Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-mgw / a8cd2e6b0e73f556146fab366b36667c9d856c95 / . / openbsc / src / sccp / sccp.c
blob: 2d43aac2614d5718086146c19d89bc764803c747 [file] [log] [blame]
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]1/*
2 * SCCP management code
3 *
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame]4 * (C) 2009, 2010 by Holger Hans Peter Freyther <zecke@selfish.org>
5 * (C) 2009, 2010 by on-waves.com
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]6 *
7 * All Rights Reserved
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 *
23 */
24
25#include <string.h>
26
27#include <sccp/sccp.h>
28
29#include <openbsc/debug.h>
30#include <openbsc/talloc.h>
31#include <openbsc/linuxlist.h>
32
33static void *tall_sccp_ctx;
34static LLIST_HEAD(sccp_connections);
35
36#define SCCP_MSG_SIZE 4096
37#define SCCP_MSG_HEADROOM 128
38
39/* global data */
40const struct sockaddr_sccp sccp_ssn_bssap = {
41 .sccp_family = 0,
42 .sccp_ssn = SCCP_SSN_BSSAP,
43};
44
45struct sccp_system {
46 /* layer3 -> layer2 */
47 int (*write_data)(struct msgb *data, void *context);
48 void *write_context;
49};
50
51
52static struct sccp_system sccp_system = {
53 .write_data = NULL,
54};
55
56struct sccp_data_callback {
57 /* connection based */
58 int (*accept_cb)(struct sccp_connection *, void *);
59 void *accept_context;
60
61 /* connection less */
62 int (*read_cb)(struct msgb *, unsigned int, void *);
63 void *read_context;
64
65 u_int8_t ssn;
66 struct llist_head callback;
67};
68
69static LLIST_HEAD(sccp_callbacks);
70
71static struct sccp_data_callback *_find_ssn(u_int8_t ssn)
72{
73 struct sccp_data_callback *cb;
74
75 llist_for_each_entry(cb, &sccp_callbacks, callback) {
76 if (cb->ssn == ssn)
77 return cb;
78 }
79
80 /* need to add one */
81 cb = talloc_zero(tall_sccp_ctx, struct sccp_data_callback);
82 if (!cb) {
83 DEBUGP(DSCCP, "Failed to allocate sccp callback.\n");
84 return NULL;
85 }
86
87 cb->ssn = ssn;
88 llist_add_tail(&cb->callback, &sccp_callbacks);
89 return cb;
90}
91
92
93static int _send_msg(struct msgb *msg)
94{
95 return sccp_system.write_data(msg, sccp_system.write_context);
96}
97
98/*
99 * parsing routines
100 */
101static int copy_address(struct sccp_address *addr, u_int8_t offset, struct msgb *msgb)
102{
103 struct sccp_called_party_address *party;
104
105 int room = msgb_l2len(msgb) - offset;
106 u_int8_t read = 0;
107 u_int8_t length;
108
109 if (room <= 0) {
110 DEBUGP(DSCCP, "Not enough room for an address: %u\n", room);
111 return -1;
112 }
113
114 length = msgb->l2h[offset];
115 if (room <= length) {
116 DEBUGP(DSCCP, "Not enough room for optional data %u %u\n", room, length);
117 return -1;
118 }
119
120
121 party = (struct sccp_called_party_address *)(msgb->l2h + offset + 1);
122 if (party->point_code_indicator) {
123 if (length <= read + 2) {
124 DEBUGP(DSCCP, "POI does not fit %u\n", length);
125 return -1;
126 }
127
128
129 memcpy(&addr->poi, &party->data[read], 2);
130 read += 2;
131 }
132
133 if (party->ssn_indicator) {
134 if (length <= read + 1) {
135 DEBUGP(DSCCP, "SSN does not fit %u\n", length);
136 return -1;
137 }
138
139 addr->ssn = party->data[read];
140 read += 1;
141 }
142
143 if (party->global_title_indicator) {
144 DEBUGP(DSCCP, "GTI not supported %u\n", *(u_int8_t *)party);
145 return -1;
146 }
147
148 addr->address = *party;
149 return 0;
150}
151
152static int check_address(struct sccp_address *addr)
153{
154 /* ignore point_code_indicator... it should be zero... but */
155 if (addr->address.ssn_indicator != 1
156 || addr->address.global_title_indicator == 1
157 || addr->address.routing_indicator != 1) {
158 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
159 *(u_int8_t *)&addr->address, addr->ssn);
160 return -1;
161 }
162
163 return 0;
164}
165
166static int _sccp_parse_optional_data(const int offset,
167 struct msgb *msgb, struct sccp_optional_data *data)
168{
169 u_int16_t room = msgb_l2len(msgb) - offset;
170 u_int16_t read = 0;
171
172 while (room > read) {
173 u_int8_t type = msgb->l2h[offset + read];
174 if (type == SCCP_PNC_END_OF_OPTIONAL)
175 return 0;
176
177 if (read + 1 >= room) {
178 DEBUGP(DSCCP, "no place for length\n");
179 return 0;
180 }
181
182 u_int8_t length = msgb->l2h[offset + read + 1];
183 read += 2 + length;
184
185
186 if (room <= read) {
187 DEBUGP(DSCCP, "no space for the data: type: %d read: %d room: %d l2: %d\n",
188 type, read, room, msgb_l2len(msgb));
189 return 0;
190 }
191
192 if (type == SCCP_PNC_DATA) {
193 data->data_len = length;
194 data->data_start = offset + read - length;
195 }
196
197 }
198
199 return -1;
200}
201
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]202int _sccp_parse_connection_request(struct msgb *msgb, struct sccp_parse_result *result)
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame]203{
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]204 static const u_int32_t header_size =
205 sizeof(struct sccp_connection_request);
206 static const u_int32_t optional_offset =
207 offsetof(struct sccp_connection_request, optional_start);
208 static const u_int32_t called_offset =
209 offsetof(struct sccp_connection_request, variable_called);
210
211 struct sccp_connection_request *req = (struct sccp_connection_request *)msgb->data;
212 struct sccp_optional_data optional_data;
213
214 /* header check */
215 if (msgb_l2len(msgb) < header_size) {
216 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
217 msgb_l2len(msgb), header_size);
218 return -1;
219 }
220
221 /* copy out the calling and called address. Add the offset */
222 if (copy_address(&result->called, called_offset + req->variable_called, msgb) != 0)
223 return -1;
224
225 if (check_address(&result->called) != 0) {
226 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
227 *(u_int8_t *)&result->called.address, result->called.ssn);
228 return -1;
229 }
230
231 result->source_local_reference = &req->source_local_reference;
232
233 /*
234 * parse optional data.
