Changes

msc: ASCI: Fix race condition in TC_assign_fail

The f_sleep(0.5) to delay the registration of the PC for the 2nd SCCP
connection sometimes fired too late and we received the VGCS/VBS
Assignment Request before the channel ConnHdlr was registered in
RAN_Emulation.
Then in turn we need to delay call establishment until the channel is
ready.
Implement proper synchronization points to make sure the order of
registers is accomplished while making sure the 2 ConnHdlrs are
registered before they need it.

Change-Id: Id80982b6b968bbe462aeac2b9be646ab50eace83

pysim/pcsc: do not use getProtocol for protocol selection

The documentation of the getProtocol provided by pyscard says:

"Return bit mask for the protocol of connection, or None if no
protocol set. The return value is a bit mask of
CardConnection.T0_protocol, CardConnection.T1_protocol,
CardConnection.RAW_protocol, CardConnection.T15_protocol"

This suggests that the purpose of getProtocol is not to determine
which protocols are supported. Its purpose is to determine which
protocol is currently selected (either through auto selection or
through the explicit selection made by the API user). This means
we are using getProtocol wrong.

So far this was no problem, since the auto-selected protocol
should be a supported protocol anyway. However, the automatic
protocol selection may not always return a correct result (see
bug report from THD-siegfried [1]).

Let's not trust the automatic protocol selection. Instead let's
parse the ATR and make the decision based on the TD1/TD2 bytes).

[1] https://osmocom.org/issues/6952

Related: OS#6952
Change-Id: Ib119948aa68c430e42ac84daec8b9bd542db7963

contrib/jenkins: add SKIP_FIRMWARE_CLEAN argument

If this is set, then don't clean the firmware at the end. This is needed
to store the built firmware as artifact in jenkins, for passing it along
to another job.

Related: SYS#7963
Change-Id: I9e2342b8111645ef5d3b7bf4ac364ca592aa600b

jobs/octsim_osmo-ccid-firmware: add 30 min timeout

I just stopped a job run that was going for 2 days 16 h. When
successful, the job finishes in 10 min, so let it abort automatically
after 30 min.

Change-Id: Iaccc96b8b29880c9e115e52561fcd43f7b6a8f77

msc: Fix race condition in TC_reset_two(_1iu)

The test failed sporadically with:
"RAN_Emulation.ttcnpp:600 Dynamic test case error: Sending data on the
connection of port BSSAP to 659:SCCP_SP_PORT failed. (Broken pipe)"

That's because it was simply waiting for a fixed amount of time while
letting the underlaying RAN_Emulation do the RESET procedure.
Sometimes it started tearing down the test before the procedure was
fully completed, and RAN_Emulation failed passing the Reset (ACK) up the
stack because the component was already unmapped.

Fix the issue by making sure the RAN_Emulation finished the RESET
procedure before stopping the testThe test.

Change-Id: I27afd7a47e6c6cf0f70e1ecc9e26dd2c220e72ab

msc: Fix race condition in TC_reset_two(_1iu)

The test failed sporadically with:
"RAN_Emulation.ttcnpp:600 Dynamic test case error: Sending data on the
connection of port BSSAP to 659:SCCP_SP_PORT failed. (Broken pipe)"

That's because it was simply waiting for a fixed amount of time while
letting the underlaying RAN_Emulation do the RESET procedure.
Sometimes it started tearing down the test before the procedure was
fully completed, and RAN_Emulation failed passing the Reset (ACK) up the
stack because the component was already unmapped.

Fix the issue by making sure the RAN_Emulation finished the RESET
procedure before stopping the testThe test.

Change-Id: I27afd7a47e6c6cf0f70e1ecc9e26dd2c220e72ab

msc: ASCI: Fix race condition in TC_assign_fail

The f_sleep(0.5) to delay the registration of the PC for the 2nd SCCP
connection sometimes fired too late and we received the VGCS/VBS
Assignment Request before the channel ConnHdlr was registered in
RAN_Emulation.
Implement proper synchronization points to make sure the order of
registers is accomplished while making sure the 2 ConnHdlrs are
registered before they need it.

Change-Id: Id80982b6b968bbe462aeac2b9be646ab50eace83

Support administrative block in role ASP

* Avoid activating later on if inactive when becoming blocked.
* Move to inactive state (and notify peer with ASPIA) if active when becoming blocked.
* Attempt re-activation if needed when becoming non-blocked.

Related: OS#6752
Change-Id: If32902575e874d2acc9a5fc12509af42ed151739

asp: Fix wrong variable logged in ss7_asp_xua_srv_conn_rx_cb()

Change-Id: I24206a19fe57772caf8036464a2e1b6b8630fd7a

Create missing LayerManager fsm in dynamic srv xua asps

Dynamic xUA ASPs in transport_role=server where missing initialization
+start of its LayerManager, meaning they had no xua_default_lm_fsm
instance attached.
Previous the xua_default_lm_fsm didn't do anything internally, but since
recently ir properly transitions through states in SG role too, so
we want to handle blocking/unblocking, etc.

Change-Id: Id01e7a24e92aecc61aa2850632b3712bb338e9f2

stp: m3ua: Expect unsolicited ASPIA ACK after unblocking ASP

Since libosmo-sigtran.git Change-Id
If32902575e874d2acc9a5fc12509af42ed151739, osmo-stp will send an
unsolicited ASPIA ACK to the peer whenever the ASP becomes unblock, in
order to somehow give a chance to the peer to notice something changed
and for instance possibly attempt re-activation of the ASP.

Related: OS#6752
Change-Id: I4b70e576beae3c386d68f17a60d6f23d1a54293a

filesystem: edit_{binary,record}_decoded: add encode/decode examples

When invoking `edit_binary_decoded` or `edit_record_decoded`, the
temp file opened in the editor now contains the EF's encode/decode
test vectors as //-comment lines below the JSON content, similar to
how 'git commit' appends comments to the commit message template.
The comment block is stripped before JSON parsing on save,
so it has no effect on the written data.

The feature is implemented via a new module-level JsonEditor context
manager class that encapsulates the full edit cycle:

* write JSON + examples to a TemporaryDirectory
* invoke the editor
* read back, strip //-comments, parse and return the result

Change-Id: I5a046a9c7ba7e08a98cf643d5a26bc669539b38f
Related: OS#6900

docs: auto-generate Card Filesystem Reference

Add a Sphinx extension (docs/pysim_fs_sphinx.py) that hooks into the
builder-inited event and generates docs/filesystem.rst before Sphinx
reads any source files.

The generated page contains a hierarchical listing of all implemented
EFs and DFs, organised by application/specification (UICC/TS 102 221,
ADF.USIM/TS 31.102, ADF.ISIM/TS 31.103, SIM/TS 51.011).  For each file,
the class docstring and any _test_de_encode / _test_decode vectors
are included as an encoding/decoding example table.

docs/filesystem.rst is fully generated at build time and is therefore
added to .gitignore.

Add tests/unittests/test_fs_coverage.py that walks all pySim.* modules
and verifies that every CardProfile, CardApplication, and standalone
CardDF subclass with EF/DF children is either listed in the SECTIONS
(and will appear in the docs) or explicitly EXCLUDED.

Change-Id: I06ddeefc6c11e04d7c24e116f3f39c8a6635856f
Related: OS#6316

filesystem: JsonEditor: offer interactive retry on error

When json.loads() fails (e.g. the user made a syntax mistake), prompt
the user with "Re-open file for editing? [y]es/[n]o:" and loop back to
the editor if they answer 'y' or 'yes'.  If the user declines, return
the original unmodified value so no write is attempted; the temp file
is still cleaned up by __exit__() in that case.

Change-Id: I9161b7becea0d8dfd3f5f740fbb253da2f061a1d
Related: OS#6899

filesystem: JsonEditor: use NamedTemporaryFile

A plain NamedTemporaryFile is sufficient here: we only need a single
file, not a directory to hold it.  Using NamedTemporaryFile is simpler
(no subdirectory to manage) and gives us a .json suffix for free,
which editors use for syntax highlighting.

Change-Id: If3b0bd0fcc90732407dbd03b9cc883f7abeb948e

Create missing LayerManager fsm in dynamic srv xua asps

Dynamic xUA ASPs in transport_role=server where missing initialization
+start of its LayerManager, meaning they had no xua_default_lm_fsm
instance attached.
Previous the xua_default_lm_fsm didn't do anything internally, but since
recently ir properly transitions through states in SG role too, so
we want to handle blocking/unblocking, etc.

Change-Id: Id01e7a24e92aecc61aa2850632b3712bb338e9f2

cosmetic: xua_asp_fsm: Fix wrong indentation

Change-Id: I21c13ff7bc67c060e739eae38088ac00700680de

xua_lm: Add S_INACTIVE state and improve state transitions

The S_INACTIVE state will be needed once we support administrative state
block in role ASP/(active)IPSP.

It is also useful now since sometimes we just want to leave an asp in
that state without any timer running (eg. asps in override which are not
active until the active one goes inactive).

Adding the S_INACTIVE state also allows transitioning states in role
SG, since we now have somewhere to go instead of leaving it alwas as
S_IDLE.

The S_INACTIVE state also allows staying in that state until the ASP ACT
ACK is received, moment at which the ASP is considered ACTIVE according
to specs.

Change-Id: I7e6127c150e479d0c436875b41824b3061e4fa48

asp: Fix wrong variable logged in ss7_asp_xua_srv_conn_rx_cb()

Change-Id: I24206a19fe57772caf8036464a2e1b6b8630fd7a

Support administrative block in role ASP

* Avoid activating later on if inactive when becoming blocked.
* Move to inactive state (and notify peer with ASPIA) if active when becoming blocked.
* Attempt re-activation if needed when becoming non-blocked.

Related: OS#6752
Change-Id: If32902575e874d2acc9a5fc12509af42ed151739

asp: Fix wrong variable logged in ss7_asp_xua_srv_conn_rx_cb()

Change-Id: I24206a19fe57772caf8036464a2e1b6b8630fd7a

stp: m3ua: Introduce test TC_adm_block_after_act

Related: libosmo-sigtran.git Change-Id If8e34cfb05b8b63173b8bb01a520c058daf1fe39
Related: OS#6752
Change-Id: I18672d228c1d15ef99039bccbb972e0b2496b545

Support administrative block in role ASP

* Avoid activating later on if inactive when becoming blocked.
* Move to inactive state (and notify peer with ASPIA) if active when becoming blocked.
* Attempt re-activation if needed when becoming non-blocked.

Related: OS#6752
Change-Id: If32902575e874d2acc9a5fc12509af42ed151739

Create missing LayerManager fsm in dynamic srv xua asps

Dynamic xUA ASPs in transport_role=server where missing initialization
+start of its LayerManager, meaning they had no xua_default_lm_fsm
instance attached.
Previous the xua_default_lm_fsm didn't do anything internally, but since
recently ir properly transitions through states in SG role too, so
we want to handle blocking/unblocking, etc.

Change-Id: Id01e7a24e92aecc61aa2850632b3712bb338e9f2

Support administrative block in role ASP

Change-Id: If32902575e874d2acc9a5fc12509af42ed151739

cosmetic: xua_asp_fsm: Fix wrong indentation

Change-Id: I21c13ff7bc67c060e739eae38088ac00700680de

xua_lm: Add S_INACTIVE state and improve state transitions

The S_INACTIVE state will be needed once we support administrative state
block in role ASP/(active)IPSP.

It is also useful now since sometimes we just want to leave an asp in
that state without any timer running (eg. asps in override which are not
active until the active one goes inactive).

Adding the S_INACTIVE state also allows transitioning states in role
SG, since we now have somewhere to go instead of leaving it alwas as
S_IDLE.

The S_INACTIVE state also allows staying in that state until the ASP ACT
ACK is received, moment at which the ASP is considered ACTIVE according
to specs.

Change-Id: I7e6127c150e479d0c436875b41824b3061e4fa48

xua asp block: SG: turn asp inactive when administratively blocked

This commit intentionally leaves aside implementing active->inactive
transition for asps with role ASP/(active) IPSP.

Change-Id: If8e34cfb05b8b63173b8bb01a520c058daf1fe39

xua_asp_fsm: Stop T(ack) when receiving an Error msg as response

There's no need to keep retrying retransmission if the peer already told
us something is wrong with the message.

Change-Id: Icaeb472fe67911eb15755442cf11010d3c593f1d

xua_lm: Handle M-Error.ind

Change-Id: I5bdba1ab09084b3eafcb8b4aaa9c9762b15e8583

xua_lm: Use XLM SAP to send M-SCTP_RELEASE.req

Change-Id: I582855acaced48fb838700a3013f94bee7db75ad

xua_rkm: send_reg_req: Avoid adding Routing Context with value 0

We use routing context 0 internally as "no routing context". Since the
Routing Context in the Routing KEy IE in RKM REG REQ is optional, if
local rctx is 0 (because we expect to get one allocated by the STP and
receive it through RKM REG RESP), avoid sending it with the value 0.

Change-Id: Iaa584fea3020af06951aea16e638ac6e6a84ae21

Move xUA<->LM SAP logic to its own file

Right now it's difficult to gasp what's implemented of the SAP since it
was scattered around several places.
Put all the SAP forwarding logic into its own file so it's easy to
follow and extend (eg. adding new helper functions, etc.)

Change-Id: I93d74dd7f6ea8f2e60a8bc41be15362e433e8962

sigtran_sap.h: Fix comment stating RK(DE)_REG prims are not implemented

Change-Id: I81a4df1a826fed2f24a4c7ca410b514b1251b44d

xua_lm: Fix ending up from active to idle forever

Previous transition to S_IDLE was wrong, since there's no way to recover
from that state unless the SCTP connection is closed.
Instead, try harder waiting for some new notifications to try
re-activating the ASP and see if the AS becomes active, or end up timing
out and reconnecting to re-attempt complete set of steps.

Change-Id: I5c97c0ede9c27c63f9259b43b7267a3d5d71681d

xua_lm: Use XLM SAP to send M-ASP_{UP, ACTIVE}.req

Change-Id: I5850d9ec9092ff3d099627856697a4184b0d5853

xua_lm: Handle rx of unsolicited ASPIA ACK

Related: OS#6752
Change-Id: Ica4fbaefd08cdb5c4ca2e2a608606ddbec85297c

Use osmo_ss7_asp_active() in several places

Change-Id: I172e691cb61ac68e2410b44e124737f7a4dd2775

Use osmo_ss7_asp_active() in several places

Change-Id: I172e691cb61ac68e2410b44e124737f7a4dd2775

filesystem: JsonEditor: use NamedTemporaryFile

A plain NamedTemporaryFile is sufficient here: we only need a single
file, not a directory to hold it.  Using NamedTemporaryFile is simpler
(no subdirectory to manage) and gives us a .json suffix for free,
which editors use for syntax highlighting.

Change-Id: If3b0bd0fcc90732407dbd03b9cc883f7abeb948e

docs: auto-generate Card Filesystem Reference

Add a Sphinx extension (docs/pysim_fs_sphinx.py) that hooks into the
builder-inited event and generates docs/filesystem.rst before Sphinx
reads any source files.

The generated page contains a hierarchical listing of all implemented
EFs and DFs, organised by application/specification (UICC/TS 102 221,
ADF.USIM/TS 31.102, ADF.ISIM/TS 31.103, SIM/TS 51.011).  For each file,
the class docstring and any _test_de_encode / _test_decode vectors
are included as an encoding/decoding example table.

docs/filesystem.rst is fully generated at build time and is therefore
added to .gitignore.

Add tests/unittests/test_fs_coverage.py that walks all pySim.* modules
and verifies that every CardProfile, CardApplication, and standalone
CardDF subclass with EF/DF children is either listed in the SECTIONS
(and will appear in the docs) or explicitly EXCLUDED.

