- gerrit-log - lists.osmocom.org

[S] Change in dahdi-linux[master]: icE1usb: Fix "typo" in ALL_RY_ALARMS

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36692?usp=email ) Change subject: icE1usb: Fix "typo" in ALL_RY_ALARMS ...................................................................... icE1usb: Fix "typo" in ALL_RY_ALARMS Obviously it's the DADHDI constant that should be used, not the ICE1USB one ... Change-Id: Ib0ef30f629d3e463871a0ee3ab6b0b94cb511804 Signed-off-by: Sylvain Munaut <tnt(a)246tNt.com> --- M drivers/dahdi/icE1usb/icE1usb.c 1 file changed, 14 insertions(+), 1 deletion(-) Approvals: laforge: Looks good to me, approved Jenkins Builder: Verified diff --git a/drivers/dahdi/icE1usb/icE1usb.c b/drivers/dahdi/icE1usb/icE1usb.c index 06ec443..1656b3a 100644 --- a/drivers/dahdi/icE1usb/icE1usb.c +++ b/drivers/dahdi/icE1usb/icE1usb.c @@ -592,7 +592,7 @@ } #define ALL_RY_ALARMS (DAHDI_ALARM_RED | DAHDI_ALARM_YELLOW | \ - DAHDI_ALARM_LFA | DAHDI_ALARM_LMFA | ICE1USB_ERR_F_LOS) + DAHDI_ALARM_LFA | DAHDI_ALARM_LMFA | DAHDI_ALARM_LOS) /* interrupt EP completes: Process and resubmit */ static void ice1usb_irq_complete(struct urb *urb) -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36692?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: Ib0ef30f629d3e463871a0ee3ab6b0b94cb511804 Gerrit-Change-Number: 36692 Gerrit-PatchSet: 2 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-MessageType: merged

5 days, 11 hours

1
0
0 0

[M] Change in dahdi-linux[master]: icE1usb: Configure the RX mode according to CRC4 mode

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36655?usp=email ) Change subject: icE1usb: Configure the RX mode according to CRC4 mode ...................................................................... Patch Set 2: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36655?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: Ic9da7d2a32f9aa9bf5de296dc4885eeaf56b138e Gerrit-Change-Number: 36655 Gerrit-PatchSet: 2 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Thu, 02 May 2024 11:25:09 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

5 days, 11 hours

1
0
0 0

[S] Change in ...osmo-python-tests[master]: fix "SyntaxWarning: invalid escape sequence '\('"

by fixeria

fixeria has uploaded this change for review. ( https://gerrit.osmocom.org/c/python/osmo-python-tests/+/36707?usp=email ) Change subject: fix "SyntaxWarning: invalid escape sequence '$'" ...................................................................... fix "SyntaxWarning: invalid escape sequence '\('" This is a new warning introduced in Python 3.12: https://docs.python.org/dev/whatsnew/3.12.html#other-language-changes Python 3 interprets string literals as Unicode strings, and so '\(' is treated as an escaped Unicode character. Fix this by prefixing the regexp strings with 'r' and thus converting them to raw strings. Change-Id: I7a9f546dc7cdf9bc250516a58f35b50b46017dc3 --- M osmopy/obscvty.py M osmopy/osmo_interact/ctrl.py M osmopy/osmo_interact/vty.py 3 files changed, 21 insertions(+), 4 deletions(-) git pull ssh://gerrit.osmocom.org:29418/python/osmo-python-tests refs/changes/07/36707/1 diff --git a/osmopy/obscvty.py b/osmopy/obscvty.py index 6b7d56c..5789f98 100755 --- a/osmopy/obscvty.py +++ b/osmopy/obscvty.py @@ -65,8 +65,8 @@ self.port = port self.socket = None - self.norm_end = re.compile('\r\n%s(?:\(([\w-]*)$)?> $' % self.name) - self.priv_end = re.compile('\r\n%s(?:$([\w-]*)$)?# $' % self.name) + self.norm_end = re.compile(r'\r\n%s(?:$([\w-]*)$)?> $' % self.name) + self.priv_end = re.compile(r'\r\n%s(?:$([\w-]*)$)?# $' % self.name) self.last_node = '' def _connect_socket(self): diff --git a/osmopy/osmo_interact/ctrl.py b/osmopy/osmo_interact/ctrl.py index 85e7554..375920b 100755 --- a/osmopy/osmo_interact/ctrl.py +++ b/osmopy/osmo_interact/ctrl.py @@ -32,7 +32,7 @@ class InteractCtrl(Interact): next_id = 1 keep_ids = True - re_command = re.compile('^(SET|GET) ([^ ]*) (.*)$') + re_command = re.compile(r'^(SET|GET) ([^ ]*) (.*)$') class CtrlStep(Interact.StepBase): diff --git a/osmopy/osmo_interact/vty.py b/osmopy/osmo_interact/vty.py index 1cc299c..851b0eb 100755 --- a/osmopy/osmo_interact/vty.py +++ b/osmopy/osmo_interact/vty.py @@ -95,7 +95,7 @@ if not self.prompt: raise Exception('Could not find application name; needed to decode prompts.' ' Initial data was: %r' % data) - self.re_prompt = re.compile('^%s(?:$([\w-]*)$)?([#>]) (.*)$' % re.escape(self.prompt)) + self.re_prompt = re.compile(r'^%s(?:$([\w-]*)$)?([#>]) (.*)$' % re.escape(self.prompt)) def _command(self, command_str, timeout=10): self.socket.send(command_str.encode()) -- To view, visit https://gerrit.osmocom.org/c/python/osmo-python-tests/+/36707?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: python/osmo-python-tests Gerrit-Branch: master Gerrit-Change-Id: I7a9f546dc7cdf9bc250516a58f35b50b46017dc3 Gerrit-Change-Number: 36707 Gerrit-PatchSet: 1 Gerrit-Owner: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-MessageType: newchange

5 days, 12 hours

1
0
0 0

[S] Change in osmo-upf[master]: contrib/systemd: AmbientCapabilities=CAP_NET_ADMIN

by osmith

osmith has submitted this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/36670?usp=email ) Change subject: contrib/systemd: AmbientCapabilities=CAP_NET_ADMIN ...................................................................... contrib/systemd: AmbientCapabilities=CAP_NET_ADMIN Set CAP_NET_ADMIN so osmo-upf can set up GTP tunends and tunmaps even if running as user. Fix for: Operation not permitted (you must be root) netlink: Error: cache initialization failed: Operation not permitted 20240430095022378 DNFT ERROR error running nft ruleset: rc=-1 ruleset="add table inet osmo-upf { flags owner; };\n" (upf_nft.c:79) 20240430095022378 DNFT ERROR Failed to create nft table "osmo-upf" (upf_nft.c:111) Fixes: OS#6444 Change-Id: I17b21ad92837ad360d667248f3f002d44251891c --- M contrib/systemd/osmo-upf.service 1 file changed, 20 insertions(+), 0 deletions(-) Approvals: Jenkins Builder: Verified fixeria: Looks good to me, but someone else must approve pespin: Looks good to me, approved diff --git a/contrib/systemd/osmo-upf.service b/contrib/systemd/osmo-upf.service index 93dd84f..ccb4f4f 100644 --- a/contrib/systemd/osmo-upf.service +++ b/contrib/systemd/osmo-upf.service @@ -12,6 +12,7 @@ Group=osmocom ExecStart=/usr/bin/osmo-upf -c /etc/osmocom/osmo-upf.cfg RestartSec=2 +AmbientCapabilities=CAP_NET_ADMIN [Install] WantedBy=multi-user.target -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/36670?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: I17b21ad92837ad360d667248f3f002d44251891c Gerrit-Change-Number: 36670 Gerrit-PatchSet: 2 Gerrit-Owner: osmith <osmith(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-Reviewer: osmith <osmith(a)sysmocom.de> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-MessageType: merged

5 days, 14 hours

1
0
0 0

[S] Change in osmo-bts[master]: rsl.adoc: document RSL_IE_OSMO_RTP_EXTENSIONS

by falconia

falconia has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-bts/+/36706?usp=email ) Change subject: rsl.adoc: document RSL_IE_OSMO_RTP_EXTENSIONS ...................................................................... rsl.adoc: document RSL_IE_OSMO_RTP_EXTENSIONS This addition to Abis RSL is an Osmocom-specific IE, intended for Osmocom flavor of Abis over IP. It requests the use of non-standard enhanced RTP transport formats. Change-Id: I6117049b17ced5fb6635ac70d9238169033af4de --- M doc/manuals/abis/rsl.adoc 1 file changed, 42 insertions(+), 0 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-bts refs/changes/06/36706/1 diff --git a/doc/manuals/abis/rsl.adoc b/doc/manuals/abis/rsl.adoc index e627f5c..09c7207 100644 --- a/doc/manuals/abis/rsl.adoc +++ b/doc/manuals/abis/rsl.adoc @@ -518,6 +518,7 @@ | IP Speech Mode | <<RSL_IE_IPAC_SPEECH_MODE>> | O | TV | 2 | RTP Payload Type 2 | <<RSL_IE_IPAC_RTP_PAYLOAD2>> | O | TV | 2 | RTP CSD Format | <<RSL_IE_IPAC_RTP_CSD_FORMAT>> | O | TV | 2 +| RTP Extensions | <<RSL_IE_OSMO_RTP_EXTENSIONS>> | O | TLV | 3 |=== [[rsl_crcx_msg_ack]] @@ -579,6 +580,7 @@ | IP Speech Mode | <<RSL_IE_IPAC_SPEECH_MODE>> | O | TV | 2 | RTP Payload Type 2 | <<RSL_IE_IPAC_RTP_PAYLOAD2>> | O | TV | 2 | RTP CSD Format | <<RSL_IE_IPAC_RTP_CSD_FORMAT>> | O | TV | 2 +| RTP Extensions | <<RSL_IE_OSMO_RTP_EXTENSIONS>> | O | TLV | 3 |=== [[rsl_mdcx_msg_ack]] @@ -867,6 +869,9 @@ | 0x01 | RSL_IE_CHAN_NR | <<RSL_IE_CHAN_NR>> | 0x60 | RSL_IE_OSMO_REP_ACCH_CAP | <<RSL_IE_OSMO_REP_ACCH_CAP>> | 0x61 | RSL_IE_OSMO_TRAINING_SEQUENCE | <<RSL_IE_OSMO_TRAINING_SEQUENCE>> +| 0x62 | RSL_IE_OSMO_TEMP_OVP_ACCH_CAP | <<RSL_IE_OSMO_TEMP_OVP_ACCH_CAP>> +| 0x63 | RSL_IE_OSMO_OSMUX_CID | <<RSL_IE_OSMO_OSMUX_CID>> +| 0x64 | RSL_IE_OSMO_RTP_EXTENSIONS | <<RSL_IE_OSMO_RTP_EXTENSIONS>> | 0xf0 | RSL_IE_IPAC_REMOTE_IP | <<RSL_IE_IPAC_REMOTE_IP>> | 0xf1 | RSL_IE_IPAC_REMOTE_PORT | <<RSL_IE_IPAC_REMOTE_PORT>> | 0xf3 | RSL_IE_IPAC_LOCAL_PORT | <<RSL_IE_IPAC_LOCAL_PORT>> @@ -1089,6 +1094,30 @@ | 8..255 | reserved values |=== +[[RSL_IE_OSMO_TEMP_OVP_ACCH_CAP]] +==== RSL_IE_OSMO_TEMP_OVP_ACCH_CAP + +FIXME. + +[[RSL_IE_OSMO_OSMUX_CID]] +==== RSL_IE_OSMO_OSMUX_CID + +FIXME. + +[[RSL_IE_OSMO_RTP_EXTENSIONS]] +==== RSL_IE_OSMO_RTP_EXTENSIONS + +This information element requests the use of non-standard enhanced RTP +transport formats, currently TW-TS-001 and TW-TS-002, but possibly +other formats in the future. +Only the first octet is currently defined, any additional octets +are for future expansion. + +The first octet of this IE has the same bit definitions as in TW-TS-003: +the least significant bit indicates the use of TW-TS-001, the second +least significant bit indicates the use of TW-TS-002, and all other bits +are reserved. + [[RSL_IE_IPAC_RTP_CSD_FORMAT]] ==== RSL_IE_IPAC_RTP_CSD_FORMAT -- To view, visit https://gerrit.osmocom.org/c/osmo-bts/+/36706?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-bts Gerrit-Branch: master Gerrit-Change-Id: I6117049b17ced5fb6635ac70d9238169033af4de Gerrit-Change-Number: 36706 Gerrit-PatchSet: 1 Gerrit-Owner: falconia <falcon(a)freecalypso.org> Gerrit-MessageType: newchange

5 days, 23 hours

1
0
0 0

[S] Change in libosmocore[master]: rsl: define RSL_IE_OSMO_RTP_EXTENSIONS

by falconia

falconia has uploaded this change for review. ( https://gerrit.osmocom.org/c/libosmocore/+/36705?usp=email ) Change subject: rsl: define RSL_IE_OSMO_RTP_EXTENSIONS ...................................................................... rsl: define RSL_IE_OSMO_RTP_EXTENSIONS This addition to Abis RSL is an Osmocom-specific IE, intended for Osmocom flavor of Abis over IP. It requests the use of non-standard enhanced RTP transport formats. Complete description of this new IE appears in the accompanying patch to OsmoBTS Abis Protocol Specification document in osmo-bts repository. Change-Id: I9ac692062e05f859ba56235375bdc10f212cb2c0 --- M include/osmocom/gsm/protocol/gsm_08_58.h M src/gsm/rsl.c 2 files changed, 17 insertions(+), 0 deletions(-) git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/05/36705/1 diff --git a/include/osmocom/gsm/protocol/gsm_08_58.h b/include/osmocom/gsm/protocol/gsm_08_58.h index e8758df..13e84ba 100644 --- a/include/osmocom/gsm/protocol/gsm_08_58.h +++ b/include/osmocom/gsm/protocol/gsm_08_58.h @@ -373,6 +373,7 @@ RSL_IE_OSMO_TRAINING_SEQUENCE = 0x61, RSL_IE_OSMO_TEMP_OVP_ACCH_CAP = 0x62, RSL_IE_OSMO_OSMUX_CID = 0x63, + RSL_IE_OSMO_RTP_EXTENSIONS = 0x64, /* ip.access */ RSL_IE_IPAC_SRTP_CONFIG = 0xe0, diff --git a/src/gsm/rsl.c b/src/gsm/rsl.c index fbba982..c7d69a1 100644 --- a/src/gsm/rsl.c +++ b/src/gsm/rsl.c @@ -126,6 +126,7 @@ [RSL_IE_OSMO_TRAINING_SEQUENCE] = { TLV_TYPE_TLV }, [RSL_IE_OSMO_TEMP_OVP_ACCH_CAP] = { TLV_TYPE_TLV }, [RSL_IE_OSMO_OSMUX_CID] = { TLV_TYPE_TLV }, + [RSL_IE_OSMO_RTP_EXTENSIONS] = { TLV_TYPE_TLV }, [RSL_IE_IPAC_SRTP_CONFIG] = { TLV_TYPE_TLV }, [RSL_IE_IPAC_PROXY_UDP] = { TLV_TYPE_FIXED, 2 }, [RSL_IE_IPAC_BSCMPL_TOUT] = { TLV_TYPE_TV }, -- To view, visit https://gerrit.osmocom.org/c/libosmocore/+/36705?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: libosmocore Gerrit-Branch: master Gerrit-Change-Id: I9ac692062e05f859ba56235375bdc10f212cb2c0 Gerrit-Change-Number: 36705 Gerrit-PatchSet: 1 Gerrit-Owner: falconia <falcon(a)freecalypso.org> Gerrit-MessageType: newchange

5 days, 23 hours

1
0
0 0

[S] Change in libosmocore[master]: bts_features: add feature flags for TWTS001 and TWTS002

by falconia

falconia has uploaded this change for review. ( https://gerrit.osmocom.org/c/libosmocore/+/36704?usp=email ) Change subject: bts_features: add feature flags for TWTS001 and TWTS002 ...................................................................... bts_features: add feature flags for TWTS001 and TWTS002 TW-TS-001 and TW-TS-002 (Themyscira Wireless Technical Specifications) are enhanced RTP payload formats that replicate the functionality and semantics of 3GPP TS 48.060 and 48.061 (respectively) over IP transport. Companion spec TW-TS-003 defines a BSSMAP extension whereby the CN tells the BSS that it wishes to use these otherwise non-standard RTP formats - but these RTP extensions need to originate at the BTS, as their main purpose is to pass along information that is otherwise lost in RTP transport with standard payload formats. Define feature flags whereby OsmoBTS can tell OsmoBSC that it supports these RTP extensions. Change-Id: Ia2cd1d5fa37e9d10927ca5d6cad79ec538fd0a11 --- M include/osmocom/gsm/bts_features.h M src/gsm/bts_features.c 2 files changed, 27 insertions(+), 0 deletions(-) git pull ssh://gerrit.osmocom.org:29418/libosmocore refs/changes/04/36704/1 diff --git a/include/osmocom/gsm/bts_features.h b/include/osmocom/gsm/bts_features.h index cf1db4a..8da08d8 100644 --- a/include/osmocom/gsm/bts_features.h +++ b/include/osmocom/gsm/bts_features.h @@ -36,6 +36,8 @@ BTS_FEAT_OSMUX, /* Osmux (Osmocom RTP muxing) support */ BTS_FEAT_VBS, /* Voice Broadcast Service support, 3GPP TS 43.069 */ BTS_FEAT_VGCS, /* Voice Group Call Service support, 3GPP TS 44.068 */ + BTS_FEAT_TWTS001, /* TW-TS-001: enhanced RTP transport for FR & EFR */ + BTS_FEAT_TWTS002, /* TW-TS-002: enhanced RTP transport for HRv1 */ _NUM_BTS_FEAT }; diff --git a/src/gsm/bts_features.c b/src/gsm/bts_features.c index b6cd82e..158937a 100644 --- a/src/gsm/bts_features.c +++ b/src/gsm/bts_features.c @@ -47,6 +47,8 @@ { BTS_FEAT_OSMUX, "Osmux (Osmocom RTP multiplexing)" }, { BTS_FEAT_VBS, "Voice Broadcast Service" }, { BTS_FEAT_VGCS, "Voice Group Call Service" }, + { BTS_FEAT_TWTS001, "TW-TS-001 RTP format" }, + { BTS_FEAT_TWTS002, "TW-TS-002 RTP format" }, { 0, NULL } }; @@ -88,6 +90,8 @@ { BTS_FEAT_OSMUX, "OSMUX" }, { BTS_FEAT_VBS, "VBS" }, { BTS_FEAT_VGCS, "VGCS" }, + { BTS_FEAT_TWTS001, "TWTS001" }, + { BTS_FEAT_TWTS002, "TWTS002" }, {} }; -- To view, visit https://gerrit.osmocom.org/c/libosmocore/+/36704?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: libosmocore Gerrit-Branch: master Gerrit-Change-Id: Ia2cd1d5fa37e9d10927ca5d6cad79ec538fd0a11 Gerrit-Change-Number: 36704 Gerrit-PatchSet: 1 Gerrit-Owner: falconia <falcon(a)freecalypso.org> Gerrit-MessageType: newchange

5 days, 23 hours

1
0
0 0

[M] Change in dahdi-linux[master]: icE1usb: Configure the RX mode according to CRC4 mode

by tnt

Attention is currently required from: laforge. tnt has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36655?usp=email ) Change subject: icE1usb: Configure the RX mode according to CRC4 mode ...................................................................... Patch Set 2: (1 comment) Patchset: PS2: > just to be clear: this will not break backwards compatibility between new DAHDI driver and old firmw […] No, it will do the exact same thing as before. In the old firmware the 'rx mode' does nothing. -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36655?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: Ic9da7d2a32f9aa9bf5de296dc4885eeaf56b138e Gerrit-Change-Number: 36655 Gerrit-PatchSet: 2 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: laforge <laforge(a)osmocom.org> Gerrit-Comment-Date: Wed, 01 May 2024 12:57:19 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: laforge <laforge(a)osmocom.org> Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: icE1usb: Report BLUE alarm when receiving AIS

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36694?usp=email ) Change subject: icE1usb: Report BLUE alarm when receiving AIS ...................................................................... Patch Set 2: Code-Review+1 -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36694?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I75ae15d3b8e13ca6b82a20209ee9ca163a729020 Gerrit-Change-Number: 36694 Gerrit-PatchSet: 2 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 12:54:28 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: icE1usb: Show accumulated error count from GPSDO state in sysfs

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36695?usp=email ) Change subject: icE1usb: Show accumulated error count from GPSDO state in sysfs ...................................................................... Patch Set 2: Code-Review+1 -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36695?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: Idc4ff2a3a7411df758a432fc4c6fe5a88963b626 Gerrit-Change-Number: 36695 Gerrit-PatchSet: 2 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 12:54:22 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: icE1usb: Update ice1usb_proto.h

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36693?usp=email ) Change subject: icE1usb: Update ice1usb_proto.h ...................................................................... Patch Set 2: Code-Review+1 -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36693?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I17a1bbf27cfb423ba09146e2cc57b585d511ec49 Gerrit-Change-Number: 36693 Gerrit-PatchSet: 2 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 12:53:53 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[M] Change in dahdi-linux[master]: icE1usb: Configure the RX mode according to CRC4 mode

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36655?usp=email ) Change subject: icE1usb: Configure the RX mode according to CRC4 mode ...................................................................... Patch Set 2: Code-Review+1 (1 comment) Patchset: PS2: just to be clear: this will not break backwards compatibility between new DAHDI driver and old firmware, right? -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36655?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: Ic9da7d2a32f9aa9bf5de296dc4885eeaf56b138e Gerrit-Change-Number: 36655 Gerrit-PatchSet: 2 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 12:53:31 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: icE1usb: Fix "typo" in ALL_RY_ALARMS

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36692?usp=email ) Change subject: icE1usb: Fix "typo" in ALL_RY_ALARMS ...................................................................... Patch Set 2: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36692?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: Ib0ef30f629d3e463871a0ee3ab6b0b94cb511804 Gerrit-Change-Number: 36692 Gerrit-PatchSet: 2 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 12:52:31 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: icE1usb: Use ICE1USB_TX_MODE_TS0_CRC4_E to set E bits automatically

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36654?usp=email ) Change subject: icE1usb: Use ICE1USB_TX_MODE_TS0_CRC4_E to set E bits automatically ...................................................................... Patch Set 2: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36654?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: Iea936a6c908ef5e175be3090a8fbcafaeb5a0aed Gerrit-Change-Number: 36654 Gerrit-PatchSet: 2 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 12:52:09 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: Fix build against linux >= 6.5.12

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36700?usp=email ) Change subject: Fix build against linux >= 6.5.12 ...................................................................... Fix build against linux >= 6.5.12 adapted from https://github.com/asterisk/dahdi-linux/commit/a370c800599b8ee0ca1a84392045… see https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… https://lore.kernel.org/all/49925af7-78a8-a3dd-bce6-cfc02e1a9236@I-love.SAK… Change-Id: I992eccc503a19e348d3575147edcb9c2e78845eb --- M include/dahdi/kernel.h 1 file changed, 26 insertions(+), 0 deletions(-) Approvals: laforge: Looks good to me, approved Jenkins Builder: Verified diff --git a/include/dahdi/kernel.h b/include/dahdi/kernel.h index 0a25854..b707753 100644 --- a/include/dahdi/kernel.h +++ b/include/dahdi/kernel.h @@ -1426,6 +1426,16 @@ /*! Maximum audio mask */ #define DAHDI_FORMAT_AUDIO_MASK ((1 << 16) - 1) +#if LINUX_VERSION_CODE > KERNEL_VERSION(6,5,12) +#undef flush_scheduled_work +#define flush_scheduled_work() \ +({ \ + if (0) \ + __warn_flushing_systemwide_wq(); \ + __flush_workqueue(system_wq); \ +}) +#endif + #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 15, 0) #ifndef TIMER_DATA_TYPE -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36700?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I992eccc503a19e348d3575147edcb9c2e78845eb Gerrit-Change-Number: 36700 Gerrit-PatchSet: 2 Gerrit-Owner: roox <mardnh(a)gmx.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-MessageType: merged

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: frame_fifo: add missing declaration

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36703?usp=email ) Change subject: frame_fifo: add missing declaration ...................................................................... frame_fifo: add missing declaration /build/drivers/dahdi/trunkdev/frame_fifo.c:32:6: error: no previous prototype for 'fifo_dump' [-Werror=missing-prototypes] 32 | void fifo_dump(struct frame_fifo *fifo) | ^~~~~~~~~ cc1: all warnings being treated as errors Change-Id: I02eccb9c404157352d6c317b02d742b90c229deb --- M drivers/dahdi/trunkdev/frame_fifo.h 1 file changed, 17 insertions(+), 0 deletions(-) Approvals: laforge: Looks good to me, approved; Verified diff --git a/drivers/dahdi/trunkdev/frame_fifo.h b/drivers/dahdi/trunkdev/frame_fifo.h index b07cddc..daf7b01 100644 --- a/drivers/dahdi/trunkdev/frame_fifo.h +++ b/drivers/dahdi/trunkdev/frame_fifo.h @@ -56,3 +56,6 @@ /* pull multiple frames out of the FIFO */ int frame_fifo_out_multi(struct frame_fifo *fifo, uint8_t *out, size_t count); + +/* dump FIFO state to kernel log */ +void fifo_dump(struct frame_fifo *fifo); -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36703?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I02eccb9c404157352d6c317b02d742b90c229deb Gerrit-Change-Number: 36703 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-MessageType: merged

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: frame_fifo: add missing declaration

by laforge

laforge has removed a vote from this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36703?usp=email ) Change subject: frame_fifo: add missing declaration ...................................................................... Removed Verified-1 by Jenkins Builder (1000002) -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36703?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I02eccb9c404157352d6c317b02d742b90c229deb Gerrit-Change-Number: 36703 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-MessageType: deleteVote

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: frame_fifo: add missing declaration

by laforge

laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36703?usp=email ) Change subject: frame_fifo: add missing declaration ...................................................................... Patch Set 1: Verified+1 Code-Review+2 (1 comment) Patchset: PS1: builds only after https://gerrit.osmocom.org/c/dahdi-linux/+/36700/2 is applied - either single one of those patches still fails to build. -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36703?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I02eccb9c404157352d6c317b02d742b90c229deb Gerrit-Change-Number: 36703 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Comment-Date: Wed, 01 May 2024 12:43:34 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: Fix build against linux >= 6.5.12

by laforge

Attention is currently required from: roox. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36700?usp=email ) Change subject: Fix build against linux >= 6.5.12 ...................................................................... Patch Set 2: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36700?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I992eccc503a19e348d3575147edcb9c2e78845eb Gerrit-Change-Number: 36700 Gerrit-PatchSet: 2 Gerrit-Owner: roox <mardnh(a)gmx.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Attention: roox <mardnh(a)gmx.de> Gerrit-Comment-Date: Wed, 01 May 2024 12:42:45 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: icE1usb: Use ICE1USB_TX_MODE_TS0_CRC4_E to set E bits automatically

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36654?usp=email ) Change subject: icE1usb: Use ICE1USB_TX_MODE_TS0_CRC4_E to set E bits automatically ...................................................................... Patch Set 1: (1 comment) Patchset: PS1: > Mark as verified since build failure is vs linux master and unrelated proposed fix is in https://gerrit.osmocom.org/c/dahdi-linux/+/36703 -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36654?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: Iea936a6c908ef5e175be3090a8fbcafaeb5a0aed Gerrit-Change-Number: 36654 Gerrit-PatchSet: 1 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 12:40:35 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: tnt <tnt(a)246tNt.com> Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[S] Change in dahdi-linux[master]: frame_fifo: add missing declaration

by laforge

laforge has uploaded this change for review. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36703?usp=email ) Change subject: frame_fifo: add missing declaration ...................................................................... frame_fifo: add missing declaration /build/drivers/dahdi/trunkdev/frame_fifo.c:32:6: error: no previous prototype for 'fifo_dump' [-Werror=missing-prototypes] 32 | void fifo_dump(struct frame_fifo *fifo) | ^~~~~~~~~ cc1: all warnings being treated as errors Change-Id: I02eccb9c404157352d6c317b02d742b90c229deb --- M drivers/dahdi/trunkdev/frame_fifo.h 1 file changed, 17 insertions(+), 0 deletions(-) git pull ssh://gerrit.osmocom.org:29418/dahdi-linux refs/changes/03/36703/1 diff --git a/drivers/dahdi/trunkdev/frame_fifo.h b/drivers/dahdi/trunkdev/frame_fifo.h index b07cddc..daf7b01 100644 --- a/drivers/dahdi/trunkdev/frame_fifo.h +++ b/drivers/dahdi/trunkdev/frame_fifo.h @@ -56,3 +56,6 @@ /* pull multiple frames out of the FIFO */ int frame_fifo_out_multi(struct frame_fifo *fifo, uint8_t *out, size_t count); + +/* dump FIFO state to kernel log */ +void fifo_dump(struct frame_fifo *fifo); -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36703?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I02eccb9c404157352d6c317b02d742b90c229deb Gerrit-Change-Number: 36703 Gerrit-PatchSet: 1 Gerrit-Owner: laforge <laforge(a)osmocom.org> Gerrit-MessageType: newchange

6 days, 10 hours

1
0
0 0

[M] Change in dahdi-linux[master]: strlcpy() was removed with linux kernel commit d26270061ae6 use strsc...

