Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-mgw / 36ed8cc4c33e3b69bb0f84f1b5b593ae46aff08f / . / openbsc / src / sccp / sccp.c
blob: 522afcf7a5c6275f992ef9462f718da8fe567724 [file] [log] [blame]
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]1/*
2 * SCCP management code
3 *
4 * (C) 2009 by Holger Hans Peter Freyther <zecke@selfish.org>
5 * (C) 2009 by on-waves.com
6 *
7 * All Rights Reserved
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 *
23 */
24
25#include <string.h>
26
27#include <sccp/sccp.h>
28
29#include <openbsc/debug.h>
30#include <openbsc/talloc.h>
31#include <openbsc/linuxlist.h>
32
33static void *tall_sccp_ctx;
34static LLIST_HEAD(sccp_connections);
35
36#define SCCP_MSG_SIZE 4096
37#define SCCP_MSG_HEADROOM 128
38
39/* global data */
40const struct sockaddr_sccp sccp_ssn_bssap = {
41 .sccp_family = 0,
42 .sccp_ssn = SCCP_SSN_BSSAP,
43};
44
45struct sccp_system {
46 /* layer3 -> layer2 */
47 int (*write_data)(struct msgb *data, void *context);
48 void *write_context;
49};
50
51
52static struct sccp_system sccp_system = {
53 .write_data = NULL,
54};
55
56struct sccp_data_callback {
57 /* connection based */
58 int (*accept_cb)(struct sccp_connection *, void *);
59 void *accept_context;
60
61 /* connection less */
62 int (*read_cb)(struct msgb *, unsigned int, void *);
63 void *read_context;
64
65 u_int8_t ssn;
66 struct llist_head callback;
67};
68
69static LLIST_HEAD(sccp_callbacks);
70
71static struct sccp_data_callback *_find_ssn(u_int8_t ssn)
72{
73 struct sccp_data_callback *cb;
74
75 llist_for_each_entry(cb, &sccp_callbacks, callback) {
76 if (cb->ssn == ssn)
77 return cb;
78 }
79
80 /* need to add one */
81 cb = talloc_zero(tall_sccp_ctx, struct sccp_data_callback);
82 if (!cb) {
83 DEBUGP(DSCCP, "Failed to allocate sccp callback.\n");
84 return NULL;
85 }
86
87 cb->ssn = ssn;
88 llist_add_tail(&cb->callback, &sccp_callbacks);
89 return cb;
90}
91
92
93static int _send_msg(struct msgb *msg)
94{
95 return sccp_system.write_data(msg, sccp_system.write_context);
96}
97
98/*
99 * parsing routines
100 */
101static int copy_address(struct sccp_address *addr, u_int8_t offset, struct msgb *msgb)
102{
103 struct sccp_called_party_address *party;
104
105 int room = msgb_l2len(msgb) - offset;
106 u_int8_t read = 0;
107 u_int8_t length;
108
109 if (room <= 0) {
110 DEBUGP(DSCCP, "Not enough room for an address: %u\n", room);
111 return -1;
112 }
113
114 length = msgb->l2h[offset];
115 if (room <= length) {
116 DEBUGP(DSCCP, "Not enough room for optional data %u %u\n", room, length);
117 return -1;
118 }
119
120
121 party = (struct sccp_called_party_address *)(msgb->l2h + offset + 1);
122 if (party->point_code_indicator) {
123 if (length <= read + 2) {
124 DEBUGP(DSCCP, "POI does not fit %u\n", length);
125 return -1;
126 }
127
128
129 memcpy(&addr->poi, &party->data[read], 2);
130 read += 2;
131 }
132
133 if (party->ssn_indicator) {
134 if (length <= read + 1) {
135 DEBUGP(DSCCP, "SSN does not fit %u\n", length);
136 return -1;
137 }
138
139 addr->ssn = party->data[read];
140 read += 1;
141 }
142
143 if (party->global_title_indicator) {
144 DEBUGP(DSCCP, "GTI not supported %u\n", *(u_int8_t *)party);
145 return -1;
146 }
147
148 addr->address = *party;
149 return 0;
150}
151
152static int check_address(struct sccp_address *addr)
153{
154 /* ignore point_code_indicator... it should be zero... but */
155 if (addr->address.ssn_indicator != 1
156 || addr->address.global_title_indicator == 1
157 || addr->address.routing_indicator != 1) {
158 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
159 *(u_int8_t *)&addr->address, addr->ssn);
160 return -1;
161 }
162
163 return 0;
164}
165
166static int _sccp_parse_optional_data(const int offset,
167 struct msgb *msgb, struct sccp_optional_data *data)
168{
169 u_int16_t room = msgb_l2len(msgb) - offset;
170 u_int16_t read = 0;
171
172 while (room > read) {
173 u_int8_t type = msgb->l2h[offset + read];
174 if (type == SCCP_PNC_END_OF_OPTIONAL)
175 return 0;
176
177 if (read + 1 >= room) {
178 DEBUGP(DSCCP, "no place for length\n");
179 return 0;
180 }
181
182 u_int8_t length = msgb->l2h[offset + read + 1];
183 read += 2 + length;
184
185
186 if (room <= read) {
187 DEBUGP(DSCCP, "no space for the data: type: %d read: %d room: %d l2: %d\n",
188 type, read, room, msgb_l2len(msgb));
189 return 0;
190 }
191
192 if (type == SCCP_PNC_DATA) {
193 data->data_len = length;
194 data->data_start = offset + read - length;
195 }
196
197 }
198
199 return -1;
200}
201
202/*
203 * Send UDT. Currently we have a fixed address...