235 */
236 memset(&optional_data, 0, sizeof(optional_data));
237 if (_sccp_parse_optional_data(optional_offset + req->optional_start, msgb, &optional_data) != 0) {
238 DEBUGP(DSCCP, "parsing of optional data failed.\n");
239 return -1;
240 }
241
242 if (optional_data.data_len != 0) {
243 msgb->l3h = &msgb->l2h[optional_data.data_start];
244 result->data_len = optional_data.data_len;
245 } else {
246 result->data_len = 0;
247 }
248
249 return 0;
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame]250}
251
252int _sccp_parse_connection_released(struct msgb *msg, struct sccp_parse_result *result)
253{
254 return -1;
255}
256
257int _sccp_parse_connection_refused(struct msgb *msg, struct sccp_parse_result *result)
258{
259 return -1;
260}
261
262int _sccp_parse_connection_confirm(struct msgb *msg, struct sccp_parse_result *result)
263{
264 return -1;
265}
266
267int _sccp_parse_connection_release_complete(struct msgb *msg, struct sccp_parse_result *result)
268{
269 return -1;
270}
271
272int _sccp_parse_connection_dt1(struct msgb *msg, struct sccp_parse_result *result)
273{
274 return -1;
275}
276
277int _sccp_parse_udt(struct msgb *msgb, struct sccp_parse_result *result)
278{
279 static const u_int32_t header_size = sizeof(struct sccp_data_unitdata);
280 static const u_int32_t called_offset = offsetof(struct sccp_data_unitdata, variable_called);
281 static const u_int32_t calling_offset = offsetof(struct sccp_data_unitdata, variable_calling);
282 static const u_int32_t data_offset = offsetof(struct sccp_data_unitdata, variable_data);
283
284 struct sccp_data_unitdata *udt = (struct sccp_data_unitdata *)msgb->l2h;
285
286 if (msgb_l2len(msgb) < header_size) {
287 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
288 msgb_l2len(msgb), header_size);
289 return -1;
290 }
291
292 /* copy out the calling and called address. Add the off */
293 if (copy_address(&result->called, called_offset + udt->variable_called, msgb) != 0)
294 return -1;
295
296 if (check_address(&result->called) != 0) {
297 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
298 *(u_int8_t *)&result->called.address, result->called.ssn);
299 return -1;
300 }
301
302 if (copy_address(&result->calling, calling_offset + udt->variable_calling, msgb) != 0)
303 return -1;
304
305 if (check_address(&result->calling) != 0) {
306 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
307 *(u_int8_t *)&result->called.address, result->called.ssn);
308 }
309
310 /* we don't have enough size for the data */
311 if (msgb_l2len(msgb) < data_offset + udt->variable_data + 1) {
312 DEBUGP(DSCCP, "msgb < header + offset %u %u %u\n",
313 msgb_l2len(msgb), header_size, udt->variable_data);
314 return -1;
315 }
316
317
318 msgb->l3h = &udt->data[udt->variable_data];
319
320 if (msgb_l3len(msgb) != msgb->l3h[-1]) {
321 DEBUGP(DSCCP, "msgb is truncated %u %u\n",
322 msgb_l3len(msgb), msgb->l3h[-1]);
323 return -1;
324 }
325
326 return 0;
327}
328
329
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]330/*
331 * Send UDT. Currently we have a fixed address...
