OpenBSC

openbsc@lists.osmocom.org

1 participants
4154 discussions

Patch: parsing of Software Activate parameters

by Mike Haben

Hi all, Patch-file is attached - addresses a FIXME in abis_nm.c, parsing the parameters passed by a Software Activate request. I've tested this on three different IpAccess BTSs (including one which didn't work with the original code), would be good if someone could check it on a BS11. Best regards, Mike H.

15 years, 9 months

[RFC] Changes to the lchan and BSC/MSC split

by Holger Freyther

Hey guys, back in January I added ref-counting to the lchan and it has worked to some degree, and we have seen ref-leaks as well (fixed thanks to Andreas). Currently I'm working on integrating OpenBSC into a real MSC at on-waves.com and this has made me read the GSM08.08 specification a bit more. I would like to implement the following. - Remove the refcount from lchan - Replace it with the "transaction" concept. On certain 04.08 messgaes (e.g. paging response, various MM messages) open a transaction from BSC to MSC code. The channel is bound to the transaction. The lchan is getting released when the transaction is finished, in case of the "RSL chan" is going away too early there will be a "clear" signal/method called from the BSC and the MSC side is asked to let it go. The benefit of this: - BSC and MSC are better separated - My MSC code could wrap the transaction into a SCCP connection - Channel leak == transaction_free not getting called. regards holger

15 years, 9 months

LAC 0 / paging to all BTS

by Harald Welte

Hi Zecke, I've been reviewing some of your patches: > commit 45f9b3d3fc47074652be951eb74df2b0be2a230f > Author: Holger Hans Peter Freyther <zecke(a)selfish.org> > Date: Fri Aug 21 05:30:19 2009 +0200 > > [paging] Use one of the two reserved LAC to page every BTS > > For the on-waves.com MSC case we want to page every BTS reached > of the network. Our gsm_subscriber entry does not have a LAC > entry set and defaults to zero. Use the reserved 0x0000 to > indicate that we want to use every bts in the network. > > This will influence the paging code to start and stop paging. The problem is that in the current code, we use LAC == 0 to indicate that the subscriber has sent an IMSI DETACH message, i.e. switched his phone off. You are now redefiniing the LAC 0 to something like the opposite case, which I don't particularly like. Is there some alternative solution? Regards, -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

15 years, 9 months

[PATCH] input/ipaccess: Fix segv caused by use of uninitialized var

by Sylvain Munaut

From: Sylvain Munaut <tnt(a)246tNt.com> This is a regression coming from the recent split of the handle_ts1_read method in two. Signed-off-by: Sylvain Munaut <tnt(a)246tNt.com> --- openbsc/src/input/ipaccess.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/openbsc/src/input/ipaccess.c b/openbsc/src/input/ipaccess.c index 8a22810..40891ae 100644 --- a/openbsc/src/input/ipaccess.c +++ b/openbsc/src/input/ipaccess.c @@ -319,7 +319,7 @@ static int handle_ts1_read(struct bsc_fd *bfd) return error; } - DEBUGP(DMI, "RX %u: %s\n", ts_nr, hexdump(msgb_l2(msg), ret)); + DEBUGP(DMI, "RX %u: %s\n", ts_nr, hexdump(msgb_l2(msg), msgb_l2len(msg))); hh = (struct ipaccess_head *) msg->data; if (hh->proto == IPAC_PROTO_IPACCESS) { -- 1.6.4

15 years, 9 months

OpenBSC, nanoBTS and Asterisk integration

by Sylvain Munaut

Hi, This week end I started coding a channel driver to integrate OpenBSC and Asterisk directly. You can find the code here http://github.com/smunaut/ast_chan_openbsc The current public version is what I coded this Saturday, it doesn't do much, only registers itself as a channel driver and runs the openBSC core within asterisk. It will work only for the ip.access at first (at least) because I'm directly bridging the RTP audio from the nanoBTS to the RTP subsystem of Asterisk. I spent a good part of today hacking together enough code to make a call and it worked, I got bidirectional audio. This latest code is not public yet because it's just a big mess and only take care of setup and not cleanup (so you can do 1 call and then restart :) With this hack, I just wanted to confirm that it could work without too much problem. I will try to clean it up ASAP and publish it so that there is a minimal functionality testable :) OTOH, my time is limited and I split it between OpenBSC, OpenBTS and airprobe so some weeks may be slow. Sylvain

