Compare commits

..

1393 Commits

Author SHA1 Message Date
Sukchan Lee
bef0104f49 Release v2.6.2 2023-04-04 22:06:02 +09:00
Sukchan Lee
32019df0f0 Fixed MacOSX compile error 2023-04-04 21:53:39 +09:00
Sukchan Lee
e828f98bb6 [SMF] Fixed Gy Service-Context-Id 2023-04-04 21:33:55 +09:00
Sukchan Lee
b9a3157467 [PFCP] SGWU/UPF Restoration (#2223)
TS23.007 17.4.1
19A PFCP based restart procedures

After a PFCP entity has restarted, it shall immediately update all local Recovery Time Stamps and shall clear all remote
Recovery Time Stamps. When peer PFCP entities information is available, i.e. when the PFCP Association is still alive,
the restarted PFCP entity shall send its updated Recovery Time Stamps in a Heartbeat Request message to the peer
PFCP entities before initiating any PFCP session signalling.
2023-04-04 21:22:03 +09:00
Sukchan Lee
939b311b2d [UPF] Remove Metrics in Data Plane (#2210) 2023-04-01 11:48:24 +09:00
af-gokhan
4f066f893e Update 01-genodebs.md
Tested with MTK 750 based CPE and works. 40 MHz BW test data: DL 260 Mbps / UL 115 Mbps / Latency 10ms
2023-03-28 07:30:36 +09:00
Gaber Stare
65f379640c [SMF] Release PDU session with skipInd
Follow-up on [#2048](https://github.com/open5gs/open5gs/pull/2048)

AMF crashes when 'skipInd' field is missing:
```
amf  | 03/21 07:45:04.092: [amf] FATAL: [imsi-001010000000000] No skipInd (../src/amf/namf-handler.c:392)
amf  | 03/21 07:45:04.092: [amf] FATAL: amf_namf_comm_handle_n1_n2_message_transfer: should not be reached. (../src/amf/namf-handler.c:393)
```
In case of CM_CONNECTED skipInd is not important.
In case of CM_IDLE the proper relase would contain skipInd.
2023-03-27 22:17:40 +09:00
Sukchan Lee
d469809192 [AMF/MME] PLMN access control
These mechanisms are described in the GSMA roaming guidelines.
Chapters called Access Control.

For 4g: https://www.gsma.com/newsroom/wp-content/uploads//IR.88-v21.0.pdf
For 5g: https://www.gsma.com/newsroom/wp-content/uploads//NG.113-v6.0.pdf
2023-03-25 09:59:20 +09:00
InferCom2
5f37777280 Updated open5gs-dbctl (#2185)
* updated to use with mongosh

* removing upsert option on insertOne

* Adding runtime permission
2023-03-25 06:56:34 +09:00
Sukchan Lee
28d5659aa5 Follow-up on #2178 2023-03-24 23:04:32 +09:00
Gaber Stare
6f593432a4 [AMF metrics] Initial histogram support
Version of histogram support without ogs_metrics_spec_new_ex().
Buckets are now, just like labels, passed to ogs_metrics_spec_new() as a pointer.
2023-03-24 23:03:49 +09:00
Sukchan Lee
7e1848f5de [SMF] Remove PFCP RR selection (#2186)
Missing to remove PFCP RR setting when setting is modified in #953.
2023-03-24 15:56:46 +09:00
Sukchan Lee
84e46a0ff1 [MME] Add protection code for INVALID S1AP (#2184) 2023-03-23 20:50:41 +09:00
Bostjan Meglic
df25013e54 [AMF] Do not issue SBI requests to other NF's if RAN UE already disconnected 2023-03-23 20:33:43 +09:00
Richard
3bf6941cc4 Removing debug for go live. 2023-03-19 22:26:13 +00:00
Richard
9d30dba6c5 Changed time to 13:30GMT 2023-03-19 13:21:42 +00:00
Richard
2624a86b18 Adding stale-issue workflow
Adding stale issue workflow to close and archive old issues. Dry-run first.
2023-03-19 13:19:15 +00:00
Sukchan Lee
424f382265 [AMF/MME] Support TAI Range 2023-03-19 18:31:45 +09:00
Sukchan Lee
2944fa2549 [AMF/MME] for num_of_XXX variable (uint8_t -> int) 2023-03-19 18:31:45 +09:00
Gaber Stare
e923f204aa [AMF, PCF] Don't free unallocated memory
SMF already handles the freeing in labels correctly.
In the same manner the memsets are moved to the beginning of the
problematic functions in AMF and PCF.
2023-03-18 16:39:31 +09:00
Bostjan Meglic
a73814dad2 [AMF] Fix Network Initiated Deregistration
When UDM issues a SDM Data Change Notification with request to modify
RAT restrictions, AMF would crash when it tried to send a SDM
subscription delete as part of Network Initiated Deregistration.

Function amf_ue_sbi_discover_and_send() changed from returning boolean,
to returning integer (one of OGS_OK/OGS_ERROR/...).
2023-03-18 16:35:44 +09:00
Sukchan Lee
6b17bffdfd [SBI] Modified Exception handler on error (#2169) 2023-03-15 20:41:22 +09:00
Bostjan Meglic
5f377d0126 [PCF] Fix crash when both IPv4 and IPv6 Frame Routes are set
When both IPv4 and IPv6 Frame Routes are set, IPv4 Frame Route list
was subsequently cleared.
When UE tried to deregister, PCF would crash when it tried to free the
Frame Routing list.
2023-03-15 17:59:53 +09:00
Sukchan Lee
7c87389b16 [SBI] Check POST format in Subscription (#2152)
POST requests to {apiRoot}/nnrf-nfm/v1/subscriptions/{subscriptionID} return an error
2023-03-12 23:00:14 +09:00
Sukchan Lee
dd2c85b1b0 [SBI] Conforms standard in Subscription API(#2152)
POST requests to {apiRoot}/nnrf-nfm/v1/subscriptions return
a HTTP Location header in 201 respose
in the form {apiRoot}/nnrf-nfm/v1/subscriptions/{subscriptionID}
2023-03-12 23:00:14 +09:00
Sukchan Lee
ad9e5b28cf [SBI] Added Handler for Subscription PATCH (#2152) 2023-03-12 22:06:19 +09:00
Sukchan Lee
cf0a94f369 [BSF] Removed MongoDB in BSF configuration file 2023-03-11 18:52:26 +09:00
Bostjan Meglic
359882fd49 [AMF] Fix handling Service Request
In case that handling Service Request results in an error, AMF sends a
Service Reject and sets UE's context to exception state. Without the
'break', the code would set UE's context to registered state.
2023-03-11 18:45:52 +09:00
Sukchan Lee
69c080c8f2 [NAS/GTP/PFCP] Upgrade IE to Release-17
As raised in #2147, AMF fails to decode S1 UE Network Capability.

So I reviewed all IE in NAS, GTP and PFCP and fixed it for Release-17.
2023-03-11 18:42:30 +09:00
Sukchan Lee
85f150cde1 Update document for v2.6.1 2023-03-09 00:18:30 +09:00
Sukchan Lee
30e420b7a8 Release v2.6.1 2023-03-09 00:11:11 +09:00
Sukchan Lee
66b2f6120e Release v2.6.1 2023-03-08 23:59:33 +09:00
Sukchan Lee
cb7c8a7854 Upgrade to Release-17 2023-03-06 22:45:56 +09:00
Sukchan Lee
0fd6562e48 Update document for v2.6.0 2023-03-06 22:36:39 +09:00
Sukchan Lee
8d08955783 Release v2.6.0 2023-03-06 22:29:04 +09:00
Sukchan Lee
cedec3a7b9 Added log message for troubleshooting #2117 2023-03-06 21:19:42 +09:00
Sukchan Lee
ff4eab2e51 [SMF] Fixed crash during UPF-HA process (#2115) 2023-03-06 21:04:43 +09:00
Gaber Stare
e6ba84bbef [AMF] Expose more metrics
[ETSI TS 128 552 V16.9.0](https://www.etsi.org/deliver/etsi_ts/128500_128599/128552/16.09.00_60/ts_128552v160900p.pdf)

5.2.2 Registration procedure related measurements

SNSSAI labels are not provided.

- Number of registration requests received by the AMF is
exposed for each registration type.
```
fivegs_amffunction_rm_reginitreq 1
fivegs_amffunction_rm_regmobreq 0
fivegs_amffunction_rm_regperiodreq 0
fivegs_amffunction_rm_regemergreq 0
```

- Number of successful initial registrations at the AMF is
exposed for each registration type.
```
fivegs_amffunction_rm_reginitsucc 1
fivegs_amffunction_rm_regmobsucc 0
fivegs_amffunction_rm_regperiodsucc 0
fivegs_amffunction_rm_regemergsucc 0
```

- The existing counter of failed registrations at the AMF
is exposed separately for each registration type.
```
fivegs_amffunction_rm_reginitfail
fivegs_amffunction_rm_regmobfail
fivegs_amffunction_rm_regperiodfail
fivegs_amffunction_rm_regemergfail
```

5.2.5.2 Measurements for 5G paging

Number of 5G paging procedures initiated at the AMF:
```
fivegs_amffunction_mm_paging5greq 1
```
Number of successful 5G paging procedures initiated at the AMF:
```
fivegs_amffunction_mm_paging5gsucc 1
```

5.2.11 Authentication procedure related measurements

Number of authentication requests:
```
fivegs_amffunction_amf_authreq 2
```
Number of authentication rejections:
```
fivegs_amffunction_amf_authreject 1
```
Number of failed authentications due to parameter error:
```
fivegs_amffunction_amf_authfail{cause="21"} 1
```

5.2.8 UE Configuration Update procedure related measurements

Number of UE Configuration Update commands requested by the AMF:
```
fivegs_amffunction_mm_confupdate 2
```
Number of UE Configuration Update complete messages received by the AMF:
```
fivegs_amffunction_mm_confupdatesucc 1
```
2023-03-06 20:18:35 +09:00
Sukchan Lee
e41afff7ac Added N32 Interface to implement SEPP 2023-03-05 22:55:36 +09:00
Sukchan Lee
a8790713d7 [Release-17] Upgrade PFCP to v17.7.1 2023-03-05 22:33:01 +09:00
Sukchan Lee
3b8a1386e4 [Release-17] Upgrade GTPv1/v2 to v17.4.0/v17.7.0 2023-03-05 12:37:14 +09:00
Sukchan Lee
fd9c211005 [PFCP/GTP] Fixed security bug (#2127,#2128,#2129) 2023-03-05 08:35:30 +09:00
Sukchan Lee
62b6b42e88 [Release-17] Upgrade NAS to v17.8.0 2023-03-04 23:47:40 +09:00
Sukchan Lee
c3f0c57554 Follow-up on #2100 2023-03-04 23:43:36 +09:00
Bostjan Meglic
10168f1f19 [AMF] Disallow handling service requests unless UE is already registered 2023-03-04 23:43:14 +09:00
Sukchan Lee
4d44b1843e [Release-17] Upgrade SBI to v17.x.0 2023-03-01 19:56:49 +09:00
Sukchan Lee
969c116e77 [SBI] Crash occurs when ENUM in the MAP (#2103) 2023-03-01 17:50:25 +09:00
Sukchan Lee
ce668c556c [SBI] Fixed openapitools MAP generation (#2103)
MAP was generated incorrectly because {{#items}}..{{#items}} was
missing.

Because of this, If scpInfo has scpPort, NRF crashes.
2023-02-26 10:01:08 +09:00
mitmitmitm
1d8324af9f [PFCP] Support pfcp advertise address 2023-02-24 20:53:28 +09:00
Sukchan Lee
10477ecdc9 [Release-17] Upgrade S1AP/NGAP to v17.3.9 2023-02-21 21:48:06 +09:00
Ali Shirvani
2ccd19e3f5 Update 01-quickstart.md 2023-02-21 16:56:50 +09:00
Sukchan Lee
712d4b50aa Remove MACOSX in github CI 2023-02-21 16:53:59 +09:00
mitmitmitm
22be888dae Don't left-shift by negative amount, which is UB according to C17 2023-02-20 21:00:16 +09:00
Sukchan Lee
82e9016164 [AMF/SMF] Fixed a crash (#2030, #2074, #2085) 2023-02-20 20:49:48 +09:00
Richard
2618e3da78 Removed 'bug' from auto-labels on new issue template 2023-02-20 09:32:13 +00:00
Richard
bafb29cd3a Updated bugreport.yaml
Fixed a typo/hangover from sense-checking
2023-02-18 16:13:12 +00:00
Sukchan Lee
0df402bd49 [SBI] Move HNET PKI conf inside UDM 2023-02-18 12:41:08 +09:00
Sukchan Lee
05fbaf6958 [SBI] HTTP2-TLS verification - ConfFile Changed
You should add the following configuration if you would not use TLS.

sbi:
    server:
      no_tls: true
    client:
      no_tls: true
2023-02-18 10:58:29 +09:00
Richard
3e61c5984d Fixed typos in GitHub templates and bug schemas (#2080) 2023-02-17 12:41:00 -10:00
Richard
03791d4844 updated bugreport.yaml template 2023-02-17 21:43:38 +00:00
Richard
4746eaf5a7 Issue housekeeping (#2078)
* Added GitHub issue templates and config.yaml for issue templating

* Fixed capitalisation of labels.
2023-02-18 06:08:59 +09:00
Spencer Sevilla
5f55ece521 [gtpc] silently handle OGS_GTP2_CAUSE_UE_ALREADY_RE_ATTACHED (#17)
no need to log "GTP Failed"; just handle silently or move on.
2023-02-16 11:57:00 -10:00
Sukchan Lee
b80db453e8 [GTP/PFCP] Follow-up on #2073 2023-02-17 06:55:22 +09:00
Spencer Sevilla
d30fcbb848 [pfcp] response_timeout should not call ogs_pfcp_xact_delete (#2072)
* [pfcp] response_timeout should never call ogs_pfcp_xact_delete (#50)

* also remove ogs_pfcp_xact_delete since never called

* also had to catch one more ogs_pfcp_sendto()

---------

Co-authored-by: Spencer Sevilla <spencer@MacBook-Air.local>
2023-02-17 06:50:50 +09:00
Sukchan Lee
512cc2d01b Further Follow-up on #2063 2023-02-16 22:16:20 +09:00
Sukchan Lee
1c79b36cce [DOCS] Removed missing link 2023-02-15 08:44:57 -10:00
Sukchan Lee
e20faeb1ef Follow-up on #2069 2023-02-14 23:07:23 -10:00
Bostjan Meglic
dfcd3431c3 [SBI] Fix possible crash when handling PatchItems in NFProfile PATCH req 2023-02-14 23:01:56 -10:00
Bostjan Meglic
cef5b38087 [SBI] Do not treat removed streams as errors when sending responses
This is in line with the implementation with microhttpd server
(mhd-server.c).
2023-02-14 10:12:26 -10:00
Sukchan Lee
74fdb14f7a [MME] KeNB derive from TAU(active flag=1) (#2063)
TS33.401
7 Security procedures between UE and EPS access network elements
7.2 Handling of user-related keys in E-UTRAN
7.2.7 Key handling for the TAU procedure when registered in E-UTRAN

If the "active flag" is set in the TAU request message or
the MME chooses to establish radio bearers when there is pending downlink
UP data or pending downlink signalling, radio bearers will be established
as part of the TAU procedure and a KeNB derivation is necessary.
2023-02-13 06:33:22 -10:00
Sukchan Lee
888e58a94e [AMF] Network Deregister (#2056, #2014, #2021)
Fixed a crash on explicit network-initiated deregister
with SUBSCRIPTION_WITHDRAWN
2023-02-10 23:09:39 +09:00
Bostjan Meglic
474b2d4134 [SBI,NF] Don't treat SBI connection errors as asserts 2023-02-07 22:49:11 +09:00
Sukchan Lee
8973a0bfdc [AMF] Delete UERadioCapability (#2040, #1917)
23.501 (5G NAS stage 2)
5.4.4.1:
"When the AMF receives Registration Request with the Registration type set
to Initial Registration or when it receives the first Registration Request
after E-UTRA/EPC Attach with Registration type set to Mobility Registration
Update, the AMF deletes the UE radio capability."
2023-02-07 22:29:53 +09:00
Sukchan Lee
f7a4d64f00 [AMF] Network-Initiated Deregister (#2014, #2021)
I accidentally missed one so I added it again.
2023-02-06 21:09:19 +09:00
Sukchan Lee
b88dcecc29 [TEST] Reduce paging wait time 2023-02-05 12:17:43 +09:00
Sukchan Lee
b44fa29a7d [AMF/MME] Delete UERadioCapability (#2040, #1917)
o TS24.301(4G/LTE)
  5.5.1 Attach procedure
  5.5.1.2 Attach procedure for EPS services
  5.5.1.2.4 Attach accepted by the network

If the attach request is accepted by the network,
the MME shall delete the stored UE radio capability information
or the UE radio capability ID, if any.

o TS24.501(5G)
  5.5.2 De-registration procedure
  5.5.2.1 General

When the AMF enters the state 5GMM-DEREGISTERED for 3GPP access,
the AMF shall delete the stored UE radio capability information
or the UE radio capability ID, if any.
2023-02-05 12:03:00 +09:00
Sukchan Lee
b7905725ac [SBI] HTTP/2 user-agent header (#2048)
Open5GS now checks User-AGENT only in SCP.
2023-02-05 09:50:44 +09:00
Sukchan Lee
b6aa3aba5b Follow-up on #2048 2023-02-04 22:41:11 +09:00
Flander Bojan
af07cc75ec Support for UPF HA - release/establish new PDU session 2023-02-04 22:40:33 +09:00
Sukchan Lee
bae3998c31 [SBI/NF] Follow-up on #2045 2023-02-04 21:35:12 +09:00
Bostjan Meglic
c791d97ed7 [NF] Fix double-free crash when NF is under heavy load
<nf>/init.c:<nf>_main() :
ogs_pollset_poll() receives the time of the expiration of next timer as
an argument. If this timeout is in very near future (1 millisecond),
and if there are multiple events that need to be processed by
ogs_pollset_poll(), these could take more than 1 millisecond for
processing, resulting in the timer already passed the expiration.

In case that another NF is under heavy load and responds to an SBI
request with some delay of a few seconds, it can happen that
ogs_pollset_poll() adds SBI responses to the event list for further
processing, then ogs_timer_mgr_expire() is called which will add an
additional event for timer expiration. When all events are processed
one-by-one, the SBI xact would get deleted twice in a row, resulting in
a crash.

0  __GI_abort () at ./stdlib/abort.c:107
1  0x00007f9de91693b1 in ?? () from /lib/x86_64-linux-gnu/libtalloc.so.2
2  0x00007f9de9a21745 in ogs_talloc_free (ptr=0x7f9d906c2c70, location=0x7f9de960bf41 "../lib/sbi/message.c:2423") at ../lib/core/ogs-memory.c:107
3  0x00007f9de95dbf31 in ogs_sbi_discovery_option_free (discovery_option=0x7f9d9090e670) at ../lib/sbi/message.c:2423
4  0x00007f9de95f7c47 in ogs_sbi_xact_remove (xact=0x7f9db630b630) at ../lib/sbi/context.c:1702
5  0x000055a482784846 in amf_state_operational (s=0x7f9d9488bbb0, e=0x7f9d90aecf20) at ../src/amf/amf-sm.c:604
6  0x00007f9de9a33cf0 in ogs_fsm_dispatch (fsm=0x7f9d9488bbb0, event=0x7f9d90aecf20) at ../lib/core/ogs-fsm.c:127
7  0x000055a48275b32e in amf_main (data=0x0) at ../src/amf/init.c:149
8  0x00007f9de9a249eb in thread_worker (arg=0x55a483d41d90) at ../lib/core/ogs-thread.c:67
9  0x00007f9de8fd2b43 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
10 0x00007f9de9063bb4 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:100
2023-02-04 21:25:46 +09:00
Sukchan Lee
79f73fae2a [Gx/Gy] MAX_CC_REQUESTER_NUMBER(32->64) (#2038)
Incrased MAX_CC_REQUESTER_NUMBER from 32 to 64
2023-02-04 20:53:44 +09:00
Sukchan Lee
8a92c7e219 [AMF] Network-Initiated Deregister (#2014, #2021)
Fixed a bug network-initiated implicit/explict deregistration
2023-02-04 20:43:31 +09:00
Bostjan Meglic
5f9b941d25 Remove not valid UTF-8 characters
These UTF-8 characters are causing issues with static code analysis
tools.

Error: encoding error in ./lib/crypt/zuc.c
'utf-8' codec can't decode byte 0x97 in position 3948: invalid start byte
Python3 requires input character data to be perfectly encoded;
it also requires perfectly correct system encoding settings.
Unfortunately, your data and/or system settings are not.
2023-01-31 00:22:16 +09:00
Sukchan Lee
f9ba6637c1 Update Document for Frame Routing (#2035) 2023-01-29 22:54:54 +09:00
Sukchan Lee
8a6c36daca [AMF] Network Initiated De-Register (#2014, #2021)
Resolved Network Initiated Implicit/Explicit De-Registration
2023-01-29 22:44:44 +09:00
Sukchan Lee
131ecb4a44 [CORE] Add defense code to ogs_pkbuf_copy (#2032)
Added a defense code to prevent NF crash when ogs_pkbuf_copy() size is 0.
2023-01-29 16:45:42 +09:00
Sukchan Lee
b7386284a7 [NRF] Fixed a crash during NRF discovery (#2034)
Other NF instances are obtained through NRF
or created directly through configuration files.

Other NFs created by the config file should not be passed
through NRF discovery or anything like that.

Since self-created NF Instances do not have an ID,
they are implemented to exclude them from NRF Discovery.
2023-01-29 11:22:45 +09:00
Sukchan Lee
610b998038 [AMX] Fixed a crash due to deregistration (#2021)
Fixed an issue where AMF would crash
if an implicit deregistration occurred twice.
2023-01-29 09:09:52 +09:00
Sukchan Lee
f50591a8f7 Added Service-MAP to Requester-Features (#2027)
ALWAYS Added Service-MAP to Requester-Features in Discovery Option
2023-01-29 01:35:47 +09:00
Sukchan Lee
728ca41103 [MME] Fixed crash due to Paging routine (#2017) 2023-01-27 16:42:23 +09:00
mitmitmitm
739cb599d1 [UDR] Read framed routes from DB send them in sm-data
The framed routes are stored in mongo as

 {
     "imsi" : "$IMSI",
     ...,
     "slice" :
     [{
         ...,
         "session" :
             ...,
             "ipv4_framed_routes" : ["10.45.33.0/24", "10.45.35.0/24"],
         }],
     }],
 },
2023-01-26 22:37:58 +09:00
mitmitmitm
11568bbff7 ogs_session_s.framed_routes type change to (char **)
OpenAPI_list_t wasn't optimal as it created a dependency on ogs-sbi.h.
2023-01-26 22:37:58 +09:00
Sukchan Lee
2051bcaefd Follow-up on #2013 2023-01-26 21:25:07 +09:00
Sukchan Lee
b82a898646 update it 2023-01-26 21:22:24 +09:00
jmasterfunk84
1e6b1d4f7b [MME] Implicit Network-initiated Deregistration (#2013)
* [MME] Introduce aging timers

* Creating three new timers
* mirroring work done by gstaa on the AMF
* Implicit detach procedures added
* Fix for detach from unknown UE

* no Purge Timer, no config, expanded code
2023-01-26 21:22:17 +09:00
Sukchan Lee
9e6cff7225 Merge branch 'MMENetworkDeregTimers' of https://github.com/jmasterfunk84/open5gs into jmasterfunk84-MMENetworkDeregTimers 2023-01-26 21:15:32 +09:00
Sukchan Lee
95e5d95faf [AMF] Fixed crashes from malformed 5GS-ID (#2020) 2023-01-26 20:48:55 +09:00
Sukchan Lee
85981effc7 [AMF/AMF] Not assert for ogs_asn_copy_ie() (#2018)
Does not raise an assertion even if open5gs cannot handle the ASN in
ogs_asn_copy_ie()
2023-01-25 23:16:59 +09:00
Sukchan Lee
3715b9ece3 [CORE] OGS_MAX_SDU_LEN->OGS_HUGE_LEN Stack (#2008)
Changed all OGS_MAX_SDU_LEN in the stack to OGS_HUGE_LEN.
2023-01-25 22:24:51 +09:00
jmasterfunk84
ee2eded848 Merge branch 'main' into MMENetworkDeregTimers 2023-01-24 12:47:33 -06:00
jmasterfunk84
e96b6be245 no Purge Timer, no config, expanded code 2023-01-24 12:35:47 -06:00
Sukchan Lee
596a2f1b5e [SBI] Fixed crash if no BW Unit(Xbps) (#2000) 2023-01-24 21:55:06 +09:00
Sukchan Lee
218b31d006 [CORE] Increase SDU buffer to 32k (#2008) 2023-01-24 21:43:20 +09:00
Sukchan Lee
43eb5f3d7f Fixed warning 2023-01-24 19:06:01 +09:00
Sukchan Lee
b108ae0aff [PFCP] buffer overflow in ALPINE (#1911, #2009)
A buffer overflow occurred in ALPINE
because the size of the pfcp message structure increased by

    ogs_pfcp_tlv_framed_route_t framed_route[8];
    ogs_pfcp_tlv_framed_ipv6_route_t framed_ipv6_route[8];
2023-01-24 19:03:00 +09:00
Sukchan Lee
11aac6a164 [CORE] Rollback ogs_pkbuf_copy() from (#2012)
In the previous #2012 working, I've added ogs_pkbuf_free() for original
buffer. But, this rasied double free. So, I've rollback it,
2023-01-24 00:17:10 +09:00
Sukchan Lee
c6fd4ae6b8 [LOG] remove ogs_expect_or_return()/return_val() 2023-01-24 00:01:36 +09:00
Sukchan Lee
ed5cd4d513 [MME] Fixed a crash when no UE context (#2016) 2023-01-23 18:49:12 +09:00
Sukchan Lee
54331d77ee [UPF] URR time threshold log to info (#1997) 2023-01-23 15:58:55 +09:00
Sukchan Lee
f8aedb3abe remove old document 2023-01-23 11:08:44 +09:00
Sukchan Lee
184461c411 Update document for v2.5.8 2023-01-23 11:08:30 +09:00
Sukchan Lee
689574a2d9 [AMF/MME] Fixed crash when no NG/S1 context(#2012) 2023-01-23 10:37:22 +09:00
Sukchan Lee
a8f83989f4 Follow-up on #2009 2023-01-23 09:29:00 +09:00
mitmitmitm
f6439b998c [SMF] Handle framed routes, forward them to UPF and PCF 2023-01-23 09:26:26 +09:00
mitmitmitm
990abbab2c [UPF] Handle framed routes 2023-01-23 09:26:26 +09:00
mitmitmitm
3e980e006f [PCF] Handle framed routes, forward them to BSF 2023-01-23 09:26:26 +09:00
mitmitmitm
88209f52df [BSF] Handle Ipv4FrameRouteList, save it into context 2023-01-23 09:26:26 +09:00
mitmitmitm
337a4e5159 [PFCP] Allow up to 8 framed routes for each IP type 2023-01-23 09:26:26 +09:00
Sukchan Lee
ff261681c0 [PROTO] Increase SDU buffer 8k->16k (#2008) 2023-01-21 12:58:43 +09:00
Sukchan Lee
df4c83372d [AMF] Fixed MEMORY LEAK (#1925) 2023-01-21 09:02:44 +09:00
Sukchan Lee
a712d865cd [METRICS] Re-order init/final (#1985, #2001) 2023-01-20 21:16:45 +09:00
jmasterfunk84
5c3f10aa0e [MME] Introduce aging timers
* Creating three new timers
* mirroring work done by gstaa on the AMF
* Implicit detach procedures added
* Fix for detach from unknown UE
2023-01-18 20:39:27 -06:00
Sukchan Lee
0e0085c69f [UPF] Fixed bug when 2 PDRs with same TEID (#2003) 2023-01-18 23:31:54 +09:00
Sukchan Lee
ce7b60dbb5 [AMF] Fixed RM metric RegisteredSubNbr (#2001) 2023-01-18 22:29:44 +09:00
Sukchan Lee
0fcf2bd6d1 Update document for v2.4.13 and v2.5.7 2023-01-17 17:46:21 +09:00
Sukchan Lee
b9adea2a60 Version update 2023-01-14 12:12:02 +09:00
Sukchan Lee
8e2e6491f7 Update document for 2.5.7 2023-01-14 12:11:10 +09:00
Sukchan Lee
d630cf6521 Update document for v2.4.13 2023-01-14 12:10:45 +09:00
Sukchan Lee
4933c7ee24 More follow-up on #1911 2023-01-14 10:34:21 +09:00
Sukchan Lee
01a7b3c9b8 Follow-up on #1991 2023-01-14 09:20:52 +09:00
jmasterfunk84
3fd7ecc9a2 [MME] Add Purge-UE Capability (#1991)
* [MME] Add Purge-UE Capability

* Add OGS_GTP_..._PURGE_AND_REMOVE to split CLR case
2023-01-14 09:13:48 +09:00
Sukchan Lee
5128ebc6c6 [SMF] Added User-ID, APP_DNN, S-NSSAI (#1986)
Added User-ID, APP_DNN, S-NSSAI in N4 PFCP Session Establishment Request
2023-01-13 10:28:40 +09:00
ridzafauzi
92efca1fbf changed error tagged log to info tagged log for handling 5g guti information during Configuration Update procedure 2023-01-11 23:12:20 +09:00
Sukchan Lee
c0a61fb71e [PCRF] More fixes for crashes (#1981) 2023-01-10 16:13:44 +09:00
Bostjan Meglic
ddfd7b9373 [pfcp] Fix code style 2023-01-09 21:47:30 +09:00
Sukchan Lee
7f9afa0213 [AMF] More Follow-up on #1987 2023-01-08 20:02:18 +09:00
Sukchan Lee
9f4a9790e3 [AMF] Follow-up on #1987
[AMF] Implicit Network-initiated Deregistration

    Two timers are introduced (both with duration of T3512 + 4 min):
    -MOBILE_REACHABLE
    -IMPLICIT_DEREGISTRATION
    MOBILE_REACHABLE is set when NAS connection for the UE is released.
    IMPLICIT_DEREGISTRATION is set when MOBILE_REACHABLE expires.

    On MOBILE_REACHABLE expiry Paging is ignored.
    On IMPLICIT_DEREGISTRATION expiry:
    -UE's RM_State is set to DEREGISTERED
    -UE is Nudm_SDM_Unsubscribed
    -UE is Nudm_UECM_Deregistered
    -PDU sessions are released
    -AM policies are deleted

    Existing flag amf_ue->network_initiated_de_reg is used.
2023-01-08 13:53:48 +09:00
Gaber Stare
bfd5cefe53 [AMF] Implicit Network-initiated Deregistration
Two timers are introduced (both with duration of T3512 + 4 min):
-MOBILE_REACHABLE
-IMPLICIT_DEREGISTRATION
MOBILE_REACHABLE is set when NAS connection for the UE is released.
IMPLICIT_DEREGISTRATION is set when MOBILE_REACHABLE expires.

On MOBILE_REACHABLE expiry Paging is ignored.
On IMPLICIT_DEREGISTRATION expiry:
-UE's RM_State is set to DEREGISTERED
-UE is Nudm_SDM_Unsubscribed
-UE is Nudm_UECM_Deregistered
-PDU sessions are released
-AM policies are deleted

Existing flag amf_ue->network_initiated_de_reg is used.
2023-01-08 13:48:32 +09:00
Sukchan Lee
8553c77733 [METRICS] Fixed a core dump in SMF/UPF/PCF (#1985) 2023-01-07 21:17:14 +09:00
Sukchan Lee
2ec1f484b4 [PCRF] Fixed a crash (#1981)
An assertion was fired when switching between video and audio.
2023-01-07 15:21:17 +09:00
Sukchan Lee
4510176da2 [MME] Clear UE Context for Attach Reject (#1848)
Attach Reject + PDN Connectivity Reject need to clear UE Context
2022-12-27 21:08:48 +09:00
Sukchan Lee
8373d0e331 SIDF only required in UDM, not AUSF (#1779) 2022-12-25 20:12:26 +09:00
Sukchan Lee
0d2c31fe06 Fixed SMF-METRICS bug in EPC 2022-12-25 17:33:13 +09:00
Matej Gradisar
1d93e7a7bc New AMF ID in SMF session context for 'inter-AMF change or mobility' 2022-12-25 00:11:17 +09:00
Sukchan Lee
79d46be086 Introduced Subscription identifier de-concealing
o Generate the private key as below.
   $ openssl genpkey -algorithm X25519 -out /etc/open5gs/hnet/curve25519-1.key
   $ openssl ecparam -name prime256v1 -genkey -conv_form compressed -out /etc/open5gs/hnet/secp256r1-2.key

 o The private and public keys can be viewed with the command.
   The public key is used when creating the SIM.
   $ openssl pkey -in /etc/open5gs/hnet/curve25519-1.key -text
   $ openssl ec -in /etc/open5gs/hnet/secp256r1-2.key -conv_form compressed -text

In ausf/udm.yaml

 hnet:
    o Home network public key identifier(PKI) value : 1
      Protection scheme identifier : ECIES scheme profile A
    - id: 1
      scheme: 1
      key: /etc/open5gs/hnet/curve25519-1.key

    o Home network public key identifier(PKI) value : 2
      Protection scheme identifier : ECIES scheme profile B
    - id: 2
      scheme: 2
      key: /etc/open5gs/hnet/secp256r1-2.key

    o Home network public key identifier(PKI) value : 3
      Protection scheme identifier : ECIES scheme profile A
    - id: 3
      scheme: 1
      key: /etc/open5gs/hnet/curve25519-1.key

    o Home network public key identifier(PKI) value : 4
      Protection scheme identifier : ECIES scheme profile B
    - id: 4
      scheme: 2
      key: /etc/open5gs/hnet/secp256r1-2.key

Related to #1779
2022-12-24 20:22:45 +09:00
mitmitmitm
0ebe07c83d [mongo] Use "ping" command instead of "serverStatus"
"serverStatus" on the "admin" database may fail due to insufficient privileges.
2022-12-21 23:15:34 +09:00
Bostjan Meglic
38aadb77e0 [SMF] Fix metric bearers_active
Metric 'bearers_active' was incremented in only one code path
(smf_bearer_add() for 4G only), while it was decremented from two paths
(smf_bearer_remove() for both 4G and 5G).
Increment metric also for 5G path (smf_qos_flow_add()), so it won't get
decremented into negative values.
2022-12-17 16:27:42 +09:00
Gaber Stare
b56c33479e Add NF load to NRF Heartbeat
The current load percentage of the NF Service Consumer is provided
in the payload body of the PATCH request when periodically
contacting the NRF (heart-beat).

AMF: ratio between currently connected ran_ue and maximum number of them
SMF: ratio between current PDU sessions and maximum available
PCF: ratio between current AM+SM policy associations and maximum available
     or ratio between currently connected UEs and maximum number of them
     (the load which is higher)
AUSF, UDM: ratio between currently connected UE and maximum number of them
BSF: ratio between current sessions and maximum available
NSSF: ratio between currently used NSIs and maximum number of them

NRF currently doesn't determine that the NF Profile has changed.
2022-12-14 22:53:56 +09:00
Sukchan Lee
9c64662764 Update document 2022-12-11 12:06:25 +09:00
Sukchan Lee
13fd9afbd1 Update document 2022-12-11 11:55:31 +09:00
Lester
bd080f5095 free socket fd
call ogs_sock_destroy to free sock when fail to get socket fd
2022-12-09 16:10:44 +09:00
mitmitmitm
6ad320a97c [AMF] Fix deletion of auth data from AUSF 2022-12-09 07:25:12 +09:00
Gaber Stare
3edceecf66 [SMF] Add SM metrics support
Expose SM metrics with labels according to ETSI TS 128 552 V16.13.0 in
SMF by using hash.

The metrics are named respecting the rule:
<generation>_<measurement_object_class>_<measurement_family_name>_<metric_name_as_in_TS_128_552>
Existing gauge sessions_active is renamed!

Since slice itself is not unique, the plmnid label is exposed in
addition to snssai.

Exposed metrics example:
-standard gauges:
fivegs_smffunction_sm_sessionnbr{plmnid="00101",snssai="1000009"} 0
fivegs_smffunction_sm_qos_flow_nbr{plmnid="00101",snssai="1000009",fiveqi="9"} 0

-nonstandard counters:
fivegs_smffunction_sm_n4sessionestabfail{cause="71"} 68
fivegs_smffunction_sm_n4sessionreport 1
fivegs_smffunction_sm_n4sessionreportsucc 1
fivegs_smffunction_sm_n4sessionestabreq 1
2022-12-08 20:57:11 +09:00
Gaber Stare
4c76a254ee [AMF] Add RM metrics support
Expose RM metrics with labels according to ETSI TS 128 552 V16.13.0 in
AMF by using hash.

The metrics are named respecting the rule:
<generation>_<measurement_object_class>_<measurement_family_name>_<metric_name_as_in_TS_128_552>

Since slice itself is not unique, the plmnid label is exposed in
addition to snssai.

RegInitFail is exposed as an alternative to RegInitReq and RegInitSucc
counters so cause label can be provided. It counts rejected registrations
and rejected authentications.
Rejected authentications are counted under label cause="0".

Exposed metrics example:
-standard gauge:
fivegs_amffunction_rm_registeredsubnbr{plmnid="00101",snssai="1000009"} 1

-nonstandard counter:
fivegs_amffunction_rm_reginitfail{cause="3"} 4
2022-12-08 20:57:11 +09:00
Bostjan Meglic
3e22059916 [SMF] fix crash due free-ing invalid pointer
In case that database is (manually) corrupted for a specific UE, SSC
mode and ARP preemption vulnerability fields are not set correctly,
SMF will crash when trying to build a request to create PCF association.

Function smf_npcf_smpolicycontrol_build_create() will end prematurely,
and when cleaning up resources it will try to free() up invalid pointer,
which was not set to 0 at beginning of the function.

[smf] ERROR: SSCMode is not allowed (../src/smf/nudm-handler.c:165)
[sbi] DEBUG: STATUS [201] (../lib/sbi/nghttp2-server.c:443)
[sbi] DEBUG: SENDING...: 3 (../lib/sbi/nghttp2-server.c:451)
[sbi] DEBUG: {
} (../lib/sbi/nghttp2-server.c:452)
[sbi] DEBUG: STREAM closed [1] (../lib/sbi/nghttp2-server.c:962)
[smf] ERROR: No Arp.preempt_cap (../src/smf/npcf-build.c:132)
<crash>

0  __GI_abort () at ./stdlib/abort.c:107
1  0x00007f9348fe43b1 in ?? () from /lib/x86_64-linux-gnu/libtalloc.so.2
2  0x00007f9349aef745 in ogs_talloc_free (ptr=0x7f9348e38dab <_int_free+1675>,
    location=0x5591b8675d27 "../src/smf/npcf-build.c:181") at ../lib/core/ogs-memory.c:107
3  0x00005591b8653c45 in smf_npcf_smpolicycontrol_build_create (sess=0x7f9343070010, data=0x0)
    at ../src/smf/npcf-build.c:181
4  0x00007f9349abc2b4 in ogs_sbi_xact_add (sbi_object=0x7f9343070010,
    service_type=OGS_SBI_SERVICE_TYPE_NPCF_SMPOLICYCONTROL, discovery_option=0x7f9338006d90,
    build=0x5591b86531d0 <smf_npcf_smpolicycontrol_build_create>, context=0x7f9343070010, data=0x0)
    at ../lib/sbi/context.c:1699
5  0x00005591b86580be in smf_sbi_discover_and_send (service_type=OGS_SBI_SERVICE_TYPE_NPCF_SMPOLICYCONTROL,
    discovery_option=0x0, build=0x5591b86531d0 <smf_npcf_smpolicycontrol_build_create>, sess=0x7f9343070010,
    stream=0x7f9344fce0a0, state=0, data=0x0) at ../src/smf/sbi-path.c:110
6  0x00005591b864e9da in smf_nudm_sdm_handle_get (sess=0x7f9343070010, stream=0x7f9344fce0a0,
    recvmsg=0x7f933f52d5a0) at ../src/smf/nudm-handler.c:290
7  0x00005591b8600c96 in smf_gsm_state_wait_5gc_sm_policy_association (s=0x7f9343070610, e=0x7f9338076730)
    at ../src/smf/gsm-sm.c:523
...
2022-12-07 21:21:01 +09:00
Sukchan Lee
1be6176e8d Follow-up on #1940 - Fixed compile error 2022-12-07 20:41:18 +09:00
Sukchan Lee
fbd9ada101 Follow-up on #1940 2022-12-06 22:59:06 +09:00
Gaber Stare
0c2a3b0f39 [PCF] Add metrics support
Expose metrics with labels according to ETSI TS 128 552 V16.13.0 in
PCF by using hash.

The metrics are named respecting the rule:
<generation>_<measurement_object_class>_<measurement_family_name>_<metric_name_as_in_TS_128_552>

Since slice itself is not unique, the plmnid label is exposed in
addition to snssai.

AM policy:
fivegs_pcffunction_pa_policyamassoreq and
fivegs_pcffunction_pa_policyamassosucc do not expose snssai label
since it is not available at the time of exposure.
plmnid is defined during AM policy processing, so not to lose the
difference to ...succ, the basic metric
fivegs_pcffunction_pa_policyamassoreq is preserved.

SM policy:
snssai is defined during SM policy processing, so not to lose the
difference to ...succ, the basic metric
fivegs_pcffunction_pa_policysmassoreq is preserved.

Those 2 basic metrics retain their position but are exposed with empty
labels.
Metrics with labels are called later, when the label values are known.

Exposed metrics example:
-standard counters:
fivegs_pcffunction_pa_policyamassoreq{plmnid=""} 3
fivegs_pcffunction_pa_policyamassoreq{plmnid="99970"} 3
fivegs_pcffunction_pa_policyamassosucc{plmnid="99970"} 3
fivegs_pcffunction_pa_policysmassoreq{plmnid="",snssai=""} 3
fivegs_pcffunction_pa_policysmassoreq{plmnid="99970",snssai="1000009"} 3
fivegs_pcffunction_pa_policysmassosucc{plmnid="99970",snssai="1000009"} 3

-nonstandard gauge (added for controlling purposes -
same metric as existing metric on AMF and SMF):
fivegs_pcffunction_pa_sessionnbr{plmnid="99970",snssai="1000009"} 0
2022-12-06 22:57:24 +09:00
Gaber Stare
40b4c9d1c9 [UPF] Add metrics support
Expose metrics with labels according to ETSI TS 128 552 V16.13.0 in
UPF by using hash.

The metrics are named respecting the rule:
<generation>_<measurement_object_class>_<measurement_family_name>_<metric_name_as_in_TS_128_552>

5qi is not available in UPF.
To present 5qi to the user, MN will have to maintain a table qfi->5qi
for each QoS flow (will have to get information from SMF).
So UPF has to expose qfi. qfi itself is not useful. When used, UPF will
have to expose additional label to define the session (e.g. source
interface).

Label dnn is set to value of APN/DNN received in Establishment.
Since SMF does not add APN/DNN to Establishment, the label is empty.
When APN/DNN will be set by SMF, it should be added to sess in UPF
and used in metrics on Modification and Deletion.

Both datavolumeqosleveln3upf are exposed in bytes.
MN is providing the transformation to kbits.

fivegs_upffunction_upf_qosflows should expose the number of QFIs used in
sessions, but exposes number of QER rules, which is currently equal to
QFIs.
The label snsssai is not provided since the slice is not available on UPF.

Exposed metrics example:
Standard counters:
fivegs_ep_n3_gtp_indatapktn3upf 28637
fivegs_ep_n3_gtp_outdatapktn3upf 14729
fivegs_upffunction_sm_n4sessionestabreq 4
fivegs_upffunction_sm_n4sessionestabfail{cause="66"} 1
fivegs_upffunction_sm_n4sessionestabfail{cause="71"} 68
fivegs_upffunction_sm_n4sessionestabfail{cause="68"} 4
fivegs_upffunction_sm_n4sessionestabfail{cause="72"} 15
fivegs_upffunction_sm_n4sessionestabfail{cause="75"} 3
fivegs_upffunction_sm_n4sessionestabfail{cause="65"} 4
fivegs_upffunction_sm_n4sessionreport 0
fivegs_upffunction_sm_n4sessionreportsucc 0
fivegs_ep_n3_gtp_indatavolumeqosleveln3upf{qfi="1"} 39792997
fivegs_ep_n3_gtp_outdatavolumeqosleveln3upf{qfi="1"} 737548
Nonstandard gauge (added for controlling purposes -
same metric as existing metric on AMF and SMF):
fivegs_upffunction_upf_sessionnbr 1
Standard gauge:
fivegs_upffunction_upf_qosflows{dnn=""} 1
2022-12-06 22:57:24 +09:00
Sukchan Lee
a5fd315e11 [SBI] Case-Insensitive inside MIME message (#1939) 2022-12-05 21:30:24 +09:00
Lester
0fe904d593 free replybuf after sent replay message 2022-12-05 12:05:39 +09:00
Miguel Borges de Freitas
f1aff3c233 amf: fix regression for smf selection 2022-12-04 15:12:15 +09:00
Sukchan Lee
bd30e5534b [AMF] Fixed a crash while NGReset (#1928) 2022-12-04 15:01:43 +09:00
Sukchan Lee
817007d0ae [AMF] Wrongly sending PDU Session Release (#1925) 2022-12-04 14:32:19 +09:00
Sukchan Lee
a4dc990bf1 Added more log in GTP Error (#1920) 2022-12-02 09:10:49 +09:00
Sukchan Lee
fa5b2fe075 [SBI] Remove redundant code (#1923) 2022-11-30 17:01:30 +09:00
Sukchan Lee
0861a045ef [UPF] Fixed an infinte loop when ext_len is 0 2022-11-30 16:40:57 +09:00
Sukchan Lee
b9c6906017 Fixed manual of sgwu.yaml conf 2022-11-29 23:40:53 +09:00
Sukchan Lee
f3654b7547 [AMF/MME] Added missing T3423 in conf (#1905) 2022-11-29 23:32:44 +09:00
Sukchan Lee
944adaabbf [AMF/MME] Added Timer Configuration (#1905) 2022-11-29 23:22:16 +09:00
mitmitmitm
ea09a7921a [AMF] Handle am-data/subscribedUeAmbr change notification
When such a notification arrives from UDM, notify the GNB of the new values
AMBR uplink/downlink values.
2022-11-29 23:10:49 +09:00
mitmitmitm
3b043b082a [AMF] Handle am-data/ratRestrictions change notification
When such a notification arrives from UDM, delete the corresponding SDM
subscription from the UDM and deregister the UE if it becomes RAT restricted.
2022-11-29 23:10:49 +09:00
mitmitmitm
3870216a6b [AMF] Add support for SDM subscription and authentication deletion 2022-11-29 23:10:49 +09:00
mitmitmitm
9364cd7513 [AMF] Allow unspecified (infinity) ue_ambr up/downlink limits 2022-11-29 23:10:49 +09:00
mitmitmitm
4ec5dedaf4 [AUSF] Handle UEAuthentication DELETE 2022-11-29 23:10:49 +09:00
mitmitmitm
bdc9c1373f [UDM/UDR] Handle UEAuthentication authRemovalInd 2022-11-29 23:10:49 +09:00
mitmitmitm
89c3f3e1c0 [UDM] Handle SDM unsubscribe 2022-11-29 23:10:49 +09:00
mitmitmitm
dbd0e654c8 OpenAPI: Add functions OpenAPI_list_clear and OpenAPI_list_insert_prev 2022-11-29 23:10:49 +09:00
Sukchan Lee
02054bea31 [WebUI] Install on MongoDB below v6.0 (#1910) 2022-11-27 11:07:43 +09:00
Sukchan Lee
9170617df1 [AMF/MME] forget UE Radio Capability (#1917)
forgetting the UE Radio Capabilities
when UE is sending NAS "De-Registration Request" with "type = Switch-off
2022-11-27 09:03:44 +09:00
Sukchan Lee
f85ff227c8 Continue to fix alpine stack overflow (#1911) 2022-11-27 00:11:34 +09:00
Sukchan Lee
d82f338246 Fixed alpine stack overflow (#1911) 2022-11-27 00:03:56 +09:00
Sukchan Lee
8ce18b3828 [AMF/MME] Refactor SM to prevent crash (#1912) 2022-11-26 21:38:46 +09:00
Lester
3f772823a6 get amf_ue from sess
amf_ue will be null and cause a coredump when type is OGS_SBI_OBJ_SESS_TYPE.
2022-11-26 18:27:50 +09:00
mitmitmitm
a951d683d2 OpenAPI: AnyType for ChangeItem's newValue and origValue properties 2022-11-24 17:30:38 +09:00
mitmitmitm
b85ad61e2b OpenAPI: Generate patch_item.[ch] from OpenAPI specifications 2022-11-24 17:30:38 +09:00
mitmitmitm
36734cac7c OpenAPI: Move any_type.[ch] from custom/ into sbi/openapi/model/
This makes it possible to have object values of type "any_type" in OpenAPI
specifications.
2022-11-24 17:30:38 +09:00
Sukchan Lee
b06569da28 Oops! errata 2022-11-24 13:42:51 +09:00
Sukchan Lee
8efa60d211 Removed MongoDB from WebUI install-script (#1824) 2022-11-24 13:20:39 +09:00
Sukchan Lee
cb8c87f996 Fixed MacOSX Test code 2022-11-23 21:06:15 +09:00
Sukchan Lee
cede8ff83c update document 2022-11-22 23:43:35 +09:00
Sukchan Lee
007033330a Fixed test code for MacOSX Ventura 2022-11-22 17:16:31 +09:00
Sukchan Lee
ffe7f846e1 Fixed prometheus-client-c branch next to open5gs 2022-11-21 22:09:18 +09:00
Sukchan Lee
982ac61894 Prometheus metrics set to default 2022-11-21 22:06:29 +09:00
Sukchan Lee
57f1f2c21a Fixed crash after 48 hours of running (#1893) 2022-11-18 23:28:35 +09:00
Bostjan Meglic
b084edeee1 [metrics] Fix log output for metrics
Even if the configured log level for the application was set to "error",
the first "info" message of the metrics library was output to the log.
Reorder the initialization of the metrics library.
2022-11-15 23:50:15 +09:00
Sukchan Lee
1c3876517f Update document 2022-11-15 13:43:16 +09:00
Sukchan Lee
8b83e0af10 Update document 2022-11-15 11:21:18 +09:00
Sukchan Lee
aa565b5fee Update document 2022-11-15 11:06:12 +09:00
Sukchan Lee
07f4ae3af7 Added OSS Notice 2022-11-14 23:11:57 +09:00
Sukchan Lee
10766521e5 Changed the location of Osmocom nightly build 2022-11-13 09:51:30 +09:00
Sukchan Lee
d39bafc6d6 [SBI] Introduced HTTP2-TLS based on #1865
Verfication is not implemented.
2022-11-12 10:47:18 +09:00
Sukchan Lee
0859dd4453 Follow-up on #1865 2022-11-12 09:37:43 +09:00
Flander Bojan
4ba90fbd3b Fix TLS error handling 2022-11-12 09:30:31 +09:00
Flander Bojan
141c345b75 Add TLS support 2022-11-12 09:30:31 +09:00
Sukchan Lee
517bb6ad85 Follow-up on #1886 2022-11-10 15:14:01 +09:00
lost_res
3730db615e Update 01-quickstart.md
Change S1AP bind address for external eNB.
2022-11-10 15:11:12 +09:00
Yarin Sergey
935f50bb24 Build WebUI from local source
Use local copy of source code to build WebUI,
instead of downloading the code from Github.
2022-11-08 23:02:46 +09:00
Bostjan Meglic
ba8a7ce1af [AMF] Add implicit_unsubscribe field to SDMSubscription 2022-11-08 15:57:21 +09:00
Sukchan Lee
4106207150 Rollback WebUI (#1882) 2022-11-07 22:57:33 +09:00
Yarin Sergey
4091484215 Build webui from local source
Use local copy of source code to build webui,
instead of downloading the code from Github.
2022-11-07 22:47:59 +09:00
Sukchan Lee
ddf09f270a [SMF] Fixed PTI when PDU Session Reject 2022-11-07 16:51:51 +09:00
Sukchan Lee
95459f8376 [WebUI] Change installation script (#1824) 2022-11-06 20:11:24 +09:00
Sukchan Lee
77c92eb37b Release v2.5.5 2022-11-04 20:39:19 +09:00
Sukchan Lee
0d4cd88379 Fixed the WebUI installation 2022-11-04 17:55:32 +09:00
Sukchan Lee
0a9f2e5c40 Fix the WebUI installation bug 2022-11-04 17:52:23 +09:00
Sukchan Lee
1cc6736fa8 Squashed commit of the following:
commit 5070c19a5469269d036bf243ebdb2740aefc7b8d
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Fri Nov 4 15:46:35 2022 +0900

    updte it

commit e49107f46152ff6dce5658b48cfb2c31df61724a
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Fri Nov 4 11:03:37 2022 +0900

    update it

commit a55b977e044b1d74ccc8a19f1dbf8194c3cd7daa
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Fri Nov 4 10:50:41 2022 +0900

    update it

commit 0ff0930d99bfeb91134271dae0941b4c454d1a3d
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Fri Nov 4 10:09:35 2022 +0900

    update it

commit 8cb5038b66d4a605446c6fc200b77f645f7ad328
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Fri Nov 4 09:39:08 2022 +0900

    update it

commit 0a6829dfb6470f3d9b786363d49387fdc688e33b
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Fri Nov 4 09:06:22 2022 +0900

    update it

commit ea85035300d9a42cc5f8f7ee300d28cd055f0f1c
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Nov 3 21:36:17 2022 +0900

    update it

commit e86ba621de332d3f712569cf0580fc8a5321adbd
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Nov 3 17:39:27 2022 +0900

    update it

commit 2c05df84eabeba7c277c622e5d810768b2895961
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Nov 3 16:20:47 2022 +0900

    update it

commit 43c88aed3f2001fdbc28ce0f11cc21dfcdc5906f
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Wed Nov 2 22:17:37 2022 +0900

    update it

commit b374db4e02e7dd153944f5a6fdc2a50c434dfa09
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Wed Nov 2 22:05:53 2022 +0900

    update it
2022-11-04 17:39:29 +09:00
Sukchan Lee
fa35b06963 Follow-up on #1876 2022-11-04 14:58:47 +09:00
Bostjan Meglic
00a86c5a73 [SBI] Do not send empty arrays when registering to NRF
OpenAPI dictates that certain arrays should have at least one item,
otherwise they should not be present.
This includes lists for IPv4/v6 addresses, TAI/TAC lists, ...

Add a check if there is at least 1 item, before creating an array.
Also move variable declarations to inner blocks, to prevent some
accidental usage out of wanted scope.
2022-11-04 14:58:33 +09:00
Sukchan Lee
406e3f07dc Release v2.5.4 2022-11-01 21:22:09 +09:00
EugeneBogush
5fd4fe9379 added open5gs-scp 2022-11-01 21:04:00 +09:00
Sukchan Lee
e9db0b0889 Release v2.5.3 2022-10-31 07:26:52 +09:00
EugeneBogush
2a2d5c5cfa fix for scp daemon (#1872)
* fix

* fix2

* fix
2022-10-31 07:14:53 +09:00
Sukchan Lee
9a7b75eb3b Release v2.5.2 2022-10-30 14:24:37 +09:00
Sukchan Lee
15e3c1f166 Fix to avoid port (7777) conflicts on Mac OS X 2022-10-30 13:58:28 +09:00
Sukchan Lee
cca53fb8e8 SCP had a serioud memory problem and fixed it 2022-10-30 13:35:25 +09:00
Sukchan Lee
243bf9850a [NAS] Discard message if Integrity failed (#1848) 2022-10-29 21:31:18 +09:00
Sukchan Lee
78359374ab Document update for v2.5.1 2022-10-29 12:47:04 +09:00
Sukchan Lee
3e22805941 Release v2.5.1 2022-10-29 12:41:27 +09:00
Sukchan Lee
0df2cba257 Support SMF Security Indication IE (#1851) 2022-10-29 12:26:09 +09:00
Sukchan Lee
f1c0b6d239 Fixed a bug WebUI for production build (#1824) 2022-10-28 14:44:06 +09:00
mitmitmitm
b9f6432e54 [AMF] Support REREGISTRATION_REQUIRED in dereg notify 2022-10-26 14:40:41 +09:00
Sukchan Lee
ead6f8e973 Update document for v2.5.0 2022-10-25 23:30:08 +09:00
Sukchan Lee
5ef88fcd01 Release v2.5.0 2022-10-25 22:49:28 +09:00
Sukchan Lee
67dd7d8633 Added missing files(SCP for systemd) 2022-10-25 22:35:58 +09:00
Sukchan Lee
844ec8a810 Release v2.5.0 2022-10-25 21:29:12 +09:00
Sukchan Lee
e3ba32c85d Fixed the bug of SGW-C session deletion (#1825) 2022-10-25 21:22:14 +09:00
Sukchan Lee
b151642fa1 SCP is added in Debian package 2022-10-25 21:20:09 +09:00
Sukchan Lee
e81265f015 Fixed the WebUI to Support MongoDB 6.0(#1824) 2022-10-25 21:15:44 +09:00
Sukchan Lee
ec4acd4eca remove warning in MacOSX (#1797) 2022-10-25 21:14:53 +09:00
Sukchan Lee
5ccb5f0f99 SCP(Model D) is now the default setting. 2022-10-22 11:26:04 +09:00
Sukchan Lee
7a14f2c505 Update README.md 2022-10-18 22:34:38 +09:00
Sukchan Lee
24e20f2503 Follow-up on #1827 2022-10-13 17:52:02 +09:00
jmasterfunk84
8fb85db310 [DBI] Disable Change Streams with mongo Version
Support for change stream is only available in mongoc >=1.9.0
- Disabled related functions in dbi.
Support for bson to json used in debug statement only in libbson >=1.7.0
- Simple debug message in lower versions
2022-10-13 17:33:35 +09:00
Sukchan Lee
0daef1686a Follow-up on #1827 2022-10-11 17:50:41 +09:00
Sukchan Lee
82863653eb Follow-up on #1828 2022-10-11 17:44:55 +09:00
Bostjan Meglic
395707831a [AMF] Reject registration requests when pool for UE contexts is empty
AMF does not crash anymore when a new UE registration request arrives,
and there is no available space left in UE context pool. Now it just
rejects the request with an error.
2022-10-11 17:35:50 +09:00
Bostjan Meglic
b019dce982 [AMF] Increase size of TMSI pool
Each UE context has 'current' and 'next' TMSI values. AMF first
allocates the 'next' value, before confirming it and releasing the
'previous'. This means that we potentially need pool size of 2x the
amount of maximum configured UE.

Without this change, AMF would crash in case that there are 'x'
configured maximum amount of UE, and there are already 'x' registered
UE.

[gmm] INFO: Registration request (../src/amf/gmm-sm.c:135)
[gmm] INFO: [suci-0-001-01-1234-0-1-1000000000]    SUCI (../src/amf/gmm-handler.c:149)
[gmm] DEBUG:     OLD TSC[UE:0,AMF:0] KSI[UE:7,AMF:0] (../src/amf/gmm-handler.c:179)
[gmm] DEBUG:     NEW TSC[UE:0,AMF:0] KSI[UE:7,AMF:0] (../src/amf/gmm-handler.c:186)
[amf] FATAL: amf_m_tmsi_alloc: Assertion `m_tmsi' failed. (../src/amf/context.c:2160)
[core] FATAL: backtrace() returned 13 addresses (../lib/core/ogs-abort.c:37)
2022-10-11 17:35:38 +09:00
Sukchan Lee
704fe72d11 Updated SBI module
- Introduced NF_INSTANCE_ID/NF_INSTANCE_TYPE
- Skip SCP in configuration validation
2022-10-08 11:48:12 +09:00
Sukchan Lee
3955e9ba8d Revert the previous commit on #1797 2022-10-07 14:06:30 +09:00
Sukchan Lee
d1ed8aa61d [SMF] Update PFCP report error situation (#1819) 2022-10-07 10:41:53 +09:00
Bostjan Meglic
a99a76d916 [AMF,UDM] Add support to subscribe to SDM changes
AMF subscribes to UDM for each registered UE.

At the moment, UDM does not send callback to AMF when any of the UE's
properties in the database changes.
At the moment, AMF does properly parse the ModificationNotification, but
does not do anything useful.
2022-10-06 21:20:10 +09:00
safaorhann
e9aaceee98 fix dropped_dl_traffic_threshold ie. 2022-10-06 10:40:08 +09:00
Sukchan Lee
dc6ca962bb Follow-up on #1797 2022-10-06 10:10:31 +09:00
Spencer Sevilla
be2af54682 ogs_info swaps CP and UP SEIDs 2022-10-05 17:41:42 +09:00
Sukchan Lee
6d27fbb8cc Follow-up on #1797 2022-10-05 14:50:52 +09:00
jmasterfunk84
15680003b5 [MME] Cancel Location while Idle (#1797)
* Cancel Location while Idle Fix

* Forgot about SGSAP on MME Change.

Added "action" to sgsap_send_detach..

* Make handle_clr uniform with other handlers

* Added Robustness for Any Detach Type

* Memory wasn't freed upon CLR for unknown IMSIs

* Moving MME Detach to new PR
2022-10-05 11:06:01 +09:00
Sukchan Lee
7c8722d9d4 [SBI] Client Request timeout
TS29.500
Ch 6.11 Detection and handling of late arriving requests

In Open5GS, this part was hard-corded.

HTTP2 Client sends a request and waits for 10 seconds.
If no response is received from the HTTP2 Server,
HTTP2 Client performs the exception handling.

In this commit, HTTP2 client sends Header with setting Max-Rsp-Time to 10 seconds.
However, HTTP2 server has not yet been implemented to process this value.
The server is still processing using hard-corded values (10 seconds).
2022-10-03 11:43:34 +09:00
Sukchan Lee
c537166d37 Follow-on up #1794 2022-10-02 19:41:52 +09:00
jmasterfunk84
1f2a8678ed [MME] Support for Insert Subscriber Data (#1794)
* [MME] Support for Insert Subscriber Data

* Supported AVPs in IDR will overwrite existing subscription information
* Provide error on partial APN updates
* IDR and ULA use same function to process AVPs
* Move subdatamask values into s6a, so both HSS and MME can use them
* Updates are not actioned at this time.  A Re-attach is required for
  most changes to take effect

* Memory issue on IDR exceptions

* Remove of handling MSIDSN change until DSR is used
2022-10-02 19:36:24 +09:00
Sukchan Lee
35ae3317b7 Added Release Notes for v2.4.11 2022-10-01 14:18:09 +09:00
Sukchan Lee
eace5007b2 Release v2.4.11 2022-10-01 13:54:42 +09:00
Sukchan Lee
71a1516b03 [Security] Fixed a crash for port scanning (#1767) 2022-10-01 13:28:41 +09:00
Sukchan Lee
1acb7f72b4 [UPF] test code for unspecified address (#1776) 2022-10-01 13:23:15 +09:00
Sukchan Lee
773c7df3e6 [5GC] Fixed session deletion in a BSF (#1725) 2022-10-01 13:11:13 +09:00
Bostjan Meglic
f71022ad4a [AMF] Fix for switching state when sending Deregistration Request fails
Provide pointer to state machine, instead of pointer to timer structure.
Bug was noticed when switching compiler optimization to -O2.
2022-10-01 13:08:38 +09:00
Sukchan Lee
4b26dd2a5c Follow-on up #1793 2022-10-01 13:07:54 +09:00
Dibas Das
f72a1edc6e Fix UL and DL URR Usage Report 2022-10-01 13:07:04 +09:00
Sukchan Lee
1d153d8b78 Commercial Term by NeoPlane - https://neoplane.io/ 2022-09-26 14:53:38 +09:00
Sukchan Lee
0c6258d108 Merge branch 'main' of https://github.com/open5gs/open5gs into main 2022-09-26 14:29:52 +09:00
Sukchan Lee
8b10dc1edc Changes new GA4 in Google Analytics 2022-09-26 14:29:19 +09:00
Sukchan Lee
7d5fbc6e06 [MME] Added protection code if no PDN-Type (#1756) 2022-09-25 22:41:11 +09:00
Sukchan Lee
e08b8f04e8 [DOC] iptable setting for security (#1768) 2022-09-25 21:12:32 +09:00
Sukchan Lee
87bc82b245 Follow-on up #1754 2022-09-25 19:23:09 +09:00
Bostjan Meglic
2d4fbf92eb [config,metrics] Move metrics configuration section under respective NF section
Without this change, using metrics with core setup configurations
(configs/vonr.yaml for example) would not be possible. Having one
metrics section for whole config file causes every NF to start metrics
server on same port causing an abort.
2022-09-25 19:17:49 +09:00
Sukchan Lee
721f5e212c [GTP] Changes the print message (#1772) 2022-09-25 19:16:32 +09:00
Spencer Sevilla
e704ac108e add addr/port to pfcp assoc/de-assoc logs (#40)
pfcp association log adds addr/port
2022-09-25 18:58:53 +09:00
Sukchan Lee
fdc84406e0 [SGWC] Fixed a crash (#1765)
Session context could be deleted before a response message is not
received from SMF
2022-09-25 18:55:04 +09:00
Sukchan Lee
31fcedc12e Follow-up on #1770 2022-09-25 16:42:46 +09:00
Spencer Sevilla
0759c2da5a [core] fix timer overflow on 32bit systems (#16)
must cast ts.tv_sec to 64bits before we multiply it to prevent 32bit math and overflow
2022-09-25 16:41:50 +09:00
Sukchan Lee
724fa56843 Fixed HTTP2 crashes for random JSON data (#1769) 2022-09-25 15:06:37 +09:00
Sukchan Lee
c2f6a020a7 [TLV] Added more debug information (#1767) 2022-09-25 09:17:23 +09:00
Sukchan Lee
3ad74923c1 Update document 2022-09-24 21:58:18 +09:00
Sukchan Lee
a0d643e17f Follow-up on #1758 2022-09-23 21:25:58 +09:00
jmasterfunk84
7f5476b111 [HSS] Enable Change Streams (#1758)
* [HSS] Enable Change Streams
* Enable Events and Timers in HSS
* Integrate change streams in dbi
* mongodb should be configured with replica sets enabled to use feature
* Change streams are optional in HSS
* Timer will poll change stream for changes in the database
* As changes are detected, event is created to perform the correct
  action

* Changes made as suggested
2022-09-23 21:24:50 +09:00
Sukchan Lee
2b8db5d488 Follow-up on #1757 2022-09-23 20:42:04 +09:00
Gaber Stare
d3d4e5ce60 [AMF] Add amfInfoList to NFProfile
The actual configured GUAMIs and TAIs are used to form NF profile.
Comparing to SMF the "info" section is not introduced into amf.yaml!
Each amf_id (region, set) produces a separate Info in the InfoList.
Guami list consists of all GUAMIs of particular Info.
taiList consists of all TAIs for all PLMNs of particular Info.

Examle:

amf.yaml:
    guami:
      - plmn_id:
          mcc: 999
          mnc: 70
        amf_id:
          region: 2
          set: 2
          pointer: 4
      - plmn_id:
          mcc: 001
          mnc: 01
        amf_id:
          region: 2
          set: 1
      - plmn_id:
          mcc: 001
          mnc: 02
        amf_id:
          region: 2
          set: 2
    tai:
      - plmn_id:
          mcc: 001
          mnc: 01
        tac: [1, 2, 3]
    tai:
      - plmn_id:
          mcc: 002
          mnc: 02
        tac: 4
      - plmn_id:
          mcc: 001
          mnc: 02
        tac: 10
    tai:
      - plmn_id:
          mcc: 004
          mnc: 04
        tac: [6, 7]
      - plmn_id:
          mcc: 005
          mnc: 05
        tac: 8
      - plmn_id:
          mcc: 999
          mnc: 70
        tac: [9, 10]

"amfInfoList":  {
        "1":    {
                "amfSetId":     "002",
                "amfRegionId":  "02",
                "guamiList":    [{
                                "plmnId":       {
                                        "mcc":  "999",
                                        "mnc":  "70"
                                },
                                "amfId":        "020084"
                        }, {
                                "plmnId":       {
                                        "mcc":  "001",
                                        "mnc":  "02"
                                },
                                "amfId":        "020080"
                        }],
                "taiList":      [{
                                "plmnId":       {
                                        "mcc":  "001",
                                        "mnc":  "02"
                                },
                                "tac":  "00000a"
                        }, {
                                "plmnId":       {
                                        "mcc":  "999",
                                        "mnc":  "70"
                                },
                                "tac":  "000009"
                        }, {
                                "plmnId":       {
                                        "mcc":  "999",
                                        "mnc":  "70"
                                },
                                "tac":  "00000a"
                        }]
        },
        "2":    {
                "amfSetId":     "001",
                "amfRegionId":  "02",
                "guamiList":    [{
                                "plmnId":       {
                                        "mcc":  "001",
                                        "mnc":  "01"
                                },
                                "amfId":        "020040"
                        }],
                "taiList":      [{
                                "plmnId":       {
                                        "mcc":  "001",
                                        "mnc":  "01"
                                },
                                "tac":  "000001"
                        }, {
                                "plmnId":       {
                                        "mcc":  "001",
                                        "mnc":  "01"
                                },
                                "tac":  "000002"
                        }, {
                                "plmnId":       {
                                        "mcc":  "001",
                                        "mnc":  "01"
                                },
                                "tac":  "000003"
                        }]
        }
}
2022-09-23 20:37:47 +09:00
Sukchan Lee
ce7d631064 [GTP/PFCP] TLV length more acceptable (#1780)
Acceptable even if the TLV length is smaller than expected
2022-09-23 13:13:34 +09:00
Sukchan Lee
65d959a032 Updated favicon.ico in Document 2022-09-22 23:16:51 +09:00
Sukchan Lee
2762d6fd2d Sponsors logo updated to be dark-mode friendly 2022-09-20 11:15:19 +09:00
Sukchan Lee
d63360a22d [DOC] Fixed alphabet order 2022-09-16 10:19:27 +09:00
neg2led
608df3b5a8 Add tested Ericsson gNodeBs and eNodeBs 2022-09-16 10:12:44 +09:00
Sukchan Lee
8228e446ae Added commercial 5G 2022-09-16 09:09:59 +09:00
Bostjan Meglic
0f5d968149 [SMF] Wait for both N1&N2 release signals before releasing session
When UE would send a request to release PDU session, AMF would
eventually send "PDU Session Resource Release Command" downlink to both
UE (N1) and gNB (N2). Each UE and gNB would then reply with "PDU Session
Resource Release Response" indicating they released their own resources.

Usually the first one to respond would be gNB. SMF made an assumption
that this would always be the case. And it would wait for signal that UE
resources were freed, before releasing session resources. But
occasionally the situation is that UE responds first, and SMF releases
resources prematurely.

This situation does not normally occur. But under high stress (100's of
UE PDU releases at the same time) this happens occasionally.
According to the standard, this situation is perfectly normal.

3GPP TS 23.502 Rel. 16
4.3.4.2 UE or network requested PDU Session Release for Non-Roaming and
Roaming with Local Breakout
...
Steps 8-10 may happen before steps 6-7.
...
2022-09-13 21:39:21 +09:00
Sukchan Lee
5520cb65a5 Follow-up on #1744 2022-09-13 17:03:18 +09:00
jmasterfunk84
775520d7a8 Introduce Cancel Location and Insert Subscriber Data features to HSS. (#1744)
* Introduce Cancel Location and Insert Subscriber Data features to HSS.
* HSS database will keep track of last known MME and Update Time
* Purged UE flag is established in HSS for future PUR handling
* HSS Thread will connect to database and watch change stream
  mongoDB must be configured with a Replica Set to use this
* HSS will send IDR if subscription data changes
* HSS will send CLR to old MME if MME host or realm changes
* Function created to allow ULA and IDR to generate Subscription-Data AVP
* MME Hostname and Realm shown in WebUI

* Resolve freeDiameter errors

During a ULR, if database does not contain a last known MME, a CLR is being sent to a Null destination.  This will ensure that a destination is available in the database before sending the CLR.

* Removed change streams.  Added PUR handling.

* newline needed at end of file.

* Removed temp variable.

