diff options
| author | Daniel Willmann <dwillmann@sysmocom.de> | 2015-10-12 19:36:35 +0200 |
|---|---|---|
| committer | Holger Hans Peter Freyther <holger@moiji-mobile.com> | 2015-10-13 10:20:26 +0200 |
| commit | 537d480f3947924a2db182bab36a48f0bb42045f (patch) | |
| tree | be417e6b0bc6096a53090f3aa5f738a06b36b397 /openbsc/src | |
| parent | d1554ecb78ebf5b13ec72cdf1faf1bbd88121a01 (diff) | |
gprs/gb_proxy: Use RAND_bytes for gbproxy TLLI/TMSI allocation
This change has some implications for the test case. It manipulated
bss_ptmsi_state and sgsn_tlli_state variables to make the output of
rand_r() and thus the TLLI/TMSI used predictable.
This possibility is gone when using RAND_bytes() so instead it is
overridden by a function that returns a deterministic sequence of values
(0x00dead00, 0x00dead01, ...). The test cases are adapted to expect
these values instead of the pseudo random values before.
The gbproxy_test stdout file changes as well, but only where the
TLLI/TMSI is displayed (in the hex dumps as well as the TLLI cache
entries). All other output is the same.
Diffstat (limited to 'openbsc/src')
| -rw-r--r-- | openbsc/src/gprs/Makefile.am | 4 | ||||
| -rw-r--r-- | openbsc/src/gprs/gb_proxy.c | 16 |
2 files changed, 14 insertions, 6 deletions
diff --git a/openbsc/src/gprs/Makefile.am b/openbsc/src/gprs/Makefile.am index dcc6842d9..f01200312 100644 --- a/openbsc/src/gprs/Makefile.am +++ b/openbsc/src/gprs/Makefile.am @@ -2,7 +2,7 @@ AM_CPPFLAGS = $(all_includes) -I$(top_srcdir)/include -I$(top_builddir) AM_CFLAGS=-Wall -fno-strict-aliasing $(LIBOSMOCORE_CFLAGS) \ $(LIBOSMOGSM_CFLAGS) $(LIBOSMOVTY_CFLAGS) $(LIBOSMOCTRL_CFLAGS) \ $(LIBOSMOABIS_CFLAGS) $(LIBOSMOGB_CFLAGS) $(COVERAGE_CFLAGS) \ - $(LIBCARES_CFLAGS) + $(LIBCARES_CFLAGS) $(LIBCRYPTO_CFLAGS) OSMO_LIBS = $(LIBOSMOCORE_LIBS) $(LIBOSMOGSM_LIBS) $(LIBOSMOVTY_LIBS) \ $(LIBOSMOCTRL_LIBS) $(LIBOSMOGB_LIBS) @@ -20,7 +20,7 @@ osmo_gbproxy_SOURCES = gb_proxy.c gb_proxy_main.c gb_proxy_vty.c \ gb_proxy_patch.c gb_proxy_tlli.c gb_proxy_peer.c \ gprs_gb_parse.c gprs_llc_parse.c crc24.c gprs_utils.c osmo_gbproxy_LDADD = $(top_builddir)/src/libcommon/libcommon.a \ - $(OSMO_LIBS) -lrt + $(OSMO_LIBS) $(LIBCRYPTO_LIBS) -lrt osmo_sgsn_SOURCES = gprs_gmm.c gprs_sgsn.c gprs_sndcp.c gprs_sndcp_vty.c \ sgsn_main.c sgsn_vty.c sgsn_libgtp.c \ diff --git a/openbsc/src/gprs/gb_proxy.c b/openbsc/src/gprs/gb_proxy.c index 21cd405f5..5b3ee282d 100644 --- a/openbsc/src/gprs/gb_proxy.c +++ b/openbsc/src/gprs/gb_proxy.c @@ -50,6 +50,8 @@ #include <openbsc/gsm_04_08_gprs.h> #include <openbsc/gprs_utils.h> +#include <openssl/rand.h> + static const struct rate_ctr_desc global_ctr_description[] = { { "inv-bvci", "Invalid BVC Identifier " }, { "inv-lai", "Invalid Location Area Identifier" }, @@ -232,7 +234,11 @@ uint32_t gbproxy_make_bss_ptmsi(struct gbproxy_peer *peer, bss_ptmsi = sgsn_ptmsi; } else { do { - bss_ptmsi = rand_r(&peer->cfg->bss_ptmsi_state); + if (RAND_bytes((uint8_t *) &bss_ptmsi, sizeof(bss_ptmsi)) != 1) { + bss_ptmsi = GSM_RESERVED_TMSI; + break; + } + bss_ptmsi = bss_ptmsi | 0xC0000000; if (gbproxy_link_info_by_ptmsi(peer, bss_ptmsi)) @@ -265,7 +271,11 @@ uint32_t gbproxy_make_sgsn_tlli(struct gbproxy_peer *peer, } else { do { /* create random TLLI, 0b01111xxx... */ - sgsn_tlli = rand_r(&peer->cfg->sgsn_tlli_state); + if (RAND_bytes((uint8_t *) &sgsn_tlli, sizeof(sgsn_tlli)) != 1) { + sgsn_tlli = 0; + break; + } + sgsn_tlli = (sgsn_tlli & 0x7fffffff) | 0x78000000; if (gbproxy_link_info_by_any_sgsn_tlli(peer, sgsn_tlli)) @@ -1365,8 +1375,6 @@ int gbproxy_init_config(struct gbproxy_config *cfg) INIT_LLIST_HEAD(&cfg->bts_peers); cfg->ctrg = rate_ctr_group_alloc(tall_bsc_ctx, &global_ctrg_desc, 0); clock_gettime(CLOCK_REALTIME, &tp); - cfg->bss_ptmsi_state = tp.tv_sec + tp.tv_nsec; - cfg->sgsn_tlli_state = tp.tv_sec - tp.tv_nsec; return 0; } |