Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-mgw / 52f705eaab1b5e3212f04975218d75b6ac6b47a3 / . / openbsc / src / osmo-bsc_nat / bsc_nat_rewrite.c
blob: 54fc573b2f244b7309d7d58bb2458ea3dbccbeea [file] [log] [blame]
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]1/*
2 * Message rewriting functionality
3 */
4/*
Holger Hans Peter Freytherdbd94492013-04-02 12:34:11 +0200[diff] [blame]5 * (C) 2010-2013 by Holger Hans Peter Freyther <zecke@selfish.org>
6 * (C) 2010-2013 by On-Waves
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]7 * All Rights Reserved
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
18 *
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 *
22 */
23
24#include <openbsc/bsc_nat.h>
25#include <openbsc/bsc_nat_sccp.h>
26#include <openbsc/bsc_msc.h>
27#include <openbsc/gsm_data.h>
28#include <openbsc/debug.h>
29#include <openbsc/ipaccess.h>
Holger Hans Peter Freytherddf191e2013-06-25 11:44:01 +0200[diff] [blame]30#include <openbsc/nat_rewrite_trie.h>
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]31
32#include <osmocom/core/linuxlist.h>
33#include <osmocom/core/talloc.h>
34#include <osmocom/gsm/gsm0808.h>
35
36#include <osmocom/gsm/protocol/gsm_08_08.h>
37#include <osmocom/gsm/protocol/gsm_04_11.h>
38
39#include <osmocom/sccp/sccp.h>
40
Holger Hans Peter Freytherddf191e2013-06-25 11:44:01 +0200[diff] [blame]41static char *trie_lookup(struct nat_rewrite *trie, const char *number,
42 regoff_t off, void *ctx)
43{
44 struct nat_rewrite_rule *rule;
45
46 if (!trie) {
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]47 LOGP(DCC, LOGL_ERROR,
Holger Hans Peter Freytherddf191e2013-06-25 11:44:01 +0200[diff] [blame]48 "Asked to do a table lookup but no table.\n");
49 return NULL;
50 }
51
52 rule = nat_rewrite_lookup(trie, number);
53 if (!rule) {
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]54 LOGP(DCC, LOGL_DEBUG,
Holger Hans Peter Freytherddf191e2013-06-25 11:44:01 +0200[diff] [blame]55 "Couldn't find a prefix rule for %s\n", number);
56 return NULL;
57 }
58
59 return talloc_asprintf(ctx, "%s%s", rule->rewrite, &number[off]);
60}
61
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]62static char *match_and_rewrite_number(void *ctx, const char *number,
Holger Hans Peter Freytherddf191e2013-06-25 11:44:01 +0200[diff] [blame]63 const char *imsi, struct llist_head *list,
64 struct nat_rewrite *trie)
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]65{
66 struct bsc_nat_num_rewr_entry *entry;
67 char *new_number = NULL;
68
69 /* need to find a replacement and then fix it */
70 llist_for_each_entry(entry, list, list) {
71 regmatch_t matches[2];
72
73 /* check the IMSI match */
74 if (regexec(&entry->msisdn_reg, imsi, 0, NULL, 0) != 0)
75 continue;
76
77 /* this regexp matches... */
Holger Hans Peter Freytherddf191e2013-06-25 11:44:01 +0200[diff] [blame]78 if (regexec(&entry->num_reg, number, 2, matches, 0) == 0
79 && matches[1].rm_eo != -1) {
80 if (entry->is_prefix_lookup)
81 new_number = trie_lookup(trie, number,
82 matches[1].rm_so, ctx);
83 else
84 new_number = talloc_asprintf(ctx, "%s%s",
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]85 entry->replace,
86 &number[matches[1].rm_so]);
Holger Hans Peter Freytherddf191e2013-06-25 11:44:01 +0200[diff] [blame]87 }
88
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]89 if (new_number)
90 break;
91 }
92
93 return new_number;
94}
95
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]96static char *rewrite_isdn_number(struct bsc_nat *nat, struct llist_head *rewr_list,
97 void *ctx, const char *imsi,
98 struct gsm_mncc_number *called)
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]99{
Holger Hans Peter Freyther73460812013-07-05 07:50:30 +0200[diff] [blame]100 char int_number[sizeof(called->number) + 2];
Holger Hans Peter Freytherdbd94492013-04-02 12:34:11 +0200[diff] [blame]101 char *number = called->number;
102
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]103 if (llist_empty(&nat->num_rewr)) {
104 LOGP(DCC, LOGL_DEBUG, "Rewrite rules empty.\n");
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]105 return NULL;
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]106 }
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]107
Holger Hans Peter Freytherdbd94492013-04-02 12:34:11 +0200[diff] [blame]108 /* only ISDN plan */
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]109 if (called->plan != 1) {
110 LOGP(DCC, LOGL_DEBUG, "Called plan is not 1 it was %d\n",
111 called->plan);
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]112 return NULL;
