Harald Welte | a49e36e | 2018-01-21 19:29:33 +0100 | [diff] [blame] | 1 | module BSC_ConnectionHandler { |
| 2 | |
| 3 | import from General_Types all; |
| 4 | import from Osmocom_Types all; |
| 5 | import from GSM_Types all; |
| 6 | import from SCCPasp_Types all; |
| 7 | import from BSSAP_Types all; |
| 8 | import from BSSMAP_Emulation all; |
| 9 | import from BSSMAP_Templates all; |
| 10 | |
| 11 | import from GSUP_Types all; |
| 12 | import from GSUP_Emulation all; |
| 13 | |
| 14 | import from MNCC_Types all; |
| 15 | import from MNCC_Emulation all; |
| 16 | |
| 17 | import from MobileL3_Types all; |
| 18 | import from MobileL3_CommonIE_Types all; |
| 19 | import from MobileL3_MM_Types all; |
| 20 | import from L3_Templates all; |
| 21 | |
| 22 | /* this component represents a single subscriber connection */ |
| 23 | type component BSC_ConnHdlr extends BSSAP_ConnHdlr, MNCC_ConnHdlr, GSUP_ConnHdlr { |
| 24 | var BSC_ConnHdlrPars g_pars; |
| 25 | } |
| 26 | |
| 27 | type record BSC_ConnHdlrPars { |
| 28 | SCCP_PAR_Address sccp_addr_own, |
| 29 | SCCP_PAR_Address sccp_addr_peer, |
| 30 | BSSMAP_IE_CellIdentifier cell_id, |
| 31 | hexstring imsi, |
Harald Welte | 8260057 | 2018-01-21 20:54:08 +0100 | [diff] [blame] | 32 | hexstring msisdn, |
| 33 | BSSMAP_IE_ClassmarkInformationType2 cm2, |
| 34 | BSSMAP_IE_ClassmarkInformationType3 cm3 optional |
Harald Welte | a49e36e | 2018-01-21 19:29:33 +0100 | [diff] [blame] | 35 | }; |
| 36 | |
| 37 | |
| 38 | /* Callback function from general BSSMAP_Emulation whenever a connectionless |
| 39 | * BSSMAP message arrives. Canreturn a PDU_BSSAPthat should be sent in return */ |
| 40 | private function BscUnitdataCallback(PDU_BSSAP bssap) |
| 41 | runs on BSSMAP_Emulation_CT return template PDU_BSSAP { |
| 42 | var template PDU_BSSAP resp := omit; |
| 43 | |
| 44 | log("BSSMAP_BscUnitdataCallback"); |
| 45 | /* answer all RESET with RESET ACK */ |
| 46 | if (match(bssap, tr_BSSMAP_Reset)){ |
| 47 | log("BSSMAP_BscUnitdataCallback: Responding to RESET with RESET-ACK"); |
| 48 | resp := ts_BSSMAP_ResetAck; |
| 49 | } |
| 50 | |
| 51 | /* FIXME: Handle paging, etc. */ |
| 52 | return resp; |
| 53 | } |
| 54 | |
| 55 | const BssmapOps BSC_BssmapOps := { |
| 56 | /* Create call-back for inbound connections from MSC (hand-over) */ |
| 57 | create_cb := refers(BSSMAP_Emulation.ExpectedCreateCallback), |
| 58 | unitdata_cb := refers(BscUnitdataCallback), |
| 59 | decode_dtap := true, |
| 60 | role_ms := true |
| 61 | } |
| 62 | |
| 63 | |
| 64 | private function MnccUnitdataCallback(MNCC_PDU mncc) |
