Commit 6dd93287 authored by Lionel Gauthier's avatar Lionel Gauthier

commit my code before applying sebastian Held patches 13

git-svn-id: http://svn.eurecom.fr/openair4G/trunk@7045 818b1a75-f10b-46b9-bf7c-635c3b92a50f
parent 202f8cd0
...@@ -46,6 +46,7 @@ ...@@ -46,6 +46,7 @@
#include "NwGtpv1uLog.h" #include "NwGtpv1uLog.h"
#include "assertions.h" #include "assertions.h"
#include "intertask_interface.h"
#include "gtpv1u.h" #include "gtpv1u.h"
#if defined(ENB_MODE) #if defined(ENB_MODE)
...@@ -573,9 +574,10 @@ nwGtpv1uHandleEchoReq(NW_IN NwGtpv1uStackT *thiz, ...@@ -573,9 +574,10 @@ nwGtpv1uHandleEchoReq(NW_IN NwGtpv1uStackT *thiz,
NW_IN NwU16T peerPort, NW_IN NwU16T peerPort,
NW_IN NwU32T peerIp) NW_IN NwU32T peerIp)
{ {
NwGtpv1uRcT rc = NW_GTPV1U_FAILURE; NwGtpv1uRcT rc = NW_GTPV1U_FAILURE;
NwU16T seqNum = 0; NwU16T seqNum = 0;
NwGtpv1uMsgHandleT hMsg = 0; NwGtpv1uMsgHandleT hMsg = 0;
int bufLen = 0;
seqNum = ntohs(*(NwU16T *) (msgBuf + (((*msgBuf) & 0x02) ? 8 : 4))); seqNum = ntohs(*(NwU16T *) (msgBuf + (((*msgBuf) & 0x02) ? 8 : 4)));
...@@ -592,6 +594,13 @@ nwGtpv1uHandleEchoReq(NW_IN NwGtpv1uStackT *thiz, ...@@ -592,6 +594,13 @@ nwGtpv1uHandleEchoReq(NW_IN NwGtpv1uStackT *thiz,
0, 0,
(&hMsg)); (&hMsg));
bufLen = sizeof(NwGtpv1uIeTv1T)+ ((NwGtpv1uMsgT*)hMsg)->msgLen;
((NwGtpv1uMsgT*)hMsg)->msgBuf = itti_malloc(
TASK_GTPV1_U,
TASK_UDP,
bufLen);
((NwGtpv1uMsgT*)hMsg)->msgBufLen = bufLen;
NW_ASSERT(NW_GTPV1U_OK == rc); NW_ASSERT(NW_GTPV1U_OK == rc);
/* /*
......
...@@ -104,6 +104,9 @@ nwGtpv1uMsgNew( NW_IN NwGtpv1uStackHandleT hGtpuStackHandle, ...@@ -104,6 +104,9 @@ nwGtpv1uMsgNew( NW_IN NwGtpv1uStackHandleT hGtpuStackHandle,
4 : 0); 4 : 0);
//NW_GTPV1U_EPC_SPECIFIC_HEADER_SIZE : (NW_GTPV1U_EPC_SPECIFIC_HEADER_SIZE - 4)); //NW_GTPV1U_EPC_SPECIFIC_HEADER_SIZE : (NW_GTPV1U_EPC_SPECIFIC_HEADER_SIZE - 4));
pMsg->msgBuf = NULL;
pMsg->msgBufLen = 0;
pMsg->msgBufOffset = 0;
*phMsg = (NwGtpv1uMsgHandleT) pMsg; *phMsg = (NwGtpv1uMsgHandleT) pMsg;
return NW_GTPV1U_OK; return NW_GTPV1U_OK;
} }
......
