bitvec_read_field/bitvec_write_field in the PCU used a C++ reference
and when porting to C it was decided to pass the parameter by value
and this lost the "back propagation" of the new index. Change the
parameter to be an in/out parameter and this way do not have a silent
semantic break in the osmo-pcu (where we copy the reference in csn.1
by value) and have a true compile failure.
Add Max's simple test for bitvec_unhex function leaving the checking
of bitvec_read_field and the side effect in the datastructure about
the number of bits still open.
bitvec.c: In function 'bitvec_unhex':
bitvec.c:389: error: 'for' loop initial declarations are only allowed in C99 mode
bitvec.c:389: note: use option -std=c99 or -std=gnu99 to compile your code
Allocation, pack/unpack, field access and helper routines used
extensively by Osmo-PCU. Whenever memory allocation happens, alocator
context is passed explicitly by caller.
Include the headers mentioned by the manpage
ipa.c:346:9: warning: implicit declaration of function 'recv' is invalid in C99
[-Wimplicit-function-declaration]
ret = recv(fd, msg->tail, needed, 0);
'\0' gets translated to zero but the argument to vector_set is
a pointer and it gets converted to a pointer.
vty.c:985:21: warning: expression which evaluates to zero treated as a null pointer constant of type
'void *' [-Wnon-literal-null-conversion]
vector_set(vline, '\0');
^~~~
vty.c:1095:21: warning: expression which evaluates to zero treated as a null pointer constant of type
'void *' [-Wnon-literal-null-conversion]
vector_set(vline, '\0');
^~~~
vty.c:1097:21: warning: expression which evaluates to zero treated as a null pointer constant of type
'void *' [-Wnon-literal-null-conversion]
vector_set(vline, '\0');
^~~~
The undefined behavior sanitizer found the 32bit load from an
unaligned memory address. This will cause an exception on ARMv5te
and a manual fix-up.
[hfreyther: On armv6, x86 the usage of memcpy leads to shorter
amount of instructions but on armv5te the memcpy is not expanded
leading to a branch. Use the version of max until we have the time
to benchmark it]
Sponsored-by: On-Waves ehf
This code dealing with bit shifting sometimes gets 1 byte beyond array
boundary while calculating index. This is now explicitly checked and prevented.
Ticket: OW#1198
Sponsored-by: On-Waves ehf
The new functions bitvec_get_bytes and bitvec_set_bytes copy
byte sequences from bitvecs to uint8_t arrays and vice versa.
While the bytes in the bitvecs do not need to be aligned, the uint8_t
arrays always are. In case the bytes in the bitvec are aligned, the
implementation uses memcpy.
Note that the implementation like the other existing functions assume
MSB first encoding.
[hfreyther: Squash the comment fix into this commit as well]
Sponsored-by: On-Waves ehf
These functions are currently part of openbsc but also needed by
other projects.
The function have been renamed as follows:
gprs_apn_to_str -> osmo_apn_to_str
gprs_str_to_apn -> osmo_apn_from_str
Sponsored-by: On-Waves ehf
This patch makes msgb_hexdump accept out of range lXh pointers and
shows info about them instead of aborting the dump entirely.
Sponsored-by: On-Waves ehf
These functions originate from openbsc/src/gprs but are generic
msgb helper functions.
msgb_copy: This function allocates a new msgb, copies the data
buffer of msg, and adjusts the pointers (incl. l1h-l4h)
accordingly.
msgb_resize_area:
This resizes a sub area of the msgb data and adjusts the
pointers (incl. l1h-l4h) accordingly.
Sponsored-by: On-Waves ehf
The primitives for SUSPEND, RESUME and RECONNECT are only permitted on
the MS side of the LAPDm link, not on the BTS side. So we should check
for this and reject, accordingly.
Currently the state is assumed to remain the same while the reset
procedure is active. While this works correctly in general, a single
unexpected BLOCK_ACK or UNBLOCK_ACK can change the state but will not
stop the reset procedure. The leads to repeated RESET messages, where
the corresponding RESET_ACK is ignored. This is a stable state which
can only be left by manual intervention or by reception of a RESET
message from the peer.
This commit changes the RESET timeout handler to set the state to
BLOCKED/RESET when sending the new NS RESET message.
Note that this should ensure a clean restart even if the state has been
screwed up. It does not fix the handling of BLOCK_ACK or UNBLOCK_ACK
in abnormal cases.
Addresses:
gprs_ns.c:349 NSEI=8895 Tx NS RESET (NSVCI=8895, cause=O&M intervention)
gprs_ns.c:878 NSVCI=8895 Rx NS RESET ACK (NSEI=8895, NSVCI=8895)
gprs_ns.c:887 NS RESET ACK Discarding unexpected message for NS-VCI 8895 from SGSN NSEI=8895
Ticket: OW#1551
Sponsored-by: On-Waves ehf
stats_statsd.c: In function ‘osmo_stats_reporter_statsd_send_item’:
stats_statsd.c:154:15: warning: initialization discards ‘const’ qualifier from pointer target type
char *unit = desc->unit;
^
The stat item group is not removed by gprs_nsvc_delete which will
corrupt the group list.
Addresses:
valgrind tests/gbproxy/gbproxy_test
[...]
==4541== Invalid write of size 4
==4541== at 0x4071ACA: __llist_add (linuxlist.h:65)
==4541== by 0x4071ACA: llist_add (linuxlist.h:81)
==4541== by 0x4071ACA: osmo_stat_item_group_alloc
(stat_item.c:112)
==4541== by 0x407EDFD: gprs_nsvc_create (gprs_ns.c:244)
==4541== by 0x408109D: gprs_ns_instantiate (gprs_ns.c:1388)
==4541== by 0x804CFD3: test_gbproxy_ident_changes
(gbproxy_test.c:1501)
==4541== by 0x805FBD3: main (gbproxy_test.c:5803)
Sponsored-by: On-Waves ehf
This symbol is globally visible and therefore should have an OSMO
prefix like the other identifiers exported by stat_item.h.
Sponsored-by: On-Waves ehf
Shipping our own private copy of talloc was a good idea in 2008,
when it was not readily available on most target platforms. Today,
the situation is quite different, as it is a standard library on
major Linux distributions.
Currently the counters are scanned twice, once for interval
computation and once for reporting.
This adds a reminder to move the interval computation code to a
special stats reporter which just shall update the fields.
Sponsored-by: On-Waves ehf
Due to prior refactoring, the functions do not have an sensible order
in the file. This commit tries to improve that a little bit.
Sponsored-by: On-Waves ehf
This commit moves the stats specific code parts into stats_statsd.c
while keeping the generic parts in stats.c. The code in stats.c no
longer contains references to statsd symbols.
Note that the VTY code still needs to know about every stats reporter
backend.
Sponsored-by: On-Waves ehf
CC stat_item.lo
stat_item.c: In function 'osmo_stat_item_group_alloc': stat_item.c:84:28: warning: cast to pointer from integer of different
size [-Wint-to-pointer-cast]
group->items[item_idx] = (void *)items_size;
^
stat_item.c:98:24: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
((uint8_t *)items + (int)group->items[item_idx]);
^
Currently the global stat item index is being advanced in
osmo_stat_item_group_handler, so that the second and further groups
in the list will skip new item values.
This commit moves the call to osmo_stat_item_discard_all into
osmo_stats_report to a place where all groups have been processed
already.
Sponsored-by: On-Waves ehf
Currently the reporter loop is aborted, if the event would be ignored
due to an insufficient max_level. Thus the reporters that happen to
be stored afterwards would be skipped even if their level were
sufficient.
