Skip to content

O
OpenXG-AUSF
Commit 2bfc704c authored by yangjian's avatar yangjian
Browse files
Options

Add skip authentication function

parent 82404287
Hide whitespace changes
Inline Side-by-side
Showing with 78 additions and 162 deletions
build/scripts/build_ausf
View file @ 2bfc704c
......@@ -134,7 +134,7 @@ function main()
cd $OPENXGAUSF_DIR/build/AUSF
if [[ $jobs -ne 0 ]]; then
make -j4
make -j`nproc`
else
make
fi
......
etc/ausf.conf
View file @ 2bfc704c
################################################################################
# Licensed to the OpenAirInterface (OAI) Software Alliance under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The OpenAirInterface Software Alliance licenses this file to You under
# the OAI Public License, Version 1.1 (the "License"); you may not use this
# file except in compliance with the License. You may obtain a copy of the
# License at
#
# http://www.openairinterface.org/?page_id=698
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#-------------------------------------------------------------------------------
# For more information about the OpenAirInterface (OAI) Software Alliance:
# contact@openairinterface.org
################################################################################
# ! file
# brief
# author Jian Yang,Fengjiao He,Hongxin Wang
# date 2020
# email: contact@openairinterface.org
################################################################################
## amf configuration file
AUSF =
{
INSTANCE_ID = 10; #10
PID_DIRECTORY = "/var/run";
######################################################################## NG SETUP RESPONSE IEs ############################################################
AUSF_NAME = "bupt-ausf";
# GUAMI:{MCC = "110"; MNC = "11"; RegionID = "128"; AMFSetID = "4"; AMFPointer = "1"}
# SERVED_GUAMI_LIST = (
# {MCC = "110"; MNC = "11"; RegionID = "10"; AMFSetID = "1"; AMFPointer = "0"}, #48bits <MCC><MNC><RegionID><AMFSetID><AMFPointer>
# {MCC = "110"; MNC = "11"; RegionID = "10"; AMFSetID = "1"; AMFPointer = "1"} #48bits <MCC><MNC><RegionID><AMFSetID><AMFPointer>
# );
# RELATIVE_CAPACITY = 30;
# PLMN_SUPPORT_LIST = (
# {MCC = "110"; MNC = "11"; TAC = 100;
# SLICE_SUPPORT_LIST = (
# {SST = "1"; SD = "none"},
# {SST = "1"; SD = "12"}
# )
# }
# );
##################################################################### clause 9.2.6.2, 3gpp ts38.413 ####################################################
#STATISTICS_TIMER_INTERVAL = 20; #second
AUSF_NAME = "bupt-ausf";
INTERFACES:{
SBI_AUSF:{
INTERFACE_NAME = "ens33"; #interface for providing ausf service
IPV4_ADDRESS = "192.168.2.101/24"; #"192.168.61.141/24"; #address for intercafe (cidr)
INTERFACE_NAME = "ens32"; #interface for providing ausf service
IPV4_ADDRESS = "192.168.2.35/24"; #"192.168.61.141/24"; #address for intercafe (cidr)
PORT = 8383; #ausf service port
PPID = 60;
};
NUDM:{
INTERFACE_NAME = "ens32"; #interface for providing udm service
IPV4_ADDRESS = "192.168.2.35/24"; #address for intercafe (cidr)
PORT = 8181; #udm service port
#PPID = 60;
};
NAMF:{
INTERFACE_NAME = "ens33"; #interface for request for amf service
IPV4_ADDRESS = "192.168.2.101/24"; #amf address (cidr)
IPV4_ADDRESS = "192.168.2.35/24"; #amf address (cidr)
PORT = 8383; #amf port
};
# NUDR:{
# INTERFACE_NAME = "ens33"; #interface for request for udr service
# IPV4_ADDRESS = "192.168.21.133/24"; #udr address (cidr)
# PORT = 8080; #udr port
# VERSION = "v2";
# };
};
# CORE_CONFIGURATION:{
# EMERGENCY_SUPPORT = "false";
# };
# AUTHENTICATION:{
# MYSQL_server = "127.0.0.1";
# MYSQL_user = "bupt"; # Database server login
# MYSQL_pass = "linux"; # Database server password
# MYSQL_db = "OAI_DB";
# OPERATOR_key = "1006020f0a478bf6b699f15c062e42b3"; # op
# RANDOM = "true";
# };
IS_AUTHENTICATION = "true";
};
......
