| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Change-Id: I47d6623b9eca704e3c2537cfb5799a4c0749a7bc
Related: #3701
|
|
|
|
| |
Change-Id: I2075420048b43973c800ba0fc389f4b559437233
|
|
|
|
| |
Change-Id: I351411ca5913c8b40f23287ec7c9ebfe11bd2bb0
|
|
|
|
| |
Change-Id: Id2462c4866bd22bc2338c9c8f69b775f88ae7511
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Change-Id Ia71542ea37d4fd2c9fb9b40357db7aeb111ec576, the old
declaration of gsm0808_create_handover_request_ack() was accidentially
removed from the gsm0808.h header file. The actual function itself
(and the exported symbol) remained for backwards compatibility at
runtime, but removing the declaration from the header file resulted in
build failures across the board of all automatic tests.
Let's re-introduce the old declaration.
Change-Id: I9e96fa675fccca9ee9631caad7559dea3794d490
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
osmo-bsc so far omits the AoIP Transport Layer Address from its Handover
Request Acknowledge message, which breaks inter-BSC Handover for AoIP.
Allow fixing that.
One quirk I really don't like about this: I would prefer to directly use struct
sockaddr_storage as a member of the struct gsm0808_handover_request_ack. Even
though struct sockaddr_storage appears in various function signatures, the
gsm0808.c actually also gets built on embedded systems that lack arpa/inet.h
(for me indicated by the ARM build job on jenkins). Compiling gsm0808.c works
only because the actual coding of struct sockaddr_storage is implemented in
gsm0808_util.c, which (apparently) does not get built on embedded and hence,
even though there are undefined references to e.g.
gsm0808_enc_aoip_trasp_addr() it works.
Related: I4a5acdb2d4a0b947cc0c62067a67be88a3d467ff (osmo-bsc)
Change-Id: Ia71542ea37d4fd2c9fb9b40357db7aeb111ec576
|
|
|
|
|
|
|
| |
In osmo_gsup_decode(), call gsm48_decode_bcd_number2() to avoid deprecation
warning, and also actually check the return value to detect invalid IMSI IEs.
Change-Id: Iaded84d91baad5386c8f353c283b6b9e40a43b05
|
|
|
|
|
|
|
|
| |
gsm48_decode_bcd_number() is marked as deprecated, so
gsm48_decode_bcd_number2() will cause deprecation warnings as long as it calls
gsm48_decode_bcd_number(). Hence move the code to gsm48_decode_bcd_number2().
Change-Id: I81925e9afb3451de9b8a268d482f79ee20ca14d6
|
|
|
|
|
|
|
|
|
| |
The input_len argument for gsm48_decode_bcd_number2() includes the BCD length
*and* the length byte itself, so add the missing +1.
Also clarify the API doc for the input_len argument.
Change-Id: I87599641325c04aae2be224ec350b1a145039528
|
|
|
|
| |
Change-Id: Ib657b1eb55aab400f3682a89bbd428bdee02581c
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For async callbacks it is useful to determine whether a given VTY pointer is still valid.
For example, in osmo-msc, a silent call can be triggered by VTY, which causes a
Paging. The paging_cb then writes to the VTY console that the silent call has
succeeded. Unless the telnet vty session has already ended, in which case
osmo-msc crashes; e.g. from an osmo_interact_vty.py command invocation. With
this function, osmo-msc can ask whether the vty pointer passed to the paging
callback is still active, and skip vty_out() if not.
Change-Id: I42cf2af47283dd42c101faae0fac293c3a68d599
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In BSSMAP messages, at least the Cell Identifier IE can appear more than once.
We have tlv_parse2() which allows decoding into an array of tlv_parsed to
cleanly handle multiple occurences. Hence add osmo_bssap_tlv_parse2() which
supports multiple occurences.
An alternative would be to directly call tlv_parse2() with gsm0808_att_tlvdef()
when multiple T occurences are needed, and I'm not really sure why
osmo_bssap_tlv_parse() exists in the first place. But because it does, add a
similar definition that is capable of handling multiple IEs with identical Tag
discriminator.
Change-Id: Ib9a2095f7498dc2cda2a57154b2dbe4621df72f8
|
|
|
|
|
|
|
|
|
|
|
|
| |
gsm48_decode_bcd_number() is unable to provide proper bounds validation of
input and output data, hence osmo-msc's vlr.c introduced a static
decode_bcd_number_safe() a long time ago. Move to libosmocore.
I need to use the same function to decode an MSISDN during inter-MSC Handover,
instead of making it public in osmo-msc, rather deprecate the unsafe function
and provide a safer version for all callers. Mark the old one deprecated.
Change-Id: Idb6ae6e2f3bea11ad420dae14d021ac36d99e921
|
|
|
|
| |
Change-Id: I9dac375331f6bea744769e973725d58e35f87226
|
|
|
|
|
|
|
|
| |
The actual value-string array 'gsm_chan_t_names' describes
the enum values of 'gsm_chan_t', not 'gsm48_chan_mode'.
Change-Id: Ifc2121b23fb8d07589cc5b7aa8fbf4e27eb6b72b
Fixes: CID#188831, CID#188825
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change two instances of Speech Version values to enum gsm0808_permitted_speech.
It is often not trivial to find the right values for a uint8_t member, giving
the enum name makes it a lot easier/safer to use.
In gsm0808_create_handover_required(), use msgb_tv_put() so that the enum's
storage size doesn't matter. (Already used for handover_performed)
Fix typo in doc of gsm0808_create_handover_required().
Change-Id: I6387836bab76e1fa42daa0f42ab94fc14b70b112
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on a draft created by Neels, which is the result of reading a MAP
trace of two MSCs negotiating inter-MSC handovers, and of reading the
TS 29.002, TS 29.010 and related specs:
https://lists.osmocom.org/pipermail/openbsc/2019-January/012653.html
I figured out that the "Handover Number" mentioned in the specifications
is the same as the MSISDN IE that we already have, so we can use that
instead of creating a new IE (example usage in tests/gsup/gsup_test.c).
Create a new OSMO_GSUP_MSGT_E_ROUTING_ERROR message type, which the GSUP
server uses to tell a client that its message could not be forwarded to
the destination (see [1]). MAP has no related message.
[1]: Change-Id: Ia4f345abc877baaf0a8f73b8988e6514d9589bf5 (osmo-hlr.git)
Related: OS#3774
Change-Id: Ic00b0601eacff6d72927cea51767801142ee75db
|
|
|
|
| |
Change-Id: I01f837ac4c8644c0851c77c3f42eb44353cef0d7
|
|
|
|
| |
Change-Id: Ib08e15dd5d811662de46a1dfdb676b9a5b66b529
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
osmo-msc and osmo-hlr have distinct subsystems handling incoming GSUP messages.
So far we decide entirely by message type which code path should handle a GSUP
message. Thus no GSUP message type may be re-used across subsystems.
If we add a GSUP message to indicate a routing error, it would have to be a
distinct message type for subscriber management, another one for SMS, another
one for USSD...
To allow introducing common message types, introduce a GSUP Message Class IE.
In the presence of this IE, GSUP handlers can trivially direct a received
message to the right code path. If it is missing, handlers can fall back to the
previous switch(message_type) method.
Change-Id: Ic397a9f2c4a7224e47cab944c72e75ca5592efef
|
|
|
|
|
|
|
|
|
|
|
|
| |
Various places in our code base figure out how many chars they need to safely
store an IMSI. An IMSI can have a checksum digit, which is not reflected by
GSM23003_IMSI_MAX_DIGITS. And we usually need a terminating \0.
Instead of having a magic +2 repeated every so often, rather define
OSMO_IMSI_BUF_SIZE to contain both checksum digit and nul char, and have the
explanatory comment with it here in libosmocore.
Change-Id: Id11ada4c96b79f7f0ad58185ab7dbf24622fb770
|
|
|
|
|
| |
Change-Id: Ica7d2d1884b745fe30234d6c50d93828c4930680
Fixes: CID#57700
|
|
|
|
|
|
|
|
|
| |
Calling sizeof() on a pointer would result in getting size of the
pointer (usually 4 or 8 bytes) itself, but not the size of the
memory it points to.
Change-Id: I83f55a9638b75d9097d37992f7c84707791f10f6
Fixes: CID#194266
|
|
|
|
|
|
|
|
|
|
| |
Calling sizeof() on a pointer to dynamically allocated memory would
result in getting size of the pointer (usually 4 or 8 bytes) itself,
but not the size of allocated memory.
Change-Id: I8ffda4dea2b7f9b4b76dfeecad1fab6384c5a62c
Fixes: CID#197629, CID#197628, CID#197627
Fixes: CID#197626, CID#197625, CID#197624
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We often compose FSM instance IDs from context information, for example placing
an MSISDN string or IP:port information in the FSM instance id, using
osmo_fsm_inst_update_id_f(). This fails if any characters are contained that
don't pass osmo_identifier_valid(). Hence it is the task of the caller to make
sure only characters allowed in an FSM id are applied.
Provide API to trivially allow this by replacing illegal chars:
- osmo_identifier_sanitize_buf(), with access to the same set of illegal
characters defined in utils.c,
- osmo_fsm_inst_update_id_f_sanitize() implicitly replaces non-identifier
chars.
This makes it easy to add strings like '192.168.0.1:2342' or '+4987654321' to
an FSM instance id, without adding string mangling to each place that sets an
id; e.g. replacing with '-' to yield '192-168-0-1:2342' or '-4987654321'.
Change-Id: Ia40a6f3b2243c95fe428a080b938e11d8ab771a7
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To be able to append an escaped or quoted string using
OSMO_STRBUF_APPEND_NOLEN(), the function signature must have the buf and len as
first args, like most other *_buf() functions.
Add osmo_escape_str_buf2() and osmo_quote_str_buf2() to match this signature.
A recent patch [1] has changed the return value of osmo_escape_str_buf() to
char*, removing the const. However, the functions may return const strings,
hence re-add the const. The new signatures always return the non-const buffer.
To avoid code duplication, implement osmo_quote_str_buf() and
osmo_escape_str_buf() by calling the new functions.
I decided to allow slight changes to the behavior for current osmo_escape_str()
and osmo_escape_str_buf(), because impact on callers is minimal:
(1) The new implementation uses OSMO_STRBUF_*, and in consequence
osmo_quote_str() no longer prints an ending double quote after truncated
strings; Before, a truncated output was, sic:
"this string is trunca"
and now this becomes, sic:
"this string is truncat
I decided to not keep the old behavior because it is questionable to begin
with. It looks like the string actually ended at the truncation boundary
instead of the reason being not enough space in the output buffer.
(2) The new osmo_escape_str_buf2() function obviously cannot pass-thru an
unchanged char* if no escaping was needed. Sacrifice this tiny optimization
feature to avoid code duplication:
- it is an unnoticeable optimization,
- the caller anyway always passes a string buffer,
- the feature caused handling strings and buffers differently depending on
their content (i.e. code that usually writes out strings in full length
"suddenly" truncates because a non-printable character is contained, etc.)
I considered adding a skip_if_unescaped flag to the osmo_quote_str_buf2()
function signature, but in the end decided that the API clutter is not worth
having for all the above reasons.
Adjust tests to accomodate above changes.
[1] 4a62eda225ab7f3c9556990c81a6fc5e19b5eec8
Ibf85f79e93244f53b2684ff6f1095c5b41203e05
Change-Id: Id748b906b0083b1f1887f2be7a53cae705a8a9ae
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In OSMO_STRBUF_APPEND, use local variable names that are less likely to shadow
other local variables: prefix with _sb_.
In OSMO_STRBUF_APPEND, add a check to add to .pos only if it is not NULL.
Add OSMO_STRBUF_APPEND_NOLEN(), which works for function signatures that don't
return a length. This is useful for any osmo_*_buf() string writing functions,
so that these write directly to the strbuf.
Change-Id: I108cadf72deb3a3bcab9a07e50572d9da1ab0359
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move from a static implementation in tdef_vty.c to utils.c, I also want to use
this in osmo-msc.
The point is that the telnet VTY allows unambiguous partly matches of keyword
args. For example, if I have a command definition of:
compare (apples|oranges)
then it is perfectly legal as for the vty parser to write only
compare app
One could expect the VTY to then pass the unambiguous match of "apples" to the
parsing function, but that is not the case.
Hence a VTY function implementation is faced with parsing a keyword of "app"
instead of the expected "apples".
This is actually a very widespread bug in our VTY implementations, which assume
that exactly one full keyword will always be found. I am now writing new
commands in a way that are able to manage only the starts of keywords.
Arguably, strstr(a, b) == a does the same thing, but it searches the entire
string unnecessarily.
Change-Id: Ib2ffb0e9a870dd52e081c7e66d8818057d159513
|
|
|
|
|
|
| |
Obviously a NULL pointer should return false instead of segfaulting.
Change-Id: Iac025cf4d556cbed99f3924cd9ca05a05881cd9a
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A separate ST_DESTROYING state originally helped with certain deallocation
scenarios. But now that fsm.c avoids re-entering osmo_fsm_inst_term() twice and
gracefully handles FSM instance deallocations for termination cascades, it is
actually just as safe without a separate ST_DESTROYING state. ST_DESTROYING was
used to flag deallocation and prevent entering osmo_fsm_inst_term() twice,
which works only in a very limited range of scenarios.
Remove ST_DESTROYING from fsm_dealloc_test.c to show that all tested scenarios
still clean up gracefully.
Change-Id: I05354e6cad9b82ba474fa50ffd41d481b3c697b4
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add global flag osmo_fsm_term_safely() -- if set to true, enable the following
behavior:
Detect osmo_fsm_inst_term() occuring within osmo_fsm_inst_term():
- collect deallocations until the outermost osmo_fsm_inst_term() is done.
- call osmo_fsm_inst_free() *after* dispatching the parent event.
If a struct osmo_fsm_inst enters osmo_fsm_inst_term() while another is already
within osmo_fsm_inst_term(), do not directly deallocate it, but talloc-reparent
it to a separate talloc context, to be deallocated with the outermost FSM inst.
The effect is that all osmo_fsm_inst freed within an osmo_fsm_inst_term()
cascade will stay allocated until all osmo_fsm_inst_term() are complete and all
of them will be deallocated at the same time.
Mark the deferred deallocation state as __thread in an attempt to make cascaded
deallocation handling threadsafe. Keep the enable/disable flag separate, so
that it is global and not per-thread.
The feature is showcased by fsm_dealloc_test.c: with this feature, all of those
wild deallocation scenarios succeed.
Make fsm_dealloc_test a normal regression test in testsuite.at.
Rationale:
It is difficult to gracefully handle deallocations of groups of FSM instances
that reference each other. As soon as one child dispatching a cleanup event
causes its parent to deallocate before fsm.c was ready for it, deallocation
will hit a use-after-free. Before this patch, by using parent_term events and
distinct "terminating" FSM states, parent/child FSMs can be taught to wait for
all children to deallocate before deallocating the parent. But as soon as a
non-child / non-parent FSM instance is involved, or actually any other
cleanup() action that triggers parent FSMs or parent talloc contexts to become
unused, it is near impossible to think of all possible deallocation events
ricocheting, and to avoid running into freeing FSM instances that were still in
the middle of osmo_fsm_inst_term(), or FSM instances to enter
osmo_fsm_inst_term() more than once. This patch makes deallocation of "all
possible" setups of complex cross referencing FSM instances easy to handle
correctly, without running into use-after-free or double free situations, and,
notably, without changing calling code.
Change-Id: I8eda67540a1cd444491beb7856b9fcd0a3143b18
|
|
|
|
|
|
|
|
|
|
|
| |
To prevent re-entering osmo_fsm_inst_term() twice for the same osmo_fsm_inst,
add flag osmo_fsm_inst.proc.terminating. osmo_fsm_inst_term() sets this to
true, or exits if it already is true.
Update fsm_dealloc_test.err for illustration. It is not relevant for unit
testing yet, just showing the difference.
Change-Id: I0c02d76a86f90c49e0eae2f85db64704c96a7674
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Despite efforts to properly handle "GONE" events and entering a ST_DESTROYING
only once, so far this test runs straight into a heap use-after-free. With
current fsm.c, it is hard to resolve the situation with the objects named
"other" also causing deallocations besides the FSM instance parent/child
relations.
For illustration, add an "expected" test output file fsm_dealloc_test.err,
making this pass will follow in a subsequent patch.
Change-Id: If801907c541bca9f524c9e5fd22ac280ca16979a
|
|
|
|
| |
Change-Id: Id6fd2cd33be1cb7cd7ff6a43bfcfb1f368304522
|
|
|
|
|
|
|
| |
We don't need to know position of matches: just yes or no.
This change would save some computation power.
Change-Id: Id55ffe64cc1a35dd83f61dbb0f9828aa676696f9
|
|
|
|
|
|
| |
There is no need to allocate struct 'walk_cb_params' dynamically.
Change-Id: I96f25f1ddb36b19b12055deaeeb6f58e59180e72
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have a habit of returning static buffers from some functions,
particularly when generating some kind of string values. This is
convenient in terms of memory management, but it comes at the expense
of not being thread-safe, and not allowing for two calls of the
related function within one printf() statement.
Let's introduce _c suffix versions of those functions where the
caller passes in a talloc context from which the output buffer shall
be allocated.
Change-Id: I8481c19b68ff67cfa22abb93c405ebcfcb0ab19b
|
|
|
|
|
|
|
| |
As per 3GPP TS 03.40, section 9.2.3.16 "TP-User-Data-Length (TP-UDL)"
field may contain up to 140 octets (or 140 * 8 / 7 = 160 septets).
Change-Id: I54f88d2908ac47228813fb8c049f4264e5145241
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide a common implementation of use counting that supports naming each user
as well as counting more than just one use per user, depending on the rules the
caller implies.
In osmo-msc, we were originally using a simple int counter to see whether a
connection is still in use or should be discarded. For clarity, we later added
names to each user in the form of a bitmask of flags, to figure out exactly
which users are still active: for logging and to debug double get / double put
bugs. This however is still not adequate, since there may be more than one CM
Service Request pending. Also, it is a specialized implementation that is not
re-usable.
With this generalized implementation, we can:
- fix the problem of inadequate counting of multiple concurrent CM Service
Requests (more than one use count per user category),
- directly use arbitrary names for uses like __func__ or "foo" (no need to
define enums and value_string[]s),
- re-use the same code for e.g. vlr_subscr and get fairly detailed VLR
susbscriber usage logging for free.
Change-Id: Ife31e6798b4e728a23913179e346552a7dd338c0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For handling RTP IP addresses and ports, osmo-mgw, osmo-bsc and osmo-msc
so far have their own separate shims and code duplication around
inet_ntoa(), htons(), sockaddr conversions etc. Unify and standardize
with this common API.
In the MGW endpoint FSM that was introduced in osmo-bsc and which I
would like to re-use for osmo-msc (upcoming patch moving that to
osmo-mgw), it has turned out that using char* IP address and uint16_t
port number types are a convenient common denominator for logging,
MGCP message composition and GSM48. Ongoing osmo-msc work also uses this
for MNCC.
This is of course potentially useful for any other IP+port combinations
besides RTP stream handling.
Needless to say that most current implementations will probably stay
with their current own conversion code for a long time; for current
osmo-{bsc,msc,mgw} work (MGW endpoint FSM) though, I would like to move
to this API here.
Change-Id: Id617265337f09dfb6ddfe111ef5e578cd3dc9f63
|
|
|
|
|
|
|
|
|
|
| |
The function osmo_dump_gsmtime_buf gets a pointer *buf and a parameter
buf_len. The pointer *buf is a string buffer and the function places an
\0 at the end of the buffer before it exists. However it uses
sizeof(buf) as part of the index calculation, which is incorrect. Lets
correct this by using buf_len instead.
Change-Id: Id24263aa7c9a53544f1639b6ceb09ce5615d5114
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have a number of static buffers in use in libosmo*. This means
the related functions are not usable in a thread-safe way. While
we so far don't have many multi-threaded programs in the osmocom
universe, the static buffers also prevent us from calling the same
e.g. string-ify function twice within a single printf() call.
Let's make sure there's an alternative function in all those cases,
where the user can pass in a caller-allocated buffer + size, and make
the 'classic' function with the static buffer a wrapper around that
_buf() variant.
Change-Id: Ibf85f79e93244f53b2684ff6f1095c5b41203e05
|
|
|
|
|
|
|
|
|
|
|
| |
osmo_escape_str_buf() used to have the somewhat odd semantics that
if no escaping was needed, it would return the original pointer without
making any copy to the output buffer. While this seems like an elegant
optimization, it is a very strange behavior and it works differently
than all of our other *_buf() functions. Let's unify the API and
turn osmo_escape_str_buf() into a strlcpy() if no escaping is needed.
Change-Id: I3a02bdb27008a73101c2db41ac04248960ed4064
|
|
|
|
| |
Change-Id: Iedc46ab53a4f76bbd98741c065fad3d9042a34a4
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ipa_ccm_idtag_parse_off is broken, and can only be used with
len_offset=1 on ID Request messages, otherwise won't work correctly.
Modify ipa_ccm_idtag_parse to at least parse those correctly, and
document the limitations.
Those two functions are already deprecated and only used in openbsc by 3
callers:
* ipa_ccm_idtag_parse in ussd_read_cb(): Broken, that function can only
work for Requests and it's used to parse a Response.
* ipa_ccm_idtag_parse_off in forward_sccp_to_msc (NAT): Broken, it can
only be used to parse Requests and it's used to parse a Response.
Furthermore, len_offset=2 is passed which makes no sense and most
probably it fails always, or can even make the program crash.
* ipa_ccm_idtag_parse_off in (answer_challenge): This one is fine and
could actually be replaced with ipa_ccm_id_get_parse after this commit
is merged.
Change-Id: I6efc852dfc041192f554e41a58290a0f63298021
|
|