_vlr/msc_vlr_test_gsm_authen.c +++ b/tests/msc_vlr/msc_vlr_test_gsm_authen.c @@ -573,9 +573,15 @@ static void test_gsm_authen_imei() EXPECT_ACCEPTED(false); thwart_rx_non_initial_requests(); - btw("MS replies with an Identity Response"); - expect_bssap_clear(); + btw("MS replies with an Identity Response, VLR sends the IMEI to HLR"); + gsup_expect_tx("30010809710000004026f050090824433224433224f0"); ms_sends_msg("0559084a32244332244302"); + EXPECT_ACCEPTED(false); + thwart_rx_non_initial_requests(); + + btw("HLR accepts the IMEI"); + expect_bssap_clear(); + gsup_rx("32010809710000004026f0510100", NULL); VERBOSE_ASSERT(bssap_clear_sent, == true, "%d"); btw("LU was successful, and the conn has already been closed"); @@ -600,6 +606,192 @@ static void test_gsm_authen_imei() comment_end(); } +static void test_gsm_authen_imei_nack() +{ + struct vlr_subscr *vsub; + const char *imsi = "901700000004620"; + + comment_start(); + + net->authentication_required = true; + net->vlr->cfg.check_imei_rqd = true; + + btw("Location Update request causes a GSUP Send Auth Info request to HLR"); + lu_result_sent = RES_NONE; + gsup_expect_tx("08010809710000004026f0"); + ms_sends_msg("0508020081680001" + "30" /* <-- Revision Level == 1, i.e. is_r99 == false */ + "089910070000006402"); + OSMO_ASSERT(gsup_tx_confirmed); + VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); + + btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS"); + auth_request_sent = false; + auth_request_expect_rand = "585df1ae287f6e273dce07090d61320b"; + auth_request_expect_autn = NULL; + /* Based on a Ki of 000102030405060708090a0b0c0d0e0f */ + gsup_rx("0a" + /* imsi */ + "0108" "09710000004026f0" + /* 5 auth vectors... */ + /* TL TL rand */ + "0322" "2010" "585df1ae287f6e273dce07090d61320b" + /* TL sres TL kc */ + "2104" "2d8b2c3e" "2208" "61855fb81fc2a800" + "0322" "2010" "12aca96fb4ffdea5c985cbafa9b6e18b" + "2104" "20bde240" "2208" "07fa7502e07e1c00" + "0322" "2010" "e7c03ba7cf0e2fde82b2dc4d63077d42" + "2104" "a29514ae" "2208" "e2b234f807886400" + "0322" "2010" "fa8f20b781b5881329d4fea26b1a3c51" + "2104" "5afc8d72" "2208" "2392f14f709ae000" + "0322" "2010" "0fd4cc8dbe8715d1f439e304edfd68dc" + "2104" "bc8d1c5b" "2208" "da7cdd6bfe2d7000", + NULL); + VERBOSE_ASSERT(auth_request_sent, == true, "%d"); + VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); + + btw("If the HLR were to send a GSUP _UPDATE_LOCATION_RESULT we'd still reject"); + gsup_rx("06010809710000004026f0", NULL); + EXPECT_ACCEPTED(false); + + thwart_rx_non_initial_requests(); + + VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); + + btw("MS sends Authen Response, VLR accepts and sends GSUP LU Req to HLR"); + gsup_expect_tx("04010809710000004026f0280102"); + ms_sends_msg("05542d8b2c3e"); + VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); + + btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT"); + gsup_rx("10010809710000004026f00804036470f1", + "12010809710000004026f0"); + VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); + + btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT, and we send an ID Request for the IMEI to the MS"); + dtap_expect_tx("051802"); + gsup_rx("06010809710000004026f0", NULL); + + btw("We will only do business when the IMEI is known"); + EXPECT_CONN_COUNT(1); + vsub = vlr_subscr_find_by_imsi(net->vlr, imsi); + OSMO_ASSERT(vsub); + VERBOSE_ASSERT(vsub->imei[0], == 0, "%d"); + vlr_subscr_put(vsub); + EXPECT_ACCEPTED(false); + thwart_rx_non_initial_requests(); + + btw("MS replies with an Identity Response, VLR sends the IMEI to HLR"); + gsup_expect_tx("30010809710000004026f050090824433224433224f0"); + ms_sends_msg("0559084a32244332244302"); + EXPECT_ACCEPTED(false); + thwart_rx_non_initial_requests(); + + expect_bssap_clear(); + btw("HLR does not like the IMEI and sends NACK"); + gsup_rx("32010809710000004026f0510101", NULL); + EXPECT_ACCEPTED(false); + thwart_rx_non_initial_requests(); + + bss_sends_clear_complete(); + EXPECT_CONN_COUNT(0); + clear_vlr(); + comment_end(); +} + +static void test_gsm_authen_imei_err() +{ + struct vlr_subscr *vsub; + const char *imsi = "901700000004620"; + + comment_start(); + + net->authentication_required = true; + net->vlr->cfg.check_imei_rqd = true; + + btw("Location Update request causes a GSUP Send Auth Info request to HLR"); + lu_result_sent = RES_NONE; + gsup_expect_tx("08010809710000004026f0"); + ms_sends_msg("0508020081680001" + "30" /* <-- Revision Level == 1, i.e. is_r99 == false */ + "089910070000006402"); + OSMO_ASSERT(gsup_tx_confirmed); + VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); + + btw("from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS"); + auth_request_sent = false; + auth_request_expect_rand = "585df1ae287f6e273dce07090d61320b"; + auth_request_expect_autn = NULL; + /* Based on a Ki of 000102030405060708090a0b0c0d0e0f */ + gsup_rx("0a" + /* imsi */ + "0108" "09710000004026f0" + /* 5 auth vectors... */ + /* TL TL rand */ + "0322" "2010" "585df1ae287f6e273dce07090d61320b" + /* TL sres TL kc */ + "2104" "2d8b2c3e" "2208" "61855fb81fc2a800" + "0322" "2010" "12aca96fb4ffdea5c985cbafa9b6e18b" + "2104" "20bde240" "2208" "07fa7502e07e1c00" + "0322" "2010" "e7c03ba7cf0e2fde82b2dc4d63077d42" + "2104" "a29514ae" "2208" "e2b234f807886400" + "0322" "2010" "fa8f20b781b5881329d4fea26b1a3c51" + "2104" "5afc8d72" "2208" "2392f14f709ae000" + "0322" "2010" "0fd4cc8dbe8715d1f439e304edfd68dc" + "2104" "bc8d1c5b" "2208" "da7cdd6bfe2d7000", + NULL); + VERBOSE_ASSERT(auth_request_sent, == true, "%d"); + VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); + + btw("If the HLR were to send a GSUP _UPDATE_LOCATION_RESULT we'd still reject"); + gsup_rx("06010809710000004026f0", NULL); + EXPECT_ACCEPTED(false); + + thwart_rx_non_initial_requests(); + + VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); + + btw("MS sends Authen Response, VLR accepts and sends GSUP LU Req to HLR"); + gsup_expect_tx("04010809710000004026f0280102"); + ms_sends_msg("05542d8b2c3e"); + VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); + + btw("HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT"); + gsup_rx("10010809710000004026f00804036470f1", + "12010809710000004026f0"); + VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); + + btw("HLR also sends GSUP _UPDATE_LOCATION_RESULT, and we send an ID Request for the IMEI to the MS"); + dtap_expect_tx("051802"); + gsup_rx("06010809710000004026f0", NULL); + + btw("We will only do business when the IMEI is known"); + EXPECT_CONN_COUNT(1); + vsub = vlr_subscr_find_by_imsi(net->vlr, imsi); + OSMO_ASSERT(vsub); + VERBOSE_ASSERT(vsub->imei[0], == 0, "%d"); + vlr_subscr_put(vsub); + EXPECT_ACCEPTED(false); + thwart_rx_non_initial_requests(); + + btw("MS replies with an Identity Response, VLR sends the IMEI to HLR"); + gsup_expect_tx("30010809710000004026f050090824433224433224f0"); + ms_sends_msg("0559084a32244332244302"); + EXPECT_ACCEPTED(false); + thwart_rx_non_initial_requests(); + + expect_bssap_clear(); + btw("HLR can't parse the message and returns ERR"); + gsup_rx("31010809710000004026f0020160", NULL); + EXPECT_ACCEPTED(false); + thwart_rx_non_initial_requests(); + + bss_sends_clear_complete(); + EXPECT_CONN_COUNT(0); + clear_vlr(); + comment_end(); +} + static void test_gsm_authen_tmsi_imei() { struct vlr_subscr *vsub; @@ -676,8 +868,14 @@ static void test_gsm_authen_tmsi_imei() EXPECT_ACCEPTED(false); thwart_rx_non_initial_requests(); - btw("MS replies with an Identity Response"); + btw("MS replies with an Identity Response, VLR sends the IMEI to