| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Change-Id: I88e981f4c31393a98ae8d61176c65c9251a6f28b
|
|
Change-Id: I3ac38f4b701ad8308470573260fa91a4b04c2f18
|
|
The idea is to not have a direct pointer to a bts struct (into BSC land), but a
LAC to resolve the BSC or RNC depending on the appropriate A or IuCS interface.
subscr_update(): remove bts arg, add lac arg.
Pass conn->lac to gsm48_generate_lai() instead of bts->location_area_code.
Change-Id: I9f2b298a785bf4b2a1b3fcdd91b8256106b2d9de
|
|
Change-Id: I3ef6ca26150b6102a0fa22a88a60d9a442d640b4
|
|
Add msc_ifaces.[hc], a_iface.c, with a general msc_tx_dtap() to redirect to
different interfaces depending on the actual subscriber connection.
While iu_tx() is going to be functional fairly soon, the a_tx() is going to be
just a dummy for some time (see comment).
Add Iu specific fields in gsm_subscriber_connection: the UE connection pointer
and an indicator for the Integrity Protection status on Iu (to be fully
implemented in later commits).
Add lac member to gsm_subscriber_connection, to allow decoupling from
bts->location_area_code. The conn->lac will actually be set in iu.c in an
upcoming commit ("add iucs.[hc]").
Change-Id: Idf8020a30562426e8f939706bf5c2188d5a09798
|
|
Change-Id: Ic7ed7faa2bcc7aae799f41ed4abc2c001bfb61b7
|
|
the BSC-side of the API behind gsm0808_submit_dtap() is doing
this resolving again anyway. So let's avoid doing it twice, and avoid
having more dependency of the MSC down into the lchan details.
Conflicts:
openbsc/src/libmsc/gsm_04_08.c
Change-Id: I14254be68ee1a48e9f1ce968233414d86c6ba9d5
|
|
Before, each GSUP client would contact the HLR with an identical unit id, i.e.
"SGSN-00-00-00-00-00-00", with the result that some messages were sucked off by
the wrong client.
Pass explicit unit name from each gsup client user, so that OsmoMSC is "MSC"
and OsmoSGSN is "SGSN". Hence the HLR can properly route the messages.
Todo: also set some values instead of the zeros.
Change-Id: I3f8d6dd47c7013920e2a4bde006ed77afd974e80
|
|
The SQL based lookup of SMS for attached subscribers no longer works since the
SQL database no longer has the subscriber data. Replace with a round-robin on
the SMS recipient MSISDNs paired with a VLR subscriber RAM lookup whether the
subscriber is currently attached.
If there are many SMS for not-attached subscribers in the SMS database, this
will become inefficient: a DB hit returns a pending SMS, the RAM lookup will
reveal that the subscriber is not attached, after which the DB is hit for the
next SMS. It would become more efficient e.g. by having an MSISDN based hash
list for the VLR subscribers and by marking non-attached SMS recipients in the
SMS database so that they can be excluded with the SQL query already.
There is a sanity limit to do at most 100 db hits per attempt to find a pending
SMS. So if there are more than 100 stored SMS waiting for their recipients to
actually attach to the MSC, it may take more than one SMS queue trigger to
deliver SMS for subscribers that are actually attached.
This is not very beautiful, but is merely intended to carry us over to a time
when we have a proper separate SMSC entity.
Change-Id: I1acf9debb6ba9164e6edcfd5bc5e48e8c98f2b01
|
|
Original libvlr code is by Harald Welte <laforge@gnumonks.org>,
polished and tweaked by Neels Hofmeyr <nhofmeyr@sysmocom.de>.
This is a long series of development collapsed in one patch. The original
history may still be available as branch neels/vlr_orig.
TODO: This commit may be split in several smaller changes before merging to
master.
Related: OS#1592
Change-Id: I702ba504ce2de93507312c28eca8d11f09f4ee8b
|
|
Original libvlr code is by Harald Welte <laforge@gnumonks.org>,
polished and tweaked by Neels Hofmeyr <nhofmeyr@sysmocom.de>.
