diff --git a/epdg/EPDG_Tests.ttcn b/epdg/EPDG_Tests.ttcn index 1742fd7b5..06695760e 100644 --- a/epdg/EPDG_Tests.ttcn +++ b/epdg/EPDG_Tests.ttcn @@ -472,7 +472,8 @@ private altstep as_DIA_SWx_SA_success(template (present) CxDx_3GPP_Server_Assign } /* Send PPR as HSS to AAA server, expect back PPA */ -private function f_DIA_SWx_PP(template (present) GenericAVP exp_result_tmpl := tr_AVP_ResultCode(DIAMETER_SUCCESS)) runs on EPDG_ConnHdlr { +private function f_DIA_SWx_PP(template (present) GenericAVP exp_result_tmpl := tr_AVP_ResultCode(DIAMETER_SUCCESS), + boolean exp_aaa_proc := true) runs on EPDG_ConnHdlr { var PDU_DIAMETER rx_dia; var UINT32 hbh_id := f_rnd_octstring(4); var UINT32 ete_id := f_rnd_octstring(4); @@ -489,6 +490,24 @@ private function f_DIA_SWx_PP(template (present) GenericAVP exp_result_tmpl := t hbh_id := hbh_id, ete_id := ete_id)); + if (exp_aaa_proc) { + /* TODO: in successful case, we want to validate how this prcoedure extends to other interfaces: + * """ 3GPP TS 29.273 8.1.2.3.3: + * After a successful user profile download, the 3GPP AAA Server shall + * initiate re-authentication procedure as described + * in clause 7.2.2.4 if the subscriber has previously been authenticated + * and authorized to untrusted non-3GPP access. + * """ + */ + /* TS 29.273 9.1.2.5.1: + *"The Service Authorization Information Update procedure is performed in two steps: + * step 1: */ + as_DIA_S6b_RA_success(); + /* step 2 */ + /* Since PGW Address didn't change, expect no SAR+SAA triggered as a consequence to AAR+AAA. */ + f_S6b_AA_success(exp_swx_sa_proc := false); + } + alt { [] SWx.receive(tr_DIA_SWx_PPA(exp_result_tmpl, hbh_id := hbh_id, ete_id := ete_id)) -> value rx_dia {} [] SWx.receive(PDU_DIAMETER:?) -> value rx_dia { @@ -536,7 +555,7 @@ private function f_DIA_SWx_RT(template (value) CxDx_3GPP_Reason_Code reason_code /* Send AAR as PGW to AAA server, expect back AAA */ -private function f_S6b_AA_success() runs on EPDG_ConnHdlr { +private function f_S6b_AA_success(boolean exp_swx_sa_proc := true) runs on EPDG_ConnHdlr { var PDU_DIAMETER rx_dia; var UINT32 hbh_id := f_rnd_octstring(4); var UINT32 ete_id := f_rnd_octstring(4); @@ -555,8 +574,10 @@ private function f_S6b_AA_success() runs on EPDG_ConnHdlr { pgw_addr, hbh_id := hbh_id, ete_id := ete_id)); - /* AAR in S6b in AAA-Server triggers Service-Assignment Request/Answer towards HSS: */ - as_DIA_SWx_SA_success(); + if (exp_swx_sa_proc) { + /* AAR in S6b in AAA-Server triggers Service-Assignment Request/Answer towards HSS: */ + as_DIA_SWx_SA_success(); + } alt { [] S6b.receive(tr_DIA_S6b_AAA) -> value rx_dia {} @@ -587,6 +608,25 @@ private function f_S6b_ST_success() runs on EPDG_ConnHdlr { } } +/* Diameter S6b RAR + RAA, TS 29.273 9.1.2.5. */ +private altstep as_DIA_S6b_RA_success() runs on EPDG_ConnHdlr { + var PDU_DIAMETER rx_dia; + var template (omit) AVP avp; + var octetstring sess_id; + [] S6b.receive(tr_DIA_S6b_RAR(f_nai())) -> value rx_dia { + avp := f_DIAMETER_get_avp(rx_dia, c_AVP_Code_BASE_NONE_Session_Id); + sess_id := valueof(avp.avp_data.avp_BASE_NONE_Session_Id); + S6b.send(ts_DIA_S6b_RAA(DIAMETER_SUCCESS, + sess_id := sess_id, + hbh_id := rx_dia.hop_by_hop_id, + ete_id := rx_dia.end_to_end_id)); + setverdict(pass); + } + [] S6b.receive(PDU_DIAMETER:?) -> value rx_dia { + Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, log2str("Unexpected Diameter S6b msg rx: ", rx_dia)); + } +} + /* Diameter S6b ASR + ASA, TS 29.273 9.1.2.3.4. */ private altstep as_DIA_S6b_AS_success() runs on EPDG_ConnHdlr { var PDU_DIAMETER rx_dia; @@ -602,7 +642,7 @@ private altstep as_DIA_S6b_AS_success() runs on EPDG_ConnHdlr { setverdict(pass); } [] S6b.receive(PDU_DIAMETER:?) -> value rx_dia { - Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, log2str("Unexpected Diameter msg rx: ", rx_dia)); + Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, log2str("Unexpected Diameter S6b msg rx: ", rx_dia)); } } @@ -1188,7 +1228,8 @@ testcase TC_hss_initiated_update_user_profile() runs on MTC_CT { */ private function f_TC_hss_initiated_update_user_profile_unknown(charstring id) runs on EPDG_ConnHdlr { var DIAMETER_ts29_229_ExperimentalResultcode erc := DIAMETER_ERROR_USER_UNKNOWN; - f_DIA_SWx_PP(tr_AVP_ExperimentalResult(vendor_id_3GPP, int2oct(enum2int(erc), 4))); + f_DIA_SWx_PP(tr_AVP_ExperimentalResult(vendor_id_3GPP, int2oct(enum2int(erc), 4)), + exp_aaa_proc := false); } testcase TC_hss_initiated_update_user_profile_unknown() runs on MTC_CT { var EPDG_ConnHdlrPars pars := f_init_pars(); diff --git a/library/DIAMETER_Templates.ttcn b/library/DIAMETER_Templates.ttcn index 933c97b4a..71485132e 100644 --- a/library/DIAMETER_Templates.ttcn +++ b/library/DIAMETER_Templates.ttcn @@ -1144,6 +1144,23 @@ template (present) GenericAVP tr_AVP_AuthRequestType(template (present) BASE_NON } } +/* RFC6733 8.12. Re-Auth-Request-Type AVP */ +template (value) GenericAVP ts_AVP_ReAuthRequestType(BASE_NONE_Re_Auth_Request_Type reauth_req_type) := { + avp := { + avp_header := ts_DIA_Hdr(c_AVP_Code_BASE_NONE_Re_Auth_Request_Type, '00000000'B), + avp_data := { + avp_BASE_NONE_Re_Auth_Request_Type := reauth_req_type + } + } +} +template (present) GenericAVP tr_AVP_ReAuthRequestType(template (present) BASE_NONE_Re_Auth_Request_Type reauth_req_type) := { + avp := { + avp_header := tr_DIA_Hdr(c_AVP_Code_BASE_NONE_Re_Auth_Request_Type), + avp_data := { + avp_BASE_NONE_Re_Auth_Request_Type := reauth_req_type + } + } +} /* 5.3.1 Capabilities Exchange Request */ template (value) PDU_DIAMETER diff --git a/library/DIAMETER_ts29_273_Templates.ttcn b/library/DIAMETER_ts29_273_Templates.ttcn index dcb5a314f..6ed00ffb1 100644 --- a/library/DIAMETER_ts29_273_Templates.ttcn +++ b/library/DIAMETER_ts29_273_Templates.ttcn @@ -623,4 +623,55 @@ ts_DIA_S6b_ASA(template (value) DIAMETER_Resultcode res_code := DIAMETER_SUCCESS ts_AVP_OriginRealm(orig_realm) }); +/* TS 29.273 9.2.2.6.1 Re-Auth-Request (RAR) + * TS 29.273 Table 9.1.2.5.1/1: S6b Re-authorization request */ +template (present) PDU_DIAMETER +tr_DIA_S6b_RAR(template (present) charstring username_nai := ?, + template (present) octetstring sess_id := ?, + template (present) charstring orig_host := ?, + template (present) charstring orig_realm := ?, + template (present) charstring dest_realm := ?, + template (present) charstring dest_host := ?, + template (present) UINT32 hbh_id := ?, + template (present) UINT32 ete_id := ?) := + tr_DIAMETER(flags := '1???????'B, + cmd_code := Re_Auth, + app_id := int2oct(c_DIAMETER_3GPP_S6b_AID, 4), + hbh_id := hbh_id, + ete_id := ete_id, + avps := superset( + tr_AVP_SessionId(sess_id), + /* Optional: DRMP, */ + tr_AVP_OriginHost(orig_host), + tr_AVP_OriginRealm(orig_realm), + tr_AVP_DestinationRealm(dest_realm), + tr_AVP_DestinationHost(dest_host), + tr_AVP_AuthAppId(int2oct(c_DIAMETER_3GPP_S6b_AID, 4)), + tr_AVP_ReAuthRequestType(AUTHORIZE_ONLY), + tr_AVP_UserName(char2oct_tmpl_present(username_nai)) + /* Optional: RAR-Flags, */ + )); + +/* TS 29.273 9.2.2.6.2 Re-Auth-Answer (RAA) + * TS 29.273 Table 9.1.2.5.1/2: S6b Re-authorization response */ +template (value) PDU_DIAMETER +ts_DIA_S6b_RAA(template (value) DIAMETER_Resultcode res_code := DIAMETER_SUCCESS, + template (value) octetstring sess_id := c_def_sess_id, + template (value) charstring orig_host := "aaa.localdomain", + template (value) charstring orig_realm := "localdomain", + template (value) charstring dest_realm := "localdomain", + template (value) UINT32 hbh_id := '00000000'O, + template (value) UINT32 ete_id := '00000000'O) := + ts_DIAMETER(flags := '01000000'B, + cmd_code := Re_Auth, + app_id := int2oct(c_DIAMETER_3GPP_S6b_AID, 4), + hbh_id := hbh_id, ete_id := ete_id, + avps := { + ts_AVP_SessionId(sess_id), + /* Optional: DRMP, */ + ts_AVP_ResultCode(res_code), + ts_AVP_OriginHost(orig_host), + ts_AVP_OriginRealm(orig_realm) + }); + }