OpenBSC April 2016

openbsc@lists.osmocom.org

23 participants
112 discussions

[osmo-sim-auth] Only AUTS returning
by Marco Heumann 06 Apr '16

06 Apr '16

Hello everyone, a student college and me are using the osmo-sim-auth tool for a student project. We have valid data for our SIM card since it's a special ordered test SIM card. In 2G mode we get the correct RES value, but in 3G mode we always get only an AUTS value. We calculated the SQN value from the AUTS to verify that we have the correct SQN value, but still we only get AUTS as return. I would be grateful to hear if any of you have an idea why this is happening. Best regards Marco

2 1

[PATCH] NAT: reload BSCs config dynamically
by msuraev＠sysmocom.de 05 Apr '16

05 Apr '16

From: Max <msuraev(a)sysmocom.de> Add vty tests for BSC configuration reloading. Load BSCs configuration on bscs-config-file command: * remove all runtime configured BSC not in the config file * close connections to all BSC with updated token value Fixes: OS#1670 Sponsored-by: On-Waves ehf --- openbsc/include/openbsc/bsc_nat.h | 5 ++ openbsc/src/osmo-bsc_nat/bsc_nat.c | 4 +- openbsc/src/osmo-bsc_nat/bsc_nat_vty.c | 35 +++++++- openbsc/tests/vty_test_runner.py | 145 ++++++++++++++++++++++++++++++++- 4 files changed, 185 insertions(+), 4 deletions(-) diff --git a/openbsc/include/openbsc/bsc_nat.h b/openbsc/include/openbsc/bsc_nat.h index ab1c590..c664d24 100644 --- a/openbsc/include/openbsc/bsc_nat.h +++ b/openbsc/include/openbsc/bsc_nat.h @@ -35,6 +35,7 @@ #include <osmocom/gsm/protocol/gsm_04_08.h> #include <regex.h> +#include <stdbool.h> #define DIR_BSC 1 #define DIR_MSC 2 @@ -164,6 +165,10 @@ struct bsc_config { /* audio handling */ int max_endpoints; + /* used internally for reload handling */ + bool remove; + bool token_updated; + /* backpointer */ struct bsc_nat *nat; diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c b/openbsc/src/osmo-bsc_nat/bsc_nat.c index 7dcacfd..9bbb253 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c @@ -1321,8 +1321,8 @@ static int ipaccess_bsc_read_cb(struct osmo_fd *bfd) bsc->cfg ? bsc->cfg->nr : -1); else LOGP(DNAT, LOGL_ERROR, - "Stream error on BSC Nr: %d. Failed to parse ip access message: %d\n", - bsc->cfg ? bsc->cfg->nr : -1, ret); + "Stream error on BSC Nr: %d. Failed to parse ip access message: %d (%s)\n", + bsc->cfg ? bsc->cfg->nr : -1, ret, strerror(-ret)); bsc_close_connection(bsc); return -1; diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c b/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c index 8def3ed..45e408c 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c @@ -39,6 +39,7 @@ #include <osmocom/sccp/sccp.h> #include <stdlib.h> +#include <stdbool.h> static struct bsc_nat *_nat; @@ -512,15 +513,40 @@ DEFUN(cfg_nat_include, "Set the filename of the BSC configuration to include.\n" "The filename to be included.") { + int rc; + struct bsc_config *cf1, *cf2; + struct bsc_connection *con1, *con2; const char *path = bsc_nat_resolve_path(_nat, _nat->include_base, argv[0]); - int rc = vty_read_config_file(path, NULL); + + llist_for_each_entry_safe(cf1, cf2, &_nat->bsc_configs, entry) { + cf1->remove = true; + cf1->token_updated = false; + } + + rc = vty_read_config_file(path, NULL); if (rc < 0) { vty_out(vty, "Failed to parse the config file %s: %s%s", path, strerror(-rc), VTY_NEWLINE); return CMD_WARNING; } + bsc_replace_string(_nat, &_nat->include_file, argv[0]); + + llist_for_each_entry_safe(con1, con2, &_nat->bsc_connections, + list_entry) { + if (con1->cfg) + if (con1->cfg->token_updated || con1->cfg->remove) + bsc_close_connection(con1); + } + + llist_for_each_entry_safe(cf1, cf2, &_nat->bsc_configs, entry) { + if (cf1->remove) { + bsc_config_free(cf1); + _nat->num_bsc--; + } + } + return CMD_SUCCESS; } @@ -843,6 +869,7 @@ DEFUN(cfg_bsc, cfg_bsc_cmd, "bsc BSC_NR", if (!bsc) return CMD_WARNING; + bsc->remove = false; vty->index = bsc; vty->node = NAT_BSC_NODE; @@ -855,6 +882,12 @@ DEFUN(cfg_bsc_token, cfg_bsc_token_cmd, "token TOKEN", { struct bsc_config *conf = vty->index; + if (strncmp(conf->token, argv[0], 128) != 0) { + vty_out(vty, "updated token: %s -> %s%s", conf->token, argv[0], + VTY_NEWLINE); + conf->token_updated = true; + } + bsc_replace_string(conf, &conf->token, argv[0]); return CMD_SUCCESS; } diff --git a/openbsc/tests/vty_test_runner.py b/openbsc/tests/vty_test_runner.py index 8db0825..bd2cefd 100644 --- a/openbsc/tests/vty_test_runner.py +++ b/openbsc/tests/vty_test_runner.py @@ -584,12 +584,61 @@ class TestVTYBSC(TestVTYGenericBSC): class TestVTYNAT(TestVTYGenericBSC): def vty_command(self): - return ["./src/osmo-bsc_nat/osmo-bsc_nat", "-c", + return ["./src/osmo-bsc_nat/osmo-bsc_nat", "-l", "127.0.0.1", "-c", "doc/examples/osmo-bsc_nat/osmo-bsc_nat.cfg"] def vty_app(self): return (4244, "src/osmo-bsc_nat/osmo-bsc_nat", "OsmoBSCNAT", "nat") + def testBSCreload(self): + # use separate ip to avoid interference with other tests + ip = "127.0.0.4" + self.vty.enable() + bscs1 = self.vty.command("show bsc-config") + nat_bsc_reload(self) + bscs2 = self.vty.command("show bsc-config") + # check that multiple calls to bscs-config-file give the same result + self.assertEquals(bscs1, bscs2) + + # add new bsc + self.vty.command("configure terminal") + self.vty.command("nat") + self.vty.command("bsc 2") + self.vty.command("token key") + self.vty.command("location_area_code 666") + self.vty.command("end") + + # update bsc token + self.vty.command("configure terminal") + self.vty.command("nat") + self.vty.command("bsc 1") + self.vty.command("token xyu") + self.vty.command("end") + + nat_msc_ip(self, ip) + msc = nat_msc_test(self, ip) + b0 = nat_bsc_sock_test(0, "lol") + b1 = nat_bsc_sock_test(1, "xyu") + b2 = nat_bsc_sock_test(2, "key") + + self.assertEquals("3 BSCs configured", self.vty.command("show nat bsc")) + self.assertTrue(3 == nat_bsc_num_con(self)) + self.assertEquals("MSC is connected: 1", self.vty.command("show msc connection")) + + nat_bsc_reload(self) + bscs2 = self.vty.command("show bsc-config") + # check that the reset to initial config succeeded + self.assertEquals(bscs1, bscs2) + + self.assertEquals("2 BSCs configured", self.vty.command("show nat bsc")) + self.assertTrue(1 == nat_bsc_num_con(self)) + rem = self.vty.command("show bsc connections").split(' ') + # remaining connection is for BSC0 + self.assertEquals('0', rem[2]) + # remaining connection is authorized + self.assertEquals('1', rem[4]) + self.assertEquals("MSC is connected: 1", self.vty.command("show msc connection")) + def testVtyTree(self): self.vty.enable() self.assertTrue(self.vty.verify('configure terminal', [''])) @@ -971,6 +1020,100 @@ def add_nat_test(suite, workdir): test = unittest.TestLoader().loadTestsFromTestCase(TestVTYNAT) suite.addTest(test) +def nat_bsc_reload(x): + x.vty.command("configure terminal") + x.vty.command("nat") + x.vty.command("bscs-config-file bscs.config") + x.vty.command("end") + +def nat_msc_ip(x, ip): + x.vty.command("configure terminal") + x.vty.command("nat") + x.vty.command("msc ip " + ip) + x.vty.command("end") + +def data2str(d): + return "".join("{:02x}".format(ord(c)) for c in d) + +def nat_msc_test(x, ip, verbose = False): + msc = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + msc.settimeout(32) + msc.bind((ip, 5000)) + msc.listen(5) + if (verbose): + print "MSC is ready at " + ip + while "MSC is connected: 0" == x.vty.command("show msc connection"): + conn, addr = msc.accept() + if (verbose): + print "MSC got connection from ", addr + return conn + +def ipa_send_pong(x, verbose = False): + if (verbose): + print "\tBSC -> NAT: PONG!" + x.send("\x00\x01\xfe\x01") + +def ipa_send_ping(x, verbose = False): + if (verbose): + print "\tBSC -> NAT: PING?" + x.send("\x00\x01\xfe\x00") + +def ipa_send_ack(x, verbose = False): + if (verbose): + print "\tBSC -> NAT: IPA ID ACK" + x.send("\x00\x01\xfe\x06") + +def ipa_handle_small(x, verbose = False): + s = data2str(x.recv(4)) + if "0001fe00" == s: + if (verbose): + print "\tBSC <- NAT: PING?" + ipa_send_pong(x, verbose) + elif "0001fe06" == s: + if (verbose): + print "\tBSC <- NAT: IPA ID ACK" + ipa_send_ack(x, verbose) + elif "0001fe00" == s: + if (verbose): + print "\tBSC <- NAT: PONG!" + else: + if (verbose): + print "\tBSC <- NAT: ", s + +def ipa_send_reset(x, verbose = False): + if (verbose): + print "\tBSC -> NAT: RESET" + x.send("\x00\x12\xfd\x09\x00\x03\x05\x07\x02\x42\xfe\x02\x42\xfe\x06\x00\x04\x30\x04\x01\x20") + +def ipa_send_resp(x, tk, verbose = False): + if (verbose): + print "\tBSC -> NAT: IPA ID RESP" + x.send("\x00\x07\xfe\x05\x00\x04\x01" + tk) + +def ipa_handle_resp(x, tk, verbose = False): + s = data2str(x.recv(38)) + if "0023fe040108010701020103010401050101010011" in s: + ipa_send_resp(x, tk, verbose) + else: + if (verbose): + print "\tBSC <- NAT: ", s + +def nat_bsc_num_con(x): + return len(x.vty.command("show bsc connections").split('\n')) + +def nat_bsc_sock_test(nr, tk, verbose = False): + bsc = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + bsc.bind(('127.0.0.1' + str(nr), 0)) + bsc.connect(('127.0.0.1', 5000)) + if (verbose): + print "BSC%d " %nr + print "\tconnected to %s:%d" % bsc.getpeername() + ipa_handle_small(bsc, verbose) + ipa_handle_resp(bsc, tk, verbose) + bsc.recv(27) # MGCP msg + ipa_handle_small(bsc, verbose) + return bsc + def add_bsc_test(suite, workdir): if not os.path.isfile(os.path.join(workdir, "src/osmo-bsc/osmo-bsc")): print("Skipping the BSC test") -- 2.8.1