HLR"); + gsup_expect_tx("30010809710000004026f050090824433224433224f0"); ms_sends_msg("0559084a32244332244302"); + EXPECT_ACCEPTED(false); + thwart_rx_non_initial_requests(); + + btw("HLR accepts the IMEI"); + gsup_rx("32010809710000004026f0510100", NULL); btw("a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl"); EXPECT_CONN_COUNT(1); @@ -998,6 +1196,8 @@ msc_vlr_test_func_t msc_vlr_tests[] = { test_gsm_authen, test_gsm_authen_tmsi, test_gsm_authen_imei, + test_gsm_authen_imei_nack, + test_gsm_authen_imei_err, test_gsm_authen_tmsi_imei, test_gsm_milenage_authen, test_wrong_sres_length, diff --git a/tests/msc_vlr/msc_vlr_test_gsm_authen.err b/tests/msc_vlr/msc_vlr_test_gsm_authen.err index fddfe07b1..c69fde84b 100644 --- a/tests/msc_vlr/msc_vlr_test_gsm_authen.err +++ b/tests/msc_vlr/msc_vlr_test_gsm_authen.err @@ -1254,16 +1254,36 @@ DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 -- MS replies with an Identity Response +- MS replies with an Identity Response, VLR sends the IMEI to HLR MSC <--GERAN-A-- MS: GSM48_MT_MM_ID_RESP DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + dtap == 1 (0x2: dtap) DRLL Dispatching 04.08 message GSM48_MT_MM_ID_RESP (0x5:0x19) DMM IDENTITY RESPONSE: MI=IMEI-423423423423420 DVLR set IMEI on subscriber; IMSI=901700000004620 IMEI=423423423423420 DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_ID_IMEI +DVLR GSUP tx: 30010809710000004026f050090824433224433224f0 +GSUP --> HLR: OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST: 30010809710000004026f050090824433224433224f0 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 +- HLR accepts the IMEI +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: 32010809710000004026f0510100 +DVLR GSUP rx 14: 32010809710000004026f0510100 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_HLR_IMEI_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: Received Event LU_COMPL_VLR_E_IMEI_CHECK_ACK - sending LU Accept for IMSI-901700000004620:MSISDN-46071 -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 3 DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: state_chg to LU_COMPL_VLR_S_DONE DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_LU_COMPL_SUCCESS DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Terminating (cause = OSMO_FSM_TERM_PARENT) @@ -1275,11 +1295,12 @@ DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIP DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: state_chg to RAN_CONN_S_ACCEPTED DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_ACCEPTED}: Received Event RAN_CONN_E_UNUSED DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_ACCEPTED}: state_chg to RAN_CONN_S_RELEASING -DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + release == 2 (0x102: dtap,release) -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 3 -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 2 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + release == 1 (0x100: release) +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 4 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 3 - BSSAP Clear --GERAN-A--> MS -DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 1 (0x100: release) +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 2 +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: vlr_gsupc_read_cb() returns 0 bssap_clear_sent == 1 - LU was successful, and the conn has already been closed lu_result_sent == 1 @@ -1337,6 +1358,455 @@ DMM RAN_conn{RAN_CONN_S_RELEASED}: Deallocated full talloc report on 'msgb' (total 0 bytes in 1 blocks) talloc_total_blocks(tall_bsc_ctx) == 13 +===== test_gsm_authen_imei_nack +- Location Update request causes a GSUP Send Auth Info request to HLR + MSC <--GERAN-A-- MS: GSM48_MT_MM_LOC_UPD_REQUEST + new conn +DMM RAN_conn{RAN_CONN_S_NEW}: Allocated +DREF unknown: MSC conn use + compl_l3 == 1 (0x1: compl_l3) +DRLL Dispatching 04.08 message GSM48_MT_MM_LOC_UPD_REQUEST (0x5:0x8) +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: Updated ID +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: LOCATION UPDATING REQUEST: MI=IMSI-901700000004620 LU-type=IMSI-ATTACH +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: LU/new-LAC: 1/23 +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: Allocated +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: is child of RAN_conn(IMSI-901700000004620:GERAN-A-0:LU) +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: rev=GSM net=GERAN Auth (no Ciph) +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: Received Event VLR_ULA_E_UPDATE_LA +DREF VLR subscr unknown usage increases to: 1 +DVLR set IMSI on subscriber; IMSI=901700000004620 id=901700000004620 +DVLR New subscr, IMSI: 901700000004620 +DREF VLR subscr IMSI-901700000004620 usage increases to: 2 +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: Updated ID +DREF VLR subscr IMSI-901700000004620 usage decreases to: 1 +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: vlr_loc_upd_node1() +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: state_chg to VLR_ULA_S_WAIT_AUTH +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH}: Allocated +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH}: is child of vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU) +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH}: Received Event VLR_AUTH_E_START +DVLR GSUP tx: 08010809710000004026f0 +GSUP --> HLR: OSMO_GSUP_MSGT_SEND_AUTH_INFO_REQUEST: 08010809710000004026f0 +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH}: state_chg to VLR_SUB_AS_NEEDS_AUTH_WAIT_AI +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: Received Event RAN_CONN_E_COMPLETE_LAYER_3 +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: state_chg to RAN_CONN_S_AUTH_CIPH +DREF IMSI-901700000004620: MSC conn use - compl_l3 == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED + lu_result_sent == 0 +- from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS +<-- GSUP rx OSMO_GSUP_MSGT_SEND_AUTH_INFO_RESULT: 0a010809710000004026f003222010585df1ae287f6e273dce07090d61320b21042d8b2c3e220861855fb81fc2a8000322201012aca96fb4ffdea5c985cbafa9b6e18b210420bde240220807fa7502e07e1c0003222010e7c03ba7cf0e2fde82b2dc4d63077d422104a29514ae2208e2b234f80788640003222010fa8f20b781b5881329d4fea26b1a3c5121045afc8d7222082392f14f709ae000032220100fd4cc8dbe8715d1f439e304edfd68dc2104bc8d1c5b2208da7cdd6bfe2d7000 +DVLR GSUP rx 191: 0a010809710000004026f003222010585df1ae287f6e273dce07090d61320b21042d8b2c3e220861855fb81fc2a8000322201012aca96fb4ffdea5c985cbafa9b6e18b210420bde240220807fa7502e07e1c0003222010e7c03ba7cf0e2fde82b2dc4d63077d422104a29514ae2208e2b234f80788640003222010fa8f20b781b5881329d4fea26b1a3c5121045afc8d7222082392f14f709ae000032220100fd4cc8dbe8715d1f439e304edfd68dc2104bc8d1c5b2208da7cdd6bfe2d7000 +DREF VLR subscr IMSI-901700000004620 usage increases to: 2 +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH_WAIT_AI}: Received Event VLR_AUTH_E_HLR_SAI_ACK +DVLR SUBSCR(IMSI-901700000004620) Received 5 auth tuples +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH_WAIT_AI}: state_chg to VLR_SUB_AS_WAIT_RESP +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_WAIT_RESP}: got auth tuple: use_count=1 key_seq=0 -- will use GSM AKA (is_r99=no, at->vec.auth_types=0x1) +- sending GSM Auth Request for IMSI-901700000004620: tuple use_count=1 key_seq=0 auth_types=0x1 and... +- ...rand=585df1ae287f6e273dce07090d61320b +- ...expecting sres=2d8b2c3e +DREF VLR subscr IMSI-901700000004620 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_SEND_AUTH_INFO_RESULT: vlr_gsupc_read_cb() returns 0 + auth_request_sent == 1 + lu_result_sent == 0 +- If the HLR were to send a GSUP _UPDATE_LOCATION_RESULT we'd still reject +<-- GSUP rx OSMO_GSUP_MSGT_UPDATE_LOCATION_RESULT: 06010809710000004026f0 +DVLR GSUP rx 11: 06010809710000004026f0 +DREF VLR subscr IMSI-901700000004620 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: Received Event VLR_ULA_E_HLR_LU_RES +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: Event VLR_ULA_E_HLR_LU_RES not permitted +DREF VLR subscr IMSI-901700000004620 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_UPDATE_LOCATION_RESULT: vlr_gsupc_read_cb() returns 0 +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620: Message not permitted for initial conn: SMS:0x01 + lu_result_sent == 0 +- MS sends Authen Response, VLR accepts and sends GSUP LU Req to HLR + MSC <--GERAN-A-- MS: GSM48_MT_MM_AUTH_RESP +DREF IMSI-901700000004620: MSC conn use + dtap == 1 (0x2: dtap) +DRLL Dispatching 04.08 message GSM48_MT_MM_AUTH_RESP (0x5:0x14) +DMM IMSI-901700000004620: MM GSM AUTHENTICATION RESPONSE (sres = 2d8b2c3e) +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_WAIT_RESP}: Received Event VLR_AUTH_E_MS_AUTH_RESP +DVLR SUBSCR(IMSI-901700000004620) AUTH on GERAN received SRES/RES: 2d8b2c3e (4 bytes) +DVLR SUBSCR(IMSI-901700000004620) AUTH established GSM security context +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_WAIT_RESP}: Authentication terminating with result PASSED +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_WAIT_RESP}: state_chg to VLR_SUB_AS_AUTHENTICATED +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_AUTHENTICATED}: Terminating (cause = OSMO_FSM_TERM_REGULAR) +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_AUTHENTICATED}: Removing from parent vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU) +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_AUTHENTICATED}: Freeing instance +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_AUTHENTICATED}: Deallocated +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: Received Event VLR_ULA_E_AUTH_RES +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_post_auth() +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_post_ciph() +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_node_4() +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: state_chg to VLR_ULA_S_WAIT_HLR_UPD +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_INIT}: Allocated +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_INIT}: is child of vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU) +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_INIT}: Received Event UPD_HLR_VLR_E_START +DVLR GSUP tx: 04010809710000004026f0280102 +GSUP --> HLR: OSMO_GSUP_MSGT_UPDATE_LOCATION_REQUEST: 04010809710000004026f0280102 +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_INIT}: state_chg to UPD_HLR_VLR_S_WAIT_FOR_DATA +DREF IMSI-901700000004620: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED + lu_result_sent == 0 +- HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT +<-- GSUP rx OSMO_GSUP_MSGT_INSERT_DATA_REQUEST: 10010809710000004026f00804036470f1 +DVLR GSUP rx 17: 10010809710000004026f00804036470f1 +DREF VLR subscr IMSI-901700000004620 usage increases to: 2 +DVLR IMSI:901700000004620 has MSISDN:46071 +DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071) VLR: update for IMSI=901700000004620 (MSISDN=46071, used=2) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Updated ID +DVLR GSUP tx: 12010809710000004026f0 +GSUP --> HLR: OSMO_GSUP_MSGT_INSERT_DATA_RESULT: 12010809710000004026f0 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_INSERT_DATA_REQUEST: vlr_gsupc_read_cb() returns 0 + lu_result_sent == 0 +- HLR also sends GSUP _UPDATE_LOCATION_RESULT, and we send an ID Request for the IMEI to the MS +<-- GSUP rx OSMO_GSUP_MSGT_UPDATE_LOCATION_RESULT: 06010809710000004026f0 +DVLR GSUP rx 11: 06010809710000004026f0 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_HLR_UPD}: Received Event VLR_ULA_E_HLR_LU_RES +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_WAIT_FOR_DATA}: Received Event UPD_HLR_VLR_E_UPD_LOC_ACK +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_WAIT_FOR_DATA}: state_chg to UPD_HLR_VLR_S_DONE +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_DONE}: Terminating (cause = OSMO_FSM_TERM_REGULAR) +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_DONE}: Removing from parent vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU) +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_DONE}: Freeing instance +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_DONE}: Deallocated +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_HLR_UPD}: Received Event VLR_ULA_E_UPD_HLR_COMPL +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_HLR_UPD}: state_chg to VLR_ULA_S_WAIT_LU_COMPL +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_INIT}: Allocated +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_INIT}: is child of vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU) +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_INIT}: Received Event LU_COMPL_VLR_E_START +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_INIT}: state_chg to LU_COMPL_VLR_S_WAIT_SUB_PRES +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_SUB_PRES}: Received Event LU_COMPL_VLR_E_SUB_PRES_COMPL +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_SUB_PRES}: state_chg to LU_COMPL_VLR_S_WAIT_IMEI +DMSC msc_tx 3 bytes to IMSI-901700000004620:MSISDN-46071 via GERAN-A +- DTAP --GERAN-A--> MS: GSM48_MT_MM_ID_REQ: 051802 +- DTAP matches expected message +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_UPDATE_LOCATION_RESULT: vlr_gsupc_read_cb() returns 0 +- We will only do business when the IMEI is known + llist_count(&net->ran_conns) == 1 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 + vsub->imei[0] == 0 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 1 +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 +- MS replies with an Identity Response, VLR sends the IMEI to HLR + MSC <--GERAN-A-- MS: GSM48_MT_MM_ID_RESP +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + dtap == 1 (0x2: dtap) +DRLL Dispatching 04.08 message GSM48_MT_MM_ID_RESP (0x5:0x19) +DMM IDENTITY RESPONSE: MI=IMEI-423423423423420 +DVLR set IMEI on subscriber; IMSI=901700000004620 IMEI=423423423423420 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_ID_IMEI +DVLR GSUP tx: 30010809710000004026f050090824433224433224f0 +GSUP --> HLR: OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST: 30010809710000004026f050090824433224433224f0 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 +- HLR does not like the IMEI and sends NACK +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: 32010809710000004026f0510101 +DVLR GSUP rx 14: 32010809710000004026f0510101 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_HLR_IMEI_NACK +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: Received Event LU_COMPL_VLR_E_IMEI_CHECK_NACK +- sending LU Reject for IMSI-901700000004620:MSISDN-46071, cause 6 +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: state_chg to LU_COMPL_VLR_S_DONE +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_LU_COMPL_FAILURE +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Terminating (cause = OSMO_FSM_TERM_PARENT) +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Removing from parent vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU) +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Freeing instance +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Deallocated +- sending LU Reject for IMSI-901700000004620:MSISDN-46071, cause 6 