cellular-infrastructure
/
osmo-mgw
mirror of https://gerrit.osmocom.org/osmo-mgw
10
0
Fork 0
Code Issues Releases Wiki Activity

nat: Check the authentication bit later... 

When moving it up here the code started to reject
the identity responses of the bsc and we would
never authenticate. Move it back down.
This commit is contained in:
Holger Hans Peter Freyther 2010-04-02 03:42:44 +02:00
parent 44d92b4728
commit c33701c4e5
1 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
openbsc/src/nat/bsc_nat.c
View File

@ -385,12 +385,6 @@ static int forward_sccp_to_msc(struct bsc_connection *bsc, struct msgb *msg)
struct sccp_connections *con;
struct bsc_nat_parsed *parsed;
if (!bsc->authenticated) {
LOGP(DNAT, LOGL_ERROR, "BSC is not authenticated.\n");
msgb_free(msg);
return -1;
}
/* Parse and filter messages */
parsed = bsc_nat_parse(msg);
if (!parsed) {
@ -402,6 +396,18 @@ static int forward_sccp_to_msc(struct bsc_connection *bsc, struct msgb *msg)
if (bsc_nat_filter_ipa(DIR_MSC, msg, parsed))
goto exit;
/*
* check authentication after filtering to not reject auth
* responses coming from the BSC. We have to make sure that
* nothing from the exit path will forward things to the MSC
*/
if (!bsc->authenticated) {
LOGP(DNAT, LOGL_ERROR, "BSC is not authenticated.\n");
msgb_free(msg);
return -1;
}
/* modify the SCCP entries */
if (parsed->ipa_proto == IPAC_PROTO_SCCP) {
switch (parsed->sccp_type) {