Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-mgw / efca5419b7b6ea127a0b293d5677888df74dd41c / . / openbsc / src / sccp / sccp.c
blob: 4c59acc04d4dc6c9efcf5647dc5a374bf2f33b63 [file] [log] [blame]
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]1/*
2 * SCCP management code
3 *
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame^]4 * (C) 2009, 2010 by Holger Hans Peter Freyther <zecke@selfish.org>
5 * (C) 2009, 2010 by on-waves.com
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]6 *
7 * All Rights Reserved
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 *
23 */
24
25#include <string.h>
26
27#include <sccp/sccp.h>
28
29#include <openbsc/debug.h>
30#include <openbsc/talloc.h>
31#include <openbsc/linuxlist.h>
32
33static void *tall_sccp_ctx;
34static LLIST_HEAD(sccp_connections);
35
36#define SCCP_MSG_SIZE 4096
37#define SCCP_MSG_HEADROOM 128
38
39/* global data */
40const struct sockaddr_sccp sccp_ssn_bssap = {
41 .sccp_family = 0,
42 .sccp_ssn = SCCP_SSN_BSSAP,
43};
44
45struct sccp_system {
46 /* layer3 -> layer2 */
47 int (*write_data)(struct msgb *data, void *context);
48 void *write_context;
49};
50
51
52static struct sccp_system sccp_system = {
53 .write_data = NULL,
54};
55
56struct sccp_data_callback {
57 /* connection based */
58 int (*accept_cb)(struct sccp_connection *, void *);
59 void *accept_context;
60
61 /* connection less */
62 int (*read_cb)(struct msgb *, unsigned int, void *);
63 void *read_context;
64
65 u_int8_t ssn;
66 struct llist_head callback;
67};
68
69static LLIST_HEAD(sccp_callbacks);
70
71static struct sccp_data_callback *_find_ssn(u_int8_t ssn)
72{
73 struct sccp_data_callback *cb;
74
75 llist_for_each_entry(cb, &sccp_callbacks, callback) {
76 if (cb->ssn == ssn)
77 return cb;
78 }
79
80 /* need to add one */
81 cb = talloc_zero(tall_sccp_ctx, struct sccp_data_callback);
82 if (!cb) {
83 DEBUGP(DSCCP, "Failed to allocate sccp callback.\n");
84 return NULL;
85 }
86
87 cb->ssn = ssn;
88 llist_add_tail(&cb->callback, &sccp_callbacks);
89 return cb;
90}
91
92
93static int _send_msg(struct msgb *msg)
94{
95 return sccp_system.write_data(msg, sccp_system.write_context);
96}
97
98/*
99 * parsing routines
100 */
101static int copy_address(struct sccp_address *addr, u_int8_t offset, struct msgb *msgb)
102{
103 struct sccp_called_party_address *party;
104
105 int room = msgb_l2len(msgb) - offset;
106 u_int8_t read = 0;
107 u_int8_t length;
108
109 if (room <= 0) {
110 DEBUGP(DSCCP, "Not enough room for an address: %u\n", room);
111 return -1;
112 }
113
114 length = msgb->l2h[offset];
115 if (room <= length) {
116 DEBUGP(DSCCP, "Not enough room for optional data %u %u\n", room, length);
117 return -1;
118 }
119
120
121 party = (struct sccp_called_party_address *)(msgb->l2h + offset + 1);
122 if (party->point_code_indicator) {
123 if (length <= read + 2) {
124 DEBUGP(DSCCP, "POI does not fit %u\n", length);
125 return -1;
126 }
127
128
129 memcpy(&addr->poi, &party->data[read], 2);
130 read += 2;
131 }
132
133 if (party->ssn_indicator) {
134 if (length <= read + 1) {
135 DEBUGP(DSCCP, "SSN does not fit %u\n", length);
136 return -1;
137 }
138
139 addr->ssn = party->data[read];
140 read += 1;
141 }
142
143 if (party->global_title_indicator) {
144 DEBUGP(DSCCP, "GTI not supported %u\n", *(u_int8_t *)party);
145 return -1;
146 }
147
148 addr->address = *party;
149 return 0;
150}
151
152static int check_address(struct sccp_address *addr)
153{
154 /* ignore point_code_indicator... it should be zero... but */
155 if (addr->address.ssn_indicator != 1
156 || addr->address.global_title_indicator == 1
157 || addr->address.routing_indicator != 1) {
158 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
159 *(u_int8_t *)&addr->address, addr->ssn);
160 return -1;
161 }
162
163 return 0;
164}
165
166static int _sccp_parse_optional_data(const int offset,
167 struct msgb *msgb, struct sccp_optional_data *data)
168{
169 u_int16_t room = msgb_l2len(msgb) - offset;
170 u_int16_t read = 0;
171
172 while (room > read) {
173 u_int8_t type = msgb->l2h[offset + read];
174 if (type == SCCP_PNC_END_OF_OPTIONAL)
175 return 0;
176
177 if (read + 1 >= room) {
178 DEBUGP(DSCCP, "no place for length\n");
179 return 0;
180 }
181
182 u_int8_t length = msgb->l2h[offset + read + 1];
183 read += 2 + length;
184
185
186 if (room <= read) {
187 DEBUGP(DSCCP, "no space for the data: type: %d read: %d room: %d l2: %d\n",
188 type, read, room, msgb_l2len(msgb));
189 return 0;
190 }
191
192 if (type == SCCP_PNC_DATA) {
193 data->data_len = length;
