summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorNeels Hofmeyr <nhofmeyr@sysmocom.de>2017-02-02 20:05:14 +0100
committerNeels Hofmeyr <nhofmeyr@sysmocom.de>2017-02-02 20:34:16 +0100
commit8352d31a8666e328e399ba1d2ae581c8f0021e48 (patch)
tree8a3599765d6481fdbfeeb481d221bfcd97712b7e /src
parent4a7f87cdc848891f7306109a009e51684b6c5c0e (diff)
GSUP, OAP, osmo-gen-vec: fix AUTS length to 14, not 16
GSUP transmits AUTS for UMTS authentication procedures, and OAP uses the same procedures to authenticate. osmo-gen-vec is a utility program that passes AUTS to our osmo_auth_gen_vec_auts() API. According to 3GPP 33.102 6.3.3, AUTS = SQN^AK || MAC-S, which are 6 || 8 == 14 bytes. This is confirmed by 24.008 9.2.3a where the TLV has 16 bytes, TL = 2 and AUTS being the V = 14. It is not harmful for milenage_gen_vec_auts() to pass two more AUTS bytes. But writing 16 bytes to a GSUP struct is a potential problem when passing in a 14 byte long AUTS buffer to the GSUP API, which then reads past the AUTS buffer. The API implies the length, so far to be 16, so passing in a 14 byte buffer to GSUP would require copying to a larger buffer first. Fix this by using a length of 14 for AUTS everywhere instead. This constitues an ABI breakage, we may handle it as a "fix before an official release", otherwise we need a version bump. The OAP protocol document has also been updated, needs an update in the osmo-gsm-manuals as well. Change-Id: If25b173d9ec57ea4c504d860954912b7d82af455
Diffstat (limited to 'src')
-rw-r--r--src/gsm/gsup.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/gsm/gsup.c b/src/gsm/gsup.c
index 22f57ab7..b1b97ca5 100644
--- a/src/gsm/gsup.c
+++ b/src/gsm/gsup.c
@@ -497,7 +497,7 @@ void osmo_gsup_encode(struct msgb *msg, const struct osmo_gsup_message *gsup_msg
}
if (gsup_msg->auts)
- msgb_tlv_put(msg, OSMO_GSUP_AUTS_IE, 16, gsup_msg->auts);
+ msgb_tlv_put(msg, OSMO_GSUP_AUTS_IE, 14, gsup_msg->auts);
if (gsup_msg->rand)
msgb_tlv_put(msg, OSMO_GSUP_RAND_IE, 16, gsup_msg->rand);