vty: make auth tuple reuse configurable
Change-Id: Iba6253d9bf8d4a9d9f6f26ba045e6c7f0dc7f8f2
This commit is contained in:
parent
7b1418e6fc
commit
97ce015f58
|
@ -17,3 +17,5 @@ network
|
|||
msc
|
||||
mgcpgw remote-ip 10.23.24.1
|
||||
assign-tmsi
|
||||
auth-tuple-max-reuse-count 3
|
||||
auth-tuple-reuse-on-error 1
|
||||
|
|
|
@ -88,6 +88,27 @@ DEFUN(cfg_msc_cs7_instance_iu,
|
|||
return CMD_SUCCESS;
|
||||
}
|
||||
|
||||
DEFUN(cfg_msc_auth_tuple_max_reuse_count, cfg_msc_auth_tuple_max_reuse_count_cmd,
|
||||
"auth-tuple-max-reuse-count <-1-2147483647>",
|
||||
"Configure authentication tuple re-use\n"
|
||||
"0 to use each auth tuple at most once (default), >0 to limit re-use, -1 to re-use infinitely (vulnerable!).\n")
|
||||
{
|
||||
struct gsm_network *gsmnet = gsmnet_from_vty(vty);
|
||||
gsmnet->vlr->cfg.auth_tuple_max_reuse_count = atoi(argv[0]);
|
||||
return CMD_SUCCESS;
|
||||
}
|
||||
|
||||
DEFUN(cfg_msc_auth_tuple_reuse_on_error, cfg_msc_auth_tuple_reuse_on_error_cmd,
|
||||
"auth-tuple-reuse-on-error (0|1)",
|
||||
"Configure authentication tuple re-use when HLR is not responsive\n"
|
||||
"0 = never re-use auth tuples beyond auth-tuple-max-reuse-count (default)\n"
|
||||
"1 = if the HLR does not deliver new tuples, do re-use already available old ones.\n")
|
||||
{
|
||||
struct gsm_network *gsmnet = gsmnet_from_vty(vty);
|
||||
gsmnet->vlr->cfg.auth_reuse_old_sets_on_error = atoi(argv[0]) ? true : false;
|
||||
return CMD_SUCCESS;
|
||||
}
|
||||
|
||||
static int config_write_msc(struct vty *vty)
|
||||
{
|
||||
struct gsm_network *gsmnet = gsmnet_from_vty(vty);
|
||||
|
@ -101,6 +122,14 @@ static int config_write_msc(struct vty *vty)
|
|||
vty_out(vty, " cs7-instance-iu %u%s", gsmnet->iu.cs7_instance,
|
||||
VTY_NEWLINE);
|
||||
|
||||
if (gsmnet->vlr->cfg.auth_tuple_max_reuse_count)
|
||||
vty_out(vty, " auth-tuple-max-reuse-count %d%s",
|
||||
OSMO_MAX(-1, gsmnet->vlr->cfg.auth_tuple_max_reuse_count),
|
||||
VTY_NEWLINE);
|
||||
if (gsmnet->vlr->cfg.auth_reuse_old_sets_on_error)
|
||||
vty_out(vty, " auth-tuple-reuse-on-error 1%s",
|
||||
VTY_NEWLINE);
|
||||
|
||||
mgcp_client_config_write(vty, " ");
|
||||
#ifdef BUILD_IU
|
||||
ranap_iu_vty_config_write(vty, " ");
|
||||
|
@ -152,6 +181,8 @@ void msc_vty_init(struct gsm_network *msc_network)
|
|||
vty_install_default(MSC_NODE);
|
||||
install_element(MSC_NODE, &cfg_msc_assign_tmsi_cmd);
|
||||
install_element(MSC_NODE, &cfg_msc_no_assign_tmsi_cmd);
|
||||
install_element(MSC_NODE, &cfg_msc_auth_tuple_max_reuse_count_cmd);
|
||||
install_element(MSC_NODE, &cfg_msc_auth_tuple_reuse_on_error_cmd);
|
||||
install_element(MSC_NODE, &cfg_msc_cs7_instance_a_cmd);
|
||||
install_element(MSC_NODE, &cfg_msc_cs7_instance_iu_cmd);
|
||||
|
||||
|
|
Loading…
Reference in New Issue