| 65 | runs on MNCC_Emulation_CT return template MNCC_PDU { |
| 66 | log("Ignoring MNCC", mncc); |
| 67 | return omit; |
| 68 | } |
| 69 | |
| 70 | const MnccOps BCC_MnccOps := { |
| 71 | create_cb := refers(MNCC_Emulation.ExpectedCreateCallback), |
| 72 | unitdata_cb := refers(MnccUnitdataCallback) |
| 73 | } |
| 74 | |
| 75 | |
| 76 | |
| 77 | template BSSAP_Conn_Req ts_BSSAP_Conn_Req(SCCP_PAR_Address peer, SCCP_PAR_Address own, PDU_BSSAP bssap) := { |
| 78 | addr_peer := peer, |
| 79 | addr_own := own, |
| 80 | bssap := bssap |
| 81 | }; |
| 82 | |
| 83 | template (value) MobileStationClassmark1_V ts_CM1(BIT1 a5_1_unavail := '0'B, BIT2 rev := '10'B) := { |
| 84 | rf_PowerCapability := '010'B, |
| 85 | a5_1 := a5_1_unavail, |
| 86 | esind := '1'B, |
| 87 | revisionLevel := rev, |
| 88 | spare1_1 := '0'B |
| 89 | } |
| 90 | |
| 91 | /* Encode 'l3' and ask BSSMAP_Emulation to create new connection with COMPL L3 INFO */ |
| 92 | function f_bssap_compl_l3(PDU_ML3_MS_NW l3) |
| 93 | runs on BSC_ConnHdlr { |
| 94 | log("Sending COMPL L3: ", l3); |
| 95 | var octetstring l3_enc := enc_PDU_ML3_MS_NW(l3); |
| 96 | BSSAP.send(ts_BSSAP_Conn_Req(g_pars.sccp_addr_peer, g_pars.sccp_addr_own, |
| 97 | valueof(ts_BSSMAP_ComplL3(g_pars.cell_id, l3_enc)))); |
Harald Welte | 71b6933 | 2018-01-21 20:43:53 +0100 | [diff] [blame] | 98 | alt { |
| 99 | [] BSSAP.receive(BSSAP_Conn_Prim:MSC_CONN_PRIM_CONF_IND) {} |
| 100 | [] BSSAP.receive(BSSAP_Conn_Prim:MSC_CONN_PRIM_DISC_IND) { |
| 101 | setverdict(fail, "DISC.ind from SCCP"); |
| 102 | self.stop; |
| 103 | } |
| 104 | } |
Harald Welte | a49e36e | 2018-01-21 19:29:33 +0100 | [diff] [blame] | 105 | } |
| 106 | |
| 107 | /* helper function to fully establish a dedicated channel */ |
| 108 | function f_establish_fully(MobileIdentityLV mi, boolean expect_auth) |
| 109 | runs on BSC_ConnHdlr { |
| 110 | var PDU_ML3_MS_NW l3_info := valueof(ts_CM_SERV_REQ('0001'B, mi)); |
| 111 | var PDU_DTAP_MT dtap_mt; |
| 112 | |
| 113 | /* Send BSSAP_Conn_Req with COMPL L3 INFO to MSC */ |
| 114 | f_bssap_compl_l3(l3_info); |
| 115 | |
| 116 | if (expect_auth) { |
| 117 | /* FIXME */ |
| 118 | } |
| 119 | BSSAP.receive(tr_PDU_DTAP_MT(tr_CM_SERV_ACC)); |
| 120 | } |
| 121 | |
| 122 | /* build a PDU_ML3_MS_NW containing a Location Update by IMSI */ |
| 123 | function f_build_lu_imsi(hexstring imsi) return PDU_ML3_MS_NW |
| 124 | { |
| 125 | var MobileIdentityLV mi := valueof(ts_MI_IMSI_LV(imsi)); |
| 126 | return f_build_lu(mi); |
| 127 | } |
| 128 | private function f_build_lu(MobileIdentityLV mi) return PDU_ML3_MS_NW |
