Fix: Handle CM service request on already secured channel correctly
A CM service request must be acknowledged also, when encryption is already
enabled.
Without encryption enabled, the security status is GSM_SECURITY_NOTAVAIL,
which causes a CM service acknowledge. On initial CM service request, the
security status is GSM_SECURITY_SUCCEED, if encryption is enabled. This
will not lead to an acknowledge, because the cyphering command implies an
acknowlege. An additional CM service request requires an acknowledge, so
I added a new security status: GSM_SECURITY_ALREADY
diff --git a/openbsc/include/openbsc/gsm_data.h b/openbsc/include/openbsc/gsm_data.h
index d7db887..05e0490 100644
--- a/openbsc/include/openbsc/gsm_data.h
+++ b/openbsc/include/openbsc/gsm_data.h
@@ -21,6 +21,7 @@
GSM_SECURITY_NOAVAIL,
GSM_SECURITY_AUTH_FAILED,
GSM_SECURITY_SUCCEEDED,
+ GSM_SECURITY_ALREADY,
};
struct msgb;
diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c
index b69ab95..7f38be2 100644
--- a/openbsc/src/libmsc/gsm_04_08.c
+++ b/openbsc/src/libmsc/gsm_04_08.c
@@ -173,7 +173,7 @@
status = GSM_SECURITY_NOAVAIL;
} else if (conn->lchan->encr.alg_id > RSL_ENC_ALG_A5(0)) {
DEBUGP(DMM, "Requesting to secure an already secure channel");
- status = GSM_SECURITY_SUCCEEDED;
+ status = GSM_SECURITY_ALREADY;
} else if (!ms_cm2_a5n_support(subscr->equipment.classmark2,
net->a5_encryption)) {
DEBUGP(DMM, "Subscriber equipment doesn't support requested encryption");
@@ -835,6 +835,7 @@
break;
case GSM_SECURITY_NOAVAIL:
+ case GSM_SECURITY_ALREADY:
rc = gsm48_tx_mm_serv_ack(conn);
break;