Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: Ib19dfd7255bda01ebace62386df4ec89697d9d14
|
|
a_iface_tx_cipher_mode() is a bit too far away from the VLR to be handling its
ciphering enums. Instead, construct the gsm0808_encrypt_info in the
msc_vlr_set_ciph_mode() callback.
Greatly simplify the sanity checking code.
Change-Id: Id46f9a513b555d0a481f7124c9984c2b5b196b3e
|
|
The bit shifting is performed in gsm0808_enc_encrypt_info(), and must not be
done when populating the gsm0808_encrypt_info struct.
Change-Id: If75f95e8a5cc8b9979610ce6d746c1f0073ee39a
|
|
Change-Id: Ib406d6e6784342341e716206997e382c702ac9d2
|
|
Change-Id: I3b8baa9a259704e719ce7f12776f2d2125ebdef0
|
|
Change-Id: I4918b8a8a6f4cbe783f588ebe68a2cf1e7e50ae2
|
|
Apparently, since libdbi 0.9.0 aka 0.9.0-5 on debian-testing, osmo-msc barfs
numerous libdbi warnings whenever a query rightfully returns no rows.
Trivially query whether there are any rows first by adding an inline wrap
function next_row().
Silenced:
DDB <000d> ../../../../src/osmo-msc/src/libmsc/db.c:188 DBI: -6: An invalid or out-of-range index was passed to libdbi
DDB <000d> ../../../src/libosmocore/src/backtrace.c:47 backtrace() returned 11 addresses
DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0xfb81) [0x555555563b81]
DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/lib/x86_64-linux-gnu/libdbi.so.1(_error_handler+0x99) [0x7ffff63f5c39]
DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/lib/x86_64-linux-gnu/libdbi.so.1(dbi_result_next_row+0x3d) [0x7ffff63f785d]
DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0x11172) [0x555555565172]
DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0x1e6bc) [0x5555555726bc]
DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0x1e7f6) [0x5555555727f6]
DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0x1f1d2) [0x5555555731d2]
DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0xbb86) [0x55555555fb86]
DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1) [0x7ffff5cfe561]
DDB <000d> ../../../src/libosmocore/src/backtrace.c:57 /usr/local/bin/osmo-msc(+0xbfba) [0x55555555ffba]
Related: OS#2667
Change-Id: Ib8993c8db171d1e845a6297deef137d18506cda3
|
|
Related: OS#2706
Change-Id: I793a3863e6f4ccbabafc7dabaff97a8c79bbd8e0
|
|
When the subscriber has no MSISDN, we might construct an invalid SQL statement
such as
... AND dest_addr= AND ...
Instead, don't even query for empty MSISDNs.
Related: OS#2706
Change-Id: I7d6169d774b2da04b3051957e364fe620feed51e
|
|
Related: OS#2522
Change-Id: If7e1af11cdac8587bb4d66fb4eacee4b79945359
|
|
Change-Id: I67b5d797a80b55e01dcdbb8c782748b049cf9199
|
|
The commandline option -m has already been deprecated before the
split. Use the split as an opportunity to get rid of this option.
Change-Id: Ie23d492a839aae85470e39b0d0ad8f57b0d38f7e
|
|
The lchan related struct members do not serve any useful purpose
in the msc code, since the lchan concept is not in the scope of
osmo-msc. However, if removed te struct size will change which
will lead into shortened protocol messages as well. This is
is detected by osmo-sip-connector and eventually leads into
a reject ofthe shortended protocol messages.
Re add the missing struct members in order to maintain
compatibility
This commit reverts the changes made to mncc.h by commit:
e2f24d53e4f80b34ec6d656d93127cb598229a96
Change-Id: Ia02373a36df7605507ee3de49173a9fd6547b726
|
|
The ipa.py has been moved to osmo-python-tests as osmo_ipa - use it for
vty and ctrl tests instead of local copy. The soap.py and twisted_ipa.py
are not MSC-specific: leftovers from repository split which are now
available in osmo-python-tests as well.
Change-Id: Ia3ab77846c9beae7eca32a81079a4a9bfa4dcc75
|
|
The log output of the reset FSM duplicates lots of the built in
FSM log output.
Remove duplicate logging, use more expressive log messages where
needed.
Change-Id: Ie031d947a5b8097bd656c0271081af215605ba02
|
|
The '--enable-vty-tests' is just alias to '--enable-external-tests'
anyway.
Change-Id: I8ab3ac3d9becee6b4e989b4e71d34598ea012f47
|
|
All the CTRL tests were skipped automatically because they were
inherited from before repo split time. This means that MSC CTRL
interface was not tested at all. Add trivial test which uses generic
rate counter introspection so we at least check that MSC's CTRL
interface is not completely broken.
Change-Id: I784feece666b00752a81f2c126e6f255505445be
|
|
Adjust test expectations accordingly.