This is a long series of development collapsed in one patch. The original
history may still be available as branch neels/vlr_orig.
Related: OS#1592
Change-Id: I3f75de5f0cc2ff77f276fd39832dd3621309c4b9
|
|
This introduces a reference count for gsm_subscriber_connection. Every
user of the connection needs to hold a reference until done. Once the
reference count dorps to zero, the connection is cleared towards the
BSC (which subsequently will clear any logical channels associated with
it).
Related: OS#1592
Change-Id: I8c05e6c81f246ff8b5bf91312f80410b1a85f15e
|
|
Change-Id: I656d8619a1adc93e2f627f4e1ba21512a7374279
|
|
In a future commit, gsm_subscriber will be replaced by vlr_subscr, and it will
not make sense to use vlr_subscr in libbsc. Thus we need a dedicated BSC
subscriber: struct bsc_subscr.
Add rf_policy arg to bsc_grace_paging_request() because the bsc_subscr will no
longer have a backpointer to gsm_network (used to be via subscr->group).
Create a separate logging filter for the new BSC subscriber. The implementation
of adjusting the filter context is added in libbsc to not introduce
bsc_subscr_get/_put() dependencies to libcommon.
During Paging Response, fetch a bsc_subscr from the mobile identity, like we do
for the gsm_subscriber. It looks like a duplication now, but will make sense
for the VLR as well as for future MSC split patches.
Naming: it was requested to not name the new struct bsc_sub, because 'sub' is
too ambiguous. At the same time it would be fine to have 'bsc_sub_' as function
prefix. Instead of struct bsc_subscriber and bsc_sub_ prefix, I decided to
match both up as struct bsc_subscr and bsc_subscr_ function prefix. It's fast
to type, relatively short, unambiguous, and the naming is consistent.
Add bsc_subscr unit test.
Related: OS#1592, OS#1594
Change-Id: Ia61cc00e8bb186b976939a4fc8f7cf9ce6aa3d8e
|
|
Add via_ran to gsm_subscriber_connection to indicate whether a conn is coming
in via 2G/GERAN/A-Interface or 3G/UTRAN/Iu-Interface. Prepares for Iu, but
also for libvlr to decide between GSM or UMTS Auth.
Until actual Iu support is merged to master, this indicator will aid VLR unit
testing.
At some point we may also add RAN_GERAN_IU; it's not on the agenda yet, but to
clearly distinguish the names if we want to add it, explicitly name the ones we
have RAN_GERAN_A and RAN_UTRAN_IU.
Change-Id: I93b870522f725170e4265a5543f6b680383d7465
|
|
Found by ASAN
Change-Id: I2680c60e26b9876b428d4b75323f884f9ecd95b3
|
|
Remove the fuzzer interface that was partially implemented in
gsm_04_08.c and silent_call.c is causing problems when an
SMS is sent during an active silent call. The reason for this
is that gsm0408_dispatch() in gsm_04_08.c would decide to
rout all uplink traffic to silent_call_rx() in silent_call.c.
silent_call_rx() is a stub function that discards the data.
This patch removes the fuzzer interface code by placing ifdefs
around it, so that it can be re-activated by experimentators.
Change-Id: Id500197d58663b3f4b1756136343670388b0a4bc
|
|
Change-Id: I3d19518c94a7f302bf108f2ad945983cdc8db0b1
|
|
In libosmocore, my patch was merged to master a bit too soon. To accomodate the
request for naming that matches the general "LOG" prefix instead of "LOGGING",
a fixup was committed to libosmocore. Adjust for that.
Original patch: change-id I5c343630020f4b108099696fd96c2111614c8067
The fixup: change-id I424fe3f12ea620338902b2bb8230544bde3f1a93
Change-Id: Ib2ec5e4884aa90f48051ee2f832af557aa525991
|
|
The LCHAN and BTS filter contexts are actually never used, so drop them until
someone adds them properly.
