From 23bb7b362798d7459929d5eca1a913f94ad77453 Mon Sep 17 00:00:00 2001 From: Pau Espin Pedrol Date: Wed, 27 Mar 2019 17:53:38 +0100 Subject: Replace broken ipa_ccm_idtag APIs with new ipa_ccm_id ones ipa_ccm_idtag_parse_off is broken, and can only be used with len_offset=1 on ID Request messages, otherwise won't work correctly. Modify ipa_ccm_idtag_parse to at least parse those correctly, and document the limitations. Those two functions are already deprecated and only used in openbsc by 3 callers: * ipa_ccm_idtag_parse in ussd_read_cb(): Broken, that function can only work for Requests and it's used to parse a Response. * ipa_ccm_idtag_parse_off in forward_sccp_to_msc (NAT): Broken, it can only be used to parse Requests and it's used to parse a Response. Furthermore, len_offset=2 is passed which makes no sense and most probably it fails always, or can even make the program crash. * ipa_ccm_idtag_parse_off in (answer_challenge): This one is fine and could actually be replaced with ipa_ccm_id_get_parse after libosmocore commit (see below) is merged. See libosmocore I6efc852dfc041192f554e41a58290a0f63298021 for more information. As a consequence of the fixes, osmo-bsc-nat now parses messages sent from VTY test correctly and thus it goes into processing them instead of silently dropping them. As a result, some VTY tests fail because they are sending incorrect format (missing NULL char in unit id strings) and osmo-bsc-nat closses its connection (due to bad auth). Change-Id: I3b995f8ef0b48c0a5b3375e42926641934359cd2 --- openbsc/src/osmo-bsc/osmo_bsc_msc.c | 4 +--- openbsc/src/osmo-bsc_nat/bsc_nat.c | 6 +++--- openbsc/src/osmo-bsc_nat/bsc_ussd.c | 6 +++--- 3 files changed, 7 insertions(+), 9 deletions(-) (limited to 'openbsc/src') diff --git a/openbsc/src/osmo-bsc/osmo_bsc_msc.c b/openbsc/src/osmo-bsc/osmo_bsc_msc.c index b179ff17f..badecc682 100644 --- a/openbsc/src/osmo-bsc/osmo_bsc_msc.c +++ b/openbsc/src/osmo-bsc/osmo_bsc_msc.c @@ -456,9 +456,7 @@ static int answer_challenge(struct bsc_msc_data *data, struct msgb *inp, struct .algo = OSMO_AUTH_ALG_MILENAGE, }; - ret = ipa_ccm_idtag_parse_off(&tvp, - inp->l2h + 1, - msgb_l2len(inp) - 1, 1); + ret = ipa_ccm_id_get_parse(&tvp, inp->l2h + 1, msgb_l2len(inp) - 1); if (ret < 0) { LOGP(DMSC, LOGL_ERROR, "ignoring IPA response " "message with malformed TLVs: %s\n", osmo_hexdump(inp->l2h + 1, diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c b/openbsc/src/osmo-bsc_nat/bsc_nat.c index c8a9e74e9..670b0be0c 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c @@ -1291,9 +1291,9 @@ exit: if (msg->l2h[0] == IPAC_MSGT_ID_RESP && msgb_l2len(msg) > 2) { struct tlv_parsed tvp; int ret; - ret = ipa_ccm_idtag_parse_off(&tvp, - (unsigned char *) msg->l2h + 2, - msgb_l2len(msg) - 2, 0); + ret = ipa_ccm_id_resp_parse(&tvp, + (unsigned char *) msg->l2h + 1, + msgb_l2len(msg) - 1); if (ret < 0) { LOGP(DNAT, LOGL_ERROR, "ignoring IPA response " "message with malformed TLVs\n"); diff --git a/openbsc/src/osmo-bsc_nat/bsc_ussd.c b/openbsc/src/osmo-bsc_nat/bsc_ussd.c index ee0b08593..dea18073f 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_ussd.c +++ b/openbsc/src/osmo-bsc_nat/bsc_ussd.c @@ -141,9 +141,9 @@ static int ussd_read_cb(struct osmo_fd *bfd) if (msg->l2h[0] == IPAC_MSGT_ID_RESP) { struct tlv_parsed tvp; int ret; - ret = ipa_ccm_idtag_parse(&tvp, - (unsigned char *) msg->l2h + 2, - msgb_l2len(msg) - 2); + ret = ipa_ccm_id_resp_parse(&tvp, + (unsigned char *) msg->l2h + 1, + msgb_l2len(msg) - 1); if (ret < 0) { LOGP(DNAT, LOGL_ERROR, "ignoring IPA response " "message with malformed TLVs\n"); -- cgit v1.2.3