diff options
| author | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2022-10-10 23:35:47 +0200 |
|---|---|---|
| committer | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2022-10-27 23:54:00 +0200 |
| commit | 2ea7264b86b7518d59efecb1609119ffb0c6eb16 (patch) | |
| tree | 4b043860421f856ed79315aa57b1e2faaaedb8b0 /src/libvlr | |
| parent | d99a607ac97c0c678a6328fc1a7abfadd8fc76f2 (diff) | |
msc_a,vlr: add is_ciphering_required (accurately named)
For establishing Layer 3, pass a flag from msc_a to VLR that indicates
to fail if encryption is not possible.
An earlier patch [1] renamed a previously existing flag
require_ciphering to is_ciphering_to_be_attempted, because the naming
was not accurate. This new flag now indicates what its name suggests.
This new flag is needed for upcoming patch [2] to distinguish between
optional and mandatory encryption.
[1] Ia55085e3b36feb275bcf92fc91a4be7d1c24a6b9
[2] I5feda196fa481dd8a46b0e4721c64b7c6600f0d1
Related: OS#4830
Change-Id: I52090c5f5db997030da7c2ed9beca9c51f55f4cf
Diffstat (limited to 'src/libvlr')
| -rw-r--r-- | src/libvlr/vlr_access_req_fsm.c | 10 | ||||
| -rw-r--r-- | src/libvlr/vlr_lu_fsm.c | 10 |
2 files changed, 20 insertions, 0 deletions
diff --git a/src/libvlr/vlr_access_req_fsm.c b/src/libvlr/vlr_access_req_fsm.c index ce7c2af5c..af7ec7434 100644 --- a/src/libvlr/vlr_access_req_fsm.c +++ b/src/libvlr/vlr_access_req_fsm.c @@ -67,7 +67,12 @@ struct proc_arq_priv { uint32_t tmsi; struct osmo_location_area_id lai; bool authentication_required; + /* is_ciphering_to_be_attempted: true when any A5/n > 0 are enabled. Ciphering is allowed, always attempt to get Auth Info from + * the HLR. */ bool is_ciphering_to_be_attempted; + /* is_ciphering_required: true when A5/0 is disabled. If we cannot get Auth Info from the HLR, reject the + * subscriber. */ + bool is_ciphering_required; uint8_t key_seq; bool is_r99; bool is_utran; @@ -635,12 +640,16 @@ vlr_proc_acc_req(struct osmo_fsm_inst *parent, const struct osmo_location_area_id *lai, bool authentication_required, bool is_ciphering_to_be_attempted, + bool is_ciphering_required, uint8_t key_seq, bool is_r99, bool is_utran) { struct osmo_fsm_inst *fi; struct proc_arq_priv *par; + if (is_ciphering_required) + OSMO_ASSERT(is_ciphering_to_be_attempted); + fi = osmo_fsm_inst_alloc_child(&proc_arq_vlr_fsm, parent, parent_event_failure); if (!fi) @@ -658,6 +667,7 @@ vlr_proc_acc_req(struct osmo_fsm_inst *parent, par->parent_event_data = parent_event_data; par->authentication_required = authentication_required; par->is_ciphering_to_be_attempted = is_ciphering_to_be_attempted; + par->is_ciphering_required = is_ciphering_required; par->key_seq = key_seq; par->is_r99 = is_r99; par->is_utran = is_utran; diff --git a/src/libvlr/vlr_lu_fsm.c b/src/libvlr/vlr_lu_fsm.c index e8ceefd63..22875cfa5 100644 --- a/src/libvlr/vlr_lu_fsm.c +++ b/src/libvlr/vlr_lu_fsm.c @@ -676,7 +676,12 @@ struct lu_fsm_priv { struct osmo_location_area_id old_lai; struct osmo_location_area_id new_lai; bool authentication_required; + /* is_ciphering_to_be_attempted: true when any A5/n > 0 are enabled. Ciphering is allowed, always attempt to get Auth Info from + * the HLR. */ bool is_ciphering_to_be_attempted; + /* is_ciphering_required: true when A5/0 is disabled. If we cannot get Auth Info from the HLR, reject the + * subscriber. */ + bool is_ciphering_required; uint8_t key_seq; bool is_r99; bool is_utran; @@ -1476,6 +1481,7 @@ vlr_loc_update(struct osmo_fsm_inst *parent, const struct osmo_location_area_id *new_lai, bool authentication_required, bool is_ciphering_to_be_attempted, + bool is_ciphering_required, uint8_t key_seq, bool is_r99, bool is_utran, bool assign_tmsi) @@ -1483,6 +1489,9 @@ vlr_loc_update(struct osmo_fsm_inst *parent, struct osmo_fsm_inst *fi; struct lu_fsm_priv *lfp; + if (is_ciphering_required) + OSMO_ASSERT(is_ciphering_to_be_attempted); + fi = osmo_fsm_inst_alloc_child(&vlr_lu_fsm, parent, parent_event_failure); if (!fi) return NULL; @@ -1500,6 +1509,7 @@ vlr_loc_update(struct osmo_fsm_inst *parent, lfp->parent_event_data = parent_event_data; lfp->authentication_required = authentication_required; lfp->is_ciphering_to_be_attempted = is_ciphering_to_be_attempted; + lfp->is_ciphering_required = is_ciphering_required; lfp->key_seq = key_seq; lfp->is_r99 = is_r99; lfp->is_utran = is_utran; |