Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 4502f5ff5854157637de526bd64dc317df434be4 / . / src / libmsc / a_iface_bssap.c
blob: 3d5755a4cdbcd602525057e5b70fcc55c8bad72d [file] [log] [blame]
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]1/* (C) 2017 by Sysmocom s.f.m.c. GmbH
2 * All Rights Reserved
3 *
4 * Author: Philipp Maier
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
15 *
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 *
19 */
20
21#include <osmocom/core/utils.h>
22#include <osmocom/core/msgb.h>
23#include <osmocom/core/logging.h>
24#include <osmocom/sigtran/sccp_helpers.h>
25#include <osmocom/sccp/sccp_types.h>
26#include <osmocom/gsm/gsm0808.h>
27#include <osmocom/gsm/gsm0808_utils.h>
Neels Hofmeyr90843962017-09-04 15:04:35 +0200[diff] [blame]28#include <osmocom/msc/debug.h>
29#include <osmocom/msc/gsm_data.h>
30#include <osmocom/msc/a_iface_bssap.h>
31#include <osmocom/msc/a_iface.h>
32#include <osmocom/msc/osmo_msc.h>
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]33#include <osmocom/core/byteswap.h>
Neels Hofmeyr90843962017-09-04 15:04:35 +0200[diff] [blame]34#include <osmocom/msc/a_reset.h>
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]35
36#define IP_V4_ADDR_LEN 4
37
38/*
39 * Helper functions to lookup and allocate subscribers
40 */
41
42/* Allocate a new subscriber connection */
43static struct gsm_subscriber_connection *subscr_conn_allocate_a(const struct a_conn_info *a_conn_info,
44 struct gsm_network *network,
45 uint16_t lac, struct osmo_sccp_user *scu, int conn_id)
46{
47 struct gsm_subscriber_connection *conn;
48
49 LOGP(DMSC, LOGL_NOTICE, "Allocating A-Interface subscriber conn: lac %i, conn_id %i\n", lac, conn_id);
50
51 conn = talloc_zero(network, struct gsm_subscriber_connection);
52 if (!conn)
53 return NULL;
54
55 conn->network = network;
56 conn->via_ran = RAN_GERAN_A;
57 conn->lac = lac;
58
59 conn->a.conn_id = conn_id;
60 conn->a.scu = scu;
61
62 /* Also backup the calling address of the BSC, this allows us to
63 * identify later which BSC is responsible for this subscriber connection */
64 memcpy(&conn->a.bsc_addr, a_conn_info->bsc_addr, sizeof(conn->a.bsc_addr));
65
66 llist_add_tail(&conn->entry, &network->subscr_conns);
67 LOGP(DMSC, LOGL_NOTICE, "A-Interface subscriber connection successfully allocated!\n");
68 return conn;
69}
70
71/* Return an existing A subscriber connection record for the given
72 * connection IDs, or return NULL if not found. */
73static struct gsm_subscriber_connection *subscr_conn_lookup_a(const struct gsm_network *network, int conn_id)
74{
75 struct gsm_subscriber_connection *conn;
76
77 OSMO_ASSERT(network);
78
79 DEBUGP(DMSC, "Looking for A subscriber: conn_id %i\n", conn_id);
80
81 /* FIXME: log_subscribers() is defined in iucs.c as static inline, if
82 * maybe this function should be public to reach it from here? */
83 /* log_subscribers(network); */
84
85 llist_for_each_entry(conn, &network->subscr_conns, entry) {
86 if (conn->via_ran == RAN_GERAN_A && conn->a.conn_id == conn_id) {
87 DEBUGP(DIUCS, "Found A subscriber for conn_id %i\n", conn_id);
88 return conn;
89 }
90 }
91 DEBUGP(DMSC, "No A subscriber found for conn_id %i\n", conn_id);
