path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2017-10-28automatically create db tables on osmo-hlr invocationNeels Hofmeyr3-0/+75
If a database file is missing, osmo-hlr creates it, as is the default sqlite3 API behavior -- before this patch, that db file is created, but lacks useful tables. Actually also create initial tables in it, as osmo-nitb did. In effect, the 'vty-test' target in tests/ no longer needs to create a database manually. (The 'ctrl-test' still does, because it also wants to add subscriber data on top of the bare tables.) Note: it could be desirable to bail if the desired database file does not exist. That is however a different semantic from this patch; this is not changing the fact that a db file is created, this just creates a usable one. Note: I am about to add osmo-hlr-db-tool to do database migration from osmo-nitb. For that, it is desirable to bootstrap a usable database, which is the core reason for this patch. Don't plainly duplicate hlr.sql to .c, but create db_bootstrap.h as a BUILT_SOURCE from reading in sql/hlr.sql and mangling via sed to a list of SQL statement strings. On each db_open(), run this bootstrap sequence. In sql/hlr.sql, these tweaks are necessary: * Add 'IF NOT EXISTS' to 'CREATE TABLE', so that the bootstrap sequence can be run on an already bootstrapped db. * Drop the final comment at the bottom, which ended up being an empty SQL statement and causing sqlite3 API errors, seemed to have no purpose anyway. Note: by composing the statement strings as multiline and including the SQL comments, sqlite3 actually retains the comments contained in table definitions and prints them back during 'sqlite3 hlr.db .dump'. Change-Id: If77dbbfe1af3e66aaec91cb6295b687f37678636
2017-10-27ctrl: completely replace all CTRL commandsNeels Hofmeyr2-37/+326
The previous commands are not conforming to how the CTRL interface is intended to work: SET enable-ps <IMSI> SET disable-ps <IMSI> SET status-ps <IMSI> 'status-ps' is a write-only command even though it returns the status. 'enable-ps' / 'disable-ps' indicate the value instead of a variable name of an entity. The entity <IMSI> takes the place of the variable value. See also Instead, replace with SET {0,1} GET and also provide further CTRL functions while at it: {SET,GET}{imsi,msisdn,id}-123456.{cs,ps}-enabled {0,1} GET{imsi,msisdn,id}-123456.{info,info-aud,info-all} Provide CTRL tests in the form of transcripts. Adjust tests/test_subscriber.sql to feature nonzero SQN, to see some values for SQN in the CTRL transcript tests. (This does not affect the VTY tests, because that creates its own subscribers, and there's no VTY command to set the SQN.) This is the first time an application uses CTRL_NODE ids that are defined outside of libosmocore, see 'Depends' below. Implementation choice: the first idea was to have a '.' between the 'by-xxx' and the value, like: but the difficulty with subscribers is that they are not in RAM, and I can't just point node_data at a struct instance that is always there (like, say, a global bts[0] struct in osmo-bsc). Instead, I want to store the selector and later decide whether to read from the DB or whatever. With a '.' separating things, the only way in a ctrl function to obtain both 'by-xxx' and '123456' for picking a subscriber record would be to parse the entire variable path string elements, including 'subscriber' and 'function', which would then also clumsily fix at which node level we hook these commands; there could have been separate CTRL_NODE_SUBSCR_BY_{IMSI,MSISDN,ID} parent nodes, but we cannot introspect the current parent node dynamically within a ctrl function handler (plus I'm not sure whether it's possible and a good idea to have the same command under multiple parent nodes). Rather than that, I store the 'by-foo-123' token in the node_data pointer to have both bits of information pointed at by a single pointer; I use the incoming command parsing to get this token pre-separated from surrounding node names, and no need to re-allocate it, since the vector of tokens lives until after command execution is complete. Each leaf command obtains this token from cmd->node (aka node_data), and feeds this token to a common static function to parse selector and value from it and to retrieve a subscriber record as needed. (BTW, I have mentioned on the mailing list that this way might be necessary to avoid numeric-only CTRL node names, but we don't need to, and that is not at all related to this choice of structure.) Depends: libosmocore I1bd62ae0d4eefde7e1517db15a2155640a1bab58 libosmocore Ic9dba0e4a1eb5a7dc3cee2f181b9024ed4fc7005 Change-Id: I98ee6a06b3aa6a67adb868e0b63b0e04eb42eb50
2017-10-27cosmetic: tweak params of hlr_controlif_setup()Neels Hofmeyr3-9/+8
Cosmetically prepare for adding new CTRL commands in hlr_controlif_setup(): - drop unused 'gs' param. - use ctrl_interface_setup_dynip2(), so far with default CTRL nodes; custom nodes will be added soon. Prepares: I98ee6a06b3aa6a67adb868e0b63b0e04eb42eb50 Change-Id: I63004a7953b04988449697dbc5d55d7ed0c6d82d
2017-10-25db api: fix/add API docsNeels Hofmeyr1-13/+76
Change-Id: I854fafd8e56bd0b8394f8ed79d023c11c2fdbdca
2017-10-23vty: fix output of empty IMSINeels Hofmeyr1-1/+1
Check *subscr->imsi, not subscr->imsi, since it is a char[]; same as msisdn below already does. Was introduced in change I42b3b70a0439a8f2e4964d7cc31e593c1f0d7537 / commit 183e7009afc8577f0d89c99f92a5720697040494. Fixes: coverity CID 178166 Change-Id: I72e13efefbac0495b8dd1949a39fa44ebfd46b56
2017-10-17add hlr_subsrc_nam to put GSUP client notification in proper APINeels Hofmeyr3-15/+58
This code should not live in a CTRL interface function but be proper hlr_* API. Change-Id: I4c9b8f9ad51d49517474e8b51afc3cc2e1c9299a
2017-10-17api doc: say that lu_op_tx_del_subscr_data() doesn't freeNeels Hofmeyr1-1/+2
Change-Id: Ia341d8e5bfc6eb0dc59945281ce88eecfaab057e
2017-10-17fix mem leak in handle_cmd_ps(): free luopNeels Hofmeyr1-0/+1
Each GSUP client creates a luop, but since lu_op_tx_del_subscr_data() doesn't free the luop, each allocated luop leaks memory. Change-Id: If912dc992bc7f18c49d22ec0436d9679c1cd04f6
2017-10-17luop: fix mem leak upon error in lu_op_alloc_conn()Neels Hofmeyr1-1/+3
Free allocated luop if osmo_gsup_conn_ccm_get() fails. Change-Id: I3ebd5fb5e313be452de893248dd58b2bb73ba94a
2017-10-17add lu_op_free(), use in luop.cNeels Hofmeyr2-4/+12
Add to luop.h, it will be used in db_hlr.c in an upcoming patch. Change-Id: Ib44d9062edc957d2e0710b7e485604f97e4d5612
2017-10-17implement subscriber vty interface, testsNeels Hofmeyr4-0/+492
Implement VTY commands for subscriber manipulation: - create / delete subscriber - modify MSISDN - add/edit/remove 2G and 3G authentication data - show by IMSI, MSISDN or DB ID. (enable/disable CS/PS and purge/unpurge to follow later.) Implement VTY unit tests for the new commands using new from osmo-python-tests. Depends: libosmocore I1e94f5b0717b947d2a7a7d36bacdf04a75cb3522 osmo-python-tests Id47331009910e651372b9c9c76e12f2e8964cc2c Change-Id: I42b3b70a0439a8f2e4964d7cc31e593c1f0d7537
2017-10-15fix db_subscr_get_by_*(): clear output data; test in db_test.cNeels Hofmeyr1-0/+2