194 data->data_start = offset + read - length;
195 }
196
197 }
198
199 return -1;
200}
201
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame^]202int _sccp_parse_connection_request(struct msgb *msg, struct sccp_parse_result *result)
203{
204 return -1;
205}
206
207int _sccp_parse_connection_released(struct msgb *msg, struct sccp_parse_result *result)
208{
209 return -1;
210}
211
212int _sccp_parse_connection_refused(struct msgb *msg, struct sccp_parse_result *result)
213{
214 return -1;
215}
216
217int _sccp_parse_connection_confirm(struct msgb *msg, struct sccp_parse_result *result)
218{
219 return -1;
220}
221
222int _sccp_parse_connection_release_complete(struct msgb *msg, struct sccp_parse_result *result)
223{
224 return -1;
225}
226
227int _sccp_parse_connection_dt1(struct msgb *msg, struct sccp_parse_result *result)
228{
229 return -1;
230}
231
232int _sccp_parse_udt(struct msgb *msgb, struct sccp_parse_result *result)
233{
234 static const u_int32_t header_size = sizeof(struct sccp_data_unitdata);
235 static const u_int32_t called_offset = offsetof(struct sccp_data_unitdata, variable_called);
236 static const u_int32_t calling_offset = offsetof(struct sccp_data_unitdata, variable_calling);
237 static const u_int32_t data_offset = offsetof(struct sccp_data_unitdata, variable_data);
238
239 struct sccp_data_unitdata *udt = (struct sccp_data_unitdata *)msgb->l2h;
240
241 if (msgb_l2len(msgb) < header_size) {
242 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
243 msgb_l2len(msgb), header_size);
244 return -1;
245 }
246
247 /* copy out the calling and called address. Add the off */
248 if (copy_address(&result->called, called_offset + udt->variable_called, msgb) != 0)
249 return -1;
250
251 if (check_address(&result->called) != 0) {
252 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
253 *(u_int8_t *)&result->called.address, result->called.ssn);
254 return -1;
255 }
256
257 if (copy_address(&result->calling, calling_offset + udt->variable_calling, msgb) != 0)
258 return -1;
259
260 if (check_address(&result->calling) != 0) {
261 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
262 *(u_int8_t *)&result->called.address, result->called.ssn);
263 }
264
265 /* we don't have enough size for the data */
266 if (msgb_l2len(msgb) < data_offset + udt->variable_data + 1) {
267 DEBUGP(DSCCP, "msgb < header + offset %u %u %u\n",
268 msgb_l2len(msgb), header_size, udt->variable_data);
269 return -1;
270 }
271
272
273 msgb->l3h = &udt->data[udt->variable_data];
274
275 if (msgb_l3len(msgb) != msgb->l3h[-1]) {
276 DEBUGP(DSCCP, "msgb is truncated %u %u\n",
277 msgb_l3len(msgb), msgb->l3h[-1]);
278 return -1;
279 }
280
281 return 0;
282}
283
284
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]285/*
286 * Send UDT. Currently we have a fixed address...
287 */
288static int _sccp_send_data(int class, const struct sockaddr_sccp *in,
289 const struct sockaddr_sccp *out, struct msgb *payload)
290{
291 struct sccp_data_unitdata *udt;
292 u_int8_t *data;
293 int ret;
294
295 if (msgb_l3len(payload) > 256) {
296 DEBUGP(DSCCP, "The payload is too big for one udt\n");
297 return -1;
298 }
299
300 struct msgb *msg = msgb_alloc_headroom(SCCP_MSG_SIZE,
301 SCCP_MSG_HEADROOM, "sccp: udt");
302 msg->l2h = &msg->data[0];
303 udt = (struct sccp_data_unitdata *)msgb_put(msg, sizeof(*udt));
304
305 udt->type = SCCP_MSG_TYPE_UDT;
306 udt->proto_class = class;
307 udt->variable_called = 3;
308 udt->variable_calling = 5;
309 udt->variable_data = 7;
310
311 /* for variable data we start with a size and the data */
312 data = msgb_put(msg, 1 + 2);
313 data[0] = 2;
314 data[1] = 0x42;
315 data[2] = out->sccp_ssn;
316
317 data = msgb_put(msg, 1 + 2);
318 data[0] = 2;
319 data[1] = 0x42;
320 data[2] = in->sccp_ssn;
321
322 /* copy the payload */
323 data = msgb_put(msg, 1 + msgb_l3len(payload));
324 data[0] = msgb_l3len(payload);
325 memcpy(&data[1], payload->l3h, msgb_l3len(payload));
326
327 ret = _send_msg(msg);
328 msgb_free(msg);
329
330 return ret;
331}
332
333static int _sccp_handle_read(struct msgb *msgb)
334{
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]335 struct sccp_data_callback *cb;
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame^]336 struct sccp_parse_result result;
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]337
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame^]338 if (_sccp_parse_udt(msgb, &result) != 0)
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]339 return -1;
340
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame^]341 cb = _find_ssn(result.called.ssn);
