| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
For most configurations we don't address multiple GGSNs but
only want to enforce a list of APNs. In the future we might
add a special global GGSN context but not right now.
Fixes: SYS#593
|
|
This commit adds the exported functions apn_ctx_find_alloc,
apn_ctx_free, apn_ctx_by_name, and apn_ctx_match to manage and
retrieve APN to GGSN mappings.
The following VTY commands are added to 'config-sgsn':
- apn APN ggsn <0-255>
- apn APN imsi-prefix PREFIX ggsn <0-255>
which maps an APN gateway string to an SGSN id. The SGSN must be
configured in advance. When matching an APN string, entries with a
leading '*' are used for suffix matching, otherwise an exact match is
done. When a prefix is given, it is matched against the IMSI. If
several entries match, a longer matching IMSI prefix has precedence.
If there are several matching entries with the same PREFIX, the entry
with longest matching APN is returned.
Ticket: OW#1334
Sponsored-by: On-Waves ehf
|
|
Currently the PDP info that is transmitted via GSUP is just parsed
and then discarded.
This commit adds a new data structure sgsn_subscriber_pdp_data and
maintains a list of those in sgsn_subscriber_data. The PDP data is
copied from an incoming GSUP UpdateLocationResult message. If that
message contains the PDPInfoComplete flag, the list is cleared before
new entries are added. The 'show subscriber cache' output now also
shows the PDP data entries.
Note that the InsertSubscriberData message is still not supported.
[hfreyther: Added talloc_free in gprs_subscr_pdp_data_clear]
Sponsored-by: On-Waves ehf
|
|
The cancellation type that is part of the UpdateCancellation message
is currently ignored.
This patch adds the missing glue between the existing GSUP and GMM
support. If the type is not present or has the value updateProcedure
the subcriber and MM context are siliently removed. Otherwise, a
message with cause 'implicitly detached' is sent to the MS. Since the
real cause is not known (the specification neither added a cause IE
nor defined a static cause value), the MS may get the real cause in
the following AttachRej.
Added VTY commands:
- update-subscriber imsi IMSI cancel update-procedure
- update-subscriber imsi IMSI cancel subscription-withdraw
the old form without the cause is no longer supported.
Sponsored-by: On-Waves ehf
|
|
Currently the keep_in_ram flag is explicitely reset in
gprs_subscr_cleanup to cover the case, that the VTY 'create'
sub-command has been used to create the subscriber entry.
This commit completely removes keep_in_ram handling from
gprs_subscriber.c and adds a VTY 'destroy' sub-command to reset the
flag and remove the entry. So 'create' and 'destroy' can be used to
manager sticky entries that are kept even when a location
cancellation is done.
Added VTY command:
- update-subscriber imsi IMSI destroy
Sponsored-by: On-Waves ehf
|
|
Currently gprs_subscr_delete implicitely calls subscr_put, which
makes the code more complex than necessary (additional subscr_get) in
a few places. It also makes it more difficult to see, whether get/put
are balanced within a function. In addition, the functions are not
named consistently (gprs_subscr_delete vs.
gprs_subscr_put_and_cancel).
This commit changes the semantics of gprs_subscr_delete and
indirectly of gprs_subscr_put_and_cancel to not call subscr_put on
their argument, but to leave that for the caller to do it
explicitely.
It renames gprs_subscr_put_and_cancel to gprs_subscr_cancel to
reflect that change in the name, too.
Sponsored-by: On-Waves ehf
|
|
The subscriber cache would help in case:
* GPRS DETACH, GPRS ATTACH. In that case we might still
have some cached authentication tuples we avoid another
sendAuthenticationInfo request.
* After a detach the cache expiry would make sure to
eventually send a purgeMS to the HLR (which might be
ignored).
At the same time to make the cache work we will need to
make sure to start and stop timers. In case we don't
start we might accumulate subscribers. I am afraid that
the above two benefits do not outweight the complexity
of this implementation.
|
|
This patch drops the following commands:
- update-subscriber imsi IMSI insert authorized <0-1>
- update-subscriber imsi IMSI commit
since they are already covered by the 'update-location-result'
sub-command, except that this command doesn't create an new entry if
none is found with the given IMSI.
