From 3995d2ea855e34bce25f1923feb416567083399f Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Wed, 24 Jan 2018 11:23:54 +0100 Subject: [PATCH] Refuse Emergency Calls by IMEI with proper CM SERVICE REJECT Cause OsmoMSC rejects an Emergency Call with IMEI as mobile identity with "semantically incorrect message" which is clearly wrong. According to TS 24.008 4.5.1.5 we should reject with cause 5 "IMEI not accepted" Found with TTCN-3 test case MSC_Tests.TC_emerg_call_imei Change-Id: I2f7ab0e32b914a112c0b17c523d149ccd0299099 Closes: #2866 --- src/libmsc/gsm_04_08.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/src/libmsc/gsm_04_08.c b/src/libmsc/gsm_04_08.c index 54e8bee42..90669e13c 100644 --- a/src/libmsc/gsm_04_08.c +++ b/src/libmsc/gsm_04_08.c @@ -672,16 +672,22 @@ int gsm48_rx_mm_serv_req(struct gsm_subscriber_connection *conn, struct msgb *ms gsm48_mi_to_string(mi_string, sizeof(mi_string), mi, mi_len); mi_type = mi[0] & GSM_MI_TYPE_MASK; + DEBUGPC(DMM, "serv_type=0x%02x MI(%s)=%s\n", + req->cm_service_type, gsm48_mi_type_name(mi_type), mi_string); - if (mi_type == GSM_MI_TYPE_IMSI) { - DEBUGPC(DMM, "serv_type=0x%02x MI(%s)=%s\n", - req->cm_service_type, gsm48_mi_type_name(mi_type), - mi_string); - } else if (mi_type == GSM_MI_TYPE_TMSI) { - DEBUGPC(DMM, "serv_type=0x%02x MI(%s)=%s\n", - req->cm_service_type, gsm48_mi_type_name(mi_type), - mi_string); - } else { + switch (mi_type) { + case GSM_MI_TYPE_IMSI: + case GSM_MI_TYPE_TMSI: + /* continue below */ + break; + case GSM_MI_TYPE_IMEI: + if (req->cm_service_type == GSM48_CMSERV_EMERGENCY) { + /* We don't do emergency calls by IMEI */ + LOGP(DMM, LOGL_NOTICE, "<- CM SERVICE REQUEST(IMEI=%s) rejected\n", mi_string); + return msc_gsm48_tx_mm_serv_rej(conn, GSM48_REJECT_IMEI_NOT_ACCEPTED); + } + /* fall-through for non-emergency setup */ + default: DEBUGPC(DMM, "mi_type is not expected: %d\n", mi_type); return msc_gsm48_tx_mm_serv_rej(conn, GSM48_REJECT_INCORRECT_MESSAGE);