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: state_chg to VLR_ULA_S_DONE +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_CN_CLOSE +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: state_chg to RAN_CONN_S_RELEASING +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + release == 1 (0x100: release) +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 3 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 2 +- BSSAP Clear --GERAN-A--> MS +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: vlr_gsupc_read_cb() returns 0 +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 +- BSS sends BSSMAP Clear Complete +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - release == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_RELEASING}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_RELEASING}: state_chg to RAN_CONN_S_RELEASED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_RELEASED}: Terminating (cause = OSMO_FSM_TERM_REGULAR) +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_DONE}: Terminating (cause = OSMO_FSM_TERM_PARENT) +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_DONE}: Removing from parent RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU) +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_DONE}: fsm_lu_cleanup called with cause OSMO_FSM_TERM_PARENT +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_DONE}: Freeing instance +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_DONE}: Deallocated +DRLL IMSI-901700000004620:MSISDN-46071: Freeing RAN connection +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 0 +DREF freeing VLR subscr IMSI-901700000004620:MSISDN-46071 +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_RELEASED}: Freeing instance +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_RELEASED}: Deallocated + llist_count(&net->ran_conns) == 0 +===== test_gsm_authen_imei_nack: SUCCESS + +full talloc report on 'msgb' (total 0 bytes in 1 blocks) +talloc_total_blocks(tall_bsc_ctx) == 13 + +===== test_gsm_authen_imei_err +- Location Update request causes a GSUP Send Auth Info request to HLR + MSC <--GERAN-A-- MS: GSM48_MT_MM_LOC_UPD_REQUEST + new conn +DMM RAN_conn{RAN_CONN_S_NEW}: Allocated +DREF unknown: MSC conn use + compl_l3 == 1 (0x1: compl_l3) +DRLL Dispatching 04.08 message GSM48_MT_MM_LOC_UPD_REQUEST (0x5:0x8) +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: Updated ID +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: LOCATION UPDATING REQUEST: MI=IMSI-901700000004620 LU-type=IMSI-ATTACH +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: LU/new-LAC: 1/23 +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: Allocated +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: is child of RAN_conn(IMSI-901700000004620:GERAN-A-0:LU) +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: rev=GSM net=GERAN Auth (no Ciph) +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: Received Event VLR_ULA_E_UPDATE_LA +DREF VLR subscr unknown usage increases to: 1 +DVLR set IMSI on subscriber; IMSI=901700000004620 id=901700000004620 +DVLR New subscr, IMSI: 901700000004620 +DREF VLR subscr IMSI-901700000004620 usage increases to: 2 +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: Updated ID +DREF VLR subscr IMSI-901700000004620 usage decreases to: 1 +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: vlr_loc_upd_node1() +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_IDLE}: state_chg to VLR_ULA_S_WAIT_AUTH +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH}: Allocated +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH}: is child of vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU) +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH}: Received Event VLR_AUTH_E_START +DVLR GSUP tx: 08010809710000004026f0 +GSUP --> HLR: OSMO_GSUP_MSGT_SEND_AUTH_INFO_REQUEST: 08010809710000004026f0 +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH}: state_chg to VLR_SUB_AS_NEEDS_AUTH_WAIT_AI +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: Received Event RAN_CONN_E_COMPLETE_LAYER_3 +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_NEW}: state_chg to RAN_CONN_S_AUTH_CIPH +DREF IMSI-901700000004620: MSC conn use - compl_l3 == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED + lu_result_sent == 0 +- from HLR, rx _SEND_AUTH_INFO_RESULT; VLR sends Auth Req to MS +<-- GSUP rx OSMO_GSUP_MSGT_SEND_AUTH_INFO_RESULT: 0a010809710000004026f003222010585df1ae287f6e273dce07090d61320b21042d8b2c3e220861855fb81fc2a8000322201012aca96fb4ffdea5c985cbafa9b6e18b210420bde240220807fa7502e07e1c0003222010e7c03ba7cf0e2fde82b2dc4d63077d422104a29514ae2208e2b234f80788640003222010fa8f20b781b5881329d4fea26b1a3c5121045afc8d7222082392f14f709ae000032220100fd4cc8dbe8715d1f439e304edfd68dc2104bc8d1c5b2208da7cdd6bfe2d7000 +DVLR GSUP rx 191: 0a010809710000004026f003222010585df1ae287f6e273dce07090d61320b21042d8b2c3e220861855fb81fc2a8000322201012aca96fb4ffdea5c985cbafa9b6e18b210420bde240220807fa7502e07e1c0003222010e7c03ba7cf0e2fde82b2dc4d63077d422104a29514ae2208e2b234f80788640003222010fa8f20b781b5881329d4fea26b1a3c5121045afc8d7222082392f14f709ae000032220100fd4cc8dbe8715d1f439e304edfd68dc2104bc8d1c5b2208da7cdd6bfe2d7000 +DREF VLR subscr IMSI-901700000004620 usage increases to: 2 +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH_WAIT_AI}: Received Event VLR_AUTH_E_HLR_SAI_ACK +DVLR SUBSCR(IMSI-901700000004620) Received 5 auth tuples +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_NEEDS_AUTH_WAIT_AI}: state_chg to VLR_SUB_AS_WAIT_RESP +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_WAIT_RESP}: got auth tuple: use_count=1 key_seq=0 -- will use GSM AKA (is_r99=no, at->vec.auth_types=0x1) +- sending GSM Auth Request for IMSI-901700000004620: tuple use_count=1 key_seq=0 auth_types=0x1 and... +- ...rand=585df1ae287f6e273dce07090d61320b +- ...expecting sres=2d8b2c3e +DREF VLR subscr IMSI-901700000004620 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_SEND_AUTH_INFO_RESULT: vlr_gsupc_read_cb() returns 0 + auth_request_sent == 1 + lu_result_sent == 0 +- If the HLR were to send a GSUP _UPDATE_LOCATION_RESULT we'd still reject +<-- GSUP rx OSMO_GSUP_MSGT_UPDATE_LOCATION_RESULT: 06010809710000004026f0 +DVLR GSUP rx 11: 06010809710000004026f0 +DREF VLR subscr IMSI-901700000004620 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: Received Event VLR_ULA_E_HLR_LU_RES +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: Event VLR_ULA_E_HLR_LU_RES not permitted +DREF VLR subscr IMSI-901700000004620 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_UPDATE_LOCATION_RESULT: vlr_gsupc_read_cb() returns 0 +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620: Message not permitted for initial conn: SMS:0x01 + lu_result_sent == 0 +- MS sends Authen Response, VLR accepts and sends GSUP LU Req to HLR + MSC <--GERAN-A-- MS: GSM48_MT_MM_AUTH_RESP +DREF IMSI-901700000004620: MSC conn use + dtap == 1 (0x2: dtap) +DRLL Dispatching 04.08 message GSM48_MT_MM_AUTH_RESP (0x5:0x14) +DMM IMSI-901700000004620: MM GSM AUTHENTICATION RESPONSE (sres = 2d8b2c3e) +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_WAIT_RESP}: Received Event VLR_AUTH_E_MS_AUTH_RESP +DVLR SUBSCR(IMSI-901700000004620) AUTH on GERAN received SRES/RES: 2d8b2c3e (4 bytes) +DVLR SUBSCR(IMSI-901700000004620) AUTH established GSM security context +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_WAIT_RESP}: Authentication terminating with result PASSED +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_WAIT_RESP}: state_chg to VLR_SUB_AS_AUTHENTICATED +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_AUTHENTICATED}: Terminating (cause = OSMO_FSM_TERM_REGULAR) +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_AUTHENTICATED}: Removing from parent vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU) +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_AUTHENTICATED}: Freeing instance +DVLR VLR_Authenticate(IMSI-901700000004620:GERAN-A-0:LU){VLR_SUB_AS_AUTHENTICATED}: Deallocated +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: Received Event VLR_ULA_E_AUTH_RES +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_post_auth() +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_post_ciph() +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: vlr_loc_upd_node_4() +DVLR vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU){VLR_ULA_S_WAIT_AUTH}: state_chg to VLR_ULA_S_WAIT_HLR_UPD +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_INIT}: Allocated +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_INIT}: is child of vlr_lu_fsm(IMSI-901700000004620:GERAN-A-0:LU) +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_INIT}: Received Event UPD_HLR_VLR_E_START +DVLR GSUP tx: 04010809710000004026f0280102 +GSUP --> HLR: OSMO_GSUP_MSGT_UPDATE_LOCATION_REQUEST: 04010809710000004026f0280102 +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_INIT}: state_chg to UPD_HLR_VLR_S_WAIT_FOR_DATA +DREF IMSI-901700000004620: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED + lu_result_sent == 0 +- HLR sends _INSERT_DATA_REQUEST, VLR responds with _INSERT_DATA_RESULT +<-- GSUP rx OSMO_GSUP_MSGT_INSERT_DATA_REQUEST: 10010809710000004026f00804036470f1 +DVLR GSUP rx 17: 10010809710000004026f00804036470f1 +DREF VLR subscr IMSI-901700000004620 usage increases to: 2 +DVLR IMSI:901700000004620 has MSISDN:46071 +DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071) VLR: update for IMSI=901700000004620 (MSISDN=46071, used=2) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Updated ID +DVLR GSUP tx: 12010809710000004026f0 +GSUP --> HLR: OSMO_GSUP_MSGT_INSERT_DATA_RESULT: 12010809710000004026f0 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_INSERT_DATA_REQUEST: vlr_gsupc_read_cb() returns 0 + lu_result_sent == 0 +- HLR also sends GSUP _UPDATE_LOCATION_RESULT, and we send an ID Request for the IMEI to the MS +<-- GSUP rx OSMO_GSUP_MSGT_UPDATE_LOCATION_RESULT: 06010809710000004026f0 +DVLR GSUP rx 11: 06010809710000004026f0 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_HLR_UPD}: Received Event VLR_ULA_E_HLR_LU_RES +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_WAIT_FOR_DATA}: Received Event UPD_HLR_VLR_E_UPD_LOC_ACK +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_WAIT_FOR_DATA}: state_chg to UPD_HLR_VLR_S_DONE +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_DONE}: Terminating (cause = OSMO_FSM_TERM_REGULAR) +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_DONE}: Removing from parent vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU) +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_DONE}: Freeing instance +DVLR upd_hlr_vlr_fsm(IMSI-901700000004620:GERAN-A-0:LU){UPD_HLR_VLR_S_DONE}: Deallocated +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_HLR_UPD}: Received Event VLR_ULA_E_UPD_HLR_COMPL +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_HLR_UPD}: state_chg to VLR_ULA_S_WAIT_LU_COMPL +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_INIT}: Allocated +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_INIT}: is child of vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU) +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_INIT}: Received Event LU_COMPL_VLR_E_START +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_INIT}: state_chg to LU_COMPL_VLR_S_WAIT_SUB_PRES +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_SUB_PRES}: Received Event LU_COMPL_VLR_E_SUB_PRES_COMPL +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_SUB_PRES}: state_chg to LU_COMPL_VLR_S_WAIT_IMEI +DMSC msc_tx 3 bytes to IMSI-901700000004620:MSISDN-46071 via GERAN-A +- DTAP --GERAN-A--> MS: GSM48_MT_MM_ID_REQ: 051802 +- DTAP matches expected message +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_UPDATE_LOCATION_RESULT: vlr_gsupc_read_cb() returns 0 +- We will only do business when the IMEI is known + llist_count(&net->ran_conns) == 1 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 + vsub->imei[0] == 0 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 1 +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 +- MS replies with an Identity Response, VLR sends the IMEI to HLR + MSC <--GERAN-A-- MS: GSM48_MT_MM_ID_RESP +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + dtap == 1 (0x2: dtap) +DRLL Dispatching 04.08 message GSM48_MT_MM_ID_RESP (0x5:0x19) +DMM IDENTITY RESPONSE: MI=IMEI-423423423423420 +DVLR set IMEI on subscriber; IMSI=901700000004620 IMEI=423423423423420 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_ID_IMEI +DVLR GSUP tx: 30010809710000004026f050090824433224433224f0 +GSUP --> HLR: OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST: 30010809710000004026f050090824433224433224f0 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 +- HLR can't parse the message and returns ERR +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_ERROR: 31010809710000004026f0020160 +DVLR GSUP rx 14: 31010809710000004026f0020160 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071) Check_IMEI_VLR failed; gmm_cause: Invalid mandatory information +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_HLR_IMEI_NACK +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: Received Event LU_COMPL_VLR_E_IMEI_CHECK_NACK +- sending LU Reject for IMSI-901700000004620:MSISDN-46071, cause 6 +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: state_chg to LU_COMPL_VLR_S_DONE +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_LU_COMPL_FAILURE +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Terminating (cause = OSMO_FSM_TERM_PARENT) +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Removing from parent vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU) +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Freeing instance +DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Deallocated +- sending LU Reject for IMSI-901700000004620:MSISDN-46071, cause 6 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: state_chg to VLR_ULA_S_DONE +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_CN_CLOSE +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: state_chg to RAN_CONN_S_RELEASING +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + release == 1 (0x100: release) +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 3 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 2 +- BSSAP Clear --GERAN-A--> MS +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_ERROR: vlr_gsupc_read_cb() returns 0 +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 +- BSS sends BSSMAP Clear Complete +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - release == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_RELEASING}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_RELEASING}: state_chg to RAN_CONN_S_RELEASED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_RELEASED}: Terminating (cause = OSMO_FSM_TERM_REGULAR) +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_DONE}: Terminating (cause = OSMO_FSM_TERM_PARENT) +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_DONE}: Removing from parent RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU) +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_DONE}: fsm_lu_cleanup called with cause