msc: Add test case for LU with MI=IMEI (which is illegal)
Change-Id: Ie3c91a0ff212a70a8e03e0579f240a10bc4356f4
diff --git a/library/L3_Templates.ttcn b/library/L3_Templates.ttcn
index d652873..ca81b72 100644
--- a/library/L3_Templates.ttcn
+++ b/library/L3_Templates.ttcn
@@ -56,6 +56,18 @@
return l3;
}
+private function f_enc_IMEI_L3(hexstring digits) return IMEI_L3 {
+ var IMEI_L3 l3;
+ var integer len := lengthof(digits);
+ if (len rem 2 == 1) { /* modulo remainder */
+ l3.oddevenIndicator := '1'B;
+ } else {
+ l3.oddevenIndicator := '0'B;
+ }
+ l3.digits := digits;
+ return l3;
+}
+
/* send template fro Mobile Identity (IMSI) */
template (value) MobileIdentityLV ts_MI_IMSI_LV(hexstring imsi_digits) := {
lengthIndicator := 0, /* overwritten */
@@ -67,6 +79,18 @@
}
}
+/* send template fro Mobile Identity (IMEI) */
+template (value) MobileIdentityLV ts_MI_IMEI_LV(hexstring imei_digits) := {
+ lengthIndicator := 0, /* overwritten */
+ mobileIdentityV := {
+ typeOfIdentity := '000'B, /* overwritten */
+ oddEvenInd_identity := {
+ imei := f_enc_IMEI_L3(imei_digits)
+ }
+ }
+}
+
+
/* Send template for Classmark 2 */
template (value) MobileStationClassmark2_LV ts_CM2 := {
lengthIndicator := 0,
@@ -300,6 +324,43 @@
}
}
+template PDU_ML3_NW_MS tr_ML3_MT_MM_ID_Req(template BIT3 id_type := ?) := {
+ discriminator := '0101'B,
+ tiOrSkip := {
+ skipIndicator := '0000'B
+ },
+ msgs := {
+ mm := {
+ identityRequest := {
+ messageType := '011000'B,
+ nsd := '00'B,
+ identityType := id_type,
+ spare1_5 := ?
+ }
+ }
+ }
+}
+
+template PDU_ML3_MS_NW ts_ML3_MO_MM_ID_Rsp(MobileIdentityLV mi) modifies ts_ML3_MO := {
+ msgs := {
+ mm := {
+ identityResponse := {
+ messageType := '011001'B,
+ nsd := '00'B,
+ mobileIdentityLV := mi,
+ p_TMSI_TypeTV := omit,
+ routingAreaIdentification2TLV := omit,
+ p_TMSISignature2TLV := omit
+ }
+ }
+ }
+}
+template PDU_ML3_MS_NW ts_ML3_MO_MM_ID_Rsp_IMSI(hexstring imsi) :=
+ ts_ML3_MO_MM_ID_Rsp(valueof(ts_MI_IMSI_LV(imsi)));
+template PDU_ML3_MS_NW ts_ML3_MO_MM_ID_Rsp_IMEI(hexstring imei) :=
+ ts_ML3_MO_MM_ID_Rsp(valueof(ts_MI_IMEI_LV(imei)));
+
+
template PDU_ML3_MS_NW ts_ML3_MO_CC(integer tid) := {
discriminator := '0011'B,
tiOrSkip := {
diff --git a/msc_tests/BSC_ConnectionHandler.ttcn b/msc_tests/BSC_ConnectionHandler.ttcn
index f9b4d3e..0fb1702 100644
--- a/msc_tests/BSC_ConnectionHandler.ttcn
+++ b/msc_tests/BSC_ConnectionHandler.ttcn
@@ -125,6 +125,16 @@
var MobileIdentityLV mi := valueof(ts_MI_IMSI_LV(imsi));
return f_build_lu(mi);
}
+function f_build_lu_imei(hexstring imei) return PDU_ML3_MS_NW
+{
+ var MobileIdentityLV mi := valueof(ts_MI_IMEI_LV(imei));
+ return f_build_lu(mi);
+}
+function f_build_lu_tmsi(OCT4 tmsi) return PDU_ML3_MS_NW
+{
+ var MobileIdentityLV mi := valueof(ts_MI_TMSI_LV(tmsi));
+ return f_build_lu(mi);
+}
private function f_build_lu(MobileIdentityLV mi) return PDU_ML3_MS_NW
{
var LocationAreaIdentification_V old_lai := { '62F220'O, '9999'O };
diff --git a/msc_tests/MSC_Tests.ttcn b/msc_tests/MSC_Tests.ttcn
index a21ad50..c2d1771 100644
--- a/msc_tests/MSC_Tests.ttcn
+++ b/msc_tests/MSC_Tests.ttcn
@@ -620,6 +620,98 @@
vc_conn.done;
}
+/* Test LU but with illegal mobile identity type = IMEI */
