Age | Commit message (Collapse) | Author | Files | Lines |
|
When receiving authentication response or security mode complete messages,
actually release the security operation stored with the subscriber conn.
|
|
Just return 0 regardless of the security callback's return value when
receiving authentication response or security mode complete messages.
|
|
Don't call msc_subscr_con_free() directly, instead use
gsm0408_clear_request(), which properly cleans up all pending operations
before freeing the connection.
|
|
By having conn->in_release == 1, calling msc_release_connection() has no
effect and thus never frees the conn. So, after all pending requests have
been discarded, also discard and free the unused connection.
|
|
In gsm04_08_clear_request(), in_release == 1 anyway and
msc_release_connection() would exit immediately without any effect. Don't
confuse the reader by passing release=1 arg.
|
|
Subscriber conn stuff doesn't really belong in gsm_subscriber.c.
(I moved because I thought it would call some static functions in gsm_04_08.c,
which ended up not being the case; anyway, it makes more sense to stay in
gsm_04_08.c.)
|
|
In NITB, the paging timeout would be handled from the BSC side. In IuCS, we
need to invalidate the paging request from libmsc alone, so add a paging timer
to gsm_subscriber.
Possibly, the HNB-GW should respond with a paging failure and libmsc could
trigger on that, nevertheless libmsc should not rely on a failure message to
expire pending pagings.
|
|
Make sure that subscr and conn are valid:
* a subscr must always be present.
* on success, a conn must be present and the subscr must match the conn's
subscr.
Also check the hooknum.
|
|
|
|
|
|
|
|
This reverts commit 6f4e83beb05b7e4fd615504a7bf6a71afe15064d, but note:
this is not a 1:1 revert since the subscr_paging_sec_cb() semantics have changed.
In subscr_paging_dispatch(), the separate subscr parameter is needed in cases
where paging expired and there is no conn available.
For subscr_paging_sec_cb(), a conn must always be available. Hence it avoids
any duplicity by only passing the conn and deriving the subscr from that.
Callers of subscr_paging_sec_cb() pass NULL as param, so pass conn->subscr when
calling subscr_paging_dispatch() from subscr_paging_sec_cb().
|
|
|
|
|
|
The network is known from subscr; the type is not applicable after MSCSPLIT;
cbfn and data are obsoleted by explicit subscr_rx_paging_response().
|
|
it is never called outside of gsm_subscriber.c
|
|
During peliminary paging response testing, I introduced some code duplication.
Remove that and instead call the code that was there before 63b99ced83773d923
("add preliminary paging response handling, incomplete").
By calling the gsm_subscriber API, the connection is also secured and hence
Integrity Protection is enabled for IuCS.
|
|
Tweak debug logging, use paging category DPAG.
Change the order of arguments to make more sense in the causal relationship.
|
|
Before this, any paging response would be accepted by the CN, without
checking the database whether the subscriber is in fact authorized.
The probability that a subscriber would be able to take unauthorized action
is slim, nevertheless checking authorization status with the database should
happen before we accept a connection.
|
|
Remove one layer of callback indirection in paging. When a paging response
arrives, we always want to first secure the connection, thus a fixed
subscr_rx_paging_response() function is more appropriate and avoids having
to store a cbfn. The actual actions to be taken upon successful paging are
of course still in callback functions stored with each subscriber.
|
|
It doesn't really hurt to see whether we have paging responses queued for
a given subscriber. Possibly a subscriber replied with a paging response
later than we assumed the paging to be valid.
|
|
|
|
|
|
|
|
|
|
Rename subscr_request_channel() to _conn() and remove the channel_type arg.
The "channel" is a term from closely tied MSC+BSC code, after separation we
shall call it a "connection", i.e. over IuCS or A.
The channel_type arg is already unused from a previous MSCSPLIT commit.
|
|
Add function subscr_authorized(), absorbing the guts of static
authorize_subscriber() from gsm_04_08.c, except the parts specific to Location
Updating.
subscr_authorized() is a check that is to be added to validation of a paging
response.
|
|
|
|
|
|
In handle_paging_response(), don't check conn against NULL after using it all
the time anyway.
To ensure beyond doubt that it is actually never NULL, assert conn further up
in the call stack, i.e. in gsm0408_dispatch(), the main entry point for
receiving data from the BSC/RNC level. Also assert msg while at it.
Fixes: CID#93769
|
|
In gsm_04_08.c, add a static handle_paging_resp() to take over from the libbsc
function gsm48_handle_paging_resp(). Use the subscr->requests listing to handle
a Paging Response and call the pending cbfn.
In NITB, this used to be done via BTS, and I haven't entirely resolved yet how
exactly to rewire this in standalone libmsc. So far, this "works for me", but
is worth another visit.
Still missing: enable Integrity Protection.
|
|
|
|
|
|
|
|
Factor out hardcoded-Ki and auth tuple creation into a static function.
Add generation of fresh random bytes and generate a valid auth tuple so that
the authentication token is different for every MM Auth.
|
|
This involves removing the openbsc_vty_print_statistics() from
vty_interface_layer3.c, as this would link across the MSC/BSC border.
|
|
|
|
Add iu_page_cs() and iu_page_ps() API, also add to libiudummy for linking in
tests.
Implement msc_paging_request() by calling iu_page_cs().
|
|
|
|
Add lac argument to gsm0408_rcvmsg_iucs(), to record the LAC in newly
allocated gsm_subscriber_connections.
In effect, fix the LAC sent to UE during Location Updating Accept message.
Before, 0 was stored as LAC and sent to the UE, regardless of the actual
LAC in use.
|
|
|
|
|
|
|
|
Conflicts:
openbsc/src/libmsc/auth.c
openbsc/src/libmsc/gsm_04_08.c
openbsc/src/osmo-bsc/osmo_bsc_vty.c
openbsc/tests/Makefile.am
|
|
Make sure a new auth tuple is initialized after
db_get_lastauthtuple_for_subscr() returns an error, i.e. if no tuple is present
for the subscriber yet.
Before this patch, the first key_seq depended on the typically uninitialized
value that was present in auth tuple's key_seq upon calling
auth_get_tuple_for_subscr().
The very first key_seq used for a new subscriber will now always be 0. Before,
it used to be mostly 1 ("(0 + 1) % 7"), but depended on whether the key_seq was
indeed initialized with 0, actually by random.
|
|
In auth_get_tuple_for_subscr(), add missing condition to match incoming
key_seq with stored key_seq, so that re-authentication is requested for
mismatching key_seqs.
Add test for this issue.
|
|
AUTH_NOT_AVAIL == 0, so this is no functional change.
|
|
Instead of using hardcoded -1 for errors, include -1 in the enum auth_action
type; apply its use.
In the mm_auth test, the string output changes from '(internal error)' to
'AUTH_ERROR', since now the proper enum value is used in auth_action_names[].
|
|
Add basic MM Authentication test setup, with fake DB access and RAND_bytes().
So far implement simple tests for IO error during DB access and missing auth
entry.
To print the auth action during tests, add struct auth_action_names and
auth_action_str() inline function in auth.[hc].
|
|
|