Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 7992122bac66f28ce2d77ddcd7aef8416796deea / . / src / libmsc / gsm_04_08_cc.c
blob: a172b4745897855848d26c52b6f912e8e6474d66 [file] [log] [blame]
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1/* GSM Mobile Radio Interface Layer 3 Call Control */
2
3/* (C) 2008-2016 by Harald Welte <laforge@gnumonks.org>
4 * (C) 2008-2012 by Holger Hans Peter Freyther <zecke@selfish.org>
5 *
6 * All Rights Reserved
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 *
21 */
22
23#include <stdio.h>
24#include <stdlib.h>
25#include <string.h>
26#include <stdbool.h>
27#include <errno.h>
28#include <time.h>
29#include <netinet/in.h>
30#include <regex.h>
31#include <sys/types.h>
32
33#include "bscconfig.h"
34
35#include <osmocom/msc/db.h>
36#include <osmocom/msc/debug.h>
37#include <osmocom/msc/gsm_data.h>
38#include <osmocom/msc/gsm_subscriber.h>
39#include <osmocom/msc/gsm_04_11.h>
40#include <osmocom/msc/gsm_04_08.h>
41#include <osmocom/msc/gsm_04_80.h>
42#include <osmocom/msc/gsm_04_14.h>
43#include <osmocom/msc/gsm_09_11.h>
44#include <osmocom/msc/signal.h>
45#include <osmocom/msc/transaction.h>
46#include <osmocom/msc/silent_call.h>
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]47#include <osmocom/msc/mncc_int.h>
48#include <osmocom/abis/e1_input.h>
49#include <osmocom/core/bitvec.h>
50#include <osmocom/msc/vlr.h>
51#include <osmocom/msc/msc_ifaces.h>
52
53#include <osmocom/gsm/gsm48.h>
54#include <osmocom/gsm/gsm0480.h>
55#include <osmocom/gsm/gsm_utils.h>
56#include <osmocom/gsm/protocol/gsm_04_08.h>
57#include <osmocom/core/msgb.h>
58#include <osmocom/core/talloc.h>
59#include <osmocom/core/utils.h>
60#include <osmocom/core/byteswap.h>
61#include <osmocom/gsm/tlv.h>
62#include <osmocom/crypt/auth.h>
63#ifdef BUILD_IU
64#include <osmocom/ranap/iu_client.h>
65#endif
66
67#include <osmocom/msc/msc_ifaces.h>
68#include <osmocom/msc/a_iface.h>
69#include <osmocom/msc/msc_mgcp.h>
70
71#include <assert.h>
72
73static uint32_t new_callref = 0x80000001;
74
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]75static void gsm48_cc_guard_timeout(void *arg)
76{
77 struct gsm_trans *trans = arg;
78 DEBUGP(DCC, "(sub %s) guard timeout expired\n",
79 vlr_subscr_msisdn_or_name(trans->vsub));
80 trans_free(trans);
81 return;
82}
83
84static void gsm48_stop_guard_timer(struct gsm_trans *trans)
85{
86 if (osmo_timer_pending(&trans->cc.timer_guard)) {
87 DEBUGP(DCC, "(sub %s) stopping pending guard timer\n",
88 vlr_subscr_msisdn_or_name(trans->vsub));
89 osmo_timer_del(&trans->cc.timer_guard);
90 }
91}
92
93static void gsm48_start_guard_timer(struct gsm_trans *trans)
94{
95 /* NOTE: The purpose of this timer is to prevent the cc state machine
96 * from hanging in cases where mncc, gsm48 or both become unresponsive
97 * for some reason. The timer is started initially with the setup from
98 * the gsm48 side and then re-started with every incoming mncc message.
99 * Once the mncc state reaches its active state the timer is stopped.
100 * So if the cc state machine does not show any activity for an
101 * extended amount of time during call setup or teardown the guard
102 * timer will time out and hard-clear the connection. */
103 if (osmo_timer_pending(&trans->cc.timer_guard))
104 gsm48_stop_guard_timer(trans);
105 DEBUGP(DCC, "(sub %s) starting guard timer with %d seconds\n",
106 vlr_subscr_msisdn_or_name(trans->vsub),
107 trans->net->mncc_guard_timeout);
108 osmo_timer_setup(&trans->cc.timer_guard, gsm48_cc_guard_timeout, trans);
109 osmo_timer_schedule(&trans->cc.timer_guard,
110 trans->net->mncc_guard_timeout, 0);
111}
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]112
113/* Call Control */
114
115void cc_tx_to_mncc(struct gsm_network *net, struct msgb *msg)
116{
117 net->mncc_recv(net, msg);
118}
119
120int gsm48_cc_tx_notify_ss(struct gsm_trans *trans, const char *message)
121{
122 struct gsm48_hdr *gh;
123 struct msgb *ss_notify;
124
125 ss_notify = gsm0480_create_notifySS(message);
126 if (!ss_notify)
127 return -1;
128
129 gsm0480_wrap_invoke(ss_notify, GSM0480_OP_CODE_NOTIFY_SS, 0);
130 uint8_t *data = msgb_push(ss_notify, 1);
131 data[0] = ss_notify->len - 1;
132 gh = (struct gsm48_hdr *) msgb_push(ss_notify, sizeof(*gh));
133 gh->msg_type = GSM48_MT_CC_FACILITY;
134 return gsm48_conn_sendmsg(ss_notify, trans->conn, trans);
135}
136
137/* FIXME: this count_statistics is a state machine behaviour. we should convert
138 * the complete call control into a state machine. Afterwards we can move this
139 * code into state transitions.
140 */
141static void count_statistics(struct gsm_trans *trans, int new_state)
142{
143 int old_state = trans->cc.state;
144 struct rate_ctr_group *msc = trans->net->msc_ctrs;
145
146 if (old_state == new_state)
147 return;
148
149 /* state incoming */
150 switch (new_state) {
151 case GSM_CSTATE_ACTIVE:
152 osmo_counter_inc(trans->net->active_calls);
153 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_ACTIVE]);
154 break;
155 }
156
157 /* state outgoing */
158 switch (old_state) {
159 case GSM_CSTATE_ACTIVE:
160 osmo_counter_dec(trans->net->active_calls);
161 if (new_state == GSM_CSTATE_DISCONNECT_REQ ||
162 new_state == GSM_CSTATE_DISCONNECT_IND)
163 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_COMPLETE]);
164 else
165 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_INCOMPLETE]);
166 break;
167 }
168}
169
170/* The entire call control code is written in accordance with Figure 7.10c
171 * for 'very early assignment', i.e. we allocate a TCH/F during IMMEDIATE
172 * ASSIGN, then first use that TCH/F for signalling and later MODE MODIFY
173 * it for voice */
174
175static void new_cc_state(struct gsm_trans *trans, int state)
176{
177 if (state > 31 || state < 0)
178 return;
179
180 DEBUGP(DCC, "(ti %02x sub %s) new state %s -> %s\n",
181 trans->transaction_id,
182 vlr_subscr_name(trans->vsub),
183 gsm48_cc_state_name(trans->cc.state),
184 gsm48_cc_state_name(state));
185
186 count_statistics(trans, state);
187 trans->cc.state = state;
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]188
189 /* Stop the guard timer when a call reaches the active state */
190 if (state == GSM_CSTATE_ACTIVE)
191 gsm48_stop_guard_timer(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]192}
193
194static int gsm48_cc_tx_status(struct gsm_trans *trans, void *arg)
195{
196 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC STATUS");
197 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
198 uint8_t *cause, *call_state;
199
200 gh->msg_type = GSM48_MT_CC_STATUS;
201
202 cause = msgb_put(msg, 3);
203 cause[0] = 2;
204 cause[1] = GSM48_CAUSE_CS_GSM | GSM48_CAUSE_LOC_USER;
205 cause[2] = 0x80 | 30; /* response to status inquiry */
206
207 call_state = msgb_put(msg, 1);
208 call_state[0] = 0xc0 | 0x00;
209
210 return gsm48_conn_sendmsg(msg, trans->conn, trans);
211}
212
213static void gsm48_stop_cc_timer(struct gsm_trans *trans)
214{
215 if (osmo_timer_pending(&trans->cc.timer)) {
216 DEBUGP(DCC, "stopping pending timer T%x\n", trans->cc.Tcurrent);
217 osmo_timer_del(&trans->cc.timer);
218 trans->cc.Tcurrent = 0;
219 }
220}
221
222static int mncc_recvmsg(struct gsm_network *net, struct gsm_trans *trans,
223 int msg_type, struct gsm_mncc *mncc)
224{
225 struct msgb *msg;
226 unsigned char *data;
227
228 DEBUGP(DMNCC, "transmit message %s\n", get_mncc_name(msg_type));
229
230#if BEFORE_MSCSPLIT
231 /* Re-enable this log output once we can obtain this information via
232 * A-interface, see OS#2391. */
233 if (trans)
234 if (trans->conn && trans->conn->lchan)
235 DEBUGP(DCC, "(bts %d trx %d ts %d ti %x sub %s) "
236 "Sending '%s' to MNCC.\n",
237 trans->conn->lchan->ts->trx->bts->nr,
238 trans->conn->lchan->ts->trx->nr,
239 trans->conn->lchan->ts->nr, trans->transaction_id,
240 vlr_subscr_msisdn_or_name(trans->vsub),
241 get_mncc_name(msg_type));
242 else
243 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
244 "Sending '%s' to MNCC.\n",
245 vlr_subscr_msisdn_or_name(trans->vsub),
246 get_mncc_name(msg_type));
247 else
248 DEBUGP(DCC, "(bts - trx - ts - ti -- sub -) "
249 "Sending '%s' to MNCC.\n", get_mncc_name(msg_type));
250#else
251 DEBUGP(DCC, "Sending '%s' to MNCC.\n", get_mncc_name(msg_type));
252#endif
253
254 mncc->msg_type = msg_type;
255
256 msg = msgb_alloc(sizeof(struct gsm_mncc), "MNCC");
257 if (!msg)
258 return -ENOMEM;
259
260 data = msgb_put(msg, sizeof(struct gsm_mncc));
261 memcpy(data, mncc, sizeof(struct gsm_mncc));
262
263 cc_tx_to_mncc(net, msg);
264
265 return 0;
266}
267
268int mncc_release_ind(struct gsm_network *net, struct gsm_trans *trans,
269 uint32_t callref, int location, int value)
270{
271 struct gsm_mncc rel;
272
273 memset(&rel, 0, sizeof(rel));
274 rel.callref = callref;
275 mncc_set_cause(&rel, location, value);
276 if (trans && trans->cc.state == GSM_CSTATE_RELEASE_REQ)
277 return mncc_recvmsg(net, trans, MNCC_REL_CNF, &rel);
278 return mncc_recvmsg(net, trans, MNCC_REL_IND, &rel);
279}
280
281/* Call Control Specific transaction release.
