From 6dd93287e66bf581b7f332cc6163456e0eeebd30 Mon Sep 17 00:00:00 2001
From: Lionel Gauthier <lionel.gauthier@eurecom.fr>
Date: Thu, 9 Apr 2015 09:06:52 +0000
Subject: [PATCH] commit my code before applying sebastian Held patches 13
git-svn-id: http://svn.eurecom.fr/openair4G/trunk@7045 818b1a75-f10b-46b9-bf7c-635c3b92a50f
---
openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1u.c | 13 ++++-
.../GTPV1-U/nw-gtpv1u/src/NwGtpv1uMsg.c | 3 +
openair-cn/OPENAIRHSS/auc/auc.h | 2 -
openair-cn/OPENAIRHSS/auc/kdf.c | 1 -
openair-cn/OPENAIRHSS/auc/random.c | 2 +-
openair-cn/OPENAIRHSS/conf/hss.conf.in | 13 +++--
openair-cn/OPENAIRHSS/conf/make_certs.sh | 6 +-
openair-cn/OPENAIRHSS/db/db_connector.c | 1 -
openair-cn/OPENAIRHSS/db/db_proto.h | 1 +
openair-cn/OPENAIRHSS/s6a/s6a_auth_info.c | 3 +
openair-cn/OPENAIRHSS/s6a/s6a_error.c | 4 +-
openair-cn/OPENAIRHSS/s6a/s6a_fd.c | 4 +-
openair-cn/OPENAIRHSS/s6a/s6a_proto.h | 4 +-
openair-cn/OPENAIRHSS/s6a/s6a_purge_ue.c | 3 +
openair-cn/OPENAIRHSS/s6a/s6a_up_loc.c | 2 +
openair-cn/OPENAIRHSS/utils/hss_config.c | 52 ++++++++++++++++-
openair-cn/OPENAIRHSS/utils/hss_config.h | 3 +
openair-cn/OPENAIRHSS/utils/hss_parser.y | 8 +++
openair-cn/OPENAIRHSS/utils/hss_scanner.l | 1 +
openair-cn/S6A/freediameter/make_certs.sh | 10 ++--
openair-cn/S6A/s6a_peer.c | 4 +-
openair-cn/SGW-LITE/sgw_lite_task.c | 9 +--
openair-cn/SGW-LITE/spgw_config.c | 2 -
openair-cn/UTILS/CONF/s6a.conf.in | 57 ++++++++++++++-----
openair-cn/UTILS/mcc_mnc_itu.c | 1 +
25 files changed, 160 insertions(+), 49 deletions(-)
diff --git a/openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1u.c b/openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1u.c
index 0ee4e0a8443..a85b239dce7 100644
--- a/openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1u.c
+++ b/openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1u.c
@@ -46,6 +46,7 @@
#include "NwGtpv1uLog.h"
#include "assertions.h"
+#include "intertask_interface.h"
#include "gtpv1u.h"
#if defined(ENB_MODE)
@@ -573,9 +574,10 @@ nwGtpv1uHandleEchoReq(NW_IN NwGtpv1uStackT *thiz,
NW_IN NwU16T peerPort,
NW_IN NwU32T peerIp)
{
- NwGtpv1uRcT rc = NW_GTPV1U_FAILURE;
+ NwGtpv1uRcT rc = NW_GTPV1U_FAILURE;
NwU16T seqNum = 0;
- NwGtpv1uMsgHandleT hMsg = 0;
+ NwGtpv1uMsgHandleT hMsg = 0;
+ int bufLen = 0;
seqNum = ntohs(*(NwU16T *) (msgBuf + (((*msgBuf) & 0x02) ? 8 : 4)));
@@ -592,6 +594,13 @@ nwGtpv1uHandleEchoReq(NW_IN NwGtpv1uStackT *thiz,
0,
(&hMsg));
+ bufLen = sizeof(NwGtpv1uIeTv1T)+ ((NwGtpv1uMsgT*)hMsg)->msgLen;
+
+ ((NwGtpv1uMsgT*)hMsg)->msgBuf = itti_malloc(
+ TASK_GTPV1_U,
+ TASK_UDP,
+ bufLen);
+ ((NwGtpv1uMsgT*)hMsg)->msgBufLen = bufLen;
NW_ASSERT(NW_GTPV1U_OK == rc);
/*
diff --git a/openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1uMsg.c b/openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1uMsg.c
index 021042d24e1..9fa1b28b483 100644
--- a/openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1uMsg.c
+++ b/openair-cn/GTPV1-U/nw-gtpv1u/src/NwGtpv1uMsg.c
@@ -104,6 +104,9 @@ nwGtpv1uMsgNew( NW_IN NwGtpv1uStackHandleT hGtpuStackHandle,