...@@ -92,11 +92,9 @@ void generate_autn(u8 sqn[6], u8 ak[6], u8 amf[2], u8 mac_a[8], u8 autn[16]); ...@@ -92,11 +92,9 @@ void generate_autn(u8 sqn[6], u8 ak[6], u8 amf[2], u8 mac_a[8], u8 autn[16]);
int generate_vector(uint64_t imsi, uint8_t key[16], uint8_t plmn[3], int generate_vector(uint64_t imsi, uint8_t key[16], uint8_t plmn[3],
uint8_t sqn[6], auc_vector_t *vector); uint8_t sqn[6], auc_vector_t *vector);
inline
void kdf(uint8_t *key, uint16_t key_len, uint8_t *s, uint16_t s_len, uint8_t *out, void kdf(uint8_t *key, uint16_t key_len, uint8_t *s, uint16_t s_len, uint8_t *out,
uint16_t out_len); uint16_t out_len);
inline
void derive_kasme(uint8_t ck[16], uint8_t ik[16], uint8_t plmn[3], uint8_t sqn[6], void derive_kasme(uint8_t ck[16], uint8_t ik[16], uint8_t plmn[3], uint8_t sqn[6],
uint8_t ak[6], uint8_t kasme[32]); uint8_t ak[6], uint8_t kasme[32]);
......
...@@ -140,7 +140,6 @@ int generate_vector(uint64_t imsi, uint8_t key[16], uint8_t plmn[3], ...@@ -140,7 +140,6 @@ int generate_vector(uint64_t imsi, uint8_t key[16], uint8_t plmn[3],
uint8_t ck[16]; uint8_t ck[16];
uint8_t ik[16]; uint8_t ik[16];
uint8_t ak[6]; uint8_t ak[6];
int i;
if (vector == NULL) { if (vector == NULL) {
return EINVAL; return EINVAL;
......
...@@ -69,7 +69,7 @@ void generate_random(uint8_t *random_p, ssize_t length) ...@@ -69,7 +69,7 @@ void generate_random(uint8_t *random_p, ssize_t length)
// pthread_mutex_unlock(&random_state.lock); // pthread_mutex_unlock(&random_state.lock);
// mpz_export(random_p, NULL, 1, length, 0, 0, random_nb); // mpz_export(random_p, NULL, 1, length, 0, 0, random_nb);
int r = 0, i, mask = 0, shift; int i;//r = 0, mask = 0, shift;
for (i = 0; i < length; i ++) { for (i = 0; i < length; i ++) {
// if ((i % sizeof(i)) == 0) // if ((i % sizeof(i)) == 0)
......
## MySQL mandatory options ## MySQL mandatory options
MYSQL_server = "127.0.0.1"; MYSQL_server = "@MYSQL_server@";
MYSQL_user = "hssadmin"; MYSQL_user = "@MYSQL_user@";
MYSQL_pass = "admin"; MYSQL_pass = "@MYSQL_pass@";
MYSQL_db = "oai_db"; MYSQL_db = "@MYSQL_db@";
## HSS options
OPERATOR_key = "@OPERATOR_key@";
## Freediameter options ## Freediameter options
FD_conf = "@AM_CONF_DIR@/hss_fd.conf"; FD_conf = "@FREEDIAMETER_PATH@/../etc/freeDiameter/hss_fd.conf";
...@@ -51,7 +51,7 @@ echo "Creating HSS certificate for user '$HOSTNAME'.'$REALM'" ...@@ -51,7 +51,7 @@ echo "Creating HSS certificate for user '$HOSTNAME'.'$REALM'"
# openssl ca -cert cacert.pem -keyfile cakey.pem -in hss.csr.pem -out hss.cert.pem -outdir . -batch # openssl ca -cert cacert.pem -keyfile cakey.pem -in hss.csr.pem -out hss.cert.pem -outdir . -batch
# Create a Root Certification Authority Certificate # Create a Root Certification Authority Certificate
openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out cacert.pem -keyout cakey.pem -subj /CN=$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out hss.cacert.pem -keyout hss.cakey.pem -subj /CN=$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
# Generate a Private Key # Generate a Private Key
openssl genrsa -out hss.key.pem 1024 openssl genrsa -out hss.key.pem 1024
...@@ -60,7 +60,7 @@ openssl genrsa -out hss.key.pem 1024 ...@@ -60,7 +60,7 @@ openssl genrsa -out hss.key.pem 1024
openssl req -new -batch -out hss.csr.pem -key hss.key.pem -subj /CN=$HOSTNAME.$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM openssl req -new -batch -out hss.csr.pem -key hss.key.pem -subj /CN=$HOSTNAME.$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
# Certification authority # Certification authority
openssl ca -cert cacert.pem -keyfile cakey.pem -in hss.csr.pem -out hss.cert.pem -outdir . -batch openssl ca -cert hss.cacert.pem -keyfile hss.cakey.pem -in hss.csr.pem -out hss.cert.pem -outdir . -batch
if [ ! -d /usr/local/etc/freeDiameter ] if [ ! -d /usr/local/etc/freeDiameter ]
then then
...@@ -68,7 +68,7 @@ then ...@@ -68,7 +68,7 @@ then
sudo mkdir /usr/local/etc/freeDiameter/ sudo mkdir /usr/local/etc/freeDiameter/
fi fi
sudo cp -upv cakey.pem hss.cert.pem cacert.pem hss.key.pem /usr/local/etc/freeDiameter/ sudo cp -upv hss.cakey.pem hss.cert.pem hss.cacert.pem hss.key.pem /usr/local/etc/freeDiameter/
# openssl genrsa -out $hss.key.pem 1024 # openssl genrsa -out $hss.key.pem 1024
# openssl req -new -batch -out $hss.csr.pem -key $hss.key.pem -subj /CN=$hss.test.fr/C=FR/ST=Biot/L=Aix/O=test.fr/OU=mobiles # openssl req -new -batch -out $hss.csr.pem -key $hss.key.pem -subj /CN=$hss.test.fr/C=FR/ST=Biot/L=Aix/O=test.fr/OU=mobiles
......
