We used to suppress/drop any "zero length" messages, but we didn't
include the header when computing the length. However, in CBSP there
are messages (at least KEEP-ALIVE-COMPLETE) which only consist of the
header without any information elements. We cannot simply drop such
messages.
This also fixes the return value of osmo_cbsp_recv_buffered() to be
the total number of received octets (including the header).
Change-Id: Ib620128a167cb77f061ee57e8f8ad707b96b1c0d
This is a fixed-length Tag-Value IE. Our decoder already parsed
it correctly, but the encoder encoded it as TLV, which is wrong.
Change-Id: I7e1d7eab8b8e51acd9a24c38e2d3d30bbf00847a
This reverts commit c9eab828ea.
The initial code was correct, which has also been used in osmo-bsc until
recently, where it moved to use this function from libosmocore and
errors started to show up in TTCN3 tests.
See 3GPP TS 44.018 Section 10.5.2.34 / Table 10.5.2.34.1: "SI 3 Rest
Octets information element":
"""
<SI3 Rest Octet> ::=
...
<3G Early Classmark Sending Restriction>
...
<3G Early Classmark Sending Restriction>::= L | H;
"""
Change-Id: I0ee48d3240c62c4d2e15063b26da7a2a617f383e
Related: OS#3075
Related: SYS#4021
We must always send the RELEASE.{indication,confirm} last before
returning from a function. We cannot rely on the datalink to
still be around after the call, as the SAP user might have destroyed
the data link meanwhile.
This fixes a heap use-after-free (at least) with RBS2000 when the BTS
is fully brought up and the OML data link is lost, see OS#1762
Change-Id: I8ccca8d5e5d07b666557afe12ab8ac4910ddfb00
Related: OS#1761
Related: OS#1762
This is required in order to tell MS that osmo-pcu now supports
Network Assisted Cell Change (NACC).
Related: SYS#4909
Change-Id: I2aaa8c1107c977f711c2d7530034f57e36e3a237
Commit bd6e7a9f2d did the initial porting
of rest_octet APIs from osmo-bsc, but introduced a bug when moving
bts->e_offset to a generic pointer independent of bts structure.
As a result, using this API from osmo-bsc makes gsm0408 unit test fail
due to bad encoding of several EARFCNs in si2quater.
Fixes: bd6e7a9f2d
Change-Id: I2bf5635b8536b11d69774d17ac1908019633e3af
In rest_octets.c append_earfcn(), the unconditional bits added are 40, not 25.
Removing only 25 bits from the budget resulted in malformed SI2quater starting
with 4 configured EARFCNs, by adding more EARFCNs than fit in 20 bits.
These malformed SI2quater were also expected in gsm0408_test.c. Update the
expected SI2quater to what is being generated now. This patch passes the ttcn3
testing added in I45382f88686ca60e68569e93569fc4cfb63a0e0d, which provides some
confidence that the coding expected in gsm0408_test.c is now correct.
This commit is a cherry-pick of osmo-bsc.git 6589f7c3a8dfdaaf66dda3afa6bbb1118ec825f9
Change-Id: Icc1ece39ad162d09720e104c5cbc12b07d6771a8
Related: OS#4652
When we add an EARFCN to to the SI2quater struct we do not add Serving
Cell Priority Parameters. This essentially causes to MS to ignore the
EARFCN because it is still undefined under which conditions the MS
should change to LTE.
This is a cherry-pick from osmo-bsc.git 295c965c063a8c431507191f6aef1ef78b720685
Related: SYS#4510
Change-Id: If9134759e9bc4ae0920800972632fd8c5dc9c2d9
This extends our existing TLV parser with the ability to
* validate that mandatory IEs of a given message are present
* validate that all present IEs are of required minimum length
Introducing this generic layer will help us to reduce open-coded
imperative verification across virtually all the protocols we
implement, as well as add validation to those protocols where we
don't properly perform related input validation yet.
Change-Id: If1e1d9adfa141ca86001dbd62a6a339f9bf9a912
3GPP TS 24.008 section 10.5.1.7 describes a Mobile Station Classmark 3
IE, which is encoded as CSN.1 struct. This means that it can not be
parsed by just casting a memory location to a struct pointer, so lets
add a parser to parse the CM3 IE.
This is fixed version of Ic8b2bfd00330235f5bed00771e421588abfaac1f,
which got reverted because it used the keyword "class" as struct member,
which lead into problems with c++ builds. This is now fixed.
Change-Id: Id8732551b33616227609cd6fcf6c3133751a89eb
Related: OS#4796 SYS#5114
This reverts commit a4939dc846,
which caused massive build failures in C++ programs like osmo-pcu
- unsurprisingly, as it calls a struct member "class", which is a
reserved keyword in C++.
Change-Id: Ia43e56385e7b580f492c560aee8ff8b1e8a0e1d8
3GPP TS 24.008 section 10.5.1.7 describes a Mobile Station Classmark 3
IE, which is encoded as CSN.1 struct. This means that it can not be
parsed by just casting a memory location to a struct pointer, so lets
add a parser to parse the CM3 IE.
Change-Id: Ic8b2bfd00330235f5bed00771e421588abfaac1f
Related: OS#4796 SYS#5114
3GPP TS 24.008, section 10.5.1.7 specifies a Repeated ACCH Capability
bit in the Classmark 3 IE. Unfortunately, there is no way specified how
the Repeated ACCH feature should be controlled on RSL level. Since it is
not unusual that BTS/BSC vendors occassionally add proprietary IEs to
different RSL messages we may pick this as a solution as well and add a
propritary RSL_IE_OSMO_REP_ACCH_CAP IE, so that we can enable repeated
FACCH/SACCH on the BTS side when we send RSL CHAN ACT or RSL CHAN MODE MODIFY
messages.
Change-Id: I61ea6bf54ea90bd69b73ea0f0f3dc19a4214207b
Related: OS#4796 SYS#5114
It could be that this spelling variant was originally used in the
specs., but now at least in 3GPP TS 44.018 they use 'existEnt'.