282 * gets called by trans_free, DO NOT CALL YOURSELF! */
283void _gsm48_cc_trans_free(struct gsm_trans *trans)
284{
285 gsm48_stop_cc_timer(trans);
286
287 /* Initiate the teardown of the related connections on the MGW */
288 msc_mgcp_call_release(trans);
289
290 /* send release to L4, if callref still exists */
291 if (trans->callref) {
292 /* Ressource unavailable */
293 mncc_release_ind(trans->net, trans, trans->callref,
294 GSM48_CAUSE_LOC_PRN_S_LU,
295 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
296 /* This is a final freeing of the transaction. The MNCC release may have triggered the
297 * T308 release timer, but we don't have the luxury of graceful CC Release here. */
298 gsm48_stop_cc_timer(trans);
299 }
300 if (trans->cc.state != GSM_CSTATE_NULL)
301 new_cc_state(trans, GSM_CSTATE_NULL);
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]302
303 gsm48_stop_guard_timer(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]304}
305
306static int gsm48_cc_tx_setup(struct gsm_trans *trans, void *arg);
307
308/* call-back from paging the B-end of the connection */
309static int setup_trig_pag_evt(unsigned int hooknum, unsigned int event,
310 struct msgb *msg, void *_conn, void *_transt)
311{
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]312 struct ran_conn *conn = _conn;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]313 struct gsm_trans *transt = _transt;
314 enum gsm_paging_event paging_event = event;
315
316 OSMO_ASSERT(!transt->conn);
317
318 switch (paging_event) {
319 case GSM_PAGING_SUCCEEDED:
320 DEBUGP(DCC, "Paging subscr %s succeeded!\n",
321 vlr_subscr_msisdn_or_name(transt->vsub));
322 OSMO_ASSERT(conn);
323 /* Assign conn */
Neels Hofmeyr3c20a5e2018-11-30 01:08:36 +0100[diff] [blame]324 transt->conn = ran_conn_get(conn, RAN_CONN_USE_TRANS_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]325 transt->paging_request = NULL;
326 /* send SETUP request to called party */
327 gsm48_cc_tx_setup(transt, &transt->cc.msg);
328 break;
329 case GSM_PAGING_EXPIRED:
330 case GSM_PAGING_BUSY:
331 DEBUGP(DCC, "Paging subscr %s %s!\n",
332 vlr_subscr_msisdn_or_name(transt->vsub),
333 paging_event == GSM_PAGING_EXPIRED ? "expired" : "busy");
334 /* Temporarily out of order */
335 mncc_release_ind(transt->net, transt,
336 transt->callref,
337 GSM48_CAUSE_LOC_PRN_S_LU,
338 GSM48_CC_CAUSE_DEST_OOO);
339 transt->callref = 0;
340 transt->paging_request = NULL;
341 trans_free(transt);
342 break;
343 }
344
345 return 0;
346}
347
348/* bridge channels of two transactions */
349static int tch_bridge(struct gsm_network *net, struct gsm_mncc_bridge *bridge)
350{
351 struct gsm_trans *trans1 = trans_find_by_callref(net, bridge->callref[0]);
352 struct gsm_trans *trans2 = trans_find_by_callref(net, bridge->callref[1]);
353 int rc;
354
355 if (!trans1 || !trans2)
356 return -EIO;
357
358 if (!trans1->conn || !trans2->conn)
359 return -EIO;
360
361 /* Which subscriber do we want to track trans1 or trans2? */
362 log_set_context(LOG_CTX_VLR_SUBSCR, trans1->vsub);
363
Philipp Maier8ad3dac2018-08-07 13:00:14 +0200[diff] [blame]364 /* This call briding mechanism is only used with the internal MNCC.
365 * functionality (with external MNCC briding would be done by the PBX)
366 * This means we may just copy the codec info we have for the RAN side
367 * of the first leg to the CN side of both legs. This also means that
368 * if both legs use different codecs the MGW must perform transcoding
369 * on the second leg. */
370 trans1->conn->rtp.codec_cn = trans1->conn->rtp.codec_ran;
371 trans2->conn->rtp.codec_cn = trans1->conn->rtp.codec_ran;
372
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]373 /* Bridge RTP streams */
374 rc = msc_mgcp_call_complete(trans1, trans2->conn->rtp.local_port_cn,
375 trans2->conn->rtp.local_addr_cn);
376 if (rc)
377 return -EINVAL;
378
379 rc = msc_mgcp_call_complete(trans2, trans1->conn->rtp.local_port_cn,
380 trans1->conn->rtp.local_addr_cn);
381 if (rc)
382 return -EINVAL;
383
384 return 0;
385}
386
387static int gsm48_cc_rx_status_enq(struct gsm_trans *trans, struct msgb *msg)
388{
389 DEBUGP(DCC, "-> STATUS ENQ\n");
390 return gsm48_cc_tx_status(trans, msg);
391}
392
393static int gsm48_cc_tx_release(struct gsm_trans *trans, void *arg);
394static int gsm48_cc_tx_disconnect(struct gsm_trans *trans, void *arg);
395
396static void gsm48_cc_timeout(void *arg)
397{
398 struct gsm_trans *trans = arg;
399 int disconnect = 0, release = 0;
400 int mo_cause = GSM48_CC_CAUSE_RECOVERY_TIMER;
401 int mo_location = GSM48_CAUSE_LOC_USER;
402 int l4_cause = GSM48_CC_CAUSE_NORMAL_UNSPEC;
403 int l4_location = GSM48_CAUSE_LOC_PRN_S_LU;
404 struct gsm_mncc mo_rel, l4_rel;
405
406 memset(&mo_rel, 0, sizeof(struct gsm_mncc));
407 mo_rel.callref = trans->callref;
408 memset(&l4_rel, 0, sizeof(struct gsm_mncc));
409 l4_rel.callref = trans->callref;
410
411 switch(trans->cc.Tcurrent) {
412 case 0x303:
413 release = 1;
414 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
415 break;
416 case 0x310:
417 disconnect = 1;
418 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
419 break;
420 case 0x313:
421 disconnect = 1;
422 /* unknown, did not find it in the specs */
423 break;
424 case 0x301:
425 disconnect = 1;
426 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
427 break;
428 case 0x308:
429 if (!trans->cc.T308_second) {
430 /* restart T308 a second time */
431 gsm48_cc_tx_release(trans, &trans->cc.msg);
432 trans->cc.T308_second = 1;
433 break; /* stay in release state */
434 }
435 trans_free(trans);
436 return;
437 case 0x306:
438 release = 1;
439 mo_cause = trans->cc.msg.cause.value;
440 mo_location = trans->cc.msg.cause.location;
441 break;
442 case 0x323:
443 disconnect = 1;
444 break;
445 default:
446 release = 1;
447 }
448
449 if (release && trans->callref) {
450 /* process release towards layer 4 */
451 mncc_release_ind(trans->net, trans, trans->callref,
452 l4_location, l4_cause);
453 trans->callref = 0;
454 }
455
456 if (disconnect && trans->callref) {
457 /* process disconnect towards layer 4 */
458 mncc_set_cause(&l4_rel, l4_location, l4_cause);
459 mncc_recvmsg(trans->net, trans, MNCC_DISC_IND, &l4_rel);
460 }
461
462 /* process disconnect towards mobile station */
463 if (disconnect || release) {
464 mncc_set_cause(&mo_rel, mo_location, mo_cause);
465 mo_rel.cause.diag[0] = ((trans->cc.Tcurrent & 0xf00) >> 8) + '0';
466 mo_rel.cause.diag[1] = ((trans->cc.Tcurrent & 0x0f0) >> 4) + '0';
467 mo_rel.cause.diag[2] = (trans->cc.Tcurrent & 0x00f) + '0';
468 mo_rel.cause.diag_len = 3;
469
470 if (disconnect)
471 gsm48_cc_tx_disconnect(trans, &mo_rel);
472 if (release)
473 gsm48_cc_tx_release(trans, &mo_rel);
474 }
475
476}
477
478/* disconnect both calls from the bridge */
479static inline void disconnect_bridge(struct gsm_network *net,
480 struct gsm_mncc_bridge *bridge, int err)
481{
482 struct gsm_trans *trans0 = trans_find_by_callref(net, bridge->callref[0]);
483 struct gsm_trans *trans1 = trans_find_by_callref(net, bridge->callref[1]);
484 struct gsm_mncc mx_rel;
485 if (!trans0 || !trans1)
486 return;
487
488 DEBUGP(DCC, "Failed to bridge TCH for calls %x <-> %x :: %s \n",
489 trans0->callref, trans1->callref, strerror(err));
490
491 memset(&mx_rel, 0, sizeof(struct gsm_mncc));
492 mncc_set_cause(&mx_rel, GSM48_CAUSE_LOC_INN_NET,
493 GSM48_CC_CAUSE_CHAN_UNACCEPT);
494
495 mx_rel.callref = trans0->callref;
496 gsm48_cc_tx_disconnect(trans0, &mx_rel);
497
498 mx_rel.callref = trans1->callref;
499 gsm48_cc_tx_disconnect(trans1, &mx_rel);
500}
501
502static void gsm48_start_cc_timer(struct gsm_trans *trans, int current,
503 int sec, int micro)
504{
505 DEBUGP(DCC, "starting timer T%x with %d seconds\n", current, sec);
506 osmo_timer_setup(&trans->cc.timer, gsm48_cc_timeout, trans);
507 osmo_timer_schedule(&trans->cc.timer, sec, micro);
508 trans->cc.Tcurrent = current;
509}
510
511static int gsm48_cc_rx_setup(struct gsm_trans *trans, struct msgb *msg)
512{
513 struct gsm48_hdr *gh = msgb_l3(msg);
514 uint8_t msg_type = gsm48_hdr_msg_type(gh);
515 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
516 struct tlv_parsed tp;
517 struct gsm_mncc setup;
518
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]519 gsm48_start_guard_timer(trans);
520
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]521 memset(&setup, 0, sizeof(struct gsm_mncc));
522 setup.callref = trans->callref;
523
524 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
525 /* emergency setup is identified by msg_type */
526 if (msg_type == GSM48_MT_CC_EMERG_SETUP) {
527 setup.fields |= MNCC_F_EMERGENCY;
528 setup.emergency = 1;
529 /* use destination number as configured by user (if any) */
530 if (trans->net->emergency.route_to_msisdn) {
531 setup.fields |= MNCC_F_CALLED;
532 setup.called.type = 0; /* unknown */
533 setup.called.plan = 0; /* unknown */
534 OSMO_STRLCPY_ARRAY(setup.called.number,
535 trans->net->emergency.route_to_msisdn);
536 }
537 }
538
539 /* use subscriber as calling party number */
540 setup.fields |= MNCC_F_CALLING;
541 OSMO_STRLCPY_ARRAY(setup.calling.number, trans->vsub->msisdn);
542 OSMO_STRLCPY_ARRAY(setup.imsi, trans->vsub->imsi);
543
544 /* bearer capability */
545 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
546 setup.fields |= MNCC_F_BEARER_CAP;
547 gsm48_decode_bearer_cap(&setup.bearer_cap,
548 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
549
550 /* Create a copy of the bearer capability
551 * in the transaction struct, so we can use
552 * this information later */
553 memcpy(&trans->bearer_cap,&setup.bearer_cap,
554 sizeof(trans->bearer_cap));
555 }
556 /* facility */
557 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
558 setup.fields |= MNCC_F_FACILITY;
