Hello Jenkins Builder,
I'd like you to reexamine a change. Please visit
https://gerrit.osmocom.org/3821
to look at the new patch set (#4).
Migrate from OpenSSL to osmo_get_rand_id()
This avoids potential licensing incompatibility and makes integration of
Debian packaging patches easier.
Related: OS#1694
Change-Id: I2b687b7f07ef05bbd861b8479cad5a958a3dde92
---
M configure.ac
M debian/control
M src/gprs/Makefile.am
M src/gprs/gb_proxy.c
M src/gprs/gprs_gmm.c
M src/gprs/gprs_llc.c
M src/gprs/gprs_sgsn.c
M tests/gbproxy/Makefile.am
M tests/gbproxy/gbproxy_test.c
M tests/sgsn/Makefile.am
M tests/sgsn/sgsn_test.c
M tests/sndcp_xid/Makefile.am
M tests/xid/Makefile.am
13 files changed, 58 insertions(+), 66 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-sgsn refs/changes/21/3821/4
diff --git a/configure.ac b/configure.ac
index c8e23e5..7921085 100644
--- a/configure.ac
+++ b/configure.ac
@@ -47,7 +47,6 @@
PKG_CHECK_MODULES(LIBOSMOGB, libosmogb >= 0.6.4)
PKG_CHECK_MODULES(LIBOSMONETIF, libosmo-netif >= 0.0.1)
PKG_CHECK_MODULES(LIBOSMOSIGTRAN, libosmo-sigtran) # TODO version?
-PKG_CHECK_MODULES(LIBCRYPTO, libcrypto >= 0.9.5)
# Enable/disable 3G aka IuPS + IuCS support?
AC_ARG_ENABLE([iu], [AS_HELP_STRING([--enable-iu], [Build 3G support, aka IuPS
and IuCS interfaces])],
diff --git a/debian/control b/debian/control
index ce2167a..330945f 100644
--- a/debian/control
+++ b/debian/control
@@ -9,7 +9,6 @@
automake,
libtool,
pkg-config,
- libssl-dev,
libtalloc-dev,
libc-ares-dev,
libgtp-dev,
diff --git a/src/gprs/Makefile.am b/src/gprs/Makefile.am
index 654604b..0a88c01 100644
--- a/src/gprs/Makefile.am
+++ b/src/gprs/Makefile.am
@@ -15,7 +15,6 @@
$(LIBOSMOGB_CFLAGS) \
$(COVERAGE_CFLAGS) \
$(LIBCARES_CFLAGS) \
- $(LIBCRYPTO_CFLAGS) \
$(LIBGTP_CFLAGS) \
$(NULL)
if BUILD_IU
@@ -63,7 +62,6 @@
$(NULL)
osmo_gbproxy_LDADD = \
$(OSMO_LIBS) \
- $(LIBCRYPTO_LIBS) \
-lrt \
$(NULL)
@@ -99,7 +97,6 @@
$(OSMO_LIBS) \
$(LIBOSMOABIS_LIBS) \
$(LIBCARES_LIBS) \
- $(LIBCRYPTO_LIBS) \
$(LIBGTP_LIBS) \
-lrt \
-lm \
diff --git a/src/gprs/gb_proxy.c b/src/gprs/gb_proxy.c
index 17a0109..09e291b 100644
--- a/src/gprs/gb_proxy.c
+++ b/src/gprs/gb_proxy.c
@@ -50,8 +50,6 @@
#include <osmocom/gsm/protocol/gsm_04_08_gprs.h>
#include <osmocom/sgsn/gprs_utils.h>
-#include <openssl/rand.h>
-
extern void *tall_bsc_ctx;
static const struct rate_ctr_desc global_ctr_description[] = {
@@ -232,12 +230,13 @@
uint32_t sgsn_ptmsi)
{
uint32_t bss_ptmsi;
- int max_retries = 23;
+ int max_retries = 23, rc = 0;
if (!peer->cfg->patch_ptmsi) {
bss_ptmsi = sgsn_ptmsi;
} else {
do {
- if (RAND_bytes((uint8_t *) &bss_ptmsi,
