fix 5g-aka-confirmation,increase curl timeout

b31fbd98 · yangjian · 57bfea04 · b31fbd98 · b31fbd98 · b31fbd98
Commit b31fbd98 authored Jun 09, 2022 by yangjian
Showing with 34 additions and 40 deletions

src/api/DefaultApi.cpp src/api/DefaultApi.cpp +1 -1

src/impl/DefaultApiImpl.cpp src/impl/DefaultApiImpl.cpp +30 -36

src/utils/curl.cpp src/utils/curl.cpp +2 -2

src/utils/curl.hpp src/utils/curl.hpp +1 -1

No files found.
--- a/src/api/DefaultApi.cpp
+++ b/src/api/DefaultApi.cpp
@@ -183,7 +183,7 @@ void DefaultApi::ue_authentications_post_handler(

  try {
    nlohmann::json::parse(request.body()).get_to(authenticationInfo);
-    Logger::ausf_server().debug("json parsed");
+    // Logger::ausf_server().debug("json parsed");
    this->ue_authentications_post(authenticationInfo, response);
  } catch (nlohmann::detail::exception &e) {
    // send a 400 error

--- a/src/impl/DefaultApiImpl.cpp
+++ b/src/impl/DefaultApiImpl.cpp
@@ -48,6 +48,7 @@ using namespace org::openapitools::server::model;
 uint8_t XRES_STAR[16];  //store xres*
 // uint8_t KAUSF[32];      
 std::string SUPI_AUSF;  //store supi
+std::map<std::string, std::string> authctxid_supi;

 std::string AUTH_TYPE;    //store authType
 std::string SERVING_NN;   //store serving network name
@@ -88,7 +89,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
  nlohmann::json problemDetails_json = {};
  Logger::ausf_server().debug("Handling 5g-aka-confirmation-put...");

-  if(SUPI_AUSF.empty()) //no ue-authentications request ever
+  if(authctxid_supi.count(authCtxId) <= 0) //no ue-authentications request ever
  {
    problemDetails.setCause("SERVING_NETWORK_NOT_AUTHORIZED");
    problemDetails.setStatus(403);
@@ -103,8 +104,8 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(


  /*---------------------getting params---------------------------------*/
-  Logger::ausf_server().info("Received authCtxId %s", authCtxId.c_str());    // authCtxId
-  Logger::ausf_server().info("Received res* %s", confirmationData.getResStar().c_str());    // res*(const char*)  "0ddc2f64bd8dc35906fad44499e18525"
+  // Logger::ausf_server().info("Received authCtxId %s", authCtxId.c_str());    // authCtxId
+  // Logger::ausf_server().info("Received res* %s", confirmationData.getResStar().c_str());    // res*(const char*)  "0ddc2f64bd8dc35906fad44499e18525"

  uint8_t resStar[16] = {0}; 
  conv::hex_str_to_uint8(confirmationData.getResStar().c_str(), resStar); //string->uint8, res*(uint8)    
@@ -117,7 +118,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(