db_subscr_get_by_*() failed to clear the out-param struct, meaning that data could remain in a struct even though it is not present in the database. Always zero out the struct before writing to it. Adjust the db_test to catch this error by writing "-invalid-data-" to each struct before running db get functions. Change-Id: I038bd437452c87841d709fcdd5ac30ab1356b2db
2017-10-11code undup: use db_bind_text() in db_get_auth_data()Neels Hofmeyr2-9/+3
To make the db_bind_text() error reporting mention "imsi", change the DB_STMT_AUC_BY_IMSI to use a named parameter. Change-Id: I49bd5eb78170cf4cdf8abb386c766d20d9f1cf73
2017-10-11fix db_update_sqn(): reset stmt in all error casesNeels Hofmeyr2-17/+26
Use the common db_bind_int64() so that the stmt bindings are cleared for any errors and to get error logging for free. On error with sqlite3_step(), log the SQL error message, and make sure the stmt is cleared of bindings and reset. After sqlite3_step(), verify that exactly one row was modifed, log and return errors otherwise. After this patch, the DB interaction closely matches the other (refactored) DB functions. Change-Id: I0d870d405e2e0a830360d9ad19f0a3f9e09d8cf2
2017-10-11code undup: use db_remove_reset() in db_auc.cNeels Hofmeyr1-20/+2
Change-Id: I32d728e2b8a9771421c097647aa0e060e29a601f
2017-10-11refactor db_get_auth_data return valNeels Hofmeyr1-7/+8
Adopt the error handling of the other db functions: return -ENOENT on unknown subscriber and -EIO on SQL failure. Return 0 for no error, instead of the number of rows modified. Adjust the single caller: db_get_auc() (and db_test.c). Change-Id: I006f471962bdad95d00a3a4c41a28ebbc9740884
2017-10-11add db_subscr_update_aud_by_id(), complete db_subscr_delete_by_id()Neels Hofmeyr3-2/+243
Add ability to add and remove auc_2g and auc_3g table rows with db_subscr_update_aud_by_id(). In db_subscr_delete_by_id(), make sure that when deleting a subscriber, also all auth data associated with that user ID is removed as well. A newly created subscriber must not obtain the same auth tokens just by getting the same id. Depends: libosmocore Idf75946eb0a84e145adad13fc7c78bb7a267aa0a Change-Id: Icb11b5e059fb920447a9aa414db1819a0c020529
2017-10-11refactor db_subscr_purgeNeels Hofmeyr4-17/+39
Use named parameters in the SQL statements. Use db_bind_* functions to drop some code dup. Adopt error handling (rc and logging) to match the other db functions: return -ENOENT for unknown subscriber, -EIO for SQL failures. Change-Id: Iad49d29b90a708c6cf55bfb3bcc02d9e29001a15
2017-10-11refactor db_subscr_lu()Neels Hofmeyr3-32/+32
Use named parameters in the SQL statement. Use db_bind_* functions to drop some code dup. Use explicit subscriber id arg instead of subscriber struct. Match return values and error logging to other db functions. Change-Id: I35665e84ddbe54a6f218b24033df969ad2e669a0
2017-10-11refactor db_subscr_ps() to db_subscr_nam()Neels Hofmeyr4-20/+47
Allow to set nam_ps and nam_cs from this same function, by adding the is_ps arg. Combine both NAM_PS stmts to DB_STMT_UPD_NAM_PS_BY_IMSI, add another such stmt for CS. Use named parameters instead of parameter indexes. Improve error return values as well as error logging to clearly indicate whether the operation could not find the requested IMSI, or other errors occured. Adjust the single caller. This prepares for upcoming VTY and possibly CTRL commands, and the error handling introduced here has been or will be adopted by other functions in previous or subsequent patches. Change-Id: I6e70e15228f5bb10bee6758ae5dc9687d65839bd
2017-10-11add db_subscr_get_by_msisdn() and db_subscr_get_by_id()Neels Hofmeyr3-15/+100
