sysmocom
/
open5gs
forked from acouzens/open5gs
11
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix the #384 issue bug 

If Initial UE Message with Service Request is received and
   There is no Session Context
     (e.g due to UEContextReleaseRequest or InitialContextSetupFailure)
MME will sends Service Reject NAS message.
This commit is contained in:
Sukchan Lee 2020-03-25 14:02:06 -04:00
parent 1225d1f1d5
commit 9c150253d9
3 changed files with 339 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/mme/emm-sm.c
View File

@ -143,6 +143,14 @@ static void common_register_state(ogs_fsm_t *s, mme_event_t *e)
return;
}
if (!SESSION_CONTEXT_IS_AVAILABLE(mme_ue)) {
ogs_warn("No Session Context : IMSI[%s]", mme_ue->imsi_bcd);
nas_send_service_reject(mme_ue,
EMM_CAUSE_UE_IDENTITY_CANNOT_BE_DERIVED_BY_THE_NETWORK);
OGS_FSM_TRAN(s, &emm_state_exception);
return;
}
s1ap_send_initial_context_setup_request(mme_ue);
return;
}

18
tests/app/test-packet.c
View File

@ -1276,6 +1276,7 @@ int tests1ap_build_initial_context_setup_failure(ogs_pkbuf_t **pkbuf, int i)
/* 21 */
"4009001500000300 00400200d0000840 0200d00002400203 40",
"4009001500000300 00400200d2000840 0200d20002400203 40",
};
uint16_t len[TESTS1AP_MAX_MESSAGE] = {
25,
@ -1308,7 +1309,7 @@ int tests1ap_build_initial_context_setup_failure(ogs_pkbuf_t **pkbuf, int i)
/* 21 */
25,
0,
25,
0,
};
char hexbuf[OGS_MAX_SDU_LEN];
@ -1379,7 +1380,7 @@ int tests1ap_build_attach_complete(ogs_pkbuf_t **pkbuf, int i)
/* 21 */
"",
"000d403700000500 00000200d1000800 0200d1001a000e0d 277c78c659010743"
"000d403700000500 00000200d1000800 0200d1001a000e0d 27f6962d51010743"
"00035200c2006440 080064f013000640 10004340060064f0 130002",
"",
};
@ -1584,6 +1585,10 @@ int tests1ap_build_ue_context_release_request(ogs_pkbuf_t **pkbuf, int i)
"0012401500000300 0000020001000800 0200010002400202 80",
"0012401500000300 0000020002000800 0200020002400202 e0",
"0012401700000300 00000200f8000800 048003e993000240 0202e0",
/* 21 */
"0012401500000300 00000200d1000800 0200d10002400202 80",
"0012401500000300 00000200d2000800 0200d20002400202 80",
};
uint16_t len[TESTS1AP_MAX_MESSAGE] = {
28,
@ -1613,6 +1618,10 @@ int tests1ap_build_ue_context_release_request(ogs_pkbuf_t **pkbuf, int i)
25,
25,
27,
25,
25,
0,
};
char hexbuf[OGS_MAX_SDU_LEN];
@ -1669,7 +1678,8 @@ int tests1ap_build_ue_context_release_complete(ogs_pkbuf_t **pkbuf, int i)
/* 21 */
"2017000f00000200 00400200d0000840 0200d0",
"",
"2017000f00000200 00400200d1000840 0200d1",
"2017000f00000200 00400200d3000840 0200d3",
};
uint16_t len[TESTS1AP_MAX_MESSAGE] = {
23,
@ -1703,7 +1713,7 @@ int tests1ap_build_ue_context_release_complete(ogs_pkbuf_t **pkbuf, int i)
/* 21 */
19,
19,
0,
19,
};
char hexbuf[OGS_MAX_SDU_LEN];

