diff options
| author | Neels Hofmeyr <neels@hofmeyr.de> | 2019-08-13 16:00:37 +0200 |
|---|---|---|
| committer | Neels Hofmeyr <neels@hofmeyr.de> | 2019-08-13 23:52:31 +0200 |
| commit | 4dfb2babf213f679ee93ea16e000f228f2b766b4 (patch) | |
| tree | 71d56c475d7cfdf396bf99c2e3e1a75a9c074882 /doc | |
| parent | cd64af7cd4e6b0a6b1123a0e8a01fa1633bc234b (diff) | |
add 'encryption uea 1 2' cfg / fix ttcn3 iu tests
Recently, the ability to run UTRAN without encryption was added, but the config
for it was tied to the A5 GERAN encryption configuration. This affected
osmo-msc's default behavior of Iu, breaking osmo-msc ttcn3 Iu tests: the ttcn3
test suite sets A5 to 0 (no encryption) but still expects Iu to enable air
encryption. Fix this "regression".
Add a separate vty config option for UEA encryption, even if it does not
provide full granularity to select individual UEA algorithms yet.
As a result, Iu default behavior remains to enable encryption regardless of the
A5 config. UTRAN encryption can be disabled by the new cfg option
"encryption uea 0" alone.
Even though the new vty command already allows passing various combinations of
the UEA algorithm numbers, only '0' and '1 2' are accepted as valid
combinations, to reflect current osmo-msc capabilities.
Revert most changes to the msc_vlr test suite in commit "do not force
encryption on UTRAN" (I04ecd7a3b1cc603b2e3feb630e8c7c93fc36ccd7): use new
net->iu_encryption instead of net->a5_encryption_mask.
Adjust/add to test_nodes.vty transcript tests.
Related: OS#4144
Change-Id: Ie138f2fcb105533f7bc06a6d2e6deccf6faccc5b
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/manuals/chapters/net.adoc | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/doc/manuals/chapters/net.adoc b/doc/manuals/chapters/net.adoc index 4bf34a33f..6edb9ee3a 100644 --- a/doc/manuals/chapters/net.adoc +++ b/doc/manuals/chapters/net.adoc @@ -188,11 +188,22 @@ network While authentication is always required on 3G, ciphering is optional. -So far OsmoMSC lacks explicit configuration for ciphering on 3G. As an interim -solution, ciphering is enabled on 3G exactly when ciphering is enabled on 2G, -i.e. when any cipher other than A5/0 is enabled in the configuration. If only -A5/0 is configured, ciphering will be disabled on both 2G and 3G. The future -aim is to add comprehensive configuration for 3G ciphering that is independent -from the 2G setting. +So far OsmoMSC allows switching ciphering on 3G either on or off -- the default +behavior is to enable ciphering. (Individual choice of algorithms may be added +in the future.) + +Disable 3G ciphering: + +---- +network + encryption uea 0 +---- + +Enable 3G ciphering (default): + +---- +network + encryption uea 1 2 +---- OsmoMSC indicates UEA1 and UEA2 as permitted encryption algorithms on 3G. |