Change-Id: I847de910411f2edf7cc45b8c296b43e65fed5447
3GPP TS 44.006 8.6.3 "Procedures for re-establishment" is quite
explicit:
"""
When the data link layer receives in the multiple frame established state
or !!!timer recovery state!!! a DL-ESTABLISH- REQUEST primitive from layer
3 or an SABM (with L=0), the normal establishment procedure of sub-clause
8.4.1.2 shall be initiated.
"""
If L>0 in that state, send a DM as stated in 8.4.1.2:
"""
If the data link layer entity is unable to enter the multiple-frame-established
state, it shall respond to the SABM command with a DM response with the F bit
set to the same binary value as the P bit in the received SABM command.
"""
Related: OS#4549
Related: OS#4819
Change-Id: I7959dc39f883cd5c56c36a21176a2401838d7b62
As pespin point out, the kernel coding style says:
Do not unnecessarily use braces where a single statement will do.
[...]
This does not apply if only one branch of a conditional statement is a single
statement; in the latter case use braces in both branches:
Change-Id: Ia23c4bd018db141ff0afe77fe25678a9b2a395f0
The DEC_ERR() macro has a check for a missing type, but when used on the uint
h.type variable, emits a warning about an always-true statement. Try to work
around that warning with a cast to (int).
Related: CID#214888 CID#214890 CID#214891
Change-Id: Ic5fa87d23a6f0ce872de9c1dcfe36023981f70de
BSSLAP: there are APDUs transferred in BSSMAP-LE Connection Oriented
Information messages on Lb between BSC and SMLC.
Add BSSLAP coding for these APDU messages:
- TA Layer3
- TA Request
- TA Response, possibly containing Location Estimate coded in GAD
- Reject
- Reset (for intra-BSS handover during TA Request)
- Abort (for inter-BSS handover)
Add encoding and decoding tests.
Change-Id: I6409c4bcac402dc7626a3afce9081c59cd715fe8
GAD, Universal Geographical Area Description:
- raw coding for all GAD elements.
- SI-units encoding and decoding for Ellipsoid point with uncertainty circle,
which I presume is the typical "at most N meters away from cell tower located
at X,Y", which corresponds to the TA positioning currently being implemented.
- other SI-units GAD element encodings are so far not implemented.
Add encoding and decoding tests.
In gsm/protocol/gsm_23_032.h are the raw coding structs as defined in 3GPP TS
23.032.
In gsm/gad.h are structs carrying consistent units based on meters and degrees,
for convenient / less error prone handling of GAD data, and for human readable
representations of the GAD data.
The separation of the two is desirable because OsmoBSC will receive GAD data
from OsmoSMLC on the Lb interface, and pass on this data to the MSC via the A
interface. It is better to pass the GAD data as-is without de/encoding.
Change-Id: I7a9dd805a91b1ebb6353bde0cd169218acbf223c
According to 3GPP TS 48.008, section 3.2.2.44, the Chosen Encryption
Algorithm IE, which may be included in the following messages:
- 3.2.1.2 ASSIGNMENT COMPLETE
- 3.2.1.8 HANDOVER REQUEST
- 3.2.1.10 HANDOVER REQUEST ACKNOWLEDGE
- 3.2.1.12 HANDOVER COMPLETE
- 3.2.1.25 HANDOVER PERFORMED
- 3.2.1.31 CIPHER MODE COMPLETE
is coded as follows:
0000 0001 No encryption used
0000 0010 GSM A5/1
0000 0011 GSM A5/2
0000 0100 GSM A5/3
0000 0101 GSM A5/4
0000 0110 GSM A5/5
0000 0111 GSM A5/6
0000 1000 GSM A5/7
basically A5/X => X + 1. All other values are Reserved for future
international use. As can be seen, value 0x00 is RFU. Passing
this value to some encoding functions would result in a PDU with
this IE omitted. Although, some functions would still encode
Chosen Encryption Algorithm IE with this RFU value.
Let's ensure that all functions behave consistently.
Change-Id: If10e433a8174eabe6aa6d2c2937bf9cf5d14d7c9
According to 3GPP TS 44.005, section 4.2.2 "Priority":
a) on DCCH, a SAPI=0 frame always has higher priority than SAPI=3;
b) on ACCH, the priority arrangement is more complex:
b1) if a SAPI = 3 frame is awaiting transmission, two SAPI=0
frames shall not be sent in consecutive SACCH frames;
b2) on the network side (LAPDM_MODE_BTS), it must also be ensured
that any SAPI=3 frame is followed by at least one SAPI=0 frame;
b3) a SAPI = 0 frame may be repeated in the next SACCH period
if the Repeated SACCH is supported (see 3GPP TS 44.006, section 11).
We definitely need to extend our testing coverage to ensure that
we implement b) correctly, but for now let's focus on DCCH:
a) for DCCH, ensure that SAPI=0 frames preceed SAPI=3 ones;
b) for ACCH, re-use the existing round-robin implementation.
Change-Id: Ia3780bce1222b312ae2fd2d21496a4d6c5ccb6e0
Related: SYS#5047, OS#4731
This is basically a successor of gsm0808_create_sapi_reject(), but
instead of hard-coding GSM0808_CAUSE_BSS_NOT_EQUIPPED, it allows
the caller to specify a cause value to be used. The old function
is now deprecated and should not be used.
Change-Id: Iefe5484d0fa02d5722b628b1dc237d51d3fb1a9b
Related: OS#4728
The sysmobts uses the same OML attributes as IP.access. Because the IP.access
attribute only supports IPv4 as NSVC configuration, add an own attribute.
Change-Id: Ic261bc43a07fa741b97a9c6ec5a9ed6f5ecae588
When I wrote the new I.460 mux + demux code, I failed to realize that
* bit numbers in relevant ITU specs start with 1 as MSB ... 8 as LSB
* sub-slot 0 is bits 1+2, i.e. the two MSBs of a byte
* bit-ordering within each sub-slot is also MSB first
As a result, the code and test data was broken.