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]342 if (!cb || !cb->read_cb) {
Holger Hans Peter Freytherefca5412010-01-27 12:12:46 +0100[diff] [blame^]343 DEBUGP(DSCCP, "No routing for UDT for called SSN: %u\n", result.called.ssn);
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]344 return -1;
345 }
346
347 /* sanity check */
348 return cb->read_cb(msgb, msgb_l3len(msgb), cb->read_context);
349}
350
351/*
352 * handle connection orientated methods
353 */
354static int source_local_reference_is_free(struct sccp_source_reference *reference)
355{
356 struct sccp_connection *connection;
357
358 llist_for_each_entry(connection, &sccp_connections, list) {
359 if (memcmp(reference, &connection->source_local_reference, sizeof(*reference)) == 0)
360 return -1;
361 }
362
363 return 0;
364}
365
366static int destination_local_reference_is_free(struct sccp_source_reference *reference)
367{
368 struct sccp_connection *connection;
369
370 llist_for_each_entry(connection, &sccp_connections, list) {
371 if (memcmp(reference, &connection->destination_local_reference, sizeof(*reference)) == 0)
372 return -1;
373 }
374
375 return 0;
376}
377
378static int assign_source_local_reference(struct sccp_connection *connection)
379{
380 static u_int32_t last_ref = 0x30000;
381 int wrapped = 0;
382
383 do {
384 struct sccp_source_reference reference;
385 reference.octet1 = (last_ref >> 0) & 0xff;
386 reference.octet2 = (last_ref >> 8) & 0xff;
387 reference.octet3 = (last_ref >> 16) & 0xff;
388
389 ++last_ref;
390 /* do not use the reversed word and wrap around */
391 if ((last_ref & 0x00FFFFFF) == 0x00FFFFFF) {
392 DEBUGP(DSCCP, "Wrapped searching for a free code\n");
393 last_ref = 0;
394 ++wrapped;
395 }
396
397 if (source_local_reference_is_free(&reference) == 0) {
398 connection->source_local_reference = reference;
399 return 0;
400 }
401 } while (wrapped != 2);
402
403 DEBUGP(DSCCP, "Finding a free reference failed\n");
404 return -1;
405}
406
407static void _sccp_set_connection_state(struct sccp_connection *connection, int new_state)
408{
409 int old_state = connection->connection_state;
410
411 connection->connection_state = new_state;
412 if (connection->state_cb)
413 connection->state_cb(connection, old_state);
414}
415
416static int _sccp_send_refuse(struct sccp_connection_request *req, int cause)
417{
418 struct msgb *msgb;
419 struct sccp_connection_refused *ref;
420 u_int8_t *data;
421 int ret;
422
423 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
424 SCCP_MSG_HEADROOM, "sccp ref");
425 msgb->l2h = &msgb->data[0];
426
427 ref = (struct sccp_connection_refused *) msgb_put(msgb, sizeof(*ref));
428 ref->type = SCCP_MSG_TYPE_CREF;
429 memcpy(&ref->destination_local_reference, &req->source_local_reference,
430 sizeof(struct sccp_source_reference));
431 ref->cause = cause;
432 ref->optional_start = 1;
433
434 data = msgb_put(msgb, 1);
435 data[0] = SCCP_PNC_END_OF_OPTIONAL;
436
437 ret = _send_msg(msgb);
438 msgb_free(msgb);
439 return ret;
440}
441
442static int _sccp_send_connection_confirm(struct sccp_connection *connection)
443{
444 struct msgb *response;
445 struct sccp_connection_confirm *confirm;
446 u_int8_t *optional_data;
447 int ret;
448
449 if (assign_source_local_reference(connection) != 0)
450 return -1;
451
452 response = msgb_alloc_headroom(SCCP_MSG_SIZE,
453 SCCP_MSG_HEADROOM, "sccp confirm");
454 response->l2h = &response->data[0];
455
456 confirm = (struct sccp_connection_confirm *) msgb_put(response, sizeof(*confirm));
457
458 confirm->type = SCCP_MSG_TYPE_CC;
459 memcpy(&confirm->destination_local_reference,
460 &connection->destination_local_reference,
461 sizeof(connection->destination_local_reference));
462 memcpy(&confirm->source_local_reference,
463 &connection->source_local_reference,
464 sizeof(connection->source_local_reference));
465 confirm->proto_class = 2;
466 confirm->optional_start = 1;
467
468 optional_data = (u_int8_t *) msgb_put(response, 1);
469 optional_data[0] = SCCP_PNC_END_OF_OPTIONAL;
470
471 ret = _send_msg(response);
472 msgb_free(response);
473
474 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_ESTABLISHED);
475 return ret;
476}
477
478static int _sccp_send_connection_request(struct sccp_connection *connection,
479 const struct sockaddr_sccp *called, struct msgb *msg)
480{
481 struct msgb *request;
482 struct sccp_connection_request *req;
483 u_int8_t *data;
484 u_int8_t extra_size = 3 + 1;
485 int ret;
486
487
488 if (msg && (msgb_l3len(msg) < 3 || msgb_l3len(msg) > 130)) {