332 */
333static int _sccp_send_data(int class, const struct sockaddr_sccp *in,
334 const struct sockaddr_sccp *out, struct msgb *payload)
335{
336 struct sccp_data_unitdata *udt;
337 u_int8_t *data;
338 int ret;
339
340 if (msgb_l3len(payload) > 256) {
341 DEBUGP(DSCCP, "The payload is too big for one udt\n");
342 return -1;
343 }
344
345 struct msgb *msg = msgb_alloc_headroom(SCCP_MSG_SIZE,
346 SCCP_MSG_HEADROOM, "sccp: udt");
347 msg->l2h = &msg->data[0];
348 udt = (struct sccp_data_unitdata *)msgb_put(msg, sizeof(*udt));
349
350 udt->type = SCCP_MSG_TYPE_UDT;
351 udt->proto_class = class;
352 udt->variable_called = 3;
353 udt->variable_calling = 5;
354 udt->variable_data = 7;
355
356 /* for variable data we start with a size and the data */
357 data = msgb_put(msg, 1 + 2);
358 data[0] = 2;
359 data[1] = 0x42;
360 data[2] = out->sccp_ssn;
361
362 data = msgb_put(msg, 1 + 2);
363 data[0] = 2;
364 data[1] = 0x42;
365 data[2] = in->sccp_ssn;
366
367 /* copy the payload */
368 data = msgb_put(msg, 1 + msgb_l3len(payload));
369 data[0] = msgb_l3len(payload);
370 memcpy(&data[1], payload->l3h, msgb_l3len(payload));
371
372 ret = _send_msg(msg);
373 msgb_free(msg);
374
375 return ret;
376}
377
378static int _sccp_handle_read(struct msgb *msgb)
379{
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]380 struct sccp_data_callback *cb;
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame]381 struct sccp_parse_result result;
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]382
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame]383 if (_sccp_parse_udt(msgb, &result) != 0)
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]384 return -1;
385
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame]386 cb = _find_ssn(result.called.ssn);
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]387 if (!cb || !cb->read_cb) {
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame]388 DEBUGP(DSCCP, "No routing for UDT for called SSN: %u\n", result.called.ssn);
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]389 return -1;
390 }
391
392 /* sanity check */
393 return cb->read_cb(msgb, msgb_l3len(msgb), cb->read_context);
394}
395
396/*
397 * handle connection orientated methods
398 */
399static int source_local_reference_is_free(struct sccp_source_reference *reference)
400{
401 struct sccp_connection *connection;
402
403 llist_for_each_entry(connection, &sccp_connections, list) {
404 if (memcmp(reference, &connection->source_local_reference, sizeof(*reference)) == 0)
405 return -1;
406 }
407
408 return 0;
409}
410
411static int destination_local_reference_is_free(struct sccp_source_reference *reference)
412{
413 struct sccp_connection *connection;
414
415 llist_for_each_entry(connection, &sccp_connections, list) {
416 if (memcmp(reference, &connection->destination_local_reference, sizeof(*reference)) == 0)
417 return -1;
418 }
419
420 return 0;
421}
422
423static int assign_source_local_reference(struct sccp_connection *connection)
424{
425 static u_int32_t last_ref = 0x30000;
426 int wrapped = 0;
427
428 do {
429 struct sccp_source_reference reference;
430 reference.octet1 = (last_ref >> 0) & 0xff;
431 reference.octet2 = (last_ref >> 8) & 0xff;
432 reference.octet3 = (last_ref >> 16) & 0xff;
433
434 ++last_ref;
435 /* do not use the reversed word and wrap around */
436 if ((last_ref & 0x00FFFFFF) == 0x00FFFFFF) {
437 DEBUGP(DSCCP, "Wrapped searching for a free code\n");
438 last_ref = 0;
439 ++wrapped;
440 }
441
442 if (source_local_reference_is_free(&reference) == 0) {
443 connection->source_local_reference = reference;
444 return 0;
445 }
446 } while (wrapped != 2);
447
448 DEBUGP(DSCCP, "Finding a free reference failed\n");
449 return -1;
450}
451
452static void _sccp_set_connection_state(struct sccp_connection *connection, int new_state)
453{
454 int old_state = connection->connection_state;
455
456 connection->connection_state = new_state;
457 if (connection->state_cb)
458 connection->state_cb(connection, old_state);
459}
460
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]461static int _sccp_send_refuse(struct sccp_source_reference *src_ref, int cause)
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]462{
463 struct msgb *msgb;
464 struct sccp_connection_refused *ref;
465 u_int8_t *data;
466 int ret;
467
468 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
469 SCCP_MSG_HEADROOM, "sccp ref");
470 msgb->l2h = &msgb->data[0];
471
472 ref = (struct sccp_connection_refused *) msgb_put(msgb, sizeof(*ref));
473 ref->type = SCCP_MSG_TYPE_CREF;
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]474 memcpy(&ref->destination_local_reference, src_ref,
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]475 sizeof(struct sccp_source_reference));
476 ref->cause = cause;