The error was:
==16084==ERROR: AddressSanitizer: heap-use-after-free on address 0x61500000f5f4 at pc 0x561be639ac2b bp 0x7ffc0aabbe40 sp 0x7ffc0aabbe38
READ of size 4 at 0x61500000f5f4 thread T0
#0 0x561be639ac2a in _msc_subscr_conn_put ../../../../src/osmo-msc/src/libmsc/osmo_msc.c:384
#1 0x561be636070b in rx_from_ms ../../../../src/osmo-msc/tests/msc_vlr/msc_vlr_tests.c:204
#2 0x561be6360b21 in ms_sends_msg ../../../../src/osmo-msc/tests/msc_vlr/msc_vlr_tests.c:217
#3 0x561be635b40a in test_call_mt ../../../../src/osmo-msc/tests/msc_vlr/msc_vlr_test_call.c:328
#4 0x561be6363bb7 in run_tests ../../../../src/osmo-msc/tests/msc_vlr/msc_vlr_tests.c:802
#5 0x561be63524ea in main ../../../../src/osmo-msc/tests/msc_vlr/msc_vlr_tests.c:849
#6 0x7f6eebb3e2b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
#7 0x561be6352fb9 in _start (/n/s/osmo/make-3G/osmo-msc/tests/msc_vlr/msc_vlr_test_call+0xdafb9)
Related: OS#2672
Change-Id: If0659a878deb383ed0300217e2c41c8c79b2b6a5
|
|
On MT call, there is a bug in CC conn use which leads to an early free and
use-after-free.
Add msc_vlr_test_call to show both MO and MT call legs separately and reproduce
the failure. It is visible in a sanitizer build (on debian 9).
A subsequent patch will fix the bug: If0659a878deb383ed0300217e2c41c8c79b2b6a5
Related: OS#2672
Change-Id: I6c3ca0c660388b1e2c82df17ec540c846201b0c7
|
|
If a conn is attempted to be used when in release, log an error, but don't skip
tracking.
No current code path apparently hits this, according to msc_vlr_tests. Just
making sure that we will prominently see such errors when we introduce any.
Change-Id: I8dd20ee56ce5ad7a90fcd03a06604c383e5eed54
|
|
When hunting a conn use count bug, it was very hard to figure out who's (not)
using the conn. To ease tracking down this bug and future bugs, explicitly name
what a conn is being reserved for, and track in a bit mask.
Show in the DREF logs what uses and un-uses a conn. See the test expectation
updates, which nicely show how that clarifies the state of the conn in the
logs.
On errors, log them, but don't fail hard: if one conn use/un-use fails, we
don't want to crash the entire MSC before we have to.
Change-Id: I259aa0eec41efebb4c8221275219433eafaa549b
|
|
call to msc_call_connect() lacks spaces in parameter list
Change-Id: I4c11abaeff62749cbc365dfef671c4e15a85fc95
|
|
We usually have both A and IuCS on 0.23.1, using differing SSNs.
0.23.2 was used only if there was a separate cs7 instance for Iu, which is not
practical, and even if used does not conflict with 0.23.1 (since it would be on
a different STP).
Just use 0.23.1 for all SCCP clients.
This needs adjustment of
https://osmocom.org/projects/cellular-infrastructure/wiki/Point_Codes
Change-Id: I3d5466eff5680cb5aa95a76a9e179fdf88ce8aa0
|
|
Change-Id: Ib70360feb82fb9f871461f94982634c11d58f772
|
|
Change-Id: Ie647d93a54aefad5bde8a9411d983cd60714b83d
|
|
Change-Id: I8e9376f20a44f6348bcb85f0ff27a429dc90e1b8
|
|
Change-Id: I477984d5e3bee8aea32419482d6bc48b1e74e6c2
|
|
Change-Id: I5f8b45d6580d42b00de847c8100023b414771939
|
|
Change-Id: I11c5213b90de27dc2606f73c686f263008b6522f
|
|
To avoid sanitizer build failures, ensure that the talloc contexts are empty
when done and free them.
Separate the msgb context from the overall talloc context for clarity: if
nested, the outer one would contain two blocks.
Change the "sms_queue_test" context from 1 byte to 0 in order to get a size of
zero in the end.
Change-Id: If08ba48ab9c28bf3c2db4014837c1304cec04aaf
|
|
The BSC rate counters are a leftover from the nitb split.
Accessing them would result into a null-pointer exception,
because the struct isn't initialized.
Change-Id: I8c72ab8bf781d3f9a436eb1a27ac4d13df5e656b
|
|
If something changed the talloc landscape, it is hard to find out what the test
actually expected when it was written. Add the expectations in an inline
comment.
Change-Id: If92a18bb3dc24c2cf6498aa2da29266267488240
|
|
Terminating one of the FSM instances may effect termination and deallocation of
the others, as well as the vlr_subscr itself. So, reserve the vlr_subscr
locally, and then dispatch events to exactly those FSM instances that exist.
The changes in expected output in the msc_vlr_tests shows that the subscriber
was deallocated from the first FSM termination, and now sticks around until
we've checked both FSMs are gone.
Change-Id: I56551ecc10f5295fe75944bdde4b583b1b621811
|
|
If dispatching a conn timeout, the conn fsm will already have been discarded,
and we cannot fire any more events to it.
The expected test output changes illustrate that we are now omitting event
dispatches that happen *after* the same FSM was already deallocated.