489 DEBUGP(DSCCP, "Invalid amount of data... %d\n", msgb_l3len(msg));
490 return -1;
491 }
492
493 /* try to find a id */
494 if (assign_source_local_reference(connection) != 0) {
495 DEBUGP(DSCCP, "Assigning a local reference failed.\n");
496 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_SETUP_ERROR);
497 return -1;
498 }
499
500
501 if (msg)
502 extra_size += 2 + msgb_l3len(msg);
503 request = msgb_alloc_headroom(SCCP_MSG_SIZE,
504 SCCP_MSG_HEADROOM, "sccp connection request");
505 request->l2h = &request->data[0];
506 req = (struct sccp_connection_request *) msgb_put(request, sizeof(*req));
507
508 req->type = SCCP_MSG_TYPE_CR;
509 memcpy(&req->source_local_reference, &connection->source_local_reference,
510 sizeof(connection->source_local_reference));
511 req->proto_class = 2;
512 req->variable_called = 2;
513 req->optional_start = 4;
514
515 /* write the called party address */
516 data = msgb_put(request, 1 + 2);
517 data[0] = 2;
518 data[1] = 0x42;
519 data[2] = called->sccp_ssn;
520
521 /* write the payload */
522 if (msg) {
523 data = msgb_put(request, 2 + msgb_l3len(msg));
524 data[0] = SCCP_PNC_DATA;
525 data[1] = msgb_l3len(msg);
526 memcpy(&data[2], msg->l3h, msgb_l3len(msg));
527 }
528
529 data = msgb_put(request, 1);
530 data[0] = SCCP_PNC_END_OF_OPTIONAL;
531
532 llist_add_tail(&connection->list, &sccp_connections);
533 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REQUEST);
534
535 ret = _send_msg(request);
536 msgb_free(request);
537
538 return ret;
539}
540
541static int _sccp_send_connection_data(struct sccp_connection *conn, struct msgb *_data)
542{
543 struct msgb *msgb;
544 struct sccp_data_form1 *dt1;
545 u_int8_t *data;
546 int extra_size;
547 int ret;
548
549 if (msgb_l3len(_data) < 2 || msgb_l3len(_data) > 256) {
550 DEBUGP(DSCCP, "data size too big, segmenting unimplemented.\n");
551 return -1;
552 }
553
554 extra_size = 1 + msgb_l3len(_data);
555 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
556 SCCP_MSG_HEADROOM, "sccp dt1");
557 msgb->l2h = &msgb->data[0];
558
559 dt1 = (struct sccp_data_form1 *) msgb_put(msgb, sizeof(*dt1));
560 dt1->type = SCCP_MSG_TYPE_DT1;
561 memcpy(&dt1->destination_local_reference, &conn->destination_local_reference,
562 sizeof(struct sccp_source_reference));
563 dt1->segmenting = 0;
564
565 /* copy the data */
566 dt1->variable_start = 1;
567 data = msgb_put(msgb, extra_size);
568 data[0] = extra_size - 1;
569 memcpy(&data[1], _data->l3h, extra_size - 1);
570
571 ret = _send_msg(msgb);
572 msgb_free(msgb);
573
574 return ret;
575}
576
Holger Hans Peter Freyther3b9516e2009-11-18 22:11:28 +0100[diff] [blame]577static int _sccp_send_connection_it(struct sccp_connection *conn)
578{
579 struct msgb *msgb;
580 struct sccp_data_it *it;
581 int ret;
582
583 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
584 SCCP_MSG_HEADROOM, "sccp it");
585 msgb->l2h = &msgb->data[0];
586 it = (struct sccp_data_it *) msgb_put(msgb, sizeof(*it));
587 it->type = SCCP_MSG_TYPE_IT;
588 memcpy(&it->destination_local_reference, &conn->destination_local_reference,
589 sizeof(struct sccp_source_reference));
590 memcpy(&it->source_local_reference, &conn->source_local_reference,
591 sizeof(struct sccp_source_reference));
592
593 it->proto_class = 0x2;
594 it->sequencing[0] = it->sequencing[1] = 0;
595 it->credit = 0;
596
597 ret = _send_msg(msgb);
598 msgb_free(msgb);
599 return ret;
600}
601
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]602static int _sccp_send_connection_released(struct sccp_connection *conn, int cause)
603{
604 struct msgb *msg;
605 struct sccp_connection_released *rel;
606 u_int8_t *data;
607 int ret;
608
609 msg = msgb_alloc_headroom(SCCP_MSG_SIZE, SCCP_MSG_HEADROOM,
610 "sccp: connection released");
611 msg->l2h = &msg->data[0];
612 rel = (struct sccp_connection_released *) msgb_put(msg, sizeof(*rel));
613 rel->type = SCCP_MSG_TYPE_RLSD;
614 rel->release_cause = cause;
615
616 /* copy the source references */
617 memcpy(&rel->destination_local_reference, &conn->destination_local_reference,
618 sizeof(struct sccp_source_reference));
619 memcpy(&rel->source_local_reference, &conn->source_local_reference,
620 sizeof(struct sccp_source_reference));
621
622 data = msgb_put(msg, 1);
623 data[0] = SCCP_PNC_END_OF_OPTIONAL;
624
625 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_RELEASE);
626 ret = _send_msg(msg);
627 msgb_free(msg);
628
629 return ret;
630}
631
632/*
633 * Open a connection. The following is going to happen:
634 *
635 * - Verify the packet, e.g. that we have no other connection
636 * that id.