204 */
205static int _sccp_send_data(int class, const struct sockaddr_sccp *in,
206 const struct sockaddr_sccp *out, struct msgb *payload)
207{
208 struct sccp_data_unitdata *udt;
209 u_int8_t *data;
210 int ret;
211
212 if (msgb_l3len(payload) > 256) {
213 DEBUGP(DSCCP, "The payload is too big for one udt\n");
214 return -1;
215 }
216
217 struct msgb *msg = msgb_alloc_headroom(SCCP_MSG_SIZE,
218 SCCP_MSG_HEADROOM, "sccp: udt");
219 msg->l2h = &msg->data[0];
220 udt = (struct sccp_data_unitdata *)msgb_put(msg, sizeof(*udt));
221
222 udt->type = SCCP_MSG_TYPE_UDT;
223 udt->proto_class = class;
224 udt->variable_called = 3;
225 udt->variable_calling = 5;
226 udt->variable_data = 7;
227
228 /* for variable data we start with a size and the data */
229 data = msgb_put(msg, 1 + 2);
230 data[0] = 2;
231 data[1] = 0x42;
232 data[2] = out->sccp_ssn;
233
234 data = msgb_put(msg, 1 + 2);
235 data[0] = 2;
236 data[1] = 0x42;
237 data[2] = in->sccp_ssn;
238
239 /* copy the payload */
240 data = msgb_put(msg, 1 + msgb_l3len(payload));
241 data[0] = msgb_l3len(payload);
242 memcpy(&data[1], payload->l3h, msgb_l3len(payload));
243
244 ret = _send_msg(msg);
245 msgb_free(msg);
246
247 return ret;
248}
249
250static int _sccp_handle_read(struct msgb *msgb)
251{
252 static const u_int32_t header_size = sizeof(struct sccp_data_unitdata);
253 static const u_int32_t called_offset = offsetof(struct sccp_data_unitdata, variable_called);
254 static const u_int32_t calling_offset = offsetof(struct sccp_data_unitdata, variable_calling);
255 static const u_int32_t data_offset = offsetof(struct sccp_data_unitdata, variable_data);
256
257 struct sccp_data_callback *cb;
258 struct sccp_data_unitdata *udt = (struct sccp_data_unitdata *)msgb->l2h;
259 struct sccp_address called, calling;
260
261 /* we don't have enough size for the struct */
262 if (msgb_l2len(msgb) < header_size) {
263 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
264 msgb_l2len(msgb), header_size);
265 return -1;
266 }
267
268 /* copy out the calling and called address. Add the off */
269 if (copy_address(&called, called_offset + udt->variable_called, msgb) != 0)
270 return -1;
271
272 if (check_address(&called) != 0) {
273 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
274 *(u_int8_t *)&called.address, called.ssn);
275 return -1;
276 }
277
278 cb = _find_ssn(called.ssn);
279 if (!cb || !cb->read_cb) {
280 DEBUGP(DSCCP, "No routing for UDT for called SSN: %u\n", called.ssn);
281 return -1;
282 }
283
284 if (copy_address(&calling, calling_offset + udt->variable_calling, msgb) != 0)
285 return -1;
286
287 if (check_address(&calling) != 0) {
288 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
289 *(u_int8_t *)&called.address, called.ssn);
290 }
291
292 /* we don't have enough size for the data */
293 if (msgb_l2len(msgb) < data_offset + udt->variable_data + 1) {
294 DEBUGP(DSCCP, "msgb < header + offset %u %u %u\n",
295 msgb_l2len(msgb), header_size, udt->variable_data);
296 return -1;
297 }
298
299
300 msgb->l3h = &udt->data[udt->variable_data];
301
302 if (msgb_l3len(msgb) != msgb->l3h[-1]) {
303 DEBUGP(DSCCP, "msgb is truncated %u %u\n",
304 msgb_l3len(msgb), msgb->l3h[-1]);
305 return -1;
306 }
307
308 /* sanity check */
309 return cb->read_cb(msgb, msgb_l3len(msgb), cb->read_context);
310}
311
312/*
313 * handle connection orientated methods
314 */
315static int source_local_reference_is_free(struct sccp_source_reference *reference)
316{
317 struct sccp_connection *connection;
318
319 llist_for_each_entry(connection, &sccp_connections, list) {
320 if (memcmp(reference, &connection->source_local_reference, sizeof(*reference)) == 0)
321 return -1;
322 }
323
324 return 0;
325}
326
327static int destination_local_reference_is_free(struct sccp_source_reference *reference)
328{
329 struct sccp_connection *connection;
330
331 llist_for_each_entry(connection, &sccp_connections, list) {
332 if (memcmp(reference, &connection->destination_local_reference, sizeof(*reference)) == 0)