...@@ -377,7 +377,6 @@ int hss_mysql_push_rand_sqn(const char *imsi, uint8_t *rand_p, uint8_t *sqn) ...@@ -377,7 +377,6 @@ int hss_mysql_push_rand_sqn(const char *imsi, uint8_t *rand_p, uint8_t *sqn)
{ {
int status = 0, i; int status = 0, i;
MYSQL_RES *res; MYSQL_RES *res;
MYSQL_ROW row;
char query[255]; char query[255];
int query_length = 0; int query_length = 0;
uint64_t sqn_decimal = 0; uint64_t sqn_decimal = 0;
......
...@@ -29,6 +29,7 @@ ...@@ -29,6 +29,7 @@
#include <stdio.h> #include <stdio.h>
#include <stdint.h> #include <stdint.h>
#include <pthread.h>
#include <mysql/mysql.h> #include <mysql/mysql.h>
#include <netinet/in.h> /* To provide internet addresses strings helpers */ #include <netinet/in.h> /* To provide internet addresses strings helpers */
......
...@@ -34,9 +34,12 @@ ...@@ -34,9 +34,12 @@
* \version 0.1 * \version 0.1
*/ */
#include <freeDiameter/freeDiameter-host.h>
#include <freeDiameter/libfdproto.h>
#include <stdint.h> #include <stdint.h>
#include <string.h> #include <string.h>
#include <inttypes.h> #include <inttypes.h>
#include <pthread.h>
#include "hss_config.h" #include "hss_config.h"
#include "db_proto.h" #include "db_proto.h"
......
...@@ -31,7 +31,7 @@ ...@@ -31,7 +31,7 @@
#include "db_proto.h" #include "db_proto.h"
#include "s6a_proto.h" #include "s6a_proto.h"
inline char *experimental_retcode_2_string(int ret_code) char *experimental_retcode_2_string(int ret_code)
{ {
switch(ret_code) { switch(ret_code) {
/* Experimental-Result-Codes */ /* Experimental-Result-Codes */
...@@ -55,7 +55,7 @@ inline char *experimental_retcode_2_string(int ret_code) ...@@ -55,7 +55,7 @@ inline char *experimental_retcode_2_string(int ret_code)
return "DIAMETER_AVP_UNSUPPORTED"; return "DIAMETER_AVP_UNSUPPORTED";
} }
inline char *retcode_2_string(int ret_code) char *retcode_2_string(int ret_code)
{ {
switch(ret_code) { switch(ret_code) {
case ER_DIAMETER_SUCCESS: case ER_DIAMETER_SUCCESS:
......