* * Change WebUI to 2x2 display
* Including UE Purged indicator
* Using pointers in ogs_subscription_data_t
* better memory mangement with pointers
* Tweak to Destination used by hss_s6a_send_idr to use last known MME

* Check for null mme_host and mme_realms

Do this before trying to compare the strings.
2022-09-13 16:48:20 +09:00
Sukchan Lee
53d75e74cb Added Release Notes for v2.4.10 2022-09-09 10:32:40 +09:00
Sukchan Lee
a0b7865a43 Release v2.4.10 2022-09-09 09:40:50 +09:00
Sukchan Lee
1f165c1c33 Follow-up on #1747 2022-09-08 23:17:04 +09:00
Bostjan Meglic
31a3788021 [AMF] Handle APN/DNN names as case-insensitive
In case that APN name sent from UE does not case-match with the one
configured in the database, AMF would reject the registration with the
message:

[gmm] WARNING: [imsi-xxx] DNN Not Supported OR Not Subscribed in the
Slice (../src/amf/gmm-handler.c:1051)
2022-09-08 23:13:47 +09:00
Sukchan Lee
f54bccacf5 Support service-based NF subscription 2022-09-08 22:12:01 +09:00
Bostjan Meglic
87cd34d300 Minor typo fix 2022-09-07 18:01:21 +09:00
jmasterfunk84
eb55e4ee3a Also format for pcc_rule. UE and SMF look okay as medium_data as first section. 2022-09-07 17:58:32 +09:00
jmasterfunk84
36254e5df4 When using longer APN name, it is obscured due to short field. 2022-09-07 17:58:32 +09:00
Bostjan Meglic
51669d73a0 [AMF] Accept Deregistration Notification from UDM only for registered UE (#1737)
Add additional check when receiving Deregistration Notification from
UDM. UE should already be in registered state before accepting the
request and deregistering the UE.

Also add additional check that PCF association policy exists before
sending a delete request to PCF.
2022-09-06 19:47:42 +09:00
EugeneBogush
e55d4d8300 removing extra lines
I did not find the purpose of their use
2022-09-05 23:35:18 +09:00
Sukchan Lee
c716a1294a [CORE] Check if timer is double free in SBI module 2022-09-03 15:59:39 +09:00
Sukchan Lee
acc36a344f [PCF] Check NF service configuration
* npcf-smpolicycontrol - enabled or disabled
* npcf-policyauthorization - enabled or disabled

Only one of npcf-smpolicycontrol and npcf-policyauthorization cannot be enabled. (../src/pcf/sbi-path.c:151)

They can be enabled or disabled together.
2022-09-03 13:07:00 +09:00
Bostjan Meglic
9c84570a48 [SBI] Send NF discovery query with service-names delimited with comma
OpenAPI specification for sending NF discovery query with
"service-names" parameter is defined as folowing:

- name: service-names
  ...
  style: form
  explode: false

According to OpenAPI specification, this means array items
should be delimited with a comma character (example: /users?id=3,4,5).
2022-09-03 10:43:59 +09:00
Sukchan Lee
d87d61e851 Follow-up on #1729 2022-09-03 09:20:48 +09:00
mitmitmitm
af1f8d4f4a [SMF] Handle upCnxState=ACTIVATING by replying with 200 instead of 204
According to TS 29.502 5.2.2.3.2.2., we should reply with a 200 response
including the upCnxState attribute.
2022-09-03 09:08:27 +09:00
Sukchan Lee
c28faf00ea Added simple test program
./tests/registration/registration simple-test
./tests/vonr/vonr simple-test
./tests/attach/attach simple-test
./tests/volte/volte simple-test
2022-09-03 07:28:48 +09:00
Sukchan Lee
fcb15b69f7 [MME] Fixed buffer overflow (#1728) 2022-09-02 23:39:59 +09:00
Sukchan Lee
1d17e68c56 [ALL] Removing trailing whitespace and tab 2022-09-02 23:38:39 +09:00
Sukchan Lee
5295c108ad Added Service-based NF discovery
== Known limitation ==
Placing npcf-smpolicycontrol and pcf-policyauthorization
in different NFs is not supported. Both npcf-smpolicycontrol
and pcf-policyauthorization should be placed in the same NF.
2022-09-02 23:04:57 +09:00
Alexander Couzens
b175394839 [SMF] fixup send 3GPP-Charging-Characteristics on Gx if received on S5/8c
- Gy instead of Gx AVP was used.
- Use correct avp position and avp variables.

Fixes: 657eef9169 ("[SMF] send 3GPP-Charging-Characteristics on Gx if received on S5/8c")
2022-08-31 06:38:08 +09:00
Sukchan Lee
c7830a78e6 [Conf] Changed MTU size from 1500 to 1400 2022-08-28 23:10:36 +09:00
Sukchan Lee
eab29fad9a Follow up on #1715
* Changed <TAB> to <SPACE>*4

* Changed snprintf to ogs_snprintf
2022-08-27 18:43:34 +09:00
Alexander Couzens
657eef9169 [SMF] send 3GPP-Charging-Characteristics on Gx if received on S5/8c
The 3GPP-Charging-Characteristics is an operator specific AVP
(optional). The 3GPP-Charging-Characteristics can be filled by the HSS
and forwarded by the MME towards the SMF.
2022-08-27 18:36:54 +09:00
Alexander Couzens
41e4460769 diameter: Gx: add AVP 3GPP-Charging-Characteristics
The 3GPP-Charging-Characteristics is an operator specific AVP
(optional). The 3GPP-Charging-Characteristics can be filled by the HSS
and pass through to the Gx interface.

See ETSI 29.212 5.4.0.1 for further details.
2022-08-27 18:36:54 +09:00
Sukchan Lee
9f98d421a0 [SBI] Added config for service-names discovery 2022-08-27 10:49:07 +09:00
Sukchan Lee
f020732ce9 [SBI] Support service-names in discovery option 2022-08-27 00:12:22 +09:00
Bostjan Meglic
e79e35dd74 [metrics] Fix double-free on application exit (#1717) 2022-08-26 18:15:32 +09:00
Sukchan Lee
9b10d70c77 [NRF] Fixed library load error 2022-08-26 10:57:11 +09:00
Sukchan Lee
83a20b82c7 Follow up on #1714
* Changed sprintf to ogs_snprintf

* Limited to 80 column
2022-08-25 16:35:27 +09:00
jmasterfunk84
49349cdb75 [MME] Dictionary Updates and IDR Support (#1714)
* Add Diameter Dictionary Elements

* Initial IDR Framework

* Resolve Compile Issues

* Moving Closer

* Compile error

* Somewhat Working stuffing Code

* Add Timestamp Changes

* Cleanup some of this code.  mme_s6a_handle_idr in s6a-handler.c removed for now, since it will only come in handy when IDR flag is set to request current location, which would involve breaking out into paging.  I think there's a few other things we can do just within fd-path first.

* further removal of mme_s6a_handle_idr
2022-08-25 15:43:21 +09:00
Bostjan Meglic
def99aff7f [SMF] Fix abort on app exit when no Diameter configuration
In case that SMF was configured to run without Diameter, it would crash
on application exit due to uninitialized variables/pointers.

ERROR  pid:unnamed in fd_sess_handler_destroy@sessions.c:324: ERROR: Invalid parameter '(handler && ( ((*handler) != ((void *)0)) && ( ((struct session_handler *)(*handler))->eyec == 0x53554AD1) ))', 22
[smf] FATAL: smf_gx_final: Assertion `ret == 0' failed. (../src/smf/gx-path.c:1353)
2022-08-24 01:39:24 +09:00
Sukchan Lee
242b138597 [MME] UE-initiated detach removes S1 only (#1698) 2022-08-20 01:08:20 +09:00
Sukchan Lee
9bb9a4cae9 [MME] Detach removed MME-UE context (#1698) 2022-08-20 00:17:55 +09:00
Sukchan Lee
321c8d4cf9 [SGsAP] Changed message if Paging failed (#1701)
The problem occurred in the following scenario:

1. VLR sent PAGING-REQUEST to the MME
2. MME sent S1-Paging to the UE
3. Paging failed
4. MME responded SERVICE-REQUEST to the VLR
5. VLR sent DOWNLINK-UNITDATA to the MME
6. Even though there is no S1 Context,
   MME try to sent DownlinkNASTransport message to the UE.
7. So, the problem occurred.

I've changed the number 4 PAGING-REJECT instead of SERVICE-REQUEST.
2022-08-19 18:58:55 +09:00
Sukchan Lee
909f407c20 [MME] Fixed GTP transaction crash (#1696) 2022-08-19 17:23:10 +09:00
Sukchan Lee
a9694d6474 [MME] Follow-up Cancel Location Handling (#1698) 2022-08-19 16:52:39 +09:00
jmasterfunk84
c98333bbfe [MME] Cancel Location Handling (#1698)
* CLR while idle is broken after 7031856cd7

Cancel Location Request arriving while UE is idle will not proceed to paging due to this check for S1 connection.  Using new flag "isAnswer" to bypass this check to allow paging to occur when we are not doing a AIA/ULA related procedure.

* No Context Setup is required when sending the detach request.  If the paging was due to wanting to send a Detach Request to the UE, then we fast track to sending the detach request.

* emm-sm.c:
In the case of MME initiated detach while UE is idle, there is no initial conext setup.  We go right from the service request after paging into sending the detach request.  TS23.401

mme-path.c:
Using nas_eps.type in the case of MME Initiated Detach while UE is idle does not work.  nas_eps.type would represent the service request.

mme-s11-handler.c:
After S11 action, no action should be taken.  We want to wait for the detach accept from the UE before proceeding with the S1 release (detach).

* InitialContextSetup should occur for detach.
2022-08-19 16:44:06 +09:00
Sukchan Lee
444e182288 [PFCP] security vulnerability continued in d99491a 2022-08-16 20:32:42 +09:00
Sukchan Lee
dbf6971dcf [DOCS] Updated if subscribers changed [#1694] 2022-08-14 15:36:41 +09:00
Sukchan Lee
c835556623 Fixed Defects reported by Coverity Scan 2022-08-13 23:49:55 +09:00
Sukchan Lee
dbb52592d8 Removed duplicated document link 2022-08-13 17:45:39 +09:00
Sukchan Lee
291b63f41a Update docs @s5uishida 2022-08-13 10:17:38 +09:00
Sukchan Lee
f78f042d75 Update docs @nickvsnetworking and @@s5uishida 2022-08-13 09:44:23 +09:00
herlesupreeth
7162684486 [SMF]: Update stored PCO IE requested over Gn in SMF context
As per 3GPP TS 29.060 version 15.3.0, section 7.3.3, 7.3.4, 7.3.5 and 7.3.6

Only if PCO IE is included in Update/Delete PDP Context Request then it
must be present in Update/Delete PDP Context Response.

In order to reflect on whether the request contained PCO IE or not
the SMF context containing the GTP request needs to be updated
i.e. update if present else clear the contents
2022-08-13 09:30:28 +09:00
herlesupreeth
16ea972937 [SMF]: Update stored PCO IE requested in GTPv2 over S5c in SMF context
As per 3GPP TS 29.274 version 10.5.0, section 7.2.9 and 7.2.10,
Only if PCO IE is included in Delete Session Request then it
must be present in Delete Session Response.

In order to reflect on whether the request contained PCO IE or not
the SMF context containing the GTP request needs to be updated
i.e. update if present else clear the contents
2022-08-13 09:30:28 +09:00
Sukchan Lee
603a746f49 Lower Linux version cannot change HTTP2 max stream
CURLMOPT_MAX_CONCURRENT_STREAMS can be supported as of curl 7.67.0
2022-08-12 17:11:23 +09:00
Sukchan Lee
d99491aca5 [PFCP] Fixed security protection
Check the length to prevent buffer overflow attacks.
2022-08-12 15:38:40 +09:00
Sukchan Lee
e6a14cb73d Move src/../nf-sm.[ch] to lib/sbi/nf-sm.[ch] 2022-08-12 14:03:53 +09:00
Sukchan Lee
ec9fe7b31d [SBI] CLIENT max concurrent streams to 16384 2022-08-10 12:31:50 +09:00
Sukchan Lee
db37bc8944 [SBI] Increased the max stream number 2022-08-10 11:03:10 +09:00
Sukchan Lee
4cb657c804 [MME] Changed CauseNas_detach in DETACH (#1676) 2022-08-06 14:00:54 +09:00
Sukchan Lee
da20b2d035 [GTP] gtp_peer override the pool size of GTP node 2022-08-06 13:54:05 +09:00
Sukchan Lee
700c71ef4c Changed configuration name from gnb to peer
And restored gtp_peer configuration
2022-08-05 16:56:36 +09:00
Sukchan Lee
f772bf3a62 [PFCP] Revert Changes 5e18b2b and d21e9aa
To protect malicious or buggy, we need to check that session context is NULL.
2022-08-04 09:55:17 +09:00
Sukchan Lee
cca3027e90 [NRF] Fixed the nfInstanceUri (#1683) 2022-08-03 17:32:15 +09:00
Sukchan Lee
e88c43e8df [Diameter] Fixed Coding convention (#1680) 2022-08-03 14:34:21 +09:00
jmasterfunk84
415e5276ba [MME+HSS] AVP Occurring Too Many Times
Do not Set Origin-Hosts with fd_msg_rescode_set before potential use of ogs_diam_message_experimental_rescode_set.  This results in multiple Origin-Host/Realm AVPs.
2022-08-03 14:32:57 +09:00
Sukchan Lee
d21e9aa5e0 [PFCP] Revert Changes 5e18b2b 2022-08-03 14:13:35 +09:00
Sukchan Lee
7231dafbf1 [SBI] Fixed nf_instance memory leak
- Rollback commit ed3444eef5
- Do not modify reference count when REGISTER/DEREGISTER notified from NRF
2022-08-02 09:44:13 +09:00
Sukchan Lee
7031856cd7 [MME] Changed S1AP_Cause in S1AP Release (#1676)
S1AP_CauseNas_detach -> S1AP_CauseNas_normal_release
2022-07-31 12:38:11 +09:00
Sukchan Lee
5524dc5e29 Refact paging module (#1676) 2022-07-30 14:44:34 +09:00
jmasterfunk84
47cbaca149 [MME] Introduce support for S6a Cancel Location Request
- Added diameter dictionary definitions for Cancel Location
- Cancel Location will completely remove UE from MME, allow for a fresh IMSI attach to occur on next attempt.
- T3422 is used for detach request.
- Added new handling for s6a events in mme-sm, as not all s6a messages are at attach now.  Maybe there's something in a state machine I should've been using here instead of a new flag?

- Testing was completed with UE in idle and connected.  With CLR flags indicating re-attach required and without.  Also sending CLR after UE detach.  And then sending again when mme_ue is empty.
2022-07-30 14:37:43 +09:00
Sukchan Lee
ff5023e95b Release v2.4.9 2022-07-25 21:50:06 +09:00
Sukchan Lee
9b762158a6 Refine code of discovery option param (#1671) 2022-07-24 19:47:04 +09:00
Sukchan Lee
4e8492e878 Oops! Warning removed! 2022-07-24 15:15:06 +09:00
Sukchan Lee
a5010a61ef Support Discovery Optional Parameter (#1671)
To support target-nf-instance-id in the discovery,
Discovery optional parameter is implemeted
2022-07-24 15:10:09 +09:00
jmasterfunk84
eb03704015 Moving handling of assigning sub level cc into the pdn to s11. 2022-07-24 12:29:01 +09:00
jmasterfunk84
68140efce4 [MME] Handle Charging Characteristics
Found no support for HSS provided charging characteristics.  Following TS32.251 A.4:
- Use PDN level CC, if one wasn't provided then use subscription level CC
- Don't send CC in S11 if it wasn't included
2022-07-24 12:29:01 +09:00
jmasterfunk84
d2ef555ce4 Set default Network-Access-Mode to 0
For HSS's which do not include the NAM, the MME should not treat this as a fatal error.  MME should just assume PACKET_AND_CIRCUIT (0), as was decided in a previous PR.
2022-07-23 00:26:55 +09:00
Bostjan Meglic
7e6568d800 [SMF] Send PDU Session Establish Accept to serving AMF
In case there are multiple AMF registered to NRF, SMF would pick only
the first AMF from the list.
In the case of sending PDU Session Establishment Accept from SMF to
AMF, this would mean a high chance of failure since the AMF might
be different than the original requester, and would not know about a
particular UE.

Modify SMF to use ServingNfId field from original request
SmContextCreateData from AMF to determine to which AMF should it send
PDU Session Establishment Accept message.
2022-07-22 12:24:26 +09:00
Bostjan Meglic
9a958d7af8 [SBI] Add function to request NF Instance from NRF by providing it's Instance Id 2022-07-22 12:24:26 +09:00
Bostjan Meglic
83b28b5649 [tests] Fix running unit tests inside docker environment
The issue was introduced with the commit, which builds Open5GS from
local sources instead of downloading them each time from Github.

Fixes: d2cbcf711 ("[build] Use local sources to build applications (#1583)")
2022-07-21 21:07:35 +09:00
Sukchan Lee
eb50d64271 Add more protection code for (#1652) 2022-07-21 17:13:32 +09:00
Sukchan Lee
9aa5559c5f Refactor for the UERANSIM 500 test (#1652) 2022-07-21 12:41:19 +09:00
Sukchan Lee
f35afa2ff7 Add missing pkbuf_free() (#1652) 2022-07-21 01:00:44 +09:00
Sukchan Lee
776103698d Oops! Redundant code is removed (#1652) 2022-07-21 00:35:08 +09:00
Sukchan Lee
2b41a215d7 Fixed the crash in UERANSIM 500 test (#1652) 2022-07-21 00:02:31 +09:00
Sukchan Lee
da1905b36c fixed the memory leak in test program 2022-07-20 12:08:17 +09:00
Sukchan Lee
fb95f1ff71 Fixed ASSERT when context has already been removed 2022-07-19 19:42:24 +09:00
Sukchan Lee
668cc59f94 [AMF] Fixed 5GMM cause in Reject message (#1660)
When a UE that requests slices tries to connect and there are no slices configured, the reject message is:

5GMM cause = 0x7 (5GS Services not allowed)

however it should be:

5GMM cause = 0x3e (No network slices available)

All 5GMM cause value in reject message is reviewed in this commit
2022-07-19 12:42:02 +09:00
Sukchan Lee
3885cb20d9 [asn1c] rework aper from mouse07410/asn1c#94
Merge @pespin the following work
- mouse07410/asn1c#93
- mouse07410/asn1c#100
2022-07-16 14:30:00 +09:00
Sukchan Lee
5e18b2bd13 [SCP] Support of Indirect Communication 2022-07-16 13:27:18 +09:00
Sukchan Lee
1518a4f334 [CORE] Increased memory pool for poll (#1652) 2022-07-13 16:54:55 +09:00
Sukchan Lee
80ee4c8aa8 [SBI] incrased session pool of server (#1652) 2022-07-12 17:31:36 +09:00
Bostjan Meglic
aa3cded11a [AMF] Handle namf-callback DeregNotify message from UDM
UDM may send a Deregistration Notification to AMF, to deregister
specific UE from the network - Network-Initiated Deregistration.
Deregistration procedure includes sending Deregistration Request to UE,
starting a timer T3522, releasing PDU sessions from SMF, releasing PCF
policies from PCF, and waiting for Deregistration Accept from UE.

Not yet implemented is:
- to prevent deregistration of UE in case it has any emergency sessions,
- page UE when UE is in IDLE mode.
2022-07-11 22:53:21 +09:00
Bostjan Meglic
0633774972 [SBI] Add support for DeregistrationData in SBI messages 2022-07-11 22:53:21 +09:00
Bostjan Meglic
d1a2971990 [NAS] modify library to include both directions of deregistration requests
Definitions in NAS library now include both directions of deregistration
requests/accepts - from UE and from network.
2022-07-11 22:53:21 +09:00
Bostjan Meglic
babc30940a [AMF] Do not send Deregistration Event to UDM when UE deregisters
According to TS 23.502, 4.2.2.2.2, AMF sends Registration event to UDM
in the following cases:
- If the AMF has changed since the last Registration procedure, or
- if the UE provides a SUPI which doesn't refer to a valid context in
the AMF,
- or if the UE registers to the same AMF it has already registered
to a non- 3GPP access (i.e. the UE is registered over a non-3GPP access
and initiates this Registration procedure to add a 3GPP access).

In case that UE re-registers to the network with a GUTI, it bypasses
authentication check to the AUSF. In this case, AMF does not send
Registration event to UDM.
Consequently, when UE deregisters again, AMF would send a Deregistration
Event to a UDM, which does not have a context for it.

3GPP standard does not say when AMF sends Deregistration Event to UDM,
only that it is optional.

These (De-)Registration events are for (de-)registering AMF to the UDM
for serving the UE. And not for (de-)registering UE itself for purpose
of tracking when UE is registered on the network.

This partially reverts commit 7be7029ac4
2022-07-11 22:44:07 +09:00
Sukchan Lee
fce0eb4800 [SBI] fixed wrong request-nf-type (#1650) 2022-07-08 21:36:52 +09:00
Oliver Smith
fe11ee161c d/open5gs-upf.postinst: don't restart service in chroot
Don't attempt to restart systemd-networkd if systemd is not running
(e.g. installing open5gs inside a chroot).

Fix for:
  System has not been booted with systemd as init system (PID 1). Can't operate.
  Failed to connect to bus: Host is down
  dpkg: error processing package open5gs-upf:amd64 (--configure):
   installed open5gs-upf:amd64 package post-installation script subprocess returned error exit status 1
2022-07-05 10:22:36 +09:00
Sukchan Lee
eabe8dfec5 [PFCP] Added UE IP address in the EPC (#1642) 2022-07-04 17:37:00 +09:00
Networkmama
29525b21a4 [SMF] copy UE ip address to uplink PDR rules.
This helps UPF to add ACL based on src ip

Signed-off-by: Networkmama <networkmama12@gmail.com>
2022-07-04 17:34:40 +09:00
Sukchan Lee
af4021bff4 [PFCP] Fixed a endianness Apply Action (#1640) 2022-07-04 17:30:19 +09:00
Sukchan Lee
318fc25535 [CORE] Added memory check (#1638) 2022-07-01 21:49:31 +09:00
Bostjan Meglic
6adf541346 [CORE] Fix detection of a failed memory allocation 2022-07-01 21:38:47 +09:00
Bostjan Meglic
ab11220dcc [ALL] Fix differences in function parameter names between definition and declaration 2022-07-01 21:38:47 +09:00
Bostjan Meglic
114f783d06 [MISC] Add support for static code analysis
Static code analysis can be executed with following commands:
  meson build
  ninja -C build analyze-cppcheck
  ninja -C build analyze-clang-tidy

These commands are available only if additional tools are installed:
  - cppcheck
  - clang-tidy
  - clang-tools is optional if you want to paralelize the clang-tidy

In case of cppcheck analysis, a file called build/cppchecklog.log is
created with the analysis results.

In case of clang-tidy analysis, some checks are disabled. See file
.clang-tidy, and reenable them if you see fit.
Also it does not scan all the files in the project, since some of them
are imported from other sources. It does not scan any sources under:
  - subprojects/
  - lib/asn1c/
  - lib/ipfw/
2022-07-01 21:38:47 +09:00
Sukchan Lee
50be661cf9 Fixed a crash when slice/session overflow (#1637) 2022-06-30 13:33:16 +09:00
Sukchan Lee
ad159d1755 [GTP] Refine error code path without assertion
Refer to #1635, #1620, #1606, #1594
2022-06-30 10:53:19 +09:00
Sukchan Lee
b1d982a1ee [PFCP] Refine error code path without assertion
Refer to #1635, #1620
2022-06-30 10:35:03 +09:00
Sukchan Lee
0be5e765c8 Revert "[SGWC] pfcp: Retrieve sess when SEID=0 (#1620)"
This reverts commit 9700563023.
2022-06-30 09:11:38 +09:00
Sukchan Lee
6332f10593 Revert "[GTP] context when TEID=0 (#1620, #1606, #1594)"
This reverts commit 0d61f7a7f9.
2022-06-30 09:11:31 +09:00
Sukchan Lee
051c19b7c8 Changes MAX TLV MORE to 16
OGS_MAX_NUM_OF_PDR is 16, but OGS_TLV_MAX_MORE is 8.
To match the size of two macros, increased OGS_TLV_MAX_MORE to 16.
2022-06-29 14:35:01 +09:00
Pau Espin Pedrol
b5956e5596 [UPF] N4: Remove unnecessary assert (#1634) 2022-06-29 11:10:43 +09:00
Sukchan Lee
52d5c61794 [GTP] avoid abort for ogs_gtp_node_new() (#1633) 2022-06-29 11:07:44 +09:00
Pau Espin Pedrol
c5a545039f [GTP] Avoid abort if ogs_gtp_node_new() returns NULL (#1633)
* [GTP] Avoid abort if ogs_gtp_node_new() returns NULL

* [SGWC] Avoid abort if ogs_gtp_node_add_by_addr() returns NULL
2022-06-29 10:28:18 +09:00
Sukchan Lee
2dd577f88c [SCTP] Add protection code jumbo frame (#1632) 2022-06-28 16:58:15 +09:00
Sukchan Lee
0d61f7a7f9 [GTP] context when TEID=0 (#1620, #1606, #1594) 2022-06-28 15:32:14 +09:00
Sukchan Lee
9700563023 [SGWC] pfcp: Retrieve sess when SEID=0 (#1620) 2022-06-28 13:20:46 +09:00
Pau Espin Pedrol
5eaf66262a [SMF] pfcp: Retrieve sess when response with SEID=0 is received (#1620)
3GPP TS 29.244 7.2.2.4.2 documents that the peer will set SEID=0 in the
response when we request something for a session not existing at the peer.
If that's the case, we still want to locate the local session which
originated the request, so let's store the local SEID in the xact when
submitting the message, so that we can retrieve the related SEID and
find the session if we receive SEID=0.
2022-06-28 11:19:57 +09:00
Pau Espin Pedrol
a3593c6890 [SMF] Gn: QoS Profile and PCO IE improvements (#1631) 2022-06-27 21:51:14 +09:00
Sukchan Lee
8fe2e506c0 [PFCP] Added Network Instance to CP-UP FAR (#1630) 2022-06-25 07:56:28 +09:00
Sukchan Lee
df68b231b8 [PFCP] Added DNN/APN in FAR (#1629, #1630) 2022-06-24 20:30:40 +09:00
Sukchan Lee
f4eddf91b5 Set v4/v6 flags in local F-TEID (#1625) 2022-06-24 15:16:54 +09:00
Networkmama
99fd6c449a [SMF] Set v4/6 flag in F-TEID IE request type (#1625)
Signed-off-by: Networkmama <networkmama12@gmail.com>
2022-06-24 15:11:16 +09:00
Pau Espin Pedrol
7762da6992 [SMF] pfcp-sm: Fix ogs_fsm_dispatch() on NULL sess (#1628)
It was spotted that if DeleteSessionReq sent by SMF is answered by UPF
with cause="Session context not found", then it contains SEID=0 (this is
correct as per specs). Hence, since SEID=0 session is not looked up, so
sess=NULL.

A follow up commit improves the situation by looking up the SEID in the
originating request message in that case.
2022-06-23 23:38:52 +09:00
Pau Espin Pedrol
bfe214aafa [UPF] Avoid crash if no default subnet configured (#1624)
In that case, ogs_pfcp_ue_ip_alloc() will fail with  the error message
"CHECK CONFIGURATION: Cannot find subnet [...]" and the assert will make
upf crash.
That's not desirable, let's keep it running and simply reject the
request. The error log is big enoguh to find out.
2022-06-23 22:04:01 +09:00
Pau Espin Pedrol
96d689a402 [SGWC,SMF] Add specific config opt max.gtp_peer to set gtp_node mempool size (#1623)
This is needed specially for SMFs handling a pool of SGWs.
2022-06-23 22:03:48 +09:00
Pau Espin Pedrol
3501cb0a5b [SMF] track and fix scenario where gtp node mempool becomes full (#1622)
* [SMF] Avoid abort() if gtp_node mempool becomes full

Related: https://github.com/open5gs/open5gs/issues/1621

* [SMF] metrics: Add new ctr tracking gtp_node allocation failures

This metrics is useful to track whether at some point the mempool went
full, so that config needs to be updated to increase the mempool size.
2022-06-23 22:03:34 +09:00
Sukchan Lee
b58ebda556 Change Default MCC/MNC 901/70 -> 999/70 (#1331) 2022-06-23 21:37:47 +09:00
Pau Espin Pedrol
20d3dc0167 [CORE] fsm: Add asserts to validate ogs_fsm_t is not null (#1619) 2022-06-23 20:48:06 +09:00
Bostjan Meglic
c9598fb9c6 [SBI] Fix memory leak for nghttp2 session (#1618)
Delete nghttp2 session to prevent memory leaks.
The issue was detected using valgrind.
2022-06-23 20:43:36 +09:00
Pau Espin Pedrol
13421119c3 [SMF] Gy: Send Multiple-Services-Indicator AVP only during Initial CCR (#1616)
Gy (3GPP TS 32.299 ) refers to AVP in DCCA (RFC4006).

RFC4006 5.1.2:
"[...] by including the Multiple-Services-Indicator AVP in the first
interrogation."

Nokia's infocenter documentation also states it's sent during Initial CCR
only: "(CCR-I only)".
2022-06-21 23:56:56 +09:00
Sukchan Lee
50cfb5f3ac Initialize pgw_s5u_teid (#1559) 2022-06-20 22:36:51 +09:00
Bostjan Meglic
d2cbcf7118 [build] Use local sources to build applications (#1583)
"build" Docker image previously downloaded latest version of Open5GS
from github, and built the project from that.
Use local source files for building instead.
2022-06-19 18:18:09 +09:00
Sukchan Lee
0f93ec23ab [MME/AMF] Fixed network name encoding (#1614) 2022-06-19 18:16:11 +09:00
Sukchan Lee
c528e0d5bc [SBI] Change NfInstance.Id to Optional 2022-06-18 23:56:12 +09:00
JagannathS
0313910ac6 Added show commands in the dbctl (#1613) 2022-06-17 06:27:24 +09:00
Bostjan Meglic
361c3b7387 [SBI] Fix invalid read beyond allocated memory (#1610)
Valgrind memcheck tool reports an error, of invalid read beyond the
allocated memory.

Function "write_cb()" already allocates (realloc) +1 byte and
null-terminates the data. But the length "conn->size" does not contain
this extra null-terminated byte.
When a copy of the received data is made in "check_multi_info()", it
does not include the null character, resulting in potentially a
non-null terminated string.
Later on when parsing the data, "strlen()" will read beyond the
allocated memory to search for the null character, resulting in an
invalid read.

==1994== Invalid read of size 1
==1994==    at 0x484ED24: strlen (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==1994==    by 0x4D3F401: cJSON_ParseWithOpts (cJSON.c:1109)
==1994==    by 0x4D3F65C: cJSON_Parse (cJSON.c:1197)
==1994==    by 0x4C927DE: parse_json (message.c:913)
==1994==    by 0x4C972D8: parse_content (message.c:1790)
==1994==    by 0x4C90096: ogs_sbi_parse_response (message.c:589)
==1994==    by 0x136431: amf_state_operational (amf-sm.c:248)
...
==1994==  Address 0x668371d is 0 bytes after a block of size 253 alloc'd
==1994==    at 0x4848899: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==1994==    by 0x5107D7F: ??? (in /usr/lib/x86_64-linux-gnu/libtalloc.so.2.3.3)
==1994==    by 0x510814B: _talloc_memdup (in /usr/lib/x86_64-linux-gnu/libtalloc.so.2.3.3)
==1994==    by 0x4871568: ogs_talloc_memdup (ogs-strings.c:184)
==1994==    by 0x4CA7755: check_multi_info (client.c:475)
...
2022-06-15 22:32:23 +09:00
jmasterfunk84
59a457fa40 Update mme-sm.c (#1609) 2022-06-15 06:13:49 +09:00
Pau Espin Pedrol
038d383584 [CORE] Compare port in ogs_sockaddr_is_equal() (#1608) 2022-06-15 06:13:15 +09:00
Bostjan Meglic
7be7029ac4 Send deregistration event from AMF to UDM (#1599)
* [SBI] Fix converting PatchItem to JSON

* [UDR] Add support for endpoint for patching subscription data

Add support for PATCH HTTP method for the following endpoint:
/subscription-data/{ueId}/context-data/amf-3gpp-access

Currently does not change any data in the database.

* [UDM] Add support for endpoint for patching subscription data

Add support for the following endpoint, HTTP PATCH method:
/nudm-uecm/v1/{ueId}/registrations/amf-3gpp-access

The endpoint is used when UE deregisters from the core, and AMF
sends a subscription modification request with "purgeFlag" set.

* [UDM] Add check for same GUAMI when patching subscription data

* [AMF] Send deregistration event to UDM

When UE sends deregistration request, AMF needs to send a
Nudm_UECM_Deregistration request to UDM.
The order of requests is now the following:
- send PDU session release to SMF
- send deregistration event to UDM
- send AM policy control release to PCF
2022-06-14 23:44:02 +09:00
Pau Espin Pedrol
720b4d3c4c [SMF] Gn: Drop already implemented TODO (#1604) 2022-06-13 23:58:39 +09:00
Pau Espin Pedrol
4d9112870c configs: use proper default IP address for metrics server (#1603)
* configs: use proper default IP address for metrics server

Let's use the IP address assigned to each process by default when
configuring the HTTP Prometheus server. Otherwise having several
processes listening on 0.0.0.0 cause collisions.

* configs: mme.yaml: Fix trailing whitespace
2022-06-13 23:13:58 +09:00
Safa Orhan
58a9d31fd8 Apply action ie (#1601) 2022-06-13 19:51:40 +09:00
Safa Orhan
0a3746c24d PR open5gs#1581 (#1600) 2022-06-13 19:44:36 +09:00
Sukchan Lee
1daac541cf Oops! removed one time in the document 2022-06-12 17:18:03 +09:00
Sukchan Lee
9087a480a8 Update document for v2.4.8 2022-06-12 17:06:36 +09:00
Sukchan Lee
9d43646816 Release v2.4.8 2022-06-12 16:29:24 +09:00
Sukchan Lee
240c10888d [GTP] Fixed bugs if gNB changed (#1515, #1586) 2022-06-12 15:54:27 +09:00
Sukchan Lee
9c3b7dfe4b Added RRCEstablishmentCause to Test-Msg Param 2022-06-12 14:32:53 +09:00
Sukchan Lee
2aa40ca8c8 [PFCP] Added Data Status IE (#1582) 2022-06-12 09:02:59 +09:00
Sukchan Lee
12353178fb Upgrade PFCP to v16.9.1 (#1581) 2022-06-11 23:51:00 +09:00
Sukchan Lee
b98c2c13f6 [SUCI] Handling exceptions for invalid RI (#1570)
If Routing Indicator is wrong, we forcely set to '0'.
2022-06-10 23:19:00 +09:00
Sukchan Lee
9d94b33c7b meson: Rollback libmicrohttpd >= 0.9.40
Ubuntu 18.04 (bionic) should continue to be supported until April 2023.
So I modified mhd_server to support older versions of libmicrohttpd.
2022-06-10 21:35:37 +09:00
Sukchan Lee
6c5a8a135a Reorder smf_gtp_node objects free (#1593)
smf_gtp_node_pool were properly freed.

However, the seqence was wrong, so we got a warning message.

To solve this problem, I've moved smf_gtp_node_alloc/free
from gtp_path.[ch] to context.[ch]
2022-06-10 21:08:15 +09:00
Pau Espin Pedrol
b116630fe8 meson: Depend explicitly on libmicrohttpd >=0.9.61 (#1595)
Recent commit re-enabling SBI HTTP/1.1 support
(10bdf39505cf525b95886c140b3c2e82e7427d29) started using libmicrohttpd's
API MHD_create_response_from_buffer_with_free_callback(), which is only
available starting from v0.9.61.
As a result, compilation in xUbuntu 18.04 started failing with errors
about the function not being found, since it ships with libmicrohttpd
v0.9.59.
Depending on 0.9.61 is fine since it's quite old (november 2018) and all
major current distros should for sure have an >= one. Let's simply bump
the version check so that it fails in an informative manner.
2022-06-10 20:53:55 +09:00
Pau Espin Pedrol
28089e2b59 [SMF] Fix smf_gtp_node objects not freed during shutdown (#1593) 2022-06-10 00:06:13 +09:00
Sukchan Lee
b1e7477904 [CORE] Improve logging error in PFCP (#1591) 2022-06-09 23:36:33 +09:00
Pau Espin Pedrol
5238771295 [CORE] Improve logging error in ogs_gtp_sendto() (#1591) 2022-06-09 23:32:11 +09:00
Carlos Giraldo
cfe21c61da Structure AMF and MME metrics code similar to SMF (#1590)
* AMF metrics initial support

* MME metrics initial support

* set amf/mme metrics.[c|h] similar to smf
2022-06-09 21:39:03 +09:00
Sukchan Lee
0b97954208 Re-added to handle an exceptional case (#1589) 2022-06-09 21:35:59 +09:00
Bostjan Meglic
5084f6a71d [AMF] Add support for SUCI protection schemes A and B (#1589)
For null protection scheme the SUCI needs to be BCD encoded. Whereas for
protection scheme profiles A and B the SUCI needs to be converted from
hexadecimal to ASCII.

This still needs the support for protection schemes A and B in UDM to
work.
2022-06-09 21:27:58 +09:00
Carlos Giraldo
109949d335 MME initial metrics support (#1587) 2022-06-09 06:23:51 +09:00
Pau Espin Pedrol
9e25482d99 [SMF] Gn: Fixes handling/transmitting APN-AMBR IE (#1588) 2022-06-09 06:22:56 +09:00
Carlos Giraldo
816575dc8d AMF metrics initial support (#1585) 2022-06-08 17:54:46 +09:00
Pau Espin Pedrol
28e40a0f1b Initial metrics support based on Prometheus (#1571)
* Initial metrics support based on Prometheus

This commit introduces initial support for metrics in open5gs.

The metrics code is added as libogsmetrics (lib/metrics/), with a well
defined opaque API to manage different types of metrics, allowing for
different implementations for different technologies to scrap the
metrics (placed as lib/metrics/<impl>/. The implementation is right now
selected at build time, in order to be able to opt-out the related dependencies
for users not interested in the features. 2 implementations are already
provided in this commit to start with:
* void: Default implementation. Empty stubs, acts as a NOOP.
* prometheus: open5gs processes become Prometheus servers, offering
  states through an http server to the Prometheus scrappers. Relies on
  libprom (prometheus-client-ci [1] project) to track the metrics and format
  them during export, and libmicrohttpd to make the export possible through
  HTTP.

[1] https://github.com/digitalocean/prometheus-client-c

The prometheus-client-c is not well maintained nowadays in upstream, and
furthermore it uses a quite peculiar mixture of build systems (autolib
on the main dir, cmake for libprom in a subdir). This makes it difficult
to have it widely available in distros, and difficult to find it if it
is installed in the system. Hence, the best is to include it as a
meson subproject like we already do for freeDiameter. An open5gs fork is
requried in order to have an extra patch adding a top-level
CMakeList.txt in order to be able to includ eit from open5gs's meson
build. Furthermore, this allows adding bugfixes to the subproject if any
are found in the future.

* [SMF] Initial metrics support

* [SMF] Add metrics at gtp_node level

* docs: Add tutorial documenting metrics with Prometheus
2022-06-08 05:51:02 +09:00
Pau Espin Pedrol
a9badd5520 GTP, SMF: More dec/enc improvements in QoS Profile IE MBR and GBRE fields (#1584) 2022-06-07 22:13:53 +09:00
Sukchan Lee
18cca7f5e4 Re-enabling HTTP/1.1 (#1570) 2022-06-06 22:20:52 +09:00
Sukchan Lee
828fa23d16 Increase Apply Action size to 2 bytes (#1581) 2022-06-06 21:12:18 +09:00
mitmitmitm
a6abe1fffb [NRF] Don't abort if there are too many registered NF instances (#1579)
Reply with an error instead.
2022-06-06 20:54:59 +09:00
Pau Espin Pedrol
7dd5d27a71 [GTPv1] Several QoS Profile IE enc/dec fixes and improvements (#1575) 2022-06-03 06:56:28 +09:00
Pau Espin Pedrol
e32139009b [SMF] Gn: Avoid building QoS Profile IE twice in UpdatePdpContextResp (#1574) 2022-06-03 01:02:14 +09:00
Pau Espin Pedrol
502a886e43 [CORE] ogs-sockaddr: Fix trailing whitespace (#1573) 2022-06-02 20:20:16 +09:00
Pau Espin Pedrol
d99382d5bc [CORE] Improve log error messages in ogs_ipsubnet() (#1572) 2022-06-02 20:19:55 +09:00
Sukchan Lee
8b3fa5ff9f Follow-up the contribution #1566, #1567 2022-05-31 21:44:53 +09:00
Pau Espin Pedrol
e1e8018919 [SMF] Avoid crash if Create{Session,PdpContext}Resp fails to be sent (#1566)
* [SMF] Gn: Drop unreachable return line

* [SMF] Avoid crash if Create{Session,PdpContext}Resp fails to be sent

Crash spotted in a running open5gs-smfd process, triggered by:
ERROR: ogs_gtp_sendto() failed (1:Operation not permitted) (../lib/gtp/path.c:119)
ERROR: ogs_gtp_xact_commit: Expectation `rv == OGS_OK' failed. (../lib/gtp/xact.c:730)
ERROR: smf_gtp2_send_create_session_response: Expectation `rv == OGS_OK' failed. (../src/smf/gtp-path.c:451)
FATAL: smf_gsm_state_wait_pfcp_establishment: Assertion `OGS_OK == smf_gtp2_send_create_session_response( sess, gtp_xact)' failed. (../src/smf/gsm-sm.c:676)

* [SMF] Avoid crash if Delete{Sesson,PdpContext}Resp fails to be sent

Let's simply continuing with release of the session, there's not much we
can do about it. Peer will eventually realize the conn is no longer
there.
2022-05-31 21:27:42 +09:00
Pau Espin Pedrol
c2bda0b576 [GTP] Several fixes and improvements around ogs_gtp_xact_find_by_xid (#1567)
* [GTP] Add missing msg types to ogs_gtp_xact_get_stage()

* [GTP] Avoid returning wrong xact by xif if none found

* [GTP] Avoid crash if ogs_gtp_xact_get_stage() fails

* [GTP] Rename s/ogs_gtp_xact_get_stage/ogs_gtp2_xact_get_stage/
2022-05-31 21:24:00 +09:00
Sukchan Lee
b6f2146594 [SGWC] Update remote PGW GTPv2-C address (#1560)
In Create Sesion Response, we updated remote PGW GTPv2-C address.
2022-05-28 17:06:36 +09:00
Miguel
78b1dc77ff Update open5gs-dbctl (#1562)
I added four additional commands which are useful in case not using the GUI (add UE using a specific APN, add UE using a specific slice and APN, modify a slice adding an APN, modify an UE adding a new slice + APN)
2022-05-28 11:10:03 +09:00
endika
de0ba3f9dc fix tipo in amf logs (#1558) 2022-05-26 20:12:30 +09:00
Pau Espin Pedrol
c18e9f32cb [PGW] Gy+PFCP improvements (#1555)
* [SMF] Gy,PFCP: Improve {Time,Volume} {Threshold,Quota} handling

* [UPF] Implement URR Usage Report for ValidityTime/TimeQuota/TimeThreshold

* [UPF] Implement Usage report trigger for Volume Quota/Threshold

* [SMF] Set Gy Reporting-Reason based on PFCP Report Trigger
2022-05-24 22:54:30 +09:00
Bostjan Meglic
2c2ce143a3 Fix minor typos (#1554)
* Fix minor typo in log output

* Remove unused struct members
2022-05-24 21:01:54 +09:00
Sukchan Lee
933f0b04c7 [TEST] Added IPv6 in GTPU (#1515) 2022-05-23 23:51:02 +09:00
Sukchan Lee
7d496e182b Update document for v2.4.7 2022-05-21 19:48:56 +09:00
Sukchan Lee
dd845a2bb2 Release v2.4.7 2022-05-21 19:22:11 +09:00
Sukchan Lee
1679f57ac7 [CORE] fix the linked-list bug (#1187) 2022-05-21 18:54:42 +09:00
Pau Espin Pedrol
b6fe640641 [SMF] Gy CCR: Clarify use of Reporting-Request and set it to FINAL in TERMINATION_REQ (#1552) 2022-05-21 06:00:56 +09:00
Sukchan Lee
a6927e18e6 [SBI] fixed mem leak SessionManagement (#1551) 2022-05-21 17:51:31 +09:00
Bostjan Meglic
8efa364f89 Change handling of SessionManagementSubscriptionData as an array (#1551)
According to the following standards the response to the endpoint
/nudm-sdm/${supi}/sm-data should be an array of
SessionManagementSubscriptionData objects, instead of only one object.

TS 29.503 version 16.6.0
TS 29.505 version 16.4.0

UDR now responds to the request with only item in the array.
UDM copies all items as is.
SMF uses only the first item in the array, even if there are more
present.
2022-05-20 17:33:49 +09:00
Pau Espin Pedrol
43a7259781 [SMF] Prevent concurrent access to ogs_pool allocating smf_event (#1546) 2022-05-20 05:57:27 +09:00
Supreeth Herle
aba1867902 Fix AN-Trusted AVP sent in CCR (#1542)
AN-Trusted AVP is only relevant for non-3GPP access networks e.g. WLAN.
This commit adds a check for non-3GPP access network in order to include
AN-Trusted AVP in CCR or not.
Also, clears the M bit for AN-trusted AVP as per TS 29.212 version 16.4.0, Table 5.4.0.1
2022-05-19 13:25:49 +09:00
Sukchan Lee
12d189af07 Document Update 2022-05-17 23:37:41 +09:00
Sukchan Lee
d6c8d49ef4 Update Document for v2.4.6 2022-05-17 23:30:16 +09:00
Sukchan Lee
1983d9d7a7 Release v2.4.6 2022-05-17 22:44:05 +09:00
Sukchan Lee
6710c13a44 update it 2022-05-17 21:44:52 +09:00
Sukchan Lee
67fd2efd76 [HOTFIX] Receive PTI information 2022-05-18 16:04:51 +09:00
Sukchan Lee
c6c8dc1256 [PFCP] Support Multi-CP with One-UP
A problem occurred when there was one SGWU/UPF and multiple SGWC/SMF.

When SGWU and UPF create a session, if the SEID is the same,
the existing session information is used without creating an additional session.

These problems were solved by using the F-SEID including IP information
in the process of checking the existing session.
2022-05-18 10:29:58 +09:00
Pau Espin Pedrol
46621538af [SMF] Improve 3GPP-User-Location-Info in Gn,Gx,Gy (#1539)
* [GTP] Fix trailing whitespace

* [SMF] Improve 3GPP-User-Location-Info in Gn,Gx,Gy
2022-05-17 10:29:11 +09:00
Sukchan Lee
b2f2016a67 Fix the compile error 2022-05-15 23:40:51 +09:00
Sukchan Lee
e0a487f479 [SMF] Optimiza Session Modification Message
For video in VoNR, multiple QosFlow is required in one session.

In the past, since only one Session Modification Message was supported,
QoS-Flow was put into several Session Messages one by one and processed.

Now that multiple QoS-Flows can be supported,
it is optimized to process one session modification message.
2022-05-15 23:35:41 +09:00
Sukchan Lee
a7e2a071e0 Merge branch 'main' of https://github.com/open5gs/open5gs into main 2022-05-15 22:38:38 +09:00
Sukchan Lee
f97f5f794d Merge branch 'althea-net-sctp_crash_upstream' into main 2022-05-15 22:38:29 +09:00
Sukchan Lee
afc562f7d5 [MME] refine Pull Request (#1497) 2022-05-15 22:37:38 +09:00
Sukchan Lee
478723203f Merge branch 'sctp_crash_upstream' of https://github.com/althea-net/open5gs into althea-net-sctp_crash_upstream 2022-05-15 22:22:01 +09:00
Sukchan Lee
c391ac1334 [SMF] Apply 5G Core into GSM (#1498) 2022-05-15 06:27:54 +09:00
Pau Espin Pedrol
fe7f9d85bb [SMF] Store IMEI from GTPv1C/2C and append AVP in Gy CCR (#1535) 2022-05-14 21:32:32 +09:00
Pau Espin Pedrol
c5715d6695 [SMF] Gy CCR: append 3GPP-RAT-Type AVP (#1536) 2022-05-14 06:15:28 +09:00
Sukchan Lee
bb4a8f34d4 [AMF] Fix the bug NGResetAck (#1525) 2022-05-14 02:43:01 +09:00
Sukchan Lee
71572ae563 [PFCP] fixed memcpy (#1531)
dnn ‘memcpy’ reading 808 bytes from a region of size 128
2022-05-13 18:26:54 +09:00
Sukchan Lee
e2159b1240 [SMF] memory free Charging Characteristics (#1532) 2022-05-13 18:18:04 +09:00
Pau Espin Pedrol
99f59be5d7 [SMF] Store Charging Characteristics IE from GTPv1C/2C and append AVP in Gy CCR (#1532) 2022-05-13 06:32:20 +09:00
Sukchan Lee
4d2f7726b9 X2 handover with SGW change (#1367, #1459) 2022-05-12 22:52:36 +09:00
Pau Espin Pedrol
11d4be1779 [SMF] Store Selection Mode IE from GTPv1C/2C and append as 3GPP-Selection-Mode AVP in Gy CCR (#1530)
* [GTPv1C] Make Selection Mode IE uint8

* [SMF] Store Selection Mode in GTPv1C and GTPv2C

* [SMF] Gy CCR: append 3GPP-Selection-Mode AVP
2022-05-12 22:43:12 +09:00
Pau Espin Pedrol
5d478e2488 Pespin/pr (#1529)
* [SMF] rename function s/gtp/gtp2/

* [SMF] Store GTPC version in session

So far we always depended on an xact being present in the code path in
order to know which kind of session it is (GTPv1C vs GTPv2C). Let's
instead store that information in smf_sess_t so that we have it always
available in an easy way.

* [SMF] Move smf_sess_t GTPv1C specifics into gtp substruct

* [SMF] Gy CCR: append 3GPP-NSAPI AVP
2022-05-12 21:42:45 +09:00
Sukchan Lee
333e53d0dd Update sponsor size 2022-05-11 20:45:16 +09:00
Sukchan Lee
53a96022d9 Merge branch 'main' of https://github.com/open5gs/open5gs into main 2022-05-11 20:40:19 +09:00
Sukchan Lee
908d5884dc Add Telet Sponsor 2022-05-11 20:40:03 +09:00
Pau Espin Pedrol
e8d6b0be20 [SMF] Append PDP-Address AVP to Gy CCR msg (#1527)
* [SMF] Append PDP-Address AVP to Gy CCR msg

* [SMF] Gy CCR: Move some AVPs under Service-Information/PS-Information

They belong there. Nokia infocenter documentation seems to be document
the possibility to configure its software to have it in top level, but
that's not what 3GPP TS 32.299 states, so let's stick to it.

* [SMF] Gy CCR: append 3GPP-PDP-Type AVP

* [SMF] Gy CCR: append 3GPP-Charging-Id AVP

* [SMF] Gy CCR: append SGSN-Address AVP

* [SMF] Gy CCR: append GGSN-Address AVP
2022-05-11 15:53:24 +09:00
Sukchan Lee
7a9d06097e [PFCP] fix the unnecessary code (#1523) 2022-05-10 22:58:19 +09:00
Pau Espin Pedrol
3a28ddce37 [PFCP] Fix typo in log line (#1526) 2022-05-10 22:40:32 +09:00
Supreeth Herle
6ffdce598a Fix attach reject when ULA subscription data does not contain MSISDN (#1524)
Issue:
When the ULA - Subscription Data does not contain MSISDN, the Create Session Request
from MME to SGW does not contain MSISDN IE resulting in SMF throwing following log

smf        | 05/09 15:20:53.683: [smf] ERROR: No MSISDN (../src/smf/s5c-handler.c:82)
sgwc       | 05/09 15:20:53.683: [sgwc] ERROR: No Context in TEID (../src/sgwc/s5c-handler.c:104)
mme        | 05/09 15:20:53.683: [mme] ERROR: No Context in TEID (../src/mme/mme-s11-handler.c:122)

As per 3GPP TS 29.274 version 16.5.0, table 7.2.1-1: MSISDN IE shall only be included
in Create Session Request if its provided in subscription data from the HSS. This commit
fixes this by removing the mandatory MSISDN IE check in SMF.
2022-05-10 21:23:03 +09:00
Sukchan Lee
6e81564972 Add new sponsor 2022-05-05 00:06:24 +09:00
Pau Espin Pedrol
76fecdb54e [SMF] Store MSISDN from GTPC and pass it in Gy CCR (#1519) 2022-05-04 05:37:44 +09:00
Pau Espin Pedrol
aa6f3ef8d6 [SMF] gn-handler: Fix typo in error message (#1517) 2022-05-03 21:14:19 +09:00
Sukchan Lee
3508e09a41 [GTPU] IPv6 RS/RA with QFI Extended Header (#1506) 2022-04-30 11:50:30 +09:00
Sukchan Lee
b558da30c6 [GTPU] Fixed to Send Unnecessary EndMarker (#1506) 2022-04-30 10:23:12 +09:00
Sukchan Lee
de2ecd6400 [GTP2] Fixed handling multi-bearer messages(#1498) 2022-04-29 21:28:16 +09:00
Abderaouf KHICHANE
41f743af62 update instructions for adding a subscriber with Python (#1507) 2022-04-27 21:36:34 +09:00
Sukchan Lee
d50a5a44f9 [SBI] cJSON v1.7.7 -> v1.7.15 (#1503) 2022-04-23 02:42:53 +09:00
Pau Espin Pedrol
2de12e32f4 [SMF] Integrate session tear down cycle into sess->sm (#1500)
* [SMF] smf_sm.c Fix indentation

* [SMF] gsm-sm: log fsm events

* [SMF] Integrate session tear down cycle into sess->sm
2022-04-20 21:42:18 +09:00
Spencer Sevilla
23ef30553e initial draft of sctp crash fix 2022-04-18 11:56:43 -07:00
Sukchan Lee
79de674fd8 [PFCP] F-TEID allocation by SMF (#1466) 2022-04-16 14:08:56 +09:00
Pau Espin Pedrol
5f979d0cc3 [SMF] Parallelize Gx+Gy CCR Initial (#1491)
There's no real need to having to wait until Gx is processed in order to
set up Gy. This speeds up time required to set up the UE session.
2022-04-15 07:00:32 +09:00
Sukchan Lee
433d5f6bf3 Distinguish the type of session creation 2022-04-14 17:34:55 +09:00
Sukchan Lee
80cd9d725f [SBI] fixed HTTP2 header values is 0 (#1488) 2022-04-14 11:28:37 +09:00
Sukchan Lee
28746c1cd8 [SMF] Change gtp_message to gtp2_message in SM 2022-04-14 11:20:10 +09:00
Sukchan Lee
bb5d497298 [SMF] fix an invalid error GTP message 2022-04-14 11:18:21 +09:00
Sukchan Lee
079bb5c40e Remove sctp test in MacOSX CI (#1489) 2022-04-14 10:31:20 +09:00
Pau Espin Pedrol
e61b469489 [SMF] Inegrate session setup cycle into sess->sm (#1489)
It allows for much better control on the lifecycle of the session, and
already shows some missing tear down paths in case of errors.
It also clarifies the existence of "sess" pointer in several paths.

The code also becomes clearer overall, since all the transitions and
logic to send next messages are put together.

Tear down of the session will be integrated into gsm-sm in a follow-up
patch.

The 5gc session setup is only partially moved to gsm-sm, and left as an
exercise for users wishin to improve 5gc support.
2022-04-14 10:30:58 +09:00
Pau Espin Pedrol
e3da7c9934 Rename GTPv2C specifics to gtp2 prefix (#1485)
In the past only GTPv2C was supported, and had the "gtp" generic prefix.
Later on, GTPv1C support was added, and "gtp1" prefix was used.
Let's move GTPv2C specific bits to have "gtp2" prefix too, and leave
"gtp" prefix for generic stuff among different GTP versions.
2022-04-13 07:07:39 +09:00
Supreeth Herle
8c22d8a20c Send EMM Cause when Attach Request type is not same as HSS Network-Access-Mode (#1484)
This commit adds EMM Cause to Attach accept message when
Attach Request has COMBINED EPS IMSI ATTACH but the HSS
Network-Access-Mode is configure for EPS ONLY.
2022-04-13 07:06:49 +09:00
Sukchan Lee
e5ff03b249 [SBI] Change the reference count (#1440)
Change the client's reference count method
to use the same method as nf_instance
2022-04-10 20:09:27 +09:00
Sukchan Lee
49c34605db [SBI] fixed the SMF discover bug (#1440) 2022-04-09 13:24:40 +09:00
Sukchan Lee
ff242cd6ea [Gy] Follow-up PRs (#1479) 2022-04-09 10:41:02 +09:00
Pau Espin Pedrol
2be12903cb [SMF] Introduce optional Gy interface support (#1479)
The use of the Gy interface (SMF acting as CTF towards an OCS node) is
mandated through configuration file. Default value "enable: auto" will
only make use of it in case a Diameter peer announcing support for the
Credit-Control Application is found.

Upon subscriber session creation, and after auth check over Gx, the SMF
will create a Gy session with the OCS and only after that step the SMF
will accept the session back to the subscriber.
The OCS may then grant some traffic volumes/time and ask to be notified
back with updated measurements.
In order to get the measurements, the SMF relies on PFCP URR configured
to the UPF through Session Repoort Request messages.
When closing the subscriber session, the SMF will also terminate the Gy
session at the OCS.

So far only some specifics parts of the Gy interface as well as the PFCP
side are implemented. Those should be enough to at least have
volume/time thresholds granted by the OCS, which then will be able to
track subsriber resource use.

This patch doesn't implement the OCS side of the Gy interface, that's
left as a future exercise. The interface was tested using an OCS
emulator implemented in TTCN-3 [1]

[1] https://cgit.osmocom.org/osmo-ttcn3-hacks/
2022-04-09 08:26:28 +09:00
Pau Espin Pedrol
7455424d29 Fix trailing whitespace (#1478) 2022-04-09 08:19:59 +09:00
Sukchan Lee
832ab156e9 Revert "Revert "Functionality for send sms with using IMS service. (#1477)""
This reverts commit b732d7bcc5.
2022-04-09 00:45:37 +09:00
Sukchan Lee
0b3df3e3db Revert "Introduce Gy interface (#1471)"
This reverts commit 106f2729c3.
2022-04-09 00:45:26 +09:00
Sukchan Lee
b5ad0feffc Revert "[Gy] use WARN log-level if No Gy Diameter Peer"
This reverts commit 05551f120f.
2022-04-09 00:45:14 +09:00
Sukchan Lee
b732d7bcc5 Revert "Functionality for send sms with using IMS service. (#1477)"
This reverts commit aa6368132e.
2022-04-09 00:42:43 +09:00
Sukchan Lee
05551f120f [Gy] use WARN log-level if No Gy Diameter Peer 2022-04-09 00:39:21 +09:00
Pau Espin Pedrol
106f2729c3 Introduce Gy interface (#1471)
TODO:

* Use an event for the report, like SMF_EVT_N4_TIMER?

*  Properly set Service identifier in Gy CCR

* SMF: Properly set pkt/octet volumes in Gy CCR
** Update when receiving PFCP Modify Response.

* Figure out best way to require Gy through config file in open5gs-smfd.

* Create a new sess-sm.c which handles smf_sess_t state through
  Gx+Gy+PFCP creation, modification and tear down. This way we can do
stuff in parallel, for instance Gx+Gy. It will alsoavoid duplicating
some code paths due to Gy being optional.
2022-04-09 00:08:58 +09:00
EugeneBogush
aa6368132e Functionality for send sms with using IMS service. (#1477)
* Update

* update

* Update

* update

* new version of profile for send sms

* update

* update

Co-authored-by: root <root@lfv.unassigned-domain>
Co-authored-by: eug <eug@lfv.unassigned-domain>
2022-04-08 23:20:06 +09:00
Pau Espin Pedrol
fb8ebcdbea [UPF] Add initial support for URR Usage Report (#1476) 2022-04-08 23:10:42 +09:00
Pau Espin Pedrol
52672cff65 [DIAM] Add Gy interface support to lib/diameter (#1474)
This commit adds required blocks in lib/diameter to be able to handle Gy
messages later in open5gs apps.

The Gy interface is mainly decribed in 3GPP TS 32.299  and 3GPP TS
32.251, which in turn refers to Diameter protcols defined in RFC4006.
This interface allows charging managment through an external OCS node.
2022-04-08 21:13:02 +09:00
Pau Espin Pedrol
0df2e9f0ba [UPF] cosmetic: Fix trailing whitespace (#1473) 2022-04-08 21:12:52 +09:00
Pau Espin Pedrol
77f7bb7af7 [PFCP] Use proper IE to signal triggers in Usage Report (#1472)
The "Report Triggers" is sent SMF->UPF to tell in which situations a
report should be sent.
The "Usage Report Trigger" is sent UPF->SMF to indicate which situation
triggered the report.
2022-04-08 21:12:42 +09:00
Pau Espin Pedrol
8286b1c417 [SMF] Gx: Fix crash receiving DIAMETER_UNABLE_TO_DELIVER (#1469) 2022-04-06 23:57:55 +09:00
Pau Espin Pedrol
5be48be634 [SMF] Gx: Prevent sending Gx messages to non-PCRF Diameter peers (#1468) 2022-04-06 20:48:26 +09:00
Sukchan Lee
110a63fdfa [SMF] Handle for PCRF not to respond (#1445) 2022-04-03 22:49:12 +09:00
Sukchan Lee
e213f65406 Improve data-path performance using talloc_pool()
allocate a talloc pool for GTP to ensure it doesn't have to go back
to the libc malloc all the time.
2022-04-02 13:36:23 +09:00
Sukchan Lee
1c9a48bfb1 [Doc] Update CentOS Stream 8 (#1450) 2022-04-01 22:33:49 +09:00
Sukchan Lee
77f66e1f0e Migrating to CentOS Stream 8 in Vagrant (#1450) 2022-04-01 22:28:32 +09:00
Sukchan Lee
3121d183f0 [HSS/PCF] Store IMEISV instead of IMEI (#1464) 2022-04-02 00:46:05 +09:00
Sukchan Lee
8f603e2049 [WebUI] Added IMEI in View (#1464) 2022-04-01 20:08:20 +09:00
Sukchan Lee
35201f6ed1 Fix the MacOSX CI (#1454) 2022-03-31 23:06:52 +09:00
Sukchan Lee
24d20bb20b Update automatic CI (#1454) 2022-03-31 22:55:27 +09:00
Sukchan Lee
f2aa15d99f Added MacOSX to the Running OS for CI (#1454) 2022-03-31 21:31:10 +09:00
Sukchan Lee
c76c7d597d Oops! Rollback Meson Continuous integration 2022-03-31 20:26:58 +09:00
Sukchan Lee
9c4287f467 update it1 2022-03-31 20:24:31 +09:00
Sukchan Lee
2def8bb31b update it 2022-03-31 19:51:51 +09:00
EugeneBogush
f557fc8eaa Add/update current imei of UE in subscriber profile (#1464)
* first commit

* fix

Co-authored-by: root <root@lfv.unassigned-domain>
2022-03-31 19:35:30 +09:00
Sukchan Lee
82241f5b84 Added Meson Continuous Integration (#1454) 2022-04-01 02:31:57 +09:00
Pau Espin Pedrol
fbfb72c1b7 [PFCP] Support multiple Usage Report IEs in all messages (#1461)
* [PFCP] Properly check down_data_report inclusion building SessionReportRequest

* [PFCP] Support multiple Usage Report IEs in all messages
2022-03-31 09:43:35 +09:00
Sukchan Lee
038fb680f4 Revert configuration for backward compatibility 2022-03-31 02:15:13 +09:00
Sukchan Lee
da8c934326 [Test] Fix the SBI running[1] 2022-03-28 23:09:24 +09:00
Sukchan Lee
88016a769f [SMF] fix missing initialization memory (#1458) 2022-03-28 22:22:24 +09:00
Pau Espin Pedrol
acd6610508 [SMF] Gx: Add Destination-Host AVP to CCR (#1458)
Catch Origin-Host during CCA and set it as Destination-Host during
subsequent CCRs. This way we ensure UPDATE/TERMINATION Requests are sent
back explicitly to the same Diameter peer. Moreover, it seems
freediameter relies on this AVP to properly send the message over the
correct SCTP association when several diameter peers are available.
2022-03-28 22:00:28 +09:00
Pau Espin Pedrol
4b8d3a845a [PFCP] Support associating multiple URRs to a PDR (#1456)
* [PFCP] Fix trailing whitespace in message generation files

* [PFCP] message gen: Support multiple URR ID IEs in Create PDR group

* [PFCP] Support associating multiple URRs to a PDR

According to 3GPP TS 29.244:
"""
A PDR shall contain:
- zero, one or more URRs, which contains instructions related to traffic measurement and reporting.
"""
2022-03-28 21:56:58 +09:00
Sukchan Lee
825b06b6e0 Update document for v2.4.5 2022-03-27 20:12:30 +09:00
Sukchan Lee
12c656efd0 Improve Slice/DNN selection (#1438), (#1440) 2022-03-27 17:50:31 +09:00
Sukchan Lee
ced37a6201 fix the slice issues (#1438), (#1440) 2022-03-26 23:53:53 +09:00
Pau Espin Pedrol
38e2dee17f [PFCP] Handle Measurement Information in Create/Update URR IEs (#1453) 2022-03-26 00:33:32 +09:00
Pau Espin Pedrol
89636fa8d3 [PFCP] Handle Measurement Information in Create/Update URR IEs (#1452) 2022-03-26 00:07:34 +09:00
Pau Espin Pedrol
cc0d147f5c Fix trailing whitespace (#1451) 2022-03-25 23:35:27 +09:00
Pau Espin Pedrol
12bac7a917 [PFCP] Avoid requiring optional fields in Update URR IE (#1449) 2022-03-25 05:58:40 +09:00
Sukchan Lee
41553de7a4 [MME] Exception handle - APN duplicated (#1431) 2022-03-24 21:52:42 +09:00
Sukchan Lee
2cb06b3085 remove pool related configuration (#1431) 2022-03-23 15:14:18 +09:00
Sukchan Lee
224d1caca1 change log-level WARNING to INFO 2022-03-22 22:52:10 +09:00
Sukchan Lee
37af21a88d [MEM] fix the pkbuf problem (#1431) 2022-03-22 22:47:45 +09:00
Sukchan Lee
fe5fd0f760 Update sponsors 2022-03-19 20:26:49 +09:00
Pau Espin Pedrol
ab5f47ef59 [SMF] PFCP Session Report Req: Allow receiving multiple bits in Report Type (#1442)
3GPP TS 29.244 sec 8.2.21 "Report Type" states:
At least one bit shall be set to "1". Several bits may be set to "1".
2022-03-17 16:23:43 +09:00
Sukchan Lee
72ecd1c005 [SMF] Remove T_RELEASE_HOLDING timer 2022-03-17 16:07:19 +09:00
Pau Espin Pedrol
7f6f35fe6f [UPF] Improve logging around IP spoofing (#1441)
* [UPF] Fix Trailing whitespace

* [UPF] Improve logging around IP spoofing

Related: https://github.com/open5gs/open5gs/issues/1435
2022-03-16 21:59:50 +09:00
Sukchan Lee
bf77318602 [MME] re-factor to check a piggybacked ESM (#1431) 2022-03-16 20:48:48 +09:00
Sukchan Lee
a6ec206998 Change EPERM to OGS_EPERM (#1436,#1404) 2022-03-16 20:32:19 +09:00
Pau Espin Pedrol
f060da45d5 [CORE] time: Add APIs to manage NTP 32-bit timestamps (#1439)
These will be further needed in PFCP in the future, as well as in other
Diameter based interfaces (such as Gy).
Let's put all implementation details in APIs so that devs don't need to
care about those details every time.
2022-03-16 11:25:30 +09:00
Pau Espin Pedrol
80ce991aa6 [CORE] Improve SO_BINDTODEVICE error log line (#1436) 2022-03-16 11:25:21 +09:00
Sukchan Lee
bcf53124d5 Improve the socket option configuration (#1404)
o GTP-C Option (Default)
  - so_bindtodevice : NULL

  gtpc:
    addr: 127.0.0.7
    option:
      so_bindtodevice: vrf-blue

o GTP-U Option (Default)
  - so_bindtodevice : NULL

  gtpu:
    addr: 127.0.0.7
    option:
      so_bindtodevice: vrf-blue

o PFCP Option (Default)
  - so_bindtodevice : NULL

  pfcp:
    addr: 127.0.0.7
    option:
      so_bindtodevice: vrf-blue

o SBI Option (Default)
  - tcp_nodelay : true
  - so_linger.l_onoff : false

  sbi:
    addr: 127.0.0.10
    option:
      tcp_nodelay: false
      so_linger:
        l_onoff: true
        l_linger: 10

o NGAP Option (Default)
  - sctp_nodelay : true
  - so_linger.l_onoff : false
ngap:
  addr: 127.0.0.5
  option:
    stcp_nodelay: false
    so_linger:
      l_onoff: true
      l_linger: 10

o NGAP SCTP Option (Default)
  - spp_hbinterval : 5000 (5secs)
  - spp_sackdelay : 200 (200ms)
  - srto_initial : 3000 (3secs)
  - srto_min : 1000 (1sec)
  - srto_max : 5000 (5secs)
  - sinit_num_ostreams : 30
  - sinit_max_instreams : 65535
  - sinit_max_attempts : 4
  - sinit_max_init_timeo : 8000(8secs)
ngap:
  addr: 127.0.0.5
  option:
    sctp:
      spp_hbinterval : 5000
      spp_sackdelay : 200
      srto_initial : 3000
      srto_min : 1000
      srto_max : 5000
      sinit_num_ostreams : 30
      sinit_max_instreams : 65535
      sinit_max_attempts : 4
      sinit_max_init_timeo : 8000
2022-03-15 22:03:50 +09:00
Pau Espin Pedrol
73836c063c [UPF] Fix log typo, trailing whitespace (#1434) 2022-03-15 13:34:32 +09:00
Pau Espin Pedrol
dd5abb79b4 [PFCP] Fix wrong endianess enc of some URR values (#1433)
* [PFCP] Fix trailing whitespace

* [PFCP] Fix wrong endianess enc of some URR values

u32 tlvs are already converted to big endian automatically. Manually
doing so ends up in double conversion and hence in wrong endianness
being sent over the wire.
Similar issue was also fixed recently in the PFCP decoding path.
Related: https://github.com/open5gs/open5gs/issues/1349
2022-03-15 13:34:22 +09:00
Pau Espin Pedrol
5b81802be9 [Gx] Fix trailing whitespace (#1420) 2022-03-08 21:50:20 +09:00
Pau Espin Pedrol
4388f9bf3a [Gx] Use OGS_DIAM_GX_APPLICATION_ID define instead of hardcoded val (#1419) 2022-03-08 21:50:05 +09:00
Sukchan Lee
c1fc25958c Change default to bindtodevice:false 2022-03-08 19:49:16 +09:00
Sukchan Lee
914bb0a40f Merge branch 'sysmocom-pespin/vrf' into main 2022-03-07 22:44:23 +09:00
Sukchan Lee
253e2ad98a [GTP/PFCP] Support VRF (#1404) 2022-03-07 22:43:18 +09:00
Sukchan Lee
c2d10772c6 Merge branch 'pespin/vrf' of https://github.com/sysmocom/open5gs into sysmocom-pespin/vrf 2022-03-07 22:43:10 +09:00
Sukchan Lee
f848785360 Update document (#1412) 2022-03-05 18:50:25 +09:00
Sukchan Lee
a1be48ed50 [SGW-C] fix the crash (#1353) 2022-03-05 11:27:22 +09:00
Sukchan Lee
896370c2e4 [MME] Oops! Remove redundant warning (#1411) 2022-03-04 23:49:45 +09:00
Sukchan Lee
9bf8a84b81 [SGWC] fix the crash (#1353) 2022-03-05 02:58:53 +09:00
Sukchan Lee
79e34260da [SGWC] fix the crash (#1353) 2022-03-03 23:17:28 +09:00
Pau Espin Pedrol
7bddc92322 [GTP] Support binding socket to device
This is useful, among other possible applications, to make use of VRFs [1],
in this case for GTP-C and GTP-U traffic in the PGW.

