diff options
-rw-r--r-- | openbsc/include/openbsc/sgsn.h | 2 | ||||
-rw-r--r-- | openbsc/src/gprs/sgsn_auth.c | 4 | ||||
-rw-r--r-- | openbsc/src/gprs/sgsn_vty.c | 11 | ||||
-rw-r--r-- | openbsc/tests/sgsn/sgsn_test.c | 4 |
4 files changed, 10 insertions, 11 deletions
diff --git a/openbsc/include/openbsc/sgsn.h b/openbsc/include/openbsc/sgsn.h index 71be1ce2a..798bfde48 100644 --- a/openbsc/include/openbsc/sgsn.h +++ b/openbsc/include/openbsc/sgsn.h @@ -30,6 +30,8 @@ struct sgsn_config { struct sockaddr_in gsup_server_addr; int gsup_server_port; + + int require_authentication; }; struct sgsn_instance { diff --git a/openbsc/src/gprs/sgsn_auth.c b/openbsc/src/gprs/sgsn_auth.c index 3755a51d4..83372e857 100644 --- a/openbsc/src/gprs/sgsn_auth.c +++ b/openbsc/src/gprs/sgsn_auth.c @@ -110,7 +110,7 @@ enum sgsn_auth_state sgsn_auth_state(struct sgsn_mm_ctx *mmctx) if (mmctx->subscr->flags & GPRS_SUBSCRIBER_UPDATE_PENDING_MASK) return mmctx->auth_state; - if (mmctx->subscr->sgsn_data->authenticate && + if (sgsn->cfg.require_authentication && (!mmctx->is_authenticated || mmctx->subscr->sgsn_data->auth_triplets_updated)) return SGSN_AUTH_AUTHENTICATE; @@ -171,7 +171,7 @@ int sgsn_auth_request(struct sgsn_mm_ctx *mmctx) OSMO_ASSERT(mmctx->subscr != NULL); - if (mmctx->subscr->sgsn_data->authenticate && !mmctx->is_authenticated) { + if (sgsn->cfg.require_authentication && !mmctx->is_authenticated) { /* Find next tuple */ at = sgsn_auth_get_tuple(mmctx, mmctx->auth_triplet.key_seq); diff --git a/openbsc/src/gprs/sgsn_vty.c b/openbsc/src/gprs/sgsn_vty.c index e9333f562..3ca1570b9 100644 --- a/openbsc/src/gprs/sgsn_vty.c +++ b/openbsc/src/gprs/sgsn_vty.c @@ -376,6 +376,7 @@ DEFUN(cfg_auth_policy, cfg_auth_policy_cmd, int val = get_string_value(sgsn_auth_pol_strs, argv[0]); OSMO_ASSERT(val >= SGSN_AUTH_POLICY_OPEN && val <= SGSN_AUTH_POLICY_REMOTE); g_cfg->auth_policy = val; + g_cfg->require_authentication = (val == SGSN_AUTH_POLICY_REMOTE); return CMD_SUCCESS; } @@ -472,15 +473,14 @@ DEFUN(show_subscr_cache, #define UPDATE_SUBSCR_INSERT_HELP "Insert data into the subscriber record\n" DEFUN(update_subscr_insert, update_subscr_insert_cmd, - UPDATE_SUBSCR_STR "insert (authorized|authenticate) (0|1)", + UPDATE_SUBSCR_STR "insert authorized <0-1>)", UPDATE_SUBSCR_HELP UPDATE_SUBSCR_INSERT_HELP "Authorize the subscriber to attach\n" "New option value\n") { const char *imsi = argv[0]; - const char *option = argv[1]; - const char *value = argv[2]; + const char *value = argv[1]; struct gsm_subscriber *subscr; @@ -490,10 +490,7 @@ DEFUN(update_subscr_insert, update_subscr_insert_cmd, return CMD_WARNING; } - if (!strcmp(option, "authorized")) - subscr->authorized = atoi(value); - else - subscr->sgsn_data->authenticate = atoi(value); + subscr->authorized = atoi(value); subscr_put(subscr); diff --git a/openbsc/tests/sgsn/sgsn_test.c b/openbsc/tests/sgsn/sgsn_test.c index ebe12c906..7c48eef0a 100644 --- a/openbsc/tests/sgsn/sgsn_test.c +++ b/openbsc/tests/sgsn/sgsn_test.c @@ -876,7 +876,7 @@ static void test_gmm_attach_subscr_fake_auth(void) subscr = gprs_subscr_get_or_create("123456789012345"); subscr->authorized = 1; - subscr->sgsn_data->authenticate = 1; + sgsn->cfg.require_authentication = 1; subscr_put(subscr); printf("Auth policy 'remote', auth faked: "); @@ -918,7 +918,7 @@ static void test_gmm_attach_subscr_real_auth(void) subscr = gprs_subscr_get_or_create("123456789012345"); subscr->authorized = 1; - subscr->sgsn_data->authenticate = 1; + sgsn->cfg.require_authentication = 1; subscr_put(subscr); printf("Auth policy 'remote', triplet based auth: "); |