diff --git a/openbsc/include/openbsc/bsc_msg_filter.h b/openbsc/include/openbsc/bsc_msg_filter.h index a974195c..64890500 100644 --- a/openbsc/include/openbsc/bsc_msg_filter.h +++ b/openbsc/include/openbsc/bsc_msg_filter.h @@ -11,9 +11,7 @@ struct vty; struct gsm48_hdr; /* TODO: remove */ -struct bsc_nat_parsed; struct bsc_connection; -struct nat_sccp_connection; struct bsc_filter_reject_cause { int lu_reject_cause; @@ -58,6 +56,11 @@ struct bsc_msg_acc_lst_entry { int lu_reject_cause; }; +struct bsc_filter_state { + char *imsi; + int imsi_checked; +}; + int bsc_filter_barr_adapt(void *ctx, struct rb_root *rbtree, const struct osmo_config_list *); int bsc_filter_barr_find(struct rb_root *root, const char *imsi, int *cm, int *lu); @@ -71,7 +74,7 @@ int bsc_msg_filter_initial(struct gsm48_hdr *hdr, size_t size, struct bsc_filter_reject_cause *cause); int bsc_msg_filter_data(struct gsm48_hdr *hdr, size_t size, struct bsc_connection *bsc, - struct nat_sccp_connection *con, + struct bsc_filter_state *state, struct bsc_filter_reject_cause *cause); /* IMSI allow/deny handling */ diff --git a/openbsc/include/openbsc/bsc_nat_sccp.h b/openbsc/include/openbsc/bsc_nat_sccp.h index 0561df1f..d2490ca6 100644 --- a/openbsc/include/openbsc/bsc_nat_sccp.h +++ b/openbsc/include/openbsc/bsc_nat_sccp.h @@ -22,6 +22,8 @@ #ifndef BSC_NAT_SCCP_H #define BSC_NAT_SCCP_H +#include "bsc_msg_filter.h" + #include /* @@ -80,8 +82,8 @@ struct nat_sccp_connection { int con_type; int con_local; int authorized; - int imsi_checked; - char *imsi; + + struct bsc_filter_state filter_state; uint16_t lac; uint16_t ci; diff --git a/openbsc/src/libfilter/bsc_msg_filter.c b/openbsc/src/libfilter/bsc_msg_filter.c index b836f432..52c71b99 100644 --- a/openbsc/src/libfilter/bsc_msg_filter.c +++ b/openbsc/src/libfilter/bsc_msg_filter.c @@ -306,9 +306,9 @@ static int _cr_check_pag_resp(void *ctx, return 1; } -static int _dt_check_id_resp(struct filter_request *req, +static int _dt_check_id_resp(void *ctx, struct filter_request *req, uint8_t *data, unsigned int length, - struct nat_sccp_connection *con, + struct bsc_filter_state *state, struct bsc_filter_reject_cause *cause) { char mi_string[GSM48_MI_SIZE]; @@ -330,8 +330,8 @@ static int _dt_check_id_resp(struct filter_request *req, if (mi_type != GSM_MI_TYPE_IMSI) return 0; - con->imsi_checked = 1; - con->imsi = talloc_strdup(con, mi_string); + state->imsi_checked = 1; + state->imsi = talloc_strdup(ctx, mi_string); return auth_imsi(req, mi_string, cause); } @@ -394,7 +394,7 @@ int bsc_msg_filter_initial(struct gsm48_hdr *hdr48, size_t hdr48_len, int bsc_msg_filter_data(struct gsm48_hdr *hdr48, size_t len, struct bsc_connection *bsc, - struct nat_sccp_connection *con, + struct bsc_filter_state *state, struct bsc_filter_reject_cause *cause) { struct filter_request req; @@ -403,7 +403,7 @@ int bsc_msg_filter_data(struct gsm48_hdr *hdr48, size_t len, cause->cm_reject_cause = GSM48_REJECT_PLMN_NOT_ALLOWED; cause->lu_reject_cause = GSM48_REJECT_PLMN_NOT_ALLOWED; - if (con->imsi_checked) + if (state->imsi_checked) return 0; proto = hdr48->proto_discr & 0x0f; @@ -416,6 +416,6 @@ int bsc_msg_filter_data(struct gsm48_hdr *hdr48, size_t len, req.local_lst_name = bsc->cfg->acc_lst_name; req.global_lst_name = bsc->nat->acc_lst_name; req.bsc_nr = bsc->cfg->nr; - return _dt_check_id_resp(&req, &hdr48->data[0], - len - sizeof(*hdr48), con, cause); + return _dt_check_id_resp(bsc, &req, &hdr48->data[0], + len - sizeof(*hdr48), state, cause); } diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat.c b/openbsc/src/osmo-bsc_nat/bsc_nat.c index 116c612c..3ec43b15 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat.c @@ -1073,10 +1073,10 @@ static int forward_sccp_to_msc(struct bsc_connection *bsc, struct msgb *msg) con->msc_con = bsc->nat->msc_con; con_msc = con->msc_con; con->con_type = con_type; - con->imsi_checked = filter; + con->filter_state.imsi_checked = filter; bsc_nat_extract_lac(bsc, con, parsed, msg); if (imsi) - con->imsi = talloc_steal(con, imsi); + con->filter_state.imsi = talloc_steal(con, imsi); imsi = NULL; con_bsc = con->bsc; handle_con_stats(con); @@ -1094,8 +1094,9 @@ static int