559 gsm48_decode_facility(&setup.facility,
560 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
561 }
562 /* called party bcd number */
563 if (TLVP_PRESENT(&tp, GSM48_IE_CALLED_BCD)) {
564 setup.fields |= MNCC_F_CALLED;
565 gsm48_decode_called(&setup.called,
566 TLVP_VAL(&tp, GSM48_IE_CALLED_BCD)-1);
567 }
568 /* user-user */
569 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
570 setup.fields |= MNCC_F_USERUSER;
571 gsm48_decode_useruser(&setup.useruser,
572 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
573 }
574 /* ss-version */
575 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
576 setup.fields |= MNCC_F_SSVERSION;
577 gsm48_decode_ssversion(&setup.ssversion,
578 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
579 }
580 /* CLIR suppression */
581 if (TLVP_PRESENT(&tp, GSM48_IE_CLIR_SUPP))
582 setup.clir.sup = 1;
583 /* CLIR invocation */
584 if (TLVP_PRESENT(&tp, GSM48_IE_CLIR_INVOC))
585 setup.clir.inv = 1;
586 /* cc cap */
587 if (TLVP_PRESENT(&tp, GSM48_IE_CC_CAP)) {
588 setup.fields |= MNCC_F_CCCAP;
589 gsm48_decode_cccap(&setup.cccap,
590 TLVP_VAL(&tp, GSM48_IE_CC_CAP)-1);
591 }
592
593 new_cc_state(trans, GSM_CSTATE_INITIATED);
594
595 LOGP(DCC, setup.emergency ? LOGL_NOTICE : LOGL_INFO, "Subscriber %s (%s) sends %sSETUP to %s\n",
596 vlr_subscr_name(trans->vsub), trans->vsub->msisdn, setup.emergency ? "EMERGENCY_" : "",
597 setup.called.number);
598
599 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MO_SETUP]);
600
601 /* indicate setup to MNCC */
602 mncc_recvmsg(trans->net, trans, MNCC_SETUP_IND, &setup);
603
604 /* MNCC code will modify the channel asynchronously, we should
605 * ipaccess-bind only after the modification has been made to the
606 * lchan->tch_mode */
607 return 0;
608}
609
610static int gsm48_cc_tx_setup(struct gsm_trans *trans, void *arg)
611{
612 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC STUP");
613 struct gsm48_hdr *gh;
614 struct gsm_mncc *setup = arg;
615 int rc, trans_id;
616
617 gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
618
619 /* transaction id must not be assigned */
620 if (trans->transaction_id != 0xff) { /* unasssigned */
621 DEBUGP(DCC, "TX Setup with assigned transaction. "
622 "This is not allowed!\n");
623 /* Temporarily out of order */
624 rc = mncc_release_ind(trans->net, trans, trans->callref,
625 GSM48_CAUSE_LOC_PRN_S_LU,
626 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
627 trans->callref = 0;
628 trans_free(trans);
629 return rc;
630 }
631
632 /* Get free transaction_id */
633 trans_id = trans_assign_trans_id(trans->net, trans->vsub,
634 GSM48_PDISC_CC, 0);
635 if (trans_id < 0) {
636 /* no free transaction ID */
637 rc = mncc_release_ind(trans->net, trans, trans->callref,
638 GSM48_CAUSE_LOC_PRN_S_LU,
639 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
640 trans->callref = 0;
641 trans_free(trans);
642 return rc;
643 }
644 trans->transaction_id = trans_id;
645
646 gh->msg_type = GSM48_MT_CC_SETUP;
647
648 gsm48_start_cc_timer(trans, 0x303, GSM48_T303);
649
650 /* bearer capability */
651 if (setup->fields & MNCC_F_BEARER_CAP) {
652 /* Create a copy of the bearer capability in the transaction struct, so we
653 * can use this information later */
654 memcpy(&trans->bearer_cap, &setup->bearer_cap, sizeof(trans->bearer_cap));
655 gsm48_encode_bearer_cap(msg, 0, &setup->bearer_cap);
656 }
657 /* facility */
658 if (setup->fields & MNCC_F_FACILITY)
659 gsm48_encode_facility(msg, 0, &setup->facility);
660 /* progress */
661 if (setup->fields & MNCC_F_PROGRESS)
662 gsm48_encode_progress(msg, 0, &setup->progress);
663 /* calling party BCD number */
664 if (setup->fields & MNCC_F_CALLING)
665 gsm48_encode_calling(msg, &setup->calling);
666 /* called party BCD number */
667 if (setup->fields & MNCC_F_CALLED)
668 gsm48_encode_called(msg, &setup->called);
669 /* user-user */
670 if (setup->fields & MNCC_F_USERUSER)
671 gsm48_encode_useruser(msg, 0, &setup->useruser);
672 /* redirecting party BCD number */
673 if (setup->fields & MNCC_F_REDIRECTING)
674 gsm48_encode_redirecting(msg, &setup->redirecting);
675 /* signal */
676 if (setup->fields & MNCC_F_SIGNAL)
677 gsm48_encode_signal(msg, setup->signal);
678
679 new_cc_state(trans, GSM_CSTATE_CALL_PRESENT);
680
681 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MT_SETUP]);
682
683 return gsm48_conn_sendmsg(msg, trans->conn, trans);
684}
685
686static int gsm48_cc_rx_call_conf(struct gsm_trans *trans, struct msgb *msg)
687{
688 struct gsm48_hdr *gh = msgb_l3(msg);
689 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
690 struct tlv_parsed tp;
691 struct gsm_mncc call_conf;
692 int rc;
693
694 gsm48_stop_cc_timer(trans);
695 gsm48_start_cc_timer(trans, 0x310, GSM48_T310);
696
697 memset(&call_conf, 0, sizeof(struct gsm_mncc));
698 call_conf.callref = trans->callref;
699
700 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
701#if 0
702 /* repeat */
703 if (TLVP_PRESENT(&tp, GSM48_IE_REPEAT_CIR))
704 call_conf.repeat = 1;
705 if (TLVP_PRESENT(&tp, GSM48_IE_REPEAT_SEQ))
706 call_conf.repeat = 2;
707#endif
708 /* bearer capability */
709 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
710 call_conf.fields |= MNCC_F_BEARER_CAP;
711 gsm48_decode_bearer_cap(&call_conf.bearer_cap,
712 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
713
714 /* Create a copy of the bearer capability
715 * in the transaction struct, so we can use
716 * this information later */
717 memcpy(&trans->bearer_cap,&call_conf.bearer_cap,
718 sizeof(trans->bearer_cap));
719 }
720 /* cause */
721 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
722 call_conf.fields |= MNCC_F_CAUSE;
723 gsm48_decode_cause(&call_conf.cause,
724 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
725 }
726 /* cc cap */
727 if (TLVP_PRESENT(&tp, GSM48_IE_CC_CAP)) {
728 call_conf.fields |= MNCC_F_CCCAP;
729 gsm48_decode_cccap(&call_conf.cccap,
730 TLVP_VAL(&tp, GSM48_IE_CC_CAP)-1);
731 }
732
733 /* IMSI of called subscriber */
734 OSMO_STRLCPY_ARRAY(call_conf.imsi, trans->vsub->imsi);
735
736 new_cc_state(trans, GSM_CSTATE_MO_TERM_CALL_CONF);
737
738 /* Assign call (if not done yet) */
739 if (trans->assignment_done == false) {
740 rc = msc_mgcp_call_assignment(trans);
741 trans->assignment_done = true;
742 }
743 else
744 rc = 0;
745
746 /* don't continue, if there were problems with
747 * the call assignment. */
748 if (rc)
749 return rc;
750
751 return mncc_recvmsg(trans->net, trans, MNCC_CALL_CONF_IND,
752 &call_conf);
753}
754
755static int gsm48_cc_tx_call_proc_and_assign(struct gsm_trans *trans, void *arg)
756{
757 struct gsm_mncc *proceeding = arg;
758 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC PROC");
759 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
760 int rc;
761
762 gh->msg_type = GSM48_MT_CC_CALL_PROC;
763
764 new_cc_state(trans, GSM_CSTATE_MO_CALL_PROC);
765
766 /* bearer capability */
767 if (proceeding->fields & MNCC_F_BEARER_CAP) {
768 gsm48_encode_bearer_cap(msg, 0, &proceeding->bearer_cap);
769 memcpy(&trans->bearer_cap, &proceeding->bearer_cap, sizeof(trans->bearer_cap));
770 }
771 /* facility */
772 if (proceeding->fields & MNCC_F_FACILITY)
773 gsm48_encode_facility(msg, 0, &proceeding->facility);
774 /* progress */
775 if (proceeding->fields & MNCC_F_PROGRESS)
776 gsm48_encode_progress(msg, 0, &proceeding->progress);
777
778 rc = gsm48_conn_sendmsg(msg, trans->conn, trans);
779 if (rc)
780 return rc;
781
782 /* Assign call (if not done yet) */
783 if (trans->assignment_done == false) {
784 rc = msc_mgcp_call_assignment(trans);
785 trans->assignment_done = true;
786 }
787 else
788 rc = 0;
789
790 return rc;
791}
792
793static int gsm48_cc_rx_alerting(struct gsm_trans *trans, struct msgb *msg)
794{
795 struct gsm48_hdr *gh = msgb_l3(msg);
796 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
797 struct tlv_parsed tp;
798 struct gsm_mncc alerting;
799
800 gsm48_stop_cc_timer(trans);
801 gsm48_start_cc_timer(trans, 0x301, GSM48_T301);
802
803 memset(&alerting, 0, sizeof(struct gsm_mncc));
804 alerting.callref = trans->callref;
805 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
806 /* facility */
807 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
808 alerting.fields |= MNCC_F_FACILITY;
809 gsm48_decode_facility(&alerting.facility,
810 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
811 }
812
813 /* progress */
814 if (TLVP_PRESENT(&tp, GSM48_IE_PROGR_IND)) {
815 alerting.fields |= MNCC_F_PROGRESS;
816 gsm48_decode_progress(&alerting.progress,
817 TLVP_VAL(&tp, GSM48_IE_PROGR_IND)-1);
818 }
819 /* ss-version */
820 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
821 alerting.fields |= MNCC_F_SSVERSION;
822 gsm48_decode_ssversion(&alerting.ssversion,
823 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
824 }
825
826 new_cc_state(trans, GSM_CSTATE_CALL_RECEIVED);
827
828 return mncc_recvmsg(trans->net, trans, MNCC_ALERT_IND,
829 &alerting);
830}
831
832static int gsm48_cc_tx_alerting(struct gsm_trans *trans, void *arg)
833{
834 struct gsm_mncc *alerting = arg;
835 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC ALERT");
836 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
837
838 gh->msg_type = GSM48_MT_CC_ALERTING;
839
840 /* facility */
841 if (alerting->fields & MNCC_F_FACILITY)
842 gsm48_encode_facility(msg, 0, &alerting->facility);
843 /* progress */
844 if (alerting->fields & MNCC_F_PROGRESS)
845 gsm48_encode_progress(msg, 0, &alerting->progress);
846 /* user-user */
847 if (alerting->fields & MNCC_F_USERUSER)
848 gsm48_encode_useruser(msg, 0, &alerting->useruser);
849
850 new_cc_state(trans, GSM_CSTATE_CALL_DELIVERED);
851
852 return gsm48_conn_sendmsg(msg, trans->conn, trans);
853}
854
855static int gsm48_cc_tx_progress(struct gsm_trans *trans, void *arg)