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email ) Change subject: strlcpy() was removed with linux kernel commit d26270061ae6 use strscpy() instead. ...................................................................... strlcpy() was removed with linux kernel commit d26270061ae6 use strscpy() instead. https: //git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=d26270061ae6 https: //www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy Change-Id: I5beb8dfadf2d240b04e69822721b3360aa81d782 --- M drivers/dahdi/dahdi-base.c M drivers/dahdi/dahdi_dynamic.c M drivers/dahdi/dahdi_dynamic_eth.c M drivers/dahdi/dahdi_dynamic_ethmf.c M drivers/dahdi/dahdi_transcode.c M drivers/dahdi/xpp/card_global.c 6 files changed, 38 insertions(+), 27 deletions(-) Approvals: tnt: Looks good to me, but someone else must approve; Verified laforge: Looks good to me, approved diff --git a/drivers/dahdi/dahdi-base.c b/drivers/dahdi/dahdi-base.c index d8e6268..ef29c4b 100644 --- a/drivers/dahdi/dahdi-base.c +++ b/drivers/dahdi/dahdi-base.c @@ -4410,7 +4410,7 @@ param.pulsebreaktime = chan->pulsebreaktime; param.pulseaftertime = chan->pulseaftertime; param.spanno = (chan->span) ? chan->span->spanno : 0; - strlcpy(param.name, chan->name, sizeof(param.name)); + strscpy(param.name, chan->name, sizeof(param.name)); param.chanpos = chan->chanpos; param.sigcap = chan->sigcap; /* Return current law */ @@ -4498,8 +4498,8 @@ spaninfo.spanno = s->spanno; /* put the span # in here */ spaninfo.totalspans = span_count(); - strlcpy(spaninfo.desc, s->desc, sizeof(spaninfo.desc)); - strlcpy(spaninfo.name, s->name, sizeof(spaninfo.name)); + strscpy(spaninfo.desc, s->desc, sizeof(spaninfo.desc)); + strscpy(spaninfo.name, s->name, sizeof(spaninfo.name)); spaninfo.alarms = s->alarms; /* get alarm status */ spaninfo.rxlevel = s->rxlevel; /* get rx level */ spaninfo.txlevel = s->txlevel; /* get tx level */ @@ -4526,18 +4526,18 @@ spaninfo.lineconfig = s->lineconfig; spaninfo.irq = 0; spaninfo.linecompat = s->linecompat; - strlcpy(spaninfo.lboname, dahdi_lboname(s->lbo), + strscpy(spaninfo.lboname, dahdi_lboname(s->lbo), sizeof(spaninfo.lboname)); if (s->parent->manufacturer) { - strlcpy(spaninfo.manufacturer, s->parent->manufacturer, + strscpy(spaninfo.manufacturer, s->parent->manufacturer, sizeof(spaninfo.manufacturer)); } if (s->parent->devicetype) { - strlcpy(spaninfo.devicetype, s->parent->devicetype, + strscpy(spaninfo.devicetype, s->parent->devicetype, sizeof(spaninfo.devicetype)); } if (s->parent->location) { - strlcpy(spaninfo.location, s->parent->location, + strscpy(spaninfo.location, s->parent->location, sizeof(spaninfo.location)); } if (s->spantype) { @@ -4556,11 +4556,11 @@ const char *st = dahdi_spantype2str(s->spantype); switch (s->spantype) { case SPANTYPE_DIGITAL_BRI_NT: - strlcpy(spaninfo.spantype, "NT", + strscpy(spaninfo.spantype, "NT", sizeof(spaninfo.spantype)); break; case SPANTYPE_DIGITAL_BRI_TE: - strlcpy(spaninfo.spantype, "TE", + strscpy(spaninfo.spantype, "TE", sizeof(spaninfo.spantype)); break; default: @@ -4570,7 +4570,7 @@ * so no backward compatibility for this * broken interface. */ - strlcpy(spaninfo.spantype, st, + strscpy(spaninfo.spantype, st, sizeof(spaninfo.spantype)); break; } @@ -4619,10 +4619,10 @@ spaninfo_v1.spanno = s->spanno; /* put the span # in here */ spaninfo_v1.totalspans = 0; spaninfo_v1.totalspans = span_count(); - strlcpy(spaninfo_v1.desc, + strscpy(spaninfo_v1.desc, s->desc, sizeof(spaninfo_v1.desc)); - strlcpy(spaninfo_v1.name, + strscpy(spaninfo_v1.name, s->name, sizeof(spaninfo_v1.name)); spaninfo_v1.alarms = s->alarms; @@ -4644,25 +4644,25 @@ spaninfo_v1.lineconfig = s->lineconfig; spaninfo_v1.irq = 0; spaninfo_v1.linecompat = s->linecompat; - strlcpy(spaninfo_v1.lboname, + strscpy(spaninfo_v1.lboname, dahdi_lboname(s->lbo), sizeof(spaninfo_v1.lboname)); if (s->parent->manufacturer) { - strlcpy(spaninfo_v1.manufacturer, s->parent->manufacturer, + strscpy(spaninfo_v1.manufacturer, s->parent->manufacturer, sizeof(spaninfo_v1.manufacturer)); } if (s->parent->devicetype) { - strlcpy(spaninfo_v1.devicetype, s->parent->devicetype, + strscpy(spaninfo_v1.devicetype, s->parent->devicetype, sizeof(spaninfo_v1.devicetype)); } - strlcpy(spaninfo_v1.location, s->parent->location, + strscpy(spaninfo_v1.location, s->parent->location, sizeof(spaninfo_v1.location)); if (s->spantype) { - strlcpy(spaninfo_v1.spantype, + strscpy(spaninfo_v1.spantype, dahdi_spantype2str(s->spantype), sizeof(spaninfo_v1.spantype)); } @@ -5340,7 +5340,7 @@ * always use it instead of any configured software * echocan. This matches the behavior in dahdi 2.4.1.2 * and earlier releases. */ - strlcpy(ae.echocan, hwec_def_name, sizeof(ae.echocan)); + strscpy(ae.echocan, hwec_def_name, sizeof(ae.echocan)); } else if (strcasecmp(ae.echocan, hwec_def_name) != 0) { chan_dbg(GENERAL, chan, @@ -5439,7 +5439,7 @@ bool have_hwec = dahdi_any_hwec_available(); memset(&vi, 0, sizeof(vi)); - strlcpy(vi.version, dahdi_version, sizeof(vi.version)); + strscpy(vi.version, dahdi_version, sizeof(vi.version)); spin_lock(&ecfactory_list_lock); list_for_each_entry(cur, &ecfactory_list, list) { const char * const ec_name = cur->ec->get_name(NULL); @@ -5696,7 +5696,7 @@ rv = -EBUSY; break; } - strlcpy(chan->txdialbuf + strlen(chan->txdialbuf), tdo->dialstr, + strscpy(chan->txdialbuf + strlen(chan->txdialbuf), tdo->dialstr, DAHDI_MAX_DTMF_BUF - strlen(chan->txdialbuf)); if (!chan->dialing) { chan->dialing = 1; diff --git a/drivers/dahdi/dahdi_dynamic.c b/drivers/dahdi/dahdi_dynamic.c index 6643441..e33a021 100644 --- a/drivers/dahdi/dahdi_dynamic.c +++ b/drivers/dahdi/dahdi_dynamic.c @@ -622,8 +622,8 @@ } /* Setup parameters properly assuming we're going to be okay. */ - strlcpy(d->dname, dds->driver, sizeof(d->dname)); - strlcpy(d->addr, dds->addr, sizeof(d->addr)); + strscpy(d->dname, dds->driver, sizeof(d->dname)); + strscpy(d->addr, dds->addr, sizeof(d->addr)); d->timing = dds->timing; snprintf(d->span.name, sizeof(d->span.name), "DYN/%s/%s", dds->driver, dds->addr); diff --git a/drivers/dahdi/dahdi_dynamic_eth.c b/drivers/dahdi/dahdi_dynamic_eth.c index 0209489..c7a293d 100644 --- a/drivers/dahdi/dahdi_dynamic_eth.c +++ b/drivers/dahdi/dahdi_dynamic_eth.c @@ -292,12 +292,12 @@ memset(z, 0, sizeof(struct ztdeth)); /* Address should be <dev>/<macaddr>[/subaddr] */ - strlcpy(tmp, addr, sizeof(tmp)); + strscpy(tmp, addr, sizeof(tmp)); tmp2 = strchr(tmp, '/'); if (tmp2) { *tmp2 = '\0'; tmp2++; - strlcpy(z->ethdev, tmp, sizeof(z->ethdev)); + strscpy(z->ethdev, tmp, sizeof(z->ethdev)); } else { printk(KERN_NOTICE "Invalid TDMoE address (no device) '%s'\n", addr); kfree(z); diff --git a/drivers/dahdi/dahdi_dynamic_ethmf.c b/drivers/dahdi/dahdi_dynamic_ethmf.c index 1ee8b0c..f98280c 100644 --- a/drivers/dahdi/dahdi_dynamic_ethmf.c +++ b/drivers/dahdi/dahdi_dynamic_ethmf.c @@ -570,7 +570,7 @@ z->rcvbuf = kmalloc(bufsize, GFP_KERNEL); /* Address should be <dev>/<macaddr>/subaddr */ - strlcpy(src, addr, sizeof(src)); + strscpy(src, addr, sizeof(src)); /* replace all / with space; otherwise kernel sscanf does not work */ src_ptr = src; while (*src_ptr) { diff --git a/drivers/dahdi/dahdi_transcode.c b/drivers/dahdi/dahdi_transcode.c index 6021aac..7645e2f 100644 --- a/drivers/dahdi/dahdi_transcode.c +++ b/drivers/dahdi/dahdi_transcode.c @@ -329,7 +329,7 @@ return -ENOSYS; } - strlcpy(info.name, tc->name, sizeof(info.name)); + strscpy(info.name, tc->name, sizeof(info.name)); info.numchannels = tc->numchannels; info.srcfmts = tc->srcfmts; info.dstfmts = tc->dstfmts; diff --git a/drivers/dahdi/xpp/card_global.c b/drivers/dahdi/xpp/card_global.c index 434d3e8..a6d8ff0 100644 --- a/drivers/dahdi/xpp/card_global.c +++ b/drivers/dahdi/xpp/card_global.c @@ -341,7 +341,7 @@ XBUS_DBG(GENERAL, xbus, "Dropped packet. Disconnected.\n"); return -EBUSY; } - strlcpy(buf, cmdline, MAX_PROC_WRITE); /* Save a copy */ + strscpy(buf, cmdline, MAX_PROC_WRITE); /* Save a copy */ if (buf[0] == '#' || buf[0] == ';') XPD_DBG(REGS, xpd, "Note: '%s'\n", buf); if ((p = strchr(buf, '#')) != NULL) /* Truncate comments */ -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I5beb8dfadf2d240b04e69822721b3360aa81d782 Gerrit-Change-Number: 36697 Gerrit-PatchSet: 1 Gerrit-Owner: roox <mardnh(a)gmx.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: roox <mardnh(a)gmx.de> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-MessageType: merged

6 days, 10 hours

1
0
0 0

[M] Change in dahdi-linux[master]: strlcpy() was removed with linux kernel commit d26270061ae6 use strsc...

by laforge

Attention is currently required from: roox. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email ) Change subject: strlcpy() was removed with linux kernel commit d26270061ae6 use strscpy() instead. ...................................................................... Patch Set 1: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I5beb8dfadf2d240b04e69822721b3360aa81d782 Gerrit-Change-Number: 36697 Gerrit-PatchSet: 1 Gerrit-Owner: roox <mardnh(a)gmx.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: roox <mardnh(a)gmx.de> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: roox <mardnh(a)gmx.de> Gerrit-Comment-Date: Wed, 01 May 2024 12:37:37 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 10 hours

1
0
0 0

[S] Change in osmo-sgsn[master]: VTY: sync default UMTS UEA config with osmo-msc

by laforge

Attention is currently required from: fixeria. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-sgsn/+/36702?usp=email ) Change subject: VTY: sync default UMTS UEA config with osmo-msc ...................................................................... Patch Set 1: Code-Review+1 -- To view, visit https://gerrit.osmocom.org/c/osmo-sgsn/+/36702?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-Change-Id: I4eb9451b4267fc1436ed90a55ff200cf36f16bf6 Gerrit-Change-Number: 36702 Gerrit-PatchSet: 1 Gerrit-Owner: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Attention: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-Comment-Date: Wed, 01 May 2024 09:50:54 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 13 hours

1
0
0 0

[S] Change in osmo-sgsn[master]: VTY: move default settings to sgsn_instance_alloc()

by laforge

Attention is currently required from: fixeria. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-sgsn/+/36701?usp=email ) Change subject: VTY: move default settings to sgsn_instance_alloc() ...................................................................... Patch Set 1: Code-Review+1 -- To view, visit https://gerrit.osmocom.org/c/osmo-sgsn/+/36701?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-Change-Id: I1a439dcc76272a181986b6ec9368ef16441dc098 Gerrit-Change-Number: 36701 Gerrit-PatchSet: 1 Gerrit-Owner: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Attention: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-Comment-Date: Wed, 01 May 2024 09:50:30 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 13 hours

1
0
0 0

[S] Change in osmo-sgsn[master]: VTY: sync default UMTS UEA config with osmo-msc

by fixeria

fixeria has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-sgsn/+/36702?usp=email ) Change subject: VTY: sync default UMTS UEA config with osmo-msc ...................................................................... VTY: sync default UMTS UEA config with osmo-msc As was reported in OS#6442, nano3g S16 is unhappy when CS and PS domains use different UEA configuration for simultaneous RANAP connections. Bring osmo-sgsn in sync with osmo-msc to avoid this. Change-Id: I4eb9451b4267fc1436ed90a55ff200cf36f16bf6 Related: OS#6442 --- M src/sgsn/sgsn.c 1 file changed, 15 insertions(+), 1 deletion(-) git pull ssh://gerrit.osmocom.org:29418/osmo-sgsn refs/changes/02/36702/1 diff --git a/src/sgsn/sgsn.c b/src/sgsn/sgsn.c index c3b7fda..57a2c38 100644 --- a/src/sgsn/sgsn.c +++ b/src/sgsn/sgsn.c @@ -166,7 +166,7 @@ inst->cfg.gtp_statedir = talloc_strdup(inst, "./"); inst->cfg.auth_policy = SGSN_AUTH_POLICY_CLOSED; inst->cfg.gea_encryption_mask = (1 << GPRS_ALGO_GEA0); /* no encryption */ - inst->cfg.uea_encryption_mask = (1 << OSMO_UTRAN_UEA0); /* no encryption */ + inst->cfg.uea_encryption_mask = (1 << OSMO_UTRAN_UEA2) | (1 << OSMO_UTRAN_UEA1); inst->cfg.require_authentication = true; /* only applies if auth_policy is REMOTE */ inst->cfg.gsup_server_port = OSMO_GSUP_PORT; -- To view, visit https://gerrit.osmocom.org/c/osmo-sgsn/+/36702?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-Change-Id: I4eb9451b4267fc1436ed90a55ff200cf36f16bf6 Gerrit-Change-Number: 36702 Gerrit-PatchSet: 1 Gerrit-Owner: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-MessageType: newchange

6 days, 13 hours

1
0
0 0

[S] Change in osmo-sgsn[master]: VTY: move default settings to sgsn_instance_alloc()

by fixeria

fixeria has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-sgsn/+/36701?usp=email ) Change subject: VTY: move default settings to sgsn_instance_alloc() ...................................................................... VTY: move default settings to sgsn_instance_alloc() Change-Id: I1a439dcc76272a181986b6ec9368ef16441dc098 Related: OS#6443 --- M src/sgsn/sgsn.c M src/sgsn/sgsn_vty.c 2 files changed, 15 insertions(+), 3 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-sgsn refs/changes/01/36701/1 diff --git a/src/sgsn/sgsn.c b/src/sgsn/sgsn.c index 6619bf2..c3b7fda 100644 --- a/src/sgsn/sgsn.c +++ b/src/sgsn/sgsn.c @@ -36,6 +36,9 @@ #include <osmocom/gsm/gsm_utils.h> #include <osmocom/gsm/gsup.h> +#include <osmocom/crypt/gprs_cipher.h> +#include <osmocom/crypt/utran_cipher.h> + #include <osmocom/sgsn/gprs_subscriber.h> #include <osmocom/sgsn/debug.h> #include <osmocom/sgsn/sgsn.h> @@ -162,6 +165,8 @@ inst->cfg.gtp_statedir = talloc_strdup(inst, "./"); inst->cfg.auth_policy = SGSN_AUTH_POLICY_CLOSED; + inst->cfg.gea_encryption_mask = (1 << GPRS_ALGO_GEA0); /* no encryption */ + inst->cfg.uea_encryption_mask = (1 << OSMO_UTRAN_UEA0); /* no encryption */ inst->cfg.require_authentication = true; /* only applies if auth_policy is REMOTE */ inst->cfg.gsup_server_port = OSMO_GSUP_PORT; diff --git a/src/sgsn/sgsn_vty.c b/src/sgsn/sgsn_vty.c index 29f9cd6..6837e71 100644 --- a/src/sgsn/sgsn_vty.c +++ b/src/sgsn/sgsn_vty.c @@ -1868,9 +1868,6 @@ /* make sure sgsn_vty_init() was called before this */ OSMO_ASSERT(g_cfg); - g_cfg->gea_encryption_mask = 0x1; /* support GEA0 by default unless specific encryption config exists */ - g_cfg->uea_encryption_mask = (1 << OSMO_UTRAN_UEA0); /* support UEA0 by default unless specific encryption config exists */ - rc = vty_read_config_file(config_file, NULL); if (rc < 0) { fprintf(stderr, "Failed to parse the config file: '%s'\n", config_file); -- To view, visit https://gerrit.osmocom.org/c/osmo-sgsn/+/36701?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-Change-Id: I1a439dcc76272a181986b6ec9368ef16441dc098 Gerrit-Change-Number: 36701 Gerrit-PatchSet: 1 Gerrit-Owner: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-MessageType: newchange

6 days, 13 hours

1
0
0 0

[S] Change in dahdi-linux[master]: Fix build against linux >= 6.5.12

by roox

roox has uploaded this change for review. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36700?usp=email ) Change subject: Fix build against linux >= 6.5.12 ...................................................................... Fix build against linux >= 6.5.12 adapted from https://github.com/asterisk/dahdi-linux/commit/a370c800599b8ee0ca1a84392045… see https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… https://lore.kernel.org/all/49925af7-78a8-a3dd-bce6-cfc02e1a9236@I-love.SAK… Change-Id: I992eccc503a19e348d3575147edcb9c2e78845eb --- M include/dahdi/kernel.h 1 file changed, 26 insertions(+), 0 deletions(-) git pull ssh://gerrit.osmocom.org:29418/dahdi-linux refs/changes/00/36700/1 diff --git a/include/dahdi/kernel.h b/include/dahdi/kernel.h index 0a25854..b707753 100644 --- a/include/dahdi/kernel.h +++ b/include/dahdi/kernel.h @@ -1426,6 +1426,16 @@ /*! Maximum audio mask */ #define DAHDI_FORMAT_AUDIO_MASK ((1 << 16) - 1) +#if LINUX_VERSION_CODE > KERNEL_VERSION(6,5,12) +#undef flush_scheduled_work +#define flush_scheduled_work() \ +({ \ + if (0) \ + __warn_flushing_systemwide_wq(); \ + __flush_workqueue(system_wq); \ +}) +#endif + #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 15, 0) #ifndef TIMER_DATA_TYPE -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36700?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I992eccc503a19e348d3575147edcb9c2e78845eb Gerrit-Change-Number: 36700 Gerrit-PatchSet: 1 Gerrit-Owner: roox <mardnh(a)gmx.de> Gerrit-MessageType: newchange

6 days, 14 hours

1
0
0 0

[S] Change in osmo-sgsn[master]: gmm: cosmetic: fix preprocessor macro formatting

by fixeria

fixeria has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-sgsn/+/36698?usp=email ) Change subject: gmm: cosmetic: fix preprocessor macro formatting ...................................................................... gmm: cosmetic: fix preprocessor macro formatting Change-Id: I77171d65db23794d8fd9872e0cc4d6f3b50dda0d --- M src/sgsn/gprs_gmm.c 1 file changed, 11 insertions(+), 2 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-sgsn refs/changes/98/36698/1 diff --git a/src/sgsn/gprs_gmm.c b/src/sgsn/gprs_gmm.c index c3f5cd3..768b321 100644 --- a/src/sgsn/gprs_gmm.c +++ b/src/sgsn/gprs_gmm.c @@ -1391,11 +1391,11 @@ /* only in case SGSN offered new P-TMSI */ LOGMMCTXP(LOGL_INFO, mmctx, "-> GMM ATTACH COMPLETE\n"); - #ifdef BUILD_IU +#ifdef BUILD_IU if (mmctx->iu.ue_ctx) { ranap_iu_tx_release(mmctx->iu.ue_ctx, NULL); } - #endif +#endif mmctx_timer_stop(mmctx, 3350); mmctx->t3350_mode = GMM_T3350_MODE_NONE; -- To view, visit https://gerrit.osmocom.org/c/osmo-sgsn/+/36698?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-Change-Id: I77171d65db23794d8fd9872e0cc4d6f3b50dda0d Gerrit-Change-Number: 36698 Gerrit-PatchSet: 1 Gerrit-Owner: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-MessageType: newchange

6 days, 14 hours

1
0
0 0

[S] Change in osmo-sgsn[master]: gmm: mmctx_timer_stop(): warn about timer not running

by fixeria

fixeria has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-sgsn/+/36699?usp=email ) Change subject: gmm: mmctx_timer_stop(): warn about timer not running ...................................................................... gmm: mmctx_timer_stop(): warn about timer not running This turns errors like: DMM ERROR MM(262420000000038/e2ff704e) Stopping MM timer 3350 but 0 is running into warnings with a more accurate reason: DMM NOTICE MM(262420000000037/e2ff704e) Stopping *inactive* MM timer 3350 Change-Id: I56ecad9d8f1049974b0896f6d0e7fc61580155ec --- M src/sgsn/gprs_gmm.c 1 file changed, 23 insertions(+), 1 deletion(-) git pull ssh://gerrit.osmocom.org:29418/osmo-sgsn refs/changes/99/36699/1 diff --git a/src/sgsn/gprs_gmm.c b/src/sgsn/gprs_gmm.c index 768b321..653c425 100644 --- a/src/sgsn/gprs_gmm.c +++ b/src/sgsn/gprs_gmm.c @@ -111,9 +111,14 @@ static void mmctx_timer_stop(struct sgsn_mm_ctx *mm, unsigned int T) { - if (mm->T != T) + if (!osmo_timer_pending(&mm->timer)) { + LOGMMCTXP(LOGL_NOTICE, mm, "Stopping *inactive* MM timer %u\n", T); + return; + } + if (mm->T != T) { LOGMMCTXP(LOGL_ERROR, mm, "Stopping MM timer %u but " "%u is running\n", T, mm->T); + } osmo_timer_del(&mm->timer); } -- To view, visit https://gerrit.osmocom.org/c/osmo-sgsn/+/36699?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-Change-Id: I56ecad9d8f1049974b0896f6d0e7fc61580155ec Gerrit-Change-Number: 36699 Gerrit-PatchSet: 1 Gerrit-Owner: fixeria <vyanitskiy(a)sysmocom.de> Gerrit-MessageType: newchange

6 days, 14 hours

1
0
0 0

[M] Change in dahdi-linux[master]: strlcpy() was removed with linux kernel commit d26270061ae6 use strsc...

by roox

roox has removed a vote from this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email ) Change subject: strlcpy() was removed with linux kernel commit d26270061ae6 use strscpy() instead. ...................................................................... Removed Code-Review+2 by roox <mardnh(a)gmx.de> -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I5beb8dfadf2d240b04e69822721b3360aa81d782 Gerrit-Change-Number: 36697 Gerrit-PatchSet: 1 Gerrit-Owner: roox <mardnh(a)gmx.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: roox <mardnh(a)gmx.de> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-MessageType: deleteVote

6 days, 14 hours

1
0
0 0

[M] Change in dahdi-linux[master]: strlcpy() was removed with linux kernel commit d26270061ae6 use strsc...

by roox

roox has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email ) Change subject: strlcpy() was removed with linux kernel commit d26270061ae6 use strscpy() instead. ...................................................................... Patch Set 1: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I5beb8dfadf2d240b04e69822721b3360aa81d782 Gerrit-Change-Number: 36697 Gerrit-PatchSet: 1 Gerrit-Owner: roox <mardnh(a)gmx.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: roox <mardnh(a)gmx.de> Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 08:18:34 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 14 hours

1
0
0 0

[M] Change in dahdi-linux[master]: strlcpy() was removed with linux kernel commit d26270061ae6 use strsc...

by tnt

Attention is currently required from: roox. tnt has posted comments on this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email ) Change subject: strlcpy() was removed with linux kernel commit d26270061ae6 use strscpy() instead. ...................................................................... Patch Set 1: Verified+1 Code-Review+1 (1 comment) Patchset: PS1: Manually added verify since build failures on linus master only are unrelated to the change. -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I5beb8dfadf2d240b04e69822721b3360aa81d782 Gerrit-Change-Number: 36697 Gerrit-PatchSet: 1 Gerrit-Owner: roox <mardnh(a)gmx.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: tnt <tnt(a)246tNt.com> Gerrit-Attention: roox <mardnh(a)gmx.de> Gerrit-Comment-Date: Wed, 01 May 2024 08:08:03 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 15 hours

1
0
0 0

[M] Change in dahdi-linux[master]: strlcpy() was removed with linux kernel commit d26270061ae6 use strsc...

by tnt

Attention is currently required from: roox. tnt has removed a vote from this change. ( https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email ) Change subject: strlcpy() was removed with linux kernel commit d26270061ae6 use strscpy() instead. ...................................................................... Removed Verified-1 by Jenkins Builder (1000002) -- To view, visit https://gerrit.osmocom.org/c/dahdi-linux/+/36697?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: dahdi-linux Gerrit-Branch: master Gerrit-Change-Id: I5beb8dfadf2d240b04e69822721b3360aa81d782 Gerrit-Change-Number: 36697 Gerrit-PatchSet: 1 Gerrit-Owner: roox <mardnh(a)gmx.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Attention: roox <mardnh(a)gmx.de> Gerrit-MessageType: deleteVote

6 days, 15 hours

1
0
0 0

[S] Change in osmo-e1-hardware[master]: icE1usb fw: Fix OIS -> AIS typo

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-e1-hardware/+/36678?usp=email ) Change subject: icE1usb fw: Fix OIS -> AIS typo ...................................................................... Patch Set 3: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/osmo-e1-hardware/+/36678?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-e1-hardware Gerrit-Branch: master Gerrit-Change-Id: I23f242c31483533adb9cb60b4aac9b95a7b807e8 Gerrit-Change-Number: 36678 Gerrit-PatchSet: 3 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 08:06:25 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 15 hours

1
0
0 0

[S] Change in osmo-e1-hardware[master]: gateware/cores: Update no2e1

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-e1-hardware/+/36677?usp=email ) Change subject: gateware/cores: Update no2e1 ...................................................................... Patch Set 3: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/osmo-e1-hardware/+/36677?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-e1-hardware Gerrit-Branch: master Gerrit-Change-Id: Ica1bbaa052988f5b7e71c7fa51f87eb0bfea6f67 Gerrit-Change-Number: 36677 Gerrit-PatchSet: 3 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 08:06:12 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 15 hours

1
0
0 0

[S] Change in osmo-e1-hardware[master]: icE1usb fw: Avoid casting random pointer to struct in set_{rx,tx}_mode

by laforge

Attention is currently required from: tnt. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-e1-hardware/+/36676?usp=email ) Change subject: icE1usb fw: Avoid casting random pointer to struct in set_{rx,tx}_mode ...................................................................... Patch Set 1: Code-Review+1 -- To view, visit https://gerrit.osmocom.org/c/osmo-e1-hardware/+/36676?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-e1-hardware Gerrit-Branch: master Gerrit-Change-Id: I110ee4c014e8cfe058f7fc357decb7ab99e0be64 Gerrit-Change-Number: 36676 Gerrit-PatchSet: 1 Gerrit-Owner: tnt <tnt(a)246tNt.com> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Attention: tnt <tnt(a)246tNt.com> Gerrit-Comment-Date: Wed, 01 May 2024 08:05:59 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 15 hours

1
0
0 0

[M] Change in osmo-ttcn3-hacks[master]: SGP32Definitions: add ts template for authenticateClientRequestEsipa

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36675?usp=email ) Change subject: SGP32Definitions: add ts template for authenticateClientRequestEsipa ...................................................................... SGP32Definitions: add ts template for authenticateClientRequestEsipa The template ts_authenticateClientRequestEsipa is still missing, let's add one. Related: SYS#6824 Change-Id: I9490a2ee59a89511876bb1055a056a43fbf172bb --- M library/euicc/RSPDefinitions_Templates.ttcn M library/euicc/SGP32Definitions_Templates.ttcn 2 files changed, 50 insertions(+), 1 deletion(-) Approvals: laforge: Looks good to me, approved Jenkins Builder: Verified pespin: Looks good to me, but someone else must approve diff --git a/library/euicc/RSPDefinitions_Templates.ttcn b/library/euicc/RSPDefinitions_Templates.ttcn index 9e64083..7e0884f 100644 --- a/library/euicc/RSPDefinitions_Templates.ttcn +++ b/library/euicc/RSPDefinitions_Templates.ttcn @@ -146,6 +146,29 @@ } } +template (present) EuiccSigned1 tr_euiccSigned1(template (present) octetstring transactionId := ?, + template (present) universal charstring serverAddress := ?, + template (present) octetstring serverChallenge := ?, + template (present) EUICCInfo2 euiccInfo2 := ?, + template (present) CtxParams1 ctxParams1 := ?) := { + transactionId := transactionId, + serverAddress := serverAddress, + serverChallenge := serverChallenge, + euiccInfo2 := euiccInfo2, + ctxParams1 := ctxParams1 +} +template (value) EuiccSigned1 ts_euiccSigned1(template (value) octetstring transactionId := 'ABCDEF'O, + template (value) universal charstring serverAddress := "smdp.example.com", + template (value) octetstring serverChallenge := '01020304050607080910111213141516'O, + template (value) EUICCInfo2 euiccInfo2 := ts_EUICCInfo2, + template (value) CtxParams1 ctxParams1 := ts_ctxParams1) := { + transactionId := transactionId, + serverAddress := serverAddress, + serverChallenge := serverChallenge, + euiccInfo2 := euiccInfo2, + ctxParams1 := ctxParams1 +} + template (present) StoreMetadataRequest tr_storeMetadataRequest := { iccid := ?, serviceProviderName := ?, diff --git a/library/euicc/SGP32Definitions_Templates.ttcn b/library/euicc/SGP32Definitions_Templates.ttcn index 98a2bba..26ded29 100644 --- a/library/euicc/SGP32Definitions_Templates.ttcn +++ b/library/euicc/SGP32Definitions_Templates.ttcn @@ -87,7 +87,20 @@ } } } -/* TODO: create coresponding ts_ template */ +template (value) EsipaMessageFromIpaToEim +ts_authenticateClientRequestEsipa(template (value) octetstring transactionId := 'ABCDEF'O) := { + authenticateClientRequestEsipa := { + transactionId := transactionId, + authenticateServerResponse := { + authenticateResponseOk := { + euiccSigned1 := ts_euiccSigned1, + euiccSignature1 := '1234567890'O, + euiccCertificate := ts_cert_eum_nist, + eumCertificate := ts_cert_s_sm_dpauth_nist + } + } + } +} /* GSMA SGP.32, section 6.3.2.2 */ template (present) EsipaMessageFromEimToIpa -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36675?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: I9490a2ee59a89511876bb1055a056a43fbf172bb Gerrit-Change-Number: 36675 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-MessageType: merged

6 days, 15 hours

1
0
0 0

[M] Change in osmo-ttcn3-hacks[master]: RSPDefinitions: add separate template for CtxParams1

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36673?usp=email ) Change subject: RSPDefinitions: add separate template for CtxParams1 ...................................................................... RSPDefinitions: add separate template for CtxParams1 Fields of type CtxParams1 are used in other messages too, so it might be helpful to add a separate template for them. Related: SYS#6824 Change-Id: Iba6c3780f9f3aec5742d53b3bd7b0c0392b25761 --- M library/euicc/RSPDefinitions_Templates.ttcn 1 file changed, 68 insertions(+), 52 deletions(-) Approvals: pespin: Looks good to me, but someone else must approve laforge: Looks good to me, approved Jenkins Builder: Verified diff --git a/library/euicc/RSPDefinitions_Templates.ttcn b/library/euicc/RSPDefinitions_Templates.ttcn index 7c1707d..ae1ea78 100644 --- a/library/euicc/RSPDefinitions_Templates.ttcn +++ b/library/euicc/RSPDefinitions_Templates.ttcn @@ -93,6 +93,59 @@ serverChallenge := serverChallenge } +template (present) CtxParams1 tr_ctxParams1 := { + ctxParamsForCommonAuthentication := { + matchingId := *, + deviceInfo := { + tac := ?, + deviceCapabilities := { + gsmSupportedRelease := *, + utranSupportedRelease := *, + cdma2000onexSupportedRelease := *, + cdma2000hrpdSupportedRelease := *, + cdma2000ehrpdSupportedRelease := *, + eutranEpcSupportedRelease := *, + contactlessSupportedRelease := *, + rspCrlSupportedVersion := *, + nrEpcSupportedRelease := *, + nr5gcSupportedRelease := *, + eutran5gcSupportedRelease := *, + lpaSvn := *, + catSupportedClasses := *, + euiccFormFactorType := *, + deviceAdditionalFeatureSupport := * + }, + imei := * + } + } +} +template (value) CtxParams1 ts_ctxParams1 := { + ctxParamsForCommonAuthentication := { + matchingId := omit, + deviceInfo := { + tac := '12345678'O, + deviceCapabilities := { + gsmSupportedRelease := omit, + utranSupportedRelease := omit, + cdma2000onexSupportedRelease := omit, + cdma2000hrpdSupportedRelease := omit, + cdma2000ehrpdSupportedRelease := omit, + eutranEpcSupportedRelease := omit, + contactlessSupportedRelease := omit, + rspCrlSupportedVersion := omit, + nrEpcSupportedRelease := omit, + nr5gcSupportedRelease := omit, + eutran5gcSupportedRelease := omit, + lpaSvn := omit, + catSupportedClasses := omit, + euiccFormFactorType := omit, + deviceAdditionalFeatureSupport := omit + }, + imei := omit + } + } +} + /* GSMA SGP.22, section 2.5.6 */ template (present) ProfileInstallationResult tr_profileInstallationResult := { @@ -481,32 +534,7 @@ serverAddress := ?, serverChallenge := ?, euiccInfo2 := ?, - ctxParams1 := { - ctxParamsForCommonAuthentication := { - matchingId := *, - deviceInfo := { - tac := ?, - deviceCapabilities := { - gsmSupportedRelease := *, - utranSupportedRelease := *, - cdma2000onexSupportedRelease := *, - cdma2000hrpdSupportedRelease := *, - cdma2000ehrpdSupportedRelease := *, - eutranEpcSupportedRelease := *, - contactlessSupportedRelease := *, - rspCrlSupportedVersion := *, - nrEpcSupportedRelease := *, - nr5gcSupportedRelease := *, - eutran5gcSupportedRelease := *, - lpaSvn := *, - catSupportedClasses := *, - euiccFormFactorType := *, - deviceAdditionalFeatureSupport := * - }, - imei := * - } - } - } + ctxParams1 := tr_ctxParams1 }, euiccSignature1 := ?, euiccCertificate := ?, @@ -521,32 +549,7 @@ serverAddress := "smdp.example.com", serverChallenge := '01020304050607080910111213141516'O, euiccInfo2 := ts_EUICCInfo2, - ctxParams1 := { - ctxParamsForCommonAuthentication := { - matchingId := omit, - deviceInfo := { - tac := '12345678'O, - deviceCapabilities := { - gsmSupportedRelease := omit, - utranSupportedRelease := omit, - cdma2000onexSupportedRelease := omit, - cdma2000hrpdSupportedRelease := omit, - cdma2000ehrpdSupportedRelease := omit, - eutranEpcSupportedRelease := omit, - contactlessSupportedRelease := omit, - rspCrlSupportedVersion := omit, - nrEpcSupportedRelease := omit, - nr5gcSupportedRelease := omit, - eutran5gcSupportedRelease := omit, - lpaSvn := omit, - catSupportedClasses := omit, - euiccFormFactorType := omit, - deviceAdditionalFeatureSupport := omit - }, - imei := omit - } - } - } + ctxParams1 := ts_ctxParams1 }, euiccSignature1 := '12345678'O, euiccCertificate := ts_cert_euicc_nist, -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36673?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: Iba6c3780f9f3aec5742d53b3bd7b0c0392b25761 Gerrit-Change-Number: 36673 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-MessageType: merged

6 days, 15 hours

1
0
0 0

[M] Change in osmo-ttcn3-hacks[master]: RSPDefinitions: add defaults values to ts_authenticateClientResponseEs9

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36674?usp=email ) Change subject: RSPDefinitions: add defaults values to ts_authenticateClientResponseEs9 ...................................................................... RSPDefinitions: add defaults values to ts_authenticateClientResponseEs9 The template ts_authenticateClientResponseEs9 has no default values, let's add some default values to make it easier to use Related: SYS#6824 Change-Id: I07d942a58a3c1c29c37fcaa50d3a274ce8b026bc --- M library/euicc/RSPDefinitions_Templates.ttcn 1 file changed, 58 insertions(+), 5 deletions(-) Approvals: pespin: Looks good to me, but someone else must approve Jenkins Builder: Verified laforge: Looks good to me, approved diff --git a/library/euicc/RSPDefinitions_Templates.ttcn b/library/euicc/RSPDefinitions_Templates.ttcn index ae1ea78..9e64083 100644 --- a/library/euicc/RSPDefinitions_Templates.ttcn +++ b/library/euicc/RSPDefinitions_Templates.ttcn @@ -146,6 +146,46 @@ } } +template (present) StoreMetadataRequest tr_storeMetadataRequest := { + iccid := ?, + serviceProviderName := ?, + profileName := ?, + iconType := *, + icon := *, + profileClass := ?, + notificationConfigurationInfo := *, + profileOwner := *, + profilePolicyRules := *, + serviceSpecificDataStoredInEuicc := *, + serviceSpecificDataNotStoredInEuicc := * +} +template (value) StoreMetadataRequest ts_storeMetadataRequest := { + iccid := '123456789ABCDEFFAAAA'O, + serviceProviderName := "testsuite", + profileName := "testprofile", + iconType := omit, + icon := omit, + profileClass := 2, /* operational */ + notificationConfigurationInfo := omit, + profileOwner := omit, + profilePolicyRules := omit, + serviceSpecificDataStoredInEuicc := omit, + serviceSpecificDataNotStoredInEuicc := omit +} + +template (present) SmdpSigned2 tr_smdpSigned2(template (present) octetstring transactionId := ?, + template (present) boolean ccRequiredFlag := ?) := { + transactionId := transactionId, + ccRequiredFlag := ccRequiredFlag, + bppEuiccOtpk := ? +} +template (value) SmdpSigned2 ts_smdpSigned2(template (value) octetstring transactionId := 'ABCDEF'O, + template (value) boolean ccRequiredFlag := false) := { + transactionId := transactionId, + ccRequiredFlag := ccRequiredFlag, + bppEuiccOtpk := omit +} + /* GSMA SGP.22, section 2.5.6 */ template (present) ProfileInstallationResult tr_profileInstallationResult := { @@ -310,11 +350,11 @@ } } template (value) RemoteProfileProvisioningResponse -ts_authenticateClientResponseEs9(template (value) octetstring transactionId, - template (value) StoreMetadataRequest profileMetaData, - template (value) SmdpSigned2 smdpSigned2, - template (value) octetstring smdpSignature2, - template (value) Certificate smdpCertificate) := { +ts_authenticateClientResponseEs9(template (value) octetstring transactionId := 'ABCDEF'O, + template (value) StoreMetadataRequest profileMetaData := ts_storeMetadataRequest, + template (value) SmdpSigned2 smdpSigned2 := ts_smdpSigned2, + template (value) octetstring smdpSignature2 := 'BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB'O, + template (value) Certificate smdpCertificate := ts_cert_s_sm_dpauth_nist) := { authenticateClientResponseEs9 := { authenticateClientOk := { transactionId := transactionId, -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36674?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: I07d942a58a3c1c29c37fcaa50d3a274ce8b026bc Gerrit-Change-Number: 36674 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-MessageType: merged

6 days, 15 hours

1
0
0 0

[M] Change in osmo-ttcn3-hacks[master]: RSPDefinitions: add separate template for serverSigned1

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36671?usp=email ) Change subject: RSPDefinitions: add separate template for serverSigned1 ...................................................................... RSPDefinitions: add separate template for serverSigned1 The field serverSigned1 is used in many messages, so it might be helpful to add a separate template for it. Change-Id: Ic50676ac2863173b72765afc44794a56d03413a5 Related: SYS#6824 --- M library/euicc/RSPDefinitions_EncDec.cc M library/euicc/RSPDefinitions_Templates.ttcn M library/euicc/RSPDefinitions_Types.ttcn M library/euicc/SGP32Definitions_Templates.ttcn 4 files changed, 75 insertions(+), 13 deletions(-) Approvals: Jenkins Builder: Verified laforge: Looks good to me, approved pespin: Looks good to me, but someone else must approve diff --git a/library/euicc/RSPDefinitions_EncDec.cc b/library/euicc/RSPDefinitions_EncDec.cc index 6441201..b46a73c 100644 --- a/library/euicc/RSPDefinitions_EncDec.cc +++ b/library/euicc/RSPDefinitions_EncDec.cc @@ -278,4 +278,38 @@ return msg; } +OCTETSTRING enc__RemoteProfileProvisioningResponse(const RemoteProfileProvisioningResponse &msg) { + TTCN_Buffer buf; + + buf.clear(); + msg.encode(RemoteProfileProvisioningResponse_descr_, buf, TTCN_EncDec::CT_BER, BER_ENCODE_DER); + return OCTETSTRING(buf.get_len(), buf.get_data()); +} + +RemoteProfileProvisioningResponse dec__RemoteProfileProvisioningResponse(const OCTETSTRING &stream) { + TTCN_Buffer buf; + RemoteProfileProvisioningResponse msg; + buf.put_os(stream); + + msg.decode(RemoteProfileProvisioningResponse_descr_, buf, TTCN_EncDec::CT_BER, BER_ACCEPT_ALL); + return msg; +} + +OCTETSTRING enc__RemoteProfileProvisioningRequest(const RemoteProfileProvisioningRequest &msg) { + TTCN_Buffer buf; + + buf.clear(); + msg.encode(RemoteProfileProvisioningRequest_descr_, buf, TTCN_EncDec::CT_BER, BER_ENCODE_DER); + return OCTETSTRING(buf.get_len(), buf.get_data()); +} + +RemoteProfileProvisioningRequest dec__RemoteProfileProvisioningRequest(const OCTETSTRING &stream) { + TTCN_Buffer buf; + RemoteProfileProvisioningRequest msg; + buf.put_os(stream); + + msg.decode(RemoteProfileProvisioningRequest_descr_, buf, TTCN_EncDec::CT_BER, BER_ACCEPT_ALL); + return msg; +} + } diff --git a/library/euicc/RSPDefinitions_Templates.ttcn b/library/euicc/RSPDefinitions_Templates.ttcn index 86cdb0c..52e1788 100644 --- a/library/euicc/RSPDefinitions_Templates.ttcn +++ b/library/euicc/RSPDefinitions_Templates.ttcn @@ -74,6 +74,25 @@ '515151515151515151515151515151515151515151515151515151515151515151515151515151515151515151515151515151515151515151515151'O} } +template (present) ServerSigned1 tr_serverSigned1(template (present) octetstring transactionId := ?, + template (present) octetstring euiccChallenge := ?, + template (present) universal charstring serverAddress := ?, + template (present) octetstring serverChallenge := ?) := { + transactionId := transactionId, + euiccChallenge := euiccChallenge, + serverAddress := serverAddress, + serverChallenge := serverChallenge +} +template (value) ServerSigned1 ts_serverSigned1(template (value) octetstring transactionId := 'ABCDEF'O, + template (value) octetstring euiccChallenge := '00112233445566778899AABBCCDDEEFF'O, + template (value) universal charstring serverAddress := "smdp.example.com", + template (value) octetstring serverChallenge := '01020304050607080910111213141516'O) := { + transactionId := transactionId, + euiccChallenge := euiccChallenge, + serverAddress := serverAddress, + serverChallenge := serverChallenge +} + /* GSMA SGP.22, section 2.5.6 */ template (present) ProfileInstallationResult tr_profileInstallationResult := { @@ -576,4 +595,4 @@ eidValue := eidValue } -} \ No newline at end of file +} diff --git a/library/euicc/RSPDefinitions_Types.ttcn b/library/euicc/RSPDefinitions_Types.ttcn index b031aa3..5bb3925 100644 --- a/library/euicc/RSPDefinitions_Types.ttcn +++ b/library/euicc/RSPDefinitions_Types.ttcn @@ -51,4 +51,10 @@ external function dec_SmdpSigned2(in octetstring stream) return SmdpSigned2; external function enc_SmdpSigned2(in SmdpSigned2 msg) return octetstring; +external function dec_RemoteProfileProvisioningResponse(in octetstring stream) return RemoteProfileProvisioningResponse; +external function enc_RemoteProfileProvisioningResponse(in RemoteProfileProvisioningResponse msg) return octetstring; + +external function dec_RemoteProfileProvisioningRequest(in octetstring stream) return RemoteProfileProvisioningRequest; +external function enc_RemoteProfileProvisioningRequest(in RemoteProfileProvisioningRequest msg) return octetstring; + } diff --git a/library/euicc/SGP32Definitions_Templates.ttcn b/library/euicc/SGP32Definitions_Templates.ttcn index 86c2055..98a2bba 100644 --- a/library/euicc/SGP32Definitions_Templates.ttcn +++ b/library/euicc/SGP32Definitions_Templates.ttcn @@ -28,12 +28,7 @@ initiateAuthenticationResponseEsipa := { initiateAuthenticationOkEsipa := { transactionId := *, - serverSigned1 := { - transactionId := ?, - euiccChallenge := euiccChallenge, - serverAddress := serverAddress, - serverChallenge := ? - }, + serverSigned1 := tr_serverSigned1(euiccChallenge := euiccChallenge, serverAddress := serverAddress), serverSignature1 := ?, euiccCiPKIdToBeUsed := ?, serverCertificate := ?, @@ -49,12 +44,7 @@ initiateAuthenticationResponseEsipa := { initiateAuthenticationOkEsipa := { transactionId := omit, - serverSigned1 := { - transactionId := 'ABCDEF'O, - euiccChallenge := euiccChallenge, - serverAddress := "smdp.example.com", - serverChallenge := '01020304050607080910111213141516'O - }, + serverSigned1 := ts_serverSigned1(euiccChallenge := euiccChallenge, serverAddress := serverAddress), serverSignature1 := '01020304'O, euiccCiPKIdToBeUsed := 'F54172BDF98A95D65CBEB88A38A1C11D800A85C3'O, /* NIST */ serverCertificate := ts_cert_s_sm_dpauth_nist, -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36671?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: Ic50676ac2863173b72765afc44794a56d03413a5 Gerrit-Change-Number: 36671 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-MessageType: merged

6 days, 15 hours

1
0
0 0

[S] Change in osmo-ttcn3-hacks[master]: RSPDefinitions: add defaults for initiateAuthenticationResponse/Request

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36672?usp=email ) Change subject: RSPDefinitions: add defaults for initiateAuthenticationResponse/Request ...................................................................... RSPDefinitions: add defaults for initiateAuthenticationResponse/Request Related: SYS#6824 Change-Id: I3842569f36dfb94e61afffaa03353b552e001c72 --- M library/euicc/RSPDefinitions_Templates.ttcn 1 file changed, 18 insertions(+), 8 deletions(-) Approvals: pespin: Looks good to me, but someone else must approve laforge: Looks good to me, approved Jenkins Builder: Verified diff --git a/library/euicc/RSPDefinitions_Templates.ttcn b/library/euicc/RSPDefinitions_Templates.ttcn index 52e1788..7c1707d 100644 --- a/library/euicc/RSPDefinitions_Templates.ttcn +++ b/library/euicc/RSPDefinitions_Templates.ttcn @@ -143,9 +143,9 @@ } } template (value) RemoteProfileProvisioningRequest -ts_initiateAuthenticationRequest(template (value) octetstring euiccChallenge, - template (value) charstring smdpAddress, - template (value) EUICCInfo1 euiccInfo1) := { +ts_initiateAuthenticationRequest(template (value) octetstring euiccChallenge := '00112233445566778899aabbccddeeff'O, + template (value) charstring smdpAddress := "smdp.example.com", + template (value) EUICCInfo1 euiccInfo1 := ts_EUICCInfo1) := { initiateAuthenticationRequest := { euiccChallenge := euiccChallenge, smdpAddress := smdpAddress, @@ -169,11 +169,11 @@ } } template (value) RemoteProfileProvisioningResponse -ts_initiateAuthenticationResponse(template (value) octetstring transactionId, - template (value) ServerSigned1 serverSigned1, - template (value) octetstring serverSignature1, - template (value) SubjectKeyIdentifier euiccCiPKIdToBeUsed, - template (value) Certificate serverCertificate) := { +ts_initiateAuthenticationResponse(template (value) octetstring transactionId := 'ABCDEF'O, + template (value) ServerSigned1 serverSigned1 := ts_serverSigned1, + template (value) octetstring serverSignature1 := '01020304'O, + template (value) SubjectKeyIdentifier euiccCiPKIdToBeUsed := 'F54172BDF98A95D65CBEB88A38A1C11D800A85C3'O, /* NIST */ + template (value) Certificate serverCertificate := ts_cert_s_sm_dpauth_nist) := { initiateAuthenticationResponse := { initiateAuthenticationOk := { transactionId := transactionId, -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36672?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: I3842569f36dfb94e61afffaa03353b552e001c72 Gerrit-Change-Number: 36672 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-MessageType: merged

6 days, 15 hours

1
0
0 0

[M] Change in osmo-ttcn3-hacks[master]: SGP32Definitions: add ts template for authenticateClientRequestEsipa

by laforge

Attention is currently required from: dexter. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36675?usp=email ) Change subject: SGP32Definitions: add ts template for authenticateClientRequestEsipa ...................................................................... Patch Set 1: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36675?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: I9490a2ee59a89511876bb1055a056a43fbf172bb Gerrit-Change-Number: 36675 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-Attention: dexter <pmaier(a)sysmocom.de> Gerrit-Comment-Date: Wed, 01 May 2024 08:05:16 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 15 hours

1
0
0 0

[M] Change in osmo-ttcn3-hacks[master]: RSPDefinitions: add defaults values to ts_authenticateClientResponseEs9

by laforge

Attention is currently required from: dexter. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36674?usp=email ) Change subject: RSPDefinitions: add defaults values to ts_authenticateClientResponseEs9 ...................................................................... Patch Set 1: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36674?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: I07d942a58a3c1c29c37fcaa50d3a274ce8b026bc Gerrit-Change-Number: 36674 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-Attention: dexter <pmaier(a)sysmocom.de> Gerrit-Comment-Date: Wed, 01 May 2024 08:05:12 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 15 hours

1
0
0 0

[M] Change in osmo-ttcn3-hacks[master]: RSPDefinitions: add separate template for CtxParams1

by laforge

Attention is currently required from: dexter. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36673?usp=email ) Change subject: RSPDefinitions: add separate template for CtxParams1 ...................................................................... Patch Set 1: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36673?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: Iba6c3780f9f3aec5742d53b3bd7b0c0392b25761 Gerrit-Change-Number: 36673 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-Attention: dexter <pmaier(a)sysmocom.de> Gerrit-Comment-Date: Wed, 01 May 2024 08:05:06 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 15 hours

1
0
0 0

[S] Change in osmo-ttcn3-hacks[master]: RSPDefinitions: add defaults for initiateAuthenticationResponse/Request

by laforge

Attention is currently required from: dexter. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36672?usp=email ) Change subject: RSPDefinitions: add defaults for initiateAuthenticationResponse/Request ...................................................................... Patch Set 1: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36672?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: I3842569f36dfb94e61afffaa03353b552e001c72 Gerrit-Change-Number: 36672 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-Attention: dexter <pmaier(a)sysmocom.de> Gerrit-Comment-Date: Wed, 01 May 2024 08:05:01 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 15 hours

1
0
0 0

[M] Change in osmo-ttcn3-hacks[master]: RSPDefinitions: add separate template for serverSigned1

by laforge

Attention is currently required from: dexter. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36671?usp=email ) Change subject: RSPDefinitions: add separate template for serverSigned1 ...................................................................... Patch Set 1: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36671?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: Ic50676ac2863173b72765afc44794a56d03413a5 Gerrit-Change-Number: 36671 Gerrit-PatchSet: 1 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-Attention: dexter <pmaier(a)sysmocom.de> Gerrit-Comment-Date: Wed, 01 May 2024 08:04:44 +0000 Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment

6 days, 15 hours

1
0
0 0

[XL] Change in osmo-ttcn3-hacks[master]: IPAd_Tests: add testsuite for an IPAd

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36229?usp=email ) Change subject: IPAd_Tests: add testsuite for an IPAd ...................................................................... IPAd_Tests: add testsuite for an IPAd With this patch we add a testsuite that can be used to test an IPAd implementation. The testsuite emulates the ESipa and the ES10x (pcsc cardreader) interface and is capable of testing a direct profile download and other ESipa features like the execution of an eIM package (eCO, PSMO). Change-Id: Ic9ea8c69e56a2e8ddf0f506861ece6d40cbcb06d Related: SYS#6564 --- M .checkpatch.conf M Makefile A ipad/IPAd_Tests.cfg A ipad/IPAd_Tests.default A ipad/IPAd_Tests.ttcn A ipad/example_ca/pki/ca.crt A ipad/example_ca/pki/certs_by_serial/2AA3F8FFC3B562AFC67845389A5F2C5A.pem A ipad/example_ca/pki/certs_by_serial/FAEE71AC9CF85B804DCE4BD357F83209.pem A ipad/example_ca/pki/index.txt A ipad/example_ca/pki/index.txt.attr A ipad/example_ca/pki/index.txt.attr.old A ipad/example_ca/pki/index.txt.old A ipad/example_ca/pki/issued/alttest.cabundle A ipad/example_ca/pki/issued/alttest.crt A ipad/example_ca/pki/issued/alttest.notes A ipad/example_ca/pki/issued/testsuite.cabundle A ipad/example_ca/pki/issued/testsuite.crt A ipad/example_ca/pki/issued/testsuite.notes A ipad/example_ca/pki/openssl-easyrsa.cnf A ipad/example_ca/pki/private/alttest.key A ipad/example_ca/pki/private/ca.key A ipad/example_ca/pki/private/testsuite.key A ipad/example_ca/pki/reqs/alttest.req A ipad/example_ca/pki/reqs/testsuite.req A ipad/example_ca/pki/safessl-easyrsa.cnf A ipad/example_ca/pki/serial A ipad/example_ca/pki/serial.old A ipad/example_ca/pki/vars A ipad/example_ca/pki/vars.example A ipad/gen_links.sh A ipad/regen_makefile.sh M regen-makefile.sh 32 files changed, 2,177 insertions(+), 2 deletions(-) Approvals: Jenkins Builder: Verified pespin: Looks good to me, but someone else must approve laforge: Looks good to me, approved diff --git a/.checkpatch.conf b/.checkpatch.conf index 700e952..2317bec 100644 --- a/.checkpatch.conf +++ b/.checkpatch.conf @@ -1,2 +1,5 @@ --exclude ^library/sbcap/.*\.asn$ --exclude ^library/DIAMETER_Types.ttcn$ +--exclude ^ipad/example_ca/pki/certs_by_serial/.*\.pem$ +--exclude ^ipad/example_ca/pki/issued/.*\.crt$ +--exclude ^ipad/example_ca/vars$ \ No newline at end of file diff --git a/Makefile b/Makefile index bd88ca5..d216aab 100644 --- a/Makefile +++ b/Makefile @@ -30,6 +30,7 @@ hnbgw \ hnodeb \ hss \ + ipad \ mgw \ mme \ msc \ diff --git a/ipad/IPAd_Tests.cfg b/ipad/IPAd_Tests.cfg new file mode 100644 index 0000000..ae44ac5 --- /dev/null +++ b/ipad/IPAd_Tests.cfg @@ -0,0 +1,23 @@ +[ORDERED_INCLUDE] +# Common configuration, shared between test suites +"../Common.cfg" +# testsuite specific configuration, not expected to change +"./IPAd_Tests.default" + +# Local configuration below + +[LOGGING] + +[TESTPORT_PARAMETERS] +system.HTTP_server_port.use_notification_ASPs := "no" +system.HTTP_server_port.KEYFILE := "./example_ca/pki/private/alttest.key" +system.HTTP_server_port.CERTIFICATEFILE := "./example_ca/pki/issued/alttest.crt" +system.HTTP_server_port.PASSWORD := "katinka1" +system.HTTP_server_port.http_debugging := "yes" + +[MODULE_PARAMETERS] + +[MAIN_CONTROLLER] + +[EXECUTE] +IPAd_Tests.control diff --git a/ipad/IPAd_Tests.default b/ipad/IPAd_Tests.default new file mode 100644 index 0000000..95b42e9 --- /dev/null +++ b/ipad/IPAd_Tests.default @@ -0,0 +1,8 @@ +[LOGGING] +mtc.FileMask := LOG_ALL | TTCN_DEBUG | TTCN_MATCHING; // | DEBUG_ENCDEC; + +[TESTPORT_PARAMETERS] + +[MODULE_PARAMETERS] + +[EXECUTE] diff --git a/ipad/IPAd_Tests.ttcn b/ipad/IPAd_Tests.ttcn new file mode 100644 index 0000000..35ab79f --- /dev/null +++ b/ipad/IPAd_Tests.ttcn @@ -0,0 +1,708 @@ +/* IPAd testsuite in TTCN-3 + * + * Author: Philipp Maier <pmaier(a)sysmocom.de> / sysmocom - s.f.m.c. GmbH + * + * Released under the terms of GNU General Public License, Version 2 or + * (at your option) any later version. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +module IPAd_Tests { + +import from Misc_Helpers all; +import from General_Types all; +import from Osmocom_Types all; + +import from SGP32Definitions all; +import from SGP32Definitions_Types all; +import from SGP32Definitions_Templates all; + +import from RSPDefinitions all; +import from RSPDefinitions_Types all; +import from RSPDefinitions_Templates all; + +import from PKIX1Explicit88 all; +import from PKIX1Explicit88_Templates all; +import from PKIX1Explicit88_Types all; + +import from HTTP_Server_Emulation all; +import from HTTPmsg_Types all; + +import from VPCD_Types all; +import from VPCD_CodecPort all; +import from VPCD_Adapter all; + +modulepar { + /* emulated eIM HTTPs server */ + charstring mp_esipa_ip := "127.0.0.1"; + integer mp_esipa_port := 4430; + boolean mp_esipa_disable_ssl := false; + boolean mp_use_vpcd := true; + float mp_restart_guardtime := 2.0 +} + +/* Altstep to handle card power up/down and ATR transmission */ +private altstep as_vpcd_atr() runs on VPCD_Adapter_CT { + [] VPCD.receive(tr_VPCD_Recv(g_vpcd_conn_id, tr_VPCD_CTRL_ATR)) { + f_vpcd_send(ts_VPCD_DATA('3B9F96801FC78031A073BE21136743200718000001A5'O)); + repeat; + } + [] VPCD.receive(tr_VPCD_Recv(g_vpcd_conn_id, tr_VPCD_CTRL_OFF)) { + repeat; + } + [] VPCD.receive(tr_VPCD_Recv(g_vpcd_conn_id, tr_VPCD_CTRL_ON)) { + repeat; + } +} + +/* Helper template to format HTTP responses */ +private template (value) HTTPMessage ts_http_resp(template (value) octetstring resp := ''O) := { + response_binary := { + client_id := omit, + version_major := 1, + version_minor := 1, + statuscode := 200, + statustext := "OK", + /* See also SGP.32, section 6.1.1 */ + header := { + { + header_name := "X-Admin-Protocol", + header_value := "gsma/rsp/v1.0.0" + }, + { + header_name := "Content-Type", + header_value := "application/x-gsma-rsp-asn1" + }, + { + header_name := "Content-Length", + header_value := int2str(lengthof(resp)) + } + }, + body := resp + } +} + +type component MTC_CT { + timer g_Tguard; + + /* HTTP server */ + var HTTP_Server_Emulation_CT vc_HTTP; +}; + +type component IPAd_ConnHdlr extends HTTP_ConnHdlr, VPCD_Adapter_CT { + var IPAd_ConnHdlrPars g_pars; +}; + +type record IPAd_ConnHdlrPars { + /* TODO: add some useful parameters */ +}; + +private function f_init_pars() +runs on MTC_CT return IPAd_ConnHdlrPars { + var IPAd_ConnHdlrPars pars := { + /* TODO: fill parameters with meaninful values */ + }; + return pars; +} + +private altstep as_Tguard() runs on MTC_CT { + [] g_Tguard.timeout { + Misc_Helpers.f_shutdown(__BFILE__, __LINE__, fail, "Tguard timeout"); + } +} + +private type function void_fn(charstring id) runs on IPAd_ConnHdlr; + +private function f_init_handler(void_fn fn, charstring id, IPAd_ConnHdlrPars pars) runs on IPAd_ConnHdlr { + g_pars := pars; + + /* Initialize VPDC (virtual smartcard) */ + if (mp_use_vpcd) { + VPCD_Adapter.f_connect(); + activate(as_vpcd_atr()); + } + + fn.apply(id); +} + +private function f_start_handler(void_fn fn, IPAd_ConnHdlrPars pars) +runs on MTC_CT return IPAd_ConnHdlr { + var IPAd_ConnHdlr vc_conn; + var charstring id := testcasename(); + + vc_conn := IPAd_ConnHdlr.create(id); + + if (isbound(vc_HTTP)) { + connect(vc_conn:HTTP_SRV, vc_HTTP:CLIENT); + connect(vc_conn:HTTP_SRV_PROC, vc_HTTP:CLIENT_PROC); + } + + vc_conn.start(f_init_handler(fn, id, pars)); + return vc_conn; +} + +function f_init_esipa(charstring id) runs on MTC_CT { + var HttpServerEmulationCfg http_cfg := { + http_bind_ip := mp_esipa_ip, + http_bind_port := mp_esipa_port, + use_ssl := not mp_esipa_disable_ssl + }; + + vc_HTTP := HTTP_Server_Emulation_CT.create(id); + vc_HTTP.start(HTTP_Server_Emulation.main(http_cfg)); +} + +private function f_init(charstring id, float t_guard := 40.0) runs on MTC_CT { + /* Ensure a guard time inbetween tests. This is to make sure that the IPAd is able to finish its current poll + * cycle. In practice this means that the IPAd will notice that the connectivity towards the eIM is lost and + * since this is one of the conditions for ending the current poll cycle it will exit. A freshly restarted + * IPAd is a mandatory start condition for the tests since all tests expect the initialization procedure + * (selection of ISD-P etc.) that the IPAd executes on startup. */ + f_sleep(mp_restart_guardtime); + + g_Tguard.start(t_guard); + activate(as_Tguard()); + f_init_esipa(id); +} + +/* Expect a GetResponse request from IUT and transfer as many response bytes the IUT requests */ +private function f_vpcd_get_response(octetstring response) runs on IPAd_ConnHdlr return integer { + var octetstring sw; + var VPCD_PDU req; + var integer len; + + req := f_vpcd_exp(tr_VPCD_DATA(?)); + len := oct2int(req.u.data[4]); + if (len == 0) { + len := 256; + } + + /* Make sure that the request APDU is actually a GetResponse request (on logical channel 2) */ + if (substr(req.u.data, 0, 4) != '01c00000'O) { + setverdict(fail, "unexpected APDU, expecting GetResponse"); + return 0; + } + + /* Compute status word, in case the requested data is shorter then the response data we intend to send, we must + * tell the IUT that there is still data available, so that a consecutive GetResponse request can be issued. + * (caller must check return code to determine if a consecutive GetResponse is needed/expected) */ + if (lengthof(response) > len) { + if (lengthof(response) - len > 255) { + sw := '6100'O; + } else { + sw := '61'O & int2oct(lengthof(response) - len, 1); + } + } else { + sw := '9000'O; + } + + /* Send response to IUT */ + f_vpcd_send(ts_VPCD_DATA(substr(response, 0, len) & sw)); + + /* Return how many bytes have sent */ + return len; +} + +/* Expect one or more GetResponse requests from IUT until the full response is transferred */ +private function f_vpcd_get_response_multi(octetstring response) runs on IPAd_ConnHdlr { + var integer bytes_sent := 0; + var octetstring response_remainder := response; + + while (true) { + response_remainder := substr(response_remainder, bytes_sent, lengthof(response_remainder) - bytes_sent); + bytes_sent := f_vpcd_get_response(response_remainder); + + /* Check if we reached the last chunk */ + if (lengthof(response_remainder) <= bytes_sent) { + return; + } + } +} + +/* Expect one or more STORE DATA requests until the IUT has completed the transmision cycle */ +private function f_vpcd_store_data(octetstring exp := ''O) runs on IPAd_ConnHdlr return octetstring { + + var VPCD_PDU req; + var octetstring block; + var integer len; + var octetstring data := ''O; + + while (true) { + req := f_vpcd_exp(tr_VPCD_DATA(?)); + + /* Make sure that the request APDU is actually a STORE DATA request (on logical channel 1) */ + if (substr(req.u.data, 0, 3) != '81E291'O and + substr(req.u.data, 0, 3) != '81E211'O) { + setverdict(fail, "unexpected APDU, expecting GetResponse"); + return ''O; + } + + if (lengthof(req.u.data) - 5 > 255) { + len := 255; + } else { + len := lengthof(req.u.data) - 5; + } + block := substr(req.u.data, 5, len); + data := data & block; + + /* The final status word contains the length of the response. We can not send it right now + * since the caller must first process the received data block and compute a response. When + * the exact length of the response data is known. The final status word can be sent using + * f_vpcd_store_data_final_ack() */ + if (substr(req.u.data, 2, 1) == '91'O) { + if (exp != ''O and block != exp) { + setverdict(fail, "received block contains unexpected data (", block, " != ", exp, ")"); + } + return block; + } + + f_vpcd_send(ts_VPCD_DATA('9000'O)); + } + + setverdict(fail, "no data? (we should not reach this code path)"); + return ''O; +} + +/* Send a final status word to acknowledge the last block of a STORE DATA transmission. The status word will tell + * the IUT how many response bytes are available. (The IUT will immediately begin to fetch the response using + * one or more GetResponse requests */ +private function f_vpcd_store_data_final_ack(integer response_len) runs on IPAd_ConnHdlr { + var octetstring second_sw_byte; + var octetstring first_sw_byte; + + if (response_len > 255) { + second_sw_byte := '00'O; + } else { + second_sw_byte := int2oct(response_len, 1); + } + + if (response_len > 0) { + first_sw_byte := '61'O; /* 61xx */ + } else { + first_sw_byte := '90'O; /* 9000 */ + } + + f_vpcd_send(ts_VPCD_DATA(first_sw_byte & second_sw_byte)); +} + +/* Expect a pre-defined request (optional), and send a pre-defined response. This is a shortcut that only works in case + * the response does not depend on the request. */ +private function f_vpcd_transceive(octetstring response, octetstring expected_request := ''O) runs on IPAd_ConnHdlr { + + /* In case we do not use the VPCD (because we have some other kind of eUICC emulation or even a real card + * present), we just skip. */ + if (mp_use_vpcd == false) { + return; + } + + f_vpcd_store_data(expected_request); + f_vpcd_store_data_final_ack(lengthof(response)); + if (response != ''O) { + f_vpcd_get_response_multi(response); + } +} + +/* Handle the opening of logical channel 1 and the selection of the ISD-R */ +private function f_es10x_init() runs on IPAd_ConnHdlr { + var charstring eim_fqdn := mp_esipa_ip & ":" & int2str(mp_esipa_port); + + /* If we decide not to use vpcd, then we must not initialize anything here */ + if (mp_use_vpcd == false) { + return; + } + + /* Expect a MANAGE CHANNEL request that opens logical channel 1 */ + f_vpcd_exp(tr_VPCD_DATA('0070000100'O)); + f_vpcd_send(ts_VPCD_DATA('9000'O)); + + /* Expect selection of ISD-R request */ + f_vpcd_exp(tr_VPCD_DATA('01a4040410a0000005591010ffffffff8900000100'O)); + f_vpcd_send(ts_VPCD_DATA('6121'O)); /* 21 bytes of response, which are not requested by the ipad. */ + + /* Expect the IPAd to query the eID from the eUICC */ + f_vpcd_transceive(enc_GetEuiccDataResponse(valueof(ts_getEuiccDataResponse)), 'BF3E035C015A'O); + + /* Expect the IPAd to query the eIM configuration data from the eUICC */ + f_vpcd_transceive(enc_GetEimConfigurationDataResponse(valueof(ts_getEimConfigurationDataResponse(eim_fqdn))), 'BF5500'O); +} + +/* Handle the closing of logical channel 1 */ +private function f_es10x_close() runs on IPAd_ConnHdlr { + + /* Expect a MANAGE CHANNEL request that closes logical channel 1 */ + f_vpcd_exp(tr_VPCD_DATA('0070800100'O)); + f_vpcd_send(ts_VPCD_DATA('9000'O)); +} + +/* Receive ESipa HTTP request */ +private function f_esipa_receive() runs on IPAd_ConnHdlr return EsipaMessageFromIpaToEim { + var HTTPMessage esipa_req; + timer T := 10.0; + var EsipaMessageFromIpaToEim request; + + T.start; + alt { + [] HTTP_SRV.receive({ request_binary := ? }) -> value esipa_req { + request := dec_EsipaMessageFromIpaToEim(esipa_req.request_binary.body); + } + [] T.timeout { + setverdict(fail, "no HTTP request received?"); + } + } + + return request; +} + +/* Send ESipa HTTP response */ +private function f_esipa_send(EsipaMessageFromEimToIpa response) runs on IPAd_ConnHdlr { + var octetstring esipa_res; + esipa_res := enc_EsipaMessageFromEimToIpa(response); + HTTP_SRV.send(ts_http_resp(esipa_res)); +} + +/* Perform one ESipa HTTP request/response cycle */ +private function f_esipa_transceive(EsipaMessageFromEimToIpa response) runs on IPAd_ConnHdlr return EsipaMessageFromIpaToEim { + var EsipaMessageFromIpaToEim request; + + request := f_esipa_receive(); + f_esipa_send(response); + + return request; +} + +/* Perform one ESipa HTTP request/response cycle but with an empty response */ +private function f_esipa_transceive_empty_response() runs on IPAd_ConnHdlr return EsipaMessageFromIpaToEim { + var EsipaMessageFromIpaToEim request; + + request := f_esipa_receive(); + HTTP_SRV.send(ts_http_resp(''O)); + return request; +} + +/* Common Mutual Authentication Procedure, see also: GSMA SGP.22, section 3.0.1 */ +private function f_proc_cmn_mtl_auth() runs on IPAd_ConnHdlr { + var EsipaMessageFromIpaToEim esipa_req; + var EsipaMessageFromEimToIpa esipa_res; + + /* Step #1 */ + f_vpcd_transceive(enc_EUICCInfo1(valueof(ts_EUICCInfo1)), 'bf2000'O); + + /* Step #2-#4 */ + f_vpcd_transceive(enc_GetEuiccChallengeResponse(valueof(ts_GetEuiccChallengeResponse)), 'bf2e00'O); + + /* Step #5-#10 */ + esipa_req := f_esipa_receive(); + if (not match(esipa_req, tr_initiateAuthenticationRequestEsipa)) { + setverdict(fail, "unexpected message from IPAd"); + } + esipa_res := valueof(ts_initiateAuthenticationResponseEsipa(euiccChallenge := esipa_req.initiateAuthenticationRequestEsipa.euiccChallenge)); + f_esipa_send(esipa_res); + + /* Step #11-#14 */ + f_vpcd_transceive(enc_AuthenticateServerResponse(valueof(ts_authenticateServerResponse))); + + /* Step #15-#17 */ + esipa_req := f_esipa_transceive(valueof(ts_authenticateClientResponseEsipa_dpe)); + if (not match(esipa_req, tr_authenticateClientRequestEsipa)) { + setverdict(fail, "unexpected message from IPAd"); + } +} + +/* ********************************************* */ +/* ********** BELOW ONLY TESTCASES! ************ */ +/* ********************************************* */ + + +/* A testcase to try out an the Common Mutual Authentication Procedure */ +private function f_TC_proc_direct_prfle_dwnld(charstring id) runs on IPAd_ConnHdlr { + var EsipaMessageFromIpaToEim esipa_req; + var EsipaMessageFromEimToIpa esipa_res; + var integer i; + var charstring eim_fqdn := mp_esipa_ip & ":" & int2str(mp_esipa_port); + var BoundProfilePackage boundProfilePackage; + + f_es10x_init(); + f_http_register(); + + /* Prepare direct profile download by responding with a download trigger request */ + esipa_res := valueof(ts_getEimPackageResponse_dnlTrigReq); + esipa_req := f_esipa_transceive(esipa_res); + if (not match(esipa_req, tr_getEimPackageRequest)) { + setverdict(fail, "unexpected message from IPAd"); + } + + /* Expect the IPAd to query the eIM configuration data from the eUICC */ + f_vpcd_transceive(enc_GetEimConfigurationDataResponse(valueof(ts_getEimConfigurationDataResponse(eim_fqdn))), 'BF5500'O); + + f_proc_cmn_mtl_auth(); + + f_vpcd_transceive(enc_PrepareDownloadResponse(valueof(ts_prepareDownloadResponse))); + + esipa_res := valueof(ts_getBoundProfilePackageResponseEsipa); + esipa_req := f_esipa_transceive(esipa_res); + boundProfilePackage := esipa_res.getBoundProfilePackageResponseEsipa.getBoundProfilePackageOkEsipa.boundProfilePackage; + /* TODO: match response (we do not have a template yet) */ + + /* initialiseSecureChannelRequest */ + f_vpcd_transceive(''O); + + /* Step #3 (ES8+.ConfigureISDP) */ + for (i := 0; i < sizeof(boundProfilePackage.firstSequenceOf87); i := i + 1) { + f_vpcd_transceive(''O); + } + + /* Step #4 (ES8+.StoreMetadata) */ + for (i := 0; i < sizeof(boundProfilePackage.sequenceOf88); i := i + 1) { + f_vpcd_transceive(''O); + } + + /* Step #5 (ES8+.ReplaceSessionKeys", optional, left out) */ + if (ispresent(boundProfilePackage.secondSequenceOf87)) { + for (i := 0; i < sizeof(boundProfilePackage.secondSequenceOf87); i := i + 1) { + f_vpcd_transceive(''O); + } + } + + /* Step #6 (ES8+.LoadProfileElements) */ + for (i := 0; i < sizeof(boundProfilePackage.sequenceOf86); i := i + 1) { + if (i < sizeof(boundProfilePackage.sequenceOf86) - 1) { + f_vpcd_transceive(''O); + } else { + /* In the last message we send the ProfileInstallationResult */ + f_vpcd_transceive(enc_ProfileInstallationResult(valueof(ts_profileInstallationResult))); + } + } + + /* Receive ProfileInstallationResult from iPAD->eIM */ + esipa_req := f_esipa_transceive_empty_response(); + /* TODO: match response (we do not have a template yet) */ + + /* Receive RemoveNotificationFromList from iPAD->eUICC */ + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + + /* Wait some time until the the last HTTP response is actually delivered */ + f_sleep(2.0); + + f_es10x_close(); + + setverdict(pass); +} +testcase TC_proc_direct_prfle_dwnld() runs on MTC_CT { + var charstring id := testcasename(); + var IPAd_ConnHdlrPars pars := f_init_pars(); + var IPAd_ConnHdlr vc_conn; + f_init(id); + vc_conn := f_start_handler(refers(f_TC_proc_direct_prfle_dwnld), pars); + vc_conn.done; + setverdict(pass); +} + + +/* A testcase to try out an the Generic eUICC Package Download and Execution Procedure */ +private function f_TC_proc_euicc_pkg_dwnld_exec(charstring id) runs on IPAd_ConnHdlr { + var EsipaMessageFromIpaToEim esipa_req; + var EsipaMessageFromEimToIpa esipa_res; + + f_es10x_init(); + f_http_register(); + + /* Step #1-#2 */ + esipa_res := valueof(ts_getEimPackageResponse_euiccPkgReq); + esipa_req := f_esipa_transceive(esipa_res); + if (not match(esipa_req, tr_getEimPackageRequest)) { + setverdict(fail, "unexpected message from IPAd"); + } + + /* Step #3-#8 */ + f_vpcd_transceive(enc_EuiccPackageResult(valueof(ts_euiccPackageResult))); + + /* Step #9 */ + f_vpcd_transceive(enc_RetrieveNotificationsListResponse(valueof(ts_retrieveNotificationsListResponse))); + + /* Step #10-14 */ + esipa_res := valueof(ts_provideEimPackageResultResponse_eimAck(eimAcknowledgements := {1,2,3,4})); + esipa_req := f_esipa_transceive(esipa_res); + if (not match(esipa_req, tr_provideEimPackageResult_ePRAndNotif)) { + setverdict(fail, "unexpected message from IPAd"); + } + + /* Step #15-17 */ + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + + /* Wait some time until the the last HTTP response is actually delivered */ + f_sleep(2.0); + + f_es10x_close(); + + setverdict(pass); +} + +testcase TC_proc_euicc_pkg_dwnld_exec() runs on MTC_CT { + var charstring id := testcasename(); + var IPAd_ConnHdlrPars pars := f_init_pars(); + var IPAd_ConnHdlr vc_conn; + f_init(id); + vc_conn := f_start_handler(refers(f_TC_proc_euicc_pkg_dwnld_exec), pars); + vc_conn.done; + setverdict(pass); +} + + +/* A testcase to try out an the Generic eUICC Package Download and Execution Procedure, but this time we force a rollback meneuver */ +private function f_TC_proc_euicc_pkg_dwnld_exec_rollback(charstring id) runs on IPAd_ConnHdlr { + var EsipaMessageFromIpaToEim esipa_req; + var EsipaMessageFromEimToIpa esipa_res; + + f_es10x_init(); + f_http_register(); + + /* Step #1-#2 */ + esipa_res := valueof(ts_getEimPackageResponse_euiccPkgReq); + esipa_req := f_esipa_transceive(esipa_res); + if (not match(esipa_req, tr_getEimPackageRequest)) { + setverdict(fail, "unexpected message from IPAd"); + } + + /* Step #3-#8 */ + f_vpcd_transceive(enc_EuiccPackageResult(valueof(ts_euiccPackageResult))); + + /* Step #9 */ + f_vpcd_transceive(enc_RetrieveNotificationsListResponse(valueof(ts_retrieveNotificationsListResponse))); + + /* We now ignore the response from the IPAd. The IPAd will interpret this as a disturbed IP connection. */ + f_esipa_receive(); + + /* To fix the problem, the IPAd will now try a profile rollback meneuver. */ + f_vpcd_transceive(enc_ProfileRollbackResponse(valueof(ts_profileRollbackResponse)), + enc_ProfileRollbackRequest(valueof(ts_profileRollbackRequest))); + + /* At this point the old profile is active again. The IPAd is now expected to start at Step #9 again + * to continue the procedure normally. */ + + /* Step #9 */ + f_vpcd_transceive(enc_RetrieveNotificationsListResponse(valueof(ts_retrieveNotificationsListResponse))); + + /* Step #10-14 */ + esipa_res := valueof(ts_provideEimPackageResultResponse_eimAck(eimAcknowledgements := {1,2,3,4})); + esipa_req := f_esipa_transceive(esipa_res); + if (not match(esipa_req, tr_provideEimPackageResult_ePRAndNotif)) { + setverdict(fail, "unexpected message from IPAd"); + } + + /* Step #15-17 */ + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + f_vpcd_transceive(enc_NotificationSentResponse(valueof(ts_notificationSentResponse))); + + /* Wait some time until the the last HTTP response is actually delivered */ + f_sleep(2.0); + + f_es10x_close(); + + setverdict(pass); +} + +testcase TC_proc_euicc_pkg_dwnld_exec_rollback() runs on MTC_CT { + var charstring id := testcasename(); + var IPAd_ConnHdlrPars pars := f_init_pars(); + var IPAd_ConnHdlr vc_conn; + f_init(id); + vc_conn := f_start_handler(refers(f_TC_proc_euicc_pkg_dwnld_exec_rollback), pars); + vc_conn.done; + setverdict(pass); +} + + +/* A testcase to try out an IpaEuiccDataRequest */ +private function f_TC_proc_euicc_data_req(charstring id) runs on IPAd_ConnHdlr { + var EsipaMessageFromIpaToEim esipa_req; + var EsipaMessageFromEimToIpa esipa_res; + var charstring eim_fqdn := mp_esipa_ip & ":" & int2str(mp_esipa_port); + + f_es10x_init(); + f_http_register(); + + /* IPAd requests a package, we tell it to execute an ipaEuiccDataRequest */ + esipa_res := valueof(ts_getEimPackageResponse_euiccDataReq); + esipa_req := f_esipa_transceive(esipa_res); + if (not match(esipa_req, tr_getEimPackageRequest)) { + setverdict(fail, "unexpected message from IPAd"); + } + + /* IPAd will obtain the data from the eUICC */ + f_vpcd_transceive(enc_EuiccConfiguredAddressesResponse(valueof(ts_euiccConfiguredAddressesResponse))); + f_vpcd_transceive(enc_EUICCInfo1(valueof(ts_EUICCInfo1))); + f_vpcd_transceive(enc_EUICCInfo2(valueof(ts_EUICCInfo2))); + f_vpcd_transceive(enc_GetEimConfigurationDataResponse(valueof(ts_getEimConfigurationDataResponse(eim_fqdn)))); + f_vpcd_transceive(enc_GetCertsResponse(valueof(ts_getCertsResponse))); + f_vpcd_transceive(enc_RetrieveNotificationsListResponse(valueof(ts_retrieveNotificationsListResponse))); + + /* IPAd will return the data to us */ + esipa_res := valueof(ts_provideEimPackageResultResponse_eimAck(eimAcknowledgements := {1,2,3,4})); + esipa_req := f_esipa_transceive(esipa_res); + + /* Wait some time until the the last HTTP response is actually delivered */ + f_sleep(2.0); + + f_es10x_close(); + + setverdict(pass); +} +testcase TC_proc_euicc_data_req() runs on MTC_CT { + var charstring id := testcasename(); + var IPAd_ConnHdlrPars pars := f_init_pars(); + var IPAd_ConnHdlr vc_conn; + f_init(id); + vc_conn := f_start_handler(refers(f_TC_proc_euicc_data_req), pars); + vc_conn.done; + setverdict(pass); +} + +/* A testcase to try out what happens when the eIM package request is rejected */ +private function f_TC_get_eim_pkg_req_rej(charstring id) runs on IPAd_ConnHdlr { + var EsipaMessageFromIpaToEim esipa_req; + var EsipaMessageFromEimToIpa esipa_res; + + f_es10x_init(); + f_http_register(); + + /* IPAd requests a package, we respond with an eimPackageError code 127 (undefined error) */ + esipa_res := valueof(ts_getEimPackageResponse_eimPkgErrUndef); + esipa_req := f_esipa_transceive(esipa_res); + if (not match(esipa_req, tr_getEimPackageRequest)) { + setverdict(fail, "unexpected message from IPAd"); + } + + /* Wait some time until the the last HTTP response is actually delivered */ + f_sleep(2.0); + + f_es10x_close(); + + setverdict(pass); +} +testcase TC_get_eim_pkg_req_rej() runs on MTC_CT { + var charstring id := testcasename(); + var IPAd_ConnHdlrPars pars := f_init_pars(); + var IPAd_ConnHdlr vc_conn; + f_init(id); + vc_conn := f_start_handler(refers(f_TC_get_eim_pkg_req_rej), pars); + vc_conn.done; + setverdict(pass); +} + +control { + execute ( TC_proc_direct_prfle_dwnld() ); + execute ( TC_proc_euicc_pkg_dwnld_exec() ); + execute ( TC_proc_euicc_pkg_dwnld_exec_rollback() ); + execute ( TC_proc_euicc_data_req() ); + execute ( TC_get_eim_pkg_req_rej() ); +} + +} diff --git a/ipad/example_ca/pki/ca.crt b/ipad/example_ca/pki/ca.crt new file mode 100644 index 0000000..4dfdf16 --- /dev/null +++ b/ipad/example_ca/pki/ca.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDTTCCAjWgAwIBAgIUZjLnFa4g4tdrDjujUMElWkVpFKAwDQYJKoZIhvcNAQEL +BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwIBcNMjQwNDI1MTUzMzU2WhgPMzAy +MzA4MjcxNTMzNTZaMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR8Y1ESTRhfjVNZ0+nuhQsvkMhZnOMpaEoJz +pCzHV0Cj6Mi814gPanvflAX/9F+4IjQ2evm7pNKNUpt1vf6kKTmco0EX672spP4p +8KOQaki/+I/AMYCwAGOvmCMYpHMzNTkV9PZIUUyzLG5YaigiMtJpWY+ji/G+kxAg +YzPr4WhTjG+mEoPjfc9LQH5dh/dP0cdkoZuIHWx6kFxAw/Okb1EF/oGrUT4pOLzg +/Z5wkOYZhlK0bicCqvYfsUjJ4y0ftCXfjQUtAYfQ4gq6revQ7eHCNKixh+BB8yXO +7/z6qrTfMTmN2Ekdo5nAyAMOeugaExaSLwYti3afX71RuqrtTwIDAQABo4GQMIGN +MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFNtLqZUsrQWfz8g83jssJ4HXKGVIMFEG +A1UdIwRKMEiAFNtLqZUsrQWfz8g83jssJ4HXKGVIoRqkGDAWMRQwEgYDVQQDDAtF +YXN5LVJTQSBDQYIUZjLnFa4g4tdrDjujUMElWkVpFKAwCwYDVR0PBAQDAgEGMA0G +CSqGSIb3DQEBCwUAA4IBAQAADFdB7R2mwfMWj3vUR77v9f3wqJdKgUyleXGKu6ot +9YL8vYAJUL9sojZ8KeR47PDVpOs7v0Ll3RcfqRrDWQ9/MiMqSMcxh/i9dvyf5d9s +o2kxqiPaMVPkLzGKE04I0XtAlszqOBYsGO83D2FuJsIWglvvOjNYvJ05LMVJObnq +gpwY3TwhoKeWAQg6U5Yv6dLDjvbYPTwgArNpY97BxY0GZNyiyJgyag21cVui+tsd +uLKVKhmW/EhCC52wsEMwLAsiOjNpVXwAkPWaWAbUJIJTyuc2ZFpx9D2T40H1U8Pj +6UXwCkZ7C9qwKKyusG8duf/Xsdsft3Pm8XykSWWya6Um +-----END CERTIFICATE----- diff --git a/ipad/example_ca/pki/certs_by_serial/2AA3F8FFC3B562AFC67845389A5F2C5A.pem b/ipad/example_ca/pki/certs_by_serial/2AA3F8FFC3B562AFC67845389A5F2C5A.pem new file mode 100644 index 0000000..14904d1 --- /dev/null +++ b/ipad/example_ca/pki/certs_by_serial/2AA3F8FFC3B562AFC67845389A5F2C5A.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 2a:a3:f8:ff:c3:b5:62:af:c6:78:45:38:9a:5f:2c:5a + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Easy-RSA CA + Validity + Not Before: Apr 25 15:34:30 2024 GMT + Not After : Aug 27 15:34:30 3023 GMT + Subject: CN=testsuite + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:bc:0d:37:f1:b1:2d:4c:0e:af:a1:51:85:92:1f: + 1b:3c:ef:04:18:24:d1:d6:0e:eb:73:64:86:da:c6: + 65:e2:b2:74:fb:6e:c0:b9:5d:fe:67:61:44:3a:bf: + 20:6e:a7:53:9c:7b:8e:6b:ec:c4:55:ec:0b:f9:44: + 08:6a:54:35:59:82:9a:63:60:0b:37:dd:22:5d:e3: + 43:81:4e:51:ae:0a:67:31:bb:b1:d3:70:0e:a8:46: + 2f:11:ec:b6:e9:58:25:0a:c9:72:4a:97:f1:d5:7a: + 0d:68:90:eb:73:c2:e1:81:12:cd:08:1b:21:e9:ce: + 58:3e:dc:81:de:b7:65:31:bd:c4:8b:5a:d1:06:9b: + c0:ea:b7:63:8f:fb:a5:67:37:7e:d5:69:07:56:67: + f3:e7:37:5d:84:86:52:25:94:9e:6a:60:a2:5c:bf: + 5e:0b:cb:c8:83:1a:17:51:84:f1:16:f0:83:46:b6: + bb:97:f3:4f:ba:41:1f:30:a8:d5:ee:4e:2e:78:00: + 9b:25:fd:0c:ec:cc:57:a3:82:b5:54:56:fd:25:f9: + ff:b8:5f:1b:55:ae:57:16:35:0d:cc:9a:cf:d0:2c: + 4a:dd:d5:ae:2a:7e:76:73:af:b8:d9:a0:35:61:82: + 3d:a0:d1:ce:a3:d8:82:1b:0c:9a:bc:a5:0b:2d:00: + d0:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 20:11:06:2E:BB:B0:0B:05:D4:CE:4F:BC:5F:51:39:E7:96:94:4F:26 + X509v3 Authority Key Identifier: + keyid:DB:4B:A9:95:2C:AD:05:9F:CF:C8:3C:DE:3B:2C:27:81:D7:28:65:48 + DirName:/CN=Easy-RSA CA + serial:66:32:E7:15:AE:20:E2:D7:6B:0E:3B:A3:50:C1:25:5A:45:69:14:A0 + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:testsuite + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 78:b1:28:25:f5:17:7a:c2:a0:2e:b8:bb:15:dc:aa:e8:8f:aa: + ae:f3:48:0e:46:29:71:d7:24:6b:cd:da:4e:b1:8c:1a:40:01: + 79:03:ca:2d:45:76:c9:08:61:50:eb:03:9c:82:9f:d6:37:d8: + 60:42:fc:59:35:b7:42:69:fd:36:45:93:a3:17:df:dd:5d:84: + 19:04:70:4f:c8:5f:3e:96:27:49:03:81:a7:55:2c:16:7e:be: + 65:26:71:48:eb:5b:36:38:c1:a9:87:f0:ad:2e:40:5b:e8:12: + 39:f5:d0:60:71:55:d7:4b:fb:d0:bf:35:11:fb:2e:9c:4f:e6: + b1:35:c6:45:b4:73:68:99:d9:27:fa:4e:98:25:7d:6e:7c:1b: + 22:e8:c2:83:6f:3b:1f:4c:27:70:94:1a:ef:fb:2b:fd:9d:3c: + a2:ce:f2:4b:d1:8e:e7:6d:db:ec:22:1c:b9:b4:c1:bc:17:82: + ea:e1:1f:76:1a:4a:d6:59:b3:24:e5:e4:67:b9:ce:d3:73:67: + dd:48:82:04:bc:8f:50:34:c0:0e:42:6e:7e:63:ac:e6:ab:71: + b7:79:5b:f7:8e:8c:48:ac:ef:ae:c6:b0:e9:ae:d7:94:9b:58: + e9:2b:e8:40:93:1b:62:51:2d:06:a4:ca:8c:e6:7e:8c:5a:d0: + 6d:69:86:6f +-----BEGIN CERTIFICATE----- +MIIDbzCCAlegAwIBAgIQKqP4/8O1Yq/GeEU4ml8sWjANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAgFw0yNDA0MjUxNTM0MzBaGA8zMDIzMDgy +NzE1MzQzMFowFDESMBAGA1UEAwwJdGVzdHN1aXRlMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAvA038bEtTA6voVGFkh8bPO8EGCTR1g7rc2SG2sZl4rJ0 ++27AuV3+Z2FEOr8gbqdTnHuOa+zEVewL+UQIalQ1WYKaY2ALN90iXeNDgU5Rrgpn +Mbux03AOqEYvEey26VglCslySpfx1XoNaJDrc8LhgRLNCBsh6c5YPtyB3rdlMb3E +i1rRBpvA6rdjj/ulZzd+1WkHVmfz5zddhIZSJZSeamCiXL9eC8vIgxoXUYTxFvCD +Rra7l/NPukEfMKjV7k4ueACbJf0M7MxXo4K1VFb9Jfn/uF8bVa5XFjUNzJrP0CxK +3dWuKn52c6+42aA1YYI9oNHOo9iCGwyavKULLQDQ6QIDAQABo4G4MIG1MAkGA1Ud +EwQCMAAwHQYDVR0OBBYEFCARBi67sAsF1M5PvF9ROeeWlE8mMFEGA1UdIwRKMEiA +FNtLqZUsrQWfz8g83jssJ4HXKGVIoRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBD +QYIUZjLnFa4g4tdrDjujUMElWkVpFKAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYD +VR0PBAQDAgWgMBQGA1UdEQQNMAuCCXRlc3RzdWl0ZTANBgkqhkiG9w0BAQsFAAOC +AQEAeLEoJfUXesKgLri7Fdyq6I+qrvNIDkYpcdcka83aTrGMGkABeQPKLUV2yQhh +UOsDnIKf1jfYYEL8WTW3Qmn9NkWToxff3V2EGQRwT8hfPpYnSQOBp1UsFn6+ZSZx +SOtbNjjBqYfwrS5AW+gSOfXQYHFV10v70L81EfsunE/msTXGRbRzaJnZJ/pOmCV9 +bnwbIujCg287H0wncJQa7/sr/Z08os7yS9GO523b7CIcubTBvBeC6uEfdhpK1lmz +JOXkZ7nO03Nn3UiCBLyPUDTADkJufmOs5qtxt3lb946MSKzvrsaw6a7XlJtY6Svo +QJMbYlEtBqTKjOZ+jFrQbWmGbw== +-----END CERTIFICATE----- diff --git a/ipad/example_ca/pki/certs_by_serial/FAEE71AC9CF85B804DCE4BD357F83209.pem b/ipad/example_ca/pki/certs_by_serial/FAEE71AC9CF85B804DCE4BD357F83209.pem new file mode 100644 index 0000000..070adb2 --- /dev/null +++ b/ipad/example_ca/pki/certs_by_serial/FAEE71AC9CF85B804DCE4BD357F83209.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + fa:ee:71:ac:9c:f8:5b:80:4d:ce:4b:d3:57:f8:32:09 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Easy-RSA CA + Validity + Not Before: Apr 25 15:34:18 2024 GMT + Not After : Aug 27 15:34:18 3023 GMT + Subject: CN=alttest + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:94:f6:7e:2b:41:ee:00:d6:f5:2f:54:66:f4:41: + 39:69:ee:64:0b:15:46:59:ce:00:b6:bf:2a:aa:f7: + 0e:75:c4:e5:a1:b7:b3:86:1c:24:06:fa:91:41:f1: + 0b:87:3a:ee:26:27:28:62:1d:ac:35:54:e5:a3:ac: + 48:a7:9a:aa:be:2e:60:52:7c:de:cf:c3:28:11:42: + 57:52:9d:44:24:8f:b0:b6:fb:36:ef:4f:aa:7e:2c: + 57:5e:07:8a:03:fc:18:03:e8:58:6b:88:98:a8:93: + ac:69:01:b1:9c:ef:3b:fe:04:47:9e:28:e2:c6:15: + f9:5c:df:de:24:1e:2f:a4:e0:b2:01:94:7e:b8:00: + 76:b0:dd:36:55:22:f2:2d:3a:c7:b1:d8:67:7e:ca: + 2d:22:b8:dc:9d:87:34:0c:c1:11:c7:72:2b:b8:ed: + 1b:d8:75:6d:0d:49:e1:f6:bf:12:dd:19:84:87:2e: + 6d:c6:7d:7e:42:33:2a:05:a2:ff:5d:07:10:83:a4: + c0:35:a9:f8:00:96:29:9f:bc:53:6c:81:18:7b:e4: + c6:41:54:7f:12:a3:5a:77:cb:0f:cf:52:8c:83:9a: + 30:03:ca:77:65:b2:c0:0b:00:67:86:50:77:b1:f5: + 79:b7:20:62:25:f8:3b:ca:cd:c4:da:d1:c0:81:fd: + db:8b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 04:2E:A0:68:00:D7:DB:D3:E5:73:93:FC:1C:E5:30:78:D1:5B:24:E8 + X509v3 Authority Key Identifier: + keyid:DB:4B:A9:95:2C:AD:05:9F:CF:C8:3C:DE:3B:2C:27:81:D7:28:65:48 + DirName:/CN=Easy-RSA CA + serial:66:32:E7:15:AE:20:E2:D7:6B:0E:3B:A3:50:C1:25:5A:45:69:14:A0 + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:localhost, IP Address:127.0.0.1 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 41:35:5e:7e:14:46:96:3e:c9:8e:fe:88:f8:d6:07:6b:8b:b7: + 8e:02:c4:63:97:79:ec:4a:46:cc:72:4d:7a:cc:9b:13:d9:6b: + 5c:f9:b5:b6:c8:04:cf:f9:e0:23:b2:4e:ec:b0:80:85:84:be: + a9:1d:8d:4e:8b:26:09:d1:50:83:df:a2:d6:cc:ec:8c:36:b0: + c4:a9:cb:14:ba:2d:e2:f3:93:9a:e5:ae:fe:a6:b7:37:c2:17: + 52:17:b2:f3:4e:3a:04:88:9b:50:7e:c5:73:6f:63:5c:ab:32: + 47:0d:1c:b4:63:d4:de:c0:6b:ce:ec:26:8d:8c:40:83:c1:c2: + 29:48:f8:0f:a1:b1:f9:5e:2b:91:fb:0d:32:26:db:73:ef:36: + 03:d1:24:3e:59:8d:39:09:29:61:85:64:69:be:ee:ec:6d:dd: + 6d:7c:93:22:b5:44:19:ed:11:f5:46:7d:f5:be:74:ce:46:85: + 5d:24:9f:4e:b8:27:4b:7f:ba:72:5c:f7:24:10:b6:7b:fb:cb: + a0:d1:59:5b:d3:5f:e9:a3:e9:fd:c3:36:2f:b6:b5:eb:e6:1d: + 9b:71:d6:53:26:95:26:64:14:25:47:b8:3b:d4:96:be:51:98: + e5:4d:cf:47:66:e8:fc:e9:bc:e6:6c:2b:e6:87:d8:cb:64:82: + d8:63:31:c9 +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIRAPrucayc+FuATc5L01f4MgkwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwIBcNMjQwNDI1MTUzNDE4WhgPMzAyMzA4 +MjcxNTM0MThaMBIxEDAOBgNVBAMMB2FsdHRlc3QwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQCU9n4rQe4A1vUvVGb0QTlp7mQLFUZZzgC2vyqq9w51xOWh +t7OGHCQG+pFB8QuHOu4mJyhiHaw1VOWjrEinmqq+LmBSfN7PwygRQldSnUQkj7C2 ++zbvT6p+LFdeB4oD/BgD6FhriJiok6xpAbGc7zv+BEeeKOLGFflc394kHi+k4LIB +lH64AHaw3TZVIvItOsex2Gd+yi0iuNydhzQMwRHHciu47RvYdW0NSeH2vxLdGYSH +Lm3GfX5CMyoFov9dBxCDpMA1qfgAlimfvFNsgRh75MZBVH8So1p3yw/PUoyDmjAD +yndlssALAGeGUHex9Xm3IGIl+DvKzcTa0cCB/duLAgMBAAGjgb4wgbswCQYDVR0T +BAIwADAdBgNVHQ4EFgQUBC6gaADX29Plc5P8HOUweNFbJOgwUQYDVR0jBEowSIAU +20uplSytBZ/PyDzeOywngdcoZUihGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENB +ghRmMucVriDi12sOO6NQwSVaRWkUoDATBgNVHSUEDDAKBggrBgEFBQcDATALBgNV +HQ8EBAMCBaAwGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/AAABMA0GCSqGSIb3DQEB +CwUAA4IBAQBBNV5+FEaWPsmO/oj41gdri7eOAsRjl3nsSkbMck16zJsT2Wtc+bW2 +yATP+eAjsk7ssICFhL6pHY1OiyYJ0VCD36LWzOyMNrDEqcsUui3i85Oa5a7+prc3 +whdSF7LzTjoEiJtQfsVzb2NcqzJHDRy0Y9TewGvO7CaNjECDwcIpSPgPobH5XiuR ++w0yJttz7zYD0SQ+WY05CSlhhWRpvu7sbd1tfJMitUQZ7RH1Rn31vnTORoVdJJ9O +uCdLf7pyXPckELZ7+8ug0Vlb01/po+n9wzYvtrXr5h2bcdZTJpUmZBQlR7g71Ja+ +UZjlTc9HZuj86bzmbCvmh9jLZILYYzHJ +-----END CERTIFICATE----- diff --git a/ipad/example_ca/pki/index.txt b/ipad/example_ca/pki/index.txt new file mode 100644 index 0000000..dd39679 --- /dev/null +++ b/ipad/example_ca/pki/index.txt @@ -0,0 +1,2 @@ +V 30230827153418Z FAEE71AC9CF85B804DCE4BD357F83209 unknown /CN=alttest +V 30230827153430Z 2AA3F8FFC3B562AFC67845389A5F2C5A unknown /CN=testsuite diff --git a/ipad/example_ca/pki/index.txt.attr b/ipad/example_ca/pki/index.txt.attr new file mode 100644 index 0000000..3a7e39e --- /dev/null +++ b/ipad/example_ca/pki/index.txt.attr @@ -0,0 +1 @@ +unique_subject = no diff --git a/ipad/example_ca/pki/index.txt.attr.old b/ipad/example_ca/pki/index.txt.attr.old new file mode 100644 index 0000000..3a7e39e --- /dev/null +++ b/ipad/example_ca/pki/index.txt.attr.old @@ -0,0 +1 @@ +unique_subject = no diff --git a/ipad/example_ca/pki/index.txt.old b/ipad/example_ca/pki/index.txt.old new file mode 100644 index 0000000..605de4c --- /dev/null +++ b/ipad/example_ca/pki/index.txt.old @@ -0,0 +1 @@ +V 30230827153418Z FAEE71AC9CF85B804DCE4BD357F83209 unknown /CN=alttest diff --git a/ipad/example_ca/pki/issued/alttest.cabundle b/ipad/example_ca/pki/issued/alttest.cabundle new file mode 100644 index 0000000..c7a4426 --- /dev/null +++ b/ipad/example_ca/pki/issued/alttest.cabundle @@ -0,0 +1,42 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIRAPrucayc+FuATc5L01f4MgkwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwIBcNMjQwNDI1MTUzNDE4WhgPMzAyMzA4 +MjcxNTM0MThaMBIxEDAOBgNVBAMMB2FsdHRlc3QwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQCU9n4rQe4A1vUvVGb0QTlp7mQLFUZZzgC2vyqq9w51xOWh +t7OGHCQG+pFB8QuHOu4mJyhiHaw1VOWjrEinmqq+LmBSfN7PwygRQldSnUQkj7C2 ++zbvT6p+LFdeB4oD/BgD6FhriJiok6xpAbGc7zv+BEeeKOLGFflc394kHi+k4LIB +lH64AHaw3TZVIvItOsex2Gd+yi0iuNydhzQMwRHHciu47RvYdW0NSeH2vxLdGYSH +Lm3GfX5CMyoFov9dBxCDpMA1qfgAlimfvFNsgRh75MZBVH8So1p3yw/PUoyDmjAD +yndlssALAGeGUHex9Xm3IGIl+DvKzcTa0cCB/duLAgMBAAGjgb4wgbswCQYDVR0T +BAIwADAdBgNVHQ4EFgQUBC6gaADX29Plc5P8HOUweNFbJOgwUQYDVR0jBEowSIAU +20uplSytBZ/PyDzeOywngdcoZUihGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENB +ghRmMucVriDi12sOO6NQwSVaRWkUoDATBgNVHSUEDDAKBggrBgEFBQcDATALBgNV +HQ8EBAMCBaAwGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/AAABMA0GCSqGSIb3DQEB +CwUAA4IBAQBBNV5+FEaWPsmO/oj41gdri7eOAsRjl3nsSkbMck16zJsT2Wtc+bW2 +yATP+eAjsk7ssICFhL6pHY1OiyYJ0VCD36LWzOyMNrDEqcsUui3i85Oa5a7+prc3 +whdSF7LzTjoEiJtQfsVzb2NcqzJHDRy0Y9TewGvO7CaNjECDwcIpSPgPobH5XiuR ++w0yJttz7zYD0SQ+WY05CSlhhWRpvu7sbd1tfJMitUQZ7RH1Rn31vnTORoVdJJ9O +uCdLf7pyXPckELZ7+8ug0Vlb01/po+n9wzYvtrXr5h2bcdZTJpUmZBQlR7g71Ja+ +UZjlTc9HZuj86bzmbCvmh9jLZILYYzHJ +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +MIIDTTCCAjWgAwIBAgIUZjLnFa4g4tdrDjujUMElWkVpFKAwDQYJKoZIhvcNAQEL +BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwIBcNMjQwNDI1MTUzMzU2WhgPMzAy +MzA4MjcxNTMzNTZaMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR8Y1ESTRhfjVNZ0+nuhQsvkMhZnOMpaEoJz +pCzHV0Cj6Mi814gPanvflAX/9F+4IjQ2evm7pNKNUpt1vf6kKTmco0EX672spP4p +8KOQaki/+I/AMYCwAGOvmCMYpHMzNTkV9PZIUUyzLG5YaigiMtJpWY+ji/G+kxAg +YzPr4WhTjG+mEoPjfc9LQH5dh/dP0cdkoZuIHWx6kFxAw/Okb1EF/oGrUT4pOLzg +/Z5wkOYZhlK0bicCqvYfsUjJ4y0ftCXfjQUtAYfQ4gq6revQ7eHCNKixh+BB8yXO +7/z6qrTfMTmN2Ekdo5nAyAMOeugaExaSLwYti3afX71RuqrtTwIDAQABo4GQMIGN +MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFNtLqZUsrQWfz8g83jssJ4HXKGVIMFEG +A1UdIwRKMEiAFNtLqZUsrQWfz8g83jssJ4HXKGVIoRqkGDAWMRQwEgYDVQQDDAtF +YXN5LVJTQSBDQYIUZjLnFa4g4tdrDjujUMElWkVpFKAwCwYDVR0PBAQDAgEGMA0G +CSqGSIb3DQEBCwUAA4IBAQAADFdB7R2mwfMWj3vUR77v9f3wqJdKgUyleXGKu6ot +9YL8vYAJUL9sojZ8KeR47PDVpOs7v0Ll3RcfqRrDWQ9/MiMqSMcxh/i9dvyf5d9s +o2kxqiPaMVPkLzGKE04I0XtAlszqOBYsGO83D2FuJsIWglvvOjNYvJ05LMVJObnq +gpwY3TwhoKeWAQg6U5Yv6dLDjvbYPTwgArNpY97BxY0GZNyiyJgyag21cVui+tsd +uLKVKhmW/EhCC52wsEMwLAsiOjNpVXwAkPWaWAbUJIJTyuc2ZFpx9D2T40H1U8Pj +6UXwCkZ7C9qwKKyusG8duf/Xsdsft3Pm8XykSWWya6Um +-----END CERTIFICATE----- diff --git a/ipad/example_ca/pki/issued/alttest.crt b/ipad/example_ca/pki/issued/alttest.crt new file mode 100644 index 0000000..070adb2 --- /dev/null +++ b/ipad/example_ca/pki/issued/alttest.crt @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + fa:ee:71:ac:9c:f8:5b:80:4d:ce:4b:d3:57:f8:32:09 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Easy-RSA CA + Validity + Not Before: Apr 25 15:34:18 2024 GMT + Not After : Aug 27 15:34:18 3023 GMT + Subject: CN=alttest + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:94:f6:7e:2b:41:ee:00:d6:f5:2f:54:66:f4:41: + 39:69:ee:64:0b:15:46:59:ce:00:b6:bf:2a:aa:f7: + 0e:75:c4:e5:a1:b7:b3:86:1c:24:06:fa:91:41:f1: + 0b:87:3a:ee:26:27:28:62:1d:ac:35:54:e5:a3:ac: + 48:a7:9a:aa:be:2e:60:52:7c:de:cf:c3:28:11:42: + 57:52:9d:44:24:8f:b0:b6:fb:36:ef:4f:aa:7e:2c: + 57:5e:07:8a:03:fc:18:03:e8:58:6b:88:98:a8:93: + ac:69:01:b1:9c:ef:3b:fe:04:47:9e:28:e2:c6:15: + f9:5c:df:de:24:1e:2f:a4:e0:b2:01:94:7e:b8:00: + 76:b0:dd:36:55:22:f2:2d:3a:c7:b1:d8:67:7e:ca: + 2d:22:b8:dc:9d:87:34:0c:c1:11:c7:72:2b:b8:ed: + 1b:d8:75:6d:0d:49:e1:f6:bf:12:dd:19:84:87:2e: + 6d:c6:7d:7e:42:33:2a:05:a2:ff:5d:07:10:83:a4: + c0:35:a9:f8:00:96:29:9f:bc:53:6c:81:18:7b:e4: + c6:41:54:7f:12:a3:5a:77:cb:0f:cf:52:8c:83:9a: + 30:03:ca:77:65:b2:c0:0b:00:67:86:50:77:b1:f5: + 79:b7:20:62:25:f8:3b:ca:cd:c4:da:d1:c0:81:fd: + db:8b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 04:2E:A0:68:00:D7:DB:D3:E5:73:93:FC:1C:E5:30:78:D1:5B:24:E8 + X509v3 Authority Key Identifier: + keyid:DB:4B:A9:95:2C:AD:05:9F:CF:C8:3C:DE:3B:2C:27:81:D7:28:65:48 + DirName:/CN=Easy-RSA CA + serial:66:32:E7:15:AE:20:E2:D7:6B:0E:3B:A3:50:C1:25:5A:45:69:14:A0 + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:localhost, IP Address:127.0.0.1 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 41:35:5e:7e:14:46:96:3e:c9:8e:fe:88:f8:d6:07:6b:8b:b7: + 8e:02:c4:63:97:79:ec:4a:46:cc:72:4d:7a:cc:9b:13:d9:6b: + 5c:f9:b5:b6:c8:04:cf:f9:e0:23:b2:4e:ec:b0:80:85:84:be: + a9:1d:8d:4e:8b:26:09:d1:50:83:df:a2:d6:cc:ec:8c:36:b0: + c4:a9:cb:14:ba:2d:e2:f3:93:9a:e5:ae:fe:a6:b7:37:c2:17: + 52:17:b2:f3:4e:3a:04:88:9b:50:7e:c5:73:6f:63:5c:ab:32: + 47:0d:1c:b4:63:d4:de:c0:6b:ce:ec:26:8d:8c:40:83:c1:c2: + 29:48:f8:0f:a1:b1:f9:5e:2b:91:fb:0d:32:26:db:73:ef:36: + 03:d1:24:3e:59:8d:39:09:29:61:85:64:69:be:ee:ec:6d:dd: + 6d:7c:93:22:b5:44:19:ed:11:f5:46:7d:f5:be:74:ce:46:85: + 5d:24:9f:4e:b8:27:4b:7f:ba:72:5c:f7:24:10:b6:7b:fb:cb: + a0:d1:59:5b:d3:5f:e9:a3:e9:fd:c3:36:2f:b6:b5:eb:e6:1d: + 9b:71:d6:53:26:95:26:64:14:25:47:b8:3b:d4:96:be:51:98: + e5:4d:cf:47:66:e8:fc:e9:bc:e6:6c:2b:e6:87:d8:cb:64:82: + d8:63:31:c9 +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIRAPrucayc+FuATc5L01f4MgkwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwIBcNMjQwNDI1MTUzNDE4WhgPMzAyMzA4 +MjcxNTM0MThaMBIxEDAOBgNVBAMMB2FsdHRlc3QwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQCU9n4rQe4A1vUvVGb0QTlp7mQLFUZZzgC2vyqq9w51xOWh +t7OGHCQG+pFB8QuHOu4mJyhiHaw1VOWjrEinmqq+LmBSfN7PwygRQldSnUQkj7C2 ++zbvT6p+LFdeB4oD/BgD6FhriJiok6xpAbGc7zv+BEeeKOLGFflc394kHi+k4LIB +lH64AHaw3TZVIvItOsex2Gd+yi0iuNydhzQMwRHHciu47RvYdW0NSeH2vxLdGYSH +Lm3GfX5CMyoFov9dBxCDpMA1qfgAlimfvFNsgRh75MZBVH8So1p3yw/PUoyDmjAD +yndlssALAGeGUHex9Xm3IGIl+DvKzcTa0cCB/duLAgMBAAGjgb4wgbswCQYDVR0T +BAIwADAdBgNVHQ4EFgQUBC6gaADX29Plc5P8HOUweNFbJOgwUQYDVR0jBEowSIAU +20uplSytBZ/PyDzeOywngdcoZUihGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENB +ghRmMucVriDi12sOO6NQwSVaRWkUoDATBgNVHSUEDDAKBggrBgEFBQcDATALBgNV +HQ8EBAMCBaAwGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/AAABMA0GCSqGSIb3DQEB +CwUAA4IBAQBBNV5+FEaWPsmO/oj41gdri7eOAsRjl3nsSkbMck16zJsT2Wtc+bW2 +yATP+eAjsk7ssICFhL6pHY1OiyYJ0VCD36LWzOyMNrDEqcsUui3i85Oa5a7+prc3 +whdSF7LzTjoEiJtQfsVzb2NcqzJHDRy0Y9TewGvO7CaNjECDwcIpSPgPobH5XiuR ++w0yJttz7zYD0SQ+WY05CSlhhWRpvu7sbd1tfJMitUQZ7RH1Rn31vnTORoVdJJ9O +uCdLf7pyXPckELZ7+8ug0Vlb01/po+n9wzYvtrXr5h2bcdZTJpUmZBQlR7g71Ja+ +UZjlTc9HZuj86bzmbCvmh9jLZILYYzHJ +-----END CERTIFICATE----- diff --git a/ipad/example_ca/pki/issued/alttest.notes b/ipad/example_ca/pki/issued/alttest.notes new file mode 100644 index 0000000..6daca26 --- /dev/null +++ b/ipad/example_ca/pki/issued/alttest.notes @@ -0,0 +1,8 @@ +This certificate is suitable for tests on any machine where testsuite and IPAd +run on the same host. + +The alttest.crt certificate has been created using the following commandline: +./easyrsa --subject-alt-name="DNS:localhost,IP:127.0.0.1" build-server-full alttest nopass + +The alttest.cabundle file has been created manually (alttest certificate at the +top, ca certificate at the bottom). diff --git a/ipad/example_ca/pki/issued/testsuite.cabundle b/ipad/example_ca/pki/issued/testsuite.cabundle new file mode 100644 index 0000000..9768a94 --- /dev/null +++ b/ipad/example_ca/pki/issued/testsuite.cabundle @@ -0,0 +1,42 @@ +-----BEGIN CERTIFICATE----- +MIIDbzCCAlegAwIBAgIQKqP4/8O1Yq/GeEU4ml8sWjANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAgFw0yNDA0MjUxNTM0MzBaGA8zMDIzMDgy +NzE1MzQzMFowFDESMBAGA1UEAwwJdGVzdHN1aXRlMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAvA038bEtTA6voVGFkh8bPO8EGCTR1g7rc2SG2sZl4rJ0 ++27AuV3+Z2FEOr8gbqdTnHuOa+zEVewL+UQIalQ1WYKaY2ALN90iXeNDgU5Rrgpn +Mbux03AOqEYvEey26VglCslySpfx1XoNaJDrc8LhgRLNCBsh6c5YPtyB3rdlMb3E +i1rRBpvA6rdjj/ulZzd+1WkHVmfz5zddhIZSJZSeamCiXL9eC8vIgxoXUYTxFvCD +Rra7l/NPukEfMKjV7k4ueACbJf0M7MxXo4K1VFb9Jfn/uF8bVa5XFjUNzJrP0CxK +3dWuKn52c6+42aA1YYI9oNHOo9iCGwyavKULLQDQ6QIDAQABo4G4MIG1MAkGA1Ud +EwQCMAAwHQYDVR0OBBYEFCARBi67sAsF1M5PvF9ROeeWlE8mMFEGA1UdIwRKMEiA +FNtLqZUsrQWfz8g83jssJ4HXKGVIoRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBD +QYIUZjLnFa4g4tdrDjujUMElWkVpFKAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYD +VR0PBAQDAgWgMBQGA1UdEQQNMAuCCXRlc3RzdWl0ZTANBgkqhkiG9w0BAQsFAAOC +AQEAeLEoJfUXesKgLri7Fdyq6I+qrvNIDkYpcdcka83aTrGMGkABeQPKLUV2yQhh +UOsDnIKf1jfYYEL8WTW3Qmn9NkWToxff3V2EGQRwT8hfPpYnSQOBp1UsFn6+ZSZx +SOtbNjjBqYfwrS5AW+gSOfXQYHFV10v70L81EfsunE/msTXGRbRzaJnZJ/pOmCV9 +bnwbIujCg287H0wncJQa7/sr/Z08os7yS9GO523b7CIcubTBvBeC6uEfdhpK1lmz +JOXkZ7nO03Nn3UiCBLyPUDTADkJufmOs5qtxt3lb946MSKzvrsaw6a7XlJtY6Svo +QJMbYlEtBqTKjOZ+jFrQbWmGbw== +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +MIIDTTCCAjWgAwIBAgIUZjLnFa4g4tdrDjujUMElWkVpFKAwDQYJKoZIhvcNAQEL +BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwIBcNMjQwNDI1MTUzMzU2WhgPMzAy +MzA4MjcxNTMzNTZaMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR8Y1ESTRhfjVNZ0+nuhQsvkMhZnOMpaEoJz +pCzHV0Cj6Mi814gPanvflAX/9F+4IjQ2evm7pNKNUpt1vf6kKTmco0EX672spP4p +8KOQaki/+I/AMYCwAGOvmCMYpHMzNTkV9PZIUUyzLG5YaigiMtJpWY+ji/G+kxAg +YzPr4WhTjG+mEoPjfc9LQH5dh/dP0cdkoZuIHWx6kFxAw/Okb1EF/oGrUT4pOLzg +/Z5wkOYZhlK0bicCqvYfsUjJ4y0ftCXfjQUtAYfQ4gq6revQ7eHCNKixh+BB8yXO +7/z6qrTfMTmN2Ekdo5nAyAMOeugaExaSLwYti3afX71RuqrtTwIDAQABo4GQMIGN +MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFNtLqZUsrQWfz8g83jssJ4HXKGVIMFEG +A1UdIwRKMEiAFNtLqZUsrQWfz8g83jssJ4HXKGVIoRqkGDAWMRQwEgYDVQQDDAtF +YXN5LVJTQSBDQYIUZjLnFa4g4tdrDjujUMElWkVpFKAwCwYDVR0PBAQDAgEGMA0G +CSqGSIb3DQEBCwUAA4IBAQAADFdB7R2mwfMWj3vUR77v9f3wqJdKgUyleXGKu6ot +9YL8vYAJUL9sojZ8KeR47PDVpOs7v0Ll3RcfqRrDWQ9/MiMqSMcxh/i9dvyf5d9s +o2kxqiPaMVPkLzGKE04I0XtAlszqOBYsGO83D2FuJsIWglvvOjNYvJ05LMVJObnq +gpwY3TwhoKeWAQg6U5Yv6dLDjvbYPTwgArNpY97BxY0GZNyiyJgyag21cVui+tsd +uLKVKhmW/EhCC52wsEMwLAsiOjNpVXwAkPWaWAbUJIJTyuc2ZFpx9D2T40H1U8Pj +6UXwCkZ7C9qwKKyusG8duf/Xsdsft3Pm8XykSWWya6Um +-----END CERTIFICATE----- diff --git a/ipad/example_ca/pki/issued/testsuite.crt b/ipad/example_ca/pki/issued/testsuite.crt new file mode 100644 index 0000000..14904d1 --- /dev/null +++ b/ipad/example_ca/pki/issued/testsuite.crt @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 2a:a3:f8:ff:c3:b5:62:af:c6:78:45:38:9a:5f:2c:5a + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Easy-RSA CA + Validity + Not Before: Apr 25 15:34:30 2024 GMT + Not After : Aug 27 15:34:30 3023 GMT + Subject: CN=testsuite + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:bc:0d:37:f1:b1:2d:4c:0e:af:a1:51:85:92:1f: + 1b:3c:ef:04:18:24:d1:d6:0e:eb:73:64:86:da:c6: + 65:e2:b2:74:fb:6e:c0:b9:5d:fe:67:61:44:3a:bf: + 20:6e:a7:53:9c:7b:8e:6b:ec:c4:55:ec:0b:f9:44: + 08:6a:54:35:59:82:9a:63:60:0b:37:dd:22:5d:e3: + 43:81:4e:51:ae:0a:67:31:bb:b1:d3:70:0e:a8:46: + 2f:11:ec:b6:e9:58:25:0a:c9:72:4a:97:f1:d5:7a: + 0d:68:90:eb:73:c2:e1:81:12:cd:08:1b:21:e9:ce: + 58:3e:dc:81:de:b7:65:31:bd:c4:8b:5a:d1:06:9b: + c0:ea:b7:63:8f:fb:a5:67:37:7e:d5:69:07:56:67: + f3:e7:37:5d:84:86:52:25:94:9e:6a:60:a2:5c:bf: + 5e:0b:cb:c8:83:1a:17:51:84:f1:16:f0:83:46:b6: + bb:97:f3:4f:ba:41:1f:30:a8:d5:ee:4e:2e:78:00: + 9b:25:fd:0c:ec:cc:57:a3:82:b5:54:56:fd:25:f9: + ff:b8:5f:1b:55:ae:57:16:35:0d:cc:9a:cf:d0:2c: + 4a:dd:d5:ae:2a:7e:76:73:af:b8:d9:a0:35:61:82: + 3d:a0:d1:ce:a3:d8:82:1b:0c:9a:bc:a5:0b:2d:00: + d0:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 20:11:06:2E:BB:B0:0B:05:D4:CE:4F:BC:5F:51:39:E7:96:94:4F:26 + X509v3 Authority Key Identifier: + keyid:DB:4B:A9:95:2C:AD:05:9F:CF:C8:3C:DE:3B:2C:27:81:D7:28:65:48 + DirName:/CN=Easy-RSA CA + serial:66:32:E7:15:AE:20:E2:D7:6B:0E:3B:A3:50:C1:25:5A:45:69:14:A0 + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:testsuite + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 78:b1:28:25:f5:17:7a:c2:a0:2e:b8:bb:15:dc:aa:e8:8f:aa: + ae:f3:48:0e:46:29:71:d7:24:6b:cd:da:4e:b1:8c:1a:40:01: + 79:03:ca:2d:45:76:c9:08:61:50:eb:03:9c:82:9f:d6:37:d8: + 60:42:fc:59:35:b7:42:69:fd:36:45:93:a3:17:df:dd:5d:84: + 19:04:70:4f:c8:5f:3e:96:27:49:03:81:a7:55:2c:16:7e:be: + 65:26:71:48:eb:5b:36:38:c1:a9:87:f0:ad:2e:40:5b:e8:12: + 39:f5:d0:60:71:55:d7:4b:fb:d0:bf:35:11:fb:2e:9c:4f:e6: + b1:35:c6:45:b4:73:68:99:d9:27:fa:4e:98:25:7d:6e:7c:1b: + 22:e8:c2:83:6f:3b:1f:4c:27:70:94:1a:ef:fb:2b:fd:9d:3c: + a2:ce:f2:4b:d1:8e:e7:6d:db:ec:22:1c:b9:b4:c1:bc:17:82: + ea:e1:1f:76:1a:4a:d6:59:b3:24:e5:e4:67:b9:ce:d3:73:67: + dd:48:82:04:bc:8f:50:34:c0:0e:42:6e:7e:63:ac:e6:ab:71: + b7:79:5b:f7:8e:8c:48:ac:ef:ae:c6:b0:e9:ae:d7:94:9b:58: + e9:2b:e8:40:93:1b:62:51:2d:06:a4:ca:8c:e6:7e:8c:5a:d0: + 6d:69:86:6f +-----BEGIN CERTIFICATE----- +MIIDbzCCAlegAwIBAgIQKqP4/8O1Yq/GeEU4ml8sWjANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAgFw0yNDA0MjUxNTM0MzBaGA8zMDIzMDgy +NzE1MzQzMFowFDESMBAGA1UEAwwJdGVzdHN1aXRlMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAvA038bEtTA6voVGFkh8bPO8EGCTR1g7rc2SG2sZl4rJ0 ++27AuV3+Z2FEOr8gbqdTnHuOa+zEVewL+UQIalQ1WYKaY2ALN90iXeNDgU5Rrgpn +Mbux03AOqEYvEey26VglCslySpfx1XoNaJDrc8LhgRLNCBsh6c5YPtyB3rdlMb3E +i1rRBpvA6rdjj/ulZzd+1WkHVmfz5zddhIZSJZSeamCiXL9eC8vIgxoXUYTxFvCD +Rra7l/NPukEfMKjV7k4ueACbJf0M7MxXo4K1VFb9Jfn/uF8bVa5XFjUNzJrP0CxK +3dWuKn52c6+42aA1YYI9oNHOo9iCGwyavKULLQDQ6QIDAQABo4G4MIG1MAkGA1Ud +EwQCMAAwHQYDVR0OBBYEFCARBi67sAsF1M5PvF9ROeeWlE8mMFEGA1UdIwRKMEiA +FNtLqZUsrQWfz8g83jssJ4HXKGVIoRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBD +QYIUZjLnFa4g4tdrDjujUMElWkVpFKAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYD +VR0PBAQDAgWgMBQGA1UdEQQNMAuCCXRlc3RzdWl0ZTANBgkqhkiG9w0BAQsFAAOC +AQEAeLEoJfUXesKgLri7Fdyq6I+qrvNIDkYpcdcka83aTrGMGkABeQPKLUV2yQhh +UOsDnIKf1jfYYEL8WTW3Qmn9NkWToxff3V2EGQRwT8hfPpYnSQOBp1UsFn6+ZSZx +SOtbNjjBqYfwrS5AW+gSOfXQYHFV10v70L81EfsunE/msTXGRbRzaJnZJ/pOmCV9 +bnwbIujCg287H0wncJQa7/sr/Z08os7yS9GO523b7CIcubTBvBeC6uEfdhpK1lmz +JOXkZ7nO03Nn3UiCBLyPUDTADkJufmOs5qtxt3lb946MSKzvrsaw6a7XlJtY6Svo +QJMbYlEtBqTKjOZ+jFrQbWmGbw== +-----END CERTIFICATE----- diff --git a/ipad/example_ca/pki/issued/testsuite.notes b/ipad/example_ca/pki/issued/testsuite.notes new file mode 100644 index 0000000..55594a6 --- /dev/null +++ b/ipad/example_ca/pki/issued/testsuite.notes @@ -0,0 +1,8 @@ +This certificate is suitable for tests where the testsuite runs on a separate +machine or VM that has the hostname "testsuite" + +The testsuite.crt certificate has been created using the following commandline: +./easyrsa --subject-alt-name="DNS:testsuite" build-server-full testsuite nopass + +The testsuite.cabundle file has been created manually (alttest certificate at the +top, ca certificate at the bottom). diff --git a/ipad/example_ca/pki/openssl-easyrsa.cnf b/ipad/example_ca/pki/openssl-easyrsa.cnf new file mode 100644 index 0000000..928b195 --- /dev/null +++ b/ipad/example_ca/pki/openssl-easyrsa.cnf @@ -0,0 +1,143 @@ +# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = $ENV::EASYRSA_PKI # Where everything is kept +certs = $dir # Where the issued certs are kept +crl_dir = $dir # Where the issued crl are kept +database = $dir/index.txt # database index file. +new_certs_dir = $dir/certs_by_serial # default place for new certs. + +certificate = $dir/ca.crt # The CA certificate +serial = $dir/serial # The current serial number +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/ca.key # The private key +RANDFILE = $dir/.rand # private random number file + +x509_extensions = basic_exts # The extensions to add to the cert + +# A placeholder to handle the --copy-ext feature: +#%COPY_EXTS% # Do NOT remove or change this line as --copy-ext support requires it + +# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA +# is designed for will. In return, we get the Issuer attached to CRLs. +crl_extensions = crl_ext + +default_days = $ENV::EASYRSA_CERT_EXPIRE # how long to certify for +default_crl_days = $ENV::EASYRSA_CRL_DAYS # how long before next CRL +default_md = $ENV::EASYRSA_DIGEST # use public key default MD +preserve = no # keep passed DN ordering + +# This allows to renew certificates which have not been revoked +unique_subject = no + +# A few different ways of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_anything + +# For the 'anything' policy, which defines allowed DN fields +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +name = optional +emailAddress = optional + +#################################################################### +# Easy-RSA request handling +# We key off $DN_MODE to determine how to format the DN +[ req ] +default_bits = $ENV::EASYRSA_KEY_SIZE +default_keyfile = privkey.pem +default_md = $ENV::EASYRSA_DIGEST +distinguished_name = $ENV::EASYRSA_DN +x509_extensions = easyrsa_ca # The extensions to add to the self signed cert + +# A placeholder to handle the $EXTRA_EXTS feature: +#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it + +#################################################################### +# Easy-RSA DN (Subject) handling + +# Easy-RSA DN for cn_only support: +[ cn_only ] +commonName = Common Name (eg: your user, host, or server name) +commonName_max = 64 +commonName_default = $ENV::EASYRSA_REQ_CN + +# Easy-RSA DN for org support: +[ org ] +countryName = Country Name (2 letter code) +countryName_default = $ENV::EASYRSA_REQ_COUNTRY +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = $ENV::EASYRSA_REQ_PROVINCE + +localityName = Locality Name (eg, city) +localityName_default = $ENV::EASYRSA_REQ_CITY + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = $ENV::EASYRSA_REQ_ORG + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = $ENV::EASYRSA_REQ_OU + +commonName = Common Name (eg: your user, host, or server name) +commonName_max = 64 +commonName_default = $ENV::EASYRSA_REQ_CN + +emailAddress = Email Address +emailAddress_default = $ENV::EASYRSA_REQ_EMAIL +emailAddress_max = 64 + +#################################################################### +# Easy-RSA cert extension handling + +# This section is effectively unused as the main script sets extensions +# dynamically. This core section is left to support the odd usecase where +# a user calls openssl directly. +[ basic_exts ] +basicConstraints = CA:FALSE +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer:always + +# The Easy-RSA CA extensions +[ easyrsa_ca ] + +# PKIX recommendations: + +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always + +# This could be marked critical, but it's nice to support reading by any +# broken clients who attempt to do so. +basicConstraints = CA:true + +# Limit key usage to CA tasks. If you really want to use the generated pair as +# a self-signed cert, comment this out. +keyUsage = cRLSign, keyCertSign + +# nsCertType omitted by default. Let's try to let the deprecated stuff die. +# nsCertType = sslCA + +# A placeholder to handle the $X509_TYPES and CA extra extensions $EXTRA_EXTS: +#%CA_X509_TYPES_EXTRA_EXTS% # Do NOT remove or change this line as $X509_TYPES and EXTRA_EXTS demands it + +# CRL extensions. +[ crl_ext ] + +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/ipad/example_ca/pki/private/alttest.key b/ipad/example_ca/pki/private/alttest.key new file mode 100644 index 0000000..c334f49 --- /dev/null +++ b/ipad/example_ca/pki/private/alttest.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCU9n4rQe4A1vUv +VGb0QTlp7mQLFUZZzgC2vyqq9w51xOWht7OGHCQG+pFB8QuHOu4mJyhiHaw1VOWj +rEinmqq+LmBSfN7PwygRQldSnUQkj7C2+zbvT6p+LFdeB4oD/BgD6FhriJiok6xp +AbGc7zv+BEeeKOLGFflc394kHi+k4LIBlH64AHaw3TZVIvItOsex2Gd+yi0iuNyd +hzQMwRHHciu47RvYdW0NSeH2vxLdGYSHLm3GfX5CMyoFov9dBxCDpMA1qfgAlimf +vFNsgRh75MZBVH8So1p3yw/PUoyDmjADyndlssALAGeGUHex9Xm3IGIl+DvKzcTa +0cCB/duLAgMBAAECggEACbh+yeqG0iiKM3PPNsfoK+YnQnnkRLP8DpuG+Jp1UnDD +iLwTdlWbxut5qH3xrKTHKazge8FH8ur+rqGYKX0fAJjHfFqIXQfKiOXKtlTA6kne +KZ1XG7gX03Kn+ODbvCAqnlv+eSCe0FFirNo0HEjtofPm4IahKx//98mRa3X00fjQ +41+pwrtj5TBeHc8V9QiHDDTfAtUcRKbA3yPyla0xdHektCDak1U6CMoR/p55l+rM +2ffBHJA+wNc28NfxV+ZY1VbpZ0qszAp3/U+gQRn0P9+2scIAWzRBlmQ37EfAMmM8 +ciembbDpoi7/tMQ0UhrhCR/o5hatQwS8ACEuLC3ucQKBgQDLBGSvuGBvWYget/2+ +jhCjYyH5s0Pye0iCcUlZDIsi1RjtgQfXNo5J1yP7uaPHJ/3Saoohb844CD0+kLjS +tYpGSePL+q8HGnjfutjy0Xstew5peD6quc15G6gyfCBKdC39R9BfuC2emw9eZeiG +qRmGpFKwD3PDS5ZNz3HJ/WG41QKBgQC71rlMXGsnq63OVcKvw32Kn6XVsHXhoxFd +DWy43QbGqVV2Lk36/mr8iotBOV4BsofWD8Fx8447lhERuTi9NHSlIaAldnng0Eok +RoW+Lr6QbQanuLjM+NLhPcdrhZPrp4pHFUgnj2PjmLAngmvyaa4l/m88UvYVWPyK +vxUzNtNy3wKBgQCL9ZpoXib1fPbPnq6rOQuVaFla6NBWEdH6Q5l6b6BYQiruSb8b +CnxrwYsIFoInYZWmA1b5GDhF/sAiKumQMiGCtZv62vbhYcmlDA5W0D4oK6bS5Vfm +oTNbY8rACzzDt3ahH2ozIykoJ+QfgwgcFeYIIa7zu6NmJu0W9YWP6EP/hQKBgApq +Y6f6T+7JNEAGvV7lpiZzp8xrln3GfwX74pV1nBST+yssciKCzQfn3sTlG3NYpPOX +uBBLgw2GyreC38SODhHCBZFOOn/ezN2qE2xyRxrXENFoCsdC3N6kgFRT+dnNVnuO +kIuxBcbvBoWKU9YDSibNLvnXV9HjN02yPsiyN5NdAoGAZj0u++sJWrYzBeGDO0ew +a0GJnQK8/4NR+vJz/vvmL/lidfKOFJ5/lNANRha7ep89ig7G96ejabEitghIH9I7 +0+OxHz5uk+lidlTPxTg64ELlJnbsPzdI6QygeFVp8QqxEYgzB3zi8ropSoVIKVkB +2+9FJlDHUFB+PG7cbfR70a8= +-----END PRIVATE KEY----- diff --git a/ipad/example_ca/pki/private/ca.key b/ipad/example_ca/pki/private/ca.key new file mode 100644 index 0000000..ca1c505 --- /dev/null +++ b/ipad/example_ca/pki/private/ca.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCdHxjURJNGF+NU +1nT6e6FCy+QyFmc4yloSgnOkLMdXQKPoyLzXiA9qe9+UBf/0X7giNDZ6+buk0o1S +m3W9/qQpOZyjQRfrvayk/inwo5BqSL/4j8AxgLAAY6+YIxikczM1ORX09khRTLMs +blhqKCIy0mlZj6OL8b6TECBjM+vhaFOMb6YSg+N9z0tAfl2H90/Rx2Shm4gdbHqQ +XEDD86RvUQX+gatRPik4vOD9nnCQ5hmGUrRuJwKq9h+xSMnjLR+0Jd+NBS0Bh9Di +Crqt69Dt4cI0qLGH4EHzJc7v/PqqtN8xOY3YSR2jmcDIAw566BoTFpIvBi2Ldp9f +vVG6qu1PAgMBAAECggEAAdFyJRuDuPn5DU961Xm3muSjvdXmUhfBj2NFsOE8Zy5w +rQQGEN7yI1qEjaWvSM/1eyVRUVY+yDSW5b7r8Wa8Jwun4ruGQbTi3VdhRZlT/gKm +qPyRR0FeBKWpZZ62I0nd+jLLYoNj6Q1Zyxzu7e5+icMRc3BWIE7qTbDTgM1SAjxm +OhNnQmWVq/E4wP4JXkjy2zxZZPjbq5awhvPzeApq/QspKNp9PE9rOHRbyi5kknYO +nYc4hn2McHegsfyN0gXsLkDgwKqFG84HZRKOjnDUm8EOCC0L0Zhs2lYmpemeKP+f +4ro5mhvJQ8Xe3iUcfAAQypRUyOyCXVJY7A0yzSWrEQKBgQDO2CoimFzktgHQwN7x +HriYg4Ass1Y/gZq2N7APqbFJZIeJlouKqlZ6uF+eWqMZf96XidOC37BMH2R0yAvP +vPHTGycSZozE0tGNscLxQ8nGYu2tDzryCBrjpNUaKY5HVYK/9D1toSnvOWJAZlHN +lOx5sDOlwCpXR1DANUZtsVRCCQKBgQDCde3B59fW4FbB7+hk0qLxhKnlIt0UFOuB +4Kg/UZZYvJA1bGW1LZGVNXpMIyRpPODW5B979Eb/azF6LtW/MzwZ2ZM9aXKRFA0S ++J2whjdBebWG/PuwEwKHo/wfzEJLeVW2VOEUknirn5PnI4is2LiTCfnls8PlkSzF +klK/7K6qlwKBgEIPse1Yohp9sri8ULfLqwMyxIYCROKFfycBRB7MgI3DKLKdvTVt +T69kIU3O/tZPC4V0hHQBAypcwFW36mXPn6BfxKvQyta1yi2p/2vUzaWpxOUHvzi7 +s/LOmyz+5q0Lt3WdCN1xopX/ysxsoWW6UYhP6T7fz+YOJdEtcq/n+dQZAoGAAhR6 +15EgSOcbZnWnebSbE5REsPO/g6B5qGj7w7merxJNRJUFPXvgS8VHqprRn+KL0SCd +iZjiTYca/2CS3rmwkeI25fhDxnN9dE9+eE3nN2cS3v/DvW1moIbLgpePufjxRsL/ +qVWrvsI1Ncq2gorK5p+7sY5LsR/tZ6uaAP2KHL8CgYEAsPllojZVSxcWuWN8YD6U +hPTsmH9EwxN6kqB2Ai2ZN3i5kmRnZNv8xBJcf9bJY5YlV7ycyPf3RXfNLVlA/8Ox +Tnyn+hpNDDXNnOaiOYjlG0NC1XYesJDN2WyaRNIrXpWXGWD28VGK4sKVNdxV6lOC +fLxfcjGPfAqfHtUoOiQofXU= +-----END PRIVATE KEY----- diff --git a/ipad/example_ca/pki/private/testsuite.key b/ipad/example_ca/pki/private/testsuite.key new file mode 100644 index 0000000..0587614 --- /dev/null +++ b/ipad/example_ca/pki/private/testsuite.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC8DTfxsS1MDq+h +UYWSHxs87wQYJNHWDutzZIbaxmXisnT7bsC5Xf5nYUQ6vyBup1Oce45r7MRV7Av5 +RAhqVDVZgppjYAs33SJd40OBTlGuCmcxu7HTcA6oRi8R7LbpWCUKyXJKl/HVeg1o +kOtzwuGBEs0IGyHpzlg+3IHet2UxvcSLWtEGm8Dqt2OP+6VnN37VaQdWZ/PnN12E +hlIllJ5qYKJcv14Ly8iDGhdRhPEW8INGtruX80+6QR8wqNXuTi54AJsl/QzszFej +grVUVv0l+f+4XxtVrlcWNQ3Mms/QLErd1a4qfnZzr7jZoDVhgj2g0c6j2IIbDJq8 +pQstANDpAgMBAAECggEAAq7WTAU+iGz8ttd3iWrjcl8vUfHDiYzsSv8/PwBd4rbW +VuIago9VK/zEcqlrqs+wShJUT4g6hS0BS9QB4gd6L+ERkOALy1Prhu1xQ8p+Fv0C +KI120OjfcqmDevT2p2j49VJdf+b/t3XR2pqXtPuUSIL5lSQmKJehGDuAtSPGpprt +Ri47/bstEZ9l6xweRUbWtLY7v3Ul+nMZO1HDl+MMY2Cy1Ou6JFuJfEyWYWzs4Uor +b47b0uH/8b0STXX4xw4s5o/0NuSQPIsOM/LN6vZIEM3euYqeLsi/VKXFrTjyrLed +WjldhwwJdxUV6Pr+2s3CFXPqfaJ8amFe1cf/gEk4MQKBgQDeBYr9oyHQ9fER1B7o +ob5LY+37BfaEcQnnuscBDGHJteYamlc+XXHa2UAOoNYUC6SMjzupMNdV6u6JEvP5 +35sGZtP+tKLRxElMD9XBc7m17cWUbjWlplgCLVdly7bgprYPANHEr9djwuq9oppq +clsklx7NawpTYFBg+zrzxBYP0QKBgQDY1Mi4x2JdMtFM+X00MyFjQq3lHexSo5XF +rMgU2A145zAlXiuEVkyqR+Pv3hwm38qqoUAkyIDhXth3C7f75gcQgsgthJJbU6LM +jKhh+/PSg4x3/YmBWQfRiHv9KstAvX7y2oaZIBfBK9ZuPID0QY2RIfUA5KYdBkOP +9urhR3fNmQKBgFMpeFpxFGWU+etXrQwuKX1LvQRdw2zwemlWSNxXqvlHLR2h2jP+ +BHuZDKluDUIM6mHL9Oj25nHEQf0OIFzkKMlJEvdA6gvwnhPjiomfs1w15+AlN+sI +V8bY/PegSqvzRhZwlCI8S02O4SaPFY/xrboS8PK4uXFpjjIFaJuOQ0VBAoGAblbp +xc4Aqjif9bHIGvYh+WcHIt61UeBY6Pzh3GmNgYb0Iy/mqTNZVBW9UmUOomGjumzQ +PWei3gzrzrix6YfG9In43+DksYDACaNSVHpoOyoiIzVr8dyic+gmYFCUmd9UaLT3 +ZZjFPdHXDsXPQXzSU5aaHNg+B+sWGn6mS/mYZ5ECgYAHCvNEO4NHf5AfpAIeZyD5 +1x3hWR3LtI6qkD5LmVhxi6S4pjzQj+T5ZC+iiz0ZZ6GoA2n+UDX4kF1aSgEJry1i +P5ByLciv7hbYWZtpOAy0Z+MtKOFB5Wj4WsvWCAZnL/5qk9zRyoNuKWYrs3FQlmEt +WIxjZC8intDxtAv4KiJdGQ== +-----END PRIVATE KEY----- diff --git a/ipad/example_ca/pki/reqs/alttest.req b/ipad/example_ca/pki/reqs/alttest.req new file mode 100644 index 0000000..c3a3241 --- /dev/null +++ b/ipad/example_ca/pki/reqs/alttest.req @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIChDCCAWwCAQAwEjEQMA4GA1UEAwwHYWx0dGVzdDCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAJT2fitB7gDW9S9UZvRBOWnuZAsVRlnOALa/Kqr3DnXE +5aG3s4YcJAb6kUHxC4c67iYnKGIdrDVU5aOsSKeaqr4uYFJ83s/DKBFCV1KdRCSP +sLb7Nu9Pqn4sV14HigP8GAPoWGuImKiTrGkBsZzvO/4ER54o4sYV+Vzf3iQeL6Tg +sgGUfrgAdrDdNlUi8i06x7HYZ37KLSK43J2HNAzBEcdyK7jtG9h1bQ1J4fa/Et0Z +hIcubcZ9fkIzKgWi/10HEIOkwDWp+ACWKZ+8U2yBGHvkxkFUfxKjWnfLD89SjIOa +MAPKd2WywAsAZ4ZQd7H1ebcgYiX4O8rNxNrRwIH924sCAwEAAaAtMCsGCSqGSIb3 +DQEJDjEeMBwwGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/AAABMA0GCSqGSIb3DQEB +CwUAA4IBAQBgx4vAKtNXLloRv+cmqTdtNSrTeUz4gR2OB96tv7/Y8nPInDuOS5YA +H0y/4d9WjybeeKtSGEWfcxWTPtEvye4HdEP5S4ajmDzAVngfqBBtOZ2a9YXYndwf +Y/tG6AeaJZs7r4LAnRaLFJKwf+P+SL4Sz1ygZZnolUgI3KCH5iJFfWXIKcFvsp8Z +QjtFaKTLnODI9DbyBZg4bJUyddRfEvQCBnd4E7BKaIJif32nUaV18YZ027onUONj +IBaPqbMBHbVb5gXAIqc3u39Ut9dtD/XXxGMAkK3vjEGfPBoNqwVQAj5NxK/+CEwZ ++gdlC3YXEn0Bp/QTwGPtkpaiqClqVZiG +-----END CERTIFICATE REQUEST----- diff --git a/ipad/example_ca/pki/reqs/testsuite.req b/ipad/example_ca/pki/reqs/testsuite.req new file mode 100644 index 0000000..877c3a2 --- /dev/null +++ b/ipad/example_ca/pki/reqs/testsuite.req @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgDCCAWgCAQAwFDESMBAGA1UEAwwJdGVzdHN1aXRlMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAvA038bEtTA6voVGFkh8bPO8EGCTR1g7rc2SG2sZl +4rJ0+27AuV3+Z2FEOr8gbqdTnHuOa+zEVewL+UQIalQ1WYKaY2ALN90iXeNDgU5R +rgpnMbux03AOqEYvEey26VglCslySpfx1XoNaJDrc8LhgRLNCBsh6c5YPtyB3rdl +Mb3Ei1rRBpvA6rdjj/ulZzd+1WkHVmfz5zddhIZSJZSeamCiXL9eC8vIgxoXUYTx +FvCDRra7l/NPukEfMKjV7k4ueACbJf0M7MxXo4K1VFb9Jfn/uF8bVa5XFjUNzJrP +0CxK3dWuKn52c6+42aA1YYI9oNHOo9iCGwyavKULLQDQ6QIDAQABoCcwJQYJKoZI +hvcNAQkOMRgwFjAUBgNVHREEDTALggl0ZXN0c3VpdGUwDQYJKoZIhvcNAQELBQAD +ggEBAA8Se8HfjHNH9UgQFYE2/elUr0QiPoI5EFEswMwO99E1kDM4pq9g/h2wqwW6 +49NkZzzJfuTERM3ZUQC3+AV7pW9rDEQFf5GGUeM5VmBYiFgPK7FoVJkRJ4MroPti +72uADGBXexYFUsbf6V09T0B80yarmNHNCFUChNY5lhcWEYpJuGXnbpGhzZXTPplw +GZmWDUFVHKSPJX2GZw2AF+MfnyNOCRu+VkU4vjbCm8LQENQBDq1HZ5nYi2eHlW5w +x/rmHZx8wv+ipY3DsG8bCho6fuaSvQI9fHi1UVRJcP1bdocCjFk+N1yj+i58TPRK +FoU4y2362LU2nc1mOPeGuQu11Wk= +-----END CERTIFICATE REQUEST----- diff --git a/ipad/example_ca/pki/safessl-easyrsa.cnf b/ipad/example_ca/pki/safessl-easyrsa.cnf new file mode 100644 index 0000000..d42bba9 --- /dev/null +++ b/ipad/example_ca/pki/safessl-easyrsa.cnf @@ -0,0 +1,143 @@ +# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = /home/user/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki # Where everything is kept +certs = /home/user/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki # Where the issued certs are kept +crl_dir = /home/user/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki # Where the issued crl are kept +database = /home/user/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/index.txt # database index file. +new_certs_dir = /home/user/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/certs_by_serial # default place for new certs. + +certificate = /home/user/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/ca.crt # The CA certificate +serial = /home/user/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/serial # The current serial number +crl = /home/user/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/crl.pem # The current CRL +private_key = /home/user/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/private/ca.key # The private key +RANDFILE = /home/user/work/ttcn3/testsuite/osmo-ttcn3-hacks/ipad/example_ca/pki/.rand # private random number file + +x509_extensions = basic_exts # The extensions to add to the cert + +# A placeholder to handle the --copy-ext feature: +#%COPY_EXTS% # Do NOT remove or change this line as --copy-ext support requires it + +# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA +# is designed for will. In return, we get the Issuer attached to CRLs. +crl_extensions = crl_ext + +default_days = 365000 # how long to certify for +default_crl_days = 180 # how long before next CRL +default_md = sha256 # use public key default MD +preserve = no # keep passed DN ordering + +# This allows to renew certificates which have not been revoked +unique_subject = no + +# A few different ways of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_anything + +# For the 'anything' policy, which defines allowed DN fields +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +name = optional +emailAddress = optional + +#################################################################### +# Easy-RSA request handling +# We key off $DN_MODE to determine how to format the DN +[ req ] +default_bits = 2048 +default_keyfile = privkey.pem +default_md = sha256 +distinguished_name = cn_only +x509_extensions = easyrsa_ca # The extensions to add to the self signed cert + +# A placeholder to handle the $EXTRA_EXTS feature: +#%EXTRA_EXTS% # Do NOT remove or change this line as $EXTRA_EXTS support requires it + +#################################################################### +# Easy-RSA DN (Subject) handling + +# Easy-RSA DN for cn_only support: +[ cn_only ] +commonName = Common Name (eg: your user, host, or server name) +commonName_max = 64 +commonName_default = ChangeMe + +# Easy-RSA DN for org support: +[ org ] +countryName = Country Name (2 letter code) +countryName_default = US +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = California + +localityName = Locality Name (eg, city) +localityName_default = San Francisco + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Copyleft Certificate Co + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = My Organizational Unit + +commonName = Common Name (eg: your user, host, or server name) +commonName_max = 64 +commonName_default = ChangeMe + +emailAddress = Email Address +emailAddress_default = me(a)example.net +emailAddress_max = 64 + +#################################################################### +# Easy-RSA cert extension handling + +# This section is effectively unused as the main script sets extensions +# dynamically. This core section is left to support the odd usecase where +# a user calls openssl directly. +[ basic_exts ] +basicConstraints = CA:FALSE +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer:always + +# The Easy-RSA CA extensions +[ easyrsa_ca ] + +# PKIX recommendations: + +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always + +# This could be marked critical, but it's nice to support reading by any +# broken clients who attempt to do so. +basicConstraints = CA:true + +# Limit key usage to CA tasks. If you really want to use the generated pair as +# a self-signed cert, comment this out. +keyUsage = cRLSign, keyCertSign + +# nsCertType omitted by default. Let's try to let the deprecated stuff die. +# nsCertType = sslCA + +# A placeholder to handle the $X509_TYPES and CA extra extensions $EXTRA_EXTS: +#%CA_X509_TYPES_EXTRA_EXTS% # Do NOT remove or change this line as $X509_TYPES and EXTRA_EXTS demands it + +# CRL extensions. +[ crl_ext ] + +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/ipad/example_ca/pki/serial b/ipad/example_ca/pki/serial new file mode 100644 index 0000000..ec9e3df --- /dev/null +++ b/ipad/example_ca/pki/serial @@ -0,0 +1 @@ +2AA3F8FFC3B562AFC67845389A5F2C5B diff --git a/ipad/example_ca/pki/serial.old b/ipad/example_ca/pki/serial.old new file mode 100644 index 0000000..406eea8 --- /dev/null +++ b/ipad/example_ca/pki/serial.old @@ -0,0 +1 @@ +2aa3f8ffc3b562afc67845389a5f2c5a diff --git a/ipad/example_ca/pki/vars b/ipad/example_ca/pki/vars new file mode 100644 index 0000000..4cb08cd --- /dev/null +++ b/ipad/example_ca/pki/vars @@ -0,0 +1,235 @@ +# Easy-RSA 3 parameter settings + +# NOTE: If you installed Easy-RSA from your package manager, do not edit +# this file in place -- instead, you should copy the entire easy-rsa directory +# to another location so future upgrades do not wipe out your changes. + +# HOW TO USE THIS FILE +# +# vars.example contains built-in examples to Easy-RSA settings. You MUST name +# this file "vars" if you want it to be used as a configuration file. If you do +# not, it WILL NOT be automatically read when you call easyrsa commands. +# +# It is not necessary to use this config file unless you wish to change +# operational defaults. These defaults should be fine for many uses without the +# need to copy and edit the "vars" file. +# +# All of the editable settings are shown commented and start with the command +# "set_var" -- this means any set_var command that is uncommented has been +# modified by the user. If you are happy with a default, there is no need to +# define the value to its default. + +# NOTES FOR WINDOWS USERS +# +# Paths for Windows *MUST* use forward slashes, or optionally double-escaped +# backslashes (single forward slashes are recommended.) This means your path to +# the openssl binary might look like this: +# "C:/Program Files/OpenSSL-Win32/bin/openssl.exe" + +# A little housekeeping: DO NOT EDIT THIS SECTION +# +# Easy-RSA 3.x does not source into the environment directly. +# Complain if a user tries to do this: +if [ -z "$EASYRSA_CALLER" ]; then + echo "You appear to be sourcing an Easy-RSA *vars* file." >&2 + echo "This is no longer necessary and is disallowed. See the section called" >&2 + echo "*How to use this file* near the top comments for more details." >&2 + return 1 +fi + +# DO YOUR EDITS BELOW THIS POINT + +# This variable is used as the base location of configuration files needed by +# easyrsa. More specific variables for specific files (e.g., EASYRSA_SSL_CONF) +# may override this default. +# +# The default value of this variable is the location of the easyrsa script +# itself, which is also where the configuration files are located in the +# easy-rsa tree. + +#set_var EASYRSA "${0%/*}" + +# If your OpenSSL command is not in the system PATH, you will need to define the +# path to it here. Normally this means a full path to the executable, otherwise +# you could have left it undefined here and the shown default would be used. +# +# Windows users, remember to use paths with forward-slashes (or escaped +# back-slashes.) Windows users should declare the full path to the openssl +# binary here if it is not in their system PATH. + +#set_var EASYRSA_OPENSSL "openssl" +# +# This sample is in Windows syntax -- edit it for your path if not using PATH: +#set_var EASYRSA_OPENSSL "C:/Program Files/OpenSSL-Win32/bin/openssl.exe" + +# Edit this variable to point to your soon-to-be-created key directory. By +# default, this will be "$PWD/pki" (i.e. the "pki" subdirectory of the +# directory you are currently in). +# +# WARNING: init-pki will do a rm -rf on this directory so make sure you define +# it correctly! (Interactive mode will prompt before acting.) + +#set_var EASYRSA_PKI "$PWD/pki" + +# Define directory for temporary subdirectories. + +#set_var EASYRSA_TEMP_DIR "$EASYRSA_PKI" + +# Define X509 DN mode. +# This is used to adjust what elements are included in the Subject field as the DN +# (this is the "Distinguished Name.") +# Note that in cn_only mode the Organizational fields further below are not used. +# +# Choices are: +# cn_only - use just a CN value +# org - use the "traditional" Country/Province/City/Org/OU/email/CN format + +#set_var EASYRSA_DN "cn_only" + +# Organizational fields (used with "org" mode and ignored in "cn_only" mode.) +# These are the default values for fields which will be placed in the +# certificate. Do not leave any of these fields blank, although interactively +# you may omit any specific field by typing the "." symbol (not valid for +# email.) + +# NOTE: The following characters are not supported +# in these "Organizational fields" by Easy-RSA: +# single quote (') +# back-tick (`) +# hash (#) +# ampersand (&) +# dollar sign ($) +# Use them at your own risk! + +#set_var EASYRSA_REQ_COUNTRY "US" +#set_var EASYRSA_REQ_PROVINCE "California" +#set_var EASYRSA_REQ_CITY "San Francisco" +#set_var EASYRSA_REQ_ORG "Copyleft Certificate Co" +#set_var EASYRSA_REQ_EMAIL "me(a)example.net" +#set_var EASYRSA_REQ_OU "My Organizational Unit" + +# Choose a size in bits for your keypairs. The recommended value is 2048. Using +# 2048-bit keys is considered more than sufficient for many years into the +# future. Larger keysizes will slow down TLS negotiation and make key/DH param +# generation take much longer. Values up to 4096 should be accepted by most +# software. Only used when the crypto alg is rsa (see below.) + +#set_var EASYRSA_KEY_SIZE 2048 + +# The default crypto mode is rsa; ec can enable elliptic curve support. +# Note that not all software supports ECC, so use care when enabling it. +# Choices for crypto alg are: (each in lower-case) +# * rsa +# * ec +# * ed + +#set_var EASYRSA_ALGO rsa + +# Define the named curve, used in ec & ed modes: + +#set_var EASYRSA_CURVE secp384r1 + +# In how many days should the root CA key expire? + +set_var EASYRSA_CA_EXPIRE 365000 + +# In how many days should certificates expire? + +set_var EASYRSA_CERT_EXPIRE 365000 + +# How many days until the next CRL publish date? Note that the CRL can still be +# parsed after this timeframe passes. It is only used for an expected next +# publication date. +#set_var EASYRSA_CRL_DAYS 180 + +# How many days before its expiration date a certificate is allowed to be +# renewed? +#set_var EASYRSA_CERT_RENEW 30 + +# For fixed certificate start/end dates - Range 1..365 +# If set here then command line option is always in effect. +# The day number 183 is either July 2nd or 3rd (leap-year) +# Replace with your chosen day-of-year value: +#set_var EASYRSA_FIX_OFFSET 183 + +# Random serial numbers by default, set to no for the old incremental serial numbers +# +#set_var EASYRSA_RAND_SN "yes" + +# Support deprecated "Netscape" extensions? (choices "yes" or "no".) The default +# is "no" to discourage use of deprecated extensions. If you require this +# feature to use with --ns-cert-type, set this to "yes" here. This support +# should be replaced with the more modern --remote-cert-tls feature. If you do +# not use --ns-cert-type in your configs, it is safe (and recommended) to leave +# this defined to "no". When set to "yes", server-signed certs get the +# nsCertType=server attribute, and also get any NS_COMMENT defined below in the +# nsComment field. + +#set_var EASYRSA_NS_SUPPORT "no" + +# When NS_SUPPORT is set to "yes", this field is added as the nsComment field. +# Set this blank to omit it. With NS_SUPPORT set to "no" this field is ignored. + +#set_var EASYRSA_NS_COMMENT "Easy-RSA Generated Certificate" + +# A temp file used to stage cert extensions during signing. The default should +# be fine for most users; however, some users might want an alternative under a +# RAM-based FS, such as /dev/shm or /tmp on some systems. + +#set_var EASYRSA_TEMP_FILE "$EASYRSA_PKI/extensions.temp" + +# !! +# NOTE: ADVANCED OPTIONS BELOW THIS POINT +# PLAY WITH THEM AT YOUR OWN RISK +# !! + +# Broken shell command aliases: If you have a largely broken shell that is +# missing any of these POSIX-required commands used by Easy-RSA, you will need +# to define an alias to the proper path for the command. The symptom will be +# some form of a "command not found" error from your shell. This means your +# shell is BROKEN, but you can hack around it here if you really need. These +# shown values are not defaults: it is up to you to know what you are doing if +# you touch these. +# +#alias awk="/alt/bin/awk" +#alias cat="/alt/bin/cat" + +# X509 extensions directory: +# If you want to customize the X509 extensions used, set the directory to look +# for extensions here. Each cert type you sign must have a matching filename, +# and an optional file named "COMMON" is included first when present. Note that +# when undefined here, default behaviour is to look in $EASYRSA_PKI first, then +# fallback to $EASYRSA for the "x509-types" dir. You may override this +# detection with an explicit dir here. +# +#set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types" + +# If you want to generate KDC certificates, you need to set the realm here. +#set_var EASYRSA_KDC_REALM "CHANGEME.EXAMPLE.COM" + +# OpenSSL config file: +# If you need to use a specific openssl config file, you can reference it here. +# Normally this file is auto-detected from a file named openssl-easyrsa.cnf from the +# EASYRSA_PKI or EASYRSA dir (in that order.) NOTE that this file is Easy-RSA +# specific and you cannot just use a standard config file, so this is an +# advanced feature. + +#set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf" + +# Default CN: +# This is best left alone. Interactively you will set this manually, and BATCH +# callers are expected to set this themselves. + +#set_var EASYRSA_REQ_CN "ChangeMe" + +# Cryptographic digest to use. +# Do not change this default unless you understand the security implications. +# Valid choices include: md5, sha1, sha256, sha224, sha384, sha512 + +#set_var EASYRSA_DIGEST "sha256" + +# Batch mode. Leave this disabled unless you intend to call Easy-RSA explicitly +# in batch mode without any user input, confirmation on dangerous operations, +# or most output. Setting this to any non-blank string enables batch mode. + +#set_var EASYRSA_BATCH "" diff --git a/ipad/example_ca/pki/vars.example b/ipad/example_ca/pki/vars.example new file mode 100644 index 0000000..4eab5d0 --- /dev/null +++ b/ipad/example_ca/pki/vars.example @@ -0,0 +1,235 @@ +# Easy-RSA 3 parameter settings + +# NOTE: If you installed Easy-RSA from your package manager, do not edit +# this file in place -- instead, you should copy the entire easy-rsa directory +# to another location so future upgrades do not wipe out your changes. + +# HOW TO USE THIS FILE +# +# vars.example contains built-in examples to Easy-RSA settings. You MUST name +# this file "vars" if you want it to be used as a configuration file. If you do +# not, it WILL NOT be automatically read when you call easyrsa commands. +# +# It is not necessary to use this config file unless you wish to change +# operational defaults. These defaults should be fine for many uses without the +# need to copy and edit the "vars" file. +# +# All of the editable settings are shown commented and start with the command +# "set_var" -- this means any set_var command that is uncommented has been +# modified by the user. If you are happy with a default, there is no need to +# define the value to its default. + +# NOTES FOR WINDOWS USERS +# +# Paths for Windows *MUST* use forward slashes, or optionally double-escaped +# backslashes (single forward slashes are recommended.) This means your path to +# the openssl binary might look like this: +# "C:/Program Files/OpenSSL-Win32/bin/openssl.exe" + +# A little housekeeping: DO NOT EDIT THIS SECTION +# +# Easy-RSA 3.x does not source into the environment directly. +# Complain if a user tries to do this: +if [ -z "$EASYRSA_CALLER" ]; then + echo "You appear to be sourcing an Easy-RSA *vars* file." >&2 + echo "This is no longer necessary and is disallowed. See the section called" >&2 + echo "*How to use this file* near the top comments for more details." >&2 + return 1 +fi + +# DO YOUR EDITS BELOW THIS POINT + +# This variable is used as the base location of configuration files needed by +# easyrsa. More specific variables for specific files (e.g., EASYRSA_SSL_CONF) +# may override this default. +# +# The default value of this variable is the location of the easyrsa script +# itself, which is also where the configuration files are located in the +# easy-rsa tree. + +#set_var EASYRSA "${0%/*}" + +# If your OpenSSL command is not in the system PATH, you will need to define the +# path to it here. Normally this means a full path to the executable, otherwise +# you could have left it undefined here and the shown default would be used. +# +# Windows users, remember to use paths with forward-slashes (or escaped +# back-slashes.) Windows users should declare the full path to the openssl +# binary here if it is not in their system PATH. + +#set_var EASYRSA_OPENSSL "openssl" +# +# This sample is in Windows syntax -- edit it for your path if not using PATH: +#set_var EASYRSA_OPENSSL "C:/Program Files/OpenSSL-Win32/bin/openssl.exe" + +# Edit this variable to point to your soon-to-be-created key directory. By +# default, this will be "$PWD/pki" (i.e. the "pki" subdirectory of the +# directory you are currently in). +# +# WARNING: init-pki will do a rm -rf on this directory so make sure you define +# it correctly! (Interactive mode will prompt before acting.) + +#set_var EASYRSA_PKI "$PWD/pki" + +# Define directory for temporary subdirectories. + +#set_var EASYRSA_TEMP_DIR "$EASYRSA_PKI" + +# Define X509 DN mode. +# This is used to adjust what elements are included in the Subject field as the DN +# (this is the "Distinguished Name.") +# Note that in cn_only mode the Organizational fields further below are not used. +# +# Choices are: +# cn_only - use just a CN value +# org - use the "traditional" Country/Province/City/Org/OU/email/CN format + +#set_var EASYRSA_DN "cn_only" + +# Organizational fields (used with "org" mode and ignored in "cn_only" mode.) +# These are the default values for fields which will be placed in the +# certificate. Do not leave any of these fields blank, although interactively +# you may omit any specific field by typing the "." symbol (not valid for +# email.) + +# NOTE: The following characters are not supported +# in these "Organizational fields" by Easy-RSA: +# single quote (') +# back-tick (`) +# hash (#) +# ampersand (&) +# dollar sign ($) +# Use them at your own risk! + +#set_var EASYRSA_REQ_COUNTRY "US" +#set_var EASYRSA_REQ_PROVINCE "California" +#set_var EASYRSA_REQ_CITY "San Francisco" +#set_var EASYRSA_REQ_ORG "Copyleft Certificate Co" +#set_var EASYRSA_REQ_EMAIL "me(a)example.net" +#set_var EASYRSA_REQ_OU "My Organizational Unit" + +# Choose a size in bits for your keypairs. The recommended value is 2048. Using +# 2048-bit keys is considered more than sufficient for many years into the +# future. Larger keysizes will slow down TLS negotiation and make key/DH param +# generation take much longer. Values up to 4096 should be accepted by most +# software. Only used when the crypto alg is rsa (see below.) + +#set_var EASYRSA_KEY_SIZE 2048 + +# The default crypto mode is rsa; ec can enable elliptic curve support. +# Note that not all software supports ECC, so use care when enabling it. +# Choices for crypto alg are: (each in lower-case) +# * rsa +# * ec +# * ed + +#set_var EASYRSA_ALGO rsa + +# Define the named curve, used in ec & ed modes: + +#set_var EASYRSA_CURVE secp384r1 + +# In how many days should the root CA key expire? + +#set_var EASYRSA_CA_EXPIRE 3650 + +# In how many days should certificates expire? + +#set_var EASYRSA_CERT_EXPIRE 825 + +# How many days until the next CRL publish date? Note that the CRL can still be +# parsed after this timeframe passes. It is only used for an expected next +# publication date. +#set_var EASYRSA_CRL_DAYS 180 + +# How many days before its expiration date a certificate is allowed to be +# renewed? +#set_var EASYRSA_CERT_RENEW 30 + +# For fixed certificate start/end dates - Range 1..365 +# If set here then command line option is always in effect. +# The day number 183 is either July 2nd or 3rd (leap-year) +# Replace with your chosen day-of-year value: +#set_var EASYRSA_FIX_OFFSET 183 + +# Random serial numbers by default, set to no for the old incremental serial numbers +# +#set_var EASYRSA_RAND_SN "yes" + +# Support deprecated "Netscape" extensions? (choices "yes" or "no".) The default +# is "no" to discourage use of deprecated extensions. If you require this +# feature to use with --ns-cert-type, set this to "yes" here. This support +# should be replaced with the more modern --remote-cert-tls feature. If you do +# not use --ns-cert-type in your configs, it is safe (and recommended) to leave +# this defined to "no". When set to "yes", server-signed certs get the +# nsCertType=server attribute, and also get any NS_COMMENT defined below in the +# nsComment field. + +#set_var EASYRSA_NS_SUPPORT "no" + +# When NS_SUPPORT is set to "yes", this field is added as the nsComment field. +# Set this blank to omit it. With NS_SUPPORT set to "no" this field is ignored. + +#set_var EASYRSA_NS_COMMENT "Easy-RSA Generated Certificate" + +# A temp file used to stage cert extensions during signing. The default should +# be fine for most users; however, some users might want an alternative under a +# RAM-based FS, such as /dev/shm or /tmp on some systems. + +#set_var EASYRSA_TEMP_FILE "$EASYRSA_PKI/extensions.temp" + +# !! +# NOTE: ADVANCED OPTIONS BELOW THIS POINT +# PLAY WITH THEM AT YOUR OWN RISK +# !! + +# Broken shell command aliases: If you have a largely broken shell that is +# missing any of these POSIX-required commands used by Easy-RSA, you will need +# to define an alias to the proper path for the command. The symptom will be +# some form of a "command not found" error from your shell. This means your +# shell is BROKEN, but you can hack around it here if you really need. These +# shown values are not defaults: it is up to you to know what you are doing if +# you touch these. +# +#alias awk="/alt/bin/awk" +#alias cat="/alt/bin/cat" + +# X509 extensions directory: +# If you want to customize the X509 extensions used, set the directory to look +# for extensions here. Each cert type you sign must have a matching filename, +# and an optional file named "COMMON" is included first when present. Note that +# when undefined here, default behaviour is to look in $EASYRSA_PKI first, then +# fallback to $EASYRSA for the "x509-types" dir. You may override this +# detection with an explicit dir here. +# +#set_var EASYRSA_EXT_DIR "$EASYRSA/x509-types" + +# If you want to generate KDC certificates, you need to set the realm here. +#set_var EASYRSA_KDC_REALM "CHANGEME.EXAMPLE.COM" + +# OpenSSL config file: +# If you need to use a specific openssl config file, you can reference it here. +# Normally this file is auto-detected from a file named openssl-easyrsa.cnf from the +# EASYRSA_PKI or EASYRSA dir (in that order.) NOTE that this file is Easy-RSA +# specific and you cannot just use a standard config file, so this is an +# advanced feature. + +#set_var EASYRSA_SSL_CONF "$EASYRSA_PKI/openssl-easyrsa.cnf" + +# Default CN: +# This is best left alone. Interactively you will set this manually, and BATCH +# callers are expected to set this themselves. + +#set_var EASYRSA_REQ_CN "ChangeMe" + +# Cryptographic digest to use. +# Do not change this default unless you understand the security implications. +# Valid choices include: md5, sha1, sha256, sha224, sha384, sha512 + +#set_var EASYRSA_DIGEST "sha256" + +# Batch mode. Leave this disabled unless you intend to call Easy-RSA explicitly +# in batch mode without any user input, confirmation on dangerous operations, +# or most output. Setting this to any non-blank string enables batch mode. + +#set_var EASYRSA_BATCH "" diff --git a/ipad/gen_links.sh b/ipad/gen_links.sh new file mode 100755 index 0000000..130c68e --- /dev/null +++ b/ipad/gen_links.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +BASEDIR=../deps + +. ../gen_links.sh.inc + +DIR=$BASEDIR/titan.Libraries.TCCUsefulFunctions/src +FILES="TCCInterface_Functions.ttcn TCCConversion_Functions.ttcn TCCConversion.cc TCCInterface.cc TCCInterface_ip.h" +gen_links $DIR $FILES + +DIR=$BASEDIR/titan.TestPorts.Common_Components.Abstract_Socket/src +FILES="Abstract_Socket.cc Abstract_Socket.hh " +gen_links $DIR $FILES + +DIR=$BASEDIR/titan.TestPorts.HTTPmsg/src +FILES="HTTPmsg_MessageLen.ttcn HTTPmsg_MessageLen_Function.cc HTTPmsg_PT.cc HTTPmsg_PT.hh HTTPmsg_PortType.ttcn " +FILES+="HTTPmsg_Types.ttcn" +gen_links $DIR $FILES + +DIR=$BASEDIR/titan.TestPorts.Common_Components.Socket-API/src +FILES="Socket_API_Definitions.ttcn" +gen_links $DIR $FILES + +DIR=$BASEDIR/titan.TestPorts.IPL4asp/src +FILES="IPL4asp_Functions.ttcn IPL4asp_PT.cc IPL4asp_PT.hh IPL4asp_PortType.ttcn IPL4asp_Types.ttcn " +FILES+="IPL4asp_discovery.cc IPL4asp_protocol_L234.hh" +gen_links $DIR $FILES + +DIR=../library/euicc +FILES="PEDefinitions.asn PKIX1Explicit88.asn PKIX1Implicit88.asn RSPDefinitions.asn SGP32Definitions.asn " +FILES+="PKIX1Explicit88_Templates.ttcn PKIX1Explicit88_Types.ttcn PKIX1Implicit88_Templates.ttcn " +FILES+="PKIX1Implicit88_Types.ttcn RSPDefinitions_Templates.ttcn RSPDefinitions_Types.ttcn " +FILES+="SGP32Definitions_Templates.ttcn SGP32Definitions_Types.ttcn " +FILES+="PKIX1Explicit88_EncDec.cc PKIX1Implicit88_EncDec.cc RSPDefinitions_EncDec.cc SGP32Definitions_EncDec.cc" +gen_links $DIR $FILES + +DIR=../library +FILES="Misc_Helpers.ttcn General_Types.ttcn Osmocom_Types.ttcn Native_Functions.ttcn Native_FunctionDefs.cc " +FILES+="VPCD_Types.ttcn VPCD_CodecPort.ttcn VPCD_CodecPort_CtrlFunct.ttcn VPCD_CodecPort_CtrlFunctDef.cc " +FILES+="VPCD_Adapter.ttcn HTTP_Server_Emulation.ttcn" +gen_links $DIR $FILES + +ignore_pp_results diff --git a/ipad/regen_makefile.sh b/ipad/regen_makefile.sh new file mode 100755 index 0000000..9123e43 --- /dev/null +++ b/ipad/regen_makefile.sh @@ -0,0 +1,25 @@ +#!/bin/sh + +NAME=IPAd_Tests + +FILES=" + *.ttcn + *.asn + Abstract_Socket.cc + HTTPmsg_MessageLen_Function.cc + HTTPmsg_PT.cc + IPL4asp_PT.cc + IPL4asp_discovery.cc + Native_FunctionDefs.cc + TCCConversion.cc + TCCInterface.cc + SGP32Definitions_EncDec.cc + RSPDefinitions_EncDec.cc + PKIX1Explicit88_EncDec.cc + PKIX1Implicit88_EncDec.cc + VPCD_CodecPort_CtrlFunctDef.cc +" +../regen-makefile.sh IPAd_Tests.ttcn $FILES + +# required for forkpty(3) used by PIPEasp +sed -i -e '/^LINUX_LIBS/ s/$/ -lutil/' Makefile diff --git a/regen-makefile.sh b/regen-makefile.sh index 09088e0..813b212 100755 --- a/regen-makefile.sh +++ b/regen-makefile.sh @@ -41,12 +41,12 @@ sed -i -e 's/# TTCN3_DIR = /TTCN3_DIR = \/usr/' Makefile sed -i -e 's/LDFLAGS = /LDFLAGS = -L \/usr\/lib\/titan/' Makefile -sed -i -e 's/LINUX_LIBS = -lxml2/LINUX_LIBS = -lxml2 -lsctp/' Makefile +sed -i -e 's/LINUX_LIBS = -lxml2/LINUX_LIBS = -lxml2 -lsctp -lssl/' Makefile #sed -i -e 's/TTCN3_LIB = ttcn3-parallel/TTCN3_LIB = ttcn3/' Makefile # The -DMAKEDEPEND_RUN is a workaround for Debian packaging issue, # see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879816 for details -sed -i -e 's/CPPFLAGS = -D$(PLATFORM)/CPPFLAGS = -D$(PLATFORM) -DMAKEDEPEND_RUN -DUSE_SCTP -DLKSCTP_MULTIHOMING_ENABLED/' Makefile +sed -i -e 's/CPPFLAGS = -D$(PLATFORM)/CPPFLAGS = -D$(PLATFORM) -DMAKEDEPEND_RUN -DUSE_SCTP -DLKSCTP_MULTIHOMING_ENABLED -DAS_USE_SSL/' Makefile #remove -Wall from CXXFLAGS: we're not interested in generic warnings for autogenerated code cluttering the logs sed -i -e 's/-Wall//' Makefile -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36229?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: Ic9ea8c69e56a2e8ddf0f506861ece6d40cbcb06d Gerrit-Change-Number: 36229 Gerrit-PatchSet: 9 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-MessageType: merged