2 1

[PATCH 1/4] Ignore vty test byproducts
by msuraev＠sysmocom.de 05 Apr '16

05 Apr '16

From: Max <msuraev(a)sysmocom.de> --- openbsc/.gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/openbsc/.gitignore b/openbsc/.gitignore index 28fdcc8..bae3b65 100644 --- a/openbsc/.gitignore +++ b/openbsc/.gitignore @@ -90,3 +90,5 @@ tests/testsuite.log src/openbsc.cfg* +writtenconfig/ +gtphub_restart_count -- 2.8.1

2 5

[PATCH] Add ubit <-> sbit convertors
by msuraev＠sysmocom.de 05 Apr '16

05 Apr '16

From: Max <msuraev(a)sysmocom.de> Move functions for conversion between soft and unpacked bits to main library as they are generally useful. --- include/osmocom/core/bits.h | 3 +++ src/bits.c | 24 ++++++++++++++++++++++++ tests/conv/conv_test.c | 23 ++--------------------- 3 files changed, 29 insertions(+), 21 deletions(-) diff --git a/include/osmocom/core/bits.h b/include/osmocom/core/bits.h index 46f0c8b..e082313 100644 --- a/include/osmocom/core/bits.h +++ b/include/osmocom/core/bits.h @@ -42,6 +42,9 @@ int osmo_ubit2pbit(pbit_t *out, const ubit_t *in, unsigned int num_bits); int osmo_pbit2ubit(ubit_t *out, const pbit_t *in, unsigned int num_bits); +void osmo_ubit2sbit(sbit_t *out, const ubit_t *in, unsigned int num_bits); +void osmo_sbit2ubit(ubit_t *out, const sbit_t *in, unsigned int num_bits); + int osmo_ubit2pbit_ext(pbit_t *out, unsigned int out_ofs, const ubit_t *in, unsigned int in_ofs, unsigned int num_bits, int lsb_mode); diff --git a/src/bits.c b/src/bits.c index a0a9d9e..494c825 100644 --- a/src/bits.c +++ b/src/bits.c @@ -61,6 +61,30 @@ int osmo_ubit2pbit(pbit_t *out, const ubit_t *in, unsigned int num_bits) return outptr - out; } +/*! \brief convert unpacked bits to soft bits + * \param[out] out output buffer of soft bits + * \param[in] in input buffer of unpacked bits + * \param[in] num_bits number of bits + */ +void osmo_ubit2sbit(sbit_t *out, const ubit_t *in, unsigned int num_bits) +{ + int i; + for (i = 0; i < num_bits; i++) + out[i] = in[i] ? -127 : 127; +} + +/*! \brief convert soft bits to unpacked bits + * \param[out] out output buffer of unpacked bits + * \param[in] in input buffer of soft bits + * \param[in] num_bits number of bits + */ +void osmo_sbit2ubit(ubit_t *out, const sbit_t *in, unsigned int num_bits) +{ + int i; + for (i = 0; i < num_bits; i++) + out[i] = in[i] < 0; +} + /*! \brief convert packed bits to unpacked bits, return length in bytes * \param[out] out output buffer of unpacked bits * \param[in] in input buffer of packed bits diff --git a/tests/conv/conv_test.c b/tests/conv/conv_test.c index d9440f9..de62f23 100644 --- a/tests/conv/conv_test.c +++ b/tests/conv/conv_test.c @@ -339,25 +339,6 @@ fill_random(ubit_t *b, int n) b[i] = random() & 1; } -static void -ubit_to_sbit(sbit_t *dst, ubit_t *src, int n) -{ - int i; - for (i=0; i<n; i++) - dst[i] = src[i] ? -127 : 127; -} - -static void sbit_to_ubit(ubit_t *dst, sbit_t *src, int n) __attribute__((unused)); - -static void -sbit_to_ubit(ubit_t *dst, sbit_t *src, int n) -{ - int i; - for (i=0; i<n; i++) - dst[i] = src[i] < 0; -} - - int main(int argc, char *argv[]) { const struct conv_test_vector *tst; @@ -424,7 +405,7 @@ int main(int argc, char *argv[]) printf("[..] Decoding: "); - ubit_to_sbit(bs, bu0, l); + osmo_ubit2sbit(bs, bu0, l); l = osmo_conv_decode(tst->code, bs, bu1); if (l != 0) { @@ -459,7 +440,7 @@ int main(int argc, char *argv[]) return -1; } - ubit_to_sbit(bs, bu1, l); + osmo_ubit2sbit(bs, bu1, l); l = osmo_conv_decode(tst->code, bs, bu1); if (l != 0) { -- 2.8.1

2 1

[PATCH] misc: Replace libosmocore with talloc
by Holger Hans Peter Freyther 05 Apr '16

05 Apr '16

From: Holger Hans Peter Freyther <holger(a)moiji-mobile.com> The libosmocore depedency is used for talloc and OSMO_ASSERT. Reduce the depedencies by using libtalloc directly and replace the ASSERT with a local one (without backtrace support). --- configure.ac | 2 +- include/asn1c/asn_internal.h | 2 +- libasn1c.pc.in | 4 ++-- src/Makefile.am | 4 ++-- src/asn1helpers.c | 20 ++++++++++++-------- 5 files changed, 18 insertions(+), 14 deletions(-) diff --git a/configure.ac b/configure.ac index aaa2b5a..dcec465 100644 --- a/configure.ac +++ b/configure.ac @@ -15,7 +15,7 @@ AC_PROG_LIBTOOL AC_CONFIG_MACRO_DIR([m4]) -PKG_CHECK_MODULES(LIBOSMOCORE, libosmocore >= 0.1.13) +PKG_CHECK_MODULES(LIBTALLOC, talloc) # The following test is taken from WebKit's webkit.m4 saved_CFLAGS="$CFLAGS" diff --git a/include/asn1c/asn_internal.h b/include/asn1c/asn_internal.h index 58b4583..580c2e7 100644 --- a/include/asn1c/asn_internal.h +++ b/include/asn1c/asn_internal.h @@ -15,7 +15,7 @@ #include <assert.h> /* for assert() macro */ #endif -#include <osmocom/core/talloc.h> +#include <talloc.h> #ifdef __cplusplus extern "C" { diff --git a/libasn1c.pc.in b/libasn1c.pc.in index 149fe2d..89ad53a 100644 --- a/libasn1c.pc.in +++ b/libasn1c.pc.in @@ -6,6 +6,6 @@ includedir=@includedir@ Name: asn1c runtime library Description: C Utility Library Version: @VERSION@ -Libs: -L${libdir} -lasn1c -lm -Cflags: -I${includedir}/ -I${includedir}/asn1c +Libs: -L${libdir} @LIBTALLOC_LIBS@ -lasn1c -lm +Cflags: -I${includedir}/ -I${includedir}/asn1c @LIBTALLOC_CFLAGS@ diff --git a/src/Makefile.am b/src/Makefile.am index 120d29b..0f05cce 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -4,13 +4,13 @@ LIBVERSION=1:0:0 AM_CPPFLAGS = $(all_includes) -I$(top_srcdir)/include/asn1c -AM_CFLAGS = -fPIC -Wall $(LIBOSMOCORE_CFLAGS) +AM_CFLAGS = -fPIC -Wall $(LIBTALLOC_CFLAGS) if BUILD_DEBUG AM_CFLAGS += -DEMIT_ASN_DEBUG=1 endif lib_LTLIBRARIES = libasn1c.la -libasn1c_la_LDFLAGS = $(LIBOSMOCORE_LIBS) +libasn1c_la_LDFLAGS = $(LIBTALLOC_LIBS) libasn1c_la_SOURCES = ANY.c constraints.c GeneralizedTime.c NumericString.c T61String.c asn_codecs_prim.c constr_CHOICE.c GeneralString.c ObjectDescriptor.c TeletexString.c asn_SEQUENCE_OF.c constr_SEQUENCE.c GraphicString.c OBJECT_IDENTIFIER.c UniversalString.c asn_SET_OF.c constr_SEQUENCE_OF.c IA5String.c OCTET_STRING.c UTCTime.c ber_decoder.c constr_SET.c INTEGER.c per_decoder.c UTF8String.c ber_tlv_length.c constr_SET_OF.c ISO646String.c per_encoder.c VideotexString.c ber_tlv_tag.c constr_TYPE.c NativeEnumerated.c per_support.c VisibleString.c BIT_STRING.c NativeInteger.c PrintableString.c xer_decoder.c BMPString.c der_encoder.c NativeReal.c REAL.c xer_encoder.c BOOLEAN.c ENUMERATED.c NULL.c RELATIVE-OID.c xer_support.c per_opentype.c asn1helpers .c diff --git a/src/asn1helpers.c b/src/asn1helpers.c index 8ce9bf4..aca5300 100644 --- a/src/asn1helpers.c +++ b/src/asn1helpers.c @@ -22,11 +22,15 @@ #include <errno.h> #include <arpa/inet.h> -#include <osmocom/core/utils.h> - #include "asn1helpers.h" #include "asn_internal.h" +#define ASN1C_ASSERT(exp) \ + if (!(exp)) { \ + fprintf(stderr, "Assert failed %s %s:%d\n", #exp, __FILE__, __LINE__); \ + abort(); \ + } + void asn1_u32_to_bitstring(BIT_STRING_t *bitstr, uint32_t *buf, uint32_t in) { *buf = htonl(in); @@ -126,39 +130,39 @@ int asn1_strncpy(char *out, const OCTET_STRING_t *in, size_t n) uint32_t asn1str_to_u32(const OCTET_STRING_t *in) { - OSMO_ASSERT(in && in->size == sizeof(uint32_t)); + ASN1C_ASSERT(in && in->size == sizeof(uint32_t)); return ntohl(*(uint32_t *)in->buf); } uint16_t asn1str_to_u16(const OCTET_STRING_t *in) { - OSMO_ASSERT(in && in->size == sizeof(uint16_t)); + ASN1C_ASSERT(in && in->size == sizeof(uint16_t)); return ntohs(*(uint16_t *)in->buf); } uint8_t asn1str_to_u8(const OCTET_STRING_t *in) { - OSMO_ASSERT(in && in->size == sizeof(uint8_t)); + ASN1C_ASSERT(in && in->size == sizeof(uint8_t)); return *(uint8_t *)in->buf; } uint32_t asn1bitstr_to_u32(const BIT_STRING_t *in) { - OSMO_ASSERT(in && in->size == sizeof(uint32_t)); + ASN1C_ASSERT(in && in->size == sizeof(uint32_t)); return ntohl(*(uint32_t *)in->buf); } uint32_t asn1bitstr_to_u28(const BIT_STRING_t *in) { - OSMO_ASSERT(in && in->size == sizeof(uint32_t) && in->bits_unused == 4); + ASN1C_ASSERT(in && in->size == sizeof(uint32_t) && in->bits_unused == 4); return ntohl(*(uint32_t *)in->buf) >> 4; } uint32_t asn1bitstr_to_u24(const BIT_STRING_t *in) { - OSMO_ASSERT(in && in->size == 3); + ASN1C_ASSERT(in && in->size == 3); return ntohl(*(uint32_t *)in->buf) >> 8; } -- 2.6.3

2 1

Iuh -> HNB-GW -> Iu: Reset vs. Initial-UE
by Neels Hofmeyr 05 Apr '16

05 Apr '16

We've recently noticed that our HNB-GW doesn't ever send an id-Reset to the CN. Now I'm trying to pinpoint precisely when this should happen. For discussion, I'm focusing on CS, though this applies to PS as well. To facilitate paging, the CSCN needs to remember which RNC-Ids it has seen on a given IuCS link. The id-Reset message contains the Global RNC Id and allows the CSCN to know who's connected. So far my thoughts are that the HNB-GW should forward all and any id-Reset messages received from an hNodeB to the connected CSCN. It should look like the RNCs were directly connected to the CN. "Any" number of hNodeBs (each with an own RNC) may be connected to a single HNB-GW, and the CSCN wants to know all of the RNC Ids (and RNC resets) using that SUA link. On the other hand, the Location Update Requests arrive at the CSCN in an initialUE Message, and its RANAP part always contains the Global RNC Id (mandatory). So, technically, the CSCN doesn't need id-Reset messages to find out the RNC Ids. It may simply remember all RNC Ids seen coming in on a given SUA link, be they initial-UE or Reset messages. I wonder though if it should be an error condition to receive a LU Request with an RNC Id that wasn't seen in an id-Reset message yet. My current focus is on paging. So even though the HNB-GW should forward id-Resets, the CSCN can find out RNC Ids from LU requests alone, so I guess I'm postponing the fix of HNB-GW. Any thoughts are welcome. ~Neels

