0301c131e8
osmo-epdg: db: fix missing const on const char *imsi
2024-02-17 02:09:47 +01:00
c513e1c778
osmo_epdg: db: handle duplicate by removing them
...
This still leaves the IPSec tunnel open, but ignore it for now
2024-02-17 02:09:47 +01:00
43457788ef
osmo-epdg: listener: authorize: fix missing goto when ue can't found
2024-02-17 02:09:47 +01:00
844c7f19ba
osmo-epdg: listener: remove unused header
2024-02-17 02:09:47 +01:00
e5667d8499
osmo-epdg: UE: free the own imsi on destroy()
2024-02-17 02:09:47 +01:00
33974bdfae
osmo-epdg: free the GSUP response
2024-02-17 02:09:47 +01:00
39f114fd95
osmo-epdg: UE: use .refcount = 1 instead of ref_get() in the constructor
2024-02-17 02:09:42 +01:00
e1d2902a78
osmo-listener: add printf for debugging
2024-02-17 01:45:01 +01:00
ca047a6816
osmo-epdg: provider: fix type warning in container_of
...
It was the correct pointer.
2024-02-17 00:35:28 +01:00
d9ba891d60
osmo-epdg: listener: remove unused variable
2024-02-17 00:33:22 +01:00
d334adb748
osmo-epdg: provider: fix "this" pointer in the attribute provider callbacks
...
Yes it hurts!
2024-02-17 00:29:13 +01:00
aaba569495
osmo-epdg: Use the new UE/db object
...
Save the state of the UE into the UE object in the database.
2024-02-17 00:28:33 +01:00
6f3e8f5ecd
osmo-epdg: add a UE object together with an in memory db
2024-02-17 00:28:05 +01:00
2dfe87749f
osmo-epdg: utils: add get_imsi_ike() to get the imsi of an ike_sa_t object
2024-02-17 00:27:55 +01:00
f22c728a4c
osmo-epdg: ipa_client: check if stream is alive
...
Otherwise we might send over a non-existant stream resulting in a
null pointer exception.
2024-02-17 00:27:41 +01:00
646fcb6403
osmo-epdg: implement an attribute provider handing always out the IP 10.45.0.1
2024-02-17 00:27:19 +01:00
c6f37c4e9b
osmo_epdg_provider: rename provider->provider into simaka
...
In preparation to add support for the attribute provider.
The attribute provider will be used to supply the Virtual IP (vip)
2024-02-17 00:26:47 +01:00
bc1a4da647
fixup remove APN from tunnel request
2024-02-09 20:57:58 +01:00
7fd21d1fe5
osmo-epdg: Add more debug outputs
2024-02-09 20:54:43 +01:00
795f478dbd
osmo_epdg: ipa_client: implement reconnect
2024-02-09 20:54:41 +01:00
c1cc15dd49
osmo_epdg: gsup_client: refactor the copy of IMSI
...
Move checks and copying into an own function.
Make imsi const.
2024-02-09 20:54:41 +01:00
7006cc0c46
osmo_epdg: add PDP Info on SAI GSUP messages
...
The SAI GSUP message now requires to have PDP Info filled with
APN and PDP type which should be already knows at this state.
Hardcoding PDP type for now.
2024-02-09 20:54:41 +01:00
09f36edddb
README: add how to build
2024-02-09 20:54:41 +01:00
0569c5133a
gsup_client: set message class to IPSEC_EPDG
2024-02-09 20:54:41 +01:00
a9404c3110
osmo-epdg: drop APN from Tunnel Request
...
The APN is far too late in the Tunnel Request as the APN is already
used by the EPDG/AAA when doing the ServerAssignmentRequest (on GSUP
the Location Update Request). So we need to move the APN
either into the Location Update Request or hardcode it.
2024-02-09 20:54:41 +01:00
820185941a
epdg_listener: authorize: get IMSI and APN
2024-02-09 20:54:41 +01:00
05d9dc8552
Start implementing osmo_epdg state
2024-02-09 20:54:41 +01:00
c469464d8a
osmo-epdg: implement Tunnel Request/Response
...
