From be2c8d9358084092281e7d02dc7ae0b7e4c0b4f8 Mon Sep 17 00:00:00 2001 From: Jacob Erlbeck Date: Wed, 12 Nov 2014 10:18:09 +0100 Subject: sgsn: Integrate subscriber handling into the SGSN This commit adds a new authorization policy 'remote' and uses the subscriber cache for authorization when this policy is being used. Note that there is no remote backend implemented yet. After the IMSI/IMEI have been acquired, a request would be sent to the remote peer. The attach/auth-ciph procedure continues when authorization info has been received from the peer. This means, that gprs_subscr_update() must be called then to tell the GMM layer that it can proceed. A later commit will add VTY commands to do this manually. Sponsored-by: On-Waves ehf --- openbsc/src/gprs/sgsn_vty.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'openbsc/src/gprs/sgsn_vty.c') diff --git a/openbsc/src/gprs/sgsn_vty.c b/openbsc/src/gprs/sgsn_vty.c index 63816710e..5fb230f4c 100644 --- a/openbsc/src/gprs/sgsn_vty.c +++ b/openbsc/src/gprs/sgsn_vty.c @@ -45,6 +45,7 @@ const struct value_string sgsn_auth_pol_strs[] = { { SGSN_AUTH_POLICY_OPEN, "accept-all" }, { SGSN_AUTH_POLICY_CLOSED, "closed" }, { SGSN_AUTH_POLICY_ACL_ONLY, "acl-only" }, + { SGSN_AUTH_POLICY_REMOTE, "remote" }, { 0, NULL } }; @@ -358,14 +359,15 @@ DEFUN(imsi_acl, cfg_imsi_acl_cmd, } DEFUN(cfg_auth_policy, cfg_auth_policy_cmd, - "auth-policy (accept-all|closed|acl-only)", + "auth-policy (accept-all|closed|acl-only|remote)", "Autorization Policy of SGSN\n" "Accept all IMSIs (DANGEROUS)\n" "Accept only home network subscribers or those in the ACL\n" - "Accept only subscribers in the ACL\n") + "Accept only subscribers in the ACL\n" + "Use remote subscription data only (HLR)\n") { int val = get_string_value(sgsn_auth_pol_strs, argv[0]); - OSMO_ASSERT(val >= SGSN_AUTH_POLICY_OPEN && val <= SGSN_AUTH_POLICY_ACL_ONLY); + OSMO_ASSERT(val >= SGSN_AUTH_POLICY_OPEN && val <= SGSN_AUTH_POLICY_REMOTE); g_cfg->auth_policy = val; return CMD_SUCCESS; -- cgit v1.2.3