Authentication: use ENUM instead of magic numbers
This improves readability of the code...
This commit is contained in:
parent
2862dcac58
commit
86dda08762
|
@ -4,6 +4,13 @@
|
||||||
struct gsm_auth_tuple;
|
struct gsm_auth_tuple;
|
||||||
struct gsm_subscriber;
|
struct gsm_subscriber;
|
||||||
|
|
||||||
|
enum auth_action {
|
||||||
|
AUTH_NOT_AVAIL = 0, /* No auth tuple available */
|
||||||
|
AUTH_DO_AUTH_THAN_CIPH = 1, /* Firsth authenticate, then cipher */
|
||||||
|
AUTH_DO_CIPH = 2, /* Only ciphering */
|
||||||
|
AUTH_DO_AUTH = 3, /* Only authentication, no ciphering */
|
||||||
|
};
|
||||||
|
|
||||||
int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
|
int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
|
||||||
struct gsm_subscriber *subscr, int key_seq);
|
struct gsm_subscriber *subscr, int key_seq);
|
||||||
|
|
||||||
|
|
|
@ -23,6 +23,7 @@
|
||||||
|
|
||||||
#include <openbsc/db.h>
|
#include <openbsc/db.h>
|
||||||
#include <openbsc/debug.h>
|
#include <openbsc/debug.h>
|
||||||
|
#include <openbsc/auth.h>
|
||||||
#include <openbsc/gsm_data.h>
|
#include <openbsc/gsm_data.h>
|
||||||
|
|
||||||
#include <osmocore/comp128.h>
|
#include <osmocore/comp128.h>
|
||||||
|
@ -81,7 +82,7 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
|
||||||
rc = db_get_authinfo_for_subscr(&ainfo, subscr);
|
rc = db_get_authinfo_for_subscr(&ainfo, subscr);
|
||||||
if (rc < 0) {
|
if (rc < 0) {
|
||||||
DEBUGP(DMM, "No retrievable Ki for subscriber, skipping auth");
|
DEBUGP(DMM, "No retrievable Ki for subscriber, skipping auth");
|
||||||
return rc == -ENOENT ? 0 : -1;
|
return rc == -ENOENT ? AUTH_NOT_AVAIL : -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If possible, re-use the last tuple and skip auth */
|
/* If possible, re-use the last tuple and skip auth */
|
||||||
|
@ -92,7 +93,7 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
|
||||||
{
|
{
|
||||||
atuple->use_count++;
|
atuple->use_count++;
|
||||||
db_sync_lastauthtuple_for_subscr(atuple, subscr);
|
db_sync_lastauthtuple_for_subscr(atuple, subscr);
|
||||||
return 2;
|
return AUTH_DO_CIPH;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Generate a new one */
|
/* Generate a new one */
|
||||||
|
@ -123,6 +124,6 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
|
||||||
|
|
||||||
db_sync_lastauthtuple_for_subscr(atuple, subscr);
|
db_sync_lastauthtuple_for_subscr(atuple, subscr);
|
||||||
|
|
||||||
return 1;
|
return AUTH_DO_AUTH_THAN_CIPH;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -191,10 +191,10 @@ int gsm48_secure_channel(struct gsm_subscriber_connection *conn, int key_seq,
|
||||||
/* FIXME: Should start a timer for completion ... */
|
/* FIXME: Should start a timer for completion ... */
|
||||||
|
|
||||||
/* Then do whatever is needed ... */
|
/* Then do whatever is needed ... */
|
||||||
if (rc == 1) {
|
if (rc == AUTH_DO_AUTH_THAN_CIPH) {
|
||||||
/* Start authentication */
|
/* Start authentication */
|
||||||
return gsm48_tx_mm_auth_req(conn, op->atuple.rand, op->atuple.key_seq);
|
return gsm48_tx_mm_auth_req(conn, op->atuple.rand, op->atuple.key_seq);
|
||||||
} else if (rc == 2) {
|
} else if (rc == AUTH_DO_CIPH) {
|
||||||
/* Start ciphering directly */
|
/* Start ciphering directly */
|
||||||
return gsm0808_cipher_mode(conn, net->a5_encryption,
|
return gsm0808_cipher_mode(conn, net->a5_encryption,
|
||||||
op->atuple.kc, 8, 0);
|
op->atuple.kc, 8, 0);
|
||||||
|
|
Loading…
Reference in New Issue