IuCS: detect whether a conn is already secure

If a CM Service Request is received on an already secure IuCS connection, we so far didn't notice and started to authenticate again. The UE would readily renew its authentication, but then our state got stuck since ciphering was already established. Instead, don't authenticate again when integrity protection is already established. Change-Id: I3c01fe58276ba0ad918f2cd30cc3dca7c6663e68
author: Neels Hofmeyr <nhofmeyr@sysmocom.de> 2016-10-11 01:05:22 +0200
committer: Neels Hofmeyr <nhofmeyr@sysmocom.de> 2017-02-23 20:28:56 +0100
commit: 523b9e96d031728c0204891341aa73815e5a3478 (patch)
tree: e16889f8ccfbb0b1ba656e99e4f40d098ab75364
parent: c5122598862a25ef5e2b0249e3cf51ac42e8405e (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c
index 4b60ab32a..ae43e372a 100644
--- a/openbsc/src/libmsc/gsm_04_08.c
+++ b/openbsc/src/libmsc/gsm_04_08.c
@@ -207,6 +207,10 @@ int gsm48_secure_channel(struct gsm_subscriber_connection *conn, int key_seq,
 		status = GSM_SECURITY_NOAVAIL;
 	}
 
+	if (status < 0 && conn->via_iface == IFACE_IU
+	    && conn->iu.integrity_protection != INTEGRITY_PROTECTION_NONE)
+		status = GSM_SECURITY_ALREADY;
+
 	/* If not done yet, try to get info for this user */
 	if (status < 0) {
 		/* DEV HACK: hardcode keys for Iu */
author	Neels Hofmeyr <nhofmeyr@sysmocom.de>	2016-10-11 01:05:22 +0200
committer	Neels Hofmeyr <nhofmeyr@sysmocom.de>	2017-02-23 20:28:56 +0100
commit	523b9e96d031728c0204891341aa73815e5a3478 (patch)
tree	e16889f8ccfbb0b1ba656e99e4f40d098ab75364
parent	c5122598862a25ef5e2b0249e3cf51ac42e8405e (diff)