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]113 }
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]114
Holger Hans Peter Freytherdbd94492013-04-02 12:34:11 +0200[diff] [blame]115 /* international, prepend */
116 if (called->type == 1) {
Holger Hans Peter Freytherdbd94492013-04-02 12:34:11 +0200[diff] [blame]117 int_number[0] = '+';
118 memcpy(&int_number[1], number, strlen(number) + 1);
119 number = int_number;
120 }
121
122 return match_and_rewrite_number(ctx, number,
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]123 imsi, rewr_list, nat->num_rewr_trie);
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]124}
125
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]126static void update_called_number(struct gsm_mncc_number *called,
127 const char *chosen_number)
128{
129 if (strncmp(chosen_number, "00", 2) == 0) {
130 called->type = 1;
131 strncpy(called->number, chosen_number + 2, sizeof(called->number));
132 } else {
133 /* rewrite international to unknown */
134 if (called->type == 1)
135 called->type = 0;
136 strncpy(called->number, chosen_number, sizeof(called->number));
137 }
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]138
139 called->number[sizeof(called->number) - 1] = '\0';
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]140}
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]141
142/**
143 * Rewrite non global numbers... according to rules based on the IMSI
144 */
145static struct msgb *rewrite_setup(struct bsc_nat *nat, struct msgb *msg,
146 struct bsc_nat_parsed *parsed, const char *imsi,
147 struct gsm48_hdr *hdr48, const uint32_t len)
148{
149 struct tlv_parsed tp;
150 unsigned int payload_len;
151 struct gsm_mncc_number called;
152 struct msgb *out;
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]153 char *new_number_pre = NULL, *new_number_post = NULL, *chosen_number;
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]154 uint8_t *outptr;
155 const uint8_t *msgptr;
156 int sec_len;
157
158 /* decode and rewrite the message */
159 payload_len = len - sizeof(*hdr48);
160 tlv_parse(&tp, &gsm48_att_tlvdef, hdr48->data, payload_len, 0, 0);
161
162 /* no number, well let us ignore it */
163 if (!TLVP_PRESENT(&tp, GSM48_IE_CALLED_BCD))
164 return NULL;
165
166 memset(&called, 0, sizeof(called));
167 gsm48_decode_called(&called,
168 TLVP_VAL(&tp, GSM48_IE_CALLED_BCD) - 1);
169
170 /* check if it looks international and stop */
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]171 LOGP(DCC, LOGL_DEBUG,
172 "Pre-Rewrite for IMSI(%s) Plan(%d) Type(%d) Number(%s)\n",
173 imsi, called.plan, called.type, called.number);
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]174 new_number_pre = rewrite_isdn_number(nat, &nat->num_rewr, msg, imsi, &called);
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]175
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]176 if (!new_number_pre) {
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]177 LOGP(DCC, LOGL_DEBUG, "No IMSI(%s) match found, returning message.\n",
178 imsi);
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]179 return NULL;
180 }
181
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]182 if (strlen(new_number_pre) > sizeof(called.number)) {
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]183 LOGP(DCC, LOGL_ERROR, "Number %s is too long for structure.\n",
184 new_number_pre);
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]185 talloc_free(new_number_pre);
186 return NULL;
187 }
188 update_called_number(&called, new_number_pre);
189
190 /* another run through the re-write engine with other rules */
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]191 LOGP(DCC, LOGL_DEBUG,
192 "Post-Rewrite for IMSI(%s) Plan(%d) Type(%d) Number(%s)\n",
193 imsi, called.plan, called.type, called.number);
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]194 new_number_post = rewrite_isdn_number(nat, &nat->num_rewr_post, msg,
195 imsi, &called);
196 chosen_number = new_number_post ? new_number_post : new_number_pre;
197
198
199 if (strlen(chosen_number) > sizeof(called.number)) {
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]200 LOGP(DCC, LOGL_ERROR, "Number %s is too long for structure.\n",
201 chosen_number);
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]202 talloc_free(new_number_pre);
203 talloc_free(new_number_post);
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]204 return NULL;
205 }
206
207 /*
208 * Need to create a new message now based on the old onew
209 * with a new number. We can sadly not patch this in place
210 * so we will need to regenerate it.
