AgeCommit message (Collapse)AuthorFilesLines
2017-12-19db: wrap dbi querying to log actual SQL on debug and errorneels/dbi_debugNeels Hofmeyr1-34/+64
To be able to tell at all which DB query failed without introspecting the code in gdb or similar, wrap the database query functions in local shims that log the SQL. Related: OS#2667, OS#2706 Change-Id: I4171dad8ffffbf634a75dedde752d82c51ff7803
2017-12-18a_iface_bssap: compiler warning: cast const away from TLV val for l2hNeels Hofmeyr1-2/+2
Change-Id: Id91a4299391ff0d0e4e28ed05c2f755b9702146a
2017-12-18compiler warning: extend #if 0 to include unused arrayNeels Hofmeyr1-2/+0
Change-Id: I5157d6c6d0aab469011ea648369f8e743e2cb085
2017-12-18fix GSM-Milenage in presence of 2G keysNeels Hofmeyr1-1/+7
In case of UMTS AKA, the Kc for ciphering must be derived from the 3G auth tokens. tuple->vec.kc was calculated from the GSM algorithm and is not necessarily a match for the UMTS AKA tokens. So far we were always sending the Kc retrieved from osmo-hlr. If the 2G auth algo is set to milenage, the 2G Kc coincides with the one derived from 3G tokens, but if 2G is set to a different algorithm, the Kc received from the osmo-hlr is not usable for ciphering when UMTS AKA was used for authentication (on R99 capable GERAN and MS). Implementation: To decide whether to use UMTS AKA derived Kc or the Kc from the auth vector, use the umts_aka flag added to set_ciph_mode() in a previous patch. Use osmo_auth_c3() to derive the GSM AKA Kc from the UMTS AKA CK and KI. Related: OS#2745 Requires: I85a1d6ae95ad9e5ce9524ef7fc06414848afc2aa (libosmocore) Change-Id: If04e405426c55a81341747a9b450a69188525d5c
2017-12-18cosmetic: msc_paging_request: drop obsolete commentNeels Hofmeyr1-2/+0
Change-Id: Icb5b7dbbca3ca0db3d80a4b693c57c6d67fd823e
2017-12-18drop unused T* timers (BSC land, not MSC)Neels Hofmeyr1-25/+0
Change-Id: If27899c90b7c79f25cd5fd5e2429cb3012d69744
2017-12-18cosmetic prep: tell vlr_ops.set_ciph_mode() whether UMTS AKA is usedNeels Hofmeyr6-2/+14
In case of UMTS AKA, the Kc for ciphering must be derived from the 3G auth tokens. tuple->vec.kc was calculated from the GSM algorithm and is not necessarily a match for the UMTS AKA tokens. To decide (in an upcoming patch) whether to use UMTS AKA derived Kc or the Kc from the auth vector, the set_ciph_mode() from vlr_ops needs to know whether UMTS AKA is being used. This could possibly derived from the msc_conn_ref, but all flags are already available in the vlr_lu_fsm and vlr_access_req_fsm. Hence add a umts_aka flag to the set_ciph_mode() callback invocation. The VLR FSMs thus decide whether UMTS AKA or GSM AKA is to be used during Ciphering Mode Command, which makes more sense than re-implementing the same decision process in the MSC. I considered placing the Kc derivation in vlr_set_ciph_mode() and only tell the MSC's set_ciph_mode() implementation the precise keys it should use, but the RAN particulars, and whether a Kc is used at all, rather belong with the MSC. Related: OS#2745 Prepares: If04e405426c55a81341747a9b450a69188525d5c Change-Id: I983c48347faf4ee1b405d8174b4e006c904157cf
2017-12-18cosmetic prep: publish vlr_use_umts_aka() decisionNeels Hofmeyr3-11/+20
During Set Ciphering Mode on GERAN, it is required to know whether UMTS AKA is used to decide which Kc to pick. Change static function is_umts_auth() into public vlr_use_umts_aka(), so future patches can re-use it. Prepares: If04e405426c55a81341747a9b450a69188525d5c Change-Id: I85d784c62ecbabdb6186a3dae4dcd554e7921041
2017-12-18cosmetic: move translation of vlr_ciph into msc_vlr_set_ciph_mode()Neels Hofmeyr3-29/+24