477 ref->optional_start = 1;
478
479 data = msgb_put(msgb, 1);
480 data[0] = SCCP_PNC_END_OF_OPTIONAL;
481
482 ret = _send_msg(msgb);
483 msgb_free(msgb);
484 return ret;
485}
486
487static int _sccp_send_connection_confirm(struct sccp_connection *connection)
488{
489 struct msgb *response;
490 struct sccp_connection_confirm *confirm;
491 u_int8_t *optional_data;
492 int ret;
493
494 if (assign_source_local_reference(connection) != 0)
495 return -1;
496
497 response = msgb_alloc_headroom(SCCP_MSG_SIZE,
498 SCCP_MSG_HEADROOM, "sccp confirm");
499 response->l2h = &response->data[0];
500
501 confirm = (struct sccp_connection_confirm *) msgb_put(response, sizeof(*confirm));
502
503 confirm->type = SCCP_MSG_TYPE_CC;
504 memcpy(&confirm->destination_local_reference,
505 &connection->destination_local_reference,
506 sizeof(connection->destination_local_reference));
507 memcpy(&confirm->source_local_reference,
508 &connection->source_local_reference,
509 sizeof(connection->source_local_reference));
510 confirm->proto_class = 2;
511 confirm->optional_start = 1;
512
513 optional_data = (u_int8_t *) msgb_put(response, 1);
514 optional_data[0] = SCCP_PNC_END_OF_OPTIONAL;
515
516 ret = _send_msg(response);
517 msgb_free(response);
518
519 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_ESTABLISHED);
520 return ret;
521}
522
523static int _sccp_send_connection_request(struct sccp_connection *connection,
524 const struct sockaddr_sccp *called, struct msgb *msg)
525{
526 struct msgb *request;
527 struct sccp_connection_request *req;
528 u_int8_t *data;
529 u_int8_t extra_size = 3 + 1;
530 int ret;
531
532
533 if (msg && (msgb_l3len(msg) < 3 || msgb_l3len(msg) > 130)) {
534 DEBUGP(DSCCP, "Invalid amount of data... %d\n", msgb_l3len(msg));
535 return -1;
536 }
537
538 /* try to find a id */
539 if (assign_source_local_reference(connection) != 0) {
540 DEBUGP(DSCCP, "Assigning a local reference failed.\n");
541 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_SETUP_ERROR);
542 return -1;
543 }
544
545
546 if (msg)
547 extra_size += 2 + msgb_l3len(msg);
548 request = msgb_alloc_headroom(SCCP_MSG_SIZE,
549 SCCP_MSG_HEADROOM, "sccp connection request");
550 request->l2h = &request->data[0];
551 req = (struct sccp_connection_request *) msgb_put(request, sizeof(*req));
552
553 req->type = SCCP_MSG_TYPE_CR;
554 memcpy(&req->source_local_reference, &connection->source_local_reference,
555 sizeof(connection->source_local_reference));
556 req->proto_class = 2;
557 req->variable_called = 2;
558 req->optional_start = 4;
559
560 /* write the called party address */
561 data = msgb_put(request, 1 + 2);
562 data[0] = 2;
563 data[1] = 0x42;
564 data[2] = called->sccp_ssn;
565
566 /* write the payload */
567 if (msg) {
568 data = msgb_put(request, 2 + msgb_l3len(msg));
569 data[0] = SCCP_PNC_DATA;
570 data[1] = msgb_l3len(msg);
571 memcpy(&data[2], msg->l3h, msgb_l3len(msg));
572 }
573
574 data = msgb_put(request, 1);
575 data[0] = SCCP_PNC_END_OF_OPTIONAL;
576
577 llist_add_tail(&connection->list, &sccp_connections);
578 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REQUEST);
579
580 ret = _send_msg(request);
581 msgb_free(request);
582
583 return ret;
584}
585
586static int _sccp_send_connection_data(struct sccp_connection *conn, struct msgb *_data)
587{
588 struct msgb *msgb;
589 struct sccp_data_form1 *dt1;
590 u_int8_t *data;
591 int extra_size;
592 int ret;
593
594 if (msgb_l3len(_data) < 2 || msgb_l3len(_data) > 256) {
595 DEBUGP(DSCCP, "data size too big, segmenting unimplemented.\n");
596 return -1;
597 }
598
599 extra_size = 1 + msgb_l3len(_data);
600 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
601 SCCP_MSG_HEADROOM, "sccp dt1");
602 msgb->l2h = &msgb->data[0];
603
604 dt1 = (struct sccp_data_form1 *) msgb_put(msgb, sizeof(*dt1));
605 dt1->type = SCCP_MSG_TYPE_DT1;
606 memcpy(&dt1->destination_local_reference, &conn->destination_local_reference,
607 sizeof(struct sccp_source_reference));
608 dt1->segmenting = 0;
609
610 /* copy the data */
611 dt1->variable_start = 1;
612 data = msgb_put(msgb, extra_size);
613 data[0] = extra_size - 1;
614 memcpy(&data[1], _data->l3h, extra_size - 1);
615
616 ret = _send_msg(msgb);
617 msgb_free(msgb);
618
619 return ret;
620}
621
Holger Hans Peter Freyther3b9516e2009-11-18 22:11:28 +0100[diff] [blame]622static int _sccp_send_connection_it(struct sccp_connection *conn)
623{
624 struct msgb *msgb;
625 struct sccp_data_it *it;
626 int ret;
627
628 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
629 SCCP_MSG_HEADROOM, "sccp it");
630 msgb->l2h = &msgb->data[0];
631 it = (struct sccp_data_it *) msgb_put(msgb, sizeof(*it));
632 it->type = SCCP_MSG_TYPE_IT;
633 memcpy(&it->destination_local_reference, &conn->destination_local_reference,
634 sizeof(struct sccp_source_reference));