211 */
212
213 out = msgb_alloc_headroom(4096, 128, "changed-setup");
214 if (!out) {
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]215 LOGP(DCC, LOGL_ERROR, "Failed to allocate.\n");
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]216 talloc_free(new_number_pre);
217 talloc_free(new_number_post);
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]218 return NULL;
219 }
220
221 /* copy the header */
222 outptr = msgb_put(out, sizeof(*hdr48));
223 memcpy(outptr, hdr48, sizeof(*hdr48));
224
225 /* copy everything up to the number */
226 sec_len = TLVP_VAL(&tp, GSM48_IE_CALLED_BCD) - 2 - &hdr48->data[0];
227 outptr = msgb_put(out, sec_len);
228 memcpy(outptr, &hdr48->data[0], sec_len);
229
230 /* create the new number */
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]231 update_called_number(&called, chosen_number);
Holger Hans Peter Freyther52f705e2013-07-24 07:46:06 +0200[diff] [blame^]232 LOGP(DCC, LOGL_DEBUG,
233 "Chosen number for IMSI(%s) is Plan(%d) Type(%d) Number(%s)\n",
234 imsi, called.plan, called.type, called.number);
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]235 gsm48_encode_called(out, &called);
236
237 /* copy thre rest */
238 msgptr = TLVP_VAL(&tp, GSM48_IE_CALLED_BCD) +
239 TLVP_LEN(&tp, GSM48_IE_CALLED_BCD);
240 sec_len = payload_len - (msgptr - &hdr48->data[0]);
241 outptr = msgb_put(out, sec_len);
242 memcpy(outptr, msgptr, sec_len);
243
Holger Hans Peter Freyther67e423c2013-06-25 15:38:31 +0200[diff] [blame]244 talloc_free(new_number_pre);
245 talloc_free(new_number_post);
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]246 return out;
247}
248
249/**
250 * Find a new SMSC address, returns an allocated string that needs to be
251 * freed or is NULL.
252 */
253static char *find_new_smsc(struct bsc_nat *nat, void *ctx, const char *imsi,
254 const char *smsc_addr, const char *dest_nr)
255{
256 struct bsc_nat_num_rewr_entry *entry;
257 char *new_number = NULL;
258 uint8_t dest_match = llist_empty(&nat->tpdest_match);
259
260 /* We will find a new number now */
261 llist_for_each_entry(entry, &nat->smsc_rewr, list) {
262 regmatch_t matches[2];
263
264 /* check the IMSI match */
265 if (regexec(&entry->msisdn_reg, imsi, 0, NULL, 0) != 0)
266 continue;
267
268 /* this regexp matches... */
269 if (regexec(&entry->num_reg, smsc_addr, 2, matches, 0) == 0 &&
270 matches[1].rm_eo != -1)
271 new_number = talloc_asprintf(ctx, "%s%s",
272 entry->replace,
273 &smsc_addr[matches[1].rm_so]);
274 if (new_number)
275 break;
276 }
277
278 if (!new_number)
279 return NULL;
280
281 /*
282 * now match the number against another list
283 */
284 llist_for_each_entry(entry, &nat->tpdest_match, list) {
285 /* check the IMSI match */
286 if (regexec(&entry->msisdn_reg, imsi, 0, NULL, 0) != 0)
287 continue;
288
289 if (regexec(&entry->num_reg, dest_nr, 0, NULL, 0) == 0) {
290 dest_match = 1;
291 break;
292 }
293 }
294
295 if (!dest_match) {
296 talloc_free(new_number);
297 return NULL;
298 }
299
300 return new_number;
301}
302
303/**
304 * Clear the TP-SRR from the TPDU header
305 */
306static uint8_t sms_new_tpdu_hdr(struct bsc_nat *nat, const char *imsi,
307 const char *dest_nr, uint8_t hdr)
308{
309 struct bsc_nat_num_rewr_entry *entry;
310
311 /* We will find a new number now */
312 llist_for_each_entry(entry, &nat->sms_clear_tp_srr, list) {
313 /* check the IMSI match */
314 if (regexec(&entry->msisdn_reg, imsi, 0, NULL, 0) != 0)
315 continue;
316 if (regexec(&entry->num_reg, dest_nr, 0, NULL, 0) != 0)
317 continue;
318
319 /* matched phone number and imsi */
320 return hdr & ~0x20;
321 }
322
323 return hdr;
324}
325
326/**
327 * Check if we need to rewrite the number. For this SMS.