+private function f_tc_lu_by_imei(charstring id, BSC_ConnHdlrPars pars) runs on BSC_ConnHdlr {
+ g_pars := pars;
+
+ var PDU_ML3_MS_NW l3_lu := f_build_lu_imei(g_pars.imsi)
+ var PDU_DTAP_MT dtap_mt;
+
+ /* tell GSUP dispatcher to send this IMSI to us */
+ f_create_gsup_expect(hex2str(g_pars.imsi));
+
+ /* Send BSSAP_Conn_Req with COMPL L3 INFO to MSC */
+ f_bssap_compl_l3(l3_lu);
+
+ /* Send Early Classmark, just for the fun of it */
+ BSSAP.send(ts_BSSMAP_ClassmarkUpd(g_pars.cm2, g_pars.cm3));
+ /* wait for LU reject, ignore any ID REQ */
+ alt {
+ [] BSSAP.receive(tr_PDU_DTAP_MT(tr_ML3_MT_LU_Rej)) { }
+ [] BSSAP.receive(tr_PDU_DTAP_MT(tr_ML3_MT_MM_ID_Req)) { repeat; }
+ }
+ /* wait for normal teardown */
+ BSSAP.receive(tr_BSSMAP_ClearCommand);
+ BSSAP.send(ts_BSSMAP_ClearComplete);
+ BSSAP.receive(BSSAP_Conn_Prim:MSC_CONN_PRIM_DISC_IND);
+ setverdict(pass);
+}
+testcase TC_lu_by_imei() runs on MTC_CT {
+ var BSC_ConnHdlr vc_conn;
+ f_init();
+
+ vc_conn := f_start_handler(refers(f_tc_lu_by_imei), testcasename(), 9);
+ vc_conn.done;
+}
+
+/* Test LU by TMSI with unknown TMSI, expect (and answer) ID REQ. */
+private function f_tc_lu_tmsi_noauth_unknown(charstring id, BSC_ConnHdlrPars pars) runs on BSC_ConnHdlr {
+ g_pars := pars;
+
+ var PDU_ML3_MS_NW l3_lu := f_build_lu_tmsi('01020304'O); /* FIXME: Random */
+ var PDU_DTAP_MT dtap_mt;
+
+ /* tell GSUP dispatcher to send this IMSI to us */
+ f_create_gsup_expect(hex2str(g_pars.imsi));
+
+ /* Send BSSAP_Conn_Req with COMPL L3 INFO to MSC */
+ f_bssap_compl_l3(l3_lu);
+
+ /* Send Early Classmark, just for the fun of it */
+ BSSAP.send(ts_BSSMAP_ClassmarkUpd(g_pars.cm2, g_pars.cm3));
+
+ /* Wait for + respond to ID REQ (IMSI) */
+ BSSAP.receive(tr_PDU_DTAP_MT(tr_ML3_MT_MM_ID_Req('001'B)));
+ BSSAP.send(ts_PDU_DTAP_MO(ts_ML3_MO_MM_ID_Rsp_IMSI(g_pars.imsi)));
+
+ /* Expect MSC to do UpdateLocation to HLR; respond to it */
+ GSUP.receive(tr_GSUP_UL_REQ(g_pars.imsi));
+ GSUP.send(ts_GSUP_ISD_REQ(g_pars.imsi, g_pars.msisdn));
+ GSUP.receive(tr_GSUP_ISD_RES(g_pars.imsi));
+ GSUP.send(ts_GSUP_UL_RES(g_pars.imsi));
+
+ alt {
+ [] BSSAP.receive(tr_PDU_DTAP_MT(tr_ML3_MT_LU_Acc)) { }
+ [] BSSAP.receive(tr_PDU_DTAP_MT(tr_ML3_MT_LU_Rej)) {
+ setverdict(fail, "Expected LU ACK, but received REJ");
+ }
+ }
+
+ /* wait for normal teardown */
+ BSSAP.receive(tr_BSSMAP_ClearCommand);
+ BSSAP.send(ts_BSSMAP_ClearComplete);
+ BSSAP.receive(BSSAP_Conn_Prim:MSC_CONN_PRIM_DISC_IND);
+ setverdict(pass);
+}
+testcase TC_lu_by_tmsi_noauth_unknown() runs on MTC_CT {
+ var BSC_ConnHdlr vc_conn;
+ f_init();
+
+ vc_conn := f_start_handler(refers(f_tc_lu_tmsi_noauth_unknown), testcasename(), 1);
+ vc_conn.done;
+}
+
+
+/* TODO:
+ * continue to send repeated MO signalling messages to keep channel open: does MSC tmeout?
+ * malformed messages (missing IE, invalid message type): properly rejected?
+ * MT call while LU or is ongoing: Do we use existing lchan or page while lchan active?
+ * 3G/2G auth permutations
+ * encryption algorithms vs. classmark vs. vty config
+ * emergency call
+ * IMSI DETACH
+ * send new transaction after/during clear (like SMS, ...)
+ */
control {