856{
857 struct gsm_mncc *progress = arg;
858 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC PROGRESS");
859 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
860
861 gh->msg_type = GSM48_MT_CC_PROGRESS;
862
863 /* progress */
864 gsm48_encode_progress(msg, 1, &progress->progress);
865 /* user-user */
866 if (progress->fields & MNCC_F_USERUSER)
867 gsm48_encode_useruser(msg, 0, &progress->useruser);
868
869 return gsm48_conn_sendmsg(msg, trans->conn, trans);
870}
871
872static int gsm48_cc_tx_connect(struct gsm_trans *trans, void *arg)
873{
874 struct gsm_mncc *connect = arg;
875 struct msgb *msg = gsm48_msgb_alloc_name("GSN 04.08 CC CON");
876 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
877
878 gh->msg_type = GSM48_MT_CC_CONNECT;
879
880 gsm48_stop_cc_timer(trans);
881 gsm48_start_cc_timer(trans, 0x313, GSM48_T313);
882
883 /* facility */
884 if (connect->fields & MNCC_F_FACILITY)
885 gsm48_encode_facility(msg, 0, &connect->facility);
886 /* progress */
887 if (connect->fields & MNCC_F_PROGRESS)
888 gsm48_encode_progress(msg, 0, &connect->progress);
889 /* connected number */
890 if (connect->fields & MNCC_F_CONNECTED)
891 gsm48_encode_connected(msg, &connect->connected);
892 /* user-user */
893 if (connect->fields & MNCC_F_USERUSER)
894 gsm48_encode_useruser(msg, 0, &connect->useruser);
895
896 new_cc_state(trans, GSM_CSTATE_CONNECT_IND);
897
898 return gsm48_conn_sendmsg(msg, trans->conn, trans);
899}
900
901static int gsm48_cc_rx_connect(struct gsm_trans *trans, struct msgb *msg)
902{
903 struct gsm48_hdr *gh = msgb_l3(msg);
904 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
905 struct tlv_parsed tp;
906 struct gsm_mncc connect;
907
908 gsm48_stop_cc_timer(trans);
909
910 memset(&connect, 0, sizeof(struct gsm_mncc));
911 connect.callref = trans->callref;
912 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
913 /* use subscriber as connected party number */
914 connect.fields |= MNCC_F_CONNECTED;
915 OSMO_STRLCPY_ARRAY(connect.connected.number, trans->vsub->msisdn);
916 OSMO_STRLCPY_ARRAY(connect.imsi, trans->vsub->imsi);
917
918 /* facility */
919 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
920 connect.fields |= MNCC_F_FACILITY;
921 gsm48_decode_facility(&connect.facility,
922 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
923 }
924 /* user-user */
925 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
926 connect.fields |= MNCC_F_USERUSER;
927 gsm48_decode_useruser(&connect.useruser,
928 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
929 }
930 /* ss-version */
931 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
932 connect.fields |= MNCC_F_SSVERSION;
933 gsm48_decode_ssversion(&connect.ssversion,
934 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
935 }
936
937 new_cc_state(trans, GSM_CSTATE_CONNECT_REQUEST);
938 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MT_CONNECT]);
939
940 return mncc_recvmsg(trans->net, trans, MNCC_SETUP_CNF, &connect);
941}
942
943
944static int gsm48_cc_rx_connect_ack(struct gsm_trans *trans, struct msgb *msg)
945{
946 struct gsm_mncc connect_ack;
947
948 gsm48_stop_cc_timer(trans);
949
950 new_cc_state(trans, GSM_CSTATE_ACTIVE);
951 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MO_CONNECT_ACK]);
952
953 memset(&connect_ack, 0, sizeof(struct gsm_mncc));
954 connect_ack.callref = trans->callref;
955
956 return mncc_recvmsg(trans->net, trans, MNCC_SETUP_COMPL_IND,
957 &connect_ack);
958}
959
960static int gsm48_cc_tx_connect_ack(struct gsm_trans *trans, void *arg)
961{
962 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC CON ACK");
963 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
964
965 gh->msg_type = GSM48_MT_CC_CONNECT_ACK;
966
967 new_cc_state(trans, GSM_CSTATE_ACTIVE);
968
969 return gsm48_conn_sendmsg(msg, trans->conn, trans);
970}
971
972static int gsm48_cc_rx_disconnect(struct gsm_trans *trans, struct msgb *msg)
973{
974 struct gsm48_hdr *gh = msgb_l3(msg);
975 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
976 struct tlv_parsed tp;
977 struct gsm_mncc disc;
978
979 gsm48_stop_cc_timer(trans);
980
981 new_cc_state(trans, GSM_CSTATE_DISCONNECT_REQ);
982
983 memset(&disc, 0, sizeof(struct gsm_mncc));
984 disc.callref = trans->callref;
985 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_CAUSE, 0);
986 /* cause */
987 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
988 disc.fields |= MNCC_F_CAUSE;
989 gsm48_decode_cause(&disc.cause,
990 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
991 }
992 /* facility */
993 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
994 disc.fields |= MNCC_F_FACILITY;
995 gsm48_decode_facility(&disc.facility,
996 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
997 }
998 /* user-user */
999 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1000 disc.fields |= MNCC_F_USERUSER;
1001 gsm48_decode_useruser(&disc.useruser,
1002 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1003 }
1004 /* ss-version */
1005 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1006 disc.fields |= MNCC_F_SSVERSION;
1007 gsm48_decode_ssversion(&disc.ssversion,
1008 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1009 }
1010
1011 return mncc_recvmsg(trans->net, trans, MNCC_DISC_IND, &disc);
1012
1013}
1014
1015static struct gsm_mncc_cause default_cause = {
1016 .location = GSM48_CAUSE_LOC_PRN_S_LU,
1017 .coding = 0,
1018 .rec = 0,
1019 .rec_val = 0,
1020 .value = GSM48_CC_CAUSE_NORMAL_UNSPEC,
1021 .diag_len = 0,
1022 .diag = { 0 },
1023};
1024
1025static int gsm48_cc_tx_disconnect(struct gsm_trans *trans, void *arg)
1026{
1027 struct gsm_mncc *disc = arg;
1028 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC DISC");
1029 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1030
1031 gh->msg_type = GSM48_MT_CC_DISCONNECT;
1032
1033 gsm48_stop_cc_timer(trans);
1034 gsm48_start_cc_timer(trans, 0x306, GSM48_T306);
1035
1036 /* cause */
1037 if (disc->fields & MNCC_F_CAUSE)
1038 gsm48_encode_cause(msg, 1, &disc->cause);
1039 else
1040 gsm48_encode_cause(msg, 1, &default_cause);
1041
1042 /* facility */
1043 if (disc->fields & MNCC_F_FACILITY)
1044 gsm48_encode_facility(msg, 0, &disc->facility);
1045 /* progress */
1046 if (disc->fields & MNCC_F_PROGRESS)
1047 gsm48_encode_progress(msg, 0, &disc->progress);
1048 /* user-user */
1049 if (disc->fields & MNCC_F_USERUSER)
1050 gsm48_encode_useruser(msg, 0, &disc->useruser);
1051
1052 /* store disconnect cause for T306 expiry */
1053 memcpy(&trans->cc.msg, disc, sizeof(struct gsm_mncc));
1054
1055 new_cc_state(trans, GSM_CSTATE_DISCONNECT_IND);
1056
1057 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1058}
1059
1060static int gsm48_cc_rx_release(struct gsm_trans *trans, struct msgb *msg)
1061{
1062 struct gsm48_hdr *gh = msgb_l3(msg);
1063 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1064 struct tlv_parsed tp;
1065 struct gsm_mncc rel;
1066 int rc;
1067
1068 gsm48_stop_cc_timer(trans);
1069
1070 memset(&rel, 0, sizeof(struct gsm_mncc));
1071 rel.callref = trans->callref;
1072 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1073 /* cause */
1074 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1075 rel.fields |= MNCC_F_CAUSE;
1076 gsm48_decode_cause(&rel.cause,
1077 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1078 }
1079 /* facility */
1080 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1081 rel.fields |= MNCC_F_FACILITY;
1082 gsm48_decode_facility(&rel.facility,
1083 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1084 }
1085 /* user-user */
1086 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1087 rel.fields |= MNCC_F_USERUSER;
1088 gsm48_decode_useruser(&rel.useruser,
1089 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1090 }
1091 /* ss-version */
1092 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1093 rel.fields |= MNCC_F_SSVERSION;
1094 gsm48_decode_ssversion(&rel.ssversion,
1095 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1096 }
1097
1098 if (trans->cc.state == GSM_CSTATE_RELEASE_REQ) {
1099 /* release collision 5.4.5 */
1100 rc = mncc_recvmsg(trans->net, trans, MNCC_REL_CNF, &rel);
1101 } else {
1102 rc = gsm48_tx_simple(trans->conn,
1103 GSM48_PDISC_CC | (trans->transaction_id << 4),
1104 GSM48_MT_CC_RELEASE_COMPL);
1105 rc = mncc_recvmsg(trans->net, trans, MNCC_REL_IND, &rel);
1106 }
1107
1108 new_cc_state(trans, GSM_CSTATE_NULL);
1109
1110 trans->callref = 0;
1111 trans_free(trans);
1112
1113 return rc;
1114}
1115
1116static int gsm48_cc_tx_release(struct gsm_trans *trans, void *arg)
1117{
1118 struct gsm_mncc *rel = arg;
1119 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC REL");
1120 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1121
1122 gh->msg_type = GSM48_MT_CC_RELEASE;
1123
1124 gsm48_stop_cc_timer(trans);
1125 gsm48_start_cc_timer(trans, 0x308, GSM48_T308);
1126
1127 /* cause */
1128 if (rel->fields & MNCC_F_CAUSE)
1129 gsm48_encode_cause(msg, 0, &rel->cause);
1130 /* facility */
1131 if (rel->fields & MNCC_F_FACILITY)
1132 gsm48_encode_facility(msg, 0, &rel->facility);
1133 /* user-user */
1134 if (rel->fields & MNCC_F_USERUSER)
1135 gsm48_encode_useruser(msg, 0, &rel->useruser);
1136
1137 trans->cc.T308_second = 0;
1138 memcpy(&trans->cc.msg, rel, sizeof(struct gsm_mncc));
1139
1140 if (trans->cc.state != GSM_CSTATE_RELEASE_REQ)
1141 new_cc_state(trans, GSM_CSTATE_RELEASE_REQ);
1142
1143 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1144}
1145
1146static int gsm48_cc_rx_release_compl(struct gsm_trans *trans, struct msgb *msg)
1147{
1148 struct gsm48_hdr *gh = msgb_l3(msg);
1149 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1150 struct tlv_parsed tp;
1151 struct gsm_mncc rel;
1152 int rc = 0;
1153
1154 gsm48_stop_cc_timer(trans);
1155
1156 memset(&rel, 0, sizeof(struct gsm_mncc));
1157 rel.callref = trans->callref;
1158 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1159 /* cause */
1160 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1161 rel.fields |= MNCC_F_CAUSE;
1162 gsm48_decode_cause(&rel.cause,
1163 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1164 }
1165 /* facility */
1166 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1167 rel.fields |= MNCC_F_FACILITY;
1168 gsm48_decode_facility(&rel.facility,
1169 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1170 }
1171 /* user-user */
1172 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1173 rel.fields |= MNCC_F_USERUSER;
1174 gsm48_decode_useruser(&rel.useruser,
1175 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1176 }
1177 /* ss-version */
1178 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1179 rel.fields |= MNCC_F_SSVERSION;
1180 gsm48_decode_ssversion(&rel.ssversion,
1181 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1182 }
1183
1184 if (trans->callref) {
1185 switch (trans->cc.state) {
1186 case GSM_CSTATE_CALL_PRESENT:
1187 rc = mncc_recvmsg(trans->net, trans,
1188 MNCC_REJ_IND, &rel);
1189 break;
1190 case GSM_CSTATE_RELEASE_REQ:
1191 rc = mncc_recvmsg(trans->net, trans,
1192 MNCC_REL_CNF, &rel);
1193 break;
1194 default:
1195 rc = mncc_recvmsg(trans->net, trans,
1196 MNCC_REL_IND, &rel);
1197 }
1198 }
1199
1200 trans->callref = 0;
1201 trans_free(trans);
1202
1203 return rc;
1204}
1205
1206static int gsm48_cc_tx_release_compl(struct gsm_trans *trans, void *arg)
1207{
1208 struct gsm_mncc *rel = arg;
1209 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC REL COMPL");
1210 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1211 int ret;
1212
1213 gh->msg_type = GSM48_MT_CC_RELEASE_COMPL;
1214
1215 trans->callref = 0;
1216
1217 gsm48_stop_cc_timer(trans);
1218
1219 /* cause */
1220 if (rel->fields & MNCC_F_CAUSE)
1221 gsm48_encode_cause(msg, 0, &rel->cause);
1222 /* facility */
1223 if (rel->fields & MNCC_F_FACILITY)
1224 gsm48_encode_facility(msg, 0, &rel->facility);
1225 /* user-user */
1226 if (rel->fields & MNCC_F_USERUSER)
1227 gsm48_encode_useruser(msg, 0, &rel->useruser);
1228
1229 ret = gsm48_conn_sendmsg(msg, trans->conn, trans);
1230
1231 trans_free(trans);
1232
1233 return ret;
1234}
1235
1236static int gsm48_cc_rx_facility(struct gsm_trans *trans, struct msgb *msg)
1237{
1238 struct gsm48_hdr *gh = msgb_l3(msg);
1239 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1240 struct tlv_parsed tp;
1241 struct gsm_mncc fac;
1242
1243 memset(&fac, 0, sizeof(struct gsm_mncc));
1244 fac.callref = trans->callref;
1245 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_FACILITY, 0);
1246 /* facility */
1247 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1248 fac.fields |= MNCC_F_FACILITY;
1249 gsm48_decode_facility(&fac.facility,
1250 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1251 }
1252 /* ss-version */
1253 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1254 fac.fields |= MNCC_F_SSVERSION;
1255 gsm48_decode_ssversion(&fac.ssversion,
1256 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1257 }
1258
1259 return mncc_recvmsg(trans->net, trans, MNCC_FACILITY_IND, &fac);
1260}
1261
1262static int gsm48_cc_tx_facility(struct gsm_trans *trans, void *arg)
1263{
1264 struct gsm_mncc *fac = arg;
1265 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC FAC");
1266 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1267
1268 gh->msg_type = GSM48_MT_CC_FACILITY;
1269
1270 /* facility */
1271 gsm48_encode_facility(msg, 1, &fac->facility);
1272
1273 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1274}
1275
1276static int gsm48_cc_rx_hold(struct gsm_trans *trans, struct msgb *msg)
1277{
1278 struct gsm_mncc hold;
1279
1280 memset(&hold, 0, sizeof(struct gsm_mncc));
1281 hold.callref = trans->callref;
1282 return mncc_recvmsg(trans->net, trans, MNCC_HOLD_IND, &hold);
1283}
1284
1285static int gsm48_cc_tx_hold_ack(struct gsm_trans *trans, void *arg)
1286{
1287 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC HLD ACK");
1288 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1289
1290 gh->msg_type = GSM48_MT_CC_HOLD_ACK;
1291
1292 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1293}
1294
1295static int gsm48_cc_tx_hold_rej(struct gsm_trans *trans, void *arg)
1296{
1297 struct gsm_mncc *hold_rej = arg;
1298 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC HLD REJ");
1299 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1300
1301 gh->msg_type = GSM48_MT_CC_HOLD_REJ;
1302
1303 /* cause */
1304 if (hold_rej->fields & MNCC_F_CAUSE)
1305 gsm48_encode_cause(msg, 1, &hold_rej->cause);
1306 else
1307 gsm48_encode_cause(msg, 1, &default_cause);
1308
1309 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1310}
1311
1312static int gsm48_cc_rx_retrieve(struct gsm_trans *trans, struct msgb *msg)
1313{
1314 struct gsm_mncc retrieve;
1315
1316 memset(&retrieve, 0, sizeof(struct gsm_mncc));
1317 retrieve.callref = trans->callref;
1318 return mncc_recvmsg(trans->net, trans, MNCC_RETRIEVE_IND,
1319 &retrieve);
1320}
1321
1322static int gsm48_cc_tx_retrieve_ack(struct gsm_trans *trans, void *arg)
1323{
1324 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC RETR ACK");
1325 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1326
1327 gh->msg_type = GSM48_MT_CC_RETR_ACK;
1328
1329 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1330}
1331
1332static int gsm48_cc_tx_retrieve_rej(struct gsm_trans *trans, void *arg)
1333{
1334 struct gsm_mncc *retrieve_rej = arg;
1335 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC RETR REJ");
1336 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1337
1338 gh->msg_type = GSM48_MT_CC_RETR_REJ;
1339
1340 /* cause */
1341 if (retrieve_rej->fields & MNCC_F_CAUSE)
1342 gsm48_encode_cause(msg, 1, &retrieve_rej->cause);
1343 else
1344 gsm48_encode_cause(msg, 1, &default_cause);
1345
1346 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1347}
1348
1349static int gsm48_cc_rx_start_dtmf(struct gsm_trans *trans, struct msgb *msg)
1350{
1351 struct gsm48_hdr *gh = msgb_l3(msg);
1352 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1353 struct tlv_parsed tp;
1354 struct gsm_mncc dtmf;
1355
1356 memset(&dtmf, 0, sizeof(struct gsm_mncc));
1357 dtmf.callref = trans->callref;
1358 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1359 /* keypad facility */
1360 if (TLVP_PRESENT(&tp, GSM48_IE_KPD_FACILITY)) {
1361 dtmf.fields |= MNCC_F_KEYPAD;
1362 gsm48_decode_keypad(&dtmf.keypad,
1363 TLVP_VAL(&tp, GSM48_IE_KPD_FACILITY)-1);
1364 }
1365
1366 return mncc_recvmsg(trans->net, trans, MNCC_START_DTMF_IND, &dtmf);
1367}
1368
1369static int gsm48_cc_tx_start_dtmf_ack(struct gsm_trans *trans, void *arg)
1370{
1371 struct gsm_mncc *dtmf = arg;
1372 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF ACK");
1373 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1374
1375 gh->msg_type = GSM48_MT_CC_START_DTMF_ACK;
1376
1377 /* keypad */
1378 if (dtmf->fields & MNCC_F_KEYPAD)
1379 gsm48_encode_keypad(msg, dtmf->keypad);
1380
1381 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1382}
1383
1384static int gsm48_cc_tx_start_dtmf_rej(struct gsm_trans *trans, void *arg)
1385{
1386 struct gsm_mncc *dtmf = arg;
1387 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF REJ");
1388 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1389
1390 gh->msg_type = GSM48_MT_CC_START_DTMF_REJ;
1391
1392 /* cause */
1393 if (dtmf->fields & MNCC_F_CAUSE)
1394 gsm48_encode_cause(msg, 1, &dtmf->cause);
1395 else
1396 gsm48_encode_cause(msg, 1, &default_cause);
1397
1398 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1399}
1400
1401static int gsm48_cc_tx_stop_dtmf_ack(struct gsm_trans *trans, void *arg)
1402{
1403 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF STP ACK");
1404 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1405
1406 gh->msg_type = GSM48_MT_CC_STOP_DTMF_ACK;
1407
1408 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1409}
1410
1411static int gsm48_cc_rx_stop_dtmf(struct gsm_trans *trans, struct msgb *msg)
1412{
1413 struct gsm_mncc dtmf;
1414
1415 memset(&dtmf, 0, sizeof(struct gsm_mncc));
1416 dtmf.callref = trans->callref;
1417
1418 return mncc_recvmsg(trans->net, trans, MNCC_STOP_DTMF_IND, &dtmf);
1419}
1420
1421static int gsm48_cc_rx_modify(struct gsm_trans *trans, struct msgb *msg)
1422{
1423 struct gsm48_hdr *gh = msgb_l3(msg);
1424 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1425 struct tlv_parsed tp;
1426 struct gsm_mncc modify;
1427
1428 memset(&modify, 0, sizeof(struct gsm_mncc));
1429 modify.callref = trans->callref;
1430 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, 0);
1431 /* bearer capability */
1432 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1433 modify.fields |= MNCC_F_BEARER_CAP;
1434 gsm48_decode_bearer_cap(&modify.bearer_cap,
1435 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1436
1437 /* Create a copy of the bearer capability
1438 * in the transaction struct, so we can use
1439 * this information later */
1440 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1441 sizeof(trans->bearer_cap));
1442 }
1443
1444 new_cc_state(trans, GSM_CSTATE_MO_ORIG_MODIFY);
1445
1446 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_IND, &modify);
1447}
1448
1449static int gsm48_cc_tx_modify(struct gsm_trans *trans, void *arg)
1450{
1451 struct gsm_mncc *modify = arg;
1452 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD");
1453 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1454
1455 gh->msg_type = GSM48_MT_CC_MODIFY;
1456