  int ausf_av_index = 0;
  for(int i=0;i<all_AVs.size();i++){
-    Logger::ausf_server().debug("authCtxId in ausf: %s", (conv::uint8_to_hex_string(all_AVs[i].autn, 16)).c_str());
+    // Logger::ausf_server().debug("authCtxId in ausf: %s", (conv::uint8_to_hex_string(all_AVs[i].autn, 16)).c_str());
    if(Authentication_5gaka::equal_uint8(all_AVs[i].autn,authCtxId_seaf,16)){
      ausf_av_index = i;
      break;
@@ -128,16 +129,6 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
    confirmResponse.setAuthResult(false);  //向SEAF指示，从本地网络角度认证not成功
    KAUSF_TMP = "invalid";
  }
-
-  //Logger::ausf_server().debug("authCtxId in ausf: %s", (conv::uint8_to_hex_string(ausf_av_s.autn, 16)).c_str());
-
-  //bool is_auth_vectors_present = Authentication_5gaka::equal_uint8(ausf_av_s.autn,authCtxId_seaf,16);
-  //if(!is_auth_vectors_present)  //AV expired
-  //{
-  //  Logger::ausf_server().error("Authentication failure by home network with authCtxId %s: AV expired",authCtxId.c_str());
-  //  confirmResponse.setAuthResult(is_auth_vectors_present);  //向SEAF指示，从本地网络角度认证not成功
-  //  KAUSF_TMP = "invalid";
-  //}
  else  //AV valid
  {
    Logger::ausf_server().info("AV is up to date, handling received res*...");
@@ -148,8 +139,8 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
    //get stored xres* -----
    uint8_t xresStar[16] = {0}; 
    memcpy(xresStar,all_AVs[ausf_av_index].XRES_STAR,16);  //xres* stored for 5g-aka-confirmation
-    Logger::ausf_server().debug("xres* in ausf: %s", (conv::uint8_to_hex_string(xresStar, 16)).c_str());
-    Logger::ausf_server().debug("xres in amf: %s", (conv::uint8_to_hex_string(resStar, 16)).c_str());
+    // Logger::ausf_server().debug("xres* in ausf: %s", (conv::uint8_to_hex_string(xresStar, 16)).c_str());
+    // Logger::ausf_server().debug("xres in amf: %s", (conv::uint8_to_hex_string(resStar, 16)).c_str());

    bool authResult = Authentication_5gaka::equal_uint8(xresStar,resStar,16);
    confirmResponse.setAuthResult(authResult);  //3.向SEAF指示，从本地网络角度认证是否成功
@@ -168,9 +159,10 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
      confirmResponse.setKseaf(kseaf_s); 

      //5.send supi when supi_ausf exists
-      if(!SUPI_AUSF.empty())
+      if(authctxid_supi.count(authCtxId) > 0)
      {
-        confirmResponse.setSupi(SUPI_AUSF);
+        confirmResponse.setSupi(authctxid_supi.at(authCtxId));
+        authctxid_supi.erase(authCtxId);
      }

      //6. send authResult to udm
@@ -181,9 +173,9 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
      std::string Method;
      std::string Response;

-      udmUri = "http://" + udm_ip+ ":" + udm_port + "/nudm-ueau/v1/" + SUPI_AUSF + "/auth-events";
+      udmUri = "http://" + udm_ip+ ":" + udm_port + "/nudm-ueau/v1/" + confirmResponse.getSupi() + "/auth-events";
      cout << udmUri.c_str() << endl;
-      Logger::ausf_server().debug("POST Request:" + udmUri);
+      Logger::ausf_server().debug("Send POST Request URI: " + udmUri);
      Method = "POST"; 

      //form udm request body 
@@ -212,7 +204,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
  //---forming response
  nlohmann::json confirmResponse_json;
  to_json(confirmResponse_json, confirmResponse);
-  Logger::ausf_server().debug("5g-aka-confirmation response:\n %s",confirmResponse_json.dump().c_str());
+  // Logger::ausf_server().debug("5g-aka-confirmation response:\n %s",confirmResponse_json.dump().c_str());

  Logger::ausf_server().info("Send 5g-aka-confirmation 200 response to SEAF");
  
@@ -230,10 +222,10 @@ void DefaultApiImpl::ue_authentications_post(
    const AuthenticationInfo &authenticationInfo,
    Pistache::Http::ResponseWriter &response) {

-    Logger::ausf_server().debug("--ue_authentications_post--");
+    // Logger::ausf_server().debug("--ue_authentications_post--");

   /*----------------------getting params-------------*/
-    Logger::ausf_server().info("servingNetworkName %s", authenticationInfo.getServingNetworkName().c_str());
+    // Logger::ausf_server().info("servingNetworkName %s", authenticationInfo.getServingNetworkName().c_str());
    Logger::ausf_server().info("supiOrSuci %s", authenticationInfo.getSupiOrSuci().c_str());

    std::string snn = authenticationInfo.getServingNetworkName(); //serving network name
@@ -250,7 +242,7 @@ void DefaultApiImpl::ue_authentications_post(

