From 0ab74c122c8965a916fc395c0f72d4599aeb3f9f Mon Sep 17 00:00:00 2001 From: Holger Hans Peter Freyther Date: Fri, 21 Oct 2011 14:11:04 +0200 Subject: [PATCH] gsm: Verify the MNCC_VERSION of the BSC/MS and close the socket on mismatch The BSC/MS will send a Hello packet that includes the version number, make LCR verify this version number and close the socket in case it does not match a supported version. --- gsm.cpp | 12 ++++++++++++ mncc.h | 7 +++++++ 2 files changed, 19 insertions(+) diff --git a/gsm.cpp b/gsm.cpp index 31a7967..ee46ff6 100644 --- a/gsm.cpp +++ b/gsm.cpp @@ -1109,6 +1109,7 @@ static int mncc_fd_read(struct lcr_fd *lfd, void *inst, int idx) int rc; static char buf[sizeof(struct gsm_mncc)+1024]; struct gsm_mncc *mncc_prim = (struct gsm_mncc *) buf; + struct gsm_mncc_hello *hello = (struct gsm_mncc_hello *) buf; memset(buf, 0, sizeof(buf)); rc = recv(lfd->fd, buf, sizeof(buf), 0); @@ -1117,6 +1118,17 @@ static int mncc_fd_read(struct lcr_fd *lfd, void *inst, int idx) if (rc < 0) return rc; + /* TODO: size check? */ + switch (mncc_prim->msg_type) { + case MNCC_SOCKET_HELLO: + if (hello->version != MNCC_SOCK_VERSION) { + PERROR("MNCC version different. BSC version is %u\n", hello->version); + mncc_fd_close(lcr_gsm, lfd); + return 0; + } + break; + } + /* Hand the MNCC message into LCR */ switch (lcr_gsm->type) { #ifdef WITH_GSM_BS diff --git a/mncc.h b/mncc.h index 25af62a..16509bd 100644 --- a/mncc.h +++ b/mncc.h @@ -62,6 +62,8 @@ #define GSM_TCH_FRAME_AMR 0x0303 #define GSM_BAD_FRAME 0x03ff +#define MNCC_SOCKET_HELLO 0x0400 + #define GSM_MAX_FACILITY 128 #define GSM_MAX_SSVERSION 128 #define GSM_MAX_USERUSER 128 @@ -201,3 +203,8 @@ struct gsm_mncc_rtp { }; +#define MNCC_SOCK_VERSION 1 +struct gsm_mncc_hello { + u_int32_t msg_type; + u_int32_t version; +}; -- 2.13.6