Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 56f90132b8d7d6a40cc1665b34ff35c62becb2f0 / . / src / libmsc / gsm_04_08_cc.c
blob: 62b5d12eb3dcc5bce21dcef578c4690f276c2f64 [file] [log] [blame]
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1/* GSM Mobile Radio Interface Layer 3 Call Control */
2
3/* (C) 2008-2016 by Harald Welte <laforge@gnumonks.org>
4 * (C) 2008-2012 by Holger Hans Peter Freyther <zecke@selfish.org>
5 *
6 * All Rights Reserved
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 *
21 */
22
23#include <stdio.h>
24#include <stdlib.h>
25#include <string.h>
26#include <stdbool.h>
27#include <errno.h>
28#include <time.h>
29#include <netinet/in.h>
30#include <regex.h>
31#include <sys/types.h>
32
33#include "bscconfig.h"
34
35#include <osmocom/msc/db.h>
36#include <osmocom/msc/debug.h>
37#include <osmocom/msc/gsm_data.h>
38#include <osmocom/msc/gsm_subscriber.h>
39#include <osmocom/msc/gsm_04_11.h>
40#include <osmocom/msc/gsm_04_08.h>
41#include <osmocom/msc/gsm_04_80.h>
42#include <osmocom/msc/gsm_04_14.h>
43#include <osmocom/msc/gsm_09_11.h>
44#include <osmocom/msc/signal.h>
45#include <osmocom/msc/transaction.h>
46#include <osmocom/msc/silent_call.h>
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]47#include <osmocom/msc/mncc_int.h>
48#include <osmocom/abis/e1_input.h>
49#include <osmocom/core/bitvec.h>
50#include <osmocom/msc/vlr.h>
51#include <osmocom/msc/msc_ifaces.h>
52
53#include <osmocom/gsm/gsm48.h>
54#include <osmocom/gsm/gsm0480.h>
55#include <osmocom/gsm/gsm_utils.h>
56#include <osmocom/gsm/protocol/gsm_04_08.h>
57#include <osmocom/core/msgb.h>
58#include <osmocom/core/talloc.h>
59#include <osmocom/core/utils.h>
60#include <osmocom/core/byteswap.h>
61#include <osmocom/gsm/tlv.h>
62#include <osmocom/crypt/auth.h>
63#ifdef BUILD_IU
64#include <osmocom/ranap/iu_client.h>
65#endif
66
67#include <osmocom/msc/msc_ifaces.h>
68#include <osmocom/msc/a_iface.h>
69#include <osmocom/msc/msc_mgcp.h>
70
71#include <assert.h>
72
73static uint32_t new_callref = 0x80000001;
74
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]75static void gsm48_cc_guard_timeout(void *arg)
76{
77 struct gsm_trans *trans = arg;
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]78 LOG_TRANS(trans, LOGL_DEBUG, "guard timeout expired\n");
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]79 trans_free(trans);
80 return;
81}
82
83static void gsm48_stop_guard_timer(struct gsm_trans *trans)
84{
85 if (osmo_timer_pending(&trans->cc.timer_guard)) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]86 LOG_TRANS(trans, LOGL_DEBUG, "stopping pending guard timer\n");
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]87 osmo_timer_del(&trans->cc.timer_guard);
88 }
89}
90
91static void gsm48_start_guard_timer(struct gsm_trans *trans)
92{
93 /* NOTE: The purpose of this timer is to prevent the cc state machine
94 * from hanging in cases where mncc, gsm48 or both become unresponsive
95 * for some reason. The timer is started initially with the setup from
96 * the gsm48 side and then re-started with every incoming mncc message.
97 * Once the mncc state reaches its active state the timer is stopped.
98 * So if the cc state machine does not show any activity for an
99 * extended amount of time during call setup or teardown the guard
100 * timer will time out and hard-clear the connection. */
101 if (osmo_timer_pending(&trans->cc.timer_guard))
102 gsm48_stop_guard_timer(trans);
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]103 LOG_TRANS(trans, LOGL_DEBUG, "starting guard timer with %d seconds\n", trans->net->mncc_guard_timeout);
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]104 osmo_timer_setup(&trans->cc.timer_guard, gsm48_cc_guard_timeout, trans);
105 osmo_timer_schedule(&trans->cc.timer_guard,
106 trans->net->mncc_guard_timeout, 0);
107}
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]108
109/* Call Control */
110
111void cc_tx_to_mncc(struct gsm_network *net, struct msgb *msg)
112{
113 net->mncc_recv(net, msg);
114}
115
116int gsm48_cc_tx_notify_ss(struct gsm_trans *trans, const char *message)
117{
118 struct gsm48_hdr *gh;
119 struct msgb *ss_notify;
120
121 ss_notify = gsm0480_create_notifySS(message);
122 if (!ss_notify)
123 return -1;
124
125 gsm0480_wrap_invoke(ss_notify, GSM0480_OP_CODE_NOTIFY_SS, 0);
126 uint8_t *data = msgb_push(ss_notify, 1);
127 data[0] = ss_notify->len - 1;
128 gh = (struct gsm48_hdr *) msgb_push(ss_notify, sizeof(*gh));
129 gh->msg_type = GSM48_MT_CC_FACILITY;
130 return gsm48_conn_sendmsg(ss_notify, trans->conn, trans);
131}
132
133/* FIXME: this count_statistics is a state machine behaviour. we should convert
134 * the complete call control into a state machine. Afterwards we can move this
135 * code into state transitions.
136 */
137static void count_statistics(struct gsm_trans *trans, int new_state)
138{
139 int old_state = trans->cc.state;
140 struct rate_ctr_group *msc = trans->net->msc_ctrs;
141
142 if (old_state == new_state)
143 return;
144
145 /* state incoming */
146 switch (new_state) {
147 case GSM_CSTATE_ACTIVE:
148 osmo_counter_inc(trans->net->active_calls);
149 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_ACTIVE]);
150 break;
151 }
152
153 /* state outgoing */
154 switch (old_state) {
155 case GSM_CSTATE_ACTIVE:
156 osmo_counter_dec(trans->net->active_calls);
157 if (new_state == GSM_CSTATE_DISCONNECT_REQ ||
158 new_state == GSM_CSTATE_DISCONNECT_IND)
159 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_COMPLETE]);
160 else
161 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_INCOMPLETE]);
162 break;
163 }
164}
165
166/* The entire call control code is written in accordance with Figure 7.10c
167 * for 'very early assignment', i.e. we allocate a TCH/F during IMMEDIATE
168 * ASSIGN, then first use that TCH/F for signalling and later MODE MODIFY
169 * it for voice */
170
171static void new_cc_state(struct gsm_trans *trans, int state)
172{
173 if (state > 31 || state < 0)
174 return;
175
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]176 LOG_TRANS(trans, LOGL_DEBUG, "new state %s -> %s\n",
177 gsm48_cc_state_name(trans->cc.state),
178 gsm48_cc_state_name(state));
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]179
180 count_statistics(trans, state);
181 trans->cc.state = state;
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]182
183 /* Stop the guard timer when a call reaches the active state */
184 if (state == GSM_CSTATE_ACTIVE)
185 gsm48_stop_guard_timer(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]186}
187
188static int gsm48_cc_tx_status(struct gsm_trans *trans, void *arg)
189{
190 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC STATUS");
191 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
192 uint8_t *cause, *call_state;
193
194 gh->msg_type = GSM48_MT_CC_STATUS;
195
196 cause = msgb_put(msg, 3);
197 cause[0] = 2;
198 cause[1] = GSM48_CAUSE_CS_GSM | GSM48_CAUSE_LOC_USER;
199 cause[2] = 0x80 | 30; /* response to status inquiry */
200
201 call_state = msgb_put(msg, 1);
202 call_state[0] = 0xc0 | 0x00;
203
204 return gsm48_conn_sendmsg(msg, trans->conn, trans);
205}
206
207static void gsm48_stop_cc_timer(struct gsm_trans *trans)
208{
209 if (osmo_timer_pending(&trans->cc.timer)) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]210 LOG_TRANS(trans, LOGL_DEBUG, "stopping pending timer T%x\n", trans->cc.Tcurrent);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]211 osmo_timer_del(&trans->cc.timer);
212 trans->cc.Tcurrent = 0;
213 }
214}
215
216static int mncc_recvmsg(struct gsm_network *net, struct gsm_trans *trans,
217 int msg_type, struct gsm_mncc *mncc)
218{
219 struct msgb *msg;
220 unsigned char *data;
221
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]222 LOG_TRANS_CAT(trans, DMNCC, LOGL_DEBUG, "tx %s\n", get_mncc_name(msg_type));
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]223
224 mncc->msg_type = msg_type;
225
226 msg = msgb_alloc(sizeof(struct gsm_mncc), "MNCC");
227 if (!msg)
228 return -ENOMEM;
229
230 data = msgb_put(msg, sizeof(struct gsm_mncc));
231 memcpy(data, mncc, sizeof(struct gsm_mncc));
232
233 cc_tx_to_mncc(net, msg);
234
235 return 0;
236}
237
238int mncc_release_ind(struct gsm_network *net, struct gsm_trans *trans,
239 uint32_t callref, int location, int value)
240{
241 struct gsm_mncc rel;
242
243 memset(&rel, 0, sizeof(rel));
244 rel.callref = callref;
245 mncc_set_cause(&rel, location, value);
246 if (trans && trans->cc.state == GSM_CSTATE_RELEASE_REQ)
247 return mncc_recvmsg(net, trans, MNCC_REL_CNF, &rel);
248 return mncc_recvmsg(net, trans, MNCC_REL_IND, &rel);
249}
250
251/* Call Control Specific transaction release.