The bind_dev field is added to the ogs_socknode_t so that it's easy to
extend its use into lots of other sockets being set up based on config
file information.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/networking/vrf.rst
2022-03-02 20:07:51 +01:00
Sukchan Lee
ed3444eef5 Need to increase NF ref_count
1. UE registered and PDU established.
2. PCF does not receive Heartbeat.
 - PCF De-registered state.
 - Since PDU is established, SMF should not remove NF instance
3. PCF re-registered.
 - HERE, WE NEED TO INCREASE NF REFERENCE COUNT.
   Otherwise, NF instance will be removed if PCF is de-registered state
4. UE sends PDU release request.
5. Because SMF knows PCF NF instance, SMF can send PCF delete
2022-03-01 22:02:02 +09:00
Sukchan Lee
3217e93124 [LINUX] initialize struct epoll_event (#1399) 2022-03-01 21:03:27 +09:00
ji3k54j062k7
19120acadc modify building from source md file (#1403)
Signed-off-by: ji3k54j062k7 <ji3k54g4j062k7@gmail.com>
2022-03-01 20:18:47 +09:00
Pau Espin Pedrol
d06acc7f37 Fix trailing whitespace (#1402) 2022-03-01 17:13:40 +09:00
Supreeth Herle
bc69ddfc6d [SMF]: Fix Framed-IPv6-Prefix AVP length in CCR (#1398) 2022-03-01 17:11:28 +09:00
Sukchan Lee
d54e8a43ce [PCRF] Fix Framed-IPv6 Prefix in CCR (#1398) 2022-03-01 17:09:47 +09:00
Pau Espin Pedrol
ba3a046c62 [SMF] Avoid crash if smf_ue_pool is full (1024 UEs) (#1397) 2022-02-28 21:27:27 +09:00
Sukchan Lee
efe37c1e84 [ASN1C] asn.1 issues in NGAP (#1394 from @nkout)
mouse07410/asn1c#89
Found when tried to encode NGAP_CauseRadioNetwork_release_due_to_pre_emption

mouse07410/asn1c#90
Found when tried to decode messages encoded with newer schema
2022-02-26 16:09:38 +09:00
Supreeth Herle
03280d1f5a Fix prefix length in Gx CCR Framed-IPv6-Prefix AVP (#1396)
As per 3GPP TS 23.401 version 15.12.0, section 5.3.1.2.2
The PDN GW allocates a globally unique /64
IPv6 prefix via Router Advertisement to a given UE.

After the UE has received the Router Advertisement message, it
constructs a full IPv6 address via IPv6 Stateless Address
autoconfiguration in accordance with RFC 4862 using the interface
identifier assigned by PDN GW.

For stateless address autoconfiguration however, the UE can
choose any interface identifier to generate IPv6 addresses, other
than link-local, without involving the network.

And, from section 5.3.1.1, Both EPS network elements and UE shall
support the following mechanisms:

/64 IPv6 prefix allocation via IPv6 Stateless Address
autoconfiguration according to RFC 4862, if IPv6 is
supported.
2022-02-26 15:25:08 +09:00
Pau Espin Pedrol
51a75cde26 Pespin/pr (#1395)
* [SMF] Gn: Avoid assert crash if no PDP resources available

* [SMF] Gn: Rearrange IE handling order in CreatePDPContextRequest

Let's handle the GTPC remote addr + TEID first, since those should be
used in the CreatePDPContextResponse ideally if available.

Let's then handle parsing of all IEs not related to bearers/UserPlane,
then those missing, and finally do all the IP resource allocation.
2022-02-25 22:39:44 +09:00
Supreeth Herle
52bc4be547 Bugfix packet filter for pre rel11 LTE devices (#1393)
* Fix conversion from IPFilterRule to packet filter

As per 3GPP TS 24.008, following Packet filter component type identifier
are not supported on the LTE pre release-11 UEs:

IPv4 local address type
IPv6 remote address/prefix length type
IPv6 local address/prefix length type

And,
IPv6 remote address/prefix length type and
IPv6 local address/prefix length type shall be used when both MS and
Network support Local Address in TFTs.

This commit add logic to omit adding local address in packet filters
for compatibility with pre-release LTE 11 devices. The following parameter
could be used to toggle omit/no to omit behavior.

parameter:
	no_ipv4v6_local_addr_in_packet_filter: <true/false>

* Remove logic of supporting pre-release LTE 11 devices in PCRF
2022-02-25 22:11:51 +09:00
Pau Espin Pedrol
3b6da3ddb2 [GTPv1C] Fix sequm not added to EchoResponse and VersionNotSupported (#1390)
According to TS 29.060 they should be added.

section 7.6:
"if it is a request for which a response has been defined, shall be sent
with a Sequence Number"

section 8.2:
"""
Sequence number flag (S) shall be set to "1"
...
For GTP-C messages not having a defined response message for a request
message, i.e. for messages Version Not Supported, RAN Information Relay
and Supported Extension Headers Notification, the Sequence Number shall
be ignored by the receiver.
"
2022-02-24 23:38:52 +09:00
Pau Espin Pedrol
dbd9e8bd78 [GTPv1C] Set EUA spare field to '1111' as per spec (#1388) 2022-02-24 06:03:54 +09:00
Pau Espin Pedrol
3833a73a14 [SMF] incorrect GTPv1C cause with changed APN (#1387) 2022-02-23 20:48:36 +09:00
Sukchan Lee
953a7321c6 [SMF] fix the crash in VoLTE test (#1383) 2022-02-23 20:31:28 +09:00
Pau Espin Pedrol
5ad1b188e4 [SMF] UpdatePDPContext: forward update of remote TEID+IPaddr to UPF (#1383)
* [SMF] typo fixes in commented code

* [SMF] Fix early err return handling UpdatePDPContextRequest

* [SMF] UpdatePDPContext: forward update of remote TEID+IPaddr to UPF

Updating the remote GTP-U IP address and/or TEID on the GGSN is a common
practice, used for instance by an SGSN in a UTRAN network to connect an
HNB(GW) to exchange GTP-U directly with the GGSN. It is also used in
general when doing handovers.
When receiving a UpdatePDPContext with the new address, we need to
forward the update to the UPF so that it takes it into account when
forwarding packets.

This patch only implements updating the information towards the UPF when
GTPv1C is used. Similar approach for GTPv2C (upon receival of Modify
Bearer Request) is still unimplemented.

Related: https://github.com/open5gs/open5gs/issues/1367
2022-02-23 20:21:33 +09:00
Sukchan Lee
af3db1770f [SMF] incorrect GTP cause with changed APN (#1360)
SMF setting incorrect Cause when answering
with a changed APN type IPv4v6 ->IPv4/IPv6
2022-02-23 20:16:04 +09:00
Sukchan Lee
d61127afcc [SMF] fix the seperate DNS in PCO IPCP (#1358) 2022-02-23 17:38:07 +09:00
Pau Espin Pedrol
882548de11 [SMF] UpdPDPCtxRsp: Fix adding 2 IP addresses to one GSN Address IE (#1382)
In the event we have 2 local IP addresses available for use, put the one
having same IP version in "GGSN Address *" IE, and the one with the
other IP version in "Alternative GGSN Address *" IE.

Same fix was applied recently to CreatePDPContextResponse.
2022-02-22 07:00:14 +09:00
Pau Espin Pedrol
b0fc06ab6c Fix trailing whitespace (#1381) 2022-02-22 07:00:06 +09:00
Pau Espin Pedrol
b7698810ac [SMF] s/'Context not found'/'Non-existent'/ in {Update,Delete}PdpContextResponse (#1379)
TS 29.060 sections 7.3.4 and 7.3.6 specify the possible cause values for
UpdatePdpContextResponse and DeletePdpContextResponse.
Together with section 8.2, it becomes clear that 'Non-existent' cause
should be sent instead of 'Context not found' one in those cases.
2022-02-21 22:18:39 +09:00
Sukchan Lee
e3fa731c4a [SBI] fix the timezone string converter (#1376) 2022-02-20 20:18:32 +09:00
Sukchan Lee
420c1d5ad3 [SMF] fix the PCO bug (#1357, #1358)
- SMF can handle PCO ID PAP (0xc023)
- SMF adds DNS servers to PCO IPCP only if UE requested
2022-02-19 16:05:07 +09:00
Sukchan Lee
b4f382d360 [MEM] fix pkbuf problem in multi-threads (#1353)
We should use talloc in multi-threads instead of pkbuf.
Now, pkbuf library only uses single-thread environment.
2022-02-19 09:47:44 +09:00
Pau Espin Pedrol
137ed99dd5 [GTPv1C] Send conditional IE Reordering Required in CreatePDPCtxResp (#1374)
It seems to be actually mandatory in GGSN->SGN directon, though it is
ignored in Release99 upwards. Let's hardcode it to 0 for now, should be
fine in the majority of cases.
2022-02-19 06:36:54 +09:00
Pau Espin Pedrol
f7999a2cad [GTPv1C] Fix outer message length field containing wrong value (#1373)
The mandatory part of the header must be excluded from the header, that
is flags(1)+type(1)+length(2)+teid(4) = 8 bytes.
2022-02-19 06:36:40 +09:00
Pau Espin Pedrol
2056a5b500 [PCRF] Fix trailing whitespace (#1372) 2022-02-19 06:33:46 +09:00
Pau Espin Pedrol
8b1bdf42a2 [SMF] Fix adding 2 IP addresses to one GSN Address IE (#1371)
In the event we have 2 local IP addresses available for use, put the one
having same IP version in "GGSN Address *" IE, and the one with the
other IP version in "Alternative GGSN Address *" IE.
2022-02-19 06:33:19 +09:00
Pau Espin Pedrol
8cc70694db Introduce Gn interface (GTPv1C) Support to PGW (#1351)
* [CORE] tlv: Store mode in ogs_tlv_t

This allows specifying the format of the IE for each individual IE,
hence allowing messages containing IEs formatted in different ways.

This is needed in order to support parsing GTPv1-C, since messages
contain IEs with different structure (TLV vs TV). Hence, this is a
preparation patch to add support for parsing TVs in ogs-tlv.c/.h.

* [CORE] tlv: Support parsing msg with both TLV and TV in it

IEs of type TV are sometimes used in GTPv1-C. Current tlv parser/builder
doesn't provide with ways to parse messages which contain TV formatted
IEs. This patch adds the relevant types and ways to encode/decode them.

Furthermore, the current parser/builder allows parsing/building messages
containing the exact same format in all its IEs. A new parser function
is added which allows parsing messages of different types (TV, TLV)
mixed in the same message. In order to be able to do so, it uses the
general msg_mode passed to it in order to know the general TLV format
(in essence, the length of the Tag field, and also the length of the
Length field if applicable each IE).

Looking up the instance in the TLV description is left undone and
hadcoded to 0, since the only user so far requiring this API is GTPv1-C,
which has no instances.

* [CORE] tlv: Support repeated tag+instance parsing TLV message

In GTPv2C, repeated IEs (same tag) are easily differentiated by the
Instance byte, which provides info to match different decoded
structures. In GTPv1C though, there's no Instance byte, and we still
encounter repeated IEs (like GSN Address in Create PDP Context Request).
Hence, the TLV decoder needs to be updated to track count of IEs found
(identified by tag+instance, where instance is always 0 in GTPv1C) and
get the proper description index + offset into the decoded structure.

* [GTP]: Move GTPv2-C specifics to its own libgtp subdir

This will allow adding GTPv1-C code by the side. Most GTPv2 code is left
in this patch as "gtp" instead of renaming it to "gtp2" in order to
avoid massive changes. It can be done at a later stage if wanted.

* [GTP] Support generating GTPv1-C messages

* [SMF] Add Gn interface support

This patch introduces GTPv1C support to open5gs-smfd. With it,
open5gs-becomes a GGSN too, where SGSN can connect to, hence supporting
GERAN and UTRAN networks.
2022-02-18 22:23:45 +09:00
Sukchan Lee
3eab4be135 fix MacOSX compile error (#1354, #1355) 2022-02-18 22:00:57 +09:00
Matthew Johnson
7df65e832e Relax systemd requirements (#1368)
* [configs] Remove requires systemd-networkd dep from smfd service

The smf no longer has (never had?) a dependency on systemd-networkd,
and can start and remain operational without systemd-networkd
specifically running.

* [configs] Relax upf dependency on systemd-networkd

The upf relies on systemd-networkd to create the ogstun interface, but
does not communicate with it at runtime. It currently has a "Requires"
dependency specified, which means that the upf will be stopped if
systemd-networkd is ever stopped. Since the upf doesn't actually care
if systemd-networkd is later stopped after ogstun is created, it can
use the weaker "Wants" dependency type, which allows it to keep
running even if systemd-networkd were to be stopped.

Regardless, since it does rely on systemd-networkd specifically to
create the ogstun interface, it should sequence itself "After"
systemd-networkd has been started.

Since the true dependency is ogstun, not systemd-networkd, a cleaner
approach would depend on the specific tunnel device being
available. Systemd exposes this information via device units, but I'm
not sure if they are always consistently named across platforms.
2022-02-16 17:56:14 +09:00
Matthew Johnson
c0ffe1ffe4 Systemd sequencing (#1366)
* [configs] Do not require ogstun for system online

Systemd-networkd will wait for all managed interfaces to be configured
before determining the system is online. Since the ogstun and upf are
more logically an application rather than a system networking service,
don't wait for them to be configured by default.

This breaks the circular dependency between the userspace cellular
core network services and the system's network, which will allow the
cellular core network services to sequence themselves cleanly after
the system's network is up and configured.

* [configs] Sequence network-dependent units after network-online

Since open5gs targets platforms with both ifupdown (debian) and
systemd-networkd (Ubuntu) as core networking providers, this commit
sequences network-dependent core network components after the generic
network-online.target instead of one of the specific provider
targets. This allows the core network to operate correctly with both
systemd-networkd and ifupdown (networking), and fixes the issue
observed in https://github.com/open5gs/open5gs/issues/826 where some
platforms may fail to start cleanly.
2022-02-15 22:33:33 +09:00
Pau Espin Pedrol
757285bf25 Fix trailing whitespace (#1365)
* [SMF] Fix trailing whitespace

* [CORE] Fix trailing whitespace

* [GTP] Fix trailing whitespace
2022-02-14 20:11:04 +09:00
Sukchan Lee
906e7c5046 [UPF] Consider RS message for IP spoofing (#1354) 2022-02-14 20:07:08 +09:00
Sukchan Lee
0e1ab26ee5 Check if Source IP address spoofing (#1354, #1355) 2022-02-14 17:34:22 +09:00
Sukchan Lee
6e30f97097 Fixed typo in Airspan gNodeB 2022-02-13 20:19:21 +09:00
Sukchan Lee
4145b8b543 Added Airpsan 5G commercial gNodeB to the tested 2022-02-12 14:43:14 +09:00
Sukchan Lee
ffcd92c2f3 [SBI] Remove Accept-Encoding in HTTP client 2022-02-12 14:40:48 +09:00
Sukchan Lee
900e888dc1 [SBI] fix crash when no mandatory item (#1350)
NRF crashed if NFService does not have a versions.
Versions are mandatory, we've modified the SBI interface for the safety.
2022-02-05 20:20:45 +09:00
Sukchan Lee
acfcbda8fa [PFCP] remove be32toh() in TLV u32 leaf (#1349) 2022-02-04 00:26:27 +09:00
Pau Espin Pedrol
5fff69306f logging improvements (#1348)
* [SMF] Fix typo in debug message

* [SMF] Add debug messages to follow messages received in N4
2022-02-02 23:23:12 +09:00
Sukchan Lee
9b7ebf9927 Update document 2022-02-01 15:17:04 +09:00
Sukchan Lee
4018833b3a Relase v2.4.4 2022-02-01 15:07:24 +09:00
Sukchan Lee
8bc584ce80 [CX] Update test code 2022-02-01 14:51:54 +09:00
Sukchan Lee
a7d164c28d [NRF] fix the crash (#1347)
`reqNfInstanceId` is optional in the Subscription.
So, we need to consider it.
2022-01-31 23:19:26 +09:00
Sukchan Lee
83d56fe40d [ALL] Fix the memory leak (#1282) 2022-01-31 22:58:52 +09:00
Sukchan Lee
340b23af94 [SMF] Fixed case without transportLayerAddr(#1341)
Fixed the crash if TransportLayerAddress in GTPTunnel does not exist
2022-01-26 08:09:26 +09:00
Sukchan Lee
3b275edec7 [SBI] Remove one octet length in FQDN (#1333) 2022-01-23 13:49:03 +09:00
Sukchan Lee
866ae78f5e [NRF] fix the crash for invalid FQDN (#1333) 2022-01-22 09:34:38 +09:00
Pau Espin Pedrol
68407efa16 [CORE] tlv_test: Fix trailing whitespace (#1337) 2022-01-22 06:44:08 +09:00
Pau Espin Pedrol
c071bf3c6d [CORE]: tlv: Fix trailing whitespace (#1334) 2022-01-21 21:41:36 +09:00
Sukchan Lee
23647f643b [FQDN] fix the fqdn_parse bug (#1335) 2022-01-21 21:32:35 +09:00
Sukchan Lee
99d03f9d03 Document release v2.4.3 2022-01-20 17:22:10 +09:00
Sukchan Lee
9215b69ee1 Release v2.4.3 2022-01-20 17:12:51 +09:00
Sukchan Lee
0ff9c3e297 Update document srsRAN (#1326, #1322) 2022-01-19 21:39:37 +09:00
Sukchan Lee
776892e09d [PFCP] xact: avoid exporting internal (#1329) 2022-01-19 20:03:28 +09:00
Pau Espin Pedrol
ed3a3a527a [GTP] xact: Avoid exporting internally used functions (#1329)
* [GTP] xact: Fix trailing whitespace

* [GTP] xact: Avoid exporting internally used functions

This simplifies the API header hiding unneeded APIs from external
components, and lets the compiler further optimize by
marking the functions as static.

* [GTP] xact: Drop unused API ogs_gtp_xact_find

After making it static, it became clear to the compiler that this
function is not used anywhere, warning about it. Let's drop it.
2022-01-19 19:54:44 +09:00
Sukchan Lee
8955fdcd5d [SBI] FQDN bug from talloc (#1328) 2022-01-19 17:10:39 +09:00
Pau Espin Pedrol
b3ac5b35eb [SMF] Fix potential null pointer dereference (#1324)
* [SMF] Fix potential null pointer dereference

Pointer "sess" was first dereferenced and later on checked for nullness.
This is clearly wrong. Rearrange the code path to make sure the check is
done first, then dereferenced.

* gitignore: Add subprojects/libtins

* cosmetic: Fix whitespace
2022-01-18 11:23:40 +09:00
Sukchan Lee
79239d8eff [IMPORTANT] changed network_access_mode: 0 (#1323)
The network access mode of HSS has been changed to 0 (Packet and Circuit).

Versions of MME prior to v2.4.2 did not use this value. Open5GS set
the attach result of Attach Complete message as it is by looking
at the attach type of the Attach Request message.

Now, if the network access mode of HSS is set to 2 (Only Packet),
this value is affected by MME from v2.4.3. Regardless of the attach type
of the Attach Request, the MME will set EPS Only to the attach result
of Attach Complete.
2022-01-16 12:35:55 +09:00
Sukchan Lee
522e835101 Update document v2.4.2 2022-01-14 21:03:27 +09:00
Sukchan Lee
13dbdb1b18 Release v2.4.2 2022-01-14 20:46:44 +09:00
Sukchan Lee
e4f864c1f5 Change IPv6 Prefix (#1321) 2022-01-14 11:53:15 +09:00
Julian Lemmerich
f75e51ca46 changed default ipv6 prefix to 2001:db8:cafe:: (#1321)
to be compliant with RFC3849
2022-01-14 11:50:27 +09:00
Sukchan Lee
ea6675879c [ALL] GNB/NF Memory pool from 32 to 64 2022-01-13 17:55:36 +09:00
Sukchan Lee
fdddeaca98 [S6A] Change PUR-Flags to Optional (#1298) 2022-01-13 17:53:54 +09:00
Sukchan Lee
bbd1412a9e [SMF] change log-level from WARN to ERR (#1313) 2022-01-12 20:06:26 +09:00
Sukchan Lee
cfd0193bbd [PCRF] fix the crash in flow->description (#1313) 2022-01-12 10:15:36 +09:00
Sukchan Lee
2ed35f245d Fix the ciphered test program 2022-01-08 12:26:23 +09:00
Sukchan Lee
070cdbc657 [ALL] fix the epoll(map) crash (#1311) 2022-01-06 22:28:24 +09:00
Sukchan Lee
715e4c0b50 Shall cipher in the NAS message container IE
3GPP TS 24.501 version 16.6.0 Release 16
4.4 NAS security
4.4.6 Protection of initial NAS signalling messages

1) the UE needs to send non-cleartext IEs in a REGISTRATION REQUEST
or SERVICE REQUEST message, the UE includes the entire REGISTRATION
REQUEST or SERVICE REQUEST message (i.e. containing both cleartext IEs
and non-cleartext IEs) in the NAS message container IE and shall cipher
the value part of the NAS message container IE. The UE shall then send
a REGISTRATION REQUEST or SERVICE REQUEST message containing
the cleartext IEs and the NAS message container IE;
2022-01-05 22:39:06 +09:00
Sukchan Lee
5e5a61b982 Update document for v2.4.1 2022-01-04 17:58:47 +09:00
Sukchan Lee
592b69ef1e Release v2.4.1 2022-01-04 17:35:41 +09:00
Sukchan Lee
b6de06ee01 fix the test program bug 2022-01-04 17:27:28 +09:00
Sukchan Lee
b988e7edce Use talloc for all memory pool (#1263) 2022-01-04 08:29:18 +09:00
Sukchan Lee
49d9ed03c7 [MME] fix the crash (#1263)
- Change memory pool using talloc library
- Apply ASN1 with r16.7.0
2021-12-28 17:38:11 +09:00
Sukchan Lee
a0f2535cb5 A crafted packet from UE can crash SGW-U/UPF 2021-12-22 20:55:48 +09:00
Sukchan Lee
6f62839ad3 [MME] apply coding convention (#1295)
- limit 80 column
- Use space instead of tab
2021-12-20 23:25:04 +09:00
EugeneBogush
ead9f380a9 update s1ap_handle_e_rab_setup_response (#1295)
* Update s1ap-handler.c

* Update s1ap-handler.c

* update for parse e_rab_setup_response

* Update s1ap-handler.c

* Update s1ap-handler.c

* Update s1ap-handler.c
2021-12-20 23:21:29 +09:00
Sukchan Lee
d87d7c12c2 [MME] fix the crash with unknown S-NSSAI (#1287) 2021-12-17 21:42:26 +09:00
Sukchan Lee
54b919f65f Remove error message (#1294) 2021-12-17 20:51:11 +09:00
Supreeth Herle
1d496e92cd [SMF] Use fe80::1 if link-local address is not available (#1294) 2021-12-17 20:48:22 +09:00
Mehmet Hakan Doğan
414c230f00 this commit is made to reflect changes in PR #1289 (#1293) 2021-12-17 16:00:05 +09:00
Kenny Barlee
d02507e90a print cellID in hex for consistency (#1292) 2021-12-17 11:37:36 +09:00
Sukchan Lee
a3166ab537 Find link-local address in SMF-All address (#1291) 2021-12-17 11:33:54 +09:00
Supreeth Herle
232c387276 [SMF] Fix router advertisement as per rfc 4861 (#1291)
As per RFC 4861 Router advertisement message
format, Source Address MUST be the link-local address
assigned to the interface from which this message is sent.

Since SMF was not sending it as per RFC, certain
phones were not completing the procedure of stateless
IPv6 address autoconfiguration mentioned in
3GPP TS 23.401 version 15.12.0 Release 15, section 5.3.1.2.2
2021-12-17 10:38:37 +09:00
Sukchan Lee
9b40fe25ff added "usage report" to user plane report (#1289)
Author: mhkndgn <hakan.dogan@b-ulltech.com>
Date:   Thu Dec 16 09:51:49 2021 +0300
2021-12-16 21:52:48 +09:00
Sukchan Lee
e302f727fd [Cx] Fix the HSS crash (#1264)
Use Visited-Network-Identifier(Cx) instead of Visited-PLMN-ID(s6a)
2021-12-12 14:33:42 +09:00
Sukchan Lee
27b87c1110 Update document for v2.4.0 2021-12-11 23:12:28 +09:00
Sukchan Lee
fc53fb4beb Release v2.4.0 2021-12-11 22:23:46 +09:00
Sukchan Lee
4f7bb847a9 fix the test program in VoNR 2021-12-11 22:11:36 +09:00
Sukchan Lee
5a85be09d6 [Test] fix the VoNR test program 2021-12-11 07:11:29 -05:00
Sukchan Lee
07a61018b2 [AMF] fix the crash (#1280)
During PDU Session Establishment,
if gNB sends PDUSessionResourceReleaseResponse,
AMF was crashed.

In this case, AMF/SMF remove Session Context and sends ErrorIndication.
2021-12-11 20:35:16 +09:00
Sukchan Lee
74bbc6ecbf [MME] Add S1AP debug (#1263) 2021-12-11 17:28:05 +09:00
Sukchan Lee
d7e23b7f6a [AMF] Registration reject for foreign IMSI (#1281) 2021-12-08 21:05:16 +09:00
Kenny Barlee
1a691e1d4a change reject cause to 11 (#1281) 2021-12-08 20:57:54 +09:00
Sukchan Lee
561f1ac2f3 This always true. So I fixed it (#1266) 2021-12-08 20:56:26 +09:00
Sukchan Lee
a5a5c424c1 Added AMF-initiated AM Policy Termination 2021-12-04 19:31:36 +09:00
Sukchan Lee
aab8286401 [MME] fix the crash issue if enb_ue is NULL(#1275)
An assert occurs when a NAS message retransmission occurs.

Because there is no `enb_ue` context.

Therefore, before removing enb_ue, all Timers must be stopped
to prevent retransmission of NAS messages.
2021-12-04 10:53:49 +09:00
Sukchan Lee
6ae9ecc697 [MME] check PDN mismatch (#1263)
if PDN mismatched between UE and HSS, PDN connectivitiy reject message
will be sent to eNB.
2021-12-02 22:40:47 +09:00
Sukchan Lee
b18cf1bce8 Update Coding rule (#1272) 2021-12-02 22:03:52 +09:00
Daniele
758cf9dd72 bsf bind delete possible fix (#1272)
Avoid to delete bsf binding when there are multiple pdu session associated to the same (s-nssai,dnn) tuple)
2021-12-02 22:00:01 +09:00
Sukchan Lee
448e07d5a9 [AMF/MME] fix the crash during reset (#1268) 2021-11-30 22:22:41 +09:00
Sukchan Lee
00a296a1de update log message (#1266)
1. rollback ogs_error() to ogs_warn()
To remove the print-out in the test code,
8/13 open5gs:epc / attach                    OK      10.60 s
bearer-test         : SUCCESS
session-test        : /11/30 15:59:34.556: [esm] ERROR: Invalid APN[ims2] (../src/mme/esm-handler.c:71)
SUCCESS

2. if( to if (
Coding standard in open5gs
2021-11-30 16:01:37 +09:00
EugeneBogush
4f8c34c7aa Update esm-handler.c (#1266)
added more log info in case problem with APN
2021-11-30 15:52:20 +09:00
Sukchan Lee
acd67c7aa6 [5GC] Service Request Race Condition(#1226)
When UE-triggered and Network-triggered Service Request was occurred at
the same time, we need UPF deactivation and UEContextRelease
2021-11-28 20:54:51 +09:00
Sukchan Lee
d8655e07c6 Oops! fix the mistake in previous commit (83aac49) 2021-11-28 17:54:33 +09:00
Sukchan Lee
83aac49fd0 [MME] Add log (#1263) 2021-11-28 17:05:31 +09:00
Sukchan Lee
ffc15a7d3d Update IPv6 configuration (#1250) 2021-11-28 16:42:47 +09:00
InferCom2
0ae2743d4b Update 01-genodebs.md (#1265)
Tested with this equipment and works
2021-11-28 07:00:30 +09:00
Sukchan Lee
7bcb3eed98 Add Wavemobile sponsor 2021-11-24 18:19:11 +09:00
Sukchan Lee
fc8c807da2 [SMF] fix the crash during IMS calls (#1238)
If PFCP is not deactivated, some eNBs send an GTP error indication.
To solve the problem, SMF deactivates the bearer that will be deleted.
2021-11-23 14:19:30 +09:00
Sukchan Lee
d919b2744c [AMF] fix the memory problem (#1247)
1. memory corruption
- Overflow num_of_part in SBI message
2. null pointer dereference
- n2InfoContent->ngap_ie_type
2021-11-17 08:09:16 +09:00
Sukchan Lee
6a6f214785 [AMF/MME] stop timer when radio failure (#1242) 2021-11-16 12:59:04 +09:00
Sukchan Lee
bfa34be222 fix the buffer overflow (CVE-2021-41794) 2021-11-15 15:49:58 +09:00
Sukchan Lee
0fb8279e36 VoNR added but not tested! 2021-11-14 21:07:56 +09:00
Sukchan Lee
0ea2142ba6 [MME] fix the crash bug (#1205)
If UE is in Authentication-EMM State and eNB is disconnected,
MME could be crashed.
2021-11-06 22:39:09 +09:00
InferCom2
562b7ef7de Update 01-genodebs.md (#1224)
Tested eNB Baicells Nova 249, connected 2 phones and 1 land line with option to convert LTE to WiFi and works perfectly.
2021-11-04 16:12:35 +09:00
Sukchan Lee
1df6c072ed Peraton Labs Becomes Open5GS Sponsor 2021-11-04 10:59:14 +09:00
Sukchan Lee
7567659a29 [UPF] remove link-local (#1217) 2021-10-30 22:34:47 +09:00
EugeneBogush
abd0589eb3 added skiped space before $DB_URI (#1218) 2021-10-29 23:17:00 +09:00
Balint Cristian
0d2c07361e Add explicit 3GPP paragraph name as comments at generation time (#1215) 2021-10-27 15:26:57 +09:00
Sukchan Lee
0e5f438cdc fix the meson 0.60 build error (#1213) 2021-10-27 15:23:09 +09:00
Sukchan Lee
5d234cb108 [GTPv2-C] Fix the Create Bearer Request (#1201)
Use instance 2 instead of instance 1
2021-10-26 15:26:10 +09:00
Sukchan Lee
42c9dce2b7 mistype cachedir in pfcp-tly generator (#1212) 2021-10-24 08:40:52 +09:00
Balint Cristian
13bba81227 Minor fixes: instance extraction & python generator (#1212) 2021-10-24 08:37:11 +09:00
Sukchan Lee
608c08373d WebUI uses localhost by default (#764, #587) 2021-10-23 23:05:39 +09:00
Sukchan Lee
c0f6955250 [AMF] fix the crash when long MSIN length (#1206)
When the UE is in initially registered period,
if the length of MSIN(Part of SUPI) exceeds the normal length,
AMF stack smashing will be caused
2021-10-19 21:21:12 +09:00
Sukchan Lee
7d9a651f6c Release v2.3.6 2021-10-16 22:55:49 +09:00
Sukchan Lee
489b633e08 Update Supported-Feature AVP (#1202)
Add the Vendor-Id AVP in Supported-Features AVP in
CCR(Credit-Control-Request)
2021-10-16 17:41:53 +09:00
Sukchan Lee
9ba4b317d2 Improve GTP message (#1201)
Extended Indication
Add Delay Value
2021-10-16 17:26:30 +09:00
Sukchan Lee
b35febd9c4 [MME] fix the crash during GTP no context (#1205)
This bug occurs when SGW-C restarts and the next signal occurs
between MME and SGW-C
- Create Session Request/Response
- Modify Bearer Request/Response
2021-10-16 14:11:43 +09:00
Sukchan Lee
f05accc7f3 MME/AMF will not crash with no APN length (#1199) 2021-10-13 23:01:24 +09:00
Sukchan Lee
7db0c039a1 Add ng-voice logo 2021-10-13 17:22:56 +09:00
Sukchan Lee
35f4cf8deb Release v2.3.4 2021-10-06 22:12:48 +09:00
Nick
ec7735d447 Added links to two new tutorials in docs page. (#1194) 2021-10-06 18:49:04 +09:00
Spencer Sevilla
b600ab5724 removing diameter includes from upf (#1193) 2021-10-06 07:01:05 +09:00
Mehmet Hakan Doğan
3cb2808ebf this commit is made to reflect the contribution on pull request #1190 (#1192) 2021-10-05 18:11:03 +09:00
Sukchan Lee
013b4dc8e9 update coding style 2021-10-04 22:33:57 +09:00
Sukchan Lee
5e016937c7 Update URR contribution (#1190) 2021-10-04 22:28:32 +09:00
Sukchan Lee
13f1b390ae CVE-2021-41794 from NCC Group by Mark Tedman
When connecting to the UPF port for the PFCP protocol (8805) and sending
an association setup request followed by a session establishment request
with a PDI Network Instance set to ‘internet’, it causes a stack corruption
to occur.

So, ogs_fqdn_parse() fixed.
2021-10-01 22:41:03 +09:00
Carlos Giraldo
7dcde91057 Improve open5gs-dbctl (#1181)
* fix exit code in open5gs-dbctl

* enable non-local mongodb in open5gs-dbctl through DB_URI
2021-09-26 20:36:40 +09:00
Sukchan Lee
127685f908 [SGW-C] fix the crash after restarting UPF (#1177) 2021-09-26 20:25:51 +09:00
Sukchan Lee
9e4a791c2b P1 Security becomes Open5GS Sponsor 2021-09-11 08:12:37 +09:00
Sukchan Lee
9c589ac584 [PFCP] include outer header removal(ext-deletion) 2021-09-04 18:03:04 +09:00
Sukchan Lee
e730530f7b [SMF] Exception handling in session release(#1155)
- UE changes the airplain-mode. However, it does not send PDU
    session complete message
    - Added exception handling for PDU session release
2021-09-04 16:14:18 +09:00
Sukchan Lee
1354947164 Improve Milenage library for [R1-R5] (#1153) 2021-09-01 19:38:36 +09:00
Sukchan Lee
233db575ea [SMF] fix crash when BSF is not running [#1149] 2021-08-29 00:02:39 +09:00
Sukchan Lee
e2fe15d2ae [SMF] TAI/ECGI is not required in WLAN (#1039) 2021-08-27 11:40:58 +09:00
Sukchan Lee
7615869c94 LIONS have successfully connected gNB to Open5GS. 2021-08-23 19:24:36 +09:00
Sukchan Lee
77955d01f8 Document update for 'your first LTE' 2021-08-23 14:37:29 +09:00
Umakant Kulkarni
5234001b0a Increase cluster_2048_pool to 1024 (#1143) 2021-08-23 08:06:14 +09:00
Sukchan Lee
fa67341263 Documentation errata update 2021-08-21 18:48:21 +09:00
Sukchan Lee
a797578b60 Release v2.3.3 2021-08-21 18:44:46 +09:00
Sukchan Lee
1c07e4c6b2 Update README.md 2021-08-21 18:14:36 +09:00
Sukchan Lee
ab7f565dd6 [MME/AMF] Use Non-UE signalling in Paging (#1134) 2021-08-18 19:42:27 +09:00
Sukchan Lee
5af66be7b5 [Docs] Update @s5uishida channel (#1133) 2021-08-17 22:24:54 +09:00
Sukchan Lee
ced4a6f945 [SGW-C] fix the shared object error (#595)
nas-common library includes libcrypt. However, SGW-C don't have to use
crypt library. As such, ogs_nas_plmn_id function was moved to
3gpp-core-types.[ch]

For more information,

$ ./install/bin/open5gs-sgwcd
./install/bin/open5gs-sgwcd: error while loading shared libraries: libogscrypt.so.2: cannot open shared object file: No such file or directory

$ ldd ./install/bin/open5gs-sgwcd
	linux-vdso.so.1 (0x00007ffc749ad000)
	libogsapp.so.2 => /home/acetcom/Documents/git/open5gs/install/lib/x86_64-linux-gnu/libogsapp.so.2 (0x00007f1f92277000)
	libogscore.so.2 => /home/acetcom/Documents/git/open5gs/install/lib/x86_64-linux-gnu/libogscore.so.2 (0x00007f1f92240000)
	libogsgtp.so.2 => /home/acetcom/Documents/git/open5gs/install/lib/x86_64-linux-gnu/libogsgtp.so.2 (0x00007f1f921eb000)
	libogsnas-common.so.2 => /home/acetcom/Documents/git/open5gs/install/lib/x86_64-linux-gnu/libogsnas-common.so.2 (0x00007f1f921e5000)
	libogspfcp.so.2 => /home/acetcom/Documents/git/open5gs/install/lib/x86_64-linux-gnu/libogspfcp.so.2 (0x00007f1f92177000)
	libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f1f92134000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f1f91f42000)
	libyaml-0.so.2 => /usr/lib/x86_64-linux-gnu/libyaml-0.so.2 (0x00007f1f91f20000)
	libogscrypt.so.2 => not found
	libogsipfw.so.2 => /home/acetcom/Documents/git/open5gs/install/lib/x86_64-linux-gnu/libogsipfw.so.2 (0x00007f1f91ef5000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f1f922b1000)
2021-08-17 21:58:31 +09:00
Sukchan Lee
72c5f80f26 Add Ruckus Q710/Q910 [#1131] 2021-08-14 16:54:36 +09:00
Sukchan Lee
3564fe5c8c [SMF/UPF] Clarify FALLBACK SUBNET [#1128] 2021-08-14 16:52:53 +09:00
Sukchan Lee
e5594a57b9 [AMF] fix an invalid GSM reject aligungr#375
TS24.501
8.2.11 DL NAS transport
8.2.11.4 5GMM cause

The AMF shall include this IE when the Payload container IE
contains an uplink payload which was not forwarded and
the Payload container type IE is not set to "Multiple payloads".

-0-
As such, this function 'nas_5gs_send_gsm_reject()' must be used
only when an N1 SM message has been forwarded to the SMF.
2021-08-14 12:01:13 +09:00
Sukchan Lee
af5b3aa931 [MME/AMF] fix the crash during timeout (#1122) 2021-08-08 12:38:15 +09:00
Sukchan Lee
831b29973f [PCF] fix the 'NULL' AfEvent in VoNR (#1120) 2021-08-08 09:10:37 +09:00
Sukchan Lee
68edcd6438 fix the SMF crash when num of flow > 8 (#1108) 2021-08-07 14:23:20 +09:00
Jose Carlos
e9dbe5a3d7 Update 01-genodebs.md (#1124) 2021-08-07 07:51:19 +09:00
Sukchan Lee
7e5a5d7511 fix the SMF/PCRF crash when bearer > 8 (#1108) 2021-07-29 18:10:28 +09:00
Sukchan Lee
acb4db5dd1 Fix the crash when number of flow > 8 (#1108) 2021-07-28 14:00:03 +09:00
Sukchan Lee
3e7d2398a2 Merge branch 'herlesupreeth-issue1099' into main 2021-07-27 20:34:46 +09:00
Sukchan Lee
c6b13be92a do the finishing touches (#1108) 2021-07-27 20:33:46 +09:00
herlesupreeth
0db09f5c25 Fix stash smashing when number of PFs for bearer > 8 2021-07-23 14:22:55 +02:00
herlesupreeth
bd6eea4fa5 Introduce checks for maximum accepted flow rules for a bearer in Gx path 2021-07-23 14:22:55 +02:00
Sukchan Lee
e1c79647e2 [SMF] session data was accessed when NULL (#1105) 2021-07-23 16:24:59 +09:00
Supreeth Herle
362393d0ff fix: session data was accessed when NULL resulting in crash (#1105) 2021-07-23 16:22:46 +09:00
Sukchan Lee
0c1a3d7f95 Add OAI(gNodeBs) tested on Open5GS (#1988) 2021-07-19 16:05:30 +09:00
Sukchan Lee
eb9b780449 Release v2.3.2 2021-07-18 20:42:50 +09:00
Sukchan Lee
039b9d0aaa SBI updated
- openapi-generator version 5.2.0
- add priority/capacity/load in NFProfile/NFService
- add AllowedNfTypes in NFProfile/NFService
2021-07-16 17:02:33 +09:00
Sukchan Lee
1326fc85dc [MME] fix the bug when GTPv2 conflict (#1095) 2021-07-15 21:20:56 +09:00
Sukchan Lee
4667b99c92 fix the BUG in SWx diameter (#1039) 2021-07-13 22:00:04 +09:00
Sukchan Lee
7cfeb2e9f9 Change SIGWINCH log-level from ERROR to INFO 2021-07-12 19:52:28 +09:00
Sukchan Lee
005cd30e02 fix the bug for Real PCF unable to PATCH (#1086) 2021-07-12 17:30:45 +09:00
Sukchan Lee
dde0785375 Tested with 4G commercial (#c918b4b)
- Nokia FRGY Flexi BTS BBU with Nokia FRCG RRU Band 5 850Mhz FDD 40W. Version 16.1A to 19.0
- Huawei BBU5900 with RRU5304W Band 7 FDD 2600Mhz 40W Version V100R016C10
2021-07-11 19:01:38 +09:00
Sukchan Lee
16f8d5fa49 Merge branch 'main' of https://github.com/open5gs/open5gs into main 2021-07-09 19:00:53 +09:00
Sukchan Lee
e71a158ed7 Update sysmocom(sponsor) logo 2021-07-09 19:00:32 +09:00
Sukchan Lee
c918b4b5b6 Tested Ericsson Baseband 6630 on Open5GS 2021-07-09 09:50:11 +09:00
Sukchan Lee
2471b1b53d comply with coding standard 2021-07-08 15:00:59 +09:00
Sukchan Lee
f278d58a69 Upgrade SBI(Service-based Interface)
* OpenAPI Generator version: 4.3.1 ==> 5.5.1
* Specification : r16.8.0 (20210629)
2021-07-07 17:32:55 +09:00
Sukchan Lee
2aaa8200c2 BSF mis-type in Debian Pakcage Name 2021-07-06 10:00:03 +09:00
Sukchan Lee
65e96dd75c [AMF] fix the bug for making allowed NSSAI (#910) 2021-07-01 16:23:27 +09:00
Sukchan Lee
ec377a8849 Remove Ubuntu 19.x in OBS 2021-06-29 23:07:15 +09:00
Sukchan Lee
bedd05e654 Document update for v2.3.1 2021-06-29 22:14:04 +09:00
Sukchan Lee
8959c787bc Release v2.3.1 2021-06-29 22:07:06 +09:00
Sukchan Lee
f728e5da89 Tested on more debian/ubuntu distributions
- Debian : bullseye, sid
- Ubuntu : hirsute
2021-06-27 16:52:09 +09:00
Sukchan Lee
442e7d44e7 Change Open5GS API for exit (#1069) 2021-06-24 12:44:52 +09:00
Spencer Sevilla
e1e3f254e2 need to exit (and therefore restart HSS) on FD_LOG_FATAL (#1069) 2021-06-24 12:44:24 +09:00
Sukchan Lee
997554bbb7 Avoid defining variables in the middle (#1068) 2021-06-24 12:42:31 +09:00
Josh Bailey
38ff2dc6f7 trim buffer to correct size after creating ARP or ND reply. (#1068) 2021-06-24 12:37:58 +09:00
Sukchan Lee
a396ea8fc1 [AMF] NG Setup Failure with proper cause (#1064) 2021-06-22 17:56:45 +09:00
Sukchan Lee
7f774884ea [MEM] increase memory pool (#1062) 2021-06-22 16:56:18 +09:00
Sukchan Lee
50f403279a [AMF/MME] fix the crash bug (#1061) 2021-06-22 16:13:06 +09:00
Sukchan Lee
00c96a3f0f [NAS] fix the security issue (ZDI-CAN-14043) 2021-06-21 14:56:03 +09:00
Sukchan Lee
4537142929 [EPC] Support ePDG Interface (#1039) 2021-06-21 22:36:38 +09:00
Sukchan Lee
e0869104c6 [PCF] fix the crash during UE attach (#1059) 2021-06-17 21:26:34 +09:00
Sukchan Lee
c48f107520 [MME] fix the crash when release a UE (#1058) 2021-06-17 17:16:16 +09:00
Sukchan Lee
780f829962 use 'continue' instead of 'return' (#1052) 2021-06-15 11:04:56 +09:00
Spencer Sevilla
449b5b484f need to return here to prevent segfault (#1052) 2021-06-15 11:04:36 +09:00
Spencer Sevilla
d9b5c29a9b add open5gs-dbctl back into packages (#1051)
Co-authored-by: Spencer Sevilla <spencer@Spencers-MacBook-Air.local>
2021-06-15 10:27:10 +09:00
Sukchan Lee
9e664a744b [MME] refine the pull request #1049 2021-06-13 12:03:36 +09:00
R. Medeiros
a252fae84f Indication Dual Address Bearer for create session request. (#1049)
* Update mme-s11-build.c

Add indication Dual Address Bearer in the create session request when the PDN is IPv4v6 Type, Info: 3GPP TS 29.274

* Update mme-s11-build.c
2021-06-13 11:52:23 +09:00
Sukchan Lee
47c9f4e4a0 Release v2.3.0 2021-06-08 21:53:23 +09:00
Sukchan Lee
e31a8474b2 [SMF/UPF] fix the crash bug (#1034, #1006) 2021-06-08 21:14:18 +09:00
Sukchan Lee
774e1b0ebd [Sponsor] Add sysmocom logo 2021-06-07 22:10:01 +09:00
Sukchan Lee
ac37e00b42 [Sponsor] Add sysmocom logo 2021-06-07 21:44:02 +09:00
Sukchan Lee
118d62d42d Add more memory log 2021-06-06 22:35:46 +09:00
Sukchan Lee
80a9497afd [PFCP] Add more error log (#1012) 2021-05-30 20:35:30 +09:00
Sukchan Lee
ef07ccfb88 fix the default SBI port (#997, #1008) 2021-05-30 10:35:01 +09:00
Sukchan Lee
5d460b0577 [UPF] Tested all platforms on open5gs (#1022) 2021-05-29 23:08:22 +09:00
Sukchan Lee
8dab1852cc Merge branch 'tap' of https://github.com/anarkiwi/open5gs into pull1022 2021-05-29 18:06:43 +09:00
Sukchan Lee
899c121478 remove warning in MacOSX 2021-05-29 16:03:40 +09:00
Sukchan Lee
fe89f7cd11 [5GC] Added BSF(Binding Support Function) 2021-05-29 15:56:12 +09:00
Sukchan Lee
611986794b Squashed commit of the following:
commit 183d8b8344122f25f77be79b1b698c71f48c1656
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Fri May 28 23:44:26 2021 +0900

    [SMF] introduce new list API [#1019]

    Sometimes we may need two lists for same node.
    To do this, I created a new list API, and applied it this pull request.
2021-05-28 23:46:48 +09:00
Josh Bailey
caa73e1f5e Support TAP interfaces, with ARP/ND. 2021-05-28 05:59:03 +00:00
herlesupreeth
4d6692d8fe fix: DRB lost issue when additional TFTs needs to be added to existing bearer with TFTs
This commit address the issue where a bearer with particular
PCC rule name exists with TFTs and addtional TFTs needs to be added
to same bearer and DRB lost is reported by UE.

This is achieved by creating EPS Bearer Level Traffic Flow Template
with TFT operation code as 'OGS_GTP_TFT_CODE_ADD_PACKET_FILTERS_TO_EXISTING_TFT' in
above scenario rather than use 'OGS_GTP_TFT_CODE_CREATE_NEW_TFT' at all times.
And, not remove existing packet filters for the bearer.
2021-05-27 15:57:32 +02:00
Sukchan Lee
64508c2e5c [DOC] Add Huawei BTS 5900 (#994) 2021-05-19 23:33:10 +09:00
Sukchan Lee
35d5b7e16e Release v2.2.9 2021-05-19 14:21:47 +09:00
Sukchan Lee
3d11b87127 [AMF] Buffix for NON-initial NAS message (#1106)
Confirmation for non-cleartext IE should only be applied
to the initial NAS message. Registration requests and Service requests
with UplinkNASTransport do not have to.
2021-05-19 13:27:31 +09:00
Sukchan Lee
873cf398c7 [ALL] Add protection of message encoding (#991)
All process will be forcely exited if it failed to encode the S1AP/NGAP/GTP/PFCP message. It is to make sure there was no problem with the encoding of open5gs.
2021-05-16 12:22:10 +09:00
Sukchan Lee
dfaf2f1567 [SMF] PF precedence generated by Pool (#1001) 2021-05-16 11:26:40 +09:00
Supreeth Herle
b6a030d82b Support for IMS video calling (#1001)
* Preserve local port in Rx flow-description

In contnuation to support for calling in pre-rel. LTE 11 devices
, rather than removing the local IP addr field and local port remove
only the IP addr field

* tft: Set precedence considering exisiting TFTs in all bearers of a DNN
2021-05-16 10:08:41 +09:00
Sukchan Lee
3df75e37df [GTP/PFCP] Remove SO_REUSEADDR in UDP (#986,#992)
In case of IP conflict, it has been modified to automatically shut down with an error message so that users can easily recognize it.
2021-05-15 20:37:15 +09:00
Sukchan Lee
f861919507 [AMF] asn1c decode error for APC_EXTENSIBLE (#994) 2021-05-14 16:46:08 +09:00
Sukchan Lee
257f398a11 [AMF] Add more buffer for 5GMM capability (#959) 2021-05-13 19:55:00 +09:00
Sukchan Lee
4a1ddb6650 [DOC] update troubleshoot [#936] 2021-05-09 18:42:45 +09:00
Sukchan Lee
496b5a9e58 Release v2.2.8 2021-05-09 11:45:52 +09:00
Sukchan Lee
916bf752b4 [DOC] Update Troubleshoot for DiameterError (#936) 2021-05-09 11:17:19 +09:00
Sukchan Lee
26f14ee7ca [WebUI] fix the security flaw in account (#764)
- In developement mode, if there is no default admin account,
  Node.js server WILL create admin/1423 account.
- In production mode, even though there is no default admin account,
  Node.js server WILL NOT create admin/1423 account.

1. WebUI installation script will create default admin account
   if there is no account.

   $ curl -fsSL https://open5gs.org/open5gs/assets/webui/install | sudo -E bash -

2. Installation script will automatically uninstall WebUI
   if WebUI has already been installed.
2021-05-08 23:11:27 +09:00
Sukchan Lee
ff4695bd5a [AMF/MME] malformed Path-Switch-Request (#960)
fix the crash
2021-05-08 17:01:45 +09:00
Sukchan Lee
3b19190f56 [AMF] fix crash due to malformed NGAP (#960) 2021-05-08 15:09:10 +09:00
Sukchan Lee
5ea9b22209 [AMF] security protection (UERANSIM-issues316)
1. Allocate ngKSI other than the value already used.
2. Add the protection of Service request
3. fix SBI convert error ng_ap_cause
2021-05-08 13:24:17 +09:00
Sukchan Lee
b0e8dbb31a [NAS] Protection for malformed NAS message (#959)
Add the protection code to avoid AMF/MME crash due to malformed NAS
message
2021-05-07 23:04:48 +09:00
Sukchan Lee
018b352985 [AMF] fix the UE-AMBR in NGAP message (#979)
1. DownlinkNASTransport
If AMF has not sent it previously, UE-AMBR is included in Registration
accept.

2. InitialContextSetupRequest
If PDUSessionResourceSetup is available, UE-AMBR is included

3. PDUSessionResourceSetupRequest
If AMF has not sent it previously, UE-AMBR is included

4. HandoverRequest
If PDUSessionResourceSetup is available, UE-AMBR is included
2021-05-07 21:18:45 +09:00
Sukchan Lee
1dc692753a [AMF] Distinguish Cleartext/Non-cleartext (#958)
1. If UE does not use a NAS container for Non-cleartext IEs,
   Open5GS AMF will send Registration reject message.
2. If UE sends Non-cleartext IEs without Integrity-protected,
   Open5GS AMF will send Registration reject message.
3. If UE does not send NAS container in Security mode complete message,
   Open5GS AMF will send Registration reject message.
2021-05-07 15:07:51 +09:00
Sukchan Lee
182a61dc0b [IPFilter] Assert if getprotobyname() problem (#977) 2021-05-07 10:47:10 +09:00
Sukchan Lee
dc870cc839 [SMF/UPF] fix the bug for decoding IPFilter (977) 2021-05-06 21:15:32 +09:00
Sukchan Lee
9a814ceac9 [Docker] update docker script (#976)
- Use 'meson test -v' instead of 'ninja -C build test'
- remove wireshark from docker development environment
2021-05-06 17:21:48 +09:00
Sukchan Lee
b4c1987ede [Doc] fix a typo error (#973) 2021-05-06 16:35:04 +09:00
Sukchan Lee
ab93fb7613 [WebUI] change curl version to LTS-14 (#971) 2021-05-06 16:26:34 +09:00
Ethan Arnold
6cc84b69ce improve README formatting (#975) 2021-05-06 06:50:23 +09:00
Ethan Arnold
8ca9402d11 improve formatting of README.md (#974) 2021-05-05 23:55:40 +09:00
Sukchan Lee
5901582281 [GTPv2] fix incorrect formatting PLMN-ID (#969) 2021-05-05 22:51:50 +09:00
Sukchan Lee
e5a0dfb444 [SBI] fix the compile warning in MacOSX 2021-05-05 22:04:17 +09:00
Sukchan Lee
0b063a57c8 [MME] fix the NAS encoding for AMBR (#967) 2021-05-05 21:16:31 +09:00
Sukchan Lee
cea1dff5a1 [Alpine] remove GLIBC macro (#957) 2021-04-30 22:16:07 +09:00
Sukchan Lee
002e3c7ae9 [Alpine] Add Dockerfile and Document 2021-04-30 22:13:04 +09:00
Venkata Pilla
27b25b8993 Added support for musl libc, to support compilation on Alpine Linux and other musl libc based systems. (#957) 2021-04-30 22:07:20 +09:00
Sukchan Lee
0b05308188 Release v2.2.7 2021-04-30 14:52:18 +09:00
Sukchan Lee
3b1ebfa9ed [MME] Fix the Invalid AMBR Unit (#967) 2021-04-30 11:58:02 +09:00
Sukchan Lee
959bc6a248 [PFCP] DNS delay during PFCP association (#891)
1. Remove ogs_getnameinfo().
2. Modify to check a valid IP address by using ogs_inet_pton() in order not to use DNS query
2021-04-30 10:17:01 +09:00
Matthew Johnson
96050ed6e2 [misc] Use correct units and session types when upgrading (#968)
* [misc] Set slice session type when upgrading

* [misc] Use correct units when upgrading

The old UI specified units in kbps, which corresponds to enum 1, not
enum 0, in the new schema and UI.
2021-04-30 09:31:57 +09:00
Sukchan Lee
49d7fe3b82 fix compilation error in FreeBSD 2021-04-30 00:17:26 +00:00
Sukchan Lee
19a8e4cd70 [Cx] Chanage IMPUs (#921)
Change the order of IMPUs sent in XML as follows and also have only the
following IMPUs

i.e.
    1. sip:<MSISDN>@ims.mnc<MNC>.mcc<MCC>.3ggpnetwork.org
    2. tel:<MSISDN>
2021-04-30 07:07:52 +09:00
Supreeth Herle
8cf606fd6b Update IMPUs to be added for a IMS user (#966)
* Update IMPUs to be added for a IMS user

* Tutorial update based on maintained repo and its related changes

* Minor doc update
2021-04-30 07:02:32 +09:00
Sukchan Lee
a58214da76 [5GC/EPC] tested with concurrent 500 UEs (#949)
Fix the memory problem in many simulatneous connections test
2021-04-29 22:01:34 +09:00
KaiPKaiPGirl
03e74c93e8 Update Dockerfile (#962) 2021-04-27 22:48:46 +09:00
Matthew Johnson
72374e439a Some cleanup for the db migration script (#956) 2021-04-25 15:25:51 +09:00
Sukchan Lee
fc27f7499b [SMF/SGW-C] fix the PFCP RR selection (#953)
The configuration has changed. PFCP node rr=0 is removed as shown below.
sgwc:
  pfcp
    rr: 0 <-- Removed

Introduced a new configuration method for SMF/SGW-C

parameter:
  no_pfcp_rr_select: true

By default, PFCP round robin selection is allowed.
The above parameters prohibit selecting PFCP in a round robin manner.
2021-04-24 20:56:14 +09:00
Sukchan Lee
dcfc9ef803 [AMF/MME] Add retransmission for accept message
Registration accept with GUTI
Attach accept
Tracking area update request with GUTI
2021-04-23 15:16:18 +09:00
Kenny Barlee
2766a1ce2c add N4u/Sxu details (#955) 2021-04-22 22:35:34 +09:00
Sukchan Lee
20a662a9aa [conf] change the example conf (#953) 2021-04-22 08:45:11 +09:00
Sukchan Lee
1a13ab3a7d [conf] change the example conf (#953) 2021-04-21 22:42:39 +09:00
Sukchan Lee
73c3aa54c0 [ALL] Fix the terminate sequence (#938) 2021-04-21 17:46:03 +09:00
Sukchan Lee
793a82020f [ALL] Init updated for an Invalid IP (#938) 2021-04-21 17:24:17 +09:00
Sukchan Lee
e459a85bc1 [Docker] Update WebUI Version to 2.2.6 (#945) 2021-04-21 15:42:36 +09:00
Sukchan Lee
27285a60da [DOC] Clarify DB Schema changes (#936) 2021-04-20 21:33:32 +09:00
Kenny Barlee
9ff93f0e49 update diagrams for new features (#944) 2021-04-16 20:31:06 +09:00
Sukchan Lee
ea89d8dc8e [AMF] Added RANConfigurationUpdate (#943) 2021-04-16 16:26:13 +09:00
Marcel T
bf5f64b5e5 Updated open5gs-dbctl to be compatible with the changed database schema (#940)
Co-authored-by: Marcel Thiel <mthiel@cocus.com>
2021-04-15 23:21:47 +09:00
Sukchan Lee
cc03c91bdd [AMF] 5G-GUTI generation changed (#910)
The AMF shall assign a new 5G-GUTI for a particular UE:
a) during  a successful initial registration procedure;
b) during a successful registration procedure
   for mobility registration update; and
c) after a successful service request procedure invoked as a response
   to a paging request from the network and before the release
   of the N1 NAS signalling connection as specified in subclause 5.4.4.1.

The AMF should assign a new 5G-GUTI for a particular UE
during a successful registration procedure
for periodic registration update. The AMF may assign a new 5G-GUTI
at any time for a particular UE by performing
the generic UE configuration update procedure.
2021-04-13 17:34:25 +09:00
Sukchan Lee
3275584236 NOKIA gNB added to the tested list (#821) 2021-04-13 10:17:45 +09:00
Sukchan Lee
83720fff9a fix: mobilty -> mobility (#930) 2021-04-13 10:02:52 +09:00
Sukchan Lee
688f2bc249 Update Now in the Github Issue (#874, #712) 2021-04-13 09:58:18 +09:00
Sukchan Lee
e1c8d89bba Update Now in t Github Issue (#872, #863) 2021-04-13 09:36:07 +09:00
Pau Espin Pedrol
520dcf1ff8 pfcp: Fix 'No Heartbeat' log messages (#931) 2021-04-12 20:23:51 +09:00
Sukchan Lee
11be73cab7 Airspan 5G SA was added to the list of tested gNBs 2021-04-10 08:14:35 +09:00
Sukchan Lee
f59cf3eacb Update document for v2.2.6 2021-04-09 21:28:07 +09:00
Sukchan Lee
8f1e591be5 Release v2.2.6 2021-04-09 21:14:42 +09:00
Sukchan Lee
905fc76faf [AMF] Add NGAP ErrorIndication [#910]
1. UE sends PDU session establishment request to the AMF.
2. AMF initiates Release Due to Duplicate Session ID.
3. SMF cannot find the session by SM-Context-Ref.

For the above condition, AMF sends NGAP ErrorIndication to the UE.
2021-04-09 21:02:03 +09:00
Sukchan Lee
745ea41096 [AMF] increase SBI memory pool (#925) 2021-04-09 13:52:19 +09:00
Sukchan Lee
8710cae0fd [Cx] Add sip:<MSISDN> (#921) 2021-04-08 23:09:13 +09:00
Sukchan Lee
27cee12a7b [Cx] User-Name can be skipped in SAR (#921) 2021-04-08 22:49:08 +09:00
Sukchan Lee
44de4673bf [Cx] change the order of IMPU (#921) 2021-04-08 21:35:52 +09:00
Sukchan Lee
2df8a1836f Oops! remove redundant code 2021-04-08 20:46:41 +09:00
Sukchan Lee
3c9541992f [Cx] fix MSISDN public identity (#921)
sip:<MSISDN>@ims.mnc<MNC>.mcc<MCC>.3ggpnetwork.org
tel:<MSISDN>
2021-04-08 20:42:24 +09:00
Sukchan Lee
90f60cad0e misc: Add MSISDN duplicate check in WebUI 2021-04-07 22:45:37 +09:00
Sukchan Lee
26066bb0ca [Cx] LIR/LIA is added (#921) 2021-04-07 21:46:05 +09:00
Sukchan Lee
d3eaaff430 [Cx] fix the Cx integration bug (#919)
- Now security is verified.
2021-04-06 21:36:08 +09:00
Sukchan Lee
d40348c00c [SBI] Unknown timezone offset (#914)
add a debug message for unknown timezone offset
2021-04-05 21:16:52 +09:00
Sukchan Lee
613e21c4ff [PKG] fix debian mongod dependency problem (#915) 2021-04-05 20:32:27 +09:00
Sukchan Lee
41c6bb4681 new: HSS Cx interface is added 2021-04-05 17:09:39 +09:00
Sukchan Lee
23c1fee516 Update document for v2.2.5 2021-04-03 14:22:15 +09:00
Sukchan Lee
a74050a032 Release v2.2.5 2021-04-03 14:18:32 +09:00
Sukchan Lee
bb38c01229 fix : Allow NSSAI in Registration accept (#910)
Always Present Allow NSSAI in Registration accept
2021-04-03 14:07:44 +09:00
Sukchan Lee
ec0752cb95 doc: update document for v2.2.4 2021-04-01 17:04:56 +09:00
Sukchan Lee
b6ba02f6de Release v2.2.4 2021-04-01 16:47:30 +09:00
Sukchan Lee
5f9785af52 sctp: Add sack_delay in sctp configuration (#895) 2021-04-01 15:40:46 +09:00
Sukchan Lee
c0396171ff fix: use prior to v2.2.3, segfault (#898) 2021-04-01 09:28:28 +09:00
Pau Espin Pedrol
0b3ca447c9 sgwc: Log received messages in sxa-handler.c (#896) 2021-03-31 19:59:57 +09:00
Sukchan Lee
68724c6ec1 fix: Support many simultaneous connections (#886) 2021-03-31 17:29:20 +09:00
Sukchan Lee
cc30aa2a9a fix: No S-TMSI in InitialUEMessage (#890) 2021-03-31 15:35:59 +09:00
Nick
3a2a227b48 Updated Python Lib docs and script to migrate DB data to new format (#889)
* Update README.md

* Python script to migrate data from old DB schema to new
2021-03-30 16:56:23 +09:00
Sukchan Lee
a76a2503c2 Release v2.2.3 2021-03-29 23:21:11 +09:00
Sukchan Lee
1e2a16fc5b fix: No Modify Bearer Request (#885)
Now MME send Modify Bearer Request regardless of the order of
Attach Complete and InitialContextSetupResponse
2021-03-29 22:35:34 +09:00
Sukchan Lee
829123dad0 fix: managing multiple calls (#869)
If PCRF sends RAR, it generates different Charging-Rule-Name.
2021-03-29 10:28:08 +09:00
Sukchan Lee
457230a2f6 doc: Re-install with updated source code 2021-03-28 20:44:31 +09:00
Sukchan Lee
6ab5c41af5 conf: Add ignore_requested_nssai parameter (#859)
If parameter.ignore_requsted_nssai is true,
AMF will ignore the UE Requested NSSAI and create an allowed-NSSAI
based on the Default S-NSSAI in the Subscription DB.
2021-03-26 23:12:43 +09:00
Sukchan Lee
b22023afb8 fix: creating allowed NSSAI (#859)
AMF checks whether it can serve all the S-NSSAI(s) from
the Requested NSSAI present in the Subscribed S-NSSAIs
(potentially using configuration for mapping S-NSSAI values
between HPLMN and Serving PLMN), or all the S-NSSAI(s) marked
as default in the Subscribed S-NSSAIs in the case that
no Requested NSSAI was provided or none of the S-NSSAIs
in the Requested NSSAI are permitted,
i.e. do not match any of the Subscribed S-NSSAIs or not available
at the current UE's Tracking Area (see clause 5.15.3).
2021-03-25 23:06:59 +09:00
Sukchan Lee
b21dc65741 fix: Ignore Unknown TLV type in PFCP/GTP (#871) 2021-03-24 09:36:22 +09:00
Kenny Barlee
5d2fea994b NGAP - N2 path name (#870) 2021-03-23 21:26:13 +09:00
Sukchan Lee
ebb48ede53 Freeze usrsctp version to 0.9.5.0 2021-03-21 20:06:24 +09:00
Sukchan Lee
b07d12d3be Update freeDiameter subprojects 2021-03-21 17:46:20 +09:00
Sukchan Lee
54f1ccbb6b Upgrade freeDiameter from v1.3.2 to v1.5.0 2021-03-21 17:44:42 +09:00
Sukchan Lee
52cd51ca6a fix: adjust the actual path amf.plmn_support (#825) 2021-03-20 09:17:14 +09:00
Sukchan Lee
c848919af4 doc: update document for v2.2.2 2021-03-19 22:12:43 +09:00
Sukchan Lee
6df2906f42 Release v2.2.2 2021-03-19 21:50:01 +09:00
Sukchan Lee
ebf1c5b0d9 Release v2.2.2 2021-03-19 21:27:01 +09:00
Sukchan Lee
072fb68882 doc: update document for advertising addr (#825) 2021-03-19 21:14:38 +09:00
Sukchan Lee
182a680d51 feat: advertise address for 5G NFs (#825) 2021-03-19 21:01:38 +09:00
Sukchan Lee
09780e3fed conf: update configuration manual 2021-03-19 13:48:27 +09:00
Sukchan Lee
79df32638c 5gc: Add defaultt NSI configuration for NSSF (#859) 2021-03-19 11:04:02 +09:00
Sukchan Lee
d0eec31f5c upf/sgwu: fix the PDR creation bug (#860)
When PDR is created without deleting session, there is a bug to create
new PDR.
2021-03-19 10:08:37 +09:00
Sukchan Lee
dc474329e2 Fix the MME crash during HandoverCancel (#855) 2021-03-18 22:59:22 +09:00
Sukchan Lee
22b09443ce feat: E-RABModificationIndication/Confirm (#834) 2021-03-17 14:26:57 +09:00
Sukchan Lee
7ba77e6cc1 Release v2.2.1 2021-03-15 10:09:45 +09:00
Sukchan Lee
37e0a714f9 Fixes UE IPv6 BUG (#808) 2021-03-15 10:01:55 +09:00
Sukchan Lee
0270c0e340 ASN.1 encoding failure if no Request-NSSAI #844 2021-03-12 23:25:58 +09:00
Sukchan Lee
a6e42a4932 fix: No S-NSSAI error during NAS signalling #845 2021-03-12 22:45:21 +09:00
Sukchan Lee
0a94e1ece4 Update WebUI version to v2.2.1 (#838)
Security patch is applied. If you want to use this version, you need to
log out and log back in.

See Pull Request #838 for more detailed information.
2021-03-12 09:32:11 +09:00
Sukchan Lee
569f98f92c webui: Follow-up on Pull Request #838
- Update document
- Fix the install script
- Remove last commit to maintain login session
2021-03-12 09:20:58 +09:00
Ryan
7848b6c966 Add API tokens (#838)
* protects db endpoints with auth data, but will require ui updates to function properly

* adds an Authorization header with bearer token to all api/db/* request endpoints

* force login if token doesn't exist

* remove debug code
2021-03-12 09:13:38 +09:00
Sukchan Lee
60b75b5f5e rearrange sponsors image 2021-03-11 16:52:58 +09:00
Sukchan Lee
82261bc8e4 Arrange the sponsor images 2021-03-11 16:42:13 +09:00
Sukchan Lee
9e8700f1a2 Add new sponsors (Skylark Wireless) 2021-03-11 16:37:18 +09:00
Sukchan Lee
fc5c9b2af0 Try to fix the UE infinite attach (#568)
If both Delete-Session-Request/Response and
UEContextReleaseCommand/UEContextReleaseComplete are failed at the same time,
UE cannot attach to the EPC infinitely.

So, I've add the protection code
if timer expires when MME does not receive Delete-Session-Response.
2021-03-09 14:28:07 +09:00
Sukchan Lee
56c0987ad2 doc: update document for changes configuration
o `plmn` -> `plmn_support` in AMF configuration
2021-03-08 22:30:06 +09:00
Sukchan Lee
08751e1b4a doc: update document for changing configuration
o 'pdn' -> 'subnet' in all conf files
2021-03-08 22:27:29 +09:00
Sukchan Lee
de72ccaf91 Release v2.2.0 2021-03-08 21:55:43 +09:00
Sukchan Lee
9af4268bab arch: DB schema Changes (#796)
- New function : NSSF
- New feature : SMF selection
2021-03-08 21:25:09 +09:00
Sukchan Lee
c6bfbed922 Modify not to limit the length of DB URI (#827) 2021-03-03 23:13:20 +09:00
Charlie Lewis
0790674c14 mask mongo credentials when logging (#827) 2021-03-03 23:06:31 +09:00
Sukchan Lee
2f2178595d doc: update troubleshooting (#818) 2021-02-25 23:01:48 -05:00
Paweł
515b5d2b17 Changed the branch name (#811) 2021-02-22 10:24:18 -05:00
Sukchan Lee
31977bf30a SMF: fix the bug for DataForwardingNotPossible
DataForwardingNotPossible should only be included
if Data Path is not available during N2-Handover.

However, there is a bug that always includes
DataFowardingNotPossible regardless of Handover.

So, I've fixed it!
2021-02-18 23:15:36 -05:00
Sukchan Lee
d1400897e0 update: Cause of UEContextReleaseCommand (#789)
When AMF receives UEContextReleaseRequest,
AMF sends UEContextReleaseCommand with Cause received from gNB.
2021-02-17 12:19:20 -05:00
Sukchan Lee
b6bcbac3e3 fix: Add the exception handling (#804)
When UE/gNB repeatedly sends NGAP message repeatedly, AMF crashed.
Exception routines have been added to resolve this issue.
2021-02-15 12:17:33 -05:00
Sukchan Lee
9b5cc4a568 Release v2.1.7 2021-02-08 22:37:01 -05:00
Sukchan Lee
094d40b073 fix: 256 pool num increased to 16,384 (#753) 2021-02-08 14:32:04 -05:00
Sukchan Lee
852756f902 test: Porting FreeBSD 2021-02-08 14:25:40 -05:00
Miguel
fea48f5a44 Update list of eNB/gNB - Added Accelleran's SC (#800) 2021-02-08 07:24:59 -05:00
Sukchan Lee
b19b3e9dd1 Add missing files 2021-02-06 00:15:25 -05:00
Sukchan Lee
7901a1164f mac: Support Apple M1 chips
See https://open5gs.org/open5gs/docs/platform/05-macosx-apple-silicon/
2021-02-06 00:13:48 -05:00
Sukchan Lee
950c4c0a12 Release v2.1.6 2021-02-04 09:27:58 -05:00
Sukchan Lee
5e839e25fe fix: amf crash bug (#793) 2021-02-03 23:49:16 -05:00
Sukchan Lee
d3fa7619bf update document v2.1.5 2021-02-02 15:29:24 -05:00
Sukchan Lee
6cd755ac97 doc: Update document v2.1.5 2021-02-02 15:22:50 -05:00
Sukchan Lee
f597c9e899 doc: update document for v2.1.5 2021-02-02 15:18:01 -05:00
Sukchan Lee
9e8303762c Update document for v2.1.5 2021-02-02 15:07:18 -05:00
Sukchan Lee
e7c261d0d3 Release v2.1.5 2021-02-02 14:50:15 -05:00
Sukchan Lee
e7cb25ac9b asn1c: MME crash is resolved (#783) 2021-02-02 14:27:03 -05:00
Sukchan Lee
f47f65a51c fix: asn1c decode problem for NGReset (#773) 2021-02-02 13:33:09 -05:00
Sukchan Lee
0311d2255c Oops! remove debug info 2021-02-01 10:17:49 -05:00
Sukchan Lee
d9417be9a6 feat: Handling Duplicated PDU Session ID
TS29.502 5.2.2.3.11 AMF requested PDU Session Release due to duplciated
PDU Session Id
2021-02-01 10:14:27 -05:00
Sukchan Lee
373ba1452f log: update debug info for S1AP/NGAP (#785) 2021-02-01 08:52:22 -05:00
smartVan
848b7ffc29 modify handover request and uplink ran status transfer debug info (#785) 2021-02-01 00:50:22 -05:00
Sukchan Lee
ff5236f3e0 feat: Indirect Data Forwarding in N2-Handover 2021-01-31 23:01:15 -05:00
Sukchan Lee
388e64213f etc: miscellaneous work (#779)
o Check IMEISV length == 16 digits
o Add Relative Capabity comment in the configuration file
2021-01-29 00:10:17 -05:00
Sukchan Lee
49a9e58efe feat: Add N2-Handover 2021-01-28 14:23:54 -05:00
Sukchan Lee
0fc5190a09 etc: coding convection (#778) 2021-01-28 14:23:22 -05:00
smartVan
19014a3a25 modify udr smf selection subscription data (#778) 2021-01-28 14:18:02 -05:00
Sukchan Lee
ada01fca8f spec: S1AP/NGAP update to v16.4.0(2021-01-04) 2021-01-24 23:43:42 -05:00
Sukchan Lee
61778f9142 fix: UE Context Request IE handling (#771) 2021-01-23 13:42:59 -05:00
Sukchan Lee
776d323a16 fix: Change UE Context Request IE handling (#771)
Previously, AMF would sends PDUSessionResourceSetupRequest
when the following conditions were met:
- gNB didn't send UE Context Request IE of InitialUEMessage
- AMF should send SMF generated TRANSFER message(PDU_RES_SETUP_REQ)
to the gNB

However, in issues #771, the gNB did not accept
PDUSessionResourceSetupRequest. Perhaps the gNB engineer thought
that if gNB needs to send data traffic to the UE, AMF should send
an InitialContextSetupRequest regardless of UE Context Request IE.
This is because gNB requires the kgNB security context
for data connection.