OSMO_FSM_TERM_PARENT +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_DONE}: Freeing instance +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_DONE}: Deallocated +DRLL IMSI-901700000004620:MSISDN-46071: Freeing RAN connection +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 0 +DREF freeing VLR subscr IMSI-901700000004620:MSISDN-46071 +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_RELEASED}: Freeing instance +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_RELEASED}: Deallocated + llist_count(&net->ran_conns) == 0 +===== test_gsm_authen_imei_err: SUCCESS + +full talloc report on 'msgb' (total 0 bytes in 1 blocks) +talloc_total_blocks(tall_bsc_ctx) == 13 + ===== test_gsm_authen_tmsi_imei - Location Update request causes a GSUP Send Auth Info request to HLR MSC <--GERAN-A-- MS: GSM48_MT_MM_LOC_UPD_REQUEST @@ -1485,22 +1955,41 @@ DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 -- MS replies with an Identity Response +- MS replies with an Identity Response, VLR sends the IMEI to HLR MSC <--GERAN-A-- MS: GSM48_MT_MM_ID_RESP DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + dtap == 1 (0x2: dtap) DRLL Dispatching 04.08 message GSM48_MT_MM_ID_RESP (0x5:0x19) DMM IDENTITY RESPONSE: MI=IMEI-423423423423420 DVLR set IMEI on subscriber; IMSI=901700000004620 IMEI=423423423423420 DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_ID_IMEI +DVLR GSUP tx: 30010809710000004026f050090824433224433224f0 +GSUP --> HLR: OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST: 30010809710000004026f050090824433224433224f0 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 +- HLR accepts the IMEI +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: 32010809710000004026f0510100 +DVLR GSUP rx 14: 32010809710000004026f0510100 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_HLR_IMEI_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: Received Event LU_COMPL_VLR_E_IMEI_CHECK_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: lu_compl_vlr_new_tmsi() -DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100) VLR: update for IMSI=901700000004620 (MSISDN=46071, used=1) +DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100) VLR: update for IMSI=901700000004620 (MSISDN=46071, used=2) DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Updated ID DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: state_chg to LU_COMPL_VLR_S_WAIT_TMSI_CNF - sending LU Accept for IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100, with TMSI 0x03020100 -DREF IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100: MSC conn use - dtap == 0 (0x0: ) -DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED -DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +DREF VLR subscr IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: vlr_gsupc_read_cb() returns 0 - a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl llist_count(&net->ran_conns) == 1 lu_result_sent == 1 diff --git a/tests/msc_vlr/msc_vlr_test_gsm_ciph.c b/tests/msc_vlr/msc_vlr_test_gsm_ciph.c index a641ec22e..31b5f5d32 100644 --- a/tests/msc_vlr/msc_vlr_test_gsm_ciph.c +++ b/tests/msc_vlr/msc_vlr_test_gsm_ciph.c @@ -553,9 +553,15 @@ static void test_ciph_imei() EXPECT_ACCEPTED(false); thwart_rx_non_initial_requests(); - btw("MS replies with an Identity Response"); - expect_bssap_clear(); + btw("MS replies with an Identity Response, VLR sends the IMEI to HLR"); + gsup_expect_tx("30010809710000004026f050090824433224433224f0"); ms_sends_msg("0559084a32244332244302"); + EXPECT_ACCEPTED(false); + thwart_rx_non_initial_requests(); + + btw("HLR accepts the IMEI"); + expect_bssap_clear(); + gsup_rx("32010809710000004026f0510100", NULL); VERBOSE_ASSERT(bssap_clear_sent, == true, "%d"); btw("LU was successful, and the conn has already been closed"); @@ -758,8 +764,14 @@ static void test_ciph_tmsi_imei() EXPECT_ACCEPTED(false); thwart_rx_non_initial_requests(); - btw("MS replies with an Identity Response"); + btw("MS replies with an Identity Response, VLR sends the IMEI to HLR"); + gsup_expect_tx("30010809710000004026f050090824433224433224f0"); ms_sends_msg("0559084a32244332244302"); + EXPECT_ACCEPTED(false); + thwart_rx_non_initial_requests(); + + btw("HLR accepts the IMEI"); + gsup_rx("32010809710000004026f0510100", NULL); btw("a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl"); EXPECT_CONN_COUNT(1); diff --git a/tests/msc_vlr/msc_vlr_test_gsm_ciph.err b/tests/msc_vlr/msc_vlr_test_gsm_ciph.err index 65e182c44..914683f59 100644 --- a/tests/msc_vlr/msc_vlr_test_gsm_ciph.err +++ b/tests/msc_vlr/msc_vlr_test_gsm_ciph.err @@ -1192,16 +1192,36 @@ DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 -- MS replies with an Identity Response +- MS replies with an Identity Response, VLR sends the IMEI to HLR MSC <--GERAN-A-- MS: GSM48_MT_MM_ID_RESP DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + dtap == 1 (0x2: dtap) DRLL Dispatching 04.08 message GSM48_MT_MM_ID_RESP (0x5:0x19) DMM IDENTITY RESPONSE: MI=IMEI-423423423423420 DVLR set IMEI on subscriber; IMSI=901700000004620 IMEI=423423423423420 DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_ID_IMEI +DVLR GSUP tx: 30010809710000004026f050090824433224433224f0 +GSUP --> HLR: OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST: 30010809710000004026f050090824433224433224f0 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 +- HLR accepts the IMEI +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: 32010809710000004026f0510100 +DVLR GSUP rx 14: 32010809710000004026f0510100 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_HLR_IMEI_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: Received Event LU_COMPL_VLR_E_IMEI_CHECK_ACK - sending LU Accept for IMSI-901700000004620:MSISDN-46071 -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 3 DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: state_chg to LU_COMPL_VLR_S_DONE DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_LU_COMPL_SUCCESS DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Terminating (cause = OSMO_FSM_TERM_PARENT) @@ -1213,11 +1233,12 @@ DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIP DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: state_chg to RAN_CONN_S_ACCEPTED DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_ACCEPTED}: Received Event RAN_CONN_E_UNUSED DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_ACCEPTED}: state_chg to RAN_CONN_S_RELEASING -DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + release == 2 (0x102: dtap,release) -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 3 -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 2 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + release == 1 (0x100: release) +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 4 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 3 - BSSAP Clear --GERAN-A--> MS -DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 1 (0x100: release) +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 2 +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: vlr_gsupc_read_cb() returns 0 bssap_clear_sent == 1 - LU was successful, and the conn has already been closed lu_result_sent == 1 @@ -1651,22 +1672,41 @@ DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 -- MS replies with an Identity Response +- MS replies with an Identity Response, VLR sends the IMEI to HLR MSC <--GERAN-A-- MS: GSM48_MT_MM_ID_RESP DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + dtap == 1 (0x2: dtap) DRLL Dispatching 04.08 message GSM48_MT_MM_ID_RESP (0x5:0x19) DMM IDENTITY RESPONSE: MI=IMEI-423423423423420 DVLR set