aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2018-12-20make gsup ipa name configurable in osmo-sgsn.cfgStefan Sperling2-2/+30
Add a 'gsup ipa-name' VTY command which overrides the default IPA name used by the SGSN on the GSUP link towards the HLR. This is required for GSUP routing in multi-SGSN networks. The 'gsup ipa-name' option can only be set via the config file because changing the IPA name at run-time conflicts with active GSUP connections and routes configured in the HLR. The osmo-sgsn program must be restarted if its IPA name needs to change. Related: OS#3356 Change-Id: Ib2f65fed9f56b9718e8a9647e3f01dce69870c1f
2018-12-12remove pointless declaration of struct gsm_networkStefan Sperling2-8/+2
We were passing a NULL pointer of type struct gsm_network * to ctrl_interface_setup_dynip(). Remove the pointless declaration of this struct. Also, replace the sgsn_controlif_setup() helper function with a direct call to ctrl_interface_setup_dynip(). The helper fnuction was just a thin wrapper around the latter. Change-Id: Ib4151afa5bff01e63b462cca517fb60ac0503759 Related: OS#3356
2018-12-11Use explicit parameter for sgsn_auth_init()Max2-2/+2
This is necessary to properly test ACLs in follow-up patches. Change-Id: Ibeba371234680f33ad35afbfffce9dca185228c1
2018-12-10Use explicit length checkMax1-3/+1
Use OSMO_MIN macro to check for MSISDN length. This makes the code cleaner and will, hopefully, aid static analysis tools. Change-Id: Ic0fbeb8d248c74e54bfb51ba2cdea55c4f386ac7 Fixes: CID57879
2018-12-10Constify sgsn_acl_lookup() parameterMax1-1/+1
This requires I414e67a3de733fab407161b3264d3b89070ba537 in libosmocore to avoid warning about discarded const. Change-Id: Ie92637dd900b0f9eba891d5aad0b4ba0ee69c08c
2018-12-10Remove misleading commentMax1-1/+0
The code which has been used for 4 years is hardly temporary. Change-Id: Ibe9c62e0beb89eecced941b8831d49ca266c7330
2018-11-26gbproxy: flush_stored_messages: Get rid of msg paramPau Espin Pedrol1-7/+5
Log line actually makes more sense out of the function where IMSI acq is resolved. We can then get rid of msg param which may cause confusion and add complexitiy to code for no good reason. Change-Id: I6716a260e12a3cf36af0501ce611c6c1e608f537
2018-11-26gbproxy: flush_stored_messages: Log and route using stored_msg infoPau Espin Pedrol1-2/+2
It makes no sense to print every stored_msg with BVCI from msg, same for routing. This will allow getting rid of "msg" completelly in next commit. Change-Id: I95eafbf41012be3e02c68fc996773dd02b174fe6
2018-11-26gbproxy: flush_stored_messages: Move comment to func descriptionPau Espin Pedrol1-2/+2
Change-Id: I14a90d1957a2cbd8fd53002b035fe481ab3abbbf
2018-11-26gbproxy: Remove unneeded parse_ctx paramPau Espin Pedrol1-6/+4
The only use inside the function is only to log information which should actually be provided by tmp_parse_ctx of each stored msg. Change-Id: Ic186b92fa9bd0a2b853a0cf525c6f6feb9493897
2018-11-26gbproxy: Fix abort during APN patchPau Espin Pedrol1-1/+1
gbproxy process was aborted with following message during APN patching: <000e> gb_proxy_patch.c:129 Patching ACT_PDP_REQ to SGSN: Replacing APN 'foo' -> 'bar' msgb(0x5555558797d0): Sub area is not fully contained in the msg data During osmo-sgsn 107fb59e84b12bbf6bdfdd4fc241dbcda7332706 old copy of gprs_msgb_resize_area was replaced by more modern libosmocore version called msgb_resize_area. They are mostly identical but the later has some extra verification asserts. One of this asserts was triggering the process abort, but the bug has always been there as far as I could see in git history. The assert triggers because the bssgp buffer and parse_ctx point to "stored_msg", while the data buffer comes from a different msbg "msg", which is clearly wrong behavior. In the modified line, "msg" (the one which provided the imsi now already stored in link_info through gbproxy_update_link_state_ul()->gbproxy_assign_imsi()) is really not needed anymore, and we want to patch the stored msg going to be forwarded. Related: SYS#4397 Change-Id: I7226fc5bcfbf58c349431d0a39cdb904fefd9e9c
