sgsn: Integrate subscriber handling into the SGSN

This commit adds a new authorization policy 'remote' and uses
the subscriber cache for authorization when this policy is being used.

Note that there is no remote backend implemented yet. After the
IMSI/IMEI have been acquired, a request would be sent to the remote
peer. The attach/auth-ciph procedure continues when authorization
info has been received from the peer. This means, that
gprs_subscr_update() must be called then to tell the GMM layer
that it can proceed. A later commit will add VTY commands to do this
manually.

Sponsored-by: On-Waves ehf

1 files changed, 5 insertions, 3 deletions

diff --git a/openbsc/src/gprs/sgsn_vty.c b/openbsc/src/gprs/sgsn_vty.c
index 63816710e..5fb230f4c 100644
--- a/openbsc/src/gprs/sgsn_vty.c
+++ b/openbsc/src/gprs/sgsn_vty.c
@@ -45,6 +45,7 @@ const struct value_string sgsn_auth_pol_strs[] = {
 	{ SGSN_AUTH_POLICY_OPEN,	"accept-all" },
 	{ SGSN_AUTH_POLICY_CLOSED,	"closed" },
 	{ SGSN_AUTH_POLICY_ACL_ONLY,    "acl-only" },
+	{ SGSN_AUTH_POLICY_REMOTE,      "remote" },
 	{ 0, NULL }
 };
 
@@ -358,14 +359,15 @@ DEFUN(imsi_acl, cfg_imsi_acl_cmd,
 }
 
 DEFUN(cfg_auth_policy, cfg_auth_policy_cmd,
-	"auth-policy (accept-all|closed|acl-only)",
+	"auth-policy (accept-all|closed|acl-only|remote)",
 	"Autorization Policy of SGSN\n"
 	"Accept all IMSIs (DANGEROUS)\n"
 	"Accept only home network subscribers or those in the ACL\n"
-	"Accept only subscribers in the ACL\n")
+	"Accept only subscribers in the ACL\n"
+	"Use remote subscription data only (HLR)\n")
 {
 	int val = get_string_value(sgsn_auth_pol_strs, argv[0]);
-	OSMO_ASSERT(val >= SGSN_AUTH_POLICY_OPEN && val <= SGSN_AUTH_POLICY_ACL_ONLY);
+	OSMO_ASSERT(val >= SGSN_AUTH_POLICY_OPEN && val <= SGSN_AUTH_POLICY_REMOTE);
 	g_cfg->auth_policy = val;
 
 	return CMD_SUCCESS;