2 6

RNC-Id and LAC both present in InitialUE msgs
by Neels Hofmeyr 05 Apr '16

05 Apr '16

More on the pairing of RNC-Id and LAC: We've discussed that the CN should be manually configured for which RNC-Id belongs to which LAC, in order to find the correct SUA link to page on upon having the to-be-paged subscriber's LAC. Turns out: even though only the RNC-Id is sent in the id-Reset message, both the RNC-Id *and* the LAC are transmitted in an InitialUE message. So we can actually record the LACs as well as the RNC<->LAC mappings from the InitialUE messages (like Location Update Request) and don't need to configure them manually. Does that sound reasonable? We can still keep the manual vty config of RNC<->LAC mappings to detect errors in the field configuration from InitialUE messages. ~Neels -- - Neels Hofmeyr <nhofmeyr(a)sysmocom.de> http://www.sysmocom.de/ ======================================================================= * sysmocom - systems for mobile communications GmbH * Alt-Moabit 93 * 10559 Berlin, Germany * Sitz / Registered office: Berlin, HRB 134158 B * Geschäftsführer / Managing Directors: Holger Freyther, Harald Welte

1 1

SUA on-link cb?
by Neels Hofmeyr 05 Apr '16

05 Apr '16

I'm taking a brief look at how osmo-hnbgw would send a Reset to the CN. So I'd like to be notified when osmo-hnbgw first establishes a link to a CN component, and then send a Reset message on it. I see there's an OSMO_SCU_PRIM_N_CONNECT, but am I right that this is related to actual messages being sent on the link, and can't be used to get notified about a connection per se? Link establishment traces out as: hnbgw_cnlink_init() osmo_sua_client_connect() osmo_stream_cli_open2() <-- includes a timer that retries connecting In the osmo_stream_cli_* API, there's a connect_cb, but it isn't used from osmo_sua_client_*. So I would * add a connect cb to struct osmo_sua_user (and osmo_sua_user_create()) * call it from a static cb fed to osmo_stream_cli_set_connect_cb() in osmo_sua_client_connect() Yes? Thanks, ~Neels

2 7

ANN: https://patchwork.osmocom.org
by Holger Freyther 05 Apr '16

05 Apr '16

Hi, we are now running our own copy of patchwork at https://patchwork.osmocom.org. In addition to single patches this version can track series and has a REST API and git-pw client support. The system is currently subscribed to the GPRS, OpenBSC and OsmocomBB mailinglist. The installation is running offlineimap every couple of minutes to fetch new mail, this means it can take some minutes for your comment or patch to be visible. kind regards holger

2 2

Hacking with libosmocore, osmo-bts and osmo-bts-trx code: a few questions.
by evilsocket 05 Apr '16

05 Apr '16

Dear all I'm an independent mobile security researcher and coder from Italy (therefore, forgive me if my English will cause you a headache), I've been reading GSM specs for quite a few months now and studying openbts, yatebts and osmo* source code for a few days due to a GSM related project I'd really like to realize. I have few questions to ask, but first let me explain my main objective. I'm working on something like ScaPy ( an ip packet injection and manipulation framework ) but for GSM, on a higher level what I want to create is a C library which would allow developers to do something like (forgive the pseudo-crappy programming and the oversimplification, I just want to highlight what I'm looking for): Passive / Sniffing concept: open(sdr-device) while(running) { data = read_and_demodulate burst = osmo_something_decode(data) dump(data) } close(sdr-device) Injection concept: imsi = "1234456..." open(sdr-device) data = osmo_encode_packet( IMSI_DETACH, imsi ) osmo_write( sdr-device, data ) close(sdr-device) ( I know I'm not considering synchronization, not really interested in that, the user would implement his own logic ) My point is that GSM is not "that hard" with the right tools, but currently there're no such tools and I think it's such a shame because it should be open to the users exactly as TCP/IP is. Now to the questions: A. Is the low-level communication ( from raw to basic demodulated bursts ) with SDR devices still handled by omso-bts-trx? If not, what's handling the physical layer? B. Could you point me to the right direction I'd need to take in order to extend the code to support Nuand's BladeRF devices ( the only one I have and the only one I can afford right now )? C. Do you have simple (even incomplete) code examples for both the "concepts" I've exposed ? I find your documentation to be really great, but for higher level understanding people need usage examples. Any piece of code, reference link, guidance, answer or whatever info will be great. Thanks, Simone 'evilsocket' Margaritelli

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

OpenBSC April 2016