328 */
329static char *sms_new_dest_nr(struct bsc_nat *nat, void *ctx,
330 const char *imsi, const char *dest_nr)
331{
332 return match_and_rewrite_number(ctx, dest_nr, imsi,
Holger Hans Peter Freytherddf191e2013-06-25 11:44:01 +0200[diff] [blame]333 &nat->sms_num_rewr, NULL);
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]334}
335
336/**
337 * This is a helper for GSM 04.11 8.2.5.2 Destination address element
338 */
339void sms_encode_addr_element(struct msgb *out, const char *new_number,
340 int format, int tp_data)
341{
342 uint8_t new_addr_len;
343 uint8_t new_addr[26];
344
345 /*
346 * Copy the new number. We let libosmocore encode it, then set
347 * the extension followed after the length. Depending on if
348 * we want to write RP we will let the TLV code add the
349 * length for us or we need to use strlen... This is not very clear
350 * as of 03.40 and 04.11.
351 */
352 new_addr_len = gsm48_encode_bcd_number(new_addr, ARRAY_SIZE(new_addr),
353 1, new_number);
354 new_addr[1] = format;
355 if (tp_data) {
356 uint8_t *data = msgb_put(out, new_addr_len);
357 memcpy(data, new_addr, new_addr_len);
358 data[0] = strlen(new_number);
359 } else {
360 msgb_lv_put(out, new_addr_len - 1, new_addr + 1);
361 }
362}
363
364static struct msgb *sms_create_new(uint8_t type, uint8_t ref,
365 struct gsm48_hdr *old_hdr48,
366 const uint8_t *orig_addr_ptr,
367 int orig_addr_len, const char *new_number,
368 const uint8_t *data_ptr, int data_len,
369 uint8_t tpdu_first_byte,
370 const int old_dest_len, const char *new_dest_nr)
371{
372 struct gsm48_hdr *new_hdr48;
373 struct msgb *out;
374
375 /*
376 * We need to re-create the patched structure. This is why we have
377 * saved the above pointers.
378 */
379 out = msgb_alloc_headroom(4096, 128, "changed-smsc");
380 if (!out) {
381 LOGP(DNAT, LOGL_ERROR, "Failed to allocate.\n");
382 return NULL;
383 }
384
385 out->l2h = out->data;
386 msgb_v_put(out, GSM411_MT_RP_DATA_MO);
387 msgb_v_put(out, ref);
388 msgb_lv_put(out, orig_addr_len, orig_addr_ptr);
389
390 sms_encode_addr_element(out, new_number, 0x91, 0);
391
392
393 /* Patch the TPDU from here on */
394
395 /**
396 * Do we need to put a new TP-Destination-Address (TP-DA) here or
397 * can we copy the old thing? For the TP-DA we need to find out the
398 * new size.
