IuCS: detect whether a conn is already secure

If a CM Service Request is received on an already secure IuCS connection, we so far didn't notice and started to authenticate again. The UE would readily renew its authentication, but then our state got stuck since ciphering was already established. Instead, don't authenticate again when integrity protection is already established. Change-Id: I3c01fe58276ba0ad918f2cd30cc3dca7c6663e68
author: Neels Hofmeyr <nhofmeyr@sysmocom.de> 2016-10-11 01:05:22 +0200
committer: Neels Hofmeyr <nhofmeyr@sysmocom.de> 2017-01-23 13:56:29 +0100
commit: d8341cfb91e3fb82845de6ba888d7882563f9bd0 (patch)
tree: 6f2547e23222e05f3286a8981e4603ffd395c465
parent: d1863e17b39741909a445bbe4accf79aea6f87fe (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c
index 3fbfc729d..d5736f2e7 100644
--- a/openbsc/src/libmsc/gsm_04_08.c
+++ b/openbsc/src/libmsc/gsm_04_08.c
@@ -207,6 +207,10 @@ int gsm48_secure_channel(struct gsm_subscriber_connection *conn, int key_seq,
 		status = GSM_SECURITY_NOAVAIL;
 	}
 
+	if (status < 0 && conn->via_iface == IFACE_IU
+	    && conn->iu.integrity_protection != INTEGRITY_PROTECTION_NONE)
+		status = GSM_SECURITY_ALREADY;
+
 	/* If not done yet, try to get info for this user */
 	if (status < 0) {
 		/* DEV HACK: hardcode keys for Iu */
author	Neels Hofmeyr <nhofmeyr@sysmocom.de>	2016-10-11 01:05:22 +0200
committer	Neels Hofmeyr <nhofmeyr@sysmocom.de>	2017-01-23 13:56:29 +0100
commit	d8341cfb91e3fb82845de6ba888d7882563f9bd0 (patch)
tree	6f2547e23222e05f3286a8981e4603ffd395c465
parent	d1863e17b39741909a445bbe4accf79aea6f87fe (diff)