| 129 | { |
| 130 | var LocationAreaIdentification_V old_lai := { '62F220'O, '9999'O }; |
| 131 | var PDU_ML3_MS_NW l3_info := valueof(ts_ML3_MO_LU_Req(valueof(ts_ML3_IE_LuType_Attach), |
| 132 | old_lai, mi, valueof(ts_CM1))); |
| 133 | return l3_info; |
| 134 | } |
| 135 | |
Harald Welte | cf66d5a | 2018-01-23 19:24:28 +0100 | [diff] [blame^] | 136 | type record AuthVector { |
| 137 | OCT16 rand, |
| 138 | OCT4 sres, |
| 139 | OCT8 kc |
| 140 | /* FIXME: 3G elements */ |
| 141 | } |
| 142 | |
| 143 | private function f_rnd_oct(integer len) return octetstring { |
| 144 | var integer i; |
| 145 | var octetstring res; |
| 146 | for (i := 0; i < len; i := i + 1) { |
| 147 | res[i] := int2oct(float2int(rnd()*256.0), 1); |
| 148 | } |
| 149 | return res; |
| 150 | } |
| 151 | |
| 152 | function f_gen_auth_vec_2g() return AuthVector { |
| 153 | var AuthVector vec; |
| 154 | vec.rand := f_rnd_oct(16); |
| 155 | vec.sres := f_rnd_oct(4); |
| 156 | vec.kc := f_rnd_oct(8); |
| 157 | return vec; |
| 158 | } |
| 159 | |
Harald Welte | 8a121b3 | 2018-01-22 03:00:41 +0100 | [diff] [blame] | 160 | function f_perform_lu(boolean expect_auth, boolean expect_tmsi, boolean send_early_cm) |
Harald Welte | a49e36e | 2018-01-21 19:29:33 +0100 | [diff] [blame] | 161 | runs on BSC_ConnHdlr { |
| 162 | var PDU_ML3_MS_NW l3_lu := f_build_lu_imsi(g_pars.imsi) |
| 163 | var PDU_DTAP_MT dtap_mt; |
| 164 | |
| 165 | /* tell GSUP dispatcher to send this IMSI to us */ |
| 166 | f_create_gsup_expect(hex2str(g_pars.imsi)); |
| 167 | |
| 168 | /* Send BSSAP_Conn_Req with COMPL L3 INFO to MSC */ |
| 169 | f_bssap_compl_l3(l3_lu); |
| 170 | |
Harald Welte | 8a121b3 | 2018-01-22 03:00:41 +0100 | [diff] [blame] | 171 | if (send_early_cm) { |
| 172 | BSSAP.send(ts_BSSMAP_ClassmarkUpd(g_pars.cm2, g_pars.cm3)); |
| 173 | } |
Harald Welte | 5c2622c | 2018-01-21 20:45:20 +0100 | [diff] [blame] | 174 | |
Harald Welte | a49e36e | 2018-01-21 19:29:33 +0100 | [diff] [blame] | 175 | if (expect_auth) { |
Harald Welte | cf66d5a | 2018-01-23 19:24:28 +0100 | [diff] [blame^] | 176 | var AuthVector vec := f_gen_auth_vec_2g(); |
| 177 | var GSUP_IE auth_tuple := valueof(ts_GSUP_IE_AuthTuple2G(vec.rand, vec.sres, vec.kc)); |
Harald Welte | ef9fa87 | 2018-01-22 03:00:17 +0100 | [diff] [blame] | 178 | GSUP.receive(tr_GSUP_SAI_REQ(g_pars.imsi)); |
Harald Welte | 7b1b281 | 2018-01-22 21:23:06 +0100 | [diff] [blame] | 179 | GSUP.send(ts_GSUP_SAI_RES(g_pars.imsi, auth_tuple)); |
| 180 | |
Harald Welte | cf66d5a | 2018-01-23 19:24:28 +0100 | [diff] [blame^] | 181 | BSSAP.receive(tr_PDU_DTAP_MT(tr_ML3_MT_MM_AUTH_REQ(vec.rand))); |