2018-11-25Revert "gbproxy: fix formatting in gbproxy-state command"Max1-1/+1
In case of multiple bts peers we use '\n' as individual entries separator. This reverts commit fffd6cb0d8011442bb69974675f86ad087b7d8db. Change-Id: I1ea17919ec3ed7e26044df8b5f8324717ee9e32c
2018-11-22gbproxy: flag gbproxy_assign_imsi as staticPau Espin Pedrol1-1/+1
It's currently only used in the same file. Change-Id: I08b51f36263e58f52ef9af2a63a7fcbf06a767c4
2018-11-22gbproxy: add number-of-peers ctrl commandMax1-0/+13
Return number of BTS peers. This is especially useful when no peers are available because "gbproxy-state" command returns empty sstring in this case. Change-Id: I29b0664e60f7c81c3c7b495c1c8f2700e3f7e033 Related: SYS#2655
2018-11-22gbproxy: fix formatting in gbproxy-state commandMax1-1/+1
In ctrl protocol we don't need any explicit formatting as it might interfere with client processing our response. Let's drop trailing '\n'. Change-Id: I3f32e01dd50a53991c292aeee57a78d81cdc5429 Related: SYS#2655
2018-11-22consistently check the result of osmo_shift_v_fixed()Stefan Sperling1-5/+10
Coverity points out we forgot to check the return value of osmo_shift_v_fixed() in some places. Add checks which verify the expected length of data which is skipped by the parser. Change-Id: I20406f411810e966443d6fd5a4620b9a66cd9809 Related: CID#135160
2018-11-19Use safer functions for IMSI ACLMax1-6/+8
Avoid explicit memset which confuses coverity, use strnlen() and osmo_strlcpy() to handle strings. Change-Id: I73fd54ad3a4ab8be5aff0fee5c722597ad766e9d Fixes: CID163626
2018-11-15use enums consistently instead of falling back to intStefan Sperling5-65/+151
The two existing enums defined in gprs_sndcp_xid.h, for protocol and data compression algorithm numbers respectively, were assigned to 'int' variables when their values were copied to other structures. This prevented the compiler from checking the enum value coverage during switch statements and also tripped up Coverity scans looking for enum value mismatch problems. So instead of copying enums to ints, make use of the enums throughout. Structures which can contain values from both enums now use a union of both, forcing us to be very explicit about which set of values we are dealing with. Change-Id: I3771a5c59f4e6fee24083b3c914965baf192cbd7 Depends: If6f3598cd6da4643ff2214e21c0d21f6eff0eb67 Depends: I8444c1ed052707c76a979fb06cb018ac678defa7 Related: CID#149102
2018-11-12fix bogus error check in gprs_sndcp_comp_create()Stefan Sperling1-3/+4
The function gprs_sndcp_get_compression_class() returns -EINVAL upon error, not -1, so an existing assertion would never trigger. Instead, check for the values we want first (PROTOCOL_COMP or DATA_COMP) and assert(false) in case the returned value doesn't match either of these. Found by: Neels Change-Id: I8444c1ed052707c76a979fb06cb018ac678defa7
2018-11-12fix bogus assertion in encode_comp_field()Stefan Sperling1-1/+1
Fix an obvious logic bug in an assertion in encode_comp_field(). Found by: Neels Change-Id: If6f3598cd6da4643ff2214e21c0d21f6eff0eb67
