gsm48_tx_mm_auth_req(): support UMTS AUTN
To be able to do R99 UMTS authentication, we need to send along AUTN bytes in
the Authentication Request. Add autn parameter to gsm48_tx_mm_auth_req() and
conditionally append the R99 AUTN TLV to the Authentication Request message.
Change-Id: I0d644559088706aa06b42b9bfe1f8c21ca6fa4da
diff --git a/openbsc/src/libmsc/gsm_04_08.c b/openbsc/src/libmsc/gsm_04_08.c
index 8380710..407104f 100644
--- a/openbsc/src/libmsc/gsm_04_08.c
+++ b/openbsc/src/libmsc/gsm_04_08.c
@@ -238,7 +238,8 @@
/* Then do whatever is needed ... */
if (rc == AUTH_DO_AUTH_THEN_CIPH) {
/* Start authentication */
- return gsm48_tx_mm_auth_req(conn, op->atuple.vec.rand, op->atuple.key_seq);
+ return gsm48_tx_mm_auth_req(conn, op->atuple.vec.rand, NULL,
+ op->atuple.key_seq);
} else if (rc == AUTH_DO_CIPH) {
/* Start ciphering directly */
return gsm0808_cipher_mode(conn, net->a5_encryption,
@@ -875,14 +876,24 @@
return gsm48_conn_sendmsg(msg, conn, NULL);
}
-/* Section 9.2.2 */
-int gsm48_tx_mm_auth_req(struct gsm_subscriber_connection *conn, uint8_t *rand, int key_seq)
+/*! Send an Authentication Request to MS on the given subscriber connection
+ * according to 3GPP/ETSI TS 24.008, Section 9.2.2.
+ * \param[in] conn Subscriber connection to send on.
+ * \param[in] rand Random challenge token to send, must be 16 bytes long.
+ * \param[in] autn r99: In case of UMTS mutual authentication, AUTN token to
+ * send; must be 16 bytes long, or pass NULL for plain GSM auth.
+ * \param[in] key_seq auth tuple's sequence number.
+ */
+int gsm48_tx_mm_auth_req(struct gsm_subscriber_connection *conn, uint8_t *rand,
+ uint8_t *autn, int key_seq)
{
struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 AUTH REQ");
struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
struct gsm48_auth_req *ar = (struct gsm48_auth_req *) msgb_put(msg, sizeof(*ar));
DEBUGP(DMM, "-> AUTH REQ (rand = %s)\n", osmo_hexdump(rand, 16));
+ if (autn)
+ DEBUGP(DMM, " AUTH REQ (autn = %s)\n", osmo_hexdump(autn, 16));
msg->lchan = conn->lchan;
gh->proto_discr = GSM48_PDISC_MM;
@@ -891,9 +902,15 @@
ar->key_seq = key_seq;
/* 16 bytes RAND parameters */
+ osmo_static_assert(sizeof(ar->rand) == 16, sizeof_auth_req_r99_rand);
if (rand)
memcpy(ar->rand, rand, 16);
+
+ /* 16 bytes AUTN */
+ if (autn)
+ msgb_tlv_put(msg, GSM48_IE_AUTN, 16, autn);
+
return gsm48_conn_sendmsg(msg, conn, NULL);
}
diff --git a/openbsc/src/libmsc/token_auth.c b/openbsc/src/libmsc/token_auth.c
index 95fd9b3..5af1e98 100644
--- a/openbsc/src/libmsc/token_auth.c
+++ b/openbsc/src/libmsc/token_auth.c
@@ -106,7 +106,7 @@
if (conn) {
uint8_t auth_rand[16];
/* kick the subscriber off the network */
- gsm48_tx_mm_auth_req(conn, auth_rand, 0);
+ gsm48_tx_mm_auth_req(conn, auth_rand, NULL, 0);
gsm48_tx_mm_auth_rej(conn);
/* FIXME: close the channel early ?*/
//gsm48_send_rr_Release(lchan);
@@ -143,7 +143,7 @@
conn = connection_for_subscr(sms->receiver);
if (conn) {
/* kick the subscriber off the network */
- gsm48_tx_mm_auth_req(conn, auth_rand, 0);
+ gsm48_tx_mm_auth_req(conn, auth_rand, NULL, 0);
gsm48_tx_mm_auth_rej(conn);
/* FIXME: close the channel early ?*/
//gsm48_send_rr_Release(lchan);