From 641475cb813930790fc384f9bba704a09ba65168 Mon Sep 17 00:00:00 2001 From: Andreas Eversberg Date: Wed, 10 Jul 2013 08:58:03 +0200 Subject: Fix: Handle CM service request on already secured channel correctly A CM service request must be acknowledged also, when encryption is already enabled. Without encryption enabled, the security status is GSM_SECURITY_NOTAVAIL, which causes a CM service acknowledge. On initial CM service request, the security status is GSM_SECURITY_SUCCEED, if encryption is enabled. This will not lead to an acknowledge, because the cyphering command implies an acknowlege. An additional CM service request requires an acknowledge, so I added a new security status: GSM_SECURITY_ALREADY --- openbsc/include/openbsc/gsm_data.h | 1 + openbsc/src/libmsc/gsm_04_08.c | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/openbsc/include/openbsc/gsm_data.h b/openbsc/include/openbsc/gsm_data.h index d7db887ea..05e04906e 100644 --- a/openbsc/include/openbsc/gsm_data.h +++ b/openbsc/include/openbsc/gsm_data.h @@ -21,6 +21,7 @@ enum gsm_security_event { GSM_SECURITY_NOAVAIL, GSM_SECURITY_AUTH_FAILED, GSM_SECURITY_SUCCEEDED, + GSM_SECURITY_ALREADY, }; struct msgb; diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c index b69ab953c..7f38be28e 100644 --- a/openbsc/src/libmsc/gsm_04_08.c +++ b/openbsc/src/libmsc/gsm_04_08.c @@ -173,7 +173,7 @@ int gsm48_secure_channel(struct gsm_subscriber_connection *conn, int key_seq, status = GSM_SECURITY_NOAVAIL; } else if (conn->lchan->encr.alg_id > RSL_ENC_ALG_A5(0)) { DEBUGP(DMM, "Requesting to secure an already secure channel"); - status = GSM_SECURITY_SUCCEEDED; + status = GSM_SECURITY_ALREADY; } else if (!ms_cm2_a5n_support(subscr->equipment.classmark2, net->a5_encryption)) { DEBUGP(DMM, "Subscriber equipment doesn't support requested encryption"); @@ -835,6 +835,7 @@ static int _gsm48_rx_mm_serv_req_sec_cb( break; case GSM_SECURITY_NOAVAIL: + case GSM_SECURITY_ALREADY: rc = gsm48_tx_mm_serv_ack(conn); break; -- cgit v1.2.3