    //UDM POST interface ----- get authentication related info--------------------
    udmUri = "http://" + udm_ip+ ":" + udm_port + "/nudm-ueau/v1/" + supi + "/security-information/generate-auth-data";
-    Logger::ausf_server().debug("POST Request:" + udmUri);
+    Logger::ausf_server().debug("Send POST Request URI: " + udmUri);
    Method = "POST"; 

    //form udm request body AuthInfo
@@ -273,7 +265,7 @@ void DefaultApiImpl::ue_authentications_post(

    Curl::curl_http_client(udmUri,  Method,  AuthInfo.dump() , Response);

-    Logger::ausf_server().error("response: %s",Response.c_str());
+    Logger::ausf_server().debug("Recevied POST response body: %s",Response.c_str());
    
    ProblemDetails problemDetails;
    nlohmann::json problemDetails_json = {};
@@ -300,17 +292,17 @@ void DefaultApiImpl::ue_authentications_post(
      }

    std::string authType_udm = response_data.at("authType");                //AuthType
-    Logger::ausf_server().debug("authType %s",authType_udm.c_str());
+    // Logger::ausf_server().debug("authType %s",authType_udm.c_str());
    std::string autn_udm = response_data["authenticationVector"].at("autn");  //autn
-    Logger::ausf_server().debug("autn_udm %s",autn_udm.c_str());
+    // Logger::ausf_server().debug("autn_udm %s",autn_udm.c_str());
    std::string avType_udm = response_data["authenticationVector"].at("avType");//avType
-    Logger::ausf_server().debug("avType_udm %s",avType_udm.c_str());
+    // Logger::ausf_server().debug("avType_udm %s",avType_udm.c_str());
    std::string kausf_udm = response_data["authenticationVector"].at("kausf");  //kausf
-    Logger::ausf_server().debug("kausf_udm %s",kausf_udm.c_str());
+    // Logger::ausf_server().debug("kausf_udm %s",kausf_udm.c_str());
    std::string rand_udm = response_data["authenticationVector"].at("rand");    //rand
-    Logger::ausf_server().debug("rand_udm %s",rand_udm.c_str());
+    // Logger::ausf_server().debug("rand_udm %s",rand_udm.c_str());
    std::string xresStar_udm = response_data["authenticationVector"].at("xresStar");  //xres*
-    Logger::ausf_server().debug("xres*_udm %s",xresStar_udm.c_str());
+    // Logger::ausf_server().debug("xres*_udm %s",xresStar_udm.c_str());
    
    //------------------5G HE AV-----------------------------------------------------
    uint8_t autn[16] = {0};
@@ -329,7 +321,7 @@ void DefaultApiImpl::ue_authentications_post(
    /*  在5G HE AV中用HXRES*替代XRES*，用 KSEAF 替代KAUSF */
    /*  删除 KSEAF，并向SEAF返回5G SE AV（RAND, AUTN, HXRES*）*/
    /*  A.5, 3gpp ts33.501 */ 
-    Logger::ausf_server().debug("==generating 5g av");
+    // Logger::ausf_server().debug("==generating 5g av");

    //--------generating hxres*
    
@@ -347,11 +339,11 @@ void DefaultApiImpl::ue_authentications_post(

    //generate_Hxres*
    Authentication_5gaka::generate_Hxres(rand_ausf,xresStar_ausf,hxresStar);
-    Logger::ausf_server().debug("hxresStar calculated:\n %s", (conv::uint8_to_hex_string(hxresStar, 16)).c_str());
+    // Logger::ausf_server().debug("hxresStar calculated:\n %s", (conv::uint8_to_hex_string(hxresStar, 16)).c_str());