src/impl/DefaultApiImpl.cpp
View file @ 2bfc704c
......@@ -46,7 +46,7 @@ using namespace org::openapitools::server::model;
//stored temporarily
uint8_t XRES_STAR[16]; //store xres*
// uint8_t KAUSF[32];
// uint8_t KAUSF[32];
std::string SUPI_AUSF; //store supi
std::string AUTH_TYPE; //store authType
......@@ -105,10 +105,10 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
Logger::ausf_server().info("Received authCtxId %s", authCtxId.c_str()); // authCtxId
Logger::ausf_server().info("Received res* %s", confirmationData.getResStar().c_str()); // res*(const char*) "0ddc2f64bd8dc35906fad44499e18525"
uint8_t resStar[16] = {0};
conv::hex_str_to_uint8(confirmationData.getResStar().c_str(), resStar); //string->uint8, res*(uint8)
/*---------------------认证确认-amf--------------------------------*/
uint8_t resStar[16] = {0};
conv::hex_str_to_uint8(confirmationData.getResStar().c_str(), resStar); //string->uint8, res*(uint8)
/*---------------------认证确认-amf--------------------------------*/
ConfirmationDataResponse confirmResponse;
//1.验证AV是否过期: 认证成功后,AUSF将存储 KAUSF ?
uint8_t authCtxId_seaf[16];
......@@ -131,12 +131,16 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
//2.将接收到的RES*与存储的XRES*进行比较:RES*与XRES*相等,AUSF将从家庭网络角度认为认证成功
//get stored xres* -----
uint8_t xresStar[16] = {0};
uint8_t xresStar[16] = {0};
memcpy(xresStar,XRES_STAR,16); //xres* stored for 5g-aka-confirmation
Logger::ausf_server().debug("xres* in ausf: %s", (conv::uint8_to_hex_string(xresStar, 16)).c_str());
Logger::ausf_server().debug("xres in amf: %s", (conv::uint8_to_hex_string(resStar, 16)).c_str());
bool authResult = Authentication_5gaka::equal_uint8(xresStar,resStar,16);
bool authResult;
if(ausf_cfg.is_authentication)
authResult = Authentication_5gaka::equal_uint8(xresStar,resStar,16);
else
authResult = true;
confirmResponse.setAuthResult(authResult); //3.向SEAF指示,从本地网络角度认证是否成功
if(!authResult) //fail
......@@ -146,11 +150,11 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
else //success
{
Logger::ausf_server().info("Authentication successful by home network!");
//4.send KSEAF to SEAF
string kseaf_s;
kseaf_s = conv::uint8_to_hex_string(ausf_av_s.kseaf, 32); // convert uint8_t to string
confirmResponse.setKseaf(kseaf_s);
confirmResponse.setKseaf(kseaf_s);
//5.send supi when supi_ausf exists
if(!SUPI_AUSF.empty())
......@@ -169,12 +173,12 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
udmUri = "http://" + udm_ip+ ":" + udm_port + "/nudm-ueau/v1/" + SUPI_AUSF + "/auth-events";
cout << udmUri.c_str() << endl;
Logger::ausf_server().debug("POST Request:" + udmUri);
Method = "POST";
Method = "POST";
//form udm request body
//form udm request body
nlohmann::json confirmResultInfo = {};
confirmResultInfo["nfInstanceId"] = "400346f4-087e-40b1-a4cd-00566953999d"; //fixed, may need to change
confirmResultInfo["success"] = true;
confirmResultInfo["success"] = true;
time_t rawtime;
time(&rawtime);
......@@ -185,7 +189,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
confirmResultInfo["authType"] = AUTH_TYPE; //authType stored in ausf
confirmResultInfo["servingNetworkName"] = SERVING_NN; //snn stored in ausf
