summaryrefslogtreecommitdiffstats
path: root/openbsc/src
AgeCommit message (Collapse)AuthorFilesLines
2019-08-05Remove undefined param passed to {logging,osmo_stats}_vty_add_cmdsPau Espin Pedrol3-5/+5
Since March 15th 2017, libosmocore API logging_vty_add_cmds() had its parameter removed (c65c5b4ea075ef6cef11fff9442ae0b15c1d6af7). However, definition in C file doesn't contain "(void)", which means number of parameters is undefined and thus compiler doesn't complain. Let's remove parameters from all callers before enforcing "(void)" on it. API osmo_stats_vty_add_cmds never had a param list but has seem problem (no "void"), so some users decided to pass a parameter to it. Change-Id: I7d9d477b983b0d62f01237d90acaa7ce455c3c3d Related: OS#4138
2019-08-05nat: Remove unused func bsc_vty_init()Pau Espin Pedrol1-8/+0
The function is never called in osmo-bsc-nat, and logging_vty_add_cmds() is called directly in main(). Change-Id: Ie13cf5dc7f8dfa6fc6c3953dfcacaed7d5feb114
2019-06-21bsc-nat: Remove whitespace at the end of CTR descriptionsPau Espin Pedrol1-13/+13
Change-Id: Ia7ff352de1fb1997066f72e84a7d517c7642853a
2019-05-26mgcp: Handle CI and X-Osmux param name as case insensitivePau Espin Pedrol1-12/+65
RFC3435 states most text (except SDP) must be handled as case insensitive. Since we are no longer using strstr(msg->l2h), we need to iterate per line and call related extract/handle function for that line. Call to bsc_mgcp_osmux_confirm() is left at the end because it needs to be called too in case no matching line is found. In that case, it will release the CID. Similar stuff ocurrs for bsc_mgcp_extract_ci(). Related: OS#4001 Change-Id: Iadc004064a5a237c93009f242cb943ebc4d2d7e6
2019-05-16nat: Allocate bsc_nat_parsed on the stack instead of heapPau Espin Pedrol4-76/+65
There's no real need to allocate it using talloc. Allocating it on the stack simplifies the code, avoids mem leaks and makes it faster. Change-Id: I66c44890952339f15131081e2f629a2824b6d3ba
2019-05-08nat: Fix crash (double-free) in forward_sccp_to_mscPau Espin Pedrol1-2/+2
In bsc_nat_parse(), parsed is allocated this way: """parsed = talloc_zero(msg, struct bsc_nat_parsed);""" So parsed is a child of msg, and so it's freed when msg is freed. Since libosmocore c7f52c4c84d6a8898048738c4db9266289c40b45, osmo_wqueue_enqueue() correctly detects queue full and returns an error, and then queue_for_msc() calls msgb_free(). Code in osmo-bsc-nat was probably written before that change in behavior, so that's why probably the bug was not hit before. The "if (parsed)" condition is removed since it's actually fine to talloc_free(NULL). Related: SYS#4548 Change-Id: I209d3e2d809a67915ec43c874e68f7f746a565f0
2019-05-02nat: Return error code in queue_for_mscPau Espin Pedrol1-4/+8
Might be useful in the future for its callers, since sometimes actions need to be taken place based on whether enqueuing failed (and msg was freed). Change-Id: I9f172f9c9ca9db18f6adcf9267db23c73e9d5bc6
2019-04-30libmgcp: Parse CI as hex string in verify_ci()daniel/wipDaniel Willmann1-1/+1
In verify_ci CI needs to be parsed as hex instead of dec number as well. Fixes: OS#3951 Change-Id: I687b467756fa30cbc454e3583c86159d9abcc7d9
2019-04-23osmo-bsc_nat: Parse MGCP Connection ID as hexDaniel Willmann2-5/+8
Our ttcn3-bscnat-tests would randomly fail. After the CRCX ACK returns from the MSC the bsc-nat reports it could not find a CI it it and deletes the connection on the BSC-side. This happens because the field is parsed as a decimal value instead of hexadecimal. So a value of 00FED122 is parsed as '0' which is a reserved value in our program. This fix parses the field as hexadecimal value and also logs an error if the value happens to be 0. make check will now test if a hexadecimal CI is parsed correctly. Fixes: OS#3951 Change-Id: I49b8b61644bf706162102dce268cae2265536fc5
