Bug #6396
openadd support for auth failure with resync
50%
Description
When a phone connects and the sim sequence numbers are out of sync, the authentication will fail
and the phone will additional supply Rand and Auts in the failure message.
Similar to the 3gpp rat.
The sgsn already has a test for this TC_attach_usim_resync.
To reproduce it with a real phone, you could decrease the sequence number in the hss. (AFAIR it is a sliding window, reducing the sequence number by 1 might not be enough).
UE - strongswan <- Auth req -> Auth failure (reason resync, auts, rand) (HLR will update the sequence numbers) <- Auth req -> Auth succeed.
Updated by lynxis about 2 months ago
Updated by lynxis about 2 months ago
- Description updated (diff)
strongswan - osmo-epdg - HSS GUSP Auth Req -> MAR -> <- MAA <- GSUP Auth Response -> GSUP Auth Req (Auts, Rand) MAR (Sip Authorization (Rand+Auts) -> (HSS update sequence numbers) <- MAA <- GSUP Auth Response
Updated by laforge about 2 months ago
- Subject changed from add support for sim failure with resync to add support for auth failure with resync
Updated by pespin about 2 months ago
- Status changed from New to Feedback
- % Done changed from 0 to 50
Tested here:
https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36218 epdg: Introduce test TC_authinfo_fail_resync
Implemented in osmo-epdg here:
https://gerrit.osmocom.org/c/erlang/osmo-epdg/+/36217 Implement sim auth resync
Leaving it assigned to lynxis for review and also to let him impelement/test it against strongswan.
Updated by pespin about 2 months ago
I merged the patch and updated epdg.osmocom.org with new osmo-epdg master.