635 memcpy(&it->source_local_reference, &conn->source_local_reference,
636 sizeof(struct sccp_source_reference));
637
638 it->proto_class = 0x2;
639 it->sequencing[0] = it->sequencing[1] = 0;
640 it->credit = 0;
641
642 ret = _send_msg(msgb);
643 msgb_free(msgb);
644 return ret;
645}
646
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]647static int _sccp_send_connection_released(struct sccp_connection *conn, int cause)
648{
649 struct msgb *msg;
650 struct sccp_connection_released *rel;
651 u_int8_t *data;
652 int ret;
653
654 msg = msgb_alloc_headroom(SCCP_MSG_SIZE, SCCP_MSG_HEADROOM,
655 "sccp: connection released");
656 msg->l2h = &msg->data[0];
657 rel = (struct sccp_connection_released *) msgb_put(msg, sizeof(*rel));
658 rel->type = SCCP_MSG_TYPE_RLSD;
659 rel->release_cause = cause;
660
661 /* copy the source references */
662 memcpy(&rel->destination_local_reference, &conn->destination_local_reference,
663 sizeof(struct sccp_source_reference));
664 memcpy(&rel->source_local_reference, &conn->source_local_reference,
665 sizeof(struct sccp_source_reference));
666
667 data = msgb_put(msg, 1);
668 data[0] = SCCP_PNC_END_OF_OPTIONAL;
669
670 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_RELEASE);
671 ret = _send_msg(msg);
672 msgb_free(msg);
673
674 return ret;
675}
676
677/*
678 * Open a connection. The following is going to happen:
679 *
680 * - Verify the packet, e.g. that we have no other connection
681 * that id.
682 * - Ask the user if he wants to accept the connection
683 * - Try to open the connection by assigning a source local reference
684 * and sending the packet
685 */
686static int _sccp_handle_connection_request(struct msgb *msgb)
687{
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]688 struct sccp_parse_result result;
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]689
690 struct sccp_data_callback *cb;
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]691 struct sccp_connection *connection;
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]692
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]693 if (_sccp_parse_connection_request(msgb, &result) != 0)
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]694 return -1;
695
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]696 cb = _find_ssn(result.called.ssn);
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]697 if (!cb || !cb->accept_cb) {
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]698 DEBUGP(DSCCP, "No routing for CR for called SSN: %u\n", result.called.ssn);
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]699 return -1;
700 }
701
702 /* check if the system wants this connection */
703 connection = talloc_zero(tall_sccp_ctx, struct sccp_connection);
704 if (!connection) {
705 DEBUGP(DSCCP, "Allocation failed\n");
706 return -1;
707 }
708
709 /*
710 * sanity checks:
711 * - Is the source_local_reference in any other connection?
712 * then will call accept, assign a "destination" local reference
713 * and send a connection confirm, otherwise we will send a refuseed
714 * one....
715 */
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]716 if (destination_local_reference_is_free(result.source_local_reference) != 0) {
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]717 DEBUGP(DSCCP, "Need to reject connection with existing reference\n");
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]718 _sccp_send_refuse(result.source_local_reference, SCCP_REFUSAL_SCCP_FAILURE);
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]719 talloc_free(connection);
720 return -1;
721 }
722
723 connection->incoming = 1;
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]724 connection->destination_local_reference = *result.source_local_reference;
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]725
726 if (cb->accept_cb(connection, cb->accept_context) != 0) {
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]727 _sccp_send_refuse(result.source_local_reference, SCCP_REFUSAL_END_USER_ORIGINATED);
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]728 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REFUSED);
729 talloc_free(connection);
730 return 0;
731 }
732
733
734 llist_add_tail(&connection->list, &sccp_connections);
735
736 if (_sccp_send_connection_confirm(connection) != 0) {
737 DEBUGP(DSCCP, "Sending confirm failed... no available source reference?\n");
738
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]739 _sccp_send_refuse(result.source_local_reference, SCCP_REFUSAL_SCCP_FAILURE);
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]740 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REFUSED);
741 llist_del(&connection->list);
742 talloc_free(connection);
743
744 return -1;
745 }
746
747 /*
748 * If we have data let us forward things.