2019-04-21Fixed MNCC_RTP_CREATE after MNCC_DISC_IND.Rafael Diniz1-0/+3
Change-Id: I3690acebf882d3a8abbeabe0e3aefdfcd066a052
2019-03-29Write configuration correctly from vty (alert notifications)Keith1-2/+2
The default is [yes] alert-notifications, therefore write "no alert-notifications" in the case that this has been set, in order to preserve configuration after write is called from vty. Change-Id: I4b0363fa34dd9ac0a221844974e4ebf7465b56f4
2019-03-28Replace broken ipa_ccm_idtag APIs with new ipa_ccm_id onesPau Espin Pedrol3-9/+7
ipa_ccm_idtag_parse_off is broken, and can only be used with len_offset=1 on ID Request messages, otherwise won't work correctly. Modify ipa_ccm_idtag_parse to at least parse those correctly, and document the limitations. Those two functions are already deprecated and only used in openbsc by 3 callers: * ipa_ccm_idtag_parse in ussd_read_cb(): Broken, that function can only work for Requests and it's used to parse a Response. * ipa_ccm_idtag_parse_off in forward_sccp_to_msc (NAT): Broken, it can only be used to parse Requests and it's used to parse a Response. Furthermore, len_offset=2 is passed which makes no sense and most probably it fails always, or can even make the program crash. * ipa_ccm_idtag_parse_off in (answer_challenge): This one is fine and could actually be replaced with ipa_ccm_id_get_parse after libosmocore commit (see below) is merged. See libosmocore I6efc852dfc041192f554e41a58290a0f63298021 for more information. As a consequence of the fixes, osmo-bsc-nat now parses messages sent from VTY test correctly and thus it goes into processing them instead of silently dropping them. As a result, some VTY tests fail because they are sending incorrect format (missing NULL char in unit id strings) and osmo-bsc-nat closses its connection (due to bad auth). Change-Id: I3b995f8ef0b48c0a5b3375e42926641934359cd2
2019-03-26Drop Iu*S support and related dependenciesMax4-842/+0
There's optional libiu for Iu*S support but it's just a leftover from pre repo-split times: * it's not used by any code * it's not checked by gerrit verification in osmo-ci * it's disabled by default * it's not supported in .deb packages Instead of dragging old code in unknown stage of bit-rotting, let's just drop it completely. Change-Id: Id5678a74504b4456aba0438ccc34731770801128
2019-03-22talloc_ctx_init: Use public API osmo_signal_talloc_ctx_initPau Espin Pedrol1-2/+2
There's already a public API to allocate libosmocore's signal ctx, so let's use it instead of accessing the global variable. This will allow to eventually Make the global variable in libosmocore static and private. Change-Id: I8dab0ef810adba17fdd242e3a127908dd09b2b42
2019-03-20osmo-bsc-mgcp.service: Fix parsing of cmdline option sPau Espin Pedrol1-1/+1
From journald output: /usr/bin/osmo-bsc_mgcp: invalid option -- 's' Change-Id: I995d2f5909640fc007aa39dd6c6b54ff97ee45f7
2019-02-28Don't deliver alert notifications to an ESME thatKeith3-5/+10
is not yet bound. We create a new ESME in smsc->esme_list on establishment of a TCP connection, yet we do not know the system id or anything else, until the ESME identifies and authenticates. So do not send alert notifications until we know the bind status (and system_id) Change-Id: I0e5d55d3fb6ac46d253902df2fe304e1b0fc8bbf
2019-01-24Remove meas_* utilsMax7-1199/+0
