From f951a01bb227e524eb369051c95fbebace7570d0 Mon Sep 17 00:00:00 2001 From: Jacob Erlbeck Date: Fri, 7 Nov 2014 14:17:44 +0100 Subject: sgsn: Refactor sgsn_auth to separate request and authorization Currently the authorization is done in sgsn_auth_request for ACL based authorization. This doesn't match the way remote authorization would work, so that there is a second call to sgsn_auth_state already present in sgsn_auth_update. This patch removes the autorization check completely from sgsn_auth_request which in turn calls sgsn_auth_update directly now. Sponsored-by: On-Waves ehf --- openbsc/src/gprs/sgsn_auth.c | 38 ++++++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 14 deletions(-) (limited to 'openbsc/src/gprs/sgsn_auth.c') diff --git a/openbsc/src/gprs/sgsn_auth.c b/openbsc/src/gprs/sgsn_auth.c index d2d4913b6..0407e9e69 100644 --- a/openbsc/src/gprs/sgsn_auth.c +++ b/openbsc/src/gprs/sgsn_auth.c @@ -32,6 +32,8 @@ const struct value_string auth_state_names[] = { { 0, NULL } }; +const struct value_string *sgsn_auth_state_names = auth_state_names; + void sgsn_auth_init(struct sgsn_instance *sgi) { INIT_LLIST_HEAD(&sgi->cfg.imsi_acl); @@ -125,29 +127,37 @@ enum sgsn_auth_state sgsn_auth_state(struct sgsn_mm_ctx *mmctx, int sgsn_auth_request(struct sgsn_mm_ctx *mmctx, struct sgsn_config *cfg) { - struct sgsn_subscriber_data sd = {0}; + /* TODO: Add remote subscriber update requests here */ + + sgsn_auth_update(mmctx, sgsn); + + return 0; +} + +void sgsn_auth_update(struct sgsn_mm_ctx *mmctx, struct sgsn_instance *sgi) +{ + enum sgsn_auth_state auth_state; - sd.auth_state = sgsn_auth_state(mmctx, cfg); + LOGMMCTXP(LOGL_DEBUG, mmctx, "Updating authorization\n"); - if (sd.auth_state == SGSN_AUTH_UNKNOWN) { + auth_state = sgsn_auth_state(mmctx, &sgi->cfg); + if (auth_state == SGSN_AUTH_UNKNOWN) { + /* Reject requests since remote updates are NYI */ LOGMMCTXP(LOGL_ERROR, mmctx, "Missing information, authorization not possible\n"); - sd.auth_state = SGSN_AUTH_REJECTED; + auth_state = SGSN_AUTH_REJECTED; } - /* This will call sgsn_auth_update if auth_state has changed */ - sgsn_update_subscriber_data(mmctx, &sd); - return 0; -} + if (mmctx->auth_state == auth_state) + return; -void sgsn_auth_update(struct sgsn_mm_ctx *mmctx, struct sgsn_subscriber_data *sd) -{ - LOGMMCTXP(LOGL_INFO, mmctx, "Got authorization update: state %s\n", - get_value_string(auth_state_names, sd->auth_state)); + LOGMMCTXP(LOGL_INFO, mmctx, "Got authorization update: state %s -> %s\n", + get_value_string(sgsn_auth_state_names, mmctx->auth_state), + get_value_string(sgsn_auth_state_names, auth_state)); - mmctx->auth_state = sd->auth_state; + mmctx->auth_state = auth_state; - switch (sd->auth_state) { + switch (auth_state) { case SGSN_AUTH_ACCEPTED: gsm0408_gprs_access_granted(mmctx); break; -- cgit v1.2.3