add code for token auth sequencing
* When we first see a subscriber, send the sms
* when the sms completes, send auth req + auth reject and close the channel
diff --git a/openbsc/src/Makefile.am b/openbsc/src/Makefile.am
index 82415af..d7a8462 100644
--- a/openbsc/src/Makefile.am
+++ b/openbsc/src/Makefile.am
@@ -10,7 +10,7 @@
gsm_04_11.c telnet_interface.c subchan_demux.c \
trau_frame.c trau_mux.c paging.c e1_config.c e1_input.c tlv_parser.c \
input/misdn.c input/ipaccess.c signal.c gsm_utils.c talloc.c \
- transaction.c rtp_proxy.c bsc_rll.c
+ transaction.c rtp_proxy.c bsc_rll.c token_auth.c
libvty_a_SOURCES = vty/buffer.c vty/command.c vty/vector.c vty/vty.c
diff --git a/openbsc/src/token_auth.c b/openbsc/src/token_auth.c
new file mode 100644
index 0000000..be951c4
--- /dev/null
+++ b/openbsc/src/token_auth.c
@@ -0,0 +1,92 @@
+/* SMS based token authentication for ad-hoc GSM networks */
+
+/* (C) 2009 by Harald Welte <laforge@gnumonks.org>
+ *
+ * All Rights Reserved
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include <openbsc/signal.h>
+#include <openbsc/gsm_data.h>
+#include <openbsc/gsm_04_11.h>
+#include <openbsc/gsm_04_08.h>
+#include <openbsc/gsm_subscriber.h>
+
+#define TOKEN_SMS_TEXT "HAR 2009 GSM. Please visit http://127.0.0.1/ to register"
+
+static int token_subscr_cb(unsigned int subsys, unsigned int signal,
+ void *handler_data, void *signal_data)
+{
+ struct gsm_subscriber *subscr = signal_data;
+ struct gsm_sms *sms;
+
+ if (subscr->net->auth_policy != GSM_AUTH_POLICY_TOKEN)
+ return 0;
+
+ switch (signal) {
+ case S_SUBSCR_FIRST_CONTACT:
+ /* we've seen this subscriber for the first time. */
+ sms = sms_from_text(subscr, TOKEN_SMS_TEXT);
+ if (!sms)
+ return -ENOMEM;
+ gsm411_send_sms_subscr(subscr, sms);
+ break;
+ }
+
+ return 0;
+}
+
+static int token_sms_cb(unsigned int subsys, unsigned int signal,
+ void *handler_data, void *signal_data)
+{
+ struct gsm_sms *sms = signal_data;
+ struct gsm_lchan *lchan;
+ u_int16_t rand[16];
+
+ if (signal != S_SMS_DELIVERED)
+ return 0;
+
+ /* these are not the droids we've been looking for */
+ if (!sms->receiver ||
+ !(sms->receiver->flags & GSM_SUBSCRIBER_FIRST_CONTACT))
+ return 0;
+
+ if (sms->receiver->net->auth_policy != GSM_AUTH_POLICY_TOKEN)
+ return 0;
+
+ lchan = lchan_for_subscr(sms->receiver);
+ if (lchan) {
+ /* kick the subscriber off the network */
+ gsm48_tx_mm_auth_req(lchan, rand);
+ gsm48_tx_mm_auth_rej(lchan);
+ /* close the channel */
+ //gsm48_send_rr_Release(lchan);
+ lchan_free(lchan);
+ }
+
+ /* make sure we don't allow him in again unless he clicks the web UI */
+ sms->receiver->authorized = 0;
+ db_sync_subscriber(sms->receiver);
+
+ return 0;
+}
+
+static __attribute__((constructor)) void on_dso_load_token(void)
+{
+ register_signal_handler(SS_SUBSCR, token_subscr_cb, NULL);
+ register_signal_handler(SS_SMS, token_sms_cb, NULL);
+}