Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / d8daaae91ec0f93238e1800bd6e1370147786488 / . / src / libmsc / gsm_04_08_cc.c
blob: 98c2aa3ecc3f2ac732b0bde58b3b7ece553a40f8 [file] [log] [blame]
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1/* GSM Mobile Radio Interface Layer 3 Call Control */
2
3/* (C) 2008-2016 by Harald Welte <laforge@gnumonks.org>
4 * (C) 2008-2012 by Holger Hans Peter Freyther <zecke@selfish.org>
5 *
6 * All Rights Reserved
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 *
21 */
22
23#include <stdio.h>
24#include <stdlib.h>
25#include <string.h>
26#include <stdbool.h>
27#include <errno.h>
28#include <time.h>
29#include <netinet/in.h>
30#include <regex.h>
31#include <sys/types.h>
32
33#include "bscconfig.h"
34
35#include <osmocom/msc/db.h>
36#include <osmocom/msc/debug.h>
37#include <osmocom/msc/gsm_data.h>
38#include <osmocom/msc/gsm_subscriber.h>
39#include <osmocom/msc/gsm_04_11.h>
40#include <osmocom/msc/gsm_04_08.h>
41#include <osmocom/msc/gsm_04_80.h>
42#include <osmocom/msc/gsm_04_14.h>
43#include <osmocom/msc/gsm_09_11.h>
44#include <osmocom/msc/signal.h>
45#include <osmocom/msc/transaction.h>
46#include <osmocom/msc/silent_call.h>
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]47#include <osmocom/msc/mncc_int.h>
48#include <osmocom/abis/e1_input.h>
49#include <osmocom/core/bitvec.h>
50#include <osmocom/msc/vlr.h>
51#include <osmocom/msc/msc_ifaces.h>
52
53#include <osmocom/gsm/gsm48.h>
54#include <osmocom/gsm/gsm0480.h>
55#include <osmocom/gsm/gsm_utils.h>
56#include <osmocom/gsm/protocol/gsm_04_08.h>
57#include <osmocom/core/msgb.h>
58#include <osmocom/core/talloc.h>
59#include <osmocom/core/utils.h>
60#include <osmocom/core/byteswap.h>
61#include <osmocom/gsm/tlv.h>
62#include <osmocom/crypt/auth.h>
63#ifdef BUILD_IU
64#include <osmocom/ranap/iu_client.h>
65#endif
66
67#include <osmocom/msc/msc_ifaces.h>
68#include <osmocom/msc/a_iface.h>
69#include <osmocom/msc/msc_mgcp.h>
70
71#include <assert.h>
72
73static uint32_t new_callref = 0x80000001;
74
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]75static void gsm48_cc_guard_timeout(void *arg)
76{
77 struct gsm_trans *trans = arg;
78 DEBUGP(DCC, "(sub %s) guard timeout expired\n",
79 vlr_subscr_msisdn_or_name(trans->vsub));
80 trans_free(trans);
81 return;
82}
83
84static void gsm48_stop_guard_timer(struct gsm_trans *trans)
85{
86 if (osmo_timer_pending(&trans->cc.timer_guard)) {
87 DEBUGP(DCC, "(sub %s) stopping pending guard timer\n",
88 vlr_subscr_msisdn_or_name(trans->vsub));
89 osmo_timer_del(&trans->cc.timer_guard);
90 }
91}
92
93static void gsm48_start_guard_timer(struct gsm_trans *trans)
94{
95 /* NOTE: The purpose of this timer is to prevent the cc state machine
96 * from hanging in cases where mncc, gsm48 or both become unresponsive
97 * for some reason. The timer is started initially with the setup from
98 * the gsm48 side and then re-started with every incoming mncc message.
99 * Once the mncc state reaches its active state the timer is stopped.
100 * So if the cc state machine does not show any activity for an
101 * extended amount of time during call setup or teardown the guard
102 * timer will time out and hard-clear the connection. */
103 if (osmo_timer_pending(&trans->cc.timer_guard))
104 gsm48_stop_guard_timer(trans);
105 DEBUGP(DCC, "(sub %s) starting guard timer with %d seconds\n",
106 vlr_subscr_msisdn_or_name(trans->vsub),
107 trans->net->mncc_guard_timeout);
108 osmo_timer_setup(&trans->cc.timer_guard, gsm48_cc_guard_timeout, trans);
109 osmo_timer_schedule(&trans->cc.timer_guard,
110 trans->net->mncc_guard_timeout, 0);
111}
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]112
113/* Call Control */
114
115void cc_tx_to_mncc(struct gsm_network *net, struct msgb *msg)
116{
117 net->mncc_recv(net, msg);
118}
119
120int gsm48_cc_tx_notify_ss(struct gsm_trans *trans, const char *message)
121{
122 struct gsm48_hdr *gh;
123 struct msgb *ss_notify;
124
125 ss_notify = gsm0480_create_notifySS(message);
126 if (!ss_notify)
127 return -1;
128
129 gsm0480_wrap_invoke(ss_notify, GSM0480_OP_CODE_NOTIFY_SS, 0);
130 uint8_t *data = msgb_push(ss_notify, 1);
131 data[0] = ss_notify->len - 1;
132 gh = (struct gsm48_hdr *) msgb_push(ss_notify, sizeof(*gh));
133 gh->msg_type = GSM48_MT_CC_FACILITY;
134 return gsm48_conn_sendmsg(ss_notify, trans->conn, trans);
135}
136
137/* FIXME: this count_statistics is a state machine behaviour. we should convert
138 * the complete call control into a state machine. Afterwards we can move this
139 * code into state transitions.
140 */
141static void count_statistics(struct gsm_trans *trans, int new_state)
142{
143 int old_state = trans->cc.state;
144 struct rate_ctr_group *msc = trans->net->msc_ctrs;
145
146 if (old_state == new_state)
147 return;
148
149 /* state incoming */
150 switch (new_state) {
151 case GSM_CSTATE_ACTIVE:
152 osmo_counter_inc(trans->net->active_calls);
153 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_ACTIVE]);
154 break;
155 }
156
157 /* state outgoing */
158 switch (old_state) {
159 case GSM_CSTATE_ACTIVE:
160 osmo_counter_dec(trans->net->active_calls);
161 if (new_state == GSM_CSTATE_DISCONNECT_REQ ||
162 new_state == GSM_CSTATE_DISCONNECT_IND)
163 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_COMPLETE]);
164 else
165 rate_ctr_inc(&msc->ctr[MSC_CTR_CALL_INCOMPLETE]);
166 break;
167 }
168}
169
170/* The entire call control code is written in accordance with Figure 7.10c
171 * for 'very early assignment', i.e. we allocate a TCH/F during IMMEDIATE
172 * ASSIGN, then first use that TCH/F for signalling and later MODE MODIFY
173 * it for voice */
174
175static void new_cc_state(struct gsm_trans *trans, int state)
176{
177 if (state > 31 || state < 0)
178 return;
179
180 DEBUGP(DCC, "(ti %02x sub %s) new state %s -> %s\n",
181 trans->transaction_id,
182 vlr_subscr_name(trans->vsub),
183 gsm48_cc_state_name(trans->cc.state),
184 gsm48_cc_state_name(state));
185
186 count_statistics(trans, state);
187 trans->cc.state = state;
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]188
189 /* Stop the guard timer when a call reaches the active state */
190 if (state == GSM_CSTATE_ACTIVE)
191 gsm48_stop_guard_timer(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]192}
193
194static int gsm48_cc_tx_status(struct gsm_trans *trans, void *arg)
195{
196 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC STATUS");
197 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
198 uint8_t *cause, *call_state;
199
200 gh->msg_type = GSM48_MT_CC_STATUS;
201
202 cause = msgb_put(msg, 3);
203 cause[0] = 2;
204 cause[1] = GSM48_CAUSE_CS_GSM | GSM48_CAUSE_LOC_USER;
205 cause[2] = 0x80 | 30; /* response to status inquiry */
206
207 call_state = msgb_put(msg, 1);
208 call_state[0] = 0xc0 | 0x00;
209
210 return gsm48_conn_sendmsg(msg, trans->conn, trans);
211}
212
213static void gsm48_stop_cc_timer(struct gsm_trans *trans)
214{
215 if (osmo_timer_pending(&trans->cc.timer)) {
216 DEBUGP(DCC, "stopping pending timer T%x\n", trans->cc.Tcurrent);
217 osmo_timer_del(&trans->cc.timer);
218 trans->cc.Tcurrent = 0;
219 }
220}
221
222static int mncc_recvmsg(struct gsm_network *net, struct gsm_trans *trans,
223 int msg_type, struct gsm_mncc *mncc)
224{
225 struct msgb *msg;
226 unsigned char *data;
227
228 DEBUGP(DMNCC, "transmit message %s\n", get_mncc_name(msg_type));
229
230#if BEFORE_MSCSPLIT
231 /* Re-enable this log output once we can obtain this information via
232 * A-interface, see OS#2391. */
233 if (trans)
234 if (trans->conn && trans->conn->lchan)
235 DEBUGP(DCC, "(bts %d trx %d ts %d ti %x sub %s) "
236 "Sending '%s' to MNCC.\n",
237 trans->conn->lchan->ts->trx->bts->nr,
238 trans->conn->lchan->ts->trx->nr,
239 trans->conn->lchan->ts->nr, trans->transaction_id,
240 vlr_subscr_msisdn_or_name(trans->vsub),
241 get_mncc_name(msg_type));
242 else
243 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
244 "Sending '%s' to MNCC.\n",
245 vlr_subscr_msisdn_or_name(trans->vsub),
246 get_mncc_name(msg_type));
247 else
248 DEBUGP(DCC, "(bts - trx - ts - ti -- sub -) "
249 "Sending '%s' to MNCC.\n", get_mncc_name(msg_type));
250#else
251 DEBUGP(DCC, "Sending '%s' to MNCC.\n", get_mncc_name(msg_type));
252#endif
253
254 mncc->msg_type = msg_type;
255
256 msg = msgb_alloc(sizeof(struct gsm_mncc), "MNCC");
257 if (!msg)
258 return -ENOMEM;
259
260 data = msgb_put(msg, sizeof(struct gsm_mncc));
261 memcpy(data, mncc, sizeof(struct gsm_mncc));
262
263 cc_tx_to_mncc(net, msg);
264
265 return 0;
266}
267
268int mncc_release_ind(struct gsm_network *net, struct gsm_trans *trans,
269 uint32_t callref, int location, int value)
270{
271 struct gsm_mncc rel;
272
273 memset(&rel, 0, sizeof(rel));
274 rel.callref = callref;
275 mncc_set_cause(&rel, location, value);
276 if (trans && trans->cc.state == GSM_CSTATE_RELEASE_REQ)
277 return mncc_recvmsg(net, trans, MNCC_REL_CNF, &rel);
278 return mncc_recvmsg(net, trans, MNCC_REL_IND, &rel);
279}
280
281/* Call Control Specific transaction release.
