Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 8a69cb2d99f0b261817c971f7c29edb62578d3b9 / . / openbsc / src / sccp / sccp.c
blob: bbf3e40741135e50ad374d723e8f3e3d4f85acaa [file] [log] [blame]
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]1/*
2 * SCCP management code
3 *
4 * (C) 2009 by Holger Hans Peter Freyther <zecke@selfish.org>
5 * (C) 2009 by on-waves.com
6 *
7 * All Rights Reserved
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 *
23 */
24
25#include <string.h>
26
Holger Hans Peter Freyther8a69cb22010-02-12 22:44:50 +0100[diff] [blame^]27#include <openbsc/msgb.h>
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]28#include <openbsc/debug.h>
29#include <openbsc/talloc.h>
Holger Hans Peter Freyther8a69cb22010-02-12 22:44:50 +0100[diff] [blame^]30
31#include <sccp/sccp.h>
32
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]33
34static void *tall_sccp_ctx;
35static LLIST_HEAD(sccp_connections);
36
37#define SCCP_MSG_SIZE 4096
38#define SCCP_MSG_HEADROOM 128
39
40/* global data */
41const struct sockaddr_sccp sccp_ssn_bssap = {
42 .sccp_family = 0,
43 .sccp_ssn = SCCP_SSN_BSSAP,
44};
45
46struct sccp_system {
47 /* layer3 -> layer2 */
48 int (*write_data)(struct msgb *data, void *context);
49 void *write_context;
50};
51
52
53static struct sccp_system sccp_system = {
54 .write_data = NULL,
55};
56
57struct sccp_data_callback {
58 /* connection based */
59 int (*accept_cb)(struct sccp_connection *, void *);
60 void *accept_context;
61
62 /* connection less */
63 int (*read_cb)(struct msgb *, unsigned int, void *);
64 void *read_context;
65
66 u_int8_t ssn;
67 struct llist_head callback;
68};
69
70static LLIST_HEAD(sccp_callbacks);
71
72static struct sccp_data_callback *_find_ssn(u_int8_t ssn)
73{
74 struct sccp_data_callback *cb;
75
76 llist_for_each_entry(cb, &sccp_callbacks, callback) {
77 if (cb->ssn == ssn)
78 return cb;
79 }
80
81 /* need to add one */
82 cb = talloc_zero(tall_sccp_ctx, struct sccp_data_callback);
83 if (!cb) {
84 DEBUGP(DSCCP, "Failed to allocate sccp callback.\n");
85 return NULL;
86 }
87
88 cb->ssn = ssn;
89 llist_add_tail(&cb->callback, &sccp_callbacks);
90 return cb;
91}
92
93
94static int _send_msg(struct msgb *msg)
95{
96 return sccp_system.write_data(msg, sccp_system.write_context);
97}
98
99/*
100 * parsing routines
101 */
102static int copy_address(struct sccp_address *addr, u_int8_t offset, struct msgb *msgb)
103{
104 struct sccp_called_party_address *party;
105
106 int room = msgb_l2len(msgb) - offset;
107 u_int8_t read = 0;
108 u_int8_t length;
109
110 if (room <= 0) {
111 DEBUGP(DSCCP, "Not enough room for an address: %u\n", room);
112 return -1;
113 }
114
115 length = msgb->l2h[offset];
116 if (room <= length) {
117 DEBUGP(DSCCP, "Not enough room for optional data %u %u\n", room, length);
118 return -1;
119 }
120
121
122 party = (struct sccp_called_party_address *)(msgb->l2h + offset + 1);
123 if (party->point_code_indicator) {
124 if (length <= read + 2) {
125 DEBUGP(DSCCP, "POI does not fit %u\n", length);
126 return -1;
127 }
128
129
130 memcpy(&addr->poi, &party->data[read], 2);
131 read += 2;
132 }
133
134 if (party->ssn_indicator) {
135 if (length <= read + 1) {
136 DEBUGP(DSCCP, "SSN does not fit %u\n", length);
137 return -1;
138 }
139
140 addr->ssn = party->data[read];
141 read += 1;
142 }
143
144 if (party->global_title_indicator) {
145 DEBUGP(DSCCP, "GTI not supported %u\n", *(u_int8_t *)party);
146 return -1;
147 }
148
149 addr->address = *party;
150 return 0;
151}
152
153static int check_address(struct sccp_address *addr)
154{
155 /* ignore point_code_indicator... it should be zero... but */
156 if (addr->address.ssn_indicator != 1
157 || addr->address.global_title_indicator == 1
158 || addr->address.routing_indicator != 1) {
159 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
160 *(u_int8_t *)&addr->address, addr->ssn);
161 return -1;
162 }
163
164 return 0;
165}
166
167static int _sccp_parse_optional_data(const int offset,
168 struct msgb *msgb, struct sccp_optional_data *data)
169{
170 u_int16_t room = msgb_l2len(msgb) - offset;
171 u_int16_t read = 0;
172
173 while (room > read) {
174 u_int8_t type = msgb->l2h[offset + read];
175 if (type == SCCP_PNC_END_OF_OPTIONAL)
176 return 0;
177
178 if (read + 1 >= room) {
179 DEBUGP(DSCCP, "no place for length\n");
180 return 0;
181 }
182
183 u_int8_t length = msgb->l2h[offset + read + 1];
184 read += 2 + length;
185
186
187 if (room <= read) {
188 DEBUGP(DSCCP, "no space for the data: type: %d read: %d room: %d l2: %d\n",
189 type, read, room, msgb_l2len(msgb));
190 return 0;
191 }
192
193 if (type == SCCP_PNC_DATA) {
194 data->data_len = length;
195 data->data_start = offset + read - length;
196 }
197
198 }
199
200 return -1;
201}
202
203/*
204 * Send UDT. Currently we have a fixed address...