Change-Id: I06ddeefc6c11e04d7c24e116f3f39c8a6635856f
Related: OS#6316

filesystem: JsonEditor: offer interactive retry on error

When json.loads() fails (e.g. the user made a syntax mistake), prompt
the user with "Re-open file for editing? [y]es/[n]o:" and loop back to
the editor if they answer 'y' or 'yes'.  If the user declines, return
the original unmodified value so no write is attempted; the temp file
is still cleaned up by __exit__() in that case.

Change-Id: I9161b7becea0d8dfd3f5f740fbb253da2f061a1d
Related: OS#6899

filesystem: edit_{binary,record}_decoded: add encode/decode examples

When invoking `edit_binary_decoded` or `edit_record_decoded`, the
temp file opened in the editor now contains the EF's encode/decode
test vectors as //-comment lines below the JSON content, similar to
how 'git commit' appends comments to the commit message template.
The comment block is stripped before JSON parsing on save,
so it has no effect on the written data.

The feature is implemented via a new module-level JsonEditor context
manager class that encapsulates the full edit cycle:

* write JSON + examples to a TemporaryDirectory
* invoke the editor
* read back, strip //-comments, parse and return the result

Change-Id: I5a046a9c7ba7e08a98cf643d5a26bc669539b38f
Related: OS#6900

xua_rkm: send_reg_req: Avoid adding Routing Context with value 0

We use routing context 0 internally as "no routing context". Since the
Routing Context in the Routing KEy IE in RKM REG REQ is optional, if
local rctx is 0 (because we expect to get one allocated by the STP and
receive it through RKM REG RESP), avoid sending it with the value 0.

Change-Id: Iaa584fea3020af06951aea16e638ac6e6a84ae21

xua_lm: Handle rx of unsolicited ASPIA ACK

Related: OS#6752
Change-Id: Ica4fbaefd08cdb5c4ca2e2a608606ddbec85297c

xua_asp_fsm: Stop T(ack) when receiving an Error msg as response

There's no need to keep retrying retransmission if the peer already told
us something is wrong with the message.

Change-Id: Icaeb472fe67911eb15755442cf11010d3c593f1d

xua_rkm: send_reg_req: Avoid adding Routing Context with value 0

We use routing context 0 internally as "no routing context". Since the
Routing Context in the Routing KEy IE in RKM REG REQ is optional, if
local rctx is 0 (because we expect to get one allocated by the STP and
receive it through RKM REG RESP), avoid sending it with the value 0.

Change-Id: Iaa584fea3020af06951aea16e638ac6e6a84ae21

xua_lm: Fix ending up from active to idle forever

Previous transition to S_IDLE was wrong, since there's no way to recover
from that state unless the SCTP connection is closed.
Instead, try harder waiting for some new notifications to try
re-activating the ASP and see if the AS becomes active, or end up timing
out and reconnecting to re-attempt complete set of steps.

Change-Id: I5c97c0ede9c27c63f9259b43b7267a3d5d71681d

m3ua: m3ua_gen_error_msg(): include Routing Context IE in cause Invalid Routing Context

As per RFC4666 3.8.1:
"""
The "Invalid Routing Context" error is sent if a message is received
from a peer with an invalid (unconfigured) Routing Context value.
For this error, the invalid Routing Context(s) MUST be included in
the Error message."
"""

Hence add the originating Routing Context IE so the error message can be
further identified.
For the same reason, also add the Diagnostic Information for the
specific cases in the switch statement, and make them more robust about
possible null pointer dereference.

Change-Id: If821109701e315d17f5334c680670ea6c7bce3bd

Move xUA<->LM SAP logic to its own file

Right now it's difficult to gasp what's implemented of the SAP since it
was scattered around several places.
Put all the SAP forwarding logic into its own file so it's easy to
follow and extend (eg. adding new helper functions, etc.)

Change-Id: I93d74dd7f6ea8f2e60a8bc41be15362e433e8962

xua_lm: Handle M-Error.ind

Change-Id: I5bdba1ab09084b3eafcb8b4aaa9c9762b15e8583

xua_as_fsm: Remove FIXME regarding queueing of msgs during state PENDING

Queueing of messags during T(r) (state PENDING) is already implemented,
see xua_as_fsm_pending() further below in the same file.

Change-Id: Ie572367493066039f7022250d94b815a4da5bd16

xua asp block: SGP/IPSP: Answer ASPAC with Err if blocked

Reject received ASPACs when the asp is administratively blocked.

Moving an already active ASP into inactive state upon user applies
adminsitrative block is not covered in this commit; it will be
implementer later.

This commit doesn't yet implement asp blocking in ASP role nor
(ASP-side) IPSP role.

Related: OS#6752
Change-Id: I23851fe05c06b6bf59b902632029a2382231427e

xua_asp_fsm: Include Routing Context IE in Err msg cuase Invalid Routing Context

As per RFC4666 3.8.1:
"""
For this error, the invalid Routing Context(s) MUST be included in
the Error message.
"""

Change-Id: Ia8bff16248967209d73cd6d5b54ac30fda283247

xua_lm: Use XLM SAP to send M-ASP_{UP, ACTIVE}.req

Change-Id: I5850d9ec9092ff3d099627856697a4184b0d5853

xua_lm: Use XLM SAP to send M-SCTP_RELEASE.req

Change-Id: I582855acaced48fb838700a3013f94bee7db75ad

sigtran_sap.h: Fix comment stating RK(DE)_REG prims are not implemented

Change-Id: I81a4df1a826fed2f24a4c7ca410b514b1251b44d

xua asp block: SG: turn asp inactive when administratively blocked

This commit intentionally leaves aside implementing active->inactive
transition for asps with role ASP/(active) IPSP.

Change-Id: If8e34cfb05b8b63173b8bb01a520c058daf1fe39

docs/conf.py: silence autosectionlabel duplicate-label warnings

sphinxarg.ext generates generic sub-headings ("Named arguments",
"Positional arguments", "Sub-commands", "General options", ...) for
every argparse command and tool.  These repeat across many files and
trigger large numbers of autosectionlabel duplicate-label warnings.

Two-pronged fix:

* `autosectionlabel_maxdepth = 3` eliminates the depth-4+ warnings
  (sub-headings inside each individual command block).
* `suppress_warnings` per file silences the residual depth-3 collisions
  ("serial reader", "decode_hex", "sub-commands", ...) that still
  appear across tool documentation files.

Cross-references into these generic argparse-generated sections are not
a supported use-case, so suppressing the warnings is appropriate.

Change-Id: I9cdf2a4f6cbd435b16b90ab668205600ffd7c3b0

docs: auto-generate Card Filesystem Reference

Add a Sphinx extension (docs/pysim_fs_sphinx.py) that hooks into the
builder-inited event and generates docs/filesystem.rst before Sphinx
reads any source files.

The generated page contains a hierarchical listing of all implemented
EFs and DFs, organised by application/specification (UICC/TS 102 221,
ADF.USIM/TS 31.102, ADF.ISIM/TS 31.103, SIM/TS 51.011).  For each file,
the class docstring and any _test_de_encode / _test_decode vectors
are included as an encoding/decoding example table.

docs/filesystem.rst is fully generated at build time and is therefore
added to .gitignore.

Change-Id: I06ddeefc6c11e04d7c24e116f3f39c8a6635856f
Related: OS#6316

filesystem: edit_{binary,record}_decoded: add encode/decode examples

When invoking `edit_binary_decoded` or `edit_record_decoded`, the
temp file opened in the editor now contains the EF's encode/decode
test vectors as //-comment lines below the JSON content, similar to
how 'git commit' appends comments to the commit message template.
The comment block is stripped before JSON parsing on save,
so it has no effect on the written data.

The feature is implemented via a new module-level JsonEditor context
manager class that encapsulates the full edit cycle:

* write JSON + examples to a TemporaryDirectory
* invoke the editor
* read back, strip //-comments, parse and return the result

Change-Id: I5a046a9c7ba7e08a98cf643d5a26bc669539b38f
Related: OS#6900

filesystem: JsonEditor: offer interactive retry on error

When json.loads() fails (e.g. the user made a syntax mistake), prompt
the user with "Re-open file for editing? [y]es/[n]o:" and loop back to
the editor if they answer 'y' or 'yes'.  If the user declines, return
the original unmodified value so no write is attempted; the temp file
is still cleaned up by __exit__() in that case.

Change-Id: I9161b7becea0d8dfd3f5f740fbb253da2f061a1d
Related: OS#6899

filesystem: JsonEditor: use NamedTemporaryFile

A plain NamedTemporaryFile is sufficient here: we only need a single
file, not a directory to hold it.  Using NamedTemporaryFile is simpler
(no subdirectory to manage) and gives us a .json suffix for free,
which editors use for syntax highlighting.

Change-Id: If3b0bd0fcc90732407dbd03b9cc883f7abeb948e

docs/conf.py: add autodoc_mock_imports for klein and twisted

The eSIM SM-DP+ server modules (`pySim.esim.es2p`, `pySim.esim.es9p`,
`pySim.esim.http_json_api`) unconditionally import optional server-side
dependencies at module level:

  pySim.esim.es2p          -- from klein import Klein
  pySim.esim.http_json_api -- from twisted.web.server import Request

Both imports fail during a docs build if the packages are absent or
broken, causing three "autodoc: failed to import" warnings and three
missing chapters in the generated manual.

Even when klein and twisted are installed, twisted 23.10.0 (the
version pulled in transitively by smpp.twisted3's `Twisted~=23.10.0`
constraint) is incompatible with Python 3.13+ because twisted.web.http
unconditionally executes `import cgi`, a module that was removed from
the standard library in Python 3.13.

Fix: add `autodoc_mock_imports = ['klein', 'twisted']` to conf.py.
Sphinx inserts mock entries into sys.modules before each autodoc import
attempt, so the modules can be imported and documented without requiring
the real packages to be importable at build time.

Change-Id: I71650466f02a6a6d150650deed167c05d2cb6e64

pysim/pcsc: do not use getProtocol for protocol selection

The documentation of the getProtocol provided by pyscard says:

"Return bit mask for the protocol of connection, or None if no
protocol set. The return value is a bit mask of
CardConnection.T0_protocol, CardConnection.T1_protocol,
CardConnection.RAW_protocol, CardConnection.T15_protocol"

This suggests that the purpose of getProtocol is not to determine
which protocols are supported. Its purpose is to determine which
protocol is currently selected (either through auto selection or
through the explicit selection made by the API user). This means
we are using getProtocol wrong.

So far this was no problem, since the auto-selected protocol
should be a supported protocol anyway. However, the automatic
protocol selection may not always return a correct result (see
bug report from THD-siegfried [1]).

Let's not trust the automatic protocol selection. Instead let's
parse the ATR and make the decision based on the TD1/TD2 bytes).

[1] https://osmocom.org/issues/6952

Related: OS#6952
Change-Id: Ib119948aa68c430e42ac84daec8b9bd542db7963

sigtran_sap.h: Document spec specifying xUA<->LM primitive

Change-Id: I14c3092a3feac5661d03b9b9114889b348b11bb1

xua_as_fsm: Remove FIXME regarding queueing of msgs during state PENDING

Queueing of messags during T(r) (state PENDING) is already implemented,
see xua_as_fsm_pending() further below in the same file.

Change-Id: Ie572367493066039f7022250d94b815a4da5bd16

xua asp block: SGP/IPSP: Answer ASPAC with Err if blocked

Reject received ASPACs when the asp is administratively blocked.

Moving an already active ASP into inactive state upon user applies
adminsitrative block is not covered in this commit; it will be
implementer later.

This commit doesn't yet implement asp blocking in ASP role nor
(ASP-side) IPSP role.

Related: OS#6752
Change-Id: I23851fe05c06b6bf59b902632029a2382231427e

xua asp block: SG: turn asp inactive when administratively blocked

This commit intentionally leaves aside implementing active->inactive
transition for asps with role ASP/(active) IPSP.

Change-Id: If8e34cfb05b8b63173b8bb01a520c058daf1fe39

pySim-read: remove import random

In pySim-read we do not have to compute any random numbers, so
we may remove random from the imports

Change-Id: Iae4ee6aafb339cc682345299b92b4ecd0bbca14e

tlv: Allow control over comprehension bit in COMPR_TLV_IE

This allows construction of a comprehension TLV with the bit set or
cleared. The default is comprehension=True to not break existing code.

```
>>> foo = Foo(decoded=b"2342", comprehension=True)
>>> bar = Foo(decoded=b"2342", comprehension=False)
```

Related: OS#6989
Change-Id: I9ca689b9b51152f3907ea470c7b42a0b12208459

tlv: Remove unused branch

0xff is checked in the first if statement and already raises a ValueError

Change-Id: Ia6a0656721a1fcaf5f16526fefe62c30b0ddb664

filesystem: JsonEditor: offer interactive retry on error

When json.loads() fails (e.g. the user made a syntax mistake), prompt
the user with "Re-open file for editing? [y]es/[n]o:" and loop back to
the editor if they answer 'y' or 'yes'.  If the user declines, return
the original unmodified value so no write is attempted; the temp file
is still cleaned up by __exit__() in that case.

Change-Id: I9161b7becea0d8dfd3f5f740fbb253da2f061a1d
Related: OS#6899

filesystem: JsonEditor: use NamedTemporaryFile

A plain NamedTemporaryFile is sufficient here: we only need a single
file, not a directory to hold it.  Using NamedTemporaryFile is simpler
(no subdirectory to manage) and gives us a .json suffix for free,
which editors use for syntax highlighting.

Change-Id: If3b0bd0fcc90732407dbd03b9cc883f7abeb948e

filesystem: edit_{binary,record}_decoded: add encode/decode examples

When invoking `edit_binary_decoded` or `edit_record_decoded`, the
temp file opened in the editor now contains the EF's encode/decode
test vectors as //-comment lines below the JSON content, similar to
how 'git commit' appends comments to the commit message template.
The comment block is stripped before JSON parsing on save,
so it has no effect on the written data.

The feature is implemented via a new module-level JsonEditor context
manager class that encapsulates the full edit cycle:

* write JSON + examples to a TemporaryDirectory
* invoke the editor
* read back, strip //-comments, parse and return the result

Change-Id: I5a046a9c7ba7e08a98cf643d5a26bc669539b38f
Related: OS#6900

docs: auto-generate Card Filesystem Reference

Add a Sphinx extension (docs/pysim_fs_sphinx.py) that hooks into the
builder-inited event and generates docs/filesystem.rst before Sphinx
reads any source files.

The generated page contains a hierarchical listing of all implemented
EFs and DFs, organised by application/specification (UICC/TS 102 221,
ADF.USIM/TS 31.102, ADF.ISIM/TS 31.103, SIM/TS 51.011).  For each file,
the class docstring and any _test_de_encode / _test_decode vectors
are included as an encoding/decoding example table.

docs/filesystem.rst is fully generated at build time and is therefore
added to .gitignore.

Change-Id: I06ddeefc6c11e04d7c24e116f3f39c8a6635856f
Related: OS#6316

stp: m3ua: Introduce test TC_adm_block_after_act

Related: OS#6752
Change-Id: I18672d228c1d15ef99039bccbb972e0b2496b545

stp: m3ua: Introduce test TC_adm_block_act_err

Related: OS#6752
Related: libosmo-sigtran.git Change-Id I23851fe05c06b6bf59b902632029a2382231427e
Change-Id: I9869ec2b71a3f6814340e181d67bab4c9266a2f4

xua asp block: SGP/IPSP: Answer ASPAC with Err if blocked

Reject received ASPACs when the asp is administratively blocked.

Moving an already active ASP into inactive state upon user applies
adminsitrative block is not covered in this commit; it will be
implementer later.

This commit doesn't yet implement asp blocking in ASP role nor
(ASP-side) IPSP role.