So, in this case, Open5GS-AMF decided to send
an InitialContexSetupRequest regardless of
whether it received UE Context Request IE of InitialUEMessage.
2021-01-23 11:56:04 -05:00
Sukchan Lee
9eac90252e fix: AMF/SMF/UDM crash issues resolved (#770/#771) 2021-01-22 22:17:01 -05:00
Sukchan Lee
708784e222 fix: User Location in UplinkNASTrasnport (#772)
- Based on pull request #772
- Add 4G EPC User Location Information handling
- Copy ran_ue/enb_ue context to amf_ue/mme_ue context
2021-01-20 10:03:32 -05:00
smartVan
50db1aaeb1 handle user location in ngap uplink nas transport (#772) 2021-01-20 09:27:57 -05:00
Sukchan Lee
8e29eb2417 Update document for v2.1.4 2021-01-18 21:35:08 -05:00
Sukchan Lee
0552bc49c9 Release v2.1.4 2021-01-18 19:16:24 -05:00
Sukchan Lee
c9363b1320 5gc: Paging was added 2021-01-18 11:48:35 -05:00
Sukchan Lee
408c378b94 doc: update sponsor link 2021-01-13 08:38:24 -05:00
Sukchan Lee
bfa6eae71c Oops! remove style tag 2021-01-11 23:53:40 -05:00
Sukchan Lee
55e9f08430 Add special sponsors 2021-01-11 11:10:17 -05:00
Supreeth Herle
1c13d7f5ec Legacy support for pre-release LTE 11 devices while performing VoLTE call (#757)
* AAR Media-Sub-Component modification for more UEs support

* Introduce parameter for legacy support for pre-release LTE 11 devices to do calling

IE (IPV4-local-addr field ) is not supported on
the LTE pre release-11 UEs. In order for the call
to work the local address in packet filter must
be replaced by any.

Parameter: no_ipv4v6_local_addr_in_packet_filter
2021-01-11 08:03:52 -05:00
Sukchan Lee
8d0ce5b03c Oops! Remove bearer after sending reject (#755) 2021-01-11 00:01:28 -05:00
Sukchan Lee
5fb0611cb2 fix: Derive ESM cause from GTP-Cause (#755) 2021-01-10 23:36:12 -05:00
Sukchan Lee
d6ed13968d Release v2.1.3 2021-01-08 23:22:22 -05:00
Sukchan Lee
f15d2c96fe remove math library for time string conversion 2021-01-08 23:16:54 -05:00
Sukchan Lee
508a78d43b Update document for v2.1.3 2021-01-08 22:58:23 -05:00
Sukchan Lee
f250b6e411 Release v2.1.3 2021-01-08 22:48:43 -05:00
Sukchan Lee
d17ea0f135 fix: update test code 2021-01-08 22:30:31 -05:00
Sukchan Lee
b4358fe703 fix: Add dedicated bearer activation reject (#755) 2021-01-08 15:09:02 -05:00
Sukchan Lee
e531ccab5a fix: The SBI time string converting error in 32bit 2021-01-08 10:42:51 -05:00
Sukchan Lee
a0ebf20c88 Release v2.1.2 2021-01-08 00:30:45 -05:00
Sukchan Lee
31cc259ee4 fix: release error 2021-01-08 00:24:00 -05:00
Sukchan Lee
e803b01d9c Update document for v2.1.2 2021-01-07 23:39:17 -05:00
Sukchan Lee
0c61e7b70b Release v2.1.2 2021-01-07 23:07:09 -05:00
Sukchan Lee
80e337b465 fix: update to avoid MME crash (#721) 2021-01-07 23:01:02 -05:00
Sukchan Lee
6946dc4998 fix: update to avoid MME crash (#708) 2021-01-07 22:41:13 -05:00
Sukchan Lee
7b29cdf898 Handling UEContextRequest of InitialUEMessage 2021-01-07 22:26:06 -05:00
Sukchan Lee
7dd4609c0f fix: increase mempool to support 1024UEs (#753) 2021-01-07 13:18:45 -05:00
smartVan
060d2a08f5 remove repeated qer in handling create pdr (#749) 2021-01-06 23:32:12 -05:00
Sukchan Lee
c9cfc4cf6e etc: update debug message 2021-01-04 23:24:22 -05:00
Sukchan Lee
a96d3ca0fa feat: Add multiple session 2021-01-03 23:29:01 -05:00
Sukchan Lee
1238b30526 Oops! remove test code 2021-01-03 01:07:09 -05:00
Sukchan Lee
70a7bac6b2 feat: Add 5G Core Xn Handover (#726) 2021-01-03 00:50:59 -05:00
Sukchan Lee
b329b09573 fix: add SCTP ppid and stream_no (#743) 2021-01-02 10:03:35 -05:00
Sukchan Lee
88346c0141 fix: SBI heartbeat timer usage changed (#741) 2021-01-01 15:56:46 -05:00
Sukchan Lee
b35eb9fcf4 fix: Receive HTTP2 message up to 8192bytes (#738) 2020-12-31 22:36:33 -05:00
Sukchan Lee
79b0552bb0 test: for checking issues #736 2020-12-31 21:55:11 -05:00
Sukchan Lee
235a041b8d feat: Add dedicated QoS flow 2020-12-31 21:07:08 -05:00
Sukchan Lee
65aea5ebf2 test: Use milliseconds in RFC3339 (#727) 2020-12-29 13:26:36 -05:00
Sukchan Lee
4115799c2a fix: NRF notification send all information (#737) 2020-12-28 23:36:02 -05:00
Sukchan Lee
efd1780745 fix: update NRF issues (#727,#728,#729,#730) 2020-12-24 15:41:31 -05:00
Kenny Barlee
dcec18a3d8 Doc update - 01 Quickstart (#731)
* text update 01-quickstart

* text update, diagrams 01-quickstart
2020-12-23 16:25:26 -05:00
Sukchan Lee
371e22c96b fix: AMF sets default DNN if UE does not send it. 2020-12-21 14:49:05 -05:00
Tim Gates
171f15f684 docs: fix simple typo, speciic -> specific (#724)
There is a small typo in lib/asn1c/common/constr_TYPE.h.

Should read `specific` rather than `speciic`.
2020-12-19 16:10:00 -05:00
Sukchan Lee
ef3e7b2528 docs: update release notes for v2.1.1 2020-12-16 23:11:19 -05:00
Sukchan Lee
7002c1e4b5 Release v2.1.1 2020-12-16 23:06:27 -05:00
Sukchan Lee
2392f23d7f fix: the unexpected PDN type error (#721) 2020-12-16 22:44:32 -05:00
Sukchan Lee
2bf8d6c3c7 Update document for v2.1.0 2020-12-11 14:37:17 -05:00
Sukchan Lee
191f109f7f Release v2.1.0 2020-12-11 14:16:45 -05:00
Sukchan Lee
198abc6e8b Add PCF(Policy Control Function) 2020-12-11 14:03:20 -05:00
Jose Carlos
fb95725ca4 Update 01-genodebs.md (#710) 2020-12-08 15:15:35 -05:00
Sukchan Lee
41fd851b7f fix: SCTP workaround for PEER_ADDR_PARAMS (#707) 2020-12-06 17:34:22 -05:00
Sukchan Lee
d16d295708 docs: update quickstart for nightly builds #685 2020-12-03 22:44:40 -05:00
Sukchan Lee
5999bd22f9 Update document for adding tutorial #702 2020-12-03 10:05:25 -05:00
Sukchan Lee
33edd12335 fix: UPF is not working with Landslide (#685)
* Flow-Description use 'to assigned' in Gx Interface
* Support SDF Filter ID
* Support F-TEID's Choose
* BAR(Buffering) is added in PFCP session
* Default Apply Action uses NOCP|BUFF
2020-12-03 01:16:57 -05:00
Shigeru Ishida
b2d012c253 update Misc Radio Hardware (#700) 2020-12-02 20:30:36 -05:00
Kenny Barlee
e5a9156444 update 4G 5G software stack + SDR list (#699) 2020-12-02 17:22:05 -05:00
Sheng Zheng
90123efae3 Add Gemtek 4G small cell to eNodeB support list (#698)
Signed-off-by: ZhengSheng <j13tw@yahoo.com.tw>
2020-12-02 09:53:45 -05:00
Nick
c424796955 Doc Update - Added list of eNodeBs / gNodeBs confirmed to work by community, links to CSFB & SMS Docs (#694)
* Update docs.md

Added link to Hardware Specific notes

* Added link to posts on SMS over NAS and CSFB Setup

* Formatting on eNB list

* Added UERANSIM
2020-12-01 07:02:55 -05:00
Sukchan Lee
1c997c4069 Update docuemt for MacOSX 2020-11-28 22:38:46 -05:00
Sukchan Lee
3be76db08a Update document 2020-11-26 21:52:54 -05:00
Sukchan Lee
0742c6208c Add missing work after supporting HTTP/2 2020-11-26 21:47:53 -05:00
Sukchan Lee
2c2b6dfcaf Use HTTP/2 instead of HTTP/1.1 in 5G Core SBI 2020-11-26 21:44:37 -05:00
Sukchan Lee
0c47098c4a About parameter "use_openair" #688 2020-11-26 00:03:13 -05:00
Sukchan Lee
1a7b4de7c6 Fix the error message in UPF #685 2020-11-24 00:50:56 -05:00
Sukchan Lee
19a3680c60 change the directory location for vagrant #684 2020-11-24 00:28:42 -05:00
Dan Gora
520d9cd2c3 Centos devel (#684)
* Remove invalid link in debian docker file.

Remove self-referential link from debian docker setup.

Fixes bug introduced in commit 8c4a50785

* Add Vagrantfile to create CentOS 8 system for deploying open5GS.

This Vagrantfile is identical to the base CentOS 8 box from Vagrant
Cloud, but was modified to increase the amount of virtual memory to
1GB from 512MB.

* Update installation instructions for CentOS 8.

Update the installation instructions for CentOS 8 to describe
step-by-step the commands necessary to install the necessary
prerequesites for building and running Open5GS, installing and building
the source code, and running the base tests to confirm that Open5GS
was built correctly.
2020-11-24 00:23:56 -05:00
R. Medeiros
3c99af7736 Update to generate SMF Log for Session Removed. (#677)
Create info log to show when the user disconnect the APN, with IMSI, APN and IPv4/IPv6.
2020-11-19 16:11:28 -05:00
Sukchan Lee
dcf0a714aa Update document for v2.0.22 2020-11-19 09:44:28 -05:00
Sukchan Lee
e1a2e3803f Release v2.0.22 2020-11-19 07:57:35 -05:00
Sukchan Lee
f0b9a35962 [#672] Fix DL data is not working in 5G Core 2020-11-19 07:47:26 -05:00
R. Medeiros
70f7e2d5d4 Update s5c-handler.c (#674)
Add information of the used APN in the smf log file
2020-11-18 16:33:02 -05:00
Sukchan Lee
f4c6791227 Sponsor update 2020-11-16 10:02:27 -05:00
Nick
ee964d825c Update docs.md (#668)
Added links to some recent posts I did on Static IPs and using UERANSIM
2020-11-16 07:18:26 -05:00
Sukchan Lee
b9fdc0ab44 Update 80 column and Apply MME (#659) 2020-11-14 10:13:29 -05:00
list1982
0b2ba07f97 Update ngap-sm.c (#659)
AMF should not process any NGAP message before it finish the NGSetup procedure in 3GPP 38413.
2020-11-14 10:09:57 -05:00
Sukchan Lee
fe7525a784 Support Openair UE (#651)
In mme.yaml
parameter:
   use_openair: true
2020-11-13 09:02:42 -05:00
Sukchan Lee
d7c188dc00 License update 2020-11-12 20:58:08 -05:00
Sukchan Lee
961db54c2f add missing files for Ubuntu groovy 2020-11-12 14:35:58 -05:00
Sukchan Lee
1f1a741e53 FreeBSD is no longer supported. 2020-11-12 14:35:05 -05:00
Sukchan Lee
e6e825c6a3 update docuemtn for v2.0.21 2020-11-11 14:40:24 -05:00
Sukchan Lee
cbb3758c9c Release v2.0.21 2020-11-11 14:13:48 -05:00
Sukchan Lee
6f11a78079 If SCTP use SOCK_STREAM, Use BUFFERING method.
Most of the time, an application wants to perform some amount of data buffering
in addition to just responding to events. When we want to write data,
for example, the usual pattern runs something like:

1. Decide that we want to write some data to a connection;
   put that data in a buffer.
2. Wait for the connection to become writable
3. Write as much of the data as we can
4. Remember how much we wrote, and if we still have more data to write,
   wait for the connection to become writable again.

Now, Open5GS implements the above method by default when transmitting data
in a stream type socket.
2020-11-11 13:21:32 -05:00
Sukchan Lee
9a1824f6aa Openair UE workaround for HashMME #651, #584 2020-11-10 10:04:09 -05:00
Sukchan Lee
23e8e6577c Update ogs_pollset library
- Fix the ogs_pollset_remove() bug in select(WIN32), kqueue(MacOSX)
- Modify to enable ogs_pollset_remove() in pollset callback handler
2020-11-09 22:57:14 -05:00
Sukchan Lee
830587a250 Fix the possible vulnerabilities 2020-11-07 21:25:53 -05:00
Sukchan Lee
f1a207fd9b Support VoLTE service in ECM-IDLE 2020-11-07 17:27:12 -05:00
Sukchan Lee
2d3b8eed81 Fix MME crash if SGs interface is down #448, #628 2020-11-04 15:58:16 -05:00
Sukchan Lee
18c3a4d5d9 Update financial sponsors 2020-11-04 13:32:39 -05:00
Sukchan Lee
8975613ae9 Update document for previous commit #535, #595 2020-11-03 20:24:06 -05:00
Sukchan Lee
621145d8b0 Add rpath to required shared library #535, #595 2020-11-03 20:11:30 -05:00
Sukchan Lee
5af01d1a71 Add the exception for no 2G/3G environment #627 2020-11-03 05:54:12 -05:00
Sukchan Lee
ad85c12513 checking for APN/DNN in case insensitive #617 2020-11-02 11:45:14 -05:00
Sukchan Lee
b80554e955 Document update for v2.0.20 2020-11-01 23:13:10 -05:00
Sukchan Lee
13c7f30e39 Release v2.0.20 2020-11-01 23:07:08 -05:00
Sukchan Lee
21595426b2 Fix the bug of the TAU update result value #568 2020-11-01 22:50:41 -05:00
Sukchan Lee
d1e643ed6c Re-release v2.0.19 2020-11-01 01:51:00 -04:00
Sukchan Lee
22e98d612a fix the compile error 2020-11-01 01:44:59 -04:00
Sukchan Lee
48bf4a763a Re-release v2.0.19 2020-11-01 01:01:41 -04:00
Sukchan Lee
3fef5848b8 Oops! Fix the PDN connectivity reject handler #568 2020-11-01 00:54:32 -04:00
Sukchan Lee
a679ea56a8 Document update for v2.0.19 2020-10-31 23:18:50 -04:00
Sukchan Lee
080c6a9002 Release v2.0.19 2020-10-31 22:54:45 -04:00
Sukchan Lee
5fd6dac961 Change handling the PDU connectivity reject #568
If MME received the PDU connectivity reject, MME will not release UE
context to accept further service request
2020-10-31 22:42:49 -04:00
Sukchan Lee
f137d1947f Last Modification for releasing v2.0.19
1. SCTP event size workaround - stolen code from libosmo-netif
2. Remove PFCP User Plane IP resource information
3. Fix the bug when building Initial Context Setup Request with EMM NAS message.
2020-10-31 00:30:42 -04:00
Sukchan Lee
0ec0b2dc69 Fix the crash for NAS message missing #619 2020-10-29 00:18:11 -04:00
Sukchan Lee
93312e8f3d Fix the bug for S1-reset or eNB-restart(#627) 2020-10-28 22:59:27 -04:00
Sukchan Lee
3cbec5f2e6 License update 2020-10-26 22:43:47 -04:00
Sukchan Lee
4f2803c058 Re-add feature custom GTP-U address #367
Provide custom SGW-U GTP-U address to be advertised inside S1AP messages.
And also, custom UPF GTP-U address to be advertised inside NGAP messages.
2020-10-26 21:44:50 -04:00
Sukchan Lee
a470131489 Now, F-TEID is allocated in the UP function. 2020-10-25 22:43:53 -04:00
Sukchan Lee
aa81bb2c89 Fix the bug #619
When missing Activate default EPS bearer context accept
between UE and eNB, MME's exception handler has a bug.

So I've fixed it!
2020-10-23 13:48:39 -04:00
Sukchan Lee
15e42bc4a9 Fix MME crash when VoLTE is enabled [#619] 2020-10-22 17:53:13 -04:00
Sukchan Lee
bdeea7ce8b Add troubleshoot for #621 2020-10-21 22:54:40 -04:00
Sukchan Lee
39aa726543 Remove the redundant assertion (#619) 2020-10-20 22:50:44 -04:00
Sukchan Lee
1bed0d5872 [#568] Add GTP-U Error Indication Handling
So far, no operation was performed when Error Indication was received
from eNodeB. For that reason, I solved #568 issues by controlling
the MME to prevent this from happening.

Now, when GTP-U Error Indication is received, MME and SGW are implemented
to do what they have to do. I hope that the network can be restored
by responding appropriately even if Error Indication occurs.
2020-10-20 20:00:02 -04:00
Sukchan Lee
c244dcc5e9 Fix the DIAMETER_MISSING_AVP on Rx #610 2020-10-16 14:05:49 -04:00
Sukchan Lee
c052193a37 update it 2020-10-16 13:12:43 -04:00
Sukchan Lee
50149dd1a7 update it 2020-10-16 12:45:23 -04:00
Sukchan Lee
5bfaac17e0 Fix typo in document (#613) 2020-10-15 11:25:51 -04:00
Sukchan Lee
c424099200 Need to test later! 2020-10-14 23:02:18 -04:00
list1982
06ec924466 Update ngap-build.c (#607)
add path switch request ack
2020-10-14 22:56:29 -04:00
list1982
6ff129e9da Update ngap-handler.c (#606)
add path switch request handler
2020-10-14 22:56:18 -04:00
Sukchan Lee
fae76f9e9d Update document for #587 2020-10-13 12:55:31 -04:00
Sukchan Lee
f294a5f55c Add Environment Variable for WebUI [#587]
e.g)
$ HOSTNAME=localhost npm run dev
$ PORT=4000 npm run dev
2020-10-13 12:39:45 -04:00
Sukchan Lee
5c9b3d09d8 Update document for v2.0.18 2020-10-09 07:54:08 -04:00
Sukchan Lee
55d60ff1ab Release v2.0.18 2020-10-09 07:52:29 -04:00
Sukchan Lee
74af0051d5 Fix the invalid debug level [#602] 2020-10-09 07:44:14 -04:00
Sukchan Lee
4667835e24 Update document for v2.0.17 2020-10-08 23:14:26 -04:00
Sukchan Lee
ba41d66eb5 Release v2.0.17 2020-10-08 23:11:00 -04:00
Sukchan Lee
437cc92bf9 change the error message 2020-10-08 23:00:54 -04:00
Sukchan Lee
60a6551f8a Oops! change debug level 2020-10-08 22:57:19 -04:00
Sukchan Lee
8d55964bcc Change buffering instead of deleting [#592] 2020-10-08 22:54:13 -04:00
Sukchan Lee
cabef6afa9 fix build failure for sysctl() deprecation [#600] 2020-10-08 19:50:14 +00:00
Sukchan Lee
d343440abc Update document for v2.0.16 2020-10-07 21:40:29 -04:00
Sukchan Lee
6d4927e29f Release v2.0.16 2020-10-07 21:33:42 -04:00
Sukchan Lee
d64db21050 Use GTP-U Buffering instead of Deletion[#592,#568] 2020-10-07 21:21:48 -04:00
Sukchan Lee
0eb68eefe2 Clarify configuration for multiple APN [#597,#598] 2020-10-07 09:22:10 -04:00
Sukchan Lee
b925189c4a Release v2.0.15 2020-10-05 14:12:35 -04:00
Sukchan Lee
30b7f7669e rollback v2.0.11 2020-10-05 14:06:17 -04:00
Sukchan Lee
83702e8f1b Update document for v2.0.13 2020-10-03 22:48:40 -04:00
Sukchan Lee
dd063ba2cf Release v2.0.13 2020-10-03 22:46:54 -04:00
Sukchan Lee
6e45ec6f39 rollback to the v2.0.11 2020-10-03 22:38:47 -04:00
Sukchan Lee
9c67459481 re-order packet buffer clear #568 2020-10-03 21:18:08 -04:00
Sukchan Lee
f642cc0389 License update 2020-10-02 11:00:51 -04:00
Sukchan Lee
71fa610a8e Add assert for not supporting feature 2020-10-02 10:52:02 -04:00
Sukchan Lee
8ba3d89b8d rollback it 2020-10-01 22:06:36 -04:00
Sukchan Lee
d58024247c for supporting Ubuntu(focal/groovy) 2020-10-02 01:35:31 +00:00
Sukchan Lee
a513c3e6ec Update document for v2.0.12 2020-10-01 13:55:29 -04:00
Sukchan Lee
ced8e661be Release v2.0.12 2020-10-01 13:51:54 -04:00
Sukchan Lee
1129440061 Fix the warning 2020-10-01 13:37:23 -04:00
Sukchan Lee
a3fa0d8362 fix the warning 2020-10-01 13:35:06 -04:00
Sukchan Lee
88399da5b6 Fix release access bearer #592 2020-10-01 13:27:58 -04:00
Sukchan Lee
b6395b870e Update troubleshot document for #591 2020-09-29 21:35:23 -04:00
Sukchan Lee
72d1226c05 Apply open5gs coding style 2020-09-29 07:04:22 -04:00
Supreeth Herle
a735aa1521 Add Vendor-Specific-Application-Id in CER of SMF to advertise Gx application (#590) 2020-09-29 06:56:49 -04:00
Sukchan Lee
51b16a865b update it 2020-09-29 00:50:39 -04:00
Sukchan Lee
51f00a97bb update it 2020-09-29 00:48:49 -04:00
Sukchan Lee
f4f6d78c87 update README.md 2020-09-29 00:47:57 -04:00
Sukchan Lee
85d2647308 Update license 2020-09-29 00:46:52 -04:00
Sukchan Lee
25ab8d09ac Update REAMDE.md 2020-09-28 23:50:46 -04:00
Sukchan Lee
6df9356c79 Update licensing 2020-09-28 23:48:49 -04:00
Supreeth Herle
a9ad43a4ef Add Vendor-Specific-Application-Id in CER for advertising the diameter applications supported (#589)
* Add Vendor-Specific-Application-Id in CER of PCRF

Not advertising a Vendor-Specific-Application-Id in CER may result in
Diameter Peer rejecting the CER with a DIAMETER_NO_COMMON_APPLICATION error

* Add Vendor-Specific-Application-Id in CER of HSS and MME

Not advertising a Vendor-Specific-Application-Id in CER may result in
Diameter Peer rejecting the CER with a DIAMETER_NO_COMMON_APPLICATION error
2020-09-28 20:25:36 -04:00
Björn
e2d682d142 make webui listen on 0.0.0.0 (#587) 2020-09-26 09:13:46 -04:00
Sukchan Lee
5a7e5150a5 update width 2020-09-25 22:01:01 -04:00
Sukchan Lee
89174153e3 NextEPC is added to specical sponsor 2020-09-25 21:58:17 -04:00
Sukchan Lee
dae7218a35 Update document for v2.0.11 2020-09-24 22:22:33 -04:00
Sukchan Lee
5b1c9c812a Relase v2.0.11 2020-09-24 22:20:11 -04:00
Sukchan Lee
cb1bb8b2c5 change number of packet buffer in SGW-U/UPF 2020-09-24 21:39:34 -04:00
Sukchan Lee
07a38791b9 remove STATIC_ASSERT 2020-09-24 21:31:40 -04:00
Sukchan Lee
3554419d97 Fix the connection refused bug [#568, #551] 2020-09-24 21:29:48 -04:00
Sukchan Lee
dee14f84af Update port number for MME-S11 for [#579] 2020-09-24 13:37:20 -04:00
Sukchan Lee
b63073cd56 Fix the typo error #577 2020-09-23 08:59:52 -04:00
Sukchan Lee
101cc04459 Update document for port number #575 2020-09-23 01:00:27 -04:00
Sukchan Lee
3f4c624ef6 Release v2.0.10 2020-09-22 21:27:30 -04:00
Sukchan Lee
8c7d401636 fix the bug OGS_ADDR crash [#551] 2020-09-22 21:20:13 -04:00
Sukchan Lee
529e765b96 Update document for v2.0.9 2020-09-22 14:14:02 -04:00
Sukchan Lee
788194c220 Release v2.0.9 2020-09-22 14:10:41 -04:00
Sukchan Lee
ff642e0f3a Fix the crash bug for #551 2020-09-22 14:03:45 -04:00
Kenny Barlee
ede4282389 fix for SMF nr_cell_id selection (#574) 2020-09-22 13:31:13 -04:00
Sukchan Lee
62d95be036 Add EMM/GMM handler in exception state [#569] 2020-09-22 13:27:58 -04:00
Sukchan Lee
6dace84232 Release v2.0.8 again 2020-09-22 00:50:21 -04:00
Sukchan Lee
f45f948979 Oops! ogs_assert to ogs_expect_or_return 2020-09-22 00:44:50 -04:00
Sukchan Lee
9a1ba4244d Re-release v2.0.8 2020-09-21 23:13:00 -04:00
Sukchan Lee
9c773014b0 Fix the more bug 2020-09-21 23:07:08 -04:00
Sukchan Lee
badf629f60 Update document for v2.0.8 2020-09-21 22:47:14 -04:00
Sukchan Lee
3d0fdd1667 Release v2.0.8 2020-09-21 22:42:59 -04:00
Sukchan Lee
b12af9275f Fix the bug for various assert [#551] 2020-09-21 22:26:55 -04:00
Sukchan Lee
d148012d82 Fix the MME crash #551 2020-09-21 20:06:41 -04:00
Sukchan Lee
d73ff77031 We cannot initialize the state in all cases. [#569]
In TS24.501 Ch 5.5.1.3.8 Abnormal cases on the network side

d) REGISTRATION REQUEST with 5GS registration type IE set to
"mobility registration updating" or "periodic registration updating"
received after the REGISTRATION ACCEPT message has been sent and
before the REGISTRATION COMPLETE message is received.

Since, we have to do this special case, it is desirable
to handle it directly inside the state(gmm-sm.c).
2020-09-21 14:37:17 -04:00
Sukchan Lee
87077c91cb Add missing timer [#569] 2020-09-21 11:08:41 -04:00
Sukchan Lee
65d1ac1718 Fix TFT bug in Bearer resource modification [#338] 2020-09-21 00:33:36 -04:00
Sukchan Lee
f5601a95f7 Fix semantic error in packet filter [#338]
<DOWNLINK>
RX : permit out from <P-CSCF_RTP_IP> <P-CSCF_RTP_PORT> to <UE_IP> <UE_PORT>
GX : permit out from <P-CSCF_RTP_IP> <P-CSCF_RTP_PORT> to <UE_IP> <UE_PORT>
PFCP : permit out from <P-CSCF_RTP_IP> <P-CSCF_RTP_PORT> to <UE_IP> <UE_PORT>
RULE : Source <P-CSCF_RTP_IP> <P-CSCF_RTP_PORT> Destination <UE_IP> <UE_PORT>
TFT : Local <UE_IP> <UE_PORT> REMOTE <P-CSCF_RTP_IP> <P-CSCF_RTP_PORT>

<UPLINK>
RX : permit in from <UE_IP> <UE_PORT> to <P-CSCF_RTP_IP> <P-CSCF_RTP_PORT>
GX : permit out from <P-CSCF_RTP_IP> <P-CSCF_RTP_PORT> to <UE_IP> <UE_PORT>
PFCP : permit out from <P-CSCF_RTP_IP> <P-CSCF_RTP_PORT> to <UE_IP> <UE_PORT>
RULE : Source <UE_IP> <UE_PORT> Destination <P-CSCF_RTP_IP> <P-CSCF_RTP_PORT>
TFT : Local <UE_IP> <UE_PORT> REMOTE <P-CSCF_RTP_IP> <P-CSCF_RTP_PORT>
2020-09-20 23:35:10 -04:00
Sukchan Lee
cc873269a4 Reorder debian changelog for v2.0.7 2020-09-18 22:02:39 -04:00
Sukchan Lee
781472c16f Update document v2.0.7 2020-09-18 22:01:49 -04:00
Sukchan Lee
8416ddd5ac Release v2.0.7 2020-09-18 21:57:02 -04:00
Sukchan Lee
4acb333e68 suppress socket error message if EAGAIN [#568] 2020-09-18 21:46:49 -04:00
Sukchan Lee
7071adf9f9 Merge branch 'master' of https://github.com/open5gs/open5gs 2020-09-18 19:40:11 -04:00
Sukchan Lee
7ae1600e04 Add exception handling for #568
If packet buffer is exhausted, the packet is sliently discarded
2020-09-18 19:39:02 -04:00
Sukchan Lee
bbe29f7456 Add exception handling for #568
If packet buffer is exhausted, the packet is sliently discarded
2020-09-18 14:55:02 -04:00
Sukchan Lee
e828adfba4 Add troubleshoot for #567 2020-09-17 09:45:24 -04:00
Sukchan Lee
b67cd1e3e1 Add stale for github issue/PR 2020-09-16 21:09:13 -04:00
Supreeth Herle
b9b6f24d0d Update VoLTE tutorial (#566) 2020-09-16 08:12:34 -04:00
Sukchan Lee
0f1085b8c9 Oops! mis-typo 2020-09-15 20:56:35 -04:00
Sukchan Lee
96ab327dea Update document for v2.0.6 2020-09-15 12:49:57 -04:00
Sukchan Lee
08ac13ee22 Release v2.0.6 2020-09-15 12:43:08 -04:00
Sukchan Lee
d6f0b5f658 remove debug message for PDN-type error 2020-09-14 21:21:11 -04:00
Sukchan Lee
8c4a507858 Update Dockerfile for debian 2020-09-14 21:13:45 -04:00
Sukchan Lee
1b5dd48142 Add more delay for test program 2020-09-14 03:37:31 +00:00
Sukchan Lee
8f91273970 update usrsctp with new revision 2020-09-13 23:25:10 -04:00
Sukchan Lee
c6718b96bb Add security protect [#554] 2020-09-13 22:31:28 -04:00
Sukchan Lee
818f3139d4 memory optimization [#549]
1. number of packet buffer : 65,536 -> 32,768
2. Packet SDU Size : 8,192 -> 2,048
3. Stabilize test program
2020-09-13 22:06:13 -04:00
Sukchan Lee
d4a9c140a8 Change AMF configuration : plmn -> plmn_support
For example,

amf:
    plmn_support:
      - plmn_id:
          mcc: 901
          mnc: 70
        s_nssai:
          - sst: 1
2020-09-12 13:48:51 -04:00
Sukchan Lee
ce8d10e4fc rollback [#565] 2020-09-12 12:16:08 -04:00
Sukchan Lee
ef3b84f3f6 Check Requested NSSAI during registration [#554] 2020-09-11 22:42:38 -04:00
Sukchan Lee
9eea6fe583 rollback commit 6124908133 2020-09-11 20:38:36 -04:00
Sukchan Lee
344dad1e8a Try to troubleshoot [#565] 2020-09-11 10:22:31 -04:00
Sukchan Lee
19a2c7ecb8 Update document for v2.0.5 2020-09-10 22:15:00 -04:00
Sukchan Lee
5048b4fb9d Release v2.0.5 2020-09-10 22:00:43 -04:00
Sukchan Lee
edf83b37fa Add debug message for issues [#551] 2020-09-10 21:50:20 -04:00
Sukchan Lee
519de9ef68 Fix the bug GUTI not present case [#551] 2020-09-10 14:04:26 -04:00
Sukchan Lee
6124908133 Handle UL NAS Transport [#553]
o Tester
1. UE registered to 5GS and can connect to internet.
2. Turn off the UE and turn on the UE immediately
3. UE send PDU session request message
   without sending registration complete

o Analysis Result
1. UE sends registration request with unknown GUTI
2. AMF send registration accept without GUTI
3. UE skips the registration complete

So, we need the handler UL NAS Transport in this state.
2020-09-10 10:51:18 -04:00
Sukchan Lee
feaec0eaa9 fix the coding within 80 columns 2020-09-09 18:18:39 -04:00
Kenny Barlee
242a352a1c Change PFCP node search order, fix typo, add feature to disable RR for a node (#560)
* change search order to APN/cellID/TAC

* typo in SGWC default config

* Feature to disable RR for particular node
2020-09-09 18:13:58 -04:00
Sukchan Lee
228dd34e5d Fix the coding indentation 2020-09-09 08:36:57 -04:00
Kenny Barlee
56a866c46e Fix for SGWC and SMF round robin selection - select only PFCP associated SGWU/UPF nodes (#556) 2020-09-09 08:28:19 -04:00
Sukchan Lee
8bb0a168f8 Update document for v2.0.4 2020-09-08 22:47:20 -04:00
Sukchan Lee
6ad1c3399e Release v2.0.4 2020-09-09 02:40:54 +00:00
Sukchan Lee
7f9f6fc3f2 rollback ogs_expect() [#551] 2020-09-08 22:17:13 -04:00
Sukchan Lee
c3d66085fc Document update for v2.0.3 2020-09-07 22:48:55 -04:00
Sukchan Lee
f26b1205f4 Release v2.0.3 2020-09-08 02:41:57 +00:00
Sukchan Lee
a2f3914a05 fix assertion E_RABSetupListBearerSURes [#552] 2020-09-07 22:15:59 -04:00
Sukchan Lee
160490483a Fix the many UEs issues [#551] 2020-09-07 22:02:45 -04:00
Sukchan Lee
2579a1779b Update document v2.0.2 2020-09-07 00:38:14 -04:00
Sukchan Lee
804eeb83a8 Release v2.0.2 2020-09-07 00:26:26 -04:00
Sukchan Lee
4d023d0de0 fix overflow bug in the packet memory pool 2020-09-06 23:53:38 -04:00
Sukchan Lee
adf0545159 Remove redundant log message [#551] 2020-09-06 22:51:07 -04:00
Sukchan Lee
4d2b1f7e76 fix the SGW-C crash 2020-09-06 22:41:26 -04:00
Sukchan Lee
a46be09a6f Fix the MME assertion bug [#551] 2020-09-06 22:09:24 -04:00
Sukchan Lee
b499b585d2 Add more delay for test code 2020-09-06 21:41:10 -04:00
Sukchan Lee
6bbc2047d0 Add exception handling for #551
09/07 00:43:07.545: [mme] FATAL: mme_bearer_find_or_add_by_message:
Assertion `sess' failed. (../src/mme/mmecontext.c:2998)
2020-09-06 21:34:17 -04:00
Sukchan Lee
d0f7ec286b move image source 2020-09-05 22:39:29 -04:00
Sukchan Lee
bb1304a6ba Add open5gs logo 2020-09-05 22:20:00 -04:00
Sukchan Lee
2d832b6c82 Update manual especially for new people 2020-09-05 21:00:44 -04:00
Sukchan Lee
5ab5ab4f01 Document release v2.0.1 2020-09-05 20:47:35 -04:00
Sukchan Lee
77de83099d Release v2.0.1 2020-09-05 19:42:23 -04:00
Sukchan Lee
d544125943 PDN connectivity in disconnect state [#486]
After the PDN disconnect failed, there was a problem
that the PDN connectivity was not possible again.

PDN connectivity has been modified to work properly
even in the same situation as 401x2 pcap.
2020-09-05 15:36:18 -04:00
Sukchan Lee
0ef1769583 ogs_exepct() calls abort() temporarily [#472] 2020-09-05 14:25:05 -04:00
Sukchan Lee
d02aa8b21b Attempt to fix #548 problem 2020-09-04 23:36:51 -04:00
Sukchan Lee
054c3c0a63 Add test code for P-CSCF [#535] 2020-09-04 09:58:05 -04:00
Sukchan Lee
4bdbf33c3d Oops! update duration for S1 holding timer [#546] 2020-09-03 22:10:55 -04:00
Sukchan Lee
e86b1043c2 5G Core: Maintaining Old NAS signalling [#546] 2020-09-03 22:00:26 -04:00
Sukchan Lee
3c3bac6812 4G/EPC: Maintaining Old NAS signalling [#546] 2020-09-03 19:59:00 -04:00
Sukchan Lee
d4f5b7417d Fix the link 2020-09-03 12:51:01 -04:00
Sukchan Lee
b2814c0ded fix english grammar 2020-09-01 23:21:41 -04:00
Sukchan Lee
f56e92ee3b Include 5G Core NF in the Log rotate [#542] 2020-09-01 23:10:49 -04:00
Sukchan Lee
887a0a10d3 Fixing the problem of the test program 2020-09-01 23:04:35 -04:00
Sukchan Lee
340ef8cc6f update document image size 2020-09-01 12:49:11 -04:00
Sukchan Lee
618bb9740c update it 2020-09-01 12:35:56 -04:00
Sukchan Lee
7fac23b15d update it 2020-09-01 11:00:42 -04:00
Sukchan Lee
885206f04f Add a sponsor 2020-09-01 10:53:04 -04:00
Sukchan Lee
e073934b15 Add sponsor logo 2020-09-01 10:46:28 -04:00
Sukchan Lee
4d9d10ee1e Oops! rollback previous commit 2020-09-01 08:06:30 -04:00
Sukchan Lee
67e7dbf44f update it 2020-09-01 11:51:48 +00:00
Sukchan Lee
b71e56c305 Fix errata [#536] 2020-09-01 00:46:39 -04:00
Sukchan Lee
111536ea9a Fix the test program [#536] 2020-08-31 22:41:39 -04:00
Sukchan Lee
bc476c2e0e Instead of OGS_NEXT_ID, Use memory pool-index 2020-08-29 23:27:54 -04:00
Sukchan Lee
015a462ce9 Fix the bug for multiple Video Call (#535) 2020-08-29 10:53:02 -04:00
Sukchan Lee
0d676c4057 Fix UPF/SGW-U selection bug 2020-08-26 21:03:15 -04:00
Sukchan Lee
83388cf504 Oops! MacOSX is not working due to previous commit!
So I've fixed it right now.
2020-08-26 09:53:37 -04:00
Sukchan Lee
18c483950c Change Number of UEs usage [#533]
- Set the number of UEs in units of AMF/MME instead of gNB/eNB.
- See default value as shown below
    Number of UEs per AMF/MME : 4,096
    Number of gNB/eNB per AMF/MME : 32
2020-08-25 23:05:01 -04:00
Sukchan Lee
ea0f024b93 Remove SGW/PGW configuration 2020-08-22 19:33:48 -04:00
Sukchan Lee
b412e51b83 Remove SGW and PGW 2020-08-22 13:21:37 -04:00
Sukchan Lee
aca41f6668 srsenb pcapng update with PFCP 2020-08-22 13:06:59 -04:00
Sukchan Lee
db488bc4dd Update Document for v2.0.0 2020-08-22 12:44:11 -04:00
Sukchan Lee
cfd59c7cee Add release notes 2020-08-22 00:26:49 -04:00
Sukchan Lee
de46746a11 Refer the diagram provided by @kbarlee in #528 2020-08-22 00:23:33 -04:00
Sukchan Lee
a2199b81fa Release note v2.0.0 2020-08-22 00:09:36 -04:00
Sukchan Lee
23c57b84b8 Update debian changelog 2020-08-21 23:44:31 -04:00
Sukchan Lee
8e048be082 Release v2.0.0 2020-08-21 23:33:45 -04:00
Sukchan Lee
00a66cb1da Update sponsor button 2020-08-19 13:17:22 -04:00
Sukchan Lee
f70b8a2972 Enable Sponsor button 2020-08-14 12:18:25 -04:00
Sukchan Lee
b7faf39633 foot title is changed 2020-08-13 21:36:28 -04:00
Sukchan Lee
aa842bc556 Change Github link 2020-08-13 21:35:33 -04:00
Sukchan Lee
6e6b037d28 Rollback github repository to open5gs 2020-08-13 21:28:37 -04:00
Sukchan Lee
9b64944375 Dealy set to 500ms for test program (#529) 2020-08-14 01:10:40 +00:00
Sukchan Lee
bd72480303 Squashed commit of the following:
commit 58d790f4916319b274c2c8a82b6226dc3f79258e
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Aug 13 22:05:38 2020 +0000

    udpate it

commit 5c06b8fa9114dc7391208d523cf850a3ca3f78d5
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Aug 13 16:01:02 2020 +0000

    update it

commit 19909f9d9e20f429bd06300e9ba2cfaef855c9b2
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Aug 13 15:52:13 2020 +0000

    update it

commit b7f2bb3681aa512dcb621e4662c90d7277863707
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Aug 13 15:48:18 2020 +0000

    update it

commit 53f3004467a81a0702d9c1ee3e29f4d4d29ff22c
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Aug 13 15:32:30 2020 +0000

    update it

commit e295ec4537c443cd6253592a9e31e151fc0bb827
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Aug 13 14:50:23 2020 +0000

    update it

commit 435edd22ba8118b31855b88d6974d9f757758da2
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Aug 13 14:39:43 2020 +0000

    update it

commit 49872a99f13476bd73a44150d18c66ad713ef699
Author: Sukchan Lee <acetcom@gmail.com>
Date:   Thu Aug 13 14:36:30 2020 +0000

    update it
2020-08-13 19:26:17 -04:00
Sukchan Lee
dc7abdf9bf Avoid the GPT-U address conflict in test program 2020-08-12 21:40:56 -04:00
Sukchan Lee
19b9360687 Split SGW into SGW-C/SGW-U 2020-08-12 20:31:22 -04:00
Sukchan Lee
9f24b7f295 Fix the AMF bug and add TLV log [#521] 2020-08-07 11:57:17 -04:00
Sukchan Lee
bcffdd823e Re-factoring 5GC for solving crash issue 2020-08-02 23:22:41 -04:00
Sukchan Lee
4d5b38c8f4 Fix the AMF crash [#521] 2020-07-30 22:10:20 -04:00
Sukchan Lee
2b2c51722f fix the 5GC test program 2020-07-29 23:26:12 -04:00
Sukchan Lee
c72414481e Check last session 2020-07-28 23:05:51 -04:00
Sukchan Lee
94b44a3dd0 Fix the AMF bug for double free 2020-07-28 22:35:43 -04:00
Sukchan Lee
7afb914b9a Add more log for 5GC 2020-07-27 21:05:11 -04:00
Sukchan Lee
7071d32518 Message Wait Timer default set to 2 seconds [#512] 2020-07-27 00:20:01 -04:00
Sukchan Lee
24a4df3691 fix SMF crash [#512] 2020-07-26 23:10:53 -04:00
Sukchan Lee
0cabf9de11 Synchronize all timers [#512] 2020-07-26 21:02:40 -04:00
Sukchan Lee
1d61c94f54 Oops! change debug level 2020-07-26 14:56:34 -04:00
Sukchan Lee
06a5566128 Add NRF debug/trace for finding crash [#512] 2020-07-26 14:54:30 -04:00
Sukchan Lee
ff56388b3e [#510] fix the PFD management request 2020-07-23 13:47:41 -04:00
Sukchan Lee
96396739af [#511] 5GC Re-registration bug is fixed 2020-07-23 11:21:29 -04:00
Sukchan Lee
fa262ded90 Fix the BUG - AMF pointer in GUTI [#508] 2020-07-21 15:14:07 -04:00
Sukchan Lee
50079a53b1 Remove MongoDB access in NRF 2020-07-20 09:20:33 -04:00
Sukchan Lee
fae425b539 Fix typo in VoLTE docs [#503] 2020-07-20 08:09:59 -04:00
Sukchan Lee
661da4e034 5GC UPF selection is added 2020-07-19 21:42:58 -04:00
Sukchan Lee
9b3176ca4a QFI is added 2020-07-17 23:29:45 -04:00
Sukchan Lee
4db0f80374 Permit email technical supporting 2020-07-16 11:02:11 -04:00
Sukchan Lee
760f052f01 Transfer github repository open5gs to acetcom 2020-07-13 23:40:16 -04:00
Sukchan Lee
c22ef51e01 Finished on version 2020-07-13 21:53:41 -04:00
Sukchan Lee
347e0d7b2f refine meson git version 2020-07-13 01:07:27 -04:00
Sukchan Lee
4dd113ac7b Add git version 2020-07-13 00:18:29 -04:00
Sukchan Lee
a80f5cb77c Release v1.3.0 2020-07-10 17:49:33 -04:00
Sukchan Lee
dbb7ae2de9 Release v1.3.0 2020-07-10 17:27:45 -04:00
Sukchan Lee
b54ab2923c Update document(v1.3.0) 2020-07-10 16:50:23 -04:00
Sukchan Lee
fdfce08b68 Fix the compile error [#499] 2020-07-10 14:59:29 -04:00
Sukchan Lee
f78ca3c483 remove unnecessary ASN 2020-07-09 18:43:55 -04:00
Harald Welte
f42b45a061 fix compilation warnings/errrors with microhttpd >= v0.97.1 (#498)
Unfortunately upstream microhttpd has changed their callback function
prototypes in an API-incompatible way.  At least if you build with
-Werror, gcc will fail due to non-matching prototypes.

Work around this by using a typedef which uses the proper return type
depending on the microhttpd version used.

Closes: #497

Co-authored-by: Harald Welte <laforge@osmocom.org>
2020-07-09 17:56:48 -04:00
Sukchan Lee
7bb1c7055f Remove ACK in configuration update [#487] 2020-07-09 17:34:41 -04:00
Sukchan Lee
997b716cda Change asn1c from velichkov to mounse07410 [#492] 2020-07-09 16:43:56 -04:00
Sukchan Lee
d711b26dfa Update document [#495] 2020-07-09 14:40:52 -04:00
Sukchan Lee
dd67b1e533 Update Document for srsLTE [#495] 2020-07-09 09:15:44 -04:00
Sukchan Lee
a71d2ee3db refine SGW/UPF selection code 2020-07-09 01:38:09 -04:00
Sukchan Lee
8ddbb03f65 Fix WebUI Install URL in the document [#495] 2020-07-06 12:12:11 -04:00
Sukchan Lee
c7d87c9180 Fix the SMF crash bug [#487] 2020-07-03 23:14:48 -04:00
Sukchan Lee
3b0db8c384 Fix the bug for Release-16 2020-07-03 01:03:13 -04:00
Sukchan Lee
ad12949469 Add ACK in configuration upate command [#487] 2020-07-02 02:16:52 -04:00
Sukchan Lee
7343941a50 fix test code 2020-07-02 01:56:18 -04:00
Sukchan Lee
d9743286c5 Add PDU Session Release [#488] 2020-07-02 01:50:23 -04:00
Sukchan Lee
8afc4b7887 Add missing files 2020-07-01 00:25:04 -04:00
Sukchan Lee
fae342ecce Apply Release-16 in 4G EPC(S1AP,NAS,GTP) 2020-07-01 00:22:55 -04:00
Sukchan Lee
5eabfc8275 Fix to decode configuration update complete [#487] 2020-06-30 08:29:18 -04:00
Sukchan Lee
3c6711c9c8 If HSS/UDR gets MSISDN, AMF/MME -> SMF/SGW [#464] 2020-06-29 22:12:24 -04:00
Sukchan Lee
7e29e7486f Add sanity check for unexpected gNB behavior 2020-06-27 15:21:29 -04:00
Sukchan Lee
2dfeade346 All known memory problem is solved. 2020-06-27 14:28:14 -04:00
Sukchan Lee
70d02a3b8b Hotfix for Service Request in 5GC 2020-06-27 09:23:38 -04:00
Sukchan Lee
ca4ee27e84 more bug is fixed 2020-06-27 00:46:06 -04:00
Sukchan Lee
da364e03b7 Fix the document mistypo [#485] 2020-06-26 08:14:33 -04:00
Sukchan Lee
01b69e046f Bug Fixed for 5GC 2020-06-25 22:44:28 -04:00
Sukchan Lee
85555daa15 change ngKSI management policy (#482) 2020-06-25 01:06:56 -04:00
Sukchan Lee
6e84ac670d Bug fixed for 5G core 2020-06-25 00:37:29 -04:00
Sukchan Lee
d652075ab9 a couple of bug is fixed 2020-06-24 00:33:10 -04:00
Sukchan Lee
a7280c2fcb Add a guide if SMF/PGW cannot find subnet [#480] 2020-06-23 12:50:23 -04:00
Sukchan Lee
300123d990 Bug fixed for 5GC 2020-06-23 00:35:41 -04:00
Sukchan Lee
ee41a751f0 remove unnecessary code [#476] [#477] 2020-06-22 14:17:58 -04:00
Sukchan Lee
8487a2b4b3 Update configuration manual for 5GC 2020-06-22 12:29:41 -04:00
Sukchan Lee
e6ecaaa4fc Merge branch 'master' of https://github.com/open5gs/open5gs 2020-06-21 23:55:08 -04:00
Sukchan Lee
99f7b3ce35 Document update for 5GC 2020-06-21 23:54:53 -04:00
Sukchan Lee
4b906b3010 Fix the version to 1.3.0 2020-06-21 23:14:26 -04:00
Sukchan Lee
b35c2277be simple 5GC registration is done 2020-06-21 23:10:54 -04:00
Kenny Barlee
bcd02b1f33 MME: select SGW by RR,TAC,ENB_ID || SMF: select PFCP associated UPF by RR,TAC,APN,ENB_ID (re-worked) (#470)
* MME: select SGW by RR,TAC,ENB_ID
and enable round robin inside each option

* SMF: select PFCP associated UPF by RR,TAC,APN,ENB_ID
and enable round robin inside each option
2020-06-19 00:36:02 -04:00
Sukchan Lee
c54e85c5c0 Session-AMBR changes required field in WebUI 2020-06-17 21:43:16 -04:00
Sukchan Lee
dbee687a75 Add only one 5GC scenario (call-flow) 2020-06-17 01:22:28 -04:00
Sukchan Lee
20008b6a13 Update document for shared library [#445],[#463] 2020-06-11 10:30:44 -04:00
Sukchan Lee
7f19916f05 remove test random number 2020-06-07 10:56:41 -04:00
Supreeth Herle
a381c89f2e Update of VoLTE tutorial (#459)
1. Dont run the P-CSCF, I-CSCF and S-CSCF as systemctl process
2. Run all the IMS process in foreground for better debugging
3. Run all the IMS process (or atleast P-CSCF) in foreground as ROOT user and NOT SUDO - Handles non-creation of IPSec tunnel issue
2020-06-05 08:54:08 -04:00
Sukchan Lee
e514316493 Remove assert for UEContextReleaseComplete [#445] 2020-06-04 16:16:16 -04:00
Sukchan Lee
41ff775a37 Update AMBR checking [#457]
AMBR uses uplink/downlink in kbps(1000 bits per second).
2020-06-04 15:32:46 -04:00
Supreeth Herle
8702605b5f Add the modified Bearer level QoS if PCRF changes them (#457)
* Add the modified Bearer level QoS if PCRF changes them

* Add the AMBR if PCRF changes them
2020-06-04 15:12:32 -04:00
Sukchan Lee
72370ff0b2 Add AUSF, UDM, and UDR 2020-06-04 14:12:05 -04:00
Supreeth Herle
0c0241d5e5 Undo the fix provided for converting Rx to Gx Flow Description (#452)
The fix introduced in commit 768e4d9eb3 is wrong, which resulting in UE
replying with bad Semantic error for Activate Dedicated EPS Bearer Context Request. Hence, reverting back
to original implementation as its correctly doing the conversion as per 3GPP Spec. ETSI ETSI TS 129 214 V14.3.0
Section 5.3.8.
2020-05-29 10:38:55 -04:00
Nick
1494cd9fec Update View.js (#450)
Switched UL and DL values as they were reversed (DL showing UL & UL showing DL)
2020-05-26 21:02:31 -04:00
Sukchan Lee
9bfb4591ea Add MMEName in S1SetupResponse [#444] 2020-05-25 12:34:05 -04:00
Sukchan Lee
6ef5a746e5 NGSetup is added 2020-05-25 12:15:22 -04:00
Sukchan Lee
c534d47a78 add revision date 2020-05-23 00:16:21 -04:00
Sukchan Lee
68dba64d0d fix link 2020-05-23 00:09:43 -04:00
Sukchan Lee
7ba5e31c80 Update Contributor License 2020-05-23 00:03:15 -04:00
Sukchan Lee
6f6800b52e NGAP is added 2020-05-22 22:24:48 -04:00
Sukchan Lee
3c3aec340e Fix the compile error [#442] 2020-05-21 23:11:27 -04:00
Sukchan Lee
a9eaed18aa NAS-5GS is added 2020-05-21 21:24:21 -04:00
Sukchan Lee
3b19cd85cc Update license terms (#411) 2020-05-19 20:38:19 -04:00
Sukchan Lee
dbf3e17fda port configuration update [#217] 2020-05-19 15:35:41 -04:00
Sukchan Lee
1fd3f48860 Squashed commit of the following:
Fix the wrong format in nf-instance GET method
2020-05-18 23:07:41 -04:00
Sukchan Lee
d0673e3066 Added NRF 2020-05-18 17:00:37 -04:00
Sukchan Lee
46f20cc979 Fix the SMF crash [#437] 2020-05-14 13:38:26 -04:00
Sukchan Lee
4e01d270eb Use ogs_pool_alloc in diameter state #420 2020-04-27 13:08:24 -04:00
miaoski
00ec906b0c IPsec works now. Removed several lines. (#424) 2020-04-27 07:31:47 -04:00
Sukchan Lee
82eebc3b80 Rollback mme_enb_pool instead of ogs_calloc (#423) 2020-04-26 22:18:47 -04:00
Jamo
cde847c53d Fix MME crash on eNB connection when maximum number of eNBs reached (#423)
* Remove mme_enb_t pool and use enb_list instead

* Refactor S1 Setup request handler

* Implement S1 Setup Failure response when maximum number of eNBs reached
2020-04-26 21:07:09 -04:00
Sukchan Lee
e6ee163140 Update document for Release v1.2.4 2020-04-26 18:41:12 -04:00
Sukchan Lee
ae75f43a88 Initial proposal CUPS using PFCP 2020-04-26 15:36:05 -04:00
Sukchan Lee
37a69e6332 Release v1.2.4 2020-04-26 15:22:55 -04:00
Sukchan Lee
4ceae8857d Docker script update for Ubuntu 20.04 2020-04-26 15:04:07 -04:00
Sukchan Lee
f0a405f17c Change MIT License for NAS message (#411) 2020-04-24 08:52:14 -04:00
Nick
7c47a8901a Update 02-building-open5gs-from-sources.md
Few minor corrections;
 * Meson installed via apt
 * Directory corrections in regards to where to go on the system
 * Added copying the binaries to /usr/bin
2020-04-20 12:07:45 +10:00
Sukchan Lee
c6ea286fe2 fix the PGW segfault on DeleteSessionRequest (#417) 2020-04-19 12:27:52 -04:00
Sukchan Lee
b50c77c9f8 Update Document (#415) 2020-04-19 10:15:13 -04:00
Supreeth Herle
7aae20e04a Handle forcing of IPv4 or IPv6 PDN connect using the Web UI (#415) 2020-04-19 00:05:04 -04:00
miaoski
8323114945 Use open5gs/open5gs and add description of setting APN.type to IPv4 (#414)
* Adopt tutorial format to dockerized VoLTE lab

* Fixed several lines according to Supreeth's feedback

* add PCAP analysis to successful calls

* set APN type to IPv4

* remove redundant APN screenshots
2020-04-18 23:52:26 -04:00
Sukchan Lee
c26d525488 delete gtp buffer in gtp_ping 2020-04-18 13:39:25 -04:00
Sukchan Lee
74d631aaaa rollback for checking gx message (#403) 2020-04-18 13:29:42 -04:00
Sukchan Lee
2e784a331d cause_value should be initialed with ACCEPT 2020-04-18 13:21:18 -04:00
Sukchan Lee
5009876c16 P-GW respond to DIAMETER error from PCRF(#403) 2020-04-18 13:07:06 -04:00
Sukchan Lee
63809a3677 Display dockerized-VoLTE on the main (#412, #413) 2020-04-18 09:54:32 -04:00
miaoski
713693ee78 Add PCAP analysis to successful calls (#413)
* Adopt tutorial format to dockerized VoLTE lab

* Fixed several lines according to Supreeth's feedback

* add PCAP analysis to successful calls
2020-04-18 09:13:17 -04:00
miaoski
c00f67caab Adopt tutorial format to dockerized VoLTE lab (#412)
* Adopt tutorial format to dockerized VoLTE lab

* Fixed several lines according to Supreeth's feedback
2020-04-18 08:31:29 -04:00
Sukchan Lee
3feddd5424 Fix P-GW crashed without PCRF (#402) 2020-04-17 21:36:26 -04:00
Sukchan Lee
2b69283a81 Fix the bug when only one DNS is configured (#404) 2020-04-10 22:41:48 -04:00
Sukchan Lee
88981a570d Update Document 2020-04-10 22:12:04 -04:00
Sukchan Lee
23251fa6e3 Update Document 2020-04-10 21:42:43 -04:00
Sukchan Lee
a1569e5d86 Add optional function for TAI or ECGI(#399) 2020-04-09 10:52:21 -04:00
Sukchan Lee
5f7d1c5d90 re-formatting 2020-04-08 19:54:09 -04:00
Sukchan Lee
0789216201 Oops! it's mistake 2020-04-08 19:51:21 -04:00
Sukchan Lee
d84f79f4f2 Change ULI to optional filed in P-GW (#399) 2020-04-08 19:44:47 -04:00
Sukchan Lee
235d61a2ea Fix the crash in SGW selection mode 2020-04-08 19:27:54 -04:00
Supreeth Herle
3bb763292a Minor doc improvement (#401)
- Added more info to disable VoIP calling so that it doesnt intefere with VoLTE call test
- Checkout 5.3 branch of kamailio (better for IPSec requiring phones)
2020-04-08 07:55:49 -04:00
Sukchan Lee
2e7d19a7f1 Document Update for v1.2.3 2020-04-04 18:20:40 -04:00
Sukchan Lee
e13a7a1161 Release v1.2.3 2020-04-04 18:12:18 -04:00
Sukchan Lee
9b9cad288e Hotfix for handling MTU size (#398) 2020-04-04 17:49:58 -04:00
Sukchan Lee
7b5f9520d9 check auth length for sanity 2020-04-02 20:43:22 -04:00
Sukchan Lee
c7856bf3b2 fix mistypo 2020-03-30 16:24:16 -04:00
Harald Welte
27b3bec169 various documentation improvements (#396)
* FAQ: improve Language of the FAQ

* FAQ: elaborate bit more on commercial support; change contact address

* docs: Esnure mongodb is started at system boot

* docs: Language improvements + spelling fixes

* docs: If we use --prefix=`pwd`/install, the configs are not in /etc

* docs: Further clarifications

Co-authored-by: Harald Welte <laforge@osmocom.org>
2020-03-30 16:21:02 -04:00
Sukchan Lee
ef8d7d5d34 Update document for troubleshooting 2020-03-27 11:34:35 -04:00
Sukchan Lee
e7b40a3a09 Release Notes for v1.2.2 2020-03-25 20:45:44 -04:00
8452 changed files with 1734295 additions and 128331 deletions

69
.clang-tidy Normal file
View File

@@ -0,0 +1,69 @@
---
Checks: '*,
-altera-id-dependent-backward-branch,
-altera-struct-pack-align,
-altera-unroll-loops,
-android-cloexec-*,
-bugprone-branch-clone,
-bugprone-easily-swappable-parameters,
-bugprone-macro-parentheses,
-bugprone-reserved-identifier,
-bugprone-sizeof-expression,
-cert-dcl37-c,
-cert-dcl51-cpp,
-cert-err33-c,
-cert-err34-c,
-clang-analyzer-optin.performance.Padding,
-clang-analyzer-security.insecureAPI.bcmp,
-clang-analyzer-security.insecureAPI.bcopy,
-clang-analyzer-security.insecureAPI.bzero,
-clang-diagnostic-error,
-clang-diagnostic-typedef-redefinition,
-clang-diagnostic-unknown-warning-option,
-concurrency-mt-unsafe,
-cppcoreguidelines-avoid-magic-numbers,
-cppcoreguidelines-avoid-non-const-global-variables,
-cppcoreguidelines-init-variables,
-google-readability-braces-around-statements,
-google-readability-casting,
-google-readability-function-size,
-google-readability-todo,
-hicpp-braces-around-statements,
-hicpp-function-size,
-hicpp-multiway-paths-covered,
-llvm-else-after-return,
-llvm-header-guard,
-llvm-include-order,
-llvmlibc-restrict-system-libc-headers,
-misc-no-recursion,
-misc-unused-parameters,
-performance-no-int-to-ptr,
-readability-avoid-const-params-in-decls,
-readability-braces-around-statements,
-readability-duplicate-include,
-readability-else-after-return,
-readability-function-cognitive-complexity,
-readability-function-size,
-readability-identifier-length,
-readability-isolate-declaration,
-readability-magic-numbers,
-readability-non-const-parameter,
-readability-redundant-control-flow,
-readability-redundant-declaration,
-readability-suspicious-call-argument,
-bugprone-implicit-widening-of-multiplication-result,
-bugprone-narrowing-conversions,
-cert-exp42-c,
-cert-flp37-c,
-clang-analyzer-core.NullDereference,
-clang-analyzer-deadcode.DeadStores,
-clang-analyzer-security.insecureAPI.strcpy,
-cppcoreguidelines-interfaces-global-init,
-cppcoreguidelines-narrowing-conversions,
-hicpp-signed-bitwise,
'
WarningsAsErrors: false
HeaderFilterRegex: '(.*\.h)'

10
.dockerignore Normal file
View File

@@ -0,0 +1,10 @@
**/*.md
**/docker-compose*.yml
**/docker-compose*.yaml
**/Dockerfile*
.git
.dockerignore
.cache
.gitignore
.github
build

13
.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1,13 @@
# These are supported funding model platforms
#github: [acetcom, open5gs]
github: acetcom
#patreon: # Replace with a single Patreon username
open_collective: open5gs
#ko_fi: # Replace with a single Ko-fi username
#tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
#community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
#liberapay: # Replace with a single Liberapay username
#issuehunt: # Replace with a single IssueHunt username
#otechie: # Replace with a single Otechie username
#custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

58
.github/ISSUE_TEMPLATE/bugreport.yaml vendored Normal file
View File

@@ -0,0 +1,58 @@
name: Bug Report
description: File a bug report or issue
title: "[Bug]: "
labels: ['triage']
assignees: []
body:
- type: markdown
attributes:
value: >
**Please note**
This form should only be used if _you can reporoduce_ the bug the in the *current* release of
Open5GS Stack. For installation, configuration or other help with Open5GS please
use our [discussion forum](https://github.com/open5gs/open5gs/discussions).
**This form is not for support requests.**
- type: input
attributes:
label: Open5GS Release, Revision, or Tag
description: Please check if your issue has been resolved in the latest release.
placeholder: v2.6.0
validations:
required: true
- type: textarea
attributes:
label: Steps to reproduce
description: >
Please describe in detail the steps needed to reproduce this bug. These steps
should reproduce the issue on the most current release of Open5GS. Be sure to
include configuration and platform details.
Please include logs from the relevant daemons as well as any relevant packet captures.
validations:
required: true
- type: textarea
attributes:
label: Logs
description: Provide any relevant captured logs for the issue
render: shell
- type: textarea
attributes:
label: Expected behaviour
description: What did you expect to happen?
validations:
required: true
- type: textarea
attributes:
label: Observed Behaviour
description: What's the observed behaviour?
validations:
required: true
- type: input
attributes:
label: eNodeB/gNodeB
description: If using an eNB or gNB, please identify which vendor/version
- type: input
attributes:
label: UE Models and versions
description: Which UE hardware model and version or simulator version are you using?

9
.github/ISSUE_TEMPLATE/config.yaml vendored Normal file
View File

@@ -0,0 +1,9 @@
blank_issues_enabled: false
contact_links:
- name: Open5GS Contribution Guide
url: https://github.com/open5gs/open5gs/wiki/Contribution-guide
about: Contribution guide detailing how you can help the project
- name: Project Sponsorship
url: https://github.com/sponsors/acetcom
name: Support the Open5GS developer using GitHub sponsorship

View File

@@ -0,0 +1,48 @@
name: Feature request
description: Propose an enhancement to Open5GS
labels: ['Enhancement', 'triage']
body:
- type: markdown
attributes:
value: >
## Feature request
Please submit your feature request using the form. If your proposal is not sufficiently
well formed, we may request further clarification and expansion. If you're unsure about
how to formulate your request, please start a [discussion instead](https://github.com/open5gs/open5gs/dicsussions/).
- type: input
attributes:
label: Open5GS Release, Revision, or Tag
placeholder: v2.6.0
validations:
required: true
- type: input
attributes:
label: Components and subsystems
description: Which subsystems and components would this feature be relevant to?
validations:
required: true
- type: textarea
attributes:
label: Proposed functionality
description: >
Provide a detailed description of the feature or behaviour you are proposing. Please include any
Please include any relevant 3GPP standards and references and include any specific changes to
current protocols, processing pipelines, DIAMETER requests/responses, and interfaces. The more detail
you provide, the greater the chance your proposal has of being discussed.
If your feature request does not include anything actionable or sufficient details, you may be asked
to provide further clarification or your request may be rejected.
validations:
required: true
- type: textarea
attributes:
label: External dependencies
description: >
Please detail any new dependencies or implementations that this feature might introduce. e.g. Does the
proposal require the installation of additional packages? Are there further external nodes which may be
required for integration testing? (Not all feature requests will introduce new dependencies)

61
.github/stale.yml vendored Normal file
View File

@@ -0,0 +1,61 @@
# Configuration for probot-stale - https://github.com/probot/stale
# Number of days of inactivity before an Issue or Pull Request becomes stale
daysUntilStale: 180
# Number of days of inactivity before an Issue or Pull Request with the stale label is closed.
# Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale.
daysUntilClose: 7
# Only issues or pull requests with all of these labels are check if stale. Defaults to `[]` (disabled)
onlyLabels: []
# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable
exemptLabels:
- pinned
- security
- "[Status] Maybe Later"
# Set to true to ignore issues in a project (defaults to false)
exemptProjects: false
# Set to true to ignore issues in a milestone (defaults to false)
exemptMilestones: false
# Set to true to ignore issues with an assignee (defaults to false)
exemptAssignees: false
# Label to use when marking as stale
staleLabel: wontfix
# Comment to post when marking as stale. Set to `false` to disable
markComment: >
This issue/PR has been automatically marked as stale because it has not had
recent activity for 180 days. It will be closed if no further activity
occurs in 7 dayss. Thank you for your contributions!
# Comment to post when removing the stale label.
# unmarkComment: >
# Your comment here.
# Comment to post when closing a stale Issue or Pull Request.
# closeComment: >
# Your comment here.
# Limit the number of actions per hour, from 1-30. Default is 30
limitPerRun: 30
# Limit to only `issues` or `pulls`
# only: issues
# Optionally, specify configuration settings that are specific to just 'issues' or 'pulls':
# pulls:
# daysUntilStale: 30
# markComment: >
# This pull request has been automatically marked as stale because it has not had
# recent activity. It will be closed if no further activity occurs. Thank you
# for your contributions.
# issues:
# exemptLabels:
# - confirmed

78
.github/workflows/meson-ci.yml vendored Normal file
View File

@@ -0,0 +1,78 @@
name: Meson Continuous Integration
on: [push, pull_request]
jobs:
macos-latest:
name: Build and Test on MacOS Latest
runs-on: macos-latest
steps:
# - name: Install MongoDB with Package Manager
# run: |
# brew tap mongodb/brew
# brew install mongodb-community
# brew services start mongodb-community
- name: Create the TUN device with the interface name `ogstun`.
run: |
sudo ifconfig lo0 alias 127.0.0.2 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.3 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.4 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.5 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.5 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.6 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.7 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.8 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.9 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.10 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.11 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.12 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.13 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.14 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.15 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.16 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.17 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.18 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.19 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.0.20 netmask 255.255.255.255
sudo ifconfig lo0 alias 127.0.1.10 netmask 255.255.255.255
- name: Install the dependencies for building the source code.
run: brew install mongo-c-driver libidn libmicrohttpd nghttp2 bison libusrsctp libtins talloc meson
- name: Check out repository code
uses: actions/checkout@main
- name: Setup Meson Build
run: PATH="/usr/local/opt/bison/bin:$PATH" PKG_CONFIG_PATH="/usr/local/opt/openssl/lib/pkgconfig:$PKG_CONFIG_PATH" meson setup build
env:
CC: gcc
- name : Build Open5GS
run: ninja -C build
- name: Test Open5GS
run: sudo meson test -C build -v crypt unit
ubuntu-latest:
name: Build and Test on Ubuntu Latest
runs-on: ubuntu-latest
services:
mongodb:
image: mongo
ports:
- 27017:27017
steps:
- name: Create the TUN device with the interface name `ogstun`.
run: |
sudo ip tuntap add name ogstun mode tun
sudo ip addr add 10.45.0.1/16 dev ogstun
sudo ip addr add 2001:db8:cafe::1/48 dev ogstun
sudo ip link set ogstun up
- name: Install the dependencies for building the source code.
run: |
sudo apt update
sudo apt install python3-pip python3-setuptools python3-wheel ninja-build build-essential flex bison git libsctp-dev libgnutls28-dev libgcrypt-dev libssl-dev libidn11-dev libmongoc-dev libbson-dev libyaml-dev libnghttp2-dev libmicrohttpd-dev libcurl4-gnutls-dev libnghttp2-dev libtins-dev libtalloc-dev meson
- name: Check out repository code
uses: actions/checkout@main
- name: Setup Meson Build
run: meson setup build
env:
CC: gcc
- name : Build Open5GS
run: ninja -C build
- name: Test Open5GS
run: meson test -C build -v

45
.github/workflows/stale.yml vendored Normal file
View File

@@ -0,0 +1,45 @@
name: Mark stale issues and pull requests
on:
schedule:
- cron: '30 22 * * *'
jobs:
stale:
runs-on: ubuntu-latest
permissions:
issues: write
pull-requests: write
steps:
- uses: actions/stale@v5
with:
debug-only: false
operations-per-run: 500
enable-statistics: true
remove-stale-when-updated: true
exempt-issue-labels: 'status:accepted,status:blocked,status:more-info-needed,status:milestone-required,Help Wanted'
exempt-all-milestones: true
stale-issue-label: 'Housekeeping:ToClose'
days-before-stale: 60
stale-issue-message: >
This issue has been marked as stale because there has been no recent activity on it. If there is
no further activity, it will be closed. The Open5GS team is a small but dedicated team with limited
resources and may not be able to address every issue directly. **Do not** attempt to circumvent this
by 'bumping' the issue; doing so will result in it's immediate closure and possibly your exclusion
from participating in any future discussions.
stale-pr-message: >
As there has been no recent activity on this PR, it has been marked as stale. It will be automatically
closed if no further action is taken.
days-before-close: 30
days-before-pr-close: -1
close-issue-message: >
This issue has been closed automatically due to lack of activity. This has been done to try
and reduce the amount of noise. Please do not comment any further. The Open5GS Team may choose to
re-open this issue if necessary.
close-pr-message: >
This PR has been closed due to an absence of activity.

