2009-08-12 22:57:54 +00:00
|
|
|
/* SMS based token authentication for ad-hoc GSM networks */
|
|
|
|
|
|
|
|
/* (C) 2009 by Harald Welte <laforge@gnumonks.org>
|
|
|
|
*
|
|
|
|
* All Rights Reserved
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
2011-01-01 14:25:50 +00:00
|
|
|
* it under the terms of the GNU Affero General Public License as published by
|
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
2009-08-12 22:57:54 +00:00
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
2011-01-01 14:25:50 +00:00
|
|
|
* GNU Affero General Public License for more details.
|
2009-08-12 22:57:54 +00:00
|
|
|
*
|
2011-01-01 14:25:50 +00:00
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2009-08-12 22:57:54 +00:00
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2009-08-13 11:52:14 +00:00
|
|
|
#include <stdio.h>
|
2011-03-22 15:47:59 +00:00
|
|
|
#include <osmocom/core/talloc.h>
|
2009-08-12 22:57:54 +00:00
|
|
|
#include <openbsc/signal.h>
|
|
|
|
#include <openbsc/gsm_data.h>
|
|
|
|
#include <openbsc/gsm_04_11.h>
|
|
|
|
#include <openbsc/gsm_04_08.h>
|
|
|
|
#include <openbsc/gsm_subscriber.h>
|
2009-08-13 11:52:14 +00:00
|
|
|
#include <openbsc/chan_alloc.h>
|
|
|
|
#include <openbsc/db.h>
|
2009-08-12 22:57:54 +00:00
|
|
|
|
2009-08-13 18:43:58 +00:00
|
|
|
#define TOKEN_SMS_TEXT "HAR 2009 GSM. Register at http://har2009.gnumonks.org/ " \
|
|
|
|
"Your IMSI is %s, auth token is %08X, phone no is %s."
|
2009-08-13 11:52:14 +00:00
|
|
|
|
2011-04-18 15:04:00 +00:00
|
|
|
static char *build_sms_string(struct gsm_subscriber *subscr, uint32_t token)
|
2009-08-13 11:52:14 +00:00
|
|
|
{
|
|
|
|
char *sms_str;
|
|
|
|
unsigned int len;
|
|
|
|
|
|
|
|
len = strlen(subscr->imsi) + 8 + strlen(TOKEN_SMS_TEXT);
|
|
|
|
sms_str = talloc_size(tall_bsc_ctx, len);
|
|
|
|
if (!sms_str)
|
|
|
|
return NULL;
|
|
|
|
|
2009-08-13 18:43:58 +00:00
|
|
|
snprintf(sms_str, len, TOKEN_SMS_TEXT, subscr->imsi, token,
|
|
|
|
subscr->extension);
|
2009-08-13 11:52:14 +00:00
|
|
|
sms_str[len-1] = '\0';
|
|
|
|
|
|
|
|
return sms_str;
|
|
|
|
}
|
2009-08-12 22:57:54 +00:00
|
|
|
|
|
|
|
static int token_subscr_cb(unsigned int subsys, unsigned int signal,
|
|
|
|
void *handler_data, void *signal_data)
|
|
|
|
{
|
|
|
|
struct gsm_subscriber *subscr = signal_data;
|
|
|
|
struct gsm_sms *sms;
|
2009-08-13 11:52:14 +00:00
|
|
|
int rc = 0;
|
2009-08-12 22:57:54 +00:00
|
|
|
|
2009-12-13 11:56:47 +00:00
|
|
|
if (signal != S_SUBSCR_ATTACHED)
|
2009-08-12 22:57:54 +00:00
|
|
|
return 0;
|
|
|
|
|
2014-12-03 08:28:24 +00:00
|
|
|
if (subscr->group->net->auth_policy != GSM_AUTH_POLICY_TOKEN)
|
2009-08-13 11:52:14 +00:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
if (subscr->flags & GSM_SUBSCRIBER_FIRST_CONTACT) {
|
2012-12-27 23:49:01 +00:00
|
|
|
struct gsm_subscriber *sender;
|
2011-04-18 15:04:00 +00:00
|
|
|
uint32_t token;
|
2009-08-13 11:52:14 +00:00
|
|
|
char *sms_str;
|
|
|
|
|
2009-08-12 22:57:54 +00:00
|
|
|
/* we've seen this subscriber for the first time. */
|
2009-08-13 11:52:14 +00:00
|
|
|
rc = db_subscriber_alloc_token(subscr, &token);
|
|
|
|
if (rc != 0) {
|
|
|
|
rc = -EIO;
|
|
|
|
goto unauth;
|
|
|
|
}
|
|
|
|
|
|
|
|
sms_str = build_sms_string(subscr, token);
|
|
|
|
if (!sms_str) {
|
|
|
|
rc = -ENOMEM;