6 days, 15 hours

1
0
0 0

[M] Change in osmo-ttcn3-hacks[master]: HTTP_Adapter: add support for binary messages

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36645?usp=email ) Change subject: HTTP_Adapter: add support for binary messages ...................................................................... HTTP_Adapter: add support for binary messages The HTTP_Adapter currently only supports text only HTTP messages. However, the HTTPmsg testport API also has a way to deal with binary HTTP messages. Related: SYS#6824 Change-Id: I18340f19ed462bf80af683dc9f2831b602f4bdf7 --- M library/HTTP_Adapter.ttcn 1 file changed, 76 insertions(+), 5 deletions(-) Approvals: Jenkins Builder: Verified laforge: Looks good to me, approved pespin: Looks good to me, but someone else must approve diff --git a/library/HTTP_Adapter.ttcn b/library/HTTP_Adapter.ttcn index d26cce5..c78c40a 100644 --- a/library/HTTP_Adapter.ttcn +++ b/library/HTTP_Adapter.ttcn @@ -71,11 +71,17 @@ } function f_ts_HTTP_Header(template (omit) charstring body := omit, + template (omit) octetstring binary_body := omit, template (omit) charstring host := omit, HeaderLines custom_hdr := { }) return template (value) HeaderLines { var HeaderLines hdr := { }; + /* Make sure we never use body or binary_body at the same time */ + if (not istemplatekind(body, "omit") and not istemplatekind(binary_body, "omit")) { + setverdict(fail, "use wither (ascii) body or binary_body"); + } + /* Build default header */ if (not istemplatekind(host, "omit")) { hdr := hdr & {valueof(ts_HeaderLine("Host", valueof(host)))}; @@ -84,6 +90,9 @@ if (not istemplatekind(body, "omit")) { hdr := hdr & {valueof(ts_HeaderLine("Content-Length", int2str(lengthof(body))))}; } + else if (not istemplatekind(binary_body, "omit")) { + hdr := hdr & {valueof(ts_HeaderLine("Content-Length", int2str(lengthof(binary_body))))}; + } return f_overlay_HTTP_Header(hdr, custom_hdr); } @@ -107,11 +116,36 @@ uri := url, version_major := v_maj, version_minor := v_min, - header := f_ts_HTTP_Header(body, host, custom_hdr), + header := f_ts_HTTP_Header(body, omit, host, custom_hdr), body := f_ts_body_or_empty(body) } } +function f_ts_body_or_empty_bin(template (omit) octetstring body) return template (value) octetstring { + if (istemplatekind(body, "omit")) { + return ''O; + } + return body; +} + +template (value) HTTPMessage ts_HTTP_Req_Bin(charstring url, + charstring method := "GET", + template (omit) octetstring body := omit, + integer v_maj := 1, integer v_min := 1, + charstring host, + HeaderLines custom_hdr := { }) := { + request_binary := { + client_id := omit, + method := method, + uri := url, + version_major := v_maj, + version_minor := v_min, + header := f_ts_HTTP_Header(omit, body, host, custom_hdr), + body := f_ts_body_or_empty_bin(body) + } +} + + template HTTPMessage tr_HTTP_Resp(template integer sts := ?) := { response := { client_id := ?, @@ -124,14 +158,33 @@ } }; +template HTTPMessage tr_HTTP_Resp_Bin(template integer sts := ?) := { + response_binary := { + client_id := ?, + version_major := ?, + version_minor := ?, + statuscode := sts, + statustext := ?, + header := ?, + body := ? + } +}; + template HTTPMessage tr_HTTP_Resp2xx := tr_HTTP_Resp((200..299)); -function f_http_tx_request(charstring url, charstring method := "GET", template charstring body := omit, +function f_http_tx_request(charstring url, charstring method := "GET", + template charstring body := omit, + template octetstring binary_body := omit, HeaderLines custom_hdr := { }) runs on http_CT { HTTP.send(ts_HTTP_Connect(g_pars.http_host, g_pars.http_port, g_pars.use_ssl)); HTTP.receive(Connect_result:?); - HTTP.send(ts_HTTP_Req(url, method, body, host := g_pars.http_host & ":" & int2str(g_pars.http_port), custom_hdr := custom_hdr)); + + if (not istemplatekind(body, "omit")) { + HTTP.send(ts_HTTP_Req(url, method, body, host := g_pars.http_host & ":" & int2str(g_pars.http_port), custom_hdr := custom_hdr)); + } else if (not istemplatekind(binary_body, "omit")) { + HTTP.send(ts_HTTP_Req_Bin(url, method, binary_body, host := g_pars.http_host & ":" & int2str(g_pars.http_port), custom_hdr := custom_hdr)); + } } function f_http_rx_response(template HTTPMessage exp := tr_HTTP_Resp2xx, float tout := 2.0) @@ -146,6 +199,9 @@ [] HTTP.receive(tr_HTTP_Resp) -> value resp { setverdict(fail, "Unexpected HTTP response ", resp); } + [] HTTP.receive(tr_HTTP_Resp_Bin) -> value resp { + setverdict(fail, "Unexpected (binary) HTTP response ", resp); + } [] T.timeout { setverdict(fail, "Timeout waiting for HTTP response"); self.stop; @@ -157,10 +213,12 @@ /* run a HTTP request and return the response */ function f_http_transact(charstring url, charstring method := "GET", - template (omit) charstring body := omit, template HTTPMessage exp := tr_HTTP_Resp2xx, + template (omit) charstring body := omit, + template (omit) octetstring binary_body := omit, + template HTTPMessage exp := tr_HTTP_Resp2xx, float tout := 2.0, HeaderLines custom_hdr := { }) runs on http_CT return HTTPMessage { - f_http_tx_request(url, method, body, custom_hdr); + f_http_tx_request(url, method, body, binary_body, custom_hdr); return f_http_rx_response(exp, tout); } -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36645?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: I18340f19ed462bf80af683dc9f2831b602f4bdf7 Gerrit-Change-Number: 36645 Gerrit-PatchSet: 2 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: pespin <pespin(a)sysmocom.de> Gerrit-MessageType: merged

6 days, 15 hours

1
0
0 0

[M] Change in osmo-ttcn3-hacks[master]: HTTP_Adaptor: allow keeping an HTTP client connection

by laforge

laforge has submitted this change. ( https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36646?usp=email ) Change subject: HTTP_Adaptor: allow keeping an HTTP client connection ...................................................................... HTTP_Adaptor: allow keeping an HTTP client connection At the moment the HTTP_Adaptor automatically creates a new connection, performs the HTTP request and closes the connection again. This means the connection lives only for a single request. Let's add some flexibility so that we can perform multiple consecutive requests through the same connection. Change-Id: Ic6994c504143820dde498c1a2bad2ad6a523dd70 Related: SYS#6824 --- M library/HTTP_Adapter.ttcn 1 file changed, 78 insertions(+), 15 deletions(-) Approvals: osmith: Looks good to me, approved Jenkins Builder: Verified diff --git a/library/HTTP_Adapter.ttcn b/library/HTTP_Adapter.ttcn index c78c40a..f408ee4 100644 --- a/library/HTTP_Adapter.ttcn +++ b/library/HTTP_Adapter.ttcn @@ -40,7 +40,7 @@ portnumber := http_port, use_ssl := use_ssl } -template (value) Close ts_HTTP_Close := { client_id := omit }; +template (value) Close ts_HTTP_Close(template (omit) integer client_id := omit) := { client_id := client_id }; /* function to add HeaderLines to a an existing set of HeaderLines. HeaderLines that are already present, are updated. */ function f_overlay_HTTP_Header(HeaderLines hdr, HeaderLines additional_hdr) return template (value) HeaderLines @@ -109,9 +109,10 @@ template (omit) charstring body := omit, integer v_maj := 1, integer v_min := 1, charstring host, - HeaderLines custom_hdr := { }) := { + HeaderLines custom_hdr := { }, + template (omit) integer client_id := omit) := { request := { - client_id := omit, + client_id := client_id, method := method, uri := url, version_major := v_maj, @@ -133,9 +134,10 @@ template (omit) octetstring body := omit, integer v_maj := 1, integer v_min := 1, charstring host, - HeaderLines custom_hdr := { }) := { + HeaderLines custom_hdr := { }, + template (omit) integer client_id := omit) := { request_binary := { - client_id := omit, + client_id := client_id, method := method, uri := url, version_major := v_maj, @@ -175,19 +177,48 @@ function f_http_tx_request(charstring url, charstring method := "GET", template charstring body := omit, template octetstring binary_body := omit, - HeaderLines custom_hdr := { }) + HeaderLines custom_hdr := { }, + float tout := 2.0, + template integer client_id := omit) runs on http_CT { - HTTP.send(ts_HTTP_Connect(g_pars.http_host, g_pars.http_port, g_pars.use_ssl)); - HTTP.receive(Connect_result:?); + var Connect_result rc; + timer T := tout; + var template integer use_client_id := omit; + + /* In case the caller didn't specify a client_id, we will create a new connection. */ + if (istemplatekind(client_id, "omit")) { + HTTP.send(ts_HTTP_Connect(g_pars.http_host, g_pars.http_port, g_pars.use_ssl)); + T.start; + alt { + [] HTTP.receive(Connect_result:?) -> value rc; + [] HTTP.receive { + setverdict(fail, "HTTP connection to client failed"); + self.stop; + } + [] T.timeout { + setverdict(fail, "Timeout waiting for completion of HTTP connection"); + self.stop; + } + } + use_client_id := rc.client_id; + } else { + use_client_id := client_id; + } if (not istemplatekind(body, "omit")) { - HTTP.send(ts_HTTP_Req(url, method, body, host := g_pars.http_host & ":" & int2str(g_pars.http_port), custom_hdr := custom_hdr)); + HTTP.send(ts_HTTP_Req(url, method, body, host := g_pars.http_host & ":" & int2str(g_pars.http_port), + custom_hdr := custom_hdr, client_id := use_client_id)); } else if (not istemplatekind(binary_body, "omit")) { - HTTP.send(ts_HTTP_Req_Bin(url, method, binary_body, host := g_pars.http_host & ":" & int2str(g_pars.http_port), custom_hdr := custom_hdr)); + HTTP.send(ts_HTTP_Req_Bin(url, method, binary_body, + host := g_pars.http_host & ":" & int2str(g_pars.http_port), + custom_hdr := custom_hdr, client_id := use_client_id)); } } -function f_http_rx_response(template HTTPMessage exp := tr_HTTP_Resp2xx, float tout := 2.0) +function f_http_rx_response(template HTTPMessage exp := tr_HTTP_Resp2xx, + float tout := 2.0, + template integer client_id := omit, + boolean keep_connection := false) runs on http_CT return HTTPMessage { var HTTPMessage resp; timer T := tout; @@ -207,7 +238,11 @@ self.stop; } } - HTTP.send(ts_HTTP_Close); + + if (not keep_connection) { + HTTP.send(ts_HTTP_Close(client_id)); + } + return resp; } @@ -216,10 +251,22 @@ template (omit) charstring body := omit, template (omit) octetstring binary_body := omit, template HTTPMessage exp := tr_HTTP_Resp2xx, - float tout := 2.0, HeaderLines custom_hdr := { }) + float tout := 2.0, HeaderLines custom_hdr := { }, + template integer client_id := omit, + boolean keep_connection := false) runs on http_CT return HTTPMessage { - f_http_tx_request(url, method, body, binary_body, custom_hdr); - return f_http_rx_response(exp, tout); + f_http_tx_request(url, method, body, binary_body, custom_hdr, tout, client_id); + return f_http_rx_response(exp, tout, client_id, keep_connection); +} + +function f_http_client_id_from_http_response(template HTTPMessage response_http) return template integer { + if (ispresent(response_http.response_binary)) { + return response_http.response_binary.client_id; + } else if (ispresent(response_http.response)) { + return response_http.response.client_id; + } + + return omit; } } -- To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36646?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-ttcn3-hacks Gerrit-Branch: master Gerrit-Change-Id: Ic6994c504143820dde498c1a2bad2ad6a523dd70 Gerrit-Change-Number: 36646 Gerrit-PatchSet: 2 Gerrit-Owner: dexter <pmaier(a)sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <laforge(a)osmocom.org> Gerrit-Reviewer: osmith <osmith(a)sysmocom.de> Gerrit-MessageType: merged

6 days, 15 hours

1
0
0 0

2024

2023

2022

gerrit-log