Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 1cb18a2dc8fb72c34923eeb57df007f5e0696cdd^! / . / src / libvlr / vlr_lu_fsm.c
commit1cb18a2dc8fb72c34923eeb57df007f5e0696cdd[log] [tgz]
authorNeels Hofmeyr <nhofmeyr@sysmocom.de>Tue Oct 11 00:18:04 2022 +0200
committerNeels Hofmeyr <nhofmeyr@sysmocom.de>Thu Oct 27 23:59:38 2022 +0200
treeb8deb55322b89737892e02f3d3aa049849e8d053
parent66d4ab8a6157c69adce991a9f4724b45d1de6464 [diff] [blame]
vlr: implement fallback to no-auth

When the HLR fails to return auth info and authentication and ciphering
are configured to be optional, fall back to no-auth.

This patch concludes a series of preparatory patches and implements the
actual functional change.

Related: OS#4830
Change-Id: I5feda196fa481dd8a46b0e4721c64b7c6600f0d1

diff --git a/src/libvlr/vlr_lu_fsm.c b/src/libvlr/vlr_lu_fsm.c
index a65421c..7500c86 100644
--- a/src/libvlr/vlr_lu_fsm.c
+++ b/src/libvlr/vlr_lu_fsm.c

@@ -643,6 +643,7 @@
 	OSMO_VALUE_STRING(VLR_ULA_E_SEND_ID_ACK),
 	OSMO_VALUE_STRING(VLR_ULA_E_SEND_ID_NACK),
 	OSMO_VALUE_STRING(VLR_ULA_E_AUTH_SUCCESS),
+	OSMO_VALUE_STRING(VLR_ULA_E_AUTH_NO_INFO),
 	OSMO_VALUE_STRING(VLR_ULA_E_AUTH_FAILURE),
 	OSMO_VALUE_STRING(VLR_ULA_E_CIPH_RES),
 	OSMO_VALUE_STRING(VLR_ULA_E_ID_IMSI),
@@ -861,7 +862,10 @@
 
 	OSMO_ASSERT(vsub);
 
-	if (!is_cmc_smc_to_be_attempted(lfp)) {
+	/* Continue with ciphering, if enabled.
+	 * If auth/ciph is optional and the HLR returned no auth info, continue without ciphering. */
+	if (!is_cmc_smc_to_be_attempted(lfp)
+	    || (vsub->sec_ctx == VLR_SEC_CTX_NONE && !lfp->is_ciphering_required)) {
 		vlr_loc_upd_post_ciph(fi);
 		return;
 	}
@@ -913,7 +917,7 @@
 		vsub->auth_fsm = auth_fsm_start(lfp->vsub,
 						fi,
 						VLR_ULA_E_AUTH_SUCCESS,
-						VLR_ULA_E_AUTH_FAILURE,
+						VLR_ULA_E_AUTH_NO_INFO,
 						VLR_ULA_E_AUTH_FAILURE,
 						lfp->is_r99,
 						lfp->is_utran);
@@ -1156,7 +1160,18 @@
 		return;
 
 	case VLR_ULA_E_AUTH_FAILURE:
-		lu_fsm_failure(fi, res? *res : GSM48_REJECT_NETWORK_FAILURE);
+		lu_fsm_failure(fi, res ? *res : GSM48_REJECT_NETWORK_FAILURE);
+		return;
+
+	case VLR_ULA_E_AUTH_NO_INFO:
+		/* HLR returned no auth info for the subscriber. Continue only if authentication is optional. */
+		if (lfp->authentication_required || lfp->is_ciphering_required) {
+			lu_fsm_failure(fi, res ? *res : GSM48_REJECT_NETWORK_FAILURE);
+			return;
+		}
+		LOGPFSML(fi, LOGL_INFO,
+			 "Attaching subscriber without auth (auth is optional, and no auth info received from HLR)\n");
+		vlr_loc_upd_post_auth(fi);
 		return;
 
 	default:
@@ -1377,6 +1392,7 @@
 	},
 	[VLR_ULA_S_WAIT_AUTH] = {
 		.in_event_mask = S(VLR_ULA_E_AUTH_SUCCESS) |
+				 S(VLR_ULA_E_AUTH_NO_INFO) |
 				 S(VLR_ULA_E_AUTH_FAILURE),
 		.out_state_mask = S(VLR_ULA_S_WAIT_CIPH) |
 				  S(VLR_ULA_S_WAIT_LU_COMPL) |