2018-10-30Remove local libgsupclient; Use libosmo-gsup-client from osmo-hlrHarald Welte4-363/+10
osmo-hlr has recently (as of Change-Id Iad227bb477d64da30dd6bfbbe1bd0c0a55be9474) a working shared library implementation of libosmo-gsup-client. We can remove the local implementation in osmo-sgsn and use the system-installed shared library instead. Change-Id: I6f542945403cf2e3ddac419186b09ec0e2d43b69
2018-10-30Allocate sgsn_instance with tallocPau Espin Pedrol2-23/+26
Change-Id: I4a83c5799f0dbd5eb762039c6cfba671f6e465be
2018-10-30Update wrong references to bsc in sgsn codePau Espin Pedrol13-52/+52
Change-Id: I93f0dc721c2eff8a87fb9248882f24768f708713
2018-10-21gtphub: Add --version cmdline optionOliver Smith1-1/+7
Related: OS#3576 Change-Id: Icdb2bd9ec90511b51428800d17f8ce81f6804670
2018-10-06fix build: remove unused variableNeels Hofmeyr1-1/+0
fix: "src/gprs/gprs_gmm_attach.c:240:6: error: unused variable ‘rc’" introduced by "gprs_gmm: Fix missing Security Command for 3G when attaching" Change Id I1e12b0a32e58c6f78dba7b548f7d7016567229db Change-Id: I4837c10fed915c558a5374d448af813219087f36
2018-10-04gprs_llc: remove the FCS from the msgb by trim'ing the msgbAlexander Couzens2-2/+4
After checking the FCS, it's no use. The FCS should also not appear on `hexdump(msgb_l3(MSG), msgb_l3len(MSG))`. Change-Id: I27e061ead86395a336b67c7aead93d305a0f2ae8
2018-10-04sgsn_libgtp: fix a potential memleak when the GGSN is not reachableAlexander Couzens1-6/+6
When a MS does the following - MS: GMM Attach - MS: Activate PDP CTX - SGSN: send PDP CTX Request to GGSN which GGSN does not answer - GMM Detach (MM ctx get freed) - libgtp retrans timeout of the first answer - sgsn_libgtp.c: create_pdp_conf() which ignores this ctx because of emtpy MM ctx Change-Id: I4575f7f80f785a62ae3b7f165d236a9dd818aabf
2018-10-02gprs_gmm: Fix missing Security Command for 3G when attachingAlexander Couzens2-3/+42
Introduce a new FSM step in GMM Attach to send the Security Command to the RNC after completing the Authentication. Fixes: f7198d7dbb84 ("gprs_gmm: introduce a GMM Attach Request FSM") Change-Id: I1e12b0a32e58c6f78dba7b548f7d7016567229db
2018-09-28gprs_gmm: dont answer unknown IMSI/TMSI on Service Requests NET_FAILAlexander Couzens1-2/+2
NET_FAIL will result in asking again and again. Reject with IMPL_DETACHED to drop the MS completely. Change-Id: I195d533e330a4b577cad80c7e757d481f9c837df
2018-09-27vty: add SCCP related vty commandsNeels Hofmeyr1-0/+1
Depends: I214ea51fc6bfa2a9a4dd7c34b43add0c77ffe22e (libosmo-sccp) Change-Id: Ie267aa014812b5c89f2268a65566d5427aa1ad7e
2018-09-24vty: fix doc str for 'reset sgsn state'Neels Hofmeyr1-1/+5
Document all keywords of the 'reset sgsn state' command: set the same doc string for all three. Also fixes the build after libosmocore I1f18e0e41da4772d092d71261b9e489dc1598923, which resulted in HIDDEN commands coming up in the VTY reference dumping. Note that libosmocore I92c3c66ff69c186234276c64478d6342e061d25e will again remove this breakage by omitting hidden commands. Change-Id: I8b6e8615e409266910f2f76a10ced9ab33e4de91
2018-09-19GTP: refactor the echo timerAlexander Couzens2-4/+16
Move the check of the echo timer into an own function. The gtp echo timer must be re-check everytime the echo-timer has been modified or deactivated via vty. Fixes the TTCN3 SGSN_Tests.TC_attach_restart_ctr_echo Change-Id: Ia33471a9a9cfc3887facb665c82094b99932052a
2018-09-19sgsn_ggsn_ctx_drop_pdp: protect against nullpointer when MM is goneAlexander Couzens1-1/+3
