diff options
| author | Jacob Erlbeck <jerlbeck@sysmocom.de> | 2014-11-04 10:08:37 +0100 |
|---|---|---|
| committer | Holger Hans Peter Freyther <holger@moiji-mobile.com> | 2014-11-14 10:07:28 +0100 |
| commit | 106f547733450afda1ddbd7e886dc8c902fed4d4 (patch) | |
| tree | 036fdffd0c378776986c97633263e59bcc406260 /openbsc/tests | |
| parent | 144b8b1ca77f628ea4cf87ff903b7e79f0abf9dd (diff) | |
sgsn: Add 'acl-only' authentication policy
Currently the VTY 'auth-policy' command results in setting or clearing
the acl_enabled flag. This also enables the matching of the MCC/MNC
prefix of the IMSI.
This patch adds an additional policy 'acl-only' which disables the
MCC/MNC matching and relies on the ACL only.
Sponsored-by: On-Waves ehf
Diffstat (limited to 'openbsc/tests')
| -rw-r--r-- | openbsc/tests/sgsn/sgsn_test.c | 2 | ||||
| -rw-r--r-- | openbsc/tests/vty_test_runner.py | 16 |
2 files changed, 17 insertions, 1 deletions
diff --git a/openbsc/tests/sgsn/sgsn_test.c b/openbsc/tests/sgsn/sgsn_test.c index 218092f2c..00259a571 100644 --- a/openbsc/tests/sgsn/sgsn_test.c +++ b/openbsc/tests/sgsn/sgsn_test.c @@ -41,7 +41,7 @@ static struct sgsn_instance sgsn_inst = { .config_file = "osmo_sgsn.cfg", .cfg = { .gtp_statedir = "./", - .acl_enabled = 1, + .auth_policy = SGSN_AUTH_POLICY_CLOSED, }, }; struct sgsn_instance *sgsn = &sgsn_inst; diff --git a/openbsc/tests/vty_test_runner.py b/openbsc/tests/vty_test_runner.py index 82c0871a8..468d415e8 100644 --- a/openbsc/tests/vty_test_runner.py +++ b/openbsc/tests/vty_test_runner.py @@ -722,6 +722,22 @@ class TestVTYSGSN(TestVTYGenericBSC): res = self.vty.command("show llc") self.assert_(res.find('State of LLC Entities') >= 0) + def testVtyAuth(self): + self.vty.enable() + self.assertTrue(self.vty.verify('configure terminal', [''])) + self.assertEquals(self.vty.node(), 'config') + self.assertTrue(self.vty.verify('sgsn', [''])) + self.assertEquals(self.vty.node(), 'config-sgsn') + self.assertTrue(self.vty.verify('auth-policy accept-all', [''])) + res = self.vty.command("show running-config") + self.assert_(res.find('auth-policy accept-all') > 0) + self.assertTrue(self.vty.verify('auth-policy acl-only', [''])) + res = self.vty.command("show running-config") + self.assert_(res.find('auth-policy acl-only') > 0) + self.assertTrue(self.vty.verify('auth-policy closed', [''])) + res = self.vty.command("show running-config") + self.assert_(res.find('auth-policy closed') > 0) + def add_nat_test(suite, workdir): if not os.path.isfile(os.path.join(workdir, "src/osmo-bsc_nat/osmo-bsc_nat")): print("Skipping the NAT test") |