399 */
400 if (new_dest_nr) {
401 uint8_t *data, *new_size;
402
403 /* reserve the size and write the header */
404 new_size = msgb_put(out, 1);
405 out->l3h = new_size + 1;
406 msgb_v_put(out, tpdu_first_byte);
407 msgb_v_put(out, data_ptr[1]);
408
409 /* encode the new number and put it */
410 if (strncmp(new_dest_nr, "00", 2) == 0)
411 sms_encode_addr_element(out, new_dest_nr + 2, 0x91, 1);
412 else
413 sms_encode_addr_element(out, new_dest_nr, 0x81, 1);
414
415 /* Copy the rest after the TP-DS */
416 data = msgb_put(out, data_len - 2 - 1 - old_dest_len);
417 memcpy(data, &data_ptr[2 + 1 + old_dest_len], data_len - 2 - 1 - old_dest_len);
418
419 /* fill in the new size */
420 new_size[0] = msgb_l3len(out);
421 } else {
422 msgb_v_put(out, data_len);
423 msgb_tv_fixed_put(out, tpdu_first_byte, data_len - 1, &data_ptr[1]);
424 }
425
426 /* prepend GSM 04.08 header */
427 new_hdr48 = (struct gsm48_hdr *) msgb_push(out, sizeof(*new_hdr48) + 1);
428 memcpy(new_hdr48, old_hdr48, sizeof(*old_hdr48));
429 new_hdr48->data[0] = msgb_l2len(out);
430
431 return out;
432}
433
434/**
435 * Parse the SMS and check if it needs to be rewritten
436 */
437static struct msgb *rewrite_sms(struct bsc_nat *nat, struct msgb *msg,
438 struct bsc_nat_parsed *parsed, const char *imsi,
439 struct gsm48_hdr *hdr48, const uint32_t len)
440{
441 unsigned int payload_len;
442 unsigned int cp_len;
443
444 uint8_t ref;
445 uint8_t orig_addr_len, *orig_addr_ptr;
446 uint8_t dest_addr_len, *dest_addr_ptr;
447 uint8_t data_len, *data_ptr;
448 char smsc_addr[30];
449
450
451 uint8_t dest_len, orig_dest_len;
452 char _dest_nr[30];
453 char *dest_nr;
454 char *new_dest_nr;
455
456 char *new_number = NULL;
457 uint8_t tpdu_hdr;
458 struct msgb *out;
459
460 payload_len = len - sizeof(*hdr48);
461 if (payload_len < 1) {
462 LOGP(DNAT, LOGL_ERROR, "SMS too short for things. %d\n", payload_len);
463 return NULL;
464 }
465
466 cp_len = hdr48->data[0];
467 if (payload_len + 1 < cp_len) {
468 LOGP(DNAT, LOGL_ERROR, "SMS RPDU can not fit in: %d %d\n", cp_len, payload_len);
469 return NULL;
470 }
471
472 if (hdr48->data[1] != GSM411_MT_RP_DATA_MO)
473 return NULL;
474
475 if (cp_len < 5) {
476 LOGP(DNAT, LOGL_ERROR, "RD-DATA can not fit in the CP len: %d\n", cp_len);
477 return NULL;
478 }
479
480 /* RP */
481 ref = hdr48->data[2];
482 orig_addr_len = hdr48->data[3];
483 orig_addr_ptr = &hdr48->data[4];
484
485 /* the +1 is for checking if the following element has some space */
486 if (cp_len < 3 + orig_addr_len + 1) {
487 LOGP(DNAT, LOGL_ERROR, "RP-Originator addr does not fit: %d\n", orig_addr_len);
488 return NULL;
489 }
490
491 dest_addr_len = hdr48->data[3 + orig_addr_len + 1];
492 dest_addr_ptr = &hdr48->data[3 + orig_addr_len + 2];
493
494 if (cp_len < 3 + orig_addr_len + 1 + dest_addr_len + 1) {
495 LOGP(DNAT, LOGL_ERROR, "RP-Destination addr does not fit: %d\n", dest_addr_len);
496 return NULL;
497 }
498 gsm48_decode_bcd_number(smsc_addr, ARRAY_SIZE(smsc_addr), dest_addr_ptr - 1, 1);
499
500 data_len = hdr48->data[3 + orig_addr_len + 1 + dest_addr_len + 1];
501 data_ptr = &hdr48->data[3 + orig_addr_len + 1 + dest_addr_len + 2];
502
503 if (cp_len < 3 + orig_addr_len + 1 + dest_addr_len + 1 + data_len) {
504 LOGP(DNAT, LOGL_ERROR, "RP-Data does not fit: %d\n", data_len);
505 return NULL;
506 }
507
508 if (data_len < 3) {
509 LOGP(DNAT, LOGL_ERROR, "SMS-SUBMIT is too short.\n");
510 return NULL;
511 }
512
513 /* TP-PDU starts here */
514 if ((data_ptr[0] & 0x03) != GSM340_SMS_SUBMIT_MS2SC)
515 return NULL;
516
517 /*
518 * look into the phone number. The length is in semi-octets, we will
519 * need to add the byte for the number type as well.
