diff options
| author | Max <msuraev@sysmocom.de> | 2016-06-28 14:10:16 +0200 |
|---|---|---|
| committer | Harald Welte <laforge@gnumonks.org> | 2016-07-04 08:42:07 +0000 |
| commit | 93408ae72719590b9a0df9ce565694956f0cc34a (patch) | |
| tree | b6e6e4a9b26b32056debe032f21ed23251c483e9 /openbsc/src/gprs/sgsn_vty.c | |
| parent | 896c6f8e9e608374605abfec4b58ce44313a59bb (diff) | |
SGSN: add vty config for choosing GPRS encryption
Change-Id: I07d65205be1c75d59744426629ed04cf3cd99f79
Related: OS#1582
Diffstat (limited to 'openbsc/src/gprs/sgsn_vty.c')
| -rw-r--r-- | openbsc/src/gprs/sgsn_vty.c | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/openbsc/src/gprs/sgsn_vty.c b/openbsc/src/gprs/sgsn_vty.c index 02c0f318c..ac08bed65 100644 --- a/openbsc/src/gprs/sgsn_vty.c +++ b/openbsc/src/gprs/sgsn_vty.c @@ -39,7 +39,7 @@ #include <osmocom/vty/command.h> #include <osmocom/vty/vty.h> #include <osmocom/vty/misc.h> - +#include <osmocom/crypt/gprs_cipher.h> #include <osmocom/abis/ipa.h> #include <pdp.h> @@ -213,6 +213,10 @@ static int config_write_sgsn(struct vty *vty) vty_out(vty, " auth-policy %s%s", get_value_string(sgsn_auth_pol_strs, g_cfg->auth_policy), VTY_NEWLINE); + if (g_cfg->cipher != GPRS_ALGO_GEA0) + vty_out(vty, " encryption %s%s", + get_value_string(gprs_cipher_names, g_cfg->cipher), + VTY_NEWLINE); if (g_cfg->gsup_server_addr.sin_addr.s_addr) vty_out(vty, " gsup remote-ip %s%s", inet_ntoa(g_cfg->gsup_server_addr.sin_addr), VTY_NEWLINE); @@ -553,6 +557,30 @@ DEFUN(imsi_acl, cfg_imsi_acl_cmd, return CMD_SUCCESS; } +DEFUN(cfg_encrypt, cfg_encrypt_cmd, + "encryption (GEA0|GEA1|GEA2|GEA3|GEA4)", + "Set encryption algorithm for SGSN\n" + "Use GEA0 (no encryption)\n" + "Use GEA1\nUse GEA2\nUse GEA3\nUse GEA4\n") +{ + if (!g_cfg->require_authentication) { + vty_out(vty, "%% unable to use encryption without " + "authentication: adjust auth-policy%s", VTY_NEWLINE); + return CMD_WARNING; + } + + enum gprs_ciph_algo c = get_string_value(gprs_cipher_names, argv[0]); + if (!gprs_cipher_supported(c)) { + vty_out(vty, "%% cipher %s is unsupported in current version%s", + argv[0], VTY_NEWLINE); + return CMD_WARNING; + } + + g_cfg->cipher = c; + + return CMD_SUCCESS; +} + DEFUN(cfg_auth_policy, cfg_auth_policy_cmd, "auth-policy (accept-all|closed|acl-only|remote)", "Autorization Policy of SGSN\n" @@ -1060,6 +1088,7 @@ int sgsn_vty_init(void) install_element(SGSN_NODE, &cfg_ggsn_gtp_version_cmd); install_element(SGSN_NODE, &cfg_imsi_acl_cmd); install_element(SGSN_NODE, &cfg_auth_policy_cmd); + install_element(SGSN_NODE, &cfg_encrypt_cmd); install_element(SGSN_NODE, &cfg_gsup_remote_ip_cmd); install_element(SGSN_NODE, &cfg_gsup_remote_port_cmd); install_element(SGSN_NODE, &cfg_gsup_oap_id_cmd); |