Well we have two settings here...
one is if we want encryption on, the second is if that subscriber can do
encryption. With what I have in mind, you would get the subscriber
connection (currently embedded in the lchan) on a new connection and
then your function can decide to close the channel, or to secure it and
then hand it to someone else.
That's what the code does now.
Basically the caller calls the 'secure channel' function and provides
a call back.
What the secure does is :
- Check if auth/encryption is requested (from the vty config).
- If it is, and if the MS reported supporting it in ClassMark2, and
if the subscriber has auth information in the DB, then it starts the
auth(if needed), then cipher start.
- Once done, the call back is called with a status :
. NO_AVAIL : For some reason, it's not supported (no keys for
subscribers or no CM2 support or not configured ...) But the channel
is up and ready
. FAIL : It should have been supported but the client failed to pass
authentication, channel is closed.
. OK : All OK.
I've taken Harald's forward port and modded a couple of things, I'll
test that tonight. The support for ciphering on MS initiated call and
location update doesn't require paging system change.
Sylvain