Related: OS#6752
Change-Id: I23851fe05c06b6bf59b902632029a2382231427e

stp: m3ua: Introduce test TC_adm_block_act_err

Related: OS#6752
Related: libosmo-sigtran.git Change-Id I23851fe05c06b6bf59b902632029a2382231427e
Change-Id: I9869ec2b71a3f6814340e181d67bab4c9266a2f4

stp: Move NTFY expect to up & act step helper functions

Change-Id: Ia835a5dd54cc37f529ca1c4ff9892d44fe239241

docs/conf.py: add autodoc_mock_imports for klein and twisted

The eSIM SM-DP+ server modules (`pySim.esim.es2p`, `pySim.esim.es9p`,
`pySim.esim.http_json_api`) unconditionally import optional server-side
dependencies at module level:

  pySim.esim.es2p          -- from klein import Klein
  pySim.esim.http_json_api -- from twisted.web.server import Request

Both imports fail during a docs build if the packages are absent or
broken, causing three "autodoc: failed to import" warnings and three
missing chapters in the generated manual.

Even when klein and twisted are installed, twisted 23.10.0 (the
version pulled in transitively by smpp.twisted3's `Twisted~=23.10.0`
constraint) is incompatible with Python 3.13+ because twisted.web.http
unconditionally executes `import cgi`, a module that was removed from
the standard library in Python 3.13.

Fix: add `autodoc_mock_imports = ['klein', 'twisted']` to conf.py.
Sphinx inserts mock entries into sys.modules before each autodoc import
attempt, so the modules can be imported and documented without requiring
the real packages to be importable at build time.

Change-Id: I71650466f02a6a6d150650deed167c05d2cb6e64

firmware: werror on missing return

Silently ignoring a missing return just broke all timers,
so prevent similar mistakes in the future.

Change-Id: I2e25884077af6334c9e9ddace3900b04061fae04

firmware: fix timers, add missing return

Change-Id: I5b12284c88d8fe6e4fe55cc4cd2aad550d276af4

docs/conf.py: silence autosectionlabel duplicate-label warnings

sphinxarg.ext generates generic sub-headings ("Named arguments",
"Positional arguments", "Sub-commands", "General options", ...) for
every argparse command and tool.  These repeat across many files and
trigger large numbers of autosectionlabel duplicate-label warnings.

Two-pronged fix:

* `autosectionlabel_maxdepth = 3` eliminates the depth-4+ warnings
  (sub-headings inside each individual command block).
* `suppress_warnings` per file silences the residual depth-3 collisions
  ("serial reader", "decode_hex", "sub-commands", ...) that still
  appear across tool documentation files.

Cross-references into these generic argparse-generated sections are not
a supported use-case, so suppressing the warnings is appropriate.

Change-Id: I9cdf2a4f6cbd435b16b90ab668205600ffd7c3b0

docs/legacy: fix typo "EF,IMSI" -> "EF.IMSI"

Change-Id: I1f246ec008a57b2373ed3f5531ab4166101f4dd0

docs/conf.py: silence autosectionlabel duplicate-label warnings

sphinxarg.ext generates generic sub-headings ("Named arguments",
"Positional arguments", "Sub-commands", "General options", ...) for
every argparse command and tool.  These repeat across many files and
trigger large numbers of autosectionlabel duplicate-label warnings.

Two-pronged fix:

* `autosectionlabel_maxdepth = 3` eliminates the depth-4+ warnings
  (sub-headings inside each individual command block).
* `suppress_warnings` per file silences the residual depth-3 collisions
  ("serial reader", "decode_hex", "sub-commands", ...) that still
  appear across tool documentation files.

Cross-references into these generic argparse-generated sections are not
a supported use-case, so suppressing the warnings is appropriate.

Change-Id: I9cdf2a4f6cbd435b16b90ab668205600ffd7c3b0

docs/put_key-tutorial: fix three typos

  "verifiation"        -> "verification"
  "this is identifies" -> "this identifies" (extra word)
  "and and"            -> "and" (doubled word)

Change-Id: I1ae6b01638cc2c3dd8355ba801f85cc179ca8bd3

docs/card-key-provider: fix heading levels and typo

The "ADM PIN" and "SCP02 / SCP03" sub-sections of "Field naming" used
the '~' heading character, which Sphinx resolved to level 4 - skipping
level 3 and throwing build ERRORs.  As a result, both sub-sections
had no heading at all.  Change both to '^' (level 3) to match the
other sub-sections in this file.

While at it, fix a typo: "consisting if" -> "consisting of".

Change-Id: Ia56efc7fadcc0fd62e87e63850b929d2f80851ba

docs/shell: fix copy-paste typos in editor command descriptions

Two adjacent commands (`edit_record_decoded`, `edit_binary_decoded`)
had identical copy-pasted error messages with three typos each:

  "modificatiosn" -> "modifications"
  "us the"        -> "use the"
  "comamdn"       -> "command"

Change-Id: Ie23baba4634e2cc40f81439fb11b102778aed1f6

docs/saip-tool: fix typo "insertaion" -> "insertion"

Change-Id: Ie9c9235ec964a15fab19d6ca5a83b2b1ddf07e7b

m3ua: m3ua_gen_error_msg(): include Routing Context IE in cause Invalid Routing Context

As per RFC4666 3.8.1:
"""
The "Invalid Routing Context" error is sent if a message is received
from a peer with an invalid (unconfigured) Routing Context value.
For this error, the invalid Routing Context(s) MUST be included in
the Error message."
"""

Hence add the originating Routing Context IE so the error message can be
further originated.
For the same reason, also add the Diagnostic Information for the
specific cases in the switch statement, and make them more robust about
possible null pointer dereference.

Change-Id: If821109701e315d17f5334c680670ea6c7bce3bd

xua_asp_fsm: Include Routing Context IE in Err msg cuase Invalid Routing Context

As per RFC4666 3.8.1:
"""
For this error, the invalid Routing Context(s) MUST be included in
the Error message.
"""

Change-Id: Ia8bff16248967209d73cd6d5b54ac30fda283247

m3ua: m3ua_gen_error_msg(): include Routing Context IE in cause Invalid Routing Context

As per RFC4666 3.8.1:
"""
The "Invalid Routing Context" error is sent if a message is received
from a peer with an invalid (unconfigured) Routing Context value.
For this error, the invalid Routing Context(s) MUST be included in
the Error message."
"""

Hence add the originating Routing Context IE so the error message can be
further originated.
For the same reason, also add the Diagnostic Information for the
specific cases in the switch statement, and make them more robust about
possible null pointer dereference.

Change-Id: If821109701e315d17f5334c680670ea6c7bce3bd

xua_asp_fsm: Include Routing Context IE in Err msg cuase Invalid Routing Context

As per RFC4666 3.8.1:
"""
For this error, the invalid Routing Context(s) MUST be included in
the Error message.
"""

Change-Id: Ia8bff16248967209d73cd6d5b54ac30fda283247

OBS: nightly: add ".0" after versions on git tags

Fix that with the current logic of generating version numbers for
nightly, a version done on a tag can be higher than the following
version:

on tag:                    1.14.0.202603231800         # <tag>.<YY><MM><DD><HH><mm><SS>
on tag (with this patch):  1.14.0.0.202603231800       # <tag>.0.<YY><MM><DD><HH><mm><SS>
next commit after the tag: 1.14.0.1.2016.202603241800  # <tag>.<patch-count-since-last-tag>.<commit-hash>.<YY><MM><DD><HH><mm><SS>

Fixes: OS#6981
Change-Id: Id140d8ea76bf98357711587a9909d54097250fd6

xua: Split traffic mode readonly validation from internal state update

First validate the whole message, then once evyerthing is fine, act on
the message updating internal state.

Change-Id: I05ba891e774ebe341229b968c92e0383b6899bd6

asp_vty: Fix wrong vty write 'blocked' command

This is not criticial since "block"/"no block" commands are yet to be
fully implemented.

Change-Id: Ia42a064cfdbba025bc3ae5479e8e6edec4abe770

xua_find_as_for_asp(): Optimize lookup

Instead of looking up on all AS configured in an instance, look up on
the subset associated to the ASP we are looking up for.
Since we are also not looking a 2nd pass to then validate if ASP and
returned AS is related, in worst case this would split lookup complexity
by half.

Change-Id: If85ad27ad5e55be0c22e2716fa7329409a7b85b5

osmo_ss7_find_free_{rctx,l_rk_id}(): Make more robust to wrap-around

Previous versions of those functions would end up broken over time after
~2^32 were allocated, turning the program into an unusuable stte.

Change-Id: Ie10f4048d0af384dc84c79e6fc441c8537649d55

asp: Configure block and shutdown adm state independently

The block/no block and shutdown/no shutdown commands tweak independent
states; adapt the code to what's presented to the user. This simplifies
handling of both states, since the user may want eg. have it blocked and
shutdown, and then "no shutdown" it but make sure it stays blocked so no
race condition happens.

Related: OS#6752
Change-Id: I3ab81a4f6f6b72015c5068d5a27128642622cf99

xua_rkm: handle_rkey_reg(): Skip AS ilookup of known free RCTX

There's no need to attempt a look up for an AS with a RCTX we just
ensured is not yet allocated to any AS.

Change-Id: I40719527c527db58244972a797c4287107306532

xua_asp_fsm: XUA_ASP_E_ASPTM_ASPAC: Validate RCTX AS is associated to ASP

Previously we only validated that a local AS was configured for the
provided routing context, but we didn't validate that the AS was actually
associated to the requesting ASP.

Change-Id: Idcd51b9bbe38064ed03d076a76279384a3927334

handle_rkey_dereg(): Optimize lookup

Instead of looking up on all AS configured in an instance, look up on
the subset associated to the ASP we are looking up for.
Since we are also not looking a 2nd pass to then validate if ASP and
returned AS is related, in worst case this would split lookup complexity
by half.

Change-Id: I56ac5caef9bcded9dd08ca532a413af94070a1bd

stp: m3ua: Fix incorrect RCTX being sent in TC_combinedlset_loadshare

An ASPAC was being sent containing an RCTX of an unrelated AS to the
sending ASP.
Newer libosmo-sigtran properly validates AS/RCTX is associated to the
ASP in the local config, and hence now returns an error properly making
the test fail.

Change-Id: Id8381a028a919a265ca330ef4f61c76637c168f6

struct trx_power_params: fix inaccurate comment

Change-Id: I1bdb7fab24fee28dbeac0ed05e13f650e08c98e9
Fixes: 4c632421 ("bts_shutdown_fsm: fix spurious RAMP_COMPL events in WAIT_TRX_CLOSED")

OBS: pyhss_download_deps: add python 3.14

Download binary package dependencies for python 3.14 too, so we can
build the package for Ubuntu 26.04.

Related: OS#6983
Related: https://gitea.osmocom.org/osmocom/pyhss/commit/2125f52c5eb1b3e66b1ebe2febadb7c886536681
Change-Id: Ic23d52c081f68fb8d6f7d9e370883236ca9bf35f

stp: STP_Tests_M3UA_TCP: Introduce tests TC_m3ua_tcp_{cli,srv}_adm_shutdown

Related tests already existed for STP_Tests_M3UA, but we want to
explicitly test against M3UA_TCP since these tests involve the transport
layer directly.

Related: OS#6752
Change-Id: Ia37a0e244895fbb447ef8e71a0980538cc9fd7f8

stp: STP_Tests_IPA: Introduce tests TC_ipa_tcp_{cli,srv}_adm_shutdown

Related tests already exist for M3UA and M3UA_TCP, but were missing for
IPA ASPs.

Change-Id: Ie30de6caa3e2b680aff9e50898e63f615b526500
Related: OS#6752

osmo-bts-trx: rx_data_fn(): fix copy-paste in comment

Change-Id: Ibf35c468310a690fd873cf968bb2c44b493ca5ea

bts_shutdown_fsm: fix spurious RAMP_COMPL events in WAIT_TRX_CLOSED

With multiple TRXes ramping down in lockstep, both their final
ramp-timer callbacks fire back-to-back in the same event loop pass,
setting p_total_cur_mdBm to the target value for both before any async
hardware acknowledgement arrives.  When the first SETPOWER ack returns
and fires ramp_down_compl_cb() for TRX0, the remaining-TRX check in
st_wait_ramp_down_compl() inspects p_total_cur_mdBm for TRX1 and finds
it already at the target - concluding that all TRXes are done.  The FSM
then transitions to WAIT_TRX_CLOSED, and the second ack (for TRX1)
fires ramp_down_compl_cb() into the wrong state, producing:

  BTS_SHUTDOWN(...){WAIT_TRX_CLOSED}: Event BTS_SHUTDOWN_EV_TRX_RAMP_COMPL not permitted

The root cause is that p_total_cur_mdBm is a *requested* value set in
the timer callback, not a confirmed one.  The hardware confirmation
arrives asynchronously via power_trx_change_compl() ->
power_ramp_do_step(), which is also where compl_cb() is invoked.

Fix by adding a 'complete' flag to trx_power_params.ramp that is:

* cleared when _power_ramp_start() begins a new ramp, and
* set just before compl_cb() is called in power_ramp_do_step()

The shutdown FSM remaining-TRX count then checks !ramp.complete instead of
comparing p_total_cur_mdBm against the target, correctly reflecting which
TRXes have actually received hardware confirmation of ramp completion.

Change-Id: Ia71393e871187d6b44b7f520eb421bab354aafd1

osmo-bts-trx: rx_rach_fn(): remove redundant fall-back

Condition `synch_seq != RACH_SYNCH_SEQ_TS0` is unlikely to be true,
given that no other synch. sequences are defined by 3GPP TS 45.002.
Even if this happens for whatever reason (e.g. a bug), assigning
`synch_seq` to `RACH_SYNCH_SEQ_TS0` is not needed, as `synch_seq`
is never read after the switch statement.  The logging message is
not useful either, since we already print the synch. seq. above.

Change-Id: I4cdc03dc6631ca17d13a3067ad03020e3e97eab1

firmware: replace libosmocore fsm timers

Concurrent access from main loop and the different uart irqs was not
going well and caused crashes. The libosmocore fsm does still allocate
one internal timer, but it is not used by the firmware, so libosmocore
will not touch the rbtree.

Additionally ignore checkpatch jiffies complaints because we're trying
to do firmware here.

Closes: SYS#7877
Change-Id: Id2bd67b3946bb451008965f0b68b4a919f4d10bd

firmware: replace libosmocore fsm timers

Concurrent access from main loop and the different uart irqs was not
going well and caused crashes. The libosmocore fsm does still allocate
one internal timer, but it is not used by the firmware, so libosmocore
will not touch the rbtree.

Additionally ignore checkpatch jiffies complaints because we're trying
to do firmware here.

Closes: SYS#7877
Change-Id: Id2bd67b3946bb451008965f0b68b4a919f4d10bd

nokia_site: add objects to query TRX power and power steps

This commit adds a method to query per TRX RF power and
power control step capabilities of radio HW.

Change-Id: Ib5a00c0b528407144cca88e5cbde940d7a5509f0

stp: STP_Tests_M3UA_TCP: Introduce tests TC_m3ua_tcp_{cli,srv}_adm_shutdown

Related tests already existed for STP_Tests_M3UA, but we want to
explicitly test against M3UA_TCP since these tests involve the transport
layer directly.

Related: OS#6752
Change-Id: Ia37a0e244895fbb447ef8e71a0980538cc9fd7f8

stp: STP_Tests_IPA: Introduce tests TC_ipa_tcp_{cli,srv}_adm_shutdown

Related tests already exist for M3UA and M3UA_TCP, but were missing for
IPA ASPs.

Change-Id: Ie30de6caa3e2b680aff9e50898e63f615b526500
Related: OS#6752

OBS: pyhss_download_deps: fix dependency loop

Fix that the Osmocom_OBS_nightly job is failing for the pyhss package
with a dependency loop in hatchling:

  LookupError: https://files.pythonhosted.org/…/hatchling-1.29.0.tar.gz (from https://pypi.org/simple/hatchling/) (requires-python:>=3.10) is already being built: hatchling>=1.21.0 from https://files.pythonhosted.org/…/hatchling-1.29.0.tar.gz

This happens as it recursively collects source packages and their
(build) dependencies:

  pymongo
  -> dnspython
  -> hatchling
  -> pluggy
  -> setuptools-scm
  -> vcs-versioning
  -> hatchling

When only ignoring the hatchling source package, we get a similar
dependency loop with pluggy, so ignore both source packages. Hatchling
gets added later as binary package and pluggy is only a build-time
dependency for hatchling. The resulting PyHSS package builds fine with
this change.

