Skip to content

O
OpenXG-AUSF
Commit b31fbd98 authored by yangjian's avatar yangjian
Browse files
Options

fix 5g-aka-confirmation,increase curl timeout

parent 57bfea04
Hide whitespace changes
Inline Side-by-side
Showing with 34 additions and 40 deletions
src/api/DefaultApi.cpp
View file @ b31fbd98
...@@ -183,7 +183,7 @@ void DefaultApi::ue_authentications_post_handler( ...@@ -183,7 +183,7 @@ void DefaultApi::ue_authentications_post_handler(
try { try {
nlohmann::json::parse(request.body()).get_to(authenticationInfo); nlohmann::json::parse(request.body()).get_to(authenticationInfo);
Logger::ausf_server().debug("json parsed"); // Logger::ausf_server().debug("json parsed");
this->ue_authentications_post(authenticationInfo, response); this->ue_authentications_post(authenticationInfo, response);
} catch (nlohmann::detail::exception &e) { } catch (nlohmann::detail::exception &e) {
// send a 400 error // send a 400 error
......
src/impl/DefaultApiImpl.cpp
View file @ b31fbd98
...@@ -48,6 +48,7 @@ using namespace org::openapitools::server::model; ...@@ -48,6 +48,7 @@ using namespace org::openapitools::server::model;
uint8_t XRES_STAR[16]; //store xres* uint8_t XRES_STAR[16]; //store xres*
// uint8_t KAUSF[32]; // uint8_t KAUSF[32];
std::string SUPI_AUSF; //store supi std::string SUPI_AUSF; //store supi
std::map<std::string, std::string> authctxid_supi;
std::string AUTH_TYPE; //store authType std::string AUTH_TYPE; //store authType
std::string SERVING_NN; //store serving network name std::string SERVING_NN; //store serving network name
...@@ -88,7 +89,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put( ...@@ -88,7 +89,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
nlohmann::json problemDetails_json = {}; nlohmann::json problemDetails_json = {};
Logger::ausf_server().debug("Handling 5g-aka-confirmation-put..."); Logger::ausf_server().debug("Handling 5g-aka-confirmation-put...");
if(SUPI_AUSF.empty()) //no ue-authentications request ever if(authctxid_supi.count(authCtxId) <= 0) //no ue-authentications request ever
{ {
problemDetails.setCause("SERVING_NETWORK_NOT_AUTHORIZED"); problemDetails.setCause("SERVING_NETWORK_NOT_AUTHORIZED");
problemDetails.setStatus(403); problemDetails.setStatus(403);
...@@ -103,8 +104,8 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put( ...@@ -103,8 +104,8 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
/*---------------------getting params---------------------------------*/ /*---------------------getting params---------------------------------*/
Logger::ausf_server().info("Received authCtxId %s", authCtxId.c_str()); // authCtxId // Logger::ausf_server().info("Received authCtxId %s", authCtxId.c_str()); // authCtxId
Logger::ausf_server().info("Received res* %s", confirmationData.getResStar().c_str()); // res*(const char*) "0ddc2f64bd8dc35906fad44499e18525" // Logger::ausf_server().info("Received res* %s", confirmationData.getResStar().c_str()); // res*(const char*) "0ddc2f64bd8dc35906fad44499e18525"
uint8_t resStar[16] = {0}; uint8_t resStar[16] = {0};
conv::hex_str_to_uint8(confirmationData.getResStar().c_str(), resStar); //string->uint8, res*(uint8) conv::hex_str_to_uint8(confirmationData.getResStar().c_str(), resStar); //string->uint8, res*(uint8)
...@@ -117,7 +118,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put( ...@@ -117,7 +118,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
int ausf_av_index = 0; int ausf_av_index = 0;
for(int i=0;i<all_AVs.size();i++){ for(int i=0;i<all_AVs.size();i++){
Logger::ausf_server().debug("authCtxId in ausf: %s", (conv::uint8_to_hex_string(all_AVs[i].autn, 16)).c_str()); // Logger::ausf_server().debug("authCtxId in ausf: %s", (conv::uint8_to_hex_string(all_AVs[i].autn, 16)).c_str());
