aboutsummaryrefslogtreecommitdiffstats
path: root/openbsc
diff options
context:
space:
mode:
authorHolger Hans Peter Freyther <zecke@selfish.org>2009-07-29 07:37:48 +0200
committerHolger Hans Peter Freyther <zecke@selfish.org>2009-11-20 13:09:15 +0100
commitac96770ad7160323e2445859e128175d28f49295 (patch)
treed8bb9b4cd00ae2a5547991fabcc0f1f18c9aa90b /openbsc
parentff5fa4e45595671cbaf5b319eb6b6b3451b39874 (diff)
[sccp] Implement parts of ITU SCCP for use in the A-Interface
include/sccp/sccp_types.h contain Q.713 and GSM definitions include/sccp/sccp.h is the application interface resembling the esentials of the UNIX socket interface. src/sccp.c is the actual implementation of SCCP featuring connection and UDT1 support. tests/sccp/sccp.c is testing connection creation and formating of the SCCP messages used by the A-interface. And it contains a simple fuzzing test to test the robustnes of the implementation.
Diffstat (limited to 'openbsc')
-rw-r--r--openbsc/configure.in2
-rw-r--r--openbsc/include/Makefile.am2
-rw-r--r--openbsc/include/sccp/Makefile.am1
-rw-r--r--openbsc/include/sccp/sccp.h145
-rw-r--r--openbsc/include/sccp/sccp_types.h383
-rw-r--r--openbsc/src/Makefile.am4
-rw-r--r--openbsc/src/sccp/sccp.c1129
-rw-r--r--openbsc/tests/Makefile.am2
-rw-r--r--openbsc/tests/sccp/Makefile.am8
-rw-r--r--openbsc/tests/sccp/sccp_test.c723
10 files changed, 2396 insertions, 3 deletions
diff --git a/openbsc/configure.in b/openbsc/configure.in
index 25c502972..cba6c6cd9 100644
--- a/openbsc/configure.in
+++ b/openbsc/configure.in
@@ -40,6 +40,7 @@ AC_OUTPUT(
openbsc.pc
include/openbsc/Makefile
include/vty/Makefile
+ include/sccp/Makefile
include/Makefile
src/Makefile
tests/Makefile
@@ -49,4 +50,5 @@ AC_OUTPUT(
tests/gsm0408/Makefile
tests/db/Makefile
tests/channel/Makefile
+ tests/sccp/Makefile
Makefile)
diff --git a/openbsc/include/Makefile.am b/openbsc/include/Makefile.am
index a95129fa9..56b2a338a 100644
--- a/openbsc/include/Makefile.am
+++ b/openbsc/include/Makefile.am
@@ -1,3 +1,3 @@
-SUBDIRS = openbsc vty
+SUBDIRS = openbsc vty sccp
noinst_HEADERS = mISDNif.h compat_af_isdn.h
diff --git a/openbsc/include/sccp/Makefile.am b/openbsc/include/sccp/Makefile.am
new file mode 100644
index 000000000..42fd31047
--- /dev/null
+++ b/openbsc/include/sccp/Makefile.am
@@ -0,0 +1 @@
+noinst_HEADERS = sccp_types.h sccp.h
diff --git a/openbsc/include/sccp/sccp.h b/openbsc/include/sccp/sccp.h
new file mode 100644
index 000000000..8ee4b680b
--- /dev/null
+++ b/openbsc/include/sccp/sccp.h
@@ -0,0 +1,145 @@
+/*
+ * SCCP management code
+ *
+ * (C) 2009 by Holger Hans Peter Freyther <zecke@selfish.org>
+ *
+ * All Rights Reserved
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#ifndef SCCP_H
+#define SCCP_H
+
+#include <stdlib.h>
+
+#include <sys/socket.h>
+
+#include <openbsc/msgb.h>
+
+#include "sccp_types.h"
+
+struct sccp_system;
+
+enum {
+ SCCP_CONNECTION_STATE_NONE,
+ SCCP_CONNECTION_STATE_REQUEST,
+ SCCP_CONNECTION_STATE_CONFIRM,
+ SCCP_CONNECTION_STATE_ESTABLISHED,
+ SCCP_CONNECTION_STATE_RELEASE,
+ SCCP_CONNECTION_STATE_RELEASE_COMPLETE,
+ SCCP_CONNECTION_STATE_REFUSED,
+ SCCP_CONNECTION_STATE_SETUP_ERROR,
+};
+
+struct sockaddr_sccp {
+ sa_family_t sccp_family; /* AF_SCCP in the future??? */
+ u_int8_t sccp_ssn; /* subssystem number for routing */
+
+ /* TODO fill in address indicator... if that is ever needed */
+
+ /* not sure about these */
+ /* u_int8_t sccp_class; */
+};
+
+/*
+ * parsed structure of an address
+ */
+struct sccp_address {
+ struct sccp_called_party_address address;
+ u_int8_t ssn;
+ u_int8_t poi[2];
+};
+
+struct sccp_optional_data {
+ u_int8_t data_len;
+ u_int8_t data_start;
+};
+
+struct sccp_connection {
+ /* public */
+ void *data_ctx;
+ void (*data_cb)(struct sccp_connection *conn, struct msgb *msg, unsigned int len);
+
+ void *state_ctx;
+ void (*state_cb)(struct sccp_connection *, int old_state);
+
+ struct sccp_source_reference source_local_reference;
+ struct sccp_source_reference destination_local_reference;
+
+ int connection_state;
+
+ /* private */
+ /* list of active connections */
+ struct llist_head list;
+ struct sccp_system *system;
+ int incoming;
+};
+
+/**
+ * system functionality to implement on top of any other transport layer:
+ * call sccp_system_incoming for incoming data (from the network)
+ * sccp will call outgoing whenever outgoing data exists
+ */
+int sccp_system_init(int (*outgoing)(struct msgb *data, void *ctx), void *context);
+int sccp_system_incoming(struct msgb *data);
+
+/**
+ * Send data on an existing connection
+ */
+int sccp_connection_write(struct sccp_connection *connection, struct msgb *data);
+int sccp_connection_close(struct sccp_connection *connection, int cause);
+int sccp_connection_free(struct sccp_connection *connection);
+
+/**
+ * Create a new socket. Set your callbacks and then call bind to open
+ * the connection.
+ */
+struct sccp_connection *sccp_connection_socket(void);
+
+/**
+ * Open the connection and send additional data
+ */
+int sccp_connection_connect(struct sccp_connection *conn,
+ const struct sockaddr_sccp *sccp_called,
+ struct msgb *data);
+
+/**
+ * mostly for testing purposes only. Set the accept callback.
+ * TODO: add true routing information... in analogy to socket, bind, accept
+ */
+int sccp_connection_set_incoming(const struct sockaddr_sccp *sock,
+ int (*accept_cb)(struct sccp_connection *connection, void *data),
+ void *user_data);
+
+/**
+ * Send data in terms of unit data. A fixed address indicator will be used.
+ */
+int sccp_write(struct msgb *data,
+ const struct sockaddr_sccp *sock_sender,
+ const struct sockaddr_sccp *sock_target, int class);
+int sccp_set_read(const struct sockaddr_sccp *sock,
+ int (*read_cb)(struct msgb *msgb, unsigned int, void *user_data),
+ void *user_data);
+
+/* generic sock addresses */
+extern const struct sockaddr_sccp sccp_ssn_bssap;
+
+/* helpers */
+u_int32_t sccp_src_ref_to_int(struct sccp_source_reference *ref);
+struct sccp_source_reference sccp_src_ref_from_int(u_int32_t);
+
+#endif
diff --git a/openbsc/include/sccp/sccp_types.h b/openbsc/include/sccp/sccp_types.h
new file mode 100644
index 000000000..c6b11820c
--- /dev/null
+++ b/openbsc/include/sccp/sccp_types.h
@@ -0,0 +1,383 @@
+/*
+ * ITU Q.713 defined types for SCCP
+ *
+ * (C) 2009 by Holger Hans Peter Freyther <zecke@selfish.org>
+ *
+ * All Rights Reserved
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#ifndef SCCP_TYPES_H
+#define SCCP_TYPES_H
+
+/* Table 1/Q.713 - SCCP message types */
+enum sccp_message_types {
+ SCCP_MSG_TYPE_CR = 1,
+ SCCP_MSG_TYPE_CC = 2,
+ SCCP_MSG_TYPE_CREF = 3,
+ SCCP_MSG_TYPE_RLSD = 4,
+ SCCP_MSG_TYPE_RLC = 5,
+ SCCP_MSG_TYPE_DT1 = 6,
+ SCCP_MSG_TYPE_DT2 = 7,
+ SCCP_MSG_TYPE_AK = 8,
+ SCCP_MSG_TYPE_UDT = 9,
+ SCCP_MSG_TYPE_UDTS = 10,
+ SCCP_MSG_TYPE_ED = 11,
+ SCCP_MSG_TYPE_EA = 12,
