From ccceef8fe90df234bf8f378cd90d5b1f51cf9a7b Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Thu, 13 Aug 2009 00:57:54 +0200 Subject: add code for token auth sequencing * When we first see a subscriber, send the sms * when the sms completes, send auth req + auth reject and close the channel --- openbsc/src/Makefile.am | 2 +- openbsc/src/token_auth.c | 92 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 93 insertions(+), 1 deletion(-) create mode 100644 openbsc/src/token_auth.c (limited to 'openbsc/src') diff --git a/openbsc/src/Makefile.am b/openbsc/src/Makefile.am index 82415af94..d7a8462b3 100644 --- a/openbsc/src/Makefile.am +++ b/openbsc/src/Makefile.am @@ -10,7 +10,7 @@ libbsc_a_SOURCES = abis_rsl.c abis_nm.c gsm_04_08.c gsm_data.c mncc.c \ gsm_04_11.c telnet_interface.c subchan_demux.c \ trau_frame.c trau_mux.c paging.c e1_config.c e1_input.c tlv_parser.c \ input/misdn.c input/ipaccess.c signal.c gsm_utils.c talloc.c \ - transaction.c rtp_proxy.c bsc_rll.c + transaction.c rtp_proxy.c bsc_rll.c token_auth.c libvty_a_SOURCES = vty/buffer.c vty/command.c vty/vector.c vty/vty.c diff --git a/openbsc/src/token_auth.c b/openbsc/src/token_auth.c new file mode 100644 index 000000000..be951c415 --- /dev/null +++ b/openbsc/src/token_auth.c @@ -0,0 +1,92 @@ +/* SMS based token authentication for ad-hoc GSM networks */ + +/* (C) 2009 by Harald Welte + * + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + */ + +#include +#include +#include +#include +#include + +#define TOKEN_SMS_TEXT "HAR 2009 GSM. Please visit http://127.0.0.1/ to register" + +static int token_subscr_cb(unsigned int subsys, unsigned int signal, + void *handler_data, void *signal_data) +{ + struct gsm_subscriber *subscr = signal_data; + struct gsm_sms *sms; + + if (subscr->net->auth_policy != GSM_AUTH_POLICY_TOKEN) + return 0; + + switch (signal) { + case S_SUBSCR_FIRST_CONTACT: + /* we've seen this subscriber for the first time. */ + sms = sms_from_text(subscr, TOKEN_SMS_TEXT); + if (!sms) + return -ENOMEM; + gsm411_send_sms_subscr(subscr, sms); + break; + } + + return 0; +} + +static int token_sms_cb(unsigned int subsys, unsigned int signal, + void *handler_data, void *signal_data) +{ + struct gsm_sms *sms = signal_data; + struct gsm_lchan *lchan; + u_int16_t rand[16]; + + if (signal != S_SMS_DELIVERED) + return 0; + + /* these are not the droids we've been looking for */ + if (!sms->receiver || + !(sms->receiver->flags & GSM_SUBSCRIBER_FIRST_CONTACT)) + return 0; + + if (sms->receiver->net->auth_policy != GSM_AUTH_POLICY_TOKEN) + return 0; + + lchan = lchan_for_subscr(sms->receiver); + if (lchan) { + /* kick the subscriber off the network */ + gsm48_tx_mm_auth_req(lchan, rand); + gsm48_tx_mm_auth_rej(lchan); + /* close the channel */ + //gsm48_send_rr_Release(lchan); + lchan_free(lchan); + } + + /* make sure we don't allow him in again unless he clicks the web UI */ + sms->receiver->authorized = 0; + db_sync_subscriber(sms->receiver); + + return 0; +} + +static __attribute__((constructor)) void on_dso_load_token(void) +{ + register_signal_handler(SS_SUBSCR, token_subscr_cb, NULL); + register_signal_handler(SS_SMS, token_sms_cb, NULL); +} -- cgit v1.2.3