summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Hans Peter Freyther <holger@moiji-mobile.com>2015-06-08 11:55:02 +0200
committerHolger Hans Peter Freyther <holger@moiji-mobile.com>2015-07-01 08:16:40 +0200
commit0363d1bb97663e83aa0dc3a1e6b425b1870dd271 (patch)
treead6b3fe50694d1c65546111aa3c9f66bb7003c69
parentaa0cecd9b7986254983af6b6cbef291183709ca0 (diff)
nat: Close the connection after we couldn't find the user
In case the token was not correct, just close the connection. It is not clear that forcing a new TCP connection is going to give us any extra security here. But with the upcoming auth handling it does make sense to have both case look similar.
-rw-r--r--openbsc/src/osmo-bsc_nat/bsc_nat.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c b/openbsc/src/osmo-bsc_nat/bsc_nat.c
index 2f186b2..9216654 100644
--- a/openbsc/src/osmo-bsc_nat/bsc_nat.c
+++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c
@@ -985,6 +985,7 @@ static void ipaccess_auth_bsc(struct tlv_parsed *tvp, struct bsc_connection *bsc
LOGP(DNAT, LOGL_ERROR,
"No bsc found for token '%s' on fd: %d.\n", token,
bsc->write_queue.bfd.fd);
+ bsc_close_connection(bsc);
return;
}