a_iface_tx_cipher_mode() is a bit too far away from the VLR to be handling its ciphering enums. Instead, construct the gsm0808_encrypt_info in the msc_vlr_set_ciph_mode() callback. Greatly simplify the sanity checking code: a_iface_tx_cipher_mode() no longer needs to re-verify the presence of the gsm0808_encrypt_info contents. Change-Id: Id46f9a513b555d0a481f7124c9984c2b5b196b3e
2017-12-18fix BSSMAP Cipher Mode Cmd: properly set permitted algorithmsNeels Hofmeyr2-1/+17
The bit shifting is performed in gsm0808_enc_encrypt_info(), and must not be done when populating the gsm0808_encrypt_info struct. Provide vlr_ciph_to_gsm0808_alg_id() to translate the enum vlr_ciph to the GSM0808_* constants we need to put in the gsm0808_encrypt_info struct instead. Related: OS#2745 Change-Id: If75f95e8a5cc8b9979610ce6d746c1f0073ee39a
2017-12-18vlr: debug log: log Ciphering Mode detailsNeels Hofmeyr5-0/+28
Change-Id: Ib19dfd7255bda01ebace62386df4ec89697d9d14
2017-12-18cosmetic: msc_vlr_tests: log SMS details when invoked with -vNeels Hofmeyr1-0/+3
DLSMS logs SMS pointers, so is not suitable for logging them always. Allow logging for manual invocation, though. Change-Id: I1b7d2fd3fb38bf50eeabd6f7ef736d70a17de7a6
2017-12-18debug log: a_iface_tx_cipher_mode(): log cipher and keyNeels Hofmeyr1-1/+9
Introduce LOGPCONN() which would also be useful in numerous other places in this file. Change-Id: Ib406d6e6784342341e716206997e382c702ac9d2
2017-12-14compiler warning: drop double 'const' in a_iface_tx_cipher_mode()Neels Hofmeyr2-2/+2
Change-Id: I3b8baa9a259704e719ce7f12776f2d2125ebdef0
2017-12-14fix vty write: add missing 'authentication optional/required' outputNeels Hofmeyr1-0/+2
Change-Id: I4918b8a8a6f4cbe783f588ebe68a2cf1e7e50ae2
2017-12-10sms.db: silence libdbi warnings on out-of-range indexNeels Hofmeyr1-7/+14
Apparently, since libdbi 0.9.0 aka 0.9.0-5 on debian-testing, osmo-msc barfs numerous libdbi warnings whenever a query rightfully returns no rows. Trivially query whether there are any rows first by adding an inline wrap function next_row(). Silenced: DDB <000d> ../../../../src/osmo-msc/src/libmsc/db.c:188 DBI: -6: An invalid or out-of-range index was passed to libdbi DDB <000d> ../../../src/libosmocore/src/backtrace.c:47 backtrace() returned 11 addresses DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0xfb81) [0x555555563b81] DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/lib/x86_64-linux-gnu/libdbi.so.1(_error_handler+0x99) [0x7ffff63f5c39] DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/lib/x86_64-linux-gnu/libdbi.so.1(dbi_result_next_row+0x3d) [0x7ffff63f785d] DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0x11172) [0x555555565172] DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0x1e6bc) [0x5555555726bc] DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0x1e7f6) [0x5555555727f6] DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0x1f1d2) [0x5555555731d2] DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0xbb86) [0x55555555fb86] DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1) [0x7ffff5cfe561] DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0xbfba) [0x55555555ffba] Related: OS#2667 Change-Id: Ib8993c8db171d1e845a6297deef137d18506cda3
2017-12-06sms db: properly quote MSISDN in various SQL queriesNeels Hofmeyr1-5/+18
Related: OS#2706 Change-Id: I793a3863e6f4ccbabafc7dabaff97a8c79bbd8e0
2017-12-06sms db: don't attempt to query pending SMS for unset MSISDNNeels Hofmeyr1-0/+4
When the subscriber has no MSISDN, we might construct an invalid SQL statement such as ... AND dest_addr= AND ... Instead, don't even query for empty MSISDNs. Related: OS#2706 Change-Id: I7d6169d774b2da04b3051957e364fe620feed51e
2017-12-05Remove utils imported from openbsc, fix building remaining util smpp_mirrorAlexander Huemer8-1196/+5
