From 91a0e8639a74231f41d14ca7cc952079cc541755 Mon Sep 17 00:00:00 2001 From: Jacob Erlbeck Date: Wed, 17 Sep 2014 10:56:38 +0200 Subject: gbproxy: Separate SGSN numeric namespaces Currently the SGSN side message's TLLI are searched without checking the originating SGSN. This leads to collisions if both SGSN use the same P-TMSI for different MS. With this patch, the SGSN NSEI is stored within the tlli_info and is used in comparisons to separate the namespaces. Note that this type of collision cannot happen with BSS numbers, since the tlli_info are already separated and stored per (BSS) peer. Sponsored-by: On-Waves ehf --- openbsc/include/openbsc/gb_proxy.h | 5 ++++- openbsc/include/openbsc/gprs_gb_parse.h | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'openbsc/include') diff --git a/openbsc/include/openbsc/gb_proxy.h b/openbsc/include/openbsc/gb_proxy.h index d9731a729..d818114ba 100644 --- a/openbsc/include/openbsc/gb_proxy.h +++ b/openbsc/include/openbsc/gb_proxy.h @@ -140,6 +140,7 @@ struct gbproxy_tlli_info { struct gbproxy_tlli_state tlli; struct gbproxy_tlli_state sgsn_tlli; + uint32_t sgsn_nsei; time_t timestamp; uint8_t *imsi; @@ -211,9 +212,11 @@ struct gbproxy_tlli_info *gbproxy_find_tlli( struct gbproxy_peer *peer, uint32_t tlli); struct gbproxy_tlli_info *gbproxy_find_tlli_by_imsi( struct gbproxy_peer *peer, const uint8_t *imsi, size_t imsi_len); +struct gbproxy_tlli_info *gbproxy_find_tlli_by_any_sgsn_tlli( + struct gbproxy_peer *peer, uint32_t tlli); struct gbproxy_tlli_info *gbproxy_find_tlli_by_sgsn_tlli( struct gbproxy_peer *peer, - uint32_t tlli); + uint32_t tlli, uint32_t sgsn_nsei); struct gbproxy_tlli_info *gbproxy_find_tlli_by_ptmsi( struct gbproxy_peer *peer, uint32_t ptmsi); diff --git a/openbsc/include/openbsc/gprs_gb_parse.h b/openbsc/include/openbsc/gprs_gb_parse.h index 3aa17fd8b..6ab105922 100644 --- a/openbsc/include/openbsc/gprs_gb_parse.h +++ b/openbsc/include/openbsc/gprs_gb_parse.h @@ -39,6 +39,7 @@ struct gprs_gb_parse_context { uint32_t tlli; int pdu_type; int old_raid_is_foreign; + int peer_nsei; }; int gprs_gb_parse_dtap(uint8_t *data, size_t data_len, -- cgit v1.2.3