if(Authentication_5gaka::equal_uint8(all_AVs[i].autn,authCtxId_seaf,16)){ if(Authentication_5gaka::equal_uint8(all_AVs[i].autn,authCtxId_seaf,16)){
ausf_av_index = i; ausf_av_index = i;
break; break;
...@@ -128,16 +129,6 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put( ...@@ -128,16 +129,6 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
confirmResponse.setAuthResult(false); //向SEAF指示,从本地网络角度认证not成功 confirmResponse.setAuthResult(false); //向SEAF指示,从本地网络角度认证not成功
KAUSF_TMP = "invalid"; KAUSF_TMP = "invalid";
} }
//Logger::ausf_server().debug("authCtxId in ausf: %s", (conv::uint8_to_hex_string(ausf_av_s.autn, 16)).c_str());
//bool is_auth_vectors_present = Authentication_5gaka::equal_uint8(ausf_av_s.autn,authCtxId_seaf,16);
//if(!is_auth_vectors_present) //AV expired
//{
// Logger::ausf_server().error("Authentication failure by home network with authCtxId %s: AV expired",authCtxId.c_str());
// confirmResponse.setAuthResult(is_auth_vectors_present); //向SEAF指示,从本地网络角度认证not成功
// KAUSF_TMP = "invalid";
//}
else //AV valid else //AV valid
{ {
Logger::ausf_server().info("AV is up to date, handling received res*..."); Logger::ausf_server().info("AV is up to date, handling received res*...");
...@@ -148,8 +139,8 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put( ...@@ -148,8 +139,8 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
//get stored xres* ----- //get stored xres* -----
uint8_t xresStar[16] = {0}; uint8_t xresStar[16] = {0};
memcpy(xresStar,all_AVs[ausf_av_index].XRES_STAR,16); //xres* stored for 5g-aka-confirmation memcpy(xresStar,all_AVs[ausf_av_index].XRES_STAR,16); //xres* stored for 5g-aka-confirmation
Logger::ausf_server().debug("xres* in ausf: %s", (conv::uint8_to_hex_string(xresStar, 16)).c_str()); // Logger::ausf_server().debug("xres* in ausf: %s", (conv::uint8_to_hex_string(xresStar, 16)).c_str());
Logger::ausf_server().debug("xres in amf: %s", (conv::uint8_to_hex_string(resStar, 16)).c_str()); // Logger::ausf_server().debug("xres in amf: %s", (conv::uint8_to_hex_string(resStar, 16)).c_str());
bool authResult = Authentication_5gaka::equal_uint8(xresStar,resStar,16); bool authResult = Authentication_5gaka::equal_uint8(xresStar,resStar,16);
confirmResponse.setAuthResult(authResult); //3.向SEAF指示,从本地网络角度认证是否成功 confirmResponse.setAuthResult(authResult); //3.向SEAF指示,从本地网络角度认证是否成功
...@@ -168,9 +159,10 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put( ...@@ -168,9 +159,10 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
confirmResponse.setKseaf(kseaf_s); confirmResponse.setKseaf(kseaf_s);
//5.send supi when supi_ausf exists //5.send supi when supi_ausf exists
if(!SUPI_AUSF.empty()) if(authctxid_supi.count(authCtxId) > 0)
{ {
confirmResponse.setSupi(SUPI_AUSF); confirmResponse.setSupi(authctxid_supi.at(authCtxId));
authctxid_supi.erase(authCtxId);
} }
//6. send authResult to udm //6. send authResult to udm
...@@ -181,9 +173,9 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put( ...@@ -181,9 +173,9 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
std::string Method; std::string Method;
std::string Response; std::string Response;
udmUri = "http://" + udm_ip+ ":" + udm_port + "/nudm-ueau/v1/" + SUPI_AUSF + "/auth-events"; udmUri = "http://" + udm_ip+ ":" + udm_port + "/nudm-ueau/v1/" + confirmResponse.getSupi() + "/auth-events";
cout << udmUri.c_str() << endl; cout << udmUri.c_str() << endl;
Logger::ausf_server().debug("POST Request:" + udmUri); Logger::ausf_server().debug("Send POST Request URI: " + udmUri);
Method = "POST"; Method = "POST";
//form udm request body //form udm request body