637 * - Ask the user if he wants to accept the connection
638 * - Try to open the connection by assigning a source local reference
639 * and sending the packet
640 */
641static int _sccp_handle_connection_request(struct msgb *msgb)
642{
643 static const u_int32_t header_size =
644 sizeof(struct sccp_connection_request);
645 static const u_int32_t optional_offset =
646 offsetof(struct sccp_connection_request, optional_start);
647 static const u_int32_t called_offset =
648 offsetof(struct sccp_connection_request, variable_called);
649
650 struct sccp_data_callback *cb;
651 struct sccp_connection_request *req = (struct sccp_connection_request *)msgb->data;
652 struct sccp_address called;
653 struct sccp_connection *connection;
654 struct sccp_optional_data optional_data;
655
656 /* header check */
657 if (msgb_l2len(msgb) < header_size) {
658 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
659 msgb_l2len(msgb), header_size);
660 return -1;
661 }
662
663 /* copy out the calling and called address. Add the offset */
664 if (copy_address(&called, called_offset + req->variable_called, msgb) != 0)
665 return -1;
666
667 if (check_address(&called) != 0) {
668 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
669 *(u_int8_t *)&called.address, called.ssn);
670 return -1;
671 }
672
673 cb = _find_ssn(called.ssn);
674 if (!cb || !cb->accept_cb) {
675 DEBUGP(DSCCP, "No routing for CR for called SSN: %u\n", called.ssn);
676 return -1;
677 }
678
679 /* check if the system wants this connection */
680 connection = talloc_zero(tall_sccp_ctx, struct sccp_connection);
681 if (!connection) {
682 DEBUGP(DSCCP, "Allocation failed\n");
683 return -1;
684 }
685
686 /*
687 * sanity checks:
688 * - Is the source_local_reference in any other connection?
689 * then will call accept, assign a "destination" local reference
690 * and send a connection confirm, otherwise we will send a refuseed
691 * one....
692 */
693 if (destination_local_reference_is_free(&req->source_local_reference) != 0) {
694 DEBUGP(DSCCP, "Need to reject connection with existing reference\n");
695 _sccp_send_refuse(req, SCCP_REFUSAL_SCCP_FAILURE);
696 talloc_free(connection);
697 return -1;
698 }
699
700 connection->incoming = 1;
701 connection->destination_local_reference = req->source_local_reference;
702
703 /*
704 * parse optional data.
705 */
706 memset(&optional_data, 0, sizeof(optional_data));
707 if (_sccp_parse_optional_data(optional_offset + req->optional_start, msgb, &optional_data) != 0) {
708 DEBUGP(DSCCP, "parsing of optional data failed.\n");
709 talloc_free(connection);
710 return -1;
711 }
712
713 if (cb->accept_cb(connection, cb->accept_context) != 0) {
714 _sccp_send_refuse(req, SCCP_REFUSAL_END_USER_ORIGINATED);
715 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REFUSED);
716 talloc_free(connection);
717 return 0;
718 }
719
720
721 llist_add_tail(&connection->list, &sccp_connections);
722
723 if (_sccp_send_connection_confirm(connection) != 0) {
724 DEBUGP(DSCCP, "Sending confirm failed... no available source reference?\n");
725
726 _sccp_send_refuse(req, SCCP_REFUSAL_SCCP_FAILURE);
727 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REFUSED);
728 llist_del(&connection->list);
729 talloc_free(connection);
730
731 return -1;
732 }
733
734 /*
735 * If we have data let us forward things.
