path: root/doc
diff options
authorPau Espin Pedrol <pespin@sysmocom.de>2019-06-13 19:03:25 +0200
committerPau Espin Pedrol <pespin@sysmocom.de>2019-06-13 19:23:36 +0200
commitd1463bc36574627c6315ab2f7346f897387b1345 (patch)
tree734f7ea3a3345e2ed4649d0c3e40ac0615297f11 /doc
parent794f446a284ed1ac6d31eb79a8f4c874d66fc34e (diff)
sgsn: Have authentication required on by default
Previous commit introduced command "authentication (optional|required)", which is only meaningful if auth-policy is remote. Upon adding the cmd, it changed the default logic for remote policy to not require authentication, which broke TTCN3 tests because sgsn no longer tries to authenticate the users. Since it's actually good to enable authentication by default where possible, let's enable it by default when on auth-policy remote. In order to do so, let's simply not care about the value of variable require_authentication if auth_policy is not REMOTE. As a result, we drop parts of the previous patch and remove unneeded checks (which are only partially useful based on order of commands during VTY read). Fixes: 794f446a284ed1ac6d31eb79a8f4c874d66fc34e Change-Id: Ic707a95af178b44f08809df3d3bc8354bf34273c
Diffstat (limited to 'doc')
1 files changed, 3 insertions, 3 deletions
diff --git a/doc/manuals/vty/sgsn_vty_reference.xml b/doc/manuals/vty/sgsn_vty_reference.xml
index ed117778..e9cd3224 100644
--- a/doc/manuals/vty/sgsn_vty_reference.xml
+++ b/doc/manuals/vty/sgsn_vty_reference.xml
@@ -2232,9 +2232,9 @@
<command id='authentication (optional|required)'>
- <param name='authentication' doc='Whether to enforce MS authentication in GERAN' />
- <param name='optional' doc='Allow MS to attach via GERAN without authentication' />
- <param name='required' doc='Always require authentication' />
+ <param name='authentication' doc='Whether to enforce MS authentication in GERAN (only with auth-policy remote)' />
+ <param name='optional' doc='Allow MS to attach via GERAN without authentication (default and only possible value for non-remote auth-policy)' />
+ <param name='required' doc='Always require authentication (only available for auth-policy remote, default with that auth-policy)' />
<command id='encryption (GEA0|GEA1|GEA2|GEA3|GEA4)'>