For now use only LOGGING_{FILTER,CTX}_VLR_SUBSCR. Some of these will change to
_BSC_SUBSCR once struct bsc_subscriber is introduced, and later on, struct
gsm_subscriber will be replaced by vlr_subscriber so that the names will match.
Depends: libosmocore change-id I5c343630020f4b108099696fd96c2111614c8067
Change-Id: Ifa82f6a461ad4c0eeddb8a38fb3833460432d16b
|
|
To be paranoid, catch a NULL subscriber and/or bts in
subscr_update_expire_lu(): print an error log and avoid segfault.
(I'm not sure this would really happen in a normal situation.)
During aggressive testing of Paging timeout, I came across this segfault in
msc_release_connection() when conn->expire_timer_stopped is set but
conn->subscr is NULL, at the subscr dereference after:
if (conn->expire_timer_stopped)
subscr_update_expire_lu(conn->subscr, conn->bts);
I brought this situation about by a fabricated Paging fault, i.e. in
gsm48_rx_rr_pag_resp() return 0 and don't call gsm48_handle_paging_resp() at
all. Thus conn->subscr is still NULL when expire_timer_stopped is 1.
When looking at CM Service Request handling, the conn->subscr is set before
setting expire_timer_stopped = 1, which is a saner thing to do. But without my
mad 'return 0', there is in fact no way to have a NULL subscriber there.
It looks like all other code paths already do the same, but it's not that
obvious (e.g. _gsm48_rx_mm_serv_req_sec_cb()). So rather catch this case of
NULL conn->subscr, and while at it catch NULL bts as well.
Change-Id: I430dd952b2b928bea7f8360f1e01bb3cccb0a395
|
|
Change-Id: I3dc94dc4bddc5a887ce196071327a6dddfe5b280
|
|
Log more data related to channel allocation:
- channel type
- number of paging attempts
- timers fired
Change-Id: Ib417a9c942c17b902dd80ff555cd9da5f91bff48
|
|
Parse the longer UMTS res from the extended Auth Response Parameter IE.
Parse the R99 Authentication Failure and AUTS in case of cause
GSM_REJECT_SYNCH_FAILURE which indicates a SQN re-sync request.
Both still end in 'not implemented' error logs, which are the places where the
upcoming VLR that supports UMTS AKA will integrate.
Depends on recently added constants in libosmocore in
commit 55a43b801385e07a484217925ecf2379b9f54fcf
aka change-id I745061ce8eb88aa23080dadcdbfe2d703c362a30
Change-Id: I4868bbeedc32fa7b8d03b9e3c66db618543d38ec
|
|
To be able to do R99 UMTS authentication, we need to send along AUTN bytes in
the Authentication Request. Add autn parameter to gsm48_tx_mm_auth_req() and
conditionally append the R99 AUTN TLV to the Authentication Request message.
Change-Id: I0d644559088706aa06b42b9bfe1f8c21ca6fa4da
|
|
Check conn->subscr against NULL.
gsm0408_rcv_cc() dereferences many conn members without checking presence: the
bts and lchan members may be expected to be NULL in the ongoing MSC split and
3G developments.
But the conn->subscr is initially NULL, so an MS sending a CC message before
something like a LU or CM Service Request will result in a segfault. Prevent
that.
Note: the upcoming VLR will be more restrictive on what messages are processed,
this is a "backport" to the situation on current master.
Change-Id: If067db7cc0dd3210d9eb1da15be6b637795a3ecf
|
|
cosmetic ws in common_cs_vty.c, osmo_msc.c
comment: tiny typo fix in gsm_04_08.c
In comments, drop some unbalanced braces, because simplistic C file harvesters
will break at a single opening brace even if it is in a comment. This is aimed
at the fsm-to-dot.py script in libosmocore/contrib.