...@@ -51,7 +51,7 @@ static struct session_handler *s6a_reg = NULL; ...@@ -51,7 +51,7 @@ static struct session_handler *s6a_reg = NULL;
static struct disp_hdl *handle; static struct disp_hdl *handle;
s6a_cnf_t s6a_cnf; s6a_cnf_t s6a_cnf;
#if !defined(FREEDIAMETER_VERSION_1_2_0) #if FREEDIAMETER_VERSION < 120
void s6a_cli_sess_cleanup(void * arg, char * sid, void * opaque); void s6a_cli_sess_cleanup(void * arg, char * sid, void * opaque);
void s6a_cli_sess_cleanup(void * arg, char * sid, void * opaque) void s6a_cli_sess_cleanup(void * arg, char * sid, void * opaque)
...@@ -311,7 +311,7 @@ int s6a_init(hss_config_t *hss_config_p) ...@@ -311,7 +311,7 @@ int s6a_init(hss_config_t *hss_config_p)
} }
/* Create handler for sessions */ /* Create handler for sessions */
#if !defined(FREEDIAMETER_VERSION_1_2_0) #if FREEDIAMETER_VERSION < 120
CHECK_FCT(fd_sess_handler_create(&s6a_reg, s6a_cli_sess_cleanup, NULL)); CHECK_FCT(fd_sess_handler_create(&s6a_reg, s6a_cli_sess_cleanup, NULL));
#else #else
session_state_dump dumper; session_state_dump dumper;
......
...@@ -232,7 +232,7 @@ int s6a_add_result_code(struct msg *ans, struct avp *failed_avp, ...@@ -232,7 +232,7 @@ int s6a_add_result_code(struct msg *ans, struct avp *failed_avp,
int s6a_add_ipv4_address(struct avp *avp, const char *ipv4_addr); int s6a_add_ipv4_address(struct avp *avp, const char *ipv4_addr);
int s6a_add_ipv6_address(struct avp *avp, const char *ipv6_addr); int s6a_add_ipv6_address(struct avp *avp, const char *ipv6_addr);
inline char *experimental_retcode_2_string(int ret_code); char *experimental_retcode_2_string(int ret_code);
inline char *retcode_2_string(int ret_code); char *retcode_2_string(int ret_code);
#endif /* S6A_PROTO_H_ */ #endif /* S6A_PROTO_H_ */
...@@ -34,6 +34,9 @@ ...@@ -34,6 +34,9 @@
* \version 0.1 * \version 0.1
*/ */
#include <freeDiameter/freeDiameter-host.h>
#include <freeDiameter/libfdproto.h>
#include "hss_config.h" #include "hss_config.h"
#include "db_proto.h" #include "db_proto.h"
#include "s6a_proto.h" #include "s6a_proto.h"
......
...@@ -34,6 +34,8 @@ ...@@ -34,6 +34,8 @@
* \version 0.1 * \version 0.1
*/ */
#include <freeDiameter/freeDiameter-host.h>
#include <freeDiameter/libfdproto.h>
#include "hss_config.h" #include "hss_config.h"
#include "db_proto.h" #include "db_proto.h"
#include "s6a_proto.h" #include "s6a_proto.h"
......
...@@ -42,15 +42,30 @@ ...@@ -42,15 +42,30 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <unistd.h> #include <unistd.h>
#include <stdint.h>
#include <errno.h> #include <errno.h>
#include <getopt.h> #include <getopt.h>
#include "hss_config.h" #include "hss_config.h"
#include "hss_parser.h" #include "hss_parser.h"
#ifndef PACKAGE_NAME
#define PACKAGE_NAME "OPENAIR-HSS"
#endif
#ifndef PACKAGE_VERSION
#define PACKAGE_VERSION "UNKNOWN-EXPERIMENTAL"
#endif
#ifndef PACKAGE_BUGREPORT
#define PACKAGE_BUGREPORT "openair4G-devel@eurecom.fr"
#endif
// LG TODO fd_g_debug_lvl
int fd_g_debug_lvl = 1;
/* YACC forward declarations */ /* YACC forward declarations */
extern int yyparse (struct hss_config_s *hss_config_p); extern int yyparse (struct hss_config_s *hss_config_p);
extern uint8_t OP[16];
static int config_parse_command_line(int argc, char *argv[], static int config_parse_command_line(int argc, char *argv[],
hss_config_t *hss_config_p); hss_config_t *hss_config_p);
static int config_parse_file(hss_config_t *hss_config_p); static int config_parse_file(hss_config_t *hss_config_p);