forward_sccp_to_msc(struct bsc_connection *bsc, struct msgb *msg) filter = bsc_nat_filter_dt(bsc, msg, con, parsed, &cause); if (filter < 0) { - if (con->imsi) - bsc_nat_inform_reject(bsc, con->imsi); + if (con->filter_state.imsi) + bsc_nat_inform_reject(bsc, + con->filter_state.imsi); bsc_stat_reject(filter, bsc, 1); bsc_send_con_release(bsc, con, &cause); con = NULL; @@ -1111,7 +1112,8 @@ static int forward_sccp_to_msc(struct bsc_connection *bsc, struct msgb *msg) * replace the msg and the parsed structure becomes * invalid. */ - msg = bsc_nat_rewrite_msg(bsc->nat, msg, parsed, con->imsi); + msg = bsc_nat_rewrite_msg(bsc->nat, msg, parsed, + con->filter_state.imsi); talloc_free(parsed); parsed = NULL; } else if (con->con_local == NAT_CON_END_USSD) { diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat_filter.c b/openbsc/src/osmo-bsc_nat/bsc_nat_filter.c index 11d370c4..af0f7a18 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat_filter.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat_filter.c @@ -90,7 +90,7 @@ int bsc_nat_filter_dt(struct bsc_connection *bsc, struct msgb *msg, cause->cm_reject_cause = GSM48_REJECT_PLMN_NOT_ALLOWED; cause->lu_reject_cause = GSM48_REJECT_PLMN_NOT_ALLOWED; - if (con->imsi_checked) + if (con->filter_state.imsi_checked) return 0; /* only care about DTAP messages */ @@ -101,5 +101,5 @@ int bsc_nat_filter_dt(struct bsc_connection *bsc, struct msgb *msg, if (!hdr48) return -1; - return bsc_msg_filter_data(hdr48, len, bsc, con, cause); + return bsc_msg_filter_data(hdr48, len, bsc, &con->filter_state, cause); } diff --git a/openbsc/src/osmo-bsc_nat/bsc_ussd.c b/openbsc/src/osmo-bsc_nat/bsc_ussd.c index 968456b9..22418960 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_ussd.c +++ b/openbsc/src/osmo-bsc_nat/bsc_ussd.c @@ -351,7 +351,7 @@ static int forward_ussd(struct nat_sccp_connection *con, const struct ussd_reque state->invoke_id = req->invoke_id; memcpy(&state->src_ref, &con->remote_ref, sizeof(con->remote_ref)); memcpy(&state->dst_ref, &con->real_ref, sizeof(con->real_ref)); - memcpy(state->imsi, con->imsi, strlen(con->imsi)); + memcpy(state->imsi, con->filter_state.imsi, strlen(con->filter_state.imsi)); /* add additional tag/values */ lac = htons(con->lac); @@ -385,7 +385,7 @@ int bsc_ussd_check(struct nat_sccp_connection *con, struct bsc_nat_parsed *parse if (con->con_type != NAT_CON_TYPE_SSA) return 0; - if (!con->imsi) + if (!con->filter_state.imsi) return 0; /* We have not verified the IMSI yet */ @@ -400,7 +400,7 @@ int bsc_ussd_check(struct nat_sccp_connection *con, struct bsc_nat_parsed *parse if (parsed->bssap != BSSAP_MSG_DTAP) return 0; - if (strlen(con->imsi) >= GSM_IMSI_LENGTH) + if (strlen(con->filter_state.imsi) >= GSM_IMSI_LENGTH) return 0; hdr48 = bsc_unpack_dtap(parsed, msg, &len); @@ -421,7 +421,7 @@ int bsc_ussd_check(struct nat_sccp_connection *con, struct bsc_nat_parsed *parse if (!lst) return 0; - if (bsc_msg_acc_lst_check_allow(lst, con->imsi) != 0) + if (bsc_msg_acc_lst_check_allow(lst, con->filter_state.imsi) != 0) return 0; /* now decode the message and see if we really want to handle it */ @@ -436,14 +436,15 @@ int bsc_ussd_check(struct nat_sccp_connection *con, struct bsc_nat_parsed *parse return 0; /* found a USSD query for our subscriber */ - LOGP(DNAT, LOGL_NOTICE, "Found USSD query for %s\n", con->imsi); + LOGP(DNAT, LOGL_NOTICE, "Found USSD query for %s\n", + con->filter_state.imsi); con->ussd_ti[ti] = 1; if (forward_ussd(con, &req, msg) != 0) return 0; return 1; } else if (msg_type == GSM0480_MTYPE_FACILITY && con->ussd_ti[ti]) { LOGP(DNAT, LOGL_NOTICE, "Forwarding message part of TI: %d %s\n", - ti, con->imsi); + ti, con->filter_state.imsi); if (forward_ussd_simple(con, msg) != 0) return 0; return 1; diff --git a/openbsc/tests/bsc-nat/bsc_nat_test.c b/openbsc/tests/bsc-nat/bsc_nat_test.c index 2020c7ad..e883ddd4 100644 --- a/openbsc/tests/bsc-nat/bsc_nat_test.c +++ b/openbsc/tests/bsc-nat/bsc_nat_test.c @@ -992,7 +992,7 @@ static void test_dt_filter() if (!parsed) continue; - con->imsi_checked = 0; + con->filter_state.imsi_checked = 0; memset(&cause, 0, sizeof(cause)); bsc_nat_filter_dt(bsc, msg, con, parsed, &cause); }