From 27355c9c654e7035d8fea0619f3832e978a244bb Mon Sep 17 00:00:00 2001 From: Neels Hofmeyr Date: Fri, 24 Feb 2017 06:28:31 +0100 Subject: SGSN VTY: make missing GSUP server address+port fatal On 'auth-policy remote', the SGSN requires GSUP server address and port. If it was missing, the SGSN would print a VTY warning and run anyway. Make this error more fatal: print an error (flattened a bit) to stderr and abort the program. Move validation of the GSUP server data presence out of the VTY command itself and into the config reading function. This way the GSUP server config can be given anywhere, including below the auth-policy config (was required above). Don't care about setting the auth-policy to remote with a telnet VTY, because in that case the GSUP client won't be started anyway. Change-Id: I4d8db910c32abd8579d3c9b9f0b2cb3a9a6dfe4c --- openbsc/src/gprs/sgsn_main.c | 2 +- openbsc/src/gprs/sgsn_vty.c | 20 +++++++++----------- 2 files changed, 10 insertions(+), 12 deletions(-) (limited to 'openbsc/src/gprs') diff --git a/openbsc/src/gprs/sgsn_main.c b/openbsc/src/gprs/sgsn_main.c index af5cced64..5cdfb31e4 100644 --- a/openbsc/src/gprs/sgsn_main.c +++ b/openbsc/src/gprs/sgsn_main.c @@ -376,7 +376,7 @@ int main(int argc, char **argv) rc = sgsn_parse_config(sgsn_inst.config_file, &sgsn_inst.cfg); if (rc < 0) { - LOGP(DGPRS, LOGL_FATAL, "Cannot parse config file\n"); + LOGP(DGPRS, LOGL_FATAL, "Error in config file\n"); exit(2); } diff --git a/openbsc/src/gprs/sgsn_vty.c b/openbsc/src/gprs/sgsn_vty.c index a730635d9..6c8b640c1 100644 --- a/openbsc/src/gprs/sgsn_vty.c +++ b/openbsc/src/gprs/sgsn_vty.c @@ -638,17 +638,6 @@ DEFUN(cfg_auth_policy, cfg_auth_policy_cmd, { int val = get_string_value(sgsn_auth_pol_strs, argv[0]); OSMO_ASSERT(val >= SGSN_AUTH_POLICY_OPEN && val <= SGSN_AUTH_POLICY_REMOTE); - if (val == SGSN_AUTH_POLICY_REMOTE) { - const char *err = "%% auth-policy remote requires"; - if (!g_cfg->gsup_server_addr.sin_addr.s_addr) { - vty_out(vty, "%s 'gsup remote-ip'%s", err, VTY_NEWLINE); - return CMD_WARNING; - } - if (!g_cfg->gsup_server_port) { - vty_out(vty, "%s 'gsup remote-port'%s", err, VTY_NEWLINE); - return CMD_WARNING; - } - } g_cfg->auth_policy = val; g_cfg->require_authentication = (val == SGSN_AUTH_POLICY_REMOTE); g_cfg->require_update_location = (val == SGSN_AUTH_POLICY_REMOTE); @@ -1311,5 +1300,14 @@ int sgsn_parse_config(const char *config_file, struct sgsn_config *cfg) return rc; } + if (g_cfg->auth_policy == SGSN_AUTH_POLICY_REMOTE + && !(g_cfg->gsup_server_addr.sin_addr.s_addr + && g_cfg->gsup_server_port)) { + fprintf(stderr, "Configuration error:" + " 'auth-policy remote' requires both" + " 'gsup remote-ip' and 'gsup remote-port'\n"); + return -EINVAL; + } + return 0; } -- cgit v1.2.3