summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeels Hofmeyr <nhofmeyr@sysmocom.de>2016-10-11 01:05:22 +0200
committerNeels Hofmeyr <nhofmeyr@sysmocom.de>2016-11-12 16:06:46 +0100
commit158559bef88ec70a60128e3c83b41e44eacf223a (patch)
treea1537c17c0c9d5d3d11f568e4767304112d12940
parentc2c7722a7e4bb35e1e3b8ef49dbf76eedd6d7fa2 (diff)
IuCS: detect whether a conn is already secure
If a CM Service Request is received on an already secure IuCS connection, we so far didn't notice and started to authenticate again. The UE would readily renew its authentication, but then our state got stuck since ciphering was already established. Instead, don't authenticate again when integrity protection is already established. Change-Id: I3c01fe58276ba0ad918f2cd30cc3dca7c6663e68
-rw-r--r--openbsc/src/libmsc/gsm_04_08.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c
index 4b42c99..7a936a1 100644
--- a/openbsc/src/libmsc/gsm_04_08.c
+++ b/openbsc/src/libmsc/gsm_04_08.c
@@ -206,6 +206,10 @@ int gsm48_secure_channel(struct gsm_subscriber_connection *conn, int key_seq,
status = GSM_SECURITY_NOAVAIL;
}
+ if (status < 0 && conn->via_iface == IFACE_IU
+ && conn->iu.integrity_protection != INTEGRITY_PROTECTION_NONE)
+ status = GSM_SECURITY_ALREADY;
+
/* If not done yet, try to get info for this user */
if (status < 0) {
/* DEV HACK: hardcode keys for Iu */