749 */
Holger Hans Peter Freythera8cd2e62010-01-27 12:25:13 +0100[diff] [blame^]750 if (result.data_len != 0 && connection->data_cb) {
751 connection->data_cb(connection, msgb, result.data_len);
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]752 }
753
754 return 0;
755}
756
757/* Handle the release confirmed */
758static int _sccp_handle_connection_release_complete(struct msgb *data)
759{
760 static int header_size = sizeof(struct sccp_connection_release_complete);
761
762 struct sccp_connection_release_complete *cmpl;
763 struct sccp_connection *conn;
764
765 /* header check */
766 if (msgb_l2len(data) < header_size) {
767 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
768 msgb_l2len(data), header_size);
769 return -1;
770 }
771
772 cmpl = (struct sccp_connection_release_complete *) data->l2h;
773
774 /* find the connection */
775 llist_for_each_entry(conn, &sccp_connections, list) {
776 if (conn->data_cb
777 && memcmp(&conn->source_local_reference,
778 &cmpl->destination_local_reference,
779 sizeof(conn->source_local_reference)) == 0
780 && memcmp(&conn->destination_local_reference,
781 &cmpl->source_local_reference,
782 sizeof(conn->destination_local_reference)) == 0) {
783 goto found;
784 }
785 }
786
787
788 DEBUGP(DSCCP, "Release complete of unknown connection\n");
789 return -1;
790
791found:
792 llist_del(&conn->list);
793 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_RELEASE_COMPLETE);
794 return 0;
795}
796
797/* Handle the Data Form 1 message */
798static int _sccp_handle_connection_dt1(struct msgb *data)
799{
800 static int variable_offset = offsetof(struct sccp_data_form1, variable_start);
801 static int header_size = sizeof(struct sccp_data_form1);
802
803 struct sccp_data_form1 *dt1 = (struct sccp_data_form1 *)data->l2h;
804 struct sccp_connection *conn;
805 int size;
806
807 /* we don't have enough size for the struct */
808 if (msgb_l2len(data) < header_size) {
809 DEBUGP(DSCCP, "msgb > header_size %u %u\n",
810 msgb_l2len(data), header_size);
811 return -1;
812 }
813
814 if (dt1->segmenting != 0) {
815 DEBUGP(DSCCP, "This packet has segmenting, not supported: %d\n", dt1->segmenting);
816 return -1;
817 }
818
819 /* lookup if we have a connection with the given reference */
820 llist_for_each_entry(conn, &sccp_connections, list) {
821 if (conn->data_cb
822 && memcmp(&conn->source_local_reference,
823 &dt1->destination_local_reference,
824 sizeof(conn->source_local_reference)) == 0) {
825
826 /* some more size checks in here */
827 if (msgb_l2len(data) < variable_offset + dt1->variable_start + 1) {
828 DEBUGP(DSCCP, "Not enough space for variable start: %u %u\n",
829 msgb_l2len(data), dt1->variable_start);
830 return -1;
831 }
832
833 size = data->l2h[variable_offset + dt1->variable_start];
834 data->l3h = &data->l2h[dt1->variable_start + variable_offset + 1];
835
836 if (msgb_l3len(data) < size) {
837 DEBUGP(DSCCP, "Not enough room for the payload: %u %u\n",
838 msgb_l3len(data), size);
839 return -1;
840 }
841
842 conn->data_cb(conn, data, size);
843 return 0;
844 }
845 }
846
847 DEBUGP(DSCCP, "No connection found for dt1 data\n");
848 return -1;
849}
850
851/* confirm a connection release */
852static int _sccp_send_connection_release_complete(struct sccp_connection *connection)
853{
854 struct msgb *msgb;
855 struct sccp_connection_release_complete *rlc;
856 int ret;
857
858 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
859 SCCP_MSG_HEADROOM, "sccp rlc");
860 msgb->l2h = &msgb->data[0];
861
862 rlc = (struct sccp_connection_release_complete *) msgb_put(msgb, sizeof(*rlc));
863 rlc->type = SCCP_MSG_TYPE_RLC;
864 memcpy(&rlc->destination_local_reference,
865 &connection->destination_local_reference, sizeof(struct sccp_source_reference));
866 memcpy(&rlc->source_local_reference,
867 &connection->source_local_reference, sizeof(struct sccp_source_reference));
868
869 ret = _send_msg(msgb);
870 msgb_free(msgb);
871
872 /*
873 * Remove from the list of active connections and set the state. User code
874 * should now free the entry.
875 */
876 llist_del(&connection->list);
877 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_RELEASE_COMPLETE);
878
879 return ret;
880}
881
882/* connection released, send a released confirm */
883static int _sccp_handle_connection_released(struct msgb *data)
884{
885 static int header_size = sizeof(struct sccp_connection_released);
886 static int optional_offset = offsetof(struct sccp_connection_released, optional_start);
887
888 struct sccp_optional_data optional_data;
889 struct sccp_connection_released *rls = (struct sccp_connection_released *)data->l2h;
890 struct sccp_connection *conn;
891
892 /* we don't have enough size for the struct */
893 if (msgb_l2len(data) < header_size) {
894 DEBUGP(DSCCP, "msgb > header_size %u %u\n",
895 msgb_l2len(data), header_size);
896 return -1;
897 }
898
899 /* lookup if we have a connection with the given reference */
900 llist_for_each_entry(conn, &sccp_connections, list) {
901 if (conn->data_cb
902 && memcmp(&conn->source_local_reference,
903 &rls->destination_local_reference,
904 sizeof(conn->source_local_reference)) == 0
905 && memcmp(&conn->destination_local_reference,
906 &rls->source_local_reference,
907 sizeof(conn->destination_local_reference)) == 0) {
908 goto found;
909 }
910 }
911
912
913 DEBUGP(DSCCP, "Unknown connection was released.\n");
914 return -1;
915
916 /* we have found a connection */
917found:
918 memset(&optional_data, 0, sizeof(optional_data));
919 if (_sccp_parse_optional_data(optional_offset + rls->optional_start, data, &optional_data) != 0) {
920 DEBUGP(DSCCP, "parsing of optional data failed.\n");
921 return -1;
922 }
923
924 /* optional data */
