aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMax <msuraev@sysmocom.de>2017-11-01 13:28:38 +0100
committerMax <msuraev@sysmocom.de>2017-12-27 11:10:42 +0000
commit3b6332f6dc1fa14dea6d1577a162b84bb304d4ef (patch)
tree3fd531726889a3650920da1a78bf769e36153def
parent794693c09360382a222a00b031cf5159a8088303 (diff)
Migrate from OpenSSL to osmo_get_rand_id()
This avoids potential licensing incompatibility and makes integration of Debian packaging patches easier. The libosmocore version requirements are fine already but for jenkins tests to pass we have to have Ic77866ce65acf524b768882c751a4f9c0635740b merged into libosmocore master. Related: OS#1694 Change-Id: I2b687b7f07ef05bbd861b8479cad5a958a3dde92
-rw-r--r--configure.ac1
-rw-r--r--debian/control1
-rw-r--r--src/gprs/Makefile.am3
-rw-r--r--src/gprs/gb_proxy.c16
-rw-r--r--src/gprs/gprs_gmm.c24
-rw-r--r--src/gprs/gprs_llc.c24
-rw-r--r--src/gprs/gprs_sgsn.c9
-rw-r--r--tests/gbproxy/Makefile.am3
-rw-r--r--tests/gbproxy/gbproxy_test.c19
-rw-r--r--tests/sgsn/Makefile.am3
-rw-r--r--tests/sgsn/sgsn_test.c18
-rw-r--r--tests/sndcp_xid/Makefile.am1
-rw-r--r--tests/xid/Makefile.am1
13 files changed, 57 insertions, 66 deletions
diff --git a/configure.ac b/configure.ac
index 2de31cc0..e886fa51 100644
--- a/configure.ac
+++ b/configure.ac
@@ -46,7 +46,6 @@ PKG_CHECK_MODULES(LIBOSMOGSM, libosmogsm >= 0.9.5)
PKG_CHECK_MODULES(LIBOSMOABIS, libosmoabis >= 0.2.0)
PKG_CHECK_MODULES(LIBOSMOGB, libosmogb >= 0.6.4)
PKG_CHECK_MODULES(LIBOSMONETIF, libosmo-netif >= 0.0.1)
-PKG_CHECK_MODULES(LIBCRYPTO, libcrypto >= 0.9.5)
# Enable/disable 3G aka IuPS + IuCS support?
AC_ARG_ENABLE([iu], [AS_HELP_STRING([--enable-iu], [Build 3G support, aka IuPS and IuCS interfaces])],
diff --git a/debian/control b/debian/control
index ce2167ae..330945fc 100644
--- a/debian/control
+++ b/debian/control
@@ -9,7 +9,6 @@ Build-Depends: debhelper (>=9),
automake,
libtool,
pkg-config,
- libssl-dev,
libtalloc-dev,
libc-ares-dev,
libgtp-dev,
diff --git a/src/gprs/Makefile.am b/src/gprs/Makefile.am
index 764acba2..b0fca6f9 100644
--- a/src/gprs/Makefile.am
+++ b/src/gprs/Makefile.am
@@ -15,7 +15,6 @@ AM_CFLAGS = \
$(LIBOSMOGB_CFLAGS) \
$(COVERAGE_CFLAGS) \
$(LIBCARES_CFLAGS) \
- $(LIBCRYPTO_CFLAGS) \
$(LIBGTP_CFLAGS) \
$(NULL)
if BUILD_IU
@@ -61,7 +60,6 @@ osmo_gbproxy_SOURCES = \
$(NULL)
osmo_gbproxy_LDADD = \
$(OSMO_LIBS) \
- $(LIBCRYPTO_LIBS) \
-lrt \
$(NULL)
@@ -97,7 +95,6 @@ osmo_sgsn_LDADD = \
$(OSMO_LIBS) \
$(LIBOSMOABIS_LIBS) \
$(LIBCARES_LIBS) \
- $(LIBCRYPTO_LIBS) \
$(LIBGTP_LIBS) \
-lrt \
-lm \
diff --git a/src/gprs/gb_proxy.c b/src/gprs/gb_proxy.c
index 6a9bc22a..63c3a612 100644
