aboutsummaryrefslogtreecommitdiffstats
path: root/openbsc/include
AgeCommit message (Collapse)AuthorFilesLines
2015-07-14nitb: Add a mode to not use TMSI for normal operationzecke/features/no-tmsiHolger Hans Peter Freyther1-0/+3
In case foreign simcards are used we can not do authentication and ciphering. In case a TMSI is re-used too early and we do page using TMSI we can't know which of the two MS is responding to us. We could change the "secure channel" routine to ask for the IMSI and only then stop the paging. As we don't have ciphering there is not much use in using the TMSI. Add a mode "no assign-tmsi" that will not assign the TMSI during LU. Now CM Service Request and Paging Response will work using the IMSI. There can't be a clash with that.
2015-07-13bsc: Rename core_ncc to core_mncHolger Hans Peter Freyther1-1/+1
Struct osmo_msc_data contains int core_ncc, which is actually the MNC part of the PLMN, not to be confused with the Network Colour Code. The following patch renames this field for clarity and consistency with the standards.
2015-07-01nat: Use RAND_bytes instead of /dev/urandomHolger Hans Peter Freyther1-3/+0
We don't need to consume all the entropy of the kernel but can use libcrypto (OpenSSL) to generate random data. It is not clear if we need to call RAND_load_file but I think we can assume that our Unices have a /dev/urandom. This takes less CPU time, provides good enough entropy (in theory) and leaves some in the kernel entropy pool.
2015-07-01nat: After we identified the bsc check the keyHolger Hans Peter Freyther1-0/+2
We are using the token to find the right bsc_config and then we can use the last_rand of the bsc_connection to calculate the expected result and try to compare it with a time constant(???) memcmp.
2015-07-01bsc: Check for the rand and then generate a resHolger Hans Peter Freyther2-1/+4
Check if the NAT has sent 16 bytes of RAND and if a key has been configured in the system and then generate a result using milenage. The milenage res will be sent and noth the four byte GSM SRES derivation.
2015-07-01nat: Send 16 bytes of rand to the BSC and remember itHolger Hans Peter Freyther1-0/+1
Generate 16 byte of random data to be used for A3A8 by the BSC in the response. We can't know which BSC it is at this point and I don't want to send another message once the token has been received so always send the data with an undefined code. The old BSCs don't parse the message and will happily ignore the RAND. /dev/urandom can give short reads on Linux so loop around it until the bytes have been read from the kernel.
2015-07-01nat: Provide access to /dev/urandom for the codeHolger Hans Peter Freyther1-0/+3
Instead of doing open/read/close all the time, open the FD in the beginning and keep it open. To scare me even more I have seen /dev/urandom actually providing a short read and then blocking but it seems to be the best way to get the random byes we need for authentication. So one should/could run the cheap random generator on the system (e.g. haveged) or deal with the NAT process to block.
2015-07-01bsc/nat: Fix the structure of the identity request messageHolger Hans Peter Freyther1-1/+1
Unfortunately the basic structure of the response is broken. There is a two byte length followed by data. The concept of a 'tag' happens to be the first byte of the data. This means we want to write strlen of the token, then we want to write the NUL and then we need to account for the tag in front. Introduce a flag if the new or old format should be used. This will allow to have new BSCs talk to old NATs without an additional change. In the long run we can clean that up.
2015-07-01nat: Factor out the config by token searchHolger Hans Peter Freyther1-0/+1
In the upcoming authentication improvements it is nice to separate the finding of the config from the post-allow handling of it.
2015-06-02libbsc: Move SIs update/generation for a BTS into a separate function.Alexander Chemeris1-0/+1
The code to do that doesn't belong to the control interface, so abstract it out to a separate function gsm_bts_set_system_infos(). [hfreyther: Fix the coding style...]
2015-05-25sgsn: Allow to specify the DNS servers that should be usedHolger Hans Peter Freyther1-0/+1
If no server is specified the default list will be used. This allows to separate the servers for the local network and GRX from each other.