1457 gsm48_start_cc_timer(trans, 0x323, GSM48_T323);
1458
1459 /* bearer capability */
1460 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1461 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1462
1463 new_cc_state(trans, GSM_CSTATE_MO_TERM_MODIFY);
1464
1465 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1466}
1467
1468static int gsm48_cc_rx_modify_complete(struct gsm_trans *trans, struct msgb *msg)
1469{
1470 struct gsm48_hdr *gh = msgb_l3(msg);
1471 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1472 struct tlv_parsed tp;
1473 struct gsm_mncc modify;
1474
1475 gsm48_stop_cc_timer(trans);
1476
1477 memset(&modify, 0, sizeof(struct gsm_mncc));
1478 modify.callref = trans->callref;
1479 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, 0);
1480 /* bearer capability */
1481 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1482 modify.fields |= MNCC_F_BEARER_CAP;
1483 gsm48_decode_bearer_cap(&modify.bearer_cap,
1484 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1485
1486 /* Create a copy of the bearer capability
1487 * in the transaction struct, so we can use
1488 * this information later */
1489 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1490 sizeof(trans->bearer_cap));
1491 }
1492
1493 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1494
1495 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_CNF, &modify);
1496}
1497
1498static int gsm48_cc_tx_modify_complete(struct gsm_trans *trans, void *arg)
1499{
1500 struct gsm_mncc *modify = arg;
1501 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD COMPL");
1502 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1503
1504 gh->msg_type = GSM48_MT_CC_MODIFY_COMPL;
1505
1506 /* bearer capability */
1507 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1508 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1509
1510 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1511
1512 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1513}
1514
1515static int gsm48_cc_rx_modify_reject(struct gsm_trans *trans, struct msgb *msg)
1516{
1517 struct gsm48_hdr *gh = msgb_l3(msg);
1518 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1519 struct tlv_parsed tp;
1520 struct gsm_mncc modify;
1521
1522 gsm48_stop_cc_timer(trans);
1523
1524 memset(&modify, 0, sizeof(struct gsm_mncc));
1525 modify.callref = trans->callref;
1526 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, GSM48_IE_CAUSE);
1527 /* bearer capability */
1528 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1529 modify.fields |= GSM48_IE_BEARER_CAP;
1530 gsm48_decode_bearer_cap(&modify.bearer_cap,
1531 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1532
1533 /* Create a copy of the bearer capability
1534 * in the transaction struct, so we can use
1535 * this information later */
1536 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1537 sizeof(trans->bearer_cap));
1538 }
1539 /* cause */
1540 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1541 modify.fields |= MNCC_F_CAUSE;
1542 gsm48_decode_cause(&modify.cause,
1543 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1544 }
1545
1546 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1547
1548 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_REJ, &modify);
1549}
1550
1551static int gsm48_cc_tx_modify_reject(struct gsm_trans *trans, void *arg)
1552{
1553 struct gsm_mncc *modify = arg;
1554 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD REJ");
1555 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1556
1557 gh->msg_type = GSM48_MT_CC_MODIFY_REJECT;
1558
1559 /* bearer capability */
1560 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1561 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1562 /* cause */
1563 gsm48_encode_cause(msg, 1, &modify->cause);
1564
1565 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1566
1567 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1568}
1569
1570static int gsm48_cc_tx_notify(struct gsm_trans *trans, void *arg)
1571{
1572 struct gsm_mncc *notify = arg;
1573 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC NOT");
1574 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1575
1576 gh->msg_type = GSM48_MT_CC_NOTIFY;
1577
1578 /* notify */
1579 gsm48_encode_notify(msg, notify->notify);
1580
1581 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1582}
1583
1584static int gsm48_cc_rx_notify(struct gsm_trans *trans, struct msgb *msg)
1585{
1586 struct gsm48_hdr *gh = msgb_l3(msg);
1587 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1588// struct tlv_parsed tp;
1589 struct gsm_mncc notify;
1590
1591 memset(&notify, 0, sizeof(struct gsm_mncc));
1592 notify.callref = trans->callref;
1593// tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len);
1594 if (payload_len >= 1)
1595 gsm48_decode_notify(&notify.notify, gh->data);
1596
1597 return mncc_recvmsg(trans->net, trans, MNCC_NOTIFY_IND, &notify);
1598}
1599
1600static int gsm48_cc_tx_userinfo(struct gsm_trans *trans, void *arg)
1601{
1602 struct gsm_mncc *user = arg;
1603 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 USR INFO");
1604 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1605
1606 gh->msg_type = GSM48_MT_CC_USER_INFO;
1607
1608 /* user-user */
1609 if (user->fields & MNCC_F_USERUSER)
1610 gsm48_encode_useruser(msg, 1, &user->useruser);
1611 /* more data */
1612 if (user->more)
1613 gsm48_encode_more(msg);
1614
1615 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1616}
1617
1618static int gsm48_cc_rx_userinfo(struct gsm_trans *trans, struct msgb *msg)
1619{
1620 struct gsm48_hdr *gh = msgb_l3(msg);
1621 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1622 struct tlv_parsed tp;
1623 struct gsm_mncc user;
1624
1625 memset(&user, 0, sizeof(struct gsm_mncc));
1626 user.callref = trans->callref;
1627 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_USER_USER, 0);
1628 /* user-user */
1629 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1630 user.fields |= MNCC_F_USERUSER;
1631 gsm48_decode_useruser(&user.useruser,
1632 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1633 }
1634 /* more data */
1635 if (TLVP_PRESENT(&tp, GSM48_IE_MORE_DATA))
1636 user.more = 1;
1637
1638 return mncc_recvmsg(trans->net, trans, MNCC_USERINFO_IND, &user);
1639}
1640
1641static void mncc_recv_rtp(struct gsm_network *net, uint32_t callref,
1642 int cmd, uint32_t addr, uint16_t port, uint32_t payload_type,
1643 uint32_t payload_msg_type)
1644{
1645 uint8_t data[sizeof(struct gsm_mncc)];
1646 struct gsm_mncc_rtp *rtp;
1647
1648 memset(&data, 0, sizeof(data));
1649 rtp = (struct gsm_mncc_rtp *) &data[0];
1650
1651 rtp->callref = callref;
1652 rtp->msg_type = cmd;
Philipp Maiere2497f72018-09-28 10:37:17 +0200[diff] [blame]1653 rtp->ip = osmo_htonl(addr);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1654 rtp->port = port;
1655 rtp->payload_type = payload_type;
1656 rtp->payload_msg_type = payload_msg_type;
1657 mncc_recvmsg(net, NULL, cmd, (struct gsm_mncc *)data);
1658}
1659
1660static void mncc_recv_rtp_sock(struct gsm_network *net, struct gsm_trans *trans, int cmd)
1661{
1662 int msg_type;
1663
1664 /* FIXME This has to be set to some meaningful value.
1665 * Possible options are:
1666 * GSM_TCHF_FRAME, GSM_TCHF_FRAME_EFR,
1667 * GSM_TCHH_FRAME, GSM_TCH_FRAME_AMR
1668 * (0 if unknown) */
1669 msg_type = GSM_TCHF_FRAME;
1670
1671 uint32_t addr = inet_addr(trans->conn->rtp.local_addr_cn);
1672 uint16_t port = trans->conn->rtp.local_port_cn;
1673
1674 LOGP(DMNCC, LOGL_ERROR, "RTP create for non-existing trans\n");
1675
1676 if (addr == INADDR_NONE) {
1677 LOGP(DMNCC, LOGL_ERROR,
1678 "(subscriber:%s) external MNCC is signalling invalid IP-Address\n",
1679 vlr_subscr_name(trans->vsub));
1680 return;
1681 }
1682 if (port == 0) {
1683 LOGP(DMNCC, LOGL_ERROR,
1684 "(subscriber:%s) external MNCC is signalling invalid Port\n",
1685 vlr_subscr_name(trans->vsub));
1686 return;
1687 }
1688
1689 /* FIXME: This has to be set to some meaningful value,
1690 * before the MSC-Split, this value was pulled from
1691 * lchan->abis_ip.rtp_payload */
1692 uint32_t payload_type = 0;
1693
1694 return mncc_recv_rtp(net, trans->callref, cmd,
1695 addr,
1696 port,
1697 payload_type,
1698 msg_type);
1699}
1700
1701static void mncc_recv_rtp_err(struct gsm_network *net, uint32_t callref, int cmd)
1702{
1703 return mncc_recv_rtp(net, callref, cmd, 0, 0, 0, 0);
1704}
1705
1706static int tch_rtp_create(struct gsm_network *net, uint32_t callref)
1707{
1708 struct gsm_trans *trans;
1709 int rc;
1710
1711 /* Find callref */
1712 trans = trans_find_by_callref(net, callref);
1713 if (!trans) {
1714 LOGP(DMNCC, LOGL_ERROR, "RTP create for non-existing trans\n");
1715 mncc_recv_rtp_err(net, callref, MNCC_RTP_CREATE);
1716 return -EIO;
1717 }
1718 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1719 if (!trans->conn) {
1720 LOGP(DMNCC, LOGL_NOTICE, "RTP create for trans without conn\n");
1721 mncc_recv_rtp_err(net, callref, MNCC_RTP_CREATE);
1722 return 0;
1723 }
1724
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1725 /* When we call msc_mgcp_call_assignment() we will trigger, depending
1726 * on the RAN type the call assignment on the A or Iu interface.
1727 * msc_mgcp_call_assignment() also takes care about sending the CRCX
1728 * command to the MGCP-GW. The CRCX will return the port number,
1729 * where the PBX (e.g. Asterisk) will send its RTP stream to. We
1730 * have to return this port number back to the MNCC by sending
1731 * it back with the TCH_RTP_CREATE message. To make sure that
1732 * this message is sent AFTER the response to CRCX from the
1733 * MGCP-GW has arrived, we need will instruct msc_mgcp_call_assignment()
1734 * to take care of this by setting trans->tch_rtp_create to true.
