vlr auth: gracefully reject malformed auth response
Instead of just closing down the conn hard, actually feed invalid auth response
data to vlr_subscr_rc_auth_resp() in order to trigger all the actions we want
to see with a failed authentication:
- a GSUP signal that the auth failed,
- a LU reject.
Verify this in new test_wrong_sres_length() in msc_vlr_test_gsm_authen.c.
Note that in gsm48_rx_mm_auth_resp(), the is_r99 flag is falsely derived from
the RES length, which upcoming commit Ib7f7d89a8b9455d2c022d53d74328fa7488577f4
will fix.
Change-Id: I4179a290069ac61d0662de4ec7ca3edb76988899
diff --git a/src/libmsc/gsm_04_08.c b/src/libmsc/gsm_04_08.c
index f87a4c6..ceef2d8 100644
--- a/src/libmsc/gsm_04_08.c
+++ b/src/libmsc/gsm_04_08.c
@@ -971,8 +971,12 @@
}
if (rc) {
- msc_subscr_conn_close(conn, GSM_CAUSE_AUTH_FAILED);
- return -EINVAL;
+ LOGP(DMM, LOGL_ERROR,
+ "%s: MM AUTHENTICATION RESPONSE: invalid: parsing %s AKA Auth Response"
+ " failed with rc=%d; dispatching zero length SRES/RES to trigger failure\n",
+ vlr_subscr_name(conn->vsub), is_r99 ? "UMTS" : "GSM", rc);
+ memset(res, 0, sizeof(res));
+ res_len = 0;
}
DEBUGP(DMM, "%s: MM %s AUTHENTICATION RESPONSE (%s = %s)\n",