It seems to be actually mandatory in GGSN->SGN directon, though it is
ignored in Release99 upwards. Let's hardcode it to 0 for now, should be
fine in the majority of cases.
In the event we have 2 local IP addresses available for use, put the one
having same IP version in "GGSN Address *" IE, and the one with the
other IP version in "Alternative GGSN Address *" IE.
* [CORE] tlv: Store mode in ogs_tlv_t
This allows specifying the format of the IE for each individual IE,
hence allowing messages containing IEs formatted in different ways.
This is needed in order to support parsing GTPv1-C, since messages
contain IEs with different structure (TLV vs TV). Hence, this is a
preparation patch to add support for parsing TVs in ogs-tlv.c/.h.
* [CORE] tlv: Support parsing msg with both TLV and TV in it
IEs of type TV are sometimes used in GTPv1-C. Current tlv parser/builder
doesn't provide with ways to parse messages which contain TV formatted
IEs. This patch adds the relevant types and ways to encode/decode them.
Furthermore, the current parser/builder allows parsing/building messages
containing the exact same format in all its IEs. A new parser function
is added which allows parsing messages of different types (TV, TLV)
mixed in the same message. In order to be able to do so, it uses the
general msg_mode passed to it in order to know the general TLV format
(in essence, the length of the Tag field, and also the length of the
Length field if applicable each IE).
Looking up the instance in the TLV description is left undone and
hadcoded to 0, since the only user so far requiring this API is GTPv1-C,
which has no instances.
* [CORE] tlv: Support repeated tag+instance parsing TLV message
In GTPv2C, repeated IEs (same tag) are easily differentiated by the
Instance byte, which provides info to match different decoded
structures. In GTPv1C though, there's no Instance byte, and we still
encounter repeated IEs (like GSN Address in Create PDP Context Request).
Hence, the TLV decoder needs to be updated to track count of IEs found
(identified by tag+instance, where instance is always 0 in GTPv1C) and
get the proper description index + offset into the decoded structure.
* [GTP]: Move GTPv2-C specifics to its own libgtp subdir
This will allow adding GTPv1-C code by the side. Most GTPv2 code is left
in this patch as "gtp" instead of renaming it to "gtp2" in order to
avoid massive changes. It can be done at a later stage if wanted.
* [GTP] Support generating GTPv1-C messages
* [SMF] Add Gn interface support
This patch introduces GTPv1C support to open5gs-smfd. With it,
open5gs-becomes a GGSN too, where SGSN can connect to, hence supporting
GERAN and UTRAN networks.
* [configs] Remove requires systemd-networkd dep from smfd service
The smf no longer has (never had?) a dependency on systemd-networkd,
and can start and remain operational without systemd-networkd
specifically running.
* [configs] Relax upf dependency on systemd-networkd
The upf relies on systemd-networkd to create the ogstun interface, but
does not communicate with it at runtime. It currently has a "Requires"
dependency specified, which means that the upf will be stopped if
systemd-networkd is ever stopped. Since the upf doesn't actually care
if systemd-networkd is later stopped after ogstun is created, it can
use the weaker "Wants" dependency type, which allows it to keep
running even if systemd-networkd were to be stopped.
Regardless, since it does rely on systemd-networkd specifically to
create the ogstun interface, it should sequence itself "After"
systemd-networkd has been started.
Since the true dependency is ogstun, not systemd-networkd, a cleaner
approach would depend on the specific tunnel device being
available. Systemd exposes this information via device units, but I'm
not sure if they are always consistently named across platforms.
* [configs] Do not require ogstun for system online
Systemd-networkd will wait for all managed interfaces to be configured
before determining the system is online. Since the ogstun and upf are
more logically an application rather than a system networking service,
don't wait for them to be configured by default.
This breaks the circular dependency between the userspace cellular
core network services and the system's network, which will allow the
cellular core network services to sequence themselves cleanly after
the system's network is up and configured.
* [configs] Sequence network-dependent units after network-online
Since open5gs targets platforms with both ifupdown (debian) and
systemd-networkd (Ubuntu) as core networking providers, this commit
sequences network-dependent core network components after the generic
network-online.target instead of one of the specific provider
targets. This allows the core network to operate correctly with both
systemd-networkd and ifupdown (networking), and fixes the issue
observed in https://github.com/open5gs/open5gs/issues/826 where some
platforms may fail to start cleanly.
* [GTP] xact: Fix trailing whitespace
* [GTP] xact: Avoid exporting internally used functions
This simplifies the API header hiding unneeded APIs from external
components, and lets the compiler further optimize by
marking the functions as static.
* [GTP] xact: Drop unused API ogs_gtp_xact_find
After making it static, it became clear to the compiler that this
function is not used anywhere, warning about it. Let's drop it.
* [SMF] Fix potential null pointer dereference
Pointer "sess" was first dereferenced and later on checked for nullness.
This is clearly wrong. Rearrange the code path to make sure the check is
done first, then dereferenced.
* gitignore: Add subprojects/libtins
* cosmetic: Fix whitespace
The network access mode of HSS has been changed to 0 (Packet and Circuit).
Versions of MME prior to v2.4.2 did not use this value. Open5GS set
the attach result of Attach Complete message as it is by looking
at the attach type of the Attach Request message.
Now, if the network access mode of HSS is set to 2 (Only Packet),
this value is affected by MME from v2.4.3. Regardless of the attach type
of the Attach Request, the MME will set EPS Only to the attach result
of Attach Complete.
3GPP TS 24.501 version 16.6.0 Release 16
4.4 NAS security
4.4.6 Protection of initial NAS signalling messages
1) the UE needs to send non-cleartext IEs in a REGISTRATION REQUEST
or SERVICE REQUEST message, the UE includes the entire REGISTRATION
REQUEST or SERVICE REQUEST message (i.e. containing both cleartext IEs
and non-cleartext IEs) in the NAS message container IE and shall cipher
the value part of the NAS message container IE. The UE shall then send
a REGISTRATION REQUEST or SERVICE REQUEST message containing
the cleartext IEs and the NAS message container IE;
Sukchan Lee
Pau Espin
Matthew Johnson
Julian Lemmerich