925 if (optional_data.data_len != 0 && conn->data_cb) {
926 data->l3h = &data->l2h[optional_data.data_start];
927 conn->data_cb(conn, data, optional_data.data_len);
928 }
929
930 /* generate a response */
931 if (_sccp_send_connection_release_complete(conn) != 0) {
932 DEBUGP(DSCCP, "Sending release confirmed failed\n");
933 return -1;
934 }
935
936 return 0;
937}
938
939static int _sccp_handle_connection_refused(struct msgb *msgb)
940{
941 static const u_int32_t header_size =
942 sizeof(struct sccp_connection_refused);
943 static int optional_offset = offsetof(struct sccp_connection_refused, optional_start);
944
945 struct sccp_optional_data optional_data;
946 struct sccp_connection *conn;
947 struct sccp_connection_refused *ref;
948
949 /* header check */
950 if (msgb_l2len(msgb) < header_size) {
951 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
952 msgb_l2len(msgb), header_size);
953 return -1;
954 }
955
956 ref = (struct sccp_connection_refused *) msgb->l2h;
957
958 /* lookup if we have a connection with the given reference */
959 llist_for_each_entry(conn, &sccp_connections, list) {
960 if (conn->incoming == 0 && conn->data_cb
961 && memcmp(&conn->source_local_reference,
962 &ref->destination_local_reference,
963 sizeof(conn->source_local_reference)) == 0) {
964 goto found;
965 }
966 }
967
968 DEBUGP(DSCCP, "Refused but no connection found\n");
969 return -1;
970
971found:
972 memset(&optional_data, 0, sizeof(optional_data));
973 if (_sccp_parse_optional_data(optional_offset + ref->optional_start, msgb, &optional_data) != 0) {
974 DEBUGP(DSCCP, "parsing of optional data failed.\n");
975 return -1;
976 }
977
978 /* optional data */
979 if (optional_data.data_len != 0 && conn->data_cb) {
980 msgb->l3h = &msgb->l2h[optional_data.data_start];
981 conn->data_cb(conn, msgb, optional_data.data_len);
982 }
983
984
985 llist_del(&conn->list);
986 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_REFUSED);
987 return 0;
988}
989
990static int _sccp_handle_connection_confirm(struct msgb *msgb)
991{
992 static u_int32_t header_size =
993 sizeof(struct sccp_connection_confirm);
994 static const u_int32_t optional_offset =
995 offsetof(struct sccp_connection_confirm, optional_start);
996
997 struct sccp_optional_data optional_data;
998 struct sccp_connection *conn;
999 struct sccp_connection_confirm *con;
1000
1001 /* header check */
1002 if (msgb_l2len(msgb) < header_size) {
1003 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
1004 msgb_l2len(msgb), header_size);
1005 return -1;
1006 }
1007
1008 con = (struct sccp_connection_confirm *) msgb->l2h;
1009
1010 /* lookup if we have a connection with the given reference */
1011 llist_for_each_entry(conn, &sccp_connections, list) {
1012 if (conn->incoming == 0 && conn->data_cb
1013 && memcmp(&conn->source_local_reference,
1014 &con->destination_local_reference,
1015 sizeof(conn->source_local_reference)) == 0) {
1016 goto found;
1017 }
1018 }
1019
1020 DEBUGP(DSCCP, "Confirmed but no connection found\n");
1021 return -1;
1022
1023found:
1024 /* copy the addresses of the connection */
1025 conn->destination_local_reference = con->source_local_reference;
1026 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_ESTABLISHED);
1027
1028 memset(&optional_data, 0, sizeof(optional_data));
1029 if (_sccp_parse_optional_data(optional_offset + con->optional_start, msgb, &optional_data) != 0) {
1030 DEBUGP(DSCCP, "parsing of optional data failed.\n");
1031 return -1;
1032 }
1033
1034 /* optional data */
1035 if (optional_data.data_len != 0 && conn->data_cb) {
1036 msgb->l3h = &msgb->l2h[optional_data.data_start];
1037 conn->data_cb(conn, msgb, optional_data.data_len);
1038 }
1039
1040 return 0;
1041}
1042
1043
1044int sccp_system_init(int (*outgoing)(struct msgb *data, void *ctx), void *ctx)
1045{
1046 sccp_system.write_data = outgoing;
1047 sccp_system.write_context = ctx;
1048
1049 return 0;
1050}
1051
1052/* oh my god a real SCCP packet. need to dispatch it now */
1053int sccp_system_incoming(struct msgb *msgb)
1054{
1055 if (msgb_l2len(msgb) < 1 ) {
1056 DEBUGP(DSCCP, "Too short packet\n");
1057 return -1;
1058 }
1059
1060 int type = msgb->l2h[0];
1061
1062 switch(type) {
1063 case SCCP_MSG_TYPE_CR:
1064 return _sccp_handle_connection_request(msgb);
1065 break;
1066 case SCCP_MSG_TYPE_RLSD:
1067 return _sccp_handle_connection_released(msgb);
1068 break;
1069 case SCCP_MSG_TYPE_CREF:
1070 return _sccp_handle_connection_refused(msgb);
1071 break;
1072 case SCCP_MSG_TYPE_CC:
1073 return _sccp_handle_connection_confirm(msgb);
1074 break;
1075 case SCCP_MSG_TYPE_RLC:
1076 return _sccp_handle_connection_release_complete(msgb);
1077 break;
1078 case SCCP_MSG_TYPE_DT1:
1079 return _sccp_handle_connection_dt1(msgb);
1080 break;
1081 case SCCP_MSG_TYPE_UDT:
1082 return _sccp_handle_read(msgb);
1083 break;
1084 default:
1085 DEBUGP(DSCCP, "unimplemented msg type: %d\n", type);
1086 };
1087
1088 return -1;
1089}
1090
1091/* create a packet from the data */
1092int sccp_connection_write(struct sccp_connection *connection, struct msgb *data)
1093{
1094 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1095 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1096 DEBUGP(DSCCP, "sccp_connection_write: Wrong connection state: %p %d\n",
1097 connection, connection->connection_state);
1098 return -1;
1099 }
1100
1101 return _sccp_send_connection_data(connection, data);
1102}
1103
Holger Hans Peter Freyther3b9516e2009-11-18 22:11:28 +0100[diff] [blame]1104/*
1105 * Send a Inactivity Test message. The owner of the connection
1106 * should start a timer and call this method regularily. Calling
1107 * this every 60 seconds should be good enough.