252 * gets called by trans_free, DO NOT CALL YOURSELF! */
253void _gsm48_cc_trans_free(struct gsm_trans *trans)
254{
255 gsm48_stop_cc_timer(trans);
256
257 /* Initiate the teardown of the related connections on the MGW */
258 msc_mgcp_call_release(trans);
259
260 /* send release to L4, if callref still exists */
261 if (trans->callref) {
262 /* Ressource unavailable */
263 mncc_release_ind(trans->net, trans, trans->callref,
264 GSM48_CAUSE_LOC_PRN_S_LU,
265 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
266 /* This is a final freeing of the transaction. The MNCC release may have triggered the
267 * T308 release timer, but we don't have the luxury of graceful CC Release here. */
268 gsm48_stop_cc_timer(trans);
269 }
270 if (trans->cc.state != GSM_CSTATE_NULL)
271 new_cc_state(trans, GSM_CSTATE_NULL);
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]272
273 gsm48_stop_guard_timer(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]274}
275
276static int gsm48_cc_tx_setup(struct gsm_trans *trans, void *arg);
277
278/* call-back from paging the B-end of the connection */
279static int setup_trig_pag_evt(unsigned int hooknum, unsigned int event,
280 struct msgb *msg, void *_conn, void *_transt)
281{
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]282 struct ran_conn *conn = _conn;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]283 struct gsm_trans *transt = _transt;
284 enum gsm_paging_event paging_event = event;
285
286 OSMO_ASSERT(!transt->conn);
287
288 switch (paging_event) {
289 case GSM_PAGING_SUCCEEDED:
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]290 LOG_TRANS(transt, LOGL_DEBUG, "Paging succeeded\n");
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]291 OSMO_ASSERT(conn);
292 /* Assign conn */
Neels Hofmeyr3c20a5e2018-11-30 01:08:36 +0100[diff] [blame]293 transt->conn = ran_conn_get(conn, RAN_CONN_USE_TRANS_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]294 transt->paging_request = NULL;
295 /* send SETUP request to called party */
296 gsm48_cc_tx_setup(transt, &transt->cc.msg);
297 break;
298 case GSM_PAGING_EXPIRED:
299 case GSM_PAGING_BUSY:
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]300 LOG_TRANS(transt, LOGL_DEBUG, "Paging expired\n");
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]301 /* Temporarily out of order */
302 mncc_release_ind(transt->net, transt,
303 transt->callref,
304 GSM48_CAUSE_LOC_PRN_S_LU,
305 GSM48_CC_CAUSE_DEST_OOO);
306 transt->callref = 0;
307 transt->paging_request = NULL;
308 trans_free(transt);
309 break;
310 }
311
312 return 0;
313}
314
315/* bridge channels of two transactions */
316static int tch_bridge(struct gsm_network *net, struct gsm_mncc_bridge *bridge)
317{
318 struct gsm_trans *trans1 = trans_find_by_callref(net, bridge->callref[0]);
319 struct gsm_trans *trans2 = trans_find_by_callref(net, bridge->callref[1]);
320 int rc;
321
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]322 if (!trans1 || !trans2) {
323 LOG_TRANS(trans1 ? : trans2, LOGL_ERROR, "Cannot MNCC_BRIDGE, one or both call legs are unset\n");
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]324 return -EIO;
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]325 }
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]326
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]327 if (!trans1->conn || !trans2->conn) {
328 LOG_TRANS(trans1, LOGL_ERROR, "Cannot MNCC_BRIDGE, one or both call legs lack an active connection\n");
329 LOG_TRANS(trans2, LOGL_ERROR, "Cannot MNCC_BRIDGE, one or both call legs lack an active connection\n");
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]330 return -EIO;
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]331 }
332
333 LOG_TRANS(trans1, LOGL_DEBUG, "MNCC_BRIDGE: Local bridge to callref 0x%x\n", trans2->callref);
334 LOG_TRANS(trans2, LOGL_DEBUG, "MNCC_BRIDGE: Local bridge to callref 0x%x\n", trans1->callref);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]335
336 /* Which subscriber do we want to track trans1 or trans2? */
337 log_set_context(LOG_CTX_VLR_SUBSCR, trans1->vsub);
338
Philipp Maier8ad3dac2018-08-07 13:00:14 +0200[diff] [blame]339 /* This call briding mechanism is only used with the internal MNCC.
340 * functionality (with external MNCC briding would be done by the PBX)
341 * This means we may just copy the codec info we have for the RAN side
342 * of the first leg to the CN side of both legs. This also means that
343 * if both legs use different codecs the MGW must perform transcoding
344 * on the second leg. */
345 trans1->conn->rtp.codec_cn = trans1->conn->rtp.codec_ran;
346 trans2->conn->rtp.codec_cn = trans1->conn->rtp.codec_ran;
347
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]348 /* Bridge RTP streams */
349 rc = msc_mgcp_call_complete(trans1, trans2->conn->rtp.local_port_cn,
350 trans2->conn->rtp.local_addr_cn);
351 if (rc)
352 return -EINVAL;
353
354 rc = msc_mgcp_call_complete(trans2, trans1->conn->rtp.local_port_cn,
355 trans1->conn->rtp.local_addr_cn);
356 if (rc)
357 return -EINVAL;
358
359 return 0;
360}
361
362static int gsm48_cc_rx_status_enq(struct gsm_trans *trans, struct msgb *msg)
363{
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]364 LOG_TRANS(trans, LOGL_DEBUG, "-> STATUS ENQ\n");
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]365 return gsm48_cc_tx_status(trans, msg);
366}
367
368static int gsm48_cc_tx_release(struct gsm_trans *trans, void *arg);
369static int gsm48_cc_tx_disconnect(struct gsm_trans *trans, void *arg);
370
371static void gsm48_cc_timeout(void *arg)
372{
373 struct gsm_trans *trans = arg;
374 int disconnect = 0, release = 0;
375 int mo_cause = GSM48_CC_CAUSE_RECOVERY_TIMER;
376 int mo_location = GSM48_CAUSE_LOC_USER;
377 int l4_cause = GSM48_CC_CAUSE_NORMAL_UNSPEC;
378 int l4_location = GSM48_CAUSE_LOC_PRN_S_LU;
379 struct gsm_mncc mo_rel, l4_rel;
380
381 memset(&mo_rel, 0, sizeof(struct gsm_mncc));
382 mo_rel.callref = trans->callref;
383 memset(&l4_rel, 0, sizeof(struct gsm_mncc));
384 l4_rel.callref = trans->callref;
385
386 switch(trans->cc.Tcurrent) {
387 case 0x303:
388 release = 1;
389 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
390 break;
391 case 0x310:
392 disconnect = 1;
393 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
394 break;
395 case 0x313:
396 disconnect = 1;
397 /* unknown, did not find it in the specs */
398 break;
399 case 0x301:
400 disconnect = 1;
401 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
402 break;
403 case 0x308:
404 if (!trans->cc.T308_second) {
405 /* restart T308 a second time */
406 gsm48_cc_tx_release(trans, &trans->cc.msg);
407 trans->cc.T308_second = 1;
408 break; /* stay in release state */
409 }
410 trans_free(trans);
411 return;
412 case 0x306:
413 release = 1;
414 mo_cause = trans->cc.msg.cause.value;
415 mo_location = trans->cc.msg.cause.location;
416 break;
417 case 0x323:
418 disconnect = 1;
419 break;
420 default:
421 release = 1;
422 }
423
424 if (release && trans->callref) {
425 /* process release towards layer 4 */
426 mncc_release_ind(trans->net, trans, trans->callref,
427 l4_location, l4_cause);
428 trans->callref = 0;
429 }
430
431 if (disconnect && trans->callref) {
432 /* process disconnect towards layer 4 */
433 mncc_set_cause(&l4_rel, l4_location, l4_cause);
434 mncc_recvmsg(trans->net, trans, MNCC_DISC_IND, &l4_rel);
435 }
436
437 /* process disconnect towards mobile station */
438 if (disconnect || release) {
439 mncc_set_cause(&mo_rel, mo_location, mo_cause);
440 mo_rel.cause.diag[0] = ((trans->cc.Tcurrent & 0xf00) >> 8) + '0';
441 mo_rel.cause.diag[1] = ((trans->cc.Tcurrent & 0x0f0) >> 4) + '0';
442 mo_rel.cause.diag[2] = (trans->cc.Tcurrent & 0x00f) + '0';
443 mo_rel.cause.diag_len = 3;
444
445 if (disconnect)
446 gsm48_cc_tx_disconnect(trans, &mo_rel);
447 if (release)
448 gsm48_cc_tx_release(trans, &mo_rel);
449 }
450
451}
452
453/* disconnect both calls from the bridge */
454static inline void disconnect_bridge(struct gsm_network *net,
455 struct gsm_mncc_bridge *bridge, int err)
456{
457 struct gsm_trans *trans0 = trans_find_by_callref(net, bridge->callref[0]);
458 struct gsm_trans *trans1 = trans_find_by_callref(net, bridge->callref[1]);
459 struct gsm_mncc mx_rel;
460 if (!trans0 || !trans1)
461 return;
462
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]463 LOG_TRANS(trans0, LOGL_ERROR, "Failed to bridge TCH for calls %x <-> %x :: %s \n",
464 trans0->callref, trans1->callref, strerror(err));
465 LOG_TRANS(trans1, LOGL_ERROR, "Failed to bridge TCH for calls %x <-> %x :: %s \n",
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]466 trans0->callref, trans1->callref, strerror(err));
467
468 memset(&mx_rel, 0, sizeof(struct gsm_mncc));
469 mncc_set_cause(&mx_rel, GSM48_CAUSE_LOC_INN_NET,
470 GSM48_CC_CAUSE_CHAN_UNACCEPT);
471
472 mx_rel.callref = trans0->callref;
473 gsm48_cc_tx_disconnect(trans0, &mx_rel);
474
475 mx_rel.callref = trans1->callref;
476 gsm48_cc_tx_disconnect(trans1, &mx_rel);
477}
478
479static void gsm48_start_cc_timer(struct gsm_trans *trans, int current,
480 int sec, int micro)
481{
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]482 LOG_TRANS(trans, LOGL_DEBUG, "starting timer T%x with %d seconds\n", current, sec);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]483 osmo_timer_setup(&trans->cc.timer, gsm48_cc_timeout, trans);
484 osmo_timer_schedule(&trans->cc.timer, sec, micro);
485 trans->cc.Tcurrent = current;
486}
487
488static int gsm48_cc_rx_setup(struct gsm_trans *trans, struct msgb *msg)
489{
490 struct gsm48_hdr *gh = msgb_l3(msg);
491 uint8_t msg_type = gsm48_hdr_msg_type(gh);
492 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
493 struct tlv_parsed tp;
494 struct gsm_mncc setup;
495
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]496 gsm48_start_guard_timer(trans);
497
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]498 memset(&setup, 0, sizeof(struct gsm_mncc));
499 setup.callref = trans->callref;
500
501 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
502 /* emergency setup is identified by msg_type */
503 if (msg_type == GSM48_MT_CC_EMERG_SETUP) {
504 setup.fields |= MNCC_F_EMERGENCY;
505 setup.emergency = 1;
506 /* use destination number as configured by user (if any) */
507 if (trans->net->emergency.route_to_msisdn) {
508 setup.fields |= MNCC_F_CALLED;
509 setup.called.type = 0; /* unknown */
510 setup.called.plan = 0; /* unknown */
511 OSMO_STRLCPY_ARRAY(setup.called.number,
512 trans->net->emergency.route_to_msisdn);
513 }
514 }
515
516 /* use subscriber as calling party number */
517 setup.fields |= MNCC_F_CALLING;
518 OSMO_STRLCPY_ARRAY(setup.calling.number, trans->vsub->msisdn);
519 OSMO_STRLCPY_ARRAY(setup.imsi, trans->vsub->imsi);
520
521 /* bearer capability */
522 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
523 setup.fields |= MNCC_F_BEARER_CAP;
524 gsm48_decode_bearer_cap(&setup.bearer_cap,
525 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
526
527 /* Create a copy of the bearer capability
528 * in the transaction struct, so we can use
529 * this information later */
530 memcpy(&trans->bearer_cap,&setup.bearer_cap,
531 sizeof(trans->bearer_cap));
532 }
533 /* facility */
534 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
535 setup.fields |= MNCC_F_FACILITY;
536 gsm48_decode_facility(&setup.facility,
537 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
538 }
539 /* called party bcd number */
540 if (TLVP_PRESENT(&tp, GSM48_IE_CALLED_BCD)) {
541 setup.fields |= MNCC_F_CALLED;
542 gsm48_decode_called(&setup.called,
543 TLVP_VAL(&tp, GSM48_IE_CALLED_BCD)-1);
544 }
545 /* user-user */
546 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
547 setup.fields |= MNCC_F_USERUSER;
548 gsm48_decode_useruser(&setup.useruser,
549 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
550 }
551 /* ss-version */
552 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
553 setup.fields |= MNCC_F_SSVERSION;
554 gsm48_decode_ssversion(&setup.ssversion,
555 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
556 }
557 /* CLIR suppression */
558 if (TLVP_PRESENT(&tp, GSM48_IE_CLIR_SUPP))
559 setup.clir.sup = 1;
560 /* CLIR invocation */
561 if (TLVP_PRESENT(&tp, GSM48_IE_CLIR_INVOC))
562 setup.clir.inv = 1;
563 /* cc cap */
564 if (TLVP_PRESENT(&tp, GSM48_IE_CC_CAP)) {
565 setup.fields |= MNCC_F_CCCAP;
566 gsm48_decode_cccap(&setup.cccap,
567 TLVP_VAL(&tp, GSM48_IE_CC_CAP)-1);
568 }
569
570 new_cc_state(trans, GSM_CSTATE_INITIATED);
571
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]572 LOG_TRANS(trans, setup.emergency ? LOGL_NOTICE : LOGL_INFO, "%sSETUP to %s\n",
573 setup.emergency ? "EMERGENCY_" : "", setup.called.number);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]574
575 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MO_SETUP]);
576
577 /* indicate setup to MNCC */
578 mncc_recvmsg(trans->net, trans, MNCC_SETUP_IND, &setup);
579
580 /* MNCC code will modify the channel asynchronously, we should
581 * ipaccess-bind only after the modification has been made to the
582 * lchan->tch_mode */
583 return 0;
584}
585
586static int gsm48_cc_tx_setup(struct gsm_trans *trans, void *arg)
587{
588 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC STUP");
589 struct gsm48_hdr *gh;
590 struct gsm_mncc *setup = arg;
591 int rc, trans_id;
592
593 gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
594
595 /* transaction id must not be assigned */
Maxd8daaae2019-02-14 16:54:10 +0700[diff] [blame]596 if (trans->transaction_id != TRANS_ID_UNASSIGNED) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]597 LOG_TRANS(trans, LOGL_DEBUG, "TX Setup with assigned transaction. "
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]598 "This is not allowed!\n");
599 /* Temporarily out of order */
600 rc = mncc_release_ind(trans->net, trans, trans->callref,
601 GSM48_CAUSE_LOC_PRN_S_LU,
602 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
603 trans->callref = 0;
604 trans_free(trans);
605 return rc;
606 }
607
608 /* Get free transaction_id */
Max30fb97a2019-01-10 17:25:33 +0100[diff] [blame]609 trans_id = trans_assign_trans_id(trans->net, trans->vsub, GSM48_PDISC_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]610 if (trans_id < 0) {
611 /* no free transaction ID */
612 rc = mncc_release_ind(trans->net, trans, trans->callref,
613 GSM48_CAUSE_LOC_PRN_S_LU,
614 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
615 trans->callref = 0;
616 trans_free(trans);
617 return rc;
618 }
619 trans->transaction_id = trans_id;
620
621 gh->msg_type = GSM48_MT_CC_SETUP;
622
623 gsm48_start_cc_timer(trans, 0x303, GSM48_T303);
624
625 /* bearer capability */
626 if (setup->fields & MNCC_F_BEARER_CAP) {
627 /* Create a copy of the bearer capability in the transaction struct, so we
628 * can use this information later */
629 memcpy(&trans->bearer_cap, &setup->bearer_cap, sizeof(trans->bearer_cap));
630 gsm48_encode_bearer_cap(msg, 0, &setup->bearer_cap);
631 }
632 /* facility */
633 if (setup->fields & MNCC_F_FACILITY)
634 gsm48_encode_facility(msg, 0, &setup->facility);
635 /* progress */
636 if (setup->fields & MNCC_F_PROGRESS)
637 gsm48_encode_progress(msg, 0, &setup->progress);
638 /* calling party BCD number */
639 if (setup->fields & MNCC_F_CALLING)
640 gsm48_encode_calling(msg, &setup->calling);
641 /* called party BCD number */
642 if (setup->fields & MNCC_F_CALLED)
643 gsm48_encode_called(msg, &setup->called);
644 /* user-user */
645 if (setup->fields & MNCC_F_USERUSER)
646 gsm48_encode_useruser(msg, 0, &setup->useruser);
647 /* redirecting party BCD number */
648 if (setup->fields & MNCC_F_REDIRECTING)
649 gsm48_encode_redirecting(msg, &setup->redirecting);
650 /* signal */
651 if (setup->fields & MNCC_F_SIGNAL)
652 gsm48_encode_signal(msg, setup->signal);
653
654 new_cc_state(trans, GSM_CSTATE_CALL_PRESENT);
655
656 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MT_SETUP]);
657
658 return gsm48_conn_sendmsg(msg, trans->conn, trans);
659}
660
661static int gsm48_cc_rx_call_conf(struct gsm_trans *trans, struct msgb *msg)
662{
663 struct gsm48_hdr *gh = msgb_l3(msg);
664 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
665 struct tlv_parsed tp;
666 struct gsm_mncc call_conf;
667 int rc;
668
669 gsm48_stop_cc_timer(trans);
670 gsm48_start_cc_timer(trans, 0x310, GSM48_T310);
671
672 memset(&call_conf, 0, sizeof(struct gsm_mncc));
673 call_conf.callref = trans->callref;
674
675 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
676#if 0
677 /* repeat */
678 if (TLVP_PRESENT(&tp, GSM48_IE_REPEAT_CIR))
679 call_conf.repeat = 1;
680 if (TLVP_PRESENT(&tp, GSM48_IE_REPEAT_SEQ))
681 call_conf.repeat = 2;
682#endif
683 /* bearer capability */
684 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
685 call_conf.fields |= MNCC_F_BEARER_CAP;
686 gsm48_decode_bearer_cap(&call_conf.bearer_cap,
687 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
688
689 /* Create a copy of the bearer capability
690 * in the transaction struct, so we can use
691 * this information later */
692 memcpy(&trans->bearer_cap,&call_conf.bearer_cap,
693 sizeof(trans->bearer_cap));
694 }
695 /* cause */
696 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
697 call_conf.fields |= MNCC_F_CAUSE;
698 gsm48_decode_cause(&call_conf.cause,
699 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
700 }
701 /* cc cap */
702 if (TLVP_PRESENT(&tp, GSM48_IE_CC_CAP)) {
703 call_conf.fields |= MNCC_F_CCCAP;
704 gsm48_decode_cccap(&call_conf.cccap,
705 TLVP_VAL(&tp, GSM48_IE_CC_CAP)-1);
706 }
707
708 /* IMSI of called subscriber */
709 OSMO_STRLCPY_ARRAY(call_conf.imsi, trans->vsub->imsi);
710
711 new_cc_state(trans, GSM_CSTATE_MO_TERM_CALL_CONF);
712
713 /* Assign call (if not done yet) */
Neels Hofmeyrb16259f2018-12-20 02:57:56 +0100[diff] [blame]714 rc = msc_mgcp_try_call_assignment(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]715
716 /* don't continue, if there were problems with
717 * the call assignment. */
718 if (rc)
719 return rc;
720
721 return mncc_recvmsg(trans->net, trans, MNCC_CALL_CONF_IND,
722 &call_conf);
723}
724
725static int gsm48_cc_tx_call_proc_and_assign(struct gsm_trans *trans, void *arg)
726{
727 struct gsm_mncc *proceeding = arg;
728 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC PROC");
729 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
730 int rc;
731
732 gh->msg_type = GSM48_MT_CC_CALL_PROC;
733
734 new_cc_state(trans, GSM_CSTATE_MO_CALL_PROC);
735
736 /* bearer capability */
737 if (proceeding->fields & MNCC_F_BEARER_CAP) {
738 gsm48_encode_bearer_cap(msg, 0, &proceeding->bearer_cap);
739 memcpy(&trans->bearer_cap, &proceeding->bearer_cap, sizeof(trans->bearer_cap));
740 }
741 /* facility */
742 if (proceeding->fields & MNCC_F_FACILITY)
743 gsm48_encode_facility(msg, 0, &proceeding->facility);
744 /* progress */
745 if (proceeding->fields & MNCC_F_PROGRESS)
746 gsm48_encode_progress(msg, 0, &proceeding->progress);
747
748 rc = gsm48_conn_sendmsg(msg, trans->conn, trans);
749 if (rc)
750 return rc;
751
752 /* Assign call (if not done yet) */
Neels Hofmeyrb16259f2018-12-20 02:57:56 +0100[diff] [blame]753 return msc_mgcp_try_call_assignment(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]754}
755
756static int gsm48_cc_rx_alerting(struct gsm_trans *trans, struct msgb *msg)
757{
758 struct gsm48_hdr *gh = msgb_l3(msg);
759 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
760 struct tlv_parsed tp;
761 struct gsm_mncc alerting;
762
763 gsm48_stop_cc_timer(trans);
764 gsm48_start_cc_timer(trans, 0x301, GSM48_T301);
765
766 memset(&alerting, 0, sizeof(struct gsm_mncc));
767 alerting.callref = trans->callref;
768 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
769 /* facility */
770 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
771 alerting.fields |= MNCC_F_FACILITY;
772 gsm48_decode_facility(&alerting.facility,
773 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
774 }
775
776 /* progress */
777 if (TLVP_PRESENT(&tp, GSM48_IE_PROGR_IND)) {
778 alerting.fields |= MNCC_F_PROGRESS;
779 gsm48_decode_progress(&alerting.progress,
780 TLVP_VAL(&tp, GSM48_IE_PROGR_IND)-1);
781 }
782 /* ss-version */
783 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
784 alerting.fields |= MNCC_F_SSVERSION;
785 gsm48_decode_ssversion(&alerting.ssversion,
786 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
787 }
788
789 new_cc_state(trans, GSM_CSTATE_CALL_RECEIVED);
790
791 return mncc_recvmsg(trans->net, trans, MNCC_ALERT_IND,
792 &alerting);
793}
794
795static int gsm48_cc_tx_alerting(struct gsm_trans *trans, void *arg)
796{
797 struct gsm_mncc *alerting = arg;
798 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC ALERT");
799 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
800
801 gh->msg_type = GSM48_MT_CC_ALERTING;
802
803 /* facility */
804 if (alerting->fields & MNCC_F_FACILITY)
805 gsm48_encode_facility(msg, 0, &alerting->facility);
806 /* progress */
807 if (alerting->fields & MNCC_F_PROGRESS)
808 gsm48_encode_progress(msg, 0, &alerting->progress);
809 /* user-user */
810 if (alerting->fields & MNCC_F_USERUSER)
811 gsm48_encode_useruser(msg, 0, &alerting->useruser);
812
813 new_cc_state(trans, GSM_CSTATE_CALL_DELIVERED);
814
815 return gsm48_conn_sendmsg(msg, trans->conn, trans);
816}
817
818static int gsm48_cc_tx_progress(struct gsm_trans *trans, void *arg)
819{
820 struct gsm_mncc *progress = arg;
821 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC PROGRESS");
822 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
823
824 gh->msg_type = GSM48_MT_CC_PROGRESS;
825
826 /* progress */
827 gsm48_encode_progress(msg, 1, &progress->progress);
828 /* user-user */
829 if (progress->fields & MNCC_F_USERUSER)
830 gsm48_encode_useruser(msg, 0, &progress->useruser);
831
832 return gsm48_conn_sendmsg(msg, trans->conn, trans);
833}
834
835static int gsm48_cc_tx_connect(struct gsm_trans *trans, void *arg)
836{
837 struct gsm_mncc *connect = arg;
838 struct msgb *msg = gsm48_msgb_alloc_name("GSN 04.08 CC CON");
839 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
840
841 gh->msg_type = GSM48_MT_CC_CONNECT;
842
843 gsm48_stop_cc_timer(trans);
844 gsm48_start_cc_timer(trans, 0x313, GSM48_T313);
845
846 /* facility */
847 if (connect->fields & MNCC_F_FACILITY)
848 gsm48_encode_facility(msg, 0, &connect->facility);
849 /* progress */
850 if (connect->fields & MNCC_F_PROGRESS)
851 gsm48_encode_progress(msg, 0, &connect->progress);
852 /* connected number */
853 if (connect->fields & MNCC_F_CONNECTED)
854 gsm48_encode_connected(msg, &connect->connected);
855 /* user-user */
856 if (connect->fields & MNCC_F_USERUSER)
857 gsm48_encode_useruser(msg, 0, &connect->useruser);
858
859 new_cc_state(trans, GSM_CSTATE_CONNECT_IND);
860
861 return gsm48_conn_sendmsg(msg, trans->conn, trans);
862}
863
864static int gsm48_cc_rx_connect(struct gsm_trans *trans, struct msgb *msg)
865{
866 struct gsm48_hdr *gh = msgb_l3(msg);
867 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
868 struct tlv_parsed tp;
869 struct gsm_mncc connect;
870
871 gsm48_stop_cc_timer(trans);
872
873 memset(&connect, 0, sizeof(struct gsm_mncc));
874 connect.callref = trans->callref;
875 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
876 /* use subscriber as connected party number */
877 connect.fields |= MNCC_F_CONNECTED;
878 OSMO_STRLCPY_ARRAY(connect.connected.number, trans->vsub->msisdn);
879 OSMO_STRLCPY_ARRAY(connect.imsi, trans->vsub->imsi);
880
881 /* facility */
882 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
883 connect.fields |= MNCC_F_FACILITY;
884 gsm48_decode_facility(&connect.facility,
885 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
886 }
887 /* user-user */
888 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
889 connect.fields |= MNCC_F_USERUSER;
890 gsm48_decode_useruser(&connect.useruser,
891 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
892 }
893 /* ss-version */
894 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
895 connect.fields |= MNCC_F_SSVERSION;
896 gsm48_decode_ssversion(&connect.ssversion,
897 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
898 }
899
900 new_cc_state(trans, GSM_CSTATE_CONNECT_REQUEST);
901 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MT_CONNECT]);
902
903 return mncc_recvmsg(trans->net, trans, MNCC_SETUP_CNF, &connect);
904}
905
906
907static int gsm48_cc_rx_connect_ack(struct gsm_trans *trans, struct msgb *msg)
908{
909 struct gsm_mncc connect_ack;
910
911 gsm48_stop_cc_timer(trans);
912
913 new_cc_state(trans, GSM_CSTATE_ACTIVE);
914 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MO_CONNECT_ACK]);
915
916 memset(&connect_ack, 0, sizeof(struct gsm_mncc));
917 connect_ack.callref = trans->callref;
918
919 return mncc_recvmsg(trans->net, trans, MNCC_SETUP_COMPL_IND,
920 &connect_ack);
921}
922
923static int gsm48_cc_tx_connect_ack(struct gsm_trans *trans, void *arg)
924{
925 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC CON ACK");
926 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
927
928 gh->msg_type = GSM48_MT_CC_CONNECT_ACK;
929
930 new_cc_state(trans, GSM_CSTATE_ACTIVE);
931
932 return gsm48_conn_sendmsg(msg, trans->conn, trans);
933}
934
935static int gsm48_cc_rx_disconnect(struct gsm_trans *trans, struct msgb *msg)
936{
937 struct gsm48_hdr *gh = msgb_l3(msg);
938 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
939 struct tlv_parsed tp;
940 struct gsm_mncc disc;
941
942 gsm48_stop_cc_timer(trans);
943
944 new_cc_state(trans, GSM_CSTATE_DISCONNECT_REQ);
945
946 memset(&disc, 0, sizeof(struct gsm_mncc));
947 disc.callref = trans->callref;
948 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_CAUSE, 0);
949 /* cause */
950 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
951 disc.fields |= MNCC_F_CAUSE;
952 gsm48_decode_cause(&disc.cause,
953 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
954 }
955 /* facility */
956 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
957 disc.fields |= MNCC_F_FACILITY;
958 gsm48_decode_facility(&disc.facility,
959 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
960 }
961 /* user-user */
962 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
963 disc.fields |= MNCC_F_USERUSER;
964 gsm48_decode_useruser(&disc.useruser,
965 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
966 }
967 /* ss-version */
968 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
969 disc.fields |= MNCC_F_SSVERSION;
970 gsm48_decode_ssversion(&disc.ssversion,
971 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
972 }
973
974 return mncc_recvmsg(trans->net, trans, MNCC_DISC_IND, &disc);
975
976}
977
978static struct gsm_mncc_cause default_cause = {
979 .location = GSM48_CAUSE_LOC_PRN_S_LU,
980 .coding = 0,
981 .rec = 0,
982 .rec_val = 0,
983 .value = GSM48_CC_CAUSE_NORMAL_UNSPEC,
984 .diag_len = 0,
985 .diag = { 0 },
986};
987
988static int gsm48_cc_tx_disconnect(struct gsm_trans *trans, void *arg)
989{
990 struct gsm_mncc *disc = arg;
991 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC DISC");
992 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
993
994 gh->msg_type = GSM48_MT_CC_DISCONNECT;
995
996 gsm48_stop_cc_timer(trans);
997 gsm48_start_cc_timer(trans, 0x306, GSM48_T306);
998
999 /* cause */
1000 if (disc->fields & MNCC_F_CAUSE)
1001 gsm48_encode_cause(msg, 1, &disc->cause);
1002 else
1003 gsm48_encode_cause(msg, 1, &default_cause);
1004
1005 /* facility */
1006 if (disc->fields & MNCC_F_FACILITY)
1007 gsm48_encode_facility(msg, 0, &disc->facility);
1008 /* progress */
1009 if (disc->fields & MNCC_F_PROGRESS)
1010 gsm48_encode_progress(msg, 0, &disc->progress);
1011 /* user-user */
1012 if (disc->fields & MNCC_F_USERUSER)
1013 gsm48_encode_useruser(msg, 0, &disc->useruser);
1014
1015 /* store disconnect cause for T306 expiry */
1016 memcpy(&trans->cc.msg, disc, sizeof(struct gsm_mncc));
1017
1018 new_cc_state(trans, GSM_CSTATE_DISCONNECT_IND);
1019
1020 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1021}
1022
1023static int gsm48_cc_rx_release(struct gsm_trans *trans, struct msgb *msg)
1024{
1025 struct gsm48_hdr *gh = msgb_l3(msg);
1026 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1027 struct tlv_parsed tp;
1028 struct gsm_mncc rel;
1029 int rc;
1030
1031 gsm48_stop_cc_timer(trans);
1032
1033 memset(&rel, 0, sizeof(struct gsm_mncc));
1034 rel.callref = trans->callref;
1035 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1036 /* cause */
1037 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1038 rel.fields |= MNCC_F_CAUSE;
1039 gsm48_decode_cause(&rel.cause,
1040 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1041 }
1042 /* facility */
1043 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1044 rel.fields |= MNCC_F_FACILITY;
1045 gsm48_decode_facility(&rel.facility,
1046 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1047 }
1048 /* user-user */
1049 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1050 rel.fields |= MNCC_F_USERUSER;
1051 gsm48_decode_useruser(&rel.useruser,
1052 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1053 }
1054 /* ss-version */
1055 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1056 rel.fields |= MNCC_F_SSVERSION;
1057 gsm48_decode_ssversion(&rel.ssversion,
1058 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1059 }
1060
1061 if (trans->cc.state == GSM_CSTATE_RELEASE_REQ) {
1062 /* release collision 5.4.5 */
1063 rc = mncc_recvmsg(trans->net, trans, MNCC_REL_CNF, &rel);
1064 } else {
1065 rc = gsm48_tx_simple(trans->conn,
1066 GSM48_PDISC_CC | (trans->transaction_id << 4),
1067 GSM48_MT_CC_RELEASE_COMPL);
1068 rc = mncc_recvmsg(trans->net, trans, MNCC_REL_IND, &rel);
1069 }
1070
1071 new_cc_state(trans, GSM_CSTATE_NULL);
1072
1073 trans->callref = 0;
1074 trans_free(trans);
1075
1076 return rc;
1077}
1078
1079static int gsm48_cc_tx_release(struct gsm_trans *trans, void *arg)
1080{
1081 struct gsm_mncc *rel = arg;
1082 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC REL");
1083 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1084
1085 gh->msg_type = GSM48_MT_CC_RELEASE;
1086
1087 gsm48_stop_cc_timer(trans);
1088 gsm48_start_cc_timer(trans, 0x308, GSM48_T308);
1089
1090 /* cause */
1091 if (rel->fields & MNCC_F_CAUSE)
1092 gsm48_encode_cause(msg, 0, &rel->cause);
1093 /* facility */
1094 if (rel->fields & MNCC_F_FACILITY)
1095 gsm48_encode_facility(msg, 0, &rel->facility);
1096 /* user-user */
1097 if (rel->fields & MNCC_F_USERUSER)
1098 gsm48_encode_useruser(msg, 0, &rel->useruser);
1099
1100 trans->cc.T308_second = 0;
1101 memcpy(&trans->cc.msg, rel, sizeof(struct gsm_mncc));
1102
1103 if (trans->cc.state != GSM_CSTATE_RELEASE_REQ)
1104 new_cc_state(trans, GSM_CSTATE_RELEASE_REQ);
1105
1106 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1107}
1108
1109static int gsm48_cc_rx_release_compl(struct gsm_trans *trans, struct msgb *msg)
1110{
1111 struct gsm48_hdr *gh = msgb_l3(msg);
1112 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1113 struct tlv_parsed tp;
1114 struct gsm_mncc rel;
1115 int rc = 0;
1116
1117 gsm48_stop_cc_timer(trans);
1118
1119 memset(&rel, 0, sizeof(struct gsm_mncc));
1120 rel.callref = trans->callref;
1121 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1122 /* cause */
1123 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1124 rel.fields |= MNCC_F_CAUSE;
1125 gsm48_decode_cause(&rel.cause,
1126 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1127 }
1128 /* facility */
1129 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1130 rel.fields |= MNCC_F_FACILITY;
1131 gsm48_decode_facility(&rel.facility,
1132 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1133 }
1134 /* user-user */
1135 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1136 rel.fields |= MNCC_F_USERUSER;
1137 gsm48_decode_useruser(&rel.useruser,
1138 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1139 }
1140 /* ss-version */
1141 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1142 rel.fields |= MNCC_F_SSVERSION;
1143 gsm48_decode_ssversion(&rel.ssversion,
1144 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1145 }
1146
1147 if (trans->callref) {
1148 switch (trans->cc.state) {
1149 case GSM_CSTATE_CALL_PRESENT:
1150 rc = mncc_recvmsg(trans->net, trans,
1151 MNCC_REJ_IND, &rel);
1152 break;
1153 case GSM_CSTATE_RELEASE_REQ:
1154 rc = mncc_recvmsg(trans->net, trans,
1155 MNCC_REL_CNF, &rel);
1156 break;
1157 default:
1158 rc = mncc_recvmsg(trans->net, trans,
1159 MNCC_REL_IND, &rel);
1160 }
1161 }
1162
1163 trans->callref = 0;
1164 trans_free(trans);
1165
1166 return rc;
1167}
1168
1169static int gsm48_cc_tx_release_compl(struct gsm_trans *trans, void *arg)
1170{
1171 struct gsm_mncc *rel = arg;
1172 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC REL COMPL");
1173 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1174 int ret;
1175
1176 gh->msg_type = GSM48_MT_CC_RELEASE_COMPL;
1177
1178 trans->callref = 0;
1179
1180 gsm48_stop_cc_timer(trans);
1181
1182 /* cause */
1183 if (rel->fields & MNCC_F_CAUSE)
1184 gsm48_encode_cause(msg, 0, &rel->cause);
1185 /* facility */
1186 if (rel->fields & MNCC_F_FACILITY)
1187 gsm48_encode_facility(msg, 0, &rel->facility);
1188 /* user-user */
1189 if (rel->fields & MNCC_F_USERUSER)
1190 gsm48_encode_useruser(msg, 0, &rel->useruser);
1191
1192 ret = gsm48_conn_sendmsg(msg, trans->conn, trans);
1193
1194 trans_free(trans);
1195
1196 return ret;
1197}
1198
1199static int gsm48_cc_rx_facility(struct gsm_trans *trans, struct msgb *msg)
1200{
1201 struct gsm48_hdr *gh = msgb_l3(msg);
1202 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1203 struct tlv_parsed tp;
1204 struct gsm_mncc fac;
1205
1206 memset(&fac, 0, sizeof(struct gsm_mncc));
1207 fac.callref = trans->callref;
1208 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_FACILITY, 0);
1209 /* facility */
1210 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1211 fac.fields |= MNCC_F_FACILITY;
1212 gsm48_decode_facility(&fac.facility,
1213 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1214 }
1215 /* ss-version */
1216 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1217 fac.fields |= MNCC_F_SSVERSION;
1218 gsm48_decode_ssversion(&fac.ssversion,
1219 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1220 }
1221
1222 return mncc_recvmsg(trans->net, trans, MNCC_FACILITY_IND, &fac);
1223}
1224
1225static int gsm48_cc_tx_facility(struct gsm_trans *trans, void *arg)
1226{
1227 struct gsm_mncc *fac = arg;
1228 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC FAC");
1229 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1230
1231 gh->msg_type = GSM48_MT_CC_FACILITY;
1232
1233 /* facility */
1234 gsm48_encode_facility(msg, 1, &fac->facility);
1235
1236 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1237}
1238
1239static int gsm48_cc_rx_hold(struct gsm_trans *trans, struct msgb *msg)
1240{
1241 struct gsm_mncc hold;
1242
1243 memset(&hold, 0, sizeof(struct gsm_mncc));
1244 hold.callref = trans->callref;
1245 return mncc_recvmsg(trans->net, trans, MNCC_HOLD_IND, &hold);
1246}
1247
1248static int gsm48_cc_tx_hold_ack(struct gsm_trans *trans, void *arg)
1249{
1250 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC HLD ACK");
1251 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1252
1253 gh->msg_type = GSM48_MT_CC_HOLD_ACK;
1254
1255 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1256}
1257
1258static int gsm48_cc_tx_hold_rej(struct gsm_trans *trans, void *arg)
1259{
1260 struct gsm_mncc *hold_rej = arg;
1261 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC HLD REJ");
1262 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1263
1264 gh->msg_type = GSM48_MT_CC_HOLD_REJ;
1265
1266 /* cause */
1267 if (hold_rej->fields & MNCC_F_CAUSE)
1268 gsm48_encode_cause(msg, 1, &hold_rej->cause);
1269 else
1270 gsm48_encode_cause(msg, 1, &default_cause);
1271
1272 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1273}
1274
1275static int gsm48_cc_rx_retrieve(struct gsm_trans *trans, struct msgb *msg)
1276{
1277 struct gsm_mncc retrieve;
1278
1279 memset(&retrieve, 0, sizeof(struct gsm_mncc));
1280 retrieve.callref = trans->callref;
1281 return mncc_recvmsg(trans->net, trans, MNCC_RETRIEVE_IND,
1282 &retrieve);
1283}
1284
1285static int gsm48_cc_tx_retrieve_ack(struct gsm_trans *trans, void *arg)
1286{
1287 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC RETR ACK");
1288 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1289
1290 gh->msg_type = GSM48_MT_CC_RETR_ACK;
1291
1292 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1293}
1294
1295static int gsm48_cc_tx_retrieve_rej(struct gsm_trans *trans, void *arg)
1296{
1297 struct gsm_mncc *retrieve_rej = arg;
1298 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC RETR REJ");
1299 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1300
1301 gh->msg_type = GSM48_MT_CC_RETR_REJ;
1302
1303 /* cause */
1304 if (retrieve_rej->fields & MNCC_F_CAUSE)
1305 gsm48_encode_cause(msg, 1, &retrieve_rej->cause);
1306 else
1307 gsm48_encode_cause(msg, 1, &default_cause);
1308
1309 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1310}
1311
1312static int gsm48_cc_rx_start_dtmf(struct gsm_trans *trans, struct msgb *msg)
1313{
1314 struct gsm48_hdr *gh = msgb_l3(msg);
1315 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1316 struct tlv_parsed tp;
1317 struct gsm_mncc dtmf;
1318
1319 memset(&dtmf, 0, sizeof(struct gsm_mncc));
1320 dtmf.callref = trans->callref;
1321 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1322 /* keypad facility */
1323 if (TLVP_PRESENT(&tp, GSM48_IE_KPD_FACILITY)) {
1324 dtmf.fields |= MNCC_F_KEYPAD;
1325 gsm48_decode_keypad(&dtmf.keypad,
1326 TLVP_VAL(&tp, GSM48_IE_KPD_FACILITY)-1);
1327 }
1328
1329 return mncc_recvmsg(trans->net, trans, MNCC_START_DTMF_IND, &dtmf);
1330}
1331
1332static int gsm48_cc_tx_start_dtmf_ack(struct gsm_trans *trans, void *arg)
1333{
1334 struct gsm_mncc *dtmf = arg;
1335 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF ACK");
1336 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1337
1338 gh->msg_type = GSM48_MT_CC_START_DTMF_ACK;
1339
1340 /* keypad */
1341 if (dtmf->fields & MNCC_F_KEYPAD)
1342 gsm48_encode_keypad(msg, dtmf->keypad);
1343
1344 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1345}
1346
1347static int gsm48_cc_tx_start_dtmf_rej(struct gsm_trans *trans, void *arg)
1348{
1349 struct gsm_mncc *dtmf = arg;
1350 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF REJ");
1351 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1352
1353 gh->msg_type = GSM48_MT_CC_START_DTMF_REJ;
1354
1355 /* cause */
1356 if (dtmf->fields & MNCC_F_CAUSE)
1357 gsm48_encode_cause(msg, 1, &dtmf->cause);
1358 else
1359 gsm48_encode_cause(msg, 1, &default_cause);
1360
1361 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1362}
1363
1364static int gsm48_cc_tx_stop_dtmf_ack(struct gsm_trans *trans, void *arg)
1365{
1366 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF STP ACK");
1367 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1368
1369 gh->msg_type = GSM48_MT_CC_STOP_DTMF_ACK;
1370
1371 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1372}
1373
1374static int gsm48_cc_rx_stop_dtmf(struct gsm_trans *trans, struct msgb *msg)
1375{
1376 struct gsm_mncc dtmf;
1377
1378 memset(&dtmf, 0, sizeof(struct gsm_mncc));
1379 dtmf.callref = trans->callref;
1380
1381 return mncc_recvmsg(trans->net, trans, MNCC_STOP_DTMF_IND, &dtmf);
1382}
1383
1384static int gsm48_cc_rx_modify(struct gsm_trans *trans, struct msgb *msg)
1385{
1386 struct gsm48_hdr *gh = msgb_l3(msg);
1387 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1388 struct tlv_parsed tp;
1389 struct gsm_mncc modify;
1390
1391 memset(&modify, 0, sizeof(struct gsm_mncc));
1392 modify.callref = trans->callref;
1393 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, 0);
1394 /* bearer capability */
1395 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1396 modify.fields |= MNCC_F_BEARER_CAP;
1397 gsm48_decode_bearer_cap(&modify.bearer_cap,
1398 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1399
1400 /* Create a copy of the bearer capability
1401 * in the transaction struct, so we can use
1402 * this information later */
1403 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1404 sizeof(trans->bearer_cap));
1405 }
1406
1407 new_cc_state(trans, GSM_CSTATE_MO_ORIG_MODIFY);
1408
1409 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_IND, &modify);
1410}
1411
1412static int gsm48_cc_tx_modify(struct gsm_trans *trans, void *arg)
1413{
1414 struct gsm_mncc *modify = arg;
1415 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD");
1416 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1417
1418 gh->msg_type = GSM48_MT_CC_MODIFY;
1419
1420 gsm48_start_cc_timer(trans, 0x323, GSM48_T323);
1421
1422 /* bearer capability */
1423 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1424 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1425
1426 new_cc_state(trans, GSM_CSTATE_MO_TERM_MODIFY);
1427
1428 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1429}
1430
1431static int gsm48_cc_rx_modify_complete(struct gsm_trans *trans, struct msgb *msg)
1432{
1433 struct gsm48_hdr *gh = msgb_l3(msg);
1434 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1435 struct tlv_parsed tp;
1436 struct gsm_mncc modify;
1437
1438 gsm48_stop_cc_timer(trans);
1439
1440 memset(&modify, 0, sizeof(struct gsm_mncc));
1441 modify.callref = trans->callref;
1442 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, 0);
1443 /* bearer capability */
1444 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1445 modify.fields |= MNCC_F_BEARER_CAP;
1446 gsm48_decode_bearer_cap(&modify.bearer_cap,
1447 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1448
1449 /* Create a copy of the bearer capability
1450 * in the transaction struct, so we can use
1451 * this information later */
1452 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1453 sizeof(trans->bearer_cap));
1454 }
1455
1456 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1457
1458 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_CNF, &modify);
1459}
1460
1461static int gsm48_cc_tx_modify_complete(struct gsm_trans *trans, void *arg)
1462{
1463 struct gsm_mncc *modify = arg;
1464 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD COMPL");
1465 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1466
1467 gh->msg_type = GSM48_MT_CC_MODIFY_COMPL;
1468
1469 /* bearer capability */
1470 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1471 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1472
1473 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1474
1475 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1476}
1477
1478static int gsm48_cc_rx_modify_reject(struct gsm_trans *trans, struct msgb *msg)
1479{
1480 struct gsm48_hdr *gh = msgb_l3(msg);
1481 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1482 struct tlv_parsed tp;
1483 struct gsm_mncc modify;
1484
1485 gsm48_stop_cc_timer(trans);
1486
1487 memset(&modify, 0, sizeof(struct gsm_mncc));
1488 modify.callref = trans->callref;
1489 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, GSM48_IE_CAUSE);
1490 /* bearer capability */
1491 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1492 modify.fields |= GSM48_IE_BEARER_CAP;
1493 gsm48_decode_bearer_cap(&modify.bearer_cap,
1494 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1495
1496 /* Create a copy of the bearer capability
1497 * in the transaction struct, so we can use
1498 * this information later */
1499 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1500 sizeof(trans->bearer_cap));
1501 }
1502 /* cause */
1503 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1504 modify.fields |= MNCC_F_CAUSE;
1505 gsm48_decode_cause(&modify.cause,
1506 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1507 }
1508
1509 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1510
1511 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_REJ, &modify);
1512}
1513
1514static int gsm48_cc_tx_modify_reject(struct gsm_trans *trans, void *arg)
1515{
1516 struct gsm_mncc *modify = arg;
1517 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD REJ");
1518 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1519
1520 gh->msg_type = GSM48_MT_CC_MODIFY_REJECT;
1521
1522 /* bearer capability */
1523 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1524 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1525 /* cause */
1526 gsm48_encode_cause(msg, 1, &modify->cause);
1527
1528 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1529
1530 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1531}
1532
1533static int gsm48_cc_tx_notify(struct gsm_trans *trans, void *arg)
1534{
1535 struct gsm_mncc *notify = arg;
1536 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC NOT");
1537 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1538
1539 gh->msg_type = GSM48_MT_CC_NOTIFY;
1540
1541 /* notify */
1542 gsm48_encode_notify(msg, notify->notify);
1543
1544 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1545}
1546
1547static int gsm48_cc_rx_notify(struct gsm_trans *trans, struct msgb *msg)
1548{
1549 struct gsm48_hdr *gh = msgb_l3(msg);
1550 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1551// struct tlv_parsed tp;
1552 struct gsm_mncc notify;
1553
1554 memset(&notify, 0, sizeof(struct gsm_mncc));
1555 notify.callref = trans->callref;
1556// tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len);
1557 if (payload_len >= 1)
1558 gsm48_decode_notify(&notify.notify, gh->data);
1559
1560 return mncc_recvmsg(trans->net, trans, MNCC_NOTIFY_IND, &notify);
1561}
1562
1563static int gsm48_cc_tx_userinfo(struct gsm_trans *trans, void *arg)
1564{
1565 struct gsm_mncc *user = arg;
1566 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 USR INFO");
1567 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1568
1569 gh->msg_type = GSM48_MT_CC_USER_INFO;
1570
1571 /* user-user */
1572 if (user->fields & MNCC_F_USERUSER)
1573 gsm48_encode_useruser(msg, 1, &user->useruser);
1574 /* more data */
1575 if (user->more)
1576 gsm48_encode_more(msg);
1577
1578 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1579}
1580
1581static int gsm48_cc_rx_userinfo(struct gsm_trans *trans, struct msgb *msg)
1582{
1583 struct gsm48_hdr *gh = msgb_l3(msg);
1584 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1585 struct tlv_parsed tp;
1586 struct gsm_mncc user;
1587
1588 memset(&user, 0, sizeof(struct gsm_mncc));
1589 user.callref = trans->callref;
1590 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_USER_USER, 0);
1591 /* user-user */
1592 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1593 user.fields |= MNCC_F_USERUSER;
1594 gsm48_decode_useruser(&user.useruser,
1595 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1596 }
1597 /* more data */
1598 if (TLVP_PRESENT(&tp, GSM48_IE_MORE_DATA))
1599 user.more = 1;
1600
1601 return mncc_recvmsg(trans->net, trans, MNCC_USERINFO_IND, &user);
1602}
1603
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1604static void mncc_recv_rtp(struct gsm_network *net, struct gsm_trans *trans, uint32_t callref,
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1605 int cmd, uint32_t addr, uint16_t port, uint32_t payload_type,
1606 uint32_t payload_msg_type)
1607{
1608 uint8_t data[sizeof(struct gsm_mncc)];
1609 struct gsm_mncc_rtp *rtp;
1610
1611 memset(&data, 0, sizeof(data));
1612 rtp = (struct gsm_mncc_rtp *) &data[0];
1613
1614 rtp->callref = callref;
1615 rtp->msg_type = cmd;
Philipp Maiere2497f72018-09-28 10:37:17 +0200[diff] [blame]1616 rtp->ip = osmo_htonl(addr);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1617 rtp->port = port;
1618 rtp->payload_type = payload_type;
1619 rtp->payload_msg_type = payload_msg_type;
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1620 mncc_recvmsg(net, trans, cmd, (struct gsm_mncc *)data);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1621}
1622
1623static void mncc_recv_rtp_sock(struct gsm_network *net, struct gsm_trans *trans, int cmd)
1624{
1625 int msg_type;
1626
1627 /* FIXME This has to be set to some meaningful value.
1628 * Possible options are:
1629 * GSM_TCHF_FRAME, GSM_TCHF_FRAME_EFR,
1630 * GSM_TCHH_FRAME, GSM_TCH_FRAME_AMR
1631 * (0 if unknown) */
1632 msg_type = GSM_TCHF_FRAME;
1633
1634 uint32_t addr = inet_addr(trans->conn->rtp.local_addr_cn);
1635 uint16_t port = trans->conn->rtp.local_port_cn;
1636
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1637 if (addr == INADDR_NONE) {
1638 LOGP(DMNCC, LOGL_ERROR,
1639 "(subscriber:%s) external MNCC is signalling invalid IP-Address\n",
1640 vlr_subscr_name(trans->vsub));
1641 return;
1642 }
1643 if (port == 0) {
1644 LOGP(DMNCC, LOGL_ERROR,
1645 "(subscriber:%s) external MNCC is signalling invalid Port\n",
1646 vlr_subscr_name(trans->vsub));
1647 return;
1648 }
1649
1650 /* FIXME: This has to be set to some meaningful value,
1651 * before the MSC-Split, this value was pulled from
1652 * lchan->abis_ip.rtp_payload */
1653 uint32_t payload_type = 0;
1654
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1655 return mncc_recv_rtp(net, trans, trans->callref, cmd,
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1656 addr,
1657 port,
1658 payload_type,
1659 msg_type);
1660}
1661
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1662static void mncc_recv_rtp_err(struct gsm_network *net, struct gsm_trans *trans, uint32_t callref, int cmd)
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1663{
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1664 return mncc_recv_rtp(net, trans, callref, cmd, 0, 0, 0, 0);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1665}
1666
1667static int tch_rtp_create(struct gsm_network *net, uint32_t callref)
1668{
1669 struct gsm_trans *trans;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1670
1671 /* Find callref */
1672 trans = trans_find_by_callref(net, callref);
1673 if (!trans) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1674 LOG_TRANS_CAT(trans, DMNCC, LOGL_ERROR, "RTP create for non-existing trans\n");
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1675 mncc_recv_rtp_err(net, trans, callref, MNCC_RTP_CREATE);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1676 return -EIO;
1677 }
1678 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1679 if (!trans->conn) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1680 LOG_TRANS_CAT(trans, DMNCC, LOGL_NOTICE, "RTP create for trans without conn\n");
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1681 mncc_recv_rtp_err(net, trans, callref, MNCC_RTP_CREATE);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1682 return 0;
1683 }
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1684 LOG_TRANS_CAT(trans, DMNCC, LOGL_DEBUG, "rx %s\n", get_mncc_name(MNCC_RTP_CREATE));
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1685
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1686 /* When we call msc_mgcp_call_assignment() we will trigger, depending
1687 * on the RAN type the call assignment on the A or Iu interface.
1688 * msc_mgcp_call_assignment() also takes care about sending the CRCX
1689 * command to the MGCP-GW. The CRCX will return the port number,
1690 * where the PBX (e.g. Asterisk) will send its RTP stream to. We
1691 * have to return this port number back to the MNCC by sending
1692 * it back with the TCH_RTP_CREATE message. To make sure that
1693 * this message is sent AFTER the response to CRCX from the
1694 * MGCP-GW has arrived, we need will instruct msc_mgcp_call_assignment()
1695 * to take care of this by setting trans->tch_rtp_create to true.
1696 * This will make sure that gsm48_tch_rtp_create() (below) is
1697 * called as soon as the local port number has become known. */
1698 trans->tch_rtp_create = true;
1699
1700 /* Assign call (if not done yet) */
Neels Hofmeyrb16259f2018-12-20 02:57:56 +0100[diff] [blame]1701 return msc_mgcp_try_call_assignment(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1702}
1703
1704/* Trigger TCH_RTP_CREATE acknowledgement */
1705int gsm48_tch_rtp_create(struct gsm_trans *trans)
1706{
1707 /* This function is called as soon as the port, on which the
1708 * mgcp-gw expects the incoming RTP stream from the remote
1709 * end (e.g. Asterisk) is known. */
1710
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]1711 struct ran_conn *conn = trans->conn;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1712 struct gsm_network *network = conn->network;
1713
1714 mncc_recv_rtp_sock(network, trans, MNCC_RTP_CREATE);
1715 return 0;
1716}
1717
Maxc4e4fa72018-12-17 12:55:59 +0100[diff] [blame]1718static int tch_rtp_connect(struct gsm_network *net, struct gsm_mncc_rtp *rtp)
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1719{
1720 struct gsm_trans *trans;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1721 struct in_addr addr;
1722
Philipp Maier8ad3dac2018-08-07 13:00:14 +0200[diff] [blame]1723 /* FIXME: in *rtp we should get the codec information of the remote
1724 * leg. We will have to populate trans->conn->rtp.codec_cn with a
1725 * meaningful value based on this information but unfortunately we
1726 * can't do that yet because the mncc API can not signal dynamic
1727 * payload types yet. This must be fixed first. Also there may be
1728 * additional members necessary in trans->conn->rtp because we
1729 * somehow need to deal with dynamic payload types that do not
1730 * comply to 3gpp's assumptions of payload type numbers on the A
1731 * interface. See also related tickets: OS#3399 and OS1683 */
1732
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1733 /* Find callref */
1734 trans = trans_find_by_callref(net, rtp->callref);
1735 if (!trans) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1736 LOG_TRANS_CAT(trans, DMNCC, LOGL_ERROR, "RTP connect for non-existing trans\n");
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1737 mncc_recv_rtp_err(net, trans, rtp->callref, MNCC_RTP_CONNECT);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1738 return -EIO;
1739 }
1740 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1741 if (!trans->conn) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1742 LOG_TRANS_CAT(trans, DMNCC, LOGL_ERROR, "RTP connect for trans without conn\n");
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1743 mncc_recv_rtp_err(net, trans, rtp->callref, MNCC_RTP_CONNECT);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1744 return 0;
1745 }
1746
Neels Hofmeyrc65cfe82019-04-08 03:48:56 +0200[diff] [blame]1747 LOG_TRANS_CAT(trans, DMNCC, LOGL_DEBUG, "rx %s\n", get_mncc_name(MNCC_RTP_CONNECT));
1748
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1749 addr.s_addr = osmo_htonl(rtp->ip);
1750 return msc_mgcp_call_complete(trans, rtp->port, inet_ntoa(addr));
1751}
1752
1753static struct downstate {
1754 uint32_t states;
1755 int type;
1756 int (*rout) (struct gsm_trans *trans, void *arg);
1757} downstatelist[] = {
1758 /* mobile originating call establishment */
1759 {SBIT(GSM_CSTATE_INITIATED), /* 5.2.1.2 */
1760 MNCC_CALL_PROC_REQ, gsm48_cc_tx_call_proc_and_assign},
1761 {SBIT(GSM_CSTATE_INITIATED) | SBIT(GSM_CSTATE_MO_CALL_PROC), /* 5.2.1.2 | 5.2.1.5 */
1762 MNCC_ALERT_REQ, gsm48_cc_tx_alerting},
1763 {SBIT(GSM_CSTATE_INITIATED) | SBIT(GSM_CSTATE_MO_CALL_PROC) | SBIT(GSM_CSTATE_CALL_DELIVERED), /* 5.2.1.2 | 5.2.1.6 | 5.2.1.6 */
1764 MNCC_SETUP_RSP, gsm48_cc_tx_connect},
1765 {SBIT(GSM_CSTATE_MO_CALL_PROC), /* 5.2.1.4.2 */
1766 MNCC_PROGRESS_REQ, gsm48_cc_tx_progress},
1767 /* mobile terminating call establishment */
1768 {SBIT(GSM_CSTATE_NULL), /* 5.2.2.1 */
1769 MNCC_SETUP_REQ, gsm48_cc_tx_setup},
1770 {SBIT(GSM_CSTATE_CONNECT_REQUEST),
1771 MNCC_SETUP_COMPL_REQ, gsm48_cc_tx_connect_ack},
1772 /* signalling during call */
1773 {SBIT(GSM_CSTATE_ACTIVE),
1774 MNCC_NOTIFY_REQ, gsm48_cc_tx_notify},
1775 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ),
1776 MNCC_FACILITY_REQ, gsm48_cc_tx_facility},
1777 {ALL_STATES,
1778 MNCC_START_DTMF_RSP, gsm48_cc_tx_start_dtmf_ack},
1779 {ALL_STATES,
1780 MNCC_START_DTMF_REJ, gsm48_cc_tx_start_dtmf_rej},
1781 {ALL_STATES,
1782 MNCC_STOP_DTMF_RSP, gsm48_cc_tx_stop_dtmf_ack},
1783 {SBIT(GSM_CSTATE_ACTIVE),
1784 MNCC_HOLD_CNF, gsm48_cc_tx_hold_ack},
1785 {SBIT(GSM_CSTATE_ACTIVE),
1786 MNCC_HOLD_REJ, gsm48_cc_tx_hold_rej},
1787 {SBIT(GSM_CSTATE_ACTIVE),
1788 MNCC_RETRIEVE_CNF, gsm48_cc_tx_retrieve_ack},
1789 {SBIT(GSM_CSTATE_ACTIVE),
1790 MNCC_RETRIEVE_REJ, gsm48_cc_tx_retrieve_rej},
1791 {SBIT(GSM_CSTATE_ACTIVE),
1792 MNCC_MODIFY_REQ, gsm48_cc_tx_modify},
1793 {SBIT(GSM_CSTATE_MO_ORIG_MODIFY),
1794 MNCC_MODIFY_RSP, gsm48_cc_tx_modify_complete},
1795 {SBIT(GSM_CSTATE_MO_ORIG_MODIFY),
1796 MNCC_MODIFY_REJ, gsm48_cc_tx_modify_reject},
1797 {SBIT(GSM_CSTATE_ACTIVE),
1798 MNCC_USERINFO_REQ, gsm48_cc_tx_userinfo},
1799 /* clearing */
1800 {SBIT(GSM_CSTATE_INITIATED),
1801 MNCC_REJ_REQ, gsm48_cc_tx_release_compl},
1802 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_DISCONNECT_IND) - SBIT(GSM_CSTATE_RELEASE_REQ) - SBIT(GSM_CSTATE_DISCONNECT_REQ), /* 5.4.4 */
1803 MNCC_DISC_REQ, gsm48_cc_tx_disconnect},
1804 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ), /* 5.4.3.2 */
1805 MNCC_REL_REQ, gsm48_cc_tx_release},
1806};
1807
1808#define DOWNSLLEN \
1809 (sizeof(downstatelist) / sizeof(struct downstate))
1810
1811
1812int mncc_tx_to_cc(struct gsm_network *net, int msg_type, void *arg)
1813{
1814 int i, rc = 0;
1815 struct gsm_trans *trans = NULL, *transt;
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]1816 struct ran_conn *conn = NULL;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1817 struct gsm_mncc *data = arg, rel;
1818
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1819 /* handle special messages */
1820 switch(msg_type) {
1821 case MNCC_BRIDGE:
1822 rc = tch_bridge(net, arg);
1823 if (rc < 0)
1824 disconnect_bridge(net, arg, -rc);
1825 return rc;
1826 case MNCC_RTP_CREATE:
1827 return tch_rtp_create(net, data->callref);
1828 case MNCC_RTP_CONNECT:
1829 return tch_rtp_connect(net, arg);
1830 case MNCC_RTP_FREE:
1831 /* unused right now */
1832 return -EIO;
1833
1834 case MNCC_FRAME_DROP:
1835 case MNCC_FRAME_RECV:
1836 case GSM_TCHF_FRAME:
1837 case GSM_TCHF_FRAME_EFR:
1838 case GSM_TCHH_FRAME:
1839 case GSM_TCH_FRAME_AMR:
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1840 LOG_TRANS_CAT(trans, DMNCC, LOGL_ERROR, "RTP streams must be handled externally; %s not supported.\n",
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1841 get_mncc_name(msg_type));
1842 return -ENOTSUP;
1843 }
1844
1845 memset(&rel, 0, sizeof(struct gsm_mncc));
1846 rel.callref = data->callref;
1847
1848 /* Find callref */
1849 trans = trans_find_by_callref(net, data->callref);
1850
1851 /* Callref unknown */
1852 if (!trans) {
1853 struct vlr_subscr *vsub;
1854
1855 if (msg_type != MNCC_SETUP_REQ) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1856 LOG_TRANS_CAT(trans, DCC, LOGL_ERROR, "Unknown call reference for %s\n",
1857 get_mncc_name(msg_type));
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1858 /* Invalid call reference */
1859 return mncc_release_ind(net, NULL, data->callref,
1860 GSM48_CAUSE_LOC_PRN_S_LU,
1861 GSM48_CC_CAUSE_INVAL_TRANS_ID);
1862 }
1863 if (!data->called.number[0] && !data->imsi[0]) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1864 LOG_TRANS_CAT(trans, DCC, LOGL_ERROR, "Neither number nor IMSI in %s\n",
1865 get_mncc_name(msg_type));
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1866 /* Invalid number */
1867 return mncc_release_ind(net, NULL, data->callref,
1868 GSM48_CAUSE_LOC_PRN_S_LU,
1869 GSM48_CC_CAUSE_INV_NR_FORMAT);
1870 }
1871 /* New transaction due to setup, find subscriber */
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1872 if (data->called.number[0]) {
1873 vsub = vlr_subscr_find_by_msisdn(net->vlr, data->called.number, __func__);
1874 if (!vsub)
1875 LOG_TRANS_CAT(trans, DCC, LOGL_ERROR, "rx %s for unknown subscriber number '%s'\n",
1876 get_mncc_name(msg_type), data->called.number);
1877 } else {
Neels Hofmeyr7c5346c2019-02-19 02:36:35 +0100[diff] [blame]1878 vsub = vlr_subscr_find_by_imsi(net->vlr, data->imsi, __func__);
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1879 if (!vsub)
1880 LOG_TRANS_CAT(trans, DCC, LOGL_ERROR, "rx %s for unknown subscriber IMSI '%s'\n",
1881 get_mncc_name(msg_type), data->imsi);
1882 }
1883 if (!vsub)
1884 return mncc_release_ind(net, NULL, data->callref, GSM48_CAUSE_LOC_PRN_S_LU,
1885 GSM48_CC_CAUSE_UNASSIGNED_NR);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1886 /* update the subscriber we deal with */
1887 log_set_context(LOG_CTX_VLR_SUBSCR, vsub);
1888
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1889 /* If subscriber is not "attached" */
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1890 if (!vsub->lu_complete) {
1891 LOG_TRANS_CAT(trans, DCC, LOGL_ERROR, "rx %s for subscriber that is not attached: %s\n",
1892 get_mncc_name(msg_type), vlr_subscr_name(vsub));
Neels Hofmeyr7c5346c2019-02-19 02:36:35 +0100[diff] [blame]1893 vlr_subscr_put(vsub, __func__);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1894 /* Temporarily out of order */
1895 return mncc_release_ind(net, NULL, data->callref,
1896 GSM48_CAUSE_LOC_PRN_S_LU,
1897 GSM48_CC_CAUSE_DEST_OOO);
1898 }
1899 /* Create transaction */
Maxd8daaae2019-02-14 16:54:10 +0700[diff] [blame]1900 trans = trans_alloc(net, vsub, GSM48_PDISC_CC,
1901 TRANS_ID_UNASSIGNED, data->callref);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1902 if (!trans) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1903 LOG_TRANS(trans, LOGL_ERROR, "No memory for trans.\n");
Neels Hofmeyr7c5346c2019-02-19 02:36:35 +0100[diff] [blame]1904 vlr_subscr_put(vsub, __func__);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1905 /* Ressource unavailable */
1906 mncc_release_ind(net, NULL, data->callref,
1907 GSM48_CAUSE_LOC_PRN_S_LU,
1908 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
1909 return -ENOMEM;
1910 }
1911
1912 /* Find conn */
1913 conn = connection_for_subscr(vsub);
1914
1915 /* If subscriber has no conn */
1916 if (!conn) {
1917 /* find transaction with this subscriber already paging */
1918 llist_for_each_entry(transt, &net->trans_list, entry) {
1919 /* Transaction of our conn? */
1920 if (transt == trans ||
1921 transt->vsub != vsub)
1922 continue;
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1923 LOG_TRANS(trans, LOGL_DEBUG,
1924 "rx %s, subscriber not yet connected, paging already started\n",
1925 get_mncc_name(msg_type));
Neels Hofmeyr7c5346c2019-02-19 02:36:35 +0100[diff] [blame]1926 vlr_subscr_put(vsub, __func__);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1927 trans_free(trans);
1928 return 0;
1929 }
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1930
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1931 /* store setup information until paging succeeds */
1932 memcpy(&trans->cc.msg, data, sizeof(struct gsm_mncc));
1933
1934 /* Request a channel */
1935 trans->paging_request = subscr_request_conn(
1936 vsub,
1937 setup_trig_pag_evt,
1938 trans,
Harald Welte0df904d2018-12-03 11:00:04 +0100[diff] [blame]1939 "MNCC: establish call",
1940 SGSAP_SERV_IND_CS_CALL);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1941 if (!trans->paging_request) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1942 LOG_TRANS(trans, LOGL_ERROR, "Failed to allocate paging token.\n");
Neels Hofmeyr7c5346c2019-02-19 02:36:35 +0100[diff] [blame]1943 vlr_subscr_put(vsub, __func__);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1944 trans_free(trans);
1945 return 0;
1946 }
Neels Hofmeyr7c5346c2019-02-19 02:36:35 +0100[diff] [blame]1947 vlr_subscr_put(vsub, __func__);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1948 return 0;
1949 }
1950
1951 /* Assign conn */
Neels Hofmeyr3c20a5e2018-11-30 01:08:36 +0100[diff] [blame]1952 trans->conn = ran_conn_get(conn, RAN_CONN_USE_TRANS_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1953 trans->dlci = 0x00; /* SAPI=0, not SACCH */
Neels Hofmeyr7c5346c2019-02-19 02:36:35 +0100[diff] [blame]1954 vlr_subscr_put(vsub, __func__);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1955 } else {
1956 /* update the subscriber we deal with */
1957 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1958 }
1959
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1960 LOG_TRANS_CAT(trans, DMNCC, LOGL_DEBUG, "rx %s\n", get_mncc_name(msg_type));
1961
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]1962 gsm48_start_guard_timer(trans);
1963
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1964 if (trans->conn)
1965 conn = trans->conn;
1966
1967 /* if paging did not respond yet */
1968 if (!conn) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1969 LOG_TRANS(trans, LOGL_DEBUG, "rx %s in paging state\n", get_mncc_name(msg_type));
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1970 mncc_set_cause(&rel, GSM48_CAUSE_LOC_PRN_S_LU,
1971 GSM48_CC_CAUSE_NORM_CALL_CLEAR);
1972 if (msg_type == MNCC_REL_REQ)
1973 rc = mncc_recvmsg(net, trans, MNCC_REL_CNF, &rel);
1974 else
1975 rc = mncc_recvmsg(net, trans, MNCC_REL_IND, &rel);
1976 trans->callref = 0;
1977 trans_free(trans);
1978 return rc;
1979 } else {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1980 LOG_TRANS(trans, LOGL_DEBUG, "rx %s in state %s\n",
1981 get_mncc_name(msg_type), gsm48_cc_state_name(trans->cc.state));
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1982 }
1983
1984 /* Find function for current state and message */
1985 for (i = 0; i < DOWNSLLEN; i++)
1986 if ((msg_type == downstatelist[i].type)
1987 && ((1 << trans->cc.state) & downstatelist[i].states))
1988 break;
1989 if (i == DOWNSLLEN) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]1990 LOG_TRANS(trans, LOGL_DEBUG, "Message '%s' unhandled at state '%s'\n",
1991 get_mncc_name(msg_type), gsm48_cc_state_name(trans->cc.state));
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1992 return 0;
1993 }
1994
1995 rc = downstatelist[i].rout(trans, arg);
1996
1997 return rc;
1998}
1999
2000
2001static struct datastate {
2002 uint32_t states;
2003 int type;
2004 int (*rout) (struct gsm_trans *trans, struct msgb *msg);
2005} datastatelist[] = {
2006 /* mobile originating call establishment */
2007 {SBIT(GSM_CSTATE_NULL), /* 5.2.1.2 */
2008 GSM48_MT_CC_SETUP, gsm48_cc_rx_setup},
2009 {SBIT(GSM_CSTATE_NULL), /* 5.2.1.2 */
2010 GSM48_MT_CC_EMERG_SETUP, gsm48_cc_rx_setup},
2011 {SBIT(GSM_CSTATE_CONNECT_IND), /* 5.2.1.2 */
2012 GSM48_MT_CC_CONNECT_ACK, gsm48_cc_rx_connect_ack},
2013 /* mobile terminating call establishment */
2014 {SBIT(GSM_CSTATE_CALL_PRESENT), /* 5.2.2.3.2 */
2015 GSM48_MT_CC_CALL_CONF, gsm48_cc_rx_call_conf},
2016 {SBIT(GSM_CSTATE_CALL_PRESENT) | SBIT(GSM_CSTATE_MO_TERM_CALL_CONF), /* ???? | 5.2.2.3.2 */
2017 GSM48_MT_CC_ALERTING, gsm48_cc_rx_alerting},
2018 {SBIT(GSM_CSTATE_CALL_PRESENT) | SBIT(GSM_CSTATE_MO_TERM_CALL_CONF) | SBIT(GSM_CSTATE_CALL_RECEIVED), /* (5.2.2.6) | 5.2.2.6 | 5.2.2.6 */
2019 GSM48_MT_CC_CONNECT, gsm48_cc_rx_connect},
2020 /* signalling during call */
2021 {ALL_STATES - SBIT(GSM_CSTATE_NULL),
2022 GSM48_MT_CC_FACILITY, gsm48_cc_rx_facility},
2023 {SBIT(GSM_CSTATE_ACTIVE),
2024 GSM48_MT_CC_NOTIFY, gsm48_cc_rx_notify},
2025 {ALL_STATES,
2026 GSM48_MT_CC_START_DTMF, gsm48_cc_rx_start_dtmf},
2027 {ALL_STATES,
2028 GSM48_MT_CC_STOP_DTMF, gsm48_cc_rx_stop_dtmf},
2029 {ALL_STATES,
2030 GSM48_MT_CC_STATUS_ENQ, gsm48_cc_rx_status_enq},
2031 {SBIT(GSM_CSTATE_ACTIVE),
2032 GSM48_MT_CC_HOLD, gsm48_cc_rx_hold},
2033 {SBIT(GSM_CSTATE_ACTIVE),
2034 GSM48_MT_CC_RETR, gsm48_cc_rx_retrieve},
2035 {SBIT(GSM_CSTATE_ACTIVE),
2036 GSM48_MT_CC_MODIFY, gsm48_cc_rx_modify},
2037 {SBIT(GSM_CSTATE_MO_TERM_MODIFY),
2038 GSM48_MT_CC_MODIFY_COMPL, gsm48_cc_rx_modify_complete},
2039 {SBIT(GSM_CSTATE_MO_TERM_MODIFY),
2040 GSM48_MT_CC_MODIFY_REJECT, gsm48_cc_rx_modify_reject},
2041 {SBIT(GSM_CSTATE_ACTIVE),
2042 GSM48_MT_CC_USER_INFO, gsm48_cc_rx_userinfo},
2043 /* clearing */
2044 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ), /* 5.4.3.2 */
2045 GSM48_MT_CC_DISCONNECT, gsm48_cc_rx_disconnect},
2046 {ALL_STATES - SBIT(GSM_CSTATE_NULL), /* 5.4.4.1.2.2 */
2047 GSM48_MT_CC_RELEASE, gsm48_cc_rx_release},
2048 {ALL_STATES, /* 5.4.3.4 */
2049 GSM48_MT_CC_RELEASE_COMPL, gsm48_cc_rx_release_compl},
2050};
2051
2052#define DATASLLEN \
2053 (sizeof(datastatelist) / sizeof(struct datastate))
2054
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]2055int gsm0408_rcv_cc(struct ran_conn *conn, struct msgb *msg)
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2056{
2057 struct gsm48_hdr *gh = msgb_l3(msg);
2058 uint8_t msg_type = gsm48_hdr_msg_type(gh);
2059 uint8_t transaction_id = gsm48_hdr_trans_id_flip_ti(gh);
2060 struct gsm_trans *trans = NULL;
2061 int i, rc = 0;
2062
2063 if (msg_type & 0x80) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]2064 LOG_TRANS(trans, LOGL_DEBUG, "MSG 0x%2x not defined for PD error\n", msg_type);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2065 return -EINVAL;
2066 }
2067
2068 if (!conn->vsub) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]2069 LOG_TRANS(trans, LOGL_ERROR, "Invalid conn: no subscriber\n");
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2070 return -EINVAL;
2071 }
2072
2073 /* Find transaction */
2074 trans = trans_find_by_id(conn, GSM48_PDISC_CC, transaction_id);
2075
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2076 /* Create transaction */
2077 if (!trans) {
2078 DEBUGP(DCC, "Unknown transaction ID %x, "
2079 "creating new trans.\n", transaction_id);
2080 /* Create transaction */
2081 trans = trans_alloc(conn->network, conn->vsub,
2082 GSM48_PDISC_CC,
2083 transaction_id, new_callref++);
2084 if (!trans) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]2085 LOG_TRANS(trans, LOGL_ERROR, "No memory for trans.\n");
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2086 rc = gsm48_tx_simple(conn,
2087 GSM48_PDISC_CC | (transaction_id << 4),
2088 GSM48_MT_CC_RELEASE_COMPL);
2089 return -ENOMEM;
2090 }
2091 /* Assign transaction */
Neels Hofmeyr3c20a5e2018-11-30 01:08:36 +0100[diff] [blame]2092 trans->conn = ran_conn_get(conn, RAN_CONN_USE_TRANS_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2093 trans->dlci = OMSC_LINKID_CB(msg); /* DLCI as received from BSC */
2094 cm_service_request_concludes(conn, msg);
2095 }
2096
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]2097 LOG_TRANS(trans, LOGL_DEBUG, "rx %s in state %s\n", gsm48_cc_msg_name(msg_type),
2098 gsm48_cc_state_name(trans->cc.state));
2099
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2100 /* find function for current state and message */
2101 for (i = 0; i < DATASLLEN; i++)
2102 if ((msg_type == datastatelist[i].type)
2103 && ((1 << trans->cc.state) & datastatelist[i].states))
2104 break;
2105 if (i == DATASLLEN) {
Neels Hofmeyrff7074a2019-02-28 05:50:06 +0100[diff] [blame]2106 LOG_TRANS(trans, LOGL_ERROR, "Message unhandled at this state.\n");
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2107 return 0;
2108 }
2109
2110 assert(trans->vsub);
2111
2112 rc = datastatelist[i].rout(trans, msg);
2113
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]2114 ran_conn_communicating(conn);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2115 return rc;
2116}