Change-Id: I6df7dbf411efbdeaf516e72ac552432bf5a569d0
When calling a user-provided call-back function for the i460 mux
or demux, always pass a pointer to the osmo_i460_subchan the callback
relates to. This way, the user can walk the i460 data structures
to obtain information about which mux/demux instances is calling.
Change-Id: Id842c72ce371a67fe5df6694e195c281aaf607ab
There is no way for the API user to know if the TX queue of the
multiplexer runs empty. However, this is criticil since an empty TX
queue will cause dropout of a TRAU frame, which can have quite severe
effects to the receiving end. Lets add a callback that allows the APU
user to insert appropiate idle frames or silent frames into the queue
before it runs empty.
Change-Id: I88a87724235fe50d55ce6215bb385c044072226e
Related: OS#2547
The define constants for the cause codes "BTS not equipped",
"remote transcoder failure" and "notification overflow" are missing.
Lets add them including value strings.
Change-Id: Ic3e936da00bd256bae03867887851f1a4e30e218
At least on Debian unstable, newlib is [currently?] buggy in that
we need to include sys/types.h before including inttypes.h, otherwise
PRIu64 is not defined.
Change-Id: Ic1c9cdf66cfd5b82bd7e20eaaf05b10e6bdb675e
Closes: OS#4686
When a subchannel is deleted or created the initalization mainly
consists of a memset over the wohle subchannel struct a message buffer
initailization.
However, when we delete a subchannel we also must take of the resetting
of the related struct. Currently this is done with a memest.
Unfortunately this creates not only a memory leak (there might be still
items in the multiplexer tx queue) but also it makes the application
crash when the message buffer is used the next time since the llist_head
of the tx queue looses its initialization.
Lets fix the memory leak problem and the message buffer problem and put
the reset functionality in a single place.
Change-Id: I937a9d4db95f44a860cd2c5dbb660dc1970b9a49
Previous both the IPA nanobts and the sysmobts has been using the IPv4 only OML
attribute NM_ATT_IPACC_NS_LINK_CFG.
A bts with BTS_FEAT_IPV6_NSVC supports IPv6 for NSVC (PCU<Gb>SGSN) using
the new OML attribute NM_ATT_OSMO_NS_LINK_CFG.
Change-Id: I9ef7949f66764b3c639e45eb440122e318da44a0
Follows patch I353adc1aa72377f7d4b3336d2ff47791fb73d62c that was merged too
soon. Applying my code review in form of this fixup patch.
Change-Id: I979bca0c6aaa8fe4feddda922bd2e6c1cb49585b
While processing an I-frame we may deliver its payload to L3. After
returning from L3 procesing, we run some additional code, assuming
the LAPD/DL state has not changed meanwhile.
However, if the application destroys the LAPD/DL meanwhile, our state
might be NULL again, and in this state we should not perform any further
action.
This is one of the cases where synchronous in-line dispatch across
various layers is hitting us. L3 should have an input queue, and only
start processing after all L2 work has completed and we're about to go
back to sleep in select().
Change-Id: I026b64503511002c13c0f4117648c366c48ecc62
Related: OS#1761
Closes: OS#4646
At some points, e.g. when allocating message buffers from the Tx
history, we used to allocate them exactly as large as the defined
headroom plus the user data. This means that the underlying PH layer
(E1 mostly) had no tailroom to add anything to the end of the message.
Especially for DAHDI this is a problem, as we need to make space for
two more bytes of frame check sequence (FCS).
So let's simply make sure we always have some extra space at the end
of such buffers.
Change-Id: Id362ce131157c7513d744b0248c7f78fb75c590c
Related: OS#4644
The previous example showed a type == IMSI while setting a TMSI value.
Rather show how to encode IMSI digits.
Change-Id: I41af6bf0d61443465172123297b1228584d791d6
This feature indicates if the given BTS supports paging coordination,
that is the transmission of CS paging (received on Abis) to be sent
via PACCH/PCU in PS domain fro MS with active TBF.
Change-Id: Ifb2e83eaf05dd36e5b203ed2de1a74864b039e38
Related: OS#2406
Implement better API around 3GPP TS 24.008 Mobile Identity coding.
struct osmo_mobile_identity is a decoded representation of the raw Mobile
Identity, with a string representation as well as dedicated raw uint32_t TMSI.
The aim is to remove all uncertainty about decoded buffer sizes / data types.
I have patches ready for current osmo CNI programs, replacing the Mobile
Identity coding with this new API. Deprecate the old MI API.
osmo-bsc: I71c3b4c65dbfdfa51409e09d4868aea83225338a
osmo-msc: Ic3f969e739654c1e8c387aedeeba5cce07fe2307
osmo-sgsn: I4cacb10bac419633ca0c14f244f9903f7f517b49
Note that some GPRS and SGs related coding is done here in libosmocore and
hence currently remains using the old implementation (see previous version of
this patch: Ic3f969e739654c1e8c387aedeeba5cce07fe2307).
New API functions provide properly size-checking implementations of:
- decoding a raw MI from a bunch of MI octets;
- locating and decoding MI from a full 3GPP TS 24.008 Complete Layer 3 msgb;
- encoding to a buffer;
- encoding to the end of a msgb.
Other than the old gsm48_generate_mid(), omit a TLV tag and length from
encoding. Many callers manually stripped the tag and value after calling
gsm48_generate_mid(). The aim is to leave writing a TL to the caller entirely,
especially since some callers need to use a TvL, i.e. support a variable-size
length of 8 or 16 bit.
New validity checks so far not implemented anywhere else:
- stricter validation of number of digits of IMSI, IMEI, IMEI-SV MI.
- stricter on filler nibbles to be 0xf.
As a result, applications using osmo_mobile_identity will be stricter in
rejecting coding mistakes (some of which we currently have in our test suites,
and which we'll need to fix).
Rationale:
While implementing osmo-bsc's MSC pooling feature in osmo-bsc, this API will be
used to reduce the number of times a Mobile Identity is extracted from a raw
RSL message.