333 return -1;
334 }
335
336 return 0;
337}
338
339static int assign_source_local_reference(struct sccp_connection *connection)
340{
341 static u_int32_t last_ref = 0x30000;
342 int wrapped = 0;
343
344 do {
345 struct sccp_source_reference reference;
346 reference.octet1 = (last_ref >> 0) & 0xff;
347 reference.octet2 = (last_ref >> 8) & 0xff;
348 reference.octet3 = (last_ref >> 16) & 0xff;
349
350 ++last_ref;
351 /* do not use the reversed word and wrap around */
352 if ((last_ref & 0x00FFFFFF) == 0x00FFFFFF) {
353 DEBUGP(DSCCP, "Wrapped searching for a free code\n");
354 last_ref = 0;
355 ++wrapped;
356 }
357
358 if (source_local_reference_is_free(&reference) == 0) {
359 connection->source_local_reference = reference;
360 return 0;
361 }
362 } while (wrapped != 2);
363
364 DEBUGP(DSCCP, "Finding a free reference failed\n");
365 return -1;
366}
367
368static void _sccp_set_connection_state(struct sccp_connection *connection, int new_state)
369{
370 int old_state = connection->connection_state;
371
372 connection->connection_state = new_state;
373 if (connection->state_cb)
374 connection->state_cb(connection, old_state);
375}
376
377static int _sccp_send_refuse(struct sccp_connection_request *req, int cause)
378{
379 struct msgb *msgb;
380 struct sccp_connection_refused *ref;
381 u_int8_t *data;
382 int ret;
383
384 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
385 SCCP_MSG_HEADROOM, "sccp ref");
386 msgb->l2h = &msgb->data[0];
387
388 ref = (struct sccp_connection_refused *) msgb_put(msgb, sizeof(*ref));
389 ref->type = SCCP_MSG_TYPE_CREF;
390 memcpy(&ref->destination_local_reference, &req->source_local_reference,
391 sizeof(struct sccp_source_reference));
392 ref->cause = cause;
393 ref->optional_start = 1;
394
395 data = msgb_put(msgb, 1);
396 data[0] = SCCP_PNC_END_OF_OPTIONAL;
397
398 ret = _send_msg(msgb);
399 msgb_free(msgb);
400 return ret;
401}
402
403static int _sccp_send_connection_confirm(struct sccp_connection *connection)
404{
405 struct msgb *response;
406 struct sccp_connection_confirm *confirm;
407 u_int8_t *optional_data;
408 int ret;
409
410 if (assign_source_local_reference(connection) != 0)
411 return -1;
412
413 response = msgb_alloc_headroom(SCCP_MSG_SIZE,
414 SCCP_MSG_HEADROOM, "sccp confirm");
415 response->l2h = &response->data[0];
416
417 confirm = (struct sccp_connection_confirm *) msgb_put(response, sizeof(*confirm));
418
419 confirm->type = SCCP_MSG_TYPE_CC;
420 memcpy(&confirm->destination_local_reference,
421 &connection->destination_local_reference,
422 sizeof(connection->destination_local_reference));
423 memcpy(&confirm->source_local_reference,
424 &connection->source_local_reference,
425 sizeof(connection->source_local_reference));
426 confirm->proto_class = 2;
427 confirm->optional_start = 1;
428
429 optional_data = (u_int8_t *) msgb_put(response, 1);
430 optional_data[0] = SCCP_PNC_END_OF_OPTIONAL;
431
432 ret = _send_msg(response);
433 msgb_free(response);
434
435 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_ESTABLISHED);
436 return ret;
437}
438
439static int _sccp_send_connection_request(struct sccp_connection *connection,
440 const struct sockaddr_sccp *called, struct msgb *msg)
441{
442 struct msgb *request;
443 struct sccp_connection_request *req;
444 u_int8_t *data;
445 u_int8_t extra_size = 3 + 1;
446 int ret;
447
448
449 if (msg && (msgb_l3len(msg) < 3 || msgb_l3len(msg) > 130)) {
450 DEBUGP(DSCCP, "Invalid amount of data... %d\n", msgb_l3len(msg));
451 return -1;
452 }
453
454 /* try to find a id */
455 if (assign_source_local_reference(connection) != 0) {
456 DEBUGP(DSCCP, "Assigning a local reference failed.\n");
457 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_SETUP_ERROR);
458 return -1;
459 }
460
461
462 if (msg)
463 extra_size += 2 + msgb_l3len(msg);
464 request = msgb_alloc_headroom(SCCP_MSG_SIZE,
465 SCCP_MSG_HEADROOM, "sccp connection request");
466 request->l2h = &request->data[0];
467 req = (struct sccp_connection_request *) msgb_put(request, sizeof(*req));
