Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 3117b701c8d4645215896c459d6c608358a0a51b / . / src / libmsc / gsm_04_08_cc.c
blob: 2c17e22f5877fbbed77314528dca02809a2fc834 [file] [log] [blame]
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1/* GSM Mobile Radio Interface Layer 3 Call Control */
2
3/* (C) 2008-2016 by Harald Welte <laforge@gnumonks.org>
4 * (C) 2008-2012 by Holger Hans Peter Freyther <zecke@selfish.org>
5 *
6 * All Rights Reserved
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 *
21 */
22
23#include <stdio.h>
24#include <stdlib.h>
25#include <string.h>
26#include <stdbool.h>
27#include <errno.h>
28#include <time.h>
29#include <netinet/in.h>
30#include <regex.h>
31#include <sys/types.h>
32
33#include "bscconfig.h"
34
35#include <osmocom/msc/db.h>
36#include <osmocom/msc/debug.h>
37#include <osmocom/msc/gsm_data.h>
38#include <osmocom/msc/gsm_subscriber.h>
39#include <osmocom/msc/gsm_04_11.h>
40#include <osmocom/msc/gsm_04_08.h>
41#include <osmocom/msc/gsm_04_80.h>
42#include <osmocom/msc/gsm_04_14.h>
43#include <osmocom/msc/gsm_09_11.h>
44#include <osmocom/msc/signal.h>
45#include <osmocom/msc/transaction.h>
46#include <osmocom/msc/silent_call.h>
47#include <osmocom/msc/osmo_msc.h>
48#include <osmocom/msc/mncc_int.h>
49#include <osmocom/abis/e1_input.h>
50#include <osmocom/core/bitvec.h>
51#include <osmocom/msc/vlr.h>
52#include <osmocom/msc/msc_ifaces.h>
53
54#include <osmocom/gsm/gsm48.h>
55#include <osmocom/gsm/gsm0480.h>
56#include <osmocom/gsm/gsm_utils.h>
57#include <osmocom/gsm/protocol/gsm_04_08.h>
58#include <osmocom/core/msgb.h>
59#include <osmocom/core/talloc.h>
60#include <osmocom/core/utils.h>
61#include <osmocom/core/byteswap.h>
62#include <osmocom/gsm/tlv.h>
63#include <osmocom/crypt/auth.h>
64#ifdef BUILD_IU
65#include <osmocom/ranap/iu_client.h>
66#endif
67
68#include <osmocom/msc/msc_ifaces.h>
69#include <osmocom/msc/a_iface.h>
70#include <osmocom/msc/msc_mgcp.h>
71
72#include <assert.h>
73
74static uint32_t new_callref = 0x80000001;
75
76
77/* Call Control */
78
79void cc_tx_to_mncc(struct gsm_network *net, struct msgb *msg)
80{
81 net->mncc_recv(net, msg);
82}
83
84int gsm48_cc_tx_notify_ss(struct gsm_trans *trans, const char *message)
85{
86 struct gsm48_hdr *gh;
87 struct msgb *ss_notify;
88
89 ss_notify = gsm0480_create_notifySS(message);
90 if (!ss_notify)
91 return -1;
92
93 gsm0480_wrap_invoke(ss_notify, GSM0480_OP_CODE_NOTIFY_SS, 0);
94 uint8_t *data = msgb_push(ss_notify, 1);
95 data[0] = ss_notify->len - 1;
96 gh = (struct gsm48_hdr *) msgb_push(ss_notify, sizeof(*gh));
97 gh->msg_type = GSM48_MT_CC_FACILITY;
98 return gsm48_conn_sendmsg(ss_notify, trans->conn, trans);
99}
100
101/* FIXME: this count_statistics is a state machine behaviour. we should convert
102 * the complete call control into a state machine. Afterwards we can move this
103 * code into state transitions.
104 */
105static void count_statistics(struct gsm_trans *trans, int new_state)
106{
107 int old_state = trans->cc.state;
108 struct rate_ctr_group *msc = trans->net->msc_ctrs;
109
110 if (old_state == new_state)
111 return;
112
113 /* state incoming */
114 switch (new_state) {
115 case GSM_CSTATE_ACTIVE:
116 osmo_counter_inc(trans->net->active_calls);
117 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_ACTIVE]);
118 break;
119 }
120
121 /* state outgoing */
122 switch (old_state) {
123 case GSM_CSTATE_ACTIVE:
124 osmo_counter_dec(trans->net->active_calls);
125 if (new_state == GSM_CSTATE_DISCONNECT_REQ ||
126 new_state == GSM_CSTATE_DISCONNECT_IND)
127 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_COMPLETE]);
128 else
129 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_INCOMPLETE]);
130 break;
131 }
132}
133
134/* The entire call control code is written in accordance with Figure 7.10c
135 * for 'very early assignment', i.e. we allocate a TCH/F during IMMEDIATE
136 * ASSIGN, then first use that TCH/F for signalling and later MODE MODIFY
137 * it for voice */
138
139static void new_cc_state(struct gsm_trans *trans, int state)
140{
141 if (state > 31 || state < 0)
142 return;
143
144 DEBUGP(DCC, "(ti %02x sub %s) new state %s -> %s\n",
145 trans->transaction_id,
146 vlr_subscr_name(trans->vsub),
147 gsm48_cc_state_name(trans->cc.state),
148 gsm48_cc_state_name(state));
149
150 count_statistics(trans, state);
151 trans->cc.state = state;
152}
153
154static int gsm48_cc_tx_status(struct gsm_trans *trans, void *arg)
155{
156 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC STATUS");
157 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
158 uint8_t *cause, *call_state;
159
160 gh->msg_type = GSM48_MT_CC_STATUS;
161
162 cause = msgb_put(msg, 3);
163 cause[0] = 2;
164 cause[1] = GSM48_CAUSE_CS_GSM | GSM48_CAUSE_LOC_USER;
165 cause[2] = 0x80 | 30; /* response to status inquiry */
166
167 call_state = msgb_put(msg, 1);
168 call_state[0] = 0xc0 | 0x00;
169
170 return gsm48_conn_sendmsg(msg, trans->conn, trans);
171}
172
173static void gsm48_stop_cc_timer(struct gsm_trans *trans)
174{
175 if (osmo_timer_pending(&trans->cc.timer)) {
176 DEBUGP(DCC, "stopping pending timer T%x\n", trans->cc.Tcurrent);
177 osmo_timer_del(&trans->cc.timer);
178 trans->cc.Tcurrent = 0;
179 }
180}
181
182static int mncc_recvmsg(struct gsm_network *net, struct gsm_trans *trans,
183 int msg_type, struct gsm_mncc *mncc)
184{
185 struct msgb *msg;
186 unsigned char *data;
187
188 DEBUGP(DMNCC, "transmit message %s\n", get_mncc_name(msg_type));
189
190#if BEFORE_MSCSPLIT
191 /* Re-enable this log output once we can obtain this information via
192 * A-interface, see OS#2391. */
193 if (trans)
194 if (trans->conn && trans->conn->lchan)
195 DEBUGP(DCC, "(bts %d trx %d ts %d ti %x sub %s) "
196 "Sending '%s' to MNCC.\n",
197 trans->conn->lchan->ts->trx->bts->nr,
198 trans->conn->lchan->ts->trx->nr,
199 trans->conn->lchan->ts->nr, trans->transaction_id,
200 vlr_subscr_msisdn_or_name(trans->vsub),
201 get_mncc_name(msg_type));
202 else
203 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
204 "Sending '%s' to MNCC.\n",
205 vlr_subscr_msisdn_or_name(trans->vsub),
206 get_mncc_name(msg_type));
207 else
208 DEBUGP(DCC, "(bts - trx - ts - ti -- sub -) "
209 "Sending '%s' to MNCC.\n", get_mncc_name(msg_type));
210#else
211 DEBUGP(DCC, "Sending '%s' to MNCC.\n", get_mncc_name(msg_type));
212#endif
213
214 mncc->msg_type = msg_type;
215
216 msg = msgb_alloc(sizeof(struct gsm_mncc), "MNCC");
217 if (!msg)
218 return -ENOMEM;
219
220 data = msgb_put(msg, sizeof(struct gsm_mncc));
221 memcpy(data, mncc, sizeof(struct gsm_mncc));
222
223 cc_tx_to_mncc(net, msg);
224
225 return 0;
226}
227
228int mncc_release_ind(struct gsm_network *net, struct gsm_trans *trans,
229 uint32_t callref, int location, int value)
230{
231 struct gsm_mncc rel;
232
233 memset(&rel, 0, sizeof(rel));
234 rel.callref = callref;
235 mncc_set_cause(&rel, location, value);
236 if (trans && trans->cc.state == GSM_CSTATE_RELEASE_REQ)
237 return mncc_recvmsg(net, trans, MNCC_REL_CNF, &rel);
238 return mncc_recvmsg(net, trans, MNCC_REL_IND, &rel);
239}
240
241/* Call Control Specific transaction release.