2015-05-25sgsn: Allow to resolve the IPv4 address of a GGSN through DNSHolger Hans Peter Freyther2-1/+32
For real networks we need to check if the requested APN string is allowed and then resolve the GGSN address through DNS. There are countries with two or three digit MNCs and one could either try to keep a list of countries that have two/three digits or just try both of them. I have opted for the later for the ease of the implementation. C-Ares doesn't allow to cancel a request so we will need to have the MMCTX and the Lookup have different lifetimes. We simply set ->mmctx to NULL in case the MMCTX dies more early. The selected and verified apn_str will be copied into the out parameter. In case no static APN/GGSN config is present and the dynamic mode is enabled a request will be made.
2015-05-25sgsn: Integrate c-ares with the osmocom event loopHolger Hans Peter Freyther1-0/+14
c-ares is an asynchronous DNS resolver and we need it to resolve the GGSN address. This is integrating the library into our infrastructure. We will create and maintain a list of registered FDs (c-ares is currently only using one of them) and (re-)schedule the timer after events occurred.
2015-05-24sgsn: Extract the hlr Number into the mm contextHolger Hans Peter Freyther1-0/+3
Include the hlr-Number of the subscriber in the CDR. This is useful for debugging and understanding which equipment was used during the test. In contrast to the MSISDN the '+' is emitted as the number must be in international format already.
2015-05-24gsup: Copy the hlr-Number and use it during purgeHolger Hans Peter Freyther1-0/+3
Copy the hlr-Number into the sgsn_data and use it during the purgeMS. There is no unit test that looks at the data we send so I manually verified this by looking at the output. Below is the output of the test that purges the subscriber. <000f> gprs_subscriber.c:170 SUBSCR(123456789012345) Sending GSUP, will send: 0c 01 08 21 43 65 87 09 21 43 f5 09 07 91 83 61 26 31 23 f3
2015-05-24gsup: Decode/Encode the hlr-Number in the GSUP messageHolger Hans Peter Freyther1-0/+3
Implement it similar to the msisdn_enc/msisdn_enc_len and extend the testcase to include it as well.
2015-05-17cdr: Remember the charging id supplied by the GGSNHolger Hans Peter Freyther1-0/+1
The charging_id is provided by the GGSN. Copy it into the CDR part of the data structure so it will remain present until after the pdp context has been deleted.
2015-05-06sgsn: Create an initial and limited CDR moduleHolger Hans Peter Freyther2-0/+19
This is consuming the new signals and allows to install several different CDR/observing/event/audit modules in the future. For getting the bytes in/out the code would have had to undo what the rate counter is doing and at the same time adding a "total" to the ratecounter didn't look like a good idea, the same went for making it a plain counter. Begin writing the values one by one and open/closing a new FILE for every log messages. This is not efficient but easily deals with external truncation/rotation of the file (no fstat for and checking the links and size). As usual we will wait and see if this is an issue. Add some new members to our PDP context structure to see what it is about.
2015-05-06sgsn: Add various signals consumed by CDR or other client codeHolger Hans Peter Freyther1-1/+20
2015-05-06sgsn: Make the free function internalHolger Hans Peter Freyther1-1/+0
All calls should and do go through the sgsn_mm_ctx_cleanup_free function.
2015-05-05sgsn: Store subscribed QoS and attempt to use itHolger Hans Peter Freyther2-0/+3
sgsn_create_pdp_ctx should use the subscribed QoS. When selecting the PDP context we inject the QoS to be used into the TLV structure and use it during the request. Assume a "qos-Subscribed" structure only with three bytes and prepend the Allocation/Retention policy to the request.
2015-05-05sgsn: Copy the msisdn to the sgsn_data and use it in PDP activationHolger Hans Peter Freyther1-0/+3
The MSISDN should be present for "security" reasons in the first activation of a PDP context. Take the encoded MSISDN, store it for future use and then put it into the PDP activation request. The MM Context contains a field for a decoded MSISDN already. As we need to forward the data to the GGSN I want to avoid having to store TON and NPI in another place. Simply store the data in the encoded form.
2015-05-05gsup: Extract the QoS fieldHolger Hans Peter Freyther1-0/+3
Add roundtrip test for the new QoS IE. It will be consumed in later commits.