468
469 req->type = SCCP_MSG_TYPE_CR;
470 memcpy(&req->source_local_reference, &connection->source_local_reference,
471 sizeof(connection->source_local_reference));
472 req->proto_class = 2;
473 req->variable_called = 2;
474 req->optional_start = 4;
475
476 /* write the called party address */
477 data = msgb_put(request, 1 + 2);
478 data[0] = 2;
479 data[1] = 0x42;
480 data[2] = called->sccp_ssn;
481
482 /* write the payload */
483 if (msg) {
484 data = msgb_put(request, 2 + msgb_l3len(msg));
485 data[0] = SCCP_PNC_DATA;
486 data[1] = msgb_l3len(msg);
487 memcpy(&data[2], msg->l3h, msgb_l3len(msg));
488 }
489
490 data = msgb_put(request, 1);
491 data[0] = SCCP_PNC_END_OF_OPTIONAL;
492
493 llist_add_tail(&connection->list, &sccp_connections);
494 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REQUEST);
495
496 ret = _send_msg(request);
497 msgb_free(request);
498
499 return ret;
500}
501
502static int _sccp_send_connection_data(struct sccp_connection *conn, struct msgb *_data)
503{
504 struct msgb *msgb;
505 struct sccp_data_form1 *dt1;
506 u_int8_t *data;
507 int extra_size;
508 int ret;
509
510 if (msgb_l3len(_data) < 2 || msgb_l3len(_data) > 256) {
511 DEBUGP(DSCCP, "data size too big, segmenting unimplemented.\n");
512 return -1;
513 }
514
515 extra_size = 1 + msgb_l3len(_data);
516 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
517 SCCP_MSG_HEADROOM, "sccp dt1");
518 msgb->l2h = &msgb->data[0];
519
520 dt1 = (struct sccp_data_form1 *) msgb_put(msgb, sizeof(*dt1));
521 dt1->type = SCCP_MSG_TYPE_DT1;
522 memcpy(&dt1->destination_local_reference, &conn->destination_local_reference,
523 sizeof(struct sccp_source_reference));
524 dt1->segmenting = 0;
525
526 /* copy the data */
527 dt1->variable_start = 1;
528 data = msgb_put(msgb, extra_size);
529 data[0] = extra_size - 1;
530 memcpy(&data[1], _data->l3h, extra_size - 1);
531
532 ret = _send_msg(msgb);
533 msgb_free(msgb);
534
535 return ret;
536}
537
Holger Hans Peter Freyther3b9516e2009-11-18 22:11:28 +0100[diff] [blame]538static int _sccp_send_connection_it(struct sccp_connection *conn)
539{
540 struct msgb *msgb;
541 struct sccp_data_it *it;
542 int ret;
543
544 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
545 SCCP_MSG_HEADROOM, "sccp it");
546 msgb->l2h = &msgb->data[0];
547 it = (struct sccp_data_it *) msgb_put(msgb, sizeof(*it));
548 it->type = SCCP_MSG_TYPE_IT;
549 memcpy(&it->destination_local_reference, &conn->destination_local_reference,
550 sizeof(struct sccp_source_reference));
551 memcpy(&it->source_local_reference, &conn->source_local_reference,
552 sizeof(struct sccp_source_reference));
553
554 it->proto_class = 0x2;
555 it->sequencing[0] = it->sequencing[1] = 0;
556 it->credit = 0;
557
558 ret = _send_msg(msgb);
559 msgb_free(msgb);
560 return ret;
561}
562
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]563static int _sccp_send_connection_released(struct sccp_connection *conn, int cause)
564{
565 struct msgb *msg;
566 struct sccp_connection_released *rel;
567 u_int8_t *data;
568 int ret;
569
570 msg = msgb_alloc_headroom(SCCP_MSG_SIZE, SCCP_MSG_HEADROOM,
571 "sccp: connection released");
572 msg->l2h = &msg->data[0];
573 rel = (struct sccp_connection_released *) msgb_put(msg, sizeof(*rel));
574 rel->type = SCCP_MSG_TYPE_RLSD;
575 rel->release_cause = cause;
576
577 /* copy the source references */
578 memcpy(&rel->destination_local_reference, &conn->destination_local_reference,
579 sizeof(struct sccp_source_reference));
580 memcpy(&rel->source_local_reference, &conn->source_local_reference,
581 sizeof(struct sccp_source_reference));
582
583 data = msgb_put(msg, 1);
584 data[0] = SCCP_PNC_END_OF_OPTIONAL;
585
586 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_RELEASE);
587 ret = _send_msg(msg);
588 msgb_free(msg);
589
590 return ret;
591}
592
593/*
594 * Open a connection. The following is going to happen:
595 *
596 * - Verify the packet, e.g. that we have no other connection
597 * that id.