4 : 0);
//NW_GTPV1U_EPC_SPECIFIC_HEADER_SIZE : (NW_GTPV1U_EPC_SPECIFIC_HEADER_SIZE - 4));
+ pMsg->msgBuf = NULL;
+ pMsg->msgBufLen = 0;
+ pMsg->msgBufOffset = 0;
*phMsg = (NwGtpv1uMsgHandleT) pMsg;
return NW_GTPV1U_OK;
}
diff --git a/openair-cn/OPENAIRHSS/auc/auc.h b/openair-cn/OPENAIRHSS/auc/auc.h
index 7f2e64a69b4..c8fc77364c3 100644
--- a/openair-cn/OPENAIRHSS/auc/auc.h
+++ b/openair-cn/OPENAIRHSS/auc/auc.h
@@ -92,11 +92,9 @@ void generate_autn(u8 sqn[6], u8 ak[6], u8 amf[2], u8 mac_a[8], u8 autn[16]);
int generate_vector(uint64_t imsi, uint8_t key[16], uint8_t plmn[3],
uint8_t sqn[6], auc_vector_t *vector);
-inline
void kdf(uint8_t *key, uint16_t key_len, uint8_t *s, uint16_t s_len, uint8_t *out,
uint16_t out_len);
-inline
void derive_kasme(uint8_t ck[16], uint8_t ik[16], uint8_t plmn[3], uint8_t sqn[6],
uint8_t ak[6], uint8_t kasme[32]);
diff --git a/openair-cn/OPENAIRHSS/auc/kdf.c b/openair-cn/OPENAIRHSS/auc/kdf.c
index 2ae9c5e91ae..cfab5522c73 100644
--- a/openair-cn/OPENAIRHSS/auc/kdf.c
+++ b/openair-cn/OPENAIRHSS/auc/kdf.c
@@ -140,7 +140,6 @@ int generate_vector(uint64_t imsi, uint8_t key[16], uint8_t plmn[3],
uint8_t ck[16];
uint8_t ik[16];
uint8_t ak[6];
- int i;
if (vector == NULL) {
return EINVAL;
diff --git a/openair-cn/OPENAIRHSS/auc/random.c b/openair-cn/OPENAIRHSS/auc/random.c
index a05f1fd878f..f586e679e3a 100644
--- a/openair-cn/OPENAIRHSS/auc/random.c
+++ b/openair-cn/OPENAIRHSS/auc/random.c
@@ -69,7 +69,7 @@ void generate_random(uint8_t *random_p, ssize_t length)
// pthread_mutex_unlock(&random_state.lock);
// mpz_export(random_p, NULL, 1, length, 0, 0, random_nb);
- int r = 0, i, mask = 0, shift;
+ int i;//r = 0, mask = 0, shift;
for (i = 0; i < length; i ++) {
// if ((i % sizeof(i)) == 0)
diff --git a/openair-cn/OPENAIRHSS/conf/hss.conf.in b/openair-cn/OPENAIRHSS/conf/hss.conf.in
index fd4a1ef3c7c..4c5e4c7d93c 100644
--- a/openair-cn/OPENAIRHSS/conf/hss.conf.in
+++ b/openair-cn/OPENAIRHSS/conf/hss.conf.in
@@ -1,8 +1,11 @@
## MySQL mandatory options
-MYSQL_server = "127.0.0.1";
-MYSQL_user = "hssadmin";
-MYSQL_pass = "admin";
-MYSQL_db = "oai_db";
+MYSQL_server = "@MYSQL_server@";
+MYSQL_user = "@MYSQL_user@";
+MYSQL_pass = "@MYSQL_pass@";
+MYSQL_db = "@MYSQL_db@";
+
+## HSS options
+OPERATOR_key = "@OPERATOR_key@";
## Freediameter options
-FD_conf = "@AM_CONF_DIR@/hss_fd.conf";
+FD_conf = "@FREEDIAMETER_PATH@/../etc/freeDiameter/hss_fd.conf";
diff --git a/openair-cn/OPENAIRHSS/conf/make_certs.sh b/openair-cn/OPENAIRHSS/conf/make_certs.sh
index 3e5568ad01d..181c49912dd 100755
--- a/openair-cn/OPENAIRHSS/conf/make_certs.sh
+++ b/openair-cn/OPENAIRHSS/conf/make_certs.sh
@@ -51,7 +51,7 @@ echo "Creating HSS certificate for user '$HOSTNAME'.'$REALM'"
# openssl ca -cert cacert.pem -keyfile cakey.pem -in hss.csr.pem -out hss.cert.pem -outdir . -batch
# Create a Root Certification Authority Certificate
-openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out cacert.pem -keyout cakey.pem -subj /CN=$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
+openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out hss.cacert.pem -keyout hss.cakey.pem -subj /CN=$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
# Generate a Private Key
openssl genrsa -out hss.key.pem 1024
@@ -60,7 +60,7 @@ openssl genrsa -out hss.key.pem 1024
openssl req -new -batch -out hss.csr.pem -key hss.key.pem -subj /CN=$HOSTNAME.$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
# Certification authority
-openssl ca -cert cacert.pem -keyfile cakey.pem -in hss.csr.pem -out hss.cert.pem -outdir . -batch
+openssl ca -cert hss.cacert.pem -keyfile hss.cakey.pem -in hss.csr.pem -out hss.cert.pem -outdir . -batch
if [ ! -d /usr/local/etc/freeDiameter ]
then
@@ -68,7 +68,7 @@ then
sudo mkdir /usr/local/etc/freeDiameter/
fi
-sudo cp -upv cakey.pem hss.cert.pem cacert.pem hss.key.pem /usr/local/etc/freeDiameter/
+sudo cp -upv hss.cakey.pem hss.cert.pem hss.cacert.pem hss.key.pem /usr/local/etc/freeDiameter/
# openssl genrsa -out $hss.key.pem 1024
# openssl req -new -batch -out $hss.csr.pem -key $hss.key.pem -subj /CN=$hss.test.fr/C=FR/ST=Biot/L=Aix/O=test.fr/OU=mobiles
diff --git a/openair-cn/OPENAIRHSS/db/db_connector.c b/openair-cn/OPENAIRHSS/db/db_connector.c
index f841e0db6ae..3e070d0c3db 100644
--- a/openair-cn/OPENAIRHSS/db/db_connector.c
+++ b/openair-cn/OPENAIRHSS/db/db_connector.c
@@ -377,7 +377,6 @@ int hss_mysql_push_rand_sqn(const char *imsi, uint8_t *rand_p, uint8_t *sqn)
{
int status = 0, i;
MYSQL_RES *res;
- MYSQL_ROW row;
char query[255];
int query_length = 0;
uint64_t sqn_decimal = 0;
diff --git a/openair-cn/OPENAIRHSS/db/db_proto.h b/openair-cn/OPENAIRHSS/db/db_proto.h
index fb8f27cd22f..bd4f9ea2c3a 100644
--- a/openair-cn/OPENAIRHSS/db/db_proto.h
+++ b/openair-cn/OPENAIRHSS/db/db_proto.h
@@ -29,6 +29,7 @@
#include <stdio.h>
#include <stdint.h>
+#include <pthread.h>
#include <mysql/mysql.h>
#include <netinet/in.h> /* To provide internet addresses strings helpers */
diff --git a/openair-cn/OPENAIRHSS/s6a/s6a_auth_info.c b/openair-cn/OPENAIRHSS/s6a/s6a_auth_info.c
index c3821028040..2c6177b6f24 100644
--- a/openair-cn/OPENAIRHSS/s6a/s6a_auth_info.c
+++ b/openair-cn/OPENAIRHSS/s6a/s6a_auth_info.c
@@ -34,9 +34,12 @@
* \version 0.1
*/
+#include <freeDiameter/freeDiameter-host.h>
+#include <freeDiameter/libfdproto.h>
#include <stdint.h>
#include <string.h>
#include <inttypes.h>
+#include <pthread.h>
#include "hss_config.h"
#include "db_proto.h"
diff --git a/openair-cn/OPENAIRHSS/s6a/s6a_error.c b/openair-cn/OPENAIRHSS/s6a/s6a_error.c
index cb58bafc116..b5ad478bfff 100644
--- a/openair-cn/OPENAIRHSS/s6a/s6a_error.c
+++ b/openair-cn/OPENAIRHSS/s6a/s6a_error.c
@@ -31,7 +31,7 @@
#include "db_proto.h"
#include "s6a_proto.h"
-inline char *experimental_retcode_2_string(int ret_code)
+char *experimental_retcode_2_string(int ret_code)
{
switch(ret_code) {
/* Experimental-Result-Codes */
@@ -55,7 +55,7 @@ inline char *experimental_retcode_2_string(int ret_code)
return "DIAMETER_AVP_UNSUPPORTED";
}
-inline char *retcode_2_string(int ret_code)
+char *retcode_2_string(int ret_code)