2015-05-05gsup: Extract the new MSISDN stringHolger Hans Peter Freyther1-0/+4
Extract the new MSISDN IE from the GSUP message and verify that it is read/written to the message.
2015-05-03bsc: Add access list filtering to the BSCHolger Hans Peter Freyther1-0/+2
2015-05-03bsc: Add access lists to the MSC and the BSCHolger Hans Peter Freyther2-0/+7
It is a bit arbitary to decide which one is the global and which one is the local one. We might change it around. I don't think we want to introduce it based on BTS.
2015-05-03filter: Move the con_type into the filter_stateHolger Hans Peter Freyther3-11/+12
2015-05-03filter: Move from DNAT to DFILTER categoryHolger Hans Peter Freyther1-0/+1
2015-05-03filter: Remove bsc_connection from the filter APIHolger Hans Peter Freyther1-5/+11
Remove the last occurence of NAT datastructures in the filtering module and add the ctx to the filter request structure.
2015-05-03filter: Remove nat_sccp_connection from public APIHolger Hans Peter Freyther2-5/+10
2015-05-03filter: Separate SCCP/BSSAP extraction and gsm48 codeHolger Hans Peter Freyther2-4/+15
For the BSC we will have the gsm48_hdr and don't need to find data within SCCP. For legacy reasons we need to initialize con_type, imsi, reject causes early on and need to do the same in the filter method.
2015-05-03filter: More renaming and remove of "NAT" from itHolger Hans Peter Freyther1-7/+7
2015-05-03filter: Rename BSC to LOCAL and NAT to GLOBALHolger Hans Peter Freyther1-2/+2
2015-05-03filter: Remove nat from bsc_nat_acc_lst and replace with msgHolger Hans Peter Freyther1-9/+9
2015-05-03filter: Cease out "struct bsc_nat" from the APIHolger Hans Peter Freyther1-4/+3
This means we need to require a talloc context and simply operate on the list. I had considered creating a structure to hold the list head but I didn't find any other members so omitted it for now.
2015-05-03filter: Move VTY code into the filter moduleHolger Hans Peter Freyther1-0/+4
2015-05-03filter: Move the access list management aroundHolger Hans Peter Freyther2-8/+9
2015-05-03filter: Move the method definition to the filter moduleHolger Hans Peter Freyther3-57/+72
Move the filter methods to the filter module. This is still only usable for the NAT and the _dt/_cr filter routines need to move back to the bsc_nat in the long run.
2015-05-02mgcp: Fix compiler warning on 64bit buildsHolger Hans Peter Freyther1-1/+1
ENDPOINT_NUMBER takes the difference of two pointers. On 64bit builds the difference is a long and the compiler then complains about the usage of abs. We will never have thousands of endpoints so silence the warning by casting the ENDPOINT_NUMBER to int. mgcp_vty.c:1381:34: warning: absolute value function 'abs' given an argument of type 'long' but has parameter of type 'int' which may cause truncation of value [-Wabsolute-value] rtp_port = rtp_calculate_port(ENDPOINT_NUMBER(endp), ^ ../../include/openbsc/mgcp_internal.h:206:31: note: expanded from macro 'ENDPOINT_NUMBER' #define ENDPOINT_NUMBER(endp) abs(endp - endp->tcfg->endpoints) ^ mgcp_vty.c:1381:34: note: use function 'labs' instead
2015-04-29sub: Remove the queue from the subscriber codeHolger Hans Peter Freyther3-6/+11
The idea of "subscriber_get_channel" was that different requests would be coordinated. At the same time we have seen that the "queue" can get stuck at both 31C3 and the rhizomatica installations. Voice calls and SMS do not need coordination. We should be able to send SMS on a voice channel and switch the MS from a SDCCH to a TCH in case we establish a voice call. The SMS code itself needs to coordinate to obey the limit of one SMS per direction but this should be enforced in the sms layer and not on the subscriber. Modify the code to have a simple paging coordination. The subscriber code will schedule the paging and register who would like to know about success/failure. This allowed to greatly simplify the paging response handling for the transaction code (and in fact we could move the transaction list into the subscriber structure now). The code gained to support to cancel the notification of a request (but not the paging itself yet). TODO: Cancel paging request in case no one cares about it anymore.