598 * - Ask the user if he wants to accept the connection
599 * - Try to open the connection by assigning a source local reference
600 * and sending the packet
601 */
602static int _sccp_handle_connection_request(struct msgb *msgb)
603{
604 static const u_int32_t header_size =
605 sizeof(struct sccp_connection_request);
606 static const u_int32_t optional_offset =
607 offsetof(struct sccp_connection_request, optional_start);
608 static const u_int32_t called_offset =
609 offsetof(struct sccp_connection_request, variable_called);
610
611 struct sccp_data_callback *cb;
612 struct sccp_connection_request *req = (struct sccp_connection_request *)msgb->data;
613 struct sccp_address called;
614 struct sccp_connection *connection;
615 struct sccp_optional_data optional_data;
616
617 /* header check */
618 if (msgb_l2len(msgb) < header_size) {
619 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
620 msgb_l2len(msgb), header_size);
621 return -1;
622 }
623
624 /* copy out the calling and called address. Add the offset */
625 if (copy_address(&called, called_offset + req->variable_called, msgb) != 0)
626 return -1;
627
628 if (check_address(&called) != 0) {
629 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
630 *(u_int8_t *)&called.address, called.ssn);
631 return -1;
632 }
633
634 cb = _find_ssn(called.ssn);
635 if (!cb || !cb->accept_cb) {
636 DEBUGP(DSCCP, "No routing for CR for called SSN: %u\n", called.ssn);
637 return -1;
638 }
639
640 /* check if the system wants this connection */
641 connection = talloc_zero(tall_sccp_ctx, struct sccp_connection);
642 if (!connection) {
643 DEBUGP(DSCCP, "Allocation failed\n");
644 return -1;
645 }
646
647 /*
648 * sanity checks:
649 * - Is the source_local_reference in any other connection?
650 * then will call accept, assign a "destination" local reference
651 * and send a connection confirm, otherwise we will send a refuseed
652 * one....
653 */
654 if (destination_local_reference_is_free(&req->source_local_reference) != 0) {
655 DEBUGP(DSCCP, "Need to reject connection with existing reference\n");
656 _sccp_send_refuse(req, SCCP_REFUSAL_SCCP_FAILURE);
657 talloc_free(connection);
658 return -1;
659 }
660
661 connection->incoming = 1;
662 connection->destination_local_reference = req->source_local_reference;
663
664 /*
665 * parse optional data.
666 */
667 memset(&optional_data, 0, sizeof(optional_data));
668 if (_sccp_parse_optional_data(optional_offset + req->optional_start, msgb, &optional_data) != 0) {
669 DEBUGP(DSCCP, "parsing of optional data failed.\n");
670 talloc_free(connection);
671 return -1;
672 }
673
674 if (cb->accept_cb(connection, cb->accept_context) != 0) {
675 _sccp_send_refuse(req, SCCP_REFUSAL_END_USER_ORIGINATED);
676 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REFUSED);
677 talloc_free(connection);
678 return 0;
679 }
680
681
682 llist_add_tail(&connection->list, &sccp_connections);
683
684 if (_sccp_send_connection_confirm(connection) != 0) {
685 DEBUGP(DSCCP, "Sending confirm failed... no available source reference?\n");
686
687 _sccp_send_refuse(req, SCCP_REFUSAL_SCCP_FAILURE);
688 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REFUSED);
689 llist_del(&connection->list);
690 talloc_free(connection);
691
692 return -1;
693 }
694
695 /*
696 * If we have data let us forward things.
697 */
698 if (optional_data.data_len != 0 && connection->data_cb) {
699 msgb->l3h = &msgb->l2h[optional_data.data_start];
700 connection->data_cb(connection, msgb, optional_data.data_len);
701 }
702
703 return 0;
704}
705
706/* Handle the release confirmed */
707static int _sccp_handle_connection_release_complete(struct msgb *data)
708{
709 static int header_size = sizeof(struct sccp_connection_release_complete);
710
711 struct sccp_connection_release_complete *cmpl;
712 struct sccp_connection *conn;
713
714 /* header check */
715 if (msgb_l2len(data) < header_size) {
716 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
717 msgb_l2len(data), header_size);
718 return -1;
719 }
720
721 cmpl = (struct sccp_connection_release_complete *) data->l2h;
722
723 /* find the connection */
724 llist_for_each_entry(conn, &sccp_connections, list) {
725 if (conn->data_cb
726 && memcmp(&conn->source_local_reference,
727 &cmpl->destination_local_reference,
728 sizeof(conn->source_local_reference)) == 0
729 && memcmp(&conn->destination_local_reference,
730 &cmpl->source_local_reference,
731 sizeof(conn->destination_local_reference)) == 0) {
732 goto found;
733 }
734 }
735
736
737 DEBUGP(DSCCP, "Release complete of unknown connection\n");
738 return -1;
739
740found:
741 llist_del(&conn->list);
742 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_RELEASE_COMPLETE);
743 return 0;
744}
745
746/* Handle the Data Form 1 message */
747static int _sccp_handle_connection_dt1(struct msgb *data)
748{