--- a/src/gprs/gb_proxy.c
+++ b/src/gprs/gb_proxy.c
@@ -50,8 +50,6 @@
#include <osmocom/gsm/protocol/gsm_04_08_gprs.h>
#include <osmocom/sgsn/gprs_utils.h>
-#include <openssl/rand.h>
-
extern void *tall_bsc_ctx;
static const struct rate_ctr_desc global_ctr_description[] = {
@@ -232,12 +230,13 @@ uint32_t gbproxy_make_bss_ptmsi(struct gbproxy_peer *peer,
uint32_t sgsn_ptmsi)
{
uint32_t bss_ptmsi;
- int max_retries = 23;
+ int max_retries = 23, rc = 0;
if (!peer->cfg->patch_ptmsi) {
bss_ptmsi = sgsn_ptmsi;
} else {
do {
- if (RAND_bytes((uint8_t *) &bss_ptmsi, sizeof(bss_ptmsi)) != 1) {
+ rc = osmo_get_rand_id((uint8_t *) &bss_ptmsi, sizeof(bss_ptmsi));
+ if (rc < 0) {
bss_ptmsi = GSM_RESERVED_TMSI;
break;
}
@@ -250,7 +249,7 @@ uint32_t gbproxy_make_bss_ptmsi(struct gbproxy_peer *peer,
}
if (bss_ptmsi == GSM_RESERVED_TMSI)
- LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a BSS P-TMSI\n");
+ LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a BSS P-TMSI: %d (%s)\n", rc, strerror(-rc));
return bss_ptmsi;
}
@@ -260,7 +259,7 @@ uint32_t gbproxy_make_sgsn_tlli(struct gbproxy_peer *peer,
uint32_t bss_tlli)
{
uint32_t sgsn_tlli;
- int max_retries = 23;
+ int max_retries = 23, rc = 0;
if (!peer->cfg->patch_ptmsi) {
sgsn_tlli = bss_tlli;
} else if (link_info->sgsn_tlli.ptmsi != GSM_RESERVED_TMSI &&
@@ -274,7 +273,8 @@ uint32_t gbproxy_make_sgsn_tlli(struct gbproxy_peer *peer,
} else {
do {
/* create random TLLI, 0b01111xxx... */
- if (RAND_bytes((uint8_t *) &sgsn_tlli, sizeof(sgsn_tlli)) != 1) {
+ rc = osmo_get_rand_id((uint8_t *) &sgsn_tlli, sizeof(sgsn_tlli));
+ if (rc < 0) {
sgsn_tlli = 0;
break;
}
@@ -287,7 +287,7 @@ uint32_t gbproxy_make_sgsn_tlli(struct gbproxy_peer *peer,
}
if (!sgsn_tlli)
- LOGP(DGPRS, LOGL_ERROR, "Failed to allocate an SGSN TLLI\n");
+ LOGP(DGPRS, LOGL_ERROR, "Failed to allocate an SGSN TLLI: %d (%s)\n", rc, strerror(-rc));
return sgsn_tlli;
}
diff --git a/src/gprs/gprs_gmm.c b/src/gprs/gprs_gmm.c
index f07b806f..ead958ee 100644
--- a/src/gprs/gprs_gmm.c
+++ b/src/gprs/gprs_gmm.c
@@ -31,8 +31,6 @@
#include <arpa/inet.h>
#include <netdb.h>
-#include <openssl/rand.h>
-
#include "bscconfig.h"
#include <osmocom/core/msgb.h>
@@ -587,6 +585,7 @@ static int gsm48_tx_gmm_auth_ciph_req(struct sgsn_mm_ctx *mm,
struct gsm48_hdr *gh;
struct gsm48_auth_ciph_req *acreq;
uint8_t *m_rand, *m_cksn, rbyte;
+ int rc;
LOGMMCTXP(LOGL_INFO, mm, "<- GPRS AUTH AND CIPHERING REQ (rand = %s",
osmo_hexdump(vec->rand, sizeof(vec->rand)));
@@ -610,12 +609,13 @@ static int gsm48_tx_gmm_auth_ciph_req(struct sgsn_mm_ctx *mm,
/* § 10.5.5.7: */
acreq->force_stby = force_standby;
/* 3GPP TS 24.008 § 10.5.5.19: */