IMEI on subscriber; IMSI=901700000004620 IMEI=423423423423420 DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_ID_IMEI +DVLR GSUP tx: 30010809710000004026f050090824433224433224f0 +GSUP --> HLR: OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST: 30010809710000004026f050090824433224433224f0 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +ran_conn_is_accepted() == false + requests shall be thwarted +DRLL Dispatching 04.08 message GSM48_MT_CC_SETUP (0x3:0x5) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_CC_SETUP +DRLL Dispatching 04.08 message unknown 0x33 (0x5:0x33) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: unknown 0x33 +DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 +DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) +DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 +- HLR accepts the IMEI +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: 32010809710000004026f0510100 +DVLR GSUP rx 14: 32010809710000004026f0510100 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_HLR_IMEI_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: Received Event LU_COMPL_VLR_E_IMEI_CHECK_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: lu_compl_vlr_new_tmsi() -DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100) VLR: update for IMSI=901700000004620 (MSISDN=46071, used=1) +DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100) VLR: update for IMSI=901700000004620 (MSISDN=46071, used=2) DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Updated ID DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: state_chg to LU_COMPL_VLR_S_WAIT_TMSI_CNF - sending LU Accept for IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100, with TMSI 0x03020100 -DREF IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100: MSC conn use - dtap == 0 (0x0: ) -DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED -DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +DREF VLR subscr IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: vlr_gsupc_read_cb() returns 0 - a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl llist_count(&net->ran_conns) == 1 lu_result_sent == 1 diff --git a/tests/msc_vlr/msc_vlr_test_no_authen.c b/tests/msc_vlr/msc_vlr_test_no_authen.c index 3162149dc..d52d3d6ff 100644 --- a/tests/msc_vlr/msc_vlr_test_no_authen.c +++ b/tests/msc_vlr/msc_vlr_test_no_authen.c @@ -428,11 +428,15 @@ static void test_no_authen_imei() EXPECT_ACCEPTED(false); thwart_rx_non_initial_requests(); - btw("MS replies with an Identity Response"); - expect_bssap_clear(); + btw("MS replies with an Identity Response, VLR sends the IMEI to HLR"); + gsup_expect_tx("30010809710000004026f050090824433224433224f0"); /* 3GPP TS 23.003: 6.2.1 Composition of IMEI: the IMEI ends with a * spare digit that shall be sent as zero by the MS. */ ms_sends_msg("0559084a32244332244302"); + + btw("HLR accepts the IMEI"); + expect_bssap_clear(); + gsup_rx("32010809710000004026f0510100", NULL); VERBOSE_ASSERT(bssap_clear_sent, == true, "%d"); btw("LU was successful, and the conn has already been closed"); @@ -499,9 +503,13 @@ static void test_no_authen_tmsi_imei() EXPECT_ACCEPTED(false); thwart_rx_non_initial_requests(); - btw("MS replies with an Identity Response"); + btw("MS replies with an Identity Response, VLR sends the IMEI to HLR"); + gsup_expect_tx("30010809710000004026f050090824433224433224f0"); ms_sends_msg("0559084a32244332244302"); + btw("HLR accepts the IMEI"); + gsup_rx("32010809710000004026f0510100", NULL); + btw("a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl"); EXPECT_CONN_COUNT(1); VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d"); @@ -652,9 +660,13 @@ static void test_no_authen_imeisv_imei() EXPECT_ACCEPTED(false); thwart_rx_non_initial_requests(); - btw("MS replies with an Identity Response"); - expect_bssap_clear(); + btw("MS replies with an Identity Response, VLR sends the IMEI to HLR"); + gsup_expect_tx("30010809710000004026f050090824433224433224f0"); ms_sends_msg("0559084a32244332244302"); + + btw("HLR accepts the IMEI"); + expect_bssap_clear(); + gsup_rx("32010809710000004026f0510100", NULL); VERBOSE_ASSERT(bssap_clear_sent, == true, "%d"); btw("LU was successful, and the conn has already been closed"); @@ -874,9 +886,13 @@ static void test_no_authen_imeisv_tmsi_imei() EXPECT_ACCEPTED(false); thwart_rx_non_initial_requests(); - btw("MS replies with an Identity Response"); + btw("MS replies with an Identity Response, VLR sends the IMEI to HLR"); + gsup_expect_tx("30010809710000004026f050090824433224433224f0"); ms_sends_msg("0559084a32244332244302"); + btw("HLR accepts the IMEI"); + gsup_rx("32010809710000004026f0510100", NULL); + btw("a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl"); EXPECT_CONN_COUNT(1); VERBOSE_ASSERT(lu_result_sent, == RES_ACCEPT, "%d"); diff --git a/tests/msc_vlr/msc_vlr_test_no_authen.err b/tests/msc_vlr/msc_vlr_test_no_authen.err index 3e28468fb..3f6d8cd0b 100644 --- a/tests/msc_vlr/msc_vlr_test_no_authen.err +++ b/tests/msc_vlr/msc_vlr_test_no_authen.err @@ -933,16 +933,26 @@ DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 -- MS replies with an Identity Response +- MS replies with an Identity Response, VLR sends the IMEI to HLR MSC <--GERAN-A-- MS: GSM48_MT_MM_ID_RESP DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + dtap == 1 (0x2: dtap) DRLL Dispatching 04.08 message GSM48_MT_MM_ID_RESP (0x5:0x19) DMM IDENTITY RESPONSE: MI=IMEI-423423423423420 DVLR set IMEI on subscriber; IMSI=901700000004620 IMEI=423423423423420 DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_ID_IMEI +DVLR GSUP tx: 30010809710000004026f050090824433224433224f0 +GSUP --> HLR: OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST: 30010809710000004026f050090824433224433224f0 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +- HLR accepts the IMEI +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: 32010809710000004026f0510100 +DVLR GSUP rx 14: 32010809710000004026f0510100 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_HLR_IMEI_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: Received Event LU_COMPL_VLR_E_IMEI_CHECK_ACK - sending LU Accept for IMSI-901700000004620:MSISDN-46071 -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 3 DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: state_chg to LU_COMPL_VLR_S_DONE DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_LU_COMPL_SUCCESS DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Terminating (cause = OSMO_FSM_TERM_PARENT) @@ -954,11 +964,12 @@ DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIP DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: state_chg to RAN_CONN_S_ACCEPTED DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_ACCEPTED}: Received Event RAN_CONN_E_UNUSED DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_ACCEPTED}: state_chg to RAN_CONN_S_RELEASING -DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + release == 2 (0x102: dtap,release) -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 3 -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 2 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + release == 1 (0x100: release) +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 4 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 3 - BSSAP Clear --GERAN-A--> MS -DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 1 (0x100: release) +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 2 +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: vlr_gsupc_read_cb() returns 0 bssap_clear_sent == 1 - LU was successful, and the conn has already been closed