From 2e5e94c3283fa4f5160962f42e7cd5d4e39b7d1e Mon Sep 17 00:00:00 2001 From: Jacob Erlbeck Date: Mon, 8 Dec 2014 15:26:47 +0100 Subject: sgsn: Support subscriber based authentication This commit mainly extends sgsn_auth.c to use and support the auth_state SGSN_AUTH_AUTHENTICATE. It will be activated when IMSI and IMEI are available, authentication is required (subscr->sgsn_data->authenticate is set), but the MM context is not marked as authenticated. If the state has been set to SGSN_AUTH_AUTHENTICATE and sgsn_auth_update() is called, the GMM layer will be informed by invoking gsm0408_gprs_authenticate(). Sponsored-by: On-Waves ehf --- openbsc/src/gprs/sgsn_auth.c | 7 +++++++ openbsc/src/gprs/sgsn_vty.c | 8 +++++--- 2 files changed, 12 insertions(+), 3 deletions(-) (limited to 'openbsc/src') diff --git a/openbsc/src/gprs/sgsn_auth.c b/openbsc/src/gprs/sgsn_auth.c index 1f11948f1..1219176d6 100644 --- a/openbsc/src/gprs/sgsn_auth.c +++ b/openbsc/src/gprs/sgsn_auth.c @@ -110,6 +110,10 @@ enum sgsn_auth_state sgsn_auth_state(struct sgsn_mm_ctx *mmctx) if (mmctx->subscr->flags & GPRS_SUBSCRIBER_UPDATE_PENDING) return mmctx->auth_state; + if (mmctx->subscr->sgsn_data->authenticate && + !mmctx->is_authenticated) + return SGSN_AUTH_AUTHENTICATE; + if (mmctx->subscr->authorized) return SGSN_AUTH_ACCEPTED; @@ -180,6 +184,9 @@ void sgsn_auth_update(struct sgsn_mm_ctx *mmctx) mmctx->auth_state = auth_state; switch (auth_state) { + case SGSN_AUTH_AUTHENTICATE: + gsm0408_gprs_authenticate(mmctx); + break; case SGSN_AUTH_ACCEPTED: gsm0408_gprs_access_granted(mmctx); break; diff --git a/openbsc/src/gprs/sgsn_vty.c b/openbsc/src/gprs/sgsn_vty.c index a73b77155..4bb6a86a4 100644 --- a/openbsc/src/gprs/sgsn_vty.c +++ b/openbsc/src/gprs/sgsn_vty.c @@ -441,15 +441,15 @@ DEFUN(show_subscr_cache, "The IMSI\n" DEFUN(update_subscr_insert, update_subscr_insert_cmd, - UPDATE_SUBSCR_STR "insert authorized (0|1)", + UPDATE_SUBSCR_STR "insert (authorized|authenticate) (0|1)", UPDATE_SUBSCR_HELP "Insert data into the subscriber record\n" "Authorize the subscriber to attach\n" "New option value\n") { const char *imsi = argv[0]; - const char *option = "authorized"; - const char *value = argv[1]; + const char *option = argv[1]; + const char *value = argv[2]; struct gsm_subscriber *subscr; @@ -461,6 +461,8 @@ DEFUN(update_subscr_insert, update_subscr_insert_cmd, if (!strcmp(option, "authorized")) subscr->authorized = atoi(value); + else + subscr->sgsn_data->authenticate = atoi(value); subscr_put(subscr); -- cgit v1.2.3