Requires gsup message types in libosmocore
2024-02-09 20:54:41 +01:00
2bf7e10d94
gsup_client: fix coding style
2024-02-09 20:51:35 +01:00
df75a2e6a5
osmo_epdg_listener: add TODO to validate APN
2024-02-09 20:51:35 +01:00
ef057c8489
osmo-epdg: add protection against multiple includes of osmo_epdg_utils.h
2024-02-09 20:51:23 +01:00
1c92c4d83e
start of osmo-epdg plugin
...
- simple gsup/ipa working
- strongswan is requesting tuples via GSUP.
- strongswan client can authenticate
- SWu-IKEv2 can't authenticate
ToDos:
- gsup: disconnect/reconnect
- gsup: failures cases
- blocking queue needs to be cleaned up
- fix coding style
2023-03-23 15:29:57 +01:00
e7e6a51fb1
add documentation
...
Add a full example for both ePDG and UE.
2023-03-23 15:08:29 +01:00
dfa0f7daf5
blocking_queue: add remove() function
...
Allows to remove an object which is still in the queue.
2023-02-26 11:05:04 +01:00
4817d5ed0d
Version bump to 5.9.3
2021-07-06 14:00:39 +02:00
a09a905e1d
vici: Suppress trailing nul character
2021-07-06 12:06:23 +02:00
2cd5314de7
testing: Use specific versions of swidGenerator and strongTNC
...
This way we get updated versions automatically (referencing "master"
required manually deleting the downloaded archives and the unpacked
directories). It also allows switching versions when working in different
branches (note that REV can also be set to a commit ID, e.g. to test
changes before tagging them later and merging the branch).
2021-06-30 16:17:39 +02:00
06e11b481b
kernel-netlink: Fix theoretical memory leak when parsing routes
...
This currently can't happen as the kernel always puts RTA_TABLE as first
attribute in RTM_NEWROUTE messages.
2021-06-25 13:51:44 +02:00
f6aafb3005
Fixed some typos, courtesy of codespell
...
Main change is the conversion from the British cancelling/-ed to the
American canceling/-ed.
2021-06-25 11:32:29 +02:00
30fab57124
Version bump to 5.9.3rc1
2021-06-24 09:18:54 +02:00
19611b1d28
testing: Build wolfSSL from the Git repository
...
Use the same configure options etc. for both builds (no need for the cert
options as we don't use TLS or X.509 parsing) and switch to a Git commit
that includes the SHA-3 OID fix (it's actually the fix itself).
2021-06-22 17:54:15 +02:00
4baca5ca80
testing: Fixed ikev2/farp scenario
2021-06-22 12:32:35 +02:00
dbd1534875
Version bump to 5.9.3dr4
2021-06-22 10:33:07 +02:00
eba2622587
testing: Migrate ikev2-stroke-bye scenarios to vici
2021-06-22 10:23:06 +02:00
706c58b291
testing: Fixed pretest script of ikev1/rw-psk-aggressive scenario
2021-06-21 12:03:36 +02:00
6d8890767c
testing: Migrate ikev2/host2host-transport-nat scenario to vici
...
This also restores the test as it was before the referenced commit so it
again, as written in the description, demonstrates that venus is unable
to ping sun without IPsec tunnel.
Fixes: f27fb58ae0
2021-06-21 12:03:36 +02:00
2b5c743952
testing: Migrate MOBIKE tests to vici
...
Note that the mobike-nat test has been removed as it basically did the same
as the mobike-virtual-ip-nat test. Instead, the mobike-nat-mapping scenario
is added, which simulates a NAT router restart.
2021-06-21 12:03:36 +02:00
abe51389c5
ike-mobike: Force MOBIKE update after NAT mappings changed
...
The addresses observed by the client behind the NAT are exactly the same if
the NAT router gets restarted.
Fixes: 2b255f01af
2021-06-21 12:03:36 +02:00
036ae27645
ike-sa: Log IKE endpoint changes
2021-06-21 12:03:36 +02:00
79b526deba
ha: Register the correct IKE_SA with the manager after a rekeying
...
Fixes: 20dfbcad08Closes strongswan/strongswan#456 .
2021-06-21 10:02:26 +02:00
Alexander Couzens