242 * gets called by trans_free, DO NOT CALL YOURSELF! */
243void _gsm48_cc_trans_free(struct gsm_trans *trans)
244{
245 gsm48_stop_cc_timer(trans);
246
247 /* Initiate the teardown of the related connections on the MGW */
248 msc_mgcp_call_release(trans);
249
250 /* send release to L4, if callref still exists */
251 if (trans->callref) {
252 /* Ressource unavailable */
253 mncc_release_ind(trans->net, trans, trans->callref,
254 GSM48_CAUSE_LOC_PRN_S_LU,
255 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
256 /* This is a final freeing of the transaction. The MNCC release may have triggered the
257 * T308 release timer, but we don't have the luxury of graceful CC Release here. */
258 gsm48_stop_cc_timer(trans);
259 }
260 if (trans->cc.state != GSM_CSTATE_NULL)
261 new_cc_state(trans, GSM_CSTATE_NULL);
262}
263
264static int gsm48_cc_tx_setup(struct gsm_trans *trans, void *arg);
265
266/* call-back from paging the B-end of the connection */
267static int setup_trig_pag_evt(unsigned int hooknum, unsigned int event,
268 struct msgb *msg, void *_conn, void *_transt)
269{
270 struct gsm_subscriber_connection *conn = _conn;
271 struct gsm_trans *transt = _transt;
272 enum gsm_paging_event paging_event = event;
273
274 OSMO_ASSERT(!transt->conn);
275
276 switch (paging_event) {
277 case GSM_PAGING_SUCCEEDED:
278 DEBUGP(DCC, "Paging subscr %s succeeded!\n",
279 vlr_subscr_msisdn_or_name(transt->vsub));
280 OSMO_ASSERT(conn);
281 /* Assign conn */
282 transt->conn = msc_subscr_conn_get(conn, MSC_CONN_USE_TRANS_CC);
283 transt->paging_request = NULL;
284 /* send SETUP request to called party */
285 gsm48_cc_tx_setup(transt, &transt->cc.msg);
286 break;
287 case GSM_PAGING_EXPIRED:
288 case GSM_PAGING_BUSY:
289 DEBUGP(DCC, "Paging subscr %s %s!\n",
290 vlr_subscr_msisdn_or_name(transt->vsub),
291 paging_event == GSM_PAGING_EXPIRED ? "expired" : "busy");
292 /* Temporarily out of order */
293 mncc_release_ind(transt->net, transt,
294 transt->callref,
295 GSM48_CAUSE_LOC_PRN_S_LU,
296 GSM48_CC_CAUSE_DEST_OOO);
297 transt->callref = 0;
298 transt->paging_request = NULL;
299 trans_free(transt);
300 break;
301 }
302
303 return 0;
304}
305
306/* bridge channels of two transactions */
307static int tch_bridge(struct gsm_network *net, struct gsm_mncc_bridge *bridge)
308{
309 struct gsm_trans *trans1 = trans_find_by_callref(net, bridge->callref[0]);
310 struct gsm_trans *trans2 = trans_find_by_callref(net, bridge->callref[1]);
311 int rc;
312
313 if (!trans1 || !trans2)
314 return -EIO;
315
316 if (!trans1->conn || !trans2->conn)
317 return -EIO;
318
319 /* Which subscriber do we want to track trans1 or trans2? */
320 log_set_context(LOG_CTX_VLR_SUBSCR, trans1->vsub);
321
Philipp Maier8ad3dac2018-08-07 13:00:14 +0200[diff] [blame]322 /* This call briding mechanism is only used with the internal MNCC.
323 * functionality (with external MNCC briding would be done by the PBX)
324 * This means we may just copy the codec info we have for the RAN side
325 * of the first leg to the CN side of both legs. This also means that
326 * if both legs use different codecs the MGW must perform transcoding
327 * on the second leg. */
328 trans1->conn->rtp.codec_cn = trans1->conn->rtp.codec_ran;
329 trans2->conn->rtp.codec_cn = trans1->conn->rtp.codec_ran;
330
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]331 /* Bridge RTP streams */
332 rc = msc_mgcp_call_complete(trans1, trans2->conn->rtp.local_port_cn,
333 trans2->conn->rtp.local_addr_cn);
334 if (rc)
335 return -EINVAL;
336
337 rc = msc_mgcp_call_complete(trans2, trans1->conn->rtp.local_port_cn,
338 trans1->conn->rtp.local_addr_cn);
339 if (rc)
340 return -EINVAL;
341
342 return 0;
343}
344
345static int gsm48_cc_rx_status_enq(struct gsm_trans *trans, struct msgb *msg)
346{
347 DEBUGP(DCC, "-> STATUS ENQ\n");
348 return gsm48_cc_tx_status(trans, msg);
349}
350
351static int gsm48_cc_tx_release(struct gsm_trans *trans, void *arg);
352static int gsm48_cc_tx_disconnect(struct gsm_trans *trans, void *arg);
353
354static void gsm48_cc_timeout(void *arg)
355{
356 struct gsm_trans *trans = arg;
357 int disconnect = 0, release = 0;
358 int mo_cause = GSM48_CC_CAUSE_RECOVERY_TIMER;
359 int mo_location = GSM48_CAUSE_LOC_USER;
360 int l4_cause = GSM48_CC_CAUSE_NORMAL_UNSPEC;
361 int l4_location = GSM48_CAUSE_LOC_PRN_S_LU;
362 struct gsm_mncc mo_rel, l4_rel;
363
364 memset(&mo_rel, 0, sizeof(struct gsm_mncc));
365 mo_rel.callref = trans->callref;
366 memset(&l4_rel, 0, sizeof(struct gsm_mncc));
367 l4_rel.callref = trans->callref;
368
369 switch(trans->cc.Tcurrent) {
370 case 0x303:
371 release = 1;
372 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
373 break;
374 case 0x310:
375 disconnect = 1;
376 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
377 break;
378 case 0x313:
379 disconnect = 1;
380 /* unknown, did not find it in the specs */
381 break;
382 case 0x301:
383 disconnect = 1;
384 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
385 break;
386 case 0x308:
387 if (!trans->cc.T308_second) {
388 /* restart T308 a second time */
389 gsm48_cc_tx_release(trans, &trans->cc.msg);
390 trans->cc.T308_second = 1;
391 break; /* stay in release state */
392 }
393 trans_free(trans);
394 return;
395 case 0x306:
396 release = 1;
397 mo_cause = trans->cc.msg.cause.value;
398 mo_location = trans->cc.msg.cause.location;
399 break;
400 case 0x323:
401 disconnect = 1;
402 break;
403 default:
404 release = 1;
405 }
406
407 if (release && trans->callref) {
408 /* process release towards layer 4 */
409 mncc_release_ind(trans->net, trans, trans->callref,
410 l4_location, l4_cause);
411 trans->callref = 0;
412 }
413
414 if (disconnect && trans->callref) {
415 /* process disconnect towards layer 4 */
416 mncc_set_cause(&l4_rel, l4_location, l4_cause);
417 mncc_recvmsg(trans->net, trans, MNCC_DISC_IND, &l4_rel);
418 }
419
420 /* process disconnect towards mobile station */
421 if (disconnect || release) {
422 mncc_set_cause(&mo_rel, mo_location, mo_cause);
423 mo_rel.cause.diag[0] = ((trans->cc.Tcurrent & 0xf00) >> 8) + '0';
424 mo_rel.cause.diag[1] = ((trans->cc.Tcurrent & 0x0f0) >> 4) + '0';
425 mo_rel.cause.diag[2] = (trans->cc.Tcurrent & 0x00f) + '0';
426 mo_rel.cause.diag_len = 3;
427
428 if (disconnect)
429 gsm48_cc_tx_disconnect(trans, &mo_rel);
430 if (release)
431 gsm48_cc_tx_release(trans, &mo_rel);
432 }
433
434}
435
436/* disconnect both calls from the bridge */
437static inline void disconnect_bridge(struct gsm_network *net,
438 struct gsm_mncc_bridge *bridge, int err)
439{
440 struct gsm_trans *trans0 = trans_find_by_callref(net, bridge->callref[0]);
441 struct gsm_trans *trans1 = trans_find_by_callref(net, bridge->callref[1]);
442 struct gsm_mncc mx_rel;
443 if (!trans0 || !trans1)
444 return;
445
446 DEBUGP(DCC, "Failed to bridge TCH for calls %x <-> %x :: %s \n",
447 trans0->callref, trans1->callref, strerror(err));
448
449 memset(&mx_rel, 0, sizeof(struct gsm_mncc));
450 mncc_set_cause(&mx_rel, GSM48_CAUSE_LOC_INN_NET,
451 GSM48_CC_CAUSE_CHAN_UNACCEPT);
452
453 mx_rel.callref = trans0->callref;
454 gsm48_cc_tx_disconnect(trans0, &mx_rel);
455
456 mx_rel.callref = trans1->callref;
457 gsm48_cc_tx_disconnect(trans1, &mx_rel);
458}
459
460static void gsm48_start_cc_timer(struct gsm_trans *trans, int current,
461 int sec, int micro)
462{
463 DEBUGP(DCC, "starting timer T%x with %d seconds\n", current, sec);
464 osmo_timer_setup(&trans->cc.timer, gsm48_cc_timeout, trans);
465 osmo_timer_schedule(&trans->cc.timer, sec, micro);
466 trans->cc.Tcurrent = current;
467}
468
469static int gsm48_cc_rx_setup(struct gsm_trans *trans, struct msgb *msg)
470{
471 struct gsm48_hdr *gh = msgb_l3(msg);
472 uint8_t msg_type = gsm48_hdr_msg_type(gh);
473 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
474 struct tlv_parsed tp;
475 struct gsm_mncc setup;
476
477 memset(&setup, 0, sizeof(struct gsm_mncc));
478 setup.callref = trans->callref;
479
480 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
481 /* emergency setup is identified by msg_type */
482 if (msg_type == GSM48_MT_CC_EMERG_SETUP) {
483 setup.fields |= MNCC_F_EMERGENCY;
484 setup.emergency = 1;
485 /* use destination number as configured by user (if any) */
486 if (trans->net->emergency.route_to_msisdn) {
487 setup.fields |= MNCC_F_CALLED;
488 setup.called.type = 0; /* unknown */
489 setup.called.plan = 0; /* unknown */
490 OSMO_STRLCPY_ARRAY(setup.called.number,
491 trans->net->emergency.route_to_msisdn);
492 }
493 }
494
495 /* use subscriber as calling party number */
496 setup.fields |= MNCC_F_CALLING;
497 OSMO_STRLCPY_ARRAY(setup.calling.number, trans->vsub->msisdn);
498 OSMO_STRLCPY_ARRAY(setup.imsi, trans->vsub->imsi);
499
500 /* bearer capability */
501 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
502 setup.fields |= MNCC_F_BEARER_CAP;
503 gsm48_decode_bearer_cap(&setup.bearer_cap,
504 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
505
506 /* Create a copy of the bearer capability
507 * in the transaction struct, so we can use
508 * this information later */
509 memcpy(&trans->bearer_cap,&setup.bearer_cap,
510 sizeof(trans->bearer_cap));
511 }
512 /* facility */
513 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
514 setup.fields |= MNCC_F_FACILITY;
515 gsm48_decode_facility(&setup.facility,
516 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
517 }
518 /* called party bcd number */
519 if (TLVP_PRESENT(&tp, GSM48_IE_CALLED_BCD)) {
520 setup.fields |= MNCC_F_CALLED;
521 gsm48_decode_called(&setup.called,
522 TLVP_VAL(&tp, GSM48_IE_CALLED_BCD)-1);
523 }
524 /* user-user */
525 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
526 setup.fields |= MNCC_F_USERUSER;
527 gsm48_decode_useruser(&setup.useruser,
528 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
529 }
530 /* ss-version */
531 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
532 setup.fields |= MNCC_F_SSVERSION;
533 gsm48_decode_ssversion(&setup.ssversion,
534 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
535 }
536 /* CLIR suppression */
537 if (TLVP_PRESENT(&tp, GSM48_IE_CLIR_SUPP))
538 setup.clir.sup = 1;
539 /* CLIR invocation */
540 if (TLVP_PRESENT(&tp, GSM48_IE_CLIR_INVOC))
541 setup.clir.inv = 1;
542 /* cc cap */
543 if (TLVP_PRESENT(&tp, GSM48_IE_CC_CAP)) {
544 setup.fields |= MNCC_F_CCCAP;
545 gsm48_decode_cccap(&setup.cccap,
546 TLVP_VAL(&tp, GSM48_IE_CC_CAP)-1);
547 }
548
549 new_cc_state(trans, GSM_CSTATE_INITIATED);
550
551 LOGP(DCC, setup.emergency ? LOGL_NOTICE : LOGL_INFO, "Subscriber %s (%s) sends %sSETUP to %s\n",
552 vlr_subscr_name(trans->vsub), trans->vsub->msisdn, setup.emergency ? "EMERGENCY_" : "",
553 setup.called.number);
554
555 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MO_SETUP]);
556
557 /* indicate setup to MNCC */
558 mncc_recvmsg(trans->net, trans, MNCC_SETUP_IND, &setup);
559
560 /* MNCC code will modify the channel asynchronously, we should
561 * ipaccess-bind only after the modification has been made to the
562 * lchan->tch_mode */
563 return 0;
564}
565
566static int gsm48_cc_tx_setup(struct gsm_trans *trans, void *arg)
567{
568 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC STUP");
569 struct gsm48_hdr *gh;
570 struct gsm_mncc *setup = arg;
571 int rc, trans_id;
572
573 gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
574
575 /* transaction id must not be assigned */
576 if (trans->transaction_id != 0xff) { /* unasssigned */
577 DEBUGP(DCC, "TX Setup with assigned transaction. "
578 "This is not allowed!\n");
579 /* Temporarily out of order */
580 rc = mncc_release_ind(trans->net, trans, trans->callref,
581 GSM48_CAUSE_LOC_PRN_S_LU,
582 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
583 trans->callref = 0;
584 trans_free(trans);
585 return rc;
586 }
587
588 /* Get free transaction_id */
589 trans_id = trans_assign_trans_id(trans->net, trans->vsub,
590 GSM48_PDISC_CC, 0);
591 if (trans_id < 0) {
592 /* no free transaction ID */
593 rc = mncc_release_ind(trans->net, trans, trans->callref,
594 GSM48_CAUSE_LOC_PRN_S_LU,
595 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
596 trans->callref = 0;
597 trans_free(trans);
598 return rc;
599 }
600 trans->transaction_id = trans_id;
601
602 gh->msg_type = GSM48_MT_CC_SETUP;
603
604 gsm48_start_cc_timer(trans, 0x303, GSM48_T303);
605
606 /* bearer capability */
607 if (setup->fields & MNCC_F_BEARER_CAP) {
608 /* Create a copy of the bearer capability in the transaction struct, so we
609 * can use this information later */
610 memcpy(&trans->bearer_cap, &setup->bearer_cap, sizeof(trans->bearer_cap));
611 gsm48_encode_bearer_cap(msg, 0, &setup->bearer_cap);
612 }
613 /* facility */
614 if (setup->fields & MNCC_F_FACILITY)
615 gsm48_encode_facility(msg, 0, &setup->facility);
616 /* progress */
617 if (setup->fields & MNCC_F_PROGRESS)
618 gsm48_encode_progress(msg, 0, &setup->progress);
619 /* calling party BCD number */
620 if (setup->fields & MNCC_F_CALLING)
621 gsm48_encode_calling(msg, &setup->calling);
622 /* called party BCD number */
623 if (setup->fields & MNCC_F_CALLED)
624 gsm48_encode_called(msg, &setup->called);
625 /* user-user */
626 if (setup->fields & MNCC_F_USERUSER)
627 gsm48_encode_useruser(msg, 0, &setup->useruser);
628 /* redirecting party BCD number */
629 if (setup->fields & MNCC_F_REDIRECTING)
630 gsm48_encode_redirecting(msg, &setup->redirecting);
631 /* signal */
632 if (setup->fields & MNCC_F_SIGNAL)
633 gsm48_encode_signal(msg, setup->signal);
634
635 new_cc_state(trans, GSM_CSTATE_CALL_PRESENT);
636
637 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MT_SETUP]);
638
639 return gsm48_conn_sendmsg(msg, trans->conn, trans);
640}
641
642static int gsm48_cc_rx_call_conf(struct gsm_trans *trans, struct msgb *msg)
643{
644 struct gsm48_hdr *gh = msgb_l3(msg);
645 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
646 struct tlv_parsed tp;
647 struct gsm_mncc call_conf;
648 int rc;
649
650 gsm48_stop_cc_timer(trans);
651 gsm48_start_cc_timer(trans, 0x310, GSM48_T310);
652
653 memset(&call_conf, 0, sizeof(struct gsm_mncc));
654 call_conf.callref = trans->callref;
655
656 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
657#if 0
658 /* repeat */
659 if (TLVP_PRESENT(&tp, GSM48_IE_REPEAT_CIR))
660 call_conf.repeat = 1;
661 if (TLVP_PRESENT(&tp, GSM48_IE_REPEAT_SEQ))
662 call_conf.repeat = 2;
663#endif
664 /* bearer capability */
665 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
666 call_conf.fields |= MNCC_F_BEARER_CAP;
667 gsm48_decode_bearer_cap(&call_conf.bearer_cap,
668 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
669
670 /* Create a copy of the bearer capability
671 * in the transaction struct, so we can use
672 * this information later */
673 memcpy(&trans->bearer_cap,&call_conf.bearer_cap,
674 sizeof(trans->bearer_cap));
675 }
676 /* cause */
677 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
678 call_conf.fields |= MNCC_F_CAUSE;
679 gsm48_decode_cause(&call_conf.cause,
680 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
681 }
682 /* cc cap */
683 if (TLVP_PRESENT(&tp, GSM48_IE_CC_CAP)) {
684 call_conf.fields |= MNCC_F_CCCAP;
685 gsm48_decode_cccap(&call_conf.cccap,
686 TLVP_VAL(&tp, GSM48_IE_CC_CAP)-1);
687 }
688
689 /* IMSI of called subscriber */
690 OSMO_STRLCPY_ARRAY(call_conf.imsi, trans->vsub->imsi);
691
692 new_cc_state(trans, GSM_CSTATE_MO_TERM_CALL_CONF);
693
694 /* Assign call (if not done yet) */
695 if (trans->assignment_done == false) {
696 rc = msc_mgcp_call_assignment(trans);
697 trans->assignment_done = true;
698 }
699 else
700 rc = 0;
701
702 /* don't continue, if there were problems with
703 * the call assignment. */
704 if (rc)
705 return rc;
706
707 return mncc_recvmsg(trans->net, trans, MNCC_CALL_CONF_IND,
708 &call_conf);
709}
710
711static int gsm48_cc_tx_call_proc_and_assign(struct gsm_trans *trans, void *arg)
712{
713 struct gsm_mncc *proceeding = arg;
714 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC PROC");
715 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
716 int rc;
717
718 gh->msg_type = GSM48_MT_CC_CALL_PROC;
719
720 new_cc_state(trans, GSM_CSTATE_MO_CALL_PROC);
721
722 /* bearer capability */
723 if (proceeding->fields & MNCC_F_BEARER_CAP) {
724 gsm48_encode_bearer_cap(msg, 0, &proceeding->bearer_cap);
725 memcpy(&trans->bearer_cap, &proceeding->bearer_cap, sizeof(trans->bearer_cap));
726 }
727 /* facility */
728 if (proceeding->fields & MNCC_F_FACILITY)
729 gsm48_encode_facility(msg, 0, &proceeding->facility);
730 /* progress */
731 if (proceeding->fields & MNCC_F_PROGRESS)
732 gsm48_encode_progress(msg, 0, &proceeding->progress);
733
734 rc = gsm48_conn_sendmsg(msg, trans->conn, trans);
735 if (rc)
736 return rc;
737
738 /* Assign call (if not done yet) */
739 if (trans->assignment_done == false) {
740 rc = msc_mgcp_call_assignment(trans);
741 trans->assignment_done = true;
742 }
743 else
744 rc = 0;
745
746 return rc;
747}
748
749static int gsm48_cc_rx_alerting(struct gsm_trans *trans, struct msgb *msg)
750{
751 struct gsm48_hdr *gh = msgb_l3(msg);
752 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
753 struct tlv_parsed tp;
754 struct gsm_mncc alerting;
755
756 gsm48_stop_cc_timer(trans);
757 gsm48_start_cc_timer(trans, 0x301, GSM48_T301);
758
759 memset(&alerting, 0, sizeof(struct gsm_mncc));
760 alerting.callref = trans->callref;
761 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
762 /* facility */
763 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
764 alerting.fields |= MNCC_F_FACILITY;
765 gsm48_decode_facility(&alerting.facility,
766 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
767 }
768
769 /* progress */
770 if (TLVP_PRESENT(&tp, GSM48_IE_PROGR_IND)) {
771 alerting.fields |= MNCC_F_PROGRESS;
772 gsm48_decode_progress(&alerting.progress,
773 TLVP_VAL(&tp, GSM48_IE_PROGR_IND)-1);
774 }
775 /* ss-version */
776 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
777 alerting.fields |= MNCC_F_SSVERSION;
778 gsm48_decode_ssversion(&alerting.ssversion,
779 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
780 }
781
782 new_cc_state(trans, GSM_CSTATE_CALL_RECEIVED);
783
784 return mncc_recvmsg(trans->net, trans, MNCC_ALERT_IND,
785 &alerting);
786}
787
788static int gsm48_cc_tx_alerting(struct gsm_trans *trans, void *arg)
789{
790 struct gsm_mncc *alerting = arg;
791 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC ALERT");
792 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
793
794 gh->msg_type = GSM48_MT_CC_ALERTING;
795
796 /* facility */
797 if (alerting->fields & MNCC_F_FACILITY)
798 gsm48_encode_facility(msg, 0, &alerting->facility);
799 /* progress */
800 if (alerting->fields & MNCC_F_PROGRESS)
801 gsm48_encode_progress(msg, 0, &alerting->progress);
802 /* user-user */
803 if (alerting->fields & MNCC_F_USERUSER)
804 gsm48_encode_useruser(msg, 0, &alerting->useruser);
805
806 new_cc_state(trans, GSM_CSTATE_CALL_DELIVERED);
807
808 return gsm48_conn_sendmsg(msg, trans->conn, trans);
809}
810
811static int gsm48_cc_tx_progress(struct gsm_trans *trans, void *arg)
812{
813 struct gsm_mncc *progress = arg;
814 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC PROGRESS");
815 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
816
817 gh->msg_type = GSM48_MT_CC_PROGRESS;
818
819 /* progress */
820 gsm48_encode_progress(msg, 1, &progress->progress);
821 /* user-user */
822 if (progress->fields & MNCC_F_USERUSER)
823 gsm48_encode_useruser(msg, 0, &progress->useruser);
824
825 return gsm48_conn_sendmsg(msg, trans->conn, trans);
826}
827
828static int gsm48_cc_tx_connect(struct gsm_trans *trans, void *arg)
829{
830 struct gsm_mncc *connect = arg;
831 struct msgb *msg = gsm48_msgb_alloc_name("GSN 04.08 CC CON");
832 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
833
834 gh->msg_type = GSM48_MT_CC_CONNECT;
835
836 gsm48_stop_cc_timer(trans);
837 gsm48_start_cc_timer(trans, 0x313, GSM48_T313);
838
839 /* facility */
840 if (connect->fields & MNCC_F_FACILITY)
841 gsm48_encode_facility(msg, 0, &connect->facility);
842 /* progress */
843 if (connect->fields & MNCC_F_PROGRESS)
844 gsm48_encode_progress(msg, 0, &connect->progress);
845 /* connected number */
846 if (connect->fields & MNCC_F_CONNECTED)
847 gsm48_encode_connected(msg, &connect->connected);
848 /* user-user */
849 if (connect->fields & MNCC_F_USERUSER)
850 gsm48_encode_useruser(msg, 0, &connect->useruser);
851
852 new_cc_state(trans, GSM_CSTATE_CONNECT_IND);
853
854 return gsm48_conn_sendmsg(msg, trans->conn, trans);
855}
856
857static int gsm48_cc_rx_connect(struct gsm_trans *trans, struct msgb *msg)
858{
859 struct gsm48_hdr *gh = msgb_l3(msg);
860 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
861 struct tlv_parsed tp;
862 struct gsm_mncc connect;
863
864 gsm48_stop_cc_timer(trans);
865
866 memset(&connect, 0, sizeof(struct gsm_mncc));
867 connect.callref = trans->callref;
868 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
869 /* use subscriber as connected party number */
870 connect.fields |= MNCC_F_CONNECTED;
871 OSMO_STRLCPY_ARRAY(connect.connected.number, trans->vsub->msisdn);
872 OSMO_STRLCPY_ARRAY(connect.imsi, trans->vsub->imsi);
873
874 /* facility */
875 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
876 connect.fields |= MNCC_F_FACILITY;
877 gsm48_decode_facility(&connect.facility,
878 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
879 }
880 /* user-user */
881 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
882 connect.fields |= MNCC_F_USERUSER;
883 gsm48_decode_useruser(&connect.useruser,
884 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
885 }
886 /* ss-version */
887 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
888 connect.fields |= MNCC_F_SSVERSION;
889 gsm48_decode_ssversion(&connect.ssversion,
890 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
891 }
892
893 new_cc_state(trans, GSM_CSTATE_CONNECT_REQUEST);
894 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MT_CONNECT]);
895
896 return mncc_recvmsg(trans->net, trans, MNCC_SETUP_CNF, &connect);
897}
898
899
900static int gsm48_cc_rx_connect_ack(struct gsm_trans *trans, struct msgb *msg)
901{
902 struct gsm_mncc connect_ack;
903
904 gsm48_stop_cc_timer(trans);
905
906 new_cc_state(trans, GSM_CSTATE_ACTIVE);
907 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MO_CONNECT_ACK]);
908
909 memset(&connect_ack, 0, sizeof(struct gsm_mncc));
910 connect_ack.callref = trans->callref;
911
912 return mncc_recvmsg(trans->net, trans, MNCC_SETUP_COMPL_IND,
913 &connect_ack);
914}
915
916static int gsm48_cc_tx_connect_ack(struct gsm_trans *trans, void *arg)
917{
918 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC CON ACK");
919 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
920
921 gh->msg_type = GSM48_MT_CC_CONNECT_ACK;
922
923 new_cc_state(trans, GSM_CSTATE_ACTIVE);
924
925 return gsm48_conn_sendmsg(msg, trans->conn, trans);
926}
927
928static int gsm48_cc_rx_disconnect(struct gsm_trans *trans, struct msgb *msg)
929{
930 struct gsm48_hdr *gh = msgb_l3(msg);
931 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
932 struct tlv_parsed tp;
933 struct gsm_mncc disc;
934
935 gsm48_stop_cc_timer(trans);
936
937 new_cc_state(trans, GSM_CSTATE_DISCONNECT_REQ);
938
939 memset(&disc, 0, sizeof(struct gsm_mncc));
940 disc.callref = trans->callref;
941 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_CAUSE, 0);
942 /* cause */
943 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
944 disc.fields |= MNCC_F_CAUSE;
945 gsm48_decode_cause(&disc.cause,
946 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
947 }
948 /* facility */
949 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
950 disc.fields |= MNCC_F_FACILITY;
951 gsm48_decode_facility(&disc.facility,
952 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
953 }
954 /* user-user */
955 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
956 disc.fields |= MNCC_F_USERUSER;
957 gsm48_decode_useruser(&disc.useruser,
958 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
959 }
960 /* ss-version */
961 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
962 disc.fields |= MNCC_F_SSVERSION;
963 gsm48_decode_ssversion(&disc.ssversion,
964 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
965 }
966
967 return mncc_recvmsg(trans->net, trans, MNCC_DISC_IND, &disc);
968
969}
970
971static struct gsm_mncc_cause default_cause = {
972 .location = GSM48_CAUSE_LOC_PRN_S_LU,
973 .coding = 0,
974 .rec = 0,
975 .rec_val = 0,
976 .value = GSM48_CC_CAUSE_NORMAL_UNSPEC,
977 .diag_len = 0,
978 .diag = { 0 },
979};
980
981static int gsm48_cc_tx_disconnect(struct gsm_trans *trans, void *arg)
982{
983 struct gsm_mncc *disc = arg;
984 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC DISC");
985 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
986
987 gh->msg_type = GSM48_MT_CC_DISCONNECT;
988
989 gsm48_stop_cc_timer(trans);
990 gsm48_start_cc_timer(trans, 0x306, GSM48_T306);
991
992 /* cause */
993 if (disc->fields & MNCC_F_CAUSE)
994 gsm48_encode_cause(msg, 1, &disc->cause);
995 else
996 gsm48_encode_cause(msg, 1, &default_cause);
997
998 /* facility */
999 if (disc->fields & MNCC_F_FACILITY)
1000 gsm48_encode_facility(msg, 0, &disc->facility);
1001 /* progress */
1002 if (disc->fields & MNCC_F_PROGRESS)
1003 gsm48_encode_progress(msg, 0, &disc->progress);
1004 /* user-user */
1005 if (disc->fields & MNCC_F_USERUSER)
1006 gsm48_encode_useruser(msg, 0, &disc->useruser);
1007
1008 /* store disconnect cause for T306 expiry */
1009 memcpy(&trans->cc.msg, disc, sizeof(struct gsm_mncc));
1010
1011 new_cc_state(trans, GSM_CSTATE_DISCONNECT_IND);
1012
1013 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1014}
1015
1016static int gsm48_cc_rx_release(struct gsm_trans *trans, struct msgb *msg)
1017{
1018 struct gsm48_hdr *gh = msgb_l3(msg);
1019 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1020 struct tlv_parsed tp;
1021 struct gsm_mncc rel;
1022 int rc;
1023
1024 gsm48_stop_cc_timer(trans);
1025
1026 memset(&rel, 0, sizeof(struct gsm_mncc));
1027 rel.callref = trans->callref;
1028 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1029 /* cause */
1030 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1031 rel.fields |= MNCC_F_CAUSE;
1032 gsm48_decode_cause(&rel.cause,
1033 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1034 }
1035 /* facility */
1036 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1037 rel.fields |= MNCC_F_FACILITY;
1038 gsm48_decode_facility(&rel.facility,
1039 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1040 }
1041 /* user-user */
1042 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1043 rel.fields |= MNCC_F_USERUSER;
1044 gsm48_decode_useruser(&rel.useruser,
1045 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1046 }
1047 /* ss-version */
1048 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1049 rel.fields |= MNCC_F_SSVERSION;
1050 gsm48_decode_ssversion(&rel.ssversion,
1051 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1052 }
1053
1054 if (trans->cc.state == GSM_CSTATE_RELEASE_REQ) {
1055 /* release collision 5.4.5 */
1056 rc = mncc_recvmsg(trans->net, trans, MNCC_REL_CNF, &rel);
1057 } else {
1058 rc = gsm48_tx_simple(trans->conn,
1059 GSM48_PDISC_CC | (trans->transaction_id << 4),
1060 GSM48_MT_CC_RELEASE_COMPL);
1061 rc = mncc_recvmsg(trans->net, trans, MNCC_REL_IND, &rel);
1062 }
1063
1064 new_cc_state(trans, GSM_CSTATE_NULL);
1065
1066 trans->callref = 0;
1067 trans_free(trans);
1068
1069 return rc;
1070}
1071
1072static int gsm48_cc_tx_release(struct gsm_trans *trans, void *arg)
1073{
1074 struct gsm_mncc *rel = arg;
1075 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC REL");
1076 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1077
1078 gh->msg_type = GSM48_MT_CC_RELEASE;
1079
1080 gsm48_stop_cc_timer(trans);
1081 gsm48_start_cc_timer(trans, 0x308, GSM48_T308);
1082
1083 /* cause */
1084 if (rel->fields & MNCC_F_CAUSE)
1085 gsm48_encode_cause(msg, 0, &rel->cause);
1086 /* facility */
1087 if (rel->fields & MNCC_F_FACILITY)
1088 gsm48_encode_facility(msg, 0, &rel->facility);
1089 /* user-user */
1090 if (rel->fields & MNCC_F_USERUSER)
1091 gsm48_encode_useruser(msg, 0, &rel->useruser);
1092
1093 trans->cc.T308_second = 0;
1094 memcpy(&trans->cc.msg, rel, sizeof(struct gsm_mncc));
1095
1096 if (trans->cc.state != GSM_CSTATE_RELEASE_REQ)
1097 new_cc_state(trans, GSM_CSTATE_RELEASE_REQ);
1098
1099 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1100}
1101
1102static int gsm48_cc_rx_release_compl(struct gsm_trans *trans, struct msgb *msg)
1103{
1104 struct gsm48_hdr *gh = msgb_l3(msg);
1105 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1106 struct tlv_parsed tp;
1107 struct gsm_mncc rel;
1108 int rc = 0;
1109
1110 gsm48_stop_cc_timer(trans);
1111
1112 memset(&rel, 0, sizeof(struct gsm_mncc));
1113 rel.callref = trans->callref;