    uint8_t kseaf[32] = {0};
    Authentication_5gaka::derive_kseaf(snn,kausf,kseaf);
-    Logger::ausf_server().debug("kseaf calculated:\n %s", (conv::uint8_to_hex_string(kseaf, 32)).c_str());
+    // Logger::ausf_server().debug("kseaf calculated:\n %s", (conv::uint8_to_hex_string(kseaf, 32)).c_str());

    memcpy(ausf_av_s.rand,rand_ausf,16);  //store 5g av in ausf
    memcpy(ausf_av_s.autn,autn_ausf,16); 
@@ -359,7 +351,7 @@ void DefaultApiImpl::ue_authentications_post(
    memcpy(ausf_av_s.kseaf,kseaf,32);
    memcpy(ausf_av_s.XRES_STAR,xresStar,16);        //store xres* in ausf
    all_AVs.push_back(ausf_av_s);
-    SUPI_AUSF = authenticationInfo.getSupiOrSuci(); //store supi in ausf
+    // SUPI_AUSF = authenticationInfo.getSupiOrSuci(); //store supi in ausf
    SERVING_NN = snn;                        //store snn in ausf
    AUTH_TYPE = authType_udm;                 //store authType in ausf
    KAUSF_TMP = conv::uint8_to_hex_string(kausf_ausf,32); //store kausf_tmp in ausf
@@ -382,6 +374,8 @@ void DefaultApiImpl::ue_authentications_post(
    std::string authCtxId_s;
    authCtxId_s = autn_s;   // authCtxId = autn

+    authctxid_supi[authCtxId_s] = authenticationInfo.getSupiOrSuci(); //store supi in ausf
+
    std::string ausf_ip = std::string(inet_ntoa (*((struct in_addr *)&ausf_cfg.sbi.addr4)));
    std::string ausf_port = std::to_string(ausf_cfg.sbi.port);

@@ -403,7 +397,7 @@ void DefaultApiImpl::ue_authentications_post(

    nlohmann::json UEAuthCtx_json;
    to_json(UEAuthCtx_json,UEAuthCtx);
-    Logger::ausf_server().debug("auth response:\n %s",UEAuthCtx_json.dump().c_str());
+    // Logger::ausf_server().debug("auth response:\n %s",UEAuthCtx_json.dump().c_str());

    Logger::ausf_server().info("Send 201 response to SEAF");
    response.headers().add<Pistache::Http::Header::Location>(Location);

--- a/src/utils/curl.cpp
+++ b/src/utils/curl.cpp
@@ -42,7 +42,7 @@ std::size_t callback(const char *in, std::size_t size, std::size_t num,
 void Curl::curl_http_client(std::string remoteUri, std::string Method,
                            std::string msgBody, std::string &Response) {

-  Logger::ausf_server().info("Send HTTP message with body %s", msgBody.c_str());
+  // Logger::ausf_server().debug("Send HTTP message with body %s", msgBody.c_str());

  uint32_t str_len = msgBody.length();
  char *body_data = (char *)malloc(str_len + 1);
@@ -74,7 +74,7 @@ void Curl::curl_http_client(std::string remoteUri, std::string Method,
    curl_easy_setopt(curl, CURLOPT_TIMEOUT_MS, CURL_TIMEOUT_MS);
    curl_easy_setopt(curl, CURLOPT_TCP_KEEPALIVE, 1);
    curl_easy_setopt(curl, CURLOPT_INTERFACE, ausf_cfg.sbi.if_name.c_str()); 
-    Logger::ausf_server().info("[CURL] request sent by interface " + ausf_cfg.sbi.if_name);
+    // Logger::ausf_server().info("[CURL] request sent by interface " + ausf_cfg.sbi.if_name);

    // Response information.
    long httpCode = {0};

--- a/src/utils/curl.hpp
+++ b/src/utils/curl.hpp
@@ -43,7 +43,7 @@
 #include "logger.hpp"
 #include "ausf_config.hpp"

-#define CURL_TIMEOUT_MS 300L
+#define CURL_TIMEOUT_MS 1000L

 class Curl {
 public: