summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeels Hofmeyr <nhofmeyr@sysmocom.de>2016-10-11 01:05:22 +0200
committerNeels Hofmeyr <nhofmeyr@sysmocom.de>2017-02-23 22:27:38 +0100
commit046016fab5c9b0de1932b6a4a60ec020ce2a0d91 (patch)
tree67f8c53363269ae6880e1000788d5dac074184a6
parent5e05476b0939e22e0e6e50a4aa92c95d3ca96770 (diff)
IuCS: detect whether a conn is already secure
If a CM Service Request is received on an already secure IuCS connection, we so far didn't notice and started to authenticate again. The UE would readily renew its authentication, but then our state got stuck since ciphering was already established. Instead, don't authenticate again when integrity protection is already established. Change-Id: I3c01fe58276ba0ad918f2cd30cc3dca7c6663e68
-rw-r--r--openbsc/src/libmsc/gsm_04_08.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c
index 4b60ab32a..ae43e372a 100644
--- a/openbsc/src/libmsc/gsm_04_08.c
+++ b/openbsc/src/libmsc/gsm_04_08.c
@@ -207,6 +207,10 @@ int gsm48_secure_channel(struct gsm_subscriber_connection *conn, int key_seq,
status = GSM_SECURITY_NOAVAIL;
}
+ if (status < 0 && conn->via_iface == IFACE_IU
+ && conn->iu.integrity_protection != INTEGRITY_PROTECTION_NONE)
+ status = GSM_SECURITY_ALREADY;
+
/* If not done yet, try to get info for this user */
if (status < 0) {
/* DEV HACK: hardcode keys for Iu */