- if (RAND_bytes(&rbyte, 1) != 1) {
- LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed for A&C ref, falling "
- "back to rand()\n");
- acreq->ac_ref_nr = rand();
- } else
- acreq->ac_ref_nr = rbyte;
+ rc = osmo_get_rand_id(&rbyte, 1);
+ if (rc < 0) {
+ LOGP(DMM, LOGL_ERROR, "osmo_get_rand_id() failed for A&C ref: %s\n", strerror(-rc));
+ return rc;
+ }
+
+ acreq->ac_ref_nr = rbyte;
mm->ac_ref_nr_used = acreq->ac_ref_nr;
/* Only if authentication is requested we need to set RAND + CKSN */
@@ -2086,6 +2086,7 @@ static void mmctx_timer_cb(void *_mm)
{
struct sgsn_mm_ctx *mm = _mm;
struct gsm_auth_tuple *at;
+ int rc;
mm->num_T_exp++;
@@ -2130,8 +2131,11 @@ static void mmctx_timer_cb(void *_mm)
}
at = &mm->auth_triplet;
- gsm48_tx_gmm_auth_ciph_req(mm, &at->vec, at->key_seq, false);
- osmo_timer_schedule(&mm->timer, sgsn->cfg.timers.T3360, 0);
+ rc = gsm48_tx_gmm_auth_ciph_req(mm, &at->vec, at->key_seq, false);
+ if (rc < 0)
+ LOGMMCTXP(LOGL_ERROR, mm, "failed sending Auth. & Ciph. Reuqest: %s \n", strerror(-rc));
+ else
+ osmo_timer_schedule(&mm->timer, sgsn->cfg.timers.T3360, 0);
break;
case 3370: /* waiting for IDENTITY RESPONSE */
if (mm->num_T_exp >= 5) {
diff --git a/src/gprs/gprs_llc.c b/src/gprs/gprs_llc.c
index 22743fe9..1a7cf3db 100644
--- a/src/gprs/gprs_llc.c
+++ b/src/gprs/gprs_llc.c
@@ -23,8 +23,6 @@
#include <stdint.h>
#include <stdbool.h>
-#include <openssl/rand.h>
-
#include <osmocom/core/msgb.h>
#include <osmocom/core/linuxlist.h>
#include <osmocom/core/timer.h>
@@ -1065,14 +1063,15 @@ int gprs_llgmm_reset(struct gprs_llc_llme *llme)
struct msgb *msg = msgb_alloc_headroom(4096, 1024, "LLC_XID");
struct gprs_llc_lle *lle = &llme->lle[1];
uint8_t xid_bytes[1024];
- int xid_bytes_len;
+ int xid_bytes_len, rc;
uint8_t *xid;
LOGP(DLLC, LOGL_NOTICE, "LLGM Reset\n");
- if (RAND_bytes((uint8_t *) &llme->iov_ui, 4) != 1) {
- LOGP(DLLC, LOGL_NOTICE, "RAND_bytes failed for LLC XID reset, "
- "falling back to rand()\n");
- llme->iov_ui = rand();
+
+ rc = osmo_get_rand_id((uint8_t *) &llme->iov_ui, 4);
+ if (rc < 0) {
+ LOGP(DLLC, LOGL_ERROR, "osmo_get_rand_id() failed for LLC XID reset: %s\n", strerror(-rc));
+ return rc;
}
/* Generate XID message */
@@ -1098,14 +1097,15 @@ int gprs_llgmm_reset_oldmsg(struct msgb* oldmsg, uint8_t sapi,
{
struct msgb *msg = msgb_alloc_headroom(4096, 1024, "LLC_XID");
uint8_t xid_bytes[1024];
- int xid_bytes_len;
+ int xid_bytes_len, rc;
uint8_t *xid;
LOGP(DLLC, LOGL_NOTICE, "LLGM Reset\n");
- if (RAND_bytes((uint8_t *) &llme->iov_ui, 4) != 1) {
- LOGP(DLLC, LOGL_NOTICE, "RAND_bytes failed for LLC XID reset, "
- "falling back to rand()\n");
- llme->iov_ui = rand();