Factor out the selected SQL columns as SEL_COLUMNS macro, so that each of the new DB_STMTs will select identical columns: the old DB_STMT_SEL_BY_IMSI as well as the new DB_STMT_SEL_BY_MSISDN and DB_STMT_SEL_BY_ID. Add the new functions db_subscr_get_by_msisdn() and db_subscr_get_by_id() and factor out common parts with db_subscr_get_by_imsi() to static db_sel(). Change-Id: I6d0ddd1b7e3f6b180b4b1b2663c5725d2a4a9428
2017-10-11db: use int64_t as subscriber idNeels Hofmeyr2-6/+6
The SQLite db does not support uint64_t, and we are always binding the uint64_t id actually as signed int64_t. Hence be consistent and actually handle it as int64_t in the code as well. This means that if we ever see a negative subscriber ID in the SQL database (however unlikely), we will also see it negative in our log output. The SQN handled in osmo_auth* is actually of unsigned type, and, unless we store the SQN as 64bit hex string, we are forced to feed this unsigned value as signed int64_t to the SQLite API. The upcoming db regression test for SQN in change-id I0d870d405e2e0a830360d9ad19f0a3f9e09d8cf2 verifies that the SQN uint64_t translates to signed int64_t and back as expected. Change-Id: I83a47289a48ac37da0f712845d422e897a5e8171
2017-10-11less noise: simplify db_remove_reset()Neels Hofmeyr2-14/+4
db_remove_reset() needs to be called after each stmt run, whether it succeeded or not. In case sqlite3_clear_bindings() would fail to unbind a stmt, we would anyway be beyond recovery. There seem to be no plausible situations where such failure would occur, unless there have been no bindings in the first place. In case there was an SQL stmt failure, sqlite3_reset() will re-barf the same error message, we will always have logged it earlier already in the proper context. We are never evaluating the return value, nor would we know how to recover from non-success. The conclusions: - db_remove_reset() does not need to log any errors. - db_remove_reset() does not need to return success. Change-Id: I21678463e59f607f5f5c5732963e274392f0fffd
2017-10-11add db_subscr_create(), db_subscr_delete(), db_subscr_update_msisdn_by_imsi()Neels Hofmeyr3-0/+128
These will be needed by VTY commands to create, delete and modify subscribers. Auth data editing will follow in another patch. The FIXME "also remove authentication data from auc_2g and auc_3g" will get fixed in change-id Icb11b5e059fb920447a9aa414db1819a0c020529. Change-Id: I725273d36234331093e7fff7d5f12f6be6ab2623
2017-10-11add db_bind_int() and db_bind_int64()Neels Hofmeyr2-0/+46
Will be used in upcoming patches, e.g. change-IDs - I6e70e15228f5bb10bee6758ae5dc9687d65839bd - I83a47289a48ac37da0f712845d422e897a5e8171 Change-Id: I705a15eef242c98feb6e95a883916f6cf8173d70
2017-10-11cosmetic: don't log about missing SQLite log cbNeels Hofmeyr1-3/+11
SQLite3 seems to be commonly compiled without log callback support. It is then misleading to see a seeming error message about this on each osmo-hlr startup. Avoid the impression that we would miss out on important logging: query sqlit3_compileoption_get() whether SQLITE_CONFIG_SQLLOG is enabled. Try to register the callback only if present, if not, say so on DEBUG log. See "SQLITE_ENABLE_SQLLOG" Change-Id: I78d75dc351eb587b0a022f82f147e9a31c0324c5
2017-10-11cosmetic: db_hlr: SL3_TXT: clarify indentingNeels Hofmeyr1-6/+7
Before, it looked like the nul term was within the if () body (despite no body being present). While at it, also remove one of the two tabs of indenting and put the opening 'do {' on its own line. Change-Id: I8d03433b6fba90f4e46814bc54636bc3a444cc46
2017-10-11cosmetic: log: "SQLite" with capital LNeels Hofmeyr1-4/+4
Change-Id: I43a6ea646f14cfea3a7cd4eb88237ada6d47f5f1
2017-10-10cosmetic: log IMSI='<imsi>', log "no such subscriber"Neels Hofmeyr2-3/+3
