summaryrefslogtreecommitdiffstats
path: root/openbsc
diff options
context:
space:
mode:
authorNeels Hofmeyr <nhofmeyr@sysmocom.de>2016-03-30 11:22:24 +0200
committerHarald Welte <laforge@gnumonks.org>2016-03-31 11:56:00 +0200
commit37984bdb1b507446421e5aa6131ccdf117dd269f (patch)
treee7dea62884366f31181d35f85f9d15b3c5871114 /openbsc
parent56ea30ff3f9f98a4903d060196b185ce124d7eaa (diff)
Add MM Auth test; add auth_action_str() function
Add basic MM Authentication test setup, with fake DB access and RAND_bytes(). So far implement simple tests for IO error during DB access and missing auth entry. To print the auth action during tests, add struct auth_action_names and auth_action_str() inline function in auth.[hc].
Diffstat (limited to 'openbsc')
-rw-r--r--openbsc/.gitignore1
-rw-r--r--openbsc/configure.ac1
-rw-r--r--openbsc/include/openbsc/auth.h8
-rw-r--r--openbsc/src/libmsc/auth.c9
-rw-r--r--openbsc/tests/Makefile.am2
-rw-r--r--openbsc/tests/mm_auth/Makefile.am21
-rw-r--r--openbsc/tests/mm_auth/mm_auth_test.c119
-rw-r--r--openbsc/tests/mm_auth/mm_auth_test.ok8
-rw-r--r--openbsc/tests/testsuite.at7
9 files changed, 175 insertions, 1 deletions
diff --git a/openbsc/.gitignore b/openbsc/.gitignore
index 55f4a3189..28fdcc8c4 100644
--- a/openbsc/.gitignore
+++ b/openbsc/.gitignore
@@ -80,6 +80,7 @@ tests/sgsn/sgsn_test
tests/subscr/subscr_test
tests/oap/oap_test
tests/gtphub/gtphub_test
+tests/mm_auth/mm_auth_test
tests/atconfig
tests/atlocal
diff --git a/openbsc/configure.ac b/openbsc/configure.ac
index 24dbc30f7..60601fe7a 100644
--- a/openbsc/configure.ac
+++ b/openbsc/configure.ac
@@ -216,6 +216,7 @@ AC_OUTPUT(
tests/subscr/Makefile
tests/oap/Makefile
tests/gtphub/Makefile
+ tests/mm_auth/Makefile
doc/Makefile
doc/examples/Makefile
Makefile)
diff --git a/openbsc/include/openbsc/auth.h b/openbsc/include/openbsc/auth.h
index d41d1419b..90495bb58 100644
--- a/openbsc/include/openbsc/auth.h
+++ b/openbsc/include/openbsc/auth.h
@@ -1,6 +1,8 @@
#ifndef _AUTH_H
#define _AUTH_H
+#include <osmocom/core/utils.h>
+
struct gsm_auth_tuple;
struct gsm_subscriber;
@@ -11,6 +13,12 @@ enum auth_action {
AUTH_DO_AUTH = 3, /* Only authentication, no ciphering */
};
+extern const struct value_string auth_action_names[];
+static inline const char *auth_action_str(enum auth_action a)
+{
+ return get_value_string(auth_action_names, a);
+}
+
int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
struct gsm_subscriber *subscr, int key_seq);
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c
index 65a9b03c4..85123167b 100644
--- a/openbsc/src/libmsc/auth.c
+++ b/openbsc/src/libmsc/auth.c
@@ -31,6 +31,15 @@
#include <stdlib.h>
+const struct value_string auth_action_names[] = {
+#define AUTH_ACTION_STR(X) { X, #X }
+ { -1, "(internal error)" }, /* soon to be fixed with an enum val */
+ AUTH_ACTION_STR(AUTH_NOT_AVAIL),
+ AUTH_ACTION_STR(AUTH_DO_AUTH_THEN_CIPH),
+ AUTH_ACTION_STR(AUTH_DO_CIPH),
+ AUTH_ACTION_STR(AUTH_DO_AUTH),