It adds the following command:
- update-subscriber imsi IMSI create
which can be used to create a new entry.
Sponsored-by: On-Waves ehf
|
|
Currently '\n' is used to end lines in the VTY output string
constants instead of inserting VTY_NEWLINE. This leads to incorrect
line starts in error messages.
This patch fixes that accordingly.
Sponsored-by: On-Waves ehf
|
|
Currently an error_cause of 0 is being used to indicate normal
operation. Albeit this is not a defined GMM cause, the value is not
explicitly reserved.
This commit adds the macro SGSN_ERROR_CAUSE_NONE and uses it for
initialisation (instead of relying on talloc_zero) and comparisons.
The value is set to -1 to be on the safe side. The VTY code is
updated to set the error_cause when using the
'update-subscriber imsi IMSI update-location-result CAUSE' command.
Sponsored-by: On-Waves ehf
|
|
When a subscriber entry is going to be deleted by SGSN and when the
subscriber info has been obtained from a remote peer via GSUP, the
peer should be informed before the entry is really deleted. For this
purpose, MAP defines the PURGE MS procedure (see GSM 09.02, 19.1.4).
This patch adds support for the PURGE_MS_REQ/_ERR/_RES messages and
invokes the procedure when the subscriber entry is going to be
removed. This only applies if GSUP is being used, the Update
Location procedure has been completed successfully, and the
subscriber has not been cancelled. The removal of the entry is
delayed until a PURGE_MS_RES or PURGE_MS_ERR message is received.
Note that GSM 09.02, 19.1.4.4 implies that the subscriber data is not
to be removed when the procedure fails which is not the way the
feature has been implemented.
Note that handling 'P-TMSI freezing' is not implemented.
Ticket: OW#1338
Sponsored-by: On-Waves ehf
|
|
Set the expiry delay after the subscriber has been deleted (e.g. by
freeing the MM context). If cancelled, the subscriber will be deleted
immediately and no timeout will be set. If the expiry time is set to
SGSN_TIMEOUT_NEVER, no timer will be started and the subscriber entry
will be kept until it is cancelled.
The following VTY command is added to the sgsn node:
- subscriber-expiry-time <0-999999> set expiry time in seconds
- no subscriber-expiry-time set to SGSN_TIMEOUT_NEVER
The default is an expiry time of 0 seconds, which means that the
subscriber entries are wiped out immediately after an MM context is
destroyed.
Note that unused MM contexts are not expired yet. Therefore the
subscriber will only be expired after a successful MM detach.
Sponsored-by: On-Waves ehf
|
|
This commit adds a line to the output of 'show sgsn' if the GSUP
client has been initialized:
- Remote authorization: [not] connected to HOST:PORT via GSUP
Sponsored-by: On-Waves ehf
|
|
This flag is used to determine, whether the Update Location procedure
shall be invoked. This is currently only set, when the 'remote'
authorization policy is set. When the flag is set, sgsn_auth_update
will not never be called directly by sgsn_auth_request, if an Attach
Request procedure is pending, even if the remote connection fails for
some reason.
Sponsored-by: On-Waves ehf
|
|
Currently the flag 'authenticate' is managed per subscriber.
This patch replaces that flag by a global cfg.require_authentication
flag that enables/disables the use of the Auth & Ciph procedure for
every subscriber. The flag is set by the VTY, if and only if the
authorization policy is 'remote'.
The VTY command
- update-subscriber imsi IMSI insert authenticate <0-1>
is removed.
Sponsored-by: On-Waves ehf
|
|
This commit adds GSUP client configuration (via VTY), connection set
up, and real message sending.
The following configuration commands are added:
- gsup remote-ip A.B.C.D set server IP address
- gsup remote-port PORT set server TCP port
Ticket: OW#1338
Sponsored-by: On-Waves ehf
|
|
Currently the result of the osmo_hexparse function in
update_subscr_insert_auth_triplet is not handled correctly. There is
a misplaced leading exclamation mark in a few conditional
expressions. This effectively disables the error checks, as it is
noticed by Coverity ("Missing parentheses" followed by "Logically
dead code").
This patch removes the exclamation marks.