Change-Id: I25af3e5a1b04e3a5c9f41956cbcbbdd8439c6457
|
|
osmo_gsup_decode() doesn't actually decode everything, it does leave quite a
number of pointers into the original msgb. Hence we must not deallocate the
gsup msgb before dispatching GSUP events.
Move msgb_free() to the bottom of vlr_gsupc_read_cb() and use rc and gotos to
early-exit if needed.
Change-Id: I16fc92dcf84e29fcf34712a2e8b0464ef08425ad
|
|
When sub_pres_vlr_fsm_start() is called, it dispatches an event which may in
some cases already cause tear down and free of the parent FSM instance, after
which storing the returned instance pointer in that parent's metadata will use
freed memory. Instead, pass the target pointer to remember the instance at to
sub_pres_vlr_fsm_start() and assign the pointer *before* firing the event.
Explain so in a new comment.
I haven't checked whether that pointer is actually used at all -- this is the
easiest way to fix the use-after-free without getting sucked into semantic
questions.
Change-Id: Ibdc0b64cd12ba3e2b9737e3517d8484e67abcf04
|
|
Use ':' as separator, so that no mangled rate_ctr descriptions are allocated.
When '.' is used, the rate_ctr mangling code creates tallocs of mangled counter
descriptors, and hence affects the amount of expected talloc contexts in
msc_vlr_tests.c.
Change-Id: Ib1db8e3dc6c833174f1b0b1ca051b0861f477408
|
|
The log message after the nullpointer check for conn tricks Coverity
Scan into detecting a nullpointer deref.
Include the log message into else branch to state the program flow
more clearly
Fixes: Coverity CID#178656
Change-Id: If6e962f4033c955ecd3539a719031a83c9b6205a
|
|
The reset context contains a string buffer to allow for setting
a human readable name, that is then displayed in the logs. Since
OSMO-FSMs already have such a feature there is no need for an
extra name variable.
Use LOGPFSML and the name parameter of osmo_fsm_inst_alloc()
to display the name of the FSM
Fixes: Coverity CID#178664
Change-Id: I5b051606791c5e085ca6bb1be20592127d48ceb5
|
|
Change-Id: I6c0c91abc0d3fa737dbe3db1e6473358da64c2a5
|
|
For example:
/usr/share/doc/osmo-msc/examples/osmo-msc/osmo-msc.cfg -> /usr/share/doc/osmo-msc/examples/osmo-msc.cfg
Change-Id: I702cd963d5c3a2f4085ebce5e0dfa1a8a27ea89f
|
|
Wen there's no SMPP support compiled in, and routing was successful,
we shouldn't return an uninitialized value.
Change-Id: I4abbbb5ab336a7e8da08d682f396baec3b56fa3a
Fixes: Coverity CID#174176
|
|
Fixes: coverity CID#178663
Change-Id: I7d1c15b546377b1afa38f7f40c5421b743e21605
|
|
osmo-mgw.git is changing the mgcp_client_vty API to use 'mgw' instead of
'mgcpgw'. Fix example configs after that patch is merged.
Depends: I1d43d42929dc9162e57640499526fb7cadbcfbe6
Change-Id: Ib4c5ec1046a3c7a916ecfb7e5aa83dfe2f5ea8bf
|
|
vty_install_default() and install_default() will soon be deprecated.
Depends: I5021c64a787b63314e0f2f1cba0b8fc7bff4f09b
Change-Id: I34708c73d8084db4e6c83a39be8fdaeaa492d743
|
|
When using ciphering, the TMSI is an important part of the ciphering. To guard
against users forgetting to set 'assign tmsi' in the config and compromising
their ciphering unknowingly, the default should be to use a TMSI.
To optimize in an unencrypted network, 'no assign tmsi' config can still switch
off TMSI use.
Change-Id: If115e95bebc314bedb50faf3993b52071fee5c1e
|
|
No need to drag legacy VTY from osmo-nitb to osmo-msc.
Change-Id: I38ba8b9414de383bf497526d97bf7a039e41fd35
|
|
Change-Id: Iba6253d9bf8d4a9d9f6f26ba045e6c7f0dc7f8f2
|
|
Change-Id: I185a2cbff6241a27722f1c37ae609f0fcc59a71e
|
|
The name auth_tuple_max_use_count suggests that if I want to use each auth
tuple exactly once, I need to set it to 1. Curiously, so far you need to set
to intended uses - 1.
Reflect this in its name by renaming to auth_tuple_max_reuse_count.
I first considered to not rename but change the if-conditions so that == 1
means each tuple is used once, and upon struct vlr allocation, set the default
to 1. That would also logically entail that setting to 0 means to re-use
vectors infinitely often, like now a value < 0 does. That means, when
allocating a vlr struct zeroed out, we would by default have the most
dangerous/unsafe configuration. It's no problem to set a default to 1 upon
allocation, but by renaming the variable instead, we get safer alloc-zero
behavior and don't need to change any conditionals in the code (even though the
patch ends up considerably larger from all the renaming).
Change-Id: I0b036cae1536d5d6fb2304f837ed1a6c3713be55
|