15 years, 9 months

Quick & Dirty test of the ciphering functions

by Sylvain Munaut

Hi everyone, This evening I spent a few hours hacking a small test to activate ciphering and I tought people might be interested with tinkering with it. If you want to try for yourself, start off from the encryption branch of Harald, then apply the 4 patches I just posted to this list then apply the quick hack attached to this message. This patch is not for merge since it's a gross hack just 'to see if it works', and it does ! ( See the log in attachment ) What this patch does is pretty simple: - When there is a location update, it does a AUTHENTICATION REQUEST with a static RAND. - When the AUTHENTICATION RESPONSE is received, it compares the result with the 'known expected' results (see the wiki for AT commands to get SRES and Kc for a given RAND) - When sending a SMS to the MS, it activates the ciphering after receiving the paging response with the 'known precomputed' Kc. If everything goes well, the ME sends back a CIPHER MODE COMPLETE and the rest of the talk is ciphered. The included patch uses A5/2 but can be trivially modified for A5/1. I just wanted to see if the iPhone would accept A5/2 and it doesn't (works with A5/1 tough) ! My old Ericsson T610 takes A5/2 and A5/1. Of course, this is no where near a good implementation but at least it provides proof that the lower level functions works. I'm not sure what's the best solution to get SRES and Kc. Most of the time getting the Ki is not an option, so either we have a fixed RAND, or a bunch RAND and corresponding SRES and Kc ... Or a side channel to run the algo on the phone itself ... Sylvain

15 years, 9 months

patch serie: download URL

by 246tnt＠gmail.com

Damn, gmail sucks for posting patches, sorry about that ... Here's an url to download them: http://www.246tnt.com/files/openbsc/20090924/ Sylvain

15 years, 9 months

[patch 1/4] gsm_04_11: Free transaction on RX_RP_ACK for SMS

by Sylvain Munaut

commit 90e04861aa587d192025dd42aff5501e3742672a Author: Sylvain Munaut <tnt(a)246tNt.com> Date: Thu Sep 24 01:32:41 2009 +0200 [gsm_04_11] Free transaction on RX_RP_ACK for SMS When only one SMS is sent, the freeing of the lchan will automatically free all transactions on the lchan. However, if there are several SMS sent at once, the call to gsm411_send_sms_lchan will create a new transaction with the same caracteristics as the previous one. If the old one is not free'd, the next call to trans_find_by_id (triggered by the next incoming RP-ACK) will not return the good transaction and things go haywire. Signed-off-by: Sylvain Munaut <tnt(a)246tNt.com> openbsc/src/gsm_04_11.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-)

15 years, 9 months

junghanns.net singleE1 MiniPCI support

by Clemens Hopfer

Hi, has anyone tried running OpenBSC with the junghanns.net singleE1 MiniPCI card? It has got the CologneChip HFC-E1 controller and seems to be supported by mISDN. Target system would be an alix3d3. cu, Clemens