Change-Id: I0484627fd105627fabe9435379e704db54e72ae3

OBS: pyhss_download_deps: add python 3.14

Download binary package dependencies for python 3.14 too, so we can
build the package for Ubuntu 26.04.

Related: OS#6983
Related: https://gitea.osmocom.org/osmocom/pyhss/commit/2125f52c5eb1b3e66b1ebe2febadb7c886536681
Change-Id: Ic23d52c081f68fb8d6f7d9e370883236ca9bf35f

osmo-bts-trx: check sscanf() result in NOMTXPOWER/SETPOWER handlers

Both trx_ctrl_rx_rsp_nomtxpower() and trx_ctrl_rx_rsp_setpower() were
calling sscanf() without checking its return value.  On a parse failure
the local variable remained uninitialized and was passed directly to the
callback, resulting in a garbage power level.

Change-Id: I3dc399cfae70c450d53d66bb99f3832f160fca39

lint/checkpatch: ignore SSCANF_TO_KSTRTO

This kernel-specific warning doesn't make sense when linting our code so
disable it.

Change-Id: If096c600331d7ad5786395c5c41a6742da44a3e8

l1sap: check_for_ciph_cmd(): add missing msgb length check

The function accesses msg->data[0..4] without first verifying that the
message is at least 5 bytes long, which would cause a buffer over-read
on a malformed (too short) LAPDm frame.

Change-Id: I47690f1a6357e42913bfa8100e36c05cb4f0607a

osmo-bts-trx: clean up log messages in response handlers

Drop the redundant "transceiver" prefix from LOGPPHI() calls -
the macro already prepends the PHY instance name.

Change-Id: Iec722198f161621dd00ce3baabb732e1a1d91a37

scheduler: trx_sched_is_sacch_fn(): fix returning non-bool

The function is declared `bool` but returns `-EINVAL` on an error path.
`-EINVAL` is `-22`, which in C implicitly converts to `bool true`.
Returning `false` makes more sense when we don't know the MF layout.

Change-Id: Ib2394687815aed4990c3880446176e4c97440667

osmo-bts-trx: check sscanf() result in NOMTXPOWER/SETPOWER handlers

Both trx_ctrl_rx_rsp_nomtxpower() and trx_ctrl_rx_rsp_setpower() were
calling sscanf() without checking its return value.  On a parse failure
the local variable remained uninitialized and was passed directly to the
callback, resulting in a garbage power level.

Change-Id: I3dc399cfae70c450d53d66bb99f3832f160fca39

measurement: is_meas_complete(): fix fn_mod variable type

`fn_mod` was declared as 'unsigned int' but initialized to -1, which
yields `UINT_MAX` via implicit conversion.  Use 'int' instead to make
the sentinel value unambiguous and match the `%d` format used in
the debug log.

Change-Id: I6b0bce9bc9fca1d6effbb2da2319132cdff4e9c7

tx_power: get_pa_drive_level_mdBm(): assert on out-of-range ARFCN

The function previously returned `INT_MIN` as an error sentinel when
the ARFCN exceeded the calibration table size (1024 entries, covering
all valid GSM ARFCNs 0..1023).  None of the callers checked for this
value, so it would silently propagate through power calculations and
eventually be passed to `bts_model_change_power()`.

An out-of-range ARFCN indicates a serious misconfiguration;
replace the range check and `return INT_MIN` with an `OSMO_ASSERT`.

Change-Id: I70c54652e0b07d399363276bc60946aa8b195725

phy_link: phy_instance_link_to_trx(): add missing semicolon

Change-Id: Ica33798adfdc5aad6b6aa9e252e9cc9294bad659

bts_ctrl_commands: remove debugging leftover

Change-Id: I571a10f94482e3097aa915f192db6215f085dbcd

phy_link: phy_{link,instance}_name(): fix shared static buffer

Both functions were writing into the same static buffer, so any caller
holding a pointer returned by one and then invoking the other would
silently end up with a stale/overwritten string.  Move name_buf into
each function as a local static, so the two buffers are independent.

Change-Id: I79e9d7f5b1e5c275911cf88854211f1ce8a28669

firmware: add tear-free 64bit load/store helpers for jiffies

On Cortex-M4 a 64bit load may compile to two separate LDR
instructions which can lead to torn reads due to interrupts.
LDRD/STRD are restartable, they either complete or restart from
scratch, so the result is always consistent. The only "downside" is the
required alignment, which is fine.

Change-Id: I729c0fdfb5b228b03c2df1cf098743100b1ea625

firmware: replace libosmocore fsm timers

Concurrent access from main loop and the different uart irqs was not
going well and caused crashes. The libosmocore fsm does still allocate
one internal timer, but it is not used by the firmware, so libosmocore
will not touch the rbtree.

Additionally ignore checkpatch jiffies complaints because we're trying
to do firmware here.

Closes: SYS#7877
Change-Id: Id2bd67b3946bb451008965f0b68b4a919f4d10bd

firmware: replace libosmocore fsm timers

Concurrent access from main loop and the different uart irqs was not
going well and caused crashes. The libosmocore fsm does still allocate
one internal timer, but it is not used by the firmware, so libosmocore
will not touch the rbtree.

Additionally ignore checkpatch jiffies complaints because we're trying
to do firmware here.

Closes: SYS#7877
Change-Id: Id2bd67b3946bb451008965f0b68b4a919f4d10bd

firmware: add tear-free 64bit load/store helpers for jiffies

On Cortex-M4 a 64bit load may compile to two separate LDR
instructions which can lead to torn reads due to interrupts.
LDRD/STRD are restartable, they either complete or restart from
scratch, so the result is always consistent. The only "downside" is the
required alignment, which is fine.

Change-Id: I729c0fdfb5b228b03c2df1cf098743100b1ea625

Implement ITU Q.704 T10 timer

Implement timer T10 used for periodic ASP Audit procedure as described
in:
* ITU Q.704 13.5.2
* rfc4666 4.5.3
* ETSI TS 102 142 V1.1.1

This procedure is used in order to recover the signalling route
availability information that may not have been received because of
some signalling network failure.

Related: OS#6883
Change-Id: Ic12b1aa8f2a02f32615dade34f0e1f01b2535f7b

cosmetic: xua_snm: Add spec reference regarding no SSNM tx

Change-Id: I69912d5b7032c12e06648e5f5a700384182bb1f9

cosmetic: xua_snm: Add spec reference regarding no SSNM tx

Change-Id: I69912d5b7032c12e06648e5f5a700384182bb1f9

firmware: replace libosmocore fsm timers

Concurrent access from main loop and the different uart irqs was not
going well and caused crashes. The libosmocore fsm does still allocate
one internal timer, but it is not used by the firmware, so libosmocore
will not touch the rbtree.

Additionally ignore checkpatch jiffies complaints because we're trying
to do firmware here.

Closes: SYS#7877
Change-Id: Id2bd67b3946bb451008965f0b68b4a919f4d10bd

firmware: add tear-free 64bit load/store helpers for jiffies

On Cortex-M4 a 64bit load may compile to two separate LDR
instructions which can lead to torn reads due to interrupts.
LDRD/STRD are restartable, they either complete or restart from
scratch, so the result is always consistent. The only "downside" is the
required alignment, which is fine.

Change-Id: I729c0fdfb5b228b03c2df1cf098743100b1ea625

firmware: replace libosmocore fsm timers

Concurrent access from main loop and the different uart irqs was not
going well and caused crashes. The libosmocore fsm does still allocate
one internal timer, but it is not used by the firmware, so libosmocore
will not touch the rbtree.

Additionally ignore checkpatch jiffies complaints because we're trying
to do firmware here.

Closes: SYS#7877
Change-Id: Id2bd67b3946bb451008965f0b68b4a919f4d10bd

OBS: add Ubuntu 26.04

Change-Id: Id22f4902b73ad9b4131b837a8036df68cf665f8f

pgw: Test v6 and v4v6 PDU session userplane

Change-Id: Idf009b9118db8117c547a1bb0f27afdfa3f03924

pfcp_peer: add configurable heartbeat fail threshold + association reset

Introduce heartbeat_fail_threshold (default: 3) that tracks consecutive
unanswered PFCP Heartbeat Requests via the heartbeat_fail_count field
and resets the association when the threshold is reached.  The counter
applies to both periodic heartbeats and those triggered via the REST
API, and resets to zero on any successful Heartbeat Response.

Change-Id: I8cb0fb23468aba4dead9865a90d893c78c6ae074

pfcp_peer: detect UPF restart via RTS mismatch in Heartbeat Response

Check the Recovery Timestamp (RTS) in each Heartbeat Response against
the value stored during Association Setup (`rem_rts`).  A mismatch
means the UPF has restarted; log a warning, increment the new
`pfcp.peer_restart counter`, and reset the PFCP association so it is
re-established with the restarted peer.

The `is_integer(ExpRTS)` guard prevents a spurious reset when a stale
Heartbeat Response arrives in the connecting state (where `rem_rts`
is still undefined).

Change-Id: I00a8384db1ea9c38d0ad9ff90b3d45ad86c3a020

pfcp_peer: tune Heartbeat Request/Response logging

Reduce verbosity of the Tx/Rx Heartbeat Req/Resp log messages from
LOG_INFO to LOG_DEBUG in preparation for periodic heartbeat support.
Without this change, periodic heartbeats would flood the logging.

Change-Id: I6435cdf64fd86fa5358d57ea4d56dcad8eb9e69e

pfcp_peer: implement periodic PFCP heartbeat

Add a heartbeat_interval parameter to the pfcp_peer config section.
When non-zero, pfcp_peer sends a periodic Heartbeat Request to the UPF
at the configured interval using a named gen_statem timeout (hb_timer).
The timer is started on entry to the connected state and cancelled on
re-entry to the connecting state.  Default is 10000 ms (10 seconds).

Change-Id: I306324f8eca325202a3fa23125854db9d5eaab38

rspro_server: use correct byte order in log message "Bankd IP/Port changed to <IP>:<Port>

The byte order is wrong and results in printing the IP as reverse.
"Bankd IP/Port changed to 1.0.0.127:9999".

Change-Id: I288ea70091d24fa95732f7035ab50100831be841

GTPv2_Templates: Add enum for PDN Type and use it in pgw testsuite

Change-Id: I9833e998522a09a15b93c8fed0e18a5e8159d760

5gc: Introduce test TC_pdu_sess_est_pco_pcscf

Our deps/nas fork is modified to fix multiple incorrect definitions
around ProtocolContainer record.

Change-Id: Ic7b22ad647bcac944551ac1c29080f895ca72cf8

pgw: Test v6 and v4v6 PDU session userplane

Change-Id: Idf009b9118db8117c547a1bb0f27afdfa3f03924

GTPv1U_Emulation: Rename s/f_gtp1u_ping4/f_gtp1u_ping/

The function can also be (and is) used to ping IPv6 hosts.

Change-Id: I195cb048176aefddcb477083ddc949b86ec592fa

pySim/EF.SMSP: fix encoding of TP-Destination Address

The TP-Destination Address in EF.SMSP uses the same encoding as the
TS-Service Centre Address field. However, even though the encoding
of both fields looks almost identical, it actually isn't.

The TS-Service Centre Address field encodes the length field as
octets required for the call_number + one octet for ton_npi.
(see also: 3GPP TS 24.011, section 8.2.5.2)

The TP-Destination Address uses the number of digits of the
call_number directly in the length field.
(see also: 3GPP TS 23.040, section 9.1.2.5)

Related: SYS#7765
Change-Id: I55c123c9e244e5a6e71a0348f5d476ef03e618e8

gtp_tunnel: Log Tx of ICMPv6 Router Solicitation

Change-Id: I5883a0e399e47b6e169c5adf8446e9d2aeecbe68

pysim/pcsc: do not use getProtocol for protocol selection

The documentation of the getProtocol provided by pyscard says:

"Return bit mask for the protocol of connection, or None if no
protocol set. The return value is a bit mask of
CardConnection.T0_protocol, CardConnection.T1_protocol,
CardConnection.RAW_protocol, CardConnection.T15_protocol"

This suggests that the purpose of getProtocol is not to determine
which protocols are supported. Its purpose is to determine which
protocol is currently selected (either through auto selection or
through the explicit selection made by the API user). This means
we are using getProtocol wrong.

So far this was no problem, since the auto-selected protocol
should be a supported protocol anyway. However, the automatic
protocol selection may not always return a correct result (see
bug report from THD-siegfried [1]).

Let's not trust the automatic protocol selection. Instead let's
parse the ATR and make the decision based on the TD1/TD2 bytes).

[1] https://osmocom.org/issues/6952

Related: OS#6952
Change-Id: Ib119948aa68c430e42ac84daec8b9bd542db7963

s1ap_proxy: fix build_erab_setup_response_failure() to report all E-RABs

The previous implementation only included the first E-RAB from the
registry in the failure response (a FIXME was left in place).

Fix it to extract all E-RAB IDs from the original E-RAB SETUP REQUEST
and include each of them in the failure list, as required by 3GPP.

Change-Id: I7933fceb0edcdfdc95ace35416297b11c83f0bc9
Related: osmo-ttcn3-hacks.git I8a5dc338d28013dc85e1ce4b3bdac92cb3b35304

global_platform: install_cap_parser: argument groups cannot be nested

pySim-shell currently does not work on systems with Python 3.14+:

  File ".../pysim/pySim/global_platform/__init__.py", line 868, in AddlShellCommands
    install_cap_parser_inst_prm_g_grp = install_cap_parser_inst_prm_g.add_argument_group()
  File "/usr/lib/python3.14/argparse.py", line 1794, in add_argument_group
    raise ValueError('argument groups cannot be nested')
  ValueError('argument groups cannot be nested')

The problem is that install_cap_parser creates a nested group inside
of mutually exclusive group.  argparse never supported group nesting
properly, so it has been deprecated since Python 3.11, and eventually
got removed in Python 3.14.

Remove group nesting, adjust the usage string, and implement the
mutual exclusiveness enforcement manually in do_install_cap().

Change-Id: Idddf72d5a745345e134b23f2f01e0257d0667579

global_platform: refactor gen_install_parameters()

gen_install_parameters() had contradictory logic: the outer guard
required all three arguments to be non-None/non-empty (making them
mutually inclusive), while the inner checks then treated each one
as optional.

Make each parameter independently optional (defaulting to None) and
remove the all-or-nothing check.  Simplify the function body to a
straightforward single-pass construction of system_specific_params.

Change-Id: I8756fb38016cdf0527fe2e21edb44381d1dc557f

GTPv1U_Emulation: Rename s/f_gtp1u_ping4/f_gtp1u_ping/

The function can also be (and is) used to ping IPv6 hosts.

Change-Id: I195cb048176aefddcb477083ddc949b86ec592fa

GTPv2_Templates: Add enum for PDN Type and use it in pgw testsuite

Change-Id: I9833e998522a09a15b93c8fed0e18a5e8159d760

docs/put_key: add tutorial that explains how to manage global platform keys

With the increased interest in using GlobalPlatform features of
UICC and eUICCs (OTA-SMS, applets, etc.), also comes an increased
interest in how the related GlobalPlatform keys can be managed
(key rotation, adding/removing keysets from/to a Security Domain).

Unfortunately, many aspects of this topic are not immediately
obvious for the average user. Let's add a tutorial that contains
some practical examples to shine some light on the topic.

Related: SYS#7881
Change-Id: I163dfedca3df572cb8442e9a4a280e6c5b00327e

s1ap_proxy: fix build_erab_setup_response_failure() to report all E-RABs

The previous implementation only included the first E-RAB from the
registry in the failure response (a FIXME was left in place).

Fix it to extract all E-RAB IDs from the original E-RAB SETUP REQUEST
and include each of them in the failure list, as required by 3GPP.