In LOGHLR and LOGAUC, log IMSI='<imsi>' instead of just <imsi>: In the log, it is not always obvious to the reader that the printed number refers to an IMSI (vs. an MSISDN or in the future an IMEI). In db_get_auth_data(), log "No such subscriber" instead of just "Unknown", to clarify what exactly is meant. Change-Id: I2ec8ab5e67d4e95083f6e39232fc91ebaa080cb8
2017-10-10cosmetic: multi-line DB_STMT_AUC_BY_IMSINeels Hofmeyr1-1/+6
In multiple lines, the statement becomes more readable. I'd like to get this change out of the way before upcoming SQL statement edits and additions. Change-Id: Icf09f4bbb298a516aa52c81e3ca67d9d91d8c7c2
2017-10-10cosmetic: refactor db_bind_imsi() as db_bind_text()Neels Hofmeyr3-9/+18
There are more uses for a generalized db_bind_text(), and in an upcoming patch there will be similar functions like db_bind_int(). Also, add argument param_name, optionally indicating a named SQL parameter to bind to, which will be used in subsequent patches. So far, all callers pass NULL to yield previous db_bind_imsi() behavior of binding to the first param. Change-Id: I87bc46a23a724677e8319d6a4b032976b7ba9394
2017-10-10cosmetic: rename db_subscr_get() to db_subscr_get_by_imsi()Neels Hofmeyr4-6/+6
There will be more additions, _by_msisdn() and _by_id(), to serve the upcoming VTY commands, to allow flexibly selecting subscribers as in the old OsmoNITB. Change-Id: I32fa676ccc5c10eba834c4390c8a42476b9c1961
2017-10-10cosmetic: prepend DB_STMT_ to enum stmt_idx entriesNeels Hofmeyr4-30/+30
There are upcoming additions, and some seem too general without a proper common prefix in the identifiers, like 'CREATE'. Change-Id: I51b677db31a1ebbbc45dc7925074de7493fbde1f
2017-07-21use OSMO_GSUP_PORT == 4222 instead of hardcoded 2222Neels Hofmeyr1-1/+1
Depends: I4222e21686c823985be8ff1f16b1182be8ad6175 (libosmocore) Change-Id: I9b372a4ac38677773bf813acba80cebcd88e2e20
2017-06-01VTY: Add hlr node and bind ip fieldPau Espin Pedrol4-5/+111
With this patch the address osmo-hlr binds to can be changed to something else than Change-Id: I79f7a300480f308b21116dd14d1698be38725afd
2017-03-20fix db_subscr_ps error handlingNeels Hofmeyr1-1/+2
Reset stmt and return right away on failure to execute. Change-Id: I27e8b46915efd678c72138e250a9cbb4c9c8ac20 Fixes: Coverity Scan CID#164747
2017-03-16debug log: output ind slot, previous sqn, and sqn db updateNeels Hofmeyr2-1/+4
Change-Id: Ib86442ea45f6c1948b3d260f59d35bdca38fbd32
2017-03-16UMTS AKA: implement SQN increment according to SEQ and INDNeels Hofmeyr7-11/+64
Add ind_bitlen column to auc_3g to record each USIM's IND size according to 3GPP TS 33.102 -- default is 5 bits, as suggested by the spec. Introduce auc_3g_ind to each connecting GSUP client to use as IND index for generating auth tuples sent to this client. With osmo_gsup_server_add_conn(), implement a scheme where clients receive fixed auc_3g_ind indexes based on the order in which they connect; each new connection takes the lowest unused auc_3g_ind, so in case one of the clients restarts, it will most likely receive the same auc_3g_ind, and if one client disconnects, no other clients' auc_3g_ind are affected. Add gsup_server_test.c to test the auc_3g_ind index distribution scheme. Depends: libosmocore I4eac5be0c0b2cede04464c4c3a0873102d952453 for llist_first Related: OS#1969 Change-Id: If4501ed4ff8e923fa6fe8b80c44c5ad647a8ed60
2017-03-16fix debug log: adjust to new SQN increment schemeNeels Hofmeyr2-7/+3
