diff options
author | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2016-10-11 01:05:22 +0200 |
---|---|---|
committer | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2016-11-12 16:06:46 +0100 |
commit | 158559bef88ec70a60128e3c83b41e44eacf223a (patch) | |
tree | a1537c17c0c9d5d3d11f568e4767304112d12940 /openbsc | |
parent | c2c7722a7e4bb35e1e3b8ef49dbf76eedd6d7fa2 (diff) |
IuCS: detect whether a conn is already secure
If a CM Service Request is received on an already secure IuCS connection,
we so far didn't notice and started to authenticate again. The UE would
readily renew its authentication, but then our state got stuck since
ciphering was already established. Instead, don't authenticate again when
integrity protection is already established.
Change-Id: I3c01fe58276ba0ad918f2cd30cc3dca7c6663e68
Diffstat (limited to 'openbsc')
-rw-r--r-- | openbsc/src/libmsc/gsm_04_08.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c index 4b42c994b..7a936a17d 100644 --- a/openbsc/src/libmsc/gsm_04_08.c +++ b/openbsc/src/libmsc/gsm_04_08.c @@ -206,6 +206,10 @@ int gsm48_secure_channel(struct gsm_subscriber_connection *conn, int key_seq, status = GSM_SECURITY_NOAVAIL; } + if (status < 0 && conn->via_iface == IFACE_IU + && conn->iu.integrity_protection != INTEGRITY_PROTECTION_NONE) + status = GSM_SECURITY_ALREADY; + /* If not done yet, try to get info for this user */ if (status < 0) { /* DEV HACK: hardcode keys for Iu */ |