diff options
author | Neels Hofmeyr <nhofmeyr@sysmocom.de> | 2016-03-30 11:22:30 +0200 |
---|---|---|
committer | Harald Welte <laforge@gnumonks.org> | 2016-03-31 11:56:49 +0200 |
commit | cf1302e4cb4875816615a23e5d7e2e9f7bcb5bca (patch) | |
tree | f0d8a5d092ffda3a1532058ea4ae850422133d14 /openbsc/src/libmsc/auth.c | |
parent | 0d929be8264ba592313f2cdd9bc4bd9b2579df00 (diff) |
Fix MM Auth: zero-initialize auth tuple before first use
Make sure a new auth tuple is initialized after
db_get_lastauthtuple_for_subscr() returns an error, i.e. if no tuple is present
for the subscriber yet.
Before this patch, the first key_seq depended on the typically uninitialized
value that was present in auth tuple's key_seq upon calling
auth_get_tuple_for_subscr().
The very first key_seq used for a new subscriber will now always be 0. Before,
it used to be mostly 1 ("(0 + 1) % 7"), but depended on whether the key_seq was
indeed initialized with 0, actually by random.
Diffstat (limited to 'openbsc/src/libmsc/auth.c')
-rw-r--r-- | openbsc/src/libmsc/auth.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c index ca39d0118..f30d56dce 100644 --- a/openbsc/src/libmsc/auth.c +++ b/openbsc/src/libmsc/auth.c @@ -110,8 +110,17 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple, } /* Generate a new one */ + if (rc != 0) { + /* If db_get_lastauthtuple_for_subscr() returned nothing, make + * sure the atuple memory is initialized to zero and thus start + * off with key_seq = 0. */ + memset(atuple, 0, sizeof(*atuple)); + } else { + /* If db_get_lastauthtuple_for_subscr() returned a previous + * tuple, use the next key_seq. */ + atuple->key_seq = (atuple->key_seq + 1) % 7; + } atuple->use_count = 1; - atuple->key_seq = (atuple->key_seq + 1) % 7; if (RAND_bytes(atuple->rand, sizeof(atuple->rand)) != 1) { LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed, can't generate new auth tuple\n"); |