summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Hans Peter Freyther <holger@moiji-mobile.com>2014-05-06 06:45:30 +0200
committerHolger Hans Peter Freyther <holger@moiji-mobile.com>2014-05-06 06:50:39 +0200
commitabddd6aa441b85d030f0f9c12ca326cf956063fb (patch)
treeaf9546ae7ca32a69c232da8c697ad74cf48b8fe4
parent3c9068f185dd76d1051e58f1423b4ae612d12ee3 (diff)
nat/bsc: Check proto before calling ipaccess_rcvmsg_base
The code in the BSC/NAT called ipaccess_rcvmsg_base without checking if the protocol is IPA. This lead the BSC to respond to SCCP messages with an "ID ACK". From a quick look neither the code of ipaccess_rcvmsg_base in OpenBSC nor the copy of libosmo-abis ever checked the protocol header. So this code has been wrong since initially being created in 2010.
-rw-r--r--openbsc/include/openbsc/ipaccess.h1
-rw-r--r--openbsc/src/osmo-bsc/osmo_bsc_msc.c2
-rw-r--r--openbsc/src/osmo-bsc_nat/bsc_nat.c2
3 files changed, 2 insertions, 3 deletions
diff --git a/openbsc/include/openbsc/ipaccess.h b/openbsc/include/openbsc/ipaccess.h
index a25a348b6..bc1fa6ed4 100644
--- a/openbsc/include/openbsc/ipaccess.h
+++ b/openbsc/include/openbsc/ipaccess.h
@@ -30,7 +30,6 @@ struct ipac_ext_lac_cmd {
/*
* methods for parsing and sending a message
*/
-int ipaccess_rcvmsg_base(struct msgb *msg, struct osmo_fd *bfd);
void ipaccess_prepend_header(struct msgb *msg, int proto);
void ipaccess_prepend_header_ext(struct msgb *msg, int proto);
int ipaccess_send_pong(int fd);
diff --git a/openbsc/src/osmo-bsc/osmo_bsc_msc.c b/openbsc/src/osmo-bsc/osmo_bsc_msc.c
index 04e9cf3a7..0acc29027 100644
--- a/openbsc/src/osmo-bsc/osmo_bsc_msc.c
+++ b/openbsc/src/osmo-bsc/osmo_bsc_msc.c
@@ -270,11 +270,11 @@ static int ipaccess_a_fd_cb(struct osmo_fd *bfd)
/* handle base message handling */
hh = (struct ipaccess_head *) msg->data;
- ipaccess_rcvmsg_base(msg, bfd);
/* initialize the networking. This includes sending a GSM08.08 message */
msg->cb[0] = (unsigned long) data;
if (hh->proto == IPAC_PROTO_IPACCESS) {
+ ipaccess_rcvmsg_base(msg, bfd);
if (msg->l2h[0] == IPAC_MSGT_ID_ACK)
initialize_if_needed(data->msc_con);
else if (msg->l2h[0] == IPAC_MSGT_ID_GET) {
diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c b/openbsc/src/osmo-bsc_nat/bsc_nat.c
index 0d0fd586b..1aef27ea4 100644
--- a/openbsc/src/osmo-bsc_nat/bsc_nat.c
+++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c
@@ -825,10 +825,10 @@ static int ipaccess_msc_read_cb(struct osmo_fd *bfd)
/* handle base message handling */
hh = (struct ipaccess_head *) msg->data;
- ipaccess_rcvmsg_base(msg, bfd);
/* initialize the networking. This includes sending a GSM08.08 message */
if (hh->proto == IPAC_PROTO_IPACCESS) {
+ ipaccess_rcvmsg_base(msg, bfd);
if (msg->l2h[0] == IPAC_MSGT_ID_ACK)
initialize_msc_if_needed(msc_con);
else if (msg->l2h[0] == IPAC_MSGT_ID_GET)