Project

General

Profile

Actions

Bug #5646

closed

Synchronization failures are not handled

Added by daniel over 1 year ago. Updated over 1 year ago.

Status:
Resolved
Priority:
High
Assignee:
Target version:
-
Start date:
08/16/2022
Due date:
% Done:

100%


Description

Attached is a pcap with four packets (order by time, not no.):
1. (no. 4) Synchronization failure from the eNodeb/UE that includes the AUTS value
1. (no. 1) AIR from the MME to the HSS (osmo-dia2gsup) including the Re-Synchronization-Info
1. (no. 2) SendAuthInfo Request from osmo-dia2gsup to osmo-hlr without either the AUTS or RAND IEs

Here's what osmo-dia2gsup reports for 2. (packet no.1):

Aug 16 15:01:56 sysmonitb osmo-dia2gsup[668]: 15:01:56.234 [info] AIR: {'AIR',"mme.localdomain;1660658436;38;app_s6a",1,"mme.localdomain","localdomain","localdomain",
"901700000043352",[153,249,7],[{'Vendor-Specific-Application-Id',10415,[16777251],[]}],[],
[{'Requested-EUTRAN-Authentication-Info',[1],[1],[[154,153,78,226,63,248,178,208,169,186,215,18,159,150,252,103,249,220,169,90,223,249,219,26,172,118,171,193,216,221]],
[]}],[],[],[],[],[]}
Aug 16 15:01:56 sysmonitb osmo-dia2gsup[668]: 15:01:56.234 [info] Num EUTRAN=1, UTRAN=false

There is code in server_cb.erl (around line. 191) to include rand and auts if #'Requested-EUTRAN-Authentication-Info'{'Re-Synchronization-Info' = ReSyncInfo}, but it seems to me that the data in 'Requested-EUTRAN-Authentication-Info' isn't actually decoded.

If I look at the [1],[1],[[154,153,...]] this seems to match what Wireshark is telling me about the Requested-EUTRAN-Authentication-Info:

Number-Of-Requested-Vectors:1, Immediate-Response-Preferred:1, Re-Synchronization-Info: 0x9a(154), 0x99(153), ...


Files

resync-failure.pcapng resync-failure.pcapng 1.79 KB daniel, 08/16/2022 03:59 PM

Related issues

Related to Cellular Network Infrastructure - Feature #2604: GSUP-to-DIAMETER converter / IWFStalledlaforge10/29/2017

Actions
Actions #1

Updated by daniel over 1 year ago

  • Related to Feature #2604: GSUP-to-DIAMETER converter / IWF added
Actions #2

Updated by laforge over 1 year ago

If this becomes critical in a specific, closed lab environment without security requirements with sysmoISIM and you cannot fix it right away, you can disable sqn checking on the SIM

Actions #3

Updated by fixeria over 1 year ago

  • Status changed from New to In Progress
Actions #4

Updated by fixeria over 1 year ago

While reading the attached PCAP, I submitted a PR adding missing GSUP IEs:

https://gitlab.com/wireshark/wireshark/-/merge_requests/7819

Actions #5

Updated by fixeria over 1 year ago

  • Status changed from In Progress to Feedback
  • Assignee changed from fixeria to daniel

daniel please give this [untested] patch a try:

https://gerrit.osmocom.org/c/erlang/osmo_dia2gsup/+/29160 Fix handling of Re-Synchronization-Info AVP in AIR [NEW]

Actions #6

Updated by daniel over 1 year ago

laforge wrote in #note-2:

If this becomes critical in a specific, closed lab environment without security requirements with sysmoISIM and you cannot fix it right away, you can disable sqn checking on the SIM

Thanks, good to know

Actions #7

Updated by daniel over 1 year ago

fixeria wrote in #note-5:

daniel please give this [untested] patch a try:

https://gerrit.osmocom.org/c/erlang/osmo_dia2gsup/+/29160 Fix handling of Re-Synchronization-Info AVP in AIR [NEW]

Will try it out, thanks! I noticed this patch conflicts with an open one from 2020: https://gerrit.osmocom.org/c/erlang/osmo_dia2gsup/+/20021
This seems to do more or less the same thing and already had a +2 - too bad that we didn't merge it back then.

Actions #8

Updated by daniel over 1 year ago

  • Status changed from Feedback to Resolved
  • % Done changed from 0 to 100

I merged the patch by matt9j now, because the other one didn't quite work.

See https://gerrit.osmocom.org/c/erlang/osmo_dia2gsup/+/20021

Actions

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)