15 years, 9 months

SMS delivery (Mobile Terminated): First ok, second fails

by 246tnt＠gmail.com

Hi, I've noticed a problem when delivering several SMS to a mobile back-to-back. The first one is ok, the second one is received by the MS but OpenBSC fails with "RX RP-ACK but no sms in transaction?!?" when receiving the "RX SMS RP-ACK (MO)" (full log below) From the symptoms and looking at the code, I would say that the transaction of the first SMS delivery was not freed, therefore, when we receive the RP-ACK of the second SMS, we do a trans_find_by_id in gsm0411_rcv_sms, and we actually find the transaction of the _first_ deliver (which has its .sms field cleared since it was released already). I think you wouldn't notice if you waited between SMS because SMC Timer TC1* would expire, calling trans_free(). The problem is that I don't really know _where_ trans_free should be called. There are commented out call to it at several places ... I would think the RP-ACK(MO) reception looks like a good place. But OTOH, this whole process can queue data, giving away a reference to lchan (without get) and trans_free does a put on lchan (so I guess that could invalidate the lchan ref that was queued ? didn't check that in details) Sylvain --- SNIP --- <0100> gsm_04_11.c:920 send_sms_lchan() <0002> transaction.c:69 subscr=0x1fe52d0, subscr->net=0x1f8fc30 <0002> gsm_subscriber_base.c:131 subscr 46332 usage increases usage to: 4 <0002> gsm_04_11.c:937 lchan (bts=0,trx=0,ts=0,ch=0) increases usage to: 1 <0100> gsm_04_11.c:972 TX: SMS DELIVER <0100> gsm_04_11.c:188 TX: CP-DATA trans=4 <0100> gsm_04_11.c:149 GSM4.11 TX 49 01 1e 01 2a 07 91 44 77 58 10 06 50 00 12 00 05 b9 72 65 f7 00 00 90 80 72 12 03 41 00 02 44 3a <0001> abis_rsl.c:1215 channel=(bts=0,trx=0,ts=0) chan_nr=0x20 sapi=3 DATA INDICATION <0100> gsm_04_11.c:817 trans_id=c RX SMS CP-ACK <0001> abis_rsl.c:1215 channel=(bts=0,trx=0,ts=0) chan_nr=0x20 sapi=3 DATA INDICATION <0100> gsm_04_11.c:817 trans_id=c RX SMS CP-DATA <0100> gsm_04_11.c:191 TX: CP-ACK trans=4 <0100> gsm_04_11.c:149 GSM4.11 TX 49 04 <0100> gsm_04_11.c:750 RX SMS RP-ACK (MO) <0002> gsm_subscriber_base.c:139 subscr 27567 usage decreased usage to: 0 <0002> gsm_subscriber_base.c:139 subscr 46332 usage decreased usage to: 3 DB: Found Subscriber: ID 2, IMSI 206205003327508, NAME '', TMSI 1666608304, EXTEN '27567', LAC 1, AUTH 1 DBI: -7: The requested variable type does not match what libdbi thinks it should be <0002> gsm_subscriber_base.c:131 subscr 46332 usage increases usage to: 4 <0100> gsm_04_11.c:920 send_sms_lchan() <0002> transaction.c:69 subscr=0x1fe52d0, subscr->net=0x1f8fc30 <0002> gsm_subscriber_base.c:131 subscr 46332 usage increases usage to: 5 <0002> gsm_04_11.c:937 lchan (bts=0,trx=0,ts=0,ch=0) increases usage to: 2 <0100> gsm_04_11.c:972 TX: SMS DELIVER <0100> gsm_04_11.c:188 TX: CP-DATA trans=4 <0100> gsm_04_11.c:149 GSM4.11 TX 49 01 1f 01 2a 07 91 44 77 58 10 06 50 00 13 00 05 b9 72 65 f7 00 00 90 80 72 12 03 41 00 03 47 39 19 <0001> abis_rsl.c:1215 channel=(bts=0,trx=0,ts=0) chan_nr=0x20 sapi=3 DATA INDICATION <0100> gsm_04_11.c:817 trans_id=c RX SMS CP-ACK <0001> abis_rsl.c:1215 channel=(bts=0,trx=0,ts=0) chan_nr=0x20 sapi=3 DATA INDICATION <0100> gsm_04_11.c:817 trans_id=c RX SMS CP-DATA <0100> gsm_04_11.c:191 TX: CP-ACK trans=4 <0100> gsm_04_11.c:149 GSM4.11 TX 49 04 <0100> gsm_04_11.c:750 RX SMS RP-ACK (MO) <0100> gsm_04_11.c:640 RX RP-ACK but no sms in transaction?!? <0100> gsm_04_11.c:561 TX: SMS RP ERROR, cause 111 (Protocol Error) <0100> gsm_04_11.c:188 TX: CP-DATA trans=4 <0100> gsm_04_11.c:149 GSM4.11 TX 49 01 04 05 2a 01 6f <0001> abis_rsl.c:1215 channel=(bts=0,trx=0,ts=0) chan_nr=0x20 sapi=3 DATA INDICATION <0100> gsm_04_11.c:817 trans_id=c RX SMS CP-ACK <0100> gsm_04_11.c:159 SMC Timer TC1* is expired, calling trans_free() <0002> transaction.c:101 lchan (bts=0,trx=0,ts=0,ch=0) decreases usage to: 1 <0002> gsm_subscriber_base.c:139 subscr 46332 usage decreased usage to: 4 --- /SNIP ---

15 years, 9 months

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

OpenBSC