When the GGSN crashs, the SGSN will be notified after it comes back. Because of the async operation, the mm ctx could be already gone. Change-Id: I507a8c2193c84f8dff7f5d669adcd3583331f289
2018-09-18vty: restart sgsn state: improve output messageAlexander Couzens1-1/+1
Change-Id: I20e91e196b9d64b6dac11ab47fcef85f8a9ee0b7
2018-09-17sgsn: use gtp_clear_queues() when reset sgsn stateAlexander Couzens1-0/+3
Allow ttcn3 to flush the gtp queue between each test. Fixes ttcn3 test SGSN_Tests.TC_attach_pdp_act_deact_mt_t3395_expire Change-Id: I49d70cb7abe5cbe92ea68882fa68eccec0e79586
2018-09-13gprs_gmm: introduce a GMM Attach Request FSMAlexander Couzens4-9/+443
The old GMM Attach Request handling used a recursive function which can not handle certain states and is quite complex and hard to extend. The new FSM handles such request in a FSM and can be called multiple times. Change-Id: I58b9c17be9776a03bb2a5b21e99135cfefc8c912
2018-08-20gbproxy: Replace '.' in counter names with ':'Pau Espin Pedrol1-7/+7
The '.' is illegal character in counter names, as they are exported via CTRL interface, where '.' has a special meaning that cannot be used by strings comprising the variable name. Change-Id: I66a7e044c027672adf77fbd6c0a111c43ee31b4f
2018-08-17gbproxy: Add new VTY-managed timer: link-list clean-stale-timerPau Espin Pedrol2-2/+62
This timer allows periodically cleaning up stale links in link-list of each gbproxy_peer. Previous to this patch, this kind of cleanup (gbproxy_remove_stale_link_infos) was being done only as a consequence of external events being triggered, such as a message from that peer being received. It was found in a production network agreggating several BSS that some of them were offline for a longtime but gbproxy was still caching big amounts of really old link_info for the NSEI assigned to those BSS, because since they were probably turned off abruptely, no new messages were received from it which would trigger the cleanup. As a consequence, it has been observed that a timer to periodically clean up old entries (link-list max-age) is requird in case w don't receive messages from that NSEI periodically. Related: SYS#4431 Change-Id: Ic777016f6d4f0e30fb736484774ca46878f17b7a
2018-08-17gbproxy: Add VTY parameter: link stored-msgs-max-lengthPau Espin Pedrol2-8/+54
It was discovered in some prod setups that some TLLIs can maintain quite long queues of msgb in case its IMSI is not acquired and the tlli is not pruned due to link-list max-{age,length} being set to 0. As a result, the osmo-gpbroxy steadly increases the list size of maintained TLLIs, and some TLLI was found without IMSI catching already 1211 msgb. Let's allow setting a maxiumum length for the queue storing those msgb in a per TLLI base. If the limit is reached, oldest msgb are removed before adding a new one. Depends: libosmocore Change-Id I33b501e89a8f29e4aa121696bcbb13d4b83db40f Related: SYS#4297 Change-Id: I4473be8604f80302df03ffdd5a13280dc072f824
2018-08-17Use osmo_clock_gettime from libosmocorePau Espin Pedrol6-10/+10
Change-Id: Ic638849c6687c376c4c0c36cc286d499a073d6ca
2018-08-15Drop gprs_msgb_resize_area with libosmocore replacementPau Espin Pedrol2-38/+2
gprs_msgb_resize_area was introduced in libosmocore 0.94 (f78ec5ce0d0f6038147d9b9e14d81094309ba5d5) as msgb_resize_area. Let's use that one to avoid code duplication. Change-Id: Ib80f7b2b186d87f21d63d9b0bec58175170c905c
2018-08-15Drop gprs_msgb_copy with libosmocore replacementPau Espin Pedrol3-54/+5