Extracting the Mobile Identity from messages has numerous duplicate
implementations across our code with various levels of specialization.
https://xkcd.com/927/
To name a few:
- libosmocore: gsm48_mi_to_string(), osmo_mi_name_buf()
- osmo-bsc: extract_sub()
- osmo-msc: mm_rx_loc_upd_req(), cm_serv_reuse_conn(), gsm48_rx_mm_serv_req(),
vlr_proc_acc_req()
We have existing functions to produce a human readable string from a Mobile
Identity, more or less awkward:
- gsm48_mi_to_string() decodes a TMSI as a decimal number. These days we use
hexadecimal TMSI everywhere.
- osmo_mi_name_buf() decodes the BCD digits from a raw MI every time, so we'd
need to pass around the raw message bytes. Also, osmo_mi_name_buf() has the
wrong signature, it should return a length like snprintf().
- osmo-bsc's extract_sub() first uses gsm48_mi_to_string() which encodes the
raw uint32_t TMSI to a string, and then calls strtoul() via
tmsi_from_string() to code those back to a raw uint32_t.
Each of the above implementations employ their own size overflow checks, each
invoke osmo_bcd2str() and implement their own TMSI osmo_load32be() handling.
Too much code dup, let's hope that each and every one is correct.
In osmo-bsc, I am now implementing MSC pooling, and need to extract NRI bits
from a TMSI Mobile Identity. Since none of the above functions are general
enough to be re-used, I found myself again copy-pasting Mobile Identity code:
locating the MI in a 24.008 message with proper size checks, decoding MI
octets.
This time I would like it to become a generally re-usable API.
This patch was first merged as Ic3f969e739654c1e8c387aedeeba5cce07fe2307 and
caused test fallout, because it re-implemented old API with the new stricter
decoding. In this patch version, old API remains 1:1 unchanged to avoid such
fallout. Applications will soon switch to the new osmo_mobile_identity API and
become stricter on MI coding when that happens, not implicitly by a new
libosmocore version.
Change-Id: If4f7be606e54cfa1c59084cf169785b1cbda5cf5
This reverts commit d1ceca9d48, as it
introduces regressions in both osmo-msc and osmo-nitb which have been
causing failing builds for several days now.
Change-Id: I4bd958d0cd2ab4b0c4725e6d114f4404d725fcf7
Implement better API around 3GPP TS 24.008 Mobile Identity coding.
struct osmo_mobile_identity is a decoded representation of the raw Mobile
Identity, with a string representation as well as dedicated raw uint32_t TMSI.
The aim is to remove all uncertainty about decoded buffer sizes / data types.
I have patches ready for all osmo programs, completely replacing the Mobile
Identity coding with this new API. Hence deprecate the old MI API.
New API functions provide properly size-checking implementations of:
- decoding a raw MI from a bunch of MI octets;
- locating and decoding MI from a full 3GPP TS 24.008 Complete Layer 3 msgb;
- encoding to a buffer;
- encoding to the end of a msgb.
Other than the old gsm48_generate_mid(), omit a TLV tag and length from
encoding. Many callers manually stripped the tag and value after calling
gsm48_generate_mid(). The aim is to leave writing a TL to the caller entirely,
especially since some callers need to use a TvL, i.e. support a variable-size
length of 8 or 16 bit.
New validity checks so far not implemented anywhere else:
- stricter validation of number of digits of IMSI, IMEI, IMEI-SV MI.
- stricter on filler nibbles to be 0xf.
Rationale:
While implementing osmo-bsc's MSC pooling feature in osmo-bsc, this API will be
used to reduce the number of times a Mobile Identity is extracted from a raw
RSL message.
Extracting the Mobile Identity from messages has numerous duplicate
implementations across our code with various levels of specialization.
https://xkcd.com/927/
To name a few:
- libosmocore: gsm48_mi_to_string(), osmo_mi_name_buf()
- osmo-bsc: extract_sub()
- osmo-msc: mm_rx_loc_upd_req(), cm_serv_reuse_conn(), gsm48_rx_mm_serv_req(),
vlr_proc_acc_req()
We have existing functions to produce a human readable string from a Mobile
Identity, more or less awkward:
- gsm48_mi_to_string() decodes a TMSI as a decimal number. These days we use
hexadecimal TMSI everywhere.
- osmo_mi_name_buf() decodes the BCD digits from a raw MI every time, so we'd
need to pass around the raw message bytes. Also, osmo_mi_name_buf() has the
wrong signature, it should return a length like snprintf().
- osmo-bsc's extract_sub() first uses gsm48_mi_to_string() which encodes the
raw uint32_t TMSI to a string, and then calls strtoul() via
tmsi_from_string() to code those back to a raw uint32_t.
Each of the above implementations employ their own size overflow checks, each
invoke osmo_bcd2str() and implement their own TMSI osmo_load32be() handling.
Too much code dup, let's hope that each and every one is correct.
In osmo-bsc, I am now implementing MSC pooling, and need to extract NRI bits
from a TMSI Mobile Identity. Since none of the above functions are general
enough to be re-used, I found myself again copy-pasting Mobile Identity code:
locating the MI in a 24.008 message with proper size checks, decoding MI
octets.
This time I would like it to become a generally re-usable API.
Change-Id: Ic3f969e739654c1e8c387aedeeba5cce07fe2307
These utilities will be used by osmo-bsc to determine the Network Resource
Indicator seen in the TMSI, and (potentially) by osmo-msc to compose a TMSI
with a specific NRI, for osmo-bsc's load balancing between several MSCs.
Add utility functions to:
- extract an NRI value from a TMSI.
- overwrite the NRI value in a TMSI.
- limit an NRI in a (random) TMSI to a given list of ranges.
- add NRI value ranges to a list.
- remove them from a list.
- match NRI value (range) to a list.
- parse NRI values from string, for VTY.
- common VTY functionality of adding/removing NRI values from argv.
Add C tests for the above.
Why we need public API for NRI ranges: In osmo-bsc alone, we need the same NRI
API twice, 1: to manage/list NRI value ranges per-MSC, and 2: to manage/list
NULL-NRI values. If we also consider (potentially) adding NRI support to
osmo-msc, we need the same API twice again there. Hence it is useful to define
re-used API up here in libosmocore.