92 return NULL;
93}
94
95/*
96 * BSSMAP handling for UNITDATA
97 */
98
99/* Endpoint to handle BSSMAP reset */
100static void bssmap_rx_reset(struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
101{
102 struct gsm_network *network = a_conn_info->network;
103 struct osmo_ss7_instance *ss7;
104
105 ss7 = osmo_ss7_instance_find(network->a.cs7_instance);
106 OSMO_ASSERT(ss7);
107
108 LOGP(DMSC, LOGL_NOTICE, "Rx RESET from BSC %s, sending RESET ACK\n",
109 osmo_sccp_addr_name(ss7, a_conn_info->bsc_addr));
110 osmo_sccp_tx_unitdata_msg(scu, a_conn_info->msc_addr, a_conn_info->bsc_addr, gsm0808_create_reset_ack());
111
112 /* Make sure all orphand subscriber connections will be cleard */
113 a_clear_all(scu, a_conn_info->bsc_addr);
114
115 msgb_free(msg);
116}
117
118/* Endpoint to handle BSSMAP reset acknowlegement */
119static void bssmap_rx_reset_ack(const struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info,
120 struct msgb *msg)
121{
122
123 struct gsm_network *network = a_conn_info->network;
124 struct osmo_ss7_instance *ss7;
125
126 ss7 = osmo_ss7_instance_find(network->a.cs7_instance);
127 OSMO_ASSERT(ss7);
128
129 if (a_conn_info->reset == NULL) {
130 LOGP(DMSC, LOGL_ERROR, "Received RESET ACK from an unknown BSC %s, ignoring...\n",
131 osmo_sccp_addr_name(ss7, a_conn_info->bsc_addr));
132 goto fail;
133 }
134
135 LOGP(DMSC, LOGL_NOTICE, "Received RESET ACK from BSC %s\n", osmo_sccp_addr_name(ss7, a_conn_info->bsc_addr));
136
137 /* Confirm that we managed to get the reset ack message
138 * towards the connection reset logic */
139 a_reset_ack_confirm(a_conn_info->reset);
140
141fail:
142 msgb_free(msg);
143}
144
145/* Handle UNITDATA BSSMAP messages */
146static void bssmap_rcvmsg_udt(struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
147{
148 /* Note: When in the MSC role, RESET ACK is the only valid message that
149 * can be received via UNITDATA */
150
151 if (msgb_l3len(msg) < 1) {
152 LOGP(DMSC, LOGL_NOTICE, "Error: No data received -- discarding message!\n");
Philipp Maier4502f5f2017-09-07 11:39:58 +0200[diff] [blame^]153 msgb_free(msg);
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]154 return;
155 }
156
157 LOGP(DMSC, LOGL_NOTICE, "Rx BSC UDT BSSMAP %s\n", gsm0808_bssmap_name(msg->l3h[0]));
158
159 switch (msg->l3h[0]) {
160 case BSS_MAP_MSG_RESET:
161 bssmap_rx_reset(scu, a_conn_info, msg);
162 break;
163 case BSS_MAP_MSG_RESET_ACKNOWLEDGE:
164 bssmap_rx_reset_ack(scu, a_conn_info, msg);
165 break;
166 default:
167 LOGP(DMSC, LOGL_NOTICE, "Unimplemented message format: %s -- message discarded!\n",
168 gsm0808_bssmap_name(msg->l3h[0]));
169 msgb_free(msg);
170 }
171}
172
173/* Receive incoming connection less data messages via sccp */
174void sccp_rx_udt(struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
175{
176 /* Note: The only valid message type that can be received
177 * via UNITDATA are BSS Management messages */
178 struct bssmap_header *bs;
179
180 OSMO_ASSERT(scu);
181 OSMO_ASSERT(a_conn_info);
182 OSMO_ASSERT(msg);
183
184 LOGP(DMSC, LOGL_NOTICE, "Rx BSC UDT: %s\n", osmo_hexdump(msgb_l2(msg), msgb_l2len(msg)));
185
186 if (msgb_l2len(msg) < sizeof(*bs)) {
187 LOGP(DMSC, LOGL_ERROR, "Error: Header is too short -- discarding message!\n");
188 msgb_free(msg);
189 return;
190 }
191
192 bs = (struct bssmap_header *)msgb_l2(msg);
193 if (bs->length < msgb_l2len(msg) - sizeof(*bs)) {
194 LOGP(DMSC, LOGL_ERROR, "Error: Message is too short -- discarding message!\n");
195 msgb_free(msg);
196 return;
197 }
198
199 switch (bs->type) {
200 case BSSAP_MSG_BSS_MANAGEMENT:
201 msg->l3h = &msg->l2h[sizeof(struct bssmap_header)];
202 bssmap_rcvmsg_udt(scu, a_conn_info, msg);
203 break;
204 default:
205 LOGP(DMSC, LOGL_ERROR,
206 "Error: Unimplemented message type: %s -- message discarded!\n", gsm0808_bssmap_name(bs->type));
207 msgb_free(msg);
208 }
209}
210
211/*
212 * BSSMAP handling for connection oriented data
213 */
214
215/* Endpoint to handle BSSMAP clear request */
216static int bssmap_rx_clear_rqst(struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
217{
218 struct gsm_network *network = a_conn_info->network;
219 struct tlv_parsed tp;
220 int rc;
221 struct msgb *msg_resp;
222 uint8_t cause;
223 struct gsm_subscriber_connection *conn;
224
225 LOGP(DMSC, LOGL_NOTICE, "BSC requested to clear connection (conn_id=%i)\n", a_conn_info->conn_id);
226
227 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 1, msgb_l3len(msg) - 1, 0, 0);
228 if (!TLVP_PRESENT(&tp, GSM0808_IE_CAUSE)) {
229 LOGP(DMSC, LOGL_ERROR, "Cause code is missing -- discarding message!\n");
230 goto fail;
231 }
232 cause = TLVP_VAL(&tp, GSM0808_IE_CAUSE)[0];
233
234 /* Respond with clear command */
235 msg_resp = gsm0808_create_clear_command(GSM0808_CAUSE_CALL_CONTROL);
236 rc = osmo_sccp_tx_data_msg(scu, a_conn_info->conn_id, msg_resp);
237
238 /* If possible, inform the MSC about the clear request */
239 conn = subscr_conn_lookup_a(network, a_conn_info->conn_id);
240 if (!conn)
241 goto fail;
242 msc_clear_request(conn, cause);
243
244 msgb_free(msg);
245 return rc;
246
247fail:
248 msgb_free(msg);
249 return -EINVAL;
250}
251
252/* Endpoint to handle BSSMAP clear complete */
253static int bssmap_rx_clear_complete(struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
254{
255 int rc;
256
257 LOGP(DMSC, LOGL_NOTICE, "Releasing connection (conn_id=%i)\n", a_conn_info->conn_id);
258 rc = osmo_sccp_tx_disconn(scu, a_conn_info->conn_id,
259 a_conn_info->msc_addr, SCCP_RELEASE_CAUSE_END_USER_ORIGINATED);
260
261 /* Remove the record from the list with active connections. */
262 a_delete_bsc_con(a_conn_info->conn_id);
263
264 msgb_free(msg);
265 return rc;
266}
267
268/* Endpoint to handle layer 3 complete messages */
269static int bssmap_rx_l3_compl(struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
270{
271 struct tlv_parsed tp;
272 struct {
273 uint8_t ident;
274 struct gsm48_loc_area_id lai;
275 uint16_t ci;
276 } __attribute__ ((packed)) lai_ci;
277 uint16_t mcc;
278 uint16_t mnc;
279 uint16_t lac;
280 uint8_t data_length;
281 const uint8_t *data;
282 int rc;
283
284 struct gsm_network *network = a_conn_info->network;
285 struct gsm_subscriber_connection *conn;
286
287 LOGP(DMSC, LOGL_NOTICE, "BSC has completed layer 3 connection (conn_id=%i)\n", a_conn_info->conn_id);
288
289 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 1, msgb_l3len(msg) - 1, 0, 0);
290 if (!TLVP_PRESENT(&tp, GSM0808_IE_CELL_IDENTIFIER)) {
291 LOGP(DMSC, LOGL_ERROR, "Mandatory CELL IDENTIFIER not present -- discarding message!\n");
292 goto fail;
293 }
294 if (!TLVP_PRESENT(&tp, GSM0808_IE_LAYER_3_INFORMATION)) {
295 LOGP(DMSC, LOGL_ERROR, "Mandatory LAYER 3 INFORMATION not present -- discarding message!\n");
296 goto fail;
297 }
298
299 /* Parse Cell ID element */
300 /* FIXME: Encapsulate this in a parser/generator function inside
301 * libosmocore, add support for all specified cell identification
302 * discriminators (see 3GPP ts 3.2.2.17 Cell Identifier) */
303 data_length = TLVP_LEN(&tp, GSM0808_IE_CELL_IDENTIFIER);
304 data = TLVP_VAL(&tp, GSM0808_IE_CELL_IDENTIFIER);
305 if (sizeof(lai_ci) != data_length) {
306 LOGP(DMSC, LOGL_ERROR,
307 "Unable to parse element CELL IDENTIFIER (wrong field length) -- discarding message!\n");
308 goto fail;
309 }
310 memcpy(&lai_ci, data, sizeof(lai_ci));
311 if (lai_ci.ident != CELL_IDENT_WHOLE_GLOBAL) {
312 LOGP(DMSC, LOGL_ERROR,
313 "Unable to parse element CELL IDENTIFIER (wrong cell identification discriminator) -- discarding message!\n");
314 goto fail;
315 }
316 if (gsm48_decode_lai(&lai_ci.lai, &mcc, &mnc, &lac) != 0) {
317 LOGP(DMSC, LOGL_ERROR,
318 "Unable to parse element CELL IDENTIFIER (lai decoding failed) -- discarding message!\n");
319 goto fail;
320 }
321
322 /* Parse Layer 3 Information element */
323 /* FIXME: This is probably to hackish, compiler also complains "assignment discards ‘const’ qualifier..." */
324 msg->l3h = TLVP_VAL(&tp, GSM0808_IE_LAYER_3_INFORMATION);
325 msg->tail = msg->l3h + TLVP_LEN(&tp, GSM0808_IE_LAYER_3_INFORMATION);
326
327 /* Create new subscriber context */
328 conn = subscr_conn_allocate_a(a_conn_info, network, lac, scu, a_conn_info->conn_id);
329
330 /* Handover location update to the MSC code */
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]331 rc = msc_compl_l3(conn, msg, 0);
Philipp Maier4502f5f2017-09-07 11:39:58 +0200[diff] [blame^]332 msgb_free(msg);
333
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]334 if (rc == MSC_CONN_ACCEPT) {
335 LOGP(DMSC, LOGL_NOTICE, "User has been accepted by MSC.\n");
336 return 0;
337 } else if (rc == MSC_CONN_REJECT)
338 LOGP(DMSC, LOGL_NOTICE, "User has been rejected by MSC.\n");
339 else
340 LOGP(DMSC, LOGL_NOTICE, "User has been rejected by MSC (unknown error)\n");
341
342 return -EINVAL;
343
344fail:
345 msgb_free(msg);
346 return -EINVAL;
347}
348
349/* Endpoint to handle BSSMAP classmark update */
350static int bssmap_rx_classmark_upd(struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
351{
352 struct gsm_network *network = a_conn_info->network;
353 struct gsm_subscriber_connection *conn;
354 struct tlv_parsed tp;
355 const uint8_t *cm2 = NULL;
356 const uint8_t *cm3 = NULL;
357 uint8_t cm2_len = 0;
358 uint8_t cm3_len = 0;
359
360 conn = subscr_conn_lookup_a(network, a_conn_info->conn_id);
361 if (!conn)
362 goto fail;
363
364 LOGP(DMSC, LOGL_NOTICE, "BSC sends clasmark update (conn_id=%i)\n", conn->a.conn_id);
365
