diff options
author | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2016-03-30 11:22:29 +0200 |
---|---|---|
committer | Harald Welte <laforge@gnumonks.org> | 2016-03-31 11:56:48 +0200 |
commit | 0d929be8264ba592313f2cdd9bc4bd9b2579df00 (patch) | |
tree | 8f55e9bb352089046927fb471c4d24b77b8ec17c /openbsc/src/libmsc/auth.c | |
parent | 4e875aec0fda55bc93ea76c6992aaf3d90931d2d (diff) |
Fix MM Auth: disallow key_seq mismatch
In auth_get_tuple_for_subscr(), add missing condition to match incoming
key_seq with stored key_seq, so that re-authentication is requested for
mismatching key_seqs.
Add test for this issue.
Diffstat (limited to 'openbsc/src/libmsc/auth.c')
-rw-r--r-- | openbsc/src/libmsc/auth.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c index 4ce183935..ca39d0118 100644 --- a/openbsc/src/libmsc/auth.c +++ b/openbsc/src/libmsc/auth.c @@ -100,6 +100,7 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, rc = db_get_lastauthtuple_for_subscr(atuple, subscr); if ((rc == 0) && (key_seq != GSM_KEY_SEQ_INVAL) && + (key_seq == atuple->key_seq) && (atuple->use_count < 3)) { atuple->use_count++; |