|
|
|
|
goto unauth;
|
|
|
|
}
|
|
|
|
|
2012-12-27 23:49:01 +00:00
|
|
|
|
|
|
|
/* FIXME: don't use ID 1 static */
|
2014-12-03 08:28:24 +00:00
|
|
|
sender = subscr_get_by_id(subscr->group, 1);
|
2012-12-27 23:49:01 +00:00
|
|
|
|
|
|
|
sms = sms_from_text(subscr, sender, 0, sms_str);
|
|
|
|
|
|
|
|
subscr_put(sender);
|
2009-08-13 11:52:14 +00:00
|
|
|
talloc_free(sms_str);
|
|
|
|
if (!sms) {
|
|
|
|
rc = -ENOMEM;
|
|
|
|
goto unauth;
|
|
|
|
}
|
|
|
|
|
|
|
|
rc = gsm411_send_sms_subscr(subscr, sms);
|
|
|
|
|
|
|
|
/* FIXME: else, delete the subscirber from database */
|
|
|
|
unauth:
|
|
|
|
|
|
|
|
/* make sure we don't allow him in again unless he clicks the web UI */
|
|
|
|
subscr->authorized = 0;
|
|
|
|
db_sync_subscriber(subscr);
|
|
|
|
if (rc) {
|
2010-06-16 05:23:55 +00:00
|
|
|
struct gsm_subscriber_connection *conn = connection_for_subscr(subscr);
|
|
|
|
if (conn) {
|
2011-04-18 15:04:00 +00:00
|
|
|
uint8_t auth_rand[16];
|
2009-08-13 11:52:14 +00:00
|
|
|
/* kick the subscriber off the network */
|
2010-06-16 05:23:55 +00:00
|
|
|
gsm48_tx_mm_auth_req(conn, auth_rand, 0);
|
|
|
|
gsm48_tx_mm_auth_rej(conn);
|
2009-08-13 11:52:14 +00:00
|
|
|
/* FIXME: close the channel early ?*/
|
|
|
|
//gsm48_send_rr_Release(lchan);
|
|
|
|
}
|
|
|
|
}
|
2009-08-12 22:57:54 +00:00
|
|
|
}
|
|
|
|
|
2009-08-13 11:52:14 +00:00
|
|
|
return rc;
|
2009-08-12 22:57:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static int token_sms_cb(unsigned int subsys, unsigned int signal,
|
|
|
|
void *handler_data, void *signal_data)
|
|
|
|
{
|
2010-12-24 09:15:55 +00:00
|
|
|
struct sms_signal_data *sig = signal_data;
|
|
|
|
struct gsm_sms *sms = sig->sms;;
|
2010-06-16 05:23:55 +00:00
|
|
|
struct gsm_subscriber_connection *conn;
|
2011-04-18 15:04:00 +00:00
|
|
|
uint8_t auth_rand[16];
|
2009-08-13 11:52:14 +00:00
|
|
|
|
2009-08-12 22:57:54 +00:00
|
|
|
|
|
|
|
if (signal != S_SMS_DELIVERED)
|
|
|
|
return 0;
|
|
|
|
|
2009-08-13 11:52:14 +00:00
|
|
|
|
2009-08-12 22:57:54 +00:00
|
|
|
/* these are not the droids we've been looking for */
|
|
|
|
if (!sms->receiver ||
|
|
|
|
!(sms->receiver->flags & GSM_SUBSCRIBER_FIRST_CONTACT))
|
|
|
|
return 0;
|
|
|
|
|
2009-08-13 11:52:14 +00:00
|
|
|
|
2014-12-03 08:28:24 +00:00
|
|
|
if (sms->receiver->group->net->auth_policy != GSM_AUTH_POLICY_TOKEN)
|
2009-08-12 22:57:54 +00:00
|
|
|
return 0;
|
|
|
|
|
2009-08-13 11:52:14 +00:00
|
|
|
|
2010-06-16 05:23:55 +00:00
|
|
|
conn = connection_for_subscr(sms->receiver);
|
|
|
|
if (conn) {
|
2009-08-12 22:57:54 +00:00
|
|
|
/* kick the subscriber off the network */
|
2010-06-16 05:23:55 +00:00
|
|
|
gsm48_tx_mm_auth_req(conn, auth_rand, 0);
|
|
|
|
gsm48_tx_mm_auth_rej(conn);
|
2009-08-13 11:52:14 +00:00
|
|
|
/* FIXME: close the channel early ?*/
|
2009-08-12 22:57:54 +00:00
|
|
|
//gsm48_send_rr_Release(lchan);
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2009-08-13 11:52:14 +00:00
|
|
|
//static __attribute__((constructor)) void on_dso_load_token(void)
|
|
|
|
void on_dso_load_token(void)
|
2009-08-12 22:57:54 +00:00
|
|
|
{
|
2011-05-06 10:12:31 +00:00
|
|
|
osmo_signal_register_handler(SS_SUBSCR, token_subscr_cb, NULL);
|
|
|
|
osmo_signal_register_handler(SS_SMS, token_sms_cb, NULL);
|
2009-08-12 22:57:54 +00:00
|
|
|
}
|