gprs_msgb_copy was introduced in libosmocore 0.94 (f78ec5ce0d0f6038147d9b9e14d81094309ba5d5) as bssgp_msgb_copy. Let's use that one to avoid code duplication. Change-Id: I42a65fd8e4045fafadf5694f2d8d0c5e7ab350a0
2018-08-13vty: add cmd "reset sgsn state"Alexander Couzens1-0/+32
Reset the SGSN internal state. Useful when testing the SGSN via TTCN3. Depends on the libosmocore commit: I29b6ad6742ddf9b0b58b4af37d9a1cf18e019325 Change-Id: I92096f3f6ea49e75676e30e9921d00210bac5382
2018-07-30remove libcommonHarald Welte9-2446/+0
This seems to b remaining from ancient days. The code in there is either no longer needed, or has been moved to libosmocore. Change-Id: I9307f9da7f48dd0a2e1cb213072068736e569722
2018-07-30migrate to oap_client in libosmogsmHarald Welte5-571/+10
libosmogsm in libosmocore.git from Change-Id Ie36729996abd30b84d1c30a09f62ebc6a9794950 onwards contains oap_client.c, so we don't need our local copy here in this repo anymore. Change-Id: I7b194f98ef3f925b6178d8a8dbd9fcf2f0c6e132 Requires: libosmocore.git Change-Id Ie36729996abd30b84d1c30a09f62ebc6a9794950
2018-07-24gbproxy: Replace '.' in counter names with ':'Pau Espin Pedrol1-6/+6
The '.' is illegal character in counter names, as they are exported via CTRL interface, where '.' has a special meaning that cannot be used by strings comprising the variable name. Change-Id: I93a2e5b6ec66c9edb6e93d95032e788f552af44b
2018-07-24sgsn: Fix crash using new libgtp cb_recovery2 APIPau Espin Pedrol2-8/+15
When PDP CTX CREATE ACK is received with an increased RestartCtr, cb_recovery2 is called first, which will dettach ggsn from al pdp ctx (free the pdp_t). But when giving control back from the ctrl, libgtp still uses that freed ctx and sends it back to osmo-sgsn through cb_conf(). As specs state in any case that we need to handle the message containing the increased RestartCtr as valid, we then need to avoid freeing the pdp ctx and leave handling for later in cb_conf. Depends: osmo-ggsn (libgtp) Change-Id I53e92298f2f6b84d662a3300d922e8c2ccb178bc. Change-Id: I0989c00e18ca95a099e1a312940eaac71957b444
2018-07-19sgsn: gtp: Use new API to send PDP DEL CTX REQ without freeing ctx locallyPau Espin Pedrol1-6/+2
Previous API freed the ctx immediatelly after sending the packet, which triggered a call to cb_delete_context() and dropped the entire sgsn_pdp_ctx before the PDP DEL CTX ACCEPT was received. This new API won't free the pdp ctx and we can tear down everything once we receive the ACCEPT in cb_conf. cb_conf is not automatically freed at cb_conf, user needs to free it, so we need to remove setting pctx->lib to NULL in cb_conf to avoid leaking the pdp ctx, as it needs to be freed inside sgsn_pdp_ctx_free(). Depends: osmo-ggsn (libgtp) Change-Id I29d366253bb98dcba328c7ce8aa3e4daf8f75e6c. Change-Id: I304c59de5d137b81de3c6df0fdbe911ae3dbd1f3
2018-07-19sgsn: cdr: Fix uninitialized string access if ggsn is detachedPau Espin Pedrol1-0/+1
if pdp->ggsn==NULL, sgsn_addr was not initialized and caused asan report during snprintf: ==19459==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffffffbe31 at pc 0x7ffff6e563fe bp 0x7fffffffb130 sp 0x7fffffffa8a8 READ of size 31 at 0x7fffffffbe31 thread T0 ... Address 0x7fffffffbe31 is located in stack of thread T0 at offset 337 in frame #0 0x55555573a7b0 in cdr_snprintf_pdp osmo-sgsn/src/gprs/sgsn_cdr.c:154 ... [320, 337) 'sgsn_addr' <== Memory access at offset 337 overflows this variable ... Change-Id: I97bc56a4e3e76725eb2717b74b3ac125b68bbf0a
2018-07-17sgsn: subscriber: Avoid calling memcpy with NULL srcPau Espin Pedrol2-11/+22
Fixes: OS#3389 Change-Id: I2d1c01ed8b8d2233ced6d70972183ed4fc99007a