Fix MM Auth: disallow key_seq mismatch In auth_get_tuple_for_subscr(), add missing condition to match incoming key_seq with stored key_seq, so that re-authentication is requested for mismatching key_seqs. Add test for this issue.

commit: 0d929be8264ba592313f2cdd9bc4bd9b2579df00 [log] [tgz]
author: Neels Hofmeyr <nhofmeyr@sysmocom.de> Wed Mar 30 11:22:29 2016 +0200
committer: Harald Welte <laforge@gnumonks.org> Thu Mar 31 11:56:48 2016 +0200
tree: 8f55e9bb352089046927fb471c4d24b77b8ec17c
parent: 4e875aec0fda55bc93ea76c6992aaf3d90931d2d [diff] [blame]
diff --git a/openbsc/tests/mm_auth/mm_auth_test.ok b/openbsc/tests/mm_auth/mm_auth_test.ok
index 7dedadc..9d89bfb 100644
--- a/openbsc/tests/mm_auth/mm_auth_test.ok
+++ b/openbsc/tests/mm_auth/mm_auth_test.ok

@@ -28,3 +28,9 @@
 wrapped: db_get_lastauthtuple_for_subscr(): rc = 0
 wrapped: db_sync_lastauthtuple_for_subscr(): rc = 0
 auth_get_tuple_for_subscr(key_seq=3) --> auth_action == AUTH_DO_CIPH
+
+* test_auth_reuse_key_seq_mismatch()
+wrapped: db_get_authinfo_for_subscr(): rc = 0
+wrapped: db_get_lastauthtuple_for_subscr(): rc = 0
+wrapped: db_sync_lastauthtuple_for_subscr(): rc = 0
+auth_get_tuple_for_subscr(key_seq=4) --> auth_action == AUTH_DO_AUTH_THEN_CIPH
commit	0d929be8264ba592313f2cdd9bc4bd9b2579df00	[log] [tgz]
author	Neels Hofmeyr <nhofmeyr@sysmocom.de>	Wed Mar 30 11:22:29 2016 +0200
committer	Harald Welte <laforge@gnumonks.org>	Thu Mar 31 11:56:48 2016 +0200
tree	8f55e9bb352089046927fb471c4d24b77b8ec17c
parent	4e875aec0fda55bc93ea76c6992aaf3d90931d2d [diff] [blame]