736 */
737 if (optional_data.data_len != 0 && connection->data_cb) {
738 msgb->l3h = &msgb->l2h[optional_data.data_start];
739 connection->data_cb(connection, msgb, optional_data.data_len);
740 }
741
742 return 0;
743}
744
745/* Handle the release confirmed */
746static int _sccp_handle_connection_release_complete(struct msgb *data)
747{
748 static int header_size = sizeof(struct sccp_connection_release_complete);
749
750 struct sccp_connection_release_complete *cmpl;
751 struct sccp_connection *conn;
752
753 /* header check */
754 if (msgb_l2len(data) < header_size) {
755 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
756 msgb_l2len(data), header_size);
757 return -1;
758 }
759
760 cmpl = (struct sccp_connection_release_complete *) data->l2h;
761
762 /* find the connection */
763 llist_for_each_entry(conn, &sccp_connections, list) {
764 if (conn->data_cb
765 && memcmp(&conn->source_local_reference,
766 &cmpl->destination_local_reference,
767 sizeof(conn->source_local_reference)) == 0
768 && memcmp(&conn->destination_local_reference,
769 &cmpl->source_local_reference,
770 sizeof(conn->destination_local_reference)) == 0) {
771 goto found;
772 }
773 }
774
775
776 DEBUGP(DSCCP, "Release complete of unknown connection\n");
777 return -1;
778
779found:
780 llist_del(&conn->list);
781 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_RELEASE_COMPLETE);
782 return 0;
783}
784
785/* Handle the Data Form 1 message */
786static int _sccp_handle_connection_dt1(struct msgb *data)
787{
788 static int variable_offset = offsetof(struct sccp_data_form1, variable_start);
789 static int header_size = sizeof(struct sccp_data_form1);
790
791 struct sccp_data_form1 *dt1 = (struct sccp_data_form1 *)data->l2h;
792 struct sccp_connection *conn;
793 int size;
794
795 /* we don't have enough size for the struct */
796 if (msgb_l2len(data) < header_size) {
797 DEBUGP(DSCCP, "msgb > header_size %u %u\n",
798 msgb_l2len(data), header_size);
799 return -1;
800 }
801
802 if (dt1->segmenting != 0) {
803 DEBUGP(DSCCP, "This packet has segmenting, not supported: %d\n", dt1->segmenting);
804 return -1;
805 }
806
807 /* lookup if we have a connection with the given reference */
808 llist_for_each_entry(conn, &sccp_connections, list) {
809 if (conn->data_cb
810 && memcmp(&conn->source_local_reference,
811 &dt1->destination_local_reference,
812 sizeof(conn->source_local_reference)) == 0) {
813
814 /* some more size checks in here */
815 if (msgb_l2len(data) < variable_offset + dt1->variable_start + 1) {
816 DEBUGP(DSCCP, "Not enough space for variable start: %u %u\n",
817 msgb_l2len(data), dt1->variable_start);
818 return -1;
819 }
820
821 size = data->l2h[variable_offset + dt1->variable_start];
822 data->l3h = &data->l2h[dt1->variable_start + variable_offset + 1];
823
824 if (msgb_l3len(data) < size) {
825 DEBUGP(DSCCP, "Not enough room for the payload: %u %u\n",
826 msgb_l3len(data), size);
827 return -1;
828 }
829
830 conn->data_cb(conn, data, size);
831 return 0;
832 }
833 }
834
835 DEBUGP(DSCCP, "No connection found for dt1 data\n");
836 return -1;
837}
838
839/* confirm a connection release */
840static int _sccp_send_connection_release_complete(struct sccp_connection *connection)
841{
842 struct msgb *msgb;
843 struct sccp_connection_release_complete *rlc;
844 int ret;
845
846 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
847 SCCP_MSG_HEADROOM, "sccp rlc");
848 msgb->l2h = &msgb->data[0];
849
850 rlc = (struct sccp_connection_release_complete *) msgb_put(msgb, sizeof(*rlc));
851 rlc->type = SCCP_MSG_TYPE_RLC;
852 memcpy(&rlc->destination_local_reference,
853 &connection->destination_local_reference, sizeof(struct sccp_source_reference));
854 memcpy(&rlc->source_local_reference,
855 &connection->source_local_reference, sizeof(struct sccp_source_reference));
856
857 ret = _send_msg(msgb);
858 msgb_free(msgb);
859
860 /*
861 * Remove from the list of active connections and set the state. User code
862 * should now free the entry.
863 */
864 llist_del(&connection->list);
865 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_RELEASE_COMPLETE);
866
867 return ret;
868}
869
870/* connection released, send a released confirm */
871static int _sccp_handle_connection_released(struct msgb *data)
872{
873 static int header_size = sizeof(struct sccp_connection_released);
874 static int optional_offset = offsetof(struct sccp_connection_released, optional_start);
875
876 struct sccp_optional_data optional_data;
877 struct sccp_connection_released *rls = (struct sccp_connection_released *)data->l2h;
878 struct sccp_connection *conn;
879
880 /* we don't have enough size for the struct */
881 if (msgb_l2len(data) < header_size) {
882 DEBUGP(DSCCP, "msgb > header_size %u %u\n",
883 msgb_l2len(data), header_size);
884 return -1;
885 }
886
887 /* lookup if we have a connection with the given reference */
888 llist_for_each_entry(conn, &sccp_connections, list) {
889 if (conn->data_cb
890 && memcmp(&conn->source_local_reference,
891 &rls->destination_local_reference,
892 sizeof(conn->source_local_reference)) == 0
893 && memcmp(&conn->destination_local_reference,
894 &rls->source_local_reference,
895 sizeof(conn->destination_local_reference)) == 0) {
896 goto found;
897 }
898 }
899
900
901 DEBUGP(DSCCP, "Unknown connection was released.\n");
902 return -1;
903
904 /* we have found a connection */
905found:
906 memset(&optional_data, 0, sizeof(optional_data));
907 if (_sccp_parse_optional_data(optional_offset + rls->optional_start, data, &optional_data) != 0) {
908 DEBUGP(DSCCP, "parsing of optional data failed.\n");
909 return -1;
910 }
911
912 /* optional data */