+ SCCP_MSG_TYPE_RSR = 13,
+ SCCP_MSG_TYPE_RSC = 14,
+ SCCP_MSG_TYPE_ERR = 15,
+ SCCP_MSG_TYPE_IT = 16,
+ SCCP_MSG_TYPE_XUDT = 17,
+ SCCP_MSG_TYPE_XUDTS = 18,
+ SCCP_MSG_TYPE_LUDT = 19,
+ SCCP_MSG_TYPE_LUDTS = 20
+};
+
+/* Table 2/Q.713 - SCCP parameter name codes */
+enum sccp_parameter_name_codes {
+ SCCP_PNC_END_OF_OPTIONAL = 0,
+ SCCP_PNC_DESTINATION_LOCAL_REFERENCE = 1,
+ SCCP_PNC_SOURCE_LOCAL_REFERENCE = 2,
+ SCCP_PNC_CALLED_PARTY_ADDRESS = 3,
+ SCCP_PNC_CALLING_PARTY_ADDRESS = 4,
+ SCCP_PNC_PROTOCOL_CLASS = 5,
+ SCCP_PNC_SEGMENTING = 6,
+ SCCP_PNC_RECEIVE_SEQ_NUMBER = 7,
+ SCCP_PNC_SEQUENCING = 8,
+ SCCP_PNC_CREDIT = 9,
+ SCCP_PNC_RELEASE_CAUSE = 10,
+ SCCP_PNC_RETURN_CAUSE = 11,
+ SCCP_PNC_RESET_CAUSE = 12,
+ SCCP_PNC_ERROR_CAUSE = 13,
+ SCCP_PNC_REFUSAL_CAUSE = 14,
+ SCCP_PNC_DATA = 15,
+ SCCP_PNC_SEGMENTATION = 16,
+ SCCP_PNC_HOP_COUNTER = 17,
+ SCCP_PNC_IMPORTANCE = 18,
+ SCCP_PNC_LONG_DATA = 19,
+};
+
+/* Figure 3/Q.713 Called/calling party address */
+enum {
+ SCCP_TITLE_IND_NONE = 0,
+ SCCP_TITLE_IND_NATURE_ONLY = 1,
+ SCCP_TITLE_IND_TRANSLATION_ONLY = 2,
+ SCCP_TITLE_IND_TRANS_NUM_ENC = 3,
+ SCCP_TITLE_IND_TRANS_NUM_ENC_NATURE = 4,
+};
+
+enum {
+ SCCP_CALL_ROUTE_ON_SSN = 1,
+ SCCP_CALL_ROUTE_ON_GT = 0,
+};
+
+struct sccp_called_party_address {
+ u_int8_t point_code_indicator : 1,
+ ssn_indicator : 1,
+ global_title_indicator : 4,
+ routing_indicator : 1,
+ reserved : 1;
+ u_int8_t data[0];
+} __attribute__((packed));
+
+/* indicator indicates presence in the above order */
+
+/* Figure 6/Q.713 */
+struct sccp_signalling_point_code {
+ u_int8_t lsb;
+ u_int8_t msb : 6,
+ reserved : 2;
+} __attribute__((packed));
+
+/* SSN == subsystem number */
+enum sccp_subsystem_number {
+ SCCP_SSN_NOT_KNOWN_OR_USED = 0,
+ SCCP_SSN_MANAGEMENT = 1,
+ SCCP_SSN_RESERVED_ITU = 2,
+ SCCP_SSN_ISDN_USER_PART = 3,
+ SCCP_SSN_OMAP = 4, /* operation, maint and administration part */
+ SCCP_SSN_MAP = 5, /* mobile application part */
+ SCCP_SSN_HLR = 6,
+ SCCP_SSN_VLR = 7,
+ SCCP_SSN_MSC = 8,
+ SCCP_SSN_EIC = 9, /* equipent identifier centre */
+ SCCP_SSN_AUC = 10, /* authentication centre */
+ SCCP_SSN_ISDN_SUPPL_SERVICES = 11,
+ SCCP_SSN_RESERVED_INTL = 12,
+ SCCP_SSN_ISDN_EDGE_TO_EDGE = 13,
+ SCCP_SSN_TC_TEST_RESPONDER = 14,
+
+ /* From GSM 03.03 8.2 */
+ SCCP_SSN_BSSAP = 254,
+ SCCP_SSN_BSSOM = 253,
+};
+
+/* Q.713, 3.4.2.3 */
+enum {
+ SCCP_NAI_UNKNOWN = 0,
+ SCCP_NAI_SUBSCRIBER_NUMBER = 1,
+ SCCP_NAI_RESERVED_NATIONAL = 2,
+ SCCP_NAI_NATIONAL_SIGNIFICANT = 3,
+ SCCP_NAI_INTERNATIONAL = 4,
+};
+
+struct sccp_global_title {
+ u_int8_t nature_of_addr_ind : 7,
+ odd_even : 1;
+ u_int8_t data[0];
+} __attribute__((packed));
+
+/* Q.713, 3.3 */
+struct sccp_source_reference {
+ u_int8_t octet1;
+ u_int8_t octet2;
+ u_int8_t octet3;
+} __attribute__((packed));
+
+/* Q.714, 3.6 */
+enum sccp_protocol_class {
+ SCCP_PROTOCOL_CLASS_0 = 0,
+ SCCP_PROTOCOL_CLASS_1 = 1,
+ SCCP_PROTOCOL_CLASS_2 = 2,
+ SCCP_PROTOCOL_CLASS_3 = 3,
+};
+
+/* bits 5-8 when class0, class1 is used */
+enum sccp_protocol_options {
+ SCCP_PROTOCOL_NO_SPECIAL = 0,
+ SCCP_PROTOCOL_RETURN_MESSAGE = 8,
+};
+
+enum sccp_release_cause {
+ SCCP_RELEASE_CAUSE_END_USER_ORIGINATED = 0,
+ SCCP_RELEASE_CAUSE_END_USER_CONGESTION = 1,
+ SCCP_RELEASE_CAUSE_END_USER_FAILURE = 2,
+ SCCP_RELEASE_CAUSE_SCCP_USER_ORIGINATED = 3,
+ SCCP_RELEASE_CAUSE_REMOTE_PROCEDURE_ERROR = 4,
+ SCCP_RELEASE_CAUSE_INCONSISTENT_CONN_DATA = 5,
+ SCCP_RELEASE_CAUSE_ACCESS_FAILURE = 6,
+ SCCP_RELEASE_CAUSE_ACCESS_CONGESTION = 7,
+ SCCP_RELEASE_CAUSE_SUBSYSTEM_FAILURE = 8,
+ SCCP_RELEASE_CAUSE_SUBSYSTEM_CONGESTION = 9,
+ SCCP_RELEASE_CAUSE_MTP_FAILURE = 10,
+ SCCP_RELEASE_CAUSE_NETWORK_CONGESTION = 11,
+ SCCP_RELEASE_CAUSE_EXPIRATION_RESET = 12,
+ SCCP_RELEASE_CAUSE_EXPIRATION_INACTIVE = 13,
+ SCCP_RELEASE_CAUSE_RESERVED = 14,
+ SCCP_RELEASE_CAUSE_UNQUALIFIED = 15,
+ SCCP_RELEASE_CAUSE_SCCP_FAILURE = 16,
+};
+
+enum sccp_return_cause {
+ SCCP_RETURN_CAUSE_NO_TRANSLATION_NATURE = 0,
+ SCCP_RETURN_CAUSE_NO_TRANSLATION = 1,
+ SCCP_RETURN_CAUSE_SUBSYSTEM_CONGESTION = 2,
+ SCCP_RETURN_CAUSE_SUBSYSTEM_FAILURE = 3,
+ SCCP_RETURN_CAUSE_UNEQUIPPED_USER = 4,
+ SCCP_RETURN_CAUSE_MTP_FAILURE = 5,
+ SCCP_RETURN_CAUSE_NETWORK_CONGESTION = 6,
+ SCCP_RETURN_CAUSE_UNQUALIFIED = 7,
+ SCCP_RETURN_CAUSE_ERROR_IN_MSG_TRANSPORT = 8,
+ SCCP_RETURN_CAUSE_ERROR_IN_LOCAL_PROCESSING = 9,
+ SCCP_RETURN_CAUSE_DEST_CANNOT_PERFORM_REASSEMBLY = 10,
+ SCCP_RETURN_CAUSE_SCCP_FAILURE = 11,
+ SCCP_RETURN_CAUSE_HOP_COUNTER_VIOLATION = 12,
+ SCCP_RETURN_CAUSE_SEGMENTATION_NOT_SUPPORTED= 13,
+ SCCP_RETURN_CAUSE_SEGMENTATION_FAOLURE = 14
+};
+
+enum sccp_reset_cause {
+ SCCP_RESET_CAUSE_END_USER_ORIGINATED = 0,
+ SCCP_RESET_CAUSE_SCCP_USER_ORIGINATED = 1,
+ SCCP_RESET_CAUSE_MSG_OUT_OF_ORDER_PS = 2,
+ SCCP_RESET_CAUSE_MSG_OUT_OF_ORDER_PR = 3,
+ SCCP_RESET_CAUSE_RPC_OUT_OF_WINDOW = 4,
+ SCCP_RESET_CAUSE_RPC_INCORRECT_PS = 5,
+ SCCP_RESET_CAUSE_RPC_GENERAL = 6,
+ SCCP_RESET_CAUSE_REMOTE_END_USER_OPERATIONAL= 7,
+ SCCP_RESET_CAUSE_NETWORK_OPERATIONAL = 8,
+ SCCP_RESET_CAUSE_ACCESS_OPERATIONAL = 9,
+ SCCP_RESET_CAUSE_NETWORK_CONGESTION = 10,
+ SCCP_RESET_CAUSE_RESERVED = 11,
+};
+
+enum sccp_error_cause {
+ SCCP_ERROR_LRN_MISMATCH_UNASSIGNED = 0, /* local reference number */
+ SCCP_ERROR_LRN_MISMATCH_INCONSISTENT = 1,
+ SCCP_ERROR_POINT_CODE_MISMATCH = 2,
+ SCCP_ERROR_SERVICE_CLASS_MISMATCH = 3,
+ SCCP_ERROR_UNQUALIFIED = 4,
+};
+
+enum sccp_refusal_cause {
+ SCCP_REFUSAL_END_USER_ORIGINATED = 0,
+ SCCP_REFUSAL_END_USER_CONGESTION = 1,
+ SCCP_REFUSAL_END_USER_FAILURE = 2,
+ SCCP_REFUSAL_SCCP_USER_ORIGINATED = 3,
+ SCCP_REFUSAL_DESTINATION_ADDRESS_UKNOWN = 4,
+ SCCP_REFUSAL_DESTINATION_INACCESSIBLE = 5,
+ SCCP_REFUSAL_NET_QOS_NON_TRANSIENT = 6,
+ SCCP_REFUSAL_NET_QOS_TRANSIENT = 7,
+ SCCP_REFUSAL_ACCESS_FAILURE = 8,
+ SCCP_REFUSAL_ACCESS_CONGESTION = 9,
+ SCCP_REFUSAL_SUBSYSTEM_FAILURE = 10,
+ SCCP_REFUSAL_SUBSYTEM_CONGESTION = 11,
+ SCCP_REFUSAL_EXPIRATION = 12,
+ SCCP_REFUSAL_INCOMPATIBLE_USER_DATA = 13,
+ SCCP_REFUSAL_RESERVED = 14,
+ SCCP_REFUSAL_UNQUALIFIED = 15,
+ SCCP_REFUSAL_HOP_COUNTER_VIOLATION = 16,
+ SCCP_REFUSAL_SCCP_FAILURE = 17,
+ SCCP_REFUSAL_UNEQUIPPED_USER = 18,
+};
+
+/*
+ * messages... as of Q.713 Chapter 4
+ */
+struct sccp_connection_request {
+ /* mandantory */
+ u_int8_t type;
+ struct sccp_source_reference source_local_reference;
+ u_int8_t proto_class;
+
+
+ /* variable */
+ u_int8_t variable_called;
+#if VARIABLE
+ called_party_address
+#endif
+
+ /* optional */
+ u_int8_t optional_start;
+
+#if OPTIONAL
+ credit 3
+ callingparty var 4-n
+ data 3-130
+ hop_counter 3
+ importance 3
+ end_of_optional 1
+#endif
+
+ u_int8_t data[0];
+} __attribute__((packed));
+
+struct sccp_connection_confirm {
+ /* mandantory */
+ u_int8_t type;
+ struct sccp_source_reference destination_local_reference;
+ struct sccp_source_reference source_local_reference;