Fixes: Coverity CID 1260435 and CID 1260434
Sponsored-by: On-Waves ehf
|
|
This implements the MAP way of subscriber validation when the MS
tries to perform an Attach Request:
1. perform authentication (optionally invoke the sendAuthInfo
procedure), starts the Auth & Ciph procedure
2. perform update location
3. insert subscriber data
4. finish the update location
5. Attach Accept / Attach Reject
The authentication triplets are used and eventually updated if all of
them have been used.
This is currently accessible via the VTY interface by the following
commands:
- update-subscriber imsi IMSI update-auth-info
- update-subscriber imsi IMSI update-location-result (ok|ERR-CAUSE)
Sponsored-by: On-Waves ehf
|
|
This commit add data structures, functions, initialization, and VTY
commands for per subscriber authentication triplets.
The following VTY command is added:
- update-subscriber imsi IMSI \
insert auth-triplet <1-5> sres SRES rand RAND kc KC
Note that the triplets are not really used by the SGSN yet.
Sponsored-by: On-Waves ehf
|
|
This commit mainly extends sgsn_auth.c to use and support the
auth_state SGSN_AUTH_AUTHENTICATE. It will be activated when IMSI and
IMEI are available, authentication is required
(subscr->sgsn_data->authenticate is set), but the MM context is not
marked as authenticated. If the state has been set to
SGSN_AUTH_AUTHENTICATE and sgsn_auth_update() is called, the GMM
layer will be informed by invoking gsm0408_gprs_authenticate().
Sponsored-by: On-Waves ehf
|
|
Currently the gprs_subscr_update function is called when the
'update-subscriber ... insert ...' command is executed. This will
eventually notify the GMM layer which is rather the purpose of the
'commit' command.
This patch removes the call from update_subscr_insert.
Sponsored-by: On-Waves ehf
|
|
This adds the following commands to the ENABLE node:
- show subscriber cache
- update-subscriber imsi IMSI insert authorized (0|1)
- update-subscriber imsi IMSI cancel
- update-subscriber imsi IMSI commit
These commands are mainly testing tools and maintenance helpers. The
update commands work asynchronously and can be used to complete a
pending update request or to terminate an existing connection. The
'insert' command just update the subscriber records but does not
notify the GMM layer. Invoke the 'commit' command to continue with
pending procedures.
Note that the subscriber cache is not stored persistently and will
always be empty after an SGSN restart.
Sponsored-by: On-Waves ehf
|
|
This commit adds a new authorization policy 'remote' and uses
the subscriber cache for authorization when this policy is being used.
Note that there is no remote backend implemented yet. After the
IMSI/IMEI have been acquired, a request would be sent to the remote
peer. The attach/auth-ciph procedure continues when authorization
info has been received from the peer. This means, that
gprs_subscr_update() must be called then to tell the GMM layer
that it can proceed. A later commit will add VTY commands to do this
manually.
Sponsored-by: On-Waves ehf
|
|
Currently the VTY 'auth-policy' command results in setting or clearing
the acl_enabled flag. This also enables the matching of the MCC/MNC
prefix of the IMSI.
This patch adds an additional policy 'acl-only' which disables the
MCC/MNC matching and relies on the ACL only.
Sponsored-by: On-Waves ehf
|
|
Currently the ACL code is located in sgsn_vty.c.
This commit moves this to a new file sgsn_auth.c as a first step to
make authorization more flexible in order to implement remote
acquisition on subsciber data.
Sponsored-by: On-Waves ehf
|
|
Currently the PDP contexts are hard freed (via sgsn_pdp_ctx_free)
at some places in gprs_gmm.c on the reception of a Detach Req and on
re-use of an IMSI that is already associated with an MM context. This
can lead to segfaults when there is a pending request or a data
indication at libgtp.
This patch add a new function sgsn_pdp_ctx_terminate that de-associates
the PTP context from the MM context, deactivates SNDCP, sets pdp->mm
to NULL and then calls sgsn_delete_pdp_ctx. sgsn_libgtp is updated to
check for pdp->mm being non-NULL before dereferencing it. The
sgsn_pdp_ctx_terminate function will be called for each PDP context of
an MM context before this context is going to be deleted via
sgsn_mm_ctx_free. To ensure, that the ctx->llme (which is accessed
during the deactivation of SNDCP) remains valid, the call to
gprs_llgmm_assign is moved after the call to sgsn_mm_ctx_free. The
handling of re-used IMSIs is changed to mimic the processing of a
Detach Req.