205 */
206static int _sccp_send_data(int class, const struct sockaddr_sccp *in,
207 const struct sockaddr_sccp *out, struct msgb *payload)
208{
209 struct sccp_data_unitdata *udt;
210 u_int8_t *data;
211 int ret;
212
213 if (msgb_l3len(payload) > 256) {
214 DEBUGP(DSCCP, "The payload is too big for one udt\n");
215 return -1;
216 }
217
218 struct msgb *msg = msgb_alloc_headroom(SCCP_MSG_SIZE,
219 SCCP_MSG_HEADROOM, "sccp: udt");
220 msg->l2h = &msg->data[0];
221 udt = (struct sccp_data_unitdata *)msgb_put(msg, sizeof(*udt));
222
223 udt->type = SCCP_MSG_TYPE_UDT;
224 udt->proto_class = class;
225 udt->variable_called = 3;
226 udt->variable_calling = 5;
227 udt->variable_data = 7;
228
229 /* for variable data we start with a size and the data */
230 data = msgb_put(msg, 1 + 2);
231 data[0] = 2;
232 data[1] = 0x42;
233 data[2] = out->sccp_ssn;
234
235 data = msgb_put(msg, 1 + 2);
236 data[0] = 2;
237 data[1] = 0x42;
238 data[2] = in->sccp_ssn;
239
240 /* copy the payload */
241 data = msgb_put(msg, 1 + msgb_l3len(payload));
242 data[0] = msgb_l3len(payload);
243 memcpy(&data[1], payload->l3h, msgb_l3len(payload));
244
245 ret = _send_msg(msg);
246 msgb_free(msg);
247
248 return ret;
249}
250
251static int _sccp_handle_read(struct msgb *msgb)
252{
253 static const u_int32_t header_size = sizeof(struct sccp_data_unitdata);
254 static const u_int32_t called_offset = offsetof(struct sccp_data_unitdata, variable_called);
255 static const u_int32_t calling_offset = offsetof(struct sccp_data_unitdata, variable_calling);
256 static const u_int32_t data_offset = offsetof(struct sccp_data_unitdata, variable_data);
257
258 struct sccp_data_callback *cb;
259 struct sccp_data_unitdata *udt = (struct sccp_data_unitdata *)msgb->l2h;
260 struct sccp_address called, calling;
261
262 /* we don't have enough size for the struct */
263 if (msgb_l2len(msgb) < header_size) {
264 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
265 msgb_l2len(msgb), header_size);
266 return -1;
267 }
268
269 /* copy out the calling and called address. Add the off */
270 if (copy_address(&called, called_offset + udt->variable_called, msgb) != 0)
271 return -1;
272
273 if (check_address(&called) != 0) {
274 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
275 *(u_int8_t *)&called.address, called.ssn);
276 return -1;
277 }
278
279 cb = _find_ssn(called.ssn);
280 if (!cb || !cb->read_cb) {
281 DEBUGP(DSCCP, "No routing for UDT for called SSN: %u\n", called.ssn);
282 return -1;
283 }
284
285 if (copy_address(&calling, calling_offset + udt->variable_calling, msgb) != 0)
286 return -1;
287
288 if (check_address(&calling) != 0) {
289 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
290 *(u_int8_t *)&called.address, called.ssn);
291 }
292
293 /* we don't have enough size for the data */
294 if (msgb_l2len(msgb) < data_offset + udt->variable_data + 1) {
295 DEBUGP(DSCCP, "msgb < header + offset %u %u %u\n",
296 msgb_l2len(msgb), header_size, udt->variable_data);
297 return -1;
298 }
299
300
301 msgb->l3h = &udt->data[udt->variable_data];
302
303 if (msgb_l3len(msgb) != msgb->l3h[-1]) {
304 DEBUGP(DSCCP, "msgb is truncated %u %u\n",
305 msgb_l3len(msgb), msgb->l3h[-1]);
306 return -1;
307 }
308
309 /* sanity check */
310 return cb->read_cb(msgb, msgb_l3len(msgb), cb->read_context);
311}
312
313/*
314 * handle connection orientated methods
315 */
316static int source_local_reference_is_free(struct sccp_source_reference *reference)
317{
318 struct sccp_connection *connection;
319
320 llist_for_each_entry(connection, &sccp_connections, list) {
321 if (memcmp(reference, &connection->source_local_reference, sizeof(*reference)) == 0)
322 return -1;
323 }
324
325 return 0;
326}
327
328static int destination_local_reference_is_free(struct sccp_source_reference *reference)
329{
330 struct sccp_connection *connection;
331
332 llist_for_each_entry(connection, &sccp_connections, list) {
333 if (memcmp(reference, &connection->destination_local_reference, sizeof(*reference)) == 0)