324
tests/simple/crash-test.c
View File

@ -102,7 +102,7 @@ static void crash_test1(abts_case *tc, void *data)
doc = bson_new_from_json((const uint8_t *)json, -1, &error);;
ABTS_PTR_NOTNULL(tc, doc);
ABTS_TRUE(tc, mongoc_collection_insert(collection,
ABTS_TRUE(tc, mongoc_collection_insert(collection,
MONGOC_INSERT_NONE, doc, NULL, &error));
bson_destroy(doc);
@ -147,15 +147,15 @@ static void crash_test1(abts_case *tc, void *data)
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send Security mode Complete */
rv = tests1ap_build_security_mode_complete(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Initial Context Setup Request +
* Attach Accept +
/* Receive Initial Context Setup Request +
* Attach Accept +
* Activate Default Bearer Context Request */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
@ -209,7 +209,7 @@ static void crash_test1(abts_case *tc, void *data)
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Initial Context Setup Request +
* Attach Accept +
* Attach Accept +
* Activate Default Bearer Context Request */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
@ -260,8 +260,317 @@ static void crash_test1(abts_case *tc, void *data)
doc = BCON_NEW("imsi", BCON_UTF8("311980000000725"));
ABTS_PTR_NOTNULL(tc, doc);
ABTS_TRUE(tc, mongoc_collection_remove(collection,
MONGOC_REMOVE_SINGLE_REMOVE, doc, NULL, &error))
ABTS_TRUE(tc, mongoc_collection_remove(collection,
MONGOC_REMOVE_SINGLE_REMOVE, doc, NULL, &error))
bson_destroy(doc);
mongoc_collection_destroy(collection);
/* eNB disonncect from MME */
testenb_s1ap_close(s1ap);
}
static void crash_test2(abts_case *tc, void *data)
{
int rv;
ogs_socknode_t *s1ap;
ogs_pkbuf_t *sendbuf;
ogs_pkbuf_t *recvbuf;
ogs_s1ap_message_t message;
int i;
int msgindex = 21;
enb_ue_t *enb_ue = NULL;
mme_ue_t *mme_ue = NULL;
uint32_t m_tmsi = 0;
mongoc_collection_t *collection = NULL;
int64_t count = 0;
bson_t *doc = NULL;
bson_error_t error;
const char *json =
"{"
"\"_id\" : { \"$oid\" : \"597223158b8861d7605378c6\" }, "
"\"imsi\" : \"311980000000725\", "
"\"pdn\" : ["
"{"
"\"apn\" : \"internet\", "
"\"_id\" : { \"$oid\" : \"597223158b8861d7605378c7\" }, "
"\"ambr\" : {"
"\"uplink\" : { \"$numberLong\" : \"1024000\" }, "
"\"downlink\" : { \"$numberLong\" : \"1024000\" } "
"},"
"\"qos\" : { "
"\"qci\" : 9, "
"\"arp\" : { "
"\"priority_level\" : 8,"
"\"pre_emption_vulnerability\" : 1, "
"\"pre_emption_capability\" : 1"
"} "
"}, "
"\"type\" : 2"
"}"
"],"
"\"ambr\" : { "
"\"uplink\" : { \"$numberLong\" : \"1024000\" }, "
"\"downlink\" : { \"$numberLong\" : \"1024000\" } "
"},"
"\"subscribed_rau_tau_timer\" : 12,"
"\"network_access_mode\" : 2, "
"\"subscriber_status\" : 0, "
"\"access_restriction_data\" : 32, "
"\"security\" : { "
"\"k\" : \"465B5CE8 B199B49F AA5F0A2E E238A6BC\", "
"\"opc\" : \"E8ED289D EBA952E4 283B54E8 8E6183CA\", "
"\"amf\" : \"8000\", "
"\"sqn\" : { \"$numberLong\" : \"64\" }, "
"\"rand\" : \"2AE4FC02 1DD4D1C2 E0A277C2 317C2E67\" "
"}, "
"\"__v\" : 0 "
"}";
uint8_t tmp[OGS_MAX_SDU_LEN];
/* eNB connects to MME */
s1ap = testenb_s1ap_client("127.0.0.1");
ABTS_PTR_NOTNULL(tc, s1ap);
/* Send S1-Setup Reqeust */
rv = tests1ap_build_setup_req(
&sendbuf, S1AP_ENB_ID_PR_macroENB_ID, 0x002343d, 12345, 1, 1, 2);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive S1-Setup Response */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
rv = ogs_s1ap_decode(&message, recvbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
ogs_s1ap_free(&message);
ogs_pkbuf_free(recvbuf);
collection = mongoc_client_get_collection(
ogs_mongoc()->client, ogs_mongoc()->name, "subscribers");
ABTS_PTR_NOTNULL(tc, collection);
/********** Insert Subscriber in Database */
doc = bson_new_from_json((const uint8_t *)json, -1, &error);;
ABTS_PTR_NOTNULL(tc, doc);
ABTS_TRUE(tc, mongoc_collection_insert(collection,
MONGOC_INSERT_NONE, doc, NULL, &error));
bson_destroy(doc);
doc = BCON_NEW("imsi", BCON_UTF8("311980000000725"));
ABTS_PTR_NOTNULL(tc, doc);
do {
count = mongoc_collection_count (
collection, MONGOC_QUERY_NONE, doc, 0, 0, NULL, &error);
} while (count == 0);
bson_destroy(doc);
/* Send Attach Request */
mme_self()->mme_ue_s1ap_id = 207;
rv = tests1ap_build_initial_ue_msg(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Identity Request */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send Identity Response */
