diff options
| author | Neels Hofmeyr <neels@hofmeyr.de> | 2019-08-13 16:00:37 +0200 |
|---|---|---|
| committer | Neels Hofmeyr <neels@hofmeyr.de> | 2019-08-13 23:52:31 +0200 |
| commit | 4dfb2babf213f679ee93ea16e000f228f2b766b4 (patch) | |
| tree | 71d56c475d7cfdf396bf99c2e3e1a75a9c074882 /tests | |
| parent | cd64af7cd4e6b0a6b1123a0e8a01fa1633bc234b (diff) | |
add 'encryption uea 1 2' cfg / fix ttcn3 iu tests
Recently, the ability to run UTRAN without encryption was added, but the config
for it was tied to the A5 GERAN encryption configuration. This affected
osmo-msc's default behavior of Iu, breaking osmo-msc ttcn3 Iu tests: the ttcn3
test suite sets A5 to 0 (no encryption) but still expects Iu to enable air
encryption. Fix this "regression".
Add a separate vty config option for UEA encryption, even if it does not
provide full granularity to select individual UEA algorithms yet.
As a result, Iu default behavior remains to enable encryption regardless of the
A5 config. UTRAN encryption can be disabled by the new cfg option
"encryption uea 0" alone.
Even though the new vty command already allows passing various combinations of
the UEA algorithm numbers, only '0' and '1 2' are accepted as valid
combinations, to reflect current osmo-msc capabilities.
Revert most changes to the msc_vlr test suite in commit "do not force
encryption on UTRAN" (I04ecd7a3b1cc603b2e3feb630e8c7c93fc36ccd7): use new
net->iu_encryption instead of net->a5_encryption_mask.
Adjust/add to test_nodes.vty transcript tests.
Related: OS#4144
Change-Id: Ie138f2fcb105533f7bc06a6d2e6deccf6faccc5b
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/msc_vlr/msc_vlr_test_authen_reuse.c | 12 | ||||
| -rw-r--r-- | tests/msc_vlr/msc_vlr_test_call.c | 1 | ||||
| -rw-r--r-- | tests/msc_vlr/msc_vlr_test_umts_authen.c | 44 | ||||
| -rw-r--r-- | tests/msc_vlr/msc_vlr_tests.h | 3 | ||||
| -rw-r--r-- | tests/test_nodes.vty | 66 |
5 files changed, 78 insertions, 48 deletions
diff --git a/tests/msc_vlr/msc_vlr_test_authen_reuse.c b/tests/msc_vlr/msc_vlr_test_authen_reuse.c index 62ea6c7b5..d73a5f8c5 100644 --- a/tests/msc_vlr/msc_vlr_test_authen_reuse.c +++ b/tests/msc_vlr/msc_vlr_test_authen_reuse.c @@ -266,8 +266,6 @@ static void _test_auth_reuse(enum osmo_rat_type via_ran, static void test_auth_use_twice_geran() { comment_start(); - /* A5/0 = no encryption */ - net->a5_encryption_mask = A5_0; _test_auth_reuse(OSMO_RAT_GERAN_A, 1, 1, true); comment_end(); } @@ -275,8 +273,6 @@ static void test_auth_use_twice_geran() static void test_auth_use_twice_utran() { comment_start(); - /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ - net->a5_encryption_mask = A5_0_3; _test_auth_reuse(OSMO_RAT_UTRAN_IU, 1, 1, true); comment_end(); } @@ -284,8 +280,6 @@ static void test_auth_use_twice_utran() static void test_auth_use_infinitely_geran() { comment_start(); - /* A5/0 = no encryption */ - net->a5_encryption_mask = A5_0; _test_auth_reuse(OSMO_RAT_GERAN_A, -1, 3, false); comment_end(); } @@ -293,8 +287,6 @@ static void test_auth_use_infinitely_geran() static void test_auth_use_infinitely_utran() { comment_start(); - /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ - net->a5_encryption_mask = A5_0_3; _test_auth_reuse(OSMO_RAT_UTRAN_IU, -1, 3, false); comment_end(); } @@ -302,8 +294,6 @@ static