+ u_int8_t proto_class;
+
+ /* optional */
+ u_int8_t optional_start;
+
+ /* optional */
+#if OPTIONAL
+ credit 3
+ called party 4
+ data 3-130
+ importance 3
+ end_of_optional 1
+#endif
+
+ u_int8_t data[0];
+} __attribute__((packed));
+
+struct sccp_connection_refused {
+ /* mandantory */
+ u_int8_t type;
+ struct sccp_source_reference destination_local_reference;
+ u_int8_t cause;
+
+ /* optional */
+ u_int8_t optional_start;
+
+ /* optional */
+#if OPTIONAL
+ called party 4
+ data 3-130
+ importance 3
+ end_of_optional 1
+#endif
+
+ u_int8_t data[0];
+} __attribute__((packed));
+
+struct sccp_connection_released {
+ /* mandantory */
+ u_int8_t type;
+ struct sccp_source_reference destination_local_reference;
+ struct sccp_source_reference source_local_reference;
+ u_int8_t release_cause;
+
+
+ /* optional */
+ u_int8_t optional_start;
+
+#if OPTIONAL
+ data 3-130
+ importance 3
+ end_of_optional 1
+#endif
+ u_int8_t data[0];
+} __attribute__((packed));
+
+struct sccp_connection_release_complete {
+ u_int8_t type;
+ struct sccp_source_reference destination_local_reference;
+ struct sccp_source_reference source_local_reference;
+} __attribute__((packed));
+
+struct sccp_data_form1 {
+ /* mandantory */
+ u_int8_t type;
+ struct sccp_source_reference destination_local_reference;
+ u_int8_t segmenting;
+
+ /* variable */
+ u_int8_t variable_start;
+
+#if VARIABLE
+ data 2-256;
+#endif
+
+ u_int8_t data[0];
+} __attribute__((packed));
+
+
+struct sccp_data_unitdata {
+ /* mandantory */
+ u_int8_t type;
+ u_int8_t proto_class;
+
+
+ /* variable */
+ u_int8_t variable_called;
+ u_int8_t variable_calling;
+ u_int8_t variable_data;
+
+#if VARIABLE
+ called party address
+ calling party address
+#endif
+
+ u_int8_t data[0];
+} __attribute__((packed));
+
+#endif
diff --git a/openbsc/src/Makefile.am b/openbsc/src/Makefile.am
index 891a112aa..79120081d 100644
--- a/openbsc/src/Makefile.am
+++ b/openbsc/src/Makefile.am
@@ -2,7 +2,7 @@ INCLUDES = $(all_includes) -I$(top_srcdir)/include
AM_CFLAGS=-Wall
sbin_PROGRAMS = bsc_hack bs11_config ipaccess-find ipaccess-config isdnsync
-noinst_LIBRARIES = libbsc.a libmsc.a libvty.a
+noinst_LIBRARIES = libbsc.a libmsc.a libvty.a libsccp.a
noinst_HEADERS = vty/cardshell.h
libbsc_a_SOURCES = abis_rsl.c abis_nm.c gsm_data.c gsm_04_08_utils.c \
@@ -18,6 +18,8 @@ libmsc_a_SOURCES = gsm_subscriber.c db.c telnet_interface.c \
libvty_a_SOURCES = vty/buffer.c vty/command.c vty/vector.c vty/vty.c
+libsccp_a_SOURCES = sccp/sccp.c
+
bsc_hack_SOURCES = bsc_hack.c bsc_init.c vty_interface.c vty_interface_layer3.c
bsc_hack_LDADD = libmsc.a libbsc.a libmsc.a libvty.a -ldl -ldbi $(LIBCRYPT)
diff --git a/openbsc/src/sccp/sccp.c b/openbsc/src/sccp/sccp.c
new file mode 100644
index 000000000..8b111b2f5
--- /dev/null
+++ b/openbsc/src/sccp/sccp.c
@@ -0,0 +1,1129 @@
+/*
+ * SCCP management code
+ *
+ * (C) 2009 by Holger Hans Peter Freyther <zecke@selfish.org>
+ * (C) 2009 by on-waves.com
+ *
+ * All Rights Reserved
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include <string.h>
+
+#include <sccp/sccp.h>
+
+#include <openbsc/debug.h>
+#include <openbsc/talloc.h>
+#include <openbsc/linuxlist.h>
+
+static void *tall_sccp_ctx;
+static LLIST_HEAD(sccp_connections);
+
+#define SCCP_MSG_SIZE 4096
+#define SCCP_MSG_HEADROOM 128
+
+/* global data */
+const struct sockaddr_sccp sccp_ssn_bssap = {
+ .sccp_family = 0,
+ .sccp_ssn = SCCP_SSN_BSSAP,
+};
+
+struct sccp_system {
+ /* layer3 -> layer2 */
+ int (*write_data)(struct msgb *data, void *context);
+ void *write_context;
+};
+
+
+static struct sccp_system sccp_system = {
+ .write_data = NULL,
+};
+
+struct sccp_data_callback {
+ /* connection based */
+ int (*accept_cb)(struct sccp_connection *, void *);
+ void *accept_context;
+
+ /* connection less */
+ int (*read_cb)(struct msgb *, unsigned int, void *);
+ void *read_context;
+
+ u_int8_t ssn;
+ struct llist_head callback;
+};
+
+static LLIST_HEAD(sccp_callbacks);
+
+static struct sccp_data_callback *_find_ssn(u_int8_t ssn)
+{
+ struct sccp_data_callback *cb;
+
+ llist_for_each_entry(cb, &sccp_callbacks, callback) {
+ if (cb->ssn == ssn)
+ return cb;
+ }
+
+ /* need to add one */
+ cb = talloc_zero(tall_sccp_ctx, struct sccp_data_callback);
+ if (!cb) {
+ DEBUGP(DSCCP, "Failed to allocate sccp callback.\n");
+ return NULL;
+ }
+
+ cb->ssn = ssn;
+ llist_add_tail(&cb->callback, &sccp_callbacks);
+ return cb;
+}
+
+
+static int _send_msg(struct msgb *msg)
+{
+ return sccp_system.write_data(msg, sccp_system.write_context);
+}
+
+/*
+ * parsing routines
+ */
+static int copy_address(struct sccp_address *addr, u_int8_t offset, struct msgb *msgb)
+{
+ struct sccp_called_party_address *party;
+
+ int room = msgb_l2len(msgb) - offset;
+ u_int8_t read = 0;
+ u_int8_t length;
+
+ if (room <= 0) {
+ DEBUGP(DSCCP, "Not enough room for an address: %u\n", room);
+ return -1;
+ }
+
+ length = msgb->l2h[offset];
+ if (room <= length) {
+ DEBUGP(DSCCP, "Not enough room for optional data %u %u\n", room, length);
+ return -1;
+ }
+
+
+ party = (struct sccp_called_party_address *)(msgb->l2h + offset + 1);
+ if (party->point_code_indicator) {
+ if (length <= read + 2) {
+ DEBUGP(DSCCP, "POI does not fit %u\n", length);
+ return -1;
+ }
+
+
+ memcpy(&addr->poi, &party->data[read], 2);
+ read += 2;
+ }
+
+ if (party->ssn_indicator) {
+ if (length <= read + 1) {
+ DEBUGP(DSCCP, "SSN does not fit %u\n", length);
+ return -1;
+ }
+
+ addr->ssn = party->data[read];
+ read += 1;
+ }
+
+ if (party->global_title_indicator) {
+ DEBUGP(DSCCP, "GTI not supported %u\n", *(u_int8_t *)party);
+ return -1;
+ }
+
+ addr->address = *party;
+ return 0;
+}
+
+static int check_address(struct sccp_address *addr)
+{
+ /* ignore point_code_indicator... it should be zero... but */
+ if (addr->address.ssn_indicator != 1
+ || addr->address.global_title_indicator == 1
+ || addr->address.routing_indicator != 1) {
+ DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
+ *(u_int8_t *)&addr->address, addr->ssn);
+ return -1;
+ }
+
+ return 0;
+}
+
+static int _sccp_parse_optional_data(const int offset,
+ struct msgb *msgb, struct sccp_optional_data *data)
+{
+ u_int16_t room = msgb_l2len(msgb) - offset;
+ u_int16_t read = 0;
+
+ while (room > read) {
+ u_int8_t type = msgb->l2h[offset + read];
+ if (type == SCCP_PNC_END_OF_OPTIONAL)
+ return 0;
+
+ if (read + 1 >= room) {
+ DEBUGP(DSCCP, "no place for length\n");
+ return 0;
+ }
+
+ u_int8_t length = msgb->l2h[offset + read + 1];
+ read += 2 + length;
+
+
+ if (room <= read) {
+ DEBUGP(DSCCP, "no space for the data: type: %d read: %d room: %d l2: %d\n",
+ type, read, room, msgb_l2len(msgb));
+ return 0;
+ }
+
+ if (type == SCCP_PNC_DATA) {
+ data->data_len = length;
+ data->data_start = offset + read - length;
+ }
+
+ }
+
+ return -1;
+}
+
+/*
+ * Send UDT. Currently we have a fixed address...