...@@ -82,7 +97,37 @@ int config_init(int argc, char *argv[], hss_config_t *hss_config_p) ...@@ -82,7 +97,37 @@ int config_init(int argc, char *argv[], hss_config_t *hss_config_p)
abort(); abort();
} }
config_display(hss_config_p); config_display(hss_config_p);
return ret;
// post processing for op key
if (hss_config_p->operator_key) {
if (strlen(hss_config_p->operator_key) == 32) {
ret = sscanf(hss_config_p->operator_key,
"%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
(unsigned int*)&OP[0],(unsigned int*)&OP[1],
(unsigned int*)&OP[2],(unsigned int*)&OP[3],
(unsigned int*)&OP[4],(unsigned int*)&OP[5],
(unsigned int*)&OP[6],(unsigned int*)&OP[7],
(unsigned int*)&OP[8],(unsigned int*)&OP[9],
(unsigned int*)&OP[10],(unsigned int*)&OP[11],
(unsigned int*)&OP[12],(unsigned int*)&OP[13],
(unsigned int*)&OP[14],(unsigned int*)&OP[15]);
if (ret != 16) {
fprintf(stderr,
"Error in configuration file: operator key: %s\n",
hss_config_p->operator_key);
abort();
}
} else {
fprintf(stderr,
"Error in configuration file: operator key length != 32 (16 hex bytes): %s\n",
hss_config_p->operator_key);
abort();
}
} else {
fprintf(stderr, "Error in configuration file: operator key is null\n");
abort();
}
return 0;
} }
static void display_banner(void) static void display_banner(void)
...@@ -119,6 +164,9 @@ static void config_display(hss_config_t *hss_config_p) ...@@ -119,6 +164,9 @@ static void config_display(hss_config_t *hss_config_p)
fprintf(stdout, "* FreeDiameter:\n"); fprintf(stdout, "* FreeDiameter:\n");
fprintf(stdout, "\t- Conf file ........: %s\n", fprintf(stdout, "\t- Conf file ........: %s\n",
hss_config_p->freediameter_config); hss_config_p->freediameter_config);
fprintf(stdout, "* Security:\n");
fprintf(stdout, "\t- Operator key......: %s\n",
hss_config_p->operator_key);
} }
static int config_parse_command_line(int argc, char *argv[], static int config_parse_command_line(int argc, char *argv[],
......
...@@ -35,6 +35,9 @@ typedef struct hss_config_s { ...@@ -35,6 +35,9 @@ typedef struct hss_config_s {
char *mysql_password; char *mysql_password;
char *mysql_database; char *mysql_database;
char *operator_key;
/* The freediameter configuration file */ /* The freediameter configuration file */
char *freediameter_config; char *freediameter_config;
......
...@@ -69,6 +69,7 @@ int fddlex(YYSTYPE *lvalp, YYLTYPE *llocp); ...@@ -69,6 +69,7 @@ int fddlex(YYSTYPE *lvalp, YYLTYPE *llocp);
%token MYSQL_SERVER %token MYSQL_SERVER
%token MYSQL_PASS %token MYSQL_PASS
%token MYSQL_DB %token MYSQL_DB
%token OPERATOR_KEY
%% %%
conffile: /* Empty is OK -- for simplicity here, we reject in daemon later */ conffile: /* Empty is OK -- for simplicity here, we reject in daemon later */
...@@ -76,6 +77,7 @@ conffile: /* Empty is OK -- for simplicity here, we reject in daemon later ...@@ -76,6 +77,7 @@ conffile: /* Empty is OK -- for simplicity here, we reject in daemon later
| conffile mysql_server | conffile mysql_server
| conffile mysql_user | conffile mysql_user
| conffile mysql_pass | conffile mysql_pass
| conffile operator_key
| conffile fdconf | conffile fdconf
| conffile errors | conffile errors
{ {
...@@ -108,6 +110,12 @@ mysql_server: MYSQL_SERVER '=' QSTRING ';' ...@@ -108,6 +110,12 @@ mysql_server: MYSQL_SERVER '=' QSTRING ';'
} }
; ;
operator_key: OPERATOR_KEY '=' QSTRING ';'
{
hss_config_p->operator_key = $3;
}
;
fdconf: FDCONF '=' QSTRING ';' fdconf: FDCONF '=' QSTRING ';'
{ {
hss_config_p->freediameter_config = $3; hss_config_p->freediameter_config = $3;
......
