path: root/openbsc/src/gprs/sgsn_vty.c
AgeCommit message (Collapse)AuthorFilesLines
2016-03-03prepare sgsn_mm_ctx for Gb and Iu mode (UMTS)Harald Welte1-2/+2
Let's explicitly mark those sgsn_mm_ctx members that apply for Gb mode and (upcoming) Iu mode, respectively.
2015-11-16gtphub: add first bits of GRX aresNeels Hofmeyr1-0/+5
For the resolving function, change the function signature to return a gtphub_peer_port. In consequence, publish two functions concerned with gtphub_peer_port instances for use in test and gtphub_ext.c. Add GGSN resolution queue, callback and cache. Simple implementation: if an SGSN asks for a GGSN, it will first get no answer, and I hope it will ask again once the GGSN is in the cache. Within gtphub_ext.c, have a dummy sgsn struct, as the sgsn_ares code currently depends on it (half the functions pass an sgsn instance pointer around, but the other half use the global one). In the unit tests, wrap away the ares initialization so that they can work without a DNS server around. The netcat test breaks because of this, will remove it. Using sgsn_ares, implement the gtphub_resolve_ggsn_addr() function, I hope: untested. Minor cosmetics just to see if you're paying attention... ;) Sponsored-by: On-Waves ehi
2015-11-10sgsn_vty.c: fix typoNeels Hofmeyr1-1/+1
2015-11-02oap: add OAP config to VTYNeels Hofmeyr1-0/+91
Sponsored-by: On-Waves ehf
2015-11-02sgsn: Fix up the VTY doc stringsHolger Hans Peter Freyther1-2/+2
The documentation needs to end with a \n and T3316 needs to have some text. I think it is the T3316 timer that has no action on the network side. <command id='timer t3312 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3322 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3350 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3360 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3370 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3313 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3314 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3316 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3385 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3386 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3395 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' /> Documentation error (missing docs): <command id='timer t3397 &lt;0-65535&gt;'> <param name='&lt;0-65535&gt;' doc='(null)' />
2015-08-18sgsn: make all SGSN timers configurable via the VTYHarald Welte1-0/+93
2015-05-29ggsn: The id is a uint32_t don't print it as signedHolger Hans Peter Freyther1-2/+2
This was noticed as I started to use UINT32_MAX for dynamically created GGSNs.
2015-05-25sgsn: Allow to specify the DNS servers that should be usedHolger Hans Peter Freyther1-0/+18
If no server is specified the default list will be used. This allows to separate the servers for the local network and GRX from each other.
2015-05-25sgsn: Allow to resolve the IPv4 address of a GGSN through DNSHolger Hans Peter Freyther1-0/+15
For real networks we need to check if the requested APN string is allowed and then resolve the GGSN address through DNS. There are countries with two or three digit MNCs and one could either try to keep a list of countries that have two/three digits or just try both of them. I have opted for the later for the ease of the implementation. C-Ares doesn't allow to cancel a request so we will need to have the MMCTX and the Lookup have different lifetimes. We simply set ->mmctx to NULL in case the MMCTX dies more early. The selected and verified apn_str will be copied into the out parameter. In case no static APN/GGSN config is present and the dynamic mode is enabled a request will be made.
2015-05-24sgsn: Extract the hlr Number into the mm contextHolger Hans Peter Freyther1-2/+2
Include the hlr-Number of the subscriber in the CDR. This is useful for debugging and understanding which equipment was used during the test. In contrast to the MSISDN the '+' is emitted as the number must be in international format already.
2015-05-06sgsn: Add VTY configuration for the CDR moduleHolger Hans Peter Freyther1-0/+36
Make it possible to set a filename to use for the CDR. By default no CDR will be generated. Forbid to set the interval of 0 seconds as this will cause a lot of work. Add a very basic VTY test.