282 * gets called by trans_free, DO NOT CALL YOURSELF! */
283void _gsm48_cc_trans_free(struct gsm_trans *trans)
284{
285 gsm48_stop_cc_timer(trans);
286
287 /* Initiate the teardown of the related connections on the MGW */
288 msc_mgcp_call_release(trans);
289
290 /* send release to L4, if callref still exists */
291 if (trans->callref) {
292 /* Ressource unavailable */
293 mncc_release_ind(trans->net, trans, trans->callref,
294 GSM48_CAUSE_LOC_PRN_S_LU,
295 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
296 /* This is a final freeing of the transaction. The MNCC release may have triggered the
297 * T308 release timer, but we don't have the luxury of graceful CC Release here. */
298 gsm48_stop_cc_timer(trans);
299 }
300 if (trans->cc.state != GSM_CSTATE_NULL)
301 new_cc_state(trans, GSM_CSTATE_NULL);
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]302
303 gsm48_stop_guard_timer(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]304}
305
306static int gsm48_cc_tx_setup(struct gsm_trans *trans, void *arg);
307
308/* call-back from paging the B-end of the connection */
309static int setup_trig_pag_evt(unsigned int hooknum, unsigned int event,
310 struct msgb *msg, void *_conn, void *_transt)
311{
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]312 struct ran_conn *conn = _conn;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]313 struct gsm_trans *transt = _transt;
314 enum gsm_paging_event paging_event = event;
315
316 OSMO_ASSERT(!transt->conn);
317
318 switch (paging_event) {
319 case GSM_PAGING_SUCCEEDED:
320 DEBUGP(DCC, "Paging subscr %s succeeded!\n",
321 vlr_subscr_msisdn_or_name(transt->vsub));
322 OSMO_ASSERT(conn);
323 /* Assign conn */
Neels Hofmeyr3c20a5e2018-11-30 01:08:36 +0100[diff] [blame]324 transt->conn = ran_conn_get(conn, RAN_CONN_USE_TRANS_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]325 transt->paging_request = NULL;
326 /* send SETUP request to called party */
327 gsm48_cc_tx_setup(transt, &transt->cc.msg);
328 break;
329 case GSM_PAGING_EXPIRED:
330 case GSM_PAGING_BUSY:
331 DEBUGP(DCC, "Paging subscr %s %s!\n",
332 vlr_subscr_msisdn_or_name(transt->vsub),
333 paging_event == GSM_PAGING_EXPIRED ? "expired" : "busy");
334 /* Temporarily out of order */
335 mncc_release_ind(transt->net, transt,
336 transt->callref,
337 GSM48_CAUSE_LOC_PRN_S_LU,
338 GSM48_CC_CAUSE_DEST_OOO);
339 transt->callref = 0;
340 transt->paging_request = NULL;
341 trans_free(transt);
342 break;
343 }
344
345 return 0;
346}
347
348/* bridge channels of two transactions */
349static int tch_bridge(struct gsm_network *net, struct gsm_mncc_bridge *bridge)
350{
351 struct gsm_trans *trans1 = trans_find_by_callref(net, bridge->callref[0]);
352 struct gsm_trans *trans2 = trans_find_by_callref(net, bridge->callref[1]);
353 int rc;
354
355 if (!trans1 || !trans2)
356 return -EIO;
357
358 if (!trans1->conn || !trans2->conn)
359 return -EIO;
360
361 /* Which subscriber do we want to track trans1 or trans2? */
362 log_set_context(LOG_CTX_VLR_SUBSCR, trans1->vsub);
363
Philipp Maier8ad3dac2018-08-07 13:00:14 +0200[diff] [blame]364 /* This call briding mechanism is only used with the internal MNCC.
365 * functionality (with external MNCC briding would be done by the PBX)
366 * This means we may just copy the codec info we have for the RAN side
367 * of the first leg to the CN side of both legs. This also means that
368 * if both legs use different codecs the MGW must perform transcoding
369 * on the second leg. */
370 trans1->conn->rtp.codec_cn = trans1->conn->rtp.codec_ran;
371 trans2->conn->rtp.codec_cn = trans1->conn->rtp.codec_ran;
372
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]373 /* Bridge RTP streams */
374 rc = msc_mgcp_call_complete(trans1, trans2->conn->rtp.local_port_cn,
375 trans2->conn->rtp.local_addr_cn);
376 if (rc)
377 return -EINVAL;
378
379 rc = msc_mgcp_call_complete(trans2, trans1->conn->rtp.local_port_cn,
380 trans1->conn->rtp.local_addr_cn);
381 if (rc)
382 return -EINVAL;
383
384 return 0;
385}
386
387static int gsm48_cc_rx_status_enq(struct gsm_trans *trans, struct msgb *msg)
388{
389 DEBUGP(DCC, "-> STATUS ENQ\n");
390 return gsm48_cc_tx_status(trans, msg);
391}
392
393static int gsm48_cc_tx_release(struct gsm_trans *trans, void *arg);
394static int gsm48_cc_tx_disconnect(struct gsm_trans *trans, void *arg);
395
396static void gsm48_cc_timeout(void *arg)
397{
398 struct gsm_trans *trans = arg;
399 int disconnect = 0, release = 0;
400 int mo_cause = GSM48_CC_CAUSE_RECOVERY_TIMER;
401 int mo_location = GSM48_CAUSE_LOC_USER;
402 int l4_cause = GSM48_CC_CAUSE_NORMAL_UNSPEC;
403 int l4_location = GSM48_CAUSE_LOC_PRN_S_LU;
404 struct gsm_mncc mo_rel, l4_rel;
405
406 memset(&mo_rel, 0, sizeof(struct gsm_mncc));
407 mo_rel.callref = trans->callref;
408 memset(&l4_rel, 0, sizeof(struct gsm_mncc));
409 l4_rel.callref = trans->callref;
410
411 switch(trans->cc.Tcurrent) {
412 case 0x303:
413 release = 1;
414 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
415 break;
416 case 0x310:
417 disconnect = 1;
418 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
419 break;
420 case 0x313:
421 disconnect = 1;
422 /* unknown, did not find it in the specs */
423 break;
424 case 0x301:
425 disconnect = 1;
426 l4_cause = GSM48_CC_CAUSE_USER_NOTRESPOND;
427 break;
428 case 0x308:
429 if (!trans->cc.T308_second) {
430 /* restart T308 a second time */
431 gsm48_cc_tx_release(trans, &trans->cc.msg);
432 trans->cc.T308_second = 1;
433 break; /* stay in release state */
434 }
435 trans_free(trans);
436 return;
437 case 0x306:
438 release = 1;
439 mo_cause = trans->cc.msg.cause.value;
440 mo_location = trans->cc.msg.cause.location;
441 break;
442 case 0x323:
443 disconnect = 1;
444 break;
445 default:
446 release = 1;
447 }
448
449 if (release && trans->callref) {
450 /* process release towards layer 4 */
451 mncc_release_ind(trans->net, trans, trans->callref,
452 l4_location, l4_cause);
453 trans->callref = 0;
454 }
455
456 if (disconnect && trans->callref) {
457 /* process disconnect towards layer 4 */
458 mncc_set_cause(&l4_rel, l4_location, l4_cause);
459 mncc_recvmsg(trans->net, trans, MNCC_DISC_IND, &l4_rel);
460 }
461
462 /* process disconnect towards mobile station */
463 if (disconnect || release) {
464 mncc_set_cause(&mo_rel, mo_location, mo_cause);
465 mo_rel.cause.diag[0] = ((trans->cc.Tcurrent & 0xf00) >> 8) + '0';
466 mo_rel.cause.diag[1] = ((trans->cc.Tcurrent & 0x0f0) >> 4) + '0';
467 mo_rel.cause.diag[2] = (trans->cc.Tcurrent & 0x00f) + '0';
468 mo_rel.cause.diag_len = 3;
469
470 if (disconnect)
471 gsm48_cc_tx_disconnect(trans, &mo_rel);
472 if (release)
473 gsm48_cc_tx_release(trans, &mo_rel);
474 }
475
476}
477
478/* disconnect both calls from the bridge */
479static inline void disconnect_bridge(struct gsm_network *net,
480 struct gsm_mncc_bridge *bridge, int err)
481{
482 struct gsm_trans *trans0 = trans_find_by_callref(net, bridge->callref[0]);
483 struct gsm_trans *trans1 = trans_find_by_callref(net, bridge->callref[1]);
484 struct gsm_mncc mx_rel;
485 if (!trans0 || !trans1)
486 return;
487
488 DEBUGP(DCC, "Failed to bridge TCH for calls %x <-> %x :: %s \n",
489 trans0->callref, trans1->callref, strerror(err));
490
491 memset(&mx_rel, 0, sizeof(struct gsm_mncc));
492 mncc_set_cause(&mx_rel, GSM48_CAUSE_LOC_INN_NET,
493 GSM48_CC_CAUSE_CHAN_UNACCEPT);
494
495 mx_rel.callref = trans0->callref;
496 gsm48_cc_tx_disconnect(trans0, &mx_rel);
497
498 mx_rel.callref = trans1->callref;
499 gsm48_cc_tx_disconnect(trans1, &mx_rel);
500}
501
502static void gsm48_start_cc_timer(struct gsm_trans *trans, int current,
503 int sec, int micro)
504{
505 DEBUGP(DCC, "starting timer T%x with %d seconds\n", current, sec);
506 osmo_timer_setup(&trans->cc.timer, gsm48_cc_timeout, trans);
507 osmo_timer_schedule(&trans->cc.timer, sec, micro);
508 trans->cc.Tcurrent = current;
509}
510
511static int gsm48_cc_rx_setup(struct gsm_trans *trans, struct msgb *msg)
512{
513 struct gsm48_hdr *gh = msgb_l3(msg);
514 uint8_t msg_type = gsm48_hdr_msg_type(gh);
515 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
516 struct tlv_parsed tp;
517 struct gsm_mncc setup;
518
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]519 gsm48_start_guard_timer(trans);
520
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]521 memset(&setup, 0, sizeof(struct gsm_mncc));
522 setup.callref = trans->callref;
523
524 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
525 /* emergency setup is identified by msg_type */
526 if (msg_type == GSM48_MT_CC_EMERG_SETUP) {
527 setup.fields |= MNCC_F_EMERGENCY;
528 setup.emergency = 1;
529 /* use destination number as configured by user (if any) */
530 if (trans->net->emergency.route_to_msisdn) {
531 setup.fields |= MNCC_F_CALLED;
532 setup.called.type = 0; /* unknown */
533 setup.called.plan = 0; /* unknown */
534 OSMO_STRLCPY_ARRAY(setup.called.number,
535 trans->net->emergency.route_to_msisdn);
536 }
537 }
538
539 /* use subscriber as calling party number */
540 setup.fields |= MNCC_F_CALLING;
541 OSMO_STRLCPY_ARRAY(setup.calling.number, trans->vsub->msisdn);
542 OSMO_STRLCPY_ARRAY(setup.imsi, trans->vsub->imsi);
543
544 /* bearer capability */
545 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
546 setup.fields |= MNCC_F_BEARER_CAP;
547 gsm48_decode_bearer_cap(&setup.bearer_cap,
548 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
549
550 /* Create a copy of the bearer capability
551 * in the transaction struct, so we can use
552 * this information later */
553 memcpy(&trans->bearer_cap,&setup.bearer_cap,
554 sizeof(trans->bearer_cap));
555 }
556 /* facility */
557 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
558 setup.fields |= MNCC_F_FACILITY;
559 gsm48_decode_facility(&setup.facility,
560 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
561 }
562 /* called party bcd number */
563 if (TLVP_PRESENT(&tp, GSM48_IE_CALLED_BCD)) {
564 setup.fields |= MNCC_F_CALLED;
565 gsm48_decode_called(&setup.called,
566 TLVP_VAL(&tp, GSM48_IE_CALLED_BCD)-1);
567 }
568 /* user-user */
569 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
570 setup.fields |= MNCC_F_USERUSER;
571 gsm48_decode_useruser(&setup.useruser,
572 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
573 }
574 /* ss-version */
575 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
576 setup.fields |= MNCC_F_SSVERSION;
577 gsm48_decode_ssversion(&setup.ssversion,
578 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
579 }
580 /* CLIR suppression */
581 if (TLVP_PRESENT(&tp, GSM48_IE_CLIR_SUPP))
582 setup.clir.sup = 1;
583 /* CLIR invocation */
584 if (TLVP_PRESENT(&tp, GSM48_IE_CLIR_INVOC))
585 setup.clir.inv = 1;
586 /* cc cap */
587 if (TLVP_PRESENT(&tp, GSM48_IE_CC_CAP)) {
588 setup.fields |= MNCC_F_CCCAP;
589 gsm48_decode_cccap(&setup.cccap,
590 TLVP_VAL(&tp, GSM48_IE_CC_CAP)-1);
591 }
592
593 new_cc_state(trans, GSM_CSTATE_INITIATED);
594
595 LOGP(DCC, setup.emergency ? LOGL_NOTICE : LOGL_INFO, "Subscriber %s (%s) sends %sSETUP to %s\n",
596 vlr_subscr_name(trans->vsub), trans->vsub->msisdn, setup.emergency ? "EMERGENCY_" : "",
597 setup.called.number);
598
599 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MO_SETUP]);
600
601 /* indicate setup to MNCC */
602 mncc_recvmsg(trans->net, trans, MNCC_SETUP_IND, &setup);
603
604 /* MNCC code will modify the channel asynchronously, we should
605 * ipaccess-bind only after the modification has been made to the
606 * lchan->tch_mode */
607 return 0;
608}
609
610static int gsm48_cc_tx_setup(struct gsm_trans *trans, void *arg)
611{
612 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC STUP");
613 struct gsm48_hdr *gh;
614 struct gsm_mncc *setup = arg;
615 int rc, trans_id;
616
617 gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
618
619 /* transaction id must not be assigned */
Maxd8daaae2019-02-14 16:54:10 +0700[diff] [blame^]620 if (trans->transaction_id != TRANS_ID_UNASSIGNED) {
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]621 DEBUGP(DCC, "TX Setup with assigned transaction. "
622 "This is not allowed!\n");
623 /* Temporarily out of order */
624 rc = mncc_release_ind(trans->net, trans, trans->callref,
625 GSM48_CAUSE_LOC_PRN_S_LU,
626 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
627 trans->callref = 0;
628 trans_free(trans);
629 return rc;
630 }
631
632 /* Get free transaction_id */
Max30fb97a2019-01-10 17:25:33 +0100[diff] [blame]633 trans_id = trans_assign_trans_id(trans->net, trans->vsub, GSM48_PDISC_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]634 if (trans_id < 0) {
635 /* no free transaction ID */
636 rc = mncc_release_ind(trans->net, trans, trans->callref,
637 GSM48_CAUSE_LOC_PRN_S_LU,
638 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
639 trans->callref = 0;
640 trans_free(trans);
641 return rc;
642 }
643 trans->transaction_id = trans_id;
644
645 gh->msg_type = GSM48_MT_CC_SETUP;
646
647 gsm48_start_cc_timer(trans, 0x303, GSM48_T303);
648
649 /* bearer capability */
650 if (setup->fields & MNCC_F_BEARER_CAP) {
651 /* Create a copy of the bearer capability in the transaction struct, so we
652 * can use this information later */
653 memcpy(&trans->bearer_cap, &setup->bearer_cap, sizeof(trans->bearer_cap));
654 gsm48_encode_bearer_cap(msg, 0, &setup->bearer_cap);
655 }
656 /* facility */
657 if (setup->fields & MNCC_F_FACILITY)
658 gsm48_encode_facility(msg, 0, &setup->facility);
659 /* progress */
660 if (setup->fields & MNCC_F_PROGRESS)
661 gsm48_encode_progress(msg, 0, &setup->progress);
662 /* calling party BCD number */
663 if (setup->fields & MNCC_F_CALLING)
664 gsm48_encode_calling(msg, &setup->calling);
665 /* called party BCD number */
666 if (setup->fields & MNCC_F_CALLED)
667 gsm48_encode_called(msg, &setup->called);
668 /* user-user */
669 if (setup->fields & MNCC_F_USERUSER)
670 gsm48_encode_useruser(msg, 0, &setup->useruser);
671 /* redirecting party BCD number */
672 if (setup->fields & MNCC_F_REDIRECTING)
673 gsm48_encode_redirecting(msg, &setup->redirecting);
674 /* signal */
675 if (setup->fields & MNCC_F_SIGNAL)
676 gsm48_encode_signal(msg, setup->signal);
677
678 new_cc_state(trans, GSM_CSTATE_CALL_PRESENT);
679
680 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MT_SETUP]);
681
682 return gsm48_conn_sendmsg(msg, trans->conn, trans);
683}
684
685static int gsm48_cc_rx_call_conf(struct gsm_trans *trans, struct msgb *msg)
686{
687 struct gsm48_hdr *gh = msgb_l3(msg);
688 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
689 struct tlv_parsed tp;
690 struct gsm_mncc call_conf;
691 int rc;
692
693 gsm48_stop_cc_timer(trans);
694 gsm48_start_cc_timer(trans, 0x310, GSM48_T310);
695
696 memset(&call_conf, 0, sizeof(struct gsm_mncc));
697 call_conf.callref = trans->callref;
698
699 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
700#if 0
701 /* repeat */
702 if (TLVP_PRESENT(&tp, GSM48_IE_REPEAT_CIR))
703 call_conf.repeat = 1;
704 if (TLVP_PRESENT(&tp, GSM48_IE_REPEAT_SEQ))
705 call_conf.repeat = 2;
706#endif
707 /* bearer capability */
708 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
709 call_conf.fields |= MNCC_F_BEARER_CAP;
710 gsm48_decode_bearer_cap(&call_conf.bearer_cap,
711 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
712
713 /* Create a copy of the bearer capability
714 * in the transaction struct, so we can use
715 * this information later */
716 memcpy(&trans->bearer_cap,&call_conf.bearer_cap,
717 sizeof(trans->bearer_cap));
718 }
719 /* cause */
720 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
721 call_conf.fields |= MNCC_F_CAUSE;
722 gsm48_decode_cause(&call_conf.cause,
723 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
724 }
725 /* cc cap */
726 if (TLVP_PRESENT(&tp, GSM48_IE_CC_CAP)) {
727 call_conf.fields |= MNCC_F_CCCAP;
728 gsm48_decode_cccap(&call_conf.cccap,
729 TLVP_VAL(&tp, GSM48_IE_CC_CAP)-1);
730 }
731
732 /* IMSI of called subscriber */
733 OSMO_STRLCPY_ARRAY(call_conf.imsi, trans->vsub->imsi);
734
735 new_cc_state(trans, GSM_CSTATE_MO_TERM_CALL_CONF);
736
737 /* Assign call (if not done yet) */
Neels Hofmeyrb16259f2018-12-20 02:57:56 +0100[diff] [blame]738 rc = msc_mgcp_try_call_assignment(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]739
740 /* don't continue, if there were problems with
741 * the call assignment. */
742 if (rc)
743 return rc;
744
745 return mncc_recvmsg(trans->net, trans, MNCC_CALL_CONF_IND,
746 &call_conf);
747}
748
749static int gsm48_cc_tx_call_proc_and_assign(struct gsm_trans *trans, void *arg)
750{
751 struct gsm_mncc *proceeding = arg;
752 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC PROC");
753 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
754 int rc;
755
756 gh->msg_type = GSM48_MT_CC_CALL_PROC;
757
758 new_cc_state(trans, GSM_CSTATE_MO_CALL_PROC);
759
760 /* bearer capability */
761 if (proceeding->fields & MNCC_F_BEARER_CAP) {
762 gsm48_encode_bearer_cap(msg, 0, &proceeding->bearer_cap);
763 memcpy(&trans->bearer_cap, &proceeding->bearer_cap, sizeof(trans->bearer_cap));
764 }
765 /* facility */
766 if (proceeding->fields & MNCC_F_FACILITY)
767 gsm48_encode_facility(msg, 0, &proceeding->facility);
768 /* progress */
769 if (proceeding->fields & MNCC_F_PROGRESS)
770 gsm48_encode_progress(msg, 0, &proceeding->progress);
771
772 rc = gsm48_conn_sendmsg(msg, trans->conn, trans);
773 if (rc)
774 return rc;
775
776 /* Assign call (if not done yet) */
Neels Hofmeyrb16259f2018-12-20 02:57:56 +0100[diff] [blame]777 return msc_mgcp_try_call_assignment(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]778}
779
780static int gsm48_cc_rx_alerting(struct gsm_trans *trans, struct msgb *msg)
781{
782 struct gsm48_hdr *gh = msgb_l3(msg);
783 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
784 struct tlv_parsed tp;
785 struct gsm_mncc alerting;
786
787 gsm48_stop_cc_timer(trans);
788 gsm48_start_cc_timer(trans, 0x301, GSM48_T301);
789
790 memset(&alerting, 0, sizeof(struct gsm_mncc));
791 alerting.callref = trans->callref;
792 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
793 /* facility */
794 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
795 alerting.fields |= MNCC_F_FACILITY;
796 gsm48_decode_facility(&alerting.facility,
797 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
798 }
799
800 /* progress */
801 if (TLVP_PRESENT(&tp, GSM48_IE_PROGR_IND)) {
802 alerting.fields |= MNCC_F_PROGRESS;
803 gsm48_decode_progress(&alerting.progress,
804 TLVP_VAL(&tp, GSM48_IE_PROGR_IND)-1);
805 }
806 /* ss-version */
807 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
808 alerting.fields |= MNCC_F_SSVERSION;
809 gsm48_decode_ssversion(&alerting.ssversion,
810 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
811 }
812
813 new_cc_state(trans, GSM_CSTATE_CALL_RECEIVED);
814
815 return mncc_recvmsg(trans->net, trans, MNCC_ALERT_IND,
816 &alerting);
817}
818
819static int gsm48_cc_tx_alerting(struct gsm_trans *trans, void *arg)
820{
821 struct gsm_mncc *alerting = arg;
822 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC ALERT");
823 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
824
825 gh->msg_type = GSM48_MT_CC_ALERTING;
826
827 /* facility */
828 if (alerting->fields & MNCC_F_FACILITY)
829 gsm48_encode_facility(msg, 0, &alerting->facility);
830 /* progress */
831 if (alerting->fields & MNCC_F_PROGRESS)
832 gsm48_encode_progress(msg, 0, &alerting->progress);
833 /* user-user */
834 if (alerting->fields & MNCC_F_USERUSER)
835 gsm48_encode_useruser(msg, 0, &alerting->useruser);
836
837 new_cc_state(trans, GSM_CSTATE_CALL_DELIVERED);
838
839 return gsm48_conn_sendmsg(msg, trans->conn, trans);
840}
841
842static int gsm48_cc_tx_progress(struct gsm_trans *trans, void *arg)
843{
844 struct gsm_mncc *progress = arg;
845 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC PROGRESS");
846 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
847
848 gh->msg_type = GSM48_MT_CC_PROGRESS;
849
850 /* progress */
851 gsm48_encode_progress(msg, 1, &progress->progress);
852 /* user-user */
853 if (progress->fields & MNCC_F_USERUSER)
854 gsm48_encode_useruser(msg, 0, &progress->useruser);
855
856 return gsm48_conn_sendmsg(msg, trans->conn, trans);
857}
858
859static int gsm48_cc_tx_connect(struct gsm_trans *trans, void *arg)
860{
861 struct gsm_mncc *connect = arg;
862 struct msgb *msg = gsm48_msgb_alloc_name("GSN 04.08 CC CON");
863 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
864
865 gh->msg_type = GSM48_MT_CC_CONNECT;
866
867 gsm48_stop_cc_timer(trans);
868 gsm48_start_cc_timer(trans, 0x313, GSM48_T313);
869
870 /* facility */
871 if (connect->fields & MNCC_F_FACILITY)
872 gsm48_encode_facility(msg, 0, &connect->facility);
873 /* progress */
874 if (connect->fields & MNCC_F_PROGRESS)
875 gsm48_encode_progress(msg, 0, &connect->progress);
876 /* connected number */
877 if (connect->fields & MNCC_F_CONNECTED)
878 gsm48_encode_connected(msg, &connect->connected);
879 /* user-user */
880 if (connect->fields & MNCC_F_USERUSER)
881 gsm48_encode_useruser(msg, 0, &connect->useruser);
882
883 new_cc_state(trans, GSM_CSTATE_CONNECT_IND);
884
885 return gsm48_conn_sendmsg(msg, trans->conn, trans);
886}
887
888static int gsm48_cc_rx_connect(struct gsm_trans *trans, struct msgb *msg)
889{
890 struct gsm48_hdr *gh = msgb_l3(msg);
891 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
892 struct tlv_parsed tp;
893 struct gsm_mncc connect;
894
895 gsm48_stop_cc_timer(trans);
896
897 memset(&connect, 0, sizeof(struct gsm_mncc));
898 connect.callref = trans->callref;
899 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
900 /* use subscriber as connected party number */
901 connect.fields |= MNCC_F_CONNECTED;
902 OSMO_STRLCPY_ARRAY(connect.connected.number, trans->vsub->msisdn);
903 OSMO_STRLCPY_ARRAY(connect.imsi, trans->vsub->imsi);
904
905 /* facility */
906 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
907 connect.fields |= MNCC_F_FACILITY;
908 gsm48_decode_facility(&connect.facility,
909 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
910 }
911 /* user-user */
912 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
913 connect.fields |= MNCC_F_USERUSER;
914 gsm48_decode_useruser(&connect.useruser,
915 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
916 }
917 /* ss-version */
918 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
919 connect.fields |= MNCC_F_SSVERSION;
920 gsm48_decode_ssversion(&connect.ssversion,
921 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
922 }
923
924 new_cc_state(trans, GSM_CSTATE_CONNECT_REQUEST);
925 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MT_CONNECT]);
926
927 return mncc_recvmsg(trans->net, trans, MNCC_SETUP_CNF, &connect);
928}
929
930
931static int gsm48_cc_rx_connect_ack(struct gsm_trans *trans, struct msgb *msg)
932{
933 struct gsm_mncc connect_ack;
934
935 gsm48_stop_cc_timer(trans);
936
937 new_cc_state(trans, GSM_CSTATE_ACTIVE);
938 rate_ctr_inc(&trans->net->msc_ctrs->ctr[MSC_CTR_CALL_MO_CONNECT_ACK]);
939
940 memset(&connect_ack, 0, sizeof(struct gsm_mncc));
941 connect_ack.callref = trans->callref;
942
943 return mncc_recvmsg(trans->net, trans, MNCC_SETUP_COMPL_IND,
944 &connect_ack);
945}
946
947static int gsm48_cc_tx_connect_ack(struct gsm_trans *trans, void *arg)
948{
949 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC CON ACK");
950 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
951
952 gh->msg_type = GSM48_MT_CC_CONNECT_ACK;
953
954 new_cc_state(trans, GSM_CSTATE_ACTIVE);
955
956 return gsm48_conn_sendmsg(msg, trans->conn, trans);
957}
958
959static int gsm48_cc_rx_disconnect(struct gsm_trans *trans, struct msgb *msg)
960{
961 struct gsm48_hdr *gh = msgb_l3(msg);
962 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
963 struct tlv_parsed tp;
964 struct gsm_mncc disc;
965
966 gsm48_stop_cc_timer(trans);
967
968 new_cc_state(trans, GSM_CSTATE_DISCONNECT_REQ);
969
970 memset(&disc, 0, sizeof(struct gsm_mncc));
971 disc.callref = trans->callref;
972 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_CAUSE, 0);
973 /* cause */
974 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
975 disc.fields |= MNCC_F_CAUSE;
976 gsm48_decode_cause(&disc.cause,
977 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
978 }
979 /* facility */
980 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
981 disc.fields |= MNCC_F_FACILITY;
982 gsm48_decode_facility(&disc.facility,
983 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
984 }
985 /* user-user */
986 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
987 disc.fields |= MNCC_F_USERUSER;
988 gsm48_decode_useruser(&disc.useruser,
989 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
990 }
991 /* ss-version */
992 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
993 disc.fields |= MNCC_F_SSVERSION;
994 gsm48_decode_ssversion(&disc.ssversion,
995 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
996 }
997
998 return mncc_recvmsg(trans->net, trans, MNCC_DISC_IND, &disc);
999
1000}
1001
1002static struct gsm_mncc_cause default_cause = {
1003 .location = GSM48_CAUSE_LOC_PRN_S_LU,
1004 .coding = 0,
1005 .rec = 0,
1006 .rec_val = 0,
1007 .value = GSM48_CC_CAUSE_NORMAL_UNSPEC,
1008 .diag_len = 0,
1009 .diag = { 0 },
1010};
1011
1012static int gsm48_cc_tx_disconnect(struct gsm_trans *trans, void *arg)
1013{
1014 struct gsm_mncc *disc = arg;
1015 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC DISC");
1016 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1017
1018 gh->msg_type = GSM48_MT_CC_DISCONNECT;
1019
1020 gsm48_stop_cc_timer(trans);
1021 gsm48_start_cc_timer(trans, 0x306, GSM48_T306);
1022
1023 /* cause */
1024 if (disc->fields & MNCC_F_CAUSE)
1025 gsm48_encode_cause(msg, 1, &disc->cause);
1026 else
1027 gsm48_encode_cause(msg, 1, &default_cause);
1028
1029 /* facility */
1030 if (disc->fields & MNCC_F_FACILITY)
1031 gsm48_encode_facility(msg, 0, &disc->facility);
1032 /* progress */
1033 if (disc->fields & MNCC_F_PROGRESS)
1034 gsm48_encode_progress(msg, 0, &disc->progress);
1035 /* user-user */
1036 if (disc->fields & MNCC_F_USERUSER)
1037 gsm48_encode_useruser(msg, 0, &disc->useruser);
1038
1039 /* store disconnect cause for T306 expiry */
1040 memcpy(&trans->cc.msg, disc, sizeof(struct gsm_mncc));
1041
1042 new_cc_state(trans, GSM_CSTATE_DISCONNECT_IND);
1043
1044 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1045}
1046
1047static int gsm48_cc_rx_release(struct gsm_trans *trans, struct msgb *msg)
1048{
1049 struct gsm48_hdr *gh = msgb_l3(msg);
1050 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1051 struct tlv_parsed tp;
1052 struct gsm_mncc rel;
1053 int rc;
1054
1055 gsm48_stop_cc_timer(trans);
1056
1057 memset(&rel, 0, sizeof(struct gsm_mncc));
1058 rel.callref = trans->callref;
1059 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1060 /* cause */
1061 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1062 rel.fields |= MNCC_F_CAUSE;
1063 gsm48_decode_cause(&rel.cause,
1064 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1065 }
1066 /* facility */
1067 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1068 rel.fields |= MNCC_F_FACILITY;
1069 gsm48_decode_facility(&rel.facility,
1070 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1071 }
1072 /* user-user */
1073 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1074 rel.fields |= MNCC_F_USERUSER;
1075 gsm48_decode_useruser(&rel.useruser,
1076 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1077 }
1078 /* ss-version */
1079 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1080 rel.fields |= MNCC_F_SSVERSION;
1081 gsm48_decode_ssversion(&rel.ssversion,
1082 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1083 }
1084
1085 if (trans->cc.state == GSM_CSTATE_RELEASE_REQ) {
1086 /* release collision 5.4.5 */
1087 rc = mncc_recvmsg(trans->net, trans, MNCC_REL_CNF, &rel);
1088 } else {
1089 rc = gsm48_tx_simple(trans->conn,
1090 GSM48_PDISC_CC | (trans->transaction_id << 4),
1091 GSM48_MT_CC_RELEASE_COMPL);
1092 rc = mncc_recvmsg(trans->net, trans, MNCC_REL_IND, &rel);
1093 }
1094
1095 new_cc_state(trans, GSM_CSTATE_NULL);
1096
1097 trans->callref = 0;
1098 trans_free(trans);
1099
1100 return rc;
1101}
1102
1103static int gsm48_cc_tx_release(struct gsm_trans *trans, void *arg)
1104{
1105 struct gsm_mncc *rel = arg;
1106 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC REL");
1107 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1108
1109 gh->msg_type = GSM48_MT_CC_RELEASE;
1110
1111 gsm48_stop_cc_timer(trans);
1112 gsm48_start_cc_timer(trans, 0x308, GSM48_T308);
1113
1114 /* cause */
1115 if (rel->fields & MNCC_F_CAUSE)
1116 gsm48_encode_cause(msg, 0, &rel->cause);
1117 /* facility */
1118 if (rel->fields & MNCC_F_FACILITY)
1119 gsm48_encode_facility(msg, 0, &rel->facility);
1120 /* user-user */
1121 if (rel->fields & MNCC_F_USERUSER)
1122 gsm48_encode_useruser(msg, 0, &rel->useruser);
1123
1124 trans->cc.T308_second = 0;
1125 memcpy(&trans->cc.msg, rel, sizeof(struct gsm_mncc));
1126
1127 if (trans->cc.state != GSM_CSTATE_RELEASE_REQ)
1128 new_cc_state(trans, GSM_CSTATE_RELEASE_REQ);
1129
1130 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1131}
1132
1133static int gsm48_cc_rx_release_compl(struct gsm_trans *trans, struct msgb *msg)
1134{
1135 struct gsm48_hdr *gh = msgb_l3(msg);
1136 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1137 struct tlv_parsed tp;
1138 struct gsm_mncc rel;
1139 int rc = 0;
1140
1141 gsm48_stop_cc_timer(trans);
1142
1143 memset(&rel, 0, sizeof(struct gsm_mncc));
1144 rel.callref = trans->callref;
1145 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1146 /* cause */
1147 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1148 rel.fields |= MNCC_F_CAUSE;
1149 gsm48_decode_cause(&rel.cause,
1150 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1151 }
1152 /* facility */
1153 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1154 rel.fields |= MNCC_F_FACILITY;
1155 gsm48_decode_facility(&rel.facility,
1156 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1157 }
1158 /* user-user */
1159 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1160 rel.fields |= MNCC_F_USERUSER;
1161 gsm48_decode_useruser(&rel.useruser,
1162 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1163 }
1164 /* ss-version */
1165 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1166 rel.fields |= MNCC_F_SSVERSION;
1167 gsm48_decode_ssversion(&rel.ssversion,
1168 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1169 }
1170
1171 if (trans->callref) {
1172 switch (trans->cc.state) {
1173 case GSM_CSTATE_CALL_PRESENT:
1174 rc = mncc_recvmsg(trans->net, trans,
1175 MNCC_REJ_IND, &rel);
1176 break;
1177 case GSM_CSTATE_RELEASE_REQ:
1178 rc = mncc_recvmsg(trans->net, trans,
1179 MNCC_REL_CNF, &rel);
1180 break;
1181 default:
1182 rc = mncc_recvmsg(trans->net, trans,
1183 MNCC_REL_IND, &rel);
1184 }
1185 }
1186
1187 trans->callref = 0;
1188 trans_free(trans);
1189
1190 return rc;
1191}
1192
1193static int gsm48_cc_tx_release_compl(struct gsm_trans *trans, void *arg)
1194{
1195 struct gsm_mncc *rel = arg;
1196 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC REL COMPL");
1197 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1198 int ret;
1199
1200 gh->msg_type = GSM48_MT_CC_RELEASE_COMPL;
1201
1202 trans->callref = 0;
1203
1204 gsm48_stop_cc_timer(trans);
1205
1206 /* cause */
1207 if (rel->fields & MNCC_F_CAUSE)
1208 gsm48_encode_cause(msg, 0, &rel->cause);
1209 /* facility */
1210 if (rel->fields & MNCC_F_FACILITY)
1211 gsm48_encode_facility(msg, 0, &rel->facility);
1212 /* user-user */
1213 if (rel->fields & MNCC_F_USERUSER)
1214 gsm48_encode_useruser(msg, 0, &rel->useruser);
1215
1216 ret = gsm48_conn_sendmsg(msg, trans->conn, trans);
1217
1218 trans_free(trans);
1219
1220 return ret;
1221}
1222
1223static int gsm48_cc_rx_facility(struct gsm_trans *trans, struct msgb *msg)
1224{
1225 struct gsm48_hdr *gh = msgb_l3(msg);
1226 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1227 struct tlv_parsed tp;
1228 struct gsm_mncc fac;
1229
1230 memset(&fac, 0, sizeof(struct gsm_mncc));
1231 fac.callref = trans->callref;
1232 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_FACILITY, 0);
1233 /* facility */
1234 if (TLVP_PRESENT(&tp, GSM48_IE_FACILITY)) {
1235 fac.fields |= MNCC_F_FACILITY;
1236 gsm48_decode_facility(&fac.facility,
1237 TLVP_VAL(&tp, GSM48_IE_FACILITY)-1);
1238 }
1239 /* ss-version */
1240 if (TLVP_PRESENT(&tp, GSM48_IE_SS_VERS)) {
1241 fac.fields |= MNCC_F_SSVERSION;
1242 gsm48_decode_ssversion(&fac.ssversion,
1243 TLVP_VAL(&tp, GSM48_IE_SS_VERS)-1);
1244 }
1245
1246 return mncc_recvmsg(trans->net, trans, MNCC_FACILITY_IND, &fac);
1247}
1248
1249static int gsm48_cc_tx_facility(struct gsm_trans *trans, void *arg)
1250{
1251 struct gsm_mncc *fac = arg;
1252 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC FAC");
1253 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1254
1255 gh->msg_type = GSM48_MT_CC_FACILITY;
1256
1257 /* facility */
1258 gsm48_encode_facility(msg, 1, &fac->facility);
1259
1260 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1261}
1262
1263static int gsm48_cc_rx_hold(struct gsm_trans *trans, struct msgb *msg)
1264{
1265 struct gsm_mncc hold;
1266
1267 memset(&hold, 0, sizeof(struct gsm_mncc));
1268 hold.callref = trans->callref;
1269 return mncc_recvmsg(trans->net, trans, MNCC_HOLD_IND, &hold);
1270}
1271
1272static int gsm48_cc_tx_hold_ack(struct gsm_trans *trans, void *arg)
1273{
1274 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC HLD ACK");
1275 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1276
1277 gh->msg_type = GSM48_MT_CC_HOLD_ACK;
1278
1279 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1280}
1281
1282static int gsm48_cc_tx_hold_rej(struct gsm_trans *trans, void *arg)
1283{
1284 struct gsm_mncc *hold_rej = arg;
1285 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC HLD REJ");
1286 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1287
1288 gh->msg_type = GSM48_MT_CC_HOLD_REJ;
1289
1290 /* cause */
1291 if (hold_rej->fields & MNCC_F_CAUSE)
1292 gsm48_encode_cause(msg, 1, &hold_rej->cause);
1293 else
1294 gsm48_encode_cause(msg, 1, &default_cause);
1295
1296 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1297}
1298
1299static int gsm48_cc_rx_retrieve(struct gsm_trans *trans, struct msgb *msg)
1300{
1301 struct gsm_mncc retrieve;
1302
1303 memset(&retrieve, 0, sizeof(struct gsm_mncc));
1304 retrieve.callref = trans->callref;
1305 return mncc_recvmsg(trans->net, trans, MNCC_RETRIEVE_IND,
1306 &retrieve);
1307}
1308
1309static int gsm48_cc_tx_retrieve_ack(struct gsm_trans *trans, void *arg)
1310{
1311 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC RETR ACK");
1312 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1313
1314 gh->msg_type = GSM48_MT_CC_RETR_ACK;
1315
1316 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1317}
1318
1319static int gsm48_cc_tx_retrieve_rej(struct gsm_trans *trans, void *arg)
1320{
1321 struct gsm_mncc *retrieve_rej = arg;
1322 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC RETR REJ");
1323 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1324
1325 gh->msg_type = GSM48_MT_CC_RETR_REJ;
1326
1327 /* cause */
1328 if (retrieve_rej->fields & MNCC_F_CAUSE)
1329 gsm48_encode_cause(msg, 1, &retrieve_rej->cause);
1330 else
1331 gsm48_encode_cause(msg, 1, &default_cause);
1332
1333 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1334}
1335
1336static int gsm48_cc_rx_start_dtmf(struct gsm_trans *trans, struct msgb *msg)
1337{
1338 struct gsm48_hdr *gh = msgb_l3(msg);
1339 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1340 struct tlv_parsed tp;
1341 struct gsm_mncc dtmf;
1342
1343 memset(&dtmf, 0, sizeof(struct gsm_mncc));
1344 dtmf.callref = trans->callref;
1345 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, 0, 0);
1346 /* keypad facility */
1347 if (TLVP_PRESENT(&tp, GSM48_IE_KPD_FACILITY)) {
1348 dtmf.fields |= MNCC_F_KEYPAD;
1349 gsm48_decode_keypad(&dtmf.keypad,
1350 TLVP_VAL(&tp, GSM48_IE_KPD_FACILITY)-1);
1351 }
1352
1353 return mncc_recvmsg(trans->net, trans, MNCC_START_DTMF_IND, &dtmf);
1354}
1355
1356static int gsm48_cc_tx_start_dtmf_ack(struct gsm_trans *trans, void *arg)
1357{
1358 struct gsm_mncc *dtmf = arg;
1359 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF ACK");
1360 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1361
1362 gh->msg_type = GSM48_MT_CC_START_DTMF_ACK;
1363
1364 /* keypad */
1365 if (dtmf->fields & MNCC_F_KEYPAD)
1366 gsm48_encode_keypad(msg, dtmf->keypad);
1367
1368 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1369}
1370
1371static int gsm48_cc_tx_start_dtmf_rej(struct gsm_trans *trans, void *arg)
1372{
1373 struct gsm_mncc *dtmf = arg;
1374 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF REJ");
1375 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1376
1377 gh->msg_type = GSM48_MT_CC_START_DTMF_REJ;
1378
1379 /* cause */
1380 if (dtmf->fields & MNCC_F_CAUSE)
1381 gsm48_encode_cause(msg, 1, &dtmf->cause);
1382 else
1383 gsm48_encode_cause(msg, 1, &default_cause);
1384
1385 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1386}
1387
1388static int gsm48_cc_tx_stop_dtmf_ack(struct gsm_trans *trans, void *arg)
1389{
1390 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 DTMF STP ACK");
1391 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1392
1393 gh->msg_type = GSM48_MT_CC_STOP_DTMF_ACK;
1394
1395 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1396}
1397
1398static int gsm48_cc_rx_stop_dtmf(struct gsm_trans *trans, struct msgb *msg)
1399{
1400 struct gsm_mncc dtmf;
1401
1402 memset(&dtmf, 0, sizeof(struct gsm_mncc));
1403 dtmf.callref = trans->callref;
1404
1405 return mncc_recvmsg(trans->net, trans, MNCC_STOP_DTMF_IND, &dtmf);
1406}
1407
1408static int gsm48_cc_rx_modify(struct gsm_trans *trans, struct msgb *msg)
1409{
1410 struct gsm48_hdr *gh = msgb_l3(msg);
1411 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1412 struct tlv_parsed tp;
1413 struct gsm_mncc modify;
1414
1415 memset(&modify, 0, sizeof(struct gsm_mncc));
1416 modify.callref = trans->callref;
1417 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, 0);
1418 /* bearer capability */
1419 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1420 modify.fields |= MNCC_F_BEARER_CAP;
1421 gsm48_decode_bearer_cap(&modify.bearer_cap,
1422 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1423
1424 /* Create a copy of the bearer capability
1425 * in the transaction struct, so we can use
1426 * this information later */
1427 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1428 sizeof(trans->bearer_cap));
1429 }
1430
1431 new_cc_state(trans, GSM_CSTATE_MO_ORIG_MODIFY);
1432
1433 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_IND, &modify);
1434}
1435
1436static int gsm48_cc_tx_modify(struct gsm_trans *trans, void *arg)
1437{
1438 struct gsm_mncc *modify = arg;
1439 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD");
1440 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1441
1442 gh->msg_type = GSM48_MT_CC_MODIFY;
1443
1444 gsm48_start_cc_timer(trans, 0x323, GSM48_T323);
1445
1446 /* bearer capability */
1447 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1448 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1449
1450 new_cc_state(trans, GSM_CSTATE_MO_TERM_MODIFY);
1451
1452 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1453}
1454
1455static int gsm48_cc_rx_modify_complete(struct gsm_trans *trans, struct msgb *msg)
1456{
1457 struct gsm48_hdr *gh = msgb_l3(msg);
1458 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1459 struct tlv_parsed tp;
1460 struct gsm_mncc modify;
1461
1462 gsm48_stop_cc_timer(trans);
1463
1464 memset(&modify, 0, sizeof(struct gsm_mncc));
1465 modify.callref = trans->callref;
1466 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, 0);
1467 /* bearer capability */
1468 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1469 modify.fields |= MNCC_F_BEARER_CAP;
1470 gsm48_decode_bearer_cap(&modify.bearer_cap,
1471 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1472
1473 /* Create a copy of the bearer capability
1474 * in the transaction struct, so we can use
1475 * this information later */
1476 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1477 sizeof(trans->bearer_cap));
1478 }
1479
1480 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1481
1482 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_CNF, &modify);
1483}
1484
1485static int gsm48_cc_tx_modify_complete(struct gsm_trans *trans, void *arg)
1486{
1487 struct gsm_mncc *modify = arg;
1488 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD COMPL");
1489 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1490
1491 gh->msg_type = GSM48_MT_CC_MODIFY_COMPL;
1492
1493 /* bearer capability */
1494 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1495 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1496
1497 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1498
1499 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1500}
1501
1502static int gsm48_cc_rx_modify_reject(struct gsm_trans *trans, struct msgb *msg)
1503{
1504 struct gsm48_hdr *gh = msgb_l3(msg);
1505 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1506 struct tlv_parsed tp;
1507 struct gsm_mncc modify;
1508
1509 gsm48_stop_cc_timer(trans);
1510
1511 memset(&modify, 0, sizeof(struct gsm_mncc));
1512 modify.callref = trans->callref;
1513 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_BEARER_CAP, GSM48_IE_CAUSE);
1514 /* bearer capability */
1515 if (TLVP_PRESENT(&tp, GSM48_IE_BEARER_CAP)) {
1516 modify.fields |= GSM48_IE_BEARER_CAP;
1517 gsm48_decode_bearer_cap(&modify.bearer_cap,
1518 TLVP_VAL(&tp, GSM48_IE_BEARER_CAP)-1);
1519
1520 /* Create a copy of the bearer capability
1521 * in the transaction struct, so we can use
1522 * this information later */
1523 memcpy(&trans->bearer_cap,&modify.bearer_cap,
1524 sizeof(trans->bearer_cap));
1525 }
1526 /* cause */
1527 if (TLVP_PRESENT(&tp, GSM48_IE_CAUSE)) {
1528 modify.fields |= MNCC_F_CAUSE;
1529 gsm48_decode_cause(&modify.cause,
1530 TLVP_VAL(&tp, GSM48_IE_CAUSE)-1);
1531 }
1532
1533 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1534
1535 return mncc_recvmsg(trans->net, trans, MNCC_MODIFY_REJ, &modify);
1536}
1537
1538static int gsm48_cc_tx_modify_reject(struct gsm_trans *trans, void *arg)
1539{
1540 struct gsm_mncc *modify = arg;
1541 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC MOD REJ");
1542 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1543
1544 gh->msg_type = GSM48_MT_CC_MODIFY_REJECT;
1545
1546 /* bearer capability */
1547 gsm48_encode_bearer_cap(msg, 1, &modify->bearer_cap);
1548 memcpy(&trans->bearer_cap, &modify->bearer_cap, sizeof(trans->bearer_cap));
1549 /* cause */
1550 gsm48_encode_cause(msg, 1, &modify->cause);
1551
1552 new_cc_state(trans, GSM_CSTATE_ACTIVE);
1553
1554 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1555}
1556
1557static int gsm48_cc_tx_notify(struct gsm_trans *trans, void *arg)
1558{
1559 struct gsm_mncc *notify = arg;
1560 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 CC NOT");
1561 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1562
1563 gh->msg_type = GSM48_MT_CC_NOTIFY;
1564
1565 /* notify */
1566 gsm48_encode_notify(msg, notify->notify);
1567
1568 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1569}
1570
1571static int gsm48_cc_rx_notify(struct gsm_trans *trans, struct msgb *msg)
1572{
1573 struct gsm48_hdr *gh = msgb_l3(msg);
1574 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1575// struct tlv_parsed tp;
1576 struct gsm_mncc notify;
1577
1578 memset(&notify, 0, sizeof(struct gsm_mncc));
1579 notify.callref = trans->callref;
1580// tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len);
1581 if (payload_len >= 1)
1582 gsm48_decode_notify(&notify.notify, gh->data);
1583
1584 return mncc_recvmsg(trans->net, trans, MNCC_NOTIFY_IND, &notify);
1585}
1586
1587static int gsm48_cc_tx_userinfo(struct gsm_trans *trans, void *arg)
1588{
1589 struct gsm_mncc *user = arg;
1590 struct msgb *msg = gsm48_msgb_alloc_name("GSM 04.08 USR INFO");
1591 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
1592
1593 gh->msg_type = GSM48_MT_CC_USER_INFO;
1594
1595 /* user-user */
1596 if (user->fields & MNCC_F_USERUSER)
1597 gsm48_encode_useruser(msg, 1, &user->useruser);
1598 /* more data */
1599 if (user->more)
1600 gsm48_encode_more(msg);
1601
1602 return gsm48_conn_sendmsg(msg, trans->conn, trans);
1603}
1604
1605static int gsm48_cc_rx_userinfo(struct gsm_trans *trans, struct msgb *msg)
1606{
1607 struct gsm48_hdr *gh = msgb_l3(msg);
1608 unsigned int payload_len = msgb_l3len(msg) - sizeof(*gh);
1609 struct tlv_parsed tp;
1610 struct gsm_mncc user;
1611
1612 memset(&user, 0, sizeof(struct gsm_mncc));
1613 user.callref = trans->callref;
1614 tlv_parse(&tp, &gsm48_att_tlvdef, gh->data, payload_len, GSM48_IE_USER_USER, 0);
1615 /* user-user */
1616 if (TLVP_PRESENT(&tp, GSM48_IE_USER_USER)) {
1617 user.fields |= MNCC_F_USERUSER;
1618 gsm48_decode_useruser(&user.useruser,
1619 TLVP_VAL(&tp, GSM48_IE_USER_USER)-1);
1620 }
1621 /* more data */
1622 if (TLVP_PRESENT(&tp, GSM48_IE_MORE_DATA))
1623 user.more = 1;
1624
1625 return mncc_recvmsg(trans->net, trans, MNCC_USERINFO_IND, &user);
1626}
1627
1628static void mncc_recv_rtp(struct gsm_network *net, uint32_t callref,
1629 int cmd, uint32_t addr, uint16_t port, uint32_t payload_type,
1630 uint32_t payload_msg_type)
1631{
1632 uint8_t data[sizeof(struct gsm_mncc)];
1633 struct gsm_mncc_rtp *rtp;
1634
1635 memset(&data, 0, sizeof(data));
1636 rtp = (struct gsm_mncc_rtp *) &data[0];
1637
1638 rtp->callref = callref;
1639 rtp->msg_type = cmd;
Philipp Maiere2497f72018-09-28 10:37:17 +0200[diff] [blame]1640 rtp->ip = osmo_htonl(addr);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1641 rtp->port = port;
1642 rtp->payload_type = payload_type;
1643 rtp->payload_msg_type = payload_msg_type;
1644 mncc_recvmsg(net, NULL, cmd, (struct gsm_mncc *)data);
1645}
1646
1647static void mncc_recv_rtp_sock(struct gsm_network *net, struct gsm_trans *trans, int cmd)
1648{
1649 int msg_type;
1650
1651 /* FIXME This has to be set to some meaningful value.
1652 * Possible options are:
1653 * GSM_TCHF_FRAME, GSM_TCHF_FRAME_EFR,
1654 * GSM_TCHH_FRAME, GSM_TCH_FRAME_AMR
1655 * (0 if unknown) */
1656 msg_type = GSM_TCHF_FRAME;
1657
1658 uint32_t addr = inet_addr(trans->conn->rtp.local_addr_cn);
1659 uint16_t port = trans->conn->rtp.local_port_cn;
1660
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1661 if (addr == INADDR_NONE) {
1662 LOGP(DMNCC, LOGL_ERROR,
1663 "(subscriber:%s) external MNCC is signalling invalid IP-Address\n",
1664 vlr_subscr_name(trans->vsub));
1665 return;
1666 }
1667 if (port == 0) {
1668 LOGP(DMNCC, LOGL_ERROR,
1669 "(subscriber:%s) external MNCC is signalling invalid Port\n",
1670 vlr_subscr_name(trans->vsub));
1671 return;
1672 }
1673
1674 /* FIXME: This has to be set to some meaningful value,
1675 * before the MSC-Split, this value was pulled from
1676 * lchan->abis_ip.rtp_payload */
1677 uint32_t payload_type = 0;
1678
1679 return mncc_recv_rtp(net, trans->callref, cmd,
1680 addr,
1681 port,
1682 payload_type,
1683 msg_type);
1684}
1685
1686static void mncc_recv_rtp_err(struct gsm_network *net, uint32_t callref, int cmd)
1687{
1688 return mncc_recv_rtp(net, callref, cmd, 0, 0, 0, 0);
1689}
1690
1691static int tch_rtp_create(struct gsm_network *net, uint32_t callref)
1692{
1693 struct gsm_trans *trans;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1694
1695 /* Find callref */
1696 trans = trans_find_by_callref(net, callref);
1697 if (!trans) {
1698 LOGP(DMNCC, LOGL_ERROR, "RTP create for non-existing trans\n");
1699 mncc_recv_rtp_err(net, callref, MNCC_RTP_CREATE);
1700 return -EIO;
1701 }
1702 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1703 if (!trans->conn) {
1704 LOGP(DMNCC, LOGL_NOTICE, "RTP create for trans without conn\n");
1705 mncc_recv_rtp_err(net, callref, MNCC_RTP_CREATE);
1706 return 0;
1707 }
1708
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1709 /* When we call msc_mgcp_call_assignment() we will trigger, depending
1710 * on the RAN type the call assignment on the A or Iu interface.
1711 * msc_mgcp_call_assignment() also takes care about sending the CRCX
1712 * command to the MGCP-GW. The CRCX will return the port number,
1713 * where the PBX (e.g. Asterisk) will send its RTP stream to. We
1714 * have to return this port number back to the MNCC by sending
1715 * it back with the TCH_RTP_CREATE message. To make sure that
1716 * this message is sent AFTER the response to CRCX from the
1717 * MGCP-GW has arrived, we need will instruct msc_mgcp_call_assignment()
1718 * to take care of this by setting trans->tch_rtp_create to true.
1719 * This will make sure that gsm48_tch_rtp_create() (below) is
1720 * called as soon as the local port number has become known. */
1721 trans->tch_rtp_create = true;
1722
1723 /* Assign call (if not done yet) */
Neels Hofmeyrb16259f2018-12-20 02:57:56 +0100[diff] [blame]1724 return msc_mgcp_try_call_assignment(trans);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1725}
1726
1727/* Trigger TCH_RTP_CREATE acknowledgement */
1728int gsm48_tch_rtp_create(struct gsm_trans *trans)
1729{
1730 /* This function is called as soon as the port, on which the
1731 * mgcp-gw expects the incoming RTP stream from the remote
1732 * end (e.g. Asterisk) is known. */
1733
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]1734 struct ran_conn *conn = trans->conn;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1735 struct gsm_network *network = conn->network;
1736
1737 mncc_recv_rtp_sock(network, trans, MNCC_RTP_CREATE);
1738 return 0;
1739}
1740
Maxc4e4fa72018-12-17 12:55:59 +0100[diff] [blame]1741static int tch_rtp_connect(struct gsm_network *net, struct gsm_mncc_rtp *rtp)
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1742{
1743 struct gsm_trans *trans;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1744 struct in_addr addr;
1745
Philipp Maier8ad3dac2018-08-07 13:00:14 +0200[diff] [blame]1746 /* FIXME: in *rtp we should get the codec information of the remote
1747 * leg. We will have to populate trans->conn->rtp.codec_cn with a
1748 * meaningful value based on this information but unfortunately we
1749 * can't do that yet because the mncc API can not signal dynamic
1750 * payload types yet. This must be fixed first. Also there may be
1751 * additional members necessary in trans->conn->rtp because we
1752 * somehow need to deal with dynamic payload types that do not
1753 * comply to 3gpp's assumptions of payload type numbers on the A
1754 * interface. See also related tickets: OS#3399 and OS1683 */
1755
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1756 /* Find callref */
1757 trans = trans_find_by_callref(net, rtp->callref);
1758 if (!trans) {
1759 LOGP(DMNCC, LOGL_ERROR, "RTP connect for non-existing trans\n");
1760 mncc_recv_rtp_err(net, rtp->callref, MNCC_RTP_CONNECT);
1761 return -EIO;
1762 }
1763 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1764 if (!trans->conn) {
1765 LOGP(DMNCC, LOGL_ERROR, "RTP connect for trans without conn\n");
1766 mncc_recv_rtp_err(net, rtp->callref, MNCC_RTP_CONNECT);
1767 return 0;
1768 }
1769
1770 addr.s_addr = osmo_htonl(rtp->ip);
1771 return msc_mgcp_call_complete(trans, rtp->port, inet_ntoa(addr));
1772}
1773
1774static struct downstate {
1775 uint32_t states;
1776 int type;
1777 int (*rout) (struct gsm_trans *trans, void *arg);
1778} downstatelist[] = {
1779 /* mobile originating call establishment */
1780 {SBIT(GSM_CSTATE_INITIATED), /* 5.2.1.2 */
1781 MNCC_CALL_PROC_REQ, gsm48_cc_tx_call_proc_and_assign},
1782 {SBIT(GSM_CSTATE_INITIATED) | SBIT(GSM_CSTATE_MO_CALL_PROC), /* 5.2.1.2 | 5.2.1.5 */
1783 MNCC_ALERT_REQ, gsm48_cc_tx_alerting},
1784 {SBIT(GSM_CSTATE_INITIATED) | SBIT(GSM_CSTATE_MO_CALL_PROC) | SBIT(GSM_CSTATE_CALL_DELIVERED), /* 5.2.1.2 | 5.2.1.6 | 5.2.1.6 */
1785 MNCC_SETUP_RSP, gsm48_cc_tx_connect},
1786 {SBIT(GSM_CSTATE_MO_CALL_PROC), /* 5.2.1.4.2 */
1787 MNCC_PROGRESS_REQ, gsm48_cc_tx_progress},
1788 /* mobile terminating call establishment */
1789 {SBIT(GSM_CSTATE_NULL), /* 5.2.2.1 */
1790 MNCC_SETUP_REQ, gsm48_cc_tx_setup},
1791 {SBIT(GSM_CSTATE_CONNECT_REQUEST),
1792 MNCC_SETUP_COMPL_REQ, gsm48_cc_tx_connect_ack},
1793 /* signalling during call */
1794 {SBIT(GSM_CSTATE_ACTIVE),
1795 MNCC_NOTIFY_REQ, gsm48_cc_tx_notify},
1796 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ),
1797 MNCC_FACILITY_REQ, gsm48_cc_tx_facility},
1798 {ALL_STATES,
1799 MNCC_START_DTMF_RSP, gsm48_cc_tx_start_dtmf_ack},
1800 {ALL_STATES,
1801 MNCC_START_DTMF_REJ, gsm48_cc_tx_start_dtmf_rej},
1802 {ALL_STATES,
1803 MNCC_STOP_DTMF_RSP, gsm48_cc_tx_stop_dtmf_ack},
1804 {SBIT(GSM_CSTATE_ACTIVE),
1805 MNCC_HOLD_CNF, gsm48_cc_tx_hold_ack},
1806 {SBIT(GSM_CSTATE_ACTIVE),
1807 MNCC_HOLD_REJ, gsm48_cc_tx_hold_rej},
1808 {SBIT(GSM_CSTATE_ACTIVE),
1809 MNCC_RETRIEVE_CNF, gsm48_cc_tx_retrieve_ack},
1810 {SBIT(GSM_CSTATE_ACTIVE),
1811 MNCC_RETRIEVE_REJ, gsm48_cc_tx_retrieve_rej},
1812 {SBIT(GSM_CSTATE_ACTIVE),
1813 MNCC_MODIFY_REQ, gsm48_cc_tx_modify},
1814 {SBIT(GSM_CSTATE_MO_ORIG_MODIFY),
1815 MNCC_MODIFY_RSP, gsm48_cc_tx_modify_complete},
1816 {SBIT(GSM_CSTATE_MO_ORIG_MODIFY),
1817 MNCC_MODIFY_REJ, gsm48_cc_tx_modify_reject},
1818 {SBIT(GSM_CSTATE_ACTIVE),
1819 MNCC_USERINFO_REQ, gsm48_cc_tx_userinfo},
1820 /* clearing */
1821 {SBIT(GSM_CSTATE_INITIATED),
1822 MNCC_REJ_REQ, gsm48_cc_tx_release_compl},
1823 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_DISCONNECT_IND) - SBIT(GSM_CSTATE_RELEASE_REQ) - SBIT(GSM_CSTATE_DISCONNECT_REQ), /* 5.4.4 */
1824 MNCC_DISC_REQ, gsm48_cc_tx_disconnect},
1825 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ), /* 5.4.3.2 */
1826 MNCC_REL_REQ, gsm48_cc_tx_release},
1827};
1828
1829#define DOWNSLLEN \
1830 (sizeof(downstatelist) / sizeof(struct downstate))
1831
1832
1833int mncc_tx_to_cc(struct gsm_network *net, int msg_type, void *arg)
1834{
1835 int i, rc = 0;
1836 struct gsm_trans *trans = NULL, *transt;
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]1837 struct ran_conn *conn = NULL;
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1838 struct gsm_mncc *data = arg, rel;
1839
1840 DEBUGP(DMNCC, "receive message %s\n", get_mncc_name(msg_type));
1841
1842 /* handle special messages */
1843 switch(msg_type) {
1844 case MNCC_BRIDGE:
1845 rc = tch_bridge(net, arg);
1846 if (rc < 0)
1847 disconnect_bridge(net, arg, -rc);
1848 return rc;
1849 case MNCC_RTP_CREATE:
1850 return tch_rtp_create(net, data->callref);
1851 case MNCC_RTP_CONNECT:
1852 return tch_rtp_connect(net, arg);
1853 case MNCC_RTP_FREE:
1854 /* unused right now */
1855 return -EIO;
1856
1857 case MNCC_FRAME_DROP:
1858 case MNCC_FRAME_RECV:
1859 case GSM_TCHF_FRAME:
1860 case GSM_TCHF_FRAME_EFR:
1861 case GSM_TCHH_FRAME:
1862 case GSM_TCH_FRAME_AMR:
1863 LOGP(DMNCC, LOGL_ERROR, "RTP streams must be handled externally; %s not supported.\n",
1864 get_mncc_name(msg_type));
1865 return -ENOTSUP;
1866 }
1867
1868 memset(&rel, 0, sizeof(struct gsm_mncc));
1869 rel.callref = data->callref;
1870
1871 /* Find callref */
1872 trans = trans_find_by_callref(net, data->callref);
1873
1874 /* Callref unknown */
1875 if (!trans) {
1876 struct vlr_subscr *vsub;
1877
1878 if (msg_type != MNCC_SETUP_REQ) {
1879 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1880 "Received '%s' from MNCC with "
1881 "unknown callref %d\n", data->called.number,
1882 get_mncc_name(msg_type), data->callref);
1883 /* Invalid call reference */
1884 return mncc_release_ind(net, NULL, data->callref,
1885 GSM48_CAUSE_LOC_PRN_S_LU,
1886 GSM48_CC_CAUSE_INVAL_TRANS_ID);
1887 }
1888 if (!data->called.number[0] && !data->imsi[0]) {
1889 DEBUGP(DCC, "(bts - trx - ts - ti) "
1890 "Received '%s' from MNCC with "
1891 "no number or IMSI\n", get_mncc_name(msg_type));
1892 /* Invalid number */
1893 return mncc_release_ind(net, NULL, data->callref,
1894 GSM48_CAUSE_LOC_PRN_S_LU,
1895 GSM48_CC_CAUSE_INV_NR_FORMAT);
1896 }
1897 /* New transaction due to setup, find subscriber */
1898 if (data->called.number[0])
1899 vsub = vlr_subscr_find_by_msisdn(net->vlr,
1900 data->called.number);
1901 else
1902 vsub = vlr_subscr_find_by_imsi(net->vlr, data->imsi);
1903
1904 /* update the subscriber we deal with */
1905 log_set_context(LOG_CTX_VLR_SUBSCR, vsub);
1906
1907 /* If subscriber is not found */
1908 if (!vsub) {
1909 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1910 "Received '%s' from MNCC with "
1911 "unknown subscriber %s\n", data->called.number,
1912 get_mncc_name(msg_type), data->called.number);
1913 /* Unknown subscriber */
1914 return mncc_release_ind(net, NULL, data->callref,
1915 GSM48_CAUSE_LOC_PRN_S_LU,
1916 GSM48_CC_CAUSE_UNASSIGNED_NR);
1917 }
1918 /* If subscriber is not "attached" */
Max7d41d872018-12-19 11:48:33 +0100[diff] [blame]1919 if (!vsub->cgi.lai.lac) {
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1920 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1921 "Received '%s' from MNCC with "
1922 "detached subscriber %s\n", data->called.number,
1923 get_mncc_name(msg_type), vlr_subscr_name(vsub));
1924 vlr_subscr_put(vsub);
1925 /* Temporarily out of order */
1926 return mncc_release_ind(net, NULL, data->callref,
1927 GSM48_CAUSE_LOC_PRN_S_LU,
1928 GSM48_CC_CAUSE_DEST_OOO);
1929 }
1930 /* Create transaction */
Maxd8daaae2019-02-14 16:54:10 +0700[diff] [blame^]1931 trans = trans_alloc(net, vsub, GSM48_PDISC_CC,
1932 TRANS_ID_UNASSIGNED, data->callref);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1933 if (!trans) {
Max3614fd62019-01-17 13:38:10 +0100[diff] [blame]1934 LOGP(DCC, LOGL_ERROR, "No memory for trans.\n");
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1935 vlr_subscr_put(vsub);
1936 /* Ressource unavailable */
1937 mncc_release_ind(net, NULL, data->callref,
1938 GSM48_CAUSE_LOC_PRN_S_LU,
1939 GSM48_CC_CAUSE_RESOURCE_UNAVAIL);
1940 return -ENOMEM;
1941 }
1942
1943 /* Find conn */
1944 conn = connection_for_subscr(vsub);
1945
1946 /* If subscriber has no conn */
1947 if (!conn) {
1948 /* find transaction with this subscriber already paging */
1949 llist_for_each_entry(transt, &net->trans_list, entry) {
1950 /* Transaction of our conn? */
1951 if (transt == trans ||
1952 transt->vsub != vsub)
1953 continue;
1954 DEBUGP(DCC, "(bts - trx - ts - ti -- sub %s) "
1955 "Received '%s' from MNCC with "
1956 "unallocated channel, paging already "
1957 "started for lac %d.\n",
1958 data->called.number,
Max7d41d872018-12-19 11:48:33 +0100[diff] [blame]1959 get_mncc_name(msg_type), vsub->cgi.lai.lac);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1960 vlr_subscr_put(vsub);
1961 trans_free(trans);
1962 return 0;
1963 }
1964 /* store setup information until paging succeeds */
1965 memcpy(&trans->cc.msg, data, sizeof(struct gsm_mncc));
1966
1967 /* Request a channel */
1968 trans->paging_request = subscr_request_conn(
1969 vsub,
1970 setup_trig_pag_evt,
1971 trans,
Harald Welte0df904d2018-12-03 11:00:04 +0100[diff] [blame]1972 "MNCC: establish call",
1973 SGSAP_SERV_IND_CS_CALL);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1974 if (!trans->paging_request) {
1975 LOGP(DCC, LOGL_ERROR, "Failed to allocate paging token.\n");
1976 vlr_subscr_put(vsub);
1977 trans_free(trans);
1978 return 0;
1979 }
1980 vlr_subscr_put(vsub);
1981 return 0;
1982 }
1983
1984 /* Assign conn */
Neels Hofmeyr3c20a5e2018-11-30 01:08:36 +0100[diff] [blame]1985 trans->conn = ran_conn_get(conn, RAN_CONN_USE_TRANS_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1986 trans->dlci = 0x00; /* SAPI=0, not SACCH */
1987 vlr_subscr_put(vsub);
1988 } else {
1989 /* update the subscriber we deal with */
1990 log_set_context(LOG_CTX_VLR_SUBSCR, trans->vsub);
1991 }
1992
Philipp Maier9ca7b312018-10-10 17:00:49 +0200[diff] [blame]1993 gsm48_start_guard_timer(trans);
1994
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]1995 if (trans->conn)
1996 conn = trans->conn;
1997
1998 /* if paging did not respond yet */
1999 if (!conn) {
2000 DEBUGP(DCC, "(sub %s) "
2001 "Received '%s' from MNCC in paging state\n",
2002 vlr_subscr_msisdn_or_name(trans->vsub),
2003 get_mncc_name(msg_type));
2004 mncc_set_cause(&rel, GSM48_CAUSE_LOC_PRN_S_LU,
2005 GSM48_CC_CAUSE_NORM_CALL_CLEAR);
2006 if (msg_type == MNCC_REL_REQ)
2007 rc = mncc_recvmsg(net, trans, MNCC_REL_CNF, &rel);
2008 else
2009 rc = mncc_recvmsg(net, trans, MNCC_REL_IND, &rel);
2010 trans->callref = 0;
2011 trans_free(trans);
2012 return rc;
2013 } else {
2014 DEBUGP(DCC, "(ti %02x sub %s) "
2015 "Received '%s' from MNCC in state %d (%s)\n",
2016 trans->transaction_id,
2017 vlr_subscr_msisdn_or_name(trans->conn->vsub),
2018 get_mncc_name(msg_type), trans->cc.state,
2019 gsm48_cc_state_name(trans->cc.state));
2020 }
2021
2022 /* Find function for current state and message */
2023 for (i = 0; i < DOWNSLLEN; i++)
2024 if ((msg_type == downstatelist[i].type)
2025 && ((1 << trans->cc.state) & downstatelist[i].states))
2026 break;
2027 if (i == DOWNSLLEN) {
Max964da932018-12-17 16:00:22 +0100[diff] [blame]2028 DEBUGP(DCC, "Message '%s' unhandled at state '%s'\n", get_mncc_name(msg_type), gsm48_cc_state_name(trans->cc.state));
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2029 return 0;
2030 }
2031
2032 rc = downstatelist[i].rout(trans, arg);
2033
2034 return rc;
2035}
2036
2037
2038static struct datastate {
2039 uint32_t states;
2040 int type;
2041 int (*rout) (struct gsm_trans *trans, struct msgb *msg);
2042} datastatelist[] = {
2043 /* mobile originating call establishment */
2044 {SBIT(GSM_CSTATE_NULL), /* 5.2.1.2 */
2045 GSM48_MT_CC_SETUP, gsm48_cc_rx_setup},
2046 {SBIT(GSM_CSTATE_NULL), /* 5.2.1.2 */
2047 GSM48_MT_CC_EMERG_SETUP, gsm48_cc_rx_setup},
2048 {SBIT(GSM_CSTATE_CONNECT_IND), /* 5.2.1.2 */
2049 GSM48_MT_CC_CONNECT_ACK, gsm48_cc_rx_connect_ack},
2050 /* mobile terminating call establishment */
2051 {SBIT(GSM_CSTATE_CALL_PRESENT), /* 5.2.2.3.2 */
2052 GSM48_MT_CC_CALL_CONF, gsm48_cc_rx_call_conf},
2053 {SBIT(GSM_CSTATE_CALL_PRESENT) | SBIT(GSM_CSTATE_MO_TERM_CALL_CONF), /* ???? | 5.2.2.3.2 */
2054 GSM48_MT_CC_ALERTING, gsm48_cc_rx_alerting},
2055 {SBIT(GSM_CSTATE_CALL_PRESENT) | SBIT(GSM_CSTATE_MO_TERM_CALL_CONF) | SBIT(GSM_CSTATE_CALL_RECEIVED), /* (5.2.2.6) | 5.2.2.6 | 5.2.2.6 */
2056 GSM48_MT_CC_CONNECT, gsm48_cc_rx_connect},
2057 /* signalling during call */
2058 {ALL_STATES - SBIT(GSM_CSTATE_NULL),
2059 GSM48_MT_CC_FACILITY, gsm48_cc_rx_facility},
2060 {SBIT(GSM_CSTATE_ACTIVE),
2061 GSM48_MT_CC_NOTIFY, gsm48_cc_rx_notify},
2062 {ALL_STATES,
2063 GSM48_MT_CC_START_DTMF, gsm48_cc_rx_start_dtmf},
2064 {ALL_STATES,
2065 GSM48_MT_CC_STOP_DTMF, gsm48_cc_rx_stop_dtmf},
2066 {ALL_STATES,
2067 GSM48_MT_CC_STATUS_ENQ, gsm48_cc_rx_status_enq},
2068 {SBIT(GSM_CSTATE_ACTIVE),
2069 GSM48_MT_CC_HOLD, gsm48_cc_rx_hold},
2070 {SBIT(GSM_CSTATE_ACTIVE),
2071 GSM48_MT_CC_RETR, gsm48_cc_rx_retrieve},
2072 {SBIT(GSM_CSTATE_ACTIVE),
2073 GSM48_MT_CC_MODIFY, gsm48_cc_rx_modify},
2074 {SBIT(GSM_CSTATE_MO_TERM_MODIFY),
2075 GSM48_MT_CC_MODIFY_COMPL, gsm48_cc_rx_modify_complete},
2076 {SBIT(GSM_CSTATE_MO_TERM_MODIFY),
2077 GSM48_MT_CC_MODIFY_REJECT, gsm48_cc_rx_modify_reject},
2078 {SBIT(GSM_CSTATE_ACTIVE),
2079 GSM48_MT_CC_USER_INFO, gsm48_cc_rx_userinfo},
2080 /* clearing */
2081 {ALL_STATES - SBIT(GSM_CSTATE_NULL) - SBIT(GSM_CSTATE_RELEASE_REQ), /* 5.4.3.2 */
2082 GSM48_MT_CC_DISCONNECT, gsm48_cc_rx_disconnect},
2083 {ALL_STATES - SBIT(GSM_CSTATE_NULL), /* 5.4.4.1.2.2 */
2084 GSM48_MT_CC_RELEASE, gsm48_cc_rx_release},
2085 {ALL_STATES, /* 5.4.3.4 */
2086 GSM48_MT_CC_RELEASE_COMPL, gsm48_cc_rx_release_compl},
2087};
2088
2089#define DATASLLEN \
2090 (sizeof(datastatelist) / sizeof(struct datastate))
2091
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]2092int gsm0408_rcv_cc(struct ran_conn *conn, struct msgb *msg)
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2093{
2094 struct gsm48_hdr *gh = msgb_l3(msg);
2095 uint8_t msg_type = gsm48_hdr_msg_type(gh);
2096 uint8_t transaction_id = gsm48_hdr_trans_id_flip_ti(gh);
2097 struct gsm_trans *trans = NULL;
2098 int i, rc = 0;
2099
2100 if (msg_type & 0x80) {
2101 DEBUGP(DCC, "MSG 0x%2x not defined for PD error\n", msg_type);
2102 return -EINVAL;
2103 }
2104
2105 if (!conn->vsub) {
2106 LOGP(DCC, LOGL_ERROR, "Invalid conn: no subscriber\n");
2107 return -EINVAL;
2108 }
2109
2110 /* Find transaction */
2111 trans = trans_find_by_id(conn, GSM48_PDISC_CC, transaction_id);
2112
2113#if BEFORE_MSCSPLIT
2114 /* Re-enable this log output once we can obtain this information via
2115 * A-interface, see OS#2391. */
2116 DEBUGP(DCC, "(bts %d trx %d ts %d ti %x sub %s) "
2117 "Received '%s' from MS in state %d (%s)\n",
2118 conn->bts->nr, conn->lchan->ts->trx->nr, conn->lchan->ts->nr,
2119 transaction_id, vlr_subscr_msisdn_or_name(conn->vsub),
2120 gsm48_cc_msg_name(msg_type), trans?(trans->cc.state):0,
2121 gsm48_cc_state_name(trans?(trans->cc.state):0));
2122#endif
2123
2124 /* Create transaction */
2125 if (!trans) {
2126 DEBUGP(DCC, "Unknown transaction ID %x, "
2127 "creating new trans.\n", transaction_id);
2128 /* Create transaction */
2129 trans = trans_alloc(conn->network, conn->vsub,
2130 GSM48_PDISC_CC,
2131 transaction_id, new_callref++);
2132 if (!trans) {
Max3614fd62019-01-17 13:38:10 +0100[diff] [blame]2133 LOGP(DCC, LOGL_ERROR, "No memory for trans.\n");
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2134 rc = gsm48_tx_simple(conn,
2135 GSM48_PDISC_CC | (transaction_id << 4),
2136 GSM48_MT_CC_RELEASE_COMPL);
2137 return -ENOMEM;
2138 }
2139 /* Assign transaction */
Neels Hofmeyr3c20a5e2018-11-30 01:08:36 +0100[diff] [blame]2140 trans->conn = ran_conn_get(conn, RAN_CONN_USE_TRANS_CC);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2141 trans->dlci = OMSC_LINKID_CB(msg); /* DLCI as received from BSC */
2142 cm_service_request_concludes(conn, msg);
2143 }
2144
2145 /* find function for current state and message */
2146 for (i = 0; i < DATASLLEN; i++)
2147 if ((msg_type == datastatelist[i].type)
2148 && ((1 << trans->cc.state) & datastatelist[i].states))
2149 break;
2150 if (i == DATASLLEN) {
2151 DEBUGP(DCC, "Message unhandled at this state.\n");
2152 return 0;
2153 }
2154
2155 assert(trans->vsub);
2156
2157 rc = datastatelist[i].rout(trans, msg);
2158
Neels Hofmeyrc036b792018-11-29 22:37:51 +0100[diff] [blame]2159 ran_conn_communicating(conn);
Harald Welte27989d42018-06-21 20:39:20 +0200[diff] [blame]2160 return rc;
2161}