...@@ -113,6 +113,7 @@ qstring \"[^\"\n]*\" ...@@ -113,6 +113,7 @@ qstring \"[^\"\n]*\"
(?i:"MYSQL_user") { return MYSQL_USER; } (?i:"MYSQL_user") { return MYSQL_USER; }
(?i:"MYSQL_pass") { return MYSQL_PASS; } (?i:"MYSQL_pass") { return MYSQL_PASS; }
(?i:"MYSQL_db") { return MYSQL_DB; } (?i:"MYSQL_db") { return MYSQL_DB; }
(?i:"OPERATOR_key") { return OPERATOR_KEY; }
/* Valid single characters for yyparse */ /* Valid single characters for yyparse */
<*>[=,:;{}] { return yytext[0]; } <*>[=,:;{}] { return yytext[0]; }
......
...@@ -45,11 +45,11 @@ HOSTNAME=$(hostname -f) ...@@ -45,11 +45,11 @@ HOSTNAME=$(hostname -f)
echo "Creating MME certificate for user '$HOSTNAME'.'$REALM'" echo "Creating MME certificate for user '$HOSTNAME'.'$REALM'"
# CA self certificate # CA self certificate
openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out cacert.pem -keyout cakey.pem -subj /CN=$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out mme.cacert.pem -keyout mme.cakey.pem -subj /CN=$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
openssl genrsa -out user.key.pem 1024 openssl genrsa -out mme.key.pem 1024
openssl req -new -batch -out user.csr.pem -key user.key.pem -subj /CN=$HOSTNAME.$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM openssl req -new -batch -out mme.csr.pem -key mme.key.pem -subj /CN=$HOSTNAME.$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
openssl ca -cert cacert.pem -keyfile cakey.pem -in user.csr.pem -out user.cert.pem -outdir . -batch openssl ca -cert mme.cacert.pem -keyfile mme.cakey.pem -in mme.csr.pem -out mme.cert.pem -outdir . -batch
if [ ! -d /usr/local/etc/freeDiameter ] if [ ! -d /usr/local/etc/freeDiameter ]
then then
...@@ -57,7 +57,7 @@ then ...@@ -57,7 +57,7 @@ then
sudo mkdir /usr/local/etc/freeDiameter/ sudo mkdir /usr/local/etc/freeDiameter/
fi fi
sudo cp -uv user.key.pem user.cert.pem cacert.pem cakey.pem /usr/local/etc/freeDiameter/ sudo cp -uv mme.key.pem mme.cert.pem mme.cacert.pem mme.cakey.pem /usr/local/etc/freeDiameter/
# openssl genrsa -out ubuntu.key.pem 1024 # openssl genrsa -out ubuntu.key.pem 1024
# openssl req -new -batch -x509 -out ubuntu.csr.pem -key ubuntu.key.pem -subj /CN=ubuntu.localdomain/C=FR/ST=BdR/L=Aix/O=fD/OU=Tests # openssl req -new -batch -x509 -out ubuntu.csr.pem -key ubuntu.key.pem -subj /CN=ubuntu.localdomain/C=FR/ST=BdR/L=Aix/O=fD/OU=Tests
......
...@@ -59,12 +59,12 @@ void s6a_peer_connected_cb(struct peer_info *info, void *arg) ...@@ -59,12 +59,12 @@ void s6a_peer_connected_cb(struct peer_info *info, void *arg)
itti_send_msg_to_task(TASK_S1AP, INSTANCE_DEFAULT, message_p); itti_send_msg_to_task(TASK_S1AP, INSTANCE_DEFAULT, message_p);
#if ! defined(ENABLE_USE_GTPU_IN_KERNEL)
/* Inform SGI that connection to HSS is established */ /* Inform SGI that connection to HSS is established */
message_p = itti_alloc_new_message(TASK_S6A, ACTIVATE_MESSAGE); message_p = itti_alloc_new_message(TASK_S6A, ACTIVATE_MESSAGE);
itti_send_msg_to_task(TASK_FW_IP, INSTANCE_DEFAULT, message_p); itti_send_msg_to_task(TASK_FW_IP, INSTANCE_DEFAULT, message_p);
#endif
} }
/* For test */ /* For test */
......