2015-05-05sgsn: Show the QoS that has been assignedHolger Hans Peter Freyther1-1/+2
2015-05-05sgsn: Dump the E164 (encoded) assigned to the subscriberHolger Hans Peter Freyther1-0/+5
2015-02-06sgsn: Add easy APN commands with just the nameHolger Hans Peter Freyther1-0/+23
For most configurations we don't address multiple GGSNs but only want to enforce a list of APNs. In the future we might add a special global GGSN context but not right now. Fixes: SYS#593
2015-02-06sgsn: Add functions to handle APN contextsJacob Erlbeck1-4/+60
This commit adds the exported functions apn_ctx_find_alloc, apn_ctx_free, apn_ctx_by_name, and apn_ctx_match to manage and retrieve APN to GGSN mappings. The following VTY commands are added to 'config-sgsn': - apn APN ggsn <0-255> - apn APN imsi-prefix PREFIX ggsn <0-255> which maps an APN gateway string to an SGSN id. The SGSN must be configured in advance. When matching an APN string, entries with a leading '*' are used for suffix matching, otherwise an exact match is done. When a prefix is given, it is matched against the IMSI. If several entries match, a longer matching IMSI prefix has precedence. If there are several matching entries with the same PREFIX, the entry with longest matching APN is returned. Ticket: OW#1334 Sponsored-by: On-Waves ehf
2015-02-06sgsn: Add PDP info to subscriber dataJacob Erlbeck1-0/+7
Currently the PDP info that is transmitted via GSUP is just parsed and then discarded. This commit adds a new data structure sgsn_subscriber_pdp_data and maintains a list of those in sgsn_subscriber_data. The PDP data is copied from an incoming GSUP UpdateLocationResult message. If that message contains the PDPInfoComplete flag, the list is cleared before new entries are added. The 'show subscriber cache' output now also shows the PDP data entries. Note that the InsertSubscriberData message is still not supported. [hfreyther: Added talloc_free in gprs_subscr_pdp_data_clear] Sponsored-by: On-Waves ehf
2015-01-30gprs: Support cancellation typeJacob Erlbeck1-2/+11
The cancellation type that is part of the UpdateCancellation message is currently ignored. This patch adds the missing glue between the existing GSUP and GMM support. If the type is not present or has the value updateProcedure the subcriber and MM context are siliently removed. Otherwise, a message with cause 'implicitly detached' is sent to the MS. Since the real cause is not known (the specification neither added a cause IE nor defined a static cause value), the MS may get the real cause in the following AttachRej. Added VTY commands: - update-subscriber imsi IMSI cancel update-procedure - update-subscriber imsi IMSI cancel subscription-withdraw the old form without the cause is no longer supported. Sponsored-by: On-Waves ehf
2015-01-28gprs: Don't use subscr->keep_in_ram in normal operationJacob Erlbeck1-0/+27
Currently the keep_in_ram flag is explicitely reset in gprs_subscr_cleanup to cover the case, that the VTY 'create' sub-command has been used to create the subscriber entry. This commit completely removes keep_in_ram handling from gprs_subscriber.c and adds a VTY 'destroy' sub-command to reset the flag and remove the entry. So 'create' and 'destroy' can be used to manager sticky entries that are kept even when a location cancellation is done. Added VTY command: - update-subscriber imsi IMSI destroy Sponsored-by: On-Waves ehf
2015-01-26gprs: Do not put the subscr in gprs_subscr_deleteJacob Erlbeck1-1/+2
Currently gprs_subscr_delete implicitely calls subscr_put, which makes the code more complex than necessary (additional subscr_get) in a few places. It also makes it more difficult to see, whether get/put are balanced within a function. In addition, the functions are not named consistently (gprs_subscr_delete vs. gprs_subscr_put_and_cancel). This commit changes the semantics of gprs_subscr_delete and indirectly of gprs_subscr_put_and_cancel to not call subscr_put on their argument, but to leave that for the caller to do it explicitely. It renames gprs_subscr_put_and_cancel to gprs_subscr_cancel to reflect that change in the name, too. Sponsored-by: On-Waves ehf
2015-01-26sgsn: Remove the "permanent" subscriber cacheHolger Hans Peter Freyther1-37/+0
The subscriber cache would help in case: * GPRS DETACH, GPRS ATTACH. In that case we might still have some cached authentication tuples we avoid another sendAuthenticationInfo request. * After a detach the cache expiry would make sure to eventually send a purgeMS to the HLR (which might be ignored). At the same time to make the cache work we will need to make sure to start and stop timers. In case we don't start we might accumulate subscribers. I am afraid that the above two benefits do not outweight the complexity of this implementation.