Related: OS#2522 Change-Id: If7e1af11cdac8587bb4d66fb4eacee4b79945359
2017-12-05Add missing CFLAGSAlexander Huemer5-2/+17
Change-Id: I67b5d797a80b55e01dcdbb8c782748b049cf9199
2017-12-05mncc: remove deprecated commandline option.Philipp Maier1-6/+1
The commandline option -m has already been deprecated before the split. Use the split as an opportunity to get rid of this option. Change-Id: Ie23d492a839aae85470e39b0d0ad8f57b0d38f7e
2017-12-05mncc: re-add lchan members to structsPhilipp Maier1-0/+4
The lchan related struct members do not serve any useful purpose in the msc code, since the lchan concept is not in the scope of osmo-msc. However, if removed te struct size will change which will lead into shortened protocol messages as well. This is is detected by osmo-sip-connector and eventually leads into a reject ofthe shortended protocol messages. Re add the missing struct members in order to maintain compatibility This commit reverts the changes made to mncc.h by commit: e2f24d53e4f80b34ec6d656d93127cb598229a96 Change-Id: Ia02373a36df7605507ee3de49173a9fd6547b726
2017-12-03Remove unneeded .py scriptsMax8-863/+2
The ipa.py has been moved to osmo-python-tests as osmo_ipa - use it for vty and ctrl tests instead of local copy. The soap.py and twisted_ipa.py are not MSC-specific: leftovers from repository split which are now available in osmo-python-tests as well. Change-Id: Ia3ab77846c9beae7eca32a81079a4a9bfa4dcc75
2017-12-01cosmetic: remove duplicate loggingPhilipp Maier1-24/+2
The log output of the reset FSM duplicates lots of the built in FSM log output. Remove duplicate logging, use more expressive log messages where needed. Change-Id: Ie031d947a5b8097bd656c0271081af215605ba02
2017-11-29Remove obsolete ./configure optionMax3-8/+3
The '--enable-vty-tests' is just alias to '--enable-external-tests' anyway. Change-Id: I8ab3ac3d9becee6b4e989b4e71d34598ea012f47
2017-11-29Add basic CTRL testMax1-387/+8
All the CTRL tests were skipped automatically because they were inherited from before repo split time. This means that MSC CTRL interface was not tested at all. Add trivial test which uses generic rate counter introspection so we at least check that MSC's CTRL interface is not completely broken. Change-Id: I784feece666b00752a81f2c126e6f255505445be
2017-11-27fix use after free: missing conn_get on CC paging responseNeels Hofmeyr2-16/+16
Adjust test expectations accordingly. The error was: ==16084==ERROR: AddressSanitizer: heap-use-after-free on address 0x61500000f5f4 at pc 0x561be639ac2b bp 0x7ffc0aabbe40 sp 0x7ffc0aabbe38 READ of size 4 at 0x61500000f5f4 thread T0 #0 0x561be639ac2a in _msc_subscr_conn_put ../../../../src/osmo-msc/src/libmsc/osmo_msc.c:384 #1 0x561be636070b in rx_from_ms ../../../../src/osmo-msc/tests/msc_vlr/msc_vlr_tests.c:204 #2 0x561be6360b21 in ms_sends_msg ../../../../src/osmo-msc/tests/msc_vlr/msc_vlr_tests.c:217 #3 0x561be635b40a in test_call_mt ../../../../src/osmo-msc/tests/msc_vlr/msc_vlr_test_call.c:328 #4 0x561be6363bb7 in run_tests ../../../../src/osmo-msc/tests/msc_vlr/msc_vlr_tests.c:802 #5 0x561be63524ea in main ../../../../src/osmo-msc/tests/msc_vlr/msc_vlr_tests.c:849 #6 0x7f6eebb3e2b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0) #7 0x561be6352fb9 in _start (/n/s/osmo/make-3G/osmo-msc/tests/msc_vlr/msc_vlr_test_call+0xdafb9) Related: OS#2672 Change-Id: If0659a878deb383ed0300217e2c41c8c79b2b6a5
2017-11-27add msc_vlr_test_call to reproduce a sanitizer errorNeels Hofmeyr7-4/+1131
On MT call, there is a bug in CC conn use which leads to an early free and use-after-free. Add msc_vlr_test_call to show both MO and MT call legs separately and reproduce the failure. It is visible in a sanitizer build (on debian 9). A subsequent patch will fix the bug: If0659a878deb383ed0300217e2c41c8c79b2b6a5 Related: OS#2672 Change-Id: I6c3ca0c660388b1e2c82df17ec540c846201b0c7