The counterparts in OsmoBSC repo are actively maintained and (partially) packaged for .deb - let's drop old versions to minimize user confusion. Change-Id: Ia0cedaad4b717c8c5198842e2acd610f8e03f957
2019-01-22fix build: apply msgb_wrap_with_TL() renameMax1-7/+7
After libosmocore commit If1e851ac605c8d2fde3da565b0bd674ea6350c2e b27e6feb699712345373e87a48187dc622e4fa92 the openbsc master build is broken. Apply the msgb_wrap_with_TL() rename to msgb_push_tl() to unbreak the build. Also related is commit e8cd09dd6f3378a8137afb581dcd7ed554daa24c in this repository, which removed the locally defined msgb_wrap_with_TL() definition. The libosmocore mistake should have become obvious then and there... Change-Id: I6fece7bbbea84962daff885e54f0bc0108c8d0a5
2019-01-17Cosmetic: Fix spelling in smpp vtyKeith1-2/+2
Change-Id: If2180828e2acd28d96754c593c317c2868644c4b
2019-01-17Make alert notifications vty configurable per ESMEKeith4-2/+34
OSMO-MSC backport Adds (no) alert-notifications as a per-esme vty command, in order to allow some ESMEs to be excluded from alerts. The default is still to send alert notifications to all esme, so no changes are required to the config file to maintain identical operation after this patch. Change-Id: I2b52f2778b24eebc82b2e5e2fb3c2250b1f9e5b0
2019-01-12Don't send SMS STATUS REPORT locally if the ESME accepted it.Keith1-1/+1
Backport of https://gerrit.osmocom.org/11792/ When using smpp-first, after the ESME accepts our STATUS REPORT, we were sending it locally into gsm340_rx_sms_submit() anyway. In the case of the ESME mirroring the report back to us, this would result in two copies of the status report in the SMS database, which were also both then delivered to the MS. Some MS then display the REPORT to the user as if it were a normal SMS. With this patch, we check if it is the sms_report that has had receiver set in sms_route_mt_sms() and not the original SMS we are reporting on, which of course already has receiver set. Change-Id: I2136489bd21c4755463278a4048a446e5bc4a9d2
2018-12-06Remove ipaccess utilsMax7-2920/+0
There's increasing gap in functionality between ipaccess utils from this repo and from osmo-bsc due to ongoing development in new repository. To avoid potential user confusion let's drop them similar to the way SGSN was removed earlier. Change-Id: I9c04f9b469e60802461a2a6e421d3ba27e6dafa1
2018-11-27bsc-nat: Enable octet-aligned when ensuring mode setPau Espin Pedrol1-1/+1
From RFC 4867: octet-align: Permissible values are 0 and 1. If 1, octet-aligned operation SHALL be used. If 0 or if not present, bandwidth-efficient operation is employed. Change-Id: Ic4db7f6d18f650f36f3186965096771f748de5fd
2018-11-19Fix build with latest libosmocoreMax1-9/+0
Remove locally defined function which conflicts with the one in libosmocore. Change-Id: Ifcc13c4f8998af7680fc17414b2720feee7d386a
2018-10-16mgcp: osmux_send_dummy: Fix return without valuePau Espin Pedrol1-1/+1
Not really critical since only user of this function doesn't check the return value. Fixes commit: 4a2cc9eb0a0f9424c16b26fcb757483a39d67482 Change-Id: I438349bffaa46a10ad8983090a4b17aed7e00d82
2018-10-12mgcp: osmux: Improve checks around activating and using enabled osmuxPau Espin Pedrol1-42/+43
* Refactor code to have unified checks on all paths activating Osmux. * Improve checkings at activation time and add logging. * Code now enforces endp osmux status to be enabled before processing the frame through endp->osmux.out. Before, a delayed or bad pkt could arrive and be processed by an endp with osmux not enabled, using endp->osmux.out that was not initialized and ended up crashing: libosmo-netif/src/osmux.c:281:3: runtime error: member access within null pointer of type 'struct msgb' This could also happen if a BSC started sending or we received (non legacy dummy) osmux frames before we received the BSC CRCX ACK agreeing on osmux negotiation and switching to ACTIVATING state. Related: SYS#4350 Change-Id: I3536169c94e65f999aaa9c9e43cc7dab8551d30f
