[MERGED] osmo-iuh[master]: cn unitdata: verify correct remote addr

Neels Hofmeyr Thu, 27 Jul 2017 08:49:39 -0700

Neels Hofmeyr has submitted this change and it was merged.

Change subject: cn unitdata: verify correct remote addr
......................................................................



cn unitdata: verify correct remote addr

When receiving unitdata from the CN, verify that it is indeed coming from the
remote address that matches our CS/PS domain settings.

This patch came from an earlier stage where the is_ps out-parameter was
actually used. While it currently isn't, it doesn't hurt to leave it there.

Change-Id: I7190b4c3a05e8bac0eeffa1eab18c9e47429cb17
---
M src/hnbgw_cn.c
1 file changed, 28 insertions(+), 0 deletions(-)

Approvals:
  Harald Welte: Looks good to me, approved
  Jenkins Builder: Verified



diff --git a/src/hnbgw_cn.c b/src/hnbgw_cn.c
index 8124ce5..e967260 100644
--- a/src/hnbgw_cn.c
+++ b/src/hnbgw_cn.c
@@ -240,6 +240,31 @@
        return rc;
 }
 
+static bool pc_and_ssn_match(const struct osmo_sccp_addr *a, const struct 
osmo_sccp_addr *b)
+{
+       return (a == b)
+              || ((a->pc == b->pc)
+                  && (a->ssn == b->ssn));
+}
+
+static int classify_cn_remote_addr(const struct hnb_gw *gw,
+                                  const struct osmo_sccp_addr *cn_remote_addr,
+                                  bool *is_ps)
+{
+       if (pc_and_ssn_match(cn_remote_addr, &gw->sccp.remote_addr_cs)) {
+               if (is_ps)
+                       *is_ps = false;
+               return 0;
+       }
+       if (pc_and_ssn_match(cn_remote_addr, &gw->sccp.remote_addr_ps)) {
+               if (is_ps)
+                       *is_ps = true;
+               return 0;
+       }
+       LOGP(DMAIN, LOGL_ERROR, "Unexpected remote address, matches neither CS 
nor PS address: %s\n",
+            osmo_sccp_addr_dump(cn_remote_addr));
+       return -1;
+}
 
 static int handle_cn_unitdata(struct hnbgw_cnlink *cnlink,
                              const struct osmo_scu_unitdata_param *param,
@@ -251,6 +276,9 @@
                return -1;
        }
 
+       if (classify_cn_remote_addr(cnlink->gw, &param->calling_addr, NULL) < 0)
+               return -1;
+
        return handle_cn_ranap(cnlink, msgb_l2(oph->msg), msgb_l2len(oph->msg));
 }
 

-- 
To view, visit https://gerrit.osmocom.org/3113
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I7190b4c3a05e8bac0eeffa1eab18c9e47429cb17
Gerrit-PatchSet: 3
Gerrit-Project: osmo-iuh
Gerrit-Branch: master
Gerrit-Owner: Neels Hofmeyr <[email protected]>
Gerrit-Reviewer: Harald Welte <[email protected]>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: Neels Hofmeyr <[email protected]>

[MERGED] osmo-iuh[master]: cn unitdata: verify correct remote addr

Reply via email to