paging: actually verify subscriber authorization

Before this, any paging response would be accepted by the CN, without checking the database whether the subscriber is in fact authorized. The probability that a subscriber would be able to take unauthorized action is slim, nevertheless checking authorization status with the database should happen before we accept a connection.
author: Neels Hofmeyr <nhofmeyr@sysmocom.de> 2016-05-02 15:57:53 +0200
committer: Neels Hofmeyr <nhofmeyr@sysmocom.de> 2017-03-09 17:12:22 +0100
commit: c75b5822fa2ed01e79e60f79e576ca4a01e6f62c (patch)
tree: ad68d9012875cc9e93b34269109e7baf078683b1
parent: a4ed196d87e110a0804524429b5c51d5d8b4e2b1 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/openbsc/src/libmsc/gsm_subscriber.c b/openbsc/src/libmsc/gsm_subscriber.c
index 507842299..9a6c7a871 100644
--- a/openbsc/src/libmsc/gsm_subscriber.c
+++ b/openbsc/src/libmsc/gsm_subscriber.c
@@ -139,7 +139,14 @@ int subscr_rx_paging_response(struct msgb *msg,
 	pr = (struct gsm48_pag_resp *)gh->data;
 
 	/* Secure the connection */
-	return gsm48_secure_channel(conn, pr->key_seq, subscr_paging_sec_cb, NULL);
+	if (subscr_authorized(conn->subscr))
+		return gsm48_secure_channel(conn, pr->key_seq,
+					    subscr_paging_sec_cb, NULL);
+
+	/* Not authorized. Failure. */
+	subscr_paging_sec_cb(GSM_HOOK_RR_SECURITY, GSM_SECURITY_AUTH_FAILED,
+			     msg, conn, NULL);
+	return -1;
 }
 
 struct subscr_request *subscr_request_channel(struct vlr_subscr *vsub,
author	Neels Hofmeyr <nhofmeyr@sysmocom.de>	2016-05-02 15:57:53 +0200
committer	Neels Hofmeyr <nhofmeyr@sysmocom.de>	2017-03-09 17:12:22 +0100
commit	c75b5822fa2ed01e79e60f79e576ca4a01e6f62c (patch)
tree	ad68d9012875cc9e93b34269109e7baf078683b1
parent	a4ed196d87e110a0804524429b5c51d5d8b4e2b1 (diff)