913 if (optional_data.data_len != 0 && conn->data_cb) {
914 data->l3h = &data->l2h[optional_data.data_start];
915 conn->data_cb(conn, data, optional_data.data_len);
916 }
917
918 /* generate a response */
919 if (_sccp_send_connection_release_complete(conn) != 0) {
920 DEBUGP(DSCCP, "Sending release confirmed failed\n");
921 return -1;
922 }
923
924 return 0;
925}
926
927static int _sccp_handle_connection_refused(struct msgb *msgb)
928{
929 static const u_int32_t header_size =
930 sizeof(struct sccp_connection_refused);
931 static int optional_offset = offsetof(struct sccp_connection_refused, optional_start);
932
933 struct sccp_optional_data optional_data;
934 struct sccp_connection *conn;
935 struct sccp_connection_refused *ref;
936
937 /* header check */
938 if (msgb_l2len(msgb) < header_size) {
939 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
940 msgb_l2len(msgb), header_size);
941 return -1;
942 }
943
944 ref = (struct sccp_connection_refused *) msgb->l2h;
945
946 /* lookup if we have a connection with the given reference */
947 llist_for_each_entry(conn, &sccp_connections, list) {
948 if (conn->incoming == 0 && conn->data_cb
949 && memcmp(&conn->source_local_reference,
950 &ref->destination_local_reference,
951 sizeof(conn->source_local_reference)) == 0) {
952 goto found;
953 }
954 }
955
956 DEBUGP(DSCCP, "Refused but no connection found\n");
957 return -1;
958
959found:
960 memset(&optional_data, 0, sizeof(optional_data));
961 if (_sccp_parse_optional_data(optional_offset + ref->optional_start, msgb, &optional_data) != 0) {
962 DEBUGP(DSCCP, "parsing of optional data failed.\n");
963 return -1;
964 }
965
966 /* optional data */
967 if (optional_data.data_len != 0 && conn->data_cb) {
968 msgb->l3h = &msgb->l2h[optional_data.data_start];
969 conn->data_cb(conn, msgb, optional_data.data_len);
970 }
971
972
973 llist_del(&conn->list);
974 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_REFUSED);
975 return 0;
976}
977
978static int _sccp_handle_connection_confirm(struct msgb *msgb)
979{
980 static u_int32_t header_size =
981 sizeof(struct sccp_connection_confirm);
982 static const u_int32_t optional_offset =
983 offsetof(struct sccp_connection_confirm, optional_start);
984
985 struct sccp_optional_data optional_data;
986 struct sccp_connection *conn;
987 struct sccp_connection_confirm *con;
988
989 /* header check */
990 if (msgb_l2len(msgb) < header_size) {
991 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
992 msgb_l2len(msgb), header_size);
993 return -1;
994 }
995
996 con = (struct sccp_connection_confirm *) msgb->l2h;
997
998 /* lookup if we have a connection with the given reference */
999 llist_for_each_entry(conn, &sccp_connections, list) {
1000 if (conn->incoming == 0 && conn->data_cb
1001 && memcmp(&conn->source_local_reference,
1002 &con->destination_local_reference,
1003 sizeof(conn->source_local_reference)) == 0) {
1004 goto found;
1005 }
1006 }
1007
1008 DEBUGP(DSCCP, "Confirmed but no connection found\n");
1009 return -1;
1010
1011found:
1012 /* copy the addresses of the connection */
1013 conn->destination_local_reference = con->source_local_reference;
1014 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_ESTABLISHED);
1015
1016 memset(&optional_data, 0, sizeof(optional_data));
1017 if (_sccp_parse_optional_data(optional_offset + con->optional_start, msgb, &optional_data) != 0) {
1018 DEBUGP(DSCCP, "parsing of optional data failed.\n");
1019 return -1;
1020 }
1021
1022 /* optional data */
1023 if (optional_data.data_len != 0 && conn->data_cb) {
1024 msgb->l3h = &msgb->l2h[optional_data.data_start];
1025 conn->data_cb(conn, msgb, optional_data.data_len);
1026 }
1027
1028 return 0;
1029}
1030
1031
1032int sccp_system_init(int (*outgoing)(struct msgb *data, void *ctx), void *ctx)
1033{
1034 sccp_system.write_data = outgoing;
1035 sccp_system.write_context = ctx;
1036
1037 return 0;
1038}
1039
1040/* oh my god a real SCCP packet. need to dispatch it now */
1041int sccp_system_incoming(struct msgb *msgb)
1042{
1043 if (msgb_l2len(msgb) < 1 ) {
1044 DEBUGP(DSCCP, "Too short packet\n");
1045 return -1;
1046 }
1047
1048 int type = msgb->l2h[0];
1049
1050 switch(type) {
1051 case SCCP_MSG_TYPE_CR:
1052 return _sccp_handle_connection_request(msgb);
1053 break;
1054 case SCCP_MSG_TYPE_RLSD:
1055 return _sccp_handle_connection_released(msgb);
1056 break;
1057 case SCCP_MSG_TYPE_CREF:
1058 return _sccp_handle_connection_refused(msgb);
1059 break;
1060 case SCCP_MSG_TYPE_CC:
1061 return _sccp_handle_connection_confirm(msgb);
1062 break;
1063 case SCCP_MSG_TYPE_RLC:
1064 return _sccp_handle_connection_release_complete(msgb);
1065 break;
1066 case SCCP_MSG_TYPE_DT1:
1067 return _sccp_handle_connection_dt1(msgb);
1068 break;
1069 case SCCP_MSG_TYPE_UDT:
1070 return _sccp_handle_read(msgb);
1071 break;
1072 default:
1073 DEBUGP(DSCCP, "unimplemented msg type: %d\n", type);
1074 };
1075
1076 return -1;
1077}
1078
1079/* create a packet from the data */
1080int sccp_connection_write(struct sccp_connection *connection, struct msgb *data)
1081{
1082 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1083 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1084 DEBUGP(DSCCP, "sccp_connection_write: Wrong connection state: %p %d\n",
1085 connection, connection->connection_state);
1086 return -1;
1087 }
1088
1089 return _sccp_send_connection_data(connection, data);
1090}
1091
Holger Hans Peter Freyther3b9516e2009-11-18 22:11:28 +0100[diff] [blame]1092/*
1093 * Send a Inactivity Test message. The owner of the connection
1094 * should start a timer and call this method regularily. Calling
1095 * this every 60 seconds should be good enough.