2018-10-12mgcp: osmux: allow enabling osmux only on correct activating statePau Espin Pedrol1-3/+3
State ACTIVATING is set once negotiation between the 2 parts went successfuly. Change-Id: I21eb30fa8d48f3d592ff197bd74e673fdac51c1d
2018-10-12mgcp: osmux: Make func handling dummy frames independent of endp typePau Espin Pedrol1-3/+3
Change-Id: I285f1cb693b243ecd404337f2bb5b74ddd32b123
2018-10-12mgcp: osmux: Move parse_cid of legacy dummy frames to own functionPau Espin Pedrol1-10/+15
Change-Id: If9249fb0ee2e33c7dd2ab817480776acaa784cc2
2018-10-12mgcp: osmux: Don't process regular osmux frames if disabled by cfgPau Espin Pedrol1-6/+12
Prior to this commit, the check was only done on legacy dummy frames. Change-Id: Ief4e62fe68a11a60d90292c72d1263fd1f728356
2018-10-12mgcp: osmux_send_dummy: Avoid logging incorrectly and sending if osmux not ↵Pau Espin Pedrol1-0/+8
enabled Change-Id: I5244cb9304adef3aa612b8126bf95e77562c801c
2018-10-12nat: Log state of pending transactionPau Espin Pedrol1-2/+2
Change-Id: I9f686404517bf8a2044cf59dd5bfaf90eb4f798f
2018-10-12nat: Log endpoint nr consistently as hexPau Espin Pedrol1-1/+1
Change-Id: I581f40da47614223219800e97a334f8b5e06b13f
2018-10-12mgcp: Log endpoint nr consistently as hexPau Espin Pedrol2-7/+7
Change-Id: I281964935312161d1da49e8035c5bf3bb7bf9c5c
2018-10-12mgcp: Avoid initing output without enabling osmuxPau Espin Pedrol1-4/+4
Otherwise we end up in a weird state where we have timers set up but osmux is still flagged as not enabled. Change-Id: I15c3a1a6bdf2566b03d1d543d8d15e4117a53622
2018-09-17mgcp_osmux: Use define to calculate rtp_ssrc_winlenPau Espin Pedrol1-2/+2
Since that define is already used to allocate size of osmux_cid_bitmap, let's use it here too instead of hardcoding its value. Change-Id: I768ca1b510bf44508ae064dc31620e739260470b
2018-09-17mgcp: Fix (again) osmux_cid_bitmap static array size calculationPau Espin Pedrol1-2/+2
A previous commit merged today fixed array size boundary (multiple of 8 bits), but removed a required +1 which should be kept on top, because OSMUX_CID_MAX specified the maximum number used by a CID, that is (0,OSMUX_CID_MAX), and as a result we require OSMUX_CID_MAX+1 slots. Fixes: 65f422ad5878165be0a1eb05605aa3099536f0c8 Change-Id: I182c9c1a6dd28a4c5c0d8107d53852cf47541592
2018-09-17bsc_filter: Move whitelisted info log to debugPau Espin Pedrol1-1/+1
It shows up all the time in logs while using "logging level all info", let's move it to debug. Change-Id: I51274dad5afef16e466921c5d58672427d23fd3b
2018-09-17mgcp: Fix osmux_cid_bitmap static array size calculationPau Espin Pedrol1-1/+1
Right now it's not a big issue since OSMUX_CID_MAX is 255, so 255+1 is 256 which fits array boundaries correctly (multiple of 8). However, if for example OSMUC_CID_MAX was modified to be 12, 12+1/8 = 1, so we'd have an undesired memory access when accessing last 4 CIDs. Change-Id: I5908ee44404686e68d61f255b7014af39c8f5703
2018-09-13nat: return -EBADF in read wqueue cb on fd closedPau Espin Pedrol1-1/+1
bsc_msc_lost will close the current fd (without freeing it), so let's skip possible writes to an already closed fd bsc_msc_lost will close the current fd (without freeing it), so let's skip possible writes to an already closed fd.. Change-Id: I55c1a88f6524e897c70abf8ba18f1bb2b1f650aa