Related: OS#3682
Change-Id: Icb57a2dd9323c7ea11b34003eccc7e68a0247bf5
The call identifier in the ASSIGNMENT COMMAND is encoded in the wrong
endieness. 3GPP TS 48.008, section 3.2.2.105 specifies that the least
significant byte should be transmitted first, which means that the
endieness here is little endian. Lets make sure that the endieness is
correctly transmitted, regardless of the host byte order.
Change-Id: I6468e502f552f99ab54aec9d4b1c169fdc0adfb8
Related: OS#4582
At the moment we print the pointer address to identify the log lines
belonging to a specific connection. Since pointer addresses are
difficult to work with, a human readable ID should be printed instead.
e.g. "This is LAPD instance for SAPI3 on bts0/trx1/ts5/lchan3"
Change-Id: Ie6742843fff809edffcac24c4dce4edf66bc71be
Closes: OS#1938
This implements a multiplexer and de-multiplexer for the ITU-T I.460
standard. The latter covers the transmission of sub-slots of 32/16/8k
inside 64k timeslots.
Change-Id: Id522f06e73b77332b437b7a27e4966872da70eda
Fix osmo_mi_name_buf() to snprintf() into the buf in *all* cases.
osmo_mi_name_c() is implemented via osmo_mi_name_buf(), which returns
compile-time string constants in special cases. That means that
osmo_mi_name_c() does return non-allocated strings in these special cases.
The caller of functions like osmo_mi_name_c() must always be able to rely on
getting a talloced string, or run a danger of deallocating const pointers.
Change-Id: I623959f01b72642bcdd18508097c5c405c59f6f1
This implementation is taken from OsmocomBB, in particular from:
target/firmware/layer1/rfch.c
Change return type to uint16_t, because neither ARFCN, nor MAI
can be negative. Add prefix 'gsm0502_' to the function's name.
Change-Id: I8aba1578cc9d1bd89d4f5d33a6e8fedc8bea789a
Related: OS#4546
As was pointed out by pespin, some compilers may not like the
lack of spaces around the format macro constants.
Change-Id: I4b6517989030c8e3f6a1bf16c43044e4e9137f40
In Change-Id Idf2b99e9ef014eba26e3d4f0f38c2714d3a0520a we accidentially removed this
symbol, let's re-introduce it.
Change-Id: I9fbcbcc6619ef0c63d3682fc86adc80045baab02
Function gsm0808_get_cipher_reject_cause() was previously available
in private gsm0808_utils.h. In practice, the exact same code is useful
to extract Cause IE value from any of the many other BSSMAP messages
which use it.
So let's rename it to gsm0808_get_cause() and make it avilable
to everyone to use.
Change-Id: Idf2b99e9ef014eba26e3d4f0f38c2714d3a0520a
See TS 08.08 section 3.2.1.34 SAPI "n" REJECT:
1) DLCI is a TV element, not V.
2) Cause is a TLV element and we have a special function to encode it.
Change-Id: I033afe556c06427d06ac55c4f78854a45e41aae6
AMR SID update frames are protected using an 1/4 convolutional coder,
wich is similar to the one used with 6,7 kbit voice frames. Except that
there is no puncturing and the length is different.
Change-Id: Ia35ed4178a7f0d816052b7e5d6478b93a1d9744f
Related: OS#2978
Make build and external tests work with python3, so we can drop
the python2 dependency.
This should be merged shortly after osmo-python-tests was migrated to
python3, and the jenkins build slaves were (automatically) updated to
have the new osmo-python-tests installed.
Related: OS#2819
Depends: osmo-python-tests I3ffc3519bf6c22536a49dad7a966188ddad351a7
Change-Id: I84ef43f700e125c7a65f92347f12844e07e65655
This is a bit of a hack, as we want to maintain binary compatibility
without breaking existing users of libosmocore. To do so, we use the
'num_auth_vectors' field in two ways now:
* In the existing use case as part of SEND_AUTH_INFO_RESPONSE, it
indicates the number of vectors stored in the 'auth_vectors' field
* In the new use case as part of SEND_AUTH_INFO_REQUEST, it indicates
the number of vectors actually requested by the MSC/SGSN/MME.
Change-Id: Iaecc47280f8ce54f3e3a888c1cfc160735483d0f
In July 2018 in commit Ide240279240322f643e142229eb7829f538c6314 we
introduced the successor gsm0480_gen_ussd_resp_7bit(), which is also
what both libosmogsm-internal code as well as osmo-hlr have been ported
to. For some reason it wasn't marked deprecated back then.
Change-Id: Iff4c91b5b98a73d9a30aa42f6b2a1ebcc8a45343
GSUP routing was introduced when adding the E interface. Hence that was the
first realm where routing errors could occur. I did notice back then that this
message type was special: it does not convey a response to a particular message
kind -- it does not make sense, for example, to return an Updating Location
Error cause, and do that for all conceivable message types. Instead, this tells
the sender that a deeper error exists, i.e. that the desired peer is completely
gone and unreachable.
I did not foresee though that for D-GSM, there would also be arbitrary GSUP
proxy routing, and that this error is not limited to E interface semantics.
From today's point of view, adding the "_E_" in the name was a mistake.
Remove that "_E_" to yield OSMO_GSUP_MSGT_ROUTING_ERROR (with unchanged message
type discriminator), but provide a #define linking the old name
OSMO_GSUP_MSGT_E_ROUTING_ERROR to the new one.
The only visible change should be that osmo_gsup_message_type_names[] now
returns the new name without "_E_". I am not aware of any regression test
fallout from that.
Change-Id: Ic8e8bd11522d6c51ac7aaf946516cbce26bc6e1e
The calculation of the beginning of a block for TCH/F, TCH/H and FACCH
can be challenging since those channels are affected by the diagonal
interleaving of the TCH channels. However, GSM 05.02 Section 7 Table 1
of 5 specifies how the blocks are distributed over the TDMA frame
interval. Lets add a mapping function that is based on that table
Related: OS#3803
Change-Id: I3d71c66f8c401f5afbad9b1c86c24580dab9e0ce
OSMO_GSUP_SUPPORTED_RAT_TYPES_IE corresponds to the Supported RAT Types
Indicator from 3GPP TS 29.002. See 8.1.2 MAP_UPDATE_LOCATION service,
which indicates the capabilities of the MSC/VLR to the HLR.