2015-01-20sgsn: Restructure the 'update-subscriber' commandJacob Erlbeck1-34/+7
This patch drops the following commands: - update-subscriber imsi IMSI insert authorized <0-1> - update-subscriber imsi IMSI commit since they are already covered by the 'update-location-result' sub-command, except that this command doesn't create an new entry if none is found with the given IMSI. It adds the following command: - update-subscriber imsi IMSI create which can be used to create a new entry. Sponsored-by: On-Waves ehf
2015-01-20sgsn: Fix vty_out newlinesJacob Erlbeck1-11/+21
Currently '\n' is used to end lines in the VTY output string constants instead of inserting VTY_NEWLINE. This leads to incorrect line starts in error messages. This patch fixes that accordingly. Sponsored-by: On-Waves ehf
2015-01-20sgsn: Add SGSN_ERROR_CAUSE_NONE and use it instead of 0Jacob Erlbeck1-2/+16
Currently an error_cause of 0 is being used to indicate normal operation. Albeit this is not a defined GMM cause, the value is not explicitly reserved. This commit adds the macro SGSN_ERROR_CAUSE_NONE and uses it for initialisation (instead of relying on talloc_zero) and comparisons. The value is set to -1 to be on the safe side. The VTY code is updated to set the error_cause when using the 'update-subscriber imsi IMSI update-location-result CAUSE' command. Sponsored-by: On-Waves ehf
2015-01-18gprs: Use PURGE MS messagesJacob Erlbeck1-1/+3
When a subscriber entry is going to be deleted by SGSN and when the subscriber info has been obtained from a remote peer via GSUP, the peer should be informed before the entry is really deleted. For this purpose, MAP defines the PURGE MS procedure (see GSM 09.02, 19.1.4). This patch adds support for the PURGE_MS_REQ/_ERR/_RES messages and invokes the procedure when the subscriber entry is going to be removed. This only applies if GSUP is being used, the Update Location procedure has been completed successfully, and the subscriber has not been cancelled. The removal of the entry is delayed until a PURGE_MS_RES or PURGE_MS_ERR message is received. Note that GSM 09.02, implies that the subscriber data is not to be removed when the procedure fails which is not the way the feature has been implemented. Note that handling 'P-TMSI freezing' is not implemented. Ticket: OW#1338 Sponsored-by: On-Waves ehf
2015-01-18gprs: Add expiry timeout for subscriber entriesJacob Erlbeck1-0/+35
Set the expiry delay after the subscriber has been deleted (e.g. by freeing the MM context). If cancelled, the subscriber will be deleted immediately and no timeout will be set. If the expiry time is set to SGSN_TIMEOUT_NEVER, no timer will be started and the subscriber entry will be kept until it is cancelled. The following VTY command is added to the sgsn node: - subscriber-expiry-time <0-999999> set expiry time in seconds - no subscriber-expiry-time set to SGSN_TIMEOUT_NEVER The default is an expiry time of 0 seconds, which means that the subscriber entries are wiped out immediately after an MM context is destroyed. Note that unused MM contexts are not expired yet. Therefore the subscriber will only be expired after a successful MM detach. Sponsored-by: On-Waves ehf
2015-01-18sgsn: Show GSUP client info on 'show sgsn'Jacob Erlbeck1-0/+11
This commit adds a line to the output of 'show sgsn' if the GSUP client has been initialized: - Remote authorization: [not] connected to HOST:PORT via GSUP Sponsored-by: On-Waves ehf
2015-01-18sgsn: Add global require_update_location flagJacob Erlbeck1-0/+1
This flag is used to determine, whether the Update Location procedure shall be invoked. This is currently only set, when the 'remote' authorization policy is set. When the flag is set, sgsn_auth_update will not never be called directly by sgsn_auth_request, if an Attach Request procedure is pending, even if the remote connection fails for some reason. Sponsored-by: On-Waves ehf
2015-01-18sgsn: Replace subscr.authenticate by global require_authentication flagJacob Erlbeck1-7/+4
Currently the flag 'authenticate' is managed per subscriber. This patch replaces that flag by a global cfg.require_authentication flag that enables/disables the use of the Auth & Ciph procedure for every subscriber. The flag is set by the VTY, if and only if the authorization policy is 'remote'. The VTY command - update-subscriber imsi IMSI insert authenticate <0-1> is removed. Sponsored-by: On-Waves ehf
2015-01-18sgsn: Integrate the GSUP client into the SGSNJacob Erlbeck1-0/+31
This commit adds GSUP client configuration (via VTY), connection set up, and real message sending. The following configuration commands are added: - gsup remote-ip A.B.C.D set server IP address - gsup remote-port PORT set server TCP port Ticket: OW#1338 Sponsored-by: On-Waves ehf
2015-01-10sgsn: Fix VTY command error handling (Coverity)Jacob Erlbeck1-3/+3
Currently the result of the osmo_hexparse function in update_subscr_insert_auth_triplet is not handled correctly. There is a misplaced leading exclamation mark in a few conditional expressions. This effectively disables the error checks, as it is noticed by Coverity ("Missing parentheses" followed by "Logically dead code"). This patch removes the exclamation marks. Fixes: Coverity CID 1260435 and CID 1260434 Sponsored-by: On-Waves ehf
2014-12-24sgsn: Add a subscriber based authentication phaseJacob Erlbeck1-3/+69
This implements the MAP way of subscriber validation when the MS tries to perform an Attach Request: 1. perform authentication (optionally invoke the sendAuthInfo procedure), starts the Auth & Ciph procedure 2. perform update location 3. insert subscriber data 4. finish the update location 5. Attach Accept / Attach Reject The authentication triplets are used and eventually updated if all of them have been used. This is currently accessible via the VTY interface by the following commands: - update-subscriber imsi IMSI update-auth-info - update-subscriber imsi IMSI update-location-result (ok|ERR-CAUSE) Sponsored-by: On-Waves ehf
2014-12-24sgsn: Add support for authentication tripletsJacob Erlbeck1-1/+78
This commit add data structures, functions, initialization, and VTY commands for per subscriber authentication triplets. The following VTY command is added: - update-subscriber imsi IMSI \ insert auth-triplet <1-5> sres SRES rand RAND kc KC Note that the triplets are not really used by the SGSN yet. Sponsored-by: On-Waves ehf
2014-12-10sgsn: Support subscriber based authenticationJacob Erlbeck1-3/+5
This commit mainly extends sgsn_auth.c to use and support the auth_state SGSN_AUTH_AUTHENTICATE. It will be activated when IMSI and IMEI are available, authentication is required (subscr->sgsn_data->authenticate is set), but the MM context is not marked as authenticated. If the state has been set to SGSN_AUTH_AUTHENTICATE and sgsn_auth_update() is called, the GMM layer will be informed by invoking gsm0408_gprs_authenticate(). Sponsored-by: On-Waves ehf
2014-12-10sgsn: Do not 'commit' implicitely when executing 'insert'Jacob Erlbeck1-2/+0
Currently the gprs_subscr_update function is called when the 'update-subscriber ... insert ...' command is executed. This will eventually notify the GMM layer which is rather the purpose of the 'commit' command. This patch removes the call from update_subscr_insert. Sponsored-by: On-Waves ehf
2014-12-09sgsn: Add VTY commands to manage subscriber cacheJacob Erlbeck1-0/+143
This adds the following commands to the ENABLE node: - show subscriber cache - update-subscriber imsi IMSI insert authorized (0|1) - update-subscriber imsi IMSI cancel - update-subscriber imsi IMSI commit These commands are mainly testing tools and maintenance helpers. The update commands work asynchronously and can be used to complete a pending update request or to terminate an existing connection. The 'insert' command just update the subscriber records but does not notify the GMM layer. Invoke the 'commit' command to continue with pending procedures. Note that the subscriber cache is not stored persistently and will always be empty after an SGSN restart. Sponsored-by: On-Waves ehf
2014-12-09sgsn: Integrate subscriber handling into the SGSNJacob Erlbeck1-3/+5
This commit adds a new authorization policy 'remote' and uses the subscriber cache for authorization when this policy is being used. Note that there is no remote backend implemented yet. After the IMSI/IMEI have been acquired, a request would be sent to the remote peer. The attach/auth-ciph procedure continues when authorization info has been received from the peer. This means, that gprs_subscr_update() must be called then to tell the GMM layer that it can proceed. A later commit will add VTY commands to do this manually. Sponsored-by: On-Waves ehf
2014-11-14sgsn: Add 'acl-only' authentication policyJacob Erlbeck1-8/+17
Currently the VTY 'auth-policy' command results in setting or clearing the acl_enabled flag. This also enables the matching of the MCC/MNC prefix of the IMSI. This patch adds an additional policy 'acl-only' which disables the MCC/MNC matching and relies on the ACL only. Sponsored-by: On-Waves ehf
2014-10-27sgsn: Moved IMSI ACL management to sgsn_auth.cJacob Erlbeck1-50/+2
Currently the ACL code is located in sgsn_vty.c. This commit moves this to a new file sgsn_auth.c as a first step to make authorization more flexible in order to implement remote acquisition on subsciber data. Sponsored-by: On-Waves ehf
2014-10-27sgsn: Delete PDP contexts properlyJacob Erlbeck1-1/+2
Currently the PDP contexts are hard freed (via sgsn_pdp_ctx_free) at some places in gprs_gmm.c on the reception of a Detach Req and on re-use of an IMSI that is already associated with an MM context. This can lead to segfaults when there is a pending request or a data indication at libgtp. This patch add a new function sgsn_pdp_ctx_terminate that de-associates the PTP context from the MM context, deactivates SNDCP, sets pdp->mm to NULL and then calls sgsn_delete_pdp_ctx. sgsn_libgtp is updated to check for pdp->mm being non-NULL before dereferencing it. The sgsn_pdp_ctx_terminate function will be called for each PDP context of an MM context before this context is going to be deleted via sgsn_mm_ctx_free. To ensure, that the ctx->llme (which is accessed during the deactivation of SNDCP) remains valid, the call to gprs_llgmm_assign is moved after the call to sgsn_mm_ctx_free. The handling of re-used IMSIs is changed to mimic the processing of a Detach Req. Addresses: <0002> gprs_gmm.c:654 MM(/f6b31ab0) Deleting old MM Context for same IMSI p_tmsi_old=0xc6f19134 <000f> gprs_sgsn.c:259 PDP freeing PDP context that still has a libgtp handle attached to it, this shouldn't happen! [...] SEGFAULT Ticket: OW#1311 Sponsored-by: On-Waves ehf
2014-03-23sgsn/ctrl: Add ctrl interface, implement listing subscribersHolger Hans Peter Freyther1-1/+1
Add the control interface with no hierachy right now and implement the first command to list IMSI + Context Address of active sessions. sgsn_cmd_handle could share more code with bsc variant. Fixes: SYS#264, SYS#265
2013-10-30vty: Use vty_install_default() instead of bsc_install_default()Jacob Erlbeck1-1/+1
Remove ournode_exit_cmd, ournode_end_cmd, and bsc_install_default() since this functionality is provided by the current libosmocore. Replace calls to bsc_install_default() by call to vty_install_default() with the following semantic patch: @rule1@ expression N; @@ - bsc_install_default(N); + vty_install_default(N); Ticket: OW#952 Sponsored-by: On-Waves ehf
2013-09-02vty: Use generic 'end' and 'exit' commandsJacob Erlbeck1-3/+1
Add bsc_install_default() and replace all install_default() This patch adds bsc_install_default() which calls install_default() and add 'exit' and 'end'. All other calls to install_default() are replaced by calls to bsc_install_default(). Since 'exit' and 'end' are now added automatically to each node, the explicit registrations of these commands are removed by this patch, too. The related tests succeed now without work-arounds (except for the 'config' node itself which is part of libosmocore).
2013-07-21sgsn: Add "auth-policy" VTY command to enable/disable ACLHarald Welte1-0/+17
2013-07-21sgsn: add a minimalistic ACLHarald Welte1-1/+79
This adds a minimalistic ACL by which certain, individual roaming IMSIs can be authorized to use the SGSN. So you can selectively bypass the 'MCC+MNC == first 5 digits of IMSI' checking for a couple of IMSIs
2013-07-04sgsn: Fix the unimplemented/uninstalled show ggsn commandHolger Hans Peter Freyther1-7/+0
This is fixing a GCC and Coverity warning. GCC: sgsn_vty.c: At top level: sgsn_vty.c:308:1: warning: ‘show_ggsn_cmd’ defined but not used [-Wunused-variable] Coverity: CID 1040727
2013-07-04sgsn_vty: Fix uninitialized variable in the gprs_apn2str methodHolger Hans Peter Freyther1-1/+1
This is fixing a GCC and Coverity warning: GCC: sgsn_vty.c: In function ‘vty_dump_pdp’: sgsn_vty.c:64:5: warning: ‘i’ may be used uninitialized in this function [-Wmaybe-uninitialized] sgsn_vty.c:49:15: note: ‘i’ was declared here Coverity: CID 1040706
2012-08-17VTY: improve VTY prompt and make sure exit/end works everywhereHarald Welte1-1/+1
Some nodes below 'config' didn't have ournode_exit / ournode_end, and thus were not able to properly perform this function. exit should always only go back one level, while end drops us back to ENABLE_NODE. The prompt now represents the nesting level, and there's one consistent space after the final prompt character (typically #).
2012-06-16split libgb into a separate library for outside useHarald Welte1-1/+1
This also removes the dependency to osmo_sock() inside libcommon and replaces it with osmo_sock_* from libosmocore
2011-11-06sgsn: Make sure each parameter has some sort of documentationHolger Hans Peter Freyther1-5/+8
2011-04-18misc: Remove sys/types.h includes from the filesHolger Hans Peter Freyther1-1/+0
These are not needed any more. We used them for u_int types but we now use uint which comes from stdint.h