749 static int variable_offset = offsetof(struct sccp_data_form1, variable_start);
750 static int header_size = sizeof(struct sccp_data_form1);
751
752 struct sccp_data_form1 *dt1 = (struct sccp_data_form1 *)data->l2h;
753 struct sccp_connection *conn;
754 int size;
755
756 /* we don't have enough size for the struct */
757 if (msgb_l2len(data) < header_size) {
758 DEBUGP(DSCCP, "msgb > header_size %u %u\n",
759 msgb_l2len(data), header_size);
760 return -1;
761 }
762
763 if (dt1->segmenting != 0) {
764 DEBUGP(DSCCP, "This packet has segmenting, not supported: %d\n", dt1->segmenting);
765 return -1;
766 }
767
768 /* lookup if we have a connection with the given reference */
769 llist_for_each_entry(conn, &sccp_connections, list) {
770 if (conn->data_cb
771 && memcmp(&conn->source_local_reference,
772 &dt1->destination_local_reference,
773 sizeof(conn->source_local_reference)) == 0) {
774
775 /* some more size checks in here */
776 if (msgb_l2len(data) < variable_offset + dt1->variable_start + 1) {
777 DEBUGP(DSCCP, "Not enough space for variable start: %u %u\n",
778 msgb_l2len(data), dt1->variable_start);
779 return -1;
780 }
781
782 size = data->l2h[variable_offset + dt1->variable_start];
783 data->l3h = &data->l2h[dt1->variable_start + variable_offset + 1];
784
785 if (msgb_l3len(data) < size) {
786 DEBUGP(DSCCP, "Not enough room for the payload: %u %u\n",
787 msgb_l3len(data), size);
788 return -1;
789 }
790
791 conn->data_cb(conn, data, size);
792 return 0;
793 }
794 }
795
796 DEBUGP(DSCCP, "No connection found for dt1 data\n");
797 return -1;
798}
799
800/* confirm a connection release */
801static int _sccp_send_connection_release_complete(struct sccp_connection *connection)
802{
803 struct msgb *msgb;
804 struct sccp_connection_release_complete *rlc;
805 int ret;
806
807 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
808 SCCP_MSG_HEADROOM, "sccp rlc");
809 msgb->l2h = &msgb->data[0];
810
811 rlc = (struct sccp_connection_release_complete *) msgb_put(msgb, sizeof(*rlc));
812 rlc->type = SCCP_MSG_TYPE_RLC;
813 memcpy(&rlc->destination_local_reference,
814 &connection->destination_local_reference, sizeof(struct sccp_source_reference));
815 memcpy(&rlc->source_local_reference,
816 &connection->source_local_reference, sizeof(struct sccp_source_reference));
817
818 ret = _send_msg(msgb);
819 msgb_free(msgb);
820
821 /*
822 * Remove from the list of active connections and set the state. User code
823 * should now free the entry.
824 */
825 llist_del(&connection->list);
826 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_RELEASE_COMPLETE);
827
828 return ret;
829}
830
831/* connection released, send a released confirm */
832static int _sccp_handle_connection_released(struct msgb *data)
833{
834 static int header_size = sizeof(struct sccp_connection_released);
835 static int optional_offset = offsetof(struct sccp_connection_released, optional_start);
836
837 struct sccp_optional_data optional_data;
838 struct sccp_connection_released *rls = (struct sccp_connection_released *)data->l2h;
839 struct sccp_connection *conn;
840
841 /* we don't have enough size for the struct */
842 if (msgb_l2len(data) < header_size) {
843 DEBUGP(DSCCP, "msgb > header_size %u %u\n",
844 msgb_l2len(data), header_size);
845 return -1;
846 }
847
848 /* lookup if we have a connection with the given reference */
849 llist_for_each_entry(conn, &sccp_connections, list) {
850 if (conn->data_cb
851 && memcmp(&conn->source_local_reference,
852 &rls->destination_local_reference,
853 sizeof(conn->source_local_reference)) == 0
854 && memcmp(&conn->destination_local_reference,
855 &rls->source_local_reference,
856 sizeof(conn->destination_local_reference)) == 0) {
857 goto found;
858 }
859 }
860
861
862 DEBUGP(DSCCP, "Unknown connection was released.\n");
863 return -1;
864
865 /* we have found a connection */
866found:
867 memset(&optional_data, 0, sizeof(optional_data));
868 if (_sccp_parse_optional_data(optional_offset + rls->optional_start, data, &optional_data) != 0) {
869 DEBUGP(DSCCP, "parsing of optional data failed.\n");
870 return -1;
871 }
872
873 /* optional data */
874 if (optional_data.data_len != 0 && conn->data_cb) {
875 data->l3h = &data->l2h[optional_data.data_start];
876 conn->data_cb(conn, data, optional_data.data_len);
877 }
878
879 /* generate a response */
880 if (_sccp_send_connection_release_complete(conn) != 0) {
881 DEBUGP(DSCCP, "Sending release confirmed failed\n");
882 return -1;
883 }
884
885 return 0;
886}
887
888static int _sccp_handle_connection_refused(struct msgb *msgb)
889{
890 static const u_int32_t header_size =
891 sizeof(struct sccp_connection_refused);
892 static int optional_offset = offsetof(struct sccp_connection_refused, optional_start);
893
894 struct sccp_optional_data optional_data;
895 struct sccp_connection *conn;
896 struct sccp_connection_refused *ref;
897
898 /* header check */
