Authentication failure should be handled based on EMM_CAUSE(#17)

* Synch failure(EMM_CAUSE:21) - Re-authorization. Send authentication request again. * MAC failure(EMM_CAUSE:20) - Send Authentication Reject - Send UE Context Release Command * Non-EPS authentication failure(EMM_CAUSE:26) - Send Authentication Reject - Send UE Context Release Command * Others - Send Authentication Reject - Send UE Context Release Command
2018-02-07 14:12:40 +09:00 · 2018-02-07 14:12:40 +09:00 · f904b63053
parent 7769ded65a
commit f904b63053
4 changed files with 65 additions and 11 deletions
--- a/src/mme/emm_sm.c
+++ b/src/mme/emm_sm.c
@ -417,9 +417,33 @@ void emm_state_authentication(fsm_t *s, event_t *e)
                                authentication_failure_parameter;

                    d_trace(3, "[EMM] Authentication failure\n");
-                    d_trace(5, "    IMSI[%s]\n", mme_ue->imsi_bcd);
+                    d_trace(5, "    IMSI[%s] EMM_CAUSE[%d]\n", mme_ue->imsi_bcd,
+                            authentication_failure->emm_cause);

-                    mme_s6a_send_air(mme_ue, authentication_failure_parameter);
+                    switch(authentication_failure->emm_cause)
+                    {
+                        case EMM_CAUSE_MAC_FAILURE:
+                            d_error("Authentication failure(MAC failure)");
+                            break;
+                        case EMM_CAUSE_NON_EPS_AUTHENTICATION_UNACCEPTABLE:
+                            d_error("Authentication failure"
+                                    "(Non-EPS authentication unacceptable)");
+                            break;
+                        case EMM_CAUSE_SYNCH_FAILURE:
+                            d_warn("Authentication failure(Synch failure)");
+                            mme_s6a_send_air(mme_ue,
+                                    authentication_failure_parameter);
+                            return;
+                        default:
+                            d_error("Unknown EMM_CAUSE{%d] in Authentication"
+                                    " failure",
+                                    authentication_failure->emm_cause);
+                            break;
+                    }
+
+                    rv = nas_send_authentication_reject(mme_ue);
+                    d_assert(rv == CORE_OK,, "nas send error");
+                    FSM_TRAN(&mme_ue->sm, &emm_state_exception);
                    break;
                }
                case NAS_EMM_STATUS:
--- a/src/mme/s1ap_handler.c
+++ b/src/mme/s1ap_handler.c
@ -244,7 +244,8 @@ void s1ap_handle_uplink_nas_transport(
            CORE_ADDR(enb->addr, buf), enb->enb_id);

    enb_ue = enb_ue_find_by_enb_ue_s1ap_id(enb, ies->eNB_UE_S1AP_ID);
-    d_assert(enb_ue, return, "No UE Context[%d]", ies->eNB_UE_S1AP_ID);
+    d_assert(enb_ue, return, "No UE Context[ENB_UE_S1AP_ID:%d]",
+            ies->eNB_UE_S1AP_ID);

    d_trace(5, "    ENB_UE_S1AP_ID[%d] MME_UE_S1AP_ID[%d]\n",
            enb_ue->enb_ue_s1ap_id, enb_ue->mme_ue_s1ap_id);
--- a/test/basic/attach_test.c
+++ b/test/basic/attach_test.c
@ -784,7 +784,7 @@ static void attach_test2(abts_case *tc, void *data)
    pkbuf_free(recvbuf);

    /* Send Authentication Authentication Failure */
-    rv = tests1ap_build_authentication_failure(&sendbuf, msgindex+2);
+    rv = tests1ap_build_authentication_failure(&sendbuf, msgindex);
    ABTS_INT_EQUAL(tc, CORE_OK, rv);
    rv = tests1ap_enb_send(sock, sendbuf);
    ABTS_INT_EQUAL(tc, CORE_OK, rv);
@ -795,6 +795,32 @@ static void attach_test2(abts_case *tc, void *data)
    ABTS_INT_EQUAL(tc, CORE_OK, rv);
    pkbuf_free(recvbuf);

+    d_log_set_level(D_MSG_TO_STDOUT, D_LOG_LEVEL_FATAL);
+    /* Send Authentication Authentication Failure */
+    rv = tests1ap_build_authentication_failure(&sendbuf, msgindex+1);
+    ABTS_INT_EQUAL(tc, CORE_OK, rv);
+    rv = tests1ap_enb_send(sock, sendbuf);
+    ABTS_INT_EQUAL(tc, CORE_OK, rv);
+
+    /* Receive Authentication Reject */
+    recvbuf = pkbuf_alloc(0, MAX_SDU_LEN);
+    rv = tests1ap_enb_read(sock, recvbuf);
+    ABTS_INT_EQUAL(tc, CORE_OK, rv);
+    pkbuf_free(recvbuf);
+
+    /* Receive UE Context Release Command */
+    recvbuf = pkbuf_alloc(0, MAX_SDU_LEN);
+    rv = tests1ap_enb_read(sock, recvbuf);
+    ABTS_INT_EQUAL(tc, CORE_OK, rv);
+    pkbuf_free(recvbuf);
+    d_log_set_level(D_MSG_TO_STDOUT, D_LOG_LEVEL_ERROR);
+
+    /* Send UE Context Release Complete */
+    rv = tests1ap_build_ue_context_release_complete(&sendbuf, msgindex+2);
+    ABTS_INT_EQUAL(tc, CORE_OK, rv);
+    rv = tests1ap_enb_send(sock, sendbuf);
+    ABTS_INT_EQUAL(tc, CORE_OK, rv);
+
    core_sleep(time_from_msec(300));

    doc = BCON_NEW("imsi", BCON_UTF8("001010123456826"));
--- a/test/common/testpacket.c
+++ b/test/common/testpacket.c
@ -409,11 +409,14 @@ status_t tests1ap_build_authentication_failure(pkbuf_t **pkbuf, int i)
        "",
        "",

-        "",
-        "",
        "000d"
-        "403d000005000000 0200030008000200 21001a001413075c 15300e 61640edcfb"
+        "403d000005000000 0200030008000200 21001a001413075c 15300e61640edcfb"
        "605d25911423ee1f 9e006440080000f1 100019b010004340 060000f1100001",
+        "000d"
+        "402e000005000000 0200030008000300 2100001a00040307 5c14006440080000"
+        "f1101a2d10100043 40060000f1100001",
+        "",
+

        "",
        "",
@ -430,9 +433,9 @@ status_t tests1ap_build_authentication_failure(pkbuf_t **pkbuf, int i)
        0,
        0,

-        0,
-        0,
        65,
+        50,
+        0,

        0,
        0,
@ -957,7 +960,7 @@ status_t tests1ap_build_ue_context_release_complete(pkbuf_t **pkbuf, int i)

        "2017001300000200 004005c00100009d 00084003400001",
        "",
-        "",
+        "2017001300000200 004005c000000003 00084003400021",

        "2017"
        "0012000002000040 05c0020000c80008 40020002",
@ -985,7 +988,7 @@ status_t tests1ap_build_ue_context_release_complete(pkbuf_t **pkbuf, int i)

        23,
        0,
-        0,
+        23,

        22,
        22,