rv = tests1ap_build_identity_response(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Authentication Request */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send Authentication Response */
rv = tests1ap_build_authentication_response(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Security mode Command */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send Security mode Complete */
rv = tests1ap_build_security_mode_complete(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Initial Context Setup Request +
* Attach Accept +
* Activate Default Bearer Context Request */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send UE Capability Info Indication */
rv = tests1ap_build_ue_capability_info_indication(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
msgindex = 22;
/* Send Attach Request */
rv = tests1ap_build_initial_ue_msg(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Identity Request */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send Identity Response */
rv = tests1ap_build_identity_response(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Authentication Request */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send Authentication Response */
rv = tests1ap_build_authentication_response(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Security mode Command */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send Security mode Complete */
rv = tests1ap_build_security_mode_complete(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Initial Context Setup Request +
* Attach Accept +
* Activate Default Bearer Context Request */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send UE Capability Info Indication */
rv = tests1ap_build_ue_capability_info_indication(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Send Attach Complete + Activate default EPS bearer cotext accept */
rv = tests1ap_build_attach_complete(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Send Initial Context Setup Response */
rv = tests1ap_build_initial_context_setup_response(&sendbuf,
209, 209, 5, 0x01001908, "127.0.0.5");
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive EMM information */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Retreive M-TMSI */
enb_ue = enb_ue_find_by_mme_ue_s1ap_id(209);
ogs_assert(enb_ue);
mme_ue = enb_ue->mme_ue;
ogs_assert(mme_ue);
m_tmsi = mme_ue->guti.m_tmsi;
/* Send UE Context Release Request */
rv = tests1ap_build_ue_context_release_request(&sendbuf, msgindex-1);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive UE Context Release Command */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send UE Context Release Complete */
rv = tests1ap_build_ue_context_release_complete(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Send Service Request */
rv = tests1ap_build_service_request(&sendbuf, 0x00d200, 4, 0xef95, m_tmsi);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Initial Context Setup Response */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send Initial Context Setup Failure */
rv = tests1ap_build_initial_context_setup_failure(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Send UE Context Release Request */
rv = tests1ap_build_ue_context_release_request(&sendbuf, msgindex);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive UE Context Release Command */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send Service Request */
rv = tests1ap_build_service_request(&sendbuf, 0x00d300, 4, 0xef95, m_tmsi);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
/* Receive Service Reject */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Receive UE Context Release Command */
recvbuf = testenb_s1ap_read(s1ap);
ABTS_PTR_NOTNULL(tc, recvbuf);
ogs_pkbuf_free(recvbuf);
/* Send UE Context Release Complete */
rv = tests1ap_build_ue_context_release_complete(&sendbuf, msgindex+1);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
rv = testenb_s1ap_send(s1ap, sendbuf);
ABTS_INT_EQUAL(tc, OGS_OK, rv);
doc = BCON_NEW("imsi", BCON_UTF8("311980000000725"));
ABTS_PTR_NOTNULL(tc, doc);
ABTS_TRUE(tc, mongoc_collection_remove(collection,
MONGOC_REMOVE_SINGLE_REMOVE, doc, NULL, &error))
bson_destroy(doc);
mongoc_collection_destroy(collection);
@ -275,6 +584,7 @@ abts_suite *test_crash(abts_suite *suite)
suite = ADD_SUITE(suite)
abts_run_test(suite, crash_test1, NULL);
abts_run_test(suite, crash_test2, NULL);
return suite;
}