2017-11-27cosmetic: log error when using a conn that's in releaseNeels Hofmeyr1-1/+4
If a conn is attempted to be used when in release, log an error, but don't skip tracking. No current code path apparently hits this, according to msc_vlr_tests. Just making sure that we will prominently see such errors when we introduce any. Change-Id: I8dd20ee56ce5ad7a90fcd03a06604c383e5eed54
2017-11-27subscr_conn: introduce usage tokens for ref error trackingNeels Hofmeyr18-789/+850
When hunting a conn use count bug, it was very hard to figure out who's (not) using the conn. To ease tracking down this bug and future bugs, explicitly name what a conn is being reserved for, and track in a bit mask. Show in the DREF logs what uses and un-uses a conn. See the test expectation updates, which nicely show how that clarifies the state of the conn in the logs. On errors, log them, but don't fail hard: if one conn use/un-use fails, we don't want to crash the entire MSC before we have to. Change-Id: I259aa0eec41efebb4c8221275219433eafaa549b
2017-11-27cosmetic: add missing spacesPhilipp Maier1-1/+1
call to msc_call_connect() lacks spaces in parameter list Change-Id: I4c11abaeff62749cbc365dfef671c4e15a85fc95
2017-11-24use only 0.23.1 as point code for both A and IuNeels Hofmeyr1-7/+5
We usually have both A and IuCS on 0.23.1, using differing SSNs. 0.23.2 was used only if there was a separate cs7 instance for Iu, which is not practical, and even if used does not conflict with 0.23.1 (since it would be on a different STP). Just use 0.23.1 for all SCCP clients. This needs adjustment of https://osmocom.org/projects/cellular-infrastructure/wiki/Point_Codes Change-Id: I3d5466eff5680cb5aa95a76a9e179fdf88ce8aa0
2017-11-23Use osmo-ggsn instead of openggsn in jenkins testsMax1-1/+1
Change-Id: Ib70360feb82fb9f871461f94982634c11d58f772
2017-11-22msc_vlr_tests: set a valid lac for fake connsNeels Hofmeyr11-72/+73
Change-Id: Ie647d93a54aefad5bde8a9411d983cd60714b83d
2017-11-22msc_vlr_tests: fix test nr arg: clear errno before strtol()Neels Hofmeyr1-0/+1
Change-Id: I8e9376f20a44f6348bcb85f0ff27a429dc90e1b8
2017-11-22cosmetic: debug log: mncc: detached subscr: show subscriberNeels Hofmeyr1-1/+1
Change-Id: I477984d5e3bee8aea32419482d6bc48b1e74e6c2
2017-11-22cosmetic: log: CC trans_alloc: log trans_id and subscr, not memory addrsNeels Hofmeyr1-2/+3
Change-Id: I5f8b45d6580d42b00de847c8100023b414771939
2017-11-22cosmetic: log: CC state transition: log trans id and subscrNeels Hofmeyr1-3/+5
Change-Id: I11c5213b90de27dc2606f73c686f263008b6522f
2017-11-22sms_queue_test: sanitize: clean up talloc contexts when doneNeels Hofmeyr1-2/+22
To avoid sanitizer build failures, ensure that the talloc contexts are empty when done and free them. Separate the msgb context from the overall talloc context for clarity: if nested, the outer one would contain two blocks. Change the "sms_queue_test" context from 1 byte to 0 in order to get a size of zero in the end. Change-Id: If08ba48ab9c28bf3c2db4014837c1304cec04aaf
2017-11-21libmsc/vty: don't access old bsc rate countersAlexander Couzens1-8/+0
The BSC rate counters are a leftover from the nitb split. Accessing them would result into a null-pointer exception, because the struct isn't initialized. Change-Id: I8c72ab8bf781d3f9a436eb1a27ac4d13df5e656b
2017-11-20cosmetic: msc_vlr_tests: add comment to show expected tallocsNeels Hofmeyr1-0/+13
If something changed the talloc landscape, it is hard to find out what the test actually expected when it was written. Add the expectations in an inline comment. Change-Id: If92a18bb3dc24c2cf6498aa2da29266267488240