Addresses:
<0002> gprs_gmm.c:654 MM(/f6b31ab0) Deleting old MM Context for same
IMSI p_tmsi_old=0xc6f19134
<000f> gprs_sgsn.c:259 PDP freeing PDP context that still has a
libgtp handle attached to it, this shouldn't happen!
[...]
SEGFAULT
Ticket: OW#1311
Sponsored-by: On-Waves ehf
|
|
Add the control interface with no hierachy right now and implement
the first command to list IMSI + Context Address of active sessions.
sgsn_cmd_handle could share more code with bsc variant.
Fixes: SYS#264, SYS#265
|
|
Remove ournode_exit_cmd, ournode_end_cmd, and bsc_install_default()
since this functionality is provided by the current libosmocore.
Replace calls to bsc_install_default() by call to
vty_install_default() with the following semantic patch:
@rule1@
expression N;
@@
- bsc_install_default(N);
+ vty_install_default(N);
Ticket: OW#952
Sponsored-by: On-Waves ehf
|
|
Add bsc_install_default() and replace all install_default()
This patch adds bsc_install_default() which calls install_default()
and add 'exit' and 'end'. All other calls to install_default() are
replaced by calls to bsc_install_default().
Since 'exit' and 'end' are now added automatically to each node, the
explicit registrations of these commands are removed by this patch,
too.
The related tests succeed now without work-arounds (except for the
'config' node itself which is part of libosmocore).
|
|
|
|
This adds a minimalistic ACL by which certain, individual roaming IMSIs
can be authorized to use the SGSN. So you can selectively bypass the
'MCC+MNC == first 5 digits of IMSI' checking for a couple of IMSIs
|
|
This is fixing a GCC and Coverity warning.
GCC:
sgsn_vty.c: At top level:
sgsn_vty.c:308:1: warning: ‘show_ggsn_cmd’ defined but not used [-Wunused-variable]
Coverity: CID 1040727
|
|
This is fixing a GCC and Coverity warning:
GCC:
sgsn_vty.c: In function ‘vty_dump_pdp’:
sgsn_vty.c:64:5: warning: ‘i’ may be used uninitialized in this function [-Wmaybe-uninitialized]
sgsn_vty.c:49:15: note: ‘i’ was declared here
Coverity: CID 1040706
|
|
Some nodes below 'config' didn't have ournode_exit / ournode_end,
and thus were not able to properly perform this function. exit should
always only go back one level, while end drops us back to ENABLE_NODE.
The prompt now represents the nesting level, and there's one consistent
space after the final prompt character (typically #).
|
|
This also removes the dependency to osmo_sock() inside libcommon and
replaces it with osmo_sock_* from libosmocore
|
|
|
|
These are not needed any more. We used them for u_int
types but we now use uint which comes from stdint.h
|
|
This uses the new include file for vty_out_rate_ctr_group() which
available in libosmocore.
|
|
libosmogsm is a new library that is distributed in the libosmocore.
Now, openbsc depends on it. This patch gets openbsc with this
change.
This patch also rewrites all include path to the new
osmocom/[gsm|core]
Signed-off-by: Pablo Neira Ayuso <pablo@gnumonks.org>
|
|
The reason for this is quite simple: We want to make sure anyone
running a customized version of OpenBSC to operate a network will
have to release all custom modifiations to the source code.
|
|
|
|
|
|
|
|
|
|
|
|
This removes the requirement for gb_proxy and sgsn to have duplicate
vty parsing code
|
|
|
|
|
|
|
|
* store LLC SAPI as part of PDP ctx
* store NSEI + BVCI as part of MM ctx
* export gsm48_tx_gsm_act_pdp_acc() and call it from sgsn_libgtp.c
* create and use gsm48_tx_gsm_act_pdp_rej for error cases
* print SAPI as part of VTY show pdp
|
