Authentication: use ENUM instead of magic numbers
This improves readability of the code...
This commit is contained in:
parent
2862dcac58
commit
86dda08762
|
@ -4,6 +4,13 @@
|
|||
struct gsm_auth_tuple;
|
||||
struct gsm_subscriber;
|
||||
|
||||
enum auth_action {
|
||||
AUTH_NOT_AVAIL = 0, /* No auth tuple available */
|
||||
AUTH_DO_AUTH_THAN_CIPH = 1, /* Firsth authenticate, then cipher */
|
||||
AUTH_DO_CIPH = 2, /* Only ciphering */
|
||||
AUTH_DO_AUTH = 3, /* Only authentication, no ciphering */
|
||||
};
|
||||
|
||||
int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
|
||||
struct gsm_subscriber *subscr, int key_seq);
|
||||
|
||||
|
|
|
@ -23,6 +23,7 @@
|
|||
|
||||
#include <openbsc/db.h>
|
||||
#include <openbsc/debug.h>
|
||||
#include <openbsc/auth.h>
|
||||
#include <openbsc/gsm_data.h>
|
||||
|
||||
#include <osmocore/comp128.h>
|
||||
|
@ -81,7 +82,7 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
|
|||
rc = db_get_authinfo_for_subscr(&ainfo, subscr);
|
||||
if (rc < 0) {
|
||||
DEBUGP(DMM, "No retrievable Ki for subscriber, skipping auth");
|
||||
return rc == -ENOENT ? 0 : -1;
|
||||
return rc == -ENOENT ? AUTH_NOT_AVAIL : -1;
|
||||
}
|
||||
|
||||
/* If possible, re-use the last tuple and skip auth */
|
||||
|
@ -92,7 +93,7 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
|
|||
{
|
||||
atuple->use_count++;
|
||||
db_sync_lastauthtuple_for_subscr(atuple, subscr);
|
||||
return 2;
|
||||
return AUTH_DO_CIPH;
|
||||
}
|
||||
|
||||
/* Generate a new one */
|
||||
|
@ -123,6 +124,6 @@ int auth_get_tuple_for_subscr(struct gsm_auth_tuple *atuple,
|
|||
|
||||
db_sync_lastauthtuple_for_subscr(atuple, subscr);
|
||||
|
||||
return 1;
|
||||
return AUTH_DO_AUTH_THAN_CIPH;
|
||||
}
|
||||
|
||||
|
|
|
@ -191,10 +191,10 @@ int gsm48_secure_channel(struct gsm_subscriber_connection *conn, int key_seq,
|
|||
/* FIXME: Should start a timer for completion ... */
|
||||
|
||||
/* Then do whatever is needed ... */
|
||||
if (rc == 1) {
|
||||
if (rc == AUTH_DO_AUTH_THAN_CIPH) {
|
||||
/* Start authentication */
|
||||
return gsm48_tx_mm_auth_req(conn, op->atuple.rand, op->atuple.key_seq);
|
||||
} else if (rc == 2) {
|
||||
} else if (rc == AUTH_DO_CIPH) {
|
||||
/* Start ciphering directly */
|
||||
return gsm0808_cipher_mode(conn, net->a5_encryption,
|
||||
op->atuple.kc, 8, 0);
|
||||
|
|
Loading…
Reference in New Issue