diff options
author | Jacob Erlbeck <jerlbeck@sysmocom.de> | 2014-10-29 22:12:20 +0100 |
---|---|---|
committer | Holger Hans Peter Freyther <holger@moiji-mobile.com> | 2014-11-14 09:27:23 +0100 |
commit | 0c06f98ced2b70801147eb52d6596079e473dfc9 (patch) | |
tree | 11808bb72a07e2413c07a5ec381794400019fa5d /openbsc | |
parent | b1c074f62c1d04138b751f71e3b07fbb0a521898 (diff) |
sgsn: Move IMSI authorization to gsm48_gmm_authorize
Currently the IMSI is only checked immediately when an Attach Request
is received that contains an IMSI IE. If it contains a P-TMSI
instead, access is always granted.
This commit moves the IMSI check to gsm48_gmm_authorize where it is
applied when IMSI and IMEI have been acquired. This fixes the
authorization when the Attach Accept doesn't contain an IMSI.
Sponsored-by: On-Waves ehf
Diffstat (limited to 'openbsc')
-rw-r--r-- | openbsc/include/openbsc/gprs_sgsn.h | 2 | ||||
-rw-r--r-- | openbsc/src/gprs/gprs_gmm.c | 35 | ||||
-rw-r--r-- | openbsc/tests/sgsn/sgsn_test.c | 7 |
3 files changed, 28 insertions, 16 deletions
diff --git a/openbsc/include/openbsc/gprs_sgsn.h b/openbsc/include/openbsc/gprs_sgsn.h index 75797dba0..af21eaddb 100644 --- a/openbsc/include/openbsc/gprs_sgsn.h +++ b/openbsc/include/openbsc/gprs_sgsn.h @@ -117,6 +117,8 @@ struct sgsn_mm_ctx { * (refers to the timer) and pending_req (refers to the procedure), * where mm->T == 3350 => mm->t3350_mode == f(mm->pending_req). Check * whether one of them can be dropped. */ + + int is_authorized; }; #define LOGMMCTXP(level, mm, fmt, args...) \ diff --git a/openbsc/src/gprs/gprs_gmm.c b/openbsc/src/gprs/gprs_gmm.c index 575ad7965..95bf73b5a 100644 --- a/openbsc/src/gprs/gprs_gmm.c +++ b/openbsc/src/gprs/gprs_gmm.c @@ -640,9 +640,30 @@ static int gsm48_gmm_authorize(struct sgsn_mm_ctx *ctx) } /* All information required for authentication is available */ - ctx->t3370_id_type = GSM_MI_TYPE_NONE; + if (!ctx->is_authorized) { + /* As a temorary hack, we simply assume that the IMSI exists, + * as long as it is part of 'our' network */ + char mccmnc[16]; + int rc; + snprintf(mccmnc, sizeof(mccmnc), "%03d%02d", + ctx->ra.mcc, ctx->ra.mnc); + if (strncmp(mccmnc, ctx->imsi, 5) && + (sgsn->cfg.acl_enabled && + !sgsn_acl_lookup(ctx->imsi, &sgsn->cfg))) { + LOGP(DMM, LOGL_NOTICE, "Rejecting ATTACH REQUEST IMSI=%s\n", + ctx->imsi); + rc = gsm48_tx_gmm_att_rej(ctx, + GMM_CAUSE_GPRS_NOTALLOWED); + mm_ctx_cleanup_free(ctx, "ATTACH REJECT"); + return rc; + } + ctx->is_authorized = 1; + } + + /* The MS is authorized */ + switch (ctx->pending_req) { case 0: LOGMMCTXP(LOGL_INFO, ctx, @@ -799,18 +820,6 @@ static int gsm48_rx_gmm_att_req(struct sgsn_mm_ctx *ctx, struct msgb *msg, #if 0 return gsm48_tx_gmm_att_rej(msg, GMM_CAUSE_IMSI_UNKNOWN); #else - /* As a temorary hack, we simply assume that the IMSI exists, - * as long as it is part of 'our' network */ - char mccmnc[16]; - snprintf(mccmnc, sizeof(mccmnc), "%03d%02d", ra_id.mcc, ra_id.mnc); - if (strncmp(mccmnc, mi_string, 5) && - (sgsn->cfg.acl_enabled && - !sgsn_acl_lookup(mi_string, &sgsn->cfg))) { - LOGP(DMM, LOGL_NOTICE, "Rejecting ATTACH REQUEST IMSI=%s\n", - mi_string); - return gsm48_tx_gmm_att_rej_oldmsg(msg, - GMM_CAUSE_GPRS_NOTALLOWED); - } ctx = sgsn_mm_ctx_alloc(0, &ra_id); if (!ctx) return gsm48_tx_gmm_att_rej_oldmsg(msg, GMM_CAUSE_NET_FAIL); diff --git a/openbsc/tests/sgsn/sgsn_test.c b/openbsc/tests/sgsn/sgsn_test.c index 49ee2df20..218092f2c 100644 --- a/openbsc/tests/sgsn/sgsn_test.c +++ b/openbsc/tests/sgsn/sgsn_test.c @@ -340,6 +340,8 @@ static void test_gmm_attach(void) /* reset the PRNG used by sgsn_alloc_ptmsi */ srand(1); + sgsn_acl_add("123456789012345", &sgsn->cfg); + foreign_tlli = gprs_tmsi2tlli(0xc0000023, TLLI_FOREIGN); /* Create a LLE/LLME */ @@ -369,9 +371,6 @@ static void test_gmm_attach(void) send_0408_message(ctx->llme, foreign_tlli, ident_resp_imsi, ARRAY_SIZE(ident_resp_imsi)); - /* FIXME: We are not authorized and should get an Attach Reject, fix - * authorization in gprs_gmm.c */ - /* check that the MM context has not been removed due to a failed * authorization */ OSMO_ASSERT(ctx == sgsn_mm_ctx_by_tlli(foreign_tlli, &raid)); @@ -401,6 +400,8 @@ static void test_gmm_attach(void) OSMO_ASSERT(count(gprs_llme_list()) == 0); ictx = sgsn_mm_ctx_by_tlli(local_tlli, &raid); OSMO_ASSERT(!ictx); + + sgsn_acl_del("123456789012345", &sgsn->cfg); } static struct log_info_cat gprs_categories[] = { |