{
switch(ret_code) {
case ER_DIAMETER_SUCCESS:
diff --git a/openair-cn/OPENAIRHSS/s6a/s6a_fd.c b/openair-cn/OPENAIRHSS/s6a/s6a_fd.c
index 1f3234da208..1c4c2c5b1c1 100644
--- a/openair-cn/OPENAIRHSS/s6a/s6a_fd.c
+++ b/openair-cn/OPENAIRHSS/s6a/s6a_fd.c
@@ -51,7 +51,7 @@ static struct session_handler *s6a_reg = NULL;
static struct disp_hdl *handle;
s6a_cnf_t s6a_cnf;
-#if !defined(FREEDIAMETER_VERSION_1_2_0)
+#if FREEDIAMETER_VERSION < 120
void s6a_cli_sess_cleanup(void * arg, char * sid, void * opaque);
void s6a_cli_sess_cleanup(void * arg, char * sid, void * opaque)
@@ -311,7 +311,7 @@ int s6a_init(hss_config_t *hss_config_p)
}
/* Create handler for sessions */
-#if !defined(FREEDIAMETER_VERSION_1_2_0)
+#if FREEDIAMETER_VERSION < 120
CHECK_FCT(fd_sess_handler_create(&s6a_reg, s6a_cli_sess_cleanup, NULL));
#else
session_state_dump dumper;
diff --git a/openair-cn/OPENAIRHSS/s6a/s6a_proto.h b/openair-cn/OPENAIRHSS/s6a/s6a_proto.h
index 05312c5d131..924f8775e3b 100644
--- a/openair-cn/OPENAIRHSS/s6a/s6a_proto.h
+++ b/openair-cn/OPENAIRHSS/s6a/s6a_proto.h
@@ -232,7 +232,7 @@ int s6a_add_result_code(struct msg *ans, struct avp *failed_avp,
int s6a_add_ipv4_address(struct avp *avp, const char *ipv4_addr);
int s6a_add_ipv6_address(struct avp *avp, const char *ipv6_addr);
-inline char *experimental_retcode_2_string(int ret_code);
-inline char *retcode_2_string(int ret_code);
+char *experimental_retcode_2_string(int ret_code);
+char *retcode_2_string(int ret_code);
#endif /* S6A_PROTO_H_ */
diff --git a/openair-cn/OPENAIRHSS/s6a/s6a_purge_ue.c b/openair-cn/OPENAIRHSS/s6a/s6a_purge_ue.c
index 08dc2deeb2c..309951a50f6 100644
--- a/openair-cn/OPENAIRHSS/s6a/s6a_purge_ue.c
+++ b/openair-cn/OPENAIRHSS/s6a/s6a_purge_ue.c
@@ -34,6 +34,9 @@
* \version 0.1
*/
+#include <freeDiameter/freeDiameter-host.h>
+#include <freeDiameter/libfdproto.h>
+
#include "hss_config.h"
#include "db_proto.h"
#include "s6a_proto.h"
diff --git a/openair-cn/OPENAIRHSS/s6a/s6a_up_loc.c b/openair-cn/OPENAIRHSS/s6a/s6a_up_loc.c
index 7a667f85ab9..8b9defb4b7c 100644
--- a/openair-cn/OPENAIRHSS/s6a/s6a_up_loc.c
+++ b/openair-cn/OPENAIRHSS/s6a/s6a_up_loc.c
@@ -34,6 +34,8 @@
* \version 0.1
*/
+#include <freeDiameter/freeDiameter-host.h>
+#include <freeDiameter/libfdproto.h>
#include "hss_config.h"
#include "db_proto.h"
#include "s6a_proto.h"
diff --git a/openair-cn/OPENAIRHSS/utils/hss_config.c b/openair-cn/OPENAIRHSS/utils/hss_config.c
index 05c9aada5f2..11089441624 100644
--- a/openair-cn/OPENAIRHSS/utils/hss_config.c
+++ b/openair-cn/OPENAIRHSS/utils/hss_config.c
@@ -42,15 +42,30 @@
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <stdint.h>
#include <errno.h>
#include <getopt.h>
#include "hss_config.h"
#include "hss_parser.h"
+
+#ifndef PACKAGE_NAME
+#define PACKAGE_NAME "OPENAIR-HSS"
+#endif
+#ifndef PACKAGE_VERSION
+#define PACKAGE_VERSION "UNKNOWN-EXPERIMENTAL"
+#endif
+#ifndef PACKAGE_BUGREPORT
+#define PACKAGE_BUGREPORT "openair4G-devel@eurecom.fr"
+#endif
+
+// LG TODO fd_g_debug_lvl
+int fd_g_debug_lvl = 1;
+
/* YACC forward declarations */
extern int yyparse (struct hss_config_s *hss_config_p);
-
+extern uint8_t OP[16];
static int config_parse_command_line(int argc, char *argv[],
hss_config_t *hss_config_p);
static int config_parse_file(hss_config_t *hss_config_p);
@@ -82,7 +97,37 @@ int config_init(int argc, char *argv[], hss_config_t *hss_config_p)
abort();
}
config_display(hss_config_p);
- return ret;
+
+ // post processing for op key
+ if (hss_config_p->operator_key) {
+ if (strlen(hss_config_p->operator_key) == 32) {
+ ret = sscanf(hss_config_p->operator_key,
+ "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+ (unsigned int*)&OP[0],(unsigned int*)&OP[1],
+ (unsigned int*)&OP[2],(unsigned int*)&OP[3],
+ (unsigned int*)&OP[4],(unsigned int*)&OP[5],
+ (unsigned int*)&OP[6],(unsigned int*)&OP[7],
+ (unsigned int*)&OP[8],(unsigned int*)&OP[9],
+ (unsigned int*)&OP[10],(unsigned int*)&OP[11],
+ (unsigned int*)&OP[12],(unsigned int*)&OP[13],
+ (unsigned int*)&OP[14],(unsigned int*)&OP[15]);
+ if (ret != 16) {
+ fprintf(stderr,
+ "Error in configuration file: operator key: %s\n",
+ hss_config_p->operator_key);
+ abort();
+ }
+ } else {
+ fprintf(stderr,
+ "Error in configuration file: operator key length != 32 (16 hex bytes): %s\n",
+ hss_config_p->operator_key);
+ abort();
+ }
+ } else {
+ fprintf(stderr, "Error in configuration file: operator key is null\n");
+ abort();
+ }
+ return 0;
}
static void display_banner(void)
@@ -119,6 +164,9 @@ static void config_display(hss_config_t *hss_config_p)
fprintf(stdout, "* FreeDiameter:\n");
fprintf(stdout, "\t- Conf file ........: %s\n",
hss_config_p->freediameter_config);
+ fprintf(stdout, "* Security:\n");
+ fprintf(stdout, "\t- Operator key......: %s\n",
+ hss_config_p->operator_key);
}
static int config_parse_command_line(int argc, char *argv[],
diff --git a/openair-cn/OPENAIRHSS/utils/hss_config.h b/openair-cn/OPENAIRHSS/utils/hss_config.h
index 8eb8f68e25c..65e0c45fdee 100644
--- a/openair-cn/OPENAIRHSS/utils/hss_config.h
+++ b/openair-cn/OPENAIRHSS/utils/hss_config.h
@@ -35,6 +35,9 @@ typedef struct hss_config_s {
char *mysql_password;
char *mysql_database;
+
+ char *operator_key;
+
/* The freediameter configuration file */
char *freediameter_config;
diff --git a/openair-cn/OPENAIRHSS/utils/hss_parser.y b/openair-cn/OPENAIRHSS/utils/hss_parser.y
index 685fbf266ae..19c4e816105 100644
--- a/openair-cn/OPENAIRHSS/utils/hss_parser.y
+++ b/openair-cn/OPENAIRHSS/utils/hss_parser.y
@@ -69,6 +69,7 @@ int fddlex(YYSTYPE *lvalp, YYLTYPE *llocp);
%token MYSQL_SERVER
%token MYSQL_PASS
%token MYSQL_DB
+%token OPERATOR_KEY
%%
conffile: /* Empty is OK -- for simplicity here, we reject in daemon later */
@@ -76,6 +77,7 @@ conffile: /* Empty is OK -- for simplicity here, we reject in daemon later
| conffile mysql_server
| conffile mysql_user
| conffile mysql_pass
+ | conffile operator_key
| conffile fdconf
| conffile errors
{
@@ -108,6 +110,12 @@ mysql_server: MYSQL_SERVER '=' QSTRING ';'
}
;
+operator_key: OPERATOR_KEY '=' QSTRING ';'
+ {
+ hss_config_p->operator_key = $3;
+ }
+ ;
+
fdconf: FDCONF '=' QSTRING ';'
{
hss_config_p->freediameter_config = $3;
diff --git a/openair-cn/OPENAIRHSS/utils/hss_scanner.l b/openair-cn/OPENAIRHSS/utils/hss_scanner.l
index 951fb5a8c9f..bca348528c6 100644
--- a/openair-cn/OPENAIRHSS/utils/hss_scanner.l
+++ b/openair-cn/OPENAIRHSS/utils/hss_scanner.l
@@ -113,6 +113,7 @@ qstring \"[^\"\n]*\"
(?i:"MYSQL_user") { return MYSQL_USER; }
(?i:"MYSQL_pass") { return MYSQL_PASS; }
(?i:"MYSQL_db") { return MYSQL_DB; }
+(?i:"OPERATOR_key") { return OPERATOR_KEY; }
/* Valid single characters for yyparse */
<*>[=,:;{}] { return yytext[0]; }
diff --git a/openair-cn/S6A/freediameter/make_certs.sh b/openair-cn/S6A/freediameter/make_certs.sh
index 844695144db..cf176940d35 100755
--- a/openair-cn/S6A/freediameter/make_certs.sh
+++ b/openair-cn/S6A/freediameter/make_certs.sh
@@ -45,11 +45,11 @@ HOSTNAME=$(hostname -f)
echo "Creating MME certificate for user '$HOSTNAME'.'$REALM'"
# CA self certificate
-openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out cacert.pem -keyout cakey.pem -subj /CN=$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
+openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out mme.cacert.pem -keyout mme.cakey.pem -subj /CN=$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
-openssl genrsa -out user.key.pem 1024
-openssl req -new -batch -out user.csr.pem -key user.key.pem -subj /CN=$HOSTNAME.$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
-openssl ca -cert cacert.pem -keyfile cakey.pem -in user.csr.pem -out user.cert.pem -outdir . -batch
+openssl genrsa -out mme.key.pem 1024
+openssl req -new -batch -out mme.csr.pem -key mme.key.pem -subj /CN=$HOSTNAME.$REALM/C=FR/ST=PACA/L=Aix/O=Eurecom/OU=CM
+openssl ca -cert mme.cacert.pem -keyfile mme.cakey.pem -in mme.csr.pem -out mme.cert.pem -outdir . -batch
if [ ! -d /usr/local/etc/freeDiameter ]
then
@@ -57,7 +57,7 @@ then
sudo mkdir /usr/local/etc/freeDiameter/
fi
-sudo cp -uv user.key.pem user.cert.pem cacert.pem cakey.pem /usr/local/etc/freeDiameter/
+sudo cp -uv mme.key.pem mme.cert.pem mme.cacert.pem mme.cakey.pem /usr/local/etc/freeDiameter/
# openssl genrsa -out ubuntu.key.pem 1024
# openssl req -new -batch -x509 -out ubuntu.csr.pem -key ubuntu.key.pem -subj /CN=ubuntu.localdomain/C=FR/ST=BdR/L=Aix/O=fD/OU=Tests
diff --git a/openair-cn/S6A/s6a_peer.c b/openair-cn/S6A/s6a_peer.c
index ebc1a2075bc..40e1e748f26 100644
--- a/openair-cn/S6A/s6a_peer.c
+++ b/openair-cn/S6A/s6a_peer.c
@@ -59,12 +59,12 @@ void s6a_peer_connected_cb(struct peer_info *info, void *arg)
itti_send_msg_to_task(TASK_S1AP, INSTANCE_DEFAULT, message_p);
-
+#if ! defined(ENABLE_USE_GTPU_IN_KERNEL)
/* Inform SGI that connection to HSS is established */
message_p = itti_alloc_new_message(TASK_S6A, ACTIVATE_MESSAGE);
itti_send_msg_to_task(TASK_FW_IP, INSTANCE_DEFAULT, message_p);
-
+#endif
}
/* For test */
diff --git a/openair-cn/SGW-LITE/sgw_lite_task.c b/openair-cn/SGW-LITE/sgw_lite_task.c
index 0eed638290e..0d761be2cb6 100644
--- a/openair-cn/SGW-LITE/sgw_lite_task.c
+++ b/openair-cn/SGW-LITE/sgw_lite_task.c
@@ -136,13 +136,13 @@ int sgw_lite_init(char* config_file_name_pP)
spgw_system("iptables -t filter -F", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("iptables -t raw -F", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("ip route flush cache", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
- spgw_system("rmmod iptable_raw > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
+ spgw_system("rmmod iptable_raw > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod iptable_mangle > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
- spgw_system("rmmod iptable_nat > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
+ spgw_system("rmmod iptable_nat > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod iptable_filter > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
- spgw_system("rmmod ip_tables > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
+ spgw_system("rmmod ip_tables > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod xt_state xt_mark xt_GTPUAH xt_GTPURH xt_tcpudp xt_connmark ipt_LOG ipt_MASQUERADE > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
- spgw_system("rmmod x_tables > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
+ spgw_system("rmmod x_tables > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("rmmod nf_conntrack_netlink nfnetlink nf_nat nf_conntrack_ipv4 nf_conntrack > /dev/null 2>&1", SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("modprobe ip_tables", SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
spgw_system("modprobe x_tables", SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
@@ -152,6 +152,7 @@ int sgw_lite_init(char* config_file_name_pP)
spgw_system("sysctl -w net.ipv4.conf.all.log_martians=1",SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("sysctl -w net.ipv4.conf.all.route_localnet=1",SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
spgw_system("sysctl -w net.ipv4.conf.all.rp_filter=0",SPGW_WARN_ON_ERROR, __FILE__, __LINE__);
+ spgw_system("sync", SPGW_ABORT_ON_ERROR, __FILE__, __LINE__);
#endif
spgw_config_init(config_file_name_pP, &spgw_config);
pgw_lite_load_pool_ip_addresses();
diff --git a/openair-cn/SGW-LITE/spgw_config.c b/openair-cn/SGW-LITE/spgw_config.c
index e91ef45e84b..4dbad599318 100755
--- a/openair-cn/SGW-LITE/spgw_config.c
+++ b/openair-cn/SGW-LITE/spgw_config.c
@@ -619,7 +619,6 @@ int spgw_config_init(char* lib_config_file_name_pP, spgw_config_t* config_pP) {
STAILQ_INSERT_TAIL(&config_pP->pgw_config.pgw_lite_ipv4_pool_list, ip4_ref, ipv4_entries);
counter64 = counter64 - 1;
} while (counter64 > 0);
-
//---------------
if (config_pP->pgw_config.pgw_masquerade_SGI) {
in_addr_var.s_addr = config_pP->pgw_config.ipv4.pgw_ipv4_address_for_SGI;
@@ -636,7 +635,6 @@ int spgw_config_init(char* lib_config_file_name_pP, spgw_config_t* config_pP) {
SPGW_APP_ERROR("Masquerade SGI\n");
}
}
-
} else {
SPGW_APP_ERROR("CONFIG POOL ADDR IPV4: BAD MASQ: %s\n", atoken2);
}
diff --git a/openair-cn/UTILS/CONF/s6a.conf.in b/openair-cn/UTILS/CONF/s6a.conf.in
index 4fd08b600c1..000544ad753 100644
--- a/openair-cn/UTILS/CONF/s6a.conf.in
+++ b/openair-cn/UTILS/CONF/s6a.conf.in
@@ -1,31 +1,55 @@
# -------- Local ---------
# Uncomment if the framework cannot resolv it.
-Identity = "@HOSTNAME@.pft";
-Realm = "pft";
+Identity = "@MME_FQDN@";
+Realm = "@REALM@";
# TLS configuration (see previous section)
-TLS_Cred = "/usr/local/etc/freeDiameter/user.cert.pem",
- "/usr/local/etc/freeDiameter/user.key.pem";
-TLS_CA = "/usr/local/etc/freeDiameter/cacert.pem";
+TLS_Cred = "${FREEDIAMETER_PATH}/../etc/freeDiameter/mme.cert.pem",
+ "${FREEDIAMETER_PATH}/../etc/freeDiameter/mme.key.pem";
+TLS_CA = "${FREEDIAMETER_PATH}/../etc/freeDiameter/mme.cacert.pem";
# Disable use of TCP protocol (only listen and connect in SCTP)
# Default : TCP enabled
-No_TCP;
-#No_SCTP;
+@TRANSPORT_option@;
+
+# This option is ignored if freeDiameter is compiled with DISABLE_SCTP option.
+# Prefer TCP instead of SCTP for establishing new connections.
+# This setting may be overwritten per peer in peer configuration blocs.
+# Default : SCTP is attempted first.
+@TRANSPORT_PREFER_TCP_option@;
+
+
No_IPv6;
+# Overwrite the number of SCTP streams. This value should be kept low,
+# especially if you are using TLS over SCTP, because it consumes a lot of
+# resources in that case. See tickets 19 and 27 for some additional details on
+# this.
# Limit the number of SCTP streams
-SCTP_streams = 15;
+SCTP_streams = 3;
+
+# By default, freeDiameter acts as a Diameter Relay Agent by forwarding all
+# messages it cannot handle locally. This parameter disables this behavior.
NoRelay;
+
+
TLS_old_method;
+
+
AppServThreads = 1;
-#ListenOn = "192.168.57.100";
+# Specify the addresses on which to bind the listening server. This must be
+# specified if the framework is unable to auto-detect these addresses, or if the
+# auto-detected values are incorrect. Note that the list of addresses is sent
+# in CER or CEA message, so one should pay attention to this parameter if some
+# adresses should be kept hidden.
+@ListenOn@
+
+@DIAMETER_PORT@;
+@DIAMETER_SEC_PORT@;
-#Port = 3870;
-#SecPort = 3871;
# -------- Extensions ---------
# Uncomment (and create rtd.conf) to specify routing table for this peer.
@@ -62,5 +86,12 @@ LoadExtension = "dict_s6a.fdx";
# with the peers listed here.
# For only accepting incoming connections, see the acl_wl.fx extension.
-# ConnectPeer = "hss.test.fr" { ConnectTo = "192.168.56.101"; No_IPv6; No_TCP; Port = 3868; Realm = "test.fr"; };
-#ConnectPeer = "hss.pft" { ConnectTo = "192.168.14.17"; No_IPv6; Port = 3868; };
+# ConnectPeer
+# Declare a remote peer to which this peer must maintain a connection.
+# In addition, this allows specifying non-default parameters for this peer only
+# (for example disable SCTP with this peer, or use RFC3588-flavour TLS).
+# Note that by default, if a peer is not listed as a ConnectPeer entry, an
+# incoming connection from this peer will be rejected. If you want to accept
+# incoming connections from other peers, see the acl_wl.fdx? extension which
+# allows exactly this.
+@ConnectPeer@ = "@HSS_FQDN@" { ConnectTo = "@HSS_IP@"; No_IPv6; No_TLS ; port = 3868; Realm = "@REALM@"; };
diff --git a/openair-cn/UTILS/mcc_mnc_itu.c b/openair-cn/UTILS/mcc_mnc_itu.c
index d9727d2c0e1..42d0263a00e 100755
--- a/openair-cn/UTILS/mcc_mnc_itu.c
+++ b/openair-cn/UTILS/mcc_mnc_itu.c
@@ -38,6 +38,7 @@
// From http://www.itu.int/pub/T-SP-E.212B-2014
const mcc_mnc_list_t mcc_mnc_list[] = {
+ {001, "01"},
{412, "01"},
{412, "20"},
{412, "40"},
--
GitLab