summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeels Hofmeyr <nhofmeyr@sysmocom.de>2017-02-24 06:28:31 +0100
committerNeels Hofmeyr <nhofmeyr@sysmocom.de>2017-02-27 14:29:41 +0000
commit27355c9c654e7035d8fea0619f3832e978a244bb (patch)
treef629c052ccabfa88897efbea673a71e4bc1bc8b8
parent058cd573d8c5554eba31cd4cc31625630ceeca1a (diff)
SGSN VTY: make missing GSUP server address+port fatal
On 'auth-policy remote', the SGSN requires GSUP server address and port. If it was missing, the SGSN would print a VTY warning and run anyway. Make this error more fatal: print an error (flattened a bit) to stderr and abort the program. Move validation of the GSUP server data presence out of the VTY command itself and into the config reading function. This way the GSUP server config can be given anywhere, including below the auth-policy config (was required above). Don't care about setting the auth-policy to remote with a telnet VTY, because in that case the GSUP client won't be started anyway. Change-Id: I4d8db910c32abd8579d3c9b9f0b2cb3a9a6dfe4c
-rw-r--r--openbsc/src/gprs/sgsn_main.c2
-rw-r--r--openbsc/src/gprs/sgsn_vty.c20
2 files changed, 10 insertions, 12 deletions
diff --git a/openbsc/src/gprs/sgsn_main.c b/openbsc/src/gprs/sgsn_main.c
index af5cced64..5cdfb31e4 100644
--- a/openbsc/src/gprs/sgsn_main.c
+++ b/openbsc/src/gprs/sgsn_main.c
@@ -376,7 +376,7 @@ int main(int argc, char **argv)
rc = sgsn_parse_config(sgsn_inst.config_file, &sgsn_inst.cfg);
if (rc < 0) {
- LOGP(DGPRS, LOGL_FATAL, "Cannot parse config file\n");
+ LOGP(DGPRS, LOGL_FATAL, "Error in config file\n");
exit(2);
}
diff --git a/openbsc/src/gprs/sgsn_vty.c b/openbsc/src/gprs/sgsn_vty.c
index a730635d9..6c8b640c1 100644
--- a/openbsc/src/gprs/sgsn_vty.c
+++ b/openbsc/src/gprs/sgsn_vty.c
@@ -638,17 +638,6 @@ DEFUN(cfg_auth_policy, cfg_auth_policy_cmd,
{
int val = get_string_value(sgsn_auth_pol_strs, argv[0]);
OSMO_ASSERT(val >= SGSN_AUTH_POLICY_OPEN && val <= SGSN_AUTH_POLICY_REMOTE);
- if (val == SGSN_AUTH_POLICY_REMOTE) {
- const char *err = "%% auth-policy remote requires";
- if (!g_cfg->gsup_server_addr.sin_addr.s_addr) {
- vty_out(vty, "%s 'gsup remote-ip'%s", err, VTY_NEWLINE);
- return CMD_WARNING;
- }
- if (!g_cfg->gsup_server_port) {
- vty_out(vty, "%s 'gsup remote-port'%s", err, VTY_NEWLINE);
- return CMD_WARNING;
- }
- }
g_cfg->auth_policy = val;
g_cfg->require_authentication = (val == SGSN_AUTH_POLICY_REMOTE);
g_cfg->require_update_location = (val == SGSN_AUTH_POLICY_REMOTE);
@@ -1311,5 +1300,14 @@ int sgsn_parse_config(const char *config_file, struct sgsn_config *cfg)
return rc;
}
+ if (g_cfg->auth_policy == SGSN_AUTH_POLICY_REMOTE
+ && !(g_cfg->gsup_server_addr.sin_addr.s_addr
+ && g_cfg->gsup_server_port)) {
+ fprintf(stderr, "Configuration error:"
+ " 'auth-policy remote' requires both"
+ " 'gsup remote-ip' and 'gsup remote-port'\n");
+ return -EINVAL;
+ }
+
return 0;
}