+#undef AUTH_ACTION_STR
+};
static int
_use_xor(struct gsm_auth_info *ainfo, struct gsm_auth_tuple *atuple)
diff --git a/openbsc/tests/Makefile.am b/openbsc/tests/Makefile.am
index 04b8e345f..09298a35c 100644
--- a/openbsc/tests/Makefile.am
+++ b/openbsc/tests/Makefile.am
@@ -1,4 +1,4 @@
-SUBDIRS = gsm0408 db channel mgcp gprs abis gbproxy trau subscr
+SUBDIRS = gsm0408 db channel mgcp gprs abis gbproxy trau subscr mm_auth
if BUILD_NAT
SUBDIRS += bsc-nat bsc-nat-trie
diff --git a/openbsc/tests/mm_auth/Makefile.am b/openbsc/tests/mm_auth/Makefile.am
new file mode 100644
index 000000000..516df0007
--- /dev/null
+++ b/openbsc/tests/mm_auth/Makefile.am
@@ -0,0 +1,21 @@
+AM_CPPFLAGS = $(all_includes) -I$(top_srcdir)/include
+AM_CFLAGS=-Wall \
+ $(LIBOSMOCORE_CFLAGS) \
+ $(LIBOSMOGSM_CFLAGS) \
+ $(LIBCRYPTO_CFLAGS)
+
+noinst_PROGRAMS = mm_auth_test
+
+EXTRA_DIST = mm_auth_test.ok
+
+mm_auth_test_SOURCES = mm_auth_test.c
+
+mm_auth_test_LDFLAGS = \
+ -Wl,--wrap=db_get_authinfo_for_subscr \
+ -Wl,--wrap=db_get_lastauthtuple_for_subscr \
+ -Wl,--wrap=db_sync_lastauthtuple_for_subscr
+
+mm_auth_test_LDADD = $(top_builddir)/src/libmsc/libmsc.a \
+ $(top_builddir)/src/libcommon/libcommon.a \
+ $(LIBOSMOCORE_LIBS) \
+ $(LIBOSMOGSM_LIBS)
diff --git a/openbsc/tests/mm_auth/mm_auth_test.c b/openbsc/tests/mm_auth/mm_auth_test.c
new file mode 100644
index 000000000..d8e44758c
--- /dev/null
+++ b/openbsc/tests/mm_auth/mm_auth_test.c
@@ -0,0 +1,119 @@
+#include <stdbool.h>
+
+#include <osmocom/core/application.h>
+#include <osmocom/core/logging.h>
+
+#include <openbsc/debug.h>
+#include <openbsc/gsm_data.h>
+#include <openbsc/gsm_subscriber.h>
+#include <openbsc/auth.h>
+
+/* override, requires '-Wl,--wrap=db_get_authinfo_for_subscr' */
+int __real_db_get_authinfo_for_subscr(struct gsm_auth_info *ainfo,
+ struct gsm_subscriber *subscr);
+
+int test_get_authinfo_rc = 0;
+struct gsm_auth_info test_auth_info = {0};
+struct gsm_auth_info default_auth_info = {
+ .auth_algo = AUTH_ALGO_COMP128v1,
+ .a3a8_ki_len = 16,
+ .a3a8_ki = { 0 }
+};
+
+int __wrap_db_get_authinfo_for_subscr(struct gsm_auth_info *ainfo,
+ struct gsm_subscriber *subscr)
+{
+ *ainfo = test_auth_info;
+ printf("wrapped: db_get_authinfo_for_subscr(): rc = %d\n", test_get_authinfo_rc);
+ return test_get_authinfo_rc;
+}
+
+/* override, requires '-Wl,--wrap=db_get_lastauthtuple_for_subscr' */
+int __real_db_get_lastauthtuple_for_subscr(struct gsm_auth_tuple *atuple,
+ struct gsm_subscriber *subscr);
+
+int test_get_lastauthtuple_rc = 0;
+struct gsm_auth_tuple test_last_auth_tuple = { 0 };
+struct gsm_auth_tuple default_auth_tuple = { 0 };
+
+int __wrap_db_get_lastauthtuple_for_subscr(struct gsm_auth_tuple *atuple,
+ struct gsm_subscriber *subscr)
+{
+ *atuple = test_last_auth_tuple;
+ printf("wrapped: db_get_lastauthtuple_for_subscr(): rc = %d\n", test_get_lastauthtuple_rc);
+ return test_get_lastauthtuple_rc;
+}
+
+/* override, requires '-Wl,--wrap=db_sync_lastauthtuple_for_subscr' */