...@@ -136,13 +136,13 @@ int sgw_lite_init(char* config_file_name_pP) ...@@ -136,13 +136,13 @@ int sgw_lite_init(char* config_file_name_pP)
spgw_system("iptables -t filter -F", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("iptables -t filter -F", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("iptables -t raw -F", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("iptables -t raw -F", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("ip route flush cache", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("ip route flush cache", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod iptable_raw > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("rmmod iptable_raw > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod iptable_mangle > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("rmmod iptable_mangle > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod iptable_nat > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("rmmod iptable_nat > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod iptable_filter > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("rmmod iptable_filter > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod ip_tables > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("rmmod ip_tables > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod xt_state xt_mark xt_GTPUAH xt_GTPURH xt_tcpudp xt_connmark ipt_LOG ipt_MASQUERADE > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("rmmod xt_state xt_mark xt_GTPUAH xt_GTPURH xt_tcpudp xt_connmark ipt_LOG ipt_MASQUERADE > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod x_tables > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("rmmod x_tables > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod nf_conntrack_netlink nfnetlink nf_nat nf_conntrack_ipv4 nf_conntrack > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("rmmod nf_conntrack_netlink nfnetlink nf_nat nf_conntrack_ipv4 nf_conntrack > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("modprobe ip_tables", SPGW_ABORT_ON_ERROR, __FILE__, __LINE__); spgw_system("modprobe ip_tables", SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
spgw_system("modprobe x_tables", SPGW_ABORT_ON_ERROR, __FILE__, __LINE__); spgw_system("modprobe x_tables", SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
...@@ -152,6 +152,7 @@ int sgw_lite_init(char* config_file_name_pP) ...@@ -152,6 +152,7 @@ int sgw_lite_init(char* config_file_name_pP)
spgw_system("sysctl -w net.ipv4.conf.all.log_martians=1",SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("sysctl -w net.ipv4.conf.all.log_martians=1",SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("sysctl -w net.ipv4.conf.all.route_localnet=1",SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("sysctl -w net.ipv4.conf.all.route_localnet=1",SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("sysctl -w net.ipv4.conf.all.rp_filter=0",SPGW_WARN_ON_ERROR, __FILE__, __LINE__); spgw_system("sysctl -w net.ipv4.conf.all.rp_filter=0",SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("sync", SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
#endif #endif
spgw_config_init(config_file_name_pP, &spgw_config); spgw_config_init(config_file_name_pP, &spgw_config);
pgw_lite_load_pool_ip_addresses(); pgw_lite_load_pool_ip_addresses();
......
...@@ -619,7 +619,6 @@ int spgw_config_init(char* lib_config_file_name_pP, spgw_config_t* config_pP) { ...@@ -619,7 +619,6 @@ int spgw_config_init(char* lib_config_file_name_pP, spgw_config_t* config_pP) {
STAILQ_INSERT_TAIL(&config_pP->pgw_config.pgw_lite_ipv4_pool_list, ip4_ref, ipv4_entries); STAILQ_INSERT_TAIL(&config_pP->pgw_config.pgw_lite_ipv4_pool_list, ip4_ref, ipv4_entries);
counter64 = counter64 - 1; counter64 = counter64 - 1;
} while (counter64 > 0); } while (counter64 > 0);
//--------------- //---------------
if (config_pP->pgw_config.pgw_masquerade_SGI) { if (config_pP->pgw_config.pgw_masquerade_SGI) {
in_addr_var.s_addr = config_pP->pgw_config.ipv4.pgw_ipv4_address_for_SGI; in_addr_var.s_addr = config_pP->pgw_config.ipv4.pgw_ipv4_address_for_SGI;
...@@ -636,7 +635,6 @@ int spgw_config_init(char* lib_config_file_name_pP, spgw_config_t* config_pP) { ...@@ -636,7 +635,6 @@ int spgw_config_init(char* lib_config_file_name_pP, spgw_config_t* config_pP) {
SPGW_APP_ERROR("Masquerade SGI\n"); SPGW_APP_ERROR("Masquerade SGI\n");
} }
} }
} else { } else {
SPGW_APP_ERROR("CONFIG POOL ADDR IPV4: BAD MASQ: %s\n", atoken2); SPGW_APP_ERROR("CONFIG POOL ADDR IPV4: BAD MASQ: %s\n", atoken2);
} }
......