+
+ rc = osmo_get_rand_id((uint8_t *) &llme->iov_ui, 4);
+ if (rc < 0) {
+ LOGP(DLLC, LOGL_ERROR, "osmo_get_rand_id() failed for LLC XID reset: %s\n", strerror(-rc));
+ return rc;
}
/* Generate XID message */
diff --git a/src/gprs/gprs_sgsn.c b/src/gprs/gprs_sgsn.c
index c4321f91..688eaed1 100644
--- a/src/gprs/gprs_sgsn.c
+++ b/src/gprs/gprs_sgsn.c
@@ -46,8 +46,6 @@
#include <time.h>
-#include <openssl/rand.h>
-
#include "../../bscconfig.h"
#if BUILD_IU
@@ -643,10 +641,11 @@ uint32_t sgsn_alloc_ptmsi(void)
{
struct sgsn_mm_ctx *mm;
uint32_t ptmsi = 0xdeadbeef;
- int max_retries = 100;
+ int max_retries = 100, rc = 0;
restart:
- if (RAND_bytes((uint8_t *) &ptmsi, sizeof(ptmsi)) != 1)
+ rc = osmo_get_rand_id((uint8_t *) &ptmsi, sizeof(ptmsi));
+ if (rc < 0)
goto failed;
/* Enforce that the 2 MSB are set without loosing the distance between
@@ -684,7 +683,7 @@ restart:
return ptmsi;
failed:
- LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a P-TMSI\n");
+ LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a P-TMSI: %d (%s)\n", rc, strerror(-rc));
return GSM_RESERVED_TMSI;
}
diff --git a/tests/gbproxy/Makefile.am b/tests/gbproxy/Makefile.am
index 3291839b..ef38fb62 100644
--- a/tests/gbproxy/Makefile.am
+++ b/tests/gbproxy/Makefile.am
@@ -28,7 +28,7 @@ gbproxy_test_SOURCES = \
$(NULL)
gbproxy_test_LDFLAGS = \
- -Wl,--wrap=RAND_bytes \
+ -Wl,--wrap=osmo_get_rand_id \
$(NULL)
gbproxy_test_LDADD = \
@@ -46,6 +46,5 @@ gbproxy_test_LDADD = \
$(LIBOSMOVTY_LIBS) \
$(LIBOSMOABIS_LIBS) \
$(LIBRARY_DL) \
- $(LIBCRYPTO_LIBS) \
-lrt \
$(NULL)
diff --git a/tests/gbproxy/gbproxy_test.c b/tests/gbproxy/gbproxy_test.c
index e8a4ef98..3ebdccba 100644
--- a/tests/gbproxy/gbproxy_test.c
+++ b/tests/gbproxy/gbproxy_test.c
@@ -37,8 +37,6 @@
#include <osmocom/sgsn/gprs_gb_parse.h>
#include <osmocom/sgsn/debug.h>
-#include <openssl/rand.h>
-
#define REMOTE_BSS_ADDR 0x01020304
#define REMOTE_SGSN_ADDR 0x05060708
@@ -55,24 +53,23 @@ struct gbproxy_config gbcfg = {0};
struct llist_head *received_messages = NULL;
-/* override, requires '-Wl,--wrap=RAND_bytes' */
-int __real_RAND_bytes(unsigned char *buf, int num);
-int mock_RAND_bytes(unsigned char *buf, int num);
-int (*RAND_bytes_cb)(unsigned char *, int) =
- &mock_RAND_bytes;
+/* override, requires '-Wl,--wrap=osmo_get_rand_id' */
+int __real_osmo_get_rand_id(uint8_t *data, size_t len);
+int mock_osmo_get_rand_id(uint8_t *data, size_t len);
+int (*osmo_get_rand_id_cb)(uint8_t *, size_t) =
+ &mock_osmo_get_rand_id;
-int __wrap_RAND_bytes(unsigned char *buf, int num)
+int __wrap_osmo_get_rand_id(uint8_t *buf, size_t num)
{
- return (*RAND_bytes_cb)(buf, num);
+ return (*osmo_get_rand_id_cb)(buf, num);
}
static int rand_seq_num = 0;
-int mock_RAND_bytes(unsigned char *buf, int num)
+int mock_osmo_get_rand_id(uint8_t *buf, size_t num)
{
uint32_t val;
OSMO_ASSERT(num == sizeof(val));
- OSMO_ASSERT(__real_RAND_bytes(buf, num) == 1);
val = 0x00dead00 + rand_seq_num;
diff --git a/tests/sgsn/Makefile.am b/tests/sgsn/Makefile.am
index 36026dd5..802811d9 100644
--- a/tests/sgsn/Makefile.am
+++ b/tests/sgsn/Makefile.am
@@ -32,7 +32,7 @@ sgsn_test_SOURCES = \
$(NULL)
sgsn_test_LDFLAGS = \
- -Wl,--wrap=RAND_bytes \
+ -Wl,--wrap=osmo_get_rand_id \
-Wl,--wrap=sgsn_update_subscriber_data \
-Wl,--wrap=gprs_subscr_request_update_location \
-Wl,--wrap=gprs_subscr_request_auth_info \
@@ -67,7 +67,6 @@ sgsn_test_LDADD = \
$(LIBOSMOGSM_LIBS) \
$(LIBOSMOGB_LIBS) \
$(LIBCARES_LIBS) \
- $(LIBCRYPTO_LIBS) \
$(LIBGTP_LIBS) \
-lrt \
-lm \
diff --git a/tests/sgsn/sgsn_test.c b/tests/sgsn/sgsn_test.c
index a4867946..219587a8 100644
--- a/tests/sgsn/sgsn_test.c
+++ b/tests/sgsn/sgsn_test.c
@@ -100,21 +100,21 @@ int bssgp_tx_dl_ud(struct msgb *msg, uint16_t pdu_lifetime,
return 0;
}
-/* override, requires '-Wl,--wrap=RAND_bytes' */
-int __real_RAND_bytes(unsigned char *buf, int num);
-int mock_RAND_bytes(unsigned char *buf, int num);
-int (*RAND_bytes_cb)(unsigned char *, int) =
- &mock_RAND_bytes;
+/* override, requires '-Wl,--wrap=osmo_get_rand_id' */
+int __real_osmo_get_rand_id(uint8_t *data, size_t len);
+int mock_osmo_get_rand_id(uint8_t *data, size_t len);
+int (*osmo_get_rand_id_cb)(uint8_t *, size_t) =
+ &mock_osmo_get_rand_id;
-int __wrap_RAND_bytes(unsigned char *buf, int num)
+int __wrap_osmo_get_rand_id(uint8_t *buf, size_t num)
{
- return (*RAND_bytes_cb)(buf, num);
+ return (*osmo_get_rand_id_cb)(buf, num);
}
/* make results of A&C ref predictable */
-int mock_RAND_bytes(unsigned char *buf, int num)
+int mock_osmo_get_rand_id(uint8_t *buf, size_t num)
{
if (num > 1)
- return __real_RAND_bytes(buf, num);
+ return __real_osmo_get_rand_id(buf, num);
buf[0] = 0;
return 1;
}
diff --git a/tests/sndcp_xid/Makefile.am b/tests/sndcp_xid/Makefile.am
index d09c41b2..fbcb36c5 100644
--- a/tests/sndcp_xid/Makefile.am
+++ b/tests/sndcp_xid/Makefile.am
@@ -14,7 +14,6 @@ sndcp_xid_test_LDADD = \
$(LIBOSMOGSM_LIBS) \
$(LIBOSMOGB_LIBS) \
$(LIBCARES_LIBS) \
- $(LIBCRYPTO_LIBS) \
$(LIBGTP_LIBS) \
-lrt -lm
diff --git a/tests/xid/Makefile.am b/tests/xid/Makefile.am
index 6c3689f1..92876ec3 100644
--- a/tests/xid/Makefile.am
+++ b/tests/xid/Makefile.am
@@ -30,7 +30,6 @@ xid_test_LDADD = \
$(LIBOSMOGSM_LIBS) \
$(LIBOSMOGB_LIBS) \
$(LIBCARES_LIBS) \
- $(LIBCRYPTO_LIBS) \
$(LIBGTP_LIBS) \
-lrt \
-lm \