There was a memory problem in the encryption using snow_3g_f8,
so AMF/MME crashed.
To solve this problem, we used the snow-3g encryption library
created as below.
https://github.com/rcatolino/libressl-snow3g
However, it seems that this library cannot be used to create
integrity hash like snow_3g_f8.
So, we decided to keep both snow-3g libraries for the time being.
1. lib/crypt/snow3g* : for INTEGRITY (NIA1, EIA1)
2. lib/crypt/openssl/snow3g* : for ENCRYPTION (NEA1, EEA1)
Scenario is handover on S1AP, data forwarding is enabled, and
the Source ENB is forwarding DL PDCP packets to EPC(SGWU)
with PDCP SN included. SGWU is also forwarding these packets
to the Target ENB.
However the PDCP SN is not present in the forwarded packets
from SGWU to Target ENB.
I modified this part, and there was the same problem in 5GC, fixed it as well.
A lot of code in GTP-U has been modified,
so if you have any problems, please let us know right away.
curl --noproxy '*' --http2-prior-knowledge -X POST --header "Content-Type: multipart/related" --data-binary @pdu http:/192.168.29.231:7777/nsmf-pdusession/v1/sm-contexts
Attaching file 'pdu'
SMF crashes as not able to decode the message properly. SmContextCreateData is not accessible.
After examining the call stack and reading the source code, I found that
in /lib/core/ogs-pool.h line 152: (pool)->array[i] = i+1;
then in lib/pfcp/context.c line 78: pdr_random_to_index[ogs_pfcp_pdr_teid_pool.array[i]] = i;
ogs_pfcp_pdr_teid_pool.array[i] may exceed the size of pdr_random_to_index, leading to a heap-buffer-overflow.
Modifications were made to resolve the following assertion..
Invalid HNET PKI Value [0] (../lib/sbi/conv.c:135)
ogs_supi_from_supi_or_suci: Expectation `supi' failed. (../lib/sbi/conv.c:262)
udm_ue_add: Assertion `udm_ue->supi' failed. (../src/udm/context.c:144)
backtrace() returned 8 addresses (../lib/core/ogs-abort.c:37)
A situation in which you establish two sessions and release both of them.
In the first SESSION, the UE normally sent PDUSessionResourceReleaseResponse
and PDU session release complete. However, these were not sent when releasing
the second SESSION.
At this point, when the UE tried to do a deregistration,
the SMF was not properly handling the exception.
I've just fixed this.
After the UE performs Registration/Attach, SQN field is created.
If we edit subscriber information when SQN value is present, WebUI crash occurs.
It is because the way to handle Long Type(SQN:Long) is different
when the mongoose version is 6 or higher.
To avoid this crash, we use the mongoose version down to 5.x first.
Whether or not to send a Setting ACK is determined by the nghttp2 library.
Therefore, when nghttp2 informs us that it want to send an SETTING frame
with ACK by nghttp2_session_want_write(), we need to call session_send()
directly to send it.
NAS, GTP, PFCP, SBI, all except S1AP/NGAP use x1000 multiplier for Kbps, Mbps, Gbps ... etc.
From now on in WebUI all units also use a multiplier of x1000.
Based on the standard document below, when the UE is in the IDLE state,
we checked the implicit timer and tried to send a message to the UE,
but it doesn't work properly.
So, first of all, I deleted the related code.
- TS 24.301 Ch 5.3.7
If ISR is not activated, the network behaviour upon expiry of
the mobile reachable timer is network dependent, but typically
the network stops sending paging messages to the UE on the
first expiry, and may take other appropriate actions
- TS 24.501 Ch 5.3.7
The network behaviour upon expiry of the mobile reachable timer is network dependent,
but typically the network stops sending paging messages to the UE on the first expiry,
and may take other appropriate actions.
Move the config to the sgsn node instead of having a specific route with
specific format "default: route", since anyway internally it's already
applied to the sgsn object.