520 */
521 orig_dest_len = data_ptr[2];
522 dest_len = ((orig_dest_len + 1) / 2) + 1;
523 if (data_len < dest_len + 3 || dest_len < 2) {
524 LOGP(DNAT, LOGL_ERROR, "SMS-SUBMIT can not have TP-DestAddr.\n");
525 return NULL;
526 }
527
528 if ((data_ptr[3] & 0x80) == 0) {
529 LOGP(DNAT, LOGL_ERROR, "TP-DestAddr has extension. Not handled.\n");
530 return NULL;
531 }
532
533 if ((data_ptr[3] & 0x0F) == 0) {
534 LOGP(DNAT, LOGL_ERROR, "TP-DestAddr is of unknown type.\n");
535 return NULL;
536 }
537
538 /**
539 * Besides of what I think I read in GSM 03.40 and 04.11 the TP-DA
540 * contains the semi-octets as length (strlen), change it to the
541 * the number of bytes, but then change it back.
542 */
543 data_ptr[2] = dest_len;
544 gsm48_decode_bcd_number(_dest_nr + 2, ARRAY_SIZE(_dest_nr) - 2,
545 &data_ptr[2], 1);
546 data_ptr[2] = orig_dest_len;
547 if ((data_ptr[3] & 0x70) == 0x10) {
548 _dest_nr[0] = _dest_nr[1] = '0';
549 dest_nr = &_dest_nr[0];
550 } else {
551 dest_nr = &_dest_nr[2];
552 }
553
554 /**
555 * Call functions to rewrite the data
556 */
557 tpdu_hdr = sms_new_tpdu_hdr(nat, imsi, dest_nr, data_ptr[0]);
558 new_number = find_new_smsc(nat, msg, imsi, smsc_addr, dest_nr);
559 new_dest_nr = sms_new_dest_nr(nat, msg, imsi, dest_nr);
560
561 if (tpdu_hdr == data_ptr[0] && !new_number && !new_dest_nr)
562 return NULL;
563
564 out = sms_create_new(GSM411_MT_RP_DATA_MO, ref, hdr48,
565 orig_addr_ptr, orig_addr_len,
566 new_number ? new_number : smsc_addr,
567 data_ptr, data_len, tpdu_hdr,
568 dest_len, new_dest_nr);
569 talloc_free(new_number);
570 talloc_free(new_dest_nr);
571 return out;
572}
573
574struct msgb *bsc_nat_rewrite_msg(struct bsc_nat *nat, struct msgb *msg, struct bsc_nat_parsed *parsed, const char *imsi)
575{
576 struct gsm48_hdr *hdr48;
577 uint32_t len;
578 uint8_t msg_type, proto;
579 struct msgb *new_msg = NULL, *sccp;
580 uint8_t link_id;
581
582 if (!imsi || strlen(imsi) < 5)
583 return msg;
584
585 /* only care about DTAP messages */
586 if (parsed->bssap != BSSAP_MSG_DTAP)
587 return msg;
588 if (!parsed->dest_local_ref)
589 return msg;
590
591 hdr48 = bsc_unpack_dtap(parsed, msg, &len);
592 if (!hdr48)
593 return msg;
594
595 link_id = msg->l3h[1];
596 proto = hdr48->proto_discr & 0x0f;
597 msg_type = hdr48->msg_type & 0xbf;
598
599 if (proto == GSM48_PDISC_CC && msg_type == GSM48_MT_CC_SETUP)
600 new_msg = rewrite_setup(nat, msg, parsed, imsi, hdr48, len);
601 else if (proto == GSM48_PDISC_SMS && msg_type == GSM411_MT_CP_DATA)
602 new_msg = rewrite_sms(nat, msg, parsed, imsi, hdr48, len);
603
604 if (!new_msg)
605 return msg;
606
607 /* wrap with DTAP, SCCP, then IPA. TODO: Stop copying */
608 gsm0808_prepend_dtap_header(new_msg, link_id);
609 sccp = sccp_create_dt1(parsed->dest_local_ref, new_msg->data, new_msg->len);
610 talloc_free(new_msg);
611
612 if (!sccp) {