So far, have room for eight RAT types in the gsup_msg. That is an arbitrary
random choice without any rationale.
OSMO_GSUP_CURRENT_RAT_TYPE_IE is useful to communicate the currently
used RAN / RAT type of the current subscriber during Location Updating Request.
Change-Id: I93850710ab55a605bf61b95063a69682a2899bb1
As 3GPP doesn't specify how the BSC shall communicate ETWS Primary
Notifications over Abis/RSL, we have to use a vendor-specific RSL
message for this. And in order to know if the peer supports this
feature, we introduces BTS_FEAT_ETWS_PN.
Change-Id: I89c24a81ada6627694a9632e87485a61cbd3e680
Related: OS#4046, OS#4047
The user length is the first IE *in* the fixed-length TV, make sure
cbsp_dec_write_repl() respects that.
Change-Id: I864cafac2466a89a4bd9644bc73363fff2babd03
The CBSP code assumed that gsm0808_decode_cell_id_u() would return
the number of bytes it has consumed/parsed. But it actually always
returns '0', whcih makes us run in an endless loop :(
Change-Id: I5758af4ec11a827d4b888a3a16c4ec22de90a7d6
Rather than having the encoder/decoder library print some log
messages in case of encoding/decoding errors, let's provide something
akin to 'errno', but with a string instead of a numeric error code.
The 'osmo_cbsp_errstr' global variable (if set) contains a
human-readable string describing the most recent encoding/decoding error.
It exists separately for each thread and hence can be used safely in
multi-threaded environments.
Change-Id: Id9a5a595a76ba278647aee9470ded213d8464103
This introduces definitions as well as a parser+encoder for the
Cell Broadcast Service Protocol (CBSP) as specified in 3GPP TS 48.049.
CBSP is used on the interface between CBC and BSC.
Related: OS#3537
Change-Id: I5b7ae08f67e415967b60ac4b824db9e22ca00935
When using `OSMO_ASSERT(exp);` clang will warn about
an empty expression because the semi colon was superflous.
Use do {} while (0) to enfore the need of a semi colon.
This might break other test.
Change-Id: I2272d29a81496164bebd1696a694383a28a86434
The timeout is calculated dynamically in t200_by_lchan() based on FN
advance value estimated by bts_get_avg_fn_advance(), so it's informative
to have the final value printed out.
Change-Id: Ib50a9c23de881c66c9218833703cc41101e06bfd
Return ENOSPC if the decoding buffer is one byte too small, instead of
returning 0 and silently truncating the string. Add a new "truncated"
variable to detect if the loop breaks in the final iteration.
The string is not truncated if there is exactly one 0xf ('\0') higher
nibble remaining. This is covered by the existing test case "long
15-digit (maximum) MSISDN, limited buffer".
Related: OS#4049
Change-Id: Ie05900aca50cc7fe8a45d17844dbfcd905fd82fe
During testing with BTS_Tests_LAPDm.TC_t200_n200() it was discovered
that the existing LAPD[m] implementation always gave up at N200-1
retransmissions, rather than N200 retransmissions.
The first transmission doesn't count, and hence we must have N200
actual re-transmissions. The Error message is then described as
"T200 expired N200+1 times", i.e. we start T200 one more time after
the last re-transmission and only give up if it expires again (i.e.
no ACK received)
Change-Id: Ic33854ee61311f73b7db55eeef10280349151097
Related: OS4037
TS 04.06 specifies a N200 re-transmission counter that depends on the
channel type, which we didn't care about at all so far. Let's have the
caller tell us the channel type so we can internally look up the correct
N200 value for it.
At the same time, permit the user to specify T200 re-transmission timer
values for each SAPI on both DCCH and ACCH, which is required at least
in the BTS as per GSM TS 12.21. Also, extend the timer resolution of
the API from seconds to milli-seconds, which is more applicable as
particularly on the FACCH the recommended values are in the 200ms range.
Change-Id: I90fdc4dd4720d4e02213197c894eb0a55a39158c
Related: OS#3906
Related: OS#2294
Related: OS#4037
This function parses a single Cell ID list element into a
'union gsm0808_cell_id_u'. This function is going to be used
by the upcoming CBSP support.
Related: OS#3537
Change-Id: I08b33881667aa32f01e53ccb70d44d5b79c7c986
We have a number of library-internal static global buffers which are
mainly used for various stringification functions. This worked as
all of the related Osmocom programs were strictly single-threaded.
Let's make those buffers at least thread-local. This way every thread
gets their own set of buffers, and it's safe for multiple threads to
execute the same functions once. They're of course still not
re-entrant. If you need re-entrancy, you will need to use the _c()
or _buf() suffix version of those functions and work with your own
(stack or heap) buffers.
Change-Id: I50eb2436a7c1261d79a9d2955584dce92780ca07
3GPP TS 04.06 is quite clear that the [segmented] L3 payload can be as
long as 251 bytes. Our libosmocore lapdm implementation truncated
already at 200 bytes :(
Change-Id: I6769986f27dda1d429ed7b2e32c36d34663acba9
Closes: OS#4035
The library should either provide functions that implement encoding
of those rest octets, or it shouldn't. Providing a function that
doesn't do anything but pad the buffer is useless.
Change-Id: Ie10684de6a6b2663e2a871fcdb2b275b6ad7a1e7
There's very little sense behind introducing a function into
libosmogsm which doesn't implement 90% of the spec. Let's allow
the caller to provide the various optional bits of information to
the encoder, rather than generating mostly static SI6 rest octets.
Change-Id: Id75005a0c4a02ce7f809692d58b3bd226bc582b2
the symbols had an omso_ prefix, while the entry in the .map file
didn't. As a result, all related symbols were never exported and
hence not usable by any users of the dynamic library.