1096 */
1097int sccp_connection_send_it(struct sccp_connection *connection)
1098{
1099 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1100 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1101 DEBUGP(DSCCP, "sccp_connection_write: Wrong connection state: %p %d\n",
1102 connection, connection->connection_state);
1103 return -1;
1104 }
1105
1106 return _sccp_send_connection_it(connection);
1107}
1108
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]1109/* send a connection release and wait for the connection released */
1110int sccp_connection_close(struct sccp_connection *connection, int cause)
1111{
1112 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1113 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1114 DEBUGPC(DSCCP, "Can not close the connection. It was never opened: %p %d\n",
1115 connection, connection->connection_state);
1116 return -1;
1117 }
1118
1119 return _sccp_send_connection_released(connection, cause);
1120}
1121
1122int sccp_connection_free(struct sccp_connection *connection)
1123{
1124 if (connection->connection_state > SCCP_CONNECTION_STATE_NONE
1125 && connection->connection_state < SCCP_CONNECTION_STATE_RELEASE_COMPLETE) {
1126 DEBUGP(DSCCP, "The connection needs to be released before it is freed");
1127 return -1;
1128 }
1129
1130 talloc_free(connection);
1131 return 0;
1132}
1133
1134struct sccp_connection *sccp_connection_socket(void)
1135{
1136 return talloc_zero(tall_sccp_ctx, struct sccp_connection);
1137}
1138
1139int sccp_connection_connect(struct sccp_connection *conn,
1140 const struct sockaddr_sccp *local,
1141 struct msgb *data)
1142{
1143 return _sccp_send_connection_request(conn, local, data);
1144}
1145
1146int sccp_connection_set_incoming(const struct sockaddr_sccp *sock,
1147 int (*accept_cb)(struct sccp_connection *, void *), void *context)
1148{
1149 struct sccp_data_callback *cb;
1150
1151 if (!sock)
1152 return -2;
1153
1154 cb = _find_ssn(sock->sccp_ssn);
1155 if (!cb)
1156 return -1;
1157
1158 cb->accept_cb = accept_cb;
1159 cb->accept_context = context;
1160 return 0;
1161}
1162
1163int sccp_write(struct msgb *data, const struct sockaddr_sccp *in,
1164 const struct sockaddr_sccp *out, int class)
1165{
1166 return _sccp_send_data(class, in, out, data);
1167}
1168
1169int sccp_set_read(const struct sockaddr_sccp *sock,
1170 int (*read_cb)(struct msgb *, unsigned int, void *), void *context)
1171{
1172 struct sccp_data_callback *cb;
1173
1174 if (!sock)
1175 return -2;
1176
1177 cb = _find_ssn(sock->sccp_ssn);
1178 if (!cb)
1179 return -1;
1180
1181 cb->read_cb = read_cb;
1182 cb->read_context = context;
1183 return 0;
1184}
1185
1186static_assert(sizeof(struct sccp_source_reference) <= sizeof(u_int32_t), enough_space);
1187
1188u_int32_t sccp_src_ref_to_int(struct sccp_source_reference *ref)
1189{
1190 u_int32_t src_ref = 0;
1191 memcpy(&src_ref, ref, sizeof(*ref));
1192 return src_ref;
1193}
1194
1195struct sccp_source_reference sccp_src_ref_from_int(u_int32_t int_ref)
1196{
1197 struct sccp_source_reference ref;
1198 memcpy(&ref, &int_ref, sizeof(ref));
1199 return ref;
1200}
1201
Holger Hans Peter Freythera692fbc2010-01-13 09:55:43 +0100[diff] [blame]1202int sccp_determine_msg_type(struct msgb *msg)
1203{
1204 if (msgb_l2len(msg) < 1)
1205 return -1;
1206
1207 return msg->l2h[0];
1208}
1209
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]1210static __attribute__((constructor)) void on_dso_load(void)
1211{
1212 tall_sccp_ctx = talloc_named_const(NULL, 1, "sccp");
1213}
1214
1215static __attribute__((destructor)) void on_dso_unload(void)
1216{
1217 talloc_report_full(tall_sccp_ctx, stderr);
1218}