+ */
+static int _sccp_send_data(int class, const struct sockaddr_sccp *in,
+ const struct sockaddr_sccp *out, struct msgb *payload)
+{
+ struct sccp_data_unitdata *udt;
+ u_int8_t *data;
+ int ret;
+
+ if (msgb_l3len(payload) > 256) {
+ DEBUGP(DSCCP, "The payload is too big for one udt\n");
+ return -1;
+ }
+
+ struct msgb *msg = msgb_alloc_headroom(SCCP_MSG_SIZE,
+ SCCP_MSG_HEADROOM, "sccp: udt");
+ msg->l2h = &msg->data[0];
+ udt = (struct sccp_data_unitdata *)msgb_put(msg, sizeof(*udt));
+
+ udt->type = SCCP_MSG_TYPE_UDT;
+ udt->proto_class = class;
+ udt->variable_called = 3;
+ udt->variable_calling = 5;
+ udt->variable_data = 7;
+
+ /* for variable data we start with a size and the data */
+ data = msgb_put(msg, 1 + 2);
+ data[0] = 2;
+ data[1] = 0x42;
+ data[2] = out->sccp_ssn;
+
+ data = msgb_put(msg, 1 + 2);
+ data[0] = 2;
+ data[1] = 0x42;
+ data[2] = in->sccp_ssn;
+
+ /* copy the payload */
+ data = msgb_put(msg, 1 + msgb_l3len(payload));
+ data[0] = msgb_l3len(payload);
+ memcpy(&data[1], payload->l3h, msgb_l3len(payload));
+
+ ret = _send_msg(msg);
+ msgb_free(msg);
+
+ return ret;
+}
+
+static int _sccp_handle_read(struct msgb *msgb)
+{
+ static const u_int32_t header_size = sizeof(struct sccp_data_unitdata);
+ static const u_int32_t called_offset = offsetof(struct sccp_data_unitdata, variable_called);
+ static const u_int32_t calling_offset = offsetof(struct sccp_data_unitdata, variable_calling);
+ static const u_int32_t data_offset = offsetof(struct sccp_data_unitdata, variable_data);
+
+ struct sccp_data_callback *cb;
+ struct sccp_data_unitdata *udt = (struct sccp_data_unitdata *)msgb->l2h;
+ struct sccp_address called, calling;
+
+ /* we don't have enough size for the struct */
+ if (msgb_l2len(msgb) < header_size) {
+ DEBUGP(DSCCP, "msgb < header_size %u %u\n",
+ msgb_l2len(msgb), header_size);
+ return -1;
+ }
+
+ /* copy out the calling and called address. Add the off */
+ if (copy_address(&called, called_offset + udt->variable_called, msgb) != 0)
+ return -1;
+
+ if (check_address(&called) != 0) {
+ DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
+ *(u_int8_t *)&called.address, called.ssn);
+ return -1;
+ }
+
+ cb = _find_ssn(called.ssn);
+ if (!cb || !cb->read_cb) {
+ DEBUGP(DSCCP, "No routing for UDT for called SSN: %u\n", called.ssn);
+ return -1;
+ }
+
+ if (copy_address(&calling, calling_offset + udt->variable_calling, msgb) != 0)
+ return -1;
+
+ if (check_address(&calling) != 0) {
+ DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
+ *(u_int8_t *)&called.address, called.ssn);
+ }
+
+ /* we don't have enough size for the data */
+ if (msgb_l2len(msgb) < data_offset + udt->variable_data + 1) {
+ DEBUGP(DSCCP, "msgb < header + offset %u %u %u\n",
+ msgb_l2len(msgb), header_size, udt->variable_data);
+ return -1;
+ }
+
+
+ msgb->l3h = &udt->data[udt->variable_data];
+
+ if (msgb_l3len(msgb) != msgb->l3h[-1]) {
+ DEBUGP(DSCCP, "msgb is truncated %u %u\n",
+ msgb_l3len(msgb), msgb->l3h[-1]);
+ return -1;
+ }
+
+ /* sanity check */
+ return cb->read_cb(msgb, msgb_l3len(msgb), cb->read_context);
+}
+
+/*
+ * handle connection orientated methods
+ */
+static int source_local_reference_is_free(struct sccp_source_reference *reference)
+{
+ struct sccp_connection *connection;
+
+ llist_for_each_entry(connection, &sccp_connections, list) {
+ if (memcmp(reference, &connection->source_local_reference, sizeof(*reference)) == 0)
+ return -1;
+ }
+
+ return 0;
+}
+
+static int destination_local_reference_is_free(struct sccp_source_reference *reference)
+{
+ struct sccp_connection *connection;
+
+ llist_for_each_entry(connection, &sccp_connections, list) {
+ if (memcmp(reference, &connection->destination_local_reference, sizeof(*reference)) == 0)
+ return -1;
+ }
+
+ return 0;
+}
+
+static int assign_source_local_reference(struct sccp_connection *connection)
+{
+ static u_int32_t last_ref = 0x30000;
+ int wrapped = 0;
+
+ do {
+ struct sccp_source_reference reference;
+ reference.octet1 = (last_ref >> 0) & 0xff;
+ reference.octet2 = (last_ref >> 8) & 0xff;
+ reference.octet3 = (last_ref >> 16) & 0xff;
+
+ ++last_ref;
+ /* do not use the reversed word and wrap around */
+ if ((last_ref & 0x00FFFFFF) == 0x00FFFFFF) {
+ DEBUGP(DSCCP, "Wrapped searching for a free code\n");
+ last_ref = 0;
+ ++wrapped;
+ }
+
+ if (source_local_reference_is_free(&reference) == 0) {
+ connection->source_local_reference = reference;
+ return 0;
+ }
+ } while (wrapped != 2);
+
+ DEBUGP(DSCCP, "Finding a free reference failed\n");
+ return -1;
+}
+
+static void _sccp_set_connection_state(struct sccp_connection *connection, int new_state)
+{
+ int old_state = connection->connection_state;
+
+ connection->connection_state = new_state;
+ if (connection->state_cb)
+ connection->state_cb(connection, old_state);
+}
+
+static int _sccp_send_refuse(struct sccp_connection_request *req, int cause)
+{
+ struct msgb *msgb;
+ struct sccp_connection_refused *ref;
+ u_int8_t *data;
+ int ret;
+
+ msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
+ SCCP_MSG_HEADROOM, "sccp ref");
+ msgb->l2h = &msgb->data[0];
+
+ ref = (struct sccp_connection_refused *) msgb_put(msgb, sizeof(*ref));
+ ref->type = SCCP_MSG_TYPE_CREF;
+ memcpy(&ref->destination_local_reference, &req->source_local_reference,
+ sizeof(struct sccp_source_reference));
+ ref->cause = cause;
+ ref->optional_start = 1;
+
+ data = msgb_put(msgb, 1);
+ data[0] = SCCP_PNC_END_OF_OPTIONAL;
+
+ ret = _send_msg(msgb);
+ msgb_free(msgb);
+ return ret;
+}
+
+static int _sccp_send_connection_confirm(struct sccp_connection *connection)
+{
+ struct msgb *response;
+ struct sccp_connection_confirm *confirm;
+ u_int8_t *optional_data;
+ int ret;
+
+ if (assign_source_local_reference(connection) != 0)
+ return -1;
+
+ response = msgb_alloc_headroom(SCCP_MSG_SIZE,
+ SCCP_MSG_HEADROOM, "sccp confirm");
+ response->l2h = &response->data[0];
+
+ confirm = (struct sccp_connection_confirm *) msgb_put(response, sizeof(*confirm));
+
+ confirm->type = SCCP_MSG_TYPE_CC;
+ memcpy(&confirm->destination_local_reference,
+ &connection->destination_local_reference,
+ sizeof(connection->destination_local_reference));
+ memcpy(&confirm->source_local_reference,
+ &connection->source_local_reference,
+ sizeof(connection->source_local_reference));
+ confirm->proto_class = 2;
+ confirm->optional_start = 1;
+
+ optional_data = (u_int8_t *) msgb_put(response, 1);
+ optional_data[0] = SCCP_PNC_END_OF_OPTIONAL;
+
+ ret = _send_msg(response);
+ msgb_free(response);
+
+ _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_ESTABLISHED);
+ return ret;
+}
+
+static int _sccp_send_connection_request(struct sccp_connection *connection,
+ const struct sockaddr_sccp *called, struct msgb *msg)
+{
+ struct msgb *request;
+ struct sccp_connection_request *req;
+ u_int8_t *data;
+ u_int8_t extra_size = 3 + 1;
+ int ret;
+
+
+ if (msg && (msgb_l3len(msg) < 3 || msgb_l3len(msg) > 130)) {
+ DEBUGP(DSCCP, "Invalid amount of data... %d\n", msgb_l3len(msg));
+ return -1;
+ }
+
+ /* try to find a id */
+ if (assign_source_local_reference(connection) != 0) {
+ DEBUGP(DSCCP, "Assigning a local reference failed.\n");
+ _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_SETUP_ERROR);
+ return -1;
+ }
+
+
+ if (msg)
+ extra_size += 2 + msgb_l3len(msg);
+ request = msgb_alloc_headroom(SCCP_MSG_SIZE,
+ SCCP_MSG_HEADROOM, "sccp connection request");
+ request->l2h = &request->data[0];
+ req = (struct sccp_connection_request *) msgb_put(request, sizeof(*req));
+
+ req->type = SCCP_MSG_TYPE_CR;
+ memcpy(&req->source_local_reference, &connection->source_local_reference,
+ sizeof(connection->source_local_reference));
+ req->proto_class = 2;
+ req->variable_called = 2;
+ req->optional_start = 4;
+
+ /* write the called party address */
+ data = msgb_put(request, 1 + 2);
+ data[0] = 2;
+ data[1] = 0x42;
+ data[2] = called->sccp_ssn;
+
+ /* write the payload */
+ if (msg) {
+ data = msgb_put(request, 2 + msgb_l3len(msg));
+ data[0] = SCCP_PNC_DATA;
+ data[1] = msgb_l3len(msg);
+ memcpy(&data[2], msg->l3h, msgb_l3len(msg));
+ }
+
+ data = msgb_put(request, 1);
+ data[0] = SCCP_PNC_END_OF_OPTIONAL;
+
+ llist_add_tail(&connection->list, &sccp_connections);
+ _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REQUEST);
+
+ ret = _send_msg(request);
+ msgb_free(request);
+
+ return ret;
+}
+
+static int _sccp_send_connection_data(struct sccp_connection *conn, struct msgb *_data)
+{
+ struct msgb *msgb;
+ struct sccp_data_form1 *dt1;
+ u_int8_t *data;
+ int extra_size;
+ int ret;
+
+ if (msgb_l3len(_data) < 2 || msgb_l3len(_data) > 256) {
+ DEBUGP(DSCCP, "data size too big, segmenting unimplemented.\n");
+ return -1;
+ }
+
+ extra_size = 1 + msgb_l3len(_data);
+ msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
+ SCCP_MSG_HEADROOM, "sccp dt1");
+ msgb->l2h = &msgb->data[0];
+
+ dt1 = (struct sccp_data_form1 *) msgb_put(msgb, sizeof(*dt1));
+ dt1->type = SCCP_MSG_TYPE_DT1;
+ memcpy(&dt1->destination_local_reference, &conn->destination_local_reference,
+ sizeof(struct sccp_source_reference));
+ dt1->segmenting = 0;
+
+ /* copy the data */
+ dt1->variable_start = 1;
+ data = msgb_put(msgb, extra_size);
+ data[0] = extra_size - 1;
+ memcpy(&data[1], _data->l3h, extra_size - 1);
+
+ ret = _send_msg(msgb);
+ msgb_free(msgb);
+
+ return ret;
+}
+
+static int _sccp_send_connection_released(struct sccp_connection *conn, int cause)
+{
+ struct msgb *msg;
+ struct sccp_connection_released *rel;
+ u_int8_t *data;
+ int ret;
+
+ msg = msgb_alloc_headroom(SCCP_MSG_SIZE, SCCP_MSG_HEADROOM,
+ "sccp: connection released");
+ msg->l2h = &msg->data[0];
+ rel = (struct sccp_connection_released *) msgb_put(msg, sizeof(*rel));
+ rel->type = SCCP_MSG_TYPE_RLSD;
+ rel->release_cause = cause;
+
+ /* copy the source references */
+ memcpy(&rel->destination_local_reference, &conn->destination_local_reference,
+ sizeof(struct sccp_source_reference));
+ memcpy(&rel->source_local_reference, &conn->source_local_reference,
+ sizeof(struct sccp_source_reference));
+
+ data = msgb_put(msg, 1);
+ data[0] = SCCP_PNC_END_OF_OPTIONAL;
+
+ _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_RELEASE);
+ ret = _send_msg(msg);
+ msgb_free(msg);
+
+ return ret;
+}
+
+/*
+ * Open a connection. The following is going to happen:
+ *
+ * - Verify the packet, e.g. that we have no other connection
+ * that id.
+ * - Ask the user if he wants to accept the connection
+ * - Try to open the connection by assigning a source local reference
+ * and sending the packet
+ */
+static int _sccp_handle_connection_request(struct msgb *msgb)
+{
+ static const u_int32_t header_size =
+ sizeof(struct sccp_connection_request);
+ static const u_int32_t optional_offset =
+ offsetof(struct sccp_connection_request, optional_start);
+ static const u_int32_t called_offset =
+ offsetof(struct sccp_connection_request, variable_called);
+
+ struct sccp_data_callback *cb;
+ struct sccp_connection_request *req = (struct sccp_connection_request *)msgb->data;
+ struct sccp_address called;
+ struct sccp_connection *connection;
+ struct sccp_optional_data optional_data;
+
+ /* header check */
+ if (msgb_l2len(msgb) < header_size) {
+ DEBUGP(DSCCP, "msgb < header_size %u %u\n",
+ msgb_l2len(msgb), header_size);
+ return -1;
+ }
+
+ /* copy out the calling and called address. Add the offset */
+ if (copy_address(&called, called_offset + req->variable_called, msgb) != 0)
+ return -1;
+
+ if (check_address(&called) != 0) {
+ DEBUGP(DSCCP, "Invalid called address according to 08.06: 0x%x 0x%x\n",
+ *(u_int8_t *)&called.address, called.ssn);
+ return -1;
+ }
+
+ cb = _find_ssn(called.ssn);
+ if (!cb || !cb->accept_cb) {
+ DEBUGP(DSCCP, "No routing for CR for called SSN: %u\n", called.ssn);
+ return -1;
+ }
+
+ /* check if the system wants this connection */
+ connection = talloc_zero(tall_sccp_ctx, struct sccp_connection);
+ if (!connection) {
+ DEBUGP(DSCCP, "Allocation failed\n");
+ return -1;
+ }
+
+ /*
+ * sanity checks:
+ * - Is the source_local_reference in any other connection?
+ * then will call accept, assign a "destination" local reference
+ * and send a connection confirm, otherwise we will send a refuseed
+ * one....
+ */
+ if (destination_local_reference_is_free(&req->source_local_reference) != 0) {
+ DEBUGP(DSCCP, "Need to reject connection with existing reference\n");
+ _sccp_send_refuse(req, SCCP_REFUSAL_SCCP_FAILURE);
+ talloc_free(connection);
+ return -1;
+ }
+
+ connection->incoming = 1;
+ connection->destination_local_reference = req->source_local_reference;
+
+ /*
+ * parse optional data.
+ */
+ memset(&optional_data, 0, sizeof(optional_data));
+ if (_sccp_parse_optional_data(optional_offset + req->optional_start, msgb, &optional_data) != 0) {
+ DEBUGP(DSCCP, "parsing of optional data failed.\n");
+ talloc_free(connection);
+ return -1;
+ }
+
+ if (cb->accept_cb(connection, cb->accept_context) != 0) {
+ _sccp_send_refuse(req, SCCP_REFUSAL_END_USER_ORIGINATED);
+ _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REFUSED);
+ talloc_free(connection);
+ return 0;
+ }
+
+
+ llist_add_tail(&connection->list, &sccp_connections);
+
+ if (_sccp_send_connection_confirm(connection) != 0) {
+ DEBUGP(DSCCP, "Sending confirm failed... no available source reference?\n");
+
+ _sccp_send_refuse(req, SCCP_REFUSAL_SCCP_FAILURE);
+ _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_REFUSED);
+ llist_del(&connection->list);
+ talloc_free(connection);
+
+ return -1;
+ }
+
+ /*
+ * If we have data let us forward things.
+ */
+ if (optional_data.data_len != 0 && connection->data_cb) {
+ msgb->l3h = &msgb->l2h[optional_data.data_start];
+ connection->data_cb(connection, msgb, optional_data.data_len);
+ }
+
+ return 0;
+}
+
+/* Handle the release confirmed */
+static int _sccp_handle_connection_release_complete(struct msgb *data)
+{
+ static int header_size = sizeof(struct sccp_connection_release_complete);
+
+ struct sccp_connection_release_complete *cmpl;
+ struct sccp_connection *conn;
+
+ /* header check */
+ if (msgb_l2len(data) < header_size) {
+ DEBUGP(DSCCP, "msgb < header_size %u %u\n",
+ msgb_l2len(data), header_size);
+ return -1;
+ }
+
+ cmpl = (struct sccp_connection_release_complete *) data->l2h;
+
+ /* find the connection */
+ llist_for_each_entry(conn, &sccp_connections, list) {
+ if (conn->data_cb
+ && memcmp(&conn->source_local_reference,
+ &cmpl->destination_local_reference,
+ sizeof(conn->source_local_reference)) == 0
+ && memcmp(&conn->destination_local_reference,
+ &cmpl->source_local_reference,
+ sizeof(conn->destination_local_reference)) == 0) {
+ goto found;
+ }
+ }
+
+
+ DEBUGP(DSCCP, "Release complete of unknown connection\n");
+ return -1;
+
+found:
+ llist_del(&conn->list);
+ _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_RELEASE_COMPLETE);
+ return 0;
+}
+
+/* Handle the Data Form 1 message */
+static int _sccp_handle_connection_dt1(struct msgb *data)
+{
+ static int variable_offset = offsetof(struct sccp_data_form1, variable_start);
+ static int header_size = sizeof(struct sccp_data_form1);
+
+ struct sccp_data_form1 *dt1 = (struct sccp_data_form1 *)data->l2h;
+ struct sccp_connection *conn;
+ int size;
+
+ /* we don't have enough size for the struct */
+ if (msgb_l2len(data) < header_size) {
+ DEBUGP(DSCCP, "msgb > header_size %u %u\n",
+ msgb_l2len(data), header_size);
+ return -1;
+ }
+
+ if (dt1->segmenting != 0) {
+ DEBUGP(DSCCP, "This packet has segmenting, not supported: %d\n", dt1->segmenting);
+ return -1;
+ }
+
+ /* lookup if we have a connection with the given reference */
+ llist_for_each_entry(conn, &sccp_connections, list) {
+ if (conn->data_cb
+ && memcmp(&conn->source_local_reference,
+ &dt1->destination_local_reference,
+ sizeof(conn->source_local_reference)) == 0) {
+
+ /* some more size checks in here */
+ if (msgb_l2len(data) < variable_offset + dt1->variable_start + 1) {
+ DEBUGP(DSCCP, "Not enough space for variable start: %u %u\n",
+ msgb_l2len(data), dt1->variable_start);
+ return -1;
+ }
+
+ size = data->l2h[variable_offset + dt1->variable_start];
+ data->l3h = &data->l2h[dt1->variable_start + variable_offset + 1];
+
+ if (msgb_l3len(data) < size) {
+ DEBUGP(DSCCP, "Not enough room for the payload: %u %u\n",
+ msgb_l3len(data), size);
+ return -1;
+ }
+
+ conn->data_cb(conn, data, size);
+ return 0;
+ }
+ }
+
+ DEBUGP(DSCCP, "No connection found for dt1 data\n");
+ return -1;
+}
+
+/* confirm a connection release */
+static int _sccp_send_connection_release_complete(struct sccp_connection *connection)
+{
+ struct msgb *msgb;
+ struct sccp_connection_release_complete *rlc;
+ int ret;
+
+ msgb = msgb_alloc_headroom(SCCP_MSG_SIZE,
+ SCCP_MSG_HEADROOM, "sccp rlc");
+ msgb->l2h = &msgb->data[0];
+
+ rlc = (struct sccp_connection_release_complete *) msgb_put(msgb, sizeof(*rlc));
+ rlc->type = SCCP_MSG_TYPE_RLC;
+ memcpy(&rlc->destination_local_reference,
+ &connection->destination_local_reference, sizeof(struct sccp_source_reference));
+ memcpy(&rlc->source_local_reference,
+ &connection->source_local_reference, sizeof(struct sccp_source_reference));
+
+ ret = _send_msg(msgb);
+ msgb_free(msgb);
+
+ /*
+ * Remove from the list of active connections and set the state. User code
+ * should now free the entry.
+ */
+ llist_del(&connection->list);
+ _sccp_set_connection_state(connection, SCCP_CONNECTION_STATE_RELEASE_COMPLETE);
+
+ return ret;
+}
+
+/* connection released, send a released confirm */
+static int _sccp_handle_connection_released(struct msgb *data)
+{
+ static int header_size = sizeof(struct sccp_connection_released);
+ static int optional_offset = offsetof(struct sccp_connection_released, optional_start);
+
+ struct sccp_optional_data optional_data;
+ struct sccp_connection_released *rls = (struct sccp_connection_released *)data->l2h;
+ struct sccp_connection *conn;
+
+ /* we don't have enough size for the struct */
+ if (msgb_l2len(data) < header_size) {
+ DEBUGP(DSCCP, "msgb > header_size %u %u\n",
+ msgb_l2len(data), header_size);
+ return -1;
+ }
+
+ /* lookup if we have a connection with the given reference */
+ llist_for_each_entry(conn, &sccp_connections, list) {
+ if (conn->data_cb
+ && memcmp(&conn->source_local_reference,
+ &rls->destination_local_reference,
+ sizeof(conn->source_local_reference)) == 0
+ && memcmp(&conn->destination_local_reference,
+ &rls->source_local_reference,
+ sizeof(conn->destination_local_reference)) == 0) {
+ goto found;
+ }
+ }
+
+
+ DEBUGP(DSCCP, "Unknown connection was released.\n");
+ return -1;
+
+ /* we have found a connection */
+found:
+ memset(&optional_data, 0, sizeof(optional_data));
+ if (_sccp_parse_optional_data(optional_offset + rls->optional_start, data, &optional_data) != 0) {
+ DEBUGP(DSCCP, "parsing of optional data failed.\n");
+ return -1;
+ }
+
+ /* optional data */
+ if (optional_data.data_len != 0 && conn->data_cb) {
+ data->l3h = &data->l2h[optional_data.data_start];
+ conn->data_cb(conn, data, optional_data.data_len);
+ }
+
+ /* generate a response */
+ if (_sccp_send_connection_release_complete(conn) != 0) {
+ DEBUGP(DSCCP, "Sending release confirmed failed\n");
+ return -1;
+ }
+
+ return 0;
+}
+
+static int _sccp_handle_connection_refused(struct msgb *msgb)
+{
+ static const u_int32_t header_size =
+ sizeof(struct sccp_connection_refused);
+ static int optional_offset = offsetof(struct sccp_connection_refused, optional_start);
+
+ struct sccp_optional_data optional_data;
+ struct sccp_connection *conn;
+ struct sccp_connection_refused *ref;
+
+ /* header check */
+ if (msgb_l2len(msgb) < header_size) {
+ DEBUGP(DSCCP, "msgb < header_size %u %u\n",
+ msgb_l2len(msgb), header_size);
+ return -1;
+ }
+
+ ref = (struct sccp_connection_refused *) msgb->l2h;
+
+ /* lookup if we have a connection with the given reference */
+ llist_for_each_entry(conn, &sccp_connections, list) {
+ if (conn->incoming == 0 && conn->data_cb
+ && memcmp(&conn->source_local_reference,
+ &ref->destination_local_reference,
+ sizeof(conn->source_local_reference)) == 0) {
+ goto found;
+ }
+ }
+
+ DEBUGP(DSCCP, "Refused but no connection found\n");
+ return -1;
+
+found:
+ memset(&optional_data, 0, sizeof(optional_data));
+ if (_sccp_parse_optional_data(optional_offset + ref->optional_start, msgb, &optional_data) != 0) {
+ DEBUGP(DSCCP, "parsing of optional data failed.\n");
+ return -1;
+ }
+
+ /* optional data */
+ if (optional_data.data_len != 0 && conn->data_cb) {
+ msgb->l3h = &msgb->l2h[optional_data.data_start];
+ conn->data_cb(conn, msgb, optional_data.data_len);
+ }
+
+
+ llist_del(&conn->list);
+ _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_REFUSED);
+ return 0;
+}
+
+static int _sccp_handle_connection_confirm(struct msgb *msgb)
+{
+ static u_int32_t header_size =
+ sizeof(struct sccp_connection_confirm);
+ static const u_int32_t optional_offset =
+ offsetof(struct sccp_connection_confirm, optional_start);
+
+ struct sccp_optional_data optional_data;
+ struct sccp_connection *conn;
+ struct sccp_connection_confirm *con;
+
+ /* header check */
+ if (msgb_l2len(msgb) < header_size) {
+ DEBUGP(DSCCP, "msgb < header_size %u %u\n",
+ msgb_l2len(msgb), header_size);
+ return -1;
+ }
+
+ con = (struct sccp_connection_confirm *) msgb->l2h;
+
+ /* lookup if we have a connection with the given reference */
+ llist_for_each_entry(conn, &sccp_connections, list) {
+ if (conn->incoming == 0 && conn->data_cb
+ && memcmp(&conn->source_local_reference,
+ &con->destination_local_reference,
+ sizeof(conn->source_local_reference)) == 0) {
+ goto found;
+ }
+ }
+
+ DEBUGP(DSCCP, "Confirmed but no connection found\n");
+ return -1;
+
+found:
+ /* copy the addresses of the connection */
+ conn->destination_local_reference = con->source_local_reference;
+ _sccp_set_connection_state(conn, SCCP_CONNECTION_STATE_ESTABLISHED);
+
+ memset(&optional_data, 0, sizeof(optional_data));
+ if (_sccp_parse_optional_data(optional_offset + con->optional_start, msgb, &optional_data) != 0) {
+ DEBUGP(DSCCP, "parsing of optional data failed.\n");
+ return -1;
+ }
+
+ /* optional data */
+ if (optional_data.data_len != 0 && conn->data_cb) {
+ msgb->l3h = &msgb->l2h[optional_data.data_start];
+ conn->data_cb(conn, msgb, optional_data.data_len);
+ }
+
+ return 0;
+}
+
+
+int sccp_system_init(int (*outgoing)(struct msgb *data, void *ctx), void *ctx)
+{
+ sccp_system.write_data = outgoing;
+ sccp_system.write_context = ctx;
+
+ return 0;
+}
+
+/* oh my god a real SCCP packet. need to dispatch it now */
+int sccp_system_incoming(struct msgb *msgb)
+{
+ if (msgb_l2len(msgb) < 1 ) {
+ DEBUGP(DSCCP, "Too short packet\n");
+ return -1;
+ }
+
+ int type = msgb->l2h[0];
+
+ switch(type) {
+ case SCCP_MSG_TYPE_CR:
+ return _sccp_handle_connection_request(msgb);
+ break;
+ case SCCP_MSG_TYPE_RLSD:
+ return _sccp_handle_connection_released(msgb);
+ break;
+ case SCCP_MSG_TYPE_CREF:
+ return _sccp_handle_connection_refused(msgb);
+ break;
+ case SCCP_MSG_TYPE_CC:
+ return _sccp_handle_connection_confirm(msgb);
+ break;
+ case SCCP_MSG_TYPE_RLC:
+ return _sccp_handle_connection_release_complete(msgb);
+ break;
+ case SCCP_MSG_TYPE_DT1:
+ return _sccp_handle_connection_dt1(msgb);
+ break;
+ case SCCP_MSG_TYPE_UDT:
+ return _sccp_handle_read(msgb);
+ break;
+ default:
+ DEBUGP(DSCCP, "unimplemented msg type: %d\n", type);
+ };
+
+ return -1;
+}
+
+/* create a packet from the data */
+int sccp_connection_write(struct sccp_connection *connection, struct msgb *data)
+{
+ if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
+ || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
+ DEBUGP(DSCCP, "sccp_connection_write: Wrong connection state: %p %d\n",
+ connection, connection->connection_state);
+ return -1;
+ }
+
+ return _sccp_send_connection_data(connection, data);
+}
+
+/* send a connection release and wait for the connection released */
+int sccp_connection_close(struct sccp_connection *connection, int cause)
+{
+ if (connection->connection_state < SCCP_CONNECTION_STATE_CONFIRM
+ || connection->connection_state > SCCP_CONNECTION_STATE_ESTABLISHED) {
+ DEBUGPC(DSCCP, "Can not close the connection. It was never opened: %p %d\n",
+ connection, connection->connection_state);
+ return -1;
+ }
+
+ return _sccp_send_connection_released(connection, cause);
+}
+
+int sccp_connection_free(struct sccp_connection *connection)
+{
+ if (connection->connection_state > SCCP_CONNECTION_STATE_NONE
+ && connection->connection_state < SCCP_CONNECTION_STATE_RELEASE_COMPLETE) {
+ DEBUGP(DSCCP, "The connection needs to be released before it is freed");
+ return -1;
+ }
+
+ talloc_free(connection);
+ return 0;
+}
+
+struct sccp_connection *sccp_connection_socket(void)
+{
+ return talloc_zero(tall_sccp_ctx, struct sccp_connection);
+}
+
+int sccp_connection_connect(struct sccp_connection *conn,
+ const struct sockaddr_sccp *local,
+ struct msgb *data)
+{
+ return _sccp_send_connection_request(conn, local, data);
+}
+
+int sccp_connection_set_incoming(const struct sockaddr_sccp *sock,
+ int (*accept_cb)(struct sccp_connection *, void *), void *context)
+{
+ struct sccp_data_callback *cb;
+
+ if (!sock)
+ return -2;
+
+ cb = _find_ssn(sock->sccp_ssn);
+ if (!cb)
+ return -1;
+
+ cb->accept_cb = accept_cb;
+ cb->accept_context = context;
+ return 0;
+}
+
+int sccp_write(struct msgb *data, const struct sockaddr_sccp *in,
+ const struct sockaddr_sccp *out, int class)
+{
+ return _sccp_send_data(class, in, out, data);
+}
+
+int sccp_set_read(const struct sockaddr_sccp *sock,
+ int (*read_cb)(struct msgb *, unsigned int, void *), void *context)
+{
+ struct sccp_data_callback *cb;
+
+ if (!sock)
+ return -2;
+
+ cb = _find_ssn(sock->sccp_ssn);
+ if (!cb)
+ return -1;
+
+ cb->read_cb = read_cb;
+ cb->read_context = context;
+ return 0;
+}
+
+static_assert(sizeof(struct sccp_source_reference) <= sizeof(u_int32_t), enough_space);
+
+u_int32_t sccp_src_ref_to_int(struct sccp_source_reference *ref)
+{
+ u_int32_t src_ref = 0;
+ memcpy(&src_ref, ref, sizeof(*ref));
+ return src_ref;
+}
+
+struct sccp_source_reference sccp_src_ref_from_int(u_int32_t int_ref)
+{
+ struct sccp_source_reference ref;
+ memcpy(&ref, &int_ref, sizeof(ref));
+ return ref;
+}
+
+static __attribute__((constructor)) void on_dso_load(void)
+{
+ tall_sccp_ctx = talloc_named_const(NULL, 1, "sccp");
+}
+
+static __attribute__((destructor)) void on_dso_unload(void)
+{
+ talloc_report_full(tall_sccp_ctx, stderr);
+}
diff --git a/openbsc/tests/Makefile.am b/openbsc/tests/Makefile.am
index 2d4e81c75..f40105fbf 100644
--- a/openbsc/tests/Makefile.am
+++ b/openbsc/tests/Makefile.am
@@ -1 +1 @@
-SUBDIRS = debug timer sms gsm0408 db channel
+SUBDIRS = debug timer sms gsm0408 db channel sccp
diff --git a/openbsc/tests/sccp/Makefile.am b/openbsc/tests/sccp/Makefile.am
new file mode 100644
index 000000000..5a275fc2b
--- /dev/null
+++ b/openbsc/tests/sccp/Makefile.am
@@ -0,0 +1,8 @@
+INCLUDES = $(all_includes) -I$(top_srcdir)/include
+AM_CFLAGS=-Wall -ggdb3
+
+noinst_PROGRAMS = sccp_test
+
+sccp_test_SOURCES = sccp_test.c
+sccp_test_LDADD = $(top_builddir)/src/libsccp.a $(top_builddir)/src/libbsc.a
+
diff --git a/openbsc/tests/sccp/sccp_test.c b/openbsc/tests/sccp/sccp_test.c
new file mode 100644
index 000000000..d3b334f3b
--- /dev/null
+++ b/openbsc/tests/sccp/sccp_test.c
@@ -0,0 +1,723 @@
+/*
+ * SCCP testing code
+ *
+ * (C) 2009 by Holger Hans Peter Freyther <zecke@selfish.org>
+ * (C) 2009 by on-waves.com
+ *
+ * All Rights Reserved
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include <stdio.h>
+
+#include <arpa/inet.h>
+
+#include <sccp/sccp.h>
+#include <openbsc/gsm_data.h>
+#include <openbsc/debug.h>
+
+#define MIN(x, y) ((x) < (y) ? (x) : (y))
+
+/* BSC -> MSC */
+static const u_int8_t bssmap_reset[] = {
+ 0x09, 0x00, 0x03, 0x05, 0x07, 0x02, 0x42, 0xfe,
+ 0x02, 0x42, 0xfe, 0x06, 0x00, 0x04, 0x30, 0x04,
+ 0x01, 0x20,
+};
+
+/* MSC -> BSC reset ack */
+static const u_int8_t bssmap_reset_ack[] = {
+ 0x09, 0x00, 0x03, 0x07, 0x0b, 0x04, 0x43, 0x01,
+ 0x00, 0xfe, 0x04, 0x43, 0x5c, 0x00, 0xfe, 0x03,
+ 0x00, 0x01, 0x31,
+};
+
+/* MSC -> BSC paging, connection less */
+static const u_int8_t bssmap_paging[] = {
+ 0x09, 0x00, 0x03, 0x07, 0x0b, 0x04, 0x43, 0x01,
+ 0x00, 0xfe, 0x04, 0x43, 0x5c, 0x00, 0xfe, 0x10,
+ 0x00, 0x0e, 0x52, 0x08, 0x08, 0x29, 0x47, 0x10,
+ 0x02, 0x01, 0x31, 0x97, 0x61, 0x1a, 0x01, 0x06,
+};
+
+/* MSC -> BSC paging, UDT without PC */
+static const u_int8_t bssmap_udt[] = {
+ 0x09, 0x00, 0x03, 0x05, 0x07, 0x02, 0x42, 0xfe,
+ 0x02, 0x42, 0xfe, 0x10, 0x00, 0x0e, 0x52, 0x08,
+ 0x08, 0x29, 0x47, 0x10, 0x02, 0x01, 0x31, 0x97,
+ 0x61, 0x1a, 0x01, 0x06,
+};
+
+/* BSC -> MSC connection open */
+static const u_int8_t bssmap_cr[] = {
+ 0x01, 0x01, 0x02, 0x03, 0x02, 0x02, 0x04, 0x02,
+ 0x42, 0xfe, 0x0f, 0x1f, 0x00, 0x1d, 0x57, 0x05,
+ 0x08, 0x00, 0x72, 0xf4, 0x80, 0x20, 0x12, 0xc3,
+ 0x50, 0x17, 0x10, 0x05, 0x24, 0x11, 0x03, 0x33,
+ 0x19, 0xa2, 0x08, 0x29, 0x47, 0x10, 0x02, 0x01,
+ 0x31, 0x97, 0x61, 0x00
+};
+
+/* MSC -> BSC connection confirm */
+static const u_int8_t bssmap_cc[] = {
+ 0x02, 0x01, 0x02, 0x03, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00,
+};
+
+/* MSC -> BSC DTAP
+ *
+ * we fake a bit and make it BSC -> MSC... so the
+ * payload does not make any sense..
+ */
+static const u_int8_t bssmap_dtap[] = {
+ 0x06, 0x00, 0x00, 0x03, 0x00, 0x01, 0x0f, 0x01, 0x00, 0x0c,
+ 0x03, 0x05, 0x5c, 0x08, 0x11, 0x81, 0x33, 0x66, 0x02, 0x13,
+ 0x45, 0xf4,
+};
+
+/* MSC -> BSC clear command */
+static const u_int8_t bssmap_clear[] = {
+ 0x06, 0x00, 0x00, 0x03, 0x00, 0x01, 0x06, 0x00, 0x04, 0x20,
+ 0x04, 0x01, 0x09,
+};
+
+/* MSC -> BSC released */
+static const u_int8_t bssmap_released[] = {
+ 0x04, 0x00, 0x00, 0x03, 0x01, 0x02, 0x03, 0x00, 0x01, 0x0f,
+ 0x02, 0x23, 0x42, 0x00,
+};
+
+/* BSC -> MSC released */
+static const u_int8_t bssmap_release_complete[] = {
+ 0x05, 0x01, 0x02, 0x03, 0x00, 0x00, 0x03
+};
+
+struct test_data {
+ int length;
+ const u_int8_t *data;
+ int payload_start;
+ int payload_length;
+ u_int8_t first_byte;
+
+ /* in case it should trigger a sccp response */
+ int write;
+ const u_int8_t *response;
+ int response_length;
+};
+
+static const struct test_data test_data[] = {
+ {
+ .length = ARRAY_SIZE(bssmap_reset),
+ .data = &bssmap_reset[0],
+ .payload_start = 12,
+ .payload_length = ARRAY_SIZE(bssmap_reset) - 12,
+ .first_byte = 0x0,
+ },
+ {
+ .length = ARRAY_SIZE(bssmap_reset_ack),
+ .data = &bssmap_reset_ack[0],
+ .payload_start = 16,
+ .payload_length = ARRAY_SIZE(bssmap_reset_ack) - 16,
+ .first_byte = 0x0,
+ },
+ {
+ .length = ARRAY_SIZE(bssmap_paging),
+ .data = &bssmap_paging[0],
+ .payload_start = 16,
+ .payload_length = ARRAY_SIZE(bssmap_paging) - 16,
+ .first_byte = 0x0,
+ },
+ {
+ .length = ARRAY_SIZE(bssmap_cr),
+ .data = &bssmap_cr[0],
+ .payload_start = 12,
+ /* 0x00 is end of optional data, subtract this byte */
+ .payload_length = 31,
+ .first_byte = 0x0,
+
+ /* the connection request should trigger a connection confirm */
+ .write = 1,
+ .response = &bssmap_cc[0],
+ .response_length= ARRAY_SIZE(bssmap_cc),
+ },
+ {
+ .length = ARRAY_SIZE(bssmap_dtap),
+ .data = &bssmap_dtap[0],
+ .payload_start = 7,
+ .payload_length = 15,
+ .first_byte = 0x01,
+ },
+ {
+ .length = ARRAY_SIZE(bssmap_clear),
+ .data = &bssmap_clear[0],
+ .payload_start = 7,
+ .payload_length = 6,
+ .first_byte = 0x00,
+ },
+ {
+ .length = ARRAY_SIZE(bssmap_released),
+ .data = &bssmap_released[0],
+ .payload_length = 2,
+ .payload_start = 11,
+ .first_byte = 0x23,
+
+ .write = 1,
+ .response = &bssmap_release_complete[0],
+ .response_length= ARRAY_SIZE(bssmap_release_complete),
+ },
+};
+
+/* we will send UDTs and verify they look like this */
+static const struct test_data send_data[] = {
+ {
+ .length = ARRAY_SIZE(bssmap_udt),
+ .data = &bssmap_udt[0],
+ .payload_start = 12,
+ .payload_length = ARRAY_SIZE(bssmap_udt) - 12,
+ .first_byte = 0x0,
+ },
+ {
+ .length = ARRAY_SIZE(bssmap_reset),
+ .data = &bssmap_reset[0],
+ .payload_start = 12,
+ .payload_length = ARRAY_SIZE(bssmap_reset) - 12,
+ .first_byte = 0x0,
+ },
+};
+
+struct connection_test {
+ /* should the connection be refused? */
+ int refuse;
+
+ int with_data;
+
+ /* on which side to close the connection? */
+ int close_side;
+ int close_cause;
+};
+
+/* sccp connection handling we want to test */
+static const struct connection_test connection_tests[] = {
+ {
+ .refuse = 1,
+ },
+ {
+ .refuse = 1,
+ .with_data = 1,
+ },
+ {
+ .refuse = 0,
+ .close_side = 0,
+ .close_cause = 5,
+ },
+ {
+ .refuse = 0,
+ .close_side = 0,
+ .close_cause = 5,
+ .with_data = 1,
+ },
+ {
+ .refuse = 0,
+ .close_side = 1,
+ .close_cause = 5,
+ },
+ {
+ .refuse = 0,
+ .close_side = 1,
+ .close_cause = 5,
+ .with_data = 1,
+ },
+};
+
+/* testing procedure:
+ * - we will use sccp_write and see what will be set in the
+ * outgoing callback
+ * - we will call sccp_system_incoming and see which calls
+ * are made. And then compare it to the ones we expect. We
+ * want the payload to arrive, or callbacks to be called.
+ * - we will use sccp_connection_socket and sccp_connection_write
+ * and verify state handling of connections
+ */
+
+static int current_test;
+
+/*
+ * test state...
+ */
+static int called = 0;
+static int matched = 0;
+static int write_called = 0;
+
+#define FAIL(x, args...) printf("FAILURE in %s:%d: " x, __FILE__, __LINE__, ## args)
+
+/*
+ * writing these packets and expecting a result
+ */
+int sccp_read_cb(struct msgb *data, unsigned len, void *context)
+{
+ u_int16_t payload_length = test_data[current_test].payload_length;
+ const u_int8_t *got, *wanted;
+ int i;
+
+ called = 1;
+
+ if (msgb_l3len(data) < len) {
+ /* this should never be reached */
+ FAIL("Something horrible happened.. invalid packet..\n");
+ exit(-1);
+ }
+
+ if (len == 0 || len != payload_length) {
+ FAIL("length mismatch: got: %d wanted: %d\n", msgb_l3len(data), payload_length);
+ return -1;
+ }
+
+ if (data->l3h[0] != test_data[current_test].first_byte) {
+ FAIL("The first bytes of l3 do not match: 0x%x 0x%x\n",
+ data->l3h[0], test_data[current_test].first_byte);
+ return -1;
+ }
+
+ got = &data->l3h[0];
+ wanted = test_data[current_test].data + test_data[current_test].payload_start;
+
+ for (i = 0; i < len; ++i) {
+ if (got[i] != wanted[i]) {
+ FAIL("Failed to compare byte. Got: 0x%x Wanted: 0x%x at %d\n",
+ got[i], wanted[i], i);
+ return -1;
+ }
+ }
+
+ matched = 1;
+ return 0;
+}
+
+int sccp_write_cb(struct msgb *data, void *ctx)
+{
+ int i = 0;
+ const u_int8_t *got, *wanted;
+
+ if (test_data[current_test].response == NULL) {
+ FAIL("Didn't expect write callback\n");
+ return -1;
+ } else if (test_data[current_test].response_length != msgb_l2len(data)) {
+ FAIL("Size does not match. Got: %d Wanted: %d\n",
+ msgb_l2len(data), test_data[current_test].response_length);
+ }
+
+ got = &data->l2h[0];
+ wanted = test_data[current_test].response;
+
+ for (i = 0; i < msgb_l2len(data); ++i) {
+ if (got[i] != wanted[i]) {
+ FAIL("Failed to compare byte. Got: 0x%x Wanted: 0x%x at %d\n",
+ got[i], wanted[i], i);
+ return -1;
+ }
+ }
+
+ write_called = 1;
+ return 0;
+}
+
+void sccp_c_read(struct sccp_connection *connection, struct msgb *msgb, unsigned int len)
+{
+ sccp_read_cb(msgb, len, connection->data_ctx);
+}
+
+void sccp_c_state(struct sccp_connection *connection, int old_state)
+{
+ if (connection->connection_state >= SCCP_CONNECTION_STATE_RELEASE_COMPLETE)
+ sccp_connection_free(connection);
+}
+
+int sccp_accept_cb(struct sccp_connection *connection, void *user_data)
+{
+ called = 1;
+ unsigned int ref = 0;
+ ref |= connection->destination_local_reference.octet1 << 24;
+ ref |= connection->destination_local_reference.octet2 << 16;
+ ref |= connection->destination_local_reference.octet3 << 8;
+ ref = ntohl(ref);
+
+ connection->data_cb = sccp_c_read;
+ connection->state_cb = sccp_c_state;
+
+ /* accept this */
+ return 0;
+}
+
+static int sccp_udt_write_cb(struct msgb *data, void *context)
+{
+ const u_int8_t *got, *wanted;
+ int i;
+
+ write_called = 1;
+
+ if (send_data[current_test].length != msgb_l2len(data)) {
+ FAIL("Size does not match. Got: %d Wanted: %d\n",
+ msgb_l2len(data), send_data[current_test].length);
+ return -1;
+ }
+
+ got = &data->l2h[0];
+ wanted = send_data[current_test].data;
+
+ for (i = 0; i < msgb_l2len(data); ++i) {
+ if (got[i] != wanted[i]) {
+ FAIL("Failed to compare byte. Got: 0x%x Wanted: 0x%x at %d\n",
+ got[i], wanted[i], i);
+ return -1;
+ }
+ }
+
+ matched = 1;
+ return 0;
+}
+
+static void test_sccp_system(void)
+{
+ sccp_system_init(sccp_write_cb, NULL);
+ sccp_set_read(&sccp_ssn_bssap, sccp_read_cb, NULL);
+ sccp_connection_set_incoming(&sccp_ssn_bssap, sccp_accept_cb, NULL);
+
+ for (current_test = 0; current_test < ARRAY_SIZE(test_data); ++current_test) {
+ unsigned int length = test_data[current_test].length;
+ struct msgb *msg = msgb_alloc_headroom(length + 2, 2, __func__);
+ msg->l2h = msgb_put(msg, length);
+ memcpy(msg->l2h, test_data[current_test].data, length);
+
+ called = matched = write_called = 0;
+ printf("Testing packet: %d\n", current_test);
+ sccp_system_incoming(msg);
+
+ if (!called || !matched || (test_data[current_test].write != write_called))
+ FAIL("current test: %d called: %d matched: %d write: %d\n",
+ current_test, called, matched, write_called);
+
+ msgb_free(msg);
+ }
+}
+
+/* test sending of udt */
+static void test_sccp_send_udt(void)
+{
+ sccp_system_init(sccp_udt_write_cb, NULL);
+ sccp_set_read(NULL, NULL, NULL);
+ sccp_connection_set_incoming(NULL, NULL, NULL);
+
+ for (current_test = 0; current_test < ARRAY_SIZE(send_data); ++current_test) {
+ const struct test_data *test = &send_data[current_test];
+
+ struct msgb *msg = msgb_alloc(test->payload_length, __func__);
+ msg->l3h = msgb_put(msg, test->payload_length);
+ memcpy(msg->l3h, test->data + test->payload_start, test->payload_length);
+
+ matched = write_called = 0;
+ printf("Testing packet: %d\n", current_test);
+ sccp_write(msg, &sccp_ssn_bssap, &sccp_ssn_bssap, 0);
+
+ if (!matched || !write_called)
+ FAIL("current test: %d matched: %d write: %d\n",
+ current_test, matched, write_called);
+
+ msgb_free(msg);
+ }
+}
+
+/* send udt from one end to another */
+static unsigned int test_value = 0x2442;
+static int sccp_udt_read(struct msgb *data, unsigned int len, void *context)
+{
+ unsigned int *val;
+
+ if (len != 4) {
+ FAIL("Wrong size: %d\n", msgb_l3len(data));
+ return -1;
+ }
+
+ val = (unsigned int*)data->l3h;
+ matched = test_value == *val;
+
+ return 0;
+}
+
+static int sccp_write_loop(struct msgb *data, void *context)
+{
+ /* send it back to us */
+ sccp_system_incoming(data);
+ return 0;
+}
+
+static void test_sccp_udt_communication(void)
+{
+ struct msgb *data;
+ unsigned int *val;
+
+ sccp_system_init(sccp_write_loop, NULL);
+ sccp_set_read(&sccp_ssn_bssap, sccp_udt_read, NULL);
+ sccp_connection_set_incoming(NULL, NULL, NULL);
+
+
+ data = msgb_alloc(4, "test data");
+ data->l3h = &data->data[0];
+ val = (unsigned int *)msgb_put(data, 4);
+ *val = test_value;
+
+ matched = 0;
+ sccp_write(data, &sccp_ssn_bssap, &sccp_ssn_bssap, 0);
+
+ if (!matched)
+ FAIL("Talking with us didn't work\n");
+
+ msgb_free(data);
+}
+
+
+/* connection testing... open, send, close */
+static const struct connection_test *current_con_test;
+static struct sccp_connection *outgoing_con;
+static struct sccp_connection *incoming_con;
+static int outgoing_data, incoming_data, incoming_state, outgoing_state;
+
+static struct msgb *test_data1, *test_data2, *test_data3;
+
+static void sccp_conn_in_state(struct sccp_connection *conn, int old_state)
+{
+ printf("\tincome: %d -> %d\n", old_state, conn->connection_state);
+ if (conn->connection_state >= SCCP_CONNECTION_STATE_RELEASE_COMPLETE) {
+ if (conn == incoming_con) {
+ sccp_connection_free(conn);
+ incoming_con = NULL;
+ }
+ }
+}
+
+static void sccp_conn_in_data(struct sccp_connection *conn, struct msgb *msg, unsigned int len)
+{
+ /* compare the data */
+ ++incoming_data;
+ printf("\tincoming data: %d\n", len);
+
+ /* compare the data */
+ if (len != 4) {
+ FAIL("Length of packet is wrong: %u %u\n", msgb_l3len(msg), len);
+ return;
+ }
+
+ if (incoming_data == 1) {
+ if (memcmp(msg->l3h, test_data1->l3h, len) != 0) {
+ FAIL("Comparing the data failed: %d\n", incoming_data);
+ incoming_state = 0;
+ printf("Got: %s\n", hexdump(msg->l3h, len));
+ printf("Wanted: %s\n", hexdump(test_data1->l3h, len));
+
+ }
+ } else if (incoming_data == 2) {
+ if (memcmp(msg->l3h, test_data2->l3h, len) != 0) {
+ FAIL("Comparing the data failed: %d\n", incoming_data);
+ incoming_state = 0;
+ printf("Got: %s\n", hexdump(msg->l3h, len));
+ printf("Wanted: %s\n", hexdump(test_data2->l3h, len));
+ }
+ }
+
+ /* sending out data */
+ if (incoming_data == 2) {
+ printf("\tReturning data3\n");
+ sccp_connection_write(conn, test_data3);
+ }
+}
+
+static int sccp_conn_accept(struct sccp_connection *conn, void *ctx)
+{
+ printf("\taccept: %p\n", conn);
+ conn->state_cb = sccp_conn_in_state;
+ conn->data_cb = sccp_conn_in_data;
+
+ if (current_con_test->refuse)
+ return -1;
+
+ incoming_con = conn;
+ return 0;
+}
+
+/* callbacks for the outgoing side */
+static void sccp_conn_out_state(struct sccp_connection *conn, int old_state)
+{
+ printf("\toutgoing: %p %d -> %d\n", conn, old_state, conn->connection_state);
+
+ if (conn->connection_state >= SCCP_CONNECTION_STATE_RELEASE_COMPLETE) {
+ if (conn == outgoing_con) {
+ sccp_connection_free(conn);
+ outgoing_con = NULL;
+ }
+ }
+}
+
+static void sccp_conn_out_data(struct sccp_connection *conn, struct msgb *msg, unsigned int len)
+{
+ ++outgoing_data;
+ printf("\toutgoing data: %p %d\n", conn, len);
+
+ if (len != 4)
+ FAIL("Length of packet is wrong: %u %u\n", msgb_l3len(msg), len);
+
+ if (outgoing_data == 1) {
+ if (memcmp(msg->l3h, test_data3->l3h, len) != 0) {
+ FAIL("Comparing the data failed\n");
+ outgoing_state = 0;
+ }
+ }
+}
+
+static void do_test_sccp_connection(const struct connection_test *test)
+{
+ int ret;
+
+ current_con_test = test;
+ outgoing_con = incoming_con = 0;
+
+ outgoing_con = sccp_connection_socket();
+ if (!outgoing_con) {
+ FAIL("Connection is NULL\n");
+ return;
+ }
+
+ outgoing_con->state_cb = sccp_conn_out_state;
+ outgoing_con->data_cb = sccp_conn_out_data;
+ outgoing_data = incoming_data = 0;
+ incoming_state = outgoing_state = 1;
+
+ /* start testing */
+ if (test->with_data) {
+ if (sccp_connection_connect(outgoing_con, &sccp_ssn_bssap, test_data1) != 0)
+ FAIL("Binding failed\n");
+ } else {
+ ++incoming_data;
+ if (sccp_connection_connect(outgoing_con, &sccp_ssn_bssap, NULL) != 0)
+ FAIL("Binding failed\n");
+ }
+
+ if (test->refuse) {
+ if (outgoing_con)
+ FAIL("Outgoing connection should have been refused.\n");
+ } else {
+ if (!incoming_con)
+ FAIL("Creating incoming didn't work.\n");
+
+ printf("\tWriting test data2\n");
+ sccp_connection_write(outgoing_con, test_data2);
+
+ /* closing connection */
+ if (test->close_side == 0)
+ ret = sccp_connection_close(outgoing_con, 0);
+ else
+ ret = sccp_connection_close(incoming_con, 0);
+
+ if (ret != 0)
+ FAIL("Closing the connection failed\n");
+ }
+
+ /* outgoing should be gone now */
+ if (outgoing_con)
+ FAIL("Outgoing connection was not properly closed\n");
+
+ if (incoming_con)
+ FAIL("Incoming connection was not propery closed.\n");
+
+ if (test->refuse == 0) {
+ if (outgoing_data != 1 || incoming_data != 2) {
+ FAIL("Data sending failed: %d/%d %d/%d\n",
+ outgoing_data, 1,
+ incoming_data, 2);
+ }
+ }
+
+ if (!incoming_state || !outgoing_state)
+ FAIL("Failure with the state transition. %d %d\n",
+ outgoing_state, incoming_state);
+}
+
+static void test_sccp_connection(void)
+{
+ sccp_system_init(sccp_write_loop, NULL);
+ sccp_set_read(NULL, NULL, NULL);
+ sccp_connection_set_incoming(&sccp_ssn_bssap, sccp_conn_accept, NULL);
+
+ test_data1 = msgb_alloc(4, "data1");
+ test_data1->l3h = msgb_put(test_data1, 4);
+ *((unsigned int*)test_data1->l3h) = 0x23421122;
+
+ test_data2 = msgb_alloc(4, "data2");
+ test_data2->l3h = msgb_put(test_data2, 4);
+ *((unsigned int*)test_data2->l3h) = 0x42232211;
+
+ test_data3 = msgb_alloc(4, "data3");
+ test_data3->l3h = msgb_put(test_data3, 4);
+ *((unsigned int*)test_data3->l3h) = 0x2323ff55;
+
+
+ for (current_test = 0; current_test < ARRAY_SIZE(connection_tests); ++current_test) {
+ printf("Testing %d refuse: %d with_data: %d\n",
+ current_test, connection_tests[current_test].refuse,
+ connection_tests[current_test].with_data);
+ do_test_sccp_connection(&connection_tests[current_test]);
+ }
+
+ msgb_free(test_data1);
+ msgb_free(test_data2);
+ msgb_free(test_data3);
+}
+
+/* invalid input */
+static void test_sccp_system_crash(void)
+{
+ printf("trying to provoke a crash with invalid input\n");
+ sccp_set_read(&sccp_ssn_bssap, sccp_read_cb, NULL);
+ sccp_connection_set_incoming(&sccp_ssn_bssap, sccp_accept_cb, NULL);
+
+ for (current_test = 0; current_test < ARRAY_SIZE(test_data); ++current_test) {
+ int original_length = test_data[current_test].length;
+ int length = original_length + 2;
+ int i;
+
+ printf("Testing packet: %d\n", current_test);
+
+ for (i = length; i >= 0; --i) {
+ unsigned int length = MIN(test_data[current_test].length, i);
+ struct msgb *msg = msgb_alloc_headroom(length + 2, 2, __func__);
+ msg->l2h = msgb_put(msg, length);
+ memcpy(msg->l2h, test_data[current_test].data, length);
+ sccp_system_incoming(msg);
+ msgb_free(msg);
+ }
+ }
+
+ printf("survived\n");
+}
+
+
+int main(int argc, char **argv)
+{
+ test_sccp_system();
+ test_sccp_send_udt();
+ test_sccp_udt_communication();
+ test_sccp_connection();
+ test_sccp_system_crash();
+ return 0;
+}