613 LOGP(DNAT, LOGL_ERROR, "Failed to allocate.\n");
614 return msg;
615 }
616
617 ipaccess_prepend_header(sccp, IPAC_PROTO_SCCP);
618
619 /* the parsed hangs off from msg but it needs to survive */
620 talloc_steal(sccp, parsed);
621 msgb_free(msg);
622 return sccp;
623}
624
625static void num_rewr_free_data(struct bsc_nat_num_rewr_entry *entry)
626{
627 regfree(&entry->msisdn_reg);
628 regfree(&entry->num_reg);
629 talloc_free(entry->replace);
630}
631
632void bsc_nat_num_rewr_entry_adapt(void *ctx, struct llist_head *head,
633 const struct osmo_config_list *list)
634{
635 struct bsc_nat_num_rewr_entry *entry, *tmp;
636 struct osmo_config_entry *cfg_entry;
637
638 /* free the old data */
639 llist_for_each_entry_safe(entry, tmp, head, list) {
640 num_rewr_free_data(entry);
641 llist_del(&entry->list);
642 talloc_free(entry);
643 }
644
645
646 if (!list)
647 return;
648
649 llist_for_each_entry(cfg_entry, &list->entry, list) {
650 char *regexp;
651 if (cfg_entry->text[0] == '+') {
652 LOGP(DNAT, LOGL_ERROR,
653 "Plus is not allowed in the number\n");
654 continue;
655 }
656
657 entry = talloc_zero(ctx, struct bsc_nat_num_rewr_entry);
658 if (!entry) {
659 LOGP(DNAT, LOGL_ERROR,
Holger Hans Peter Freyther6fbd8642013-01-01 11:25:16 +0100[diff] [blame]660 "Allocation of the num_rewr entry failed.\n");
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]661 continue;
662 }
663
664 entry->replace = talloc_strdup(entry, cfg_entry->text);
665 if (!entry->replace) {
666 LOGP(DNAT, LOGL_ERROR,
667 "Failed to copy the replacement text.\n");
668 talloc_free(entry);
669 continue;
670 }
671
Holger Hans Peter Freytherddf191e2013-06-25 11:44:01 +0200[diff] [blame]672 if (strcmp("prefix_lookup", entry->replace) == 0)
673 entry->is_prefix_lookup = 1;
674
Holger Hans Peter Freyther6ecb3cb2012-12-17 13:25:36 +0100[diff] [blame]675 /* we will now build a regexp string */
676 if (cfg_entry->mcc[0] == '^') {
677 regexp = talloc_strdup(entry, cfg_entry->mcc);
678 } else {
679 regexp = talloc_asprintf(entry, "^%s%s",
680 cfg_entry->mcc[0] == '*' ?
681 "[0-9][0-9][0-9]" : cfg_entry->mcc,
682 cfg_entry->mnc[0] == '*' ?
683 "[0-9][0-9]" : cfg_entry->mnc);
684 }
685
686 if (!regexp) {
687 LOGP(DNAT, LOGL_ERROR, "Failed to create a regexp string.\n");
688 talloc_free(entry);
689 continue;
690 }
691
692 if (regcomp(&entry->msisdn_reg, regexp, 0) != 0) {
693 LOGP(DNAT, LOGL_ERROR,
694 "Failed to compile regexp '%s'\n", regexp);
695 talloc_free(regexp);
696 talloc_free(entry);
697 continue;
698 }
699
700 talloc_free(regexp);
701 if (regcomp(&entry->num_reg, cfg_entry->option, REG_EXTENDED) != 0) {
702 LOGP(DNAT, LOGL_ERROR,
703 "Failed to compile regexp '%s'\n", cfg_entry->option);
704 regfree(&entry->msisdn_reg);
705 talloc_free(entry);
706 continue;
707 }
708
709 /* we have copied the number */
710 llist_add_tail(&entry->list, head);
711 }
712}