# -------- Local --------- # -------- Local ---------
# Uncomment if the framework cannot resolv it. # Uncomment if the framework cannot resolv it.
Identity = "@HOSTNAME@.pft"; Identity = "@MME_FQDN@";
Realm = "pft"; Realm = "@REALM@";
# TLS configuration (see previous section) # TLS configuration (see previous section)
TLS_Cred = "/usr/local/etc/freeDiameter/user.cert.pem", TLS_Cred = "${FREEDIAMETER_PATH}/../etc/freeDiameter/mme.cert.pem",
"/usr/local/etc/freeDiameter/user.key.pem"; "${FREEDIAMETER_PATH}/../etc/freeDiameter/mme.key.pem";
TLS_CA = "/usr/local/etc/freeDiameter/cacert.pem"; TLS_CA = "${FREEDIAMETER_PATH}/../etc/freeDiameter/mme.cacert.pem";
# Disable use of TCP protocol (only listen and connect in SCTP) # Disable use of TCP protocol (only listen and connect in SCTP)
# Default : TCP enabled # Default : TCP enabled
No_TCP; @TRANSPORT_option@;
#No_SCTP;
# This option is ignored if freeDiameter is compiled with DISABLE_SCTP option.
# Prefer TCP instead of SCTP for establishing new connections.
# This setting may be overwritten per peer in peer configuration blocs.
# Default : SCTP is attempted first.
@TRANSPORT_PREFER_TCP_option@;
No_IPv6; No_IPv6;
# Overwrite the number of SCTP streams. This value should be kept low,
# especially if you are using TLS over SCTP, because it consumes a lot of
# resources in that case. See tickets 19 and 27 for some additional details on
# this.
# Limit the number of SCTP streams # Limit the number of SCTP streams
SCTP_streams = 15; SCTP_streams = 3;
# By default, freeDiameter acts as a Diameter Relay Agent by forwarding all
# messages it cannot handle locally. This parameter disables this behavior.
NoRelay; NoRelay;
TLS_old_method; TLS_old_method;
AppServThreads = 1; AppServThreads = 1;
#ListenOn = "192.168.57.100"; # Specify the addresses on which to bind the listening server. This must be
# specified if the framework is unable to auto-detect these addresses, or if the
# auto-detected values are incorrect. Note that the list of addresses is sent
# in CER or CEA message, so one should pay attention to this parameter if some
# adresses should be kept hidden.
@ListenOn@
@DIAMETER_PORT@;
@DIAMETER_SEC_PORT@;
#Port = 3870;
#SecPort = 3871;
# -------- Extensions --------- # -------- Extensions ---------
# Uncomment (and create rtd.conf) to specify routing table for this peer. # Uncomment (and create rtd.conf) to specify routing table for this peer.
...@@ -62,5 +86,12 @@ LoadExtension = "dict_s6a.fdx"; ...@@ -62,5 +86,12 @@ LoadExtension = "dict_s6a.fdx";
# with the peers listed here. # with the peers listed here.
# For only accepting incoming connections, see the acl_wl.fx extension. # For only accepting incoming connections, see the acl_wl.fx extension.
# ConnectPeer = "hss.test.fr" { ConnectTo = "192.168.56.101"; No_IPv6; No_TCP; Port = 3868; Realm = "test.fr"; }; # ConnectPeer
#ConnectPeer = "hss.pft" { ConnectTo = "192.168.14.17"; No_IPv6; Port = 3868; }; # Declare a remote peer to which this peer must maintain a connection.
# In addition, this allows specifying non-default parameters for this peer only
# (for example disable SCTP with this peer, or use RFC3588-flavour TLS).
# Note that by default, if a peer is not listed as a ConnectPeer entry, an
# incoming connection from this peer will be rejected. If you want to accept
# incoming connections from other peers, see the acl_wl.fdx? extension which
# allows exactly this.
@ConnectPeer@ = "@HSS_FQDN@" { ConnectTo = "@HSS_IP@"; No_IPv6; No_TLS ; port = 3868; Realm = "@REALM@"; };
...@@ -38,6 +38,7 @@ ...@@ -38,6 +38,7 @@
// From http://www.itu.int/pub/T-SP-E.212B-2014 // From http://www.itu.int/pub/T-SP-E.212B-2014
const mcc_mnc_list_t mcc_mnc_list[] = { const mcc_mnc_list_t mcc_mnc_list[] = {
{001, "01"},
{412, "01"}, {412, "01"},
{412, "20"}, {412, "20"},
{412, "40"}, {412, "40"},
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment