Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 9ca7b31cbf78511208c2060b9a8e38ad3a0f4aae / . / src / libmsc / gsm_04_08_cc.c
blob: f9888d77a8db39dde0bf3f0937c8541b70cb56c6 [file] [log] [blame]
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1/* GSM Mobile Radio Interface Layer 3 Call Control */
2
3/* (C) 2008-2016 by Harald Welte <laforge@gnumonks.org>
4 * (C) 2008-2012 by Holger Hans Peter Freyther <zecke@selfish.org>
5 *
6 * All Rights Reserved
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 *
21 */
22
23#include <stdio.h>
24#include <stdlib.h>
25#include <string.h>
26#include <stdbool.h>
27#include <errno.h>
28#include <time.h>
29#include <netinet/in.h>
30#include <regex.h>
31#include <sys/types.h>
32
33#include "bscconfig.h"
34
35#include <osmocom/msc/db.h>
36#include <osmocom/msc/debug.h>
37#include <osmocom/msc/gsm_data.h>
38#include <osmocom/msc/gsm_subscriber.h>
39#include <osmocom/msc/gsm_04_11.h>
40#include <osmocom/msc/gsm_04_08.h>
41#include <osmocom/msc/gsm_04_80.h>
42#include <osmocom/msc/gsm_04_14.h>
43#include <osmocom/msc/gsm_09_11.h>
44#include <osmocom/msc/signal.h>
45#include <osmocom/msc/transaction.h>
46#include <osmocom/msc/silent_call.h>
47#include <osmocom/msc/osmo_msc.h>
48#include <osmocom/msc/mncc_int.h>
49#include <osmocom/abis/e1_input.h>
50#include <osmocom/core/bitvec.h>
51#include <osmocom/msc/vlr.h>
52#include <osmocom/msc/msc_ifaces.h>
53
54#include <osmocom/gsm/gsm48.h>
55#include <osmocom/gsm/gsm0480.h>
56#include <osmocom/gsm/gsm_utils.h>
57#include <osmocom/gsm/protocol/gsm_04_08.h>
58#include <osmocom/core/msgb.h>
59#include <osmocom/core/talloc.h>
60#include <osmocom/core/utils.h>
61#include <osmocom/core/byteswap.h>
62#include <osmocom/gsm/tlv.h>
63#include <osmocom/crypt/auth.h>
64#ifdef BUILD_IU
65#include <osmocom/ranap/iu_client.h>
66#endif
67
68#include <osmocom/msc/msc_ifaces.h>
69#include <osmocom/msc/a_iface.h>
70#include <osmocom/msc/msc_mgcp.h>
71
72#include <assert.h>
73
74static uint32_t new_callref = 0x80000001;
75
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame^]76static void gsm48_cc_guard_timeout(void *arg)
77{
78 struct gsm_trans *trans = arg;
79 DEBUGP(DCC, "(sub %s) guard timeout expired\n",
80 vlr_subscr_msisdn_or_name(trans->vsub));
81 trans_free(trans);
82 return;
83}
84
85static void gsm48_stop_guard_timer(struct gsm_trans *trans)
86{
87 if (osmo_timer_pending(&trans->cc.timer_guard)) {
88 DEBUGP(DCC, "(sub %s) stopping pending guard timer\n",
89 vlr_subscr_msisdn_or_name(trans->vsub));
90 osmo_timer_del(&trans->cc.timer_guard);
91 }
92}
93
94static void gsm48_start_guard_timer(struct gsm_trans *trans)
95{
96 /* NOTE: The purpose of this timer is to prevent the cc state machine
97 * from hanging in cases where mncc, gsm48 or both become unresponsive
98 * for some reason. The timer is started initially with the setup from
99 * the gsm48 side and then re-started with every incoming mncc message.
100 * Once the mncc state reaches its active state the timer is stopped.
101 * So if the cc state machine does not show any activity for an
102 * extended amount of time during call setup or teardown the guard
103 * timer will time out and hard-clear the connection. */
104 if (osmo_timer_pending(&trans->cc.timer_guard))
105 gsm48_stop_guard_timer(trans);
106 DEBUGP(DCC, "(sub %s) starting guard timer with %d seconds\n",
107 vlr_subscr_msisdn_or_name(trans->vsub),
108 trans->net->mncc_guard_timeout);
109 osmo_timer_setup(&trans->cc.timer_guard, gsm48_cc_guard_timeout, trans);
110 osmo_timer_schedule(&trans->cc.timer_guard,
111 trans->net->mncc_guard_timeout, 0);
112}
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]113
114/* Call Control */
115
116void cc_tx_to_mncc(struct gsm_network *net, struct msgb *msg)
117{
118 net->mncc_recv(net, msg);
119}
120
121int gsm48_cc_tx_notify_ss(struct gsm_trans *trans, const char *message)
122{
123 struct gsm48_hdr *gh;
124 struct msgb *ss_notify;
125
126 ss_notify = gsm0480_create_notifySS(message);
127 if (!ss_notify)
128 return -1;
129
130 gsm0480_wrap_invoke(ss_notify, GSM0480_OP_CODE_NOTIFY_SS, 0);
131 uint8_t *data = msgb_push(ss_notify, 1);
132 data[0] = ss_notify->len - 1;
133 gh = (struct gsm48_hdr *) msgb_push(ss_notify, sizeof(*gh));
134 gh->msg_type = GSM48_MT_CC_FACILITY;
135 return gsm48_conn_sendmsg(ss_notify, trans->conn, trans);
136}
137
138/* FIXME: this count_statistics is a state machine behaviour. we should convert
139 * the complete call control into a state machine. Afterwards we can move this
140 * code into state transitions.
141 */
142static void count_statistics(struct gsm_trans *trans, int new_state)
143{
144 int old_state = trans->cc.state;
145 struct rate_ctr_group *msc = trans->net->msc_ctrs;
146
147 if (old_state == new_state)
148 return;
149
150 /* state incoming */
151 switch (new_state) {
152 case GSM_CSTATE_ACTIVE:
153 osmo_counter_inc(trans->net->active_calls);
154 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_ACTIVE]);
155 break;
156 }
157
158 /* state outgoing */
159 switch (old_state) {
160 case GSM_CSTATE_ACTIVE:
161 osmo_counter_dec(trans->net->active_calls);
162 if (new_state == GSM_CSTATE_DISCONNECT_REQ ||
163 new_state == GSM_CSTATE_DISCONNECT_IND)
164 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_COMPLETE]);
165 else
166 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_INCOMPLETE]);
167 break;
168 }
169}
170
171/* The entire call control code is written in accordance with Figure 7.10c
172 * for 'very early assignment', i.e. we allocate a TCH/F during IMMEDIATE
173 * ASSIGN, then first use that TCH/F for signalling and later MODE MODIFY
174 * it for voice */
175
176static void new_cc_state(struct gsm_trans *trans, int state)
177{
178 if (state > 31 || state < 0)
179 return;
180
181 DEBUGP(DCC, "(ti %02x sub %s) new state %s -> %s\n",
182 trans->transaction_id,
183 vlr_subscr_name(trans->vsub),
184 gsm48_cc_state_name(trans->cc.state),
185 gsm48_cc_state_name(state));
186
187 count_statistics(trans, state);
188 trans->cc.state = state;
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame^]189
190 /* Stop the guard timer when a call reaches the active state */
191 if (state == GSM_CSTATE_ACTIVE)
192 gsm48_stop_guard_timer(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]193}
194
195static int gsm48_cc_tx_status(struct gsm_trans *trans, void *arg)
196{
197 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC STATUS");
198 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
199 uint8_t *cause, *call_state;
200
201 gh->msg_type = GSM48_MT_CC_STATUS;
202
203 cause = msgb_put(msg, 3);
204 cause[0] = 2;
205 cause[1] = GSM48_CAUSE_CS_GSM | GSM48_CAUSE_LOC_USER;
206 cause[2] = 0x80 | 30; /* response to status inquiry */
207
208 call_state = msgb_put(msg, 1);
209 call_state[0] = 0xc0 | 0x00;
210
211 return gsm48_conn_sendmsg(msg, trans->conn, trans);
212}
213
214static void gsm48_stop_cc_timer(struct gsm_trans *trans)
215{
216 if (osmo_timer_pending(&trans->cc.timer)) {
217 DEBUGP(DCC, "stopping pending timer T%x\n", trans->cc.Tcurrent);
218 osmo_timer_del(&trans->cc.timer);
219 trans->cc.Tcurrent = 0;
220 }
221}
222
223static int mncc_recvmsg(struct gsm_network *net, struct gsm_trans *trans,
224 int msg_type, struct gsm_mncc *mncc)
225{
226 struct msgb *msg;
227 unsigned char *data;
228
229 DEBUGP(DMNCC, "transmit message %s\n", get_mncc_name(msg_type));
230
231#if BEFORE_MSCSPLIT
232 /* Re-enable this log output once we can obtain this information via
233 * A-interface, see OS#2391. */
234 if (trans)
235 if (trans->conn && trans->conn->lchan)
236 DEBUGP(DCC, "(bts %d trx %d ts %d ti %x sub %s) "
237 "Sending '%s' to MNCC.\n",
238 trans->conn->lchan->ts->trx->bts->nr,
239 trans->conn->lchan->ts->trx->nr,
240 trans->conn->lchan->ts->nr, trans->transaction_id,
241 vlr_subscr_msisdn_or_name(trans->vsub),
242 get_mncc_name(msg_type));
243 else
244 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
245 "Sending '%s' to MNCC.\n",
246 vlr_subscr_msisdn_or_name(trans->vsub),
247 get_mncc_name(msg_type));
248 else
249 DEBUGP(DCC, "(bts - trx - ts - ti -- sub -) "
250 "Sending '%s' to MNCC.\n", get_mncc_name(msg_type));
251#else
252 DEBUGP(DCC, "Sending '%s' to MNCC.\n", get_mncc_name(msg_type));
253#endif
254
255 mncc->msg_type = msg_type;
256
257 msg = msgb_alloc(sizeof(struct gsm_mncc), "MNCC");
258 if (!msg)
259 return -ENOMEM;
260
261 data = msgb_put(msg, sizeof(struct gsm_mncc));
262 memcpy(data, mncc, sizeof(struct gsm_mncc));
263
264 cc_tx_to_mncc(net, msg);
265
266 return 0;
267}
268
269int mncc_release_ind(struct gsm_network *net, struct gsm_trans *trans,
270 uint32_t callref, int location, int value)
271{
272 struct gsm_mncc rel;
273
274 memset(&rel, 0, sizeof(rel));
275 rel.callref = callref;
276 mncc_set_cause(&rel, location, value);
277 if (trans && trans->cc.state == GSM_CSTATE_RELEASE_REQ)
278 return mncc_recvmsg(net, trans, MNCC_REL_CNF, &rel);
279 return mncc_recvmsg(net, trans, MNCC_REL_IND, &rel);
280}
281
282/* Call Control Specific transaction release.
283 * gets called by trans_free, DO NOT CALL YOURSELF! */
284void _gsm48_cc_trans_free(struct gsm_trans *trans)
285{
286 gsm48_stop_cc_timer(trans);
287
288 /* Initiate the teardown of the related connections on the MGW */
289 msc_mgcp_call_release(trans);
290
291 /* send release to L4, if callref still exists */
292 if (trans->callref) {
293 /* Ressource unavailable */
294 mncc_release_ind(trans->net, trans, trans->callref,
295 GSM48_CAUSE_LOC_PRN_S_LU,
296 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
297 /* This is a final freeing of the transaction. The MNCC release may have triggered the
298 * T308 release timer, but we don't have the luxury of graceful CC Release here. */
299 gsm48_stop_cc_timer(trans);
300 }
301 if (trans->cc.state != GSM_CSTATE_NULL)
302 new_cc_state(trans, GSM_CSTATE_NULL);
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame^]303
304 gsm48_stop_guard_timer(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]305}
306
307static int gsm48_cc_tx_setup(struct gsm_trans *trans, void *arg);
308
309/* call-back from paging the B-end of the connection */
310static int setup_trig_pag_evt(unsigned int hooknum, unsigned int event,
311 struct msgb *msg, void *_conn, void *_transt)
312{
313 struct gsm_subscriber_connection *conn = _conn;
314 struct gsm_trans *transt = _transt;
315 enum gsm_paging_event paging_event = event;
316
317 OSMO_ASSERT(!transt->conn);
318
319 switch (paging_event) {
320 case GSM_PAGING_SUCCEEDED:
321 DEBUGP(DCC, "Paging subscr %s succeeded!\n",
322 vlr_subscr_msisdn_or_name(transt->vsub));
323 OSMO_ASSERT(conn);
324 /* Assign conn */
325 transt->conn = msc_subscr_conn_get(conn, MSC_CONN_USE_TRANS_CC);
326 transt->paging_request = NULL;
327 /* send SETUP request to called party */
328 gsm48_cc_tx_setup(transt, &transt->cc.msg);
329 break;
330 case GSM_PAGING_EXPIRED:
331 case GSM_PAGING_BUSY:
332 DEBUGP(DCC, "Paging subscr %s %s!\n",
333 vlr_subscr_msisdn_or_name(transt->vsub),
334 paging_event == GSM_PAGING_EXPIRED ? "expired" : "busy");
335 /* Temporarily out of order */
336 mncc_release_ind(transt->net, transt,
337 transt->callref,
338 GSM48_CAUSE_LOC_PRN_S_LU,
339 GSM48_CC_CAUSE_DEST_OOO);
340 transt->callref = 0;
341 transt->paging_request = NULL;
342 trans_free(transt);
343 break;
344 }
345
346 return 0;
347}
348
349/* bridge channels of two transactions */
350static int tch_bridge(struct gsm_network *net, struct gsm_mncc_bridge *bridge)
351{
352 struct gsm_trans *trans1 = trans_find_by_callref(net, bridge->callref[0]);
353 struct gsm_trans *trans2 = trans_find_by_callref(net, bridge->callref[1]);
354 int rc;
355
356 if (!trans1 || !trans2)
357 return -EIO;
358
359 if (!trans1->conn || !trans2->conn)
360 return -EIO;
361
362 /* Which subscriber do we want to track trans1 or trans2? */
363 log_set_context(LOG_CTX_VLR_SUBSCR, trans1->vsub);
364
Philipp Maier8ad3dac2018-08-07 13:00:14 +0200[diff] [blame]365 /* This call briding mechanism is only used with the internal MNCC.
366 * functionality (with external MNCC briding would be done by the PBX)
367 * This means we may just copy the codec info we have for the RAN side
368 * of the first leg to the CN side of both legs. This also means that
369 * if both legs use different codecs the MGW must perform transcoding
370 * on the second leg. */
371 trans1->conn->rtp.codec_cn = trans1->conn->rtp.codec_ran;
372 trans2->conn->rtp.codec_cn = trans1->conn->rtp.codec_ran;
373
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]374 /* Bridge RTP streams */
375 rc = msc_mgcp_call_complete(trans1, trans2->conn->rtp.local_port_cn,
376 trans2->conn->rtp.local_addr_cn);
377 if (rc)
378 return -EINVAL;
379
380 rc = msc_mgcp_call_complete(trans2, trans1->conn->rtp.local_port_cn,
381 trans1->conn->rtp.local_addr_cn);
382 if (rc)
383 return -EINVAL;
384
385 return 0;
386}
387
388static int gsm48_cc_rx_status_enq(struct gsm_trans *trans, struct msgb *msg)
389{
390 DEBUGP(DCC, "-> STATUS ENQ\n");
391 return gsm48_cc_tx_status(trans, msg);
392}
393
394static int gsm48_cc_tx_release(struct gsm_trans *trans, void *arg);
395static int gsm48_cc_tx_disconnect(struct gsm_trans *trans, void *arg);
396
397static void gsm48_cc_timeout(void *arg)
398{
399 struct gsm_trans *trans = arg;
400 int disconnect = 0, release = 0;
401 int mo_cause = GSM48_CC_CAUSE_RECOVERY_TIMER;
402 int mo_location = GSM48_CAUSE_LOC_USER;
403 int l4_cause = GSM48_CC_CAUSE_NORMAL_UNSPEC;
404 int l4_location = GSM48_CAUSE_LOC_PRN_S_LU;
405 struct gsm_mncc mo_rel, l4_rel;
406
407 memset(&mo_rel, 0, sizeof(struct gsm_mncc));
408 mo_rel.callref = trans->callref;
409 memset(&l4_rel, 0, sizeof(struct gsm_mncc));
410 l4_rel.callref = trans->callref;
411
412 switch(trans->cc.Tcurrent) {
413 case 0x303:
414 release = 1;
415 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
416 break;
417 case 0x310:
418 disconnect = 1;
419 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
420 break;
421 case 0x313:
422 disconnect = 1;
423 /* unknown, did not find it in the specs */
424 break;
425 case 0x301:
426 disconnect = 1;
427 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
428 break;
429 case 0x308:
430 if (!trans->cc.T308_second) {
431 /* restart T308 a second time */
432 gsm48_cc_tx_release(trans, &trans->cc.msg);
433 trans->cc.T308_second = 1;
434 break; /* stay in release state */
435 }
436 trans_free(trans);
437 return;
438 case 0x306:
439 release = 1;
440 mo_cause = trans->cc.msg.cause.value;
441 mo_location = trans->cc.msg.cause.location;
442 break;
443 case 0x323:
444 disconnect = 1;
445 break;
446 default:
447 release = 1;
448 }
449
450 if (release && trans->callref) {
451 /* process release towards layer 4 */
452 mncc_release_ind(trans->net, trans, trans->callref,
453 l4_location, l4_cause);
454 trans->callref = 0;
455 }
456
457 if (disconnect && trans->callref) {
458 /* process disconnect towards layer 4 */
459 mncc_set_cause(&l4_rel, l4_location, l4_cause);
460 mncc_recvmsg(trans->net, trans, MNCC_DISC_IND, &l4_rel);
461 }
462
463 /* process disconnect towards mobile station */
464 if (disconnect || release) {
465 mncc_set_cause(&mo_rel, mo_location, mo_cause);
466 mo_rel.cause.diag[0] = ((trans->cc.Tcurrent & 0xf00) >> 8) + '0';
467 mo_rel.cause.diag[1] = ((trans->cc.Tcurrent & 0x0f0) >> 4) + '0';
468 mo_rel.cause.diag[2] = (trans->cc.Tcurrent & 0x00f) + '0';
469 mo_rel.cause.diag_len = 3;
470
471 if (disconnect)
472 gsm48_cc_tx_disconnect(trans, &mo_rel);
473 if (release)
474 gsm48_cc_tx_release(trans, &mo_rel);
475 }
476
477}
478
479/* disconnect both calls from the bridge */
480static inline void disconnect_bridge(struct gsm_network *net,
481 struct gsm_mncc_bridge *bridge, int err)
482{
483 struct gsm_trans *trans0 = trans_find_by_callref(net, bridge->callref[0]);
484 struct gsm_trans *trans1 = trans_find_by_callref(net, bridge->callref[1]);
485 struct gsm_mncc mx_rel;
486 if (!trans0 || !trans1)
487 return;
488
489 DEBUGP(DCC, "Failed to bridge TCH for calls %x <-> %x :: %s \n",
490 trans0->callref, trans1->callref, strerror(err));
491
492 memset(&mx_rel, 0, sizeof(struct gsm_mncc));
493 mncc_set_cause(&mx_rel, GSM48_CAUSE_LOC_INN_NET,
494 GSM48_CC_CAUSE_CHAN_UNACCEPT);
495
496 mx_rel.callref = trans0->callref;
497 gsm48_cc_tx_disconnect(trans0, &mx_rel);
498
499 mx_rel.callref = trans1->callref;
500 gsm48_cc_tx_disconnect(trans1, &mx_rel);
501}
502
503static void gsm48_start_cc_timer(struct gsm_trans *trans, int current,
504 int sec, int micro)
505{
506 DEBUGP(DCC, "starting timer T%x with %d seconds\n", current, sec);
507 osmo_timer_setup(&trans->cc.timer, gsm48_cc_timeout, trans);
508 osmo_timer_schedule(&trans->cc.timer, sec, micro);
509 trans->cc.Tcurrent = current;
510}
511
512static int gsm48_cc_rx_setup(struct gsm_trans *trans, struct msgb *msg)
513{
514 struct gsm48_hdr *gh = msgb_l3(msg);
515 uint8_t msg_type = gsm48_hdr_msg_type(gh);
516 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
517 struct tlv_parsed tp;
518 struct gsm_mncc setup;
519
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame^]520 gsm48_start_guard_timer(trans);
521
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]522 memset(&setup, 0, sizeof(struct gsm_mncc));
523 setup.callref = trans->callref;
524
525 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
526 /* emergency setup is identified by msg_type */
527 if (msg_type == GSM48_MT_CC_EMERG_SETUP) {
528 setup.fields |= MNCC_F_EMERGENCY;
529 setup.emergency = 1;
530 /* use destination number as configured by user (if any) */
531 if (trans->net->emergency.route_to_msisdn) {
532 setup.fields |= MNCC_F_CALLED;
533 setup.called.type = 0; /* unknown */
534 setup.called.plan = 0; /* unknown */
535 OSMO_STRLCPY_ARRAY(setup.called.number,
536 trans->net->emergency.route_to_msisdn);
537 }
538 }
539
540 /* use subscriber as calling party number */
541 setup.fields |= MNCC_F_CALLING;
542 OSMO_STRLCPY_ARRAY(setup.calling.number, trans->vsub->msisdn);
543 OSMO_STRLCPY_ARRAY(setup.imsi, trans->vsub->imsi);
544
545 /* bearer capability */
546 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
547 setup.fields |= MNCC_F_BEARER_CAP;
548 gsm48_decode_bearer_cap(&setup.bearer_cap,
549 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
550
551 /* Create a copy of the bearer capability
552 * in the transaction struct, so we can use
553 * this information later */
554 memcpy(&trans->bearer_cap,&setup.bearer_cap,
555 sizeof(trans->bearer_cap));
556 }
557 /* facility */
558 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
559 setup.fields |= MNCC_F_FACILITY;
560 gsm48_decode_facility(&setup.facility,
561 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
562 }
563 /* called party bcd number */
564 if (TLVP_PRESENT(&tp, GSM48_IE_CALLED_BCD)) {
565 setup.fields |= MNCC_F_CALLED;
566 gsm48_decode_called(&setup.called,
567 TLVP_VAL(&tp, GSM48_IE_CALLED_BCD)-1);
568 }
569 /* user-user */
570 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
571 setup.fields |= MNCC_F_USERUSER;
572 gsm48_decode_useruser(&setup.useruser,
573 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
574 }
575 /* ss-version */
576 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
577 setup.fields |= MNCC_F_SSVERSION;
578 gsm48_decode_ssversion(&setup.ssversion,
579 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
580 }
581 /* CLIR suppression */
582 if (TLVP_PRESENT(&tp, GSM48_IE_CLIR_SUPP))
583 setup.clir.sup = 1;
584 /* CLIR invocation */
585 if (TLVP_PRESENT(&tp, GSM48_IE_CLIR_INVOC))
586 setup.clir.inv = 1;
587 /* cc cap */
588 if (TLVP_PRESENT(&tp, GSM48_IE_CC_CAP)) {
589 setup.fields |= MNCC_F_CCCAP;
590 gsm48_decode_cccap(&setup.cccap,
591 TLVP_VAL(&tp, GSM48_IE_CC_CAP)-1);
592 }
593
594 new_cc_state(trans, GSM_CSTATE_INITIATED);
595
596 LOGP(DCC, setup.emergency ? LOGL_NOTICE : LOGL_INFO, "Subscriber %s (%s) sends %sSETUP to %s\n",
597 vlr_subscr_name(trans->vsub), trans->vsub->msisdn, setup.emergency ? "EMERGENCY_" : "",
598 setup.called.number);
599
600 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MO_SETUP]);
601
602 /* indicate setup to MNCC */
603 mncc_recvmsg(trans->net, trans, MNCC_SETUP_IND, &setup);
604
605 /* MNCC code will modify the channel asynchronously, we should
606 * ipaccess-bind only after the modification has been made to the
607 * lchan->tch_mode */
608 return 0;
609}
610
611static int gsm48_cc_tx_setup(struct gsm_trans *trans, void *arg)
612{
613 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC STUP");
614 struct gsm48_hdr *gh;
615 struct gsm_mncc *setup = arg;
616 int rc, trans_id;
617
618 gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
619
620 /* transaction id must not be assigned */
621 if (trans->transaction_id != 0xff) { /* unasssigned */
622 DEBUGP(DCC, "TX Setup with assigned transaction. "
623 "This is not allowed!\n");
624 /* Temporarily out of order */
625 rc = mncc_release_ind(trans->net, trans, trans->callref,
626 GSM48_CAUSE_LOC_PRN_S_LU,
627 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
628 trans->callref = 0;
629 trans_free(trans);
630 return rc;
631 }
632
633 /* Get free transaction_id */
634 trans_id = trans_assign_trans_id(trans->net, trans->vsub,
635 GSM48_PDISC_CC, 0);
636 if (trans_id < 0) {
637 /* no free transaction ID */
638 rc = mncc_release_ind(trans->net, trans, trans->callref,
639 GSM48_CAUSE_LOC_PRN_S_LU,
640 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
641 trans->callref = 0;
642 trans_free(trans);
643 return rc;
644 }
645 trans->transaction_id = trans_id;
646
647 gh->msg_type = GSM48_MT_CC_SETUP;
648
649 gsm48_start_cc_timer(trans, 0x303, GSM48_T303);
650
651 /* bearer capability */
652 if (setup->fields & MNCC_F_BEARER_CAP) {
653 /* Create a copy of the bearer capability in the transaction struct, so we
654 * can use this information later */
655 memcpy(&trans->bearer_cap, &setup->bearer_cap, sizeof(trans->bearer_cap));
656 gsm48_encode_bearer_cap(msg, 0, &setup->bearer_cap);
657 }
658 /* facility */
659 if (setup->fields & MNCC_F_FACILITY)
660 gsm48_encode_facility(msg, 0, &setup->facility);
661 /* progress */
662 if (setup->fields & MNCC_F_PROGRESS)
663 gsm48_encode_progress(msg, 0, &setup->progress);
664 /* calling party BCD number */
665 if (setup->fields & MNCC_F_CALLING)
666 gsm48_encode_calling(msg, &setup->calling);
667 /* called party BCD number */
668 if (setup->fields & MNCC_F_CALLED)
669 gsm48_encode_called(msg, &setup->called);
670 /* user-user */
671 if (setup->fields & MNCC_F_USERUSER)
672 gsm48_encode_useruser(msg, 0, &setup->useruser);
673 /* redirecting party BCD number */
674 if (setup->fields & MNCC_F_REDIRECTING)
675 gsm48_encode_redirecting(msg, &setup->redirecting);
676 /* signal */
677 if (setup->fields & MNCC_F_SIGNAL)
678 gsm48_encode_signal(msg, setup->signal);
679
680 new_cc_state(trans, GSM_CSTATE_CALL_PRESENT);
681
682 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MT_SETUP]);
683
684 return gsm48_conn_sendmsg(msg, trans->conn, trans);
685}
686
687static int gsm48_cc_rx_call_conf(struct gsm_trans *trans, struct msgb *msg)
688{
689 struct gsm48_hdr *gh = msgb_l3(msg);
690 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
691 struct tlv_parsed tp;
692 struct gsm_mncc call_conf;
693 int rc;
694
695 gsm48_stop_cc_timer(trans);
696 gsm48_start_cc_timer(trans, 0x310, GSM48_T310);
697
698 memset(&call_conf, 0, sizeof(struct gsm_mncc));
699 call_conf.callref = trans->callref;
700
701 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
702#if 0
703 /* repeat */
704 if (TLVP_PRESENT(&tp, GSM48_IE_REPEAT_CIR))
705 call_conf.repeat = 1;
706 if (TLVP_PRESENT(&tp, GSM48_IE_REPEAT_SEQ))
707 call_conf.repeat = 2;
708#endif
709 /* bearer capability */
710 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
711 call_conf.fields |= MNCC_F_BEARER_CAP;
712 gsm48_decode_bearer_cap(&call_conf.bearer_cap,
713 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
714
715 /* Create a copy of the bearer capability
716 * in the transaction struct, so we can use
717 * this information later */
718 memcpy(&trans->bearer_cap,&call_conf.bearer_cap,
719 sizeof(trans->bearer_cap));
720 }
721 /* cause */
722 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
723 call_conf.fields |= MNCC_F_CAUSE;
724 gsm48_decode_cause(&call_conf.cause,
725 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
726 }
727 /* cc cap */
728 if (TLVP_PRESENT(&tp, GSM48_IE_CC_CAP)) {
729 call_conf.fields |= MNCC_F_CCCAP;
730 gsm48_decode_cccap(&call_conf.cccap,
731 TLVP_VAL(&tp, GSM48_IE_CC_CAP)-1);
732 }
733
734 /* IMSI of called subscriber */
735 OSMO_STRLCPY_ARRAY(call_conf.imsi, trans->vsub->imsi);
736
737 new_cc_state(trans, GSM_CSTATE_MO_TERM_CALL_CONF);
738
739 /* Assign call (if not done yet) */
740 if (trans->assignment_done == false) {
741 rc = msc_mgcp_call_assignment(trans);
742 trans->assignment_done = true;
743 }
744 else
745 rc = 0;
746
747 /* don't continue, if there were problems with
748 * the call assignment. */
749 if (rc)
750 return rc;
751
752 return mncc_recvmsg(trans->net, trans, MNCC_CALL_CONF_IND,
753 &call_conf);
754}
755
756static int gsm48_cc_tx_call_proc_and_assign(struct gsm_trans *trans, void *arg)
757{
758 struct gsm_mncc *proceeding = arg;
759 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC PROC");
760 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
761 int rc;
762
763 gh->msg_type = GSM48_MT_CC_CALL_PROC;
764
765 new_cc_state(trans, GSM_CSTATE_MO_CALL_PROC);
766
767 /* bearer capability */
768 if (proceeding->fields & MNCC_F_BEARER_CAP) {
769 gsm48_encode_bearer_cap(msg, 0, &proceeding->bearer_cap);
770 memcpy(&trans->bearer_cap, &proceeding->bearer_cap, sizeof(trans->bearer_cap));
771 }
772 /* facility */
773 if (proceeding->fields & MNCC_F_FACILITY)
774 gsm48_encode_facility(msg, 0, &proceeding->facility);
775 /* progress */
776 if (proceeding->fields & MNCC_F_PROGRESS)
777 gsm48_encode_progress(msg, 0, &proceeding->progress);
778
779 rc = gsm48_conn_sendmsg(msg, trans->conn, trans);
780 if (rc)
781 return rc;
782
783 /* Assign call (if not done yet) */
784 if (trans->assignment_done == false) {
785 rc = msc_mgcp_call_assignment(trans);
786 trans->assignment_done = true;
787 }
788 else
789 rc = 0;
790
791 return rc;
792}
793
794static int gsm48_cc_rx_alerting(struct gsm_trans *trans, struct msgb *msg)
795{
796 struct gsm48_hdr *gh = msgb_l3(msg);
797 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
798 struct tlv_parsed tp;
799 struct gsm_mncc alerting;
800
801 gsm48_stop_cc_timer(trans);
802 gsm48_start_cc_timer(trans, 0x301, GSM48_T301);
803
804 memset(&alerting, 0, sizeof(struct gsm_mncc));
805 alerting.callref = trans->callref;
806 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
807 /* facility */
808 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
809 alerting.fields |= MNCC_F_FACILITY;
810 gsm48_decode_facility(&alerting.facility,
811 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
812 }
813
814 /* progress */
815 if (TLVP_PRESENT(&tp, GSM48_IE_PROGR_IND)) {
816 alerting.fields |= MNCC_F_PROGRESS;
817 gsm48_decode_progress(&alerting.progress,
818 TLVP_VAL(&tp, GSM48_IE_PROGR_IND)-1);
819 }
820 /* ss-version */
821 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
822 alerting.fields |= MNCC_F_SSVERSION;
823 gsm48_decode_ssversion(&alerting.ssversion,
824 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
825 }
826
827 new_cc_state(trans, GSM_CSTATE_CALL_RECEIVED);
828
829 return mncc_recvmsg(trans->net, trans, MNCC_ALERT_IND,
830 &alerting);
831}
832
833static int gsm48_cc_tx_alerting(struct gsm_trans *trans, void *arg)
834{
835 struct gsm_mncc *alerting = arg;
836 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC ALERT");
837 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
838
839 gh->msg_type = GSM48_MT_CC_ALERTING;
840
841 /* facility */
842 if (alerting->fields & MNCC_F_FACILITY)
843 gsm48_encode_facility(msg, 0, &alerting->facility);
844 /* progress */
845 if (alerting->fields & MNCC_F_PROGRESS)
846 gsm48_encode_progress(msg, 0, &alerting->progress);
847 /* user-user */
848 if (alerting->fields & MNCC_F_USERUSER)
849 gsm48_encode_useruser(msg, 0, &alerting->useruser);
850
851 new_cc_state(trans, GSM_CSTATE_CALL_DELIVERED);
852
853 return gsm48_conn_sendmsg(msg, trans->conn, trans);
854}
855
856static int gsm48_cc_tx_progress(struct gsm_trans *trans, void *arg)
857{
858 struct gsm_mncc *progress = arg;
859 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC PROGRESS");
860 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
861
862 gh->msg_type = GSM48_MT_CC_PROGRESS;
863
864 /* progress */
865 gsm48_encode_progress(msg, 1, &progress->progress);
866 /* user-user */
867 if (progress->fields & MNCC_F_USERUSER)
868 gsm48_encode_useruser(msg, 0, &progress->useruser);
869
870 return gsm48_conn_sendmsg(msg, trans->conn, trans);
871}
872
873static int gsm48_cc_tx_connect(struct gsm_trans *trans, void *arg)
874{
875 struct gsm_mncc *connect = arg;
876 struct msgb *msg = gsm48_msgb_alloc_name("GSN 04.08 CC CON");
877 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
878
879 gh->msg_type = GSM48_MT_CC_CONNECT;
880
881 gsm48_stop_cc_timer(trans);
882 gsm48_start_cc_timer(trans, 0x313, GSM48_T313);
883
884 /* facility */
885 if (connect->fields & MNCC_F_FACILITY)
886 gsm48_encode_facility(msg, 0, &connect->facility);
887 /* progress */
888 if (connect->fields & MNCC_F_PROGRESS)
889 gsm48_encode_progress(msg, 0, &connect->progress);
890 /* connected number */
891 if (connect->fields & MNCC_F_CONNECTED)
892 gsm48_encode_connected(msg, &connect->connected);
893 /* user-user */
894 if (connect->fields & MNCC_F_USERUSER)
895 gsm48_encode_useruser(msg, 0, &connect->useruser);
896
897 new_cc_state(trans, GSM_CSTATE_CONNECT_IND);
898
899 return gsm48_conn_sendmsg(msg, trans->conn, trans);
900}
901
902static int gsm48_cc_rx_connect(struct gsm_trans *trans, struct msgb *msg)
903{
904 struct gsm48_hdr *gh = msgb_l3(msg);
905 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
906 struct tlv_parsed tp;
907 struct gsm_mncc connect;
908
909 gsm48_stop_cc_timer(trans);
910
911 memset(&connect, 0, sizeof(struct gsm_mncc));
912 connect.callref = trans->callref;
913 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
914 /* use subscriber as connected party number */
915 connect.fields |= MNCC_F_CONNECTED;
916 OSMO_STRLCPY_ARRAY(connect.connected.number, trans->vsub->msisdn);
917 OSMO_STRLCPY_ARRAY(connect.imsi, trans->vsub->imsi);
918
919 /* facility */
920 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
921 connect.fields |= MNCC_F_FACILITY;
922 gsm48_decode_facility(&connect.facility,
923 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
924 }
925 /* user-user */
926 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
927 connect.fields |= MNCC_F_USERUSER;
928 gsm48_decode_useruser(&connect.useruser,
929 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
930 }
931 /* ss-version */
932 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
933 connect.fields |= MNCC_F_SSVERSION;
934 gsm48_decode_ssversion(&connect.ssversion,
935 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
936 }
937
938 new_cc_state(trans, GSM_CSTATE_CONNECT_REQUEST);
939 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MT_CONNECT]);
940
941 return mncc_recvmsg(trans->net, trans, MNCC_SETUP_CNF, &connect);
942}
943
944
945static int gsm48_cc_rx_connect_ack(struct gsm_trans *trans, struct msgb *msg)
946{
947 struct gsm_mncc connect_ack;
948
949 gsm48_stop_cc_timer(trans);
950
951 new_cc_state(trans, GSM_CSTATE_ACTIVE);
952 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MO_CONNECT_ACK]);
953
954 memset(&connect_ack, 0, sizeof(struct gsm_mncc));
955 connect_ack.callref = trans->callref;
956
957 return mncc_recvmsg(trans->net, trans, MNCC_SETUP_COMPL_IND,
958 &connect_ack);
959}
960
961static int gsm48_cc_tx_connect_ack(struct gsm_trans *trans, void *arg)
962{
963 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC CON ACK");
964 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
965
966 gh->msg_type = GSM48_MT_CC_CONNECT_ACK;
967
968 new_cc_state(trans, GSM_CSTATE_ACTIVE);
969
970 return gsm48_conn_sendmsg(msg, trans->conn, trans);
971}
972
973static int gsm48_cc_rx_disconnect(struct gsm_trans *trans, struct msgb *msg)
974{
975 struct gsm48_hdr *gh = msgb_l3(msg);
976 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
977 struct tlv_parsed tp;
978 struct gsm_mncc disc;
979
980 gsm48_stop_cc_timer(trans);
981
982 new_cc_state(trans, GSM_CSTATE_DISCONNECT_REQ);
983
984 memset(&disc, 0, sizeof(struct gsm_mncc));
985 disc.callref = trans->callref;
986 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_CAUSE, 0);
987 /* cause */
988 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
989 disc.fields |= MNCC_F_CAUSE;
990 gsm48_decode_cause(&disc.cause,
991 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
992 }
993 /* facility */
994 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
995 disc.fields |= MNCC_F_FACILITY;
996 gsm48_decode_facility(&disc.facility,
997 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
998 }
999 /* user-user */
1000 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1001 disc.fields |= MNCC_F_USERUSER;
1002 gsm48_decode_useruser(&disc.useruser,
1003 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1004 }
1005 /* ss-version */
1006 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1007 disc.fields |= MNCC_F_SSVERSION;
1008 gsm48_decode_ssversion(&disc.ssversion,
1009 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1010 }
1011
1012 return mncc_recvmsg(trans->net, trans, MNCC_DISC_IND, &disc);
1013
1014}
1015
1016static struct gsm_mncc_cause default_cause = {
1017 .location = GSM48_CAUSE_LOC_PRN_S_LU,
1018 .coding = 0,
1019 .rec = 0,
1020 .rec_val = 0,
1021 .value = GSM48_CC_CAUSE_NORMAL_UNSPEC,
1022 .diag_len = 0,
1023 .diag = { 0 },
1024};
1025
1026static int gsm48_cc_tx_disconnect(struct gsm_trans *trans, void *arg)
1027{
1028 struct gsm_mncc *disc = arg;
1029 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC DISC");
1030 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1031
1032 gh->msg_type = GSM48_MT_CC_DISCONNECT;
1033
1034 gsm48_stop_cc_timer(trans);
1035 gsm48_start_cc_timer(trans, 0x306, GSM48_T306);
1036
1037 /* cause */
1038 if (disc->fields & MNCC_F_CAUSE)
1039 gsm48_encode_cause(msg, 1, &disc->cause);
1040 else
1041 gsm48_encode_cause(msg, 1, &default_cause);
1042
1043 /* facility */
1044 if (disc->fields & MNCC_F_FACILITY)
1045 gsm48_encode_facility(msg, 0, &disc->facility);
1046 /* progress */
1047 if (disc->fields & MNCC_F_PROGRESS)
1048 gsm48_encode_progress(msg, 0, &disc->progress);
1049 /* user-user */
1050 if (disc->fields & MNCC_F_USERUSER)
1051 gsm48_encode_useruser(msg, 0, &disc->useruser);
1052
1053 /* store disconnect cause for T306 expiry */
1054 memcpy(&trans->cc.msg, disc, sizeof(struct gsm_mncc));
1055
1056 new_cc_state(trans, GSM_CSTATE_DISCONNECT_IND);
1057
1058 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1059}
1060
1061static int gsm48_cc_rx_release(struct gsm_trans *trans, struct msgb *msg)
1062{
1063 struct gsm48_hdr *gh = msgb_l3(msg);
1064 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1065 struct tlv_parsed tp;
1066 struct gsm_mncc rel;
1067 int rc;
1068
1069 gsm48_stop_cc_timer(trans);
1070
1071 memset(&rel, 0, sizeof(struct gsm_mncc));
1072 rel.callref = trans->callref;
1073 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1074 /* cause */
1075 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1076 rel.fields |= MNCC_F_CAUSE;
1077 gsm48_decode_cause(&rel.cause,
1078 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1079 }
1080 /* facility */
1081 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1082 rel.fields |= MNCC_F_FACILITY;
1083 gsm48_decode_facility(&rel.facility,
1084 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1085 }
1086 /* user-user */
1087 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1088 rel.fields |= MNCC_F_USERUSER;
1089 gsm48_decode_useruser(&rel.useruser,
1090 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1091 }
1092 /* ss-version */
1093 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1094 rel.fields |= MNCC_F_SSVERSION;
1095 gsm48_decode_ssversion(&rel.ssversion,
1096 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1097 }
1098
1099 if (trans->cc.state == GSM_CSTATE_RELEASE_REQ) {
1100 /* release collision 5.4.5 */
1101 rc = mncc_recvmsg(trans->net, trans, MNCC_REL_CNF, &rel);
1102 } else {
1103 rc = gsm48_tx_simple(trans->conn,
1104 GSM48_PDISC_CC | (trans->transaction_id << 4),
1105 GSM48_MT_CC_RELEASE_COMPL);
1106 rc = mncc_recvmsg(trans->net, trans, MNCC_REL_IND, &rel);
1107 }
1108
1109 new_cc_state(trans, GSM_CSTATE_NULL);
1110
1111 trans->callref = 0;
1112 trans_free(trans);
1113
1114 return rc;
1115}
1116
1117static int gsm48_cc_tx_release(struct gsm_trans *trans, void *arg)
1118{
1119 struct gsm_mncc *rel = arg;
1120 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC REL");
1121 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1122
1123 gh->msg_type = GSM48_MT_CC_RELEASE;
1124
1125 gsm48_stop_cc_timer(trans);
1126 gsm48_start_cc_timer(trans, 0x308, GSM48_T308);
1127
1128 /* cause */
1129 if (rel->fields & MNCC_F_CAUSE)
1130 gsm48_encode_cause(msg, 0, &rel->cause);
1131 /* facility */
1132 if (rel->fields & MNCC_F_FACILITY)
1133 gsm48_encode_facility(msg, 0, &rel->facility);
1134 /* user-user */
1135 if (rel->fields & MNCC_F_USERUSER)
1136 gsm48_encode_useruser(msg, 0, &rel->useruser);
1137
1138 trans->cc.T308_second = 0;
1139 memcpy(&trans->cc.msg, rel, sizeof(struct gsm_mncc));
1140
1141 if (trans->cc.state != GSM_CSTATE_RELEASE_REQ)
1142 new_cc_state(trans, GSM_CSTATE_RELEASE_REQ);
1143
1144 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1145}
1146
1147static int gsm48_cc_rx_release_compl(struct gsm_trans *trans, struct msgb *msg)
1148{
1149 struct gsm48_hdr *gh = msgb_l3(msg);
1150 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1151 struct tlv_parsed tp;
1152 struct gsm_mncc rel;
1153 int rc = 0;
1154
1155 gsm48_stop_cc_timer(trans);
1156
1157 memset(&rel, 0, sizeof(struct gsm_mncc));
1158 rel.callref = trans->callref;
1159 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1160 /* cause */
1161 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1162 rel.fields |= MNCC_F_CAUSE;
1163 gsm48_decode_cause(&rel.cause,
1164 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1165 }
1166 /* facility */
1167 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1168 rel.fields |= MNCC_F_FACILITY;
1169 gsm48_decode_facility(&rel.facility,
1170 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1171 }
1172 /* user-user */
1173 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1174 rel.fields |= MNCC_F_USERUSER;
1175 gsm48_decode_useruser(&rel.useruser,
1176 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1177 }
1178 /* ss-version */
1179 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1180 rel.fields |= MNCC_F_SSVERSION;
1181 gsm48_decode_ssversion(&rel.ssversion,
1182 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1183 }
1184
1185 if (trans->callref) {
1186 switch (trans->cc.state) {
1187 case GSM_CSTATE_CALL_PRESENT:
1188 rc = mncc_recvmsg(trans->net, trans,
1189 MNCC_REJ_IND, &rel);
1190 break;
1191 case GSM_CSTATE_RELEASE_REQ:
1192 rc = mncc_recvmsg(trans->net, trans,
1193 MNCC_REL_CNF, &rel);
1194 break;
1195 default:
1196 rc = mncc_recvmsg(trans->net, trans,
1197 MNCC_REL_IND, &rel);
1198 }
1199 }
1200
1201 trans->callref = 0;
1202 trans_free(trans);
1203
1204 return rc;
1205}
1206
1207static int gsm48_cc_tx_release_compl(struct gsm_trans *trans, void *arg)
1208{
1209 struct gsm_mncc *rel = arg;
1210 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC REL COMPL");
1211 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1212 int ret;
1213
1214 gh->msg_type = GSM48_MT_CC_RELEASE_COMPL;
1215
1216 trans->callref = 0;
1217
1218 gsm48_stop_cc_timer(trans);
1219
1220 /* cause */
1221 if (rel->fields & MNCC_F_CAUSE)
1222 gsm48_encode_cause(msg, 0, &rel->cause);
1223 /* facility */
1224 if (rel->fields & MNCC_F_FACILITY)
1225 gsm48_encode_facility(msg, 0, &rel->facility);
1226 /* user-user */
1227 if (rel->fields & MNCC_F_USERUSER)
1228 gsm48_encode_useruser(msg, 0, &rel->useruser);
1229
1230 ret = gsm48_conn_sendmsg(msg, trans->conn, trans);
1231
1232 trans_free(trans);
1233
1234 return ret;
1235}
1236
1237static int gsm48_cc_rx_facility(struct gsm_trans *trans, struct msgb *msg)
1238{
1239 struct gsm48_hdr *gh = msgb_l3(msg);
1240 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1241 struct tlv_parsed tp;
1242 struct gsm_mncc fac;
1243
1244 memset(&fac, 0, sizeof(struct gsm_mncc));
1245 fac.callref = trans->callref;
1246 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_FACILITY, 0);
1247 /* facility */
1248 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1249 fac.fields |= MNCC_F_FACILITY;
1250 gsm48_decode_facility(&fac.facility,
1251 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1252 }
1253 /* ss-version */
1254 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1255 fac.fields |= MNCC_F_SSVERSION;
1256 gsm48_decode_ssversion(&fac.ssversion,
1257 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1258 }
1259
1260 return mncc_recvmsg(trans->net, trans, MNCC_FACILITY_IND, &fac);
1261}
1262
1263static int gsm48_cc_tx_facility(struct gsm_trans *trans, void *arg)
1264{
1265 struct gsm_mncc *fac = arg;
1266 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC FAC");
1267 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1268
1269 gh->msg_type = GSM48_MT_CC_FACILITY;
1270
1271 /* facility */
1272 gsm48_encode_facility(msg, 1, &fac->facility);
1273
1274 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1275}
1276
1277static int gsm48_cc_rx_hold(struct gsm_trans *trans, struct msgb *msg)
1278{
1279 struct gsm_mncc hold;
1280
1281 memset(&hold, 0, sizeof(struct gsm_mncc));
1282 hold.callref = trans->callref;
1283 return mncc_recvmsg(trans->net, trans, MNCC_HOLD_IND, &hold);
1284}
1285
1286static int gsm48_cc_tx_hold_ack(struct gsm_trans *trans, void *arg)
1287{
1288 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC HLD ACK");
1289 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1290
1291 gh->msg_type = GSM48_MT_CC_HOLD_ACK;
1292
1293 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1294}
1295
1296static int gsm48_cc_tx_hold_rej(struct gsm_trans *trans, void *arg)
1297{
1298 struct gsm_mncc *hold_rej = arg;
1299 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC HLD REJ");
1300 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1301
1302 gh->msg_type = GSM48_MT_CC_HOLD_REJ;
1303
1304 /* cause */
1305 if (hold_rej->fields & MNCC_F_CAUSE)
1306 gsm48_encode_cause(msg, 1, &hold_rej->cause);
1307 else
1308 gsm48_encode_cause(msg, 1, &default_cause);
1309
1310 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1311}
1312
1313static int gsm48_cc_rx_retrieve(struct gsm_trans *trans, struct msgb *msg)
1314{
1315 struct gsm_mncc retrieve;
1316
1317 memset(&retrieve, 0, sizeof(struct gsm_mncc));
1318 retrieve.callref = trans->callref;
1319 return mncc_recvmsg(trans->net, trans, MNCC_RETRIEVE_IND,
1320 &retrieve);
1321}
1322
1323static int gsm48_cc_tx_retrieve_ack(struct gsm_trans *trans, void *arg)
1324{
1325 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC RETR ACK");
1326 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1327
1328 gh->msg_type = GSM48_MT_CC_RETR_ACK;
1329
1330 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1331}
1332
1333static int gsm48_cc_tx_retrieve_rej(struct gsm_trans *trans, void *arg)
1334{
1335 struct gsm_mncc *retrieve_rej = arg;
1336 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC RETR REJ");
1337 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1338
1339 gh->msg_type = GSM48_MT_CC_RETR_REJ;
1340
1341 /* cause */
1342 if (retrieve_rej->fields & MNCC_F_CAUSE)
1343 gsm48_encode_cause(msg, 1, &retrieve_rej->cause);
1344 else
1345 gsm48_encode_cause(msg, 1, &default_cause);
1346
1347 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1348}
1349
1350static int gsm48_cc_rx_start_dtmf(struct gsm_trans *trans, struct msgb *msg)
1351{
1352 struct gsm48_hdr *gh = msgb_l3(msg);
1353 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1354 struct tlv_parsed tp;
1355 struct gsm_mncc dtmf;
1356
1357 memset(&dtmf, 0, sizeof(struct gsm_mncc));
1358 dtmf.callref = trans->callref;
1359 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1360 /* keypad facility */
1361 if (TLVP_PRESENT(&tp, GSM48_IE_KPD_FACILITY)) {
1362 dtmf.fields |= MNCC_F_KEYPAD;
1363 gsm48_decode_keypad(&dtmf.keypad,
1364 TLVP_VAL(&tp, GSM48_IE_KPD_FACILITY)-1);
1365 }
1366
1367 return mncc_recvmsg(trans->net, trans, MNCC_START_DTMF_IND, &dtmf);
1368}
1369
1370static int gsm48_cc_tx_start_dtmf_ack(struct gsm_trans *trans, void *arg)
1371{
1372 struct gsm_mncc *dtmf = arg;
1373 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF ACK");
1374 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1375
1376 gh->msg_type = GSM48_MT_CC_START_DTMF_ACK;
1377
1378 /* keypad */
1379 if (dtmf->fields & MNCC_F_KEYPAD)
1380 gsm48_encode_keypad(msg, dtmf->keypad);
1381
1382 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1383}
1384
1385static int gsm48_cc_tx_start_dtmf_rej(struct gsm_trans *trans, void *arg)
1386{
1387 struct gsm_mncc *dtmf = arg;
1388 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF REJ");
1389 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1390
1391 gh->msg_type = GSM48_MT_CC_START_DTMF_REJ;
1392
1393 /* cause */
1394 if (dtmf->fields & MNCC_F_CAUSE)
1395 gsm48_encode_cause(msg, 1, &dtmf->cause);
1396 else
1397 gsm48_encode_cause(msg, 1, &default_cause);
1398
1399 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1400}
1401
1402static int gsm48_cc_tx_stop_dtmf_ack(struct gsm_trans *trans, void *arg)
1403{
1404 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF STP ACK");
1405 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1406
1407 gh->msg_type = GSM48_MT_CC_STOP_DTMF_ACK;
1408
1409 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1410}
1411
1412static int gsm48_cc_rx_stop_dtmf(struct gsm_trans *trans, struct msgb *msg)
1413{
1414 struct gsm_mncc dtmf;
1415
1416 memset(&dtmf, 0, sizeof(struct gsm_mncc));
1417 dtmf.callref = trans->callref;
1418
1419 return mncc_recvmsg(trans->net, trans, MNCC_STOP_DTMF_IND, &dtmf);
1420}
1421
1422static int gsm48_cc_rx_modify(struct gsm_trans *trans, struct msgb *msg)
1423{
1424 struct gsm48_hdr *gh = msgb_l3(msg);
1425 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1426 struct tlv_parsed tp;
1427 struct gsm_mncc modify;
1428
1429 memset(&modify, 0, sizeof(struct gsm_mncc));
1430 modify.callref = trans->callref;
1431 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, 0);
1432 /* bearer capability */
1433 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1434 modify.fields |= MNCC_F_BEARER_CAP;
1435 gsm48_decode_bearer_cap(&modify.bearer_cap,
1436 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1437
1438 /* Create a copy of the bearer capability
1439 * in the transaction struct, so we can use
1440 * this information later */
1441 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1442 sizeof(trans->bearer_cap));
1443 }
1444
1445 new_cc_state(trans, GSM_CSTATE_MO_ORIG_MODIFY);
1446
1447 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_IND, &modify);
1448}
1449
1450static int gsm48_cc_tx_modify(struct gsm_trans *trans, void *arg)
1451{
1452 struct gsm_mncc *modify = arg;
1453 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD");
1454 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1455
1456 gh->msg_type = GSM48_MT_CC_MODIFY;
1457
1458 gsm48_start_cc_timer(trans, 0x323, GSM48_T323);
1459
1460 /* bearer capability */
1461 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1462 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1463
1464 new_cc_state(trans, GSM_CSTATE_MO_TERM_MODIFY);
1465
1466 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1467}
1468
1469static int gsm48_cc_rx_modify_complete(struct gsm_trans *trans, struct msgb *msg)
1470{
1471 struct gsm48_hdr *gh = msgb_l3(msg);
1472 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1473 struct tlv_parsed tp;
1474 struct gsm_mncc modify;
1475
1476 gsm48_stop_cc_timer(trans);
1477
1478 memset(&modify, 0, sizeof(struct gsm_mncc));
1479 modify.callref = trans->callref;
1480 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, 0);
1481 /* bearer capability */
1482 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1483 modify.fields |= MNCC_F_BEARER_CAP;
1484 gsm48_decode_bearer_cap(&modify.bearer_cap,
1485 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1486
1487 /* Create a copy of the bearer capability
1488 * in the transaction struct, so we can use
1489 * this information later */
1490 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1491 sizeof(trans->bearer_cap));
1492 }
1493
1494 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1495
1496 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_CNF, &modify);
1497}
1498
1499static int gsm48_cc_tx_modify_complete(struct gsm_trans *trans, void *arg)
1500{
1501 struct gsm_mncc *modify = arg;
1502 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD COMPL");
1503 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1504
1505 gh->msg_type = GSM48_MT_CC_MODIFY_COMPL;
1506
1507 /* bearer capability */
1508 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1509 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1510
1511 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1512
1513 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1514}
1515
1516static int gsm48_cc_rx_modify_reject(struct gsm_trans *trans, struct msgb *msg)
1517{
1518 struct gsm48_hdr *gh = msgb_l3(msg);
1519 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1520 struct tlv_parsed tp;
1521 struct gsm_mncc modify;
1522
1523 gsm48_stop_cc_timer(trans);
1524
1525 memset(&modify, 0, sizeof(struct gsm_mncc));
1526 modify.callref = trans->callref;
1527 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, GSM48_IE_CAUSE);
1528 /* bearer capability */
1529 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1530 modify.fields |= GSM48_IE_BEARER_CAP;
1531 gsm48_decode_bearer_cap(&modify.bearer_cap,
1532 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1533
1534 /* Create a copy of the bearer capability
1535 * in the transaction struct, so we can use
1536 * this information later */
1537 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1538 sizeof(trans->bearer_cap));
1539 }
1540 /* cause */
1541 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1542 modify.fields |= MNCC_F_CAUSE;
1543 gsm48_decode_cause(&modify.cause,
1544 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1545 }
1546
1547 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1548
1549 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_REJ, &modify);
1550}
1551
1552static int gsm48_cc_tx_modify_reject(struct gsm_trans *trans, void *arg)
1553{
1554 struct gsm_mncc *modify = arg;
1555 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD REJ");
1556 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1557
1558 gh->msg_type = GSM48_MT_CC_MODIFY_REJECT;
1559
1560 /* bearer capability */
1561 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1562 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1563 /* cause */
1564 gsm48_encode_cause(msg, 1, &modify->cause);
1565
1566 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1567
1568 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1569}
1570
1571static int gsm48_cc_tx_notify(struct gsm_trans *trans, void *arg)
1572{
1573 struct gsm_mncc *notify = arg;
1574 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC NOT");
1575 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1576
1577 gh->msg_type = GSM48_MT_CC_NOTIFY;
1578
1579 /* notify */
1580 gsm48_encode_notify(msg, notify->notify);
1581
1582 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1583}
1584
1585static int gsm48_cc_rx_notify(struct gsm_trans *trans, struct msgb *msg)
1586{
1587 struct gsm48_hdr *gh = msgb_l3(msg);
1588 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1589// struct tlv_parsed tp;
1590 struct gsm_mncc notify;
1591
1592 memset(&notify, 0, sizeof(struct gsm_mncc));
1593 notify.callref = trans->callref;
1594// tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len);
1595 if (payload_len >= 1)
1596 gsm48_decode_notify(&notify.notify, gh->data);
1597
1598 return mncc_recvmsg(trans->net, trans, MNCC_NOTIFY_IND, &notify);
1599}
1600
1601static int gsm48_cc_tx_userinfo(struct gsm_trans *trans, void *arg)
1602{
1603 struct gsm_mncc *user = arg;
1604 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 USR INFO");
1605 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1606
1607 gh->msg_type = GSM48_MT_CC_USER_INFO;
1608
1609 /* user-user */
1610 if (user->fields & MNCC_F_USERUSER)
1611 gsm48_encode_useruser(msg, 1, &user->useruser);
1612 /* more data */
1613 if (user->more)
1614 gsm48_encode_more(msg);
1615
1616 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1617}
1618
1619static int gsm48_cc_rx_userinfo(struct gsm_trans *trans, struct msgb *msg)
1620{
1621 struct gsm48_hdr *gh = msgb_l3(msg);
1622 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1623 struct tlv_parsed tp;
1624 struct gsm_mncc user;
1625
1626 memset(&user, 0, sizeof(struct gsm_mncc));
1627 user.callref = trans->callref;
1628 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_USER_USER, 0);
1629 /* user-user */
1630 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1631 user.fields |= MNCC_F_USERUSER;
1632 gsm48_decode_useruser(&user.useruser,
1633 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1634 }
1635 /* more data */
1636 if (TLVP_PRESENT(&tp, GSM48_IE_MORE_DATA))
1637 user.more = 1;
1638
1639 return mncc_recvmsg(trans->net, trans, MNCC_USERINFO_IND, &user);
1640}
1641
1642static void mncc_recv_rtp(struct gsm_network *net, uint32_t callref,
1643 int cmd, uint32_t addr, uint16_t port, uint32_t payload_type,
1644 uint32_t payload_msg_type)
1645{
1646 uint8_t data[sizeof(struct gsm_mncc)];
1647 struct gsm_mncc_rtp *rtp;
1648
1649 memset(&data, 0, sizeof(data));
1650 rtp = (struct gsm_mncc_rtp *) &data[0];
1651
1652 rtp->callref = callref;
1653 rtp->msg_type = cmd;
Philipp Maiere2497f72018-09-28 10:37:17 +0200[diff] [blame]1654 rtp->ip = osmo_htonl(addr);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1655 rtp->port = port;
1656 rtp->payload_type = payload_type;
1657 rtp->payload_msg_type = payload_msg_type;
1658 mncc_recvmsg(net, NULL, cmd, (struct gsm_mncc *)data);
1659}
1660
1661static void mncc_recv_rtp_sock(struct gsm_network *net, struct gsm_trans *trans, int cmd)
1662{
1663 int msg_type;
1664
1665 /* FIXME This has to be set to some meaningful value.
1666 * Possible options are:
1667 * GSM_TCHF_FRAME, GSM_TCHF_FRAME_EFR,
1668 * GSM_TCHH_FRAME, GSM_TCH_FRAME_AMR
1669 * (0 if unknown) */
1670 msg_type = GSM_TCHF_FRAME;
1671
1672 uint32_t addr = inet_addr(trans->conn->rtp.local_addr_cn);
1673 uint16_t port = trans->conn->rtp.local_port_cn;
1674
1675 LOGP(DMNCC, LOGL_ERROR, "RTP create for non-existing trans\n");
1676
1677 if (addr == INADDR_NONE) {
1678 LOGP(DMNCC, LOGL_ERROR,
1679 "(subscriber:%s) external MNCC is signalling invalid IP-Address\n",
1680 vlr_subscr_name(trans->vsub));
1681 return;
1682 }
1683 if (port == 0) {
1684 LOGP(DMNCC, LOGL_ERROR,
1685 "(subscriber:%s) external MNCC is signalling invalid Port\n",
1686 vlr_subscr_name(trans->vsub));
1687 return;
1688 }
1689
1690 /* FIXME: This has to be set to some meaningful value,
1691 * before the MSC-Split, this value was pulled from
1692 * lchan->abis_ip.rtp_payload */
1693 uint32_t payload_type = 0;
1694
1695 return mncc_recv_rtp(net, trans->callref, cmd,
1696 addr,
1697 port,
1698 payload_type,
1699 msg_type);
1700}
1701
1702static void mncc_recv_rtp_err(struct gsm_network *net, uint32_t callref, int cmd)
1703{
1704 return mncc_recv_rtp(net, callref, cmd, 0, 0, 0, 0);
1705}
1706
1707static int tch_rtp_create(struct gsm_network *net, uint32_t callref)
1708{
1709 struct gsm_trans *trans;
1710 int rc;
1711
1712 /* Find callref */
1713 trans = trans_find_by_callref(net, callref);
1714 if (!trans) {
1715 LOGP(DMNCC, LOGL_ERROR, "RTP create for non-existing trans\n");
1716 mncc_recv_rtp_err(net, callref, MNCC_RTP_CREATE);
1717 return -EIO;
1718 }
1719 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1720 if (!trans->conn) {
1721 LOGP(DMNCC, LOGL_NOTICE, "RTP create for trans without conn\n");
1722 mncc_recv_rtp_err(net, callref, MNCC_RTP_CREATE);
1723 return 0;
1724 }
1725
1726 trans->conn->mncc_rtp_bridge = 1;
1727
1728 /* When we call msc_mgcp_call_assignment() we will trigger, depending
1729 * on the RAN type the call assignment on the A or Iu interface.
1730 * msc_mgcp_call_assignment() also takes care about sending the CRCX
1731 * command to the MGCP-GW. The CRCX will return the port number,
1732 * where the PBX (e.g. Asterisk) will send its RTP stream to. We
1733 * have to return this port number back to the MNCC by sending
1734 * it back with the TCH_RTP_CREATE message. To make sure that
1735 * this message is sent AFTER the response to CRCX from the
1736 * MGCP-GW has arrived, we need will instruct msc_mgcp_call_assignment()
1737 * to take care of this by setting trans->tch_rtp_create to true.
1738 * This will make sure that gsm48_tch_rtp_create() (below) is
1739 * called as soon as the local port number has become known. */
1740 trans->tch_rtp_create = true;
1741
1742 /* Assign call (if not done yet) */
1743 if (trans->assignment_done == false) {
1744 rc = msc_mgcp_call_assignment(trans);
1745 trans->assignment_done = true;
1746 }
1747 else
1748 rc = 0;
1749
1750 return rc;
1751}
1752
1753/* Trigger TCH_RTP_CREATE acknowledgement */
1754int gsm48_tch_rtp_create(struct gsm_trans *trans)
1755{
1756 /* This function is called as soon as the port, on which the
1757 * mgcp-gw expects the incoming RTP stream from the remote
1758 * end (e.g. Asterisk) is known. */
1759
1760 struct gsm_subscriber_connection *conn = trans->conn;
1761 struct gsm_network *network = conn->network;
1762
1763 mncc_recv_rtp_sock(network, trans, MNCC_RTP_CREATE);
1764 return 0;
1765}
1766
1767static int tch_rtp_connect(struct gsm_network *net, void *arg)
1768{
1769 struct gsm_trans *trans;
1770 struct gsm_mncc_rtp *rtp = arg;
1771 struct in_addr addr;
1772
Philipp Maier8ad3dac2018-08-07 13:00:14 +0200[diff] [blame]1773 /* FIXME: in *rtp we should get the codec information of the remote
1774 * leg. We will have to populate trans->conn->rtp.codec_cn with a
1775 * meaningful value based on this information but unfortunately we
1776 * can't do that yet because the mncc API can not signal dynamic
1777 * payload types yet. This must be fixed first. Also there may be
1778 * additional members necessary in trans->conn->rtp because we
1779 * somehow need to deal with dynamic payload types that do not
1780 * comply to 3gpp's assumptions of payload type numbers on the A
1781 * interface. See also related tickets: OS#3399 and OS1683 */
1782
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1783 /* Find callref */
1784 trans = trans_find_by_callref(net, rtp->callref);
1785 if (!trans) {
1786 LOGP(DMNCC, LOGL_ERROR, "RTP connect for non-existing trans\n");
1787 mncc_recv_rtp_err(net, rtp->callref, MNCC_RTP_CONNECT);
1788 return -EIO;
1789 }
1790 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1791 if (!trans->conn) {
1792 LOGP(DMNCC, LOGL_ERROR, "RTP connect for trans without conn\n");
1793 mncc_recv_rtp_err(net, rtp->callref, MNCC_RTP_CONNECT);
1794 return 0;
1795 }
1796
1797 addr.s_addr = osmo_htonl(rtp->ip);
1798 return msc_mgcp_call_complete(trans, rtp->port, inet_ntoa(addr));
1799}
1800
1801static struct downstate {
1802 uint32_t states;
1803 int type;
1804 int (*rout) (struct gsm_trans *trans, void *arg);
1805} downstatelist[] = {
1806 /* mobile originating call establishment */
1807 {SBIT(GSM_CSTATE_INITIATED), /* 5.2.1.2 */
1808 MNCC_CALL_PROC_REQ, gsm48_cc_tx_call_proc_and_assign},
1809 {SBIT(GSM_CSTATE_INITIATED) | SBIT(GSM_CSTATE_MO_CALL_PROC), /* 5.2.1.2 | 5.2.1.5 */
1810 MNCC_ALERT_REQ, gsm48_cc_tx_alerting},
1811 {SBIT(GSM_CSTATE_INITIATED) | SBIT(GSM_CSTATE_MO_CALL_PROC) | SBIT(GSM_CSTATE_CALL_DELIVERED), /* 5.2.1.2 | 5.2.1.6 | 5.2.1.6 */
1812 MNCC_SETUP_RSP, gsm48_cc_tx_connect},
1813 {SBIT(GSM_CSTATE_MO_CALL_PROC), /* 5.2.1.4.2 */
1814 MNCC_PROGRESS_REQ, gsm48_cc_tx_progress},
1815 /* mobile terminating call establishment */
1816 {SBIT(GSM_CSTATE_NULL), /* 5.2.2.1 */
1817 MNCC_SETUP_REQ, gsm48_cc_tx_setup},
1818 {SBIT(GSM_CSTATE_CONNECT_REQUEST),
1819 MNCC_SETUP_COMPL_REQ, gsm48_cc_tx_connect_ack},
1820 /* signalling during call */
1821 {SBIT(GSM_CSTATE_ACTIVE),
1822 MNCC_NOTIFY_REQ, gsm48_cc_tx_notify},
1823 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ),
1824 MNCC_FACILITY_REQ, gsm48_cc_tx_facility},
1825 {ALL_STATES,
1826 MNCC_START_DTMF_RSP, gsm48_cc_tx_start_dtmf_ack},
1827 {ALL_STATES,
1828 MNCC_START_DTMF_REJ, gsm48_cc_tx_start_dtmf_rej},
1829 {ALL_STATES,
1830 MNCC_STOP_DTMF_RSP, gsm48_cc_tx_stop_dtmf_ack},
1831 {SBIT(GSM_CSTATE_ACTIVE),
1832 MNCC_HOLD_CNF, gsm48_cc_tx_hold_ack},
1833 {SBIT(GSM_CSTATE_ACTIVE),
1834 MNCC_HOLD_REJ, gsm48_cc_tx_hold_rej},
1835 {SBIT(GSM_CSTATE_ACTIVE),
1836 MNCC_RETRIEVE_CNF, gsm48_cc_tx_retrieve_ack},
1837 {SBIT(GSM_CSTATE_ACTIVE),
1838 MNCC_RETRIEVE_REJ, gsm48_cc_tx_retrieve_rej},
1839 {SBIT(GSM_CSTATE_ACTIVE),
1840 MNCC_MODIFY_REQ, gsm48_cc_tx_modify},
1841 {SBIT(GSM_CSTATE_MO_ORIG_MODIFY),
1842 MNCC_MODIFY_RSP, gsm48_cc_tx_modify_complete},
1843 {SBIT(GSM_CSTATE_MO_ORIG_MODIFY),
1844 MNCC_MODIFY_REJ, gsm48_cc_tx_modify_reject},
1845 {SBIT(GSM_CSTATE_ACTIVE),
1846 MNCC_USERINFO_REQ, gsm48_cc_tx_userinfo},
1847 /* clearing */
1848 {SBIT(GSM_CSTATE_INITIATED),
1849 MNCC_REJ_REQ, gsm48_cc_tx_release_compl},
1850 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_DISCONNECT_IND) - SBIT(GSM_CSTATE_RELEASE_REQ) - SBIT(GSM_CSTATE_DISCONNECT_REQ), /* 5.4.4 */
1851 MNCC_DISC_REQ, gsm48_cc_tx_disconnect},
1852 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ), /* 5.4.3.2 */
1853 MNCC_REL_REQ, gsm48_cc_tx_release},
1854};
1855
1856#define DOWNSLLEN \
1857 (sizeof(downstatelist) / sizeof(struct downstate))
1858
1859
1860int mncc_tx_to_cc(struct gsm_network *net, int msg_type, void *arg)
1861{
1862 int i, rc = 0;
1863 struct gsm_trans *trans = NULL, *transt;
1864 struct gsm_subscriber_connection *conn = NULL;
1865 struct gsm_mncc *data = arg, rel;
1866
1867 DEBUGP(DMNCC, "receive message %s\n", get_mncc_name(msg_type));
1868
1869 /* handle special messages */
1870 switch(msg_type) {
1871 case MNCC_BRIDGE:
1872 rc = tch_bridge(net, arg);
1873 if (rc < 0)
1874 disconnect_bridge(net, arg, -rc);
1875 return rc;
1876 case MNCC_RTP_CREATE:
1877 return tch_rtp_create(net, data->callref);
1878 case MNCC_RTP_CONNECT:
1879 return tch_rtp_connect(net, arg);
1880 case MNCC_RTP_FREE:
1881 /* unused right now */
1882 return -EIO;
1883
1884 case MNCC_FRAME_DROP:
1885 case MNCC_FRAME_RECV:
1886 case GSM_TCHF_FRAME:
1887 case GSM_TCHF_FRAME_EFR:
1888 case GSM_TCHH_FRAME:
1889 case GSM_TCH_FRAME_AMR:
1890 LOGP(DMNCC, LOGL_ERROR, "RTP streams must be handled externally; %s not supported.\n",
1891 get_mncc_name(msg_type));
1892 return -ENOTSUP;
1893 }
1894
1895 memset(&rel, 0, sizeof(struct gsm_mncc));
1896 rel.callref = data->callref;
1897
1898 /* Find callref */
1899 trans = trans_find_by_callref(net, data->callref);
1900
1901 /* Callref unknown */
1902 if (!trans) {
1903 struct vlr_subscr *vsub;
1904
1905 if (msg_type != MNCC_SETUP_REQ) {
1906 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1907 "Received '%s' from MNCC with "
1908 "unknown callref %d\n", data->called.number,
1909 get_mncc_name(msg_type), data->callref);
1910 /* Invalid call reference */
1911 return mncc_release_ind(net, NULL, data->callref,
1912 GSM48_CAUSE_LOC_PRN_S_LU,
1913 GSM48_CC_CAUSE_INVAL_TRANS_ID);
1914 }
1915 if (!data->called.number[0] && !data->imsi[0]) {
1916 DEBUGP(DCC, "(bts - trx - ts - ti) "
1917 "Received '%s' from MNCC with "
1918 "no number or IMSI\n", get_mncc_name(msg_type));
1919 /* Invalid number */
1920 return mncc_release_ind(net, NULL, data->callref,
1921 GSM48_CAUSE_LOC_PRN_S_LU,
1922 GSM48_CC_CAUSE_INV_NR_FORMAT);
1923 }
1924 /* New transaction due to setup, find subscriber */
1925 if (data->called.number[0])
1926 vsub = vlr_subscr_find_by_msisdn(net->vlr,
1927 data->called.number);
1928 else
1929 vsub = vlr_subscr_find_by_imsi(net->vlr, data->imsi);
1930
1931 /* update the subscriber we deal with */
1932 log_set_context(LOG_CTX_VLR_SUBSCR, vsub);
1933
1934 /* If subscriber is not found */
1935 if (!vsub) {
1936 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1937 "Received '%s' from MNCC with "
1938 "unknown subscriber %s\n", data->called.number,
1939 get_mncc_name(msg_type), data->called.number);
1940 /* Unknown subscriber */
1941 return mncc_release_ind(net, NULL, data->callref,
1942 GSM48_CAUSE_LOC_PRN_S_LU,
1943 GSM48_CC_CAUSE_UNASSIGNED_NR);
1944 }
1945 /* If subscriber is not "attached" */
1946 if (!vsub->lac) {
1947 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1948 "Received '%s' from MNCC with "
1949 "detached subscriber %s\n", data->called.number,
1950 get_mncc_name(msg_type), vlr_subscr_name(vsub));
1951 vlr_subscr_put(vsub);
1952 /* Temporarily out of order */
1953 return mncc_release_ind(net, NULL, data->callref,
1954 GSM48_CAUSE_LOC_PRN_S_LU,
1955 GSM48_CC_CAUSE_DEST_OOO);
1956 }
1957 /* Create transaction */
1958 trans = trans_alloc(net, vsub, GSM48_PDISC_CC, 0xff, data->callref);
1959 if (!trans) {
1960 DEBUGP(DCC, "No memory for trans.\n");
1961 vlr_subscr_put(vsub);
1962 /* Ressource unavailable */
1963 mncc_release_ind(net, NULL, data->callref,
1964 GSM48_CAUSE_LOC_PRN_S_LU,
1965 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
1966 return -ENOMEM;
1967 }
1968
1969 /* Find conn */
1970 conn = connection_for_subscr(vsub);
1971
1972 /* If subscriber has no conn */
1973 if (!conn) {
1974 /* find transaction with this subscriber already paging */
1975 llist_for_each_entry(transt, &net->trans_list, entry) {
1976 /* Transaction of our conn? */
1977 if (transt == trans ||
1978 transt->vsub != vsub)
1979 continue;
1980 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1981 "Received '%s' from MNCC with "
1982 "unallocated channel, paging already "
1983 "started for lac %d.\n",
1984 data->called.number,
1985 get_mncc_name(msg_type), vsub->lac);
1986 vlr_subscr_put(vsub);
1987 trans_free(trans);
1988 return 0;
1989 }
1990 /* store setup information until paging succeeds */
1991 memcpy(&trans->cc.msg, data, sizeof(struct gsm_mncc));
1992
1993 /* Request a channel */
1994 trans->paging_request = subscr_request_conn(
1995 vsub,
1996 setup_trig_pag_evt,
1997 trans,
1998 "MNCC: establish call");
1999 if (!trans->paging_request) {
2000 LOGP(DCC, LOGL_ERROR, "Failed to allocate paging token.\n");
2001 vlr_subscr_put(vsub);
2002 trans_free(trans);
2003 return 0;
2004 }
2005 vlr_subscr_put(vsub);
2006 return 0;
2007 }
2008
2009 /* Assign conn */
2010 trans->conn = msc_subscr_conn_get(conn, MSC_CONN_USE_TRANS_CC);
2011 trans->dlci = 0x00; /* SAPI=0, not SACCH */
2012 vlr_subscr_put(vsub);
2013 } else {
2014 /* update the subscriber we deal with */
2015 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
2016 }
2017
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame^]2018 gsm48_start_guard_timer(trans);
2019
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2020 if (trans->conn)
2021 conn = trans->conn;
2022
2023 /* if paging did not respond yet */
2024 if (!conn) {
2025 DEBUGP(DCC, "(sub %s) "
2026 "Received '%s' from MNCC in paging state\n",
2027 vlr_subscr_msisdn_or_name(trans->vsub),
2028 get_mncc_name(msg_type));
2029 mncc_set_cause(&rel, GSM48_CAUSE_LOC_PRN_S_LU,
2030 GSM48_CC_CAUSE_NORM_CALL_CLEAR);
2031 if (msg_type == MNCC_REL_REQ)
2032 rc = mncc_recvmsg(net, trans, MNCC_REL_CNF, &rel);
2033 else
2034 rc = mncc_recvmsg(net, trans, MNCC_REL_IND, &rel);
2035 trans->callref = 0;
2036 trans_free(trans);
2037 return rc;
2038 } else {
2039 DEBUGP(DCC, "(ti %02x sub %s) "
2040 "Received '%s' from MNCC in state %d (%s)\n",
2041 trans->transaction_id,
2042 vlr_subscr_msisdn_or_name(trans->conn->vsub),
2043 get_mncc_name(msg_type), trans->cc.state,
2044 gsm48_cc_state_name(trans->cc.state));
2045 }
2046
2047 /* Find function for current state and message */
2048 for (i = 0; i < DOWNSLLEN; i++)
2049 if ((msg_type == downstatelist[i].type)
2050 && ((1 << trans->cc.state) & downstatelist[i].states))
2051 break;
2052 if (i == DOWNSLLEN) {
2053 DEBUGP(DCC, "Message unhandled at this state.\n");
2054 return 0;
2055 }
2056
2057 rc = downstatelist[i].rout(trans, arg);
2058
2059 return rc;
2060}
2061
2062
2063static struct datastate {
2064 uint32_t states;
2065 int type;
2066 int (*rout) (struct gsm_trans *trans, struct msgb *msg);
2067} datastatelist[] = {
2068 /* mobile originating call establishment */
2069 {SBIT(GSM_CSTATE_NULL), /* 5.2.1.2 */
2070 GSM48_MT_CC_SETUP, gsm48_cc_rx_setup},
2071 {SBIT(GSM_CSTATE_NULL), /* 5.2.1.2 */
2072 GSM48_MT_CC_EMERG_SETUP, gsm48_cc_rx_setup},
2073 {SBIT(GSM_CSTATE_CONNECT_IND), /* 5.2.1.2 */
2074 GSM48_MT_CC_CONNECT_ACK, gsm48_cc_rx_connect_ack},
2075 /* mobile terminating call establishment */
2076 {SBIT(GSM_CSTATE_CALL_PRESENT), /* 5.2.2.3.2 */
2077 GSM48_MT_CC_CALL_CONF, gsm48_cc_rx_call_conf},
2078 {SBIT(GSM_CSTATE_CALL_PRESENT) | SBIT(GSM_CSTATE_MO_TERM_CALL_CONF), /* ???? | 5.2.2.3.2 */
2079 GSM48_MT_CC_ALERTING, gsm48_cc_rx_alerting},
2080 {SBIT(GSM_CSTATE_CALL_PRESENT) | SBIT(GSM_CSTATE_MO_TERM_CALL_CONF) | SBIT(GSM_CSTATE_CALL_RECEIVED), /* (5.2.2.6) | 5.2.2.6 | 5.2.2.6 */
2081 GSM48_MT_CC_CONNECT, gsm48_cc_rx_connect},
2082 /* signalling during call */
2083 {ALL_STATES - SBIT(GSM_CSTATE_NULL),
2084 GSM48_MT_CC_FACILITY, gsm48_cc_rx_facility},
2085 {SBIT(GSM_CSTATE_ACTIVE),
2086 GSM48_MT_CC_NOTIFY, gsm48_cc_rx_notify},
2087 {ALL_STATES,
2088 GSM48_MT_CC_START_DTMF, gsm48_cc_rx_start_dtmf},
2089 {ALL_STATES,
2090 GSM48_MT_CC_STOP_DTMF, gsm48_cc_rx_stop_dtmf},
2091 {ALL_STATES,
2092 GSM48_MT_CC_STATUS_ENQ, gsm48_cc_rx_status_enq},
2093 {SBIT(GSM_CSTATE_ACTIVE),
2094 GSM48_MT_CC_HOLD, gsm48_cc_rx_hold},
2095 {SBIT(GSM_CSTATE_ACTIVE),
2096 GSM48_MT_CC_RETR, gsm48_cc_rx_retrieve},
2097 {SBIT(GSM_CSTATE_ACTIVE),
2098 GSM48_MT_CC_MODIFY, gsm48_cc_rx_modify},
2099 {SBIT(GSM_CSTATE_MO_TERM_MODIFY),
2100 GSM48_MT_CC_MODIFY_COMPL, gsm48_cc_rx_modify_complete},
2101 {SBIT(GSM_CSTATE_MO_TERM_MODIFY),
2102 GSM48_MT_CC_MODIFY_REJECT, gsm48_cc_rx_modify_reject},
2103 {SBIT(GSM_CSTATE_ACTIVE),
2104 GSM48_MT_CC_USER_INFO, gsm48_cc_rx_userinfo},
2105 /* clearing */
2106 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ), /* 5.4.3.2 */
2107 GSM48_MT_CC_DISCONNECT, gsm48_cc_rx_disconnect},
2108 {ALL_STATES - SBIT(GSM_CSTATE_NULL), /* 5.4.4.1.2.2 */
2109 GSM48_MT_CC_RELEASE, gsm48_cc_rx_release},
2110 {ALL_STATES, /* 5.4.3.4 */
2111 GSM48_MT_CC_RELEASE_COMPL, gsm48_cc_rx_release_compl},
2112};
2113
2114#define DATASLLEN \
2115 (sizeof(datastatelist) / sizeof(struct datastate))
2116
2117int gsm0408_rcv_cc(struct gsm_subscriber_connection *conn, struct msgb *msg)
2118{
2119 struct gsm48_hdr *gh = msgb_l3(msg);
2120 uint8_t msg_type = gsm48_hdr_msg_type(gh);
2121 uint8_t transaction_id = gsm48_hdr_trans_id_flip_ti(gh);
2122 struct gsm_trans *trans = NULL;
2123 int i, rc = 0;
2124
2125 if (msg_type & 0x80) {
2126 DEBUGP(DCC, "MSG 0x%2x not defined for PD error\n", msg_type);
2127 return -EINVAL;
2128 }
2129
2130 if (!conn->vsub) {
2131 LOGP(DCC, LOGL_ERROR, "Invalid conn: no subscriber\n");
2132 return -EINVAL;
2133 }
2134
2135 /* Find transaction */
2136 trans = trans_find_by_id(conn, GSM48_PDISC_CC, transaction_id);
2137
2138#if BEFORE_MSCSPLIT
2139 /* Re-enable this log output once we can obtain this information via
2140 * A-interface, see OS#2391. */
2141 DEBUGP(DCC, "(bts %d trx %d ts %d ti %x sub %s) "
2142 "Received '%s' from MS in state %d (%s)\n",
2143 conn->bts->nr, conn->lchan->ts->trx->nr, conn->lchan->ts->nr,
2144 transaction_id, vlr_subscr_msisdn_or_name(conn->vsub),
2145 gsm48_cc_msg_name(msg_type), trans?(trans->cc.state):0,
2146 gsm48_cc_state_name(trans?(trans->cc.state):0));
2147#endif
2148
2149 /* Create transaction */
2150 if (!trans) {
2151 DEBUGP(DCC, "Unknown transaction ID %x, "
2152 "creating new trans.\n", transaction_id);
2153 /* Create transaction */
2154 trans = trans_alloc(conn->network, conn->vsub,
2155 GSM48_PDISC_CC,
2156 transaction_id, new_callref++);
2157 if (!trans) {
2158 DEBUGP(DCC, "No memory for trans.\n");
2159 rc = gsm48_tx_simple(conn,
2160 GSM48_PDISC_CC | (transaction_id << 4),
2161 GSM48_MT_CC_RELEASE_COMPL);
2162 return -ENOMEM;
2163 }
2164 /* Assign transaction */
2165 trans->conn = msc_subscr_conn_get(conn, MSC_CONN_USE_TRANS_CC);
2166 trans->dlci = OMSC_LINKID_CB(msg); /* DLCI as received from BSC */
2167 cm_service_request_concludes(conn, msg);
2168 }
2169
2170 /* find function for current state and message */
2171 for (i = 0; i < DATASLLEN; i++)
2172 if ((msg_type == datastatelist[i].type)
2173 && ((1 << trans->cc.state) & datastatelist[i].states))
2174 break;
2175 if (i == DATASLLEN) {
2176 DEBUGP(DCC, "Message unhandled at this state.\n");
2177 return 0;
2178 }
2179
2180 assert(trans->vsub);
2181
2182 rc = datastatelist[i].rout(trans, msg);
2183
2184 msc_subscr_conn_communicating(conn);
2185 return rc;
2186}