void test_auth_use_infinitely_utran() static void test_no_auth_reuse_geran() { comment_start(); - /* A5/0 = no encryption */ - net->a5_encryption_mask = A5_0; _test_auth_reuse(OSMO_RAT_GERAN_A, 0, 0, true); comment_end(); } @@ -311,8 +301,6 @@ static void test_no_auth_reuse_geran() static void test_no_auth_reuse_utran() { comment_start(); - /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ - net->a5_encryption_mask = A5_0_3; _test_auth_reuse(OSMO_RAT_UTRAN_IU, 0, 0, true); comment_end(); } diff --git a/tests/msc_vlr/msc_vlr_test_call.c b/tests/msc_vlr/msc_vlr_test_call.c index cec2f8da0..065af2555 100644 --- a/tests/msc_vlr/msc_vlr_test_call.c +++ b/tests/msc_vlr/msc_vlr_test_call.c @@ -46,7 +46,6 @@ static void standard_lu() struct vlr_subscr *vsub; net->authentication_required = true; - net->a5_encryption_mask = A5_0_3; net->vlr->cfg.assign_tmsi = true; rx_from_ran = OSMO_RAT_UTRAN_IU; diff --git a/tests/msc_vlr/msc_vlr_test_umts_authen.c b/tests/msc_vlr/msc_vlr_test_umts_authen.c index 1bf6cd217..761db55e2 100644 --- a/tests/msc_vlr/msc_vlr_test_umts_authen.c +++ b/tests/msc_vlr/msc_vlr_test_umts_authen.c @@ -49,6 +49,8 @@ static void _test_umts_authen(enum osmo_rat_type via_ran) "5079da1e1ee7416937485e9ea7c965373d1d6683c270383b3d0e" "d3d36ff71c949e83c22072799e9687c5ec32a81d96afcbf4b4fb" "0c7ac3e9e9b7db05"; + bool encryption = (via_ran == OSMO_RAT_GERAN_A && net->a5_encryption_mask > 0x1) + || (via_ran == OSMO_RAT_UTRAN_IU && net->uea_encryption); net->authentication_required = true; net->vlr->cfg.assign_tmsi = true; @@ -122,8 +124,7 @@ static void _test_umts_authen(enum osmo_rat_type via_ran) VERBOSE_ASSERT(auth_request_sent, == true, "%d"); VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); - if (net->a5_encryption_mask > 0x1) { - /* Encryption enabled */ + if (encryption) { if (via_ran == OSMO_RAT_GERAN_A) { btw("Test code not implemented"); OSMO_ASSERT(false); @@ -197,8 +198,7 @@ static void _test_umts_authen(enum osmo_rat_type via_ran) EXPECT_ACCEPTED(false); thwart_rx_non_initial_requests(); - if (net->a5_encryption_mask > 0x1) { - /* Encryption enabled */ + if (encryption) { if (via_ran == OSMO_RAT_GERAN_A) { btw("Test code not implemented"); OSMO_ASSERT(false); @@ -265,8 +265,7 @@ static void _test_umts_authen(enum osmo_rat_type via_ran) EXPECT_ACCEPTED(false); thwart_rx_non_initial_requests(); - if (net->a5_encryption_mask > 0x1) { - /* Encryption enabled */ + if (encryption) { if (via_ran == OSMO_RAT_GERAN_A) { btw("Test code not implemented"); OSMO_ASSERT(false); @@ -327,8 +326,6 @@ static void _test_umts_authen(enum osmo_rat_type via_ran) static void test_umts_authen_geran() { comment_start(); - /* A5/0 = no encryption */ - net->a5_encryption_mask = A5_0; _test_umts_authen(OSMO_RAT_GERAN_A); comment_end(); } @@ -336,8 +333,7 @@ static void test_umts_authen_geran() static void test_umts_authen_utran() { comment_start(); - /* A5/0 = no encryption; so far the A5 setting also triggers UTRAN encryption */ - net->a5_encryption_mask = A5_0; + net->uea_encryption = false; _test_umts_authen(OSMO_RAT_UTRAN_IU); comment_end(); } @@ -345,8 +341,7 @@ static void test_umts_authen_utran() static void test_umts_auth_ciph_utran() { comment_start(); - /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ - net->a5_encryption_mask = A5_0_3; + net->uea_encryption = true; _test_umts_authen(OSMO_RAT_UTRAN_IU); comment_end(); } @@ -365,6 +360,8 @@ static void _test_umts_authen_resync(enum osmo_rat_type via_ran) { struct vlr_subscr *vsub; const char *imsi = "901700000010650"; + bool encryption = (via_ran == OSMO_RAT_GERAN_A && net->a5_encryption_mask > 0x1) + || (via_ran == OSMO_RAT_UTRAN_IU && net->uea_encryption); net->authentication_required = true; net->vlr->cfg.assign_tmsi = true; @@ -519,8 +516,7 @@ static void _test_umts_authen_resync(enum osmo_rat_type via_ran) VERBOSE_ASSERT(auth_request_sent, == true, "%d"); VERBOSE_ASSERT(lu_result_sent, == RES_NONE, "%d"); - if (net->a5_encryption_mask > 0x1) { - /* Encryption enabled */ + if (encryption) { if (via_ran == OSMO_RAT_GERAN_A) { btw("Test code not implemented"); OSMO_ASSERT(false); @@ -585,8 +581,6 @@ static void _test_umts_authen_resync(enum osmo_rat_type via_ran) static void test_umts_authen_resync_geran() { comment_start(); - /* A5/0 = no encryption */ - net->a5_encryption_mask = A5_0; _test_umts_authen_resync(OSMO_RAT_GERAN_A); comment_end(); } @@ -594,8 +588,7 @@ static void test_umts_authen_resync_geran() static void test_umts_authen_resync_utran() { comment_start(); - /* A5/0 = no encryption; so far the A5 setting also triggers UTRAN encryption */ - net->a5_encryption_mask = A5_0; + net->uea_encryption = false; _test_umts_authen_resync(OSMO_RAT_UTRAN_IU); comment_end(); } @@ -603,8 +596,7 @@ static void test_umts_authen_resync_utran() static void test_umts_auth_ciph_resync_utran() { comment_start(); - /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ - net->a5_encryption_mask = A5_0_3; + net->uea_encryption = true; _test_umts_authen_resync(OSMO_RAT_UTRAN_IU); comment_end(); } @@ -698,8 +690,6 @@ static void _test_umts_authen_too_short_res(enum osmo_rat_type via_ran) static void test_umts_authen_too_short_res_geran() { comment_start(); - /* A5/0 = no encryption */ - net->a5_encryption_mask = A5_0; _test_umts_authen_too_short_res(OSMO_RAT_GERAN_A); comment_end(); } @@ -707,8 +697,6 @@ static void test_umts_authen_too_short_res_geran() static void test_umts_authen_too_short_res_utran() { comment_start(); - /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ - net->a5_encryption_mask = A5_0_3; _test_umts_authen_too_short_res(OSMO_RAT_UTRAN_IU); comment_end(); } @@ -802,8 +790,6 @@ static void _test_umts_authen_too_long_res(enum osmo_rat_type via_ran) static void test_umts_authen_too_long_res_geran() { comment_start(); - /* A5/0 = no encryption */ - net->a5_encryption_mask = A5_0; _test_umts_authen_too_long_res(OSMO_RAT_GERAN_A); comment_end(); } @@ -811,8 +797,6 @@ static void test_umts_authen_too_long_res_geran() static void test_umts_authen_too_long_res_utran() { comment_start(); - /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ - net->a5_encryption_mask = A5_0_3; _test_umts_authen_too_long_res(OSMO_RAT_UTRAN_IU); comment_end(); } @@ -911,8 +895,6 @@ static void _test_umts_authen_only_sres(enum osmo_rat_type via_ran) static void test_umts_authen_only_sres_geran() { comment_start(); - /* A5/0 = no encryption */ - net->a5_encryption_mask = A5_0; _test_umts_authen_only_sres(OSMO_RAT_GERAN_A); comment_end(); } @@ -920,8 +902,6 @@ static void test_umts_authen_only_sres_geran() static void