From a4abd96ab6c5490b5d79f26c6007c5792abd028e Mon Sep 17 00:00:00 2001 From: Andre Puschmann Date: Fri, 3 Apr 2020 21:25:16 +0200 Subject: [PATCH] nas: use MME security header when receiving identity request this basically avoids sending a integrity protected or ciphered identity response to a plain identity request --- srsue/src/stack/upper/nas.cc | 1 + 1 file changed, 1 insertion(+) diff --git a/srsue/src/stack/upper/nas.cc b/srsue/src/stack/upper/nas.cc index b77237900..45001c0e2 100644 --- a/srsue/src/stack/upper/nas.cc +++ b/srsue/src/stack/upper/nas.cc @@ -1359,6 +1359,7 @@ void nas::parse_identity_request(unique_byte_buffer_t pdu, const uint8_t sec_hdr // do not respond if request is not protected (TS 24.301 Sec. 4.4.4.2) if (sec_hdr_type >= LIBLTE_MME_SECURITY_HDR_TYPE_INTEGRITY || (sec_hdr_type == LIBLTE_MME_SECURITY_HDR_TYPE_PLAIN_NAS && id_req.id_type == LIBLTE_MME_MOBILE_ID_TYPE_IMSI)) { + current_sec_hdr = sec_hdr_type; // use MME protection level until security (re-)activation send_identity_response(id_req.id_type); } else { nas_log->info("Not sending identity response due to missing integrity protection.\n");