This commit replaces the conditional 'return' statement by a
considtional 'continue' statement to ensure the processing of the
list tail.
Sponsored-by: On-Waves ehf
Currently only counter changes and new item values are being
reported. This makes it cumbersome to configure reporting clients,
since there is nothing like a list of all parameters.
This commit changes this behaviour such that all currently existing
counters and items that would be reported eventually, are passed to
the reporter when it has been reconfigured or enabled. If a counter
has not been incremented, 0 is sent. If a stat item value has not
been added, the last item value (or the default value if there is
none) is resent again.
Note that this will not catch transient counters/items that will be
created later on, e.g. triggered by new peers or subscribers.
To just force this kind of dump on a running reporter, it is
sufficient to invoke the 'enable' command in its configuration node.
Sponsored-by: On-Waves ehf
Currently the having an unset prefix leads to an abort() in the
statsd reporter due to an fprintf format string error. In addition
the prefix cannot be reset to its initial state (NULL) by using 'no
prefix', which just sets the prefix to the empty string, causing a
single leading dot to appear in front of the name.
This commit changes the implemenation to consistly use NULL for
the unset name prefix ('no prefix') and to handle this case correctly
in the statsd reporter.
Sponsored-by: On-Waves ehf
The NS object is created with an unknown identity and only after
the reset procedure has progressed (completed?) we know the real
ID for this peer. Before nobody has looked at the idx values (this
could have been seen with the CTRL interface) but with statsd the
wrong NSVCI becomes obvious.
Add routines to update the idx and I don't know if the change of
idx is causing any issues but we will find that out soon.
Currently there is only the 'show stats' command which shows all
counter and stat_item values. This can lead to many lines of output
if there are per-subscriber rate counters.
The new command added by this commit allows it to only show groups of
a certain level (class_id), similar to the 'level' configuration
command for stats reporter.
The new command is
show stats level (global|peer|subscriber)
Sponsored-by: On-Waves ehf
Currently the class_id is not set which effectively puts these groups
into the 'subscriber' class.
This commit adds the missing initialisation value.
Sponsored-by: On-Waves ehf
For the atoi we need to pass the val as a string. This means
we need to write "0" which then gets parsed to 0.
[src/vty/stats_vty.c:90]: (error) Possible null pointer dereference: val
we need to put the default value into inaddr and not put a
32bit value into the addr pointer.
Spotted by cppcheck:
[src/stats.c:231]: (error) Uninitialized variable: inaddr
Nothing is being done with these return values. Remove them
for now and update the TODO entry that is present at two of
the three places.
stats.c: In function ‘rate_ctr_handler’:
stats.c:570:6: warning: variable ‘rc’ set but not used [-Wunused-but-set-variable]
int rc;
^
stats.c: In function ‘osmo_stat_item_handler’:
stats.c:617:6: warning: variable ‘rc’ set but not used [-Wunused-but-set-variable]
int rc;
^
stats.c: In function ‘handle_counter’:
stats.c:651:6: warning: variable ‘rc’ set but not used [-Wunused-but-set-variable]
int rc;
This log level is used by the stats subsystem log reporter to report
statistics to level INFO. Note that the default level of DLSTATS is
NOTICE.
Sponsored-by: On-Waves ehf
This commit adds class_id fields to the rate_ctr and stat_item group
descriptions. The stats reporter code is extended to only process
groups whose class_id does not exceed a per reporter max_class level.
If the class_id is not set, the code assumes 'global' for groups with
idx == 0 and 'subscriber' otherwise.
The following vty command is added to config-stats:
level (global|peer|subscriber) Set the maximum group level
Sponsored-by: On-Waves ehf
Currently the unsigned group index value is silently being cast to
(signed) int in the log and statsd reporter code. If the resulting
value is negative (which can happen for instance with MMCTX
counters), the index is assumed to be unset.
This commit changes the affected types to unsigned. The index value 0
is then the only value indicating an unset group.
Sponsored-by: On-Waves ehf
Since the the stat_item and stats functions and data types are meant
to be exported, they get an osmo_ prefix.
Sponsored-by: On-Waves ehf
[hfreyther: Prepended the enum values too. This was requested by
Jacob]
This reporter passes the measurement values to the logging subsystem
as DSTATS (which is currently DLGLOBAL) level INFO messages.
Sponsored-by: On-Waves ehf
Currently case statements are used to select the right reporter
functions. This makes it difficult to add new reporter types,
especially if they are not going to reside in the same file.
This commit introduces per reporter function pointer for
open, close, send_count, and send_item. They are checked for
non-NULL before being called or skipped.
Sponsored-by: On-Waves ehf
To support reporters without network configuration, this commit
introduces the have_net_config flag to provide corresponding error
messages.
Sponsored-by: On-Waves ehf
If the MTU is given, combine several messages into a single UDP
packet until the limit is reached. Flush all reporters after the
values have been scanned.
New vty commands (node config-stats):
mtu <100-65535> Enable multi-metric packets and set the maximum
packet size (in byte)
no mtu Disable multi-metric packets
Note that single messages that are longer than the given MTU (minus
28 octets protocol overhead) will be dropped.
Sponsored-by: On-Waves ehf
This commit changes the reporting code to also show all modified
osmo_counter values. Since there is no grouping of these values, the
name string just consists of the optional prefix and the counter
name.
Sponsored-by: On-Waves ehf
The osmo_counter_difference returns the counter value difference
since the last call of this function with the given counter object.
Sponsored-by: On-Waves ehf
Currently only rate counter are being supported.
This commit adds support for stat items. All groups are polled for
changed values.
Sponsored-by: On-Waves ehf
This calls stats_flush in regular intervals which polls the
statistical values and calls the active reporters when values have
changed.
Sponsored-by: On-Waves ehf
This commit provides stats configuration similar to the log
configuration.
The following vty commands are added to the config node:
stats reporter statsd Create/Modify a statsd reporter
no stats reporter statsd Remove a statsd reporter
To actually configure a reporter, the config-stats node is entered
when the "stats reporter" command has succeeded. The following new
vty commands are available there:
local-ip ADDR Set the IP address to which we bind locally
no local-ip Do not bind to a certain IP address
remote-ip ADDR Set the remote IP address to which we connect
remote-port <1-65535> Set the remote port to which we connect
prefix PREFIX Set the item/counter name prefix
no prefix Do not use a prefix
enable Enable the reporter
disable Disable the reporter
Sponsored-by: On-Waves ehf
This commit provides the stats reporting framework that can manage
several types of measurement reporters. Initially support for
rate_ctr and the statsd protocol is included.
Sponsored-by: On-Waves ehf
This file will contain the VTY code related to statistics.
This commit adds a minimal file with just as single VTY command:
- show stats This command shows all statistical values
To enable this and future commands, the main program needs to call
stats_vty_add_cmds().
Sponsored-by: On-Waves ehf
Currently the groups for stat_items and counter are iterated
manually.
This commit makes use of the new iterator functions to access the
single elements via handlers.
Sponsored-by: On-Waves ehf
This commit adds the following functions:
stat_item_for_each_group Call a handler for each group
stat_item_for_each_item Call a handler for each item of a
group
Sponsored-by: On-Waves ehf
For global value reporting, some additional helper functions are
needed. The statsd protocol expects differential counter values,
which are currently not provided by rate_ctr (except for s/m/h/d
intervals).