2017-11-20vlr_subscr_conn_timeout(): don't fire events to discarded fiNeels Hofmeyr3-9/+21
Terminating one of the FSM instances may effect termination and deallocation of the others, as well as the vlr_subscr itself. So, reserve the vlr_subscr locally, and then dispatch events to exactly those FSM instances that exist. The changes in expected output in the msc_vlr_tests shows that the subscriber was deallocated from the first FSM termination, and now sticks around until we've checked both FSMs are gone. Change-Id: I56551ecc10f5295fe75944bdde4b583b1b621811
2017-11-20subscr_conn: don't close after conn timeoutNeels Hofmeyr3-9/+2
If dispatching a conn timeout, the conn fsm will already have been discarded, and we cannot fire any more events to it. The expected test output changes illustrate that we are now omitting event dispatches that happen *after* the same FSM was already deallocated. Change-Id: I25af3e5a1b04e3a5c9f41956cbcbbdd8439c6457
2017-11-20vlr_gsupc_read_cb: fix use after free of GSUP msgbNeels Hofmeyr1-5/+10
osmo_gsup_decode() doesn't actually decode everything, it does leave quite a number of pointers into the original msgb. Hence we must not deallocate the gsup msgb before dispatching GSUP events. Move msgb_free() to the bottom of vlr_gsupc_read_cb() and use rc and gotos to early-exit if needed. Change-Id: I16fc92dcf84e29fcf34712a2e8b0464ef08425ad
2017-11-20sub_pres_vlr_fsm_start: fix heap use after freeNeels Hofmeyr3-14/+20
When sub_pres_vlr_fsm_start() is called, it dispatches an event which may in some cases already cause tear down and free of the parent FSM instance, after which storing the returned instance pointer in that parent's metadata will use freed memory. Instead, pass the target pointer to remember the instance at to sub_pres_vlr_fsm_start() and assign the pointer *before* firing the event. Explain so in a new comment. I haven't checked whether that pointer is actually used at all -- this is the easiest way to fix the use-after-free without getting sucked into semantic questions. Change-Id: Ibdc0b64cd12ba3e2b9737e3517d8484e67abcf04
2017-11-20rate_ctr: don't use . as separatorNeels Hofmeyr1-19/+19
Use ':' as separator, so that no mangled rate_ctr descriptions are allocated. When '.' is used, the rate_ctr mangling code creates tallocs of mangled counter descriptors, and hence affects the amount of expected talloc contexts in msc_vlr_tests.c. Change-Id: Ib1db8e3dc6c833174f1b0b1ca051b0861f477408
2017-11-20cosmetic: move log message to else branchPhilipp Maier1-7/+7
The log message after the nullpointer check for conn tricks Coverity Scan into detecting a nullpointer deref. Include the log message into else branch to state the program flow more clearly Fixes: Coverity CID#178656 Change-Id: If6e962f4033c955ecd3539a719031a83c9b6205a
2017-11-20reset: remove name variable from reset contextPhilipp Maier2-9/+12
The reset context contains a string buffer to allow for setting a human readable name, that is then displayed in the logs. Since OSMO-FSMs already have such a feature there is no need for an extra name variable. Use LOGPFSML and the name parameter of osmo_fsm_inst_alloc() to display the name of the FSM Fixes: Coverity CID#178664 Change-Id: I5b051606791c5e085ca6bb1be20592127d48ceb5
2017-11-18add --enable-sanitize config optionNeels Hofmeyr1-0/+12
Change-Id: I6c0c91abc0d3fa737dbe3db1e6473358da64c2a5
2017-11-16debian/rules: remove doublicated project name in example filesAlexander Couzens1-1/+3
For example: /usr/share/doc/osmo-msc/examples/osmo-msc/osmo-msc.cfg -> /usr/share/doc/osmo-msc/examples/osmo-msc.cfg Change-Id: I702cd963d5c3a2f4085ebce5e0dfa1a8a27ea89f