334 return -1;
335 }
336
337 return 0;
338}
339
340static int assign_source_local_reference(struct sccp_connection *connection)
341{
342 static u_int32_t last_ref = 0x30000;
343 int wrapped = 0;
344
345 do {
346 struct sccp_source_reference reference;
347 reference.octet1 = (last_ref >> 0) & 0xff;
348 reference.octet2 = (last_ref >> 8) & 0xff;
349 reference.octet3 = (last_ref >> 16) & 0xff;
350
351 ++last_ref;
352 /* do not use the reversed word and wrap around */
353 if ((last_ref & 0x00FFFFFF) == 0x00FFFFFF) {
354 DEBUGP(DSCCP, "Wrapped searching for a free code\n");
355 last_ref = 0;
356 ++wrapped;
357 }
358
359 if (source_local_reference_is_free(&reference) == 0) {
360 connection->source_local_reference = reference;
361 return 0;
362 }
363 } while (wrapped != 2);
364
365 DEBUGP(DSCCP, "Finding a free reference failed\n");
366 return -1;
367}
368
369static void _sccp_set_connection_state(struct sccp_connection *connection, int new_state)
370{
371 int old_state = connection->connection_state;
372
373 connection->connection_state = new_state;
374 if (connection->state_cb)
375 connection->state_cb(connection, old_state);
376}
377
378static int _sccp_send_refuse(struct sccp_connection_request *req, int cause)
379{
380 struct msgb *msgb;
381 struct sccp_connection_refused *ref;
382 u_int8_t *data;
383 int ret;
384
385 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
386 SCCP_MSG_HEADROOM, "sccp ref");
387 msgb->l2h = &msgb->data[0];
388
389 ref = (struct sccp_connection_refused *) msgb_put(msgb, sizeof(*ref));
390 ref->type = SCCP_MSG_TYPE_CREF;
391 memcpy(&ref->destination_local_reference, &req->source_local_reference,
392 sizeof(struct sccp_source_reference));
393 ref->cause = cause;
394 ref->optional_start = 1;
395
396 data = msgb_put(msgb, 1);
397 data[0] = SCCP_PNC_END_OF_OPTIONAL;
398
399 ret = _send_msg(msgb);
400 msgb_free(msgb);
401 return ret;
402}
403
404static int _sccp_send_connection_confirm(struct sccp_connection *connection)
405{
406 struct msgb *response;
407 struct sccp_connection_confirm *confirm;
408 u_int8_t *optional_data;
409 int ret;
410
411 if (assign_source_local_reference(connection) != 0)
412 return -1;
413
414 response = msgb_alloc_headroom(SCCP_MSG_SIZE,
415 SCCP_MSG_HEADROOM, "sccp confirm");
416 response->l2h = &response->data[0];
417
418 confirm = (struct sccp_connection_confirm *) msgb_put(response, sizeof(*confirm));
419
420 confirm->type = SCCP_MSG_TYPE_CC;
421 memcpy(&confirm->destination_local_reference,
422 &connection->destination_local_reference,
423 sizeof(connection->destination_local_reference));
424 memcpy(&confirm->source_local_reference,
425 &connection->source_local_reference,
426 sizeof(connection->source_local_reference));
427 confirm->proto_class = 2;
428 confirm->optional_start = 1;
429
430 optional_data = (u_int8_t *) msgb_put(response, 1);
431 optional_data[0] = SCCP_PNC_END_OF_OPTIONAL;
432
433 ret = _send_msg(response);
434 msgb_free(response);
435
436 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_ESTABLISHED);
437 return ret;
438}
439
440static int _sccp_send_connection_request(struct sccp_connection *connection,
441 const struct sockaddr_sccp *called, struct msgb *msg)
442{
443 struct msgb *request;
444 struct sccp_connection_request *req;
445 u_int8_t *data;
446 u_int8_t extra_size = 3 + 1;
447 int ret;
448
449
450 if (msg && (msgb_l3len(msg) < 3 || msgb_l3len(msg) > 130)) {
451 DEBUGP(DSCCP, "Invalid amount of data... %d\n", msgb_l3len(msg));
452 return -1;
453 }
454
455 /* try to find a id */
456 if (assign_source_local_reference(connection) != 0) {
457 DEBUGP(DSCCP, "Assigning a local reference failed.\n");
458 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_SETUP_ERROR);
459 return -1;
460 }
461
462
463 if (msg)
464 extra_size += 2 + msgb_l3len(msg);
465 request = msgb_alloc_headroom(SCCP_MSG_SIZE,
466 SCCP_MSG_HEADROOM, "sccp connection request");
467 request->l2h = &request->data[0];
468 req = (struct sccp_connection_request *) msgb_put(request, sizeof(*req));