...@@ -212,7 +204,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put( ...@@ -212,7 +204,7 @@ void DefaultApiImpl::ue_authentications_auth_ctx_id5g_aka_confirmation_put(
//---forming response //---forming response
nlohmann::json confirmResponse_json; nlohmann::json confirmResponse_json;
to_json(confirmResponse_json, confirmResponse); to_json(confirmResponse_json, confirmResponse);
Logger::ausf_server().debug("5g-aka-confirmation response:\n %s",confirmResponse_json.dump().c_str()); // Logger::ausf_server().debug("5g-aka-confirmation response:\n %s",confirmResponse_json.dump().c_str());
Logger::ausf_server().info("Send 5g-aka-confirmation 200 response to SEAF"); Logger::ausf_server().info("Send 5g-aka-confirmation 200 response to SEAF");
...@@ -230,10 +222,10 @@ void DefaultApiImpl::ue_authentications_post( ...@@ -230,10 +222,10 @@ void DefaultApiImpl::ue_authentications_post(
const AuthenticationInfo &authenticationInfo, const AuthenticationInfo &authenticationInfo,
Pistache::Http::ResponseWriter &response) { Pistache::Http::ResponseWriter &response) {
Logger::ausf_server().debug("--ue_authentications_post--"); // Logger::ausf_server().debug("--ue_authentications_post--");
/*----------------------getting params-------------*/ /*----------------------getting params-------------*/
Logger::ausf_server().info("servingNetworkName %s", authenticationInfo.getServingNetworkName().c_str()); // Logger::ausf_server().info("servingNetworkName %s", authenticationInfo.getServingNetworkName().c_str());
Logger::ausf_server().info("supiOrSuci %s", authenticationInfo.getSupiOrSuci().c_str()); Logger::ausf_server().info("supiOrSuci %s", authenticationInfo.getSupiOrSuci().c_str());
std::string snn = authenticationInfo.getServingNetworkName(); //serving network name std::string snn = authenticationInfo.getServingNetworkName(); //serving network name
...@@ -250,7 +242,7 @@ void DefaultApiImpl::ue_authentications_post( ...@@ -250,7 +242,7 @@ void DefaultApiImpl::ue_authentications_post(
//UDM POST interface ----- get authentication related info-------------------- //UDM POST interface ----- get authentication related info--------------------
udmUri = "http://" + udm_ip+ ":" + udm_port + "/nudm-ueau/v1/" + supi + "/security-information/generate-auth-data"; udmUri = "http://" + udm_ip+ ":" + udm_port + "/nudm-ueau/v1/" + supi + "/security-information/generate-auth-data";
Logger::ausf_server().debug("POST Request:" + udmUri); Logger::ausf_server().debug("Send POST Request URI: " + udmUri);
Method = "POST"; Method = "POST";
//form udm request body AuthInfo //form udm request body AuthInfo
...@@ -273,7 +265,7 @@ void DefaultApiImpl::ue_authentications_post( ...@@ -273,7 +265,7 @@ void DefaultApiImpl::ue_authentications_post(
Curl::curl_http_client(udmUri, Method, AuthInfo.dump() , Response); Curl::curl_http_client(udmUri, Method, AuthInfo.dump() , Response);
Logger::ausf_server().error("response: %s",Response.c_str()); Logger::ausf_server().debug("Recevied POST response body: %s",Response.c_str());
ProblemDetails problemDetails; ProblemDetails problemDetails;
nlohmann::json problemDetails_json = {}; nlohmann::json problemDetails_json = {};
...@@ -300,17 +292,17 @@ void DefaultApiImpl::ue_authentications_post( ...@@ -300,17 +292,17 @@ void DefaultApiImpl::ue_authentications_post(
} }
std::string authType_udm = response_data.at("authType"); //AuthType std::string authType_udm = response_data.at("authType"); //AuthType
Logger::ausf_server().debug("authType %s",authType_udm.c_str()); // Logger::ausf_server().debug("authType %s",authType_udm.c_str());
std::string autn_udm = response_data["authenticationVector"].at("autn"); //autn std::string autn_udm = response_data["authenticationVector"].at("autn"); //autn
Logger::ausf_server().debug("autn_udm %s",autn_udm.c_str()); // Logger::ausf_server().debug("autn_udm %s",autn_udm.c_str());
std::string avType_udm = response_data["authenticationVector"].at("avType");//avType std::string avType_udm = response_data["authenticationVector"].at("avType");//avType
Logger::ausf_server().debug("avType_udm %s",avType_udm.c_str()); // Logger::ausf_server().debug("avType_udm %s",avType_udm.c_str());
std::string kausf_udm = response_data["authenticationVector"].at("kausf"); //kausf std::string kausf_udm = response_data["authenticationVector"].at("kausf"); //kausf
Logger::ausf_server().debug("kausf_udm %s",kausf_udm.c_str()); // Logger::ausf_server().debug("kausf_udm %s",kausf_udm.c_str());
std::string rand_udm = response_data["authenticationVector"].at("rand"); //rand std::string rand_udm = response_data["authenticationVector"].at("rand"); //rand
Logger::ausf_server().debug("rand_udm %s",rand_udm.c_str()); // Logger::ausf_server().debug("rand_udm %s",rand_udm.c_str());
std::string xresStar_udm = response_data["authenticationVector"].at("xresStar"); //xres* std::string xresStar_udm = response_data["authenticationVector"].at("xresStar"); //xres*
Logger::ausf_server().debug("xres*_udm %s",xresStar_udm.c_str()); // Logger::ausf_server().debug("xres*_udm %s",xresStar_udm.c_str());
//------------------5G HE AV----------------------------------------------------- //------------------5G HE AV-----------------------------------------------------
uint8_t autn[16] = {0}; uint8_t autn[16] = {0};
...@@ -329,7 +321,7 @@ void DefaultApiImpl::ue_authentications_post( ...@@ -329,7 +321,7 @@ void DefaultApiImpl::ue_authentications_post(
/* 在5G HE AV中用HXRES*替代XRES*,用 KSEAF 替代KAUSF */ /* 在5G HE AV中用HXRES*替代XRES*,用 KSEAF 替代KAUSF */
/* 删除 KSEAF,并向SEAF返回5G SE AV(RAND, AUTN, HXRES*)*/ /* 删除 KSEAF,并向SEAF返回5G SE AV(RAND, AUTN, HXRES*)*/
/* A.5, 3gpp ts33.501 */ /* A.5, 3gpp ts33.501 */
Logger::ausf_server().debug("==generating 5g av"); // Logger::ausf_server().debug("==generating 5g av");
//--------generating hxres* //--------generating hxres*
...@@ -347,11 +339,11 @@ void DefaultApiImpl::ue_authentications_post( ...@@ -347,11 +339,11 @@ void DefaultApiImpl::ue_authentications_post(
//generate_Hxres* //generate_Hxres*
Authentication_5gaka::generate_Hxres(rand_ausf,xresStar_ausf,hxresStar); Authentication_5gaka::generate_Hxres(rand_ausf,xresStar_ausf,hxresStar);
Logger::ausf_server().debug("hxresStar calculated:\n %s", (conv::uint8_to_hex_string(hxresStar, 16)).c_str()); // Logger::ausf_server().debug("hxresStar calculated:\n %s", (conv::uint8_to_hex_string(hxresStar, 16)).c_str());
uint8_t kseaf[32] = {0}; uint8_t kseaf[32] = {0};
Authentication_5gaka::derive_kseaf(snn,kausf,kseaf); Authentication_5gaka::derive_kseaf(snn,kausf,kseaf);
Logger::ausf_server().debug("kseaf calculated:\n %s", (conv::uint8_to_hex_string(kseaf, 32)).c_str()); // Logger::ausf_server().debug("kseaf calculated:\n %s", (conv::uint8_to_hex_string(kseaf, 32)).c_str());
memcpy(ausf_av_s.rand,rand_ausf,16); //store 5g av in ausf memcpy(ausf_av_s.rand,rand_ausf,16); //store 5g av in ausf
memcpy(ausf_av_s.autn,autn_ausf,16); memcpy(ausf_av_s.autn,autn_ausf,16);
...@@ -359,7 +351,7 @@ void DefaultApiImpl::ue_authentications_post( ...@@ -359,7 +351,7 @@ void DefaultApiImpl::ue_authentications_post(
memcpy(ausf_av_s.kseaf,kseaf,32); memcpy(ausf_av_s.kseaf,kseaf,32);
memcpy(ausf_av_s.XRES_STAR,xresStar,16); //store xres* in ausf memcpy(ausf_av_s.XRES_STAR,xresStar,16); //store xres* in ausf
all_AVs.push_back(ausf_av_s); all_AVs.push_back(ausf_av_s);
SUPI_AUSF = authenticationInfo.getSupiOrSuci(); //store supi in ausf // SUPI_AUSF = authenticationInfo.getSupiOrSuci(); //store supi in ausf
SERVING_NN = snn; //store snn in ausf SERVING_NN = snn; //store snn in ausf
AUTH_TYPE = authType_udm; //store authType in ausf AUTH_TYPE = authType_udm; //store authType in ausf
KAUSF_TMP = conv::uint8_to_hex_string(kausf_ausf,32); //store kausf_tmp in ausf KAUSF_TMP = conv::uint8_to_hex_string(kausf_ausf,32); //store kausf_tmp in ausf
...@@ -382,6 +374,8 @@ void DefaultApiImpl::ue_authentications_post( ...@@ -382,6 +374,8 @@ void DefaultApiImpl::ue_authentications_post(
std::string authCtxId_s; std::string authCtxId_s;
authCtxId_s = autn_s; // authCtxId = autn authCtxId_s = autn_s; // authCtxId = autn
authctxid_supi[authCtxId_s] = authenticationInfo.getSupiOrSuci(); //store supi in ausf
std::string ausf_ip = std::string(inet_ntoa (*((struct in_addr *)&ausf_cfg.sbi.addr4))); std::string ausf_ip = std::string(inet_ntoa (*((struct in_addr *)&ausf_cfg.sbi.addr4)));
std::string ausf_port = std::to_string(ausf_cfg.sbi.port); std::string ausf_port = std::to_string(ausf_cfg.sbi.port);
...@@ -403,7 +397,7 @@ void DefaultApiImpl::ue_authentications_post( ...@@ -403,7 +397,7 @@ void DefaultApiImpl::ue_authentications_post(
nlohmann::json UEAuthCtx_json; nlohmann::json UEAuthCtx_json;
to_json(UEAuthCtx_json,UEAuthCtx); to_json(UEAuthCtx_json,UEAuthCtx);
Logger::ausf_server().debug("auth response:\n %s",UEAuthCtx_json.dump().c_str()); // Logger::ausf_server().debug("auth response:\n %s",UEAuthCtx_json.dump().c_str());
Logger::ausf_server().info("Send 201 response to SEAF"); Logger::ausf_server().info("Send 201 response to SEAF");
response.headers().add<Pistache::Http::Header::Location>(Location); response.headers().add<Pistache::Http::Header::Location>(Location);
......
src/utils/curl.cpp
View file @ b31fbd98
...@@ -42,7 +42,7 @@ std::size_t callback(const char *in, std::size_t size, std::size_t num, ...@@ -42,7 +42,7 @@ std::size_t callback(const char *in, std::size_t size, std::size_t num,
void Curl::curl_http_client(std::string remoteUri, std::string Method, void Curl::curl_http_client(std::string remoteUri, std::string Method,
std::string msgBody, std::string &Response) { std::string msgBody, std::string &Response) {
Logger::ausf_server().info("Send HTTP message with body %s", msgBody.c_str()); // Logger::ausf_server().debug("Send HTTP message with body %s", msgBody.c_str());
uint32_t str_len = msgBody.length(); uint32_t str_len = msgBody.length();
char *body_data = (char *)malloc(str_len + 1); char *body_data = (char *)malloc(str_len + 1);
...@@ -74,7 +74,7 @@ void Curl::curl_http_client(std::string remoteUri, std::string Method, ...@@ -74,7 +74,7 @@ void Curl::curl_http_client(std::string remoteUri, std::string Method,
curl_easy_setopt(curl, CURLOPT_TIMEOUT_MS, CURL_TIMEOUT_MS); curl_easy_setopt(curl, CURLOPT_TIMEOUT_MS, CURL_TIMEOUT_MS);
curl_easy_setopt(curl, CURLOPT_TCP_KEEPALIVE, 1); curl_easy_setopt(curl, CURLOPT_TCP_KEEPALIVE, 1);
curl_easy_setopt(curl, CURLOPT_INTERFACE, ausf_cfg.sbi.if_name.c_str()); curl_easy_setopt(curl, CURLOPT_INTERFACE, ausf_cfg.sbi.if_name.c_str());
Logger::ausf_server().info("[CURL] request sent by interface " + ausf_cfg.sbi.if_name); // Logger::ausf_server().info("[CURL] request sent by interface " + ausf_cfg.sbi.if_name);
// Response information. // Response information.
long httpCode = {0}; long httpCode = {0};
......
src/utils/curl.hpp
View file @ b31fbd98
...@@ -43,7 +43,7 @@ ...@@ -43,7 +43,7 @@
#include "logger.hpp" #include "logger.hpp"
#include "ausf_config.hpp" #include "ausf_config.hpp"
#define CURL_TIMEOUT_MS 300L #define CURL_TIMEOUT_MS 1000L
class Curl { class Curl {
public: public:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment