mirror of
				https://gitea.osmocom.org/cellular-infrastructure/osmo-mgw.git
				synced 2025-10-26 09:33:44 +00:00 
			
		
		
		
	paging: actually verify subscriber authorization
Before this, any paging response would be accepted by the CN, without checking the database whether the subscriber is in fact authorized. The probability that a subscriber would be able to take unauthorized action is slim, nevertheless checking authorization status with the database should happen before we accept a connection.
This commit is contained in:
		| @@ -132,7 +132,14 @@ int subscr_rx_paging_response(struct msgb *msg, | |||||||
| 	pr = (struct gsm48_pag_resp *)gh->data; | 	pr = (struct gsm48_pag_resp *)gh->data; | ||||||
|  |  | ||||||
| 	/* Secure the connection */ | 	/* Secure the connection */ | ||||||
| 	return gsm48_secure_channel(conn, pr->key_seq, subscr_paging_sec_cb, NULL); | 	if (subscr_authorized(conn->subscr)) | ||||||
|  | 		return gsm48_secure_channel(conn, pr->key_seq, | ||||||
|  | 					    subscr_paging_sec_cb, NULL); | ||||||
|  |  | ||||||
|  | 	/* Not authorized. Failure. */ | ||||||
|  | 	subscr_paging_sec_cb(GSM_HOOK_RR_SECURITY, GSM_SECURITY_AUTH_FAILED, | ||||||
|  | 			     msg, conn, NULL); | ||||||
|  | 	return -1; | ||||||
| } | } | ||||||
|  |  | ||||||
| int msc_paging_request(struct gsm_network *network, struct gsm_subscriber *subscr, | int msc_paging_request(struct gsm_network *network, struct gsm_subscriber *subscr, | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user