469
470 req->type = SCCP_MSG_TYPE_CR;
471 memcpy(&req->source_local_reference, &connection->source_local_reference,
472 sizeof(connection->source_local_reference));
473 req->proto_class = 2;
474 req->variable_called = 2;
475 req->optional_start = 4;
476
477 /* write the called party address */
478 data = msgb_put(request, 1 + 2);
479 data[0] = 2;
480 data[1] = 0x42;
481 data[2] = called->sccp_ssn;
482
483 /* write the payload */
484 if (msg) {
485 data = msgb_put(request, 2 + msgb_l3len(msg));
486 data[0] = SCCP_PNC_DATA;
487 data[1] = msgb_l3len(msg);
488 memcpy(&data[2], msg->l3h, msgb_l3len(msg));
489 }
490
491 data = msgb_put(request, 1);
492 data[0] = SCCP_PNC_END_OF_OPTIONAL;
493
494 llist_add_tail(&connection->list, &sccp_connections);
495 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REQUEST);
496
497 ret = _send_msg(request);
498 msgb_free(request);
499
500 return ret;
501}
502
503static int _sccp_send_connection_data(struct sccp_connection *conn, struct msgb *_data)
504{
505 struct msgb *msgb;
506 struct sccp_data_form1 *dt1;
507 u_int8_t *data;
508 int extra_size;
509 int ret;
510
511 if (msgb_l3len(_data) < 2 || msgb_l3len(_data) > 256) {
512 DEBUGP(DSCCP, "data size too big, segmenting unimplemented.\n");
513 return -1;
514 }
515
516 extra_size = 1 + msgb_l3len(_data);
517 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
518 SCCP_MSG_HEADROOM, "sccp dt1");
519 msgb->l2h = &msgb->data[0];
520
521 dt1 = (struct sccp_data_form1 *) msgb_put(msgb, sizeof(*dt1));
522 dt1->type = SCCP_MSG_TYPE_DT1;
523 memcpy(&dt1->destination_local_reference, &conn->destination_local_reference,
524 sizeof(struct sccp_source_reference));
525 dt1->segmenting = 0;
526
527 /* copy the data */
528 dt1->variable_start = 1;
529 data = msgb_put(msgb, extra_size);
530 data[0] = extra_size - 1;
531 memcpy(&data[1], _data->l3h, extra_size - 1);
532
533 ret = _send_msg(msgb);
534 msgb_free(msgb);
535
536 return ret;
537}
538
Holger Hans Peter Freyther3b9516e2009-11-18 22:11:28 +0100[diff] [blame]539static int _sccp_send_connection_it(struct sccp_connection *conn)
540{
541 struct msgb *msgb;
542 struct sccp_data_it *it;
543 int ret;
544
545 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
546 SCCP_MSG_HEADROOM, "sccp it");
547 msgb->l2h = &msgb->data[0];
548 it = (struct sccp_data_it *) msgb_put(msgb, sizeof(*it));
549 it->type = SCCP_MSG_TYPE_IT;
550 memcpy(&it->destination_local_reference, &conn->destination_local_reference,
551 sizeof(struct sccp_source_reference));
552 memcpy(&it->source_local_reference, &conn->source_local_reference,
553 sizeof(struct sccp_source_reference));
554
555 it->proto_class = 0x2;
556 it->sequencing[0] = it->sequencing[1] = 0;
557 it->credit = 0;
558
559 ret = _send_msg(msgb);
560 msgb_free(msgb);
561 return ret;
562}
563
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]564static int _sccp_send_connection_released(struct sccp_connection *conn, int cause)
565{
566 struct msgb *msg;
567 struct sccp_connection_released *rel;
568 u_int8_t *data;
569 int ret;
570
571 msg = msgb_alloc_headroom(SCCP_MSG_SIZE, SCCP_MSG_HEADROOM,
572 "sccp: connection released");
573 msg->l2h = &msg->data[0];
574 rel = (struct sccp_connection_released *) msgb_put(msg, sizeof(*rel));
575 rel->type = SCCP_MSG_TYPE_RLSD;
576 rel->release_cause = cause;
577
578 /* copy the source references */
579 memcpy(&rel->destination_local_reference, &conn->destination_local_reference,
580 sizeof(struct sccp_source_reference));
581 memcpy(&rel->source_local_reference, &conn->source_local_reference,
582 sizeof(struct sccp_source_reference));
583
584 data = msgb_put(msg, 1);
585 data[0] = SCCP_PNC_END_OF_OPTIONAL;
586
587 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_RELEASE);
588 ret = _send_msg(msg);
589 msgb_free(msg);
590
591 return ret;
592}
593
594/*
595 * Open a connection. The following is going to happen:
596 *
597 * - Verify the packet, e.g. that we have no other connection
598 * that id.
599 * - Ask the user if he wants to accept the connection
600 * - Try to open the connection by assigning a source local reference
601 * and sending the packet
602 */
603static int _sccp_handle_connection_request(struct msgb *msgb)
604{
605 static const u_int32_t header_size =
606 sizeof(struct sccp_connection_request);
607 static const u_int32_t optional_offset =
608 offsetof(struct sccp_connection_request, optional_start);
609 static const u_int32_t called_offset =
610 offsetof(struct sccp_connection_request, variable_called);
611
612 struct sccp_data_callback *cb;
613 struct sccp_connection_request *req = (struct sccp_connection_request *)msgb->data;
614 struct sccp_address called;
615 struct sccp_connection *connection;
616 struct sccp_optional_data optional_data;
617
618 /* header check */
619 if (msgb_l2len(msgb) < header_size) {
620 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
621 msgb_l2len(msgb), header_size);
622 return -1;
623 }
624
625 /* copy out the calling and called address. Add the offset */
626 if (copy_address(&called, called_offset + req->variable_called, msgb) != 0)
627 return -1;
628
629 if (check_address(&called) != 0) {
630 DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
631 *(u_int8_t *)&called.address, called.ssn);
632 return -1;
633 }
634
635 cb = _find_ssn(called.ssn);
636 if (!cb || !cb->accept_cb) {
637 DEBUGP(DSCCP, "No routing for CR for called SSN: %u\n", called.ssn);
638 return -1;
639 }
640
641 /* check if the system wants this connection */
642 connection = talloc_zero(tall_sccp_ctx, struct sccp_connection);
643 if (!connection) {
644 DEBUGP(DSCCP, "Allocation failed\n");
645 return -1;
646 }
647
648 /*
649 * sanity checks:
650 * - Is the source_local_reference in any other connection?
651 * then will call accept, assign a "destination" local reference
652 * and send a connection confirm, otherwise we will send a refuseed
653 * one....
654 */
655 if (destination_local_reference_is_free(&req->source_local_reference) != 0) {
656 DEBUGP(DSCCP, "Need to reject connection with existing reference\n");
657 _sccp_send_refuse(req, SCCP_REFUSAL_SCCP_FAILURE);
658 talloc_free(connection);
659 return -1;
660 }
661
662 connection->incoming = 1;
663 connection->destination_local_reference = req->source_local_reference;
664
665 /*
666 * parse optional data.
667 */
668 memset(&optional_data, 0, sizeof(optional_data));
669 if (_sccp_parse_optional_data(optional_offset + req->optional_start, msgb, &optional_data) != 0) {
670 DEBUGP(DSCCP, "parsing of optional data failed.\n");
671 talloc_free(connection);
672 return -1;
673 }
674
675 if (cb->accept_cb(connection, cb->accept_context) != 0) {
676 _sccp_send_refuse(req, SCCP_REFUSAL_END_USER_ORIGINATED);
677 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REFUSED);
678 talloc_free(connection);
679 return 0;
680 }
681
682
683 llist_add_tail(&connection->list, &sccp_connections);
684
685 if (_sccp_send_connection_confirm(connection) != 0) {
686 DEBUGP(DSCCP, "Sending confirm failed... no available source reference?\n");
687
688 _sccp_send_refuse(req, SCCP_REFUSAL_SCCP_FAILURE);
689 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REFUSED);
690 llist_del(&connection->list);
691 talloc_free(connection);
692
693 return -1;
694 }
695
696 /*
697 * If we have data let us forward things.
698 */
699 if (optional_data.data_len != 0 && connection->data_cb) {
700 msgb->l3h = &msgb->l2h[optional_data.data_start];
701 connection->data_cb(connection, msgb, optional_data.data_len);
702 }
703
704 return 0;
705}
706
707/* Handle the release confirmed */
708static int _sccp_handle_connection_release_complete(struct msgb *data)
709{
710 static int header_size = sizeof(struct sccp_connection_release_complete);
711
712 struct sccp_connection_release_complete *cmpl;
713 struct sccp_connection *conn;
714
715 /* header check */
716 if (msgb_l2len(data) < header_size) {
717 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
718 msgb_l2len(data), header_size);
719 return -1;
720 }
721
722 cmpl = (struct sccp_connection_release_complete *) data->l2h;
723
724 /* find the connection */
725 llist_for_each_entry(conn, &sccp_connections, list) {
726 if (conn->data_cb
727 && memcmp(&conn->source_local_reference,
728 &cmpl->destination_local_reference,
729 sizeof(conn->source_local_reference)) == 0
730 && memcmp(&conn->destination_local_reference,
731 &cmpl->source_local_reference,
732 sizeof(conn->destination_local_reference)) == 0) {
733 goto found;
734 }
735 }
736
737
738 DEBUGP(DSCCP, "Release complete of unknown connection\n");
739 return -1;
740
741found:
742 llist_del(&conn->list);
743 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_RELEASE_COMPLETE);
744 return 0;
745}
746
747/* Handle the Data Form 1 message */
748static int _sccp_handle_connection_dt1(struct msgb *data)
749{
750 static int variable_offset = offsetof(struct sccp_data_form1, variable_start);
751 static int header_size = sizeof(struct sccp_data_form1);
752
753 struct sccp_data_form1 *dt1 = (struct sccp_data_form1 *)data->l2h;
754 struct sccp_connection *conn;
755 int size;
756
757 /* we don't have enough size for the struct */
758 if (msgb_l2len(data) < header_size) {
759 DEBUGP(DSCCP, "msgb > header_size %u %u\n",
760 msgb_l2len(data), header_size);
761 return -1;
762 }
763
764 if (dt1->segmenting != 0) {
765 DEBUGP(DSCCP, "This packet has segmenting, not supported: %d\n", dt1->segmenting);
766 return -1;
767 }
768
769 /* lookup if we have a connection with the given reference */
770 llist_for_each_entry(conn, &sccp_connections, list) {
771 if (conn->data_cb
772 && memcmp(&conn->source_local_reference,
773 &dt1->destination_local_reference,
774 sizeof(conn->source_local_reference)) == 0) {
775
776 /* some more size checks in here */
777 if (msgb_l2len(data) < variable_offset + dt1->variable_start + 1) {
778 DEBUGP(DSCCP, "Not enough space for variable start: %u %u\n",
779 msgb_l2len(data), dt1->variable_start);
780 return -1;
781 }
782
783 size = data->l2h[variable_offset + dt1->variable_start];
784 data->l3h = &data->l2h[dt1->variable_start + variable_offset + 1];
785
786 if (msgb_l3len(data) < size) {
787 DEBUGP(DSCCP, "Not enough room for the payload: %u %u\n",
788 msgb_l3len(data), size);
789 return -1;
790 }
791
792 conn->data_cb(conn, data, size);
793 return 0;
794 }
795 }
796
797 DEBUGP(DSCCP, "No connection found for dt1 data\n");
798 return -1;
799}
800
801/* confirm a connection release */
802static int _sccp_send_connection_release_complete(struct sccp_connection *connection)
803{
804 struct msgb *msgb;
805 struct sccp_connection_release_complete *rlc;
806 int ret;
807
808 msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
809 SCCP_MSG_HEADROOM, "sccp rlc");
810 msgb->l2h = &msgb->data[0];
811
812 rlc = (struct sccp_connection_release_complete *) msgb_put(msgb, sizeof(*rlc));
813 rlc->type = SCCP_MSG_TYPE_RLC;
814 memcpy(&rlc->destination_local_reference,
815 &connection->destination_local_reference, sizeof(struct sccp_source_reference));
816 memcpy(&rlc->source_local_reference,
817 &connection->source_local_reference, sizeof(struct sccp_source_reference));
818
819 ret = _send_msg(msgb);
820 msgb_free(msgb);
821
822 /*
823 * Remove from the list of active connections and set the state. User code
824 * should now free the entry.
825 */
826 llist_del(&connection->list);
827 _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_RELEASE_COMPLETE);
828
829 return ret;
830}
831
832/* connection released, send a released confirm */
833static int _sccp_handle_connection_released(struct msgb *data)
834{
835 static int header_size = sizeof(struct sccp_connection_released);
836 static int optional_offset = offsetof(struct sccp_connection_released, optional_start);
837
838 struct sccp_optional_data optional_data;
839 struct sccp_connection_released *rls = (struct sccp_connection_released *)data->l2h;
840 struct sccp_connection *conn;
841
842 /* we don't have enough size for the struct */
843 if (msgb_l2len(data) < header_size) {
844 DEBUGP(DSCCP, "msgb > header_size %u %u\n",
845 msgb_l2len(data), header_size);
846 return -1;
847 }
848
849 /* lookup if we have a connection with the given reference */
850 llist_for_each_entry(conn, &sccp_connections, list) {
851 if (conn->data_cb
852 && memcmp(&conn->source_local_reference,
853 &rls->destination_local_reference,
854 sizeof(conn->source_local_reference)) == 0
855 && memcmp(&conn->destination_local_reference,
856 &rls->source_local_reference,
857 sizeof(conn->destination_local_reference)) == 0) {
858 goto found;
859 }
860 }
861
862
863 DEBUGP(DSCCP, "Unknown connection was released.\n");
864 return -1;
865
866 /* we have found a connection */
867found:
868 memset(&optional_data, 0, sizeof(optional_data));
869 if (_sccp_parse_optional_data(optional_offset + rls->optional_start, data, &optional_data) != 0) {
870 DEBUGP(DSCCP, "parsing of optional data failed.\n");
871 return -1;
872 }
873
874 /* optional data */
875 if (optional_data.data_len != 0 && conn->data_cb) {
876 data->l3h = &data->l2h[optional_data.data_start];
877 conn->data_cb(conn, data, optional_data.data_len);
878 }
879
880 /* generate a response */
881 if (_sccp_send_connection_release_complete(conn) != 0) {
882 DEBUGP(DSCCP, "Sending release confirmed failed\n");
883 return -1;
884 }
885
886 return 0;
887}
888
889static int _sccp_handle_connection_refused(struct msgb *msgb)
890{
891 static const u_int32_t header_size =
892 sizeof(struct sccp_connection_refused);
893 static int optional_offset = offsetof(struct sccp_connection_refused, optional_start);
894
895 struct sccp_optional_data optional_data;
896 struct sccp_connection *conn;
897 struct sccp_connection_refused *ref;
898
899 /* header check */
900 if (msgb_l2len(msgb) < header_size) {
901 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
902 msgb_l2len(msgb), header_size);
903 return -1;
904 }
905
906 ref = (struct sccp_connection_refused *) msgb->l2h;
907
908 /* lookup if we have a connection with the given reference */
909 llist_for_each_entry(conn, &sccp_connections, list) {
910 if (conn->incoming == 0 && conn->data_cb
911 && memcmp(&conn->source_local_reference,
912 &ref->destination_local_reference,
913 sizeof(conn->source_local_reference)) == 0) {
914 goto found;
915 }
916 }
917
918 DEBUGP(DSCCP, "Refused but no connection found\n");
919 return -1;
920
921found:
922 memset(&optional_data, 0, sizeof(optional_data));
923 if (_sccp_parse_optional_data(optional_offset + ref->optional_start, msgb, &optional_data) != 0) {
924 DEBUGP(DSCCP, "parsing of optional data failed.\n");
925 return -1;
926 }
927
928 /* optional data */
929 if (optional_data.data_len != 0 && conn->data_cb) {
930 msgb->l3h = &msgb->l2h[optional_data.data_start];
931 conn->data_cb(conn, msgb, optional_data.data_len);
932 }
933
934
935 llist_del(&conn->list);
936 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_REFUSED);
937 return 0;
938}
939
940static int _sccp_handle_connection_confirm(struct msgb *msgb)
941{
942 static u_int32_t header_size =
943 sizeof(struct sccp_connection_confirm);
944 static const u_int32_t optional_offset =
945 offsetof(struct sccp_connection_confirm, optional_start);
946
947 struct sccp_optional_data optional_data;
948 struct sccp_connection *conn;
949 struct sccp_connection_confirm *con;
950
951 /* header check */
952 if (msgb_l2len(msgb) < header_size) {
953 DEBUGP(DSCCP, "msgb < header_size %u %u\n",
954 msgb_l2len(msgb), header_size);
955 return -1;
956 }
957
958 con = (struct sccp_connection_confirm *) msgb->l2h;
959
960 /* lookup if we have a connection with the given reference */
961 llist_for_each_entry(conn, &sccp_connections, list) {
962 if (conn->incoming == 0 && conn->data_cb
963 && memcmp(&conn->source_local_reference,
964 &con->destination_local_reference,
965 sizeof(conn->source_local_reference)) == 0) {
966 goto found;
967 }
968 }
969
970 DEBUGP(DSCCP, "Confirmed but no connection found\n");
971 return -1;
972
973found:
974 /* copy the addresses of the connection */
975 conn->destination_local_reference = con->source_local_reference;
976 _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_ESTABLISHED);
977
978 memset(&optional_data, 0, sizeof(optional_data));
979 if (_sccp_parse_optional_data(optional_offset + con->optional_start, msgb, &optional_data) != 0) {
980 DEBUGP(DSCCP, "parsing of optional data failed.\n");
981 return -1;
982 }
983
984 /* optional data */
985 if (optional_data.data_len != 0 && conn->data_cb) {
986 msgb->l3h = &msgb->l2h[optional_data.data_start];
987 conn->data_cb(conn, msgb, optional_data.data_len);
988 }
989
990 return 0;
991}
992
993
994int sccp_system_init(int (*outgoing)(struct msgb *data, void *ctx), void *ctx)
995{
996 sccp_system.write_data = outgoing;
997 sccp_system.write_context = ctx;
998
999 return 0;
1000}
1001
1002/* oh my god a real SCCP packet. need to dispatch it now */
1003int sccp_system_incoming(struct msgb *msgb)
1004{
1005 if (msgb_l2len(msgb) < 1 ) {
1006 DEBUGP(DSCCP, "Too short packet\n");
1007 return -1;
1008 }
1009
1010 int type = msgb->l2h[0];
1011
1012 switch(type) {
1013 case SCCP_MSG_TYPE_CR:
1014 return _sccp_handle_connection_request(msgb);
1015 break;
1016 case SCCP_MSG_TYPE_RLSD:
1017 return _sccp_handle_connection_released(msgb);
1018 break;
1019 case SCCP_MSG_TYPE_CREF:
1020 return _sccp_handle_connection_refused(msgb);
1021 break;
1022 case SCCP_MSG_TYPE_CC:
1023 return _sccp_handle_connection_confirm(msgb);
1024 break;
1025 case SCCP_MSG_TYPE_RLC:
1026 return _sccp_handle_connection_release_complete(msgb);
1027 break;
1028 case SCCP_MSG_TYPE_DT1:
1029 return _sccp_handle_connection_dt1(msgb);
1030 break;
1031 case SCCP_MSG_TYPE_UDT:
1032 return _sccp_handle_read(msgb);
1033 break;
1034 default:
1035 DEBUGP(DSCCP, "unimplemented msg type: %d\n", type);
1036 };
1037
1038 return -1;
1039}
1040
1041/* create a packet from the data */
1042int sccp_connection_write(struct sccp_connection *connection, struct msgb *data)
1043{
1044 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1045 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1046 DEBUGP(DSCCP, "sccp_connection_write: Wrong connection state: %p %d\n",
1047 connection, connection->connection_state);
1048 return -1;
1049 }
1050
1051 return _sccp_send_connection_data(connection, data);
1052}
1053
Holger Hans Peter Freyther3b9516e2009-11-18 22:11:28 +0100[diff] [blame]1054/*
1055 * Send a Inactivity Test message. The owner of the connection
1056 * should start a timer and call this method regularily. Calling
1057 * this every 60 seconds should be good enough.
1058 */
1059int sccp_connection_send_it(struct sccp_connection *connection)
1060{
1061 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1062 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1063 DEBUGP(DSCCP, "sccp_connection_write: Wrong connection state: %p %d\n",
1064 connection, connection->connection_state);
1065 return -1;
1066 }
1067
1068 return _sccp_send_connection_it(connection);
1069}
1070
Holger Hans Peter Freytherac967702009-07-29 07:37:48 +0200[diff] [blame]1071/* send a connection release and wait for the connection released */
1072int sccp_connection_close(struct sccp_connection *connection, int cause)
1073{
1074 if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
1075 || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
1076 DEBUGPC(DSCCP, "Can not close the connection. It was never opened: %p %d\n",
1077 connection, connection->connection_state);
1078 return -1;
1079 }
1080
1081 return _sccp_send_connection_released(connection, cause);
1082}
1083
1084int sccp_connection_free(struct sccp_connection *connection)
1085{
1086 if (connection->connection_state > SCCP_CONNECTION_STATE_NONE
1087 && connection->connection_state < SCCP_CONNECTION_STATE_RELEASE_COMPLETE) {
1088 DEBUGP(DSCCP, "The connection needs to be released before it is freed");
1089 return -1;
1090 }
1091
1092 talloc_free(connection);
1093 return 0;
1094}
1095
1096struct sccp_connection *sccp_connection_socket(void)
1097{
1098 return talloc_zero(tall_sccp_ctx, struct sccp_connection);
1099}
1100
1101int sccp_connection_connect(struct sccp_connection *conn,
1102 const struct sockaddr_sccp *local,
1103 struct msgb *data)
1104{
1105 return _sccp_send_connection_request(conn, local, data);
1106}
1107
1108int sccp_connection_set_incoming(const struct sockaddr_sccp *sock,
1109 int (*accept_cb)(struct sccp_connection *, void *), void *context)
1110{
1111 struct sccp_data_callback *cb;
1112
1113 if (!sock)
1114 return -2;
1115
1116 cb = _find_ssn(sock->sccp_ssn);
1117 if (!cb)
1118 return -1;
1119
1120 cb->accept_cb = accept_cb;
1121 cb->accept_context = context;
1122 return 0;
1123}
1124
1125int sccp_write(struct msgb *data, const struct sockaddr_sccp *in,
1126 const struct sockaddr_sccp *out, int class)
1127{
1128 return _sccp_send_data(class, in, out, data);
1129}
1130
1131int sccp_set_read(const struct sockaddr_sccp *sock,
1132 int (*read_cb)(struct msgb *, unsigned int, void *), void *context)
1133{
1134 struct sccp_data_callback *cb;
1135
1136 if (!sock)
1137 return -2;
1138
1139 cb = _find_ssn(sock->sccp_ssn);
1140 if (!cb)
1141 return -1;
1142
1143 cb->read_cb = read_cb;
1144 cb->read_context = context;
1145 return 0;
1146}
1147
1148static_assert(sizeof(struct sccp_source_reference) <= sizeof(u_int32_t), enough_space);
1149
1150u_int32_t sccp_src_ref_to_int(struct sccp_source_reference *ref)
1151{
1152 u_int32_t src_ref = 0;
1153 memcpy(&src_ref, ref, sizeof(*ref));
1154 return src_ref;
1155}
1156
1157struct sccp_source_reference sccp_src_ref_from_int(u_int32_t int_ref)
1158{
1159 struct sccp_source_reference ref;
1160 memcpy(&ref, &int_ref, sizeof(ref));
1161 return ref;
1162}
1163
1164static __attribute__((constructor)) void on_dso_load(void)
1165{
1166 tall_sccp_ctx = talloc_named_const(NULL, 1, "sccp");
1167}
1168
1169static __attribute__((destructor)) void on_dso_unload(void)
1170{
1171 talloc_report_full(tall_sccp_ctx, stderr);
1172}