From ddee01fa8fe3b71d39b1e0b9e9ceb93366d56242 Mon Sep 17 00:00:00 2001
From: Max <msuraev@sysmocom.de>
Date: Tue, 24 May 2016 14:23:27 +0200
Subject: Add regexp authorization policy for IMSI

* extend "auth policy" vty command with new option "regexp"
* add vty command "authorized-regexp" for setting arbitrary POSIX
  regular expression
* add basic vty test
* add optional "regexp" argument to subscriber-create-on-demand vty
  command

With those in place we can now set the regexp against which MS's IMSI
will be matched.

If IMSI match the regexp than MS is allowed to access the network. If
subscriber is already marked as authorized in HLR than it'll be allowed
regardless of IMSI matching.

The same way we can decide whether to create subscribers on-demand
basesd on IMSI regexp match. Similar to authorization this restriction
can be overridden by manually creating subscriber via vty, ctrl
interface or directly in HLR.

Change-Id: I525f4b80676de47d1d422686da2ca012301b0129
Fixes: OS#1647
---
 openbsc/src/libcommon/gsm_data.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'openbsc/src/libcommon/gsm_data.c')

diff --git a/openbsc/src/libcommon/gsm_data.c b/openbsc/src/libcommon/gsm_data.c
index 4e235fd6b..9d794eec9 100644
--- a/openbsc/src/libcommon/gsm_data.c
+++ b/openbsc/src/libcommon/gsm_data.c
@@ -162,6 +162,7 @@ static const struct value_string auth_policy_names[] = {
 	{ GSM_AUTH_POLICY_CLOSED,	"closed" },
 	{ GSM_AUTH_POLICY_ACCEPT_ALL,	"accept-all" },
 	{ GSM_AUTH_POLICY_TOKEN,	"token" },
+	{ GSM_AUTH_POLICY_REGEXP,	"regexp" },
 	{ 0,				NULL }
 };
 
-- 
cgit v1.2.3