Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-mgw / b2be195b501d8327a493f93bc9fba41f8a699ba4 / . / openbsc / src / token_auth.c
blob: dc8cce2519e668165be46bd384adb1c92968f1e9 [file] [log] [blame]
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]1/* SMS based token authentication for ad-hoc GSM networks */
2
3/* (C) 2009 by Harald Welte <laforge@gnumonks.org>
4 *
5 * All Rights Reserved
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 */
22
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]23#include <stdio.h>
Harald Weltedfe6c7d2010-02-20 16:24:02 +0100[diff] [blame]24#include <osmocore/talloc.h>
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]25#include <openbsc/signal.h>
26#include <openbsc/gsm_data.h>
27#include <openbsc/gsm_04_11.h>
28#include <openbsc/gsm_04_08.h>
29#include <openbsc/gsm_subscriber.h>
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]30#include <openbsc/chan_alloc.h>
31#include <openbsc/db.h>
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]32
Harald Welte (local)2928bc02009-08-13 20:43:58 +0200[diff] [blame]33#define TOKEN_SMS_TEXT "HAR 2009 GSM. Register at http://har2009.gnumonks.org/ " \
34 "Your IMSI is %s, auth token is %08X, phone no is %s."
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]35
Holger Hans Peter Freyther65fb0fd2009-10-22 15:39:37 +0200[diff] [blame]36extern struct gsm_sms *sms_from_text(struct gsm_subscriber *receiver,
37 const char *text);
38
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]39static char *build_sms_string(struct gsm_subscriber *subscr, u_int32_t token)
40{
41 char *sms_str;
42 unsigned int len;
43
44 len = strlen(subscr->imsi) + 8 + strlen(TOKEN_SMS_TEXT);
45 sms_str = talloc_size(tall_bsc_ctx, len);
46 if (!sms_str)
47 return NULL;
48
Harald Welte (local)2928bc02009-08-13 20:43:58 +0200[diff] [blame]49 snprintf(sms_str, len, TOKEN_SMS_TEXT, subscr->imsi, token,
50 subscr->extension);
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]51 sms_str[len-1] = '\0';
52
53 return sms_str;
54}
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]55
56static int token_subscr_cb(unsigned int subsys, unsigned int signal,
57 void *handler_data, void *signal_data)
58{
59 struct gsm_subscriber *subscr = signal_data;
60 struct gsm_sms *sms;
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]61 int rc = 0;
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]62
Harald Welte37600be2009-12-13 12:56:47 +0100[diff] [blame]63 if (signal != S_SUBSCR_ATTACHED)
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]64 return 0;
65
Harald Welte37600be2009-12-13 12:56:47 +0100[diff] [blame]66 if (subscr->net->auth_policy != GSM_AUTH_POLICY_TOKEN)
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]67 return 0;
68
69 if (subscr->flags & GSM_SUBSCRIBER_FIRST_CONTACT) {
70 u_int32_t token;
71 char *sms_str;
72
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]73 /* we've seen this subscriber for the first time. */
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]74 rc = db_subscriber_alloc_token(subscr, &token);
75 if (rc != 0) {
76 rc = -EIO;
77 goto unauth;
78 }
79
80 sms_str = build_sms_string(subscr, token);
81 if (!sms_str) {
82 rc = -ENOMEM;
83 goto unauth;
84 }
85
86 sms = sms_from_text(subscr, sms_str);
87 talloc_free(sms_str);
88 if (!sms) {
89 rc = -ENOMEM;
90 goto unauth;
91 }
92
93 rc = gsm411_send_sms_subscr(subscr, sms);
94
95 /* FIXME: else, delete the subscirber from database */
96unauth:
97
98 /* make sure we don't allow him in again unless he clicks the web UI */
99 subscr->authorized = 0;
100 db_sync_subscriber(subscr);
101 if (rc) {
Holger Hans Peter Freytherb2be1952010-06-16 13:23:55 +0800[diff] [blame^]102 struct gsm_subscriber_connection *conn = connection_for_subscr(subscr);
103 if (conn) {
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]104 u_int8_t auth_rand[16];
105 /* kick the subscriber off the network */
Holger Hans Peter Freytherb2be1952010-06-16 13:23:55 +0800[diff] [blame^]106 gsm48_tx_mm_auth_req(conn, auth_rand, 0);
107 gsm48_tx_mm_auth_rej(conn);
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]108 /* FIXME: close the channel early ?*/
109 //gsm48_send_rr_Release(lchan);
110 }
111 }
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]112 }
113
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]114 return rc;
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]115}
116
117static int token_sms_cb(unsigned int subsys, unsigned int signal,
118 void *handler_data, void *signal_data)
119{
120 struct gsm_sms *sms = signal_data;
Holger Hans Peter Freytherb2be1952010-06-16 13:23:55 +0800[diff] [blame^]121 struct gsm_subscriber_connection *conn;
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]122 u_int8_t auth_rand[16];
123
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]124
125 if (signal != S_SMS_DELIVERED)
126 return 0;
127
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]128
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]129 /* these are not the droids we've been looking for */
130 if (!sms->receiver ||
131 !(sms->receiver->flags & GSM_SUBSCRIBER_FIRST_CONTACT))
132 return 0;
133
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]134
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]135 if (sms->receiver->net->auth_policy != GSM_AUTH_POLICY_TOKEN)
136 return 0;
137
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]138
Holger Hans Peter Freytherb2be1952010-06-16 13:23:55 +0800[diff] [blame^]139 conn = connection_for_subscr(sms->receiver);
140 if (conn) {
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]141 /* kick the subscriber off the network */
Holger Hans Peter Freytherb2be1952010-06-16 13:23:55 +0800[diff] [blame^]142 gsm48_tx_mm_auth_req(conn, auth_rand, 0);
143 gsm48_tx_mm_auth_rej(conn);
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]144 /* FIXME: close the channel early ?*/
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]145 //gsm48_send_rr_Release(lchan);
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]146 }
147
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]148 return 0;
149}
150
Harald Welte (local)50d12712009-08-13 13:52:14 +0200[diff] [blame]151//static __attribute__((constructor)) void on_dso_load_token(void)
152void on_dso_load_token(void)
Harald Welteccceef82009-08-13 00:57:54 +0200[diff] [blame]153{
154 register_signal_handler(SS_SUBSCR, token_subscr_cb, NULL);
155 register_signal_handler(SS_SMS, token_sms_cb, NULL);
156}