diff options
| author | Pau Espin Pedrol <pespin@sysmocom.de> | 2023-01-09 18:29:21 +0100 |
|---|---|---|
| committer | Pau Espin Pedrol <pespin@sysmocom.de> | 2023-01-11 12:58:23 +0100 |
| commit | 86b630cfe1403d8145e5744e907af0f1328a40c1 (patch) | |
| tree | 66cab081925f8ea356632d7966592c2ada88fda4 /src | |
| parent | 93bc518b53b3f7e4b3a278835561a220e2dda4f9 (diff) | |
vty: Introduce encryption cipher-plugin-path command
The load of plugins will eventually be moved to libosmo-gprs
implementation, and path will be passed as a parameter. Once it's moved
inside libosmo-gprs, it will be more strict on load failures, which can
cause internally if the path doesn't exist (unless NULL is passed).
Hence, add a VTY config to allow configuring the right path, and have it
disabled by default.
Change-Id: I4f965c7afafa193f4d7486750dd3e43cca22bb65
Diffstat (limited to 'src')
| -rw-r--r-- | src/sgsn/sgsn_main.c | 4 | ||||
| -rw-r--r-- | src/sgsn/sgsn_vty.c | 25 |
2 files changed, 27 insertions, 2 deletions
diff --git a/src/sgsn/sgsn_main.c b/src/sgsn/sgsn_main.c index d9d454c3a..04de6a26f 100644 --- a/src/sgsn/sgsn_main.c +++ b/src/sgsn/sgsn_main.c @@ -413,8 +413,6 @@ int main(int argc, char **argv) sgsn->cfg.nsi = sgsn_nsi; bssgp_set_bssgp_callback(sgsn_bssgp_dispatch_ns_unitdata_req_cb, sgsn_nsi); - gprs_llc_init("/usr/local/lib/osmocom/crypt/"); - gprs_ns2_vty_init(sgsn_nsi); bssgp_vty_init(); gprs_llc_vty_init(); @@ -449,6 +447,8 @@ int main(int argc, char **argv) if (rc < 0) exit(1); + gprs_llc_init(sgsn->cfg.crypt_cipher_plugin_path); + rc = sgsn_gtp_init(sgsn); if (rc) { LOGP(DGPRS, LOGL_FATAL, "Cannot bind/listen on GTP socket\n"); diff --git a/src/sgsn/sgsn_vty.c b/src/sgsn/sgsn_vty.c index 79764f190..b31fb5968 100644 --- a/src/sgsn/sgsn_vty.c +++ b/src/sgsn/sgsn_vty.c @@ -282,6 +282,8 @@ static int config_write_sgsn(struct vty *vty) vty_out(vty, "%s", VTY_NEWLINE); } + if (g_cfg->crypt_cipher_plugin_path) + vty_out(vty, "encryption cipher-plugin-path %s%s", g_cfg->crypt_cipher_plugin_path, VTY_NEWLINE); if (g_cfg->sgsn_ipa_name) vty_out(vty, " gsup ipa-name %s%s", g_cfg->sgsn_ipa_name, VTY_NEWLINE); if (g_cfg->gsup_server_addr.sin_addr.s_addr) @@ -839,6 +841,27 @@ DEFUN(cfg_encrypt2, cfg_encrypt2_cmd, return CMD_SUCCESS; } +DEFUN(cfg_encrypt_cipher_plugin_path, cfg_encrypt_cipher_plugin_path_cmd, + "encryption cipher-plugin-path PATH", + ENCRYPTION_STR + "Path to gprs encryption cipher plugin directory\n" + "Plugin path\n") +{ + osmo_talloc_replace_string(sgsn, &sgsn->cfg.crypt_cipher_plugin_path, argv[0]); + + return CMD_SUCCESS; +} + +DEFUN(cfg_no_encrypt_cipher_plugin_path, cfg_no_encrypt_cipher_plugin_path_cmd, + "no encryption cipher-plugin-path PATH", + NO_STR ENCRYPTION_STR + "Path to gprs encryption cipher plugin directory\n" + "Plugin path\n") +{ + TALLOC_FREE(sgsn->cfg.crypt_cipher_plugin_path); + return CMD_SUCCESS; +} + DEFUN(cfg_authentication, cfg_authentication_cmd, "authentication (optional|required)", "Whether to enforce MS authentication in GERAN (only with auth-policy remote)\n" @@ -1773,6 +1796,8 @@ int sgsn_vty_init(struct sgsn_config *cfg) install_element(SGSN_NODE, &cfg_encrypt2_cmd); install_element(SGSN_NODE, &cfg_encrypt_cmd); install_element(SGSN_NODE, &cfg_encryption_uea_cmd); + install_element(SGSN_NODE, &cfg_encrypt_cipher_plugin_path_cmd); + install_element(SGSN_NODE, &cfg_no_encrypt_cipher_plugin_path_cmd); install_element(SGSN_NODE, &cfg_gsup_ipa_name_cmd); install_element(SGSN_NODE, &cfg_gsup_remote_ip_cmd); |