+int __real_db_sync_lastauthtuple_for_subscr(struct gsm_auth_tuple *atuple,
+ struct gsm_subscriber *subscr);
+int test_sync_lastauthtuple_rc = 0;
+int __wrap_db_sync_lastauthtuple_for_subscr(struct gsm_auth_tuple *atuple,
+ struct gsm_subscriber *subscr)
+{
+ test_last_auth_tuple = *atuple;
+ printf("wrapped: db_sync_lastauthtuple_for_subscr(): rc = %d\n", test_sync_lastauthtuple_rc);
+ return test_sync_lastauthtuple_rc;
+}
+
+int auth_get_tuple_for_subscr_verbose(struct gsm_auth_tuple *atuple,
+ struct gsm_subscriber *subscr,
+ int key_seq)
+{
+ int auth_action;
+ auth_action = auth_get_tuple_for_subscr(atuple, subscr, key_seq);
+ printf("auth_get_tuple_for_subscr(key_seq=%d) --> auth_action == %s\n",
+ key_seq, auth_action_str(auth_action));
+ return auth_action;
+}
+
+/* override libssl RAND_bytes() to get testable crypto results */
+int RAND_bytes(uint8_t *rand, int len)
+{
+ memset(rand, 23, len);
+ return 1;
+}
+
+static void test_error()
+{
+ int auth_action;
+
+ struct gsm_auth_tuple atuple = {0};
+ struct gsm_subscriber subscr = {0};
+ int key_seq = 0;
+
+ printf("\n* test_error()\n");
+
+ /* any error (except -ENOENT) */
+ test_get_authinfo_rc = -EIO;
+ auth_action = auth_get_tuple_for_subscr_verbose(&atuple, &subscr,
+ key_seq);
+ OSMO_ASSERT(auth_action == -1);
+}
+
+static void test_auth_not_avail()
+{
+ int auth_action;
+
+ struct gsm_auth_tuple atuple = {0};
+ struct gsm_subscriber subscr = {0};
+ int key_seq = 0;
+
+ printf("\n* test_auth_not_avail()\n");
+
+ /* no entry */
+ test_get_authinfo_rc = -ENOENT;
+ auth_action = auth_get_tuple_for_subscr_verbose(&atuple, &subscr,
+ key_seq);
+ OSMO_ASSERT(auth_action == AUTH_NOT_AVAIL);
+}
+
+int main(void)
+{
+ osmo_init_logging(&log_info);
+ log_set_log_level(osmo_stderr_target, LOGL_INFO);
+
+ test_error();
+ test_auth_not_avail();
+ return 0;
+}
diff --git a/openbsc/tests/mm_auth/mm_auth_test.ok b/openbsc/tests/mm_auth/mm_auth_test.ok
new file mode 100644
index 000000000..5efb3deca
--- /dev/null
+++ b/openbsc/tests/mm_auth/mm_auth_test.ok
@@ -0,0 +1,8 @@
+
+* test_error()
+wrapped: db_get_authinfo_for_subscr(): rc = -5
+auth_get_tuple_for_subscr(key_seq=0) --> auth_action == (internal error)
+
+* test_auth_not_avail()
+wrapped: db_get_authinfo_for_subscr(): rc = -2
+auth_get_tuple_for_subscr(key_seq=0) --> auth_action == AUTH_NOT_AVAIL
diff --git a/openbsc/tests/testsuite.at b/openbsc/tests/testsuite.at
index 6a1c77f54..dab956888 100644
--- a/openbsc/tests/testsuite.at
+++ b/openbsc/tests/testsuite.at
@@ -117,3 +117,10 @@ AT_CHECK([test "$enable_gtphub_test" != no || exit 77])
cat $abs_srcdir/gtphub/gtphub_test.ok > expout
AT_CHECK([$abs_top_builddir/tests/gtphub/gtphub_test], [], [expout], [ignore])
AT_CLEANUP
+
+AT_SETUP([mm_auth])
+AT_KEYWORDS([mm_auth])
+cat $abs_srcdir/mm_auth/mm_auth_test.ok > expout
+AT_CHECK([$abs_top_builddir/tests/mm_auth/mm_auth_test], [], [expout], [ignore])
+AT_CLEANUP
+