2018-09-13nat: Remove misleading commentPau Espin Pedrol1-1/+0
PONG is being sent a as an answer to PING a few lines above in same function. Change-Id: I88ca95d46f4ace1da4025d12302422dbfa578354
2018-09-13nat: Remove misleading commentPau Espin Pedrol1-4/+0
Code is already doing stuff with the connection (fd). Change-Id: Ieeaa0e024b9542d1a22a8e3ab4c3229a6f8a0b49
2018-09-13cosmetic: Remove duplicate semicolon and whitespacePau Espin Pedrol1-2/+2
Change-Id: Ib36b8937d1210488784ebae6917cb1b4c871c9d4
2018-09-10mgcp_osmux.c: osmux_enable_endpoint: Fix incorrect return checkPau Espin Pedrol1-2/+2
osmux_xfrm_input_open_circuit returns 0 on success and -1 on error. Confusion comes from that function being implemented by calling osmux_batch_add_circuit which returns NULL on error. Change-Id: I98700aa1e2fab9784706bfac1a47cc84635172b7
2018-08-28Fix heap-use-after-free due to OML link destructionPau Espin Pedrol2-2/+28
Back-port from osmo-bsc.git 9862bcb5cdb9ece0acfdfb7c81e00c05fcd33ad3. ipaccess_drop_oml was being called inside an osmo_fd cb context, were -EBADF must be returned if the structure holding the osmo_fd is freed. In the middle of the path (see OS#3495 for path tree) it goes through a signal dispatch, so it's impossible to make sure we return some value to the osmo_fd cb. As a result, it is required to defer dropping the OML Link from current code path and do it through a timer. Fixes following ASan report: 20180822124927913 <0004> abis_nm.c:787 OC=RADIO-CARRIER(02) INST=(00,00,ff): CHANGE ADMINISTRATIVE STATE NACK CAUSE=Message cannot be performed 20180822124927913 <0004> osmo_bsc_main.c:186 Got CHANGE ADMINISTRATIVE STATE NACK going to drop the OML links. 20180822124927913 <0015> bts_ipaccess_nanobts.c:406 (bts=0) Dropping OML link. ... ================================================================= ==17607==ERROR: AddressSanitizer: heap-use-after-free on address 0x62e000060a68 at pc 0x7f5ea8e27086 bp 0x7ffde92b6d80 sp 0x7ffde92b6d78 READ of size 8 at 0x62e000060a68 thread T0 #0 0x7f5ea8e27085 in handle_ts1_write input/ipaccess.c:371 #1 0x7f5ea8e27085 in ipaccess_fd_cb input/ipaccess.c:391 #2 0x7f5ea9147ca8 in osmo_fd_disp_fds libosmocore/src/select.c:217 #3 0x7f5ea9147ca8 in osmo_select_main libosmocore/src/select.c:257 #4 0x555813ab79d6 in main osmo-bsc/osmo_bsc_main.c:922 #5 0x7f5ea76d02e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0) #6 0x555813ab84e9 in _start (/bin/osmo-bsc+0x34d4e9) Fixes: OS#3495 Change-Id: If9e73a3251547625a2372d58f1d8b87210d9f312
2018-08-28abis_nm_ipaccess_rsl_connect: Log bts and trx nrPau Espin Pedrol1-2/+2
Back-port from osmo-bsc.git 24f2f55132f7230e387aef85612dcd6fc59cebe5. Change-Id: I134a3da3700381043bc93aed300ce4ec263e8698
2018-08-20mgcp: add VTY Option to force-realloc endpointsPhilipp Maier4-2/+18
Currently the force_realloc feature is turnd on and of in a hardcoded way. This patch makes the option available via VTY. Backport from osmo-mgw.git. Change-Id: Ic8740512c5ea0766ff6ceb1c28b9c2b3fe46e75f
2018-08-16vty: Fix typo writing bts-jitter-buffer-delay-{min,max}Pau Espin Pedrol2-4/+4
Change-Id: I83948ce626b924802d1963411a3f40c5fed24355
2018-07-12bsc: ctrl: Avoid sending back received ERROR msgsPau Espin Pedrol1-2/+3
Change-Id: Ib5963e4d15a4a6b077d7a97fbbde6e5134c77e9a
2018-07-12nat: ctrl: Avoid sending back received ERROR msgsPau Espin Pedrol1-7/+11
We only send back if we had an error parsing the message locally. If we receive an ERROR message from a bsc, we try to forward it if the ID is valid, otherwise only log the received error description locally. Related: OS#3394 Change-Id: I7b4d20aea7a16c4b4e5add7c274a4ed34a7f6b8d