Change-Id: I3c1fa53195a1e57d6fe0a6791c346d30ceff1251
|
|
Use CTRL_CMD_DEFINE_RO(), CTRL_CMD_DEFINE_WO() and
CTRL_CMD_DEFINE_WO_NOVRF() where appropriate to get rid of boilerplate
code.
Change-Id: I5bcea0b4f4b8f535bef2b423f2013b8b4a218b5b
|
|
Change-Id: I676c84350a7afc963bc6bb4c46c60e5ac3eee67e
|
|
Shorten some code and make obvious to the reader that the string copy is done
in a safe way.
Change-Id: I900726cf06d34128db22a3d3d911ee0d1423b1bd
|
|
Use osmo_strlcpy() to fix unsafe invocation of strncpy(), which potentially
left the result unterminated.
Change-Id: I1a119b1760a3e3262538b4b012d476fdce505482
|
|
Change-Id: I6ae6720afc04cc3c92ceff86e5b2a5a29494aeb1
|
|
Change-Id: I4b00d8821c1688ca0c990b6042607f4ded0f80e3
|
|
libosmocore change-id I857af45ae602bb9a647ba26cf8b0d1b23403b54c adds
OSMO_VALUE_STRING to compose value_string arrays with the exact enum names as
entries. Use instead of identical local macros in two places.
Change-Id: I1b44d2a3f293785a01d6a587c78f9e0cbeec70c3
|
|
Change-Id: I0dbb438f3bfbaf9744717cbeec31ceefdd679ee9
Related: OS#1694
|
|
iu_event_type_names[] and auth_action_names[] lacked a { 0, NULL }.
Change-Id: I2e3f271b887e711c8139fbaa32410c16e7fe9921
|
|
Rename current subscr_con_allocate() and subscr_con_free to bsc_*,
and add two separate msc_subscr_con_allocate() and _free().
The msc_subscr_con_free() ignores all lchan members.
In libbsc use bsc_*, in libmsc use msc_*.
Change-Id: I3cf7c7cafdf4672ec7b26058bba8a77159855257
Future: there will be distinct subscr conns for libbsc and libmsc.
|
|
Time zone used to be configurable per-BTS. In the upcoming MSC-split, no BTS
structures will be available on the MSC level. To simplify, drop the ability to
manage several time zones in a core network and place the time zone config on
the network VTY level, i.e. in gsm_network. If we are going to re-add fine
grained time zone settings, it should probably be tied to the LAC.
Adjust time zone VTY config code (to be moved to libcommon-cs in subsequent commit).
Adjust time zone Ctrl Interface code.
Change-Id: I69848887d92990f3d6f969be80f6ef91f6bdbbe8
|
|
Implement connection_for_subscr() from a completely different angle: instead of
looking up lchans in bts structs, look up the subscriber in the global list of
gsm_subscriber_connection. static lchan_find() is thus obsoleted.
All callers of connection_for_subscr() live in libmsc, so move to libmsc.
The move and edit are done in a single commit since the old and new
implementation have nothing in common.
Future: osmo-cscn will use this, without bts being present.
Remove implementation of connection_for_subscr() from channel_test.c -- it is
possible that the abort() in there was intended for a regression test, but
actually it seems the implementation was merely added for linking reasons, and
the abort() added to guard against the NULL return value: no comment nor the
commit log indicate that the abort() is test critical; the addition was the
only change in channel_test.c for that commit; at the same time a
connection_for_subscr() call was added in libmsc.
Change-Id: I5e0ba0ecf1726ebd540800f4e98fdfc937c904ff
|
|
libbsc and libmsc will have separate subscriber connection structs. Hence don't
rely on gsm_subscriber_connection, but work on a direct pointer to the counter
for the next RP reference.
The only very thin function in gsm_04_11_helper.c thus becomes obsolete: drop
the entire file.