1114 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1115 /* cause */
1116 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1117 rel.fields |= MNCC_F_CAUSE;
1118 gsm48_decode_cause(&rel.cause,
1119 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1120 }
1121 /* facility */
1122 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1123 rel.fields |= MNCC_F_FACILITY;
1124 gsm48_decode_facility(&rel.facility,
1125 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1126 }
1127 /* user-user */
1128 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1129 rel.fields |= MNCC_F_USERUSER;
1130 gsm48_decode_useruser(&rel.useruser,
1131 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1132 }
1133 /* ss-version */
1134 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1135 rel.fields |= MNCC_F_SSVERSION;
1136 gsm48_decode_ssversion(&rel.ssversion,
1137 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1138 }
1139
1140 if (trans->callref) {
1141 switch (trans->cc.state) {
1142 case GSM_CSTATE_CALL_PRESENT:
1143 rc = mncc_recvmsg(trans->net, trans,
1144 MNCC_REJ_IND, &rel);
1145 break;
1146 case GSM_CSTATE_RELEASE_REQ:
1147 rc = mncc_recvmsg(trans->net, trans,
1148 MNCC_REL_CNF, &rel);
1149 break;
1150 default:
1151 rc = mncc_recvmsg(trans->net, trans,
1152 MNCC_REL_IND, &rel);
1153 }
1154 }
1155
1156 trans->callref = 0;
1157 trans_free(trans);
1158
1159 return rc;
1160}
1161
1162static int gsm48_cc_tx_release_compl(struct gsm_trans *trans, void *arg)
1163{
1164 struct gsm_mncc *rel = arg;
1165 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC REL COMPL");
1166 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1167 int ret;
1168
1169 gh->msg_type = GSM48_MT_CC_RELEASE_COMPL;
1170
1171 trans->callref = 0;
1172
1173 gsm48_stop_cc_timer(trans);
1174
1175 /* cause */
1176 if (rel->fields & MNCC_F_CAUSE)
1177 gsm48_encode_cause(msg, 0, &rel->cause);
1178 /* facility */
1179 if (rel->fields & MNCC_F_FACILITY)
1180 gsm48_encode_facility(msg, 0, &rel->facility);
1181 /* user-user */
1182 if (rel->fields & MNCC_F_USERUSER)
1183 gsm48_encode_useruser(msg, 0, &rel->useruser);
1184
1185 ret = gsm48_conn_sendmsg(msg, trans->conn, trans);
1186
1187 trans_free(trans);
1188
1189 return ret;
1190}
1191
1192static int gsm48_cc_rx_facility(struct gsm_trans *trans, struct msgb *msg)
1193{
1194 struct gsm48_hdr *gh = msgb_l3(msg);
1195 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1196 struct tlv_parsed tp;
1197 struct gsm_mncc fac;
1198
1199 memset(&fac, 0, sizeof(struct gsm_mncc));
1200 fac.callref = trans->callref;
1201 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_FACILITY, 0);
1202 /* facility */
1203 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1204 fac.fields |= MNCC_F_FACILITY;
1205 gsm48_decode_facility(&fac.facility,
1206 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1207 }
1208 /* ss-version */
1209 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1210 fac.fields |= MNCC_F_SSVERSION;
1211 gsm48_decode_ssversion(&fac.ssversion,
1212 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1213 }
1214
1215 return mncc_recvmsg(trans->net, trans, MNCC_FACILITY_IND, &fac);
1216}
1217
1218static int gsm48_cc_tx_facility(struct gsm_trans *trans, void *arg)
1219{
1220 struct gsm_mncc *fac = arg;
1221 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC FAC");
1222 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1223
1224 gh->msg_type = GSM48_MT_CC_FACILITY;
1225
1226 /* facility */
1227 gsm48_encode_facility(msg, 1, &fac->facility);
1228
1229 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1230}
1231
1232static int gsm48_cc_rx_hold(struct gsm_trans *trans, struct msgb *msg)
1233{
1234 struct gsm_mncc hold;
1235
1236 memset(&hold, 0, sizeof(struct gsm_mncc));
1237 hold.callref = trans->callref;
1238 return mncc_recvmsg(trans->net, trans, MNCC_HOLD_IND, &hold);
1239}
1240
1241static int gsm48_cc_tx_hold_ack(struct gsm_trans *trans, void *arg)
1242{
1243 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC HLD ACK");
1244 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1245
1246 gh->msg_type = GSM48_MT_CC_HOLD_ACK;
1247
1248 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1249}
1250
1251static int gsm48_cc_tx_hold_rej(struct gsm_trans *trans, void *arg)
1252{
1253 struct gsm_mncc *hold_rej = arg;
1254 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC HLD REJ");
1255 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1256
1257 gh->msg_type = GSM48_MT_CC_HOLD_REJ;
1258
1259 /* cause */
1260 if (hold_rej->fields & MNCC_F_CAUSE)
1261 gsm48_encode_cause(msg, 1, &hold_rej->cause);
1262 else
1263 gsm48_encode_cause(msg, 1, &default_cause);
1264
1265 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1266}
1267
1268static int gsm48_cc_rx_retrieve(struct gsm_trans *trans, struct msgb *msg)
1269{
1270 struct gsm_mncc retrieve;
1271
1272 memset(&retrieve, 0, sizeof(struct gsm_mncc));
1273 retrieve.callref = trans->callref;
1274 return mncc_recvmsg(trans->net, trans, MNCC_RETRIEVE_IND,
1275 &retrieve);
1276}
1277
1278static int gsm48_cc_tx_retrieve_ack(struct gsm_trans *trans, void *arg)
1279{
1280 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC RETR ACK");
1281 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1282
1283 gh->msg_type = GSM48_MT_CC_RETR_ACK;
1284
1285 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1286}
1287
1288static int gsm48_cc_tx_retrieve_rej(struct gsm_trans *trans, void *arg)
1289{
1290 struct gsm_mncc *retrieve_rej = arg;
1291 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC RETR REJ");
1292 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1293
1294 gh->msg_type = GSM48_MT_CC_RETR_REJ;
1295
1296 /* cause */
1297 if (retrieve_rej->fields & MNCC_F_CAUSE)
1298 gsm48_encode_cause(msg, 1, &retrieve_rej->cause);
1299 else
1300 gsm48_encode_cause(msg, 1, &default_cause);
1301
1302 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1303}
1304
1305static int gsm48_cc_rx_start_dtmf(struct gsm_trans *trans, struct msgb *msg)
1306{
1307 struct gsm48_hdr *gh = msgb_l3(msg);
1308 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1309 struct tlv_parsed tp;
1310 struct gsm_mncc dtmf;
1311
1312 memset(&dtmf, 0, sizeof(struct gsm_mncc));
1313 dtmf.callref = trans->callref;
1314 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1315 /* keypad facility */
1316 if (TLVP_PRESENT(&tp, GSM48_IE_KPD_FACILITY)) {
1317 dtmf.fields |= MNCC_F_KEYPAD;
1318 gsm48_decode_keypad(&dtmf.keypad,
1319 TLVP_VAL(&tp, GSM48_IE_KPD_FACILITY)-1);
1320 }
1321
1322 return mncc_recvmsg(trans->net, trans, MNCC_START_DTMF_IND, &dtmf);
1323}
1324
1325static int gsm48_cc_tx_start_dtmf_ack(struct gsm_trans *trans, void *arg)
1326{
1327 struct gsm_mncc *dtmf = arg;
1328 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF ACK");
1329 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1330
1331 gh->msg_type = GSM48_MT_CC_START_DTMF_ACK;
1332
1333 /* keypad */
1334 if (dtmf->fields & MNCC_F_KEYPAD)
1335 gsm48_encode_keypad(msg, dtmf->keypad);
1336
1337 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1338}
1339
1340static int gsm48_cc_tx_start_dtmf_rej(struct gsm_trans *trans, void *arg)
1341{
1342 struct gsm_mncc *dtmf = arg;
1343 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF REJ");
1344 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1345
1346 gh->msg_type = GSM48_MT_CC_START_DTMF_REJ;
1347
1348 /* cause */
1349 if (dtmf->fields & MNCC_F_CAUSE)
1350 gsm48_encode_cause(msg, 1, &dtmf->cause);
1351 else
1352 gsm48_encode_cause(msg, 1, &default_cause);
1353
1354 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1355}
1356
1357static int gsm48_cc_tx_stop_dtmf_ack(struct gsm_trans *trans, void *arg)
1358{
1359 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF STP ACK");
1360 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1361
1362 gh->msg_type = GSM48_MT_CC_STOP_DTMF_ACK;
1363
1364 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1365}
1366
1367static int gsm48_cc_rx_stop_dtmf(struct gsm_trans *trans, struct msgb *msg)
1368{
1369 struct gsm_mncc dtmf;
1370
1371 memset(&dtmf, 0, sizeof(struct gsm_mncc));
1372 dtmf.callref = trans->callref;
1373
1374 return mncc_recvmsg(trans->net, trans, MNCC_STOP_DTMF_IND, &dtmf);
1375}
1376
1377static int gsm48_cc_rx_modify(struct gsm_trans *trans, struct msgb *msg)
1378{
1379 struct gsm48_hdr *gh = msgb_l3(msg);
1380 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1381 struct tlv_parsed tp;
1382 struct gsm_mncc modify;
1383
1384 memset(&modify, 0, sizeof(struct gsm_mncc));
1385 modify.callref = trans->callref;
1386 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, 0);
1387 /* bearer capability */
1388 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1389 modify.fields |= MNCC_F_BEARER_CAP;
1390 gsm48_decode_bearer_cap(&modify.bearer_cap,
1391 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1392
1393 /* Create a copy of the bearer capability
1394 * in the transaction struct, so we can use
1395 * this information later */
1396 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1397 sizeof(trans->bearer_cap));
1398 }
1399
1400 new_cc_state(trans, GSM_CSTATE_MO_ORIG_MODIFY);
1401
1402 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_IND, &modify);
1403}
1404
1405static int gsm48_cc_tx_modify(struct gsm_trans *trans, void *arg)
1406{
1407 struct gsm_mncc *modify = arg;
1408 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD");
1409 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1410
1411 gh->msg_type = GSM48_MT_CC_MODIFY;
1412
1413 gsm48_start_cc_timer(trans, 0x323, GSM48_T323);
1414
1415 /* bearer capability */
1416 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1417 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1418
1419 new_cc_state(trans, GSM_CSTATE_MO_TERM_MODIFY);
1420
1421 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1422}
1423
1424static int gsm48_cc_rx_modify_complete(struct gsm_trans *trans, struct msgb *msg)
1425{
1426 struct gsm48_hdr *gh = msgb_l3(msg);
1427 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1428 struct tlv_parsed tp;
1429 struct gsm_mncc modify;
1430
1431 gsm48_stop_cc_timer(trans);
1432
1433 memset(&modify, 0, sizeof(struct gsm_mncc));
1434 modify.callref = trans->callref;
1435 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, 0);
1436 /* bearer capability */
1437 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1438 modify.fields |= MNCC_F_BEARER_CAP;
1439 gsm48_decode_bearer_cap(&modify.bearer_cap,
1440 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1441
1442 /* Create a copy of the bearer capability
1443 * in the transaction struct, so we can use
1444 * this information later */
1445 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1446 sizeof(trans->bearer_cap));
1447 }
1448
1449 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1450
1451 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_CNF, &modify);
1452}
1453
1454static int gsm48_cc_tx_modify_complete(struct gsm_trans *trans, void *arg)
1455{
1456 struct gsm_mncc *modify = arg;
1457 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD COMPL");
1458 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1459
1460 gh->msg_type = GSM48_MT_CC_MODIFY_COMPL;
1461
1462 /* bearer capability */
1463 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1464 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1465
1466 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1467
1468 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1469}
1470
1471static int gsm48_cc_rx_modify_reject(struct gsm_trans *trans, struct msgb *msg)
1472{
1473 struct gsm48_hdr *gh = msgb_l3(msg);
1474 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1475 struct tlv_parsed tp;
1476 struct gsm_mncc modify;
1477
1478 gsm48_stop_cc_timer(trans);
1479
1480 memset(&modify, 0, sizeof(struct gsm_mncc));
1481 modify.callref = trans->callref;
1482 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, GSM48_IE_CAUSE);
1483 /* bearer capability */
1484 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1485 modify.fields |= GSM48_IE_BEARER_CAP;
1486 gsm48_decode_bearer_cap(&modify.bearer_cap,
1487 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1488
1489 /* Create a copy of the bearer capability
1490 * in the transaction struct, so we can use
1491 * this information later */
1492 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1493 sizeof(trans->bearer_cap));
1494 }
1495 /* cause */
1496 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1497 modify.fields |= MNCC_F_CAUSE;
1498 gsm48_decode_cause(&modify.cause,
1499 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1500 }
1501
1502 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1503
1504 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_REJ, &modify);
1505}
1506
1507static int gsm48_cc_tx_modify_reject(struct gsm_trans *trans, void *arg)
1508{
1509 struct gsm_mncc *modify = arg;
1510 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD REJ");
1511 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1512
1513 gh->msg_type = GSM48_MT_CC_MODIFY_REJECT;
1514
1515 /* bearer capability */
1516 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1517 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1518 /* cause */
1519 gsm48_encode_cause(msg, 1, &modify->cause);
1520
1521 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1522
1523 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1524}
1525
1526static int gsm48_cc_tx_notify(struct gsm_trans *trans, void *arg)
1527{
1528 struct gsm_mncc *notify = arg;
1529 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC NOT");
1530 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1531
1532 gh->msg_type = GSM48_MT_CC_NOTIFY;
1533
1534 /* notify */
1535 gsm48_encode_notify(msg, notify->notify);
1536
1537 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1538}
1539
1540static int gsm48_cc_rx_notify(struct gsm_trans *trans, struct msgb *msg)
1541{
1542 struct gsm48_hdr *gh = msgb_l3(msg);
1543 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1544// struct tlv_parsed tp;
1545 struct gsm_mncc notify;
1546
1547 memset(&notify, 0, sizeof(struct gsm_mncc));
1548 notify.callref = trans->callref;
1549// tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len);
1550 if (payload_len >= 1)
1551 gsm48_decode_notify(&notify.notify, gh->data);
1552
1553 return mncc_recvmsg(trans->net, trans, MNCC_NOTIFY_IND, &notify);
1554}
1555
1556static int gsm48_cc_tx_userinfo(struct gsm_trans *trans, void *arg)
1557{
1558 struct gsm_mncc *user = arg;
1559 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 USR INFO");
1560 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1561
1562 gh->msg_type = GSM48_MT_CC_USER_INFO;
1563
1564 /* user-user */
1565 if (user->fields & MNCC_F_USERUSER)
1566 gsm48_encode_useruser(msg, 1, &user->useruser);
1567 /* more data */
1568 if (user->more)
1569 gsm48_encode_more(msg);
1570
1571 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1572}
1573
1574static int gsm48_cc_rx_userinfo(struct gsm_trans *trans, struct msgb *msg)
1575{
1576 struct gsm48_hdr *gh = msgb_l3(msg);
1577 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1578 struct tlv_parsed tp;
1579 struct gsm_mncc user;
1580
1581 memset(&user, 0, sizeof(struct gsm_mncc));
1582 user.callref = trans->callref;
1583 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_USER_USER, 0);
1584 /* user-user */
1585 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1586 user.fields |= MNCC_F_USERUSER;
1587 gsm48_decode_useruser(&user.useruser,
1588 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1589 }
1590 /* more data */
1591 if (TLVP_PRESENT(&tp, GSM48_IE_MORE_DATA))
1592 user.more = 1;
1593
1594 return mncc_recvmsg(trans->net, trans, MNCC_USERINFO_IND, &user);
1595}
1596
1597static void mncc_recv_rtp(struct gsm_network *net, uint32_t callref,
1598 int cmd, uint32_t addr, uint16_t port, uint32_t payload_type,
1599 uint32_t payload_msg_type)
1600{
1601 uint8_t data[sizeof(struct gsm_mncc)];
1602 struct gsm_mncc_rtp *rtp;
1603
1604 memset(&data, 0, sizeof(data));
1605 rtp = (struct gsm_mncc_rtp *) &data[0];
1606
1607 rtp->callref = callref;
1608 rtp->msg_type = cmd;
1609 rtp->ip = addr;
1610 rtp->port = port;
1611 rtp->payload_type = payload_type;
1612 rtp->payload_msg_type = payload_msg_type;
1613 mncc_recvmsg(net, NULL, cmd, (struct gsm_mncc *)data);
1614}
1615
1616static void mncc_recv_rtp_sock(struct gsm_network *net, struct gsm_trans *trans, int cmd)
1617{
1618 int msg_type;
1619
1620 /* FIXME This has to be set to some meaningful value.
1621 * Possible options are:
1622 * GSM_TCHF_FRAME, GSM_TCHF_FRAME_EFR,
1623 * GSM_TCHH_FRAME, GSM_TCH_FRAME_AMR
1624 * (0 if unknown) */
1625 msg_type = GSM_TCHF_FRAME;
1626
1627 uint32_t addr = inet_addr(trans->conn->rtp.local_addr_cn);
1628 uint16_t port = trans->conn->rtp.local_port_cn;
1629
1630 LOGP(DMNCC, LOGL_ERROR, "RTP create for non-existing trans\n");
1631
1632 if (addr == INADDR_NONE) {
1633 LOGP(DMNCC, LOGL_ERROR,
1634 "(subscriber:%s) external MNCC is signalling invalid IP-Address\n",
1635 vlr_subscr_name(trans->vsub));
1636 return;
1637 }
1638 if (port == 0) {
1639 LOGP(DMNCC, LOGL_ERROR,
1640 "(subscriber:%s) external MNCC is signalling invalid Port\n",
1641 vlr_subscr_name(trans->vsub));
1642 return;
1643 }
1644
1645 /* FIXME: This has to be set to some meaningful value,
1646 * before the MSC-Split, this value was pulled from
1647 * lchan->abis_ip.rtp_payload */
1648 uint32_t payload_type = 0;
1649
1650 return mncc_recv_rtp(net, trans->callref, cmd,
1651 addr,
1652 port,
1653 payload_type,
1654 msg_type);
1655}
1656
1657static void mncc_recv_rtp_err(struct gsm_network *net, uint32_t callref, int cmd)
1658{
1659 return mncc_recv_rtp(net, callref, cmd, 0, 0, 0, 0);
1660}
1661
1662static int tch_rtp_create(struct gsm_network *net, uint32_t callref)
1663{
1664 struct gsm_trans *trans;
1665 int rc;
1666
1667 /* Find callref */
1668 trans = trans_find_by_callref(net, callref);
1669 if (!trans) {
1670 LOGP(DMNCC, LOGL_ERROR, "RTP create for non-existing trans\n");
1671 mncc_recv_rtp_err(net, callref, MNCC_RTP_CREATE);
1672 return -EIO;
1673 }
1674 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1675 if (!trans->conn) {
1676 LOGP(DMNCC, LOGL_NOTICE, "RTP create for trans without conn\n");
1677 mncc_recv_rtp_err(net, callref, MNCC_RTP_CREATE);
1678 return 0;
1679 }
1680
1681 trans->conn->mncc_rtp_bridge = 1;
1682
1683 /* When we call msc_mgcp_call_assignment() we will trigger, depending
1684 * on the RAN type the call assignment on the A or Iu interface.
1685 * msc_mgcp_call_assignment() also takes care about sending the CRCX
1686 * command to the MGCP-GW. The CRCX will return the port number,
1687 * where the PBX (e.g. Asterisk) will send its RTP stream to. We
1688 * have to return this port number back to the MNCC by sending
1689 * it back with the TCH_RTP_CREATE message. To make sure that
1690 * this message is sent AFTER the response to CRCX from the
1691 * MGCP-GW has arrived, we need will instruct msc_mgcp_call_assignment()
1692 * to take care of this by setting trans->tch_rtp_create to true.