4
.gitignore vendored
View File

@@ -1,3 +1,7 @@
# This directory is fetched during first build and is present in this directory
subprojects/freeDiameter
subprojects/libtins
subprojects/prometheus-client-c
subprojects/usrsctp
webui/.next

View File

@@ -1,26 +1,30 @@
## Documentation
<p align="center"><a href="https://open5gs.org" target="_blank" rel="noopener noreferrer"><img width="100" src="https://open5gs.org/assets/img/open5gs-logo-only.png" alt="Open5GS logo"></a></p>
If you don't understand something about Open5GS, the [https://open5gs.org/open5gs/docs/](https://open5gs.org/open5gs/docs/) is a great place to look for answers.
## Getting Started
## Support
Please follow the [documentation](https://open5gs.org/open5gs/docs/) at [open5gs.org](https://open5gs.org/)!
Problem with Open5GS can be filed as [issues](https://github.com/open5gs/open5gs/issues) in this repository.
## Sponsors
Discussions related to this project are happening on the [nextepc@lists.osmocom.org](mailto:nextepc@lists.osmocom.org) mailing list, please see <https://lists.osmocom.org/mailman/listinfo/nextepc> for subscription options and the list archive.
If you find Open5GS useful for work, please consider supporting this Open Source project by [Becoming a sponsor](https://github.com/sponsors/acetcom). To manage the funding transactions transparently, you can donate through [OpenCollective](https://opencollective.com/open5gs).
Voice and text chat available in Open5GS's [Discord](https://discordapp.com/) workspace. Use [this link](https://discord.gg/GreNkuc) to get started.
<p align="center">
<a target="_blank" href="https://open5gs.org/#sponsors">
<img alt="sponsors" src="https://open5gs.org/assets/img/sponsors.svg">
</a>
</p>
## Community
- Problem with Open5GS can be filed as [issues](https://github.com/open5gs/open5gs/issues) in this repository.
- Other topics related to this project are happening on the [discussions](https://github.com/open5gs/open5gs/discussions).
- Voice and text chat are available in Open5GS's [Discord](https://discordapp.com/) workspace. Use [this link](https://discord.gg/GreNkuc) to get started.
## Contributing
Open5GS is a pure/classic FOSS project, open to contributions from anyone.
[Pull requests](https://github.com/open5gs/open5gs/pulls) are always welcome, and I appreciates any help the community can give to help make Open5GS better.
Do you want to be a committer? Please [send me an email](mailto:acetcom@gmail.com). You will be added as a committer to this project. However, if someone consistently causes difficulties with these source repositories due to poor behavior or other serious problems then commit access may be revoked.
If you're contributing through a pull request to Open5GS project on GitHub, please read the [Contributor License Agreement](https://open5gs.org/open5gs/cla/) in advance.
## License
Open5GS source files are made available under the terms of the GNU Affero General Public License (GNU AGPLv3).
When you contribute code for Open5GS, the same license applies.
- Open5GS Open Source files are made available under the terms of the GNU Affero General Public License ([GNU AGPL v3.0](https://www.gnu.org/licenses/agpl-3.0.html)).
- [Commercial licenses](https://open5gs.org/open5gs/support/) are also available from [NeoPlane](https://neoplane.io/)

259
configs/310014.yaml.in Normal file
View File

@@ -0,0 +1,259 @@
db_uri: mongodb://localhost/open5gs
logger:
sbi:
server:
no_tls: true
cacert: @build_configs_dir@/open5gs/tls/ca.crt
key: @build_configs_dir@/open5gs/tls/testserver.key
cert: @build_configs_dir@/open5gs/tls/testserver.crt
client:
no_tls: true
cacert: @build_configs_dir@/open5gs/tls/ca.crt
key: @build_configs_dir@/open5gs/tls/testclient.key
cert: @build_configs_dir@/open5gs/tls/testclient.crt
parameter:
# no_nrf: true
# no_scp: true
# no_amf: true
# no_smf: true
# no_upf: true
# no_ausf: true
# no_udm: true
# no_pcf: true
# no_nssf: true
# no_bsf: true
# no_udr: true
# no_mme: true
# no_sgwc: true
# no_sgwu: true
# no_pcrf: true
# no_hss: true
# use_mongodb_change_stream: true
mme:
freeDiameter:
identity: mme.localdomain
realm: localdomain
listen_on: 127.0.0.2
no_fwd: true
load_extension:
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: hss.localdomain
addr: 127.0.0.8
s1ap:
- addr: 127.0.0.2
gtpc:
- addr: 127.0.0.2
gummei:
plmn_id:
mcc: 310
mnc: 014
mme_gid: 2
mme_code: 1
tai:
plmn_id:
mcc: 310
mnc: 014
tac: 1
security:
integrity_order : [ EIA2, EIA1, EIA0 ]
ciphering_order : [ EEA0, EEA1, EEA2 ]
network_name:
full: Open5GS
sgwc:
gtpc:
- addr: 127.0.0.3
pfcp:
- addr: 127.0.0.3
smf:
sbi:
- addr: 127.0.0.4
port: 7777
pfcp:
- addr: 127.0.0.4
gtpc:
- addr: 127.0.0.4
- addr: ::1
gtpu:
- addr: 127.0.0.4
- addr: ::1
subnet:
- addr: 10.45.0.1/16
- addr: 2001:db8:cafe::1/48
dns:
- 8.8.8.8
- 8.8.4.4
- 2001:4860:4860::8888
- 2001:4860:4860::8844
mtu: 1400
freeDiameter:
identity: smf.localdomain
realm: localdomain
listen_on: 127.0.0.4
no_fwd: true
load_extension:
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: pcrf.localdomain
addr: 127.0.0.9
amf:
sbi:
- addr: 127.0.0.5
port: 7777
ngap:
- addr: 127.0.0.5
guami:
- plmn_id:
mcc: 310
mnc: 014
amf_id:
region: 2
set: 1
tai:
- plmn_id:
mcc: 310
mnc: 014
tac: 1
plmn_support:
- plmn_id:
mcc: 310
mnc: 014
s_nssai:
- sst: 1
security:
integrity_order : [ NIA2, NIA1, NIA0 ]
ciphering_order : [ NEA0, NEA1, NEA2 ]
network_name:
full: Open5GS
amf_name: open5gs-amf0
sgwu:
pfcp:
- addr: 127.0.0.6
gtpu:
- addr: 127.0.0.6
upf:
pfcp:
- addr: 127.0.0.7
gtpu:
- addr: 127.0.0.7
subnet:
- addr: 10.45.0.1/16
- addr: 2001:db8:cafe::1/48
metrics:
- addr: 127.0.0.7
port: 9090
hss:
freeDiameter:
identity: hss.localdomain
realm: localdomain
listen_on: 127.0.0.8
no_fwd: true
load_extension:
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: mme.localdomain
addr: 127.0.0.2
pcrf:
freeDiameter:
identity: pcrf.localdomain
realm: localdomain
listen_on: 127.0.0.9
no_fwd: true
load_extension:
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: smf.localdomain
addr: 127.0.0.4
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
scp:
sbi:
- addr: 127.0.1.10
port: 7777
ausf:
sbi:
- addr: 127.0.0.11
port: 7777
udm:
sbi:
- addr: 127.0.0.12
port: 7777
pcf:
sbi:
- addr: 127.0.0.13
port: 7777
metrics:
- addr: 127.0.0.13
port: 9090
nssf:
sbi:
- addr: 127.0.0.14
port: 7777
nsi:
- addr: 127.0.0.10
port: 7777
s_nssai:
sst: 1
bsf:
sbi:
- addr: 127.0.0.15
port: 7777
udr:
sbi:
- addr: 127.0.0.20
port: 7777
time:
t3512:
value: 540 # 9 mintues * 60 = 540 seconds

View File

@@ -2,42 +2,71 @@ db_uri: mongodb://localhost/open5gs
logger:
sbi:
server:
no_tls: true
cacert: @build_configs_dir@/open5gs/tls/ca.crt
key: @build_configs_dir@/open5gs/tls/testserver.key
cert: @build_configs_dir@/open5gs/tls/testserver.crt
client:
no_tls: true
cacert: @build_configs_dir@/open5gs/tls/ca.crt
key: @build_configs_dir@/open5gs/tls/testclient.key
cert: @build_configs_dir@/open5gs/tls/testclient.crt
parameter:
no_ipv6: true
# no_nrf: true
# no_scp: true
# no_amf: true
# no_smf: true
# no_upf: true
# no_ausf: true
# no_udm: true
# no_pcf: true
# no_nssf: true
# no_bsf: true
# no_udr: true
# no_mme: true
# no_sgwc: true
# no_sgwu: true
# no_pcrf: true
# no_hss: true
# use_mongodb_change_stream: true
mme:
freeDiameter:
identity: mme.localdomain
realm: localdomain
listen_on: 127.0.0.2
no_fwd: true
load_extension:
- module: @freediameter_extensions_builddir@/dbg_msg_dumps.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @freediameter_extensions_builddir@/dict_rfc5777.fdx
- module: @freediameter_extensions_builddir@/dict_mip6i.fdx
- module: @freediameter_extensions_builddir@/dict_nasreq.fdx
- module: @freediameter_extensions_builddir@/dict_nas_mipv6.fdx
- module: @freediameter_extensions_builddir@/dict_dcca.fdx
- module: @freediameter_extensions_builddir@/dict_dcca_3gpp.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: hss.localdomain
addr: 127.0.0.4
addr: 127.0.0.8
s1ap:
addr: 127.0.0.1
- addr: 127.0.0.2
gtpc:
addr: 127.0.0.1
- addr: 127.0.0.2
sgsap:
- addr: 127.0.0.2
map:
tai:
plmn_id:
mcc: 901
mcc: 999
mnc: 70
tac: 7
lai:
plmn_id:
mcc: 901
mcc: 999
mnc: 70
lac: 2342
map:
@@ -51,9 +80,9 @@ mme:
mcc: 724
mnc: 21
lac: 51544
gummei:
gummei:
- plmn_id:
mcc: 901
mcc: 999
mnc: 70
mme_gid: 2
mme_code: 1
@@ -64,7 +93,7 @@ mme:
mme_code: 1
tai:
plmn_id:
mcc: 901
mcc: 999
mnc: 70
tac: 7
tai:
@@ -73,85 +102,187 @@ mme:
mnc: 21
tac: 12345
security:
integrity_order : [ EIA1, EIA2, EIA0 ]
integrity_order : [ EIA2, EIA1, EIA0 ]
ciphering_order : [ EEA0, EEA1, EEA2 ]
network_name:
full: Open5GS
hss:
freeDiameter:
identity: hss.localdomain
realm: localdomain
listen_on: 127.0.0.4
load_extension:
- module: @freediameter_extensions_builddir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @freediameter_extensions_builddir@/dict_rfc5777.fdx
- module: @freediameter_extensions_builddir@/dict_mip6i.fdx
- module: @freediameter_extensions_builddir@/dict_nasreq.fdx
- module: @freediameter_extensions_builddir@/dict_nas_mipv6.fdx
- module: @freediameter_extensions_builddir@/dict_dcca.fdx
- module: @freediameter_extensions_builddir@/dict_dcca_3gpp.fdx
connect:
- identity: mme.localdomain
addr: 127.0.0.2
sgw:
sgwc:
gtpc:
addr: 127.0.0.2
gtpu:
addr: 127.0.0.2
pgw:
freeDiameter:
identity: pgw.localdomain
realm: localdomain
listen_on: 127.0.0.3
load_extension:
- module: @freediameter_extensions_builddir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @freediameter_extensions_builddir@/dict_rfc5777.fdx
- module: @freediameter_extensions_builddir@/dict_mip6i.fdx
- module: @freediameter_extensions_builddir@/dict_nasreq.fdx
- module: @freediameter_extensions_builddir@/dict_nas_mipv6.fdx
- module: @freediameter_extensions_builddir@/dict_dcca.fdx
- module: @freediameter_extensions_builddir@/dict_dcca_3gpp.fdx
connect:
- identity: pcrf.localdomain
addr: 127.0.0.5
gtpc:
- addr:
- 127.0.0.3
- ::1
gtpu:
- addr: 127.0.0.3
pfcp:
- addr: 127.0.0.3
smf:
# sbi:
# - addr: 127.0.0.4
# port: 7777
pfcp:
- addr: 127.0.0.4
gtpc:
- addr: 127.0.0.4
- addr: ::1
ue_pool:
gtpu:
- addr: 127.0.0.4
- addr: ::1
subnet:
- addr: 10.45.0.1/16
- addr: cafe::1/64
- addr: 2001:db8:cafe::1/48
dns:
- 8.8.8.8
- 8.8.4.4
- 2001:4860:4860::8888
- 2001:4860:4860::8844
mtu: 1400
freeDiameter:
identity: smf.localdomain
realm: localdomain
listen_on: 127.0.0.4
no_fwd: true
load_extension:
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: pcrf.localdomain
addr: 127.0.0.9
amf:
sbi:
- addr: 127.0.0.5
port: 7777
ngap:
- addr: 127.0.0.5
guami:
- plmn_id:
mcc: 999
mnc: 70
amf_id:
region: 2
set: 1
tai:
- plmn_id:
mcc: 999
mnc: 70
tac: 1
plmn_support:
- plmn_id:
mcc: 999
mnc: 70
s_nssai:
- sst: 1
security:
integrity_order : [ NIA2, NIA1, NIA0 ]
ciphering_order : [ NEA0, NEA1, NEA2 ]
network_name:
full: Open5GS
amf_name: open5gs-amf0
sgwu:
pfcp:
- addr: 127.0.0.6
gtpu:
- addr: 127.0.0.6
upf:
pfcp:
- addr: 127.0.0.7
gtpu:
- addr: 127.0.0.7
subnet:
- addr: 10.45.0.1/16
- addr: 2001:db8:cafe::1/48
metrics:
- addr: 127.0.0.7
port: 9090
hss:
freeDiameter:
identity: hss.localdomain
realm: localdomain
listen_on: 127.0.0.8
no_fwd: true
load_extension:
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: mme.localdomain
addr: 127.0.0.2
pcrf:
freeDiameter:
identity: pcrf.localdomain
realm: localdomain
listen_on: 127.0.0.5
listen_on: 127.0.0.9
no_fwd: true
load_extension:
- module: @freediameter_extensions_builddir@/dbg_msg_dumps.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @freediameter_extensions_builddir@/dict_rfc5777.fdx
- module: @freediameter_extensions_builddir@/dict_mip6i.fdx
- module: @freediameter_extensions_builddir@/dict_nasreq.fdx
- module: @freediameter_extensions_builddir@/dict_nas_mipv6.fdx
- module: @freediameter_extensions_builddir@/dict_dcca.fdx
- module: @freediameter_extensions_builddir@/dict_dcca_3gpp.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: pgw.localdomain
addr: 127.0.0.3
- identity: smf.localdomain
addr: 127.0.0.4
#nrf:
# sbi:
# - addr:
# - 127.0.0.10
# - ::1
# port: 7777
ausf:
sbi:
- addr: 127.0.0.11
port: 7777
udm:
sbi:
- addr: 127.0.0.12
port: 7777
pcf:
sbi:
- addr: 127.0.0.13
port: 7777
metrics:
- addr: 127.0.0.13
port: 9090
nssf:
sbi:
- addr: 127.0.0.14
port: 7777
nsi:
- addr: 127.0.0.10
port: 7777
s_nssai:
sst: 1
bsf:
sbi:
- addr: 127.0.0.15
port: 7777
udr:
sbi:
- addr: 127.0.0.20
port: 7777
time:
t3512:
value: 540 # 9 mintues * 60 = 540 seconds

View File

@@ -1,17 +0,0 @@
-----BEGIN CERTIFICATE-----
MIICrDCCAhWgAwIBAgIUPoUbKXRTWQbrJYUIvyHdacCzw9cwDQYJKoZIhvcNAQEL
BQAwaDEXMBUGA1UEAwwOY2EubG9jYWxkb21haW4xCzAJBgNVBAYTAktPMQ4wDAYD
VQQIDAVTZW91bDEOMAwGA1UEBwwFTm93b24xEDAOBgNVBAoMB09wZW41R1MxDjAM
BgNVBAsMBVRlc3RzMB4XDTE5MTAyMDA2NDM1OFoXDTI5MTAxNzA2NDM1OFowaDEX
MBUGA1UEAwwOY2EubG9jYWxkb21haW4xCzAJBgNVBAYTAktPMQ4wDAYDVQQIDAVT
ZW91bDEOMAwGA1UEBwwFTm93b24xEDAOBgNVBAoMB09wZW41R1MxDjAMBgNVBAsM
BVRlc3RzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2sDnWMj9oXpIw+vcm
9k/WidMyhSbImINLe9YgibFfozoxZt51Hvi/aAxlqyq7akGtvpL8yVZD6j7o74z7
6dlnUFDGC4M0WGEkcxqf5NIWe0QplCsXkEOMYHrXLQisAuUk81DNcsXlZr74bmDI
B0dUM0xJ2JrA5mx1LzTFHSesIwIDAQABo1MwUTAdBgNVHQ4EFgQUxTjcug/DKW49
mQeW0IcS/bhIzDcwHwYDVR0jBBgwFoAUxTjcug/DKW49mQeW0IcS/bhIzDcwDwYD
VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQB533IwIPOEE1w2RLBF9EKX
UxaDnUYW05t9eZFLsUtOLFiR84xhCawGEWNtaLvoJE42E17qEjnX4+KGOc6/sa6q
bLskf7BK7496dQrVY5DO9vdSpN1ep3j+1QKae23wYpjqt2UEU3QtIZpsDjUreYri
YLVacMQydGgizNQrY3iCvQ==
-----END CERTIFICATE-----

View File

@@ -1,60 +0,0 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca.localdomain, C=KO, ST=Seoul, L=Nowon, O=Open5GS, OU=Tests
Validity
Not Before: Oct 20 06:43:58 2019 GMT
Not After : Oct 17 06:43:58 2029 GMT
Subject: C=KO, ST=Seoul, O=Open5GS, OU=Tests, CN=hss.localdomain
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (1024 bit)
Modulus:
00:d3:e7:ba:6d:14:65:af:df:90:e5:4a:53:56:a1:
f6:89:2e:cb:ee:ce:d6:73:9f:48:b6:96:78:67:a7:
87:18:b8:ab:c3:0b:31:b3:02:92:48:ed:49:ac:40:
c1:13:3b:13:58:50:cc:2e:59:44:e9:7e:31:02:14:
f0:18:82:95:10:e4:37:b2:5d:14:19:1d:4b:8f:e9:
1f:45:75:cf:0a:e0:8f:7b:e1:70:7b:ab:e4:af:2b:
7c:4d:7f:00:d8:eb:cf:f3:96:ab:fc:04:4f:21:ad:
d8:c4:94:05:02:ff:f3:12:48:88:9e:ce:cf:37:29:
e0:28:39:37:62:05:ed:6d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
AB:0F:C4:B8:B7:6B:56:12:F5:D4:A3:29:B7:D9:5E:3C:DD:8B:79:DD
X509v3 Authority Key Identifier:
keyid:C5:38:DC:BA:0F:C3:29:6E:3D:99:07:96:D0:87:12:FD:B8:48:CC:37
Signature Algorithm: sha256WithRSAEncryption
43:95:ee:57:3f:4d:ad:bf:42:6c:48:ae:f8:2f:db:f6:cf:2e:
53:a2:3d:48:0a:48:a4:2c:2a:7c:fa:ec:b1:bd:06:a1:21:a5:
38:d8:00:05:81:25:91:51:e2:e6:a8:67:a8:c2:f6:5d:2a:f0:
40:fe:20:d3:82:2d:d9:8c:4c:61:b7:43:87:7f:fe:e4:a1:b6:
fd:54:35:13:4f:63:a5:6b:4a:01:aa:25:e9:80:27:eb:2e:a2:
18:e0:36:37:a5:57:09:67:ed:8f:1e:13:fd:b8:b2:d7:4e:cf:
93:d4:bf:75:02:38:4e:d4:4a:9c:35:fb:a8:0b:3a:ba:03:1a:
e6:9e
-----BEGIN CERTIFICATE-----
MIICsjCCAhugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBoMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMQ4wDAYDVQQH
DAVOb3dvbjEQMA4GA1UECgwHT3BlbjVHUzEOMAwGA1UECwwFVGVzdHMwHhcNMTkx
MDIwMDY0MzU4WhcNMjkxMDE3MDY0MzU4WjBZMQswCQYDVQQGEwJLTzEOMAwGA1UE
CAwFU2VvdWwxEDAOBgNVBAoMB09wZW41R1MxDjAMBgNVBAsMBVRlc3RzMRgwFgYD
VQQDDA9oc3MubG9jYWxkb21haW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
ANPnum0UZa/fkOVKU1ah9okuy+7O1nOfSLaWeGenhxi4q8MLMbMCkkjtSaxAwRM7
E1hQzC5ZROl+MQIU8BiClRDkN7JdFBkdS4/pH0V1zwrgj3vhcHur5K8rfE1/ANjr
z/OWq/wETyGt2MSUBQL/8xJIiJ7Ozzcp4Cg5N2IF7W1dAgMBAAGjezB5MAkGA1Ud
EwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
YXRlMB0GA1UdDgQWBBSrD8S4t2tWEvXUoym32V483Yt53TAfBgNVHSMEGDAWgBTF
ONy6D8Mpbj2ZB5bQhxL9uEjMNzANBgkqhkiG9w0BAQsFAAOBgQBDle5XP02tv0Js
SK74L9v2zy5Toj1ICkikLCp8+uyxvQahIaU42AAFgSWRUeLmqGeowvZdKvBA/iDT
gi3ZjExht0OHf/7kobb9VDUTT2Ola0oBqiXpgCfrLqIY4DY3pVcJZ+2PHhP9uLLX
Ts+T1L91AjhO1EqcNfuoCzq6Axrmng==
-----END CERTIFICATE-----

View File

@@ -79,7 +79,7 @@ Realm = "localdomain";
#ListenOn = "202.249.37.5";
#ListenOn = "2001:200:903:2::202:1";
#ListenOn = "fe80::21c:5ff:fe98:7d62%eth0";
ListenOn = "127.0.0.4";
ListenOn = "127.0.0.8";
##############################################################
@@ -106,7 +106,7 @@ ListenOn = "127.0.0.4";
# Default : NO DEFAULT
#TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>";
#TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key";
TLS_Cred = "@sysconfdir@/freeDiameter/hss.cert.pem", "@sysconfdir@/freeDiameter/hss.key.pem";
TLS_Cred = "@sysconfdir@/open5gs/tls/hss.crt", "@sysconfdir@/open5gs/tls/hss.key";
# Certificate authority / trust anchors
# The file containing the list of trusted Certificate Authorities (PEM list)
@@ -114,7 +114,7 @@ TLS_Cred = "@sysconfdir@/freeDiameter/hss.cert.pem", "@sysconfdir@/freeDiameter/
# The directive can appear several times to specify several files.
# Default : GNUTLS default behavior
#TLS_CA = "<file.PEM>";
TLS_CA = "@sysconfdir@/freeDiameter/cacert.pem";
TLS_CA = "@sysconfdir@/open5gs/tls/ca.crt";
# Certificate Revocation List file
# The information about revoked certificates.
@@ -175,6 +175,7 @@ TLS_CA = "@sysconfdir@/freeDiameter/cacert.pem";
# exchanges.
# Default: Relaying is enabled.
#NoRelay;
NoRelay;
# Number of server threads that can handle incoming messages at the same time.
# Default: 4

View File

@@ -1,15 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDT57ptFGWv35DlSlNWofaJLsvuztZzn0i2lnhnp4cYuKvDCzGz
ApJI7UmsQMETOxNYUMwuWUTpfjECFPAYgpUQ5DeyXRQZHUuP6R9Fdc8K4I974XB7
q+SvK3xNfwDY68/zlqv8BE8hrdjElAUC//MSSIiezs83KeAoOTdiBe1tXQIDAQAB
AoGBAM7ShI2Ec/9lSInSsmaC7BpW12p87KirFZBIarpYs634SIS0v0xFvTt6hgae
qRO4/BedvLucG3t91B2BDBoQEaZELCjJ9kCUtzphW+u8/SUvPUCfb5xiLLeDQCVR
oU45JuqlF+ro9XM0x7f1REuTza1Xr20O5n5TzaCzQkdTlMdtAkEA+Yk9aS589D2c
TAj7H5nQMFai/z0JKM7kuBmXaqbsPtnYjdNvVYsCRPcjbhyfIjN88o/QGuUuInpb
PyzUZh3x2wJBANlk8d5ZVco+UE1NX0KzpEXHMY+z8kE4f8IMy0KN1V+An0ZbdxJE
X0aUMz9/K0+V6n0rlpY4QdOnTnbIEg2hTycCQDXBUM9lylk7JH5kuORX2Ddxkm91
kJGP8EmQicPZ7a6kczgqQiOlbHm625EO7WEKwnHmdSg2Ergur5VubNsKvF0CQQCc
sbv8rpu9qOisr2ZIZ7+yY/9/Ow8Un6rGrf4cPKtdqRIk3myXCB08fDnsPLd1J/Pa
wP5LzMT10BQoXdFVbb3lAkBpNXUkts8O1YxSG5zTruvygjU2n4Lova31icJ8HFaG
pfKHJpqDGPooupFxeCsPVPBZIRtxW70CZcr77eW/XKXv
-----END RSA PRIVATE KEY-----

View File

@@ -22,7 +22,7 @@ meson.add_install_script(python3_exe, '-c',
freediameter_conf = '''
mme.conf
hss.conf
pgw.conf
smf.conf
pcrf.conf
'''.split()
@@ -34,24 +34,3 @@ foreach file : freediameter_conf
meson.add_install_script(python3_exe, '-c',
install_conf.format(gen, freediameter_sysconfdir))
endforeach
freediameter_pem = '''
cacert.pem
mme.cert.pem
mme.key.pem
hss.cert.pem
hss.key.pem
pgw.cert.pem
pgw.key.pem
pcrf.cert.pem
pcrf.key.pem
'''.split()
foreach file : freediameter_pem
gen = configure_file(
input : file,
output : file,
configuration : conf_data)
meson.add_install_script(python3_exe, '-c',
install_conf.format(gen, freediameter_sysconfdir))
endforeach

View File

@@ -1,60 +0,0 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca.localdomain, C=KO, ST=Seoul, L=Nowon, O=Open5GS, OU=Tests
Validity
Not Before: Oct 20 06:43:58 2019 GMT
Not After : Oct 17 06:43:58 2029 GMT
Subject: C=KO, ST=Seoul, O=Open5GS, OU=Tests, CN=mme.localdomain
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (1024 bit)
Modulus:
00:b5:3a:31:ed:bf:fe:cd:e7:50:cc:94:ba:3d:fd:
2f:e6:cb:83:25:3d:82:93:26:57:b4:2f:6b:29:d9:
fd:80:c8:c5:82:9c:09:17:14:38:91:57:ac:72:b0:
86:d4:6f:bd:6b:fa:b9:60:51:9b:ab:6b:68:37:15:
c7:de:8b:bd:e8:da:5a:49:75:03:33:09:8e:49:e4:
d9:5b:3c:2f:ca:47:9b:95:d5:6f:16:e4:8d:39:b4:
39:dd:51:1a:55:27:68:b9:a0:24:ad:1c:18:48:bb:
49:54:ae:03:a3:0b:b8:e5:da:b4:c2:7f:09:a4:12:
8e:97:08:58:24:6a:4b:f4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
20:74:06:F0:AF:F6:2D:90:D1:CB:8C:5C:AB:73:D7:45:99:31:DD:AA
X509v3 Authority Key Identifier:
keyid:C5:38:DC:BA:0F:C3:29:6E:3D:99:07:96:D0:87:12:FD:B8:48:CC:37
Signature Algorithm: sha256WithRSAEncryption
0a:f5:fd:1f:19:52:9a:99:ec:34:67:e8:57:dc:61:73:c0:05:
b0:53:e3:8f:66:86:c9:99:af:28:5a:2a:06:a8:53:b1:80:ea:
5c:c9:ad:93:ec:b8:b4:b0:e4:04:8b:85:1b:08:93:f2:71:b1:
21:ab:80:40:e4:27:c6:c5:7a:56:f2:d2:33:6c:f0:1d:f4:99:
85:55:60:9c:eb:d3:b8:e3:4b:e5:be:1e:d2:39:d5:55:6f:4c:
20:07:c8:24:1c:21:70:e4:54:17:0b:a5:66:17:be:8b:5c:73:
ca:5e:42:6e:27:15:18:69:dc:c6:49:97:d7:66:e0:a8:ad:9c:
f1:b7
-----BEGIN CERTIFICATE-----
MIICsjCCAhugAwIBAgIBATANBgkqhkiG9w0BAQsFADBoMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMQ4wDAYDVQQH
DAVOb3dvbjEQMA4GA1UECgwHT3BlbjVHUzEOMAwGA1UECwwFVGVzdHMwHhcNMTkx
MDIwMDY0MzU4WhcNMjkxMDE3MDY0MzU4WjBZMQswCQYDVQQGEwJLTzEOMAwGA1UE
CAwFU2VvdWwxEDAOBgNVBAoMB09wZW41R1MxDjAMBgNVBAsMBVRlc3RzMRgwFgYD
VQQDDA9tbWUubG9jYWxkb21haW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
ALU6Me2//s3nUMyUuj39L+bLgyU9gpMmV7QvaynZ/YDIxYKcCRcUOJFXrHKwhtRv
vWv6uWBRm6traDcVx96LvejaWkl1AzMJjknk2Vs8L8pHm5XVbxbkjTm0Od1RGlUn
aLmgJK0cGEi7SVSuA6MLuOXatMJ/CaQSjpcIWCRqS/SHAgMBAAGjezB5MAkGA1Ud
EwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
YXRlMB0GA1UdDgQWBBQgdAbwr/YtkNHLjFyrc9dFmTHdqjAfBgNVHSMEGDAWgBTF
ONy6D8Mpbj2ZB5bQhxL9uEjMNzANBgkqhkiG9w0BAQsFAAOBgQAK9f0fGVKamew0
Z+hX3GFzwAWwU+OPZobJma8oWioGqFOxgOpcya2T7Li0sOQEi4UbCJPycbEhq4BA
5CfGxXpW8tIzbPAd9JmFVWCc69O440vlvh7SOdVVb0wgB8gkHCFw5FQXC6VmF76L
XHPKXkJuJxUYadzGSZfXZuCorZzxtw==
-----END CERTIFICATE-----

View File

@@ -106,7 +106,7 @@ ListenOn = "127.0.0.2";
# Default : NO DEFAULT
#TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>";
#TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key";
TLS_Cred = "@sysconfdir@/freeDiameter/mme.cert.pem", "@sysconfdir@/freeDiameter/mme.key.pem";
TLS_Cred = "@sysconfdir@/open5gs/tls/mme.crt", "@sysconfdir@/open5gs/tls/mme.key";
# Certificate authority / trust anchors
# The file containing the list of trusted Certificate Authorities (PEM list)
@@ -114,7 +114,7 @@ TLS_Cred = "@sysconfdir@/freeDiameter/mme.cert.pem", "@sysconfdir@/freeDiameter/
# The directive can appear several times to specify several files.
# Default : GNUTLS default behavior
#TLS_CA = "<file.PEM>";
TLS_CA = "@sysconfdir@/freeDiameter/cacert.pem";
TLS_CA = "@sysconfdir@/open5gs/tls/ca.crt";
# Certificate Revocation List file
# The information about revoked certificates.
@@ -175,6 +175,7 @@ TLS_CA = "@sysconfdir@/freeDiameter/cacert.pem";
# exchanges.
# Default: Relaying is enabled.
#NoRelay;
NoRelay;
# Number of server threads that can handle incoming messages at the same time.
# Default: 4
@@ -260,7 +261,7 @@ LoadExtension = "@libdir@/freeDiameter/dict_dcca_3gpp.fdx";
# Examples:
#ConnectPeer = "aaa.wide.ad.jp";
#ConnectPeer = "old.diameter.serv" { TcTimer = 60; TLS_old_method; No_SCTP; Port=3868; } ;
ConnectPeer = "hss.localdomain" { ConnectTo = "127.0.0.4"; No_TLS; };
ConnectPeer = "hss.localdomain" { ConnectTo = "127.0.0.8"; No_TLS; };
##############################################################

View File

@@ -1,15 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQC1OjHtv/7N51DMlLo9/S/my4MlPYKTJle0L2sp2f2AyMWCnAkX
FDiRV6xysIbUb71r+rlgUZura2g3Fcfei73o2lpJdQMzCY5J5NlbPC/KR5uV1W8W
5I05tDndURpVJ2i5oCStHBhIu0lUrgOjC7jl2rTCfwmkEo6XCFgkakv0hwIDAQAB
AoGBALL3ID1H/8m4Z9tP+EelEzvYt8772kmUcMHYnfw7cJNQMXQUwQlQh7hIG107
JDr/idDrTUtn69GxhL35PWJxH3z7b9nPQCcPZQ3PZWW8lDXNqNCjV5j+2zDAXqkc
IyxLQuPnTyn9kcB/OIjNGrr86/6JKS1ipbT9AIllV+br5OMhAkEA7KMLbiAI03JH
wBhtnHdtj7NETXDnZd0Plj3ATpa7SOtxmBtqVVOH/1ghAqJ0YScrqa9+eEqcn6mv
sHoJ10wVVwJBAMQOdR6b6H3Swy5dZNYzSKDsWRf4cNK5Kz8HJ8UOLbHTjzcDHNsD
n09McdcnWgNAxV6J0YJzu4LWQjT4b1e77FECQAd+8rG+Wgk4qYUwQOif79yJdTRu
yyWy5vd/ZUQYCj65FpQW6jthtgEkrYcD1mPtdbieUodE9cko+uPAOeeUBWkCQQCt
lL9NImxtOjVkz3t/ylf7YkZfWq9JYnhPjV5AsZTzZIPgCPl7T3G1G9GO1GB1kNsu
IIdGIIFcDacAjxTFcLSBAkA1Bl7gARE2XZR9iVVJ/On2hWFZhtG9RId+k0pVUxKs
KXYnYSiD/WIeVZ6IBswqL2AnEV+kBBuZ7D9aEiDYbXQ/
-----END RSA PRIVATE KEY-----

View File

@@ -1,60 +0,0 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca.localdomain, C=KO, ST=Seoul, L=Nowon, O=Open5GS, OU=Tests
Validity
Not Before: Oct 20 06:43:58 2019 GMT
Not After : Oct 17 06:43:58 2029 GMT
Subject: C=KO, ST=Seoul, O=Open5GS, OU=Tests, CN=pcrf.localdomain
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (1024 bit)
Modulus:
00:c4:63:95:b8:b2:99:ca:4d:dd:ac:b8:e2:78:29:
43:03:8a:de:6b:05:99:97:b7:90:39:f8:f6:b8:20:
77:44:4b:1b:95:6c:ad:e1:5f:2c:48:a2:8a:d2:95:
72:0e:f9:e1:cf:70:4e:45:6e:71:7e:2a:41:29:93:
7a:12:01:73:0b:10:20:7a:38:66:9f:75:76:21:d6:
7d:0c:ea:35:47:16:d6:c3:9f:41:ec:e9:98:36:16:
84:9f:43:38:2b:b2:c8:d9:f3:6c:07:82:e4:ce:c8:
a3:f3:c3:60:13:f3:46:44:fa:f0:ee:a9:48:40:8f:
80:3e:60:73:ff:6d:59:03:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
53:A8:0E:78:45:FB:38:A6:CF:30:E5:FF:BB:CA:E6:CF:A3:4A:DC:53
X509v3 Authority Key Identifier:
keyid:C5:38:DC:BA:0F:C3:29:6E:3D:99:07:96:D0:87:12:FD:B8:48:CC:37
Signature Algorithm: sha256WithRSAEncryption
47:6b:2b:f9:03:8d:c1:fd:84:21:fe:3c:5b:8c:9d:c1:48:bc:
ae:90:67:c5:ad:1a:80:e9:97:9c:c2:d4:31:1b:7d:4e:1a:72:
09:fb:92:32:b3:82:79:59:cd:92:21:27:c7:34:c3:76:27:a8:
11:33:cd:4a:ec:10:cb:44:89:da:47:1a:a4:6a:06:10:fb:f1:
6a:de:d5:1a:15:de:4a:54:6f:29:b8:de:ec:20:f2:d1:c3:0c:
9a:8e:97:46:8c:21:c3:63:7f:41:52:41:7e:73:47:43:0a:d1:
86:0b:f0:fb:9a:1f:6d:b5:93:88:95:88:84:6d:28:8e:29:2e:
66:9d
-----BEGIN CERTIFICATE-----
MIICszCCAhygAwIBAgIBBDANBgkqhkiG9w0BAQsFADBoMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMQ4wDAYDVQQH
DAVOb3dvbjEQMA4GA1UECgwHT3BlbjVHUzEOMAwGA1UECwwFVGVzdHMwHhcNMTkx
MDIwMDY0MzU4WhcNMjkxMDE3MDY0MzU4WjBaMQswCQYDVQQGEwJLTzEOMAwGA1UE
CAwFU2VvdWwxEDAOBgNVBAoMB09wZW41R1MxDjAMBgNVBAsMBVRlc3RzMRkwFwYD
VQQDDBBwY3JmLmxvY2FsZG9tYWluMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDEY5W4spnKTd2suOJ4KUMDit5rBZmXt5A5+Pa4IHdESxuVbK3hXyxIoorSlXIO
+eHPcE5FbnF+KkEpk3oSAXMLECB6OGafdXYh1n0M6jVHFtbDn0Hs6Zg2FoSfQzgr
ssjZ82wHguTOyKPzw2AT80ZE+vDuqUhAj4A+YHP/bVkDLwIDAQABo3sweTAJBgNV
HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp
Y2F0ZTAdBgNVHQ4EFgQUU6gOeEX7OKbPMOX/u8rmz6NK3FMwHwYDVR0jBBgwFoAU
xTjcug/DKW49mQeW0IcS/bhIzDcwDQYJKoZIhvcNAQELBQADgYEAR2sr+QONwf2E
If48W4ydwUi8rpBnxa0agOmXnMLUMRt9ThpyCfuSMrOCeVnNkiEnxzTDdieoETPN
SuwQy0SJ2kcapGoGEPvxat7VGhXeSlRvKbje7CDy0cMMmo6XRowhw2N/QVJBfnNH
QwrRhgvw+5ofbbWTiJWIhG0ojikuZp0=
-----END CERTIFICATE-----

View File

@@ -79,7 +79,7 @@ Realm = "localdomain";
#ListenOn = "202.249.37.5";
#ListenOn = "2001:200:903:2::202:1";
#ListenOn = "fe80::21c:5ff:fe98:7d62%eth0";
ListenOn = "127.0.0.5";
ListenOn = "127.0.0.9";
##############################################################
@@ -106,7 +106,7 @@ ListenOn = "127.0.0.5";
# Default : NO DEFAULT
#TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>";
#TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key";
TLS_Cred = "@sysconfdir@/freeDiameter/pcrf.cert.pem", "@sysconfdir@/freeDiameter/pcrf.key.pem";
TLS_Cred = "@sysconfdir@/open5gs/tls/pcrf.crt", "@sysconfdir@/open5gs/tls/pcrf.key";
# Certificate authority / trust anchors
# The file containing the list of trusted Certificate Authorities (PEM list)
@@ -114,7 +114,7 @@ TLS_Cred = "@sysconfdir@/freeDiameter/pcrf.cert.pem", "@sysconfdir@/freeDiameter
# The directive can appear several times to specify several files.
# Default : GNUTLS default behavior
#TLS_CA = "<file.PEM>";
TLS_CA = "@sysconfdir@/freeDiameter/cacert.pem";
TLS_CA = "@sysconfdir@/open5gs/tls/ca.crt";
# Certificate Revocation List file
# The information about revoked certificates.
@@ -175,6 +175,7 @@ TLS_CA = "@sysconfdir@/freeDiameter/cacert.pem";
# exchanges.
# Default: Relaying is enabled.
#NoRelay;
NoRelay;
# Number of server threads that can handle incoming messages at the same time.
# Default: 4
@@ -260,6 +261,6 @@ LoadExtension = "@libdir@/freeDiameter/dict_dcca_3gpp.fdx";
# Examples:
#ConnectPeer = "aaa.wide.ad.jp";
#ConnectPeer = "old.diameter.serv" { TcTimer = 60; TLS_old_method; No_SCTP; Port=3868; } ;
ConnectPeer = "pgw.localdomain" { ConnectTo = "127.0.0.3"; No_TLS; };
ConnectPeer = "smf.localdomain" { ConnectTo = "127.0.0.4"; No_TLS; };
##############################################################

View File

@@ -1,15 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDEY5W4spnKTd2suOJ4KUMDit5rBZmXt5A5+Pa4IHdESxuVbK3h
XyxIoorSlXIO+eHPcE5FbnF+KkEpk3oSAXMLECB6OGafdXYh1n0M6jVHFtbDn0Hs
6Zg2FoSfQzgrssjZ82wHguTOyKPzw2AT80ZE+vDuqUhAj4A+YHP/bVkDLwIDAQAB
AoGBAJG6b+RhK3uSMjcz7mFKBP9A8fCqdCG/xdcu5i0VcksMDMjhn1mIXPz9GFRR
LxTr2eMrK/mbjb4YLshiNgfcaXdzpZGauK15PNEHemygI4et9b0iE3ZfGM3dGEGi
UmWzXgO347S8CNmm6JX/gtAaCafeapmyms6E4teYFp1UMRIBAkEA7zrq9HZT1CZu
fWN9DraOUVrgMdV8Q/qdKzAqMsTf95r43aRxxe8ZkXpQuf1X0kBDH8cIeOAVu96/
hmfxCcVZAQJBANIn3YU7xCnUbdK29tYuxAzEw7j4pdfjHEPgkvjV1xsGVwM+DQkF
/yrSgAujxR70uGfBcUF/M9XRniBWg+FRrC8CQBXJ5vZnBJGRAoU3F3/Mjr/IKB1B
1XSXkdMKKv2+wqtZmQsO3DHr6gc+/bVC5snGgpaVWScxOamHyyfhtalvKQECQG+w
PCyo3NIWUd+g2YJvDEZ09EgD7a/UxZrVaYbRryZvsiLJAYiAJWKOyPpmqUaQbMjH
p/dVMSk75Dvvfttq2oUCQQDuEO0xY0gHxzFYH1K82Yw5aDdRsryEQYpb5e+jduH1
EHACfc2H4Oc3/a39q7On+HnZgxK7gFMpGW+D0MdDDoL6
-----END RSA PRIVATE KEY-----

View File

@@ -1,60 +0,0 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca.localdomain, C=KO, ST=Seoul, L=Nowon, O=Open5GS, OU=Tests
Validity
Not Before: Oct 20 06:43:58 2019 GMT
Not After : Oct 17 06:43:58 2029 GMT
Subject: C=KO, ST=Seoul, O=Open5GS, OU=Tests, CN=pgw.localdomain
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (1024 bit)
Modulus:
00:bf:bc:94:38:f4:03:a5:23:8c:21:ba:4e:5e:51:
f7:76:f5:e1:1e:43:fc:04:a0:f9:b9:9f:47:dd:d3:
b5:aa:83:e8:cb:d0:3c:56:0e:4d:fd:de:b6:93:fa:
eb:a3:94:4a:79:68:1d:84:61:cf:b7:d0:ac:d0:41:
ef:66:e0:8a:40:ec:b4:d2:5b:ce:cc:2c:cd:7d:7e:
87:73:b0:4b:4d:79:54:3b:a4:48:bb:19:4f:9f:7e:
30:e7:af:17:32:a3:95:af:c4:a5:19:8f:53:3c:16:
cd:54:9d:38:98:2b:0f:b7:cd:33:91:f0:ef:b8:d2:
9f:0e:fe:8e:77:9d:e8:ba:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
EB:F6:EA:D3:F2:F2:C6:C6:83:EF:13:CD:AF:49:A8:ED:03:DF:7F:ED
X509v3 Authority Key Identifier:
keyid:C5:38:DC:BA:0F:C3:29:6E:3D:99:07:96:D0:87:12:FD:B8:48:CC:37
Signature Algorithm: sha256WithRSAEncryption
3b:00:ef:c4:9f:69:c3:22:06:76:6f:70:88:50:1c:f3:a2:9a:
68:00:34:fa:3a:68:b2:94:fe:7c:31:7d:4e:95:bd:47:4d:69:
1f:76:32:64:83:1b:5b:11:71:bb:0a:7a:af:72:54:7a:dc:30:
51:e5:93:27:8c:8a:51:e6:e5:15:53:70:14:85:3b:77:1a:87:
ce:d0:6f:31:07:5d:14:30:d7:de:a0:b5:a7:a1:96:18:1a:fd:
ea:9f:c2:ea:bb:72:52:84:b6:57:6d:70:93:35:64:d3:8b:82:
1b:7b:ea:85:8a:fb:c6:b3:e0:66:ad:db:11:dd:5e:6e:22:dd:
b4:23
-----BEGIN CERTIFICATE-----
MIICsjCCAhugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBoMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMQ4wDAYDVQQH
DAVOb3dvbjEQMA4GA1UECgwHT3BlbjVHUzEOMAwGA1UECwwFVGVzdHMwHhcNMTkx
MDIwMDY0MzU4WhcNMjkxMDE3MDY0MzU4WjBZMQswCQYDVQQGEwJLTzEOMAwGA1UE
CAwFU2VvdWwxEDAOBgNVBAoMB09wZW41R1MxDjAMBgNVBAsMBVRlc3RzMRgwFgYD
VQQDDA9wZ3cubG9jYWxkb21haW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
AL+8lDj0A6UjjCG6Tl5R93b14R5D/ASg+bmfR93TtaqD6MvQPFYOTf3etpP666OU
SnloHYRhz7fQrNBB72bgikDstNJbzswszX1+h3OwS015VDukSLsZT59+MOevFzKj
la/EpRmPUzwWzVSdOJgrD7fNM5Hw77jSnw7+jned6LrzAgMBAAGjezB5MAkGA1Ud
EwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmlj
YXRlMB0GA1UdDgQWBBTr9urT8vLGxoPvE82vSajtA99/7TAfBgNVHSMEGDAWgBTF
ONy6D8Mpbj2ZB5bQhxL9uEjMNzANBgkqhkiG9w0BAQsFAAOBgQA7AO/En2nDIgZ2
b3CIUBzzoppoADT6OmiylP58MX1Olb1HTWkfdjJkgxtbEXG7CnqvclR63DBR5ZMn
jIpR5uUVU3AUhTt3GofO0G8xB10UMNfeoLWnoZYYGv3qn8Lqu3JShLZXbXCTNWTT
i4Ibe+qFivvGs+BmrdsR3V5uIt20Iw==
-----END CERTIFICATE-----

View File

@@ -1,266 +0,0 @@
# This is a sample configuration file for freeDiameter daemon.
# Most of the options can be omitted, as they default to reasonable values.
# Only TLS-related options must be configured properly in usual setups.
# It is possible to use "include" keyword to import additional files
# e.g.: include "/etc/freeDiameter.d/*.conf"
# This is exactly equivalent as copy & paste the content of the included file(s)
# where the "include" keyword is found.
##############################################################
## Peer identity and realm
# The Diameter Identity of this daemon.
# This must be a valid FQDN that resolves to the local host.
# Default: hostname's FQDN
#Identity = "aaa.koganei.freediameter.net";
Identity = "pgw.localdomain";
# The Diameter Realm of this daemon.
# Default: the domain part of Identity (after the first dot).
#Realm = "koganei.freediameter.net";
Realm = "localdomain";
##############################################################
## Transport protocol configuration
# The port this peer is listening on for incoming connections (TCP and SCTP).
# Default: 3868. Use 0 to disable.
#Port = 3868;
# The port this peer is listening on for incoming TLS-protected connections (TCP and SCTP).
# See TLS_old_method for more information about TLS flavours.
# Note: we use TLS/SCTP instead of DTLS/SCTP at the moment. This will change in future version of freeDiameter.
# Default: 5868. Use 0 to disable.
#SecPort = 5868;
# Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed
# on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the
# CER/CEA exchange on a dedicated secure port.
# This parameter only affects outgoing connections.
# The setting can be also defined per-peer (see Peers configuration section).
# Default: use RFC6733 method with separate port for TLS.
#TLS_old_method;
# Disable use of TCP protocol (only listen and connect over SCTP)
# Default : TCP enabled
#No_TCP;
# Disable use of SCTP protocol (only listen and connect over TCP)
# Default : SCTP enabled
#No_SCTP;
# This option is ignored if freeDiameter is compiled with DISABLE_SCTP option.
# Prefer TCP instead of SCTP for establishing new connections.
# This setting may be overwritten per peer in peer configuration blocs.
# Default : SCTP is attempted first.
#Prefer_TCP;
# Default number of streams per SCTP associations.
# This setting may be overwritten per peer basis.
# Default : 30 streams
#SCTP_streams = 30;
##############################################################
## Endpoint configuration
# Disable use of IP addresses (only IPv6)
# Default : IP enabled
#No_IP;
# Disable use of IPv6 addresses (only IP)
# Default : IPv6 enabled
#No_IPv6;
# Specify local addresses the server must bind to
# Default : listen on all addresses available.
#ListenOn = "202.249.37.5";
#ListenOn = "2001:200:903:2::202:1";
#ListenOn = "fe80::21c:5ff:fe98:7d62%eth0";
ListenOn = "127.0.0.3";
##############################################################
## Server configuration
# How many Diameter peers are allowed to be connecting at the same time ?
# This parameter limits the number of incoming connections from the time
# the connection is accepted until the first CER is received.
# Default: 5 unidentified clients in paralel.
#ThreadsPerServer = 5;
##############################################################
## TLS Configuration
# TLS is managed by the GNUTLS library in the freeDiameter daemon.
# You may find more information about parameters and special behaviors
# in the relevant documentation.
# http://www.gnu.org/software/gnutls/manual/
# Credentials of the local peer
# The X509 certificate and private key file to use for the local peer.
# The files must contain PKCS-1 encoded RSA key, in PEM format.
# (These parameters are passed to gnutls_certificate_set_x509_key_file function)
# Default : NO DEFAULT
#TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>";
#TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key";
TLS_Cred = "@sysconfdir@/freeDiameter/pgw.cert.pem", "@sysconfdir@/freeDiameter/pgw.key.pem";
# Certificate authority / trust anchors
# The file containing the list of trusted Certificate Authorities (PEM list)
# (This parameter is passed to gnutls_certificate_set_x509_trust_file function)
# The directive can appear several times to specify several files.
# Default : GNUTLS default behavior
#TLS_CA = "<file.PEM>";
TLS_CA = "@sysconfdir@/freeDiameter/cacert.pem";
# Certificate Revocation List file
# The information about revoked certificates.
# The file contains a list of trusted CRLs in PEM format. They should have been verified before.
# (This parameter is passed to gnutls_certificate_set_x509_crl_file function)
# Note: openssl CRL format might have interoperability issue with GNUTLS format.
# Default : GNUTLS default behavior
#TLS_CRL = "<file.PEM>";
# GNU TLS Priority string
# This string allows to configure the behavior of GNUTLS key exchanges
# algorithms. See gnutls_priority_init function documentation for information.
# You should also refer to the Diameter required TLS support here:
# http://tools.ietf.org/html/rfc6733#section-13.1
# Default : "NORMAL"
# Example: TLS_Prio = "NONE:+VERS-TLS1.1:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL";
#TLS_Prio = "NORMAL";
# Diffie-Hellman parameters size
# Set the number of bits for generated DH parameters
# Valid value should be 768, 1024, 2048, 3072 or 4096.
# (This parameter is passed to gnutls_dh_params_generate2 function,
# it usually should match RSA key size)
# Default : 1024
#TLS_DH_Bits = 1024;
# Alternatively, you can specify a file to load the PKCS#3 encoded
# DH parameters directly from. This accelerates the daemon start
# but is slightly less secure. If this file is provided, the
# TLS_DH_Bits parameters has no effect.
# Default : no default.
#TLS_DH_File = "<file.PEM>";
##############################################################
## Timers configuration
# The Tc timer of this peer.
# It is the delay before a new attempt is made to reconnect a disconnected peer.
# The value is expressed in seconds. The recommended value is 30 seconds.
# Default: 30
#TcTimer = 30;
# The Tw timer of this peer.
# It is the delay before a watchdog message is sent, as described in RFC 3539.
# The value is expressed in seconds. The default value is 30 seconds. Value must
# be greater or equal to 6 seconds. See details in the RFC.
# Default: 30
#TwTimer = 30;
##############################################################
## Applications configuration
# Disable the relaying of Diameter messages?
# For messages not handled locally, the default behavior is to forward the
# message to another peer if any is available, according to the routing
# algorithms. In addition the "0xffffff" application is advertised in CER/CEA
# exchanges.
# Default: Relaying is enabled.
#NoRelay;
# Number of server threads that can handle incoming messages at the same time.
# Default: 4
#AppServThreads = 4;
# Other applications are configured by loaded extensions.
##############################################################
## Extensions configuration
# The freeDiameter framework merely provides support for
# Diameter Base Protocol. The specific application behaviors,
# as well as advanced functions, are provided
# by loadable extensions (plug-ins).
# These extensions may in addition receive the name of a
# configuration file, the format of which is extension-specific.
#
# Format:
#LoadExtension = "/path/to/extension" [ : "/optional/configuration/file" ] ;
#
# Examples:
#LoadExtension = "extensions/sample.fdx";
#LoadExtension = "extensions/sample.fdx":"conf/sample.conf";
# Extensions are named as follow:
# dict_* for extensions that add content to the dictionary definitions.
# dbg_* for extensions useful only to retrieve more information on the framework execution.
# acl_* : Access control list, to control which peers are allowed to connect.
# rt_* : routing extensions that impact how messages are forwarded to other peers.
# app_* : applications, these extensions usually register callbacks to handle specific messages.
# test_* : dummy extensions that are useful only in testing environments.
# The dbg_msg_dump.fdx extension allows you to tweak the way freeDiameter displays some
# information about some events. This extension does not actually use a configuration file
# but receives directly a parameter in the string passed to the extension. Here are some examples:
## LoadExtension = "dbg_msg_dumps.fdx" : "0x1111"; # Removes all default hooks, very quiet even in case of errors.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x2222"; # Display all events with few details.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x0080"; # Dump complete information about sent and received messages.
# The four digits respectively control: connections, routing decisions, sent/received messages, errors.
# The values for each digit are:
# 0 - default - keep the default behavior
# 1 - quiet - remove any specific log
# 2 - compact - display only a summary of the information
# 4 - full - display the complete information on a single long line
# 8 - tree - display the complete information in an easier to read format spanning several lines.
LoadExtension = "@libdir@/freeDiameter/dbg_msg_dumps.fdx" : "0x8888";
LoadExtension = "@libdir@/freeDiameter/dict_rfc5777.fdx";
LoadExtension = "@libdir@/freeDiameter/dict_mip6i.fdx";
LoadExtension = "@libdir@/freeDiameter/dict_nasreq.fdx";
LoadExtension = "@libdir@/freeDiameter/dict_nas_mipv6.fdx";
LoadExtension = "@libdir@/freeDiameter/dict_dcca.fdx";
LoadExtension = "@libdir@/freeDiameter/dict_dcca_3gpp.fdx";
##############################################################
## Peers configuration
# The local server listens for incoming connections. By default,
# all unknown connecting peers are rejected. Extensions can override this behavior (e.g., acl_wl).
#
# In addition to incoming connections, the local peer can
# be configured to establish and maintain connections to some
# Diameter nodes and allow connections from these nodes.
# This is achieved with the ConnectPeer directive described below.
#
# Note that the configured Diameter Identity MUST match
# the information received inside CEA, or the connection will be aborted.
#
# Format:
#ConnectPeer = "diameterid" [ { parameter1; parameter2; ...} ] ;
# Parameters that can be specified in the peer's parameter list:
# No_TCP; No_SCTP; No_IP; No_IPv6; Prefer_TCP; TLS_old_method;
# No_TLS; # assume transparent security instead of TLS. DTLS is not supported yet (will change in future versions).
# Port = 5868; # The port to connect to
# TcTimer = 30;
# TwTimer = 30;
# ConnectTo = "202.249.37.5";
# ConnectTo = "2001:200:903:2::202:1";
# TLS_Prio = "NORMAL";
# Realm = "realm.net"; # Reject the peer if it does not advertise this realm.
# Examples:
#ConnectPeer = "aaa.wide.ad.jp";
#ConnectPeer = "old.diameter.serv" { TcTimer = 60; TLS_old_method; No_SCTP; Port=3868; } ;
ConnectPeer = "pcrf.localdomain" { ConnectTo = "127.0.0.5"; No_TLS; };
##############################################################

View File

@@ -1,15 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC/vJQ49AOlI4whuk5eUfd29eEeQ/wEoPm5n0fd07Wqg+jL0DxW
Dk393raT+uujlEp5aB2EYc+30KzQQe9m4IpA7LTSW87MLM19fodzsEtNeVQ7pEi7
GU+ffjDnrxcyo5WvxKUZj1M8Fs1UnTiYKw+3zTOR8O+40p8O/o53nei68wIDAQAB
AoGAarZPHH+aw79MD718PnyKKVhhqZGW4xCgzFG9EtXwpu1xlHXaDt85QxFANo4R
teIjrPxoaTRzAlAOzn3T+0L/TnhU67WUOvSQEhGzS1liNNw024NekOy3rrqAvB3D
esmOtR5+LtadCb2CuJdL0XALUp+F/g25CoryXsKMIg4Eg9ECQQD9fbT7n3GurBlF
s1E+Ah1+fpD2qOvyFrK4Yzs/CYn5s1yEO0AMwLavO71Y+SIGzFnuIASbyEX4Adl/
hxSvDp5ZAkEAwaJmOzgLsLvSf5RkYzaX+/IO/DBYowDknalMobDplaOlK5LLFNiM
naEH6A6UV981OnIr6ScU8knC0HyDmmTyKwJAfu3jIdvE4OHsBaq0k4gbnKtjix8q
hh43f3ywve/Y1t+pA81nVPtqfnQ7a8HT9/N7VHFT3W17G6RRdDn/cWiwgQJAOuD+
5RLtuxfhshmVTPXU0S+Rju3EhgxHeAl628/Ht1DDcLR6PCR83ZGRreaBBRdCQDtn
TsYrgGEdc/forJH1cQJBAMzBcACt51/OuHtPF+kxeRqgLINji82EQOGmZBvtWySI
cRFndLh6N8OOkDnP2MwGY7j0jWveKE8mVA12ymMWZuU=
-----END RSA PRIVATE KEY-----

View File

@@ -0,0 +1,267 @@
# This is a sample configuration file for freeDiameter daemon.
# Most of the options can be omitted, as they default to reasonable values.
# Only TLS-related options must be configured properly in usual setups.
# It is possible to use "include" keyword to import additional files
# e.g.: include "/etc/freeDiameter.d/*.conf"
# This is exactly equivalent as copy & paste the content of the included file(s)
# where the "include" keyword is found.
##############################################################
## Peer identity and realm
# The Diameter Identity of this daemon.
# This must be a valid FQDN that resolves to the local host.
# Default: hostname's FQDN
#Identity = "aaa.koganei.freediameter.net";
Identity = "smf.localdomain";
# The Diameter Realm of this daemon.
# Default: the domain part of Identity (after the first dot).
#Realm = "koganei.freediameter.net";
Realm = "localdomain";
##############################################################
## Transport protocol configuration
# The port this peer is listening on for incoming connections (TCP and SCTP).
# Default: 3868. Use 0 to disable.
#Port = 3868;
# The port this peer is listening on for incoming TLS-protected connections (TCP and SCTP).
# See TLS_old_method for more information about TLS flavours.
# Note: we use TLS/SCTP instead of DTLS/SCTP at the moment. This will change in future version of freeDiameter.
# Default: 5868. Use 0 to disable.
#SecPort = 5868;
# Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed
# on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the
# CER/CEA exchange on a dedicated secure port.
# This parameter only affects outgoing connections.
# The setting can be also defined per-peer (see Peers configuration section).
# Default: use RFC6733 method with separate port for TLS.
#TLS_old_method;
# Disable use of TCP protocol (only listen and connect over SCTP)
# Default : TCP enabled
#No_TCP;
# Disable use of SCTP protocol (only listen and connect over TCP)
# Default : SCTP enabled
#No_SCTP;
# This option is ignored if freeDiameter is compiled with DISABLE_SCTP option.
# Prefer TCP instead of SCTP for establishing new connections.
# This setting may be overwritten per peer in peer configuration blocs.
# Default : SCTP is attempted first.
#Prefer_TCP;
# Default number of streams per SCTP associations.
# This setting may be overwritten per peer basis.
# Default : 30 streams
#SCTP_streams = 30;
##############################################################
## Endpoint configuration
# Disable use of IP addresses (only IPv6)
# Default : IP enabled
#No_IP;
# Disable use of IPv6 addresses (only IP)
# Default : IPv6 enabled
#No_IPv6;
# Specify local addresses the server must bind to
# Default : listen on all addresses available.
#ListenOn = "202.249.37.5";
#ListenOn = "2001:200:903:2::202:1";
#ListenOn = "fe80::21c:5ff:fe98:7d62%eth0";
ListenOn = "127.0.0.4";
##############################################################
## Server configuration
# How many Diameter peers are allowed to be connecting at the same time ?
# This parameter limits the number of incoming connections from the time
# the connection is accepted until the first CER is received.
# Default: 5 unidentified clients in paralel.
#ThreadsPerServer = 5;
##############################################################
## TLS Configuration
# TLS is managed by the GNUTLS library in the freeDiameter daemon.
# You may find more information about parameters and special behaviors
# in the relevant documentation.
# http://www.gnu.org/software/gnutls/manual/
# Credentials of the local peer
# The X509 certificate and private key file to use for the local peer.
# The files must contain PKCS-1 encoded RSA key, in PEM format.
# (These parameters are passed to gnutls_certificate_set_x509_key_file function)
# Default : NO DEFAULT
#TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>";
#TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key";
TLS_Cred = "@sysconfdir@/open5gs/tls/smf.crt", "@sysconfdir@/open5gs/tls/smf.key";
# Certificate authority / trust anchors
# The file containing the list of trusted Certificate Authorities (PEM list)
# (This parameter is passed to gnutls_certificate_set_x509_trust_file function)
# The directive can appear several times to specify several files.
# Default : GNUTLS default behavior
#TLS_CA = "<file.PEM>";
TLS_CA = "@sysconfdir@/open5gs/tls/ca.crt";
# Certificate Revocation List file
# The information about revoked certificates.
# The file contains a list of trusted CRLs in PEM format. They should have been verified before.
# (This parameter is passed to gnutls_certificate_set_x509_crl_file function)
# Note: openssl CRL format might have interoperability issue with GNUTLS format.
# Default : GNUTLS default behavior
#TLS_CRL = "<file.PEM>";
# GNU TLS Priority string
# This string allows to configure the behavior of GNUTLS key exchanges
# algorithms. See gnutls_priority_init function documentation for information.
# You should also refer to the Diameter required TLS support here:
# http://tools.ietf.org/html/rfc6733#section-13.1
# Default : "NORMAL"
# Example: TLS_Prio = "NONE:+VERS-TLS1.1:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL";
#TLS_Prio = "NORMAL";
# Diffie-Hellman parameters size
# Set the number of bits for generated DH parameters
# Valid value should be 768, 1024, 2048, 3072 or 4096.
# (This parameter is passed to gnutls_dh_params_generate2 function,
# it usually should match RSA key size)
# Default : 1024
#TLS_DH_Bits = 1024;
# Alternatively, you can specify a file to load the PKCS#3 encoded
# DH parameters directly from. This accelerates the daemon start
# but is slightly less secure. If this file is provided, the
# TLS_DH_Bits parameters has no effect.
# Default : no default.
#TLS_DH_File = "<file.PEM>";
##############################################################
## Timers configuration
# The Tc timer of this peer.
# It is the delay before a new attempt is made to reconnect a disconnected peer.
# The value is expressed in seconds. The recommended value is 30 seconds.
# Default: 30
#TcTimer = 30;
# The Tw timer of this peer.
# It is the delay before a watchdog message is sent, as described in RFC 3539.
# The value is expressed in seconds. The default value is 30 seconds. Value must
# be greater or equal to 6 seconds. See details in the RFC.
# Default: 30
#TwTimer = 30;
##############################################################
## Applications configuration
# Disable the relaying of Diameter messages?
# For messages not handled locally, the default behavior is to forward the
# message to another peer if any is available, according to the routing
# algorithms. In addition the "0xffffff" application is advertised in CER/CEA
# exchanges.
# Default: Relaying is enabled.
#NoRelay;
NoRelay;
# Number of server threads that can handle incoming messages at the same time.
# Default: 4
#AppServThreads = 4;
# Other applications are configured by loaded extensions.
##############################################################
## Extensions configuration
# The freeDiameter framework merely provides support for
# Diameter Base Protocol. The specific application behaviors,
# as well as advanced functions, are provided
# by loadable extensions (plug-ins).
# These extensions may in addition receive the name of a
# configuration file, the format of which is extension-specific.
#
# Format:
#LoadExtension = "/path/to/extension" [ : "/optional/configuration/file" ] ;
#
# Examples:
#LoadExtension = "extensions/sample.fdx";
#LoadExtension = "extensions/sample.fdx":"conf/sample.conf";
# Extensions are named as follow:
# dict_* for extensions that add content to the dictionary definitions.
# dbg_* for extensions useful only to retrieve more information on the framework execution.
# acl_* : Access control list, to control which peers are allowed to connect.
# rt_* : routing extensions that impact how messages are forwarded to other peers.
# app_* : applications, these extensions usually register callbacks to handle specific messages.
# test_* : dummy extensions that are useful only in testing environments.
# The dbg_msg_dump.fdx extension allows you to tweak the way freeDiameter displays some
# information about some events. This extension does not actually use a configuration file
# but receives directly a parameter in the string passed to the extension. Here are some examples:
## LoadExtension = "dbg_msg_dumps.fdx" : "0x1111"; # Removes all default hooks, very quiet even in case of errors.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x2222"; # Display all events with few details.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x0080"; # Dump complete information about sent and received messages.
# The four digits respectively control: connections, routing decisions, sent/received messages, errors.
# The values for each digit are:
# 0 - default - keep the default behavior
# 1 - quiet - remove any specific log
# 2 - compact - display only a summary of the information
# 4 - full - display the complete information on a single long line
# 8 - tree - display the complete information in an easier to read format spanning several lines.
LoadExtension = "@libdir@/freeDiameter/dbg_msg_dumps.fdx" : "0x8888";
LoadExtension = "@libdir@/freeDiameter/dict_rfc5777.fdx";
LoadExtension = "@libdir@/freeDiameter/dict_mip6i.fdx";
LoadExtension = "@libdir@/freeDiameter/dict_nasreq.fdx";
LoadExtension = "@libdir@/freeDiameter/dict_nas_mipv6.fdx";
LoadExtension = "@libdir@/freeDiameter/dict_dcca.fdx";
LoadExtension = "@libdir@/freeDiameter/dict_dcca_3gpp.fdx";
##############################################################
## Peers configuration
# The local server listens for incoming connections. By default,
# all unknown connecting peers are rejected. Extensions can override this behavior (e.g., acl_wl).
#
# In addition to incoming connections, the local peer can
# be configured to establish and maintain connections to some
# Diameter nodes and allow connections from these nodes.
# This is achieved with the ConnectPeer directive described below.
#
# Note that the configured Diameter Identity MUST match
# the information received inside CEA, or the connection will be aborted.
#
# Format:
#ConnectPeer = "diameterid" [ { parameter1; parameter2; ...} ] ;
# Parameters that can be specified in the peer's parameter list:
# No_TCP; No_SCTP; No_IP; No_IPv6; Prefer_TCP; TLS_old_method;
# No_TLS; # assume transparent security instead of TLS. DTLS is not supported yet (will change in future versions).
# Port = 5868; # The port to connect to
# TcTimer = 30;
# TwTimer = 30;
# ConnectTo = "202.249.37.5";
# ConnectTo = "2001:200:903:2::202:1";
# TLS_Prio = "NORMAL";
# Realm = "realm.net"; # Reject the peer if it does not advertise this realm.
# Examples:
#ConnectPeer = "aaa.wide.ad.jp";
#ConnectPeer = "old.diameter.serv" { TcTimer = 60; TLS_old_method; No_SCTP; Port=3868; } ;
ConnectPeer = "pcrf.localdomain" { ConnectTo = "127.0.0.9"; No_TLS; };
##############################################################

View File

@@ -1,589 +0,0 @@
db_uri: mongodb://localhost/open5gs
logger:
file: @localstatedir@/log/open5gs/open5gs.log
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Nothing is needed)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# level: trace
# domain: core,s1ap,nas,fd,gtp,mme,emm,esm,sgw,pgw,hss,pcrf,event,tlv,mem,sock
#
#
# parameter:
#
# o Number of output streams per SCTP associations.
# sctp_streams: 30
#
# o Disable use of IPv4 addresses (only IPv6)
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# prefer_ipv4: true
#
# o Enable Multicast traffic to the UE
# multicast: true
#
# o Disable Stateless Address Autoconfiguration for IPv6
# no_slaac: true
#
#
parameter:
no_ipv6: true
#
# sctp:
#
# o heartbit_interval : 5000 (5secs)
# o rto_initial : 3000 (3secs)
# o rto_min : 1000 (1sec)
# o rto_max : 5000 (5secs)
# o max_num_of_ostreams : 30
# o max_num_of_istreams : 65535
# o max_attempts : 4
# o max_initial_timeout : 8000(8secs)
# o usrsctp_udp_port : 9899
sctp:
#
# max:
#
# o Maximum Number of SGW per MME
# sgw: 32
# o Maximum Number of PGW per MME
# pgw: 32
# o Maximum Number of VLR per MME
# vlr: 32
# o Maximum Number of eNodeB per MME
# enb: 32
# o Maximum Number of UE per eNodeB
# ue: 128
#
max:
#
# pool:
#
# o The Number of Default Memory Pool Size
#
# - Pool-size 128 => 8192 Number
# - Pool-size 256 => 4096 Number
# - Pool-size 512 => 2048 Number
# - Pool-size 1024 => 1024 Number
# - Pool-size 2048 => 512 Number
# - Pool-size 8192 => 128 Number
# - Pool-size 1024*1024 => 8 Number
#
# 128: 8192
# 256: 4096
# 512: 2048
# 1024: 1024
# 2048: 512
# 8192: 128
# big: 8
#
# o Memory of Packet Buffering in SGW
# - Maximum Number of packet(SDU size = 8Kbytes) pool in SGW
# - SGW Memory Usage : 65536 * 8Kbytes = 512Mbytes
#
# packet: 65536
pool:
mme:
freeDiameter: @sysconfdir@/freeDiameter/mme.conf
#
# <S1AP Server>>
#
# o S1AP Server(all address avaiable)
# s1ap:
#
# o S1AP Server(0.0.0.0:36412)
# s1ap:
# addr: 0.0.0.0
#
# o S1AP Server(127.0.0.1:36412, [::1]:36412)
# s1ap:
# - addr: 127.0.0.1
# - addr: ::1
# o S1AP Server(different port)
# s1ap:
# - addr: 127.0.0.1
# port: 36413
#
# o S1AP Server(address avaiable in `eth0` interface)
# s1ap:
# dev: eth0
#
s1ap:
#
# <GTP-C Server>>
#
# o GTP-C Server(all address avaiable)
# gtpc:
#
# o GTP-C Server(127.0.0.1:2123, [::1]:2123)
# gtpc:
# - addr: 127.0.0.1
# - addr: ::1
#
gtpc:
#
# <sgsap>
#
# o Single MSC/VLR(127.0.0.2)
# sgsap:
# addr: 127.0.0.2
# map:
# tai:
# plmn_id:
# mcc: 001
# mnc: 01
# tac: 4130
# lai:
# plmn_id:
# mcc: 001
# mnc: 01
# lac: 43690
# map:
# tai:
# plmn_id:
# mcc: 002
# mnc: 02
# tac: 4132
# lai:
# plmn_id:
# mcc: 002
# mnc: 02
# lac: 43692
#
# o Multiple MSC/VLR
# sgsap:
# - addr: 127.0.0.2
# port: 29119
# map:
# tai:
# plmn_id:
# mcc: 001
# mnc: 01
# tac: 4131
# lai:
# plmn_id:
# mcc: 001
# mnc: 01
# lac: 43691
# map:
# tai:
# plmn_id:
# mcc: 002
# mnc: 02
# tac: 4132
# lai:
# plmn_id:
# mcc: 002
# mnc: 02
# lac: 43692
# - addr
# - 127.0.0.3
# - fe80::2%@loopback_devname@
# map:
# tai:
# plmn_id:
# mcc: 001
# mnc: 01
# tac: 4132
# lai:
# plmn_id:
# mcc: 002
# mnc: 02
# lac: 43692
# - name: msc.open5gs.org
# map:
# tai:
# plmn_id:
# mcc: 001
# mnc: 01
# tac: 4133
# lai:
# plmn_id:
# mcc: 002
# mnc: 02
# lac: 43693
#
sgsap:
#
# <GUMMEI>
#
# o Multiple GUMMEI
# gummei:
# - plmn_id:
# mcc: 001
# mnc: 01
# mme_gid: 2
# mme_code: 1
# - plmn_id:
# - mcc: 002
# mnc: 02
# - mcc: 003
# mnc: 03
# mme_gid: [3, 4]
# mme_code:
# - 2
# - 3
#
gummei:
plmn_id:
mcc: 001
mnc: 01
mme_gid: 2
mme_code: 1
#
# <TAI>
#
# o Multiple TAI
# tai:
# - plmn_id:
# mcc: 001
# mnc: 01
# tac: [1, 2, 3]
# tai:
# - plmn_id:
# mcc: 002
# mnc: 02
# tac: 4
# - plmn_id:
# mcc: 003
# mnc: 03
# tac: 5
# tai:
# - plmn_id:
# mcc: 004
# mnc: 04
# tac: [6, 7]
# - plmn_id:
# mcc: 005
# mnc: 05
# tac: 8
# - plmn_id:
# mcc: 006
# mnc: 06
# tac: [9, 10]
#
tai:
plmn_id:
mcc: 001
mnc: 01
tac: 12345
security:
integrity_order : [ EIA1, EIA2, EIA0 ]
ciphering_order : [ EEA0, EEA1, EEA2 ]
#
# <Network Name>
# network_name:
# full: Open5GS
# short: Next
#
network_name:
full: Open5GS
hss:
freeDiameter: @sysconfdir@/freeDiameter/hss.conf
sgw:
#
# ------------------------ MME --------------------------
#
# o Specify SGW addresses the GTP-C must connect to
#
# o One SGW is defined. If prefer_ipv4 is not true, [fe80::2%@loopback_devname@] is selected.
# gtpc:
# addr:
# - 127.0.0.2
# - fe80::2%@loopback_devname@
#
# o Two SGW are defined. MME selects SGW with round-robin manner per UE
# gtpc:
# - addr: 127.0.0.2
# - addr: fe80::2%@loopback_devname@
#
# o Three SGW are defined. MME selects SGW with round-robin manner per UE
# gtpc:
# - addr
# - 127.0.0.2
# - fe80::2%@loopback_devname@
# - addr
# - 127.0.0.12
# - fe80::12%@loopback_devname@
# - name: sgw3.open5gs.org
#
# ------------------------ SGW --------------------------
#
# o GTP-C Server(127.0.0.2:2123, [fe80::2%@loopback_devname@]:2123)
# gtpc:
# addr:
# - 127.0.0.2
# - fe80::2%@loopback_devname@
#
# o On SGW, Same Configuration(127.0.0.2:2123, [fe80::2%@loopback_devname@]:2123) as below.
# gtpc:
# - addr: 127.0.0.2
# - addr: fe80::2%@loopback_devname@
#
gtpc:
addr: 127.0.0.2
#
# <SGW Selection Mode>
#
# o Round-Robin
# (If `selection_mode` is omitted, the default mode is Round-Robin)
#
# selection_mode: rr
# gtpc:
# addr: 127.0.0.2
# addr: 127.0.2.2
# addr: 127.0.4.2
#
# o SGW selection by eNodeB TAC
#
# selection_mode: tac
# gtpc:
# - addr: 127.0.0.2
# tac: 26000
# - addr: 127.0.2.2
# tac: [25000, 27000, 28000]
#
#
# <GTP-U Server>
#
# o GTP-U Server(all address avaiable)
# gtpu:
#
# o Provide custom SGW GTP-U address to be advertised inside S1AP messages
# gtpu:
# addr: 10.4.128.21
# advertise_addr: 172.24.15.30
#
# gtpu:
# addr: 10.4.128.21
# advertise_name: sgw1.epc.mnc001.mcc001.3gppnetwork.org
#
# gtpu:
# dev: ens3
# advertise_name: sgw1.epc.mnc001.mcc001.3gppnetwork.org
#
gtpu:
pgw:
freeDiameter: @sysconfdir@/freeDiameter/pgw.conf
#
# ------------------------ MME --------------------------
#
# o By default, the PGW uses the first PGW node.
# - To use a different APN for each PGW, specify gtpc.apn as the APN name.
# - If the HSS uses WebUI to set the PGW IP for eacho UE,
# you can use a specific PGW node for each UE.
#
# o Two PGW are defined. 127.0.0.3:2123 is used.
# [fe80::3%@loopback_devname@]:2123 is ignored.
# gtpc:
# - addr: 127.0.0.3
# - addr: fe80::3%@loopback_devname@
#
# o One PGW is defined. if prefer_ipv4 is not true,
# [fe80::3%@loopback_devname@] is selected.
# gtpc:
# - addr:
# - 127.0.0.3
# - fe80::3%@loopback_devname@
#
# o Two PGW are defined with a different APN.
# - Note that if PGW IP for UE is configured in HSS,
# the following configurion for this UE is ignored.
# gtpc:
# - addr: 127.0.0.3
# apn: internet
# - addr: 127.0.0.5
# apn: volte
#
# o If APN is omitted, the default APN uses the first PGW node.
# gtpc:
# - addr: 127.0.0.3
# - addr: 127.0.0.5
# apn: volte
# ------------------------ PGW --------------------------
#
# o GTP-C Server(127.0.0.3:2123, [fe80::3%@loopback_devname@]:2123)
# gtpc:
# addr:
# - 127.0.0.3
# - fe80::3%@loopback_devname@
#
# o On PGW, Same configuration(127.0.0.3:2123, [fe80::3%@loopback_devname@]:2123).
# gtpc:
# - addr: 127.0.0.3
# - addr: fe80::3%@loopback_devname@
#
gtpc:
addr:
- 127.0.0.3
- ::1
#
# <GTP-U Server>>
#
# o GTP-U Server(127.0.0.3:2152, [::1]:2152)
# gtpu:
# - addr: 127.0.0.3
# - addr: ::1
#
# o Same configuration(127.0.0.3:2152, [::1]:2152) as below.
# gtpu:
# name: localhost
#
gtpu:
- addr: 127.0.0.3
- addr: ::1
#
# <UE Pool>
#
# o IPv4 Pool
# $ sudo ip addr add 10.45.0.1/16 dev ogstun
#
# ue_pool:
# addr: 10.45.0.1/16
#
# o IPv4/IPv6 Pool
# $ sudo ip addr add 10.45.0.1/16 dev ogstun
# $ sudo ip addr add cafe:1::1/64 dev ogstun
#
# ue_pool:
# - addr: 10.45.0.1/16
# - addr: cafe:1::1/64
#
#
# o Specific APN(e.g 'volte') uses 10.46.0.1/16, cafe:2::1/64
# All other APNs use 10.45.0.1/16, cafe:1::1/64
# $ sudo ip addr add 10.45.0.1/16 dev ogstun
# $ sudo ip addr add 10.46.0.1/16 dev ogstun
# $ sudo ip addr add cafe:1::1/64 dev ogstun
# $ sudo ip addr add cafe:2::1/64 dev ogstun
#
# ue_pool:
# - addr: 10.45.0.1/16
# - addr: cafe:1::1/64
# - addr: 10.46.0.1/16
# apn: volte
# - addr: cafe:2::1/64
# apn: volte
#
# o Multiple Devices (default: ogstun)
# $ sudo ip addr add 10.45.0.1/16 dev ogstun
# $ sudo ip addr add cafe:1::1/64 dev ogstun2
# $ sudo ip addr add 10.46.0.1/16 dev ogstun3
# $ sudo ip addr add cafe:2::1/64 dev ogstun3
#
# ue_pool:
# - addr: 10.45.0.1/16
# - addr: cafe:1::1/64
# dev: ogstun2
# - addr: 10.46.0.1/16
# apn: volte
# dev: ogstun3
# - addr: cafe:2::1/64
# apn: volte
# dev: ogstun3
#
# o Pool Range Sample
# ue_pool:
# - addr: 10.45.0.1/24
# range: 10.45.0.100-10.45.0.200
#
# ue_pool:
# - addr: 10.45.0.1/24
# range:
# - 10.45.0.5-10.45.0.50
# - 10.45.0.100-
#
# ue_pool:
# - addr: 10.45.0.1/24
# range:
# - -10.45.0.200
# - 10.45.0.210-10.45.0.220
#
# ue_pool:
# - addr: 10.45.0.1/16
# range:
# - 10.45.0.100-10.45.0.200
# - 10.45.1.100-10.45.1.200
# - addr: cafe::1/64
# range:
# - cafe::a0-cafe:b0
# - cafe::c0-cafe:d0
#
#
ue_pool:
- addr: 10.45.0.1/16
- addr: cafe::1/64
#
# <Domain Name Server>
#
# o Primary/Secondary can be configured. Others are ignored.
#
dns:
- 8.8.8.8
- 8.8.4.4
- 2001:4860:4860::8888
- 2001:4860:4860::8844
#
# <MTU Size>
#
# o Provisioning a limit on the size of the packets sent by the MS
# to avoid packet fragmentation in the backbone network
# between the MS and the GGSN/PGW and/or across the (S)Gi reference point)
# when some of the backbone links does not support
# packets larger then 1500 octets
#
mtu: 1400
#
# <P-CSCF>
#
# o Proxy Call Session Control Function
#
# p-cscf:
# - 127.0.0.1
# - ::1
#
pcrf:
freeDiameter: @sysconfdir@/freeDiameter/pcrf.conf

View File

@@ -7,7 +7,7 @@
create 640 open5gs open5gs
postrotate
for i in pcrfd pgwd sgwd hssd mmed; do
for i in nrfd scpd pcrfd hssd ausfd udmd udrd upfd sgwcd sgwud smfd mmed amfd; do
systemctl reload open5gs-$i
done
endscript

View File

@@ -22,25 +22,23 @@ conf_data.set('sysconfdir', sysconfdir)
conf_data.set('libdir', libdir)
conf_data.set('localstatedir', localstatedir)
freediameter_extensions_builddir = join_paths(
meson.build_root(), 'subprojects', 'freeDiameter', 'extensions')
conf_data.set('freediameter_extensions_builddir',
freediameter_extensions_builddir)
build_configs_dir = join_paths(open5gs_build_dir, 'configs')
conf_data.set('build_configs_dir', build_configs_dir)
if host_system == 'linux'
conf_data.set('loopback_devname', 'lo')
else
conf_data.set('loopback_devname', 'lo0')
endif
build_subprojects_freeDiameter_extensions_dir = join_paths(
open5gs_build_dir, 'subprojects', 'freeDiameter', 'extensions')
conf_data.set('build_subprojects_freeDiameter_extensions_dir',
build_subprojects_freeDiameter_extensions_dir)
example_conf = '''
simple.yaml
installed.yaml
split.yaml
mnc3.yaml
sample.yaml
310014.yaml
csfb.yaml
volte.yaml
srslte.yaml
vonr.yaml
slice.yaml
srsenb.yaml
non3gpp.yaml
'''.split()
foreach file : example_conf

View File

@@ -1,127 +0,0 @@
db_uri: mongodb://localhost/open5gs
logger:
parameter:
no_ipv6: true
mme:
freeDiameter:
identity: mme.localdomain
realm: localdomain
listen_on: 127.0.0.2
load_extension:
- module: @freediameter_extensions_builddir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @freediameter_extensions_builddir@/dict_rfc5777.fdx
- module: @freediameter_extensions_builddir@/dict_mip6i.fdx
- module: @freediameter_extensions_builddir@/dict_nasreq.fdx
- module: @freediameter_extensions_builddir@/dict_nas_mipv6.fdx
- module: @freediameter_extensions_builddir@/dict_dcca.fdx
- module: @freediameter_extensions_builddir@/dict_dcca_3gpp.fdx
connect:
- identity: hss.localdomain
addr: 127.0.0.4
s1ap:
addr: 127.0.0.1
gtpc:
addr: 127.0.0.1
gummei:
plmn_id:
mcc: 310
mnc: 014
mme_gid: 32798
mme_code: 100
tai:
plmn_id:
mcc: 310
mnc: 014
tac: [50, 51, 52, 53]
security:
integrity_order : [ EIA1, EIA2, EIA0 ]
ciphering_order : [ EEA0, EEA1, EEA2 ]
network_name:
full: Open5GS
hss:
freeDiameter:
identity: hss.localdomain
realm: localdomain
listen_on: 127.0.0.4
load_extension:
- module: @freediameter_extensions_builddir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @freediameter_extensions_builddir@/dict_rfc5777.fdx
- module: @freediameter_extensions_builddir@/dict_mip6i.fdx
- module: @freediameter_extensions_builddir@/dict_nasreq.fdx
- module: @freediameter_extensions_builddir@/dict_nas_mipv6.fdx
- module: @freediameter_extensions_builddir@/dict_dcca.fdx
- module: @freediameter_extensions_builddir@/dict_dcca_3gpp.fdx
connect:
- identity: mme.localdomain
addr: 127.0.0.2
sgw:
gtpc:
addr: 127.0.0.2
gtpu:
addr: 127.0.0.2
pgw:
freeDiameter:
identity: pgw.localdomain
realm: localdomain
listen_on: 127.0.0.3
load_extension:
- module: @freediameter_extensions_builddir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @freediameter_extensions_builddir@/dict_rfc5777.fdx
- module: @freediameter_extensions_builddir@/dict_mip6i.fdx
- module: @freediameter_extensions_builddir@/dict_nasreq.fdx
- module: @freediameter_extensions_builddir@/dict_nas_mipv6.fdx
- module: @freediameter_extensions_builddir@/dict_dcca.fdx
- module: @freediameter_extensions_builddir@/dict_dcca_3gpp.fdx
connect:
connect:
- identity: pcrf.localdomain
addr: 127.0.0.5
gtpc:
- addr:
- 127.0.0.3
- ::1
- addr:
- 127.0.0.4
apn: starent.com
gtpu:
- addr: 127.0.0.3
- addr: ::1
ue_pool:
- addr: 10.45.0.1/16
- addr: cafe::1/64
dns:
- 8.8.8.8
- 8.8.4.4
- 2001:4860:4860::8888
- 2001:4860:4860::8844
mtu: 1400
pcrf:
freeDiameter:
identity: pcrf.localdomain
realm: localdomain
listen_on: 127.0.0.5
load_extension:
- module: @freediameter_extensions_builddir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @freediameter_extensions_builddir@/dict_rfc5777.fdx
- module: @freediameter_extensions_builddir@/dict_mip6i.fdx
- module: @freediameter_extensions_builddir@/dict_nasreq.fdx
- module: @freediameter_extensions_builddir@/dict_nas_mipv6.fdx
- module: @freediameter_extensions_builddir@/dict_dcca.fdx
- module: @freediameter_extensions_builddir@/dict_dcca_3gpp.fdx
connect:
- identity: pgw.localdomain
addr: 127.0.0.3

View File

@@ -1,8 +1,16 @@
# truncate rails logs every day at midnight, keep 14 previous logs, compress previous logs
#
# logfilename [owner:group] mode count size when flags [/pid_file] [sig_num]
@localstatedir@/log/open5gs/pcrf.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-pcrfd/pid`
@localstatedir@/log/open5gs/pgw.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-pgwd/pid`
@localstatedir@/log/open5gs/sgw.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-sgwd/pid`
@localstatedir@/log/open5gs/nrf.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-nrfd/pid`
@localstatedir@/log/open5gs/scp.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-scpd/pid`
@localstatedir@/log/open5gs/pcrf.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-pcrfd/pid`
@localstatedir@/log/open5gs/hss.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-hssd/pid`
@localstatedir@/log/open5gs/ausf.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-ausfd/pid`
@localstatedir@/log/open5gs/udm.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-udmd/pid`
@localstatedir@/log/open5gs/udr.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-udrd/pid`
@localstatedir@/log/open5gs/upf.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-upfd/pid`
@localstatedir@/log/open5gs/sgwc.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-sgwcd/pid`
@localstatedir@/log/open5gs/sgwu.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-sgwud/pid`
@localstatedir@/log/open5gs/smf.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-smfd/pid`
@localstatedir@/log/open5gs/mme.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-mmed/pid`
@localstatedir@/log/open5gs/amf.log 644 14 * $D0 GZ @localstatedir@/run/open5gs-amfd/pid`

257
configs/non3gpp.yaml.in Normal file
View File

@@ -0,0 +1,257 @@
db_uri: mongodb://localhost/open5gs
logger:
sbi:
server:
no_tls: true
cacert: @build_configs_dir@/open5gs/tls/ca.crt
key: @build_configs_dir@/open5gs/tls/testserver.key
cert: @build_configs_dir@/open5gs/tls/testserver.crt
client:
no_tls: true
cacert: @build_configs_dir@/open5gs/tls/ca.crt
key: @build_configs_dir@/open5gs/tls/testclient.key
cert: @build_configs_dir@/open5gs/tls/testclient.crt
parameter:
# no_nrf: true
# no_scp: true
# no_amf: true
# no_smf: true
# no_upf: true
# no_ausf: true
# no_udm: true
# no_pcf: true
# no_nssf: true
# no_bsf: true
# no_udr: true
# no_mme: true
# no_sgwc: true
# no_sgwu: true
# no_pcrf: true
# no_hss: true
# use_mongodb_change_stream: true
mme:
freeDiameter:
identity: mme.localdomain
realm: localdomain
listen_on: 127.0.0.2
no_fwd: true
load_extension:
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: hss.localdomain
addr: 127.0.0.8
s1ap:
- addr: 127.0.0.2
gtpc:
- addr: 127.0.0.2
gummei:
plmn_id:
mcc: 999
mnc: 70
mme_gid: 2
mme_code: 1
tai:
plmn_id:
mcc: 999
mnc: 70
tac: 1
security:
integrity_order : [ EIA2, EIA1, EIA0 ]
ciphering_order : [ EEA0, EEA1, EEA2 ]
network_name:
full: Open5GS
sgwc:
gtpc:
- addr: 127.0.0.3
pfcp:
- addr: 127.0.0.3
smf:
sbi:
- addr: 127.0.0.4
port: 7777
pfcp:
- addr: 127.0.0.4
gtpc:
- addr: 127.0.0.4
- addr: ::1
gtpu:
- addr: 127.0.0.4
- addr: ::1
subnet:
- addr: 10.45.0.1/16
- addr: 2001:db8:cafe::1/48
dns:
- 8.8.8.8
- 8.8.4.4
- 2001:4860:4860::8888
- 2001:4860:4860::8844
mtu: 1400
freeDiameter:
identity: smf.localdomain
realm: localdomain
listen_on: 127.0.0.4
no_fwd: true
load_extension:
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: pcrf.localdomain
addr: 127.0.0.9
- identity: aaa.localdomain
addr: 127.0.0.1
amf:
sbi:
- addr: 127.0.0.5
port: 7777
ngap:
- addr: 127.0.0.5
guami:
- plmn_id:
mcc: 999
mnc: 70
amf_id:
region: 2
set: 1
tai:
- plmn_id:
mcc: 999
mnc: 70
tac: 1
plmn_support:
- plmn_id:
mcc: 999
mnc: 70
s_nssai:
- sst: 1
security:
integrity_order : [ NIA2, NIA1, NIA0 ]
ciphering_order : [ NEA0, NEA1, NEA2 ]
network_name:
full: Open5GS
amf_name: open5gs-amf0
sgwu:
pfcp:
- addr: 127.0.0.6
gtpu:
- addr: 127.0.0.6
upf:
pfcp:
- addr: 127.0.0.7
gtpu:
- addr: 127.0.0.7
subnet:
- addr: 10.45.0.1/16
- addr: 2001:db8:cafe::1/48
metrics:
- addr: 127.0.0.7
port: 9090
hss:
freeDiameter:
identity: hss.localdomain
realm: localdomain
listen_on: 127.0.0.8
no_fwd: true
load_extension:
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: mme.localdomain
addr: 127.0.0.2
- identity: aaa.localdomain
addr: 127.0.0.1
pcrf:
freeDiameter:
identity: pcrf.localdomain
realm: localdomain
listen_on: 127.0.0.9
no_fwd: true
load_extension:
- module: @build_subprojects_freeDiameter_extensions_dir@/dbg_msg_dumps.fdx
conf: 0x8888
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_rfc5777.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_mip6i.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nasreq.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_nas_mipv6.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca.fdx
- module: @build_subprojects_freeDiameter_extensions_dir@/dict_dcca_3gpp/dict_dcca_3gpp.fdx
connect:
- identity: smf.localdomain
addr: 127.0.0.4
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
ausf:
sbi:
- addr: 127.0.0.11
port: 7777
udm:
sbi:
- addr: 127.0.0.12
port: 7777
pcf:
sbi:
- addr: 127.0.0.13
port: 7777
metrics:
- addr: 127.0.0.13
port: 9090
nssf:
sbi:
- addr: 127.0.0.14
port: 7777
nsi:
- addr: 127.0.0.10
port: 7777
s_nssai:
sst: 1
bsf:
sbi:
- addr: 127.0.0.15
port: 7777
udr:
sbi:
- addr: 127.0.0.20
port: 7777
time:
t3512:
value: 540 # 9 mintues * 60 = 540 seconds

714
configs/open5gs/amf.yaml.in Normal file
View File

@@ -0,0 +1,714 @@
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/amf.log
#
# o TLS enable/disable
# sbi:
# server|client:
# no_tls: false|true
# - false: (Default) Use TLS
# - true: TLS disabled
#
# o Verification enable/disable
# sbi:
# server|client:
# no_verify: false|true
# - false: (Default) Verify the PEER
# - true: Skip the verification step
#
# o Server-side does not use TLS
# sbi:
# server:
# no_tls: true
#
# o Client-side skips the verification step
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
#
# o Use the specified certificate while verifying the client
# sbi:
# server
# cacert: /etc/open5gs/tls/ca.crt
#
# o Use the specified certificate while verifying the server
# sbi:
# client
# cacert: /etc/open5gs/tls/ca.crt
#
sbi:
server:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/amf.key
cert: @sysconfdir@/open5gs/tls/amf.crt
client:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/amf.key
cert: @sysconfdir@/open5gs/tls/amf.crt
#
# <SBI Server>
#
# o SBI Server(http://<all address available>:80)
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
#
# o SBI Server(http://<any address>:7777)
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
# - addr:
# - 0.0.0.0
# - ::0
# port: 7777
#
# o SBI Server(https://<all address available>:443)
# sbi:
# server:
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# amf:
# sbi:
#
# o SBI Server(https://127.0.0.5:443, https://[::1]:443) without verification
# sbi:
# server:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# amf:
# sbi:
# - addr: 127.0.0.5
# - addr: ::1
#
# o SBI Server(https://amf.open5gs.org:443)
# Use the specified certificate while verifying the client
#
# sbi:
# server:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# amf:
# sbi:
# - name: amf.open5gs.org
#
# o SBI Server(http://127.0.0.5:7777)
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
# - addr: 127.0.0.5
# port: 7777
#
# o SBI Server(http://<eth0 IP address>:80)
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
# - dev: eth0
#
# o Provide custom SBI address to be advertised to NRF
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
# - dev: eth0
# advertise: open5gs-amf.svc.local
#
# o Another example of advertising on NRF
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
# - addr: localhost
# advertise:
# - 127.0.0.99
# - ::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
# addr: 127.0.0.5
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
# <NF Service>
#
# o NF Service Name(Default : all NF services available)
# amf:
# service_name:
#
# o NF Service Name(Only some NF services are available)
# amf:
# service_name:
# - namf-comm
#
# <NF Discovery Query Parameter>
#
# o (Default) If you do not set Query Parameter as shown below,
#
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
# - addr: 127.0.0.5
# port: 7777
#
# - 'service-names' is included.
#
# o Service-Names are not included
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
# - addr: 127.0.0.5
# port: 7777
# discovery:
# option:
# no_service_names: false
#
# o To remove 'service-names' from URI query parameters in NS Discovery
# no_service_names: true
#
# * For Indirect Communication with Delegated Discovery,
# 'service-names' is always included in the URI query parameter.
# * That is, 'no_service_names' has no effect.
#
# <For Indirect Communication with Delegated Discovery>
#
# o (Default) If you do not set Delegated Discovery as shown below,
#
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
# - addr: 127.0.0.5
# port: 7777
#
# - Use SCP if SCP avaiable. Otherwise NRF is used.
# => App fails if both NRF and SCP are unavailable.
#
# sbi:
# server:
# no_tls: true
# amf:
# sbi:
# - addr: 127.0.0.5
# port: 7777
# discovery:
# delegated: auto
#
# o To use SCP always => App fails if no SCP available.
# delegated: yes
#
# o Don't use SCP server => App fails if no NRF available.
# delegated: no
#
# <NGAP Server>>
#
# o NGAP Server(all address available)
# amf:
# ngap:
#
# o NGAP Server(0.0.0.0:38412)
# amf:
# ngap:
# addr: 0.0.0.0
#
# o NGAP Server(127.0.0.5:38412, [::1]:38412)
# amf:
# ngap:
# - addr: 127.0.0.5
# - addr: ::1
#
# o NGAP Server(different port)
# amf:
# ngap:
# - addr: 127.0.0.5
# port: 38413
#
# o NGAP Server(address available in `eth0` interface)
# amf:
# ngap:
# dev: eth0
#
# o NGAP Option (Default)
# - sctp_nodelay : true
# - so_linger.l_onoff : false
#
# amf:
# ngap:
# addr: 127.0.0.5
# option:
# stcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
# o NGAP SCTP Option (Default)
# - spp_hbinterval : 5000 (5secs)
# - spp_sackdelay : 200 (200ms)
# - srto_initial : 3000 (3secs)
# - srto_min : 1000 (1sec)
# - srto_max : 5000 (5secs)
# - sinit_num_ostreams : 30
# - sinit_max_instreams : 65535
# - sinit_max_attempts : 4
# - sinit_max_init_timeo : 8000(8secs)
#
# amf:
# ngap:
# addr: 127.0.0.5
# option:
# sctp:
# spp_hbinterval : 5000
# spp_sackdelay : 200
# srto_initial : 3000
# srto_min : 1000
# srto_max : 5000
# sinit_num_ostreams : 30
# sinit_max_instreams : 65535
# sinit_max_attempts : 4
# sinit_max_init_timeo : 8000
#
# <Metrics Server>
#
# o Metrics Server(http://<any address>:9090)
# amf:
# metrics:
# - addr: 0.0.0.0
# port: 9090
#
# <GUAMI>
#
# o Multiple GUAMI
# amf:
# guami:
# - plmn_id:
# mcc: 999
# mnc: 70
# amf_id:
# region: 2
# set: 1
# pointer: 4
# - plmn_id:
# mcc: 001
# mnc: 01
# amf_id:
# region: 5
# set: 2
#
# <TAI>
#
# o Multiple TAI
#
# When multiple TAIs are configured as shown below,
# the Served TAI is determined by comparing UserLocationInformation
# of UplinkNASTransport sent from gNB.
#
# For example, if the gNB sends TAC with 30 to the AMF,
# the fourth TAI (TAC: 20, 28, 29-32, 36-38, 40-42, 50, 60, 70, 70)
# is determined as the Served TAI. The result is transmitted to the gNB
# as a Tracking Area identity List in Registration Accept.
#
# amf:
# tai:
# - plmn_id:
# mcc: 001
# mnc: 01
# tac: [1, 3, 5]
# tai:
# - plmn_id:
# mcc: 002
# mnc: 02
# tac: [6-10, 15-18]
# tai:
# - plmn_id:
# mcc: 003
# mnc: 03
# tac: 20
# - plmn_id:
# mcc: 004
# mnc: 04
# tac: 21
# tai:
# - plmn_id:
# mcc: 005
# mnc: 05
# tac: [22, 28]
# - plmn_id:
# mcc: 006
# mnc: 06
# tac: [30-32, 34, 36-38, 40-42, 44, 46, 48]
# - plmn_id:
# mcc: 007
# mnc: 07
# tac: 50
# - plmn_id:
# mcc: 008
# mnc: 08
# tac: 60
# - plmn_id:
# mcc: 009
# mnc: 09
# tac: [70, 80]
#
# <PLMN Support>
#
# o Multiple PLMN Support
# amf:
# plmn_support:
# - plmn_id:
# mcc: 999
# mnc: 70
# s_nssai:
# - sst: 1
# sd: 010000
# - plmn_id:
# mcc: 999
# mnc: 70
# s_nssai:
# - sst: 1
#
#
# <Access Control>
#
# If access_control is not specified, then all networks are allowed
# If access_control is defined,
# no other networks are allowed other than matching plmn_id.
#
# default_reject_cause may be used to overwrite the default error cause #11
# for non matching plmn_id
#
# for matching plmn_id with reject_cause defined,
# the AMF rejects access with the reject_cause error cause
#
# for matching plmn_id without reject_cause defined,
# the AMF accepts the PLMN traffic
#
# o The example below only accepts 002/02 and 999/70 PLMNs.
# 001/01 is rejected with cause 15,
# and the rest of the PLMNs are rejected with default cause 13.
#
# amf:
# access_control:
# - default_reject_cause: 13
# - plmn_id:
# reject_cause: 15
# mcc: 001
# mnc: 01
# - plmn_id:
# mcc: 002
# mnc: 02
# - plmn_id:
# mcc: 999
# mnc: 70
#
#
# <Network Name>
#
# amf:
# network_name:
# full: Open5GS
# short: Next
#
# <AMF Name>
#
# amf:
# amf_name: amf1.open5gs.amf.5gc.mnc70.mcc999.3gppnetwork.org
#
# <Relative Capacity> - Default(255)
#
# amf:
# relative_capacity: 100
#
amf:
sbi:
- addr: 127.0.0.5
port: 7777
ngap:
- addr: 127.0.0.5
metrics:
- addr: 127.0.0.5
port: 9090
guami:
- plmn_id:
mcc: 999
mnc: 70
amf_id:
region: 2
set: 1
tai:
- plmn_id:
mcc: 999
mnc: 70
tac: 1
plmn_support:
- plmn_id:
mcc: 999
mnc: 70
s_nssai:
- sst: 1
security:
integrity_order : [ NIA2, NIA1, NIA0 ]
ciphering_order : [ NEA0, NEA1, NEA2 ]
network_name:
full: Open5GS
amf_name: open5gs-amf0
#
# <SBI Client>>
#
# o SBI Client(http://127.0.1.10:7777)
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# port: 7777
#
# o SBI Client(https://127.0.1.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - addr: 127.0.1.10
# - addr: ::1
#
# o SBI Client(https://scp.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - name: scp.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fb::1]:80)
# If prefer_ipv4 is true, http://127.0.1.10:80 is selected.
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr:
# - 127.0.1.10
# - fd69:f21d:873c:fb::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#
scp:
sbi:
- addr: 127.0.1.10
port: 7777
#
# <SBI Client>>
#
# o SBI Client(http://127.0.0.10:7777)
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# port: 7777
#
# o SBI Client(https://127.0.0.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - addr: 127.0.0.10
# - addr: ::1
#
# o SBI Client(https://nrf.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - name: nrf.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fa::1]:80)
# If prefer_ipv4 is true, http://127.0.0.10:80 is selected.
#
# sbi:
# addr:
# - 127.0.0.10
# - fd69:f21d:873c:fa::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#nrf:
# sbi:
# - addr:
# - 127.0.0.10
# - ::1
# port: 7777
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:
#
# usrsctp:
# udp_port : 9899
#
usrsctp:
#
# o NF Instance Heartbeat (Default : 0)
# NFs will not send heart-beat timer in NFProfile
# NRF will send heart-beat timer in NFProfile
# (Default values are used, so no configuration is required)
#
# o NF Instance Heartbeat (20 seconds)
# NFs will send heart-beat timer (20 seconds) in NFProfile
# NRF can change heart-beat timer in NFProfile
#
# time:
# nf_instance:
# heartbeat: 20
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
#
# o Handover Wait Duration (Default : 300 ms)
# Time to wait for AMF to send UEContextReleaseCommand
# to the source gNB after receiving HandoverNotify
# (Default values are used, so no configuration is required)
#
# o Handover Wait Duration (500ms)
# time:
# handover:
# duration: 500
#
# o Timers of 5GS mobility/session management
# time:
# t3502:
# value: 720 # 12 minutes * 60 = 720 seconds
# t3512:
# value: 3240 # 54 minutes * 60 = 3240 seconds
#
time:
t3512:
value: 540 # 9 mintues * 60 = 540 seconds

View File

@@ -0,0 +1,441 @@
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/ausf.log
#
# o TLS enable/disable
# sbi:
# server|client:
# no_tls: false|true
# - false: (Default) Use TLS
# - true: TLS disabled
#
# o Verification enable/disable
# sbi:
# server|client:
# no_verify: false|true
# - false: (Default) Verify the PEER
# - true: Skip the verification step
#
# o Server-side does not use TLS
# sbi:
# server:
# no_tls: true
#
# o Client-side skips the verification step
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
#
# o Use the specified certificate while verifying the client
# sbi:
# server
# cacert: /etc/open5gs/tls/ca.crt
#
# o Use the specified certificate while verifying the server
# sbi:
# client
# cacert: /etc/open5gs/tls/ca.crt
#
sbi:
server:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/ausf.key
cert: @sysconfdir@/open5gs/tls/ausf.crt
client:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/ausf.key
cert: @sysconfdir@/open5gs/tls/ausf.crt
#
# <SBI Server>
#
# o SBI Server(http://<all address available>:80)
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
#
# o SBI Server(http://<any address>:7777)
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
# - addr:
# - 0.0.0.0
# - ::0
# port: 7777
#
# o SBI Server(https://<all address available>:443)
# sbi:
# server:
# key: /etc/open5gs/tls/ausf.key
# cert: /etc/open5gs/tls/ausf.crt
# ausf:
# sbi:
#
# o SBI Server(https://127.0.0.11:443, https://[::1]:443) without verification
# sbi:
# server:
# no_verify: true
# key: /etc/open5gs/tls/ausf.key
# cert: /etc/open5gs/tls/ausf.crt
# ausf:
# sbi:
# - addr: 127.0.0.11
# - addr: ::1
#
# o SBI Server(https://ausf.open5gs.org:443)
# Use the specified certificate while verifying the client
#
# sbi:
# server:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/ausf.key
# cert: /etc/open5gs/tls/ausf.crt
# ausf:
# sbi:
# - name: ausf.open5gs.org
#
# o SBI Server(http://127.0.0.11:7777)
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
# - addr: 127.0.0.11
# port: 7777
#
# o SBI Server(http://<eth0 IP address>:80)
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
# - dev: eth0
#
# o Provide custom SBI address to be advertised to NRF
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
# - dev: eth0
# advertise: open5gs-ausf.svc.local
#
# o Another example of advertising on NRF
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
# - addr: localhost
# advertise:
# - 127.0.0.99
# - ::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
# addr: 127.0.0.11
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
# <NF Service>
#
# o NF Service Name(Default : all NF services available)
# ausf:
# service_name:
#
# o NF Service Name(Only some NF services are available)
# ausf:
# service_name:
# - nausf-auth
#
# <NF Discovery Query Parameter>
#
# o (Default) If you do not set Query Parameter as shown below,
#
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
# - addr: 127.0.0.11
# port: 7777
#
# - 'service-names' is included.
#
# o Service-Names are not included
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
# - addr: 127.0.0.11
# port: 7777
# discovery:
# option:
# no_service_names: false
#
# o To remove 'service-names' from URI query parameters in NS Discovery
# no_service_names: true
#
# * For Indirect Communication with Delegated Discovery,
# 'service-names' is always included in the URI query parameter.
# * That is, 'no_service_names' has no effect.
#
# <For Indirect Communication with Delegated Discovery>
#
# o (Default) If you do not set Delegated Discovery as shown below,
#
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
# - addr: 127.0.0.11
# port: 7777
#
# - Use SCP if SCP avaiable. Otherwise NRF is used.
# => App fails if both NRF and SCP are unavailable.
#
# sbi:
# server:
# no_tls: true
# ausf:
# sbi:
# - addr: 127.0.0.11
# port: 7777
# discovery:
# delegated: auto
#
# o To use SCP always => App fails if no SCP available.
# delegated: yes
#
# o Don't use SCP server => App fails if no NRF available.
# delegated: no
#
ausf:
sbi:
- addr: 127.0.0.11
port: 7777
#
# <SBI Client>>
#
# o SBI Client(http://127.0.1.10:7777)
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# port: 7777
#
# o SBI Client(https://127.0.1.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - addr: 127.0.1.10
# - addr: ::1
#
# o SBI Client(https://scp.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - name: scp.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fb::1]:80)
# If prefer_ipv4 is true, http://127.0.1.10:80 is selected.
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr:
# - 127.0.1.10
# - fd69:f21d:873c:fb::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#
scp:
sbi:
- addr: 127.0.1.10
port: 7777
#
# <SBI Client>>
#
# o SBI Client(http://127.0.0.10:7777)
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# port: 7777
#
# o SBI Client(https://127.0.0.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - addr: 127.0.0.10
# - addr: ::1
#
# o SBI Client(https://nrf.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - name: nrf.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fa::1]:80)
# If prefer_ipv4 is true, http://127.0.0.10:80 is selected.
#
# sbi:
# addr:
# - 127.0.0.10
# - fd69:f21d:873c:fa::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#nrf:
# sbi:
# - addr:
# - 127.0.0.10
# - ::1
# port: 7777
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:
#
# o NF Instance Heartbeat (Default : 0)
# NFs will not send heart-beat timer in NFProfile
# NRF will send heart-beat timer in NFProfile
# (Default values are used, so no configuration is required)
#
# o NF Instance Heartbeat (20 seconds)
# NFs will send heart-beat timer (20 seconds) in NFProfile
# NRF can change heart-beat timer in NFProfile
#
# time:
# nf_instance:
# heartbeat: 20
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
time:

441
configs/open5gs/bsf.yaml.in Normal file
View File

@@ -0,0 +1,441 @@
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/bsf.log
#
# o TLS enable/disable
# sbi:
# server|client:
# no_tls: false|true
# - false: (Default) Use TLS
# - true: TLS disabled
#
# o Verification enable/disable
# sbi:
# server|client:
# no_verify: false|true
# - false: (Default) Verify the PEER
# - true: Skip the verification step
#
# o Server-side does not use TLS
# sbi:
# server:
# no_tls: true
#
# o Client-side skips the verification step
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
#
# o Use the specified certificate while verifying the client
# sbi:
# server
# cacert: /etc/open5gs/tls/ca.crt
#
# o Use the specified certificate while verifying the server
# sbi:
# client
# cacert: /etc/open5gs/tls/ca.crt
#
sbi:
server:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/bsf.key
cert: @sysconfdir@/open5gs/tls/bsf.crt
client:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/bsf.key
cert: @sysconfdir@/open5gs/tls/bsf.crt
#
# <SBI Server>
#
# o SBI Server(http://<all address available>:80)
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
#
# o SBI Server(http://<any address>:7777)
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
# - addr:
# - 0.0.0.0
# - ::0
# port: 7777
#
# o SBI Server(https://<all address available>:443)
# sbi:
# server:
# key: /etc/open5gs/tls/bsf.key
# cert: /etc/open5gs/tls/bsf.crt
# bsf:
# sbi:
#
# o SBI Server(https://127.0.0.15:443, https://[::1]:443) without verification
# sbi:
# server:
# no_verify: true
# key: /etc/open5gs/tls/bsf.key
# cert: /etc/open5gs/tls/bsf.crt
# bsf:
# sbi:
# - addr: 127.0.0.15
# - addr: ::1
#
# o SBI Server(https://bsf.open5gs.org:443)
# Use the specified certificate while verifying the client
#
# sbi:
# server:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/bsf.key
# cert: /etc/open5gs/tls/bsf.crt
# bsf:
# sbi:
# - name: bsf.open5gs.org
#
# o SBI Server(http://127.0.0.15:7777)
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
# - addr: 127.0.0.15
# port: 7777
#
# o SBI Server(http://<eth0 IP address>:80)
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
# - dev: eth0
#
# o Provide custom SBI address to be advertised to NRF
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
# - dev: eth0
# advertise: open5gs-bsf.svc.local
#
# o Another example of advertising on NRF
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
# - addr: localhost
# advertise:
# - 127.0.0.99
# - ::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
# addr: 127.0.0.15
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
# <NF Service>
#
# o NF Service Name(Default : all NF services available)
# bsf:
# service_name:
#
# o NF Service Name(Only some NF services are available)
# bsf:
# service_name:
# - nbsf-management
#
# <NF Discovery Query Parameter>
#
# o (Default) If you do not set Query Parameter as shown below,
#
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
# - addr: 127.0.0.15
# port: 7777
#
# - 'service-names' is included.
#
# o Service-Names are not included
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
# - addr: 127.0.0.15
# port: 7777
# discovery:
# option:
# no_service_names: false
#
# o To remove 'service-names' from URI query parameters in NS Discovery
# no_service_names: true
#
# * For Indirect Communication with Delegated Discovery,
# 'service-names' is always included in the URI query parameter.
# * That is, 'no_service_names' has no effect.
#
# <For Indirect Communication with Delegated Discovery>
#
# o (Default) If you do not set Delegated Discovery as shown below,
#
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
# - addr: 127.0.0.15
# port: 7777
#
# - Use SCP if SCP avaiable. Otherwise NRF is used.
# => App fails if both NRF and SCP are unavailable.
#
# sbi:
# server:
# no_tls: true
# bsf:
# sbi:
# - addr: 127.0.0.15
# port: 7777
# discovery:
# delegated: auto
#
# o To use SCP always => App fails if no SCP available.
# delegated: yes
#
# o Don't use SCP server => App fails if no NRF available.
# delegated: no
#
bsf:
sbi:
- addr: 127.0.0.15
port: 7777
#
# <SBI Client>>
#
# o SBI Client(http://127.0.1.10:7777)
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# port: 7777
#
# o SBI Client(https://127.0.1.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - addr: 127.0.1.10
# - addr: ::1
#
# o SBI Client(https://scp.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - name: scp.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fb::1]:80)
# If prefer_ipv4 is true, http://127.0.1.10:80 is selected.
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr:
# - 127.0.1.10
# - fd69:f21d:873c:fb::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#
scp:
sbi:
- addr: 127.0.1.10
port: 7777
#
# <SBI Client>>
#
# o SBI Client(http://127.0.0.10:7777)
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# port: 7777
#
# o SBI Client(https://127.0.0.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - addr: 127.0.0.10
# - addr: ::1
#
# o SBI Client(https://nrf.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - name: nrf.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fa::1]:80)
# If prefer_ipv4 is true, http://127.0.0.10:80 is selected.
#
# sbi:
# addr:
# - 127.0.0.10
# - fd69:f21d:873c:fa::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#nrf:
# sbi:
# - addr:
# - 127.0.0.10
# - ::1
# port: 7777
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:
#
# o NF Instance Heartbeat (Default : 0)
# NFs will not send heart-beat timer in NFProfile
# NRF will send heart-beat timer in NFProfile
# (Default values are used, so no configuration is required)
#
# o NF Instance Heartbeat (20 seconds)
# NFs will send heart-beat timer (20 seconds) in NFProfile
# NRF can change heart-beat timer in NFProfile
#
# time:
# nf_instance:
# heartbeat: 20
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
time:

View File

@@ -0,0 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VuBCIEIBDJxn6GGlYloduPaEEjiW2bNQYZnT3xlo4HtshEi7FH
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VuBCIEIFAK2WjCQjB8TU7COXwdIKVhKGjPa+SJuyOVObjfW9hM
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VuBCIEIHh8rsYF8otbnyb8bcrhD1AAV5C9iBtjTlYJY3k5k0dt
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,38 @@
# Copyright (C) 2022 by Sukchan Lee <acetcom@gmail.com>
# This file is part of Open5GS.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
hnet_sysconfdir = join_paths(open5gs_sysconfdir, 'hnet')
meson.add_install_script(python3_exe, '-c',
mkdir_p.format(hnet_sysconfdir))
hnet_security = '''
curve25519-1.key
secp256r1-2.key
curve25519-3.key
secp256r1-4.key
curve25519-5.key
secp256r1-6.key
'''.split()
foreach file : hnet_security
gen = configure_file(
input : file,
output : file,
configuration : conf_data)
meson.add_install_script(python3_exe, '-c',
install_conf.format(gen, hnet_sysconfdir))
endforeach

View File

@@ -0,0 +1,8 @@
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIHSp+RhHH1bzvv2lxR1zij+U9aUtS8nbl5n1Il+8zd5BoAoGCCqGSM49
AwEHoUQDQgAEre/NExfRzoVi7CW5G0gAEg4SNtbiZh6kI1qE48hdokS8QqWUz1YS
9J6PvihX2OSZ+RMixzf8zxu9tuTUJKgKlQ==
-----END EC PRIVATE KEY-----

View File

@@ -0,0 +1,8 @@
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIAGZvsOAU0YMHhBK33hRkGMPkA3Xefq5b5hPQD6qnf5goAoGCCqGSM49
AwEHoUQDQgAEdXfTAGY+0ibQoO9bfmk7+M/l//BiMzO6lNIUEMSj1k3k9SQPygGY
jAuUHpVM4Uo6cWxuyurEn8pWn1vF3tVhbg==
-----END EC PRIVATE KEY-----

View File

@@ -0,0 +1,8 @@
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIG3VKSXh/3WK0HzCkN1DgeUjF7TSLgAUyMn/WGHsxrZ3oAoGCCqGSM49
AwEHoUQDQgAENU1ibHe7oWu4m6M8P0XoA78ZNKtdIsJgVU0nCk/c5sC3V+/4GuxU
owtbASEXQZg4SGvts+1Yqz0p4WwCAAcwpQ==
-----END EC PRIVATE KEY-----

View File

@@ -1,9 +1,63 @@
db_uri: mongodb://localhost/open5gs
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/hss.log
parameter:
hss:
freeDiameter: @sysconfdir@/freeDiameter/hss.conf
#
# hss:
# sms_over_ims: "sip:smsc.mnc001.mcc001.3gppnetwork.org:7060;transport=tcp"
#
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
# o Use MongoDB Change Stream
# parameter:
# use_mongodb_change_stream: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:

View File

@@ -21,10 +21,21 @@ meson.add_install_script(python3_exe, '-c',
open5gs_conf = '''
mme.yaml
sgwc.yaml
sgwu.yaml
smf.yaml
amf.yaml
upf.yaml
hss.yaml
sgw.yaml
pgw.yaml
pcrf.yaml
nrf.yaml
scp.yaml
ausf.yaml
udm.yaml
udr.yaml
pcf.yaml
nssf.yaml
bsf.yaml
'''.split()
foreach file : open5gs_conf
@@ -35,3 +46,6 @@ foreach file : open5gs_conf
meson.add_install_script(python3_exe, '-c',
install_conf.format(gen, open5gs_sysconfdir))
endforeach
subdir('tls')
subdir('hnet')

View File

@@ -1,35 +1,518 @@
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/mme.log
parameter:
#
# <S1AP Server>>
#
# o S1AP Server(all address available)
# mme:
# s1ap:
#
# o S1AP Server(0.0.0.0:36412)
# mme:
# s1ap:
# addr: 0.0.0.0
#
# o S1AP Server(127.0.0.2:36412, [::1]:36412)
# mme:
# s1ap:
# - addr: 127.0.0.2
# - addr: ::1
#
# o S1AP Server(different port)
# mme:
# s1ap:
# - addr: 127.0.0.2
# port: 36413
#
# o S1AP Server(address available in `eth0` interface)
# mme:
# s1ap:
# dev: eth0
#
# o S1AP Option (Default)
# - sctp_nodelay : true
# - so_linger.l_onoff : false
#
# mme:
# s1ap:
# addr: 127.0.0.2
# option:
# stcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
# o S1AP SCTP Option (Default)
# - spp_hbinterval : 5000 (5secs)
# - spp_sackdelay : 200 (200ms)
# - srto_initial : 3000 (3secs)
# - srto_min : 1000 (1sec)
# - srto_max : 5000 (5secs)
# - sinit_num_ostreams : 30
# - sinit_max_instreams : 65535
# - sinit_max_attempts : 4
# - sinit_max_init_timeo : 8000(8secs)
#
# mme:
# s1ap:
# addr: 127.0.0.2
# option:
# sctp:
# spp_hbinterval : 5000
# spp_sackdelay : 200
# srto_initial : 3000
# srto_min : 1000
# srto_max : 5000
# sinit_num_ostreams : 30
# sinit_max_instreams : 65535
# sinit_max_attempts : 4
# sinit_max_init_timeo : 8000
#
# <GTP-C Server>>
#
# o GTP-C Server(all address available)
# mme:
# gtpc:
#
# o GTP-C Server(127.0.0.2:2123, [::1]:2123)
# mme:
# gtpc:
# - addr: 127.0.0.2
# - addr: ::1
#
# <SGsAP>
#
# o Single MSC/VLR(127.0.0.2)
# mme:
# sgsap:
# addr: 127.0.0.2
# map:
# tai:
# plmn_id:
# mcc: 001
# mnc: 01
# tac: 4130
# lai:
# plmn_id:
# mcc: 001
# mnc: 01
# lac: 43690
# map:
# tai:
# plmn_id:
# mcc: 002
# mnc: 02
# tac: 4132
# lai:
# plmn_id:
# mcc: 002
# mnc: 02
# lac: 43692
#
# o Multiple MSC/VLR
# mme:
# sgsap:
# - addr: 127.0.0.2
# port: 29119
# map:
# tai:
# plmn_id:
# mcc: 001
# mnc: 01
# tac: 4131
# lai:
# plmn_id:
# mcc: 001
# mnc: 01
# lac: 43691
# map:
# tai:
# plmn_id:
# mcc: 002
# mnc: 02
# tac: 4132
# lai:
# plmn_id:
# mcc: 002
# mnc: 02
# lac: 43692
# - addr
# - 127.0.0.4
# - fd69:f21d:873c:fa::2
# map:
# tai:
# plmn_id:
# mcc: 001
# mnc: 01
# tac: 4132
# lai:
# plmn_id:
# mcc: 002
# mnc: 02
# lac: 43692
# - name: msc.open5gs.org
# map:
# tai:
# plmn_id:
# mcc: 001
# mnc: 01
# tac: 4133
# lai:
# plmn_id:
# mcc: 002
# mnc: 02
# lac: 43693
#
# <Metrics Server>
#
# o Metrics Server(http://<any address>:9090)
# mme:
# metrics:
# - addr: 0.0.0.0
# port: 9090
#
# <GUMMEI>
#
# o Multiple GUMMEI
# mme:
# gummei:
# - plmn_id:
# mcc: 001
# mnc: 01
# mme_gid: 2
# mme_code: 1
# - plmn_id:
# - mcc: 002
# mnc: 02
# - mcc: 003
# mnc: 03
# mme_gid: [3, 4]
# mme_code:
# - 2
# - 3
#
#
# <TAI>
#
# o Multiple TAI
#
# When multiple TAIs are configured as shown below,
# the Served TAI is determined by comparing UserLocationInformation
# of UplinkNASTransport sent from eNB.
#
# For example, if the eNB sends TAC with 30 to the MME,
# the fourth TAI (TAC: 20, 28, 29-32, 36-38, 40-42, 50, 60, 70, 70)
# is determined as the Served TAI. The result is transmitted to the eNB
# as a Tracking Area identity List in Registration Accept.
#
# mme:
# tai:
# - plmn_id:
# mcc: 001
# mnc: 01
# tac: [1, 3, 5]
# tai:
# - plmn_id:
# mcc: 002
# mnc: 02
# tac: [6-10, 15-18]
# tai:
# - plmn_id:
# mcc: 003
# mnc: 03
# tac: 20
# - plmn_id:
# mcc: 004
# mnc: 04
# tac: 21
# tai:
# - plmn_id:
# mcc: 005
# mnc: 05
# tac: [22, 28]
# - plmn_id:
# mcc: 006
# mnc: 06
# tac: [30-32, 34, 36-38, 40-42, 44, 46, 48]
# - plmn_id:
# mcc: 007
# mnc: 07
# tac: 50
# - plmn_id:
# mcc: 008
# mnc: 08
# tac: 60
# - plmn_id:
# mcc: 009
# mnc: 09
# tac: [70, 80]
#
#
# <Access Control>
#
# If access_control is not specified, then all networks are allowed
# If access_control is defined,
# no other networks are allowed other than matching plmn_id.
#
# default_reject_cause may be used to overwrite the default error cause #11
# for non matching plmn_id
#
# for matching plmn_id with reject_cause defined,
# the MME rejects access with the reject_cause error cause
#
# for matching plmn_id without reject_cause defined,
# the MME accepts the PLMN traffic
#
# o The example below only accepts 002/02 and 999/70 PLMNs.
# 001/01 is rejected with cause 15,
# and the rest of the PLMNs are rejected with default cause 13.
#
# mme:
# access_control:
# - default_reject_cause: 13
# - plmn_id:
# reject_cause: 15
# mcc: 001
# mnc: 01
# - plmn_id:
# mcc: 002
# mnc: 02
# - plmn_id:
# mcc: 999
# mnc: 70
#
#
# <Network Name>
# mme:
# network_name:
# full: Open5GS
# short: Next
#
# <MME Name>
# mme:
# mme_name: open5gs-mme0
#
# <Relative Capacity> - Default(255)
# mme:
# relative_capacity: 100
#
mme:
freeDiameter: @sysconfdir@/freeDiameter/mme.conf
s1ap:
- addr: 127.0.0.2
gtpc:
gummei:
- addr: 127.0.0.2
metrics:
- addr: 127.0.0.2
port: 9090
gummei:
plmn_id:
mcc: 001
mnc: 01
mcc: 999
mnc: 70
mme_gid: 2
mme_code: 1
tai:
plmn_id:
mcc: 001
mnc: 01
tac: 12345
mcc: 999
mnc: 70
tac: 1
security:
integrity_order : [ EIA1, EIA2, EIA0 ]
integrity_order : [ EIA2, EIA1, EIA0 ]
ciphering_order : [ EEA0, EEA1, EEA2 ]
network_name:
full: Open5GS
mme_name: open5gs-mme0
sgw:
#
# <GTP-C Client>
#
# o Specify SGW addresses the GTP-C must connect to
#
# o One SGW is defined.
# If prefer_ipv4 is not true, [fd69:f21d:873c:fa::2] is selected.
# sgwc:
# gtpc:
# addr:
# - 127.0.0.3
# - fd69:f21d:873c:fa::2
#
# o Two SGW are defined. MME selects SGW with round-robin manner per UE
# sgwc:
# gtpc:
# - addr: 127.0.0.3
# - addr: fd69:f21d:873c:fa::2
#
# o Three SGW are defined. MME selects SGW with round-robin manner per UE
# sgwc:
# gtpc:
# - addr
# - 127.0.0.3
# - fd69:f21d:873c:fa::2
# - addr
# - 127.0.0.22
# - fd69:f21d:873c:fa::12
# - name: sgw3.open5gs.org
#
# <SGW Selection Mode>
#
# o Round-Robin
# sgwc:
# gtpc:
# addr: 127.0.0.3
# addr: 127.0.2.2
# addr: 127.0.4.2
#
# o SGW selection by eNodeB TAC
# (either single TAC or multiple TACs, DECIMAL representation)
#
# sgwc:
# gtpc:
# - addr: 127.0.0.3
# tac: 26000
# - addr: 127.0.2.2
# tac: [25000, 27000, 28000]
#
# o SGW selection by e_cell_id(28bit)
# (either single or multiple e_cell_id, HEX representation)
#
# sgwc:
# gtpc:
# - addr: 127.0.0.3
# e_cell_id: abcde01
# - addr: 127.0.2.2
# e_cell_id: [12345, a9413, 98765]
#
sgwc:
gtpc:
addr: 127.0.0.2
- addr: 127.0.0.3
pgw:
#
# smf:
#
# <GTP-C Client>
#
# o By default, the SMF uses the first SMF node.
# - To use a different APN for each SMF, specify gtpc.apn as the APN name.
# - If the HSS uses WebUI to set the SMF IP for each UE,
# you can use a specific SMF node for each UE.
# (Default values are used, so no configuration is required)
#
# o Two SMF are defined. 127.0.0.4:2123 is used.
# [fd69:f21d:873c:fa::3]:2123 is ignored.
# smf:
# gtpc:
# - addr: 127.0.0.4
# - addr: fd69:f21d:873c:fa::3
#
# o One SMF is defined. if prefer_ipv4 is not true,
# [fd69:f21d:873c:fa::3] is selected.
# smf:
# gtpc:
# - addr:
# - 127.0.0.4
# - fd69:f21d:873c:fa::3
#
# o Two SMF are defined with a different APN.
# - Note that if SMF IP for UE is configured in HSS,
# the following configurion for this UE is ignored.
# smf:
# gtpc:
# - addr: 127.0.0.4
# apn: internet
# - addr: 127.0.0.5
# apn: volte
#
# o If APN is omitted, the default APN uses the first SMF node.
# smf:
# gtpc:
# - addr: 127.0.0.4
# - addr: 127.0.0.5
# apn: volte
smf:
gtpc:
addr:
- 127.0.0.3
- addr:
- 127.0.0.4
- ::1
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:
#
# usrsctp:
# udp_port : 9899
#
usrsctp:
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
#
# o Handover Wait Duration (Default : 300 ms)
# Time to wait for MME to send UEContextReleaseCommand
# to the source eNB after receiving HandoverNotify
# (Default values are used, so no configuration is required)
#
# o Handover Wait Duration (500ms)
# time:
# handover:
# duration: 500
#
# o Timers of EPS mobility/session management
# time:
# t3402:
# value: 720 # 12 minutes * 60 = 720 seconds
# t3412:
# value: 3240 # 54 minutes * 60 = 3240 seconds
# t3423:
# value: 720 # 12 minutes * 60 = 720 seconds
time:

337
configs/open5gs/nrf.yaml.in Normal file
View File

@@ -0,0 +1,337 @@
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/nrf.log
#
# o TLS enable/disable
# sbi:
# server|client:
# no_tls: false|true
# - false: (Default) Use TLS
# - true: TLS disabled
#
# o Verification enable/disable
# sbi:
# server|client:
# no_verify: false|true
# - false: (Default) Verify the PEER
# - true: Skip the verification step
#
# o Server-side does not use TLS
# sbi:
# server:
# no_tls: true
#
# o Client-side skips the verification step
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
#
# o Use the specified certificate while verifying the client
# sbi:
# server
# cacert: /etc/open5gs/tls/ca.crt
#
# o Use the specified certificate while verifying the server
# sbi:
# client
# cacert: /etc/open5gs/tls/ca.crt
#
sbi:
server:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/nrf.key
cert: @sysconfdir@/open5gs/tls/nrf.crt
client:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/nrf.key
cert: @sysconfdir@/open5gs/tls/nrf.crt
#
# <SBI Server>
#
# o SBI Server(http://<all address available>:80)
# sbi:
# server:
# no_tls: true
# nrf:
# sbi:
#
# o SBI Server(http://<any address>:7777)
# sbi:
# server:
# no_tls: true
# nrf:
# sbi:
# - addr:
# - 0.0.0.0
# - ::0
# port: 7777
#
# o SBI Server(https://<all address available>:443)
# sbi:
# server:
# key: /etc/open5gs/tls/nrf.key
# cert: /etc/open5gs/tls/nrf.crt
# nrf:
# sbi:
#
# o SBI Server(https://127.0.0.10:443, https://[::1]:443) without verification
# sbi:
# server:
# no_verify: true
# key: /etc/open5gs/tls/nrf.key
# cert: /etc/open5gs/tls/nrf.crt
# nrf:
# sbi:
# - addr: 127.0.0.10
# - addr: ::1
#
# o SBI Server(https://nrf.open5gs.org:443)
# Use the specified certificate while verifying the client
#
# sbi:
# server:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/nrf.key
# cert: /etc/open5gs/tls/nrf.crt
# nrf:
# sbi:
# - name: nrf.open5gs.org
#
# o SBI Server(http://127.0.0.10:7777)
# sbi:
# server:
# no_tls: true
# nrf:
# sbi:
# - addr: 127.0.0.10
# port: 7777
#
# o SBI Server(http://<eth0 IP address>:80)
# sbi:
# server:
# no_tls: true
# nrf:
# sbi:
# - dev: eth0
#
# o Provide custom SBI address to be advertised to NRF
# sbi:
# server:
# no_tls: true
# nrf:
# sbi:
# - dev: eth0
# advertise: open5gs-nrf.svc.local
#
# o Another example of advertising on NRF
# sbi:
# server:
# no_tls: true
# nrf:
# sbi:
# - addr: localhost
# advertise:
# - 127.0.0.99
# - ::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# server:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
# <NF Service>
#
# o NF Service Name(Default : all NF services available)
# nrf:
# service_name:
#
# o NF Service Name(Only some NF services are available)
# nrf:
# service_name:
# - nnrf-nfm
# - nnrf-disc
#
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
#
# <SBI Client>>
#
# o SBI Client(http://127.0.1.10:7777)
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# port: 7777
#
# o SBI Client(https://127.0.1.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - addr: 127.0.1.10
# - addr: ::1
#
# o SBI Client(https://scp.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - name: scp.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fb::1]:80)
# If prefer_ipv4 is true, http://127.0.1.10:80 is selected.
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr:
# - 127.0.1.10
# - fd69:f21d:873c:fb::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#
scp:
sbi:
- addr: 127.0.1.10
port: 7777
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:
#
#
# o NF Instance Heartbeat (Default : 10 seconds)
# (Default values are used, so no configuration is required)
#
# o NF Instance Heartbeat (Disabled)
# time:
# nf_instance:
# heartbeat: 0
#
# o NF Instance Heartbeat (5 seconds)
# time:
# nf_instance:
# heartbeat: 5
#
# o NF Instance Validity (Default : 3600 seconds = 1 hour)
# (Default values are used, so no configuration is required)
#
# o NF Instance Validity (10 seconds)
# time:
# nf_instance:
# validity: 10
#
# o Subscription Validity (Default : 86400 seconds = 1 day)
# (Default values are used, so no configuration is required)
#
# o Subscription Validity (Disabled)
# time:
# subscription:
# validity: 0
#
# o Subscription Validity (3600 seconds = 1 hour)
# time:
# subscription:
# validity: 3600
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
time:

View File

@@ -0,0 +1,499 @@
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/nssf.log
#
# o TLS enable/disable
# sbi:
# server|client:
# no_tls: false|true
# - false: (Default) Use TLS
# - true: TLS disabled
#
# o Verification enable/disable
# sbi:
# server|client:
# no_verify: false|true
# - false: (Default) Verify the PEER
# - true: Skip the verification step
#
# o Server-side does not use TLS
# sbi:
# server:
# no_tls: true
#
# o Client-side skips the verification step
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
#
# o Use the specified certificate while verifying the client
# sbi:
# server
# cacert: /etc/open5gs/tls/ca.crt
#
# o Use the specified certificate while verifying the server
# sbi:
# client
# cacert: /etc/open5gs/tls/ca.crt
#
sbi:
server:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/nssf.key
cert: @sysconfdir@/open5gs/tls/nssf.crt
client:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/nssf.key
cert: @sysconfdir@/open5gs/tls/nssf.crt
#
# <SBI Server>
#
# o SBI Server(http://<all address available>:80)
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
#
# o SBI Server(http://<any address>:7777)
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
# - addr:
# - 0.0.0.0
# - ::0
# port: 7777
#
# o SBI Server(https://<all address available>:443)
# sbi:
# server:
# key: /etc/open5gs/tls/nssf.key
# cert: /etc/open5gs/tls/nssf.crt
# nssf:
# sbi:
#
# o SBI Server(https://127.0.0.14:443, https://[::1]:443) without verification
# sbi:
# server:
# no_verify: true
# key: /etc/open5gs/tls/nssf.key
# cert: /etc/open5gs/tls/nssf.crt
# nssf:
# sbi:
# - addr: 127.0.0.14
# - addr: ::1
#
# o SBI Server(https://nssf.open5gs.org:443)
# Use the specified certificate while verifying the client
#
# sbi:
# server:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/nssf.key
# cert: /etc/open5gs/tls/nssf.crt
# nssf:
# sbi:
# - name: nssf.open5gs.org
#
# o SBI Server(http://127.0.0.14:7777)
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
# - addr: 127.0.0.14
# port: 7777
#
# o SBI Server(http://<eth0 IP address>:80)
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
# - dev: eth0
#
# o Provide custom SBI address to be advertised to NRF
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
# - dev: eth0
# advertise: open5gs-nssf.svc.local
#
# o Another example of advertising on NRF
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
# - addr: localhost
# advertise:
# - 127.0.0.99
# - ::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
# addr: 127.0.0.14
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
# <List of available Network Slice Instance(NSI)>
#
# o One NSI
# - NRF[http://::1:7777/nnrf-nfm/v1/nf-instances]
# NSSAI[SST:1]
#
# nssf:
# nsi:
# - addr: ::1
# port: 7777
# s_nssai:
# sst: 1
#
# o Three NSI
# 1. NRF[http://::1:7777/nnrf-nfm/v1/nf-instances]
# S-NSSAI[SST:1]
#
# 2. NRF[http://127.0.0.19:7777/nnrf-nfm/v1/nf-instances]
# NSSAI[SST:1, SD:000080]
#
# 2. NRF[http://127.0.0.10:7777/nnrf-nfm/v1/nf-instances]
# NSSAI[SST:1, SD:009000]
#
# nssf:
# nsi:
# - addr: ::1
# port: 7777
# s_nssai:
# sst: 1
# - addr: 127.0.0.19
# port: 7777
# s_nssai:
# sst: 1
# sd: 000080
# - addr: 127.0.0.10
# port: 7777
# s_nssai:
# sst: 1
# sd: 009000
#
# o NSI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# nssf:
# nsi:
# addr: ::1
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
# <NF Service>
#
# o NF Service Name(Default : all NF services available)
# nssf:
# service_name:
#
# o NF Service Name(Only some NF services are available)
# nssf:
# service_name:
# - nnssf-nsselection
#
# <NF Discovery Query Parameter>
#
# o (Default) If you do not set Query Parameter as shown below,
#
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
# - addr: 127.0.0.14
# port: 7777
#
# - 'service-names' is included.
#
# o Service-Names are not included
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
# - addr: 127.0.0.14
# port: 7777
# discovery:
# option:
# no_service_names: false
#
# o To remove 'service-names' from URI query parameters in NS Discovery
# no_service_names: true
#
# * For Indirect Communication with Delegated Discovery,
# 'service-names' is always included in the URI query parameter.
# * That is, 'no_service_names' has no effect.
#
# <For Indirect Communication with Delegated Discovery>
#
# o (Default) If you do not set Delegated Discovery as shown below,
#
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
# - addr: 127.0.0.14
# port: 7777
#
# - Use SCP if SCP avaiable. Otherwise NRF is used.
# => App fails if both NRF and SCP are unavailable.
#
# sbi:
# server:
# no_tls: true
# nssf:
# sbi:
# - addr: 127.0.0.14
# port: 7777
# discovery:
# delegated: auto
#
# o To use SCP always => App fails if no SCP available.
# delegated: yes
#
# o Don't use SCP server => App fails if no NRF available.
# delegated: no
#
nssf:
sbi:
- addr: 127.0.0.14
port: 7777
nsi:
- addr: 127.0.0.10
port: 7777
s_nssai:
sst: 1
#
# <SBI Client>>
#
# o SBI Client(http://127.0.1.10:7777)
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# port: 7777
#
# o SBI Client(https://127.0.1.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - addr: 127.0.1.10
# - addr: ::1
#
# o SBI Client(https://scp.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - name: scp.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fb::1]:80)
# If prefer_ipv4 is true, http://127.0.1.10:80 is selected.
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr:
# - 127.0.1.10
# - fd69:f21d:873c:fb::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#
scp:
sbi:
- addr: 127.0.1.10
port: 7777
#
# <SBI Client>>
#
# o SBI Client(http://127.0.0.10:7777)
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# port: 7777
#
# o SBI Client(https://127.0.0.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - addr: 127.0.0.10
# - addr: ::1
#
# o SBI Client(https://nrf.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - name: nrf.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fa::1]:80)
# If prefer_ipv4 is true, http://127.0.0.10:80 is selected.
#
# sbi:
# addr:
# - 127.0.0.10
# - fd69:f21d:873c:fa::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#nrf:
# sbi:
# - addr:
# - 127.0.0.10
# - ::1
# port: 7777
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:
#
# o NF Instance Heartbeat (Default : 0)
# NFs will not send heart-beat timer in NFProfile
# NRF will send heart-beat timer in NFProfile
# (Default values are used, so no configuration is required)
#
# o NF Instance Heartbeat (20 seconds)
# NFs will send heart-beat timer (20 seconds) in NFProfile
# NRF can change heart-beat timer in NFProfile
#
# time:
# nf_instance:
# heartbeat: 20
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
time:

427
configs/open5gs/pcf.yaml.in Normal file
View File

@@ -0,0 +1,427 @@
db_uri: mongodb://localhost/open5gs
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/pcf.log
#
# o TLS enable/disable
# sbi:
# server|client:
# no_tls: false|true
# - false: (Default) Use TLS
# - true: TLS disabled
#
# o Verification enable/disable
# sbi:
# server|client:
# no_verify: false|true
# - false: (Default) Verify the PEER
# - true: Skip the verification step
#
# o Server-side does not use TLS
# sbi:
# server:
# no_tls: true
#
# o Client-side skips the verification step
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
#
# o Use the specified certificate while verifying the client
# sbi:
# server
# cacert: /etc/open5gs/tls/ca.crt
#
# o Use the specified certificate while verifying the server
# sbi:
# client
# cacert: /etc/open5gs/tls/ca.crt
#
sbi:
server:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/pcf.key
cert: @sysconfdir@/open5gs/tls/pcf.crt
client:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/pcf.key
cert: @sysconfdir@/open5gs/tls/pcf.crt
#
# <SBI Server>
#
# o SBI Server(http://<all address available>:80)
# sbi:
# server:
# no_tls: true
# pcf:
# sbi:
#
# o SBI Server(http://<any address>:7777)
# sbi:
# server:
# no_tls: true
# pcf:
# sbi:
# - addr:
# - 0.0.0.0
# - ::0
# port: 7777
#
# o SBI Server(https://<all address available>:443)
# sbi:
# server:
# key: /etc/open5gs/tls/pcf.key
# cert: /etc/open5gs/tls/pcf.crt
# pcf:
# sbi:
#
# o SBI Server(https://127.0.0.13:443, https://[::1]:443) without verification
# sbi:
# server:
# no_verify: true
# key: /etc/open5gs/tls/pcf.key
# cert: /etc/open5gs/tls/pcf.crt
# pcf:
# sbi:
# - addr: 127.0.0.13
# - addr: ::1
#
# o SBI Server(https://pcf.open5gs.org:443)
# Use the specified certificate while verifying the client
#
# sbi:
# server:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/pcf.key
# cert: /etc/open5gs/tls/pcf.crt
# pcf:
# sbi:
# - name: pcf.open5gs.org
#
# o SBI Server(http://127.0.0.13:7777)
# sbi:
# server:
# no_tls: true
# pcf:
# sbi:
# - addr: 127.0.0.13
# port: 7777
#
# o SBI Server(http://<eth0 IP address>:80)
# sbi:
# server:
# no_tls: true
# pcf:
# sbi:
# - dev: eth0
#
# o Provide custom SBI address to be advertised to NRF
# sbi:
# server:
# no_tls: true
# pcf:
# sbi:
# - dev: eth0
# advertise: open5gs-pcf.svc.local
#
# o Another example of advertising on NRF
# sbi:
# server:
# no_tls: true
# pcf:
# sbi:
# - addr: localhost
# advertise:
# - 127.0.0.99
# - ::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# server:
# no_tls: true
# pcf:
# sbi:
# addr: 127.0.0.13
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
# <NF Service>
#
# o NF Service Name(Default : all NF services available)
# pcf:
# service_name:
#
# o NF Service Name(Only some NF services are available)
# pcf:
# service_name:
# - npcf-am-policy-control
# - npcf-smpolicycontrol
# - npcf-policyauthorization
#
# == NOTE ==
# Placing npcf-smpolicycontrol and pcf-policyauthorization
# in different NFs is not supported. Both npcf-smpolicycontrol
# and pcf-policyauthorization should be placed in the same NF.
#
# <NF Discovery Query Parameter>
#
# o (Default) If you do not set Query Parameter as shown below,
#
# sbi:
# - addr: 127.0.0.13
# port: 7777
#
# - 'service-names' is included.
#
# sbi:
# - addr: 127.0.0.13
# port: 7777
# discovery:
# option:
# no_service_names: false
#
# o To remove 'service-names' from URI query parameters in NS Discovery
# no_service_names: true
#
# * For Indirect Communication with Delegated Discovery,
# 'service-names' is always included in the URI query parameter.
# * That is, 'no_service_names' has no effect.
#
# <For Indirect Communication with Delegated Discovery>
#
# o (Default) If you do not set Delegated Discovery as shown below,
#
# sbi:
# server:
# no_tls: true
# pcf:
# sbi:
# - addr: 127.0.0.13
# port: 7777
#
# - Use SCP if SCP avaiable. Otherwise NRF is used.
# => App fails if both NRF and SCP are unavailable.
#
# sbi:
# server:
# no_tls: true
# pcf:
# sbi:
# - addr: 127.0.0.13
# port: 7777
# discovery:
# delegated: auto
#
# o To use SCP always => App fails if no SCP available.
# delegated: yes
#
# o Don't use SCP server => App fails if no NRF available.
# delegated: no
#
#
# <Metrics Server>
#
# o Metrics Server(http://<any address>:9090)
# pcf:
# metrics:
# - addr: 0.0.0.0
# port: 9090
#
pcf:
sbi:
- addr: 127.0.0.13
port: 7777
metrics:
- addr: 127.0.0.13
port: 9090
#
# scp:
#
# <SBI Client>>
#
# o SBI Client(http://127.0.1.10:7777)
# sbi:
# addr: 127.0.1.10
# port: 7777
#
# o SBI Client(https://127.0.1.10:443, http://scp.open5gs.org:80)
# sbi:
# - addr: 127.0.1.10
# tls:
# key: /etc/open5gs/tls/pcf.key
# cert: /etc/open5gs/tls/pcf.crt
# - name: scp.open5gs.org
#
# o SBI Client(https://scp.open5gs.org:443)
# Use the specified certificate to verify peer
#
# sbi:
# - name: scp.open5gs.org
# tls:
# cacert: /etc/open5gs/tls/ca.crt
#
# o SBI Client(http://[fd69:f21d:873c:fb::1]:80)
# If prefer_ipv4 is true, http://127.0.1.10:80 is selected.
#
# sbi:
# addr:
# - 127.0.1.10
# - fd69:f21d:873c:fb::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# addr: 127.0.1.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#
scp:
sbi:
- addr: 127.0.1.10
port: 7777
#
# nrf:
#
# <SBI Client>>
#
# o SBI Client(http://127.0.0.10:7777)
# sbi:
# addr: 127.0.0.10
# port: 7777
#
# o SBI Client(https://127.0.0.10:443, https://[::1]:443)
# tls:
# client:
# key: /etc/open5gs/tls/pcf.key
# cert: /etc/open5gs/tls/pcf.crt
# nrf:
# sbi:
# - addr: 127.0.0.10
# - addr: ::1
#
# o SBI Client(https://nrf.open5gs.org:443)
# Use the specified certificate to verify server
#
# tls:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# nrf:
# sbi:
# - name: nrf.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fa::1]:80)
# If prefer_ipv4 is true, http://127.0.0.10:80 is selected.
#
# sbi:
# addr:
# - 127.0.0.10
# - fd69:f21d:873c:fa::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# addr: 127.0.0.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#nrf:
# sbi:
# - addr:
# - 127.0.0.10
# - ::1
# port: 7777
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:
#
# o NF Instance Heartbeat (Default : 0)
# NFs will not send heart-beat timer in NFProfile
# NRF will send heart-beat timer in NFProfile
# (Default values are used, so no configuration is required)
#
# o NF Instance Heartbeat (20 seconds)
# NFs will send heart-beat timer (20 seconds) in NFProfile
# NRF can change heart-beat timer in NFProfile
#
# time:
# nf_instance:
# heartbeat: 20
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
time:

View File

@@ -1,9 +1,54 @@
db_uri: mongodb://localhost/open5gs
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/pcrf.log
parameter:
pcrf:
freeDiameter: @sysconfdir@/freeDiameter/pcrf.conf
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:

View File

@@ -1,22 +0,0 @@
logger:
file: @localstatedir@/log/open5gs/pgw.log
parameter:
pgw:
freeDiameter: @sysconfdir@/freeDiameter/pgw.conf
gtpc:
- addr: 127.0.0.3
- addr: ::1
gtpu:
- addr: 127.0.0.3
- addr: ::1
ue_pool:
- addr: 10.45.0.1/16
- addr: cafe::1/64
dns:
- 8.8.8.8
- 8.8.4.4
- 2001:4860:4860::8888
- 2001:4860:4860::8844
mtu: 1400

394
configs/open5gs/scp.yaml.in Normal file
View File

@@ -0,0 +1,394 @@
db_uri: mongodb://localhost/open5gs
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/scp.log
#
# o TLS enable/disable
# sbi:
# server|client:
# no_tls: false|true
# - false: (Default) Use TLS
# - true: TLS disabled
#
# o Verification enable/disable
# sbi:
# server|client:
# no_verify: false|true
# - false: (Default) Verify the PEER
# - true: Skip the verification step
#
# o Server-side does not use TLS
# sbi:
# server:
# no_tls: true
#
# o Client-side skips the verification step
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
#
# o Use the specified certificate while verifying the client
# sbi:
# server
# cacert: /etc/open5gs/tls/ca.crt
#
# o Use the specified certificate while verifying the server
# sbi:
# client
# cacert: /etc/open5gs/tls/ca.crt
#
sbi:
server:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/scp.key
cert: @sysconfdir@/open5gs/tls/scp.crt
client:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/scp.key
cert: @sysconfdir@/open5gs/tls/scp.crt
#
# <SBI Server>
#
# o SBI Server(http://<all address available>:80)
# sbi:
# server:
# no_tls: true
# scp:
# sbi:
#
# o SBI Server(http://<any address>:7777)
# sbi:
# server:
# no_tls: true
# scp:
# sbi:
# - addr:
# - 0.0.0.0
# - ::0
# port: 7777
#
# o SBI Server(https://<all address available>:443)
# sbi:
# server:
# key: /etc/open5gs/tls/scp.key
# cert: /etc/open5gs/tls/scp.crt
# scp:
# sbi:
#
# o SBI Server(https://127.0.1.10:443, https://[::1]:443) without verification
# sbi:
# server:
# no_verify: true
# key: /etc/open5gs/tls/scp.key
# cert: /etc/open5gs/tls/scp.crt
# scp:
# sbi:
# - addr: 127.0.1.10
# - addr: ::1
#
# o SBI Server(https://scp.open5gs.org:443)
# Use the specified certificate while verifying the client
#
# sbi:
# server:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/scp.key
# cert: /etc/open5gs/tls/scp.crt
# scp:
# sbi:
# - name: scp.open5gs.org
#
# o SBI Server(http://127.0.1.10:7777)
# sbi:
# server:
# no_tls: true
# scp:
# sbi:
# - addr: 127.0.1.10
# port: 7777
#
# o SBI Server(http://<eth0 IP address>:80)
# sbi:
# server:
# no_tls: true
# scp:
# sbi:
# - dev: eth0
#
# o Provide custom SBI address to be advertised to NRF
# sbi:
# server:
# no_tls: true
# scp:
# sbi:
# - dev: eth0
# advertise: open5gs-scp.svc.local
#
# o Another example of advertising on NRF
# sbi:
# server:
# no_tls: true
# scp:
# sbi:
# - addr: localhost
# advertise:
# - 127.0.0.99
# - ::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# server:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
# <For Indirect Communication with Delegated Discovery>
#
# o (Default) If you do not set Delegated Discovery as shown below,
#
# sbi:
# server:
# no_tls: true
# scp:
# sbi:
# - addr: 127.0.1.10
# port: 7777
#
# - Use SCP if SCP avaiable. Otherwise NRF is used.
# => App fails if both NRF and SCP are unavailable.
#
# sbi:
# server:
# no_tls: true
# scp:
# sbi:
# - addr: 127.0.1.10
# port: 7777
# discovery:
# delegated: auto
#
# o To use SCP always => App fails if no SCP available.
# delegated: yes
#
# o Don't use SCP server => App fails if no NRF available.
# delegated: no
#
scp:
sbi:
- addr: 127.0.1.10
port: 7777
# <Next hop SCP>
#
# o SBI Client(http://127.0.1.10:7777)
# sbi:
# client:
# no_tls: true
# next_scp:
# sbi:
# addr: 127.0.1.10
# port: 7777
#
# o SBI Client(https://127.0.1.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# next_scp:
# sbi:
# - addr: 127.0.1.10
# - addr: ::1
#
# o SBI Client(https://scp.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# next_scp:
# sbi:
# - name: scp.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fb::1]:80)
# If prefer_ipv4 is true, http://127.0.1.10:80 is selected.
#
# sbi:
# client:
# no_tls: true
# next_scp:
# sbi:
# addr:
# - 127.0.1.10
# - fd69:f21d:873c:fb::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# next_scp:
# sbi:
# addr: 127.0.1.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#
#
# <SBI Client>>
#
# o SBI Client(http://127.0.0.10:7777)
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# port: 7777
#
# o SBI Client(https://127.0.0.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - addr: 127.0.0.10
# - addr: ::1
#
# o SBI Client(https://nrf.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - name: nrf.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fa::1]:80)
# If prefer_ipv4 is true, http://127.0.0.10:80 is selected.
#
# sbi:
# addr:
# - 127.0.0.10
# - fd69:f21d:873c:fa::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
nrf:
sbi:
- addr:
- 127.0.0.10
- ::1
port: 7777
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:
#
# o NF Instance Heartbeat (Default : 0)
# NFs will not send heart-beat timer in NFProfile
# NRF will send heart-beat timer in NFProfile
# (Default values are used, so no configuration is required)
#
# o NF Instance Heartbeat (20 seconds)
# NFs will send heart-beat timer (20 seconds) in NFProfile
# NRF can change heart-beat timer in NFProfile
#
# time:
# nf_instance:
# heartbeat: 20
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
time:

View File

@@ -1,10 +0,0 @@
logger:
file: @localstatedir@/log/open5gs/sgw.log
parameter:
no_ipv6: true
sgw:
gtpc:
addr: 127.0.0.2
gtpu:

View File

@@ -0,0 +1,177 @@
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/sgwc.log
#
# <GTP-C Server>
#
# o GTP-C Server(127.0.0.3:2123, [fd69:f21d:873c:fa::2]:2123)
# sgwc:
# gtpc:
# addr:
# - 127.0.0.3
# - fd69:f21d:873c:fa::2
#
# o On SGW, Same Configuration(127.0.0.3:2123,
# [fd69:f21d:873c:fa::2]:2123) as below.
# sgwc:
# gtpc:
# - addr: 127.0.0.3
# - addr: fd69:f21d:873c:fa::2
#
# o GTP-C Option (Default)
# - so_bindtodevice : NULL
#
# sgwc:
# gtpc:
# addr: 127.0.0.3
# option:
# so_bindtodevice: vrf-blue
#
# <PFCP Server>
#
# o PFCP Server(127.0.0.3:8805, ::1:8805)
# sgwc:
# pfcp:
# - addr: 127.0.0.3
# - addr: ::1
#
# o PFCP-U Server(127.0.0.1:2152, [::1]:2152)
# sgwc:
# pfcp:
# name: localhost
#
# o PFCP Option (Default)
# - so_bindtodevice : NULL
#
# sgwc:
# pfcp:
# addr: 127.0.0.3
# option:
# so_bindtodevice: vrf-blue
#
# o Provide custom PFCP address to be advertised in PFCP association
# request/respond
# sgwc:
# pfcp:
# - addr: 0.0.0.0
# advertise: open5gs-smf.svc.local
#
sgwc:
gtpc:
- addr: 127.0.0.3
pfcp:
- addr: 127.0.0.3
#
# <PFCP Client>>
#
# o PFCP Client(127.0.0.6:8805)
# sgwu:
# pfcp:
# addr: 127.0.0.6
#
# <SGWU_SELECTION_MODE - EPC only>
#
# sgwu:
# pfcp:
# - addr: 127.0.0.6
# - addr: 127.0.0.12
# - addr: 127.0.0.18
#
# o SGWU selection by eNodeB TAC
# (either single TAC or multiple TACs, DECIMAL representation)
#
# sgwu:
# pfcp:
# - addr: 127.0.0.6
# tac: 1
# - addr: 127.0.0.12
# tac: [3,5,8]
#
# o SGWU selection by UE's APN (either single APN or multiple APNs)
#
# sgwu:
# pfcp:
# - addr: 127.0.0.6
# apn: ims
# - addr: 127.0.0.12
# apn: [internet, web]
#
# o SGWU selection by CellID(e_cell_id: 28bit)
# (either single e_cell_id or multiple e_cell_id, HEX representation)
#
# sgwu:
# pfcp:
# - addr: 127.0.0.6
# e_cell_id: 463
# - addr: 127.0.0.12
# e_cell_id: [123456789, 9413]
#
sgwu:
pfcp:
- addr: 127.0.0.6
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
# o Disable selection of SGW-U PFCP in Round-Robin manner
# parameter:
# no_pfcp_rr_select: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
# o Maximum Number of GTP peer nodes per SGWC/SMF
# max:
# gtp_peer: 64
#
max:
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
time:

View File

@@ -0,0 +1,166 @@
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/sgwu.log
#
# <PFCP Server>
#
# o PFCP Server(127.0.0.6:8805, ::1:8805)
# sgwu:
# pfcp:
# - addr: 127.0.0.6
# - addr: ::1
#
# o PFCP-U Server(127.0.0.1:2152, [::1]:2152)
# sgwu:
# pfcp:
# - name: localhost
#
# o PFCP Option (Default)
# - so_bindtodevice : NULL
#
# sgwu:
# pfcp:
# addr: 127.0.0.6
# option:
# so_bindtodevice: vrf-blue
#
# o Provide custom PFCP address to be advertised in PFCP association
# request/respond
# sgwc:
# pfcp:
# - addr: 0.0.0.0
# advertise: open5gs-smf.svc.local
#
# <GTP-U Server>
#
# o GTP-U Server(127.0.0.6:2152, [::1]:2152)
# gtpu:
# - addr: 127.0.0.6
# - addr: ::1
#
# o GTP-U Server(127.0.0.1:2152, [::1]:2152)
# sgwu:
# gtpu:
# - name: localhost
#
# o User Plane IP Resource information
# sgwu:
# gtpu:
# - addr:
# - 127.0.0.6
# - ::1
# teid_range_indication: 4
# teid_range: 10
# network_instance: internet
# source_interface: 0
# - addr: 127.0.10.4
# teid_range_indication: 4
# teid_range: 5
# network_instance: ims
# source_interface: 1
#
# o Provide custom SGW-U GTP-U address to be advertised inside S1AP messages
# sgwu:
# gtpu:
# - addr: 10.4.128.21
# advertise: 172.24.15.30
#
# sgwu:
# gtpu:
# - addr: 10.4.128.21
# advertise:
# - 127.0.0.1
# - ::1
#
# sgwu:
# gtpu:
# - addr: 10.4.128.21
# advertise: sgw1.epc.mnc001.mcc001.3gppnetwork.org
#
# sgwu:
# gtpu:
# - dev: ens3
# advertise: sgw1.epc.mnc001.mcc001.3gppnetwork.org
#
# o GTP-U Option (Default)
# - so_bindtodevice : NULL
#
# sgwu:
# gtpu:
# addr: 127.0.0.6
# option:
# so_bindtodevice: vrf-blue
#
sgwu:
pfcp:
- addr: 127.0.0.6
gtpu:
- addr: 127.0.0.6
#
# <PFCP Client>>
#
# o PFCP Client(127.0.0.3:8805)
# sgwc:
# pfcp:
# addr: 127.0.0.3
#
sgwc:
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
max:
#
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
time:

883
configs/open5gs/smf.yaml.in Normal file
View File

@@ -0,0 +1,883 @@
#
# o Set OGS_LOG_INFO to all domain level
# - If `level` is omitted, the default level is OGS_LOG_INFO)
# - If `domain` is omitted, the all domain level is set from 'level'
# (Default values are used, so no configuration is required)
#
# o Set OGS_LOG_ERROR to all domain level
# - `level` can be set with none, fatal, error, warn, info, debug, trace
# logger:
# level: error
#
# o Set OGS_LOG_DEBUG to mme/emm domain level
# logger:
# level: debug
# domain: mme,emm
#
# o Set OGS_LOG_TRACE to all domain level
# logger:
# level: trace
# domain: core,sbi,ausf,event,tlv,mem,sock
#
logger:
file: @localstatedir@/log/open5gs/smf.log
#
# o TLS enable/disable
# sbi:
# server|client:
# no_tls: false|true
# - false: (Default) Use TLS
# - true: TLS disabled
#
# o Verification enable/disable
# sbi:
# server|client:
# no_verify: false|true
# - false: (Default) Verify the PEER
# - true: Skip the verification step
#
# o Server-side does not use TLS
# sbi:
# server:
# no_tls: true
#
# o Client-side skips the verification step
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
#
# o Use the specified certificate while verifying the client
# sbi:
# server
# cacert: /etc/open5gs/tls/ca.crt
#
# o Use the specified certificate while verifying the server
# sbi:
# client
# cacert: /etc/open5gs/tls/ca.crt
#
sbi:
server:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/smf.key
cert: @sysconfdir@/open5gs/tls/smf.crt
client:
no_tls: true
cacert: @sysconfdir@/open5gs/tls/ca.crt
key: @sysconfdir@/open5gs/tls/smf.key
cert: @sysconfdir@/open5gs/tls/smf.crt
#
# <SBI Server>
#
# o SBI Server(http://<all address available>:80)
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
#
# o SBI Server(http://<any address>:7777)
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
# - addr:
# - 0.0.0.0
# - ::0
# port: 7777
#
# o SBI Server(https://<all address available>:443)
# sbi:
# server:
# key: /etc/open5gs/tls/smf.key
# cert: /etc/open5gs/tls/smf.crt
# smf:
# sbi:
#
# o SBI Server(https://127.0.0.4:443, https://[::1]:443) without verification
# sbi:
# server:
# no_verify: true
# key: /etc/open5gs/tls/smf.key
# cert: /etc/open5gs/tls/smf.crt
# smf:
# sbi:
# - addr: 127.0.0.4
# - addr: ::1
#
# o SBI Server(https://smf.open5gs.org:443)
# Use the specified certificate while verifying the client
#
# sbi:
# server:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/smf.key
# cert: /etc/open5gs/tls/smf.crt
# smf:
# sbi:
# - name: smf.open5gs.org
#
# o SBI Server(http://127.0.0.4:7777)
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
# - addr: 127.0.0.4
# port: 7777
#
# o SBI Server(http://<eth0 IP address>:80)
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
# - dev: eth0
#
# o Provide custom SBI address to be advertised to NRF
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
# - dev: eth0
# advertise: open5gs-smf.svc.local
#
# o Another example of advertising on NRF
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
# - addr: localhost
# advertise:
# - 127.0.0.99
# - ::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
# addr: 127.0.0.4
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#
# <NF Service>
#
# o NF Service Name(Default : all NF services available)
# smf:
# service_name:
#
# o NF Service Name(Only some NF services are available)
# smf:
# service_name:
# - nsmf-pdusession
#
# <NF Discovery Query Parameter>
#
# o (Default) If you do not set Query Parameter as shown below,
#
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
# - addr: 127.0.0.4
# port: 7777
#
# - 'service-names' is included.
#
# o Service-Names are not included
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
# - addr: 127.0.0.4
# port: 7777
# discovery:
# option:
# no_service_names: false
#
# o To remove 'service-names' from URI query parameters in NS Discovery
# no_service_names: true
#
# * For Indirect Communication with Delegated Discovery,
# 'service-names' is always included in the URI query parameter.
# * That is, 'no_service_names' has no effect.
#
# <For Indirect Communication with Delegated Discovery>
#
# o (Default) If you do not set Delegated Discovery as shown below,
#
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
# - addr: 127.0.0.4
# port: 7777
#
# - Use SCP if SCP avaiable. Otherwise NRF is used.
# => App fails if both NRF and SCP are unavailable.
#
# sbi:
# server:
# no_tls: true
# smf:
# sbi:
# - addr: 127.0.0.4
# port: 7777
# discovery:
# delegated: auto
#
# o To use SCP always => App fails if no SCP available.
# delegated: yes
#
# o Don't use SCP server => App fails if no NRF available.
# delegated: no
#
# <PFCP Server>
#
# o PFCP Server(127.0.0.4:8805, ::1:8805)
# smf:
# pfcp:
# - addr: 127.0.0.4
# - addr: ::1
#
# o PFCP-U Server(127.0.0.1:2152, [::1]:2152)
# smf:
# pfcp:
# name: localhost
#
# o PFCP Option (Default)
# - so_bindtodevice : NULL
#
# smf:
# pfcp:
# addr: 127.0.0.4
# option:
# so_bindtodevice: vrf-blue
#
# o Provide custom PFCP address to be advertised to UPF in PFCP association
# request/respond
# smf:
# pfcp:
# - addr: 0.0.0.0
# advertise: open5gs-smf.svc.local
#
# <GTP-C Server>
#
# o GTP-C Server(127.0.0.4:2123, [fd69:f21d:873c:fa::3]:2123)
# smf:
# gtpc:
# addr:
# - 127.0.0.4
# - fd69:f21d:873c:fa::3
#
# o On SMF, Same configuration
# (127.0.0.4:2123, [fd69:f21d:873c:fa::3]:2123).
# smf:
# gtpc:
# - addr: 127.0.0.4
# - addr: fd69:f21d:873c:fa::3
#
# o GTP-C Option (Default)
# - so_bindtodevice : NULL
#
# smf:
# gtpc:
# addr: 127.0.0.4
# option:
# so_bindtodevice: vrf-blue
#
# <GTP-U Server>>
#
# o GTP-U Server(127.0.0.4:2152, [::1]:2152)
# smf:
# gtpu:
# - addr: 127.0.0.4
# - addr: ::1
#
# o GTP-U Server(127.0.0.1:2152, [::1]:2152)
# smf:
# gtpu:
# name: localhost
#
# o GTP-U Option (Default)
# - so_bindtodevice : NULL
#
# smf:
# gtpu:
# addr: 127.0.0.4
# option:
# so_bindtodevice: vrf-blue
#
# <Metrics Server>
#
# o Metrics Server(http://<any address>:9090)
# smf:
# metrics:
# - addr: 0.0.0.0
# port: 9090
#
# <Subnet for UE Pool>
#
# o IPv4 Pool
# smf:
# subnet:
# addr: 10.45.0.1/16
#
# o IPv4/IPv6 Pool
# smf:
# subnet:
# - addr: 10.45.0.1/16
# - addr: 2001:db8:cafe::1/48
#
#
# o Specific DNN/APN(e.g 'ims') uses 10.46.0.1/16, 2001:db8:babe::1/48
# ; If the UE has unknown DNN/APN(not internet/ims), SMF/UPF will crash.
#
# smf:
# subnet:
# - addr: 10.45.0.1/16
# dnn: internet
# - addr: 2001:db8:cafe::1/48
# dnn: internet
# - addr: 10.46.0.1/16
# dnn: ims
# - addr: 2001:db8:babe::1/48
# dnn: ims
#
# o Specific DNN/APN with the FALLBACK SUBNET(10.47.0.1/16)
# ; Note that put the FALLBACK SUBNET last to avoid SMF/UPF crash.
#
# smf:
# subnet:
# - addr: 10.45.0.1/16
# dnn: internet
# - addr: 10.46.0.1/16
# dnn: ims
# - addr: 10.50.0.1/16 ## FALLBACK SUBNET
#
# o Pool Range Sample
# smf:
# subnet:
# - addr: 10.45.0.1/24
# range: 10.45.0.100-10.45.0.200
#
# smf:
# subnet:
# - addr: 10.45.0.1/24
# range:
# - 10.45.0.5-10.45.0.50
# - 10.45.0.100-
#
# smf:
# subnet:
# - addr: 10.45.0.1/24
# range:
# - -10.45.0.200
# - 10.45.0.210-10.45.0.220
#
# smf:
# subnet:
# - addr: 10.45.0.1/16
# range:
# - 10.45.0.100-10.45.0.200
# - 10.45.1.100-10.45.1.200
# - addr: 2001:db8:cafe::1/48
# range:
# - 2001:db8:cafe:a0::0-2001:db8:cafe:b0::0
# - 2001:db8:cafe:c0::0-2001:db8:cafe:d0::0
#
# <Domain Name Server>
#
# o Primary/Secondary can be configured. Others are ignored.
#
# smf:
# dns:
# - 8.8.8.8
# - 8.8.4.4
# - 2001:4860:4860::8888
# - 2001:4860:4860::8844
#
# <MTU Size>
#
# o Provisioning a limit on the size of the packets sent by the MS
# to avoid packet fragmentation in the backbone network
# between the MS and the GGSN/PGW and/or across the (S)Gi reference point)
# when some of the backbone links does not support
# packets larger then 1500 octets
#
# <P-CSCF>
#
# o Proxy Call Session Control Function
#
# smf:
# p-cscf:
# - 127.0.0.1
# - ::1
#
# <CTF>
#
# o Gy interface parameters towards OCS.
# o enabled:
# o auto: Default. Use Gy only if OCS available among Diameter peers
# o yes: Use Gy always;
# reject subscribers if no OCS available among Diameter peers
# o no: Don't use Gy interface if there is an OCS available
#
# smf:
# ctf:
# enabled: auto|yes|no
#
#
# <SMF Selection - 5G Core only>
# 1. SMF sends SmfInfo(S-NSSAI, DNN, TAI) to the NRF
# 2. NRF responds to AMF with SmfInfo during NF-Discovery.
# 3. AMF selects SMF based on S-NSSAI, DNN and TAI in SmfInfo.
#
# Note that if there is no SmfInfo, any AMF can select this SMF.
#
# o S-NSSAI[SST:1] and DNN[internet] - At least 1 DNN is required in S-NSSAI
# smf:
# info:
# - s_nssai:
# - sst: 1
# dnn:
# - internet
#
# o S-NSSAI[SST:1 SD:009000] and DNN[internet or ims]
# smf:
# info:
# - s_nssai:
# - sst: 1
# sd: 009000
# dnn:
# - internet
# - ims
#
# o S-NSSAI[SST:1] and DNN[internet] and TAI[PLMN-ID:99970 TAC:1]
# smf:
# info:
# - s_nssai:
# - sst: 1
# dnn:
# - internet
# tai:
# - plmn_id:
# mcc: 999
# mnc: 70
# tac: 1
#
# o If any of conditions below are met:
# - S-NSSAI[SST:1] and DNN[internet] and TAI[PLMN-ID:99970 TAC:1-9]
# - S-NSSAI[SST:2 SD:000080] and DNN[internet or ims]
# - S-NSSAI[SST:4] and DNN[internet] and TAI[PLMN-ID:99970 TAC:10-20,30-40]
#
# smf:
# info:
# - s_nssai:
# - sst: 1
# dnn:
# - internet
# tai:
# - plmn_id:
# mcc: 999
# mnc: 70
# tac:
# - 1-9
# - s_nssai:
# - sst: 2
# sd: 000080
# dnn:
# - internet
# - ims
# - s_nssai:
# - sst: 4
# dnn:
# - internet
# tai:
# - plmn_id:
# mcc: 999
# mnc: 70
# tac:
# - 10-20
# - 30-40
#
# o Complex Example
# smf:
# info:
# - s_nssai:
# - sst: 1
# dnn:
# - internet
# - sst: 1
# sd: 000080
# dnn:
# - internet
# - ims
# - sst: 1
# sd: 009000
# dnn:
# [internet, ims]
# - sst: 2
# dnn:
# - internet
# - sst: 3
# sd: 123456
# dnn:
# - internet
# tai:
# - plmn_id:
# mcc: 999
# mnc: 70
# tac: [1, 2, 3]
# - plmn_id:
# mcc: 999
# mnc: 70
# tac: 4
# - plmn_id:
# mcc: 999
# mnc: 70
# tac:
# - 5
# - 6
# - plmn_id:
# mcc: 999
# mnc: 70
# tac:
# - 100-200
# - 300-400
# - plmn_id:
# mcc: 999
# mnc: 70
# tac:
# - 500-600
# - 700-800
# - 900-1000
# - s_nssai:
# - sst: 4
# dnn:
# - internet
# tai:
# - plmn_id:
# mcc: 999
# mnc: 70
# tac: 99
#
# <Security Indication - 5G Core only>
#
# According to 3GPP TS38.413 Section 9.3.1.27,
# Security Indication IE may be instructed to 5G gNB.
#
# If you set the security_indication in smf.yaml,
# this information is delivered using PDU Session Resource Request Transfer IE
#
# smf:
# security_indication:
# integrity_protection_indication: required|preferred|not-needed
# confidentiality_protection_indication: required|preferred|not-needed
# maximum_integrity_protected_data_rate_uplink: bitrate64kbs|maximum-UE-rate
# maximum_integrity_protected_data_rate_downlink: bitrate64kbs|maximum-UE-rate
#
smf:
sbi:
- addr: 127.0.0.4
port: 7777
pfcp:
- addr: 127.0.0.4
- addr: ::1
gtpc:
- addr: 127.0.0.4
- addr: ::1
gtpu:
- addr: 127.0.0.4
- addr: ::1
metrics:
- addr: 127.0.0.4
port: 9090
subnet:
- addr: 10.45.0.1/16
- addr: 2001:db8:cafe::1/48
dns:
- 8.8.8.8
- 8.8.4.4
- 2001:4860:4860::8888
- 2001:4860:4860::8844
mtu: 1400
ctf:
enabled: auto
freeDiameter: @sysconfdir@/freeDiameter/smf.conf
#
# <SBI Client>>
#
# o SBI Client(http://127.0.1.10:7777)
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# port: 7777
#
# o SBI Client(https://127.0.1.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - addr: 127.0.1.10
# - addr: ::1
#
# o SBI Client(https://scp.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# scp:
# sbi:
# - name: scp.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fb::1]:80)
# If prefer_ipv4 is true, http://127.0.1.10:80 is selected.
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr:
# - 127.0.1.10
# - fd69:f21d:873c:fb::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# scp:
# sbi:
# addr: 127.0.1.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#
scp:
sbi:
- addr: 127.0.1.10
port: 7777
#
# <SBI Client>>
#
# o SBI Client(http://127.0.0.10:7777)
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# port: 7777
#
# o SBI Client(https://127.0.0.10:443, https://[::1]:443) without verification
# sbi:
# client:
# no_verify: true
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - addr: 127.0.0.10
# - addr: ::1
#
# o SBI Client(https://nrf.open5gs.org:443)
# Use the specified certificate while verifying the server
#
# sbi:
# client:
# cacert: /etc/open5gs/tls/ca.crt
# key: /etc/open5gs/tls/amf.key
# cert: /etc/open5gs/tls/amf.crt
# nrf:
# sbi:
# - name: nrf.open5gs.org
#
# o SBI Client(http://[fd69:f21d:873c:fa::1]:80)
# If prefer_ipv4 is true, http://127.0.0.10:80 is selected.
#
# sbi:
# addr:
# - 127.0.0.10
# - fd69:f21d:873c:fa::1
#
# o SBI Option (Default)
# - tcp_nodelay : true
# - so_linger.l_onoff : false
#
# sbi:
# client:
# no_tls: true
# nrf:
# sbi:
# addr: 127.0.0.10
# option:
# tcp_nodelay: false
# so_linger:
# l_onoff: true
# l_linger: 10
#
#nrf:
# sbi:
# - addr:
# - 127.0.0.10
# - ::1
# port: 7777
#
# <PFCP Client>>
#
# o PFCP Client(127.0.0.7:8805)
# upf:
# pfcp:
# addr: 127.0.0.7
#
# <UPF Selection>
#
# upf:
# pfcp:
# - addr: 127.0.0.7
# - addr: 127.0.0.12
# - addr: 127.0.0.19
#
# o UPF selection by eNodeB TAC
# (either single TAC or multiple TACs, DECIMAL representation)
#
# upf:
# pfcp:
# - addr: 127.0.0.7
# tac: 1
# - addr: 127.0.0.12
# tac: [3,5,8]
#
# o UPF selection by UE's DNN/APN (either single DNN/APN or multiple DNNs/APNs)
#
# upf:
# pfcp:
# - addr: 127.0.0.7
# dnn: ims
# - addr: 127.0.0.12
# dnn: [internet, web]
#
# o UPF selection by CellID(e_cell_id: 28bit, nr_cell_id: 36bit)
# (either single enb_id or multiple enb_ids, HEX representation)
#
# upf:
# pfcp:
# - addr: 127.0.0.7
# e_cell_id: 463
# - addr: 127.0.0.12
# nr_cell_id: [123456789, 9413]
#
upf:
pfcp:
- addr: 127.0.0.7
#
# o Disable use of IPv4 addresses (only IPv6)
# parameter:
# no_ipv4: true
#
# o Disable use of IPv6 addresses (only IPv4)
# parameter:
# no_ipv6: true
#
# o Prefer IPv4 instead of IPv6 for estabishing new GTP connections.
# parameter:
# prefer_ipv4: true
#
# o Disable selection of UPF PFCP in Round-Robin manner
# parameter:
# no_pfcp_rr_select: true
#
# o Legacy support for pre-release LTE 11 devices
# - Omits adding local address in packet filters for compatibility
# parameter:
# no_ipv4v6_local_addr_in_packet_filter: true
#
parameter:
#
# o Maximum Number of UE
# max:
# ue: 1024
#
# o Maximum Number of Peer(S1AP/NGAP, DIAMETER, GTP, PFCP or SBI)
# max:
# peer: 64
#
# o Maximum Number of GTP peer nodes per SGWC/SMF
# max:
# gtp_peer: 64
#
max:
#
# o NF Instance Heartbeat (Default : 0)
# NFs will not send heart-beat timer in NFProfile
# NRF will send heart-beat timer in NFProfile
# (Default values are used, so no configuration is required)
#
# o NF Instance Heartbeat (20 seconds)
# NFs will send heart-beat timer (20 seconds) in NFProfile
# NRF can change heart-beat timer in NFProfile
# time:
# nf_instance:
# heartbeat: 20
#
# o Message Wait Duration (Default : 10,000 ms = 10 seconds)
# (Default values are used, so no configuration is required)
#
# o Message Wait Duration (3000 ms)
# time:
# message:
# duration: 3000
#
# o Handover Wait Duration (Default : 300 ms)
# Time to wait for SMF to send
# PFCP Session Modification Request(Remove Indirect Tunnel) to the UPF
# after sending Nsmf_PDUSession_UpdateSMContext Response(hoState:COMPLETED)
# (Default values are used, so no configuration is required)
#
# o Handover Wait Duration (500ms)
# time:
# handover:
# duration: 500
time:

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgAwIBAgIBATANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjVaFw0zMjExMDgyMzM3MjVaMEoxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGDAW
BgNVBAMMD2FtZi5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAL5q1eXK8wzvyymrEpxLgdGg8ArHUiGk0BerkwIwOvkJRkqolQx1CVV+
SZAsnLxrt1+DEb9PTEpqrAXXAWxGtjDCW8FARPFfhziq4B0NPHuTtXusvT+9xF0I
EY/HFyO/3EYh5vRh5gGZdW5Ukgh4We4Zw/lw0d2BFA2/L5Xz4zOV1P3vSeATyNMq
4mPWD5xUs0utUzOevmom/+vMO8HGecKv8dpdcM45Gget5pH9OwT0nEAOusW8vYZK
kCVKNFAvfyCOVzVG82jS8XARrMGzFPfnrkadYrf/sV4OQ7hLc4ZdO83kXubOoCJm
xrxp7Z8aaXjNEpGW2dZQqU9w57SP9sMCAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV
HQ4EFgQU2olHBnRSjS69sZRJT5rFpHAQDhcwHwYDVR0jBBgwFoAUsWr6nJm8BCpC
iGXXfr5gcKIO2kAwDQYJKoZIhvcNAQELBQADggEBAIEUFoQQ1yuR4apyUddE26Hm
tnYmXWaTFtL3D98rSj+mwyUOOPD/r7JcsK36XUj8bbMZ4avxMJpYhQGV7x8LG1t1
3mKlq9JAvLzIREe7zvR8BbOmPu8AVO2Z4uCGrSAa1BsxGgobZ5E2btPHR5RVWiQS
yYhaIjBuUlPqpa20Pc5cKhZKa8bgfdVs/gsZVwa7T6Xr+hMiSlH0uGIUx85oW4sY
MidmaMRM1dabSo6nTLcQA0k7h3iC4nZ1MpyMpzt98vZCzVZzWlcJ7AW+py9xKUlN
48TKTdqHSwt5R9cLnrR7fSVzoPrS9H7KHcemP3poSN/E0PlD+Wou8AFBGBgle8o=
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICjzCCAXcCAQAwSjEYMBYGA1UEAwwPYW1mLmxvY2FsZG9tYWluMQswCQYDVQQG
EwJLTzEOMAwGA1UECAwFU2VvdWwxETAPBgNVBAoMCE5lb1BsYW5lMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmrV5crzDO/LKasSnEuB0aDwCsdSIaTQ
F6uTAjA6+QlGSqiVDHUJVX5JkCycvGu3X4MRv09MSmqsBdcBbEa2MMJbwUBE8V+H
OKrgHQ08e5O1e6y9P73EXQgRj8cXI7/cRiHm9GHmAZl1blSSCHhZ7hnD+XDR3YEU
Db8vlfPjM5XU/e9J4BPI0yriY9YPnFSzS61TM56+aib/68w7wcZ5wq/x2l1wzjka
B63mkf07BPScQA66xby9hkqQJUo0UC9/II5XNUbzaNLxcBGswbMU9+euRp1it/+x
Xg5DuEtzhl07zeRe5s6gImbGvGntnxppeM0SkZbZ1lCpT3DntI/2wwIDAQABoAAw
DQYJKoZIhvcNAQELBQADggEBAGaPpZwtBx66RzpY4jkjHuIjxD4SQop5XbzfNr+l
HupHV/maWqEwlExTiRqQLUYJ01f4d6y/X8ABU4dyXbaqzWBEBtNg8uIifXLyGcfw
yzn9zzuE6Vlj2366ssJEP+YFYetrzGYkj4SrXQG7k9ZIM7cTTzD/ZjOAX4VI61LZ
VXpEOUsjdP9BcxwI6U17NkFePLfLKByp0uTwECFonIyxzlJLSTbk9xtzPtxA7pax
F/ZrQBEsTdzFQoZca1ZH3UTnmjpcbYJwOpzzlSfrMJs9sv42MZlBuSGzn8xq88xy
KylL9BUn7ZCOhawIz4FEi335e9aq8xcZXnx40OBMOTFE+xo=
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC+atXlyvMM78sp
qxKcS4HRoPAKx1IhpNAXq5MCMDr5CUZKqJUMdQlVfkmQLJy8a7dfgxG/T0xKaqwF
1wFsRrYwwlvBQETxX4c4quAdDTx7k7V7rL0/vcRdCBGPxxcjv9xGIeb0YeYBmXVu
VJIIeFnuGcP5cNHdgRQNvy+V8+MzldT970ngE8jTKuJj1g+cVLNLrVMznr5qJv/r
zDvBxnnCr/HaXXDOORoHreaR/TsE9JxADrrFvL2GSpAlSjRQL38gjlc1RvNo0vFw
EazBsxT3565GnWK3/7FeDkO4S3OGXTvN5F7mzqAiZsa8ae2fGml4zRKRltnWUKlP
cOe0j/bDAgMBAAECggEAU0sRaLTXj4ufH4l9GRAwZ73R8q0QwLXC7u+23Siyyzfi
3wqSNEJHxHV7AU16fDNUIbwIOdqaoRy7Rcywiyf9TyPdlhGidsEWOdQJN7wP/nB0
3PYJTIYajKVYZT+t4A3vcWAoEjN2tLFnfE0TGhBnKi9sGcNfkdiCKKc+TgZCls/M
+ltrp3+QVH9UO6AMj74mNjNSN6EQOcsO8BUqNnzTsJ5mkTLfLyfoerWXtZlppXZM
/0gyYshP+SN4d3Iuj1NUlM3LLTAx/hg08u3ioBURcRBF0wSIkywpgC9SdqAWKWsX
V6BEIbNwRQk+0V782HTWaZ8H9aCRg6MOk5KO137r1QKBgQDkF5lApIoDAkVb0tFI
wyRNnoNtv0HitbXGLGKS3KGyPPqCLgdnngeEgEqB8ejqjkMzdOmn0eaSmg/yml5O
Vkkw1nSmYholzEbEzl7A34f3AOLMx5hegTjiJe3MrBjZN2qoyDJH8xikl+XFyV5J
sNZe6uRyFozIRrzEPMxgW+R3hQKBgQDVtys66kqUz+5EGwY/n6kIV3ip8zp08KQj
Q+a/h/2EZWvulKLv+Wcr8bwSqOs/ZSaKKgK6VOUK76CYQcHDIHuJEd6TEOC32wLM
uhsjX+aVcTuWPHmGZdJxk5JCI1W0NIxdLVJKg5J1nAmsfRmhtk3yG+C+1i7PSQRT
Y1m/92SzpwKBgQCpM3hUI7rdkImzHCh0OY5spfIJL5/IddNqNvLIzzKD7ghHGa4U
h348JI8g5jtKBE6FlWzfOS46Al9iMHFU211gBTZzVsLe1zKIPC6+FRPff6C/GDFH
qcRwvoIxGlk0iY9ttVTXWtYlAylIF6ECOVRNBSKCH4g/6XmOeSuDL6fDoQKBgQCk
UWouqTdgxaKnwLOENakMXdzLptR6Vw+Mgcen2dJlemmLDcNdiT/3PKzjF/eQTaBd
OMHSLDXSu72Zc22cLpxtHk0ofCCbnAvCBxGYmEK9AkvTTnoNiLpOUy1wJqTdok2N
0qvj2NfCD5AsjB8qA/ZYQXECqcFh5P0rdEbsXzWRHwKBgQCM/GGUXWI0LrkcQpDY
dpO1C161b+zNJHWwM+7cL2kM9azVwW3CNq1YV7c+GRuJG8YyToIYJJfIIUSiAFH0
97J/JoQ2a/1baMXNaZf06WATtjsFywtG+O8FwZs9rAQ7oDeSe7l5jP5Mw/WjY/Kq
BKoi+9Nz8JldcTIi1rj/YyuHag==
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDXDCCAkSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjVaFw0zMjExMDgyMzM3MjVaMEsxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGTAX
BgNVBAMMEGF1c2YubG9jYWxkb21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQC4kKPcYH2eCayT80Ye9dBf6JmJGwfpkkHlwSlMNW8hh/aCEhDF8pj6
8xU1Wqqptxs6hHHyLMdtqw9AlnOZlOZdTh8zwA5ExR+vf0IPK/bCDkRtUwBlyOUy
LsEOoqMbdTEhGmriykQS0t7O63vsPeiX6oF31AgaNfI5glxZpjUI61rKcHTxCYAX
XALSnIw13fnaQxz2ucmnioTToM28X0GA4ByGs8zgPkAf8F+tDYr+vfiYPZ0ELmLY
AXJCdK4e/VzY1DsfkqnWCCbVZYg/sCjxFIa77PEQ8rUJ0VBdKE0n+O6hqR/7lL6g
Idrk9Vh0LWueQI+cNy/IcVQbBOJaPVZXAgMBAAGjTTBLMAkGA1UdEwQCMAAwHQYD
VR0OBBYEFBxp6AfQv4qeBrN5tM2WjNjC23pkMB8GA1UdIwQYMBaAFLFq+pyZvAQq
Qohl136+YHCiDtpAMA0GCSqGSIb3DQEBCwUAA4IBAQBBnrBNSkmzMM5TTBrzCmgo
GktZJy5iM5394OSNKwYdIAxFUotIP7PKwE4GGA9fMauYw+Q5AictubsZEW6Pc4SK
wtvgDUkCmtOitdMxRGYa7lmVpLxsyCvyMVTH5eKvSWQeMBomOP6WR4Huzj+RGcTc
dU3BbNByNMnGGoXO0WYoW6nal/cEIaogYtH2JM7v3otDztGN5ixmvkNxmd9ewLEu
jYkcpqY6WPpK7TM55fBr4f7N5Tin7GM8lE/SQfnJzREsCDPrkLoEuB6DXG7dgjvA
ZdrM3eD77xamzT3nA0/5Up2bDoQLtYMph0muVfDrOKL+pzrtSrR6CnkPVgX2aWrF
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICkDCCAXgCAQAwSzEZMBcGA1UEAwwQYXVzZi5sb2NhbGRvbWFpbjELMAkGA1UE
BhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQKDAhOZW9QbGFuZTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBALiQo9xgfZ4JrJPzRh710F/omYkbB+mS
QeXBKUw1byGH9oISEMXymPrzFTVaqqm3GzqEcfIsx22rD0CWc5mU5l1OHzPADkTF
H69/Qg8r9sIORG1TAGXI5TIuwQ6ioxt1MSEaauLKRBLS3s7re+w96JfqgXfUCBo1
8jmCXFmmNQjrWspwdPEJgBdcAtKcjDXd+dpDHPa5yaeKhNOgzbxfQYDgHIazzOA+
QB/wX60Niv69+Jg9nQQuYtgBckJ0rh79XNjUOx+SqdYIJtVliD+wKPEUhrvs8RDy
tQnRUF0oTSf47qGpH/uUvqAh2uT1WHQta55Aj5w3L8hxVBsE4lo9VlcCAwEAAaAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBUpX2wR4LNsuhCeFLjjiJKClOdkqKel/U2gCr5
pW7JisU1pnSBW1ZnI0usssGQeejJUvS+24fTb4aQp68DJ4E70s4N6M+oMyUlCIhH
5ELkG/rlXtir4/l7WP/vF5M1F0bPKLCA51nRfV9tvBR1nAVFfr5ZBGWo8vZBKz9v
v43beNjJxmCkurN7j78WP0TYEs7ehGCXh0mDtW6SurKpnWswsjInKtyUR470XHwt
cVJy0HelsBsqpf6I9SlY2J7SakGPDtqARkIisKA6vO4sZdKP0aYapY3nCB5rLvNH
mC28DCX1R0gqBoHTML0lNUiGEsDe4R4O70dHvWHdZr+zPow6
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4kKPcYH2eCayT
80Ye9dBf6JmJGwfpkkHlwSlMNW8hh/aCEhDF8pj68xU1Wqqptxs6hHHyLMdtqw9A
lnOZlOZdTh8zwA5ExR+vf0IPK/bCDkRtUwBlyOUyLsEOoqMbdTEhGmriykQS0t7O
63vsPeiX6oF31AgaNfI5glxZpjUI61rKcHTxCYAXXALSnIw13fnaQxz2ucmnioTT
oM28X0GA4ByGs8zgPkAf8F+tDYr+vfiYPZ0ELmLYAXJCdK4e/VzY1DsfkqnWCCbV
ZYg/sCjxFIa77PEQ8rUJ0VBdKE0n+O6hqR/7lL6gIdrk9Vh0LWueQI+cNy/IcVQb
BOJaPVZXAgMBAAECggEAIqhShNb/r7YMWKn1kGnDa8cfUa4oQbWLt0ua6Cseh7Li
2NDwomMoU/Nil6bDZmQycj4dsYa0GkVlc1DtOzlJOtspI8wcQdCsXwWsD3JHf3Az
bD4KVJKxa0d5TDjBHS5X/+nYiWbG+qvrV/rDRfzoGOLZ1fkUXmuj5SW0FseNrPNH
VaRrC+YdnFfOs1m+U7PZQmxSrp3C9FxQWCg1xTXT4vnOeoqsJLDQX6njCI6AONPD
9vfeGLMD3D45Bk06xfv1zFz7oNgdu0TbOISiDKewUJX1MIpZbaDvx0LO7dBeJBWI
x7yZymTy6B7cspyO9WuC7B3uvSZb4Dj0kmityXze0QKBgQDk/6QY2FMZbOpC0xuw
8T67sxiF9omr23lxWZD+2PMe4IgcD3mijr50bg+pnoZ/R1cPs9IRT27gtuKdpQlS
FOrV9kmJqXGGMO8R2edafzGRim3M+oKVOC8KuI0z/euGTKtKpozMKaoUF68nrMx4
/7ybauLVYOuWDEqI+Fu6/yY+MQKBgQDOU8OOe5oW3BcNY3/yq+PWlaI9qEehsJTn
kyMvzn5YbKg5yfF6rexm04pY9WCOZfOzvP5NdwwG/InR86YaVOxuuiDE/4WMip18
rDLabGhlcxsja137c14h8hr936xcF2A4Nd5Q6GYOtCMYNAvCTSAgI98jyiwDGxsY
vXl7WdQTBwKBgQCgZa8698q89FzhkZzDwzZ9omR68MRda80UZ/f3iV5BMmQjw3Mf
OXyNcMnntPHgFMgWZ42sMkcnfvIcGYz9wUj7tRatJdIue/f4OPijmpPNrXhbKtxs
SH4qtDmzQRfHacxQ7XeRSV2n1S8KSy6tUfN5qNRZQRnCb7mFVvBpem3/AQKBgEIs
VUzuUXZBcldF8TRIctNQvG8f+JFgC/HVm/RqOtVrS+z02rDo9SfpcrajRCuHgUjF
NZ5srvvSpPUkOsK5N/cvVPE5roBruKTSqaCqIjVfXHXYqpTJ5IfomUWRJjuG98Iv
bLTwREM0/Qh3MMpJaCNGvftBjSoV2HPv2PV50u2jAoGBALbTtPaHLmSjTE6L675y
Qb440nmgkI+5jl/KX21Gjnes5OqqVmmFzz/1fj1/ZwGpbzp10jdBG2zKChATMsjl
xqPq6G0Gu5RKUeRbT64at3e1+aukU1W4L05GAS8FQru4qixKVK5be/24bmTLTpJ8
tm0reJD9N9KJQouyqctAnf1O
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjZaFw0zMjExMDgyMzM3MjZaMEoxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGDAW
BgNVBAMMD2JzZi5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAKOY6GHHkFrexUafHFilmA+vsnx7tfbFS7Mkk41QmSXR2+xjG1MenpOQ
kOJdDq5tFm8SsBIqaNmyTM1Tx2j6vT01KnludLJait4Q1F8o5npF5YFwMegVf06o
ZcDrsFpdyIi1EjoFt1bhM02j1GkRVzfIycPi3xrJ1croWWtIj0J/CN4TkoAYaqUW
8B2pccwVbb4jvUyGU61xIARkm/pHIYrCEjiuWP99imbROSUMBX9ne/krtgsJYylZ
XPvZiZkrAXCFHx2KKrm9zOaXeYHSCEiHJQRAaSJICJA2COz3zzN8XpIJVP8paiXF
B5oFoUwex/VdZ/a0m8jm05++jcHXVIECAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV
HQ4EFgQUgkNWEi5vGgi/rNh4n4WI3VkWdxQwHwYDVR0jBBgwFoAUsWr6nJm8BCpC
iGXXfr5gcKIO2kAwDQYJKoZIhvcNAQELBQADggEBAE4+FPquzZPJfAg3namKryWe
zJjibTvvZenRDoYhkJ9HWhi4tPvLAUqCHLe8sUfxcf5k17T+u7pYfK/+1IpGomWh
Y6OxrxnNK4bnhxTFEch9j90x+cLyAAKVzDAotAgI/OoBQgqiSo0I3pe6MBVPZVIH
Ga5aghA1u9QsLOr7XcuHLAXzMpYPq+6vjHTy1cSi3csQcVNLo67pB3l+b9o1lVGz
6Y8V1L5n19OQ+gbCOSQrGXPAivWWJIDvKW6mtinFLNZ2f1/WDvkh9L/nSFNUsNOj
uWqheRX7FegwvwpjhFfe7TdLQg4OZ5Q82JRFiVmcwx3cDRHPe8BlIdkkTmJvilo=
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICjzCCAXcCAQAwSjEYMBYGA1UEAwwPYnNmLmxvY2FsZG9tYWluMQswCQYDVQQG
EwJLTzEOMAwGA1UECAwFU2VvdWwxETAPBgNVBAoMCE5lb1BsYW5lMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5joYceQWt7FRp8cWKWYD6+yfHu19sVL
sySTjVCZJdHb7GMbUx6ek5CQ4l0Orm0WbxKwEipo2bJMzVPHaPq9PTUqeW50slqK
3hDUXyjmekXlgXAx6BV/TqhlwOuwWl3IiLUSOgW3VuEzTaPUaRFXN8jJw+LfGsnV
yuhZa0iPQn8I3hOSgBhqpRbwHalxzBVtviO9TIZTrXEgBGSb+kchisISOK5Y/32K
ZtE5JQwFf2d7+Su2CwljKVlc+9mJmSsBcIUfHYoqub3M5pd5gdIISIclBEBpIkgI
kDYI7PfPM3xekglU/ylqJcUHmgWhTB7H9V1n9rSbyObTn76NwddUgQIDAQABoAAw
DQYJKoZIhvcNAQELBQADggEBAGh+iW6t1TL6ylPvzJpICuoSitSF2FsxbfNBpu+o
rZpVlwUsJNRzofxoU7HGEJ8gIAs3MmkkMacaAnZ+o2sHuxtyVnHlXWBfFdRmJIW8
WikaJTDV2s3lSgntvQJk9PiRtRJfUAO+z78WQisLah/lxKjDEUQs1PTKPbtQTj2O
S4ys26g0OsBwRV11qB93EEQFjz9eExYk18CKgmzntTU5yOJJ3PFj8rjvyyybNtdY
WulE9Ht0rcBZcsDfYw2DvOaz50MtUviTjAZxFHLuyE8igbjy3H5BORFOp5Vm2ybH
/YUwcmvXBiszycaG0JRL+vOIEXAc1lsgmfg3er1QK5N2u7o=
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCjmOhhx5Ba3sVG
nxxYpZgPr7J8e7X2xUuzJJONUJkl0dvsYxtTHp6TkJDiXQ6ubRZvErASKmjZskzN
U8do+r09NSp5bnSyWoreENRfKOZ6ReWBcDHoFX9OqGXA67BaXciItRI6BbdW4TNN
o9RpEVc3yMnD4t8aydXK6FlrSI9CfwjeE5KAGGqlFvAdqXHMFW2+I71MhlOtcSAE
ZJv6RyGKwhI4rlj/fYpm0TklDAV/Z3v5K7YLCWMpWVz72YmZKwFwhR8diiq5vczm
l3mB0ghIhyUEQGkiSAiQNgjs988zfF6SCVT/KWolxQeaBaFMHsf1XWf2tJvI5tOf
vo3B11SBAgMBAAECggEAAlCr87PItz99LlPauWatA2ZQrd4sj9ugh85IBAVAqJJK
5OJNaQCHPRZ79WccmcNvkIZ0vUoSOifxuitiCFpZhpnnsiiZ8ErzmYNGlRrpoY/3
CK0VOLgCqWLcz0VKlWnLuGMLGSz66GjnEmWD0FGTcNW3pLzzfDAgZVbiyo/QHrBS
mhayw3ceTgggFDeqBXEpG3w1CeWIdOLafdQ7fCUkv34Qww9/kJ7gERbX4eoAHZMO
fwkkOZ6xsKxH4tKOEAo4hkTnTo95P9n5UpvDGG/8fKV4vkto9KMWnCUSMUZz/t0Y
G/Jv5aHOQJkfnzS1QtfgfZiHGbto5R5oOGZsy0NdkQKBgQDbJgQwVErskpYGNJwc
tOcz3gooTEkE9tTsX6mT5cCtY2A59k/y6rXSv8X1es2CCkDFLqGHuOW/TBG6ZE9d
8JrQVqQbjLe3kcdRdHlwdfzaj9HfQa/ZBZ2gGzhzqrB9Cry7v14F8vQ1M4qWtEXn
XhWFbR3YP8qjFs3eKLS7DC3x0QKBgQC/G4DJPXvivz+M6iQOYWZH6aO+00Lrm0iv
UsHPphP3LbIz3cDSAqXRTG18oOikmFCQkfNCRzB55JFwf6Udd/A3CdrIQ4rsqEWn
kgtY2ZKkU2ZFtCs5wOiD9gk9CnsAb6D8rSaiKkp1X7VMssyoMrHkBFXvQKHtXuCk
OkEqR56zsQKBgQC43sst0g4aoFY7CeqgNOPN14QOFryKmYdpmBHAGFOAcZLdkrJD
JEkabnka6uuuxeN59CqECjCWPh++c5yYjL6s/koWi5D4JNxWFMHVY1NZNXZAtnMX
yyr7w7rNqLKV6ZbpczhoIFpu/vnsxEssMSxKkJBauwXAqx4kSYadPFsN4QKBgQCT
2SVDi0ui2q7ByArpDTViAUFrSmoFePc8nFvQ1/2uRy4MrkyUrPO3/tbdimcxn50E
m8WEyyqXwts6G6aUK8wt6HPYZ1i9SlnJEFWzAXBPrS38Uyz122aHYPs4vDj412PG
1/aBkxJTyB2tHs7yeXXin/ATzv73c2V76I2ttgbzoQKBgF3J7l1yUQ+4yxMUF9PI
Ta1S87ShIM6B6XgzmdGYyn27lB9jAvmnwNe4pLd5GXZsvIZi8FuQQ9WNPEl78Nj1
8kSBwSi/MZS1/fiLyP+IaGuaKrfYbEzIlT2rXSgO9IG1gdfO/MouuL4+brynXeDS
BUuR/ojPd0aSsdGhNFvcwUYA
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDczCCAlugAwIBAgIUWqr1d8XhDsM5Gk5y7G9u6KeTF1wwDQYJKoZIhvcNAQEL
BQAwSTEXMBUGA1UEAwwOY2EubG9jYWxkb21haW4xCzAJBgNVBAYTAktPMQ4wDAYD
VQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUwHhcNMjIxMTExMjMzNzI1WhcN
MzIxMTA4MjMzNzI1WjBJMRcwFQYDVQQDDA5jYS5sb2NhbGRvbWFpbjELMAkGA1UE
BhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQKDAhOZW9QbGFuZTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOfs1L9v9DIXY21LuT8+Gvkmie4Zc1fN
OXP+rZAwZYiQpu9Awtk/L2YgAnJ9zXCNrL8DoGJGWGp9KyN3LJeFu6XUbyXgYDWu
Beg6LN6OUPv30zdjm6iIwEmBtiBgL5HYJZunP3b/OdABIJu9foeWdKVuT+jFNlHK
f6Arod4sVGp2kc6owkGgYE920m04a4UsYuDGhpGvIAv/r5/SBNdKuysF6gE5YHHv
4Hk8RnrxrRwQIGasMAlguwhNfbNqupQ1cxcOtMTBZ8KMv+dji+2f5PI0tmmbSeJO
nENk+A/i0JiuBH6szjZ3ylAuMiMZ42FqFLb9k3FHV/YosxZlzTyFldECAwEAAaNT
MFEwHQYDVR0OBBYEFLFq+pyZvAQqQohl136+YHCiDtpAMB8GA1UdIwQYMBaAFLFq
+pyZvAQqQohl136+YHCiDtpAMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL
BQADggEBAK01l12RIId/hjjaQy0pEbB8LU0DV9KYw3ibkFTrVnxXdAtOEvsAAGOX
s5hwltZChJJyIVEh5uwAHUMrOs3MazAMhD/FiWBeqeHjh60BTR66tof2Gll1uPRR
D7HHg8E2q01OQmZ1zhj25gd5FP7OSAgXh71TfB6CpRC/gPtYv4vrfe7ca7ZCXKM8
h3sQxwAMajjHzIKn4ZbqzUfP+ALpOGokbCo+a83PlZgTrG0wHH5MheGQmGKUQaMP
THXAPNaAaoKXbA8rup/fzdinBG0aj5op8bNS+iZUKOLws6M2Zrns2UQ+PxkhlSoa
soOVoABREvi8iSj0hkEFrVdp8loESs0=
-----END CERTIFICATE-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDn7NS/b/QyF2Nt
S7k/Phr5JonuGXNXzTlz/q2QMGWIkKbvQMLZPy9mIAJyfc1wjay/A6BiRlhqfSsj
dyyXhbul1G8l4GA1rgXoOizejlD799M3Y5uoiMBJgbYgYC+R2CWbpz92/znQASCb
vX6HlnSlbk/oxTZRyn+gK6HeLFRqdpHOqMJBoGBPdtJtOGuFLGLgxoaRryAL/6+f
0gTXSrsrBeoBOWBx7+B5PEZ68a0cECBmrDAJYLsITX2zarqUNXMXDrTEwWfCjL/n
Y4vtn+TyNLZpm0niTpxDZPgP4tCYrgR+rM42d8pQLjIjGeNhahS2/ZNxR1f2KLMW
Zc08hZXRAgMBAAECggEACK8vkDOK+00w5ejN+PZEYEv3IjlFvmXq3tMMgLevNZvl
BFRyd1wMVFCihtL7HFnRvB1Qph1oNiSVtvBBdTMGwcDgoJR0Rc5MXlO/Vl4R3j17
ZTmPnJHyUU5QGYpAfb+QOPHcSIJqEcXZCLvhvwX9PCyTRW4NCKcCfGbl2sHiL1JL
BQ4++zPfjqoK7sJ+WC6bcEYQLpRHZSIZm+kzlBNUyWdtY9WzT8mTdfpzS4X8sZIH
DrmUFufMkgyciN7qt/jBhps/4/S4yjrbRcOsltcg/1Oba7ayC+vGyzGeGPGA1ddS
+bprG7+nUGRvo/bTC5YxVpIXSlOXizpwpzufpyV+GQKBgQDrVVROaG4dcUKdg35y
dLjhRcAAgR2gRJYxG2tYRGsDhBWAvVqJ5MwY919j4kdwQ6UBTnWgCFsByiv6OX6P
kK5Em8ImLEOPHn0nIYNFst5S9GfeEPaCo2jtH1k8KJYbIsUWg8toONv54Ee1VxXV
r6kS9H66zOC0GlayNazQV85JvwKBgQD8SuFHrKrGdo1Wa49LnWRQsTF0rkBXXUR8
2NC3SiwyrCH8A+nGv4msbkKRcEOQjkbAthYjdhSXdYFtNLYsYa3VCsMDGV3YwA4w
LhjHUsdt2W8Wl26Oo+WcDa22NjTyc5kk827EsgB52N8ug/ylVP01AVr5kEeQ/t+T
yzQzeftkbwKBgAccINvtk8YX8edIXb2fgSZtMQvS2s5IxDDfnzKffowwpWWqUt3v
p6rpblxaLcZahNWxRSR8nCNFtGZu7j/wIxO3kPoORExCo41XGdw1NzpSYAD5ijkQ
Ls9bLxr+LurK9iFkAfU4Io0+FWyJIQO/tt/3uwxxvCg004G21W3F+VmJAoGBAPJZ
U7IwERP3yakcRVgTZsuEisdUo4XImAN9mnCXFYHPjA20DJrYXv1+JP/kYWK46Qox
X27M/NbJD3zBx8U2R2+AmPefJGETjA2IGlFOGThSR73h1Ve75NJU6WtBAvdrR88Q
8HSNsJtbUngyXTzMOTbziFp21+hWjJpB9nEEWhKNAoGAVLy+5NBYg3XUSZRDhjgG
D4LyKf7PjaleMceeZHlhOfG03pjnqZ6vEH6g86fUj4CT4m9JNJPtmhTu8vb96h9X
EVuEkfctkYy8KPmmqqiasZb8viMA3yz4o0gY2Vh/ZgEuFTjLVANmrP4FnPPQSLPX
OoF11bTHRPDa1vAN0sBCVoY=
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjZaFw0zMjExMDgyMzM3MjZaMEoxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGDAW
BgNVBAMMD2hzcy5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBALljW/sKEWWc9NmMz8NpkskbjXtlhkduRWDapIKLTdUUjl+xP2Rbve0l
ag7Gxw/bX3IkSKQcHwiT1+QMD+CgCcMMd9txI4nVkCP/7+YQVGfEe+2iclp1CrM8
P7a2oaG3LzzS8Xz+iTWFW+eLE20B4QHygCyQwN14IPGYLkzQvGAe8MfiBfOCIJnm
t4NKGyXGs31Tvbl5+Wzpm6hIXvlqPUEgjHXNtC6u6FQdCPPxcWwt2O8zT9aB5B4G
n/914qWlzurUTlnhYg8HV9L+iyidD66v8JMiKQ9xuPNWMKdoxaw034qH3Dg9in9j
Jqdk3AJdvuqjdmQvPBoOFBQKDcYW06kCAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV
HQ4EFgQU5GTunEyNMXr1ZZTh79w1hSC6wDYwHwYDVR0jBBgwFoAUsWr6nJm8BCpC
iGXXfr5gcKIO2kAwDQYJKoZIhvcNAQELBQADggEBADYTkXOb9Kx31MN3LSLCz+ky
KEi3Pio+eI65vTByclmfu/ej2AmGMmHylJQ2RpHzbWOe2MPmpFyI/yfqR7ZoIcfs
soEnYk3vi4Ul7ooYqWTIvAl24/g5ujb9vZ2+7ZtiyFsTNG3kB/zdtS6X6CUk+e3H
GbYTHjxvN+VmFJmCJjQpSMTQC9JGuqof3z+R7OODyJG24aw2g7rVtSDW3J0rvDgc
1RylH/D2KJMBGjo/JlXB6y6wCTu9iLQ5prqk7YunFlpLxjsEdqrQ+yukLhwRH93x
C0GQA6rMQEhC3paBukP2ePAJoGCqanipp/oJ6OJLnKqVDha69IXPSJLEhqAqtX4=
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICjzCCAXcCAQAwSjEYMBYGA1UEAwwPaHNzLmxvY2FsZG9tYWluMQswCQYDVQQG
EwJLTzEOMAwGA1UECAwFU2VvdWwxETAPBgNVBAoMCE5lb1BsYW5lMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWNb+woRZZz02YzPw2mSyRuNe2WGR25F
YNqkgotN1RSOX7E/ZFu97SVqDsbHD9tfciRIpBwfCJPX5AwP4KAJwwx323EjidWQ
I//v5hBUZ8R77aJyWnUKszw/trahobcvPNLxfP6JNYVb54sTbQHhAfKALJDA3Xgg
8ZguTNC8YB7wx+IF84Igmea3g0obJcazfVO9uXn5bOmbqEhe+Wo9QSCMdc20Lq7o
VB0I8/FxbC3Y7zNP1oHkHgaf/3XipaXO6tROWeFiDwdX0v6LKJ0Prq/wkyIpD3G4
81Ywp2jFrDTfiofcOD2Kf2Mmp2TcAl2+6qN2ZC88Gg4UFAoNxhbTqQIDAQABoAAw
DQYJKoZIhvcNAQELBQADggEBABWDs9H10OPMkVJspViUa7DpykmjwqgwZeobtUsn
7MRP7a4/UUA/OMEgK3HQArIE36byYQM9u80FQRVmlgdM8h3gOABNlyD+Xq/PPCdV
/+YrAWrLkPGbPgKeyAlVYlqi0j8laC9JB/5bEVh8JUxZ9RlZdYmMVITAnIAUfmJ+
avGxytm5bss//Vat89HlUvPt5NzrmR2YgxzH5PmMx6AB13JIItg05YBE/KPZd+KC
CsLyCzjZj7GJ12l1X8nI/EN032kRPQD/0knq1rt2gyxs45pzA1XGJNiFMFEnJ7Oh
jIeFnbnGxBvx6hu8tOky41OubB1erMok0UV9XpT987tPA/Y=
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC5Y1v7ChFlnPTZ
jM/DaZLJG417ZYZHbkVg2qSCi03VFI5fsT9kW73tJWoOxscP219yJEikHB8Ik9fk
DA/goAnDDHfbcSOJ1ZAj/+/mEFRnxHvtonJadQqzPD+2tqGhty880vF8/ok1hVvn
ixNtAeEB8oAskMDdeCDxmC5M0LxgHvDH4gXzgiCZ5reDShslxrN9U725efls6Zuo
SF75aj1BIIx1zbQuruhUHQjz8XFsLdjvM0/WgeQeBp//deKlpc7q1E5Z4WIPB1fS
/osonQ+ur/CTIikPcbjzVjCnaMWsNN+Kh9w4PYp/YyanZNwCXb7qo3ZkLzwaDhQU
Cg3GFtOpAgMBAAECggEAO2h5PdnMmGTzW9HRdHwc80BWlvACV1qhdfeq10Cf2QQk
2cp5l4YEt32RXpnZiZ3RmMjC1IBEe6GxAd3RqrhuWGhi8lnvuwhKkBbAwFeETNp8
ojq37X/rRWOtwTYGVsXWp+WrSFRjENkjCfCZ8Yk0G0UkSOO8QlxwJiuPzsLnUt+b
wO/bahViAu7c+CyPouw0+MJmysZba1DSRoYSAYF6yzOolOOfk9HIEcfFyY+wCO6d
hRVcGe5FgFS6hsBC2RLDrKc4sp1VoWOSkI8MfsTsnSvIdWHKLqvmdDlhoEgLJQ2C
BuPX9J50oa9naLb0FszZNjsF1o1xNXvdzzCvWXIYXwKBgQDWCjlJDte/o48jFbvV
aIa7jkChD6NWlMhGv6wRftblNU2WxzwQNiDxKo2OK3o2OZaOkXD7u/GrUzsOAnRs
N+4I340UQz9C7tfzUmsFjS4ju+xxeaPQX1Wmnz5HSN5mxU34y3FvLdyeitUbadNL
CbSeLXI+qzMoecrUp30qHsKarwKBgQDduzhI0xQS3BAWxVz63vMv/Pp7dCjgg/VC
ULYv2d4z5twS9fRwCzyhtmOPRQzHOvgxPbU/MF9DW/uXzAGPFYZSzfWuJcv4u1mp
Ha48GZcxA3C3HWpimsn9yZjcdWG7QV2BV6RgMwH0nUIxZHxQ7I6gplJasZN5dwlZ
glPAAOetJwKBgF8cV+xQ/ioYQgizJa5lLkm1op5vVoOoxX46uflkRZXAo+O2UMhb
ZTQFVrWwODRUTsS3eF9EWtVovLsy+A0GpW2n+QbiAwB5Jdjn7Mqgu7oBTcX26YY0
dtj9tizzAnDkiAtgS929oWWKB7yQv+V+QJZxV2zlomwAAtOQQZwv4wXdAoGATReE
8D0DY7NDnMcuFsNhhjPM2xN+CuGWamIpleWIDj+cELOXM0WU5RzG7M8zLCnilSxB
UiD9XiwjA5oYiKkRNMULQGs/ydFJ0TTSmW7EVHQ/wkrl7DapOCXZkfz15+dIHWpd
al0RtvzeQNIRLwmwZUaup33KKpcqlwZrG/y0kE0CgYEAtSp7JuJWnFCRBGYzITFG
3gILjbzWxKquho7vOjlOZ9Jn0zHAMjMFaa5jO+jDVeFTo2ma6vJNjkrwwSt2ta5j
RL3+dBFB8uFgihY68j2yP8OeTuMOUevinbKgySMcTP7mlLzya/SAk9bZFqTJEB6w
CA6ghp5l+Pzf2ziJKd3nc0c=
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,63 @@
# Copyright (C) 2022 by Sukchan Lee <acetcom@gmail.com>
# This file is part of Open5GS.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
tls_sysconfdir = join_paths(open5gs_sysconfdir, 'tls')
meson.add_install_script(python3_exe, '-c',
mkdir_p.format(tls_sysconfdir))
tls_security = '''
ca.crt
amf.key
ausf.key
bsf.key
hss.key
mme.key
nrf.key
nssf.key
pcf.key
pcrf.key
scp.key
smf.key
udm.key
udr.key
amf.crt
ausf.crt
bsf.crt
hss.crt
mme.crt
nrf.crt
nssf.crt
pcf.crt
pcrf.crt
scp.crt
smf.crt
udm.crt
udr.crt
testserver.key
testserver.crt
testclient.key
testclient.crt
'''.split()
foreach file : tls_security
gen = configure_file(
input : file,
output : file,
configuration : conf_data)
meson.add_install_script(python3_exe, '-c',
install_conf.format(gen, tls_sysconfdir))
endforeach

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjZaFw0zMjExMDgyMzM3MjZaMEoxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGDAW
BgNVBAMMD21tZS5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAOfRYYARkQf16dejrenOv9VbNAInKLH5BByRobC/FXYs/1ZEpE26QQpj
ElSZfdc9ri6tlGm8JzsWdeospR10abH9wu/80lerrOJFsGAKC55tLbO0N71Odlk0
UZms/Efets+4Y2N/ubgq1RStl6IhqkmUOgfbvX69h7+po4PILGMixbZiQTW9DwH+
aZJ9Gb3YScewikE3J6E0RPf43ABX9roI1oU078n2nj7qZlCNd0zJ9vOXQiQOdcW3
8PKHlrobulMYh5SmG5ASidZzexHy6csKiH/Rr2EC4mZTYBepb3QZy8+ad9b5Cl74
yuCcKGf95xui1E+YqGBM9Gi5+HNdr3ECAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV
HQ4EFgQUVhByp4/5SHL0qj7sf6dXxrcO6L8wHwYDVR0jBBgwFoAUsWr6nJm8BCpC
iGXXfr5gcKIO2kAwDQYJKoZIhvcNAQELBQADggEBAJTHO3re3/Tc9YeMs3Z+Kog6
9z3Rb+OJ5nB56Y7nXVpJ70piUpTSVwPxK1r5a6QqHO9tTTgp5kp5i3u1H3cYnn3q
r9if/lkNotdrOl1uwI9Kb3eb+4iwZe4VUnhDvWbC3oWVHcyZheS95qxuW/HfErxU
eZakK1J5rynrd0R8fZiJBfpYeBfOczshDlLZ8G40gwmGcHBTJYQ6bYJjjA1jQXzF
n1fE6WQBu7q79eX9w0U5Sf5Xo9Ale5Y7o6ud2aZT6F83Upt1G83BhEvQ8vrseTD6
SHme/cpGXmSToBs9hJfrPuDzIkjGG/kjiVsFalHiaUtVbGvMqVa2iaHZ3HBzIro=
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICjzCCAXcCAQAwSjEYMBYGA1UEAwwPbW1lLmxvY2FsZG9tYWluMQswCQYDVQQG
EwJLTzEOMAwGA1UECAwFU2VvdWwxETAPBgNVBAoMCE5lb1BsYW5lMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59FhgBGRB/Xp16Ot6c6/1Vs0AicosfkE
HJGhsL8Vdiz/VkSkTbpBCmMSVJl91z2uLq2UabwnOxZ16iylHXRpsf3C7/zSV6us
4kWwYAoLnm0ts7Q3vU52WTRRmaz8R962z7hjY3+5uCrVFK2XoiGqSZQ6B9u9fr2H
v6mjg8gsYyLFtmJBNb0PAf5pkn0ZvdhJx7CKQTcnoTRE9/jcAFf2ugjWhTTvyfae
PupmUI13TMn285dCJA51xbfw8oeWuhu6UxiHlKYbkBKJ1nN7EfLpywqIf9GvYQLi
ZlNgF6lvdBnLz5p31vkKXvjK4JwoZ/3nG6LUT5ioYEz0aLn4c12vcQIDAQABoAAw
DQYJKoZIhvcNAQELBQADggEBACCmqKiZ7lalTo2IacCqfhzE9XCzwltNoygocky7
aEed7vSX/3pxf4x7ASphZd1gytnePc3bVvqChxFKkgTOUCLd6KTcKsPuXhVPcr6C
0/f3APspWyvZX/sYMLHpS+b1BkO6Uego3ZM9FauEP1kynNHy6Bf0h5BL3YB7yYBJ
nj9UaGWpEAs4LivGWD+4iici2a1GfhS++PBD8dSd6ipELCEOkTuTZoFquZF66cfC
3q+Isd29jbIiO40LnQg3Qi75ECXw7Rgzn5rr0eclIEv50fayyd1vWAG5yXbSOyxT
L/ZBnNDXSLtZV1DMHEvB7rlhXvLEK0874QDtYcQEOltgVOY=
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDn0WGAEZEH9enX
o63pzr/VWzQCJyix+QQckaGwvxV2LP9WRKRNukEKYxJUmX3XPa4urZRpvCc7FnXq
LKUddGmx/cLv/NJXq6ziRbBgCguebS2ztDe9TnZZNFGZrPxH3rbPuGNjf7m4KtUU
rZeiIapJlDoH271+vYe/qaODyCxjIsW2YkE1vQ8B/mmSfRm92EnHsIpBNyehNET3
+NwAV/a6CNaFNO/J9p4+6mZQjXdMyfbzl0IkDnXFt/Dyh5a6G7pTGIeUphuQEonW
c3sR8unLCoh/0a9hAuJmU2AXqW90GcvPmnfW+Qpe+MrgnChn/ecbotRPmKhgTPRo
ufhzXa9xAgMBAAECggEAHPsdqSueXzQ8pZ32XjkKiCtXP1T9mZur38B1yjQRWaKl
fKJR4iUWACzuO+UBM6P9PyOp3rrMMsRg6G49aYcbYZ+mZmdL3/RRRZZ4cYE//kXg
RUuTU6zX+dijF5xl4RGe9tgH64aqcAjsIPd/cfWrJXi3n9zg/f5xgUy9aaUK+4zp
K77vv6ir3PjtHdQOqDTHblLdXJBDtNprF6Q3kvzWLdVptM2jhtsfhoZ5J4RnrkGm
e9VwUksWnWK6NU3ezYndN2zDe8fkwRKWmLD/DLMrWxOd/E+1T2sUsiTYytxhCMpR
+x9hQZ8P1ogWivYZe0aEwzEcr9SR7sOafdnF+pFnswKBgQD/4fFSHI+c/nL0d0TR
72BfNieuelnaxWzbsPDC8/7YzRd4g25uWCwoyMxzVntVSAdADmI2aD6REfIejLro
m27AvEkMvXCBJIn6ZD6a/GVvLGAiJt060Y3znyRm2xCsynnfw+4RAK3Rs3Vqu4EC
igHytUCKRsU1F3PeFYBABSKdswKBgQDn7JyG4uFl8YB3dm47SiaVxSNHVNnIKQJD
kULqgxLV0jWbMyXx/brS+tp0ABwavRFYxhl3f1wm/ZBk7YnFCTxrpwG3E1MPu4bn
fMJqVEbGFfJEkBePpB+3o2VFGYCrC8wsQx9+RsM98+f+jETqIn7J/j8W9Ht4Y1J/
2mlWubqUSwKBgQDFugBSJQPMmsqVobwqRUFBEYXkS2M3rCsMMFQ7MXQSb5jdZSJm
XffxpAhob8FqCvifRP4bcL44N5fSh4i+yazxfg0srQ5MnMGKHQBLnxF6sN2wRjvZ
gaihQq5MVKcz/lni0XIa7V1jl7r5uN5d6erLc8flkf49olvElvS9g7pWBQKBgBNX
3q45WgdAnzBXhlYXlyRCrvCSGR/im7e689PPXtDKmYH6QB3wxZY3KeUm5TEtt7ap
vxICY1M1LsfcL/NpE8r+wNveFr1nLJc+BpELumNnDS++vNhUHfkY/adHuz2I3FyM
tKG5kSsnnp/SXyUP/3clZ2motmuSDR1wv/xlvTQFAoGBAKDDpj2v3u6R5qWWWb4C
+kO41YOGAlx52pcukmPV682CQZyJHdWFG3YHNeJaSBMVayHN+roIbnZQHJGTbS0B
jOMxgRyt6a86uGBHQ9PUDRrtOH8hcM4Wg5RnKip5GGHWnZYXH421p2ErpDE3ZAO2
nt+0/3cXT4rENRXogOlzP3aG
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjZaFw0zMjExMDgyMzM3MjZaMEoxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGDAW
BgNVBAMMD25yZi5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAJYwtO+kISwKZjSQlQ9eQNtF1/DpUFi8qrupceRuPtlAwsEFaly8BRiH
bCuBcRdGjrIgHtoyFJDW3wi3veKn+xkUoSTcIdHahGwon6nryW049ef5tV2CtNqf
RovgVACdKh7QIruIyqUhJUED+lm4s18aJjKb8QYne4jl18unM5xQkdHfL2bRh7Ce
BZV9/GxjYyNGcLQUWf1Qme3dqLvq539XACxBr8NqmYSDJGlrSRG0i4z0Faa2Znnn
epOTyRuttBrRgsebzszh1evg/zWgc5hsMDr4DoPVOfWfAihNkXmq2LF5kZsBqXdr
kQS6rZsxV4KRF1ynafMNxp0E2I768ZECAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV
HQ4EFgQUofXRxrSK7mNyrNQCStGT0rE5vJAwHwYDVR0jBBgwFoAUsWr6nJm8BCpC
iGXXfr5gcKIO2kAwDQYJKoZIhvcNAQELBQADggEBAHAaED78OABG0UPbkWUG1Bqd
kWPiZVKySEj1zc8dOqCcgn79VGH8TruxK+/dHwQY/YClq/8o9tZzfFOwc/OdtdfO
dk4AxHwyA+5zJMBWOaGOAIFzPkrRY7RIQnUlkL9FgRg/3hel70TyjBsRm5QEUCPF
p100S0TS5AACJm5gcC7QPfx0Pz1EPsK0q8nm0V1zAus/mDY67jJcbkCGwH839J3s
rVzMrnXEVeoubEr0u4fPB4ulsT1uufnmRPjO+Gw4ToqW+QB8aUX1y0PdxaV2K17g
HD7N6TaLZzXLZDhXB183tMKgOMTzAN/+sDofLUgAT/npO35bAbMmbisCk8Alha0=
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICjzCCAXcCAQAwSjEYMBYGA1UEAwwPbnJmLmxvY2FsZG9tYWluMQswCQYDVQQG
EwJLTzEOMAwGA1UECAwFU2VvdWwxETAPBgNVBAoMCE5lb1BsYW5lMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljC076QhLApmNJCVD15A20XX8OlQWLyq
u6lx5G4+2UDCwQVqXLwFGIdsK4FxF0aOsiAe2jIUkNbfCLe94qf7GRShJNwh0dqE
bCifqevJbTj15/m1XYK02p9Gi+BUAJ0qHtAiu4jKpSElQQP6WbizXxomMpvxBid7
iOXXy6cznFCR0d8vZtGHsJ4FlX38bGNjI0ZwtBRZ/VCZ7d2ou+rnf1cALEGvw2qZ
hIMkaWtJEbSLjPQVprZmeed6k5PJG620GtGCx5vOzOHV6+D/NaBzmGwwOvgOg9U5
9Z8CKE2RearYsXmRmwGpd2uRBLqtmzFXgpEXXKdp8w3GnQTYjvrxkQIDAQABoAAw
DQYJKoZIhvcNAQELBQADggEBAD7FDen5uEbzgzjW6w3vbyKw/irx+s59YS9zLnrc
K1l4C/eGUxOjXzL1i5th6TJ6y+860OalWfui1JMfdKFXAz4a/wGhZGbGsQelau7r
lQTH1nlm+b5BGShGg0R053FuX3PK8vKBpZzPRuyn9n6unc/PKzoRjub5FXKZnrVJ
8rDz2HXi7ZdxBrU3FUU8dbiTuROgsrCEldyndxhD7vH4mJIPM/0+j8aAU0t9GbRK
pX2Jo1z0Z83NxKegAtMXho0IoEpESEMZmYStBreOY2mp38Zw3+hEJV7SP3nLxr68
J/c1HVddfoLt7N6mKvIuVbWK7OxkeFLVGGq2o1/Gs+PkVjw=
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCWMLTvpCEsCmY0
kJUPXkDbRdfw6VBYvKq7qXHkbj7ZQMLBBWpcvAUYh2wrgXEXRo6yIB7aMhSQ1t8I
t73ip/sZFKEk3CHR2oRsKJ+p68ltOPXn+bVdgrTan0aL4FQAnSoe0CK7iMqlISVB
A/pZuLNfGiYym/EGJ3uI5dfLpzOcUJHR3y9m0YewngWVffxsY2MjRnC0FFn9UJnt
3ai76ud/VwAsQa/DapmEgyRpa0kRtIuM9BWmtmZ553qTk8kbrbQa0YLHm87M4dXr
4P81oHOYbDA6+A6D1Tn1nwIoTZF5qtixeZGbAal3a5EEuq2bMVeCkRdcp2nzDcad
BNiO+vGRAgMBAAECggEADL0D06F5mMknAwVSRzPoz1A8sPew813JI1KLUOMS3I1U
F1f0vfnKetqdj5ESfPVki/ISe9IskV5QG2auKceykd2Aj2ZGTgy5F41YgWp4spVW
sf6pZc18tmA09Q8pQMYTuPpRP9Op0Fif1sRWGv8B46qNm9RDHJEDtsg7xc+gHn1L
oeMNin1jZvypm/ZHv0gv2s+/ziOP9ZLcEsI/Zp8ljlGMJJ4Gv5bpZyZB6MCrC1xI
2EOBIeQbO/DnvKw5tiflIiiE+UoTcLvRiX0yxS9IpcYTpV65uwsBsmj+yeg9eunh
ZhoQNnEYeTwHpdzCX0ZO0IwTacb/gElutJ1n/FlMUwKBgQDKHh9UZYx1ejPrCzKT
jyoiXClNEt14Ze3bh3hIgDLaENq24jadNYOfTyCwPd1CGYYkgnNlY8VWBtisafRW
g7e28VGrzaEoYZ0S8p1vNsMabM1oWnq/P/oy0vY9YFvth7lZdlegDj8om+7tA0L/
q0bDpcU0rQhLzxGExJaLJUjlIwKBgQC+OrTxkfrPvK/CIXole2Gu/Se/5smWNxGc
LNuX39vgIzPvSf1I9rHCr4omqHoeFooujTckfNKR1yc6x/a0jPjDD35ztmPmSKs+
8PCmhaq3yfjYnt2+0oZd3KVZ9acayNJ205/YVYxG27Gn8s2V2TnEHMXO18NZxPnL
KHKDCGm7uwKBgDf7L+JIXicLueWYLGICfUEXFblrSDxYvxDW7NHn8C3GDU4qScYx
VEuDtyIZgHcWarkiCKREhhvVuZ3Hmw17Xh8lp+FWCxUMNF1TJZfwKwneqOYGaYkf
R0VceSd20P9xYD0PMiX6zDOLPRoYlS4LWoZGG+EDLBETQV7stGXF5fLRAoGAa4xN
WHYr0t7ej2bV4/MJmyFNI9WbCu4/aoiB7i+F5AaDCjpOlL3EaklMVebSg8hCf2cf
UeWwNvvpFfaPqCw7SCyuVUU83akgCAm4RK01g4sQwYev3n6vsMlaQq37t8zqEHw8
1tYm5Li4jDddu+aAHjwWKYcaztnqT82iUCqlfJkCgYEAyK8xQfiWNPWADHILRDy0
xtI415k+skYDx77dSmancF/10PGaZRO+UWI/EfweV8lR6ChSf9MuJxKZXOGupv/N
2MY5qTAJ0WluunA/bGRS7VSzetq0ZC2LOLlARqvZQQSVINq406eUjhLzdwJZaR8z
dtlKQ+91L56ELsd1XZ5DZfQ=
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDXDCCAkSgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjZaFw0zMjExMDgyMzM3MjZaMEsxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGTAX
BgNVBAMMEG5zc2YubG9jYWxkb21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDIrtclpBRox3SHlIWyxwKH/u77/UP+ML6C6AQOfsI6j7+G3o73cqIb
zVlpFCfuy7Xh6+Y6uLqLQccNFlj0ckX/k+T3wR3Xpj6YAJ3W9ynPcgDWDK75Mlta
YDR1r69mkZ+SvDAE2gjHgv9zb5Jujyd3s419wHv5qzJQmgEMmIfRhP3sBJNw5+GB
D226dIR4QWmySrNku3BpTXrmKT8piStnnpWvEaoIBrYcAhUvFkETpWv2FIJyQJGH
Ku5894DuK2kEdxhA2MTAeEOxRnq9Xfv4Qq9JpyYNRLSfpUeSeJW3ZjCYan+mpciA
y7QPY2dG/RraGPvkGtTmlBEUMV2kThYjAgMBAAGjTTBLMAkGA1UdEwQCMAAwHQYD
VR0OBBYEFKDi3dKxojvcTkXTSa6mQwULPtKBMB8GA1UdIwQYMBaAFLFq+pyZvAQq
Qohl136+YHCiDtpAMA0GCSqGSIb3DQEBCwUAA4IBAQBJ5p0AF6bwFB2IaCdcpPix
Ai8kh73og4G1fi6+5m0Es0Sj9atAS2jFerPw4w8qLlWQCQUu5c9TFRmC29PmYMKd
1uPFfxOoaw6ohnfqbrmZyNOFpKLSYAi7VAcmVTt2ErolVAkWxknVTNFbC4QtgqOl
vH7WF6UjRXpkGdEcDewBcNjo/GpMacTsMGpQrb09JH8Sfvi+O+RDJY3kYI8e8glx
ejonu+gKXxCEZf0ALI/dIGyDIDTG30nShCMSBjOy+VjVFt2W9PFYykEc0yOpa+jX
C0nbS8zvC0KnCFeIomYUTbkOj3mgEWKa+gewXkFA3+i8XxOPBbmsXU4cWyVJ3sBp
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICkDCCAXgCAQAwSzEZMBcGA1UEAwwQbnNzZi5sb2NhbGRvbWFpbjELMAkGA1UE
BhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQKDAhOZW9QbGFuZTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMiu1yWkFGjHdIeUhbLHAof+7vv9Q/4w
voLoBA5+wjqPv4bejvdyohvNWWkUJ+7LteHr5jq4uotBxw0WWPRyRf+T5PfBHdem
PpgAndb3Kc9yANYMrvkyW1pgNHWvr2aRn5K8MATaCMeC/3Nvkm6PJ3ezjX3Ae/mr
MlCaAQyYh9GE/ewEk3Dn4YEPbbp0hHhBabJKs2S7cGlNeuYpPymJK2eela8RqggG
thwCFS8WQROla/YUgnJAkYcq7nz3gO4raQR3GEDYxMB4Q7FGer1d+/hCr0mnJg1E
tJ+lR5J4lbdmMJhqf6alyIDLtA9jZ0b9GtoY++Qa1OaUERQxXaROFiMCAwEAAaAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCFIub4/cIs9fJihlSgOfkqR5BVjv+UZgKocmPz
wACPxgLeXGzH+8aQvCnsmb9p8A7r4CamKkpzeJHuYyzLj2wqTaif0gsAvVnjkksi
uyxZtkWV9HDKgWYIaJnCYtKvAl7qKiY6DDk7McqPcGnI5zjYakxi6pLE2ZC0TUH2
M0Zy54Tzj7rC889TfwGjbPIPm4mqliy7isxDJed1yiFizG0RT3CFB2qnjxqoU3sa
x0fYGWP7mcNuioBU2VyPHkc8/8lNM9sR7+K5Ne8Orq8ooeb/kTdvGZJ5MX67W2Bz
g+TwAs7ZPD4+ZGNIihlIMl2w8aOibYKmdIR6sc/01GHDhmV+
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDIrtclpBRox3SH
lIWyxwKH/u77/UP+ML6C6AQOfsI6j7+G3o73cqIbzVlpFCfuy7Xh6+Y6uLqLQccN
Flj0ckX/k+T3wR3Xpj6YAJ3W9ynPcgDWDK75MltaYDR1r69mkZ+SvDAE2gjHgv9z
b5Jujyd3s419wHv5qzJQmgEMmIfRhP3sBJNw5+GBD226dIR4QWmySrNku3BpTXrm
KT8piStnnpWvEaoIBrYcAhUvFkETpWv2FIJyQJGHKu5894DuK2kEdxhA2MTAeEOx
Rnq9Xfv4Qq9JpyYNRLSfpUeSeJW3ZjCYan+mpciAy7QPY2dG/RraGPvkGtTmlBEU
MV2kThYjAgMBAAECggEAHfOlE250cq781WogCkQUPKKanewkRGvsrd0IaKFtRmWY
pah8mLH4lUMGH94Xl6xlGQhRnwdd0Cr2anL2E9slAgrbbEmGYAk6jl/ehEGfcTay
qT/QsvYGbGwEvbaFlz66HPcOs6qsZMVIcGeBPhRfmkindX1Prj5pjrNtif5knFXZ
YezQyv32wsXn0blE6Nfz7s6udA2JOhEj9hbl7VpK5Diq9X7zXD9eLlEB2vcF06xW
u3mMZHCN0Bl9Ftq0KM3Mn56GjqIKMXZpQOZGL6hwKbQQRgLAwWqGGkQASsd+zpIJ
i4NTibBDQarf6Wiob6SluEkpeaCim3cvf+lpHYCnAQKBgQDc/1StN7SB5Hpw6ApF
RkWQb996UnmM7DUQp4G13iGww4iC9+pC/F6vb3WwcjITmxdLbSWPrMByTPzUIk+y
kkBRD/TaAfPqSRsect9DjMhNyjxjSYL46jH7sR9VhebmuL4LhD2OpSPNGsnJwZ7O
GcWWGRcEgQdMiXZTLpZhgJ+tXwKBgQDod9TRgADMMKFF55qCa5M+a/Jp2s6pgFBN
BY8S0JApcOec0EyUZZ4fKX+vzP2PvQj4ITbEwsnnYDxGUIp76Wgo6ZvD50nSaxCC
/liDY0pPEOFTIootByPVj56nrpBQ5Rcuon7DcIS2z7kCnoDZ3d52UTqXjuu1sQet
8B7L8OVJvQKBgQDICwvgG+t2JJY8u54IZPq1Kr8035ENYgcKw0WjlaYTdnuMadMQ
vZcL4K28gTIZEys76Fm2ux4cmNnHQCO6Na6ocfQmntvmuDQnFL5KTBZIbAbLrRA0
NvH1rbf6V1HSiWnlzNdX1t4YW+ZKjcwtLaDwJFf0iMNNoaSM2T/glGh1qwKBgEB5
5AQLTa1Um5Zo61ja/2bjx8OGVaV7mkoSjaE5SZLE5uh+eY77NEUOXITlBTrVwmQX
yjn+kMNk1LLn6dD+Zs5aJMLMJpR+74B1jRU798NAOk61mL9uaIj2IZn+d7aII8ri
dOg+EAEoUfchATnsKKSGWQrqMAQfyrJ6lAAam229AoGALHAQxLc2fXztnZ7g2ftw
YsjutOSPPf+xBWZBVILYQMdY7Y3bEMIuz0oJqWSnvJ5ZMz09JQwoz9EzM1PL7GJ6
PVlNNqqWdHtDlFamXS4rUXdsJLbKdoHy51bG1qIc5euYutpSUpKuc4n/g6erz7RD
iJue+kVzeFjZeLSMFeoN5dQ=
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjdaFw0zMjExMDgyMzM3MjdaMEoxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGDAW
BgNVBAMMD3BjZi5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBANJDzsbZ910GqsJTS2Z+FKu3KnNHtPUvtJ4/pXdz6b2s9ECm0bPpTofQ
7N17yvv1GmEoBiCEpoz13q6ZZ/CCW4PLXUTXQzKsB3HVbm7luJA9JziKbXnSrGnp
SQk97HWN1RYdTKQKi46JaEg8MfyImeopyHQUmYbyg6oJSm/8JyXT9LAil8BJeLgS
JpOGvhE+Pus1+7XS9hswr/zz/6jiy2i6Cc5AKxF1Qp1qp69/8EMBFPRtxiHkwnQR
jMS3A7sk8N4z2P6JlRx3uBHvrActS7Q2IAUZHCqGPO+atdWjPpZmDJTTkiBcPBid
xNBM1efy4xtCbJm3bXQStVgELdXxZwkCAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV
HQ4EFgQUAPQBjYhnG8101VwEMOb7qk7Lix4wHwYDVR0jBBgwFoAUsWr6nJm8BCpC
iGXXfr5gcKIO2kAwDQYJKoZIhvcNAQELBQADggEBADjP6PVyrc5X0Av/FvkODQ0f
9FcVH36olgqHMXH8HMtSaLhWB/NdOoeMfNnrZKlJJe12t05vd1b6c495Xg5bCpCn
14wjUg/TM4FijXECGl0KT/VvPd+DI6sJiDgJB6wwVQoujY8c8k3inPoRBmPY56C6
6UeD+NA3rUKnCas2yKq+eR2l+U48nfN9Sxdj5/LAQeY6CEaKKAdLZoN5YyxzZfTZ
esG7mPpj5c7+oF2SBk7NEf+3yT8aZ2Uy20GXwLnQYk9d92AWUtBywe1LXgJxY3Yi
snDuwEymRteXODzjMp6JXsCUwZ7e2e2QvTdDASx1QREidr9z/ddcpnXQWwQncHA=
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICjzCCAXcCAQAwSjEYMBYGA1UEAwwPcGNmLmxvY2FsZG9tYWluMQswCQYDVQQG
EwJLTzEOMAwGA1UECAwFU2VvdWwxETAPBgNVBAoMCE5lb1BsYW5lMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kPOxtn3XQaqwlNLZn4Uq7cqc0e09S+0
nj+ld3Ppvaz0QKbRs+lOh9Ds3XvK+/UaYSgGIISmjPXerpln8IJbg8tdRNdDMqwH
cdVubuW4kD0nOIptedKsaelJCT3sdY3VFh1MpAqLjoloSDwx/IiZ6inIdBSZhvKD
qglKb/wnJdP0sCKXwEl4uBImk4a+ET4+6zX7tdL2GzCv/PP/qOLLaLoJzkArEXVC
nWqnr3/wQwEU9G3GIeTCdBGMxLcDuyTw3jPY/omVHHe4Ee+sBy1LtDYgBRkcKoY8
75q11aM+lmYMlNOSIFw8GJ3E0EzV5/LjG0JsmbdtdBK1WAQt1fFnCQIDAQABoAAw
DQYJKoZIhvcNAQELBQADggEBACom4xjdCg4uDodIeninSNXwaOFK4g3zI6aIDyi2
FhBxDcutDAAJHnXTOxVNWHan09UiYUeCRlh22NXfOXTAkR2cWDDizIGlcw7IUPal
5+AqgyoBqZ1sD51+oDkZArZad07HbaBgkHoCDBDnGcWC7E6tpd1MniVuv5xPGp+g
TIEKR9wEiHsUEePON9rrIqntgvpq8LpHVv9+BDdn6AEbkAim0U/IvHcmCjIzwp+8
N2iFBuqngt/P/v/A0/eL06qqWIpVuVpBIYDdd6JrMMM3QWcATiFTVX19Dpov0dRN
2iR9zsWC2Z/NYPQzGoJyKees7prTXpOyS/s8LLMTAKGnxdY=
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDSQ87G2fddBqrC
U0tmfhSrtypzR7T1L7SeP6V3c+m9rPRAptGz6U6H0Ozde8r79RphKAYghKaM9d6u
mWfwgluDy11E10MyrAdx1W5u5biQPSc4im150qxp6UkJPex1jdUWHUykCouOiWhI
PDH8iJnqKch0FJmG8oOqCUpv/Ccl0/SwIpfASXi4EiaThr4RPj7rNfu10vYbMK/8
8/+o4stougnOQCsRdUKdaqevf/BDART0bcYh5MJ0EYzEtwO7JPDeM9j+iZUcd7gR
76wHLUu0NiAFGRwqhjzvmrXVoz6WZgyU05IgXDwYncTQTNXn8uMbQmyZt210ErVY
BC3V8WcJAgMBAAECggEAEobL/ORuscEpIZcyQRUh4CFy+ZZbYPEzom/sNfK+KSrI
mLu6JXaMp1Xm0Psb3whxKxdaNtpJTIlLdinpKR1rT9kG3k5zSs8ylrqeEOJn2Tmy
L36u97ly3KAkAc71e0Qkft7VBm0xb702tYqsQtqMaUAGPAgmoOfUZxKLfwOCNYhn
FvD76Qvv2jOwO0UvDzrlOdDsLiDPqYGR+4VhJOGEBVzZnQeQswbhTEj9JTBNc6Dn
Gvh5ZxhaV82yxpB8J0JVWESb3w6KDnDpCskW8IVznjr4D2hxjQRjDXx4IMcWtCVg
BnEknKR74uSaKZza5jwGf6XwoA1YlkCNbEmGeZn8yQKBgQDlFGx/KkSNIeDOUuFQ
9la4jBjBf0RQkost9h10SVgk7UhnUOdhAzd8gygAdL8opesoVyY2lbIhv62iH+94
5Eoh0mLT9siKjR/d56wyQRccrjoHLt91GnD6qKeGO0hbI5QeeKbdDrbCgzEpm385
u0HYLhlkM+bpPnMDaai5wgnPpQKBgQDq+Vx2K9lNHN/Gdz7vq0xn/oGeiT0EWQAl
nGD9E03f1QYsSA0DqX3MWJ+7rmXHxZcT4HC1DNcgpG27mEnIVxw3n3JoPWaY5DKd
BXvQEA+SaNfXj+nEQft/mFgVGmadhnS8IgTk3obAQXVWXrgV/0xO4YaQH4D/08Zp
eeWr7neclQKBgBceZoy24VA0+REZgC/BjKL3UJBGnchb4bvzuKlBtamUYNg8a/14
a6MfQWw6XAhoJkFd+jdMCDwrsgRIoMxcjba4Gs01fKuu7mZguRohQ4nbc3PCIT8a
Ogix+KYtWXIJNyuUFZL9pygeQVnnnYFgCpccn+di7Yzgho7znNmSYZcZAoGASOpi
r+UBhLVuF5dPd24vwqGutXSe86durT0ut7ny03+2b61YJIfHGs9xmfsPaIO/UxK1
xukaJO4Bg1JJqxqlDfmztfc/zDgcIK/f8Pva6TMRr7nf7+AN3FV5F+teZomf1fW0
kRUgua5WbBvughz8IApKCJVOIZUlH/wMsmLIyVUCgYBL9vzRI1RliwBWZRRHGuuX
Eg2x3GUvIAMbA7Yfpd08VCkxPGrNtPjb+nPbV5zHf0lSrKsBzCtgy6WAulhUGTBw
tfcU//wg+1MDb7OY3ZBy0+8e0FDfS674DnD4YT7E+RoEqSrNPJ7v+Z1+LjkQPU/k
58Nf0K4LaLiLah5T6dNIeA==
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDXDCCAkSgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjdaFw0zMjExMDgyMzM3MjdaMEsxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGTAX
BgNVBAMMEHBjcmYubG9jYWxkb21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDMiA6Y/1qYyV3CMfVer498oPZNlnjciFECal71JbgigzvUUAIXT5tx
KQUWKTjeyhbCGHMekwuyyUoljo6jMIoYFL5m1DKS6GV9mQgOhj2QpDEN44FFWm4B
BRM+pHxXr71h51lXffH6l+wt1O7Y76ok2ZIxB8vzUUfKzmeg6wUQntS4oWuzZCHl
5Ca/5FaDcty6H4ixE1O3+dRHPmbT+aWrZwekZyrOXYnOd4jNlJ9mz8STXLP+mEEH
X3VbPkBOwFOHNq44WHYzZNj0CEjVghWWtse0T5V3QWluYxiBmJF3q9sWNe6bn9FI
qOeJue5TzhqsldDZ75qhmvpRn7Kn+hz5AgMBAAGjTTBLMAkGA1UdEwQCMAAwHQYD
VR0OBBYEFGyP1+kC3lw5HoXa6O9i41J/tZZqMB8GA1UdIwQYMBaAFLFq+pyZvAQq
Qohl136+YHCiDtpAMA0GCSqGSIb3DQEBCwUAA4IBAQBkZI1BdcoRFyQGCb5AhiXc
Su7MlrdPBACUvXqF4R1OeNUAa6dwlFVINxZmrFYrJ2MCo+4KBURXEBjugLloWGTP
ChsM7eRoFniCQChWkEjoaTe8wDIWYSyZ6tBfiDgdM87uP4rbK9HO7C5lByj9QtAz
OHYbkv5NEi5j+S0i9et9jjXoHjtqBRnlzF3lSWc461CkJA1Dgv6jldY+ozhxJlPq
ZWvLc+8B44pgsQYkwpsg3CFESNAUa02h7qynswdmaB4AtPON13qjPzZxuawVco6K
Fuy68CkHwwUTk3Qq2Nd5DLE5yOstiUOpJJ5qlQy0Fkp2SG+FEC9Rlfbl9Eh/Yxua
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICkDCCAXgCAQAwSzEZMBcGA1UEAwwQcGNyZi5sb2NhbGRvbWFpbjELMAkGA1UE
BhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQKDAhOZW9QbGFuZTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMyIDpj/WpjJXcIx9V6vj3yg9k2WeNyI
UQJqXvUluCKDO9RQAhdPm3EpBRYpON7KFsIYcx6TC7LJSiWOjqMwihgUvmbUMpLo
ZX2ZCA6GPZCkMQ3jgUVabgEFEz6kfFevvWHnWVd98fqX7C3U7tjvqiTZkjEHy/NR
R8rOZ6DrBRCe1Liha7NkIeXkJr/kVoNy3LofiLETU7f51Ec+ZtP5patnB6RnKs5d
ic53iM2Un2bPxJNcs/6YQQdfdVs+QE7AU4c2rjhYdjNk2PQISNWCFZa2x7RPlXdB
aW5jGIGYkXer2xY17puf0Uio54m57lPOGqyV0NnvmqGa+lGfsqf6HPkCAwEAAaAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAmSA4jedvdB8xQrrEr5eJwAiBv72vu6t0okW/v
80cLid140/stZSNHdJ7dXlXWhyWfCxS6dMVuXhYBgRCucwVpMjU2CX/ukhzT0JQW
kTrdWCsrqzHnD/ukGQXA1fvaMHTLUzcBe/CznS/H3pVkSjdtiENZhxZwghigI0dP
hePe2O2GmhKXCl+mtD08Wo9cD5NuDj937Wa0x9JHsjsoKxBRVvdmOXBrAZ+8p2k1
nwwadBpUpGLbMDS19CMGOXjRpITE1lhXFDn1xtQRAM0eYE93jLzUE+i+o90CR24Q
g21BL9lz3emPLDHgKB1PXdp2azdfd+cyVzDVGrzEFdFoqxNT
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDMiA6Y/1qYyV3C
MfVer498oPZNlnjciFECal71JbgigzvUUAIXT5txKQUWKTjeyhbCGHMekwuyyUol
jo6jMIoYFL5m1DKS6GV9mQgOhj2QpDEN44FFWm4BBRM+pHxXr71h51lXffH6l+wt
1O7Y76ok2ZIxB8vzUUfKzmeg6wUQntS4oWuzZCHl5Ca/5FaDcty6H4ixE1O3+dRH
PmbT+aWrZwekZyrOXYnOd4jNlJ9mz8STXLP+mEEHX3VbPkBOwFOHNq44WHYzZNj0
CEjVghWWtse0T5V3QWluYxiBmJF3q9sWNe6bn9FIqOeJue5TzhqsldDZ75qhmvpR
n7Kn+hz5AgMBAAECggEAAyK73I8fp7OAnztOWHkHEWFTXV2m9TSWz1troMUHBWpv
JqJiYdKb3riDBjO0FkBRaIDg9PFKrt9Epn5AxBI4r8VTpPZwXw22jp4jwDtBIuBN
izm3b+WCxbu6740shdihJeja1wtMhCvDmHFJByTnfiCiy+MjdpPCrsKK1q37uiU6
NwQM96hwi6TYTX/i2FcTgB8TtPmy0hKiN5pUdWYGNq8xjNAKarNptELveOkTDmCc
dlpqS+4ii5BrADrNDjuP7FS4KnBn45vEB+y13OAPrY2TvbfQDBI4i5HdCVw3zo0c
NOf+TpJykg+Cxa/WqutX8im/3X8K8WymkcfdZ1I0QQKBgQDdadXvCrJNz8j5o2OU
ClCvkFnPoCiySCT19/RN6C45C/LiWi67OxcD1kr3uWMjblPwXoyrfZnxjraOpeaM
fVXnzNbqD+Rnre5/YskvU5hcgoKrAMSgcwa2wc/DKPrgj83PWaxrxLKCguPIh6zk
DTvAFsx13SBQuRQwiAVyJY6KIQKBgQDsex/TndN4+kxdPhZMENExoqZ9wBvLFuvq
q6ODTSDw/yahPlmAAuqyIYq3NY8Qdi4IEKnna6wVVBtZU313TADVntIKT+1xsdHp
SLKChdFggqdUXIS1/FOCosoWCaFHe0jM/YVxn+QpooZLWtEjTofxGbfEiQf+sKPV
+KDED5wn2QKBgQCM/wazMLaXAojTIA8biO4UvvHSXAVOcs7Gq92xdvdocIl9RzyX
Emv3j5Ex66aMO4fMfAlMc7GCuATdFhyYvn/kGveJGhGzTHmiOUAwmSVfU+TuDJEq
M9XEr+skNoZ8VlcTgeFgx2N95Og1HOEmYJ76Fgqhy+z2OsX2mcgOBoicwQKBgEah
R5I201CQwXof7xzs8O44PC3W0PZJdFD0zrOKt8oDCxChxK19MYfeiMXLk11BTuJN
x9E80XrVUg3N5+1Xn/AtrWIzGSIaEC3y7o4ZVb3TiBKkR2brZC3iXSVT3v2wjr/b
AJ49OTJOPnoHN+upquSR39ctblvdejGQPsQQPX2RAoGBAMPEbxnbW+4ueDqDLjZa
Sycio+MO8wPtsBL6g0sg80zduoBLPb0djCSiqYCTEgwtkYG9oQtKYvEycvb8h1qB
9TrLpwWTl/k1ERmjME94Kf0IJZU9KInq5zmIKAn0iIdoHjSWK78JiOMb9pw2A44V
RmU/iXW95u9YMWPrtijdc/9y
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjdaFw0zMjExMDgyMzM3MjdaMEoxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGDAW
BgNVBAMMD3NjcC5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAJ34VbJi6C7XISkQdq0pKXcTITsG8w41IxlFm4nuglYyDWsdQJf4+sGO
I+E6E8b0LVDkUljh4cRD3ZTZy/MlBC2EHIi1zP0ZRDzl6Av9qVUhCkQ5bviPmvUe
fQp63Suo4MzdzhbAipzsEC/zFDdjtjHKziV16zxjzpWoR9Qhr8YzLWT4t2wxJVP8
lOlgAdkWYPDW6/PAz9PNmJ0xuhtMC04Ia+RHxFi4xeH4umBcp2cHbdup8fW+sI4Q
RSg6449FiL4XlElggMpNlixcvNE6umzCAS5rJj2FIODd1i4J7JJjbs2nxZWJQTj5
B5mpvFr5UlkKAxNVDfEC1jNzkS7ttscCAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV
HQ4EFgQUGcbPg++D5U187URxcjqTsqmmAogwHwYDVR0jBBgwFoAUsWr6nJm8BCpC
iGXXfr5gcKIO2kAwDQYJKoZIhvcNAQELBQADggEBAD3hPDcxv6j4n92UC/+XSsLQ
cR0gZH454Y52Tocee1MgbQeDQauJAVtu4A79reBDmL8pVF14auBzLqLdyBTxAfOn
4hcbw9OjxF/eKeNvYXL4tNu4KzZOoZuUiM78wnvJQObRp+30/dIUHt5B2nuKdStI
kHgQrUXMuvJBCzmDKqiyDkkY8gN6/no6LzHQcpC7KiAhhQZ9s6IIgg8ulVqgeLXd
Ia7Jit1Abm68+JDifwof3IGF6fzjxmWNzifxlVSgbMWMOnmgIVXojZrS2ofiJ2es
VvLkGvyeCQtUV0NuGNS5QHyKN68mfDNRbk7A5gcr4ga9YzXHc9aQ5VJZyDvax3I=
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICjzCCAXcCAQAwSjEYMBYGA1UEAwwPc2NwLmxvY2FsZG9tYWluMQswCQYDVQQG
EwJLTzEOMAwGA1UECAwFU2VvdWwxETAPBgNVBAoMCE5lb1BsYW5lMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfhVsmLoLtchKRB2rSkpdxMhOwbzDjUj
GUWbie6CVjINax1Al/j6wY4j4ToTxvQtUORSWOHhxEPdlNnL8yUELYQciLXM/RlE
POXoC/2pVSEKRDlu+I+a9R59CnrdK6jgzN3OFsCKnOwQL/MUN2O2McrOJXXrPGPO
lahH1CGvxjMtZPi3bDElU/yU6WAB2RZg8Nbr88DP082YnTG6G0wLTghr5EfEWLjF
4fi6YFynZwdt26nx9b6wjhBFKDrjj0WIvheUSWCAyk2WLFy80Tq6bMIBLmsmPYUg
4N3WLgnskmNuzafFlYlBOPkHmam8WvlSWQoDE1UN8QLWM3ORLu22xwIDAQABoAAw
DQYJKoZIhvcNAQELBQADggEBAFRCjdAFXqzb4Hb9ssaABrW9nDwO+ZTGiMeQg122
RJ8TiH0jq3qurRdq6owPDJiqVVNklCdba93fB9TRqXf3E8RKswp9JfM3OfVdpgT6
gYoQcJOVsY1iyDbC/RQZvDGprAF/zUI/7+Lgb41CHU3rd2XOVgZtJf3NeBHV2ZmH
VMnPW8t2KSxtDiCNuAePfFnmUfSYZfTqpyswO5nO+qyfazyH1teLKcnjrHi5yCXD
r32l1W7sP46pQukJjLgEKQA+ekA7pTmqENJLY9a01yY42N/ZB35fXNuxeJNS0I8Q
Zo4AoFwBWINSTiOF4/n1OSIctmkxc/51dKNLWu3kZSOholA=
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCd+FWyYugu1yEp
EHatKSl3EyE7BvMONSMZRZuJ7oJWMg1rHUCX+PrBjiPhOhPG9C1Q5FJY4eHEQ92U
2cvzJQQthByItcz9GUQ85egL/alVIQpEOW74j5r1Hn0Ket0rqODM3c4WwIqc7BAv
8xQ3Y7Yxys4ldes8Y86VqEfUIa/GMy1k+LdsMSVT/JTpYAHZFmDw1uvzwM/TzZid
MbobTAtOCGvkR8RYuMXh+LpgXKdnB23bqfH1vrCOEEUoOuOPRYi+F5RJYIDKTZYs
XLzROrpswgEuayY9hSDg3dYuCeySY27Np8WViUE4+QeZqbxa+VJZCgMTVQ3xAtYz
c5Eu7bbHAgMBAAECggEAFJLs2lxeYAddxsLhqgDT6THBILZxfna2OQrjTI4XRJGl
RL+dE432XrIcAy/0tnND2aa7AN9+b3jlSYcqNGMsTZ9IthdzeL1LMWFCHRmu7art
cuBGDzJo3KbZYz2IQ7DtglEbD8SI6RIns48FoYcnigmfWqqmdgmLtNsja8HtajM4
nF9CZQvGkpM5DxXm5K6OigkZ9JKHkvw3a3uglH5uNTmf5UqMSktQQUks996lNlcF
ncjJeagOazWk5suG/fR8y7jrf2JrhcKwuYSg8jEFwf/ykAKuy0SNHU1TfF0ply9w
84HvMScv2nRsdB3cT0J2yfGhV1+y6S1tCkA1EhOWCQKBgQDY7V65kKaFJhyZDIrT
vZoJMCWfYAYe9It64LLuGl+K2b7HQWMa8AONy8PV1NPIoMzX+AKmfvo7Yt6WL4tW
lNdmQIcVPYnoPfGW+9si6ajByQuaLMYzFKXYsMmazNuIxgx/+4x7U4NJmtHxKhyW
izy8M0D2GY5wPQqKDYD5Ew2MDwKBgQC6bGsTVoUp3RyQfuH8zCCavOjJCk36pyYX
U7NToCNaDzA4j69NiDY3AQi4qjLN+qIuNh7WLi9VUubwaqiwVvzBiKe4AfVPlh2R
cOtXJZxCmZ0pcsSsMvv5JbQVLbmOTU5OVUBx1IosakXFyPbX0+HlRTCXQWV9/WGU
Rk1PvmZRyQKBgBApp3wmBfI3w7u3joR2RQrYNoVobyxRRi8ynMJW3rWGwcsw2QSB
y5H+E6pUAC+bo4eX6AKlxVk1ZaZFBpm930q0FhyECElwjBaWz14LkNJXe3DSUzYt
HKpHic3p45WORBIpGO97anXKfkf8vkKNP0o6e2Waw90i/y0IEor8W28LAoGBALQZ
nfBWu9tP5BKsogKp6i3Tp0jiDafD54bNtAdsQ/rzhXB/T6qll0rYUuakduSL6Dag
znW4tL3Hk5hcUo/Z2eHW9cFNEwNKUVJ7NsFAco/c+/pZCCwcLVXr2OhE/mi9wpLm
xZWy8bIrETEdD2w/JJNsnp7h7P0k1yp6KKKLnSoRAoGAEZOB+A1EGllcsEMX23jZ
SfECJntHZomP1GvstLvaQNlSC5lDmT6KO7Rw2RNEDJPyfelO/A17CICpDGU2NndC
hI4zzywqqsLfCaYpPz1CD/BzP4ugyXM8W/kP4w8hSlHdqgyNi+iWqeBzsrZXtHLT
4XJt75eQQ48u+NWkaQ4kLY4=
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjdaFw0zMjExMDgyMzM3MjdaMEoxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGDAW
BgNVBAMMD3NtZi5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAMrZsOPjIlGG8FptBo7fdxaEKusuBoQEfSV/8KoQovMca1yn3SEiFNdv
dDG2RusBCzZ6K/bjTieYpkUuTH5nTPQiz0MRM0ErlxUXKrosZ8aalRNajveq3fgR
K7pa1tnS4iEArMwtr1Fgj4jA5B48pOQrS5vmx8w5JCaPXJ9HPjTwdFubXSfMT9fT
qcP/E9Z13zfhDZ1TStz0hYIanQZlp2BTJJgZQJ5kJsdEsp5Ect+t3ZVwDxT90iFo
1X96dR/xf0DEKHxmybrahhmePvzEETgz03McVEUVBdQMMvDnqyXicLNzLJICY0Yw
KzGeAg9Lh3PVjUnx/ctGdp8BCJRRkS0CAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV
HQ4EFgQU6p4PokOU3iROPZzUmvS88xnI/QcwHwYDVR0jBBgwFoAUsWr6nJm8BCpC
iGXXfr5gcKIO2kAwDQYJKoZIhvcNAQELBQADggEBACpTSu1iB2ZWmTrR6zvnn57p
xuE7udN7M52yG58N5k+f9cwXwmvvo//VK5AkJLqc/qBERwOC1yUQPTotBq8K0dF7
Gx+zyG7o24GjZYgJvqIADEE0pWLTN6GkkYTzYXQwfv9kPDpAWbXl2bsYoY8610ce
rRCQE7FkGuITR5mqKbJbvMSAwiH7gZ5yjjWXaUB1b6zzXiPOvME23IewgnddB3Ab
zkGqgYO2qCcelkE5ciFl75d+DovfMXQDU1qGV6s0NTEqIWy5BnYj2jKoJJp2zKfE
nOhyty5eh08CrH3PbYjmU5pNP7/ibG0oVJR5xLx5SWlPCbkEImcOwUH1cCoxEbU=
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICjzCCAXcCAQAwSjEYMBYGA1UEAwwPc21mLmxvY2FsZG9tYWluMQswCQYDVQQG
EwJLTzEOMAwGA1UECAwFU2VvdWwxETAPBgNVBAoMCE5lb1BsYW5lMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytmw4+MiUYbwWm0Gjt93FoQq6y4GhAR9
JX/wqhCi8xxrXKfdISIU1290MbZG6wELNnor9uNOJ5imRS5MfmdM9CLPQxEzQSuX
FRcquixnxpqVE1qO96rd+BErulrW2dLiIQCszC2vUWCPiMDkHjyk5CtLm+bHzDkk
Jo9cn0c+NPB0W5tdJ8xP19Opw/8T1nXfN+ENnVNK3PSFghqdBmWnYFMkmBlAnmQm
x0SynkRy363dlXAPFP3SIWjVf3p1H/F/QMQofGbJutqGGZ4+/MQRODPTcxxURRUF
1Awy8OerJeJws3MskgJjRjArMZ4CD0uHc9WNSfH9y0Z2nwEIlFGRLQIDAQABoAAw
DQYJKoZIhvcNAQELBQADggEBAL883rfAD6ZTH1sxq7vdKax9V7R01o8b7IdQcV7M
nwZx0wIH4ZGef6LwUXfWa07X8DxlySPxiMwRitkKWtJ1D63AgsfUhi9UOHj6IWjW
skMVn/uczTq7eIZIjICftHVVvYd7HteMYxDLrLwWCSCE8P+UIE23eHrY391QOXjY
J3OUXb2kvNK2snEvAL3h+tULePFsUqZix08c+L2DtjFmb2xAia/jte3Qii8nj3et
9fw6Xl2yjM/fJ+pTwPXlmALvfzSxCFyBLdMAkuB/DeXeMsAEB6Z8S25lFEA3H6CD
F27mGEVKeSrH2c9O24N34vToOZ1PM5rU9dEVD71Zj107sG4=
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDK2bDj4yJRhvBa
bQaO33cWhCrrLgaEBH0lf/CqEKLzHGtcp90hIhTXb3QxtkbrAQs2eiv2404nmKZF
Lkx+Z0z0Is9DETNBK5cVFyq6LGfGmpUTWo73qt34ESu6WtbZ0uIhAKzMLa9RYI+I
wOQePKTkK0ub5sfMOSQmj1yfRz408HRbm10nzE/X06nD/xPWdd834Q2dU0rc9IWC
Gp0GZadgUySYGUCeZCbHRLKeRHLfrd2VcA8U/dIhaNV/enUf8X9AxCh8Zsm62oYZ
nj78xBE4M9NzHFRFFQXUDDLw56sl4nCzcyySAmNGMCsxngIPS4dz1Y1J8f3LRnaf
AQiUUZEtAgMBAAECggEADlqgK0gPziAT0vpDDAohFa1Nki3EFURyDJzEjWw286gP
qtNQEP+l5ObEnJ3u38NHpVe407Qa/C9PmLahgBJUPjRWYUMO0u5ANyRYCCuLPmEC
6ocudbUYFu00IHA8ItbK3JX9JEeZT9Na5Mztd3xIGMM9iu8mNTvX5Iihf73dV4aK
AtD1L5fCGckEJ0Va/xLta0sjdxLSYMIzacIpn9gdK7DXf9DL/eTACrf1U2ZAMQRr
plKeri4OFBjMBy68kdpPF5ZyQwj1Plx6E2Dm0eNzsdF1zSkP75BYbi3OaIJR77Xk
jp9lQvkP74e2ItzYJn9sGWhwAW2AiQt1zn+7v5eGEQKBgQDSajh8jMvFt93GgCqR
OTGR2s4k4jp2XvcEWnJJax3ksqiGHMhlvCQDV/39saTcLUvc+bymtMc5Tws2ewaS
LstUeBh/GrEMn8tQH7TXns+rq62I+CwSYzYqu2/uHBHkk1nXrTBxQ4LE/l4a6ZyT
eVHr/x4iy9KMF3WhTBJytQJfFQKBgQD2y+7s1Hh7r+THSgo1CBZRtlw0CuA5EOgM
iuglkU2cbx8q/XdXb9u6sLfldHGu3E18TYUJqPTrc3PVSEEA948qJ527PZh3VxRg
L64M7gt+g1MqyZvuRYzTZOMBcJNJpfJSnP4mPY+o2L7mNpAS2Twe2K9/zuIWyChy
g6xbVw4vuQKBgQCOGWQKYP9giHqCip20s35RdQYQjKNUu29whjB2epuWjj0XTSrc
4cEkbPE/ug+PDhwUoKeRobaFcmctJMpcQLPaWLyaYgk9cFDazH7RuxOeaPNp88e3
pz62fxzpHhXLWuOqrvBvHVub8/jTjf7K7XywtvrAHwwSxekPxBMVWj6+vQKBgHWS
H4d5jNA3skByeDxdVuykeHZefAUTlchr4D4NY7DTi0CasWDZLA9bIrBP8dyAnPVL
pMY+VDdar+L6YeVJCk3lw5GwvVKVDGLqM/t658TkYRlwJDW1smn+lNpZvAEI6lEK
81RaXXbtkrvvYGFqVebICYtUjoaV4hbzvYdiCKMZAoGBAIFv6AMnXaWHoO4Qpnch
FCSBNckhzajPmmZ1fskWR95d9ArmrJUaA0KKMqno767zVkrDzm2fw4+q12Ba1xRe
J2KW1M12IPfZtNwSfQPYs4wej0VGScbOWve9qpA3WrLv08W63MXz7XRpeg5ZnzG/
3bZZLfqZIBdQR9/f9ibP1h98
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDYjCCAkqgAwIBAgIBDzANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjhaFw0zMjExMDgyMzM3MjhaMFExCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxHzAd
BgNVBAMMFnRlc3RjbGllbnQubG9jYWxkb21haW4wggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/2SPBDa9KE9rRuKHp2ZNNm8X+Jgl34tocbcYiWm3I7+je
NPOiUIB6TpuP0gkwbzfhqbRdO59EmAsGjtjonwC2mTxDLWflfAUVUEGUml3b9ESf
ZUtMWh1qBBme99DL9kqqNWaXVL9xAX/yLWbdXxfc/+Zuc3j/uRVOzqGLROqfw/k7
iKmfZvBjVrtxR/xyRa3LfjuTPnM30UA7sk0jrZH9feOCEbNeYGa12TloDh05RzU9
RgkBL1AH7Zvha3iNlXwQLkgEpnJEeegQ/iS9pPEwgqsquBRoQTClzVGzbs5Ttpzi
ZL5q/Hf7sGE2x00v3XKNDvUPg9k7RvVZoG/fUy+VAgMBAAGjTTBLMAkGA1UdEwQC
MAAwHQYDVR0OBBYEFEegxvp7oDrpJfd4LDD4LSGouPVnMB8GA1UdIwQYMBaAFLFq
+pyZvAQqQohl136+YHCiDtpAMA0GCSqGSIb3DQEBCwUAA4IBAQAPDVSwdX8u25Pd
a7UNANFAf87AurQKsaeLpKu1AfZZakgu+XQ9W/5fJXCSvuVc3g+JAwxVKZfO3yae
C7vcLSughlUGbjJyVV4wn9xzbKISWwAXmBEt+pP+vJAcyCyRD2uXZjO89sCFxHmD
/Oh84m/ygiUAx+u2to55HPjNTZs9wphdyDws1lPUwxj01B84r6QPgTKBpnhOAr96
xUYNZKAt1ycRXcoi7RNieEZP/r0j92RVA57twMGSDHpCgb7YnCXAS9ptlpHySbOK
akfqFx04eVilqKGee4NeM4rt7363Fr61H+bjkYjvS//ZS/L5ZrbNAMWmkr94Xkcj
m1BG0Bwg
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICljCCAX4CAQAwUTEfMB0GA1UEAwwWdGVzdGNsaWVudC5sb2NhbGRvbWFpbjEL
MAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQKDAhOZW9QbGFuZTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/ZI8ENr0oT2tG4oenZk02b
xf4mCXfi2hxtxiJabcjv6N4086JQgHpOm4/SCTBvN+GptF07n0SYCwaO2OifALaZ
PEMtZ+V8BRVQQZSaXdv0RJ9lS0xaHWoEGZ730Mv2Sqo1ZpdUv3EBf/ItZt1fF9z/
5m5zeP+5FU7OoYtE6p/D+TuIqZ9m8GNWu3FH/HJFrct+O5M+czfRQDuyTSOtkf19
44IRs15gZrXZOWgOHTlHNT1GCQEvUAftm+FreI2VfBAuSASmckR56BD+JL2k8TCC
qyq4FGhBMKXNUbNuzlO2nOJkvmr8d/uwYTbHTS/dco0O9Q+D2TtG9Vmgb99TL5UC
AwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAdqoupSBRB+iFdX3ULgt1sTfqxio9d
X2avV8mhQt8Ivrgw3/+iggz0y54JS+yL+tfzFu2upxmeemnImkKremt/zwQDhKJC
2yLtDBDCWIwrdQyoC8V5irUEZNwFjZn/VrZty7lFsAA46HOXPysPJuYEXMQ1JYoV
VB7N7JdfaFDGDLe7lKsOA/zK3QF1yRvFqdaNyeVP7SZ68K6JzzuP1eakp6BO0pBF
X8xQc3LlMcMSP+G+IjN5LFp+gRMpxv6BkLHFn3ahN9aUPOJb4np/uEg5Mo6fT+gc
qNW1NZ9ZkYPWfTV7SmgWfar+tKXjG7TQyLQfTDqMD+VbSZtWQFGLp5T5
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC/2SPBDa9KE9rR
uKHp2ZNNm8X+Jgl34tocbcYiWm3I7+jeNPOiUIB6TpuP0gkwbzfhqbRdO59EmAsG
jtjonwC2mTxDLWflfAUVUEGUml3b9ESfZUtMWh1qBBme99DL9kqqNWaXVL9xAX/y
LWbdXxfc/+Zuc3j/uRVOzqGLROqfw/k7iKmfZvBjVrtxR/xyRa3LfjuTPnM30UA7
sk0jrZH9feOCEbNeYGa12TloDh05RzU9RgkBL1AH7Zvha3iNlXwQLkgEpnJEeegQ
/iS9pPEwgqsquBRoQTClzVGzbs5TtpziZL5q/Hf7sGE2x00v3XKNDvUPg9k7RvVZ
oG/fUy+VAgMBAAECggEABEzMuJsYKp/4d7AR+aYYX1+xB8yDSfuHbyYwZUeOGOLJ
tHtO2lHqw0hc7mkN2YGl/hSZ7Ty0yeqM1WGLxTuqc4Kf6hM2i4X6A4Yy5hlcpl1a
prue56/zDf6CstWz9B0J2OKisUcjawLBLaTXXqRZlP5BBF4/CspI9Y/Q6Uh1ks2d
dkGob3+leeDCLtggVbIE7FqdjmLI4gD9cVYvH39cTvFd3uXYRyjDtGUdbAH5MYsy
/ji8Y7ZkR+Phas0xYiJBRSKIxsdZzDDRbVDaQJM8DgUOQawtE7aQs+s8+rddR0xH
WFdQIM51vTNYENVA0BzNY3Es7roBDaeaZbD53y30kQKBgQDLDq2c5OuxS66NaHGH
UShytecC9ugeKYVALzDen/CM7Wvf/3hJw/bXrzEm+FO0h/Xz7rHBtSfOzwHbQmM/
FZ4TxGohDhPgqR0bP0vqR9sKE9Kc4K2eRjjncd7wiVBstHMKZysyD3IQtNDJqzqw
umVFyVy1lWBGLXM+l0IuTjNwRQKBgQDx3kse4lkIxYCFW+ZjJtUs2DzyOy0Ga7BD
UkRw/tbyzD7kzj3xp9MJAeUz8vaZ+zcqQgjsfhmLMbflCuuNdREWLA17Cpejekmf
nTu8hxpEEvtESkj0aq55iessUpfLxdPZepKfz/UkDNa+mJus4QILDp/tUnGSvGIA
v0DV8AT/EQKBgCSR6SyXgec1ZSNsiv2+3RUDs64x/43nFmt/1EJT9cO7wrDd1rEa
TOt9TtHg6VpbHi2ncHYdhSTW3VO6uhsTbpvKxP5dBbFxY5+Tn7164XUIKuc8A6i8
puTv+iHB6S0atplKCVqDs5xUpEGdx/0qJLET2dGOLH+XEelU3oNubA8tAoGAbqs7
Diede5D7LIoPUcD7+6f5wxBmmrB9l2A2JsnESpZAFOt1lnQm8NEoMevzACPdav2K
HcPZJkKalTe47iHpro57oJgJKGkU9O653Zqn3wwcYnPnC8cgjEYaEE6+XCPpunIG
Uw+RaGxjehRT7veJust3S9zUUMLXyOW54eoQLzECgYBBTcFVoDIqJY5MSOuQTYri
lro7YcXk0kvahCSgXzdecU+ajG6+ppHvIje/h7nBZizFfsGsZQj3j9hrmxXxJn4H
4gSLHSycFGY65G6tBC4eNKi6umBi8rgw+kQ0PtY23ZDoRTdePXYT4OzQaGiGzZhO
4su2WwkXmgev/Rcan3hj1w==
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDYjCCAkqgAwIBAgIBDjANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjhaFw0zMjExMDgyMzM3MjhaMFExCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxHzAd
BgNVBAMMFnRlc3RzZXJ2ZXIubG9jYWxkb21haW4wggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDK/mRxA7vFDetSR7J58pT+deCpXdjH6rFyebKsPRklq6aq
P8eLMj3CYG641BHNFoMygnK1SEuPXxoLqVYFOf1aZh+9OdvLPjKB37ZfikzXR5az
PRvGKOO9bM+lgviZvmgnE2sEVYtoBJAeK+ZXQkPUQ+Q3QBsdyZXFKu4uQZukW7UO
sp+IGQ5guCi+MAkppB/T6WbuTl7Hr7wjLd/eFK5rHik57D0N1f1fX7G5+K1jfFu9
OsVYDsp3f7LB1QjZntAfE7dnddmAXdDz3FCPm7keLSrdsYSY9Q5tVqBl5yRzMcq2
C4DQX7JcqWCfpGjm8Gnc4gmDyKV4zZPaQXiXr6TzAgMBAAGjTTBLMAkGA1UdEwQC
MAAwHQYDVR0OBBYEFNNWx1Ixb8nBttAAziCdNf5iUfGCMB8GA1UdIwQYMBaAFLFq
+pyZvAQqQohl136+YHCiDtpAMA0GCSqGSIb3DQEBCwUAA4IBAQDeFTLtNW8hPvUB
QOBVZU4kyzOw3v7Y74lug88I92XMagWVV71lLGCzHcQodI7p0ih/3uK9CO+yuhU9
Wkmimb3oh44wao6+R9qtYF/OdbKLvRZ9y3Fd5y5RiYJNFCuBPLGf/0UwIifP0tcI
bivpNkB5WByebbhzo7zZXz+pgMMDkLtBfvwNF9JYM6WAdEw/3cYaN6jwtwvA9/2O
wQ08z1BtuA0Cxjy+7DgFl9b7EQE4q85+TNCyl59x0vO2M9lo01C/APQ8HmCRc8Ax
YCY7zYz5AqnO3HPnQ6plYbIw1xaLEwNYDZ6sxIpCRP+g+ZDG6A3YW76n019lEm75
02901MR9
-----END CERTIFICATE-----

View File

@@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE REQUEST-----
MIICljCCAX4CAQAwUTEfMB0GA1UEAwwWdGVzdHNlcnZlci5sb2NhbGRvbWFpbjEL
MAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQKDAhOZW9QbGFuZTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMr+ZHEDu8UN61JHsnnylP51
4Kld2MfqsXJ5sqw9GSWrpqo/x4syPcJgbrjUEc0WgzKCcrVIS49fGgupVgU5/Vpm
H70528s+MoHftl+KTNdHlrM9G8Yo471sz6WC+Jm+aCcTawRVi2gEkB4r5ldCQ9RD
5DdAGx3JlcUq7i5Bm6RbtQ6yn4gZDmC4KL4wCSmkH9PpZu5OXsevvCMt394Urmse
KTnsPQ3V/V9fsbn4rWN8W706xVgOynd/ssHVCNme0B8Tt2d12YBd0PPcUI+buR4t
Kt2xhJj1Dm1WoGXnJHMxyrYLgNBfslypYJ+kaObwadziCYPIpXjNk9pBeJevpPMC
AwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQACkHItCrvQWANviVk27ntZE/Ze1/NF
W8jPeJG3V9Zemwp2QWE530gdhNy717kGJzW0Udvx57By4tS1bORlKDL7ikpPaIm3
q2YLXzusJ3JXyD2aYoaY+uP6+gt1541aLep8eSQPgG0jJlo8VbbsrPrXj9T15Nsb
MhDlKDLZhW+JCwp53/IB8Az3s6oCUelwENOTDkmuaksTbo9NX9TJ68ByAtSqroT3
/jHqvSpD+VVnQcWn6XE6lLNyXcFcQ/jQLKLVbdV+CLPrUORNCyB5Vy7Qxm49g4lB
H9Cx2fPDBpYw7BlFIrNU9bxLAem2lE2x+H5NbbFoMfi8Bq3q+2MWZg+a
-----END CERTIFICATE REQUEST-----

View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDK/mRxA7vFDetS
R7J58pT+deCpXdjH6rFyebKsPRklq6aqP8eLMj3CYG641BHNFoMygnK1SEuPXxoL
qVYFOf1aZh+9OdvLPjKB37ZfikzXR5azPRvGKOO9bM+lgviZvmgnE2sEVYtoBJAe
K+ZXQkPUQ+Q3QBsdyZXFKu4uQZukW7UOsp+IGQ5guCi+MAkppB/T6WbuTl7Hr7wj
Ld/eFK5rHik57D0N1f1fX7G5+K1jfFu9OsVYDsp3f7LB1QjZntAfE7dnddmAXdDz
3FCPm7keLSrdsYSY9Q5tVqBl5yRzMcq2C4DQX7JcqWCfpGjm8Gnc4gmDyKV4zZPa
QXiXr6TzAgMBAAECggEAGwG1EkDJaAJIkcCpMvE+YmEDcUpjj4F0Ie36rVCkT683
yW8ag189TpGELuyZVlxNkILrc56OiEts9yqMdRM4gkuToxoXWcHIzXTv2g6Cgk0W
HyWc/tms0aRa4e3RWP8MnfpG4s47cazTEbiMeNp/lLYtntjVYrqm8D2cb6SvP4fu
kvi7bKLhcd4l9v42oZKF5wZjynUEh+424TNxqI8OTcnT15xoOjauM9aQnbFYB0ON
tOJ5cO8Pmjbo1wfFsSntC7NrIspaTrlseOl/bK3LadLlb9UHW3GRVwIcIzEYPabU
PZcTKjzk1nAu1fpHgoCuMequxDaXSSWyDLMqwLfqoQKBgQDtcOHFJHO63SIOrwlG
OjZiMxKekjVqtbdiN+7h3FBR0+M7EZnyFO7zsfmDaN3k4m3a6idlnn9HvsEilf+K
Cc+8I0dCeBbZOs/TqVN8ZHB6MqUmtMdGIc1Fau1HYis+d4g1pbQ9tpG0OVa806rR
AkBwD+/Vm6+8uZKilq+oijSpEwKBgQDa3Dt9LFYOG6gnWHlq7uLIWnA4wHKmgEGL
AykaZgW2bxIhQa1C+460OQaCwBbBG2NlN7Lt8MXsr48epnSKROfCYIBuqlH3i2CN
ka+W7pEtnkeEnZSUMb/IF5T868xbYkzXFqJkr17o2MBMbLiM2G79dT/j83MJVc1A
FecQByNwoQKBgArrdBai9IeVf+l49045gyLFAog0ZSyBKuvjcqMEhNUej4a56oCN
oeenObhnbD0IhNDaj/FGdsgP58X1bAknJlyaqr5N048t+zzavrIr1FhqV9oN2lRJ
Xa1hm4P66c43pRYChuWHre/B61FH0sVF+zysHvWN8WkWh73efDmeEYntAoGAMcq1
Bg9WLLOCGCF6zic3FRnuOhseel7ninbXnRfk6NJwL3y/rGOK3dmzb3/ALYLLpDV9
0cBbZzOxvelkzihLCd/mmEbLiyP8fXjNl+sCwHwoDTXEncqLtTwYO0pyHcBJdw3B
OGLlltfpN/nsKq764VMRjAzQ+Si6H4BcJztYhsECgYEAnql7JlJlg/jUOS3hU/sM
iZ1EY7K8DFjaIOitcPcjbZqH4Ha9922MSGW4hCKMo3ncDdaDKDvrfYd9pgtrSvHd
vH1vXcVrdzuLPVzvCxlRxQbSZpK6RZT+OF1OTvg9zMu2hemMwyKNxrRmjADwuU/E
f7etkEMnboFO//fGoMXU5cc=
-----END PRIVATE KEY-----

View File

@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDWzCCAkOgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBJMRcwFQYDVQQDDA5jYS5s
b2NhbGRvbWFpbjELMAkGA1UEBhMCS08xDjAMBgNVBAgMBVNlb3VsMREwDwYDVQQK
DAhOZW9QbGFuZTAeFw0yMjExMTEyMzM3MjdaFw0zMjExMDgyMzM3MjdaMEoxCzAJ
BgNVBAYTAktPMQ4wDAYDVQQIDAVTZW91bDERMA8GA1UECgwITmVvUGxhbmUxGDAW
BgNVBAMMD3VkbS5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAMnNHwgMDlTfi2x5QMvhdhGzOxCZvboqcrkHrTGkRJtUrxNjddjhSkm3
KeRKEdcDq/t126t2CAxiYiRprKr9II1o6rq2JUZz7VU0aC9wWnZyWhIf4VIzyhz5
G5s5cWT7IoJZ/cjmoS89e5cPv34G0jLaqz2m/Kl2zqmVozQRdDuO7Hreh9KgPs92
kqA6XYy1z+hxUILAjpdVoTwgJm0UchF9Ibgc5+ab1XuaaYzxlYAzwcWcCibFzgGO
I6+MdTpJISJBHRzkLOsmFyJ2XpH53aRPN51yQDRnPTDfJj4og6FyFWjtIfCeBHBf
3taz6SPFPHIZhR8OIMt25T4r2bXmS68CAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV
HQ4EFgQUfzKzBycjEgN97TEqC+0iKaWBdVIwHwYDVR0jBBgwFoAUsWr6nJm8BCpC
iGXXfr5gcKIO2kAwDQYJKoZIhvcNAQELBQADggEBACQXPgeUMGyWGbGPwr/cg0lC
SPiIL1s7oZQoNisbTtTqnBHo36xLTGb051o9ZTwd2xTRNJ4ue9/rDnMTK//9+6V5
FKDOYFqikSmCtzuJFB5Q24KxdUM679feAy7v7BWTGd7LoN0dOgPCHqPT7/daxgYW
Xaip1lslx5TYNTnhrJAoVfj0VGrSrTqQqCNf3ifQDI0HRuheKC2WM6Ep7E8MyjiT
kzfsznaWul06geQn7vT4MMTHUNUI49Y2uCCgosD8Xi23Oi8qSiguCeSLcg2ns0p6
eELtPm1xcTWoJHomDNf150ZW5swFDfE9asAWGeYqONShUp5Zim1agcuGTpp9uaQ=
-----END CERTIFICATE-----

Some files were not shown because too many files have changed in this diff Show More