Fix MM Auth: zero-initialize auth tuple before first use
Make sure a new auth tuple is initialized after
db_get_lastauthtuple_for_subscr() returns an error, i.e. if no tuple is present
for the subscriber yet.
Before this patch, the first key_seq depended on the typically uninitialized
value that was present in auth tuple's key_seq upon calling
auth_get_tuple_for_subscr().
The very first key_seq used for a new subscriber will now always be 0. Before,
it used to be mostly 1 ("(0 + 1) % 7"), but depended on whether the key_seq was
indeed initialized with 0, actually by random.
diff --git a/openbsc/src/libmsc/auth.c b/openbsc/src/libmsc/auth.c
index ca39d01..f30d56d 100644
--- a/openbsc/src/libmsc/auth.c
+++ b/openbsc/src/libmsc/auth.c
@@ -110,8 +110,17 @@
}
/* Generate a new one */
+ if (rc != 0) {
+ /* If db_get_lastauthtuple_for_subscr() returned nothing, make
+ * sure the atuple memory is initialized to zero and thus start
+ * off with key_seq = 0. */
+ memset(atuple, 0, sizeof(*atuple));
+ } else {
+ /* If db_get_lastauthtuple_for_subscr() returned a previous
+ * tuple, use the next key_seq. */
+ atuple->key_seq = (atuple->key_seq + 1) % 7;
+ }
atuple->use_count = 1;
- atuple->key_seq = (atuple->key_seq + 1) % 7;
if (RAND_bytes(atuple->rand, sizeof(atuple->rand)) != 1) {
LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed, can't generate new auth tuple\n");