1108 */
1109int sccp_connection_send_it(struct sccp_connection *connection)
1110{
1111 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1112 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1113 DEBUGP(DSCCP, "sccp_connection_write: Wrong connection state: %p %d\n",
1114 connection, connection->connection_state);
1115 return -1;
1116 }
1117
1118 return _sccp_send_connection_it(connection);
1119}
1120
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]1121/* send a connection release and wait for the connection released */
1122int sccp_connection_close(struct sccp_connection *connection, int cause)
1123{
1124 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1125 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1126 DEBUGPC(DSCCP, "Can not close the connection. It was never opened: %p %d\n",
1127 connection, connection->connection_state);
1128 return -1;
1129 }
1130
1131 return _sccp_send_connection_released(connection, cause);
1132}
1133
1134int sccp_connection_free(struct sccp_connection *connection)
1135{
1136 if (connection->connection_state > SCCP_CONNECTION_STATE_NONE
1137 && connection->connection_state < SCCP_CONNECTION_STATE_RELEASE_COMPLETE) {
1138 DEBUGP(DSCCP, "The connection needs to be released before it is freed");
1139 return -1;
1140 }
1141
1142 talloc_free(connection);
1143 return 0;
1144}
1145
1146struct sccp_connection *sccp_connection_socket(void)
1147{
1148 return talloc_zero(tall_sccp_ctx, struct sccp_connection);
1149}
1150
1151int sccp_connection_connect(struct sccp_connection *conn,
1152 const struct sockaddr_sccp *local,
1153 struct msgb *data)
1154{
1155 return _sccp_send_connection_request(conn, local, data);
1156}
1157
1158int sccp_connection_set_incoming(const struct sockaddr_sccp *sock,
1159 int (*accept_cb)(struct sccp_connection *, void *), void *context)
1160{
1161 struct sccp_data_callback *cb;
1162
1163 if (!sock)
1164 return -2;
1165
1166 cb = _find_ssn(sock->sccp_ssn);
1167 if (!cb)
1168 return -1;
1169
1170 cb->accept_cb = accept_cb;
1171 cb->accept_context = context;
1172 return 0;
1173}
1174
1175int sccp_write(struct msgb *data, const struct sockaddr_sccp *in,
1176 const struct sockaddr_sccp *out, int class)
1177{
1178 return _sccp_send_data(class, in, out, data);
1179}
1180
1181int sccp_set_read(const struct sockaddr_sccp *sock,
1182 int (*read_cb)(struct msgb *, unsigned int, void *), void *context)
1183{
1184 struct sccp_data_callback *cb;
1185
1186 if (!sock)
1187 return -2;
1188
1189 cb = _find_ssn(sock->sccp_ssn);
1190 if (!cb)
1191 return -1;
1192
1193 cb->read_cb = read_cb;
1194 cb->read_context = context;
1195 return 0;
1196}
1197
1198static_assert(sizeof(struct sccp_source_reference) <= sizeof(u_int32_t), enough_space);
1199
1200u_int32_t sccp_src_ref_to_int(struct sccp_source_reference *ref)
1201{
1202 u_int32_t src_ref = 0;
1203 memcpy(&src_ref, ref, sizeof(*ref));
1204 return src_ref;
1205}
1206
1207struct sccp_source_reference sccp_src_ref_from_int(u_int32_t int_ref)
1208{
1209 struct sccp_source_reference ref;
1210 memcpy(&ref, &int_ref, sizeof(ref));
1211 return ref;
1212}
1213
Holger Hans Peter Freythera692fbc2010-01-13 09:55:43 +0100[diff] [blame]1214int sccp_determine_msg_type(struct msgb *msg)
1215{
1216 if (msgb_l2len(msg) < 1)
1217 return -1;
1218
1219 return msg->l2h[0];
1220}
1221
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]1222static __attribute__((constructor)) void on_dso_load(void)
1223{
1224 tall_sccp_ctx = talloc_named_const(NULL, 1, "sccp");
1225}
1226
1227static __attribute__((destructor)) void on_dso_unload(void)
1228{
1229 talloc_report_full(tall_sccp_ctx, stderr);
1230}