1735 * This will make sure that gsm48_tch_rtp_create() (below) is
1736 * called as soon as the local port number has become known. */
1737 trans->tch_rtp_create = true;
1738
1739 /* Assign call (if not done yet) */
1740 if (trans->assignment_done == false) {
1741 rc = msc_mgcp_call_assignment(trans);
1742 trans->assignment_done = true;
1743 }
1744 else
1745 rc = 0;
1746
1747 return rc;
1748}
1749
1750/* Trigger TCH_RTP_CREATE acknowledgement */
1751int gsm48_tch_rtp_create(struct gsm_trans *trans)
1752{
1753 /* This function is called as soon as the port, on which the
1754 * mgcp-gw expects the incoming RTP stream from the remote
1755 * end (e.g. Asterisk) is known. */
1756
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]1757 struct ran_conn *conn = trans->conn;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1758 struct gsm_network *network = conn->network;
1759
1760 mncc_recv_rtp_sock(network, trans, MNCC_RTP_CREATE);
1761 return 0;
1762}
1763
1764static int tch_rtp_connect(struct gsm_network *net, void *arg)
1765{
1766 struct gsm_trans *trans;
1767 struct gsm_mncc_rtp *rtp = arg;
1768 struct in_addr addr;
1769
Philipp Maier8ad3dac2018-08-07 13:00:14 +0200[diff] [blame]1770 /* FIXME: in *rtp we should get the codec information of the remote
1771 * leg. We will have to populate trans->conn->rtp.codec_cn with a
1772 * meaningful value based on this information but unfortunately we
1773 * can't do that yet because the mncc API can not signal dynamic
1774 * payload types yet. This must be fixed first. Also there may be
1775 * additional members necessary in trans->conn->rtp because we
1776 * somehow need to deal with dynamic payload types that do not
1777 * comply to 3gpp's assumptions of payload type numbers on the A
1778 * interface. See also related tickets: OS#3399 and OS1683 */
1779
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1780 /* Find callref */
1781 trans = trans_find_by_callref(net, rtp->callref);
1782 if (!trans) {
1783 LOGP(DMNCC, LOGL_ERROR, "RTP connect for non-existing trans\n");
1784 mncc_recv_rtp_err(net, rtp->callref, MNCC_RTP_CONNECT);
1785 return -EIO;
1786 }
1787 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1788 if (!trans->conn) {
1789 LOGP(DMNCC, LOGL_ERROR, "RTP connect for trans without conn\n");
1790 mncc_recv_rtp_err(net, rtp->callref, MNCC_RTP_CONNECT);
1791 return 0;
1792 }
1793
1794 addr.s_addr = osmo_htonl(rtp->ip);
1795 return msc_mgcp_call_complete(trans, rtp->port, inet_ntoa(addr));
1796}
1797
1798static struct downstate {
1799 uint32_t states;
1800 int type;
1801 int (*rout) (struct gsm_trans *trans, void *arg);
1802} downstatelist[] = {
1803 /* mobile originating call establishment */
1804 {SBIT(GSM_CSTATE_INITIATED), /* 5.2.1.2 */
1805 MNCC_CALL_PROC_REQ, gsm48_cc_tx_call_proc_and_assign},
1806 {SBIT(GSM_CSTATE_INITIATED) | SBIT(GSM_CSTATE_MO_CALL_PROC), /* 5.2.1.2 | 5.2.1.5 */
1807 MNCC_ALERT_REQ, gsm48_cc_tx_alerting},
1808 {SBIT(GSM_CSTATE_INITIATED) | SBIT(GSM_CSTATE_MO_CALL_PROC) | SBIT(GSM_CSTATE_CALL_DELIVERED), /* 5.2.1.2 | 5.2.1.6 | 5.2.1.6 */
1809 MNCC_SETUP_RSP, gsm48_cc_tx_connect},
1810 {SBIT(GSM_CSTATE_MO_CALL_PROC), /* 5.2.1.4.2 */
1811 MNCC_PROGRESS_REQ, gsm48_cc_tx_progress},
1812 /* mobile terminating call establishment */
1813 {SBIT(GSM_CSTATE_NULL), /* 5.2.2.1 */
1814 MNCC_SETUP_REQ, gsm48_cc_tx_setup},
1815 {SBIT(GSM_CSTATE_CONNECT_REQUEST),
1816 MNCC_SETUP_COMPL_REQ, gsm48_cc_tx_connect_ack},
1817 /* signalling during call */
1818 {SBIT(GSM_CSTATE_ACTIVE),
1819 MNCC_NOTIFY_REQ, gsm48_cc_tx_notify},
1820 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ),
1821 MNCC_FACILITY_REQ, gsm48_cc_tx_facility},
1822 {ALL_STATES,
1823 MNCC_START_DTMF_RSP, gsm48_cc_tx_start_dtmf_ack},
1824 {ALL_STATES,
1825 MNCC_START_DTMF_REJ, gsm48_cc_tx_start_dtmf_rej},
1826 {ALL_STATES,
1827 MNCC_STOP_DTMF_RSP, gsm48_cc_tx_stop_dtmf_ack},
1828 {SBIT(GSM_CSTATE_ACTIVE),
1829 MNCC_HOLD_CNF, gsm48_cc_tx_hold_ack},
1830 {SBIT(GSM_CSTATE_ACTIVE),
1831 MNCC_HOLD_REJ, gsm48_cc_tx_hold_rej},
1832 {SBIT(GSM_CSTATE_ACTIVE),
1833 MNCC_RETRIEVE_CNF, gsm48_cc_tx_retrieve_ack},
1834 {SBIT(GSM_CSTATE_ACTIVE),
1835 MNCC_RETRIEVE_REJ, gsm48_cc_tx_retrieve_rej},
1836 {SBIT(GSM_CSTATE_ACTIVE),
1837 MNCC_MODIFY_REQ, gsm48_cc_tx_modify},
1838 {SBIT(GSM_CSTATE_MO_ORIG_MODIFY),
1839 MNCC_MODIFY_RSP, gsm48_cc_tx_modify_complete},
1840 {SBIT(GSM_CSTATE_MO_ORIG_MODIFY),
1841 MNCC_MODIFY_REJ, gsm48_cc_tx_modify_reject},
1842 {SBIT(GSM_CSTATE_ACTIVE),
1843 MNCC_USERINFO_REQ, gsm48_cc_tx_userinfo},
1844 /* clearing */
1845 {SBIT(GSM_CSTATE_INITIATED),
1846 MNCC_REJ_REQ, gsm48_cc_tx_release_compl},
1847 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_DISCONNECT_IND) - SBIT(GSM_CSTATE_RELEASE_REQ) - SBIT(GSM_CSTATE_DISCONNECT_REQ), /* 5.4.4 */
1848 MNCC_DISC_REQ, gsm48_cc_tx_disconnect},
1849 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ), /* 5.4.3.2 */
1850 MNCC_REL_REQ, gsm48_cc_tx_release},
1851};
1852
1853#define DOWNSLLEN \
1854 (sizeof(downstatelist) / sizeof(struct downstate))
1855
1856
1857int mncc_tx_to_cc(struct gsm_network *net, int msg_type, void *arg)
1858{
1859 int i, rc = 0;
1860 struct gsm_trans *trans = NULL, *transt;
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]1861 struct ran_conn *conn = NULL;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1862 struct gsm_mncc *data = arg, rel;
1863
1864 DEBUGP(DMNCC, "receive message %s\n", get_mncc_name(msg_type));
1865
1866 /* handle special messages */
1867 switch(msg_type) {
1868 case MNCC_BRIDGE:
1869 rc = tch_bridge(net, arg);
1870 if (rc < 0)
1871 disconnect_bridge(net, arg, -rc);
1872 return rc;
1873 case MNCC_RTP_CREATE:
1874 return tch_rtp_create(net, data->callref);
1875 case MNCC_RTP_CONNECT:
1876 return tch_rtp_connect(net, arg);
1877 case MNCC_RTP_FREE:
1878 /* unused right now */
1879 return -EIO;
1880
1881 case MNCC_FRAME_DROP:
1882 case MNCC_FRAME_RECV:
1883 case GSM_TCHF_FRAME:
1884 case GSM_TCHF_FRAME_EFR:
1885 case GSM_TCHH_FRAME:
1886 case GSM_TCH_FRAME_AMR:
1887 LOGP(DMNCC, LOGL_ERROR, "RTP streams must be handled externally; %s not supported.\n",
1888 get_mncc_name(msg_type));
1889 return -ENOTSUP;
1890 }
1891
1892 memset(&rel, 0, sizeof(struct gsm_mncc));
1893 rel.callref = data->callref;
1894
1895 /* Find callref */
1896 trans = trans_find_by_callref(net, data->callref);
1897
1898 /* Callref unknown */
1899 if (!trans) {
1900 struct vlr_subscr *vsub;
1901
1902 if (msg_type != MNCC_SETUP_REQ) {
1903 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1904 "Received '%s' from MNCC with "
1905 "unknown callref %d\n", data->called.number,
1906 get_mncc_name(msg_type), data->callref);
1907 /* Invalid call reference */
1908 return mncc_release_ind(net, NULL, data->callref,
1909 GSM48_CAUSE_LOC_PRN_S_LU,
1910 GSM48_CC_CAUSE_INVAL_TRANS_ID);
1911 }
1912 if (!data->called.number[0] && !data->imsi[0]) {
1913 DEBUGP(DCC, "(bts - trx - ts - ti) "
1914 "Received '%s' from MNCC with "
1915 "no number or IMSI\n", get_mncc_name(msg_type));
1916 /* Invalid number */
1917 return mncc_release_ind(net, NULL, data->callref,
1918 GSM48_CAUSE_LOC_PRN_S_LU,
1919 GSM48_CC_CAUSE_INV_NR_FORMAT);
1920 }
1921 /* New transaction due to setup, find subscriber */
1922 if (data->called.number[0])
1923 vsub = vlr_subscr_find_by_msisdn(net->vlr,
1924 data->called.number);
1925 else
1926 vsub = vlr_subscr_find_by_imsi(net->vlr, data->imsi);
1927
1928 /* update the subscriber we deal with */
1929 log_set_context(LOG_CTX_VLR_SUBSCR, vsub);
1930
1931 /* If subscriber is not found */
1932 if (!vsub) {
1933 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1934 "Received '%s' from MNCC with "
1935 "unknown subscriber %s\n", data->called.number,
1936 get_mncc_name(msg_type), data->called.number);
1937 /* Unknown subscriber */
1938 return mncc_release_ind(net, NULL, data->callref,
1939 GSM48_CAUSE_LOC_PRN_S_LU,
1940 GSM48_CC_CAUSE_UNASSIGNED_NR);
1941 }
1942 /* If subscriber is not "attached" */
1943 if (!vsub->lac) {
1944 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1945 "Received '%s' from MNCC with "
1946 "detached subscriber %s\n", data->called.number,
1947 get_mncc_name(msg_type), vlr_subscr_name(vsub));
1948 vlr_subscr_put(vsub);
1949 /* Temporarily out of order */
1950 return mncc_release_ind(net, NULL, data->callref,
1951 GSM48_CAUSE_LOC_PRN_S_LU,
1952 GSM48_CC_CAUSE_DEST_OOO);
1953 }
1954 /* Create transaction */
1955 trans = trans_alloc(net, vsub, GSM48_PDISC_CC, 0xff, data->callref);
1956 if (!trans) {
1957 DEBUGP(DCC, "No memory for trans.\n");
1958 vlr_subscr_put(vsub);
1959 /* Ressource unavailable */
1960 mncc_release_ind(net, NULL, data->callref,
1961 GSM48_CAUSE_LOC_PRN_S_LU,
1962 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
1963 return -ENOMEM;
1964 }
1965
1966 /* Find conn */
1967 conn = connection_for_subscr(vsub);
1968
1969 /* If subscriber has no conn */
1970 if (!conn) {
1971 /* find transaction with this subscriber already paging */
1972 llist_for_each_entry(transt, &net->trans_list, entry) {
1973 /* Transaction of our conn? */
1974 if (transt == trans ||
1975 transt->vsub != vsub)
1976 continue;
1977 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1978 "Received '%s' from MNCC with "
1979 "unallocated channel, paging already "
1980 "started for lac %d.\n",
1981 data->called.number,
1982 get_mncc_name(msg_type), vsub->lac);
1983 vlr_subscr_put(vsub);
1984 trans_free(trans);
1985 return 0;
1986 }
1987 /* store setup information until paging succeeds */
1988 memcpy(&trans->cc.msg, data, sizeof(struct gsm_mncc));
1989
1990 /* Request a channel */
1991 trans->paging_request = subscr_request_conn(
1992 vsub,
1993 setup_trig_pag_evt,
1994 trans,
1995 "MNCC: establish call");
1996 if (!trans->paging_request) {
1997 LOGP(DCC, LOGL_ERROR, "Failed to allocate paging token.\n");
1998 vlr_subscr_put(vsub);
1999 trans_free(trans);
2000 return 0;
2001 }
2002 vlr_subscr_put(vsub);
2003 return 0;
2004 }
2005
2006 /* Assign conn */
Neels Hofmeyr3c20a5e2018-11-30 01:08:36 +0100[diff] [blame]2007 trans->conn = ran_conn_get(conn, RAN_CONN_USE_TRANS_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2008 trans->dlci = 0x00; /* SAPI=0, not SACCH */
2009 vlr_subscr_put(vsub);
2010 } else {
2011 /* update the subscriber we deal with */
2012 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
2013 }
2014
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]2015 gsm48_start_guard_timer(trans);
2016
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2017 if (trans->conn)
2018 conn = trans->conn;
2019
2020 /* if paging did not respond yet */
2021 if (!conn) {
2022 DEBUGP(DCC, "(sub %s) "
2023 "Received '%s' from MNCC in paging state\n",
2024 vlr_subscr_msisdn_or_name(trans->vsub),
2025 get_mncc_name(msg_type));
2026 mncc_set_cause(&rel, GSM48_CAUSE_LOC_PRN_S_LU,
2027 GSM48_CC_CAUSE_NORM_CALL_CLEAR);
2028 if (msg_type == MNCC_REL_REQ)
2029 rc = mncc_recvmsg(net, trans, MNCC_REL_CNF, &rel);
2030 else
2031 rc = mncc_recvmsg(net, trans, MNCC_REL_IND, &rel);
2032 trans->callref = 0;
2033 trans_free(trans);
2034 return rc;
2035 } else {
2036 DEBUGP(DCC, "(ti %02x sub %s) "
2037 "Received '%s' from MNCC in state %d (%s)\n",
2038 trans->transaction_id,
2039 vlr_subscr_msisdn_or_name(trans->conn->vsub),
2040 get_mncc_name(msg_type), trans->cc.state,
2041 gsm48_cc_state_name(trans->cc.state));
2042 }
2043
2044 /* Find function for current state and message */
2045 for (i = 0; i < DOWNSLLEN; i++)
2046 if ((msg_type == downstatelist[i].type)
2047 && ((1 << trans->cc.state) & downstatelist[i].states))
2048 break;
2049 if (i == DOWNSLLEN) {
2050 DEBUGP(DCC, "Message unhandled at this state.\n");
2051 return 0;
2052 }
2053
2054 rc = downstatelist[i].rout(trans, arg);
2055
2056 return rc;
2057}
2058
2059
2060static struct datastate {
2061 uint32_t states;
2062 int type;
2063 int (*rout) (struct gsm_trans *trans, struct msgb *msg);
2064} datastatelist[] = {
2065 /* mobile originating call establishment */
2066 {SBIT(GSM_CSTATE_NULL), /* 5.2.1.2 */
2067 GSM48_MT_CC_SETUP, gsm48_cc_rx_setup},
2068 {SBIT(GSM_CSTATE_NULL), /* 5.2.1.2 */
2069 GSM48_MT_CC_EMERG_SETUP, gsm48_cc_rx_setup},
2070 {SBIT(GSM_CSTATE_CONNECT_IND), /* 5.2.1.2 */
2071 GSM48_MT_CC_CONNECT_ACK, gsm48_cc_rx_connect_ack},
2072 /* mobile terminating call establishment */
2073 {SBIT(GSM_CSTATE_CALL_PRESENT), /* 5.2.2.3.2 */
2074 GSM48_MT_CC_CALL_CONF, gsm48_cc_rx_call_conf},
2075 {SBIT(GSM_CSTATE_CALL_PRESENT) | SBIT(GSM_CSTATE_MO_TERM_CALL_CONF), /* ???? | 5.2.2.3.2 */
2076 GSM48_MT_CC_ALERTING, gsm48_cc_rx_alerting},
2077 {SBIT(GSM_CSTATE_CALL_PRESENT) | SBIT(GSM_CSTATE_MO_TERM_CALL_CONF) | SBIT(GSM_CSTATE_CALL_RECEIVED), /* (5.2.2.6) | 5.2.2.6 | 5.2.2.6 */
2078 GSM48_MT_CC_CONNECT, gsm48_cc_rx_connect},
2079 /* signalling during call */
2080 {ALL_STATES - SBIT(GSM_CSTATE_NULL),
2081 GSM48_MT_CC_FACILITY, gsm48_cc_rx_facility},
2082 {SBIT(GSM_CSTATE_ACTIVE),
2083 GSM48_MT_CC_NOTIFY, gsm48_cc_rx_notify},
2084 {ALL_STATES,
2085 GSM48_MT_CC_START_DTMF, gsm48_cc_rx_start_dtmf},
2086 {ALL_STATES,
2087 GSM48_MT_CC_STOP_DTMF, gsm48_cc_rx_stop_dtmf},
2088 {ALL_STATES,
2089 GSM48_MT_CC_STATUS_ENQ, gsm48_cc_rx_status_enq},
2090 {SBIT(GSM_CSTATE_ACTIVE),
2091 GSM48_MT_CC_HOLD, gsm48_cc_rx_hold},
2092 {SBIT(GSM_CSTATE_ACTIVE),
2093 GSM48_MT_CC_RETR, gsm48_cc_rx_retrieve},
2094 {SBIT(GSM_CSTATE_ACTIVE),
2095 GSM48_MT_CC_MODIFY, gsm48_cc_rx_modify},
2096 {SBIT(GSM_CSTATE_MO_TERM_MODIFY),
2097 GSM48_MT_CC_MODIFY_COMPL, gsm48_cc_rx_modify_complete},
2098 {SBIT(GSM_CSTATE_MO_TERM_MODIFY),
2099 GSM48_MT_CC_MODIFY_REJECT, gsm48_cc_rx_modify_reject},
2100 {SBIT(GSM_CSTATE_ACTIVE),
2101 GSM48_MT_CC_USER_INFO, gsm48_cc_rx_userinfo},
2102 /* clearing */
2103 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ), /* 5.4.3.2 */
2104 GSM48_MT_CC_DISCONNECT, gsm48_cc_rx_disconnect},
2105 {ALL_STATES - SBIT(GSM_CSTATE_NULL), /* 5.4.4.1.2.2 */
2106 GSM48_MT_CC_RELEASE, gsm48_cc_rx_release},
2107 {ALL_STATES, /* 5.4.3.4 */
2108 GSM48_MT_CC_RELEASE_COMPL, gsm48_cc_rx_release_compl},
2109};
2110
2111#define DATASLLEN \
2112 (sizeof(datastatelist) / sizeof(struct datastate))
2113
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]2114int gsm0408_rcv_cc(struct ran_conn *conn, struct msgb *msg)
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2115{
2116 struct gsm48_hdr *gh = msgb_l3(msg);
2117 uint8_t msg_type = gsm48_hdr_msg_type(gh);
2118 uint8_t transaction_id = gsm48_hdr_trans_id_flip_ti(gh);
2119 struct gsm_trans *trans = NULL;
2120 int i, rc = 0;
2121
2122 if (msg_type & 0x80) {
2123 DEBUGP(DCC, "MSG 0x%2x not defined for PD error\n", msg_type);
2124 return -EINVAL;
2125 }
2126
2127 if (!conn->vsub) {
2128 LOGP(DCC, LOGL_ERROR, "Invalid conn: no subscriber\n");
2129 return -EINVAL;
2130 }
2131
2132 /* Find transaction */
2133 trans = trans_find_by_id(conn, GSM48_PDISC_CC, transaction_id);
2134
2135#if BEFORE_MSCSPLIT
2136 /* Re-enable this log output once we can obtain this information via
2137 * A-interface, see OS#2391. */
2138 DEBUGP(DCC, "(bts %d trx %d ts %d ti %x sub %s) "
2139 "Received '%s' from MS in state %d (%s)\n",
2140 conn->bts->nr, conn->lchan->ts->trx->nr, conn->lchan->ts->nr,
2141 transaction_id, vlr_subscr_msisdn_or_name(conn->vsub),
2142 gsm48_cc_msg_name(msg_type), trans?(trans->cc.state):0,
2143 gsm48_cc_state_name(trans?(trans->cc.state):0));
2144#endif
2145
2146 /* Create transaction */
2147 if (!trans) {
2148 DEBUGP(DCC, "Unknown transaction ID %x, "
2149 "creating new trans.\n", transaction_id);
2150 /* Create transaction */
2151 trans = trans_alloc(conn->network, conn->vsub,
2152 GSM48_PDISC_CC,
2153 transaction_id, new_callref++);
2154 if (!trans) {
2155 DEBUGP(DCC, "No memory for trans.\n");
2156 rc = gsm48_tx_simple(conn,
2157 GSM48_PDISC_CC | (transaction_id << 4),
2158 GSM48_MT_CC_RELEASE_COMPL);
2159 return -ENOMEM;
2160 }
2161 /* Assign transaction */
Neels Hofmeyr3c20a5e2018-11-30 01:08:36 +0100[diff] [blame]2162 trans->conn = ran_conn_get(conn, RAN_CONN_USE_TRANS_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2163 trans->dlci = OMSC_LINKID_CB(msg); /* DLCI as received from BSC */
2164 cm_service_request_concludes(conn, msg);
2165 }
2166
2167 /* find function for current state and message */
2168 for (i = 0; i < DATASLLEN; i++)
2169 if ((msg_type == datastatelist[i].type)
2170 && ((1 << trans->cc.state) & datastatelist[i].states))
2171 break;
2172 if (i == DATASLLEN) {
2173 DEBUGP(DCC, "Message unhandled at this state.\n");
2174 return 0;
2175 }
2176
2177 assert(trans->vsub);
2178
2179 rc = datastatelist[i].rout(trans, msg);
2180
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]2181 ran_conn_communicating(conn);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2182 return rc;
2183}