sizeof(bss_ptmsi)) != 1) {
+ rc = osmo_get_rand_id((uint8_t *) &bss_ptmsi,
sizeof(bss_ptmsi));
+ if (rc < 0) {
bss_ptmsi = GSM_RESERVED_TMSI;
break;
}
@@ -250,7 +249,7 @@
}
if (bss_ptmsi == GSM_RESERVED_TMSI)
- LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a BSS P-TMSI\n");
+ LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a BSS P-TMSI: %d
(%s)\n", rc, strerror(-rc));
return bss_ptmsi;
}
@@ -260,7 +259,7 @@
uint32_t bss_tlli)
{
uint32_t sgsn_tlli;
- int max_retries = 23;
+ int max_retries = 23, rc = 0;
if (!peer->cfg->patch_ptmsi) {
sgsn_tlli = bss_tlli;
} else if (link_info->sgsn_tlli.ptmsi != GSM_RESERVED_TMSI &&
@@ -274,7 +273,8 @@
} else {
do {
/* create random TLLI, 0b01111xxx... */
- if (RAND_bytes((uint8_t *) &sgsn_tlli,
sizeof(sgsn_tlli)) != 1) {
+ rc = osmo_get_rand_id((uint8_t *) &sgsn_tlli,
sizeof(sgsn_tlli));
+ if (rc < 0) {
sgsn_tlli = 0;
break;
}
@@ -287,7 +287,7 @@
}
if (!sgsn_tlli)
- LOGP(DGPRS, LOGL_ERROR, "Failed to allocate an SGSN TLLI\n");
+ LOGP(DGPRS, LOGL_ERROR, "Failed to allocate an SGSN TLLI: %d
(%s)\n", rc, strerror(-rc));
return sgsn_tlli;
}
diff --git a/src/gprs/gprs_gmm.c b/src/gprs/gprs_gmm.c
index 7e109b4..0ebe65a 100644
--- a/src/gprs/gprs_gmm.c
+++ b/src/gprs/gprs_gmm.c
@@ -31,8 +31,6 @@
#include <arpa/inet.h>
#include <netdb.h>
-#include <openssl/rand.h>
-
#include "bscconfig.h"
#include <osmocom/core/msgb.h>
@@ -585,6 +583,7 @@
struct gsm48_hdr *gh;
struct gsm48_auth_ciph_req *acreq;
uint8_t *m_rand, *m_cksn, rbyte;
+ int rc;
LOGMMCTXP(LOGL_INFO, mm, "<- GPRS AUTH AND CIPHERING REQ (rand = %s",
osmo_hexdump(vec->rand, sizeof(vec->rand)));
@@ -608,12 +607,13 @@
/* § 10.5.5.7: */
acreq->force_stby = force_standby;
/* 3GPP TS 24.008 § 10.5.5.19: */
- if (RAND_bytes(&rbyte, 1) != 1) {
- LOGP(DMM, LOGL_NOTICE, "RAND_bytes failed for A&C ref, falling "
- "back to rand()\n");
- acreq->ac_ref_nr = rand();
- } else
- acreq->ac_ref_nr = rbyte;
+ rc = osmo_get_rand_id(&rbyte, 1);
+ if (rc < 0) {
+ LOGP(DMM, LOGL_ERROR, "osmo_get_rand_id() failed for A&C ref:
%s\n", strerror(-rc));
+ return rc;
+ }
+
+ acreq->ac_ref_nr = rbyte;
mm->ac_ref_nr_used = acreq->ac_ref_nr;
/* Only if authentication is requested we need to set RAND + CKSN */
@@ -2078,6 +2078,7 @@
{
struct sgsn_mm_ctx *mm = _mm;
struct gsm_auth_tuple *at;
+ int rc;
mm->num_T_exp++;
@@ -2122,8 +2123,11 @@
}
at = &mm->auth_triplet;
- gsm48_tx_gmm_auth_ciph_req(mm, &at->vec, at->key_seq, false);
- osmo_timer_schedule(&mm->timer, sgsn->cfg.timers.T3360, 0);
+ rc = gsm48_tx_gmm_auth_ciph_req(mm, &at->vec, at->key_seq,
false);
+ if (rc < 0)
+ LOGMMCTXP(LOGL_ERROR, mm, "failed sending Auth. & Ciph.
Reuqest: %s \n", strerror(-rc));
+ else
+ osmo_timer_schedule(&mm->timer, sgsn->cfg.timers.T3360,
0);
break;
case 3370: /* waiting for IDENTITY RESPONSE */
if (mm->num_T_exp >= 5) {
diff --git a/src/gprs/gprs_llc.c b/src/gprs/gprs_llc.c
index 22743fe..1a7cf3d 100644
--- a/src/gprs/gprs_llc.c
+++ b/src/gprs/gprs_llc.c
@@ -23,8 +23,6 @@
#include <stdint.h>
#include <stdbool.h>
-#include <openssl/rand.h>
-
#include <osmocom/core/msgb.h>
#include <osmocom/core/linuxlist.h>
#include <osmocom/core/timer.h>
@@ -1065,14 +1063,15 @@
struct msgb *msg = msgb_alloc_headroom(4096, 1024, "LLC_XID");
struct gprs_llc_lle *lle = &llme->lle[1];
uint8_t xid_bytes[1024];
- int xid_bytes_len;
+ int xid_bytes_len, rc;
uint8_t *xid;
LOGP(DLLC, LOGL_NOTICE, "LLGM Reset\n");
- if (RAND_bytes((uint8_t *) &llme->iov_ui, 4) != 1) {
- LOGP(DLLC, LOGL_NOTICE, "RAND_bytes failed for LLC XID reset, "
- "falling back to rand()\n");
- llme->iov_ui = rand();
+
+ rc = osmo_get_rand_id((uint8_t *) &llme->iov_ui, 4);
+ if (rc < 0) {
+ LOGP(DLLC, LOGL_ERROR, "osmo_get_rand_id() failed for LLC XID
reset: %s\n", strerror(-rc));
+ return rc;
}
/* Generate XID message */
@@ -1098,14 +1097,15 @@
{
struct msgb *msg = msgb_alloc_headroom(4096, 1024, "LLC_XID");
uint8_t xid_bytes[1024];
- int xid_bytes_len;
+ int xid_bytes_len, rc;
uint8_t *xid;
LOGP(DLLC, LOGL_NOTICE, "LLGM Reset\n");
- if (RAND_bytes((uint8_t *) &llme->iov_ui, 4) != 1) {
- LOGP(DLLC, LOGL_NOTICE, "RAND_bytes failed for LLC XID reset, "
- "falling back to rand()\n");
- llme->iov_ui = rand();
+
+ rc = osmo_get_rand_id((uint8_t *) &llme->iov_ui, 4);
+ if (rc < 0) {
+ LOGP(DLLC, LOGL_ERROR, "osmo_get_rand_id() failed for LLC XID
reset: %s\n", strerror(-rc));
+ return rc;
}
/* Generate XID message */
diff --git a/src/gprs/gprs_sgsn.c b/src/gprs/gprs_sgsn.c
index 4cd3df1..abe4fab 100644
--- a/src/gprs/gprs_sgsn.c
+++ b/src/gprs/gprs_sgsn.c
@@ -46,8 +46,6 @@
#include <time.h>
-#include <openssl/rand.h>
-
#include "../../bscconfig.h"
#if BUILD_IU
@@ -641,10 +639,11 @@
{
struct sgsn_mm_ctx *mm;
uint32_t ptmsi = 0xdeadbeef;
- int max_retries = 100;
+ int max_retries = 100, rc = 0;
restart:
- if (RAND_bytes((uint8_t *) &ptmsi, sizeof(ptmsi)) != 1)
+ rc = osmo_get_rand_id((uint8_t *) &ptmsi, sizeof(ptmsi));
+ if (rc < 0)
goto failed;
/* Enforce that the 2 MSB are set without loosing the distance between
@@ -682,7 +681,7 @@
return ptmsi;
failed:
- LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a P-TMSI\n");
+ LOGP(DGPRS, LOGL_ERROR, "Failed to allocate a P-TMSI: %d (%s)\n", rc,
strerror(-rc));
return GSM_RESERVED_TMSI;
}
diff --git a/tests/gbproxy/Makefile.am b/tests/gbproxy/Makefile.am
index 3291839..ef38fb6 100644
--- a/tests/gbproxy/Makefile.am
+++ b/tests/gbproxy/Makefile.am
@@ -28,7 +28,7 @@
$(NULL)
gbproxy_test_LDFLAGS = \
- -Wl,--wrap=RAND_bytes \
+ -Wl,--wrap=osmo_get_rand_id \
$(NULL)
gbproxy_test_LDADD = \
@@ -46,6 +46,5 @@
$(LIBOSMOVTY_LIBS) \
$(LIBOSMOABIS_LIBS) \
$(LIBRARY_DL) \
- $(LIBCRYPTO_LIBS) \
-lrt \
$(NULL)
diff --git a/tests/gbproxy/gbproxy_test.c b/tests/gbproxy/gbproxy_test.c
index e8a4ef9..207139e 100644
--- a/tests/gbproxy/gbproxy_test.c
+++ b/tests/gbproxy/gbproxy_test.c
@@ -37,8 +37,6 @@
#include <osmocom/sgsn/gprs_gb_parse.h>
#include <osmocom/sgsn/debug.h>
-#include <openssl/rand.h>
-
#define REMOTE_BSS_ADDR 0x01020304
#define REMOTE_SGSN_ADDR 0x05060708
@@ -55,24 +53,24 @@
struct llist_head *received_messages = NULL;
-/* override, requires '-Wl,--wrap=RAND_bytes' */
-int __real_RAND_bytes(unsigned char *buf, int num);
-int mock_RAND_bytes(unsigned char *buf, int num);
-int (*RAND_bytes_cb)(unsigned char *, int) =
- &mock_RAND_bytes;
+/* override, requires '-Wl,--wrap=osmo_get_rand_id' */
+int __real_osmo_get_rand_id(uint8_t *data, size_t len);
+int mock_osmo_get_rand_id(uint8_t *data, size_t len);
+int (*osmo_get_rand_id_cb)(uint8_t *, size_t) =
+ &mock_osmo_get_rand_id;
-int __wrap_RAND_bytes(unsigned char *buf, int num)
+int __wrap_osmo_get_rand_id(uint8_t *buf, size_t num)
{
- return (*RAND_bytes_cb)(buf, num);
+ return (*osmo_get_rand_id_cb)(buf, num);
}
static int rand_seq_num = 0;
-int mock_RAND_bytes(unsigned char *buf, int num)
+int mock_osmo_get_rand_id(uint8_t *buf, size_t num)
{
uint32_t val;
OSMO_ASSERT(num == sizeof(val));
- OSMO_ASSERT(__real_RAND_bytes(buf, num) == 1);
+ OSMO_ASSERT(__real_osmo_get_rand_id(buf, num) == 0);
val = 0x00dead00 + rand_seq_num;
diff --git a/tests/sgsn/Makefile.am b/tests/sgsn/Makefile.am
index 36026dd..802811d 100644
--- a/tests/sgsn/Makefile.am
+++ b/tests/sgsn/Makefile.am
@@ -32,7 +32,7 @@
$(NULL)
sgsn_test_LDFLAGS = \
- -Wl,--wrap=RAND_bytes \
+ -Wl,--wrap=osmo_get_rand_id \
-Wl,--wrap=sgsn_update_subscriber_data \
-Wl,--wrap=gprs_subscr_request_update_location \
-Wl,--wrap=gprs_subscr_request_auth_info \
@@ -67,7 +67,6 @@
$(LIBOSMOGSM_LIBS) \
$(LIBOSMOGB_LIBS) \
$(LIBCARES_LIBS) \
- $(LIBCRYPTO_LIBS) \
$(LIBGTP_LIBS) \
-lrt \
-lm \
diff --git a/tests/sgsn/sgsn_test.c b/tests/sgsn/sgsn_test.c
index a486794..219587a 100644
--- a/tests/sgsn/sgsn_test.c
+++ b/tests/sgsn/sgsn_test.c
@@ -100,21 +100,21 @@
return 0;
}
-/* override, requires '-Wl,--wrap=RAND_bytes' */
-int __real_RAND_bytes(unsigned char *buf, int num);
-int mock_RAND_bytes(unsigned char *buf, int num);
-int (*RAND_bytes_cb)(unsigned char *, int) =
- &mock_RAND_bytes;
+/* override, requires '-Wl,--wrap=osmo_get_rand_id' */
+int __real_osmo_get_rand_id(uint8_t *data, size_t len);
+int mock_osmo_get_rand_id(uint8_t *data, size_t len);
+int (*osmo_get_rand_id_cb)(uint8_t *, size_t) =
+ &mock_osmo_get_rand_id;
-int __wrap_RAND_bytes(unsigned char *buf, int num)
+int __wrap_osmo_get_rand_id(uint8_t *buf, size_t num)
{
- return (*RAND_bytes_cb)(buf, num);
+ return (*osmo_get_rand_id_cb)(buf, num);
}
/* make results of A&C ref predictable */
-int mock_RAND_bytes(unsigned char *buf, int num)
+int mock_osmo_get_rand_id(uint8_t *buf, size_t num)
{
if (num > 1)
- return __real_RAND_bytes(buf, num);
+ return __real_osmo_get_rand_id(buf, num);
buf[0] = 0;
return 1;
}
diff --git a/tests/sndcp_xid/Makefile.am b/tests/sndcp_xid/Makefile.am
index d09c41b..fbcb36c 100644
--- a/tests/sndcp_xid/Makefile.am
+++ b/tests/sndcp_xid/Makefile.am
@@ -14,7 +14,6 @@
$(LIBOSMOGSM_LIBS) \
$(LIBOSMOGB_LIBS) \
$(LIBCARES_LIBS) \
- $(LIBCRYPTO_LIBS) \
$(LIBGTP_LIBS) \
-lrt -lm
diff --git a/tests/xid/Makefile.am b/tests/xid/Makefile.am
index 6c3689f..92876ec 100644
--- a/tests/xid/Makefile.am
+++ b/tests/xid/Makefile.am
@@ -30,7 +30,6 @@
$(LIBOSMOGSM_LIBS) \
$(LIBOSMOGB_LIBS) \
$(LIBCARES_LIBS) \
- $(LIBCRYPTO_LIBS) \
$(LIBGTP_LIBS) \
-lrt \
-lm \
--
To view, visit https://gerrit.osmocom.org/3821
To unsubscribe, visit https://gerrit.osmocom.org/settings
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I2b687b7f07ef05bbd861b8479cad5a958a3dde92
Gerrit-PatchSet: 4
Gerrit-Project: osmo-sgsn
Gerrit-Branch: master
Gerrit-Owner: Max <msur...@sysmocom.de>
Gerrit-Reviewer: Jenkins Builder