confirmResultInfo["authRemovalInd"] = false;
confirmResultInfo["authRemovalInd"] = false;
cout << confirmResultInfo.dump() << endl;
Curl::curl_http_client(udmUri, Method, confirmResultInfo.dump() , Response);
......@@ -200,7 +204,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
Logger::ausf_server().debug("5g-aka-confirmation response:\n %s",confirmResponse_json.dump().c_str());
Logger::ausf_server().info("Send 5g-aka-confirmation 200 response to SEAF");
response.send(Pistache::Http::Code::Ok, confirmResponse_json.dump());
}
......@@ -236,7 +240,7 @@ void DefaultApiImpl::ue_authentications_post(
//UDM POST interface ----- get authentication related info--------------------
udmUri = "http://" + udm_ip+ ":" + udm_port + "/nudm-ueau/v1/" + supi + "/security-information/generate-auth-data";
Logger::ausf_server().debug("POST Request:" + udmUri);
Method = "POST";
Method = "POST";
//form udm request body AuthInfo
nlohmann::json AuthInfo = {}; //model AuthenticationInfo do not have ausfInstanceId field
......@@ -259,7 +263,7 @@ void DefaultApiImpl::ue_authentications_post(
Curl::curl_http_client(udmUri, Method, AuthInfo.dump() , Response);
Logger::ausf_server().error("response: %s",Response.c_str());
ProblemDetails problemDetails;
nlohmann::json problemDetails_json = {};
......@@ -296,13 +300,13 @@ void DefaultApiImpl::ue_authentications_post(
Logger::ausf_server().debug("rand_udm %s",rand_udm.c_str());
std::string xresStar_udm = response_data["authenticationVector"].at("xresStar"); //xres*
Logger::ausf_server().debug("xres*_udm %s",xresStar_udm.c_str());
//------------------5G HE AV-----------------------------------------------------
uint8_t autn[16] = {0};
uint8_t rand[16] = {0};
uint8_t xresStar[16] = {0};
uint8_t kausf[32] = {0};
conv::hex_str_to_uint8(autn_udm.c_str(),autn); //autn
conv::hex_str_to_uint8(rand_udm.c_str(),rand); //rand
conv::hex_str_to_uint8(xresStar_udm.c_str(),xresStar); //xres*
......@@ -313,17 +317,17 @@ void DefaultApiImpl::ue_authentications_post(
/* KSEAF <-- KAUSF */
/* 在5G HE AV中用HXRES*替代XRES*,用 KSEAF 替代KAUSF */
/* 删除 KSEAF,并向SEAF返回5G SE AV(RAND, AUTN, HXRES*)*/
/* A.5, 3gpp ts33.501 */
/* A.5, 3gpp ts33.501 */
Logger::ausf_server().debug("==generating 5g av");
//--------generating hxres*
uint8_t rand_ausf[16] = {0};
uint8_t autn_ausf[16] = {0};
uint8_t xresStar_ausf[16] = {0};
uint8_t kausf_ausf[32] = {0};
uint8_t hxresStar[16] = {0};
//getting params from udm 5G HE AV------may be simplified
memcpy(xresStar_ausf,xresStar,16); //xres*
memcpy(rand_ausf,rand,16); //rand
......@@ -339,8 +343,8 @@ void DefaultApiImpl::ue_authentications_post(
Logger::ausf_server().debug("kseaf calculated:\n %s", (conv::uint8_to_hex_string(kseaf, 32)).c_str());
memcpy(ausf_av_s.rand,rand_ausf,16); //store 5g av in ausf
memcpy(ausf_av_s.autn,autn_ausf,16);
memcpy(ausf_av_s.hxresStar,hxresStar,16);
memcpy(ausf_av_s.autn,autn_ausf,16);
memcpy(ausf_av_s.hxresStar,hxresStar,16);
memcpy(ausf_av_s.kseaf,kseaf,32);
memcpy(XRES_STAR,xresStar,16); //store xres* in ausf
SUPI_AUSF = authenticationInfo.getSupiOrSuci(); //store supi in ausf
......
src/utils/ausf_config.cpp
View file @ 2bfc704c
......@@ -53,6 +53,7 @@ namespace config {
//------------------------------------------------------------------------------
ausf_config::ausf_config() {
//TODO:
is_authentication = true;
}
//------------------------------------------------------------------------------
......@@ -100,37 +101,6 @@ int ausf_config::load(const std::string &config_file) {
Logger::config().error("%s : %s, using defaults", nfex.what(), nfex.getPath());
}
// try {
// ausf_cfg.lookupValue(AUSF_CONFIG_STRING_STATISTICS_TIMER_INTERVAL, statistics_interval);
// } catch (const SettingNotFoundException &nfex) {
// Logger::config().error("%s : %s, using defaults", nfex.what(), nfex.getPath());
// }
// try {
// const Setting &plmn_list_cfg = ausf_cfg[AMF_CONFIG_STRING_PLMN_SUPPORT_LIST];
// int count = plmn_list_cfg.getLength();
// for (int i = 0; i < count; i++) {
// plmn_item_t plmn_item;
// const Setting &item = plmn_list_cfg[i];
// item.lookupValue(AMF_CONFIG_STRING_MCC, plmn_item.mcc);
// item.lookupValue(AMF_CONFIG_STRING_MNC, plmn_item.mnc);
// item.lookupValue(AMF_CONFIG_STRING_TAC, plmn_item.tac);
// const Setting &slice_list_cfg = plmn_list_cfg[i][AMF_CONFIG_STRING_SLICE_SUPPORT_LIST];
// int numOfSlice = slice_list_cfg.getLength();
// for (int j = 0; j < numOfSlice; j++) {
// slice_t slice;
// const Setting &slice_item = slice_list_cfg[j];
// slice_item.lookupValue(AMF_CONFIG_STRING_SST, slice.sST);
// slice_item.lookupValue(AMF_CONFIG_STRING_SD, slice.sD);
// plmn_item.slice_list.push_back(slice);
// }
// plmn_list.push_back(plmn_item);
// }
// } catch (const SettingNotFoundException &nfex) {
// Logger::config().error("%s : %s, using defaults", nfex.what(), nfex.getPath());
// }
try {
const Setting &new_if_cfg = ausf_cfg[AUSF_CONFIG_STRING_INTERFACES];
......@@ -143,48 +113,20 @@ int ausf_config::load(const std::string &config_file) {
const Setting &namf_cfg = new_if_cfg[AUSF_CONFIG_STRING_INTERFACE_NAMF];
load_interface(namf_cfg, namf);
// const Setting &udr_addr_pool = nudm_cfg[AUSF_CONFIG_STRING_UDR_INSTANCES_POOL];
// int count = udr_addr_pool.getLength();
// for (int i = 0; i < count; i++) {
// const Setting &udr_addr_item = udr_addr_pool[i];
// udr_inst_t udr_inst;
// std::string selected;
// udr_addr_item.lookupValue(AUSF_CONFIG_STRING_UDR_INSTANCE_ID, udr_inst.id);
// udr_addr_item.lookupValue(AUSF_CONFIG_STRING_IPV4_ADDRESS, udr_inst.ipv4);
// udr_addr_item.lookupValue(AUSF_CONFIG_STRING_UDR_INSTANCE_PORT, udr_inst.port);
// udr_addr_item.lookupValue(AUSF_CONFIG_STRING_UDR_INSTANCE_VERSION, udr_inst.version);
// udr_addr_item.lookupValue(AUSF_CONFIG_STRING_UDR_INSTANCE_SELECTED, selected);
// if (!selected.compare("true"))
// udr_inst.selected = true;
// else
// udr_inst.selected = false;
// udr_pool.push_back(udr_inst);
// }
} catch (const SettingNotFoundException &nfex) {
Logger::config().error("%s : %s, using defaults", nfex.what(), nfex.getPath());
return -1;
}
// try {
// const Setting &core_config = ausf_cfg[AUSF_CONFIG_STRING_CORE_CONFIGURATION];
// core_config.lookupValue(AUSF_CONFIG_STRING_EMERGENCY_SUPPORT, is_emergency_support);
// } catch (const SettingNotFoundException &nfex) {
// Logger::config().error("%s : %s, using defaults", nfex.what(), nfex.getPath());
// return -1;
// }
try {
std::string value;
ausf_cfg.lookupValue(AUSF_CONFIG_STRING_IS_AUTHENTICATION, value);
if(!value.compare("false"))
is_authentication = false;
} catch (const SettingNotFoundException &nfex) {
Logger::config().error("%s : %s, using defaults", nfex.what(), nfex.getPath());
}
// try {
// const Setting &auth = ausf_cfg[AUSF_CONFIG_STRING_AUTHENTICATION];
// auth.lookupValue(AUSF_CONFIG_STRING_AUTH_MYSQL_SERVER, auth_para.mysql_server);
// auth.lookupValue(AUSF_CONFIG_STRING_AUTH_MYSQL_USER, auth_para.mysql_user);
// auth.lookupValue(AUSF_CONFIG_STRING_AUTH_MYSQL_PASS, auth_para.mysql_pass);
// auth.lookupValue(AUSF_CONFIG_STRING_AUTH_MYSQL_DB, auth_para.mysql_db);
// auth.lookupValue(AUSF_CONFIG_STRING_AUTH_OPERATOR_KEY, auth_para.operator_key);
// auth.lookupValue(AUSF_CONFIG_STRING_AUTH_RANDOM, auth_para.random);
// } catch (const SettingNotFoundException &nfex) {
// Logger::config().error("%s : %s, using defaults", nfex.what(), nfex.getPath());
// return -1;
// }
}
......@@ -194,27 +136,7 @@ void ausf_config::display() {
Logger::config().info("Configuration AUSF:");
Logger::config().info("- Instance ...........................................: %d", instance);
Logger::config().info("- PID dir ............................................: %s", pid_dir.c_str());
Logger::config().info("- AUSF NAME............................................: %s", AUSF_Name.c_str());
// Logger::config().info("- GUAMI (MCC, MNC, Region ID, AMF Set ID, AMF pointer): ");
// Logger::config().info("- SERVED_GUAMI_LIST...................................: ");
// Logger::config().info("- PLMN_SUPPORT_LIST...................................: ");
// for (int i = 0; i < plmn_list.size(); i++) {
// Logger::config().info(" (MCC %s, MNC %s) ", plmn_list[i].mcc.c_str(), plmn_list[i].mnc.c_str());
// Logger::config().info(" TAC: %d", plmn_list[i].tac);
// Logger::config().info(" SLICE_SUPPORT_LIST (SST, SD) ....................: ");
// for (int j = 0; j < plmn_list[i].slice_list.size(); j++) {
// Logger::config().info(" (%s, %s) ", plmn_list[i].slice_list[j].sST.c_str(), plmn_list[i].slice_list[j].sD.c_str());
// }
// }
// Logger::config().info("- Emergency Support................... ...............: %s", is_emergency_support.c_str());
// Logger::config().info("- MYSQL Server Addr...................................: %s", auth_para.mysql_server.c_str());
// Logger::config().info("- MYSQL user .........................................: %s", auth_para.mysql_user.c_str());
// Logger::config().info("- MYSQL pass .........................................: %s", auth_para.mysql_pass.c_str());
// Logger::config().info("- MYSQL db ...........................................: %s", auth_para.mysql_db.c_str());
// Logger::config().info("- operator key .......................................: %s", auth_para.operator_key.c_str());
// Logger::config().info("- random .............................................: %s", auth_para.random.c_str());
Logger::config().info("- AUSF NAME...........................................: %s", AUSF_Name.c_str());
Logger::config().info("- SBI Networking:");
Logger::config().info(" iface ................: %s", sbi.if_name.c_str());
......@@ -230,18 +152,8 @@ void ausf_config::display() {
Logger::config().info(" iface ................: %s", namf.if_name.c_str());
Logger::config().info(" ip ...................: %s", inet_ntoa(namf.addr4));
Logger::config().info(" port .................: %d", namf.port);
Logger::config().info("- IsAuthentication....................................: %s", is_authentication?"true":"false");
// Logger::config().info(" HTTP2 port ............: %d", nudm_http2_port);
// Logger::config().info("- Remote udr Pool.....................................: ");
// for (int i = 0; i < udr_pool.size(); i++) {
// std::string selected;
// if (udr_pool[i].selected)
// selected = "true";
// else
// selected = "false";
// Logger::config().info(" udr_INSTANCE_ID %d (%s:%s, version %s) is selected: %s", udr_pool[i].id, udr_pool[i].ipv4.c_str(), udr_pool[i].port.c_str(), udr_pool[i].version.c_str(), selected.c_str());
// }
}
//------------------------------------------------------------------------------
......
src/utils/ausf_config.hpp
View file @ 2bfc704c
......@@ -49,6 +49,8 @@
#define AUSF_CONFIG_STRING_INSTANCE_ID "INSTANCE_ID"
#define AUSF_CONFIG_STRING_AUSF_NAME "AUSF_NAME"
#define AUSF_CONFIG_STRING_IS_AUTHENTICATION "IS_AUTHENTICATION"
#define AUSF_CONFIG_STRING_INTERFACES "INTERFACES"
#define AUSF_CONFIG_STRING_INTERFACE_SBI_AUSF "SBI_AUSF"
......@@ -150,6 +152,8 @@ class ausf_config {
std::string pid_dir;
std::string AUSF_Name;
bool is_authentication;
interface_cfg_t sbi;
interface_cfg_t nudm;
interface_cfg_t namf;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment