This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Max gerrit-no-reply at lists.osmocom.orgHello Jenkins Builder, I'd like you to reexamine a change. Please visit https://gerrit.osmocom.org/3821 to look at the new patch set (#5). Migrate from OpenSSL to osmo_get_rand_id() This avoids potential licensing incompatibility and makes integration of Debian packaging patches easier. Related: OS#1694 Change-Id: I2b687b7f07ef05bbd861b8479cad5a958a3dde92 --- M configure.ac M debian/control M src/gprs/Makefile.am M src/gprs/gb_proxy.c M src/gprs/gprs_gmm.c M src/gprs/gprs_llc.c M src/gprs/gprs_sgsn.c M tests/gbproxy/Makefile.am M tests/gbproxy/gbproxy_test.c M tests/sgsn/Makefile.am M tests/sgsn/sgsn_test.c M tests/sndcp_xid/Makefile.am M tests/xid/Makefile.am 13 files changed, 57 insertions(+), 66 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-sgsn refs/changes/21/3821/5 diff --git a/configure.ac b/configure.ac index c8e23e5..7921085 100644 --- a/configure.ac +++ b/configure.ac @@ -47,7 +47,6 @@ PKG_CHECK_MODULES(LIBOSMOGB, libosmogb >= 0.6.4) PKG_CHECK_MODULES(LIBOSMONETIF, libosmo-netif >= 0.0.1) PKG_CHECK_MODULES(LIBOSMOSIGTRAN, libosmo-sigtran) # TODO version? -PKG_CHECK_MODULES(LIBCRYPTO, libcrypto >= 0.9.5) # Enable/disable 3G aka IuPS + IuCS support? AC_ARG_ENABLE([iu], [AS_HELP_STRING([--enable-iu], [Build 3G support, aka IuPS and IuCS interfaces])], diff --git a/debian/control b/debian/control index ce2167a..330945f 100644 --- a/debian/control +++ b/debian/control @@ -9,7 +9,6 @@ automake, libtool, pkg-config, - libssl-dev, libtalloc-dev, libc-ares-dev, libgtp-dev, diff --git a/src/gprs/Makefile.am b/src/gprs/Makefile.am index 654604b..0a88c01 100644 --- a/src/gprs/Makefile.am +++ b/src/gprs/Makefile.am @@ -15,7 +15,6 @@ $(LIBOSMOGB_CFLAGS) \ $(COVERAGE_CFLAGS) \ $(LIBCARES_CFLAGS) \ - $(LIBCRYPTO_CFLAGS) \ $(LIBGTP_CFLAGS) \ $(NULL) if BUILD_IU @@ -63,7 +62,6 @@ $(NULL) osmo_gbproxy_LDADD = \ $(OSMO_LIBS) \ - $(LIBCRYPTO_LIBS) \ -lrt \ $(NULL) @@ -99,7 +97,6 @@ $(OSMO_LIBS) \ $(LIBOSMOABIS_LIBS) \ $(LIBCARES_LIBS) \ - $(LIBCRYPTO_LIBS) \ $(LIBGTP_LIBS) \ -lrt \ -lm \ diff --git a/src/gprs/gb_proxy.c b/src/gprs/gb_proxy.c index 17a0109..09e291b 100644 --- a/src/gprs/gb_proxy.c +++ b/src/gprs/gb_proxy.c @@ -50,8 +50,6 @@ #include <osmocom/gsm/protocol/gsm_04_08_gprs.h> #include <osmocom/sgsn/gprs_utils.h> -#include <openssl/rand.h> - extern void *tall_bsc_ctx; static const struct rate_ctr_desc global_ctr_description[] = { @@ -232,12 +230,13 @@ uint32_t sgsn_ptmsi) { uint32_t bss_ptmsi; - int max_retries = 23; + int max_retries = 23, rc = 0; if (!peer->cfg->patch_ptmsi) { bss_ptmsi = sgsn_ptmsi; } else { do { - if (RAND_bytes((uint8_t *) &bss_ptmsi, sizeof(bss_ptmsi)) != 1) { + rc = osmo_get_rand_id((uint8_t *) &bss_ptmsi, sizeof(bss_ptmsi)); + if (rc < 0) { bss_ptmsi = GSM_RESERVED_TMSI; break; } @@ -250,7 +249,7 @@ } if (bss_ptmsi == GSM_RESERVED_TMSI) - LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a BSS P-TMSI\n"); + LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a BSS P-TMSI: %d (%s)\n", rc, strerror(-rc)); return bss_ptmsi; } @@ -260,7 +259,7 @@ uint32_t bss_tlli) { uint32_t sgsn_tlli; - int max_retries = 23; + int max_retries = 23, rc = 0; if (!peer->cfg->patch_ptmsi) { sgsn_tlli = bss_tlli; } else if (link_info->sgsn_tlli.ptmsi != GSM_RESERVED_TMSI && @@ -274,7 +273,8 @@ } else { do { /* create random TLLI, 0b01111xxx... */ - if (RAND_bytes((uint8_t *) &sgsn_tlli, sizeof(sgsn_tlli)) != 1) { + rc = osmo_get_rand_id((uint8_t *) &sgsn_tlli, sizeof(sgsn_tlli)); + if (rc < 0) { sgsn_tlli = 0; break; } @@ -287,7 +287,7 @@ } if (!sgsn_tlli) - LOGP(DGPRS, LOGL_ERROR, "Failed to allocate an SGSN TLLI\n"); + LOGP(DGPRS, LOGL_ERROR, "Failed to allocate an SGSN TLLI: %d (%s)\n", rc, strerror(-rc)); return sgsn_tlli; } diff --git a/src/gprs/gprs_gmm.c b/src/gprs/gprs_gmm.c index 7e109b4..0ebe65a 100644 --- a/src/gprs/gprs_gmm.c +++ b/src/gprs/gprs_gmm.c @@ -31,8 +31,6 @@ #include <arpa/inet.h> #include <netdb.h> -#include <openssl/rand.h> - #include "bscconfig.h" #include <osmocom/core/msgb.h> @@ -585,6 +583,7 @@ struct gsm48_hdr *gh; struct gsm48_auth_ciph_req *acreq; uint8_t *m_rand, *m_cksn, rbyte; + int rc; LOGMMCTXP(LOGL_INFO, mm, "<- GPRS AUTH AND CIPHERING REQ (rand = %s", osmo_hexdump(vec->rand, sizeof(vec->rand))); @@ -608,12 +607,13 @@ /* § 10.5.5.7: */ acreq->force_stby = force_standby; /* 3GPP TS 24.008 § 10.5.5.19: */ - if (RAND_bytes(&rbyte, 1) != 1) { - LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed for A&C ref, falling " - "back to rand()\n"); - acreq->ac_ref_nr = rand(); - } else - acreq->ac_ref_nr = rbyte; + rc = osmo_get_rand_id(&rbyte, 1); + if (rc < 0) { + LOGP(DMM, LOGL_ERROR, "osmo_get_rand_id() failed for A&C ref: %s\n", strerror(-rc)); + return rc; + } + + acreq->ac_ref_nr = rbyte; mm->ac_ref_nr_used = acreq->ac_ref_nr; /* Only if authentication is requested we need to set RAND + CKSN */ @@ -2078,6 +2078,7 @@ { struct sgsn_mm_ctx *mm = _mm; struct gsm_auth_tuple *at; + int rc; mm->num_T_exp++; @@ -2122,8 +2123,11 @@ } at = &mm->auth_triplet; - gsm48_tx_gmm_auth_ciph_req(mm, &at->vec, at->key_seq, false); - osmo_timer_schedule(&mm->timer, sgsn->cfg.timers.T3360, 0); + rc = gsm48_tx_gmm_auth_ciph_req(mm, &at->vec, at->key_seq, false); + if (rc < 0) + LOGMMCTXP(LOGL_ERROR, mm, "failed sending Auth. & Ciph. Reuqest: %s \n", strerror(-rc)); + else + osmo_timer_schedule(&mm->timer, sgsn->cfg.timers.T3360, 0); break; case 3370: /* waiting for IDENTITY RESPONSE */ if (mm->num_T_exp >= 5) { diff --git a/src/gprs/gprs_llc.c b/src/gprs/gprs_llc.c index 22743fe..1a7cf3d 100644 --- a/src/gprs/gprs_llc.c +++ b/src/gprs/gprs_llc.c @@ -23,8 +23,6 @@ #include <stdint.h> #include <stdbool.h> -#include <openssl/rand.h> - #include <osmocom/core/msgb.h> #include <osmocom/core/linuxlist.h> #include <osmocom/core/timer.h> @@ -1065,14 +1063,15 @@ struct msgb *msg = msgb_alloc_headroom(4096, 1024, "LLC_XID"); struct gprs_llc_lle *lle = &llme->lle[1]; uint8_t xid_bytes[1024]; - int xid_bytes_len; + int xid_bytes_len, rc; uint8_t *xid; LOGP(DLLC, LOGL_NOTICE, "LLGM Reset\n"); - if (RAND_bytes((uint8_t *) &llme->iov_ui, 4) != 1) { - LOGP(DLLC, LOGL_NOTICE, "RAND_bytes failed for LLC XID reset, " - "falling back to rand()\n"); - llme->iov_ui = rand(); + + rc = osmo_get_rand_id((uint8_t *) &llme->iov_ui, 4); + if (rc < 0) { + LOGP(DLLC, LOGL_ERROR, "osmo_get_rand_id() failed for LLC XID reset: %s\n", strerror(-rc)); + return rc; } /* Generate XID message */ @@ -1098,14 +1097,15 @@ { struct msgb *msg = msgb_alloc_headroom(4096, 1024, "LLC_XID"); uint8_t xid_bytes[1024]; - int xid_bytes_len; + int xid_bytes_len, rc; uint8_t *xid; LOGP(DLLC, LOGL_NOTICE, "LLGM Reset\n"); - if (RAND_bytes((uint8_t *) &llme->iov_ui, 4) != 1) { - LOGP(DLLC, LOGL_NOTICE, "RAND_bytes failed for LLC XID reset, " - "falling back to rand()\n"); - llme->iov_ui = rand(); + + rc = osmo_get_rand_id((uint8_t *) &llme->iov_ui, 4); + if (rc < 0) { + LOGP(DLLC, LOGL_ERROR, "osmo_get_rand_id() failed for LLC XID reset: %s\n", strerror(-rc)); + return rc; } /* Generate XID message */ diff --git a/src/gprs/gprs_sgsn.c b/src/gprs/gprs_sgsn.c index 4cd3df1..abe4fab 100644 --- a/src/gprs/gprs_sgsn.c +++ b/src/gprs/gprs_sgsn.c @@ -46,8 +46,6 @@ #include <time.h> -#include <openssl/rand.h> - #include "../../bscconfig.h" #if BUILD_IU @@ -641,10 +639,11 @@ { struct sgsn_mm_ctx *mm; uint32_t ptmsi = 0xdeadbeef; - int max_retries = 100; + int max_retries = 100, rc = 0; restart: - if (RAND_bytes((uint8_t *) &ptmsi, sizeof(ptmsi)) != 1) + rc = osmo_get_rand_id((uint8_t *) &ptmsi, sizeof(ptmsi)); + if (rc < 0) goto failed; /* Enforce that the 2 MSB are set without loosing the distance between @@ -682,7 +681,7 @@ return ptmsi; failed: - LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a P-TMSI\n"); + LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a P-TMSI: %d (%s)\n", rc, strerror(-rc)); return GSM_RESERVED_TMSI; } diff --git a/tests/gbproxy/Makefile.am b/tests/gbproxy/Makefile.am index 3291839..ef38fb6 100644 --- a/tests/gbproxy/Makefile.am +++ b/tests/gbproxy/Makefile.am @@ -28,7 +28,7 @@ $(NULL) gbproxy_test_LDFLAGS = \ - -Wl,--wrap=RAND_bytes \ + -Wl,--wrap=osmo_get_rand_id \ $(NULL) gbproxy_test_LDADD = \ @@ -46,6 +46,5 @@ $(LIBOSMOVTY_LIBS) \ $(LIBOSMOABIS_LIBS) \ $(LIBRARY_DL) \ - $(LIBCRYPTO_LIBS) \ -lrt \ $(NULL) diff --git a/tests/gbproxy/gbproxy_test.c b/tests/gbproxy/gbproxy_test.c index e8a4ef9..3ebdccb 100644 --- a/tests/gbproxy/gbproxy_test.c +++ b/tests/gbproxy/gbproxy_test.c @@ -37,8 +37,6 @@ #include <osmocom/sgsn/gprs_gb_parse.h> #include <osmocom/sgsn/debug.h> -#include <openssl/rand.h> - #define REMOTE_BSS_ADDR 0x01020304 #define REMOTE_SGSN_ADDR 0x05060708 @@ -55,24 +53,23 @@ struct llist_head *received_messages = NULL; -/* override, requires '-Wl,--wrap=RAND_bytes' */ -int __real_RAND_bytes(unsigned char *buf, int num); -int mock_RAND_bytes(unsigned char *buf, int num); -int (*RAND_bytes_cb)(unsigned char *, int) = - &mock_RAND_bytes; +/* override, requires '-Wl,--wrap=osmo_get_rand_id' */ +int __real_osmo_get_rand_id(uint8_t *data, size_t len); +int mock_osmo_get_rand_id(uint8_t *data, size_t len); +int (*osmo_get_rand_id_cb)(uint8_t *, size_t) = + &mock_osmo_get_rand_id; -int __wrap_RAND_bytes(unsigned char *buf, int num) +int __wrap_osmo_get_rand_id(uint8_t *buf, size_t num) { - return (*RAND_bytes_cb)(buf, num); + return (*osmo_get_rand_id_cb)(buf, num); } static int rand_seq_num = 0; -int mock_RAND_bytes(unsigned char *buf, int num) +int mock_osmo_get_rand_id(uint8_t *buf, size_t num) { uint32_t val; OSMO_ASSERT(num == sizeof(val)); - OSMO_ASSERT(__real_RAND_bytes(buf, num) == 1); val = 0x00dead00 + rand_seq_num; diff --git a/tests/sgsn/Makefile.am b/tests/sgsn/Makefile.am index 36026dd..802811d 100644 --- a/tests/sgsn/Makefile.am +++ b/tests/sgsn/Makefile.am @@ -32,7 +32,7 @@ $(NULL) sgsn_test_LDFLAGS = \ - -Wl,--wrap=RAND_bytes \ + -Wl,--wrap=osmo_get_rand_id \ -Wl,--wrap=sgsn_update_subscriber_data \ -Wl,--wrap=gprs_subscr_request_update_location \ -Wl,--wrap=gprs_subscr_request_auth_info \ @@ -67,7 +67,6 @@ $(LIBOSMOGSM_LIBS) \ $(LIBOSMOGB_LIBS) \ $(LIBCARES_LIBS) \ - $(LIBCRYPTO_LIBS) \ $(LIBGTP_LIBS) \ -lrt \ -lm \ diff --git a/tests/sgsn/sgsn_test.c b/tests/sgsn/sgsn_test.c index a486794..219587a 100644 --- a/tests/sgsn/sgsn_test.c +++ b/tests/sgsn/sgsn_test.c @@ -100,21 +100,21 @@ return 0; } -/* override, requires '-Wl,--wrap=RAND_bytes' */ -int __real_RAND_bytes(unsigned char *buf, int num); -int mock_RAND_bytes(unsigned char *buf, int num); -int (*RAND_bytes_cb)(unsigned char *, int) = - &mock_RAND_bytes; +/* override, requires '-Wl,--wrap=osmo_get_rand_id' */ +int __real_osmo_get_rand_id(uint8_t *data, size_t len); +int mock_osmo_get_rand_id(uint8_t *data, size_t len); +int (*osmo_get_rand_id_cb)(uint8_t *, size_t) = + &mock_osmo_get_rand_id; -int __wrap_RAND_bytes(unsigned char *buf, int num) +int __wrap_osmo_get_rand_id(uint8_t *buf, size_t num) { - return (*RAND_bytes_cb)(buf, num); + return (*osmo_get_rand_id_cb)(buf, num); } /* make results of A&C ref predictable */ -int mock_RAND_bytes(unsigned char *buf, int num) +int mock_osmo_get_rand_id(uint8_t *buf, size_t num) { if (num > 1) - return __real_RAND_bytes(buf, num); + return __real_osmo_get_rand_id(buf, num); buf[0] = 0; return 1; } diff --git a/tests/sndcp_xid/Makefile.am b/tests/sndcp_xid/Makefile.am index d09c41b..fbcb36c 100644 --- a/tests/sndcp_xid/Makefile.am +++ b/tests/sndcp_xid/Makefile.am @@ -14,7 +14,6 @@ $(LIBOSMOGSM_LIBS) \ $(LIBOSMOGB_LIBS) \ $(LIBCARES_LIBS) \ - $(LIBCRYPTO_LIBS) \ $(LIBGTP_LIBS) \ -lrt -lm diff --git a/tests/xid/Makefile.am b/tests/xid/Makefile.am index 6c3689f..92876ec 100644 --- a/tests/xid/Makefile.am +++ b/tests/xid/Makefile.am @@ -30,7 +30,6 @@ $(LIBOSMOGSM_LIBS) \ $(LIBOSMOGB_LIBS) \ $(LIBCARES_LIBS) \ - $(LIBCRYPTO_LIBS) \ $(LIBGTP_LIBS) \ -lrt \ -lm \ -- To view, visit https://gerrit.osmocom.org/3821 To unsubscribe, visit https://gerrit.osmocom.org/settings Gerrit-MessageType: newpatchset Gerrit-Change-Id: I2b687b7f07ef05bbd861b8479cad5a958a3dde92 Gerrit-PatchSet: 5 Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-Owner: Max <msuraev at sysmocom.de> Gerrit-Reviewer: Jenkins Builder