summaryrefslogtreecommitdiffstats
path: root/openbsc/src
diff options
context:
space:
mode:
authorNeels Hofmeyr <nhofmeyr@sysmocom.de>2016-03-30 11:22:29 +0200
committerHarald Welte <laforge@gnumonks.org>2016-03-31 11:56:48 +0200
commit0d929be8264ba592313f2cdd9bc4bd9b2579df00 (patch)
tree8f55e9bb352089046927fb471c4d24b77b8ec17c /openbsc/src
parent4e875aec0fda55bc93ea76c6992aaf3d90931d2d (diff)
Fix MM Auth: disallow key_seq mismatch
In auth_get_tuple_for_subscr(), add missing condition to match incoming key_seq with stored key_seq, so that re-authentication is requested for mismatching key_seqs. Add test for this issue.
Diffstat (limited to 'openbsc/src')
-rw-r--r--openbsc/src/libmsc/auth.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c
index 4ce183935..ca39d0118 100644
--- a/openbsc/src/libmsc/auth.c
+++ b/openbsc/src/libmsc/auth.c
@@ -100,6 +100,7 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
rc = db_get_lastauthtuple_for_subscr(atuple, subscr);
if ((rc == 0) &&
(key_seq != GSM_KEY_SEQ_INVAL) &&
+ (key_seq == atuple->key_seq) &&
(atuple->use_count < 3))
{
atuple->use_count++;