lu_result_sent == 1 @@ -1116,22 +1127,31 @@ DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 -- MS replies with an Identity Response +- MS replies with an Identity Response, VLR sends the IMEI to HLR MSC <--GERAN-A-- MS: GSM48_MT_MM_ID_RESP DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + dtap == 1 (0x2: dtap) DRLL Dispatching 04.08 message GSM48_MT_MM_ID_RESP (0x5:0x19) DMM IDENTITY RESPONSE: MI=IMEI-423423423423420 DVLR set IMEI on subscriber; IMSI=901700000004620 IMEI=423423423423420 DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_ID_IMEI +DVLR GSUP tx: 30010809710000004026f050090824433224433224f0 +GSUP --> HLR: OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST: 30010809710000004026f050090824433224433224f0 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +- HLR accepts the IMEI +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: 32010809710000004026f0510100 +DVLR GSUP rx 14: 32010809710000004026f0510100 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_HLR_IMEI_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: Received Event LU_COMPL_VLR_E_IMEI_CHECK_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: lu_compl_vlr_new_tmsi() -DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100) VLR: update for IMSI=901700000004620 (MSISDN=46071, used=1) +DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100) VLR: update for IMSI=901700000004620 (MSISDN=46071, used=2) DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Updated ID DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: state_chg to LU_COMPL_VLR_S_WAIT_TMSI_CNF - sending LU Accept for IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100, with TMSI 0x03020100 -DREF IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100: MSC conn use - dtap == 0 (0x0: ) -DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED -DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +DREF VLR subscr IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: vlr_gsupc_read_cb() returns 0 - a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl llist_count(&net->ran_conns) == 1 lu_result_sent == 1 @@ -1516,16 +1536,26 @@ DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 -- MS replies with an Identity Response +- MS replies with an Identity Response, VLR sends the IMEI to HLR MSC <--GERAN-A-- MS: GSM48_MT_MM_ID_RESP DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + dtap == 1 (0x2: dtap) DRLL Dispatching 04.08 message GSM48_MT_MM_ID_RESP (0x5:0x19) DMM IDENTITY RESPONSE: MI=IMEI-423423423423420 DVLR set IMEI on subscriber; IMSI=901700000004620 IMEI=423423423423420 DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_ID_IMEI +DVLR GSUP tx: 30010809710000004026f050090824433224433224f0 +GSUP --> HLR: OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST: 30010809710000004026f050090824433224433224f0 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +- HLR accepts the IMEI +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: 32010809710000004026f0510100 +DVLR GSUP rx 14: 32010809710000004026f0510100 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_HLR_IMEI_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: Received Event LU_COMPL_VLR_E_IMEI_CHECK_ACK - sending LU Accept for IMSI-901700000004620:MSISDN-46071 -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 3 DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI}: state_chg to LU_COMPL_VLR_S_DONE DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_LU_COMPL_SUCCESS DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_DONE}: Terminating (cause = OSMO_FSM_TERM_PARENT) @@ -1537,11 +1567,12 @@ DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIP DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: state_chg to RAN_CONN_S_ACCEPTED DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_ACCEPTED}: Received Event RAN_CONN_E_UNUSED DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_ACCEPTED}: state_chg to RAN_CONN_S_RELEASING -DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + release == 2 (0x102: dtap,release) -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 3 -DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 2 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + release == 1 (0x100: release) +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 4 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 3 - BSSAP Clear --GERAN-A--> MS -DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 1 (0x100: release) +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage decreases to: 2 +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: vlr_gsupc_read_cb() returns 0 bssap_clear_sent == 1 - LU was successful, and the conn has already been closed lu_result_sent == 1 @@ -2091,22 +2122,31 @@ DRLL Dispatching 04.08 message GSM48_MT_RR_SYSINFO_1 (0x6:0x19) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: GSM48_MT_RR_SYSINFO_1 DRLL Dispatching 04.08 message SMS:0x01 (0x9:0x1) DRLL subscr IMSI-901700000004620:MSISDN-46071: Message not permitted for initial conn: SMS:0x01 -- MS replies with an Identity Response +- MS replies with an Identity Response, VLR sends the IMEI to HLR MSC <--GERAN-A-- MS: GSM48_MT_MM_ID_RESP DREF IMSI-901700000004620:MSISDN-46071: MSC conn use + dtap == 1 (0x2: dtap) DRLL Dispatching 04.08 message GSM48_MT_MM_ID_RESP (0x5:0x19) DMM IDENTITY RESPONSE: MI=IMEI-423423423423420 DVLR set IMEI on subscriber; IMSI=901700000004620 IMEI=423423423423420 DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_ID_IMEI +DVLR GSUP tx: 30010809710000004026f050090824433224433224f0 +GSUP --> HLR: OSMO_GSUP_MSGT_CHECK_IMEI_REQUEST: 30010809710000004026f050090824433224433224f0 +DREF IMSI-901700000004620:MSISDN-46071: MSC conn use - dtap == 0 (0x0: ) +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED +DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +- HLR accepts the IMEI +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: 32010809710000004026f0510100 +DVLR GSUP rx 14: 32010809710000004026f0510100 +DREF VLR subscr IMSI-901700000004620:MSISDN-46071 usage increases to: 2 +DVLR vlr_lu_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){VLR_ULA_S_WAIT_LU_COMPL}: Received Event VLR_ULA_E_HLR_IMEI_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: Received Event LU_COMPL_VLR_E_IMEI_CHECK_ACK DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: lu_compl_vlr_new_tmsi() -DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100) VLR: update for IMSI=901700000004620 (MSISDN=46071, used=1) +DVLR SUBSCR(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100) VLR: update for IMSI=901700000004620 (MSISDN=46071, used=2) DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Updated ID DVLR lu_compl_vlr_fsm(IMSI-901700000004620:MSISDN-46071:GERAN-A-0:LU){LU_COMPL_VLR_S_WAIT_IMEI_TMSI}: state_chg to LU_COMPL_VLR_S_WAIT_TMSI_CNF - sending LU Accept for IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100, with TMSI 0x03020100 -DREF IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100: MSC conn use - dtap == 0 (0x0: ) -DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Received Event RAN_CONN_E_UNUSED -DMM RAN_conn(IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100:GERAN-A-0:LU){RAN_CONN_S_AUTH_CIPH}: Awaiting results for Auth+Ciph, overruling event RAN_CONN_E_UNUSED +DREF VLR subscr IMSI-901700000004620:MSISDN-46071:TMSInew-0x03020100 usage decreases to: 1 +<-- GSUP rx OSMO_GSUP_MSGT_CHECK_IMEI_RESULT: vlr_gsupc_read_cb() returns 0 - a LU Accept with a new TMSI was sent, waiting for TMSI Realloc Compl llist_count(&net->ran_conns) == 1 lu_result_sent == 1