2015-04-29sub: Remove introspection of the "channel queue"Holger Hans Peter Freyther1-5/+0
Over the next commits the queuing of commits will be completely modified to remove the queue and move the scheduling/limits to the outer callers.
2015-04-24mgcp: Allow to disable transcoding for trunksHolger Hans Peter Freyther1-0/+2
We might have compiled transcoding into the MGW but we don't want to enable it for a given user. Add a new switch that should allow that. I had manually tested the allow-transcoding/no allow VTY interface for the primary interface and a new trunk using show running-config.
2015-04-23nat: Make mode-set patching optionalHolger Hans Peter Freyther1-1/+2
2015-04-05nat: Inform others if an IMSI is rejectedHolger Hans Peter Freyther1-0/+4
In case one wants to monitor the access lists one there is now a trap for the IMSI.
2015-04-04bts: "Repair" broken channels if we receive the release ackHolger Hans Peter Freyther1-0/+11
We had issues with odd behavior on the nanoBTS which lead to the introduction of the "broken" state. On busy multi BTS cells (e.g. rhizomatica) with wifi backhaul the timeout we set to wait for a RF Channe Release ACK is sometimes too little and channels are marked broken that look to be okay (besides the still to be determined delay). In case of a sysmoBTS we now know that we can change the state of a broken channel back to normal in case we do receive the right response. Manually verified using the Smalltalk BTS code PackageLoader fileInPackage: 'FakeBTS' bts := FakeBTS.BTS new. bts btsId: '1903/0/0'. bts connect: 'localhost'. bts waitForBTSReady. test := FakeBTS.OpenBSCTest new. test bts: bts. test requireAnyChannel ... wait for NITB output <0004> abis_rsl.c:223 (bts=0,trx=0,ts=0,ss=0) Timeout during deactivation! Marked as broken. ... process pending messages stdin next <0004> abis_rsl.c:735 (bts=0,trx=0,ts=0,ss=0) CHAN REL ACK for broken channel. Releasing it. So the channel went from broken to unallocated.
2015-04-01bsc: Allow to use different LAC/CI for the core-networkHolger Hans Peter Freyther1-2/+4
We need to use different LAC/CI towards the core network. It is a bit problematic as LAC/CI is a per BTS attribute so this feature only works if a BSC manages everything in the same LAC. Related: SYS#1398
2015-03-22rtp: Use osmocom/netif/rtp.h for the rtp structure definitionHolger Hans Peter Freyther2-40/+1
We depend on libosmo-netif unconditionally. Let's use this definition of rtp and have one portability issue less.
2015-02-07nokia: Allow to set the reset time for the nokia btsSipos Csaba1-0/+1
2015-02-06Revert "gprs: Block other GSUP procedures during PURGE_MS"Jacob Erlbeck1-12/+0
This reverts commit f81cacc6814dde73f203d125b0065d1451a98317. Since the PURGE MS retry mechanism had been removed, this feature is not used anymore. It just makes the code more complex. Conflicts: openbsc/include/openbsc/gprs_sgsn.h openbsc/src/gprs/gprs_subscriber.c openbsc/tests/sgsn/sgsn_test.c
2015-02-06sgsn: Select GGSN based on APNJacob Erlbeck1-0/+5
Currently the APN IE in the Activate PDP Contex Request and the PDP data that is stored with the subscriber is ignored completely. This commit adds the sgsn_mm_ctx_find_ggsn_ctx that checks the APN IE against the subscriber's PDP data entries if both are present. If there is no match, the request is rejected. If an APN IE has not been included but PDP data entries are present, the function checks all of these entries against the static 'apn' configuration to find a suitable entry. If an APN has not been determined so far and any APN is allowed, the configuration is checked with an empty APN string, to allow for default configurations based on the IMSI prefix only. If nothing of this succeeded but the request wasn't rejected either, and there is no 'apn' configuration at all or if any APN is allowed but a default configuration ist not present, the GGSN with id 0 is used (if present). Otherwise the request is rejected ('missing APN'). Ticket: OW#1334 Sponsored-by: On-Waves ehf