899 if (msgb_l2len(msgb) < header_size) {
900 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
901 msgb_l2len(msgb), header_size);
902 return -1;
903 }
904
905 ref = (struct sccp_connection_refused *) msgb->l2h;
906
907 /* lookup if we have a connection with the given reference */
908 llist_for_each_entry(conn, &sccp_connections, list) {
909 if (conn->incoming == 0 && conn->data_cb
910 && memcmp(&conn->source_local_reference,
911 &ref->destination_local_reference,
912 sizeof(conn->source_local_reference)) == 0) {
913 goto found;
914 }
915 }
916
917 DEBUGP(DSCCP, "Refused but no connection found\n");
918 return -1;
919
920found:
921 memset(&optional_data, 0, sizeof(optional_data));
922 if (_sccp_parse_optional_data(optional_offset + ref->optional_start, msgb, &optional_data) != 0) {
923 DEBUGP(DSCCP, "parsing of optional data failed.\n");
924 return -1;
925 }
926
927 /* optional data */
928 if (optional_data.data_len != 0 && conn->data_cb) {
929 msgb->l3h = &msgb->l2h[optional_data.data_start];
930 conn->data_cb(conn, msgb, optional_data.data_len);
931 }
932
933
934 llist_del(&conn->list);
935 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_REFUSED);
936 return 0;
937}
938
939static int _sccp_handle_connection_confirm(struct msgb *msgb)
940{
941 static u_int32_t header_size =
942 sizeof(struct sccp_connection_confirm);
943 static const u_int32_t optional_offset =
944 offsetof(struct sccp_connection_confirm, optional_start);
945
946 struct sccp_optional_data optional_data;
947 struct sccp_connection *conn;
948 struct sccp_connection_confirm *con;
949
950 /* header check */
951 if (msgb_l2len(msgb) < header_size) {
952 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
953 msgb_l2len(msgb), header_size);
954 return -1;
955 }
956
957 con = (struct sccp_connection_confirm *) msgb->l2h;
958
959 /* lookup if we have a connection with the given reference */
960 llist_for_each_entry(conn, &sccp_connections, list) {
961 if (conn->incoming == 0 && conn->data_cb
962 && memcmp(&conn->source_local_reference,
963 &con->destination_local_reference,
964 sizeof(conn->source_local_reference)) == 0) {
965 goto found;
966 }
967 }
968
969 DEBUGP(DSCCP, "Confirmed but no connection found\n");
970 return -1;
971
972found:
973 /* copy the addresses of the connection */
974 conn->destination_local_reference = con->source_local_reference;
975 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_ESTABLISHED);
976
977 memset(&optional_data, 0, sizeof(optional_data));
978 if (_sccp_parse_optional_data(optional_offset + con->optional_start, msgb, &optional_data) != 0) {
979 DEBUGP(DSCCP, "parsing of optional data failed.\n");
980 return -1;
981 }
982
983 /* optional data */
984 if (optional_data.data_len != 0 && conn->data_cb) {
985 msgb->l3h = &msgb->l2h[optional_data.data_start];
986 conn->data_cb(conn, msgb, optional_data.data_len);
987 }
988
989 return 0;
990}
991
992
993int sccp_system_init(int (*outgoing)(struct msgb *data, void *ctx), void *ctx)
994{
995 sccp_system.write_data = outgoing;
996 sccp_system.write_context = ctx;
997
998 return 0;
999}
1000
1001/* oh my god a real SCCP packet. need to dispatch it now */
1002int sccp_system_incoming(struct msgb *msgb)
1003{
1004 if (msgb_l2len(msgb) < 1 ) {
1005 DEBUGP(DSCCP, "Too short packet\n");
1006 return -1;
1007 }
1008
1009 int type = msgb->l2h[0];
1010
1011 switch(type) {
1012 case SCCP_MSG_TYPE_CR:
1013 return _sccp_handle_connection_request(msgb);
1014 break;
1015 case SCCP_MSG_TYPE_RLSD:
1016 return _sccp_handle_connection_released(msgb);
1017 break;
1018 case SCCP_MSG_TYPE_CREF:
1019 return _sccp_handle_connection_refused(msgb);
1020 break;
1021 case SCCP_MSG_TYPE_CC:
1022 return _sccp_handle_connection_confirm(msgb);
1023 break;
1024 case SCCP_MSG_TYPE_RLC:
1025 return _sccp_handle_connection_release_complete(msgb);
1026 break;
1027 case SCCP_MSG_TYPE_DT1:
1028 return _sccp_handle_connection_dt1(msgb);
1029 break;
1030 case SCCP_MSG_TYPE_UDT:
1031 return _sccp_handle_read(msgb);
1032 break;
1033 default:
1034 DEBUGP(DSCCP, "unimplemented msg type: %d\n", type);
1035 };
1036
1037 return -1;
1038}
1039
1040/* create a packet from the data */
1041int sccp_connection_write(struct sccp_connection *connection, struct msgb *data)
1042{
1043 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1044 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1045 DEBUGP(DSCCP, "sccp_connection_write: Wrong connection state: %p %d\n",
1046 connection, connection->connection_state);
1047 return -1;
1048 }
1049
1050 return _sccp_send_connection_data(connection, data);
1051}
1052
Holger Hans Peter Freyther3b9516e2009-11-18 22:11:28 +0100[diff] [blame]1053/*
1054 * Send a Inactivity Test message. The owner of the connection
1055 * should start a timer and call this method regularily. Calling
1056 * this every 60 seconds should be good enough.
1057 */
1058int sccp_connection_send_it(struct sccp_connection *connection)
1059{
1060 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1061 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1062 DEBUGP(DSCCP, "sccp_connection_write: Wrong connection state: %p %d\n",
1063 connection, connection->connection_state);
1064 return -1;
1065 }
1066
1067 return _sccp_send_connection_it(connection);
1068}
1069
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]1070/* send a connection release and wait for the connection released */
1071int sccp_connection_close(struct sccp_connection *connection, int cause)
1072{
1073 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1074 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1075 DEBUGPC(DSCCP, "Can not close the connection. It was never opened: %p %d\n",
1076 connection, connection->connection_state);
1077 return -1;
1078 }
1079
1080 return _sccp_send_connection_released(connection, cause);
1081}
1082
1083int sccp_connection_free(struct sccp_connection *connection)
1084{
1085 if (connection->connection_state > SCCP_CONNECTION_STATE_NONE
1086 && connection->connection_state < SCCP_CONNECTION_STATE_RELEASE_COMPLETE) {
1087 DEBUGP(DSCCP, "The connection needs to be released before it is freed");
1088 return -1;
1089 }
1090
1091 talloc_free(connection);
1092 return 0;
1093}
1094
1095struct sccp_connection *sccp_connection_socket(void)
1096{
1097 return talloc_zero(tall_sccp_ctx, struct sccp_connection);
1098}
1099
1100int sccp_connection_connect(struct sccp_connection *conn,
1101 const struct sockaddr_sccp *local,
1102 struct msgb *data)
1103{
1104 return _sccp_send_connection_request(conn, local, data);
1105}
1106
1107int sccp_connection_set_incoming(const struct sockaddr_sccp *sock,
1108 int (*accept_cb)(struct sccp_connection *, void *), void *context)
1109{
1110 struct sccp_data_callback *cb;
1111
1112 if (!sock)
1113 return -2;
1114
1115 cb = _find_ssn(sock->sccp_ssn);
1116 if (!cb)
1117 return -1;
1118
1119 cb->accept_cb = accept_cb;
1120 cb->accept_context = context;
1121 return 0;
1122}
1123
1124int sccp_write(struct msgb *data, const struct sockaddr_sccp *in,
1125 const struct sockaddr_sccp *out, int class)
1126{
1127 return _sccp_send_data(class, in, out, data);
1128}
1129
1130int sccp_set_read(const struct sockaddr_sccp *sock,
1131 int (*read_cb)(struct msgb *, unsigned int, void *), void *context)
1132{
1133 struct sccp_data_callback *cb;
1134
1135 if (!sock)
1136 return -2;
1137
1138 cb = _find_ssn(sock->sccp_ssn);
1139 if (!cb)
1140 return -1;
1141
1142 cb->read_cb = read_cb;
1143 cb->read_context = context;
1144 return 0;
1145}
1146
1147static_assert(sizeof(struct sccp_source_reference) <= sizeof(u_int32_t), enough_space);
1148
1149u_int32_t sccp_src_ref_to_int(struct sccp_source_reference *ref)
1150{
1151 u_int32_t src_ref = 0;
1152 memcpy(&src_ref, ref, sizeof(*ref));
1153 return src_ref;
1154}
1155
1156struct sccp_source_reference sccp_src_ref_from_int(u_int32_t int_ref)
1157{
1158 struct sccp_source_reference ref;
1159 memcpy(&ref, &int_ref, sizeof(ref));
1160 return ref;
1161}
1162
1163static __attribute__((constructor)) void on_dso_load(void)
1164{
1165 tall_sccp_ctx = talloc_named_const(NULL, 1, "sccp");
1166}
1167
1168static __attribute__((destructor)) void on_dso_unload(void)
1169{
1170 talloc_report_full(tall_sccp_ctx, stderr);
1171}