Change-Id: I7933fceb0edcdfdc95ace35416297b11c83f0bc9
Related: osmo-ttcn3-hacks.git I8a5dc338d28013dc85e1ce4b3bdac92cb3b35304

s1gw: generalize f_TC_e_rab_setup_failure() for N E-RABs

The existing TC only tested PFCP Session Establishment failure with a
single E-RAB.  Generalize f_TC_e_rab_setup_failure() to use g_pars.erabs
throughout, so it works for any num_erabs: E-RAB 0 still triggers the
only PFCP Session Establishment Request (S1GW processes sequentially),
while all E-RABs in the request are expected to appear in the failure
response.

Add TC_e_rab_setup3_failure() which re-uses the same body with
num_erabs := 3, verifying that the S1GW lists all three E-RABs as
failed rather than just the first one.  Also make f_tr_E_RABList()
non-private so it is accessible from S1GW_Tests.ttcn.

Change-Id: I8a5dc338d28013dc85e1ce4b3bdac92cb3b35304
Related: osmo-s1gw.git I7933fceb0edcdfdc95ace35416297b11c83f0bc9

s1gw: generalize f_TC_e_rab_setup_failure() for N E-RABs

The existing TC only tested PFCP Session Establishment failure with a
single E-RAB.  Generalize f_TC_e_rab_setup_failure() to use g_pars.erabs
throughout, so it works for any num_erabs: E-RAB 0 still triggers the
only PFCP Session Establishment Request (S1GW processes sequentially),
while all E-RABs in the request are expected to appear in the failure
response.

Add TC_e_rab_setup3_failure() which re-uses the same body with
num_erabs := 3, verifying that the S1GW lists all three E-RABs as
failed rather than just the first one.  Also make f_tr_E_RABList()
non-private so it is accessible from S1GW_Tests.ttcn.

Change-Id: I8a5dc338d28013dc85e1ce4b3bdac92cb3b35304
Related: osmo-s1gw.git I7933fceb0edcdfdc95ace35416297b11c83f0bc9

s1gw/rest: PfcpAssocInfo: field 'lrts' is mandatory

Change-Id: I332e95a32935e0c8da99e600e8d30af14bd36b16
Related: osmo-s1gw.git Ic766ebc56ce1810fc27cb49ddcac50bc94e539d9

s1gw: add more PFCP Heartbeat test cases

TC_pfcp_heartbeat_periodic: verify that the IUT sends periodic PFCP
Heartbeat Requests and that the heartbeat timer re-arms correctly after
each successful response (at least 2 periodic HBs must be observed).

TC_pfcp_heartbeat_miss_threshold: verify that the IUT resets the PFCP
association after mp_pfcp_heartbeat_miss_count consecutive unanswered
Heartbeat Requests (a new Association Setup Request is expected).

TC_pfcp_heartbeat_miss_reset: verify that a successful Heartbeat
Response resets the miss counter; run 2 cycles of missing
(miss_count - 1) HBs then responding to one, expecting no association
reset throughout.

TC_pfcp_heartbeat_rts_mismatch: verify that the IUT detects a UPF
restart when a Heartbeat Response carries a different Recovery Timestamp
than the one observed during Association Setup, and that it promptly
resets and re-establishes the PFCP association.

Also add module parameters for the heartbeat configuration
(mp_pfcp_heartbeat_interval, mp_pfcp_heartbeat_req_timeout,
mp_pfcp_heartbeat_miss_count) and update osmo-s1gw.config accordingly.

Change-Id: Ie5ac25b1ca4bb11e61bff220449397c271b11464
Related: osmo-s1gw.git Iba954746fe20e6b9eeaec3196e1f83e3fc3e7fc2
Related: osmo-s1gw.git I306324f8eca325202a3fa23125854db9d5eaab38
Related: osmo-s1gw.git I00a8384db1ea9c38d0ad9ff90b3d45ad86c3a020

s1gw: f_ConnHdlr_pfcp_assoc_handler(): handle already-connected case

Previously, f_pfcp_assoc() would skip spawning a connection handler
entirely if the IUT was already PFCP-associated.  This was fine for
tests that only need an association to be present, but upcoming PFCP
Heartbeat test cases need the emulation's Recovery Timestamp to be
synced with what the IUT has stored, even when re-using an existing
association.

Move the state check into f_ConnHdlr_pfcp_assoc_handler(): if the
IUT is already connected, sync PFCPEM's Recovery Timestamp to the
value the IUT remembers (rrts); otherwise perform the full Association
Setup as before.  Remove the now-redundant g_pfcp_assoc component
variable from test_CT - it's not accessible by ConnHdlr(s) anyway.

Change-Id: Id9d2ebb1ddb3d3896dd24e2a37e9d21335441d52

library/PFCP_Emulation: add f_PFCPEM_set_recovery_timestamp()

Companion setter for the existing f_PFCPEM_get_recovery_timestamp().
A follow-up patch uses this to inject a specific Recovery Timestamp
value into the emulation, so the IUT does not detect a spurious PFCP
peer restart between test cases.

Change-Id: If47e06d26b42081a28aacb6e06b5aeabf945362c

s1gw: TC_pfcp_heartbeat: validate RTS in Heartbeat Response

The test case had a TODO noting that the Recovery Timestamp in the
Heartbeat Response was not yet validated.  Let's get this resolved:
query the IUT's PFCP association state via REST to obtain its local
Recovery Timestamp (lrts), and verify that the IUT echoes back that
same value in the Heartbeat Response.

Change-Id: I000cc82e7582baded96a33cb0da2103906972ff9

pfcp_peer: implement periodic PFCP heartbeat

Add a heartbeat_interval parameter to the pfcp_peer config section.
When non-zero, pfcp_peer sends a periodic Heartbeat Request to the UPF
at the configured interval using a named gen_statem timeout (hb_timer).
The timer is started on entry to the connected state and cancelled on
re-entry to the connecting state.  Default is 0 (disabled).

Change-Id: I306324f8eca325202a3fa23125854db9d5eaab38

pfcp_peer: tune Heartbeat Request/Response logging

Change-Id: I6435cdf64fd86fa5358d57ea4d56dcad8eb9e69e

gtpu_kpi: use ?ENV_DEFAULT_GTPU_KPI_{TABLE_NAME,INTERVAL}

Change-Id: Ia8194966b20da1adc26c02f416b8ec0508191d98

pfcp_peer: add configurable heartbeat miss count + association reset

Introduce heartbeat_miss_count (default: 3) that tracks consecutive
unanswered PFCP Heartbeat Requests and resets the association when the
threshold is reached.  The counter applies to both periodic heartbeats
and those triggered via the REST API, and resets to zero on any
successful Heartbeat Response.

Change-Id: I8cb0fb23468aba4dead9865a90d893c78c6ae074

config/sys.config: group pfcp_peer params into a map

Following the same pattern as sctp_{client,server}, group the flat
pfcp_loc_addr/pfcp_rem_addr environment variables into a pfcp_peer
map.  The old flat keys are still supported for backwards compat.

Changes:
* osmo_s1gw_sup: add pfcp_cfg(), merging legacy flat keys with the new
  pfcp_peer map (new takes priority); store the resolved config back via
  set_env(pfcp_peer, ...) so all consumers see a single canonical map
* pfcp_peer: change start_link/2 to start_link/1 taking a cfg() map;
  simplify init() using sctp_common:parse_addr/1; add cfg() type
* rest_server: read pfcp laddr/raddr from the pfcp_peer map

Change-Id: Iba954746fe20e6b9eeaec3196e1f83e3fc3e7fc2

pfcp_peer: make assoc_setup and heartbeat_req timeouts configurable

Add assoc_setup_timeout and heartbeat_req_timeout as optional fields
in the pfcp_peer config map, with 2000 ms defaults.  Store the full
cfg() map in #peer_state{} and read values from it with maps:get/3
at the point of use.

Change-Id: I58a472a3bbbbad029a2f0246b084428ab3b1905c

pfcp_peer: detect UPF restart via RTS mismatch in Heartbeat Response

Check the Recovery Timestamp (RTS) in each Heartbeat Response against
the value stored during Association Setup (`rem_rts`).  A mismatch
means the UPF has restarted; log a warning, increment the new
`pfcp.peer_restart counter`, and reset the PFCP association so it is
re-established with the restarted peer.

The `is_integer(ExpRTS)` guard prevents a spurious reset when a stale
Heartbeat Response arrives in the connecting state (where `rem_rts`
is still undefined).

Change-Id: I00a8384db1ea9c38d0ad9ff90b3d45ad86c3a020

[REST] PfcpAssocState: field 'lrts' is required

The local RTS is always known and thus always gets included regardless
of the PFCP association state.  Only the remote RTS is optional.

Change-Id: Ic766ebc56ce1810fc27cb49ddcac50bc94e539d9
Related: osmo-ttcn3-hacks.git I332e95a32935e0c8da99e600e8d30af14bd36b16

5gc: Introduce test TC_pdu_sess_est_pco_pcscf

Our deps/nas fork is modified to fix multiple incorrect definitions
around ProtocolContainer record.

Change-Id: Ic7b22ad647bcac944551ac1c29080f895ca72cf8

5gc: Introduce test TC_pdu_sess_est_always_on

This feature is right now not implemented in open5gs and hence the test
is expected to fail, since it returns no AlwaysOn Indication in PDU
Session Establishment Accept.

Change-Id: I282e0c8072172fa633bf82ed6b9492b0bb4362cc

5gc: Remove arleady tested TODO

PDU Sess Est Req with emeregency services is already tested in test
TC_normal_reg_emergency_services.

Change-Id: I5e2d202ffd019b22a006637534922e0ba1d09ca0

firmware: replace libosmocore fsm timers

Concurrent access from main loop and the different uart irqs was not
going well and caused crashes. The libosmocore fsm does still allocate
one internal timer, but it is not used by the firmware, so libosmocore
will not touch the rbtree.

This clashes with the host build which does not have jiffies, and
is pretty much a burden because it requires special casing code due to
the completely different targets even though it was last used many years
ago and might not even work, so disable it.

Additionally ignore checkpatch jiffies complaints because we're trying
to do firmware here.

Closes: SYS#7877
Change-Id: Id2bd67b3946bb451008965f0b68b4a919f4d10bd

firmware: replace libosmocore fsm timers

Concurrent access from main loop and the different uart irqs was not
going well and caused crashes. The libosmocore fsm does still allocate
one internal timer, but it is not used by the firmware, so libosmocore
will not touch the rbtree.

This clashes with the host build which does not have jiffies, and
is pretty much a burden because it requires special casing code due to
the completely different targets even though it was last used many years
ago and might not even work, so disable it.

Additionally ignore checkpatch jiffies complaints because we're trying
to do firmware here.

Closes: SYS#7877
Change-Id: Id2bd67b3946bb451008965f0b68b4a919f4d10bd

firmware: replace libosmocore fsm timers

Concurrent access from main loop and the different uart irqs was not
going well and caused crashes. The libosmocore fsm does still allocate
one internal timer, but it is not used by the firmware, so libosmocore
will not touch the rbtree.

This clashes with the host build which does not have jiffies, and
is pretty much a burden because it requires special casing code due to
the completely different targets even though it was last used many years
ago and might not even work, so disable it.

Closes: SYS#7877
Change-Id: Id2bd67b3946bb451008965f0b68b4a919f4d10bd

firmware: replace libosmocore fsm timers

Concurrent access from main loop and the different uart irqs was not
going well and caused crashes. The libosmocore fsm does still allocate
one internal timer, but it is not used by the firmware, so libosmocore
will not touch the rbtree.

Closes: SYS#7877
Change-Id: Id2bd67b3946bb451008965f0b68b4a919f4d10bd

docs/put_key: add tutorial that explains how to manage global platform keys

With the increased interest in using GlobalPlatform features of
UICC and eUICCs (OTA-SMS, applets, etc.), also comes an increased
interest in how the related GlobalPlatform keys can be managed
(key rotation, adding/removing keysets from/to a Security Domain).

Unfortunately, many aspects of this topic are not immediately
obvious for the average user. Let's add a tutorial that contains
some practical examples to shine some light on the topic.

Related: SYS#7881
Change-Id: I163dfedca3df572cb8442e9a4a280e6c5b00327e

5gc: Remove arleady tested TODO

PDU Sess Est Req with emeregency services is already tested in test
TC_normal_reg_emergency_services.

Change-Id: I5e2d202ffd019b22a006637534922e0ba1d09ca0

5gc: Introduce test TC_pdu_sess_est_always_on

This feature is right now not implemented in open5gs and hence the test
is expected to fail, since it returns no AlwaysOn Indication in PDU
Session Establishment Accept.

Change-Id: I282e0c8072172fa633bf82ed6b9492b0bb4362cc

5gc: Introduce tests TC_ng_register_ping46(_256)

Depends: osmo-uecups.git Change-Id Ic2da7a761a8df7e006fc02ca6557a48f371e4151
Change-Id: I9cb250f07ac356b7345a570ed71590f041168ed2

5gc: Introduce tests TC_ng_register_ping6(_256)

Change-Id: Iedf3697265b91bdda85e8d32402345ea8d58dc9f

GTPv1U_Emulation: Clear entries from PidTable upon rx CUPS program_term_ind

Otherwise it will evnetually run out of entries if enough commands are
called sequentially.

Change-Id: I7be2639761726c09e4ea6f75c57d8414c5dbf128

5gc: Introduce test TC_pdu_sess_est_always_on

Change-Id: I282e0c8072172fa633bf82ed6b9492b0bb4362cc

5gc: Introduce tests TC_ng_register_ping46(_256)

Depends: osmo-uecups.git Change-Id Ic2da7a761a8df7e006fc02ca6557a48f371e4151
Change-Id: I9cb250f07ac356b7345a570ed71590f041168ed2

Depend on libosmo-netif for icmpv6 APIs

Most of icmpv6.* and checksum.* was moved to libosmo-netif from this
same repository so it can be reused. Link to libosmo-netif and adapt
code to new public symbol naming.

Depends: libosmo-netif.git Change-Id I78ec7270c717af0a1b8ffd9398cd69ea7a0dbee2
Change-Id: I8d8fae362f302d48afaed28a9c664f76ca4a2739

5gc: Introduce tests TC_ng_register_ping46(_256)

Depends: osmo-uecups.git Change-Id Ic2da7a761a8df7e006fc02ca6557a48f371e4151
Change-Id: I9cb250f07ac356b7345a570ed71590f041168ed2

5gc: Introduce tests TC_ng_register_ping6(_256)

Change-Id: Iedf3697265b91bdda85e8d32402345ea8d58dc9f

GTPv1U_Emulation: Clear entries from PidTable upon rx CUPS program_term_ind

Otherwise it will evnetually run out of entries if enough commands are
called sequentially.

Change-Id: I7be2639761726c09e4ea6f75c57d8414c5dbf128

5gc: Introduce tests TC_ng_register_ping46(_256)

Depends: osmo-uecups.git Change-Id Ic2da7a761a8df7e006fc02ca6557a48f371e4151
Change-Id: I9cb250f07ac356b7345a570ed71590f041168ed2

5gc: Introduce tests TC_ng_register_ping6(_256)

Change-Id: Iedf3697265b91bdda85e8d32402345ea8d58dc9f

GTPv1U_Emulation: Clear entries from PidTable upon rx CUPS program_term_ind

Otherwise it will evnetually run out of entries if enough commands are
called sequentially.

Change-Id: I7be2639761726c09e4ea6f75c57d8414c5dbf128

GTPv1U_Emulation: Support IPv6 SLAAC with osmo-uecups

Depends: osmo-uecups.git Change-Id I917b5c70f143d48b55b4e270e24594d1a36f71aa
Change-Id: Ic368383ea65161297e57a298a12c7b4adc927142

Depend on libosmo-netif for icmpv6 APIs

Most of icmpv6.* and checksum.* was moved to libosmo-netif from this
same repository so it can be reused. Link to libosmo-netif and adapt
code to new public symbol naming.

Depends: libosmo-netif.git Change-Id I78ec7270c717af0a1b8ffd9398cd69ea7a0dbee2
Change-Id: I8d8fae362f302d48afaed28a9c664f76ca4a2739

Support configuring IPv4v6 tunnels

Change-Id: Ic2da7a761a8df7e006fc02ca6557a48f371e4151

cups_client: Add commands to perform IPv6 SLAAC and obtain GTP tunnel IPv6 global info

Change-Id: I917b5c70f143d48b55b4e270e24594d1a36f71aa

Implement logic to perform IPv6 SLAAC in GTPU tunnel

The IPv6 SLAAC prcoedure is not yet triggered in this patch; it will be
triggered by cups_client's new command in follow-up patch.

Depends: libosmo-netif.git Change-Id I78ec7270c717af0a1b8ffd9398cd69ea7a0dbee2
Change-Id: I837a4d7ec7c134412ab4a2e09909670e81ecbeea

ip_checksum: Add SPDX license identifier

Let's make sure the newly-created/imported file has a machine-readable
SPDX identifier.

Change-Id: Ic40d01771e8d01461ed81d1a60d9e91a48fdc8d0

icmpv6: Re-license code under GPL-v2-or-later

The original statement in my code from osmo-ggsn commit
d46bcd236e93432c894a939f4e5810dc5e9b4974 in 2017 was worded GPLv2-only,
which was most likely an oversight.

All subsequent modifications to this code were done by either me or Pau
Espin, who was doing the work under contract with sysmocom, of which I'm
the managing director.  Therefore, I have legal authority to re-license
this file to v2-or-later.

Change-Id: I5a4fa18ef64c2f228e21fa2c067e55eaa4080508

Depend on libosmo-netif for icmpv6 APIs

Most of icmpv6.* and checksum.* was moved to libosmo-netif from this
same repository so it can be reused. Link to libosmo-netif and adapt
code to new public symbol naming.

Depends: libosmo-netif.git Change-Id I78ec7270c717af0a1b8ffd9398cd69ea7a0dbee2
Change-Id: I8d8fae362f302d48afaed28a9c664f76ca4a2739

Support configuring IPv4v6 tunnels

Change-Id: Ic2da7a761a8df7e006fc02ca6557a48f371e4151

cups_client: Add commands to perform IPv6 SLAAC and obtain GTP tunnel IPv6 global info

Change-Id: I917b5c70f143d48b55b4e270e24594d1a36f71aa

Implement logic to perform IPv6 SLAAC in GTPU tunnel

The IPv6 SLAAC prcoedure is not yet triggered in this patch; it will be
triggered by cups_client's new command in follow-up patch.

Depends: libosmo-netif.git Change-Id I78ec7270c717af0a1b8ffd9398cd69ea7a0dbee2
Change-Id: I837a4d7ec7c134412ab4a2e09909670e81ecbeea

pysim/pcsc: do not use getProtocol for protocol selection

The documentation of the getProtocol provided by pyscard says:

"Return bit mask for the protocol of connection, or None if no
protocol set. The return value is a bit mask of
CardConnection.T0_protocol, CardConnection.T1_protocol,
CardConnection.RAW_protocol, CardConnection.T15_protocol"

This suggests that the purpose of getProtocol is not to determine
which protocols are supported. Its purpose is to determine which
protocol is currently selected (either through auto selection or
through the explicit selection made by the API user). This means
we are using getProtocol wrong.

So far this was no problem, since the auto-selected protocol
should be a supported protocol anyway. However, the automatic
protocol selection may not always return a correct result (see
bug report from THD-siegfried [1]).

Let's not trust the automatic protocol selection. Instead let's
parse the ATR and make the decision based on the TD1/TD2 bytes).

[1] https://osmocom.org/issues/6952

Related: OS#6952
Change-Id: Ib119948aa68c430e42ac84daec8b9bd542db7963

pySim/pcsc/cosmetic: reformat comment

Change-Id: Ic04bdfbc6727cc670679c377c1afd1de53504b8f

5gc: Introduce tests TC_ng_register_ping46(_256)

Depends: osmo-uecups.git Change-Id Ic2da7a761a8df7e006fc02ca6557a48f371e4151
Change-Id: I9cb250f07ac356b7345a570ed71590f041168ed2

General_types.ttcn: Introduce type OCT4_20n

This is useful to store EUAs of type v4,v6 or v4v6.

Change-Id: I00a35c444e3fb498712fbb4b9c310375c527052f

GTPv1U_Emulation: Clear entries from PidTable upon rx CUPS program_term_ind

Otherwise it will evnetually run out of entries if enough commands are
called sequentially.

Change-Id: I7be2639761726c09e4ea6f75c57d8414c5dbf128

5gc: Introduce tests TC_ng_register_ping6(_256)

Change-Id: Iedf3697265b91bdda85e8d32402345ea8d58dc9f

GTPv1U_Emulation: Support IPv6 SLAAC with osmo-uecups

Depends: osmo-uecups.git Change-Id I917b5c70f143d48b55b4e270e24594d1a36f71aa
Change-Id: Ic368383ea65161297e57a298a12c7b4adc927142

Support configuring IPv4v6 tunnels

Change-Id: Ic2da7a761a8df7e006fc02ca6557a48f371e4151

pySim/EF.SMSP: fix encoding of TP-Destination Address

The TP-Destination Address in EF.SMSP uses the same encoding as the
TS-Service Centre Address field. However, even though the encoding
of both fields looks almost identical, it actually isn't.

The TS-Service Centre Address field encodes the length field as
octets required for the call_number + one octet for ton_npi.
(see also: 3GPP TS 24.011, section 8.2.5.2)

The TP-Destination Address uses the number of digits of the
call_number directly in the length field.
(see also: 3GPP TS 23.040, section 9.1.2.5)

Related: SYS#7765
Change-Id: I55c123c9e244e5a6e71a0348f5d476ef03e618e8

pySim/EF.SMSP: remove superflous line break

Change-Id: Ie02e02546e708e2c339810812188bd8e8af2a720

pySim/EF.SMSP: add an additional de_encode test for EF_SMSP

Let's add another testvector where we test what happens when we populate
none of the fields except for the tp_sc_addr.

Related: SYS#7765
Change-Id: I12b600ab17d1acfdddaffe6006095acf1a4228c9

transport: change APDU format paradigm

Unfortunately we have mixed up the concept of TPDUs and APDUs in
earlier versions of pySim-shell. This lead to problems with
detecteding the APDU case properly (see also ISO/IEC 7816-3) and
also prevented us from adding support for T=1.

This problem has been fixed long time ago and all APDUs sent from
the pySim-shell code should be well formed and valid according to
ISO/IEC 7816-3.

To ensure that we continue to format APDUs correctly as APDUs (and
not TPDUs) we have added a mechanism to the LinkBase class that
would either raise an exception or print a warning if someone
mistakenly tries to send an APDU that is really a TPDU. Whether a
warning is printed or an exception is raised is controlled via the
apdu_strict member in the LinkBase class, which is false (print
warning only) by default.

The reason why we have implemneted the mechanism this way was
because we wanted to ensure that existing APDU scripts (pySim-shell
apdu command) keep working, even though when those scripts uses
APDUs which are formally invalid.

Sending a TPDU instead of an APDU via a T=0 link will still work
in almost all cases. This is also the reason why this problem
slipped through unnoticed for long time. However, there may still
be subtile problems araising from this practice. The root of the
problem is that it is impossible to distinguish between APDU case
3 and 4 when a TPDU instead of an APDU is sent. However in order
to handle a case 4 APDU correctly we must be able to distinguish
the APDU case correctly to handle the case correctly.
ETSI TS 102 221, section 7.3.1.1.4, clause 4 is very clear about
the fact that not (only) the status word (e.g. 61xx) but the
APDU case is what matters.

To complete the logic in LinkBaseTpdu and to maintain compatibility
(older APDU scripts), we must still be able to switch between the
'apdu_strict' mode and the non-strict mode. However, since
pySim-shell, pySim-prog and pySim-read internally use proper APDUs,
we may enable the 'apdu_strict' mode by default.

At the same time we will limit the effect of pySim-shell's
apdu_strict setable to the apdu command only. By doing so, the
bahviour of the apdu command is not altered. Users will still
have to enable the 'strict' mode explicitly. At the same time
all the internal functionality of pySim-shell will always use
the 'strict' mode.

Related: OS#6970
Change-Id: I9a531a825def318b28bf58291d811cf119003fab

all.deps: osmo-ggsn now depends on libosmo-netif

Since osmo-ggsn.git Change-Id I8d8fae362f302d48afaed28a9c664f76ca4a2739,
osmo-ggsn depends on libosmo-netif.

Change-Id: I4d10fff6a6994c428c572fc10249ad95b0d7e8db

Depend on libosmo-netif for icmpv6 APIs

Most of icmpv6.* and checksum.* was moved to libosmo-netif from this
same repository so it can be reused. Link to libosmo-netif and adapt
code to new public symbol naming.

Depends: libosmo-netif.git Change-Id I78ec7270c717af0a1b8ffd9398cd69ea7a0dbee2
Change-Id: I8d8fae362f302d48afaed28a9c664f76ca4a2739

Introduce API osmo_icmpv6

icmpv6.* files are copied from osmo-ggsn.git 1.14.0
(ebd1bf8adbc8d5bec9e36d70e3a78e8838226e7a).

Change-Id: I78ec7270c717af0a1b8ffd9398cd69ea7a0dbee2

cups_client: Add commands to perform IPv6 SLAAC and obtain GTP tunnel IPv6 global info

Change-Id: I917b5c70f143d48b55b4e270e24594d1a36f71aa

Implement logic to perform IPv6 SLAAC in GTPU tunnel

The IPv6 SLAAC prcoedure is not yet triggered in this patch; it will be
triggered by cups_client's new command in follow-up patch.

Depends: libosmo-netif.git Change-Id I78ec7270c717af0a1b8ffd9398cd69ea7a0dbee2
Change-Id: I837a4d7ec7c134412ab4a2e09909670e81ecbeea

Introduce ip_checksum API

ip_checksum.* files are copied from checksum.* in osmo-ggsn.git
1.14.0 (ebd1bf8adbc8d5bec9e36d70e3a78e8838226e7a).

Change-Id: Ia09645a4715ac133036d7c89297b0fa10cf9aa3b

Introduce API osmo_icmpv6

icmpv6.* files are copied from osmo-ggsn.git 1.14.0
(ebd1bf8adbc8d5bec9e36d70e3a78e8838226e7a).

Change-Id: I78ec7270c717af0a1b8ffd9398cd69ea7a0dbee2

manuals: ignore old osmo-s1gw tags

Logic for building the osmo-s1gw-usermanual.pdf has just been added to
master. The Osmocom-release-manuals job tries to build old manuals as
well because now the osmo-s1gw directory exists at
https://ftp.osmocom.org/docs. Ignore old tags, as we can't build
usermanuals for those.

Change-Id: I94f19db2861f16c45894573f52f30bfbf5a7725e

manuals: osmo-s1gw: adjust build_publish_manuals

Use the proper command to build osmo-s1gw manuals, so it doesn't fail
with:
  + su build -c autoreconf -fi
  autoreconf: error: 'configure.ac' is required

Change-Id: I096fd34fc5819becbc3a08a2dc4065d4913bbc1b

esim/saip: raise an exception properly

Change-Id: Ia3749c02120fdc16e556214d0461cbeca032447b

cdma_ruim: fix inaccurate comment for EF_AD

Change-Id: I71ea27fd30e44685ff35f49843072ca392995973

utils: dec_plmn(): remove redundant call

Change-Id: Ic95c3992ed57eb8fee952ec2dc7f092dd7689579

sms: fix flags_construct in SMS_DELIVER

* field `tp_rp` appears at bit positions 7 and 5
** bit 7 should be `tp_rp` (Reply Path)
** bit 5 should be `tp_sri` (Status Report Indication)
* field `tp_lp` is completely missing
** should be at bit position 3

Change-Id: I0274849f0fa07281b5e050af429ffda7d249f9e8

ts_31_102: fix description for EF_5GS3GPPLOCI

Change-Id: I9cf3adfce65090fedb3f0fd33c9b3d15a2c5fb8c

ota: OtaAlgo{Crypt,Auth}: fix algo_auth vs algo_crypt

* OtaAlgoCrypt.from_keyset() searches by `otak.algo_crypt`
  but the error message prints `otak.algo_auth`.  Should be
  `otak.algo_crypt` instead.

* OtaAlgoAuth.__init__() checks `algo_auth` but the error message
  prints `algo_crypt`.  Should be `otak.algo_auth` instead.

Change-Id: Ia636fffaeadc68e3f6d5b65d477e753834c95895

global_platform: fix typo in SupportedTlsCipherSuitesForScp81

The attribute name is misspelled.  The BER-TLV infrastructure looks
for `_construct`; this typo means `SupportedTlsCipherSuitesForScp81`
will never decode its content.

Change-Id: I0f637951b0eeb7eca2a8b543baa737f216a935ed

global_platform: fix docstring for Scp03SessionKeys._get_icv()

Change-Id: I8983bc27f581295544360ba8b4ae1d28b3ea850f

ara_m: fix undefined variable used in a format-string

Change-Id: I310a5d461bae2b5e4d8e07097000b079c23aa0f6

ara_m: fix exceptions not being raised properly

Exceptions are meant to be thrown/raised, not returned.

Change-Id: Id799c264447e22887edcd2dc7eb991cf0af1bbfc

utils: DataObjectCollection.encode(): fix TypeError

`members_by_name` is a plain dictionary.  Calling it with `()` raises:

  TypeError: 'dict' object is not callable

Change-Id: I7e0c09aa7303f1506fe3a025fdc3779919dd0e6c

global_platform: fix s/GET/STORE/ DATA in docs

Both `do_store_data` and `store_data` have identical docstrings that
incorrectly describe the command as GET DATA.  Should be "STORE DATA".
Take a chance to fix missing space between `v2.3` and `Section`.

Change-Id: I33fc80ab8ca50fadc38217b0005eec6169c8e34e

global_platform: fix store_data() returning last chunk only

The loop builds up `response` across multiple STORE DATA blocks,
but the function returns only `data` - the response from the
*last* block.  It should return the accumulated response instead.

Change-Id: I3e15c8004d1e366e8c3896e559656622f48bb1a2

global_platform: fix typo in ApplicationTemplate

The keyword argument should be `nested=`.  As written `ApplicationAID`
is silently ignored - `ApplicationTemplate` will not descend into its
nested TLVs.

Change-Id: If45dbb0c9b09fe53560d109957ce339267a9f2b0

ts_31_102: EF_5G_PROSE_UIR: fix copy-pasted inner class name

Change-Id: I460e5ad70f35026d0d794271a4aef17323c14dfb

ts_51_011: EF.EXT[6-7]: fix typo in desc

Change-Id: I93df1c9fd8a4d588ed7ed19ec2dc1d304412fc3d

5gc: Introduce tests TC_ng_register_ping6(_256)

Change-Id: Iedf3697265b91bdda85e8d32402345ea8d58dc9f

5gc: Introduce tests TC_ng_register_ping6(_256)

Change-Id: Iedf3697265b91bdda85e8d32402345ea8d58dc9f

GTPv1U_Emulation: Support IPv6 SLAAC with osmo-uecups

Depends: osmo-uecups.git Change-Id I917b5c70f143d48b55b4e270e24594d1a36f71aa
Change-Id: Ic368383ea65161297e57a298a12c7b4adc927142

cups_client: Add commands to perform IPv6 SLAAC and obtain GTP tunnel IPv6 global info

Change-Id: I1570ccf5f98ac98c1af467c48f42b6b54ac3911d

Implement logic to perform IPv6 SLAAC in GTPU tunnel

The IPv6 SLAAC prcoedure is not yet triggered in this patch; it will be
triggered by cups_client's new command in follow-up patch.

Change-Id: I837a4d7ec7c134412ab4a2e09909670e81ecbeea

cups_client: Add commands to perform IPv6 SLAAC and obtain GTP tunnel IPv6 global info

Change-Id: I917b5c70f143d48b55b4e270e24594d1a36f71aa

cups_client: Log error decoding EUA

Change-Id: I98c7841da0f2662291aab5180f6113cb5fca4867

cups_client: SPlit Tx of json str into its own function

This helper can be used in the future to submit a str multiple times
(eg. to multiple cups clients) without having to re-allocate the
content.

Change-Id: I505bf2eeea998a749e55f8f3b05c5013b5761297

tun: Fix typo in log line and comment

Change-Id: I2f7ec968035193e00652dc27217f46e0719e56e8

Use libosmocore netdev API

Depends: libosmocore.git Change-Id I75153eb59e96a6a2505dc5b29432c76e5c21ea24
Change-Id: I8f18ef56a6e7186fed88f965fbb34aa390c3bac1

Use libosmocore netdev API

Depends: libosmocore.git Change-Id I75153eb59e96a6a2505dc5b29432c76e5c21ea24
Change-Id: I8f18ef56a6e7186fed88f965fbb34aa390c3bac1

Use libosmocore netdev API

Depends: libosmocore.git Change-Id I75153eb59e96a6a2505dc5b29432c76e5c21ea24
Change-Id: I8f18ef56a6e7186fed88f965fbb34aa390c3bac1

contrib/jenkins_manuals: fix doc/manuals paths

Change-Id: Ibfccefec7e44a4803d4ff8ad061db395fc498b89

enb_proxy: split conn_info() into mme_conn_info() and proxy_info()

The old conn_info() conflated two distinct concerns: the MME SCTP
connection info stored in enb_registry (aid, saddr, sport) and the
broader operational state used for introspection (handler pid, enb
connection info, etc.).  Mixing them forced enb_registry to hold a
handler pid it has no business knowing about, and required rest_server
to extract that pid just to reach s1ap_proxy for E-RAB listing.

Split into two distinct types:

* mme_conn_info() - pure MME SCTP connection info (aid, saddr, sport),
  stored in the enb_registry and signalled via notify_mme_comm_up/2.
  The `mme_` prefix is dropped from field names as the type name
  provides the context.

* proxy_info() - richer operational snapshot (handler, enb_handle,
  enb_conn_info, mme_conn_info, genb_id_str, mme_info), returned by
  fetch_info/1 for introspection/debugging purposes.

Additionally:

* Add fetch_erab_list/1 to enb_proxy, delegating internally to
  s1ap_proxy:fetch_erab_list/1 via the cached handler pid.  This
  allows the rest_server to obtain a list of E-RAB without having
  to obtain pid of the s1ap_proxy and interact with it.

* Remove separate enb_aid/mme_aid/mme_saddr/mme_sport state fields;
  enb_aid is now read directly from enb_conn_info, and the MME fields
  are grouped in mme_conn_info.

Change-Id: Ia428ceb4762f972211e9b790688dc89fb5b8a274
Related: SYS#7066

s1ap_proxy: add public erab_list() type

Change-Id: I21a674537d1d9f16fdb319aaf2d758ba0906b407

[REST] Add PLMN/eNB IDs to EnbItem

Change-Id: I79690223a34afea5e6661125ac04f98462dadb03
Related: SYS#7066

enb_proxy: add missing mme_info() to proxy_info()

As a bonus, `tried_mmes` now only serves its actual purpose - tracking
which MMEs have already been tried for selection filtering - rather
than being abused as a way to retrieve the current MME name.

Change-Id: Ibbb293d9e68b7c3a8c3ca7ee73132dbda3f2bf97
Related: SYS#7066

enb_{proxy,registry}: signal MME conn info on SCTP comm_up

Previously, mme_aid/mme_saddr/mme_sport were only signalled to the
enb_registry once the S1 Setup procedure completed.  This meant the
REST API could not show MME connection details for eNBs stuck in
wait_s1setup_rsp state (e.g. due to a slow or retrying MME).

Add notify_mme_comm_up/2, called at SCTP comm_up, which stores the full
conn_info (including mme_aid, mme_saddr, mme_sport) in the registry as
soon as the SCTP connection is established.

notify_mme_connected/2 is simplified to notify_mme_connected/1: it now
only flips the state to 'connected', since conn_info is already stored.

Change-Id: Iea9ba4fdf961e6cd262edc154884a2eee3d95355
Related: SYS#7066

doc/manuals: cli: shorten enb_list example table

The full enb_list table with all address columns is too wide to fit
on a page and does not render well in PDF.  Collapse the address
columns with '...'; add a note that they are omitted for readability.

Change-Id: I4e25233a3e77358060f1098e97907c93deab334b
Related: OS#6671

rest_server: log received requests (as debug)

Change-Id: I25da9662fb98a0eafcedfde21b12a937225f5fb9
Related: SYS#7066

rest_server: fix TOC/TOU race when listing/fetching E-RABs

The list of E-RAB FSM pids is a snapshot taken at one point in time.
By the time we interrogate each erab_fsm process individually, any of
them may have already terminated (e.g. bearer released mid-request).
The current code fails to generate a response if this happens.

* fetch_erab_info/1: add a pid() clause that wraps erab_list_item/1
  in a try/catch, returning 'error' if the process is gone.

* fetch_erab_info/1: catch both exit forms
** `{noproc, _}` raised by gen_statem:call/2 on a monitored pid, and
** the bare noproc atom for other code paths.

* fetch_erab_list/1: switch from lists:map to lists:filtermap and
  call fetch_erab_info/1 per E-RAB, silently dropping any that died
  between the snapshot and the per-process interrogation.

Change-Id: I160b413aa535f2379ad4e40a3ae8f37c5bce2067
Related: SYS#7066

docs/put_key: add tutorial that explains how to manage global platform keys

With the increased interest in using GlobalPlatform features of
UICC and eUICCs (OTA-SMS, applets, etc.), also comes an increased
interest in how the related GlobalPlatform keys can be managed
(key rotation, adding/removing keysets from/to a Security Domain).

Unfortunately, many aspects of this topic are not immediately
obvious for the average user. Let's add a tutorial that contains
some practical examples to shine some light on the topic.

Related: SYS#7881
Change-Id: I163dfedca3df572cb8442e9a4a280e6c5b00327e

enb_proxy: split conn_info() into mme_conn_info() and proxy_info()

The old conn_info() conflated two distinct concerns: the MME SCTP
connection info stored in enb_registry (aid, saddr, sport) and the
broader operational state used for introspection (handler pid, enb
connection info, etc.).  Mixing them forced enb_registry to hold a
handler pid it has no business knowing about, and required rest_server
to extract that pid just to reach s1ap_proxy for E-RAB listing.

Split into two distinct types:

* mme_conn_info() - pure MME SCTP connection info (aid, saddr, sport),
  stored in the enb_registry and signalled via notify_mme_comm_up/2.
  The `mme_` prefix is dropped from field names as the type name
  provides the context.

* proxy_info() - richer operational snapshot (handler, enb_handle,
  enb_conn_info, mme_conn_info, genb_id_str, mme_info), returned by
  fetch_info/1 for introspection/debugging purposes.

Additionally:

* Add fetch_erab_list/1 to enb_proxy, delegating internally to
  s1ap_proxy:fetch_erab_list/1 via the cached handler pid.  This
  allows the rest_server to obtain a list of E-RAB without having
  to obtain pid of the s1ap_proxy and interact with it.

* Remove separate enb_aid/mme_aid/mme_saddr/mme_sport state fields;
  enb_aid is now read directly from enb_conn_info, and the MME fields
  are grouped in mme_conn_info.

Change-Id: Ia428ceb4762f972211e9b790688dc89fb5b8a274
Related: SYS#7066

enb_proxy: add missing mme_info() to proxy_info()

As a bonus, `tried_mmes` now only serves its actual purpose - tracking
which MMEs have already been tried for selection filtering - rather
than being abused as a way to retrieve the current MME name.

Change-Id: Ibbb293d9e68b7c3a8c3ca7ee73132dbda3f2bf97
Related: SYS#7066

rest_server: fix TOC/TOU race when listing/fetching E-RABs

The list of E-RAB FSM pids is a snapshot taken at one point in time.
By the time we interrogate each erab_fsm process individually, any of
them may have already terminated (e.g. bearer released mid-request).
The current code fails to generate a response if this happens.

* fetch_erab_info/1: add a pid() clause that wraps erab_list_item/1
  in a try/catch, returning 'error' if the process is gone.

* fetch_erab_info/1: catch both exit forms
** `{noproc, _}` raised by gen_statem:call/2 on a monitored pid, and
** the bare noproc atom for other code paths.

* fetch_erab_list/1: switch from lists:map to lists:filtermap and
  call fetch_erab_info/1 per E-RAB, silently dropping any that died
  between the snapshot and the per-process interrogation.

Change-Id: I160b413aa535f2379ad4e40a3ae8f37c5bce2067
Related: SYS#7066

doc/manuals: cli: shorten enb_list example table

The full enb_list table with all address columns is too wide to fit
on a page and does not render well in PDF.  Collapse the address
columns with '...'; add a note that they are omitted for readability.

Change-Id: I4e25233a3e77358060f1098e97907c93deab334b
Related: OS#6671

enb_{proxy,registry}: signal MME conn info on SCTP comm_up

Previously, mme_aid/mme_saddr/mme_sport were only signalled to the
enb_registry once the S1 Setup procedure completed.  This meant the
REST API could not show MME connection details for eNBs stuck in
wait_s1setup_rsp state (e.g. due to a slow or retrying MME).

Add notify_mme_comm_up/2, called at SCTP comm_up, which stores the full
conn_info (including mme_aid, mme_saddr, mme_sport) in the registry as
soon as the SCTP connection is established.

notify_mme_connected/2 is simplified to notify_mme_connected/1: it now
only flips the state to 'connected', since conn_info is already stored.

Change-Id: Iea9ba4fdf961e6cd262edc154884a2eee3d95355
Related: SYS#7066

[REST] Add PLMN/eNB IDs to EnbItem

Change-Id: I79690223a34afea5e6661125ac04f98462dadb03
Related: SYS#7066

s1ap_proxy: add public erab_list() type

Change-Id: I21a674537d1d9f16fdb319aaf2d758ba0906b407

enb_proxy: add missing mme_info() to proxy_info()

As a bonus, `tried_mmes` now only serves its actual purpose - tracking
which MMEs have already been tried for selection filtering - rather
than being abused as a way to retrieve the current MME name.

Change-Id: Ibbb293d9e68b7c3a8c3ca7ee73132dbda3f2bf97
Related: SYS#7066

s1ap_proxy: add public erab_list() type

Change-Id: I21a674537d1d9f16fdb319aaf2d758ba0906b407

enb_{proxy,registry}: signal MME conn info on SCTP comm_up

Previously, mme_aid/mme_saddr/mme_sport were only signalled to the
enb_registry once the S1 Setup procedure completed.  This meant the
REST API could not show MME connection details for eNBs stuck in
wait_s1setup_rsp state (e.g. due to a slow or retrying MME).

Add notify_mme_comm_up/2, called at SCTP comm_up, which stores the full
conn_info (including mme_aid, mme_saddr, mme_sport) in the registry as
soon as the SCTP connection is established.

notify_mme_connected/2 is simplified to notify_mme_connected/1: it now
only flips the state to 'connected', since conn_info is already stored.

Change-Id: Iea9ba4fdf961e6cd262edc154884a2eee3d95355
Related: SYS#7066

enb_proxy: split conn_info() into mme_conn_info() and proxy_info()

The old conn_info() conflated two distinct concerns: the MME SCTP
connection info stored in enb_registry (aid, saddr, sport) and the
broader operational state used for introspection (handler pid, enb
connection info, etc.).  Mixing them forced enb_registry to hold a
handler pid it has no business knowing about, and required rest_server
to extract that pid just to reach s1ap_proxy for E-RAB listing.

Split into two distinct types:

* mme_conn_info() - pure MME SCTP connection info (aid, saddr, sport),
  stored in the enb_registry and signalled via notify_mme_comm_up/2.
  The `mme_` prefix is dropped from field names as the type name
  provides the context.

* proxy_info() - richer operational snapshot (handler, enb_handle,
  enb_conn_info, mme_conn_info, genb_id_str, mme_info), returned by
  fetch_info/1 for introspection/debugging purposes.

Additionally:

* Add fetch_erab_list/1 to enb_proxy, delegating internally to
  s1ap_proxy:fetch_erab_list/1 via the cached handler pid.  This
  allows the rest_server to obtain a list of E-RAB without having
  to obtain pid of the s1ap_proxy and interact with it.

* Remove separate enb_aid/mme_aid/mme_saddr/mme_sport state fields;
  enb_aid is now read directly from enb_conn_info, and the MME fields
  are grouped in mme_conn_info.

Change-Id: Ia428ceb4762f972211e9b790688dc89fb5b8a274
Related: SYS#7066

docs/put_key: add tutorial that explains how to manage global platform keys

With the increased interest in using GlobalPlatform features of
UICC and eUICCs (OTA-SMS, applets, etc.), also comes an increased
interest in how the related GlobalPlatform keys can be managed
(key rotation, adding/removing keysets from/to a Security Domain).

Unfortunately, many aspects of this topic are not immediately
obvious for the average user. Let's add a tutorial that contains
some practical examples to shine some light on the topic.

Related: SYS#7881
Change-Id: I163dfedca3df572cb8442e9a4a280e6c5b00327e

docs/put_key: add tutorial that explains how to manage global platform keys

With the increased interest in using GlobalPlatform features of
UICC and eUICCs (OTA-SMS, applets, etc.), also comes an increased
interest in how the related GlobalPlatform keys can be managed
(key rotation, adding/removing keysets from/to a Security Domain).

Unfortunately, many aspects of this topic are not immediately
obvious for the average user. Let's add a tutorial that contains
some practical examples to shine some light on the topic.

Related: SYS#7881
Change-Id: I163dfedca3df572cb8442e9a4a280e6c5b00327e

Use libosmocore netdev

Depends: libosmocore.git Change-Id I75153eb59e96a6a2505dc5b29432c76e5c21ea24
Change-Id: I8f18ef56a6e7186fed88f965fbb34aa390c3bac1

netdev: Add API osmo_netdev_del_addr()

Change-Id: I75153eb59e96a6a2505dc5b29432c76e5c21ea24

Use libosmocore netns API

Change-Id: Ia8617765d4c14483e2ad0ea09a8f2276fd7aaebf

transport: change APDU format paradigm

Unfortunately we have mixed up the concept of TPDUs and APDUs in
earlier versions of pySim-shell. This lead to problems with
detecteding the APDU case properly (see also ISO/IEC 7816-3) and
also prevented us from adding support for T=1.

This problem has been fixed long time ago and all APDUs sent from
the pySim-shell code should be well formed and valid according to
ISO/IEC 7816-3.

To ensure that we continue to format APDUs correctly as APDUs (and
not TPDUs) we have added a mechanism to the LinkBase class that
would either raise an exception or print a warning if someone
mistakenly tries to send an APDU that is really a TPDU. Whether a
warning is printed or an exception is raised is controlled via the
apdu_strict member in the LinkBase class, which is false (print
warning only) by default.

The reason why we have implemneted the mechanism this way was
because we wanted to ensure that existing APDU scripts (pySim-shell
apdu command) keep working, even though when those scripts uses
APDUs which are formally invalid.

Sending a TPDU instead of an APDU via a T=0 link will still work
in almost all cases. This is also the reason why this problem
slipped through unnoticed for long time. However, there may still
be subtile problems araising from this practice. The root of the
problem is that it is impossible to distinguish between APDU case
3 and 4 when a TPDU instead of an APDU is sent. However in order
to handle a case 4 APDU correctly we must be able to distinguish
the APDU case correctly to handle the case correctly.
ETSI TS 102 221, section 7.3.1.1.4, clause 4 is very clear about
the fact that not (only) the status word (e.g. 61xx) but the
APDU case is what matters.

To complete the logic in LinkBaseTpdu and to maintain compatibility
(older APDU scripts), we must still be able to switch between the
'apdu_strict' mode and the non-strict mode. However, it makes sense
to do this on a per-api-call basis instead globally via a class
property.

At the same time we will limit the effect of pySim-shell's
apdu_strict setable to the apdu command only. By doing so, the
bahviour of the apdu command is not altered. Users will still
have to enable the 'strict' mode explicitly. At the same time
all the internal functionality of pySim-shell will always use
the 'strict' mode.

Related: OS#6970
Change-Id: I9a531a825def318b28bf58291d811cf119003fab

Use osmo_sockaddr everywhere

This allows getting rid of lots of explicit castings, as well as makeing
it easier do improve IPv6 support in the future.

Change-Id: Id87d9cf2ec138091681ab0fe7c7f86d648c0e98e

doc/manuals: cli: shorten enb_list example table

The full enb_list table with all address columns is too wide to fit
on a page and does not render well in PDF.  Collapse the address
columns with '...'; add a note that they are omitted for readability.

Change-Id: I4e25233a3e77358060f1098e97907c93deab334b
Related: OS#6671

[REST] Add MME source address/port to EnbItem

The enb_proxy now captures the local address and port of the S1GW-MME
SCTP connection (mme_saddr/mme_sport) at comm_up and includes them in
conn_info().  Expose this info through the REST API (EnbItem schema),
show it as a new column/row in the CLI (enb_list/enb_info).

Change-Id: I15bbddf96ac7d5b6f9962a8d745db58fdec334e7
Related: SYS#7066

[REST] Add MME source address/port to EnbItem

The enb_proxy now captures the local address and port of the S1GW-MME
SCTP connection (mme_saddr/mme_sport) at comm_up and includes them in
conn_info().  Expose this info through the REST API (EnbItem schema),
show it as a new column/row in the CLI (enb_list/enb_info).

Change-Id: I15bbddf96ac7d5b6f9962a8d745db58fdec334e7
Related: SYS#7066

doc/manuals: cli: shorten enb_list example table

The full enb_list table with all address columns is too wide to fit
on a page and does not render well in PDF.  Collapse the address
columns with '...'; add a note that they are omitted for readability.

Change-Id: I4e25233a3e77358060f1098e97907c93deab334b
Related: OS#6671

library/HTTP_Adapter: clarify response template restriction

Change-Id: I1a5ee842c30de9ec22d9e375f6b1b24b3eaee1e0

library/HTTP_Adapter: bail out early on failure

Replace `self.stop` with `Misc_Helpers.f_shutdown()`, and add it after
existing `setverdict(fail, ...)` calls that previously fell through.

In all these cases there is no meaningful way to continue: the caller
of these functions usually expects a valid value to be returned, and
continuing (not stopping) oftentimes results in confusing DTEs.

Change-Id: I229028d551d5cf9651e6e65314cd40f414bfe235

s1gw: f_REST_*(): use tr_HTTP_RespBody(decmatch T:?)

Pass `exp := tr_HTTP_RespBody(decmatch T:?)` to f_http_transact() in
every REST helper that decodes the response body.  This ensures both
a 2xx status code and a decodable body are required before any decode
attempt is made, producing an informative "Unexpected HTTP response"
verdict (rather than a confusing DTE) when e.g. an older osmo-s1gw
returns HTTP 404 with an empty body for an unsupported endpoint.

Change-Id: I6997dae5314d4a4588386183832426ab5b8d0843

dfu: set poll timeout to 128 ms to reduce EPIPE errors

The previous 10 ms poll timeout creates ERROR_PIPE errors when the
octsim is connected to a more busy bus.
E.g. when a network device is connected to the same bus or when flashing
multiple OCTSIMs at the same time.

From usb captures 70 ms should be already enough, but adding an additional
safety margin.
It is unclear why the EPIPE errors happens.

Related: SYS#7910
Change-Id: I4abe812e17194f37ce5d97fd1d866aeebd1d4239

transceiver: add optional WebSDR device support

- Add support for WebSDR devices enabled via the --with-websdr
configure flag.
- add libosmo-trx-websdr library and pkg-config file
- update .gitignore for wasm and pkg-config artifacts

Change-Id: Ia0d340c323c2eea28fbe82601ba0af7cfbd68f6d

transceiver: split control command handling from socket I/O

- move control command parsing/response generation into ctrl_cmd_handle()
- keep ctrl_sock_handle_rx() focused on socket read/write

Change-Id: I5413aa511e951522270c75635e89448395fc429e

proto_trxd: add helpers to prepare burst indication packets

- introduce trxd_prepare_burst_ind_v0() and trxd_prepare_burst_ind_v1()
- reuse prepared packet size in send helpers
- handle idle frames during packet preparation
- use ssize_t consistently for prepared/write sizes

Change-Id: Ie94a1df4879cbf6056cd05c9621c46db1ed972fd

eIM_Tests: align RSP version number in HTTP header

The RSP version number in the x-admin-protocol header string should
be set to v.2.1.0 (gsma/rsp/v2.1.0), even though the ASN.1 spec we
currently use is at version 2.5.

This is to maintain compatibility with older IPAd versions and also
stated explicitly in GSMA SGP.32 V2.1, section 6.1.

Change-Id: I125c3b13697c71d35788e54b7d88a9f943bb7a71
Related: SYS#7945

[REST] EnbItem: expose name of the selected MME

For each eNB connection, include the name of the MME that was selected
from the pool.  Update the OpenAPI spec, CLI (enb_list/enb_info tables),
and user manual accordingly.

Change-Id: I4839275efa5d3545e84d684ad1b8b989214ef76a
Related: SYS#7066, SYS#7052

[REST] Implement eNB/MME selection by addr-port

Add support for selecting an MME or eNB by remote address and port
in the REST API and CLI.  The selector format is `addr:IP:PORT` for
MMEs and `enb-conn:IP:PORT` for eNBs, where IP can be an IPv4 or
IPv6 address.  The colon is used as the address/port separator.

Change-Id: If02c8de1e1b7214bba868eee35233a79d0704dc5
Related: SYS#7066

[REST] Implement PfcpAssoc{Setup,Release}

Change-Id: I2e24544563e4c4d23bb3d8a4a7b5434191b482d8
Related: SYS#7066

[REST] Add MME source address/port

Change-Id: I15bbddf96ac7d5b6f9962a8d745db58fdec334e7

[REST] EnbItem: expose name of the selected MME

For each eNB connection, include the name of the MME that was selected
from the pool.  Update the OpenAPI spec, CLI (enb_list/enb_info tables),
and user manual accordingly.

Change-Id: I4839275efa5d3545e84d684ad1b8b989214ef76a
Related: SYS#7066, SYS#7052

enb_proxy: obtain sctp_client sockopts from the env directly

Instead of passing the MmeConnCfg (sctp_client:cfg()) all the way
from osmo_s1gw_sup through sctp_server (as priv) into enb_proxy
(as state), read the sctp_client configuration in-place via
osmo_s1gw:get_env/2 when it is actually needed (connecting/enter).

This works because osmo_s1gw_sup already normalizes and writes back
the complete sctp_client config to the application env (set_env/2)
before starting the supervision tree.

As a result, mme_conn_cfg is removed from enb_proxy's state record,
start_link/2 no longer uses its Priv argument, and server_cfg/1 is
simplified to server_cfg/0.

Change-Id: Ic77d3eb3351c8981c87fa4b6febcdeb814b9187b

[REST] Implement eNB/MME selection by addr-port

Change-Id: If02c8de1e1b7214bba868eee35233a79d0704dc5
Related: SYS#7066

[REST] Add MME source address/port

Change-Id: I15bbddf96ac7d5b6f9962a8d745db58fdec334e7

[REST] Implement PfcpAssoc{Setup,Release}

Change-Id: I2e24544563e4c4d23bb3d8a4a7b5434191b482d8
Related: SYS#7066

config/sys.config: increase StatsD reporter interval to 10s

When running ttcn3-s1gw-test locally, I noticed OsmoS1GW consuming
30-40% of a CPU core while idle (not serving any eNBs).  Profiling
with etop pointed to `exometer_report_statsd` as the culprit: with
~1720 metrics registered, it was sending ~1720 datagrams per second.

A 1-second reporting interval causes noticeable CPU overhead as the
number of active metrics grows.  With per-eNB and per-MME counters,
the metric set scales with the number of connected eNBs/MMEs.

Increase the default StatsD reporting interval from 1s to 10s to
reduce that overhead.  Update the documentation accordingly.

Change-Id: Icd5e1a43d1df4a4909fe742aec67cc51a01bb857

enb_proxy: signal mme_info() to the enb_registry

When an MME is selected from the pool, pass the mme_registry:mme_info()
to the enb_registry via notify_mme_connecting/2 (replacing /1).  This
makes all MME configuration details (name, address, port, TAC list)
available to consumers such as the REST server, without having to
look them up separately from the mme_registry.

Change-Id: I22e705b8196c9dcf436ed3c4d91c5c5a912e7282
Related: SYS#7052

rebar.lock: bump exometer_report_statsd version

The new version is using ETS instead of dict for counter lookups.
This significantly reduces performance impact when multiple eNBs
are registered, since the ETS provides O(1) average-case hash
lookups and in-place mutation.

Change-Id: I931321a831215012aa8186d851d9a8d38908a4bf

[REST] Add GET /config endpoint (ConfigRead)

This endpoint returns the effective runtime configuration that
OsmoS1GW is currently using, with all defaults applied.  This
reflects the values read via `osmo_s1gw:get_env/2` at startup.

Change-Id: Ic6c9562a541e4a0728257538887537aac6b99b97
Related: SYS#7066

doc/manuals: update MmeItem related info

The osmo-s1gw-cli documentation was not properly updated in 63ce2c9:

* default local/bind address for an MME is "any", not "::"
* allowed TACs (--tac) was missing in help and examples

Change-Id: I0b8115fe6342a80bf1eb99bd6ad210492a013947
Fixes: 63ce2c9 ("[REST] Add MmeList, MmeAdd, MmeInfo, MmeDelete")
Related: OS#6671, SYS#7066, SYS#7052

doc/manuals: merge doc/osmo-s1gw-cli.md

Change-Id: Ic2556f6add9c6a24f6da03f4388d7f86dde0c5dc
Related: OS#6671, SYS#7066

contrib: add jenkins_manuals.sh

Change-Id: I54f0774575534519a2c40e0588f136c8a5e706f8
Related: osmo-ci.git Id62d806a648c8f3480cb4f162adf65f77c552848
Related: OS#6671

pfcp_peer: define ?PFCP_ASSOC_SETUP_TIMEOUT

Change-Id: I0b7299d9f3eaa8c0a3c7e4a4d6331d1ec5a1c779

transceiver: add optional WebSDR device support

- Add support for WebSDR devices enabled via the --with-websdr
configure flag.
- add libosmo-trx-websdr library and pkg-config file
- update .gitignore for wasm and pkg-config artifacts

Change-Id: Ia0d340c323c2eea28fbe82601ba0af7cfbd68f6d

transceiver: split control command handling from socket I/O

- move control command parsing/response generation into ctrl_cmd_handle()
- keep ctrl_sock_handle_rx() focused on socket read/write

Change-Id: I5413aa511e951522270c75635e89448395fc429e

proto_trxd: add helpers to prepare burst indication packets

- introduce trxd_prepare_burst_ind_v0() and trxd_prepare_burst_ind_v1()
- reuse prepared packet size in send helpers
- handle idle frames during packet preparation
- use ssize_t consistently for prepared/write sizes

Change-Id: Ie94a1df4879cbf6056cd05c9621c46db1ed972fd

transceiver: add optional WebSDR device support

- Add support for WebSDR devices enabled via the --with-websdr
configure flag.
- add libosmo-trx-websdr library and pkg-config file
- update .gitignore for wasm and pkg-config artifacts

Change-Id: Ia0d340c323c2eea28fbe82601ba0af7cfbd68f6d

transceiver: add optional WebSDR device support

- Add support for WebSDR devices enabled via the --with-websdr
configure flag.
- add libosmo-trx-websdr library and pkg-config file
- update .gitignore for wasm and pkg-config artifacts

Change-Id: Ia0d340c323c2eea28fbe82601ba0af7cfbd68f6d

SCCP_Adapter: Fix typo in setverdict string

Change-Id: I8924bf646b5c45e71746d3e76cf6aa3aa3fb674c

5gc: f_pdu_sess_establish(): Pass pdu sess type as param

Change-Id: I86680b0a2f5ddb27ecbebd5639199d2f77d397f6

5gc: Update mobility procedure status

There's no procedure to do direct mobility between GERAN/UTRAN and 5GS
according to spec, and IP preservation is not supported either through
indirect mobility GERAN/UTRAN<->EUTRAN<->5GS.

Regarding 3GPP TS 23.502 Annex G, open5gs-smfd supports Gn interface but
only when working against a 4G MME, not through 5GS (PCF and AMF).

Related specs:
*3GPP TS 23.501:
** 5.17.2.4 Mobility between 5GS and GERAN/UTRAN
** Annex L (normative): Support of GERAN/UTRAN access
* 3GPP TS 23.502 4.11.5 Impacts to 5GC Procedures
* 3GPP TS 23.632 5.3 5GC-EPC Mobility Scenarios

Change-Id: I6bb8672fbd553a1a2a51b97a8360658afa0fddff

transceiver: split control command handling from socket I/O

- move control command parsing/response generation into ctrl_cmd_handle()
- keep ctrl_sock_handle_rx() focused on socket read/write
- switch response formatting from sprintf() to snprintf()

Change-Id: I5413aa511e951522270c75635e89448395fc429e

[REST] Implement eNB/MME selection by addr-port

Change-Id: If02c8de1e1b7214bba868eee35233a79d0704dc5
Related: SYS#7066

enb_proxy: obtain sctp_client sockopts from the env directly

Instead of passing the MmeConnCfg (sctp_client:cfg()) all the way
from osmo_s1gw_sup through sctp_server (as priv) into enb_proxy
(as state), read the sctp_client configuration in-place via
osmo_s1gw:get_env/2 when it is actually needed (connecting/enter).

This works because osmo_s1gw_sup already normalizes and writes back
the complete sctp_client config to the application env (set_env/2)
before starting the supervision tree.

As a result, mme_conn_cfg is removed from enb_proxy's state record,
start_link/2 no longer uses its Priv argument, and server_cfg/1 is
simplified to server_cfg/0.

Change-Id: Ic77d3eb3351c8981c87fa4b6febcdeb814b9187b

pfcp_peer: define ?PFCP_ASSOC_SETUP_TIMEOUT

Change-Id: I0b7299d9f3eaa8c0a3c7e4a4d6331d1ec5a1c779

[REST] Add GET /config endpoint (ConfigRead)

This endpoint returns the effective runtime configuration that
OsmoS1GW is currently using, with all defaults applied.  This
reflects the values read via `osmo_s1gw:get_env/2` at startup.

Change-Id: Ic6c9562a541e4a0728257538887537aac6b99b97
Related: SYS#7066

enb_proxy: signal mme_info() to the enb_registry

When an MME is selected from the pool, pass the mme_registry:mme_info()
to the enb_registry via notify_mme_connecting/2 (replacing /1).  This
makes all MME configuration details (name, address, port, TAC list)
available to consumers such as the REST server, without having to
look them up separately from the mme_registry.

Change-Id: I22e705b8196c9dcf436ed3c4d91c5c5a912e7282
Related: SYS#7052

[REST] EnbItem: expose name of the selected MME

For each eNB connection, include the name of the MME that was selected
from the pool.  Update the OpenAPI spec, CLI (enb_list/enb_info tables),
and user manual accordingly.

Change-Id: I4839275efa5d3545e84d684ad1b8b989214ef76a
Related: SYS#7066, SYS#7052

[REST] Implement PfcpAssoc{Setup,Release}

Change-Id: I2e24544563e4c4d23bb3d8a4a7b5434191b482d8
Related: SYS#7066