From 6727826e8798942ee72715d01a2b6be20ad6f421 Mon Sep 17 00:00:00 2001 From: NĂ©lio Laranjeiro Date: Tue, 9 Oct 2012 09:40:58 +0200 Subject: cesar/cp/eoc/{sta,fsm}: don't unassociate if MME is unrelated, closes #3319 Reception of an cc_assoc.cnf message from an unexpected peer should not cause the Slave to leave ASSOCIATING state in the FSM to the UNASSOCIATED one. The cc_assoc.cnf from the Master can follow the unrelated one. The association_cnf procedure have been modified too. This new one verifies the coherence of the MME before processing it. --- cesar/cp/eoc/sta/action/src/assoc_slave.c | 51 ++++++++++------------ .../eoc/sta/action/test/utest/src/test_actions.c | 12 ++--- cesar/cp/eoc/sta/action/test/utest/src/test_fsm.c | 2 +- cesar/cp/eoc/sta/action/test/utest_eoc/src/assoc.c | 2 +- 4 files changed, 32 insertions(+), 35 deletions(-) (limited to 'cesar/cp/eoc/sta/action') diff --git a/cesar/cp/eoc/sta/action/src/assoc_slave.c b/cesar/cp/eoc/sta/action/src/assoc_slave.c index e62ea301c9..139b41cd3b 100644 --- a/cesar/cp/eoc/sta/action/src/assoc_slave.c +++ b/cesar/cp/eoc/sta/action/src/assoc_slave.c @@ -237,32 +237,10 @@ cp_eoc_sta_action_assoc__associating_cnf (cp_t *ctx, cp_mme_rx_t *mme) mfs_tx_t *mfs; dbg_assert (ctx); dbg_assert (mme); - /* confirmation is received, reset counter - * result is not relevant, only that ASSOC.CNF is received. */ - ctx->sta_action.assoc.assoc_req_retry_nb = 0; - bool status = cp_msg_cc_assoc_cnf_receive (ctx, mme, &cnf); - /* change dak and result */ - if (status && cnf.result - == CP_MSG_CC_ASSOC_CNF_RESULT_SUCCESS_WL_ACCEPT_ALL) + if (!cp_msg_cc_assoc_cnf_receive (ctx, mme, &cnf) + || !cp_mme_peer_cmp (&ctx->sta_action.assoc.peer, &mme->peer)) { - cp_key_t key = cp_secu_generate_keys (ctx, (u8 *) MASTER_GOLDEN_DPW, - strlen (MASTER_GOLDEN_DPW), CP_SECU_SALT_KEY_DAK); - cp_sta_own_data_set_dak (ctx, key); - cnf.result = CP_MSG_CC_ASSOC_CNF_RESULT_SUCCESS; - } - else if (status && cnf.result == CP_MSG_CC_ASSOC_CNF_RESULT_SUCCESS) - cp_sta_own_data_set_dak ( - ctx, cp_eoc_sta_own_data_get_original_dak (ctx)); - /* Check response. */ - if (mme->peer.mac != ctx->sta_action.assoc.peer.mac - || mme->peer.tei == 0 - || !status - || cnf.nid != cp_sta_own_data_get_nid (ctx)) - { - ctx->sta_action.assoc.fast_retry = - cnf.result == - CP_MSG_CC_ASSOC_CNF_RESULT_FAILURE_TEMPORARY_RESSOURCE_EXHAUSTION; - /* Unrelated message, drop. */ + /* Unrelated message, drop it. */ cp_fsm_branch (ctx, ASSOCIATING, CC_ASSOC_CNF, unrelated); } else if (cnf.result != CP_MSG_CC_ASSOC_CNF_RESULT_SUCCESS) @@ -276,12 +254,30 @@ cp_eoc_sta_action_assoc__associating_cnf (cp_t *ctx, cp_mme_rx_t *mme) } else { + /* confirmation is received, reset counter + * result is not relevant, only that ASSOC.CNF is received. */ + ctx->sta_action.assoc.assoc_req_retry_nb = 0; + /* change dak and result */ + if (cnf.result + == CP_MSG_CC_ASSOC_CNF_RESULT_SUCCESS_WL_ACCEPT_ALL) + { + cp_key_t key = cp_secu_generate_keys ( + ctx, (u8 *) MASTER_GOLDEN_DPW, + strlen (MASTER_GOLDEN_DPW), CP_SECU_SALT_KEY_DAK); + cp_sta_own_data_set_dak (ctx, key); + cnf.result = CP_MSG_CC_ASSOC_CNF_RESULT_SUCCESS; + } + else if (cnf.result == CP_MSG_CC_ASSOC_CNF_RESULT_SUCCESS) + cp_sta_own_data_set_dak ( + ctx, cp_eoc_sta_own_data_get_original_dak (ctx)); + ctx->sta_action.assoc.fast_retry = false; /* Update state. */ cp_sta_own_data_set_tei (ctx, cnf.sta_tei); /* Change our AVLN. */ cp_sta_t *sta = - cp_sta_mgr_sta_get_from_mac (ctx, ctx->sta_action.assoc.peer.mac); + cp_sta_mgr_sta_get_from_mac ( + ctx, ctx->sta_action.assoc.peer.mac); dbg_assert (sta); cp_sta_mgr_set_our_avln (ctx, cp_sta_get_net (sta)); slab_release (sta); @@ -290,7 +286,8 @@ cp_eoc_sta_action_assoc__associating_cnf (cp_t *ctx, cp_mme_rx_t *mme) cp_msg_cm_get_key_req_t get_key = { .relayed = false, .key_type = CP_MSG_KEY_NEK, .nid = cp_sta_own_data_get_nid (ctx) }; - cp_secu_protocol_run_new (&ctx->sta_action.assoc.prun, 0, &ctx->rnd); + cp_secu_protocol_run_new ( + &ctx->sta_action.assoc.prun, 0, &ctx->rnd); mfs = mac_store_mfs_add_tx (ctx->mac_store, false, true, MAC_LID_NONE, diff --git a/cesar/cp/eoc/sta/action/test/utest/src/test_actions.c b/cesar/cp/eoc/sta/action/test/utest/src/test_actions.c index 27416f748d..4a55dc6265 100644 --- a/cesar/cp/eoc/sta/action/test/utest/src/test_actions.c +++ b/cesar/cp/eoc/sta/action/test/utest/src/test_actions.c @@ -1047,7 +1047,7 @@ test_case_association_and_authentication_action (test_t test) snid = 5; memset (mme, 0, sizeof (*mme)); - mme->peer.tei = tei = ctx.sta_mgr.sta_own_data.tei = 5; + mme->peer.tei = tei = ctx.sta_action.assoc.peer.tei = 5; mme->peer.mac = ctx.sta_action.assoc.peer.mac = 0x2; net = cp_sta_mgr_add_avln (&ctx, snid, nid); @@ -1072,7 +1072,7 @@ test_case_association_and_authentication_action (test_t test) bitstream_finalise (&bitstream); - mme->length = 12; + mme->length = 60; cp_fsm_event_t event; ctx.fsm.handled_event = &event; @@ -1118,7 +1118,7 @@ test_case_association_and_authentication_action (test_t test) snid = 5; memset (mme, 0, sizeof (*mme)); - mme->peer.tei = tei = ctx.sta_mgr.sta_own_data.tei = 5; + mme->peer.tei = tei = ctx.sta_action.assoc.peer.tei = 5; mme->peer.mac = ctx.sta_action.assoc.peer.mac = 0x2; net = cp_sta_mgr_add_avln (&ctx, snid, nid); @@ -1143,7 +1143,7 @@ test_case_association_and_authentication_action (test_t test) bitstream_finalise (&bitstream); - mme->length = 12; + mme->length = 60; cp_fsm_event_t event; ctx.fsm.handled_event = &event; @@ -1192,7 +1192,7 @@ test_case_association_and_authentication_action (test_t test) snid = 5; memset (mme, 0, sizeof (*mme)); - mme->peer.tei = tei = ctx.sta_mgr.sta_own_data.tei = 5; + mme->peer.tei = tei = ctx.sta_action.assoc.peer.tei = 5; mme->peer.mac = ctx.sta_action.assoc.peer.mac = 0x2; net = cp_sta_mgr_add_avln (&ctx, snid, nid); @@ -1217,7 +1217,7 @@ test_case_association_and_authentication_action (test_t test) bitstream_finalise (&bitstream); - mme->length = 12; + mme->length = 60; cp_fsm_event_t event; ctx.fsm.handled_event = &event; diff --git a/cesar/cp/eoc/sta/action/test/utest/src/test_fsm.c b/cesar/cp/eoc/sta/action/test/utest/src/test_fsm.c index e07e40ce3a..9e6ddf4e9a 100644 --- a/cesar/cp/eoc/sta/action/test/utest/src/test_fsm.c +++ b/cesar/cp/eoc/sta/action/test/utest/src/test_fsm.c @@ -306,7 +306,7 @@ test_fsm_basic_test_case (test_t t) SCENARIO_ACTION (post_and_process, .type = CP_FSM_EVENT_TYPE_CC_ASSOC_CNF), SCENARIO_EVENT (cp_fsm__ASSOCIATING__CC_ASSOC_CNF, - .branch = CP_FSM_BRANCH (ASSOCIATING, CC_ASSOC_CNF, unrelated)), + .branch = CP_FSM_BRANCH (ASSOCIATING, CC_ASSOC_CNF, unsuccess)), SCENARIO_EVENT (cp_fsm__ASSOCIATING__stop_retry_timer), SCENARIO_EVENT (cp_fsm__UNASSOCIATED__start_retry_timer), /* UNASSOCIATED */ diff --git a/cesar/cp/eoc/sta/action/test/utest_eoc/src/assoc.c b/cesar/cp/eoc/sta/action/test/utest_eoc/src/assoc.c index 840c46a9d9..44b2164f26 100644 --- a/cesar/cp/eoc/sta/action/test/utest_eoc/src/assoc.c +++ b/cesar/cp/eoc/sta/action/test/utest_eoc/src/assoc.c @@ -228,7 +228,7 @@ assoc_test_case_basic (test_t t) .lease_time_min = 15), SCENARIO_EVENT (cp_fsm_branch, .branch = CP_FSM_BRANCH ( - ASSOCIATING, CC_ASSOC_CNF, unsuccess)), + ASSOCIATING, CC_ASSOC_CNF, unrelated)), /* Wrong NID. */ SCENARIO_ACTION (assoc__associating_cnf, .peer = master_peer), SCENARIO_EVENT (cp_msg_cc_assoc_cnf_receive, .ok = true, -- cgit v1.2.3