Change-Id: I2a2e9ba6a981a385d1f8f07acbe03536ffed0072
|
|
Both libmsc and libbsc will need distinct gsm0480_send_ussdNotify() and
gsm0480_send_releaseComplete() functions, since there will be distinct
subscriber connection structs.
Rename to msc_send_ussd_notify() and msc_send_ussd_release_complete(), and add
the same in libbsc with bsc_ prefix in new file gsm_04_80_utils.c.
In preparation of this patch, the message generation part of these functions
has been added to libosmocore as gsm0480_create_ussd_notify() and
gsm0480_create_ussd_release_complete(). Use these.
Adjust all libmsc and libbsc callers according to use the msc_* or bsc_*
implementation, respectively.
Change-Id: I33a84e3c28576ced91d2ea24103123431f551173
|
|
Change-Id: I22100c260856991b9a836135b3650e5b8c5449ca
Fixes: Coverity CID 57623
|
|
Change-Id: Ic8944ac4c5e940c9d835c52f1701461f274238db
Fixes: Coverity CID 57621
|
|
This is a speculative change for interrogateSS and by not answering
the request the radio connection would remain open long.
The SS/USSD code is from a time where none of knew much about GSM. We
do not support SS but should reject it. We have checked for an empty
string in the text field to guess if it is a result/release to not send
more information. The right way forward is to decode the ASN1 into the
fields REQUEST/RESULT(last).
Fix an issue and make the code worse. Assume ss_code > 0 to see if this
is a interrogate invoke. The issue is that code 0 is a well defined
value but unlikely to be used.
MAP ASN1 definition:
SS-Code ::= OCTET STRING (SIZE (1))
-- This type is used to represent the code identifying a single
-- supplementary service, a group of supplementary services, or
-- all supplementary services. The services and abbreviations
-- used are defined in TS 3GPP TS 22.004 [5]. The internal structure is
-- defined as follows:
--
-- bits 87654321: group (bits 8765), and specific service
-- (bits 4321)
allSS SS-Code ::= '00000000'B
Change-Id: Ib0dc4485388f030eb172fe21f5327b7ab94751f5
|
|
As per TS 23.014, a GSM MSC must implement mobile-originated DTMF
generation. We gate the DTMF signalling messages to MNCC, and expect
the external MNCC handler to deal with it. However, the internal MNCC
handler simply ignored such singalling messages, rather than rejecting
DTMF altogether.
It turns out failure to respond to START DTMF will cause some phones to
behave in interesting ways, particularly with modem
firmware v6.01.00, see https://osmocom.org/issues/1817). In this case
the phone is not able to release the call as the pending response to the
START DTMF is probably keping a reference or lock of some sort.
Change-Id: I336f0cd0a6396b522d228479a417fd4d606157ac
|
|
GSM 04.18, which is the successor of GSM 04.08, describes
additional RR 3g specific message types. This commit adds
log output for those messages. The behaviour is not changed
all affected message types are still forwared to the MSC
as they were before.
See also 3GPP TS 04.18, section 10.4, table 10.4.1
The change requires to update libosmocore as well, see
also commit f48fdb3a108da0dc23d7af4ac021e98e11f07152 in
libosmocore.git for details.
Change-Id: I41f2242fdf59c3eb4b3f8f7f003c17f7e0df01aa
|
|
Change-Id: I651473f638365bbd333c4c80d223cdd023dd2c51
|
|
active_calls describe all calls in active state.
call.complete Call got terminated by disconnect requested either by MS or MSC.
call.incomplete Call got terminated by any other reason.
call.active Calls reached active state.
Change-Id: I49b93af2e6a0ba16c2fb00b7b83974e8a6a16df3
|
|
The previous commit added a network backpointer to gsm_subscriber_connection.
Use it wherever it makes sense, to skip the step through the bts structure.
In some places, remove local variables that become unused.
Change-Id: I34537025986713291e14c8212a81539b497befd4
|
|
One logged the wrong function name. Add others.
Change-Id: Ied5d8e84d5d192c826bc131be8907eaa55190479
|