366 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 1, msgb_l3len(msg) - 1, 0, 0);
367 if (!TLVP_PRESENT(&tp, GSM0808_IE_CLASSMARK_INFORMATION_T2)) {
368 LOGP(DMSC, LOGL_ERROR, "Mandatory Classmark Information Type 2 not present -- discarding message!\n");
369 goto fail;
370 }
371
372 cm2 = TLVP_VAL(&tp, GSM0808_IE_CLASSMARK_INFORMATION_T2);
373 cm2_len = TLVP_LEN(&tp, GSM0808_IE_CLASSMARK_INFORMATION_T2);
374
375 if (TLVP_PRESENT(&tp, GSM0808_IE_CLASSMARK_INFORMATION_T3)) {
376 cm3 = TLVP_VAL(&tp, GSM0808_IE_CLASSMARK_INFORMATION_T3);
377 cm3_len = TLVP_LEN(&tp, GSM0808_IE_CLASSMARK_INFORMATION_T3);
378 }
379
380 /* Inform MSC about the classmark change */
381 msc_classmark_chg(conn, cm2, cm2_len, cm3, cm3_len);
382
383 msgb_free(msg);
384 return 0;
385
386fail:
387 msgb_free(msg);
388 return -EINVAL;
389}
390
391/* Endpoint to handle BSSMAP cipher mode complete */
392static int bssmap_rx_ciph_compl(const struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info,
393 struct msgb *msg)
394{
395 /* FIXME: The field GSM0808_IE_LAYER_3_MESSAGE_CONTENTS is optional by
396 * means of the specification. So there can be messages without L3 info.
397 * In this case, the code will crash becrause msc_cipher_mode_compl()
398 * is not able to deal with msg = NULL and apperently
399 * msc_cipher_mode_compl() was never meant to be used without L3 data.
400 * This needs to be discussed further! */
401
402 struct gsm_network *network = a_conn_info->network;
403 struct gsm_subscriber_connection *conn;
404 struct tlv_parsed tp;
405 uint8_t alg_id = 1;
406
407 conn = subscr_conn_lookup_a(network, a_conn_info->conn_id);
408 if (!conn)
409 goto fail;
410
411 LOGP(DMSC, LOGL_NOTICE, "BSC sends cipher mode complete (conn_id=%i)\n", conn->a.conn_id);
412
413 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 1, msgb_l3len(msg) - 1, 0, 0);
414
415 if (TLVP_PRESENT(&tp, GSM0808_IE_CHOSEN_ENCR_ALG)) {
416 alg_id = TLVP_VAL(&tp, GSM0808_IE_CHOSEN_ENCR_ALG)[0] - 1;
417 }
418
419 if (TLVP_PRESENT(&tp, GSM0808_IE_LAYER_3_MESSAGE_CONTENTS)) {
420 msg->l3h = TLVP_VAL(&tp, GSM0808_IE_LAYER_3_MESSAGE_CONTENTS);
421 msg->tail = msg->l3h + TLVP_LEN(&tp, GSM0808_IE_LAYER_3_MESSAGE_CONTENTS);
422 } else {
423 msgb_free(msg);
424 msg = NULL;
425 }
426
Philipp Maier4502f5f2017-09-07 11:39:58 +0200[diff] [blame^]427 /* Hand over cipher mode complete message to the MSC */
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]428 msc_cipher_mode_compl(conn, msg, alg_id);
Philipp Maier4502f5f2017-09-07 11:39:58 +0200[diff] [blame^]429 msgb_free(msg);
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]430
431 return 0;
432fail:
433 msgb_free(msg);
434 return -EINVAL;
435}
436
437/* Endpoint to handle BSSMAP cipher mode reject */
438static int bssmap_rx_ciph_rej(const struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
439{
440 struct gsm_network *network = a_conn_info->network;
441 struct gsm_subscriber_connection *conn;
442 struct tlv_parsed tp;
443 uint8_t cause;
444
445 conn = subscr_conn_lookup_a(network, a_conn_info->conn_id);
446 if (!conn)
447 goto fail;
448
449 LOGP(DMSC, LOGL_NOTICE, "BSC sends cipher mode reject (conn_id=%i)\n", conn->a.conn_id);
450
451 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 1, msgb_l3len(msg) - 1, 0, 0);
452 if (!TLVP_PRESENT(&tp, BSS_MAP_MSG_CIPHER_MODE_REJECT)) {
453 LOGP(DMSC, LOGL_ERROR, "Cause code is missing -- discarding message!\n");
454 goto fail;
455 }
456
457 cause = TLVP_VAL(&tp, BSS_MAP_MSG_CIPHER_MODE_REJECT)[0];
458 LOGP(DMSC, LOGL_NOTICE, "Cipher mode rejection cause: %i\n", cause);
459
460 /* FIXME: Can we do something meaningful here? e.g. report to the
461 * msc code somehow that the cipher mode command has failed. */
462
463 msgb_free(msg);
464 return 0;
465fail:
466 msgb_free(msg);
467 return -EINVAL;
468}
469
470/* Endpoint to handle BSSMAP assignment failure */
471static int bssmap_rx_ass_fail(const struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
472{
473 struct gsm_network *network = a_conn_info->network;
474 struct gsm_subscriber_connection *conn;
475 struct tlv_parsed tp;
476 uint8_t cause;
477 uint8_t *rr_cause_ptr = NULL;
478 uint8_t rr_cause;
479
480 conn = subscr_conn_lookup_a(network, a_conn_info->conn_id);
481 if (!conn)
482 goto fail;
483
484 LOGP(DMSC, LOGL_NOTICE, "BSC sends assignment failure message (conn_id=%i)\n", conn->a.conn_id);
485
486 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 1, msgb_l3len(msg) - 1, 0, 0);
487 if (!TLVP_PRESENT(&tp, GSM0808_IE_CAUSE)) {
488 LOGP(DMSC, LOGL_ERROR, "Cause code is missing -- discarding message!\n");
489 goto fail;
490 }
491 cause = TLVP_VAL(&tp, GSM0808_IE_CAUSE)[0];
492
493 if (TLVP_PRESENT(&tp, GSM0808_IE_RR_CAUSE)) {
494 rr_cause = TLVP_VAL(&tp, GSM0808_IE_RR_CAUSE)[0];
495 rr_cause_ptr = &rr_cause;
496 }
497
498 /* FIXME: In AoIP, the Assignment failure will carry also an optional
499 * Codec List (BSS Supported) element. It has to be discussed if we
500 * can ignore this element. If not, The msc_assign_fail() function
501 * call has to change. However msc_assign_fail() does nothing in the
502 * end. So probably we can just leave it as it is. Even for AoIP */
503
504 /* Inform the MSC about the assignment failure event */
505 msc_assign_fail(conn, cause, rr_cause_ptr);
506
507 msgb_free(msg);
508 return 0;
509fail:
510 msgb_free(msg);
511 return -EINVAL;
512}
513
514/* Endpoint to handle sapi "n" reject */
515static int bssmap_rx_sapi_n_rej(const struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info,
516 struct msgb *msg)
517{
518 struct gsm_network *network = a_conn_info->network;
519 struct gsm_subscriber_connection *conn;
520 struct tlv_parsed tp;
521 uint8_t dlci;
522
523 conn = subscr_conn_lookup_a(network, a_conn_info->conn_id);
524 if (!conn)
525 goto fail;
526
527 LOGP(DMSC, LOGL_NOTICE, "BSC sends sapi \"n\" reject message (conn_id=%i)\n", conn->a.conn_id);
528
529 /* Note: The MSC code seems not to care about the cause code, but by
530 * the specification it is mandatory, so we check its presence. See
531 * also 3GPP TS 48.008 3.2.1.34 SAPI "n" REJECT */
532 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 1, msgb_l3len(msg) - 1, 0, 0);
533 if (!TLVP_PRESENT(&tp, GSM0808_IE_CAUSE)) {
534 LOGP(DMSC, LOGL_ERROR, "Cause code is missing -- discarding message!\n");
535 goto fail;
536 }
537
538 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 1, msgb_l3len(msg) - 1, 0, 0);
539 if (!TLVP_PRESENT(&tp, GSM0808_IE_DLCI)) {
540 LOGP(DMSC, LOGL_ERROR, "DLCI is missing -- discarding message!\n");
541 goto fail;
542 }
543 dlci = TLVP_VAL(&tp, GSM0808_IE_DLCI)[0];
544
545 /* Inform the MSC about the sapi "n" reject event */
546 msc_sapi_n_reject(conn, dlci);
547
548 msgb_free(msg);
549 return 0;
550fail:
551 msgb_free(msg);
552 return -EINVAL;
553}
554
555/* Endpoint to handle assignment complete */
556static int bssmap_rx_ass_compl(const struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info,
557 struct msgb *msg)
558{
559 struct gsm_network *network = a_conn_info->network;
560 struct gsm_subscriber_connection *conn;
Neels Hofmeyr6c8afe12017-09-04 01:03:58 +0200[diff] [blame]561 struct mgcp_client *mgcp;
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]562 struct tlv_parsed tp;
563 struct sockaddr_storage rtp_addr;
564 struct sockaddr_in *rtp_addr_in;
565 int rc;
566
567 conn = subscr_conn_lookup_a(network, a_conn_info->conn_id);
568 if (!conn)
569 goto fail;
570
Neels Hofmeyr6c8afe12017-09-04 01:03:58 +0200[diff] [blame]571 mgcp = conn->network->mgw.client;
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]572 OSMO_ASSERT(mgcp);
573
574 LOGP(DMSC, LOGL_NOTICE, "BSC sends assignment complete message (conn_id=%i)\n", conn->a.conn_id);
575
576 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l3h + 1, msgb_l3len(msg) - 1, 0, 0);
577
578 if (!TLVP_PRESENT(&tp, GSM0808_IE_AOIP_TRASP_ADDR)) {
579 LOGP(DMSC, LOGL_ERROR, "AoIP transport identifier missing -- discarding message!\n");
580 goto fail;
581 }
582
583 /* Decode AoIP transport address element */
584 rc = gsm0808_dec_aoip_trasp_addr(&rtp_addr, TLVP_VAL(&tp, GSM0808_IE_AOIP_TRASP_ADDR),
585 TLVP_LEN(&tp, GSM0808_IE_AOIP_TRASP_ADDR));
586 if (rc < 0) {
587 LOGP(DMSC, LOGL_ERROR, "Unable to decode aoip transport address.\n");
588 goto fail;
589 }
590
591 /* use address / port supplied with the AoIP
592 * transport address element */
593 if (rtp_addr.ss_family == AF_INET) {
594 rtp_addr_in = (struct sockaddr_in *)&rtp_addr;
595 conn->rtp.port_subscr = osmo_ntohs(rtp_addr_in->sin_port);
596 /* FIXME: We also get the IP-Address of the remote (e.g. BTS)
597 * end with the response. Currently we just ignore that address.
598 * Instead we expect that our local MGCP gateway and the code
599 * controlling it, magically knows the IP of the remote end. */
600 } else {
601 LOGP(DMSC, LOGL_ERROR, "Unsopported addressing scheme. (supports only IPV4)\n");
602 goto fail;
603 }
604
605 /* FIXME: Seems to be related to authentication or,
606 encryption. Is this really in the right place? */
607 msc_rx_sec_mode_compl(conn);
608
609 msgb_free(msg);
610 return 0;
611fail:
612 msgb_free(msg);
613 return -EINVAL;
614}
615
616/* Handle incoming connection oriented BSSMAP messages */
617static int rx_bssmap(struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
618{
619 if (msgb_l3len(msg) < 1) {
620 LOGP(DMSC, LOGL_NOTICE, "Error: No data received -- discarding message!\n");
621 msgb_free(msg);
622 return -1;
623 }
624
625 LOGP(DMSC, LOGL_NOTICE, "Rx MSC DT1 BSSMAP %s\n", gsm0808_bssmap_name(msg->l3h[0]));
626
627 switch (msg->l3h[0]) {
628 case BSS_MAP_MSG_CLEAR_RQST:
629 return bssmap_rx_clear_rqst(scu, a_conn_info, msg);
630 break;
631 case BSS_MAP_MSG_CLEAR_COMPLETE:
632 return bssmap_rx_clear_complete(scu, a_conn_info, msg);
633 break;
634 case BSS_MAP_MSG_COMPLETE_LAYER_3:
635 return bssmap_rx_l3_compl(scu, a_conn_info, msg);
636 break;
637 case BSS_MAP_MSG_CLASSMARK_UPDATE:
638 return bssmap_rx_classmark_upd(scu, a_conn_info, msg);
639 break;
640 case BSS_MAP_MSG_CIPHER_MODE_COMPLETE:
641 return bssmap_rx_ciph_compl(scu, a_conn_info, msg);
642 break;
643 case BSS_MAP_MSG_CIPHER_MODE_REJECT:
644 return bssmap_rx_ciph_rej(scu, a_conn_info, msg);
645 break;
646 case BSS_MAP_MSG_ASSIGMENT_FAILURE:
647 return bssmap_rx_ass_fail(scu, a_conn_info, msg);
648 break;
649 case BSS_MAP_MSG_SAPI_N_REJECT:
650 return bssmap_rx_sapi_n_rej(scu, a_conn_info, msg);
651 break;
652 case BSS_MAP_MSG_ASSIGMENT_COMPLETE:
653 return bssmap_rx_ass_compl(scu, a_conn_info, msg);
654 break;
655 default:
656 LOGP(DMSC, LOGL_ERROR, "Unimplemented msg type: %s\n", gsm0808_bssmap_name(msg->l3h[0]));
657 msgb_free(msg);
658 return -EINVAL;
659 }
660
661 return -EINVAL;
662}
663
664/* Endpoint to handle regular BSSAP DTAP messages */
665static int rx_dtap(const struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
666{
667 struct gsm_network *network = a_conn_info->network;
668 struct gsm_subscriber_connection *conn;
669
670 conn = subscr_conn_lookup_a(network, a_conn_info->conn_id);
671 if (!conn) {
672 msgb_free(msg);
673 return -EINVAL;
674 }
675
676 LOGP(DMSC, LOGL_NOTICE, "BSC sends layer 3 dtap (conn_id=%i)\n", conn->a.conn_id);
677
678 /* msc_dtap expects the dtap payload in l3h */
679 msg->l3h = msg->l2h + 3;
680
Philipp Maier4502f5f2017-09-07 11:39:58 +0200[diff] [blame^]681 /* Forward dtap payload into the msc */
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]682 msc_dtap(conn, conn->a.conn_id, msg);
Philipp Maier4502f5f2017-09-07 11:39:58 +0200[diff] [blame^]683 msgb_free(msg);
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]684
685 return 0;
686}
687
688/* Handle incoming connection oriented messages */
689int sccp_rx_dt(struct osmo_sccp_user *scu, const struct a_conn_info *a_conn_info, struct msgb *msg)
690{
691 OSMO_ASSERT(scu);
692 OSMO_ASSERT(a_conn_info);
693 OSMO_ASSERT(msg);
694
695 LOGP(DMSC, LOGL_NOTICE, "Rx BSC DT: %s\n", osmo_hexdump(msgb_l2(msg), msgb_l2len(msg)));
696
697 if (msgb_l2len(msg) < sizeof(struct bssmap_header)) {
698 LOGP(DMSC, LOGL_NOTICE, "The header is too short -- discarding message!\n");
699 msgb_free(msg);
Philipp Maier4502f5f2017-09-07 11:39:58 +0200[diff] [blame^]700 return -EINVAL;
Philipp Maierfbf66102017-04-09 12:32:51 +0200[diff] [blame]701 }
702
703 switch (msg->l2h[0]) {
704 case BSSAP_MSG_BSS_MANAGEMENT:
705 msg->l3h = &msg->l2h[sizeof(struct bssmap_header)];
706 return rx_bssmap(scu, a_conn_info, msg);
707 break;
708 case BSSAP_MSG_DTAP:
709 return rx_dtap(scu, a_conn_info, msg);
710 break;
711 default:
712 LOGP(DMSC, LOGL_ERROR, "Unimplemented BSSAP msg type: %s\n", gsm0808_bssap_name(msg->l2h[0]));
713 msgb_free(msg);
714 return -EINVAL;
715 }
716
717 return -EINVAL;
718}