This commit adds several helper functions to rate_ctr:
- rate_ctr_difference returns the counter delta since the last
call to this function for a given counter
- rate_ctr_for_each_counter
iterates through each counter of a group
- rate_ctr_for_each_group
iterates through all globally registered
counter groups
Note that the rate_ctr_difference function can only be used by a
single backend, since it modifies the 'previous' field in the
rate_ctr obj.
Sponsored-by: On-Waves ehf
Currently each stat item has a separate index value which basically
counts each single value added to the item and which can be used by
a reporter to get all new values that have not been reported yet.
The drawback is, that such an index must be stored for each stat
item.
This commit introduces a global index which is incremented for each
new stat item value. This index is then stored together with the item
value. So a single stored index per reporter is sufficient to make
sure that only new values are reported.
Sponsored-by: On-Waves ehf
The following counters are added to the ns.nsvc counter group:
lost.alive The number of missing ALIVE ACK messages
lost.reset The number of missing RESET ACK messages
The following items are added to the ns.nsvc stat item group:
alive.delay The time in ms between sending ALIVE and
receiving the next ALIVE ACK
Sponsored-by: On-Waves ehf
This commit adds instrumentation function to gather measurement
and statistical values similar to counter groups.
Multiple values can be stored per item, which can be retrieved in
FIFO order. Getting values from the item does not modify its state to
allow for multiple independant backends (e.g. VTY and statd).
When a new value is set, the oldest value gets silently overwritten.
Lost values are skipped when getting values from the item.
Sponsored-by: On-Waves ehf
When using configure --disable-static, no libosmogsm.a will be
created, and the tests fail to link because symbols like _a5_3 and
_a5_4 are not exported through the only remaining libosmogsm.so.
A method to overcome this is an intermediate private non-distributed
library, examples of which are present in e.g. libabc, kmod and
systemd.
With this, disable-static can now be the default and practical compile
time be halved.
We are mixing enums and hope that no short-enums are used. This
is leading to a lot compiler warnings generated by clang. Change
the API to work with integers.
Porting:
The go_parent_cb implementations in the applications need to be
fixed. The API change leads to a compile time warning.
Fixes:
abis_om2000_vty.c:46:2: warning: implicit conversion from enumeration type 'enum bsc_vty_node' to
different enumeration type 'enum node_type' [-Wenum-conversion]
OM2K_NODE,
^~~~~~~~~
Currently the size of the IMSI pointer is used instead of the size of
the talloc'ed buffer.
This commit changes the call to gsm48_mi_to_string to use the same
value that has been used with talloc_zero_size(). The length is
changed to 17 since that value is used for GSM_IMSI_LENGTH in
openbsc.
Fixes: Coverity CID 1040663
Sponsored-by: On-Waves ehf
Addresses:
CCLD utils/utils_test
utils_test.o: In function `test_idtag_parsing':
git/libosmocore/tests/utils/utils_test.c:64: undefined reference to `ipa_ccm_idtag_parse_off'
Sponsored-by: On-Waves ehf
For some reason the structure is closer to be a LV (length
and value). The value is actually a tag but it is counted
inside the length. Introduce an overload of the parse function
to provide an offset for the length. This will be taken from
the returned length.
The current functions are used to 'qualify' an APN from the
user-supplied APN name (name identifier) towards the fully-qualified
APN name which is used in the .grps DNS zone.
Fixes:
In file included from ../../../include/osmocom/core/msgb.h:25:0,
from ../../../include/osmocom/sim/sim.h:4,
from ../../../src/sim/reader_pcsc.c:30:
../../../include/osmocom/core/bits.h:6:35: fatal error: osmocom/core/bit16gen.h: No such file or directory
#include <osmocom/core/bit16gen.h>
In file included from ../../include/osmocom/core/msgb.h:25:0,
from ../../utils/osmo-sim-test.c:26:
../../include/osmocom/core/bits.h:6:35: fatal error: osmocom/core/bit16gen.h: No such file or directory
#include <osmocom/core/bit16gen.h>
Currently large values for Bmax default MS get sliced since a uint16_t is
used as the type of the corresponding parameter of bssgp_tx_fc_bvc.
GSM 48.018, 11.3.2 which in turn refers to 11.3.5 specifies a maximum
of 6MB (0xffff * 100).
This commit changes the type to uint32_t to cover the full value
range.
Sponsored-by: On-Waves ehf
Currently the DL sometimes hangs and sometimes a lot of messages
(still not able to send PDU) are logged. This is caused by an invalid
timer delay computation, setting msecs either to 0 or to some big value.
This is due to an '&' operator at the wrong place, accessing some
parts in fc instead of the first element of the list.
This commit fixes that issue.
Sponsored-by: On-Waves ehf
Currently all 2 byte IE of the message are transmitted in the little
endian byte ordering.
This commit adds htons to the encoding expressions.
Sponsored-by: On-Waves ehf
We should consider simply removing the alias as we have
had several ABI changes since introducint the alias
utils.c:223:23: error: only weak aliases are supported on darwin
__attribute__((weak, alias("osmo_hexdump_nospc")));
Currently out-of-memory is not handled by bssgp_msgb_alloc, leading
to SEGV failures if msgb_alloc_headroom returns NULL.
This commit adds an OSMO_ASSERT to catch this case, which improves
the situation only slightly. But bssgp_msgb_alloc is used in many
places without checking the return value, so just adding a
conditional early NULL return would not fix the issue either.
Fixes: Coverity CID 1293377
Sponsored-by: On-Waves ehf
In some places, the return value of msgb_alloc/msgb_alloc_headroom
is not checked before it is dereferenced.
This commit adds NULL checks to return with -ENOMEM from the calling
functions if the alloc function has failed.
Fixes: Coverity CID 1249692, 1293376
Sponsored-by: On-Waves ehf
Currently the return value of the gprs_ns_tx family of functions is
often ignored. This is not a serious issue, since the successful
delivery of the messages is neither guaranteed nor acknowledged by
the network layer anyway.
Nevertheless this commit adds logging (level INFO) to gprs_ns_tx and
gprs_ns_msgb_alloc. The definition of the latter has been moved from
the header file to gprs_ns.c.
Fixes: Coverity CID 1040678, 1040679, 1040680, 1040681, 1040682,
1040683, 1040684, 1040686, 1040687, 1040688, 1111545,
1240203, 1240204
Sponsored-by: On-Waves ehf
Currently bssgp_rx_ptp might be called with bctx being NULL, when the
NS BVCI is neither BVCI_SIGNALLING nor BVCI_PTM, but the message is
a BVC_RESET or it contains an BVCI IE != BVCI_SIGNALLING where the
BVCI is not known.
This patch ensures that bssgp_rx_ptp will only be called with a
non-NULL bctx. A log message will be issued, if the bctx is NULL when
this was not expected.
Fixes: Coverity CID 1040674
Sponsored-by: On-Waves ehf
Currently the implementation of bssgp_tx_dl_ud conditionally adds
some optional IE if dup != NULL. Later on is dereferences dup to
access qos_profile and fc, but this without checking dup in advance.
This may lead to an segmentation violation fault.
This commit changes the value range of the function to only accept
dup != NULL. An assertion will fail otherwise. All other explicit
checks for non-NULL are removed.
Fixes: Coverity CID 1040673
Sponsored-by: On-Waves ehf
We check that the amount of commands is not more than
we have but we don't check it the other way. It appears
that the vector is allowed to be bigger than the amount
of commands. So we match a prefix of a longer command
depending on the installation order.
In e15ac060e7 we tried to fix
the nuttx build but we never included "netinet/tcp.h" after
it and the compiler warned about the unused "on" parameter
which we didn't notice because of the other warnings...
