clarify code for checking security context
This commit is contained in:
Sukchan Lee
parent
bd6777f7b0
commit
0c6abd3501
|
|
@ -126,32 +126,19 @@ void emm_handle_attach_request(
|
|||
|
||||
d_info("[NAS] Attach request : IMSI[%s] --> EMM", imsi_bcd);
|
||||
|
||||
if (!mme_ue->security_context_available)
|
||||
if (SECURITY_CONTEXT_IS_VALID(mme_ue))
|
||||
{
|
||||
/* Initiate HSS Auth Process if No Security Context */
|
||||
mme_s6a_send_air(mme_ue);
|
||||
emm_handle_attach_accept(mme_ue);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* if Security Context is Existed */
|
||||
if (!mme_ue->mac_failed)
|
||||
if (MME_SESSION_IS_CREATED(mme_ue))
|
||||
{
|
||||
/* MAC verified */
|
||||
emm_handle_attach_accept(mme_ue);
|
||||
emm_handle_delete_session_request(mme_ue);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* if MAC integrity Failed */
|
||||
if (MME_SESSION_IS_CREATED(mme_ue))
|
||||
{
|
||||
/* Initiate Delete Session if Session is Created */
|
||||
emm_handle_delete_session_request(mme_ue);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* Initiate HSS Auth Process if No Session */
|
||||
mme_s6a_send_air(mme_ue);
|
||||
}
|
||||
mme_s6a_send_air(mme_ue);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -179,32 +166,19 @@ void emm_handle_attach_request(
|
|||
if (MME_UE_HAVE_IMSI(mme_ue))
|
||||
{
|
||||
/* Known GUTI */
|
||||
if (!mme_ue->security_context_available)
|
||||
if (SECURITY_CONTEXT_IS_VALID(mme_ue))
|
||||
{
|
||||
/* Initiate HSS Auth Process if No Security Context */
|
||||
mme_s6a_send_air(mme_ue);
|
||||
emm_handle_attach_accept(mme_ue);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* if Security Context is Existed */
|
||||
if (!mme_ue->mac_failed)
|
||||
if (MME_SESSION_IS_CREATED(mme_ue))
|
||||
{
|
||||
/* MAC verified */
|
||||
emm_handle_attach_accept(mme_ue);
|
||||
emm_handle_delete_session_request(mme_ue);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* if MAC integrity Failed */
|
||||
if (MME_SESSION_IS_CREATED(mme_ue))
|
||||
{
|
||||
/* Initiate Delete Session if Session is Created */
|
||||
emm_handle_delete_session_request(mme_ue);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* Initiate HSS Auth Process if No Session */
|
||||
mme_s6a_send_air(mme_ue);
|
||||
}
|
||||
mme_s6a_send_air(mme_ue);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -288,32 +262,19 @@ void emm_handle_identity_response(
|
|||
return;
|
||||
}
|
||||
|
||||
if (!mme_ue->security_context_available)
|
||||
if (SECURITY_CONTEXT_IS_VALID(mme_ue))
|
||||
{
|
||||
/* Initiate HSS Auth Process if No Security Context */
|
||||
mme_s6a_send_air(mme_ue);
|
||||
emm_handle_attach_accept(mme_ue);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* if Security Context is Existed */
|
||||
if (!mme_ue->mac_failed)
|
||||
if (MME_SESSION_IS_CREATED(mme_ue))
|
||||
{
|
||||
/* MAC verified */
|
||||
emm_handle_attach_accept(mme_ue);
|
||||
emm_handle_delete_session_request(mme_ue);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* if MAC integrity Failed */
|
||||
if (MME_SESSION_IS_CREATED(mme_ue))
|
||||
{
|
||||
/* Initiate Delete Session if Session is Created */
|
||||
emm_handle_delete_session_request(mme_ue);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* Initiate HSS Auth Process if No Session */
|
||||
mme_s6a_send_air(mme_ue);
|
||||
}
|
||||
mme_s6a_send_air(mme_ue);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -737,17 +698,7 @@ void emm_handle_delete_session_response(mme_bearer_t *bearer)
|
|||
enb_ue_t *enb_ue = mme_ue->enb_ue;
|
||||
d_assert(enb_ue, return, "Null param");
|
||||
|
||||
if (mme_ue->security_context_available && mme_ue->mac_failed)
|
||||
{
|
||||
mme_s6a_send_air(mme_ue);
|
||||
}
|
||||
else
|
||||
{
|
||||
d_error("invalid security parameter"
|
||||
"(available:%d, mac_failed:%d)",
|
||||
mme_ue->security_context_available,
|
||||
mme_ue->mac_failed);
|
||||
}
|
||||
mme_s6a_send_air(mme_ue);
|
||||
break;
|
||||
}
|
||||
default:
|
||||
|
|
|
|||
|
|
@ -152,11 +152,19 @@ struct _mme_ue_t {
|
|||
#endif
|
||||
plmn_id_t visited_plmn_id;
|
||||
|
||||
/* Security Context Status */
|
||||
#define SECURITY_CONTEXT_IS_VALID(mme) \
|
||||
((mme) && \
|
||||
((mme)->security_context_available == 1) && ((mme)->mac_failed == 0))
|
||||
#define CLEAR_SECURITY_CONTEXT(mme) \
|
||||
do { \
|
||||
d_assert((mme), break, "Null param"); \
|
||||
(mme)->security_context_available = 0; \
|
||||
(mme)->mac_failed = 0; \
|
||||
} while(0)
|
||||
int security_context_available;
|
||||
int mac_failed; /* Last NAS Authentication state */
|
||||
int mac_failed;
|
||||
|
||||
/* Security Context Parameter */
|
||||
/* Security Context */
|
||||
nas_ue_network_capability_t ue_network_capability;
|
||||
nas_ms_network_capability_t ms_network_capability;
|
||||
c_uint8_t xres[MAX_RES_LEN];
|
||||
|
|
|
|||
|
|
@ -154,9 +154,8 @@ int mme_s6a_send_air(mme_ue_t *mme_ue)
|
|||
enb_ue = mme_ue->enb_ue;
|
||||
d_assert(enb_ue, return -1, "Null Param");
|
||||
|
||||
/* Reset Security Parameter */
|
||||
mme_ue->security_context_available = 0;
|
||||
mme_ue->mac_failed = 0;
|
||||
/* Clear Security Context */
|
||||
CLEAR_SECURITY_CONTEXT(mme_ue);
|
||||
|
||||
/* Create the random value to store with the session */
|
||||
pool_alloc_node(&sess_state_pool, &mi);
|
||||
|
|
|
|||
Loading…
Reference in New Issue