1693 * This will make sure that gsm48_tch_rtp_create() (below) is
1694 * called as soon as the local port number has become known. */
1695 trans->tch_rtp_create = true;
1696
1697 /* Assign call (if not done yet) */
1698 if (trans->assignment_done == false) {
1699 rc = msc_mgcp_call_assignment(trans);
1700 trans->assignment_done = true;
1701 }
1702 else
1703 rc = 0;
1704
1705 return rc;
1706}
1707
1708/* Trigger TCH_RTP_CREATE acknowledgement */
1709int gsm48_tch_rtp_create(struct gsm_trans *trans)
1710{
1711 /* This function is called as soon as the port, on which the
1712 * mgcp-gw expects the incoming RTP stream from the remote
1713 * end (e.g. Asterisk) is known. */
1714
1715 struct gsm_subscriber_connection *conn = trans->conn;
1716 struct gsm_network *network = conn->network;
1717
1718 mncc_recv_rtp_sock(network, trans, MNCC_RTP_CREATE);
1719 return 0;
1720}
1721
1722static int tch_rtp_connect(struct gsm_network *net, void *arg)
1723{
1724 struct gsm_trans *trans;
1725 struct gsm_mncc_rtp *rtp = arg;
1726 struct in_addr addr;
1727
Philipp Maier8ad3dac2018-08-07 13:00:14 +0200[diff] [blame]1728 /* FIXME: in *rtp we should get the codec information of the remote
1729 * leg. We will have to populate trans->conn->rtp.codec_cn with a
1730 * meaningful value based on this information but unfortunately we
1731 * can't do that yet because the mncc API can not signal dynamic
1732 * payload types yet. This must be fixed first. Also there may be
1733 * additional members necessary in trans->conn->rtp because we
1734 * somehow need to deal with dynamic payload types that do not
1735 * comply to 3gpp's assumptions of payload type numbers on the A
1736 * interface. See also related tickets: OS#3399 and OS1683 */
1737
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1738 /* Find callref */
1739 trans = trans_find_by_callref(net, rtp->callref);
1740 if (!trans) {
1741 LOGP(DMNCC, LOGL_ERROR, "RTP connect for non-existing trans\n");
1742 mncc_recv_rtp_err(net, rtp->callref, MNCC_RTP_CONNECT);
1743 return -EIO;
1744 }
1745 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1746 if (!trans->conn) {
1747 LOGP(DMNCC, LOGL_ERROR, "RTP connect for trans without conn\n");
1748 mncc_recv_rtp_err(net, rtp->callref, MNCC_RTP_CONNECT);
1749 return 0;
1750 }
1751
1752 addr.s_addr = osmo_htonl(rtp->ip);
1753 return msc_mgcp_call_complete(trans, rtp->port, inet_ntoa(addr));
1754}
1755
1756static struct downstate {
1757 uint32_t states;
1758 int type;
1759 int (*rout) (struct gsm_trans *trans, void *arg);
1760} downstatelist[] = {
1761 /* mobile originating call establishment */
1762 {SBIT(GSM_CSTATE_INITIATED), /* 5.2.1.2 */
1763 MNCC_CALL_PROC_REQ, gsm48_cc_tx_call_proc_and_assign},
1764 {SBIT(GSM_CSTATE_INITIATED) | SBIT(GSM_CSTATE_MO_CALL_PROC), /* 5.2.1.2 | 5.2.1.5 */
1765 MNCC_ALERT_REQ, gsm48_cc_tx_alerting},
1766 {SBIT(GSM_CSTATE_INITIATED) | SBIT(GSM_CSTATE_MO_CALL_PROC) | SBIT(GSM_CSTATE_CALL_DELIVERED), /* 5.2.1.2 | 5.2.1.6 | 5.2.1.6 */
1767 MNCC_SETUP_RSP, gsm48_cc_tx_connect},
1768 {SBIT(GSM_CSTATE_MO_CALL_PROC), /* 5.2.1.4.2 */
1769 MNCC_PROGRESS_REQ, gsm48_cc_tx_progress},
1770 /* mobile terminating call establishment */
1771 {SBIT(GSM_CSTATE_NULL), /* 5.2.2.1 */
1772 MNCC_SETUP_REQ, gsm48_cc_tx_setup},
1773 {SBIT(GSM_CSTATE_CONNECT_REQUEST),
1774 MNCC_SETUP_COMPL_REQ, gsm48_cc_tx_connect_ack},
1775 /* signalling during call */
1776 {SBIT(GSM_CSTATE_ACTIVE),
1777 MNCC_NOTIFY_REQ, gsm48_cc_tx_notify},
1778 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ),
1779 MNCC_FACILITY_REQ, gsm48_cc_tx_facility},
1780 {ALL_STATES,
1781 MNCC_START_DTMF_RSP, gsm48_cc_tx_start_dtmf_ack},
1782 {ALL_STATES,
1783 MNCC_START_DTMF_REJ, gsm48_cc_tx_start_dtmf_rej},
1784 {ALL_STATES,
1785 MNCC_STOP_DTMF_RSP, gsm48_cc_tx_stop_dtmf_ack},
1786 {SBIT(GSM_CSTATE_ACTIVE),
1787 MNCC_HOLD_CNF, gsm48_cc_tx_hold_ack},
1788 {SBIT(GSM_CSTATE_ACTIVE),
1789 MNCC_HOLD_REJ, gsm48_cc_tx_hold_rej},
1790 {SBIT(GSM_CSTATE_ACTIVE),
1791 MNCC_RETRIEVE_CNF, gsm48_cc_tx_retrieve_ack},
1792 {SBIT(GSM_CSTATE_ACTIVE),
1793 MNCC_RETRIEVE_REJ, gsm48_cc_tx_retrieve_rej},
1794 {SBIT(GSM_CSTATE_ACTIVE),
1795 MNCC_MODIFY_REQ, gsm48_cc_tx_modify},
1796 {SBIT(GSM_CSTATE_MO_ORIG_MODIFY),
1797 MNCC_MODIFY_RSP, gsm48_cc_tx_modify_complete},
1798 {SBIT(GSM_CSTATE_MO_ORIG_MODIFY),
1799 MNCC_MODIFY_REJ, gsm48_cc_tx_modify_reject},
1800 {SBIT(GSM_CSTATE_ACTIVE),
1801 MNCC_USERINFO_REQ, gsm48_cc_tx_userinfo},
1802 /* clearing */
1803 {SBIT(GSM_CSTATE_INITIATED),
1804 MNCC_REJ_REQ, gsm48_cc_tx_release_compl},
1805 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_DISCONNECT_IND) - SBIT(GSM_CSTATE_RELEASE_REQ) - SBIT(GSM_CSTATE_DISCONNECT_REQ), /* 5.4.4 */
1806 MNCC_DISC_REQ, gsm48_cc_tx_disconnect},
1807 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ), /* 5.4.3.2 */
1808 MNCC_REL_REQ, gsm48_cc_tx_release},
1809};
1810
1811#define DOWNSLLEN \
1812 (sizeof(downstatelist) / sizeof(struct downstate))
1813
1814
1815int mncc_tx_to_cc(struct gsm_network *net, int msg_type, void *arg)
1816{
1817 int i, rc = 0;
1818 struct gsm_trans *trans = NULL, *transt;
1819 struct gsm_subscriber_connection *conn = NULL;
1820 struct gsm_mncc *data = arg, rel;
1821
1822 DEBUGP(DMNCC, "receive message %s\n", get_mncc_name(msg_type));
1823
1824 /* handle special messages */
1825 switch(msg_type) {
1826 case MNCC_BRIDGE:
1827 rc = tch_bridge(net, arg);
1828 if (rc < 0)
1829 disconnect_bridge(net, arg, -rc);
1830 return rc;
1831 case MNCC_RTP_CREATE:
1832 return tch_rtp_create(net, data->callref);
1833 case MNCC_RTP_CONNECT:
1834 return tch_rtp_connect(net, arg);
1835 case MNCC_RTP_FREE:
1836 /* unused right now */
1837 return -EIO;
1838
1839 case MNCC_FRAME_DROP:
1840 case MNCC_FRAME_RECV:
1841 case GSM_TCHF_FRAME:
1842 case GSM_TCHF_FRAME_EFR:
1843 case GSM_TCHH_FRAME:
1844 case GSM_TCH_FRAME_AMR:
1845 LOGP(DMNCC, LOGL_ERROR, "RTP streams must be handled externally; %s not supported.\n",
1846 get_mncc_name(msg_type));
1847 return -ENOTSUP;
1848 }
1849
1850 memset(&rel, 0, sizeof(struct gsm_mncc));
1851 rel.callref = data->callref;
1852
1853 /* Find callref */
1854 trans = trans_find_by_callref(net, data->callref);
1855
1856 /* Callref unknown */
1857 if (!trans) {
1858 struct vlr_subscr *vsub;
1859
1860 if (msg_type != MNCC_SETUP_REQ) {
1861 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1862 "Received '%s' from MNCC with "
1863 "unknown callref %d\n", data->called.number,
1864 get_mncc_name(msg_type), data->callref);
1865 /* Invalid call reference */
1866 return mncc_release_ind(net, NULL, data->callref,
1867 GSM48_CAUSE_LOC_PRN_S_LU,
1868 GSM48_CC_CAUSE_INVAL_TRANS_ID);
1869 }
1870 if (!data->called.number[0] && !data->imsi[0]) {
1871 DEBUGP(DCC, "(bts - trx - ts - ti) "
1872 "Received '%s' from MNCC with "
1873 "no number or IMSI\n", get_mncc_name(msg_type));
1874 /* Invalid number */
1875 return mncc_release_ind(net, NULL, data->callref,
1876 GSM48_CAUSE_LOC_PRN_S_LU,
1877 GSM48_CC_CAUSE_INV_NR_FORMAT);
1878 }
1879 /* New transaction due to setup, find subscriber */
1880 if (data->called.number[0])
1881 vsub = vlr_subscr_find_by_msisdn(net->vlr,
1882 data->called.number);
1883 else
1884 vsub = vlr_subscr_find_by_imsi(net->vlr, data->imsi);
1885
1886 /* update the subscriber we deal with */
1887 log_set_context(LOG_CTX_VLR_SUBSCR, vsub);
1888
1889 /* If subscriber is not found */
1890 if (!vsub) {
1891 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1892 "Received '%s' from MNCC with "
1893 "unknown subscriber %s\n", data->called.number,
1894 get_mncc_name(msg_type), data->called.number);
1895 /* Unknown subscriber */
1896 return mncc_release_ind(net, NULL, data->callref,
1897 GSM48_CAUSE_LOC_PRN_S_LU,
1898 GSM48_CC_CAUSE_UNASSIGNED_NR);
1899 }
1900 /* If subscriber is not "attached" */
1901 if (!vsub->lac) {
1902 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1903 "Received '%s' from MNCC with "
1904 "detached subscriber %s\n", data->called.number,
1905 get_mncc_name(msg_type), vlr_subscr_name(vsub));
1906 vlr_subscr_put(vsub);
1907 /* Temporarily out of order */
1908 return mncc_release_ind(net, NULL, data->callref,
1909 GSM48_CAUSE_LOC_PRN_S_LU,
1910 GSM48_CC_CAUSE_DEST_OOO);
1911 }
1912 /* Create transaction */
1913 trans = trans_alloc(net, vsub, GSM48_PDISC_CC, 0xff, data->callref);
1914 if (!trans) {
1915 DEBUGP(DCC, "No memory for trans.\n");
1916 vlr_subscr_put(vsub);
1917 /* Ressource unavailable */
1918 mncc_release_ind(net, NULL, data->callref,
1919 GSM48_CAUSE_LOC_PRN_S_LU,
1920 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
1921 return -ENOMEM;
1922 }
1923
1924 /* Find conn */
1925 conn = connection_for_subscr(vsub);
1926
1927 /* If subscriber has no conn */
1928 if (!conn) {
1929 /* find transaction with this subscriber already paging */
1930 llist_for_each_entry(transt, &net->trans_list, entry) {
1931 /* Transaction of our conn? */
1932 if (transt == trans ||
1933 transt->vsub != vsub)
1934 continue;
1935 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1936 "Received '%s' from MNCC with "
1937 "unallocated channel, paging already "
1938 "started for lac %d.\n",
1939 data->called.number,
1940 get_mncc_name(msg_type), vsub->lac);
1941 vlr_subscr_put(vsub);
1942 trans_free(trans);
1943 return 0;
1944 }
1945 /* store setup information until paging succeeds */
1946 memcpy(&trans->cc.msg, data, sizeof(struct gsm_mncc));
1947
1948 /* Request a channel */
1949 trans->paging_request = subscr_request_conn(
1950 vsub,
1951 setup_trig_pag_evt,
1952 trans,
1953 "MNCC: establish call");
1954 if (!trans->paging_request) {
1955 LOGP(DCC, LOGL_ERROR, "Failed to allocate paging token.\n");
1956 vlr_subscr_put(vsub);
1957 trans_free(trans);
1958 return 0;
1959 }
1960 vlr_subscr_put(vsub);
1961 return 0;
1962 }
1963
1964 /* Assign conn */
1965 trans->conn = msc_subscr_conn_get(conn, MSC_CONN_USE_TRANS_CC);
1966 trans->dlci = 0x00; /* SAPI=0, not SACCH */
1967 vlr_subscr_put(vsub);
1968 } else {
1969 /* update the subscriber we deal with */
1970 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1971 }
1972
1973 if (trans->conn)
1974 conn = trans->conn;
1975
1976 /* if paging did not respond yet */
1977 if (!conn) {
1978 DEBUGP(DCC, "(sub %s) "
1979 "Received '%s' from MNCC in paging state\n",
1980 vlr_subscr_msisdn_or_name(trans->vsub),
1981 get_mncc_name(msg_type));
1982 mncc_set_cause(&rel, GSM48_CAUSE_LOC_PRN_S_LU,
1983 GSM48_CC_CAUSE_NORM_CALL_CLEAR);
1984 if (msg_type == MNCC_REL_REQ)
1985 rc = mncc_recvmsg(net, trans, MNCC_REL_CNF, &rel);
1986 else
1987 rc = mncc_recvmsg(net, trans, MNCC_REL_IND, &rel);
1988 trans->callref = 0;
1989 trans_free(trans);
1990 return rc;
1991 } else {
1992 DEBUGP(DCC, "(ti %02x sub %s) "
1993 "Received '%s' from MNCC in state %d (%s)\n",
1994 trans->transaction_id,
1995 vlr_subscr_msisdn_or_name(trans->conn->vsub),
1996 get_mncc_name(msg_type), trans->cc.state,
1997 gsm48_cc_state_name(trans->cc.state));
1998 }
1999
2000 /* Find function for current state and message */
2001 for (i = 0; i < DOWNSLLEN; i++)
2002 if ((msg_type == downstatelist[i].type)
2003 && ((1 << trans->cc.state) & downstatelist[i].states))
2004 break;
2005 if (i == DOWNSLLEN) {
2006 DEBUGP(DCC, "Message unhandled at this state.\n");
2007 return 0;
2008 }
2009
2010 rc = downstatelist[i].rout(trans, arg);
2011
2012 return rc;
2013}
2014
2015
2016static struct datastate {
2017 uint32_t states;
2018 int type;
2019 int (*rout) (struct gsm_trans *trans, struct msgb *msg);
2020} datastatelist[] = {
2021 /* mobile originating call establishment */
2022 {SBIT(GSM_CSTATE_NULL), /* 5.2.1.2 */
2023 GSM48_MT_CC_SETUP, gsm48_cc_rx_setup},
2024 {SBIT(GSM_CSTATE_NULL), /* 5.2.1.2 */
2025 GSM48_MT_CC_EMERG_SETUP, gsm48_cc_rx_setup},
2026 {SBIT(GSM_CSTATE_CONNECT_IND), /* 5.2.1.2 */
2027 GSM48_MT_CC_CONNECT_ACK, gsm48_cc_rx_connect_ack},
2028 /* mobile terminating call establishment */
2029 {SBIT(GSM_CSTATE_CALL_PRESENT), /* 5.2.2.3.2 */
2030 GSM48_MT_CC_CALL_CONF, gsm48_cc_rx_call_conf},
2031 {SBIT(GSM_CSTATE_CALL_PRESENT) | SBIT(GSM_CSTATE_MO_TERM_CALL_CONF), /* ???? | 5.2.2.3.2 */
2032 GSM48_MT_CC_ALERTING, gsm48_cc_rx_alerting},
2033 {SBIT(GSM_CSTATE_CALL_PRESENT) | SBIT(GSM_CSTATE_MO_TERM_CALL_CONF) | SBIT(GSM_CSTATE_CALL_RECEIVED), /* (5.2.2.6) | 5.2.2.6 | 5.2.2.6 */
2034 GSM48_MT_CC_CONNECT, gsm48_cc_rx_connect},
2035 /* signalling during call */
2036 {ALL_STATES - SBIT(GSM_CSTATE_NULL),
2037 GSM48_MT_CC_FACILITY, gsm48_cc_rx_facility},
2038 {SBIT(GSM_CSTATE_ACTIVE),
2039 GSM48_MT_CC_NOTIFY, gsm48_cc_rx_notify},
2040 {ALL_STATES,
2041 GSM48_MT_CC_START_DTMF, gsm48_cc_rx_start_dtmf},
2042 {ALL_STATES,
2043 GSM48_MT_CC_STOP_DTMF, gsm48_cc_rx_stop_dtmf},
2044 {ALL_STATES,
2045 GSM48_MT_CC_STATUS_ENQ, gsm48_cc_rx_status_enq},
2046 {SBIT(GSM_CSTATE_ACTIVE),
2047 GSM48_MT_CC_HOLD, gsm48_cc_rx_hold},
2048 {SBIT(GSM_CSTATE_ACTIVE),
2049 GSM48_MT_CC_RETR, gsm48_cc_rx_retrieve},
2050 {SBIT(GSM_CSTATE_ACTIVE),
2051 GSM48_MT_CC_MODIFY, gsm48_cc_rx_modify},
2052 {SBIT(GSM_CSTATE_MO_TERM_MODIFY),
2053 GSM48_MT_CC_MODIFY_COMPL, gsm48_cc_rx_modify_complete},
2054 {SBIT(GSM_CSTATE_MO_TERM_MODIFY),
2055 GSM48_MT_CC_MODIFY_REJECT, gsm48_cc_rx_modify_reject},
2056 {SBIT(GSM_CSTATE_ACTIVE),
2057 GSM48_MT_CC_USER_INFO, gsm48_cc_rx_userinfo},
2058 /* clearing */
2059 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ), /* 5.4.3.2 */
2060 GSM48_MT_CC_DISCONNECT, gsm48_cc_rx_disconnect},
2061 {ALL_STATES - SBIT(GSM_CSTATE_NULL), /* 5.4.4.1.2.2 */
2062 GSM48_MT_CC_RELEASE, gsm48_cc_rx_release},
2063 {ALL_STATES, /* 5.4.3.4 */
2064 GSM48_MT_CC_RELEASE_COMPL, gsm48_cc_rx_release_compl},
2065};
2066
2067#define DATASLLEN \
2068 (sizeof(datastatelist) / sizeof(struct datastate))
2069
2070int gsm0408_rcv_cc(struct gsm_subscriber_connection *conn, struct msgb *msg)
2071{
2072 struct gsm48_hdr *gh = msgb_l3(msg);
2073 uint8_t msg_type = gsm48_hdr_msg_type(gh);
2074 uint8_t transaction_id = gsm48_hdr_trans_id_flip_ti(gh);
2075 struct gsm_trans *trans = NULL;
2076 int i, rc = 0;
2077
2078 if (msg_type & 0x80) {
2079 DEBUGP(DCC, "MSG 0x%2x not defined for PD error\n", msg_type);
2080 return -EINVAL;
2081 }
2082
2083 if (!conn->vsub) {
2084 LOGP(DCC, LOGL_ERROR, "Invalid conn: no subscriber\n");
2085 return -EINVAL;
2086 }
2087
2088 /* Find transaction */
2089 trans = trans_find_by_id(conn, GSM48_PDISC_CC, transaction_id);
2090
2091#if BEFORE_MSCSPLIT
2092 /* Re-enable this log output once we can obtain this information via
2093 * A-interface, see OS#2391. */
2094 DEBUGP(DCC, "(bts %d trx %d ts %d ti %x sub %s) "
2095 "Received '%s' from MS in state %d (%s)\n",
2096 conn->bts->nr, conn->lchan->ts->trx->nr, conn->lchan->ts->nr,
2097 transaction_id, vlr_subscr_msisdn_or_name(conn->vsub),
2098 gsm48_cc_msg_name(msg_type), trans?(trans->cc.state):0,
2099 gsm48_cc_state_name(trans?(trans->cc.state):0));
2100#endif
2101
2102 /* Create transaction */
2103 if (!trans) {
2104 DEBUGP(DCC, "Unknown transaction ID %x, "
2105 "creating new trans.\n", transaction_id);
2106 /* Create transaction */
2107 trans = trans_alloc(conn->network, conn->vsub,
2108 GSM48_PDISC_CC,
2109 transaction_id, new_callref++);
2110 if (!trans) {
2111 DEBUGP(DCC, "No memory for trans.\n");
2112 rc = gsm48_tx_simple(conn,
2113 GSM48_PDISC_CC | (transaction_id << 4),
2114 GSM48_MT_CC_RELEASE_COMPL);
2115 return -ENOMEM;
2116 }
2117 /* Assign transaction */
2118 trans->conn = msc_subscr_conn_get(conn, MSC_CONN_USE_TRANS_CC);
2119 trans->dlci = OMSC_LINKID_CB(msg); /* DLCI as received from BSC */
2120 cm_service_request_concludes(conn, msg);
2121 }
2122
2123 /* find function for current state and message */
2124 for (i = 0; i < DATASLLEN; i++)
2125 if ((msg_type == datastatelist[i].type)
2126 && ((1 << trans->cc.state) & datastatelist[i].states))
2127 break;
2128 if (i == DATASLLEN) {
2129 DEBUGP(DCC, "Message unhandled at this state.\n");
2130 return 0;
2131 }
2132
2133 assert(trans->vsub);
2134
2135 rc = datastatelist[i].rout(trans, msg);
2136
2137 msc_subscr_conn_communicating(conn);
2138 return rc;
2139}