| 182 | BSSAP.send(ts_PDU_DTAP_MO(ts_ML3_MT_MM_AUTH_RESP_2G(vec.sres))); |
Harald Welte | a49e36e | 2018-01-21 19:29:33 +0100 | [diff] [blame] | 183 | } |
| 184 | |
| 185 | /* Expect MSC to perform LU with HLR */ |
| 186 | GSUP.receive(tr_GSUP_UL_REQ(g_pars.imsi)); |
| 187 | GSUP.send(ts_GSUP_ISD_REQ(g_pars.imsi, g_pars.msisdn)); |
| 188 | GSUP.receive(tr_GSUP_ISD_RES(g_pars.imsi)); |
| 189 | GSUP.send(ts_GSUP_UL_RES(g_pars.imsi)); |
| 190 | |
| 191 | alt { |
| 192 | [] BSSAP.receive(tr_PDU_DTAP_MT(tr_ML3_MT_LU_Acc)) -> value dtap_mt { |
| 193 | var PDU_ML3_LocationUpdateAccept lu_acc := dtap_mt.dtap.msgs.mm.locationUpdateAccept; |
| 194 | if (expect_tmsi) { |
| 195 | if (not ispresent(lu_acc.mobileIdentityTLV) or |
| 196 | not ischosen(lu_acc.mobileIdentityTLV.mobileIdentityLV.mobileIdentityV.oddEvenInd_identity.tmsi_ptmsi)) { |
| 197 | setverdict(fail, "Expected TMSI but no TMSI was allocated"); |
| 198 | self.stop; |
| 199 | } else { |
| 200 | BSSAP.send(ts_PDU_DTAP_MO(ts_ML3_MO_TmsiRealloc_Cmpl)); |
| 201 | } |
| 202 | } else { |
| 203 | if (ispresent(lu_acc.mobileIdentityTLV) and |
| 204 | ischosen(lu_acc.mobileIdentityTLV.mobileIdentityLV.mobileIdentityV.oddEvenInd_identity.tmsi_ptmsi)) { |
| 205 | setverdict(fail, "Expected no TMSI but TMSI was allocated"); |
| 206 | self.stop; |
| 207 | } |
| 208 | } |
| 209 | } |
| 210 | [] BSSAP.receive(tr_PDU_DTAP_MT(tr_ML3_MT_LU_Rej)) { |
| 211 | setverdict(fail, "Expected LU ACK, but received LU REJ"); |
| 212 | self.stop; |
| 213 | } |
| 214 | } |
| 215 | /* FIXME: there could be pending SMS or other common procedures by the MSC, let's ignore them */ |
| 216 | BSSAP.receive(tr_BSSMAP_ClearCommand); |
| 217 | BSSAP.send(ts_BSSMAP_ClearComplete); |
| 218 | BSSAP.receive(BSSAP_Conn_Prim:MSC_CONN_PRIM_DISC_IND); |
| 219 | setverdict(pass); |
| 220 | } |
| 221 | |
| 222 | function f_foo() runs on BSC_ConnHdlr{ |
| 223 | /* SCCP CC handled by BSSMAP_Emulation_CT.main() */ |
| 224 | /* Expect auth, if enabled */ |
| 225 | |
| 226 | /* TODO: ISD */ |
| 227 | /* Expect encr, if enabled */ |
| 228 | /* Expect encr, if enabled */ |
| 229 | /* Expect ASS CMD, if chan_type != requested */ |
| 230 | /* Send ASS CMPL in successful case */ |
| 231 | |
| 232 | /* Expect AoIP port/ip information for RTP stream */ |
| 233 | /* Expect MSC-originated MGCP to our simulated MGW */ |
| 234 | /* Verify Counters via CTRL */ |
| 235 | /* re-configure MSC behaviour via VTY */ |
| 236 | } |
| 237 | |
| 238 | |
| 239 | |
| 240 | |
| 241 | |
| 242 | } |
| 243 | |
| 244 | |