sgsn: Add 'acl-only' authentication policy
Currently the VTY 'auth-policy' command results in setting or clearing
the acl_enabled flag. This also enables the matching of the MCC/MNC
prefix of the IMSI.
This patch adds an additional policy 'acl-only' which disables the
MCC/MNC matching and relies on the ACL only.
Sponsored-by: On-Waves ehf
diff --git a/openbsc/tests/vty_test_runner.py b/openbsc/tests/vty_test_runner.py
index 82c0871..468d415 100644
--- a/openbsc/tests/vty_test_runner.py
+++ b/openbsc/tests/vty_test_runner.py
@@ -722,6 +722,22 @@
res = self.vty.command("show llc")
self.assert_(res.find('State of LLC Entities') >= 0)
+ def testVtyAuth(self):
+ self.vty.enable()
+ self.assertTrue(self.vty.verify('configure terminal', ['']))
+ self.assertEquals(self.vty.node(), 'config')
+ self.assertTrue(self.vty.verify('sgsn', ['']))
+ self.assertEquals(self.vty.node(), 'config-sgsn')
+ self.assertTrue(self.vty.verify('auth-policy accept-all', ['']))
+ res = self.vty.command("show running-config")
+ self.assert_(res.find('auth-policy accept-all') > 0)
+ self.assertTrue(self.vty.verify('auth-policy acl-only', ['']))
+ res = self.vty.command("show running-config")
+ self.assert_(res.find('auth-policy acl-only') > 0)
+ self.assertTrue(self.vty.verify('auth-policy closed', ['']))
+ res = self.vty.command("show running-config")
+ self.assert_(res.find('auth-policy closed') > 0)
+
def add_nat_test(suite, workdir):
if not os.path.isfile(os.path.join(workdir, "src/osmo-bsc_nat/osmo-bsc_nat")):
print("Skipping the NAT test")