Include config.h so we can see if there is a tcp.h and then
include it.
msgfile.c:116:16: warning: implicit declaration of function 'getline' is invalid in C99
[-Wimplicit-function-declaration]
while (getline(&line, &n, file) != -1) {
These types were compatible so simply remove one.
Fixes:
gsm0808.c:323:37: warning: initializer overrides prior initialization CC gsm0480.lo
of this subobject
CC abis_nm.lo
[-Winitializer-overrides]
[GSM0808_IE_LSA_INFORMATION] = { TLV_TYPE_TLV },
^~~~~~~~~~~~
gsm0808.c:316:36: note: previous initialization is here
[GSM0808_IE_LSA_INFORMATION] = { TLV_TYPE_TLV },
^~~~~~~~~~~~
Currently incoming BSSGP STATUS messages are just logged and no other
action is taken. This makes it impossible for higher layers to react
to failures which are indicated by corresponding STATUS messages
unless a timeout is triggered as a result of that failure later on.
This commit adds a bssgp_rx_status() function and calls it on
incoming STATUS messages. That function logs a message, increments the
new BSSGP_CTR_STATUS counter if the bctx context exists and invokes
an NM_STATUS status indication. The latter will allow the application
to handle failures immediately. Since all STATUS messages should be
handled, the function is already called in bssgp_rcvmsg and the
message is no longer handled in (and will not reach) bssgp_rx_sign
and bssgp_rx_ptp.
Ticket: OW#1414
Sponsored-by: On-Waves ehf
Currently each incoming PtP BSSGP STATUS message is handled as 'not
yet implemented' and a BSSGP STATUS message (cause
BSSGP_CAUSE_PROTO_ERR_UNSPEC) is sent back to the peer. This will
cause endless messages loops if both peers use this BSSGP stack
implementation. This does not apply to signalling messages.
This commit changes the implementation of bssgp_rx_ptp() to just do
logging in this case.
Sponsored-by: On-Waves ehf
Currently when using 'logging print extended-timestamp 1', the
subsecond part (milliseconds) of the printed timestamp is always 0.
This makes it difficult to correlate log entries with PCAP file
entries if there are many of them per second.
This patch changes _output in logging.c to use gettimeofday() instead
of time() when extended timestamps are enabled and replaces the '000'
by the milliseconds computed from tv_usec.
Sponsored-by: On-Waves ehf
Fixes:
dpkg-shlibdeps: warning: symbol vector_free used by debian/libosmoctrl0/usr/lib/libosmoctrl.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol vector_set used by debian/libosmoctrl0/usr/lib/libosmoctrl.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol vector_set_index used by debian/libosmoctrl0/usr/lib/libosmoctrl.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol tall_vty_vec_ctx used by debian/libosmoctrl0/usr/lib/libosmoctrl.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol ipa_msg_recv_buffered used by debian/libosmoctrl0/usr/lib/libosmoctrl.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol cmd_free_strvec used by debian/libosmoctrl0/usr/lib/libosmoctrl.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol vector_lookup used by debian/libosmoctrl0/usr/lib/libosmoctrl.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol vector_lookup_ensure used by debian/libosmoctrl0/usr/lib/libosmoctrl.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol cmd_make_strvec used by debian/libosmoctrl0/usr/lib/libosmoctrl.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol vector_init used by debian/libosmoctrl0/usr/lib/libosmoctrl.so.0.0.0 found in none of the libraries
The big LIBOSMOCORE_CFLAGS and LIBOSMOCORE_LIBS macros are not
defined when building linosmocore. Use the .la files directly
Fixes:
dpkg-shlibdeps: warning: symbol osmo_hexdump used by debian/libosmosim0/usr/lib/libosmosim.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol gsm48_parse_ra used by debian/libosmosim0/usr/lib/libosmosim.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol _talloc_zero used by debian/libosmosim0/usr/lib/libosmosim.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol _talloc_memdup used by debian/libosmosim0/usr/lib/libosmosim.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol talloc_strndup used by debian/libosmosim0/usr/lib/libosmosim.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol msgb_length used by debian/libosmosim0/usr/lib/libosmosim.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol msgb_alloc used by debian/libosmosim0/usr/lib/libosmosim.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol msgb_free used by debian/libosmosim0/usr/lib/libosmosim.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol talloc_strdup used by debian/libosmosim0/usr/lib/libosmosim.so.0.0.0 found in none of the libraries
dpkg-shlibdeps: warning: symbol talloc_free used by debian/libosmosim0/usr/lib/libosmosim.so.0.0.0 found in none of the libraries
These patches enhance the Supplementary Service (SS) processing from
only being able to handle USSD to other SS, specifically activation,
deactivation and interrogation of those SS. Registration is not yet
implemented.
include/osmocom/gsm/protocol/gsm_09_02.h has been added with needed
values for SS.
Modified by Harald Welte to keep the old ussd-only functiosn for API/ABI
stability.
We tried to fix it but it isn't that easy. The original fix was
cd6ed82d1f but we had to revert it
as "everything" is present/used in existing config files.
If we ever change the ABI we can make everything be something
that is > 0. For now use a wording that makes it obvious that
people should not use "everything".
Currently, the ipa_send function returns -1 in one execution branch
to indicate an error and -EIO in another. This is not consistent and
can lead to a misinterpretation of the error code, since -1 is -EPERM
and in general, EPERM is not returned by write(2).
This patch changes the return code to -errno instead of -1 for the
case that write(2) fails for same reason. So -rc is always a sensible
error value if there is a failure.
Sponsored-by: On-Waves ehf
We want to see from which category/subsystem a certain log message
is coming from and use a different timestamp format as well. Add
two new bitfields. This doesn't change the size of the structure
and on 32bit we still have 27bits left.
The extended timestamp will take preference over the current and
default timestamp format.
Fixes: SYS#602
For the BSC/NITB application we see that people modify the band
without modifying the ARFCN. This creates an unbootable config.
Using the new hook the BSC/NITB can check if the config is
consistent and prevent the config file being written.
Related: SYS#739
this fixes some compilation issues with libosmocore under NuttX,
particularly as some #defines are missing or some header files are
slightly different.
Currently this command segfaults (at least when ASAN is enabled),
because when getting the NSEI the index to argv is wrong and out of
bounds.
This patch fixes the offset.
Sponsored-by: On-Waves ehf
The pkg-config file already points into the PCSC directory. This
is needed for FreeBSD where /usr/local/include is not in the
default compiler search path.
On Debian
$ pkg-config --cflags libpcsclite
-pthread -I/usr/include/PCSC
On FreeBSD
$ pkg-config --cflags libpcsclite
-I/usr/local/include/PCSC -D_THREAD_SAFE -pthread
libosmocore.{so,a} should always have been GPLv2+. However, when
migrating some code from OpenBSC or OsmocomBB, we sometimes introduced
it with a wrong license header.
The copyright holders Harald Welte, Holger Freyther, Andreas Eversberg
and sysmocom - s.f.m.c. GmbH (represented by Holger and Harald) agree
that the license of libosmogb should be GPLv2+ and not AGPLv3+.
The reason the source files stated AGPLv3+ is due to the history, as
they were moved from OpenBSC to libosmocore at the time we needed to use
them from osmo-pcu. It was an oversight back then to not re-license
them accordingly.
Currently sending SUSPEND/RESUME messages to this function (like it
is done in the osmo-sgsn) results in STATUS messages complaining
about an unknown BVCI. The reason is, that these messages rely on a
TLLI/RAI pair to identify the context and do not contain an explicit
BVCI.
This patch modifies bssgp_rcvmsg() to only complain about and unknown
BVCI if one is given but a matching context is not found (except for
RESET messages). The ctx argument is removed from the functions
handling SUSPEND and RESUME since it will always be NULL then.
Sponsored-by: On-Waves ehf
In the OsmoSGSN we have a crash with a DEAD/BLOCKED GPRS-NS and
segmented SN-UNITDATA. For the caller it is not easy to know if
the passed msg buffer has been freed or not. The most easy solution
is to always take the ownership and either pass it on or free it
in case of an error.
Adjust indirect and direct callers of gprs_ns_sendmsg. I found
the following call-chains with an external msgb parameter.
gprs_ns_sendmsg
<- _bssgp_tx_dl_ud
<- bssgp_fc_in
<- bssgp_tx_dl_ud
Update the test to allocate a real msgb because for the test with
'1000' we will msgb_free it right away.
Sponsored-by: On-Waves ehf
Currently the NS-VC's state is updated from within gprs_ns_tx_reset,
which can lead to an inconsistent state when the RESET_ACK is lost.
In this state, the NSE_S_RESET bit is set but the Tns-reset timer is
not started.
This patch moves the state update into gprs_nsvc_reset. This way, the
state flags are consistent with the timer.
Addresses:
SGSN -> BSS NS_ALIVE
BSS -> SGSN NS_ALIVE_ACK
BSS -> SGSN BVC_RESET
SGSN -> BSS NS_STATUS, Cause: NS-VC blocked, NS VCI: 0x65
and there is no BSS->SGSN NS_ALIVE
Ticket: OW#1213
Sponsored-by: On-Waves ehf
Currently gprs_nsvc_reset does not return any value.
This patch changes the function to return an integer, where a value
less than zero indicates an error. The value is taken from the
gprs_ns_tx_reset function. In case of failure, an error message is logged.
Sponsored-by: On-Waves ehf
the bits/crc files are not inside the sourcedirectory but will end
in the build directory. Go and look there as well. This somehow
doesn't fail with make distcheck but when building for Yocto Dizzy.
Currently the bssgph field is not set when using the bssgp_tx_*
functions. This hinders unit testing of generated messages.
This patch initializes the bssgph field directly after allocation a
new bssgp msgb in bssgp_msgb_alloc() so that it is set by default.
Sponsored-by: On-Waves ehf
Currently BSSGP messages with an NS BVCI of 0 (signalling) are
discarded if they aren't RESET messages. Thus valid signalling
messages (e.g. BLOCK) are not handled properly, because the BVCI IE
is ignored if it present. Instead a STATUS message referring to BVCI
0 (instead of the BVCI used in the BLOCK message) is returned.
This patch changes the implementation to use the BVCI contained in
the BVCI IE if that is present in a signalling message.
It fixes BSSGP BLOCK/UNBLOCK for the osmo-sgsn.
Note that signalling messages without an BVCI IE (e.g.
SUSPEND/RESUME) are still rejected.
Ticket: OW#1205
Sponsored-by: On-Waves ehf
Currently the BVCI is not set in all invocations to bssgp_tx_status()
when the cause is UNKNOWN_BVCI.
This patch adds the argument where it is missing.
It also adds a check for compliance (GSM 08.18, 10.4.14.1) to
bssgp_tx_status() to emit errors when the following requirement is
not fulfilled: The BVCI must be included if (and only if) the cause
is either "BVCI blocked" or "BVCI unknown".
Sponsored-by: On-Waves ehf
Sometimes a control interface command cannot be processed
and responded immediately, but we need to process it asynchronously.
In order to support this, we introduce the 'ctrl_cmd_def', which
represents such a deferred command. It is created by the service
implementing the command using ctrl_cmd_def_make(), and a response is
later sent using ctrl_cmd_def_send().
ctrl_cmd_def_is_zombie() must be called to handle the case where
the control connection has disconnected/died between receiving the
command and sending the response.
The control interface user now only has to register a very short
node lookup function callback. This function is optional, and only
required if hierarchical command lookup should be supported.
Instead of using one flat talloc context (and one that is specific to
openbsc), we should attach the objects to whatever parent context they
are being used in.
The element following the identifier list was the
GSM0808_IE_LSA_INFORMATION. It is a TLV type as well
and the issue got introduced in
92107dfd3b.
Fixes:
gsm0808.c:316:40: warning: initializer overrides prior initialization of this subobject
[-Winitializer-overrides]
[GSM0808_IE_LSA_IDENTIFIER_LIST] = { TLV_TYPE_TLV },
^~~~~~~~~~~~
gsm0808.c:315:40: note: previous initialization is here
[GSM0808_IE_LSA_IDENTIFIER_LIST] = { TLV_TYPE_TLV },
There doesn't seem to be a way to share this code with Linux as
it doesn't have the sockaddr_dl concept inside the getifaddrs.
I manually verified this on a FreeBSD10 box and hex decoding gave
me the correct mac address and rc was 0.
As we are breaking builds by moving functions from libosmo-abis to
libosmocore anyway, we might as well give functions more appropriate
names. ipaccess is a company, while IPA is the multiplex protocol, and
CCM is the protocol used for establishing identities on the IPA
multiplex.
libosmo-abis is about forming A-bis interfaces/lines by means
of E1 or the IPA multiplex (or possibly other link layers).
The IPA multiplex is used in other contexts, such as the Control
interface, or the A interface. In that context, it makes sense to
have generic IPA related functions in libosmocore.
Fix re-initialize issue of the GPRS NS. This was found while
working on the GB Proxy tests.
==27800== Invalid write of size 4
==27800== at 0x403C263: rate_ctr_group_alloc (linuxlist.h:65)
==27800== by 0x4050974: gprs_nsvc_create (gprs_ns.c:209)
==27800== by 0x405320D: gprs_ns_instantiate (gprs_ns.c:1330)
==27800== by 0x804B212: main (gbproxy_test.c:797)
==27800== Address 0x434173c is 52 bytes inside a block of size 784 free'd
==27800== at 0x4029DA8: free (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==27800== by 0x4041BBD: _talloc_free (talloc.c:609)
==27800== by 0x40432B2: talloc_free (talloc.c:578)
==27800== by 0x40532D3: gprs_ns_destroy (gprs_ns.c:1363)
==27800== by 0x804B1FE: main (gbproxy_test.c:791)
If the read callback closes the connection conn is already freed so we
can't derefernce it. Instead return -EBADFD in the read function if it
closed the connection and check for that.
If the FD is both readable and writable and the read callback closes the
connection (and frees the surrounding structure) we shouldn't call the
write callback (or check anything else in the read fd).
With this patch callback functions can return -EBADFD if they don't want
the FD to be handled any more.
This adds support for A-over-IP and LCLS related message/IEI
definitions.
Old definitions are in decimal, which is very hard (at least for me)
to compare with the binary tables in the spec. Hex is much easier
to manually compare for completeness/correctness. I didn't touch
the existing definitions, but think they should move to hex, too.
The code is lacking a "," at the end of a string and we ended up
doing string concatination instead of having an invalid state.
Fixes Coverity CID 1206564
The code would have used an uninitialized current_time in case
"now" was not NULL. As now is const and timersub expects a non
const parameter I decided to copy now into current_time.
Fixes: CID #1040661
Rename NM_ATT_O_REDUCEPOWER to NM_ATT_OSMO_REDUCEPOWER, which
makes it more clear that this is an osmcoom specific attribute.
Also, we cannot simply overload 0x01 as an already defined OML
attribute. The problem is quite simple: When we use abis_nm_att_tlvdef
during the TLV parse, 0x01 will match to NM_ATT_ABIS_CHANNEL,
which is defined as { TLV_TYPE_FIXED, 3 }.
So instead, we need to introduce a new abis_nm_osmo_att_tlvdef[],
which has to be patched into abis_nm_att_tlvdef[] by the means of
tlv_def_patch(), exactly how we do it for bs-11 and nanobts specific
attributes.
I'm using 0xfe for the attribute, as 0xfe doesn't overlap with the IPA
specific attribues (and we might want to combine/merge the 12.21 plus
IPA plus osmocom spefici attributes)
FreeBSD 10.0 ships an execinfo.h but one needs to link to an
additional library for the backtrace functions. Check if there
is a backtrace symbol in libexecinfo and if so link to that
library.
If LAPDm receives an I-Frame while there already is an I-Frame in the
tx_queue the code generates an additional RR (to acknowledge the
received I-Frame). Instead, N(R) of the I-Frame in the tx_queue should
be updated to ACK the data.
When debugging an issue that involves SAPI=0 and SAPI=3 the
log file does not have enough context. Add the SAPI to this
message so we at least understand which SAPI we are talking
about.
Currently it takes 3s to establish a SAPI 3 SACCH connection with
osmo-bts. This is due to the fact, that a broken SABME request is
sent first and and is ignored by the MS. Then, after a T200 timeout
(2s) the SABME command is sent again (this time correctly) and
answered by the MS.
The first SABME message is broken (it has a length field of 3 and
ends with 3 bytes from the tail of the original RSL message),
because of it is expected throughout lapdm.c that msg buffers
containing RSL have msg->l2h == msg->data. Some abis input drivers
fulfill this but IPA doesn't, thus the 3 bytes of the IPA header
are still part of the msg and confuse length computation.
Since internal fields of the msg are modified directly, this is
difficult to see.
This patch adds a new function msgb_pull_to_l3() that explicitely
skips over all headers prepending L3 and therefore resets l1h and
l2h. This function is then used instead of msgb_pull_l2h() which
only worked correctly when msg->l2h == msg->data. In addition,
code manipulating msg->tail and msg->len directly has been replaced
by calls to msgb_trim().
Note that this patch does not fix all issues of this case in the LADP
related code.
Ticket: SYS#192
Sponsored-by: On-Waves ehf
This function works like osmo_hexdump() and returns a static buffer
containing hex bytes along with markers for the layers.
Note that it uses osmo_hexdump() internally, thus a call to
msgb_hexdump() invalidates the buffer that has been returned by an
earlier call to osmo_hexdump(). In short: don't mix them in a single
call printf().
Sponsored-by: On-Waves ehf
Currently w[14]/w[15] and w[18]/w[19] are swapped in range 256 format
decoding in gsm48_decode_freq_list().
This patch fixes this.
Sponsored-by: On-Waves ehf
The legacy 7bit conversion functions (those without the '_n_' in the
name) gave wrong return values on 64 bit platforms due to unproper
signed/unsigned conversions and the usage of SIZE_MAX.
This patch fixes this by using a smaller max size (see
GSM_7BIT_LEGACY_MAX_BUFFER_SIZE, currently set to 64k) for the legacy
wrappers and by using unsigned int for max_septets.
In addition, there are tests now that check the return values of
legacy encoding and decoding.
Sponsored-by: On-Waves ehf
abis_nm_pchan4chcomb will return a pchan for a given channel
combination but returned a value of the channel combination.
Fix it to return the physical channel combination.
Fixes: Coverity CID 1040767
In the osmo-bts and libosmo-abis code the hexdump routine is used
for every incoming/outgoing packet (including voice frames) and the
usage of snprintf showed up inside profiles.
There is a semantic change when more than 4096 characters are used.
The code will now truncate at byte boundaries (and not nibbles).
Code:
static const int lengths[] = { 23, 1000, 52 };
char buf[4096];
int i;
for (i = 0; i < 30000; ++i)
char *res = osmo_hexdump(buf, lengths[i & 3]);
Results:
before: after:
real 0m3.233s real 0m0.085s
user 0m3.212s user 0m0.084s
sys 0m0.000s sys 0m0.000s
The filter_fn has not been copied into the new structure breaking
the imsi and other filters in OpenBSC. Looking at the code we should
also introduce a callback for the reset of the context so we could
use subscr_get/subscr_put on the subscriber structure.
Okay. this comment thing has not worked (I totally forgot about it).
I think either we try to find ABI breakages with tools or we use
#error macros and check for a version...
Currently the field nsvci_is_valid is set to 0 in the NSVC object
returned by gprs_nsvc_create(). This was a semantic change probably
introduced by commit 5e6d679d. As a result, NSVC created via the VTY
have this flag set to 0 causing RESET_ACK messages to be rejected.
This patch changes the default behaviour of gprs_nsvc_create() to
always set this flag. So it must be set to 0 explicitely if needed
which is more intuitive and thus less error prone.
It fixes breaking connections from the Gbproxy to the SGSN.
Ticket: OW#874
Sponsored-by: On-Waves ehf
Currently those messages are answered by a NS_STATUS message when
received on an uninitialised (no NS_RESET hat been seen yet) NS_VC
which violates GPP TS 08.16 7.3.1 and 7.4.1.
This patch adds checks to gprs_ns_vc_create() and eventually returns
before the error NS_STATUS message is generated.
Sponsored-by: On-Waves ehf
When a RESET is received on the same link with a different NSVCI from
a BSS on a dynamically created NS connection do not patch the nsvc
object but create a new one instead. Thus the NSVCI is never modified
at a nsvc object after the NS-VC has been established.
Sponsored-by: On-Waves ehf
This modifies the NS stack's behavior to accept RESET and RESET_ACK
NSEI changes for NS-VC dynamically created by RESET messages from
BSSes. This feature is not used for NS-VC configured via VTY or NS-VC
to a SGSN.
Sponsored-by: On-Waves ehf
This changes the implementations for the reception of RESET and
RESET_ACK to be compatible with 3GPP TS 08.16, 7.3.1:
- Just send a RESET_ACK with correct values back to the SGSN when a
RESET with an invalid NSVCI or NSEI has been received.
- Check RESET_ACK for matching NSEI and NSVCI.
- Ignore unexpected RESET_ACKs.
In addition, use RESET_ACK from a BSS to update the BSS source
address based on the NSVCI to be tolerant with changing UDP source
addresses/ports.
Sponsored-by: On-Waves ehf
This fixes a SEGV error that happens the next time the statistics
are updated.
Addresses:
Program terminated with signal 11, Segmentation fault.
#0 0xb7711fa5 in rate_ctr_group_intv (grp=<optimized out>) at
rate_ctr.c:107
107 for (i = 0; i < grp->desc->num_ctr; i++) {
#0 0xb7711fa5 in rate_ctr_group_intv (grp=<optimized out>) at
rate_ctr.c:107
#1 rate_ctr_timer_cb (data=0x0) at rate_ctr.c:129
#2 0xb770ec59 in osmo_timers_update () at timer.c:243
#3 0xb770ef7a in osmo_select_main (polling=0) at select.c:133
#4 0x08049987 in main (argc=3, argv=0xbfba8084) at
gb_proxy_main.c:306
Sponsored-by: On-Waves ehf
This adds a 'nsvc nsvci <0-65535> (block|unblock|reset)' vty
command. It selects the NS-VC based on the nsvci instead of using the
first with a matching NSEI, like it is done when the 'nsei' keyword
is used instead.
Sponsored-by: On-Waves ehf
Under special circumstances (see below) receiving a NS-RESET leads to
duplicated NS-VC entries.
This happens when the source port of a NS-VC changes to a new one
that has already been used by another NS-VC.
This patch changes gprs_ns_rx_reset() to check for this case and to
use the existing NS-VC object. The NS-VC object that was associated
with the source address before is detached from this source but kept
in the NS-VC list so that it can be reattached when a correspondent
NS-RESET is received later on. Meanwhile it will have a cleared link
layer address which will not match a real link info.
A new counter NS_CTR_REPLACED is incremented each time when the NS-VC
object is replacing another one. A new signal S_NS_REPLACED is added
which gets dispatched in this case, too.
Another new counter NS_CTR_NSEI_CHG is incremented each time when the
NSEI of a NS-VC object (with fixed NSVCI) changes.
Ticket: OW#874
Sponsored-by: On-Waves ehf
Adds the functions gprs_ns_ll_copy() and gprs_ns_ll_clear(). Renames
gprs_ns_format_peer() to gprs_ns_ll_str(). All of these functions
uniformly access the link layer part within the NS-VC objects.
Sponsored-by: On-Waves ehf
Currently this first NS-VC with a matching NSEI is always used to
send a UNITDATA message via gprs_ns_sendmsg(). If the NS-VC found is
either dead or blocked, an error is returned.
This patch changes to code to skip blocked or dead NS-VCs while
searching and return the error if no usable NS-VC is found. This
makes it possible to have several NS-VCs per connection group.
Sponsored-by: On-Waves ehf
Register an osmo signal handler to print a short notice about every
SS_L_NS signal that is generated while processing the tests.
Sponsored-by: On-Waves ehf
The testcase didn't work on Ubuntu 12.04 because vty_create will
directly call vty_event (e.g. not through the plt). This means
that the approach to override vty_event in the testcase failed.
Use the signal interface of libosmocore and make the testcase
use it. The signals can be generally useful as well.
Currently when a NS-RESET is recevied over a link that has not yet
been associated with a NS-VC, the NSEI is used to find an existing
NS-VC. If one is found, the reset procedure is initiated.
This behaviour is not conformant with 3GPP TS 08.16 (see chapter
4.2.3) which allows to use several NS-VC between two endpoints in
parallel.
The patch changes the implementation to use the NSVCI instead
of the NSEI to search for an existing NS-VC object.
Ticket: OW#874
Sponsored-by: On-Waves ehf
According to 3GPP TS 08.16, 7.3 "Reset procedure" the entity
receiving a NS-RESET PDU responds with a NS-RESET-ACK and 'then'
starts the test procedure which essentially means, that a NS-ALIVE
gets sent and a timer is started.
Currently the NS-ALIVE is sent before the NS-RESET-ACK.
This patch fixes the implementation by reversing the order in which
these messages are sent.
Sponsored-by: On-Waves ehf
This patch refactors gprs_ns_rcvmsg() by moving the parts relevant to
the NS messages into the new functions gprs_ns_vc_create() (nsvc
object creation) and gprs_ns_process_msg() (main NS automaton). These
do not contain code that directly depends on the link layer (they
call other functions that still do). This reduces the gprs_ns_rcvmsg()
function to calling these two functions and optionally setting up the
link layer specific fields of the nsvc.
Sponsored-by: On-Waves ehf
This information element has been added to the MM Information
message in GSM24.008. This patch adds it to the tlv_definition
to keep the TLV parser from breaking.
Ticket: OW#978
This patch removes an assertion of node > CONFIG_NODE and changes
the function to handle all nodes properly.
For the sake of completeness, the generic 'exit' command
implementation is extended to work properly with all nodes, too.
This adds the vty_install_default() function that is basically the
install_default() function plus the registration of the commands
'exit' and 'end'. The latter is only provided in subnodes of
ENABLED_NODE and CONFIG_NONE.
The VTY test program is extended to check these commands.
Ticket: OW#952
The number of digits is the number of used octets times two (two
digits per octet). The result has been successfully dissected by
wireshark. It has not been tested with real phones.
The 7bit<->8bit encoding/decoding functions didn't check whether
there is still enough space in the destination buffer. Therefore a
buffer size parameter has been added to each of the functions which
is used to truncate the output if the buffer is too small.
In addition, the return value of the decoding functions has been
changed to number of characters written (excluding \0), so this
value is always equal to strlen(decoded).
The old functions are still available as wrapper functions.
if (ptr)
msgb_free(ptr)
extends to:
if (ptr)
talloc_free(ptr)
And according to the talloc documentation a talloc_free(NULL)
will not crash: "... Likewise, if "ptr" is NULL, then the function
will make no modifications and returns -1."
Handling 7-bit coding is a little different for USSD, as TS 03.38
states:
To avoid the situation where the receiving entity confuses 7 binary
zero pad bits as the @ character, the carriage return or <CR>
character shall be used for padding in this situation [...].
If <CR> is intended to be the last character and the message
(including the wanted <CR>) ends on an octet boundary, then another
<CR> must be added together with a padding bit 0. The receiving entity
will perform the carriage return function twice, but this will not
result in misoperation as the definition of <CR> [...] is identical to
the definition of <CR><CR>.
The receiving entity shall remove the final <CR> character where the
message ends on an octet boundary with <CR> as the last character.
Jacob has verified the fix with fakeBTS and the wireshark dissector.
Fixes: OW#947
Reviewed-by: Jacob Erlbeck <jerlbeck@sysmocom.de>
Compiled with ubuntu 1204 (precise), where -Wformat-security is enabled by
-Wall.
Test yields ok, but the current implementation doesn't properly support
multi-character separators and end strings. So the test output is truncated.
Addresses:
utils.c: In function 'vty_cmd_string_from_valstr':
utils.c:84:2: warning: format not a string literal and no format arguments [-Wformat-security]
utils.c:84:2: warning: format not a string literal and no format arguments [-Wformat-security]
utils.c:108:2: warning: format not a string literal and no format arguments [-Wformat-security]
utils.c:108:2: warning: format not a string literal and no format arguments [-Wformat-security]
The code most likely wanted to check the result of argv_concat.
To do this we need to dereference the dptr.
Logically dead code (DEADCODE)
dead_error_line: Execution cannot reach this statement "return 1;
Fixes: Coverity CID 1040675
lapdm.c takes the re-establishment message and forwards it to lapd_core.c,
so we can assume that msgb is set at primitive. In case there is data in
the re-establishment msg, it is moved into send_buffer. In case of no
data (0 length), it must be freed.
Fixes an issue spotted by Coverity Scan.
This reverts commit f996b05dbd
and 2b0cac4ef8. A detailed
explanation can be found here:
http://lists.osmocom.org/pipermail/openbsc/2013-July/004737.html
The short description is that:
1.) The API should return (as out parameter) the number of
octets used.
2.) The handling for the <CR> encoding only applies to USSD
and it is incomplete. On top of that it broke the SMS test.
To avoid the situation where the receiving entity confuses 7 binary zero pad
bits as the @ character, the carriage return or <CR> character shall be used
for padding in this situation.
If the datalink fails or if handover or assignment to a new channel fails,
it is re-establised by sending SABM again. The length of establish message
is 0 in this case. The length is used to differentiate between
re-establishment and contention resolution, which has to be handled
differently.
See TS 04.06 Chapter 5.4.2.1
It is impossible that the snprintf will fill the entire namebuf
but just follow the idiom to make sure it is null terminated.
Related: Coverity CID 1040676
These routines were not freeing vectors used for the lookup. On
review it is fixing another path not detected by coverity.
The danger is a double free in tab completion now. It is difficult
to test this.
Fixes: Coverity CID 23037, CID 23038
The &buf[3] is unlikely to be aligned properly. Use memcpy instead
of an assignment. Add a small testcase that verifies that I didn't
mess up the conversion.
Alignment trap: osmo-nitb (3293) PC=0x492b7094 Instr=0xe5803003 Address=0xbeb259db FSR 0x801
This already came up during review but now that Coverity complains
about it as well, let us just remove it. The variable is unsigned
so it can never be < 0.
Fixes: Coverity CID 1040669.
If the BTS tells us to not send any data at all anymore (bucket leak
rate of 0 bits per second), then we should respect this and not run into
a divide-by-zero. However, as this indicates complete overload, we
print a log message to that regard.
When a SABM(E) frame arrives, we have to trim the L2 padding (0x2b for
gsm) before handing the data off to L3, just like we do with I frames.
Also, we should use mggb_trim() or even msgb_l3trim() instead of
manually fiddling with msgb->length and ->tail pointers.
After reception of SABM, the network responds with UA and enters the
establised multiframe state. If UA is not received by mobile, the SABM
is transmitted again, and the network must respond with UA again, unless
it is from a different mobile.
Add LAPDm collision test (contention resolution on network side).
Only the Gb library relies on having undefined references to a
symbol that needs to be provided by the host application. For
all other libraries we can link with -no-undefined.
Seems the script I used to parse those had a bug where range of
bits in the 'decreasing' direction ( like 6..0 ) were not processed
properly.
Thanks to Andreas for noticing this !
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
Commit cd6ed82d1f made "EVERYTHING"
map to LOGL_DEBUG but when writing out the configuration the following
would be written:
logging level all unknown 0x0
This happend because no string was found for the value 0. Address it
by adding a legacy check for 0 and write out the str from the index
0. Currently this is "EVERYTHING".
The log target can be used via log alarms and show alarms.
Why? This feature was proposed/requested at
http://openbsc.osmocom.org/trac/wiki/Tasks/ErrorLogTarget
All messages use the same amount of space, prioritizing simplicity.
The log target can be used via log alarms and show alarms.
Why? This feature was proposed/requested at
http://openbsc.osmocom.org/trac/wiki/Tasks/ErrorLogTarget
All messages use the same amount of space, prioritizing simplicity.
As Holger points out "logging level XXX everything" wasn't working, as
it sets category->loglevel to 0, which is checked in osmo_vlogp() and
will never get logged.
This hides HIDDEN or DEPRECATED commands from showing up when the
full list of commands is inquired with '?' at any given point in the
command tree. Only if the hidden/deprecated command is already typed
in partially, then it will still tab-complete.
this will avoid printing 'abis_nm.c' as the filename in the log, which
is pretty useless during debugging. We want to know where
abis_nm_debugp_foh() is being used from, not where it is implemented.
We used 1ULL at one place and not the other ... at the same time,
we now use (uintXX_t) so that the proper type is used each time.
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
getaddrinfo returns EAI_SERVICE (-8) if that combination is used.
More information available in here:
http://sourceware.org/bugzilla/show_bug.cgi?id=15015
Reported by Holger Hans Peter Freyther.
While at it, this patch also removes hints.ai_flags = 0 as memset
to zero already happened just a bit before that.
This is essentially http://patchwork.diac24.net/patch/271/ forward
ported to libosmovty
Original-by: Paul Jakma <paul@quagga.net>
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
The second loop in osmo_revbytebits_buf() in src/bits.c grabs
4 bytes each iteration, which can easily go past the supplied
input in some cases.
Compiled with -fstack-protector , I get a "stack smashing detected"
in the bits test.
From: Nils O. Selåsdal <noselasd@fiane.dyndns.org>
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
This was found while implementing handover on a sysmobts. When we
receive a channel release request for a channel that was never really
activated (set_lapdm_context() was not called) we segfault in
lapd_recv_dlsap().
We now return early with -EINVAL in rslms_rx_rll() if we receive a
message that assumes set_lapdm_context() was already called.
These are:
* RSL_MT_UNIT_DATA_REQ
* RSL_MT_DATA_REQ
* RSL_MT_SUSP_REQ
* RSL_MT_REL_REQ
A test case was added to trigger the issue.
GCC 4.7.2 was already smart enough to see that the table is const
so there is no change in the generated assembly code. For some reason
the dispatch is still going through one relocation.
When OpenBSC is handling more than one message at a time it is difficult
to see which log message belongs to which SMR instance. Introduce a
uint64_t id that can be set to the row_id/message_id and prefix all
log messages with SMR(ID).
This change is ABI and API incompatible with previous versions of
libosmogsm.
When OpenBSC is handling more than one message at a time it is difficult
to see which log message belongs to which SMC. Introduce a uint64_t id
that can be set to the row_id/message_id and prefix all log messages
with SMC(ID).
This change is ABI and API incompatible with previous versions of
libosmogsm.
Example:
SMC(100) instance created
SMC(100) message MNSMS-EST-REQ received in state IDLE
When the connection may not released print the name of the current
state to ease with debugging and verification that this is not a
valid state transition.
Use FreeBSD struct iphdr definition for OSX also. From the commentary in
the source file:
On BSD the IPv4 struct is called struct ip and instead of iXX
the members are called ip_XX. One could change this code to use
struct ip but that would require to define _BSD_SOURCE and that
might have other complications. Instead make sure struct iphdr
is present on FreeBSD.
Prior to this fix, a persistent file or syslog log configuration
didn't work across an application re-start, as the
"logging filter all 1" was never saved and thus no messages were
logged.
Introduce a print_filename attribute for each logtarget. Initialize it
with 1 to be backward compatible with earlier versions. The bit is taken
from an existint bitfield. There were at least six bits left of the byte.
Include ctype.h to have a declaration of tolower.
utils.c: In function 'vty_cmd_string_from_valstr':
utils.c:95:6: warning: implicit declaration of function 'tolower' [-Wimplicit-function-declaration]
The comment explains why we don't care about the content of z,
stop storing it.
gsm_utils.c: In function 'gsm_7bit_encode':
gsm_utils.c:253:13: warning: variable 'z' set but not used [-Wunused-but-set-variable]
Applications should keep the log area in a static const area. Mark
the pointer as const to address compiler warnings in OpenBSC, cast
the const away for the osmo_log_info as it is not declared as const.
* add more comments on units of struct members
* make sure to parsre FC-BVC message correctly
* add error message in case user passes PDU larger than bucket size
* add new function to initialize flow control struct
This code is supposed to implement the BSSGP flow control algorithm,
both for the per-BSS and for the per-MS flow control.
The code currently has no test cases, they will come in a separate
commit.
This was fixed in 9c3dc90d16a40789081c84e46620f4d66689fec1 of
openbsc.git, after the sms code had been migrated here:
introduce HAVE_TM_GMTOFF_IN_TM
Not all architectures have the tm.tm_gmtoff member. This fixes cygwin builds.
Holger Hans Peter Freyther
Neels Hofmeyr
Harald Welte
Daniel Willmann
Sylvain Munaut
Alexander Huemer