test_umts_authen_only_sres_utran() { comment_start(); - /* A5/0 + A5/3 = encryption enabled; so far the A5 setting also triggers UTRAN encryption */ - net->a5_encryption_mask = A5_0_3; _test_umts_authen_only_sres(OSMO_RAT_UTRAN_IU); comment_end(); } diff --git a/tests/msc_vlr/msc_vlr_tests.h b/tests/msc_vlr/msc_vlr_tests.h index 4330ea869..9df9cf049 100644 --- a/tests/msc_vlr/msc_vlr_tests.h +++ b/tests/msc_vlr/msc_vlr_tests.h @@ -32,9 +32,6 @@ #include <osmocom/msc/msc_a.h> #include <osmocom/msc/mncc.h> -#define A5_0 (1 << 0) -#define A5_0_3 ((1 << 0) | (1 << 3)) - extern bool _log_lines; #define _log(fmt, args...) do { \ if (_log_lines) \ diff --git a/tests/test_nodes.vty b/tests/test_nodes.vty index fb7b1c529..0ad390fc5 100644 --- a/tests/test_nodes.vty +++ b/tests/test_nodes.vty @@ -17,6 +17,7 @@ OsmoMSC(config-net)# list short name NAME long name NAME encryption a5 <0-3> [<0-3>] [<0-3>] [<0-3>] + encryption uea <0-2> [<0-2>] [<0-2>] authentication (optional|required) rrlp mode (none|ms-based|ms-preferred|ass-preferred) mm info (0|1) @@ -26,6 +27,21 @@ OsmoMSC(config-net)# list periodic location update <6-1530> no periodic location update +OsmoMSC(config-net)# encryption? + encryption Encryption options +OsmoMSC(config-net)# encryption ? + a5 GSM A5 Air Interface Encryption. + uea UTRAN (3G) encryption algorithms to allow: 0 = UEA0 (no encryption), 1 = UEA1, 2 = UEA2. NOTE: the current implementation does not allow free choice of combining encryption algorithms yet. The only valid settings are either 'encryption uea 0' or 'encryption uea 1 2'. + +OsmoMSC(config-net)# encryption uea ? + <0-2> UEAn Algorithm Number +OsmoMSC(config-net)# encryption uea 0 ? + [<0-2>] UEAn Algorithm Number +OsmoMSC(config-net)# encryption uea 0 1 ? + [<0-2>] UEAn Algorithm Number +OsmoMSC(config-net)# encryption uea 0 1 2 ? + <cr> + OsmoMSC(config-net)# exit OsmoMSC(config)# msc OsmoMSC(config-msc)# list @@ -130,6 +146,7 @@ network short name OsmoMSC long name OsmoMSC encryption a5 0 + encryption uea 1 2 authentication optional rrlp mode none mm info 1 @@ -157,3 +174,52 @@ sgs local-ip 0.0.0.0 vlr-name vlr.example.net end + +OsmoMSC# configure terminal +OsmoMSC(config)# network +OsmoMSC(config-net)# encryption uea 0 +OsmoMSC(config-net)# show running-config +... + encryption uea 0 +... + +OsmoMSC(config-net)# encryption uea 1 +% Error: the current implementation does not allow free choice of combining +% encryption algorithms yet. The only valid settings are either +% encryption uea 0 +% or +% encryption uea 1 2 +OsmoMSC(config-net)# show running-config +... + encryption uea 0 +... + +OsmoMSC(config-net)# encryption uea 2 +% Error: the current implementation does not allow free choice of combining +... +OsmoMSC(config-net)# show running-config +... + encryption uea 0 +... + +OsmoMSC(config-net)# encryption uea 0 1 +% Error: the current implementation does not allow free choice of combining +... +OsmoMSC(config-net)# show running-config +... + encryption uea 0 +... + +OsmoMSC(config-net)# encryption uea 0 2 +% Error: the current implementation does not allow free choice of combining +... +OsmoMSC(config-net)# show running-config +... + encryption uea 0 +... + +OsmoMSC(config-net)# encryption uea 1 2 +OsmoMSC(config-net)# show running-config +... + encryption uea 1 2 +... |