IuPS: properly update ra_id on GMM Attach Request

For new MM contexts, the ra_id was correctly obtained from the ue_ctx, but in
case an MM ctx is re-used and the ra_id changed, the new ra_id was not copied
to the MM context; instead, the ra_id was overwritten with uninitialized data.

Always initialize the local ra_id variable from the ue_ctx->ra_id for Iu
connections; it is used further below to update the ctx->ra_id.

For the case of a brand new Iu MM ctx, the ctx->ra_id then gets initialized a
second time. We could technically drop the init in sgsn_mm_ctx_alloc_iu(), but
it doesn't hurt either way.

Fixes: CID#57936
Change-Id: Ia06458758362e76925690b1757d8ced95e9609e4

openbsc/src/gprs/gprs_gmm.c

@@ -65,10 +65,7 @@
 #include <openbsc/gprs_utils.h>
 #include <openbsc/sgsn.h>
 #include <openbsc/signal.h>
-
-#ifdef BUILD_IU
 #include <openbsc/iu.h>
-#endif
 
 #include <pdp.h>
 
@@ -1076,7 +1073,8 @@ static int gsm48_rx_gmm_att_req(struct sgsn_mm_ctx *ctx, struct msgb *msg,
 	if (!msg->dst) {
 		/* Gb mode */
 		cid = bssgp_parse_cell_id(&ra_id, msgb_bcid(msg));
-	}
+	} else
+		ra_id = ((struct ue_conn_ctx*)msg->dst)->ra_id;
 
 	/* MS network capability 10.5.5.12 */
 	msnc_len = *cur++;