We can no longer accurately print the SQN from AUTS resync, since the SQN is incremented after AUTS. Instead, always print the SQN from the generated tuple, i.e. exactly the one left in auth data *after* the tuple was generated. This change was forgotten in recent adjustments to the new SQN incrementing scheme from libosmocore, in change-id I4ec5a578537acb1d9e1ebfe00a72417fc3ca5894 for libosmocore change-id Iadf43f21e0605e9e85f7e8026c40985f7ceff1a3. It should have been obvious that something was missing in the previous patch from the auc_test output: the SQN in the output changed while the AUTN remained the same. That slipped by without being noticed :/ Change-Id: I0e1e828da931a3d22c75306c55bdb7f44df6512f
2017-03-07fix: properly handle error rc by osmo_gsup_conn_ccm_get()Neels Hofmeyr1-2/+8
Change-Id: I70e4a5e75dd596052e61df9a6ad52b7f56fb6b26
2017-03-06CTRL: add enable/disable packet service cmdsMax6-7/+79
Add commands to enable/disable Packet Service for a given IMSI. Changes are synced to DB and propagated at runtime to SGSN (in case of disable command). Change-Id: I23163ce8667292443ed61cb15c928357dba4b4be Related: OS#1645
2017-03-06Add CTRL interfaceMax5-0/+133
* add command to query Packet Services (GPRS etc.) for particular IMSI. * add vty command to configure ctrl bind address * add missing vty copyright notice Change-Id: Id787ef4aa88473c3bbde6ee25117b1fd99dc8fcb Related: OS#1645
2017-03-05Make subscr parameter to db_subscr_get() optionalMax1-5/+9
This allows to check for subscriber's presence in DB without the need to bother with unused structure allocation. While at it also call to db_remove_reset() and return explicitly instead of using goto to make it a bit easier to follow the code. Change-Id: I83b0f4a5dacb97614721690ef55bc1311624a58e
2017-03-05Add global HLR structMax4-24/+64
Introduce g_hlr of type 'struct hlr' which holds pointers to all globally accessible variables. Change-Id: I275d3d54482f696e3378606b2406c7e0ad939e0f Related: OS#1645
2017-02-22auc_compute_vectors(): fix AUTS resync for multiple vectorsNeels Hofmeyr1-1/+3
Fix bug where AUTS was fed to each vector generation and thus each vector was generated with the same SQN. In auc_3g_test, adjust the bug indicating test expectations to now expect the proper results. Depends: libosmocore change-id If943731a78089f0aac3d55245de80596d01314a4 Change-Id: I425a1d92c85896227341f565f5361c0d830ce866
2017-02-22cosmetic: refactor auc_compute_vectors(), add debug logNeels Hofmeyr1-30/+84
Make the generation logic easier to understand (hopefully). Massively extend debug logging, which serves to illustrate the current AUTS failure shown by auc_3g_test. Since DAUC now logs the vectors, there is no need to print the vectors in VEC_IS() in auc_3g_test and auc_ts_55_205_test_sets anymore. Adjust testlog expectations accordingly. Change-Id: Ifb36d010a4ac64c765517e15b9074424ec19cc60
2017-02-22auc_gen_vectors(): ensure sane arguments, testNeels Hofmeyr1-3/+32
In auc_gen_vectors(), add various checks that the auth data arguments passed make sense, and add unit test to verify that they work. (Caught a segfault due to NULL dereference with this.) Change-Id: I775652b6a91d382707ce32176a3fe4ef547cbca7
2017-02-21Add routines to update nam_psMax3-8/+38
Add SQL queries to change nam_ps value and function which uses them. Change-Id: I24fb79e084b2dfa6a81b52f448b94a86e47014ef
2017-02-20Fix compiler's warning about printf securityMax1-1/+1
Also, fix log formatting: SQL statements do not have '\n' at the end. Note: sqlite should be compiled with SQLITE_ENABLE_SQLLOG for this code to work at all. Change-Id: I5e53de54ad1b9da18e1f414932cfd21be71ab154
2017-02-20db: move duplicated code into helper functionsMax3-46/+47
* move common cleanup code into separate function * add helper function for IMSI binding * use errno.h instead of numbers Change-Id: Iec81b56ab1ccc948807854a3947b04355a555c10