Change-Id: I8b1ee2405f6338507e9dfb5f1f437c4c2db2e330
The gsm48_rest_octets.c file was added in Change-Id
I47888965ab11bba1186c21987f1365c9270abeab, but it never actually
ended up being compiled as it wasn't listed in the makefile :/
Change-Id: I0355115c2645f236c9e32cf7a563cf51a857e8a3
Relsted: OS#3075
As gsm48_rest_octets.c is not listed in the Makefile.am, it's
never actually compiled and we never noticed that it's calling
functions by symbol names that don't exist :/
Change-Id: I7b1e436f70e0c60979261db87606f38271ec47d3
Related: OS#3075
libosmo{core,gsm,vty} code is GPLv2+. The rest octet code originated in
osmo-bsc.git and was moved here without changing the license. That was a
mistake, it always was meant to be under GPLv2-or-later after moving to
libosmocore.git.
Original copyright is mine. For contributions by sysmocom, I as the
managing director can approve the license change.
This means only Holger needs to ACK this.
Change-Id: Ief3009dc28dd83e1e26a7101af2eed2341684a87
The documentation of gsm48_decode_bcd_number2() clearly states that
the output truncation is a erroneous case, so it should actually
return negative in such cases. Let's return -ENOSPC.
Change-Id: I75680f232001ba419a587fed4c24f32c70c3ad2b
Thanks to the new unit test for BCD number encoding / decoding, it was
discovered that gsm48_decode_bcd_number2() does not properly handle
encoded LV if the output buffer size is equal to the original MSISDN
length + 1 (\0-terminator): one digit is lost.
For example, decoding of 15-digit long MSISDN to a buffer of size
16 (15 digits + 1 for \0) would give us only 14 digits.
The problem was that 'output_len' was being decremented before
checking the remaining buffer length and writing a digit to it.
As a result, the maximum length was always one byte shorter.
Change-Id: I61d49387fedbf7b238e21540a5eff22f6861e27a
Fixes: OS#4025
libosmo{core,gsm,vty} code is GPLv2+. The OAP code originated in
osmo-msc.git and was moved here without changing the license. That
was a mistake, it always was meant to be under GPLv2-or-later after
moving to libosmocore.git.
Copyright is with sysmocom, so I as the managing director can
approve the license change.
Change-Id: I08311fa8214c15f8df8945b9894226608cf96f15
We don't really *need* it in libosmocore as such, but the lack of
having all osmocom extensions listed here lead to using overlapping
definitions: 0x18 was used for dynamic PDCH on the Abis side, but also
for CBCH on the L1SAP side. Let's list them all here to increase
visibility in case anyone wants to extend this further...
Related: OS#4027
Change-Id: I93e557358cf1c1b622f77f906959df7ca6d5cb12
The caller of lapdm_rslms_recvmsg() (e.g. osmo-bts/src/common/rsl.c)
assumes the message ownership is transferred. However, in one of the
two error paths, msgb_free() was not called and hence we had a memory
leak.
Also clarify the msgb ownership transfer in a comment.
Related: OS#3750
Change-Id: Id60cb45e50bfc89224d97df6c68fcd2949751895
So far, the TLV code contained two types of functions
* tlp_parse() to parse all TLVs according to definition into tlvp_parsed
* various helper functions to encode individual TLVs during message
generation
This patch implements the inverse of tlv_parse(): tlv_encode(), which
takes a full 'struct tlv_pared' and encodes all IEs found in it. The
order of IEs is in numerically ascending order of the tag.
As many protocols have different IE/TLV ordering requirements, let's add
a tlv_encode_ordered() function where the caller can specify the TLV
ordering during the one-shot encode.
Change-Id: I761a30bf20355a9f80a4a8e0c60b0b0f78515efe
Add the constant, so it can be used in create-subscriber-on-demand
related patches. ITU-T Rec. E.164 6.1 states that maximum international
number length should be 15. I did not find a source for a minimum
length, but I've added the constant and set it to 1 for consistency
(based on the existing osmo_msisdn_str_valid() function).
Related: OS#2542
Change-Id: Idc74f4d94ad44b9fc1b6d43178f5f33d551ebfb1
IE GSM0808_IE_OSMO_OSMUX_SUPPORT (T, 1 byte) is sent in AoIP appended to
BSSMAP RESET in order to announce the peer that its MGW supports handling
Osmux streams upon call set up.
IE GSM0808_IE_OSMO_OSMUX_CID (TV, T 1 byte & V 1 byte) is sent in AoIP
during call set up:
* MSC->BSC Assignment Request
* BSC->MSC Assignemnt Complete
The 1 byte value contains the local Osmux CID, aka the recvCID aka CID where the
peer sending the Assign Req/Compl will look for Osmux frames on that
call. Hence, the peer receiving this CID value must use it to send Osmux
frames for that call.
As a result, a given call leg BSC<->MSC can have one different Osmux CID
per direction. For example:
* MS => MGW_BSC ==CID 0==> MGW_MSC
* MS <= MGW_BSC <=CID 1=== MGW_MSC
This allows for setups with 256 call legs per BSC on scenarios where NAT
is not a problem, where MSC can have a pool of 256 CID per MGW_BSC (or
remote peer).
Related: OS#2551
Change-Id: I28f83e2e32b9533c99e65ccc1562900ac2aec74e
This function is doing the bulk work of encoding a given Cell
ID List item. gsm0808_enc_cell_id_list2() is modified to be a
wrapper / loop around the new function.
The purpose of this is to expose Cell ID List Entry encoding
so that the upcoming CBSP protocol encoder can re-use this code.
Related: OS#3537
Change-Id: I6cc567798e20365e6587e6b2988e834306d8c80c
In testing against a particular EPC, the SGsAP-SERVICE-REQUEST
can contain a MO fallback value TLV with T 0xF1
Change-Id: Ia2460af9673818d375e28c67f1631b5f7eacdaeb
osmo-bsc so far omits the AoIP Transport Layer Address from its Handover
Request Acknowledge message, which breaks inter-BSC Handover for AoIP.
Allow fixing that.
One quirk I really don't like about this: I would prefer to directly use struct
sockaddr_storage as a member of the struct gsm0808_handover_request_ack. Even
though struct sockaddr_storage appears in various function signatures, the
gsm0808.c actually also gets built on embedded systems that lack arpa/inet.h
(for me indicated by the ARM build job on jenkins). Compiling gsm0808.c works
only because the actual coding of struct sockaddr_storage is implemented in
gsm0808_util.c, which (apparently) does not get built on embedded and hence,
even though there are undefined references to e.g.
gsm0808_enc_aoip_trasp_addr() it works.
Related: I4a5acdb2d4a0b947cc0c62067a67be88a3d467ff (osmo-bsc)
Change-Id: Ia71542ea37d4fd2c9fb9b40357db7aeb111ec576
In osmo_gsup_decode(), call gsm48_decode_bcd_number2() to avoid deprecation
warning, and also actually check the return value to detect invalid IMSI IEs.
Change-Id: Iaded84d91baad5386c8f353c283b6b9e40a43b05
gsm48_decode_bcd_number() is marked as deprecated, so
gsm48_decode_bcd_number2() will cause deprecation warnings as long as it calls
gsm48_decode_bcd_number(). Hence move the code to gsm48_decode_bcd_number2().
Change-Id: I81925e9afb3451de9b8a268d482f79ee20ca14d6
The input_len argument for gsm48_decode_bcd_number2() includes the BCD length
*and* the length byte itself, so add the missing +1.
Also clarify the API doc for the input_len argument.
Change-Id: I87599641325c04aae2be224ec350b1a145039528
gsm48_decode_bcd_number() is unable to provide proper bounds validation of
input and output data, hence osmo-msc's vlr.c introduced a static
decode_bcd_number_safe() a long time ago. Move to libosmocore.
I need to use the same function to decode an MSISDN during inter-MSC Handover,
instead of making it public in osmo-msc, rather deprecate the unsafe function
and provide a safer version for all callers. Mark the old one deprecated.
Change-Id: Idb6ae6e2f3bea11ad420dae14d021ac36d99e921
Change two instances of Speech Version values to enum gsm0808_permitted_speech.
It is often not trivial to find the right values for a uint8_t member, giving
the enum name makes it a lot easier/safer to use.
In gsm0808_create_handover_required(), use msgb_tv_put() so that the enum's
storage size doesn't matter. (Already used for handover_performed)
Fix typo in doc of gsm0808_create_handover_required().
Change-Id: I6387836bab76e1fa42daa0f42ab94fc14b70b112
Based on a draft created by Neels, which is the result of reading a MAP
trace of two MSCs negotiating inter-MSC handovers, and of reading the
TS 29.002, TS 29.010 and related specs:
https://lists.osmocom.org/pipermail/openbsc/2019-January/012653.html
I figured out that the "Handover Number" mentioned in the specifications
is the same as the MSISDN IE that we already have, so we can use that
instead of creating a new IE (example usage in tests/gsup/gsup_test.c).
Create a new OSMO_GSUP_MSGT_E_ROUTING_ERROR message type, which the GSUP
server uses to tell a client that its message could not be forwarded to
the destination (see [1]). MAP has no related message.
[1]: Change-Id: Ia4f345abc877baaf0a8f73b8988e6514d9589bf5 (osmo-hlr.git)
Related: OS#3774
Change-Id: Ic00b0601eacff6d72927cea51767801142ee75db
osmo-msc and osmo-hlr have distinct subsystems handling incoming GSUP messages.
So far we decide entirely by message type which code path should handle a GSUP
message. Thus no GSUP message type may be re-used across subsystems.
If we add a GSUP message to indicate a routing error, it would have to be a
distinct message type for subscriber management, another one for SMS, another
one for USSD...
To allow introducing common message types, introduce a GSUP Message Class IE.
In the presence of this IE, GSUP handlers can trivially direct a received
message to the right code path. If it is missing, handlers can fall back to the
previous switch(message_type) method.
Change-Id: Ic397a9f2c4a7224e47cab944c72e75ca5592efef
We have a habit of returning static buffers from some functions,
particularly when generating some kind of string values. This is
convenient in terms of memory management, but it comes at the expense
of not being thread-safe, and not allowing for two calls of the
related function within one printf() statement.
Let's introduce _c suffix versions of those functions where the
caller passes in a talloc context from which the output buffer shall
be allocated.
Change-Id: I8481c19b68ff67cfa22abb93c405ebcfcb0ab19b
The function osmo_dump_gsmtime_buf gets a pointer *buf and a parameter
buf_len. The pointer *buf is a string buffer and the function places an
\0 at the end of the buffer before it exists. However it uses
sizeof(buf) as part of the index calculation, which is incorrect. Lets
correct this by using buf_len instead.
Change-Id: Id24263aa7c9a53544f1639b6ceb09ce5615d5114
We have a number of static buffers in use in libosmo*. This means
the related functions are not usable in a thread-safe way. While
we so far don't have many multi-threaded programs in the osmocom
universe, the static buffers also prevent us from calling the same
e.g. string-ify function twice within a single printf() call.
Let's make sure there's an alternative function in all those cases,
where the user can pass in a caller-allocated buffer + size, and make
the 'classic' function with the static buffer a wrapper around that
_buf() variant.
Change-Id: Ibf85f79e93244f53b2684ff6f1095c5b41203e05
ipa_ccm_idtag_parse_off is broken, and can only be used with
len_offset=1 on ID Request messages, otherwise won't work correctly.
Modify ipa_ccm_idtag_parse to at least parse those correctly, and
document the limitations.
Those two functions are already deprecated and only used in openbsc by 3
callers:
* ipa_ccm_idtag_parse in ussd_read_cb(): Broken, that function can only
work for Requests and it's used to parse a Response.
* ipa_ccm_idtag_parse_off in forward_sccp_to_msc (NAT): Broken, it can
only be used to parse Requests and it's used to parse a Response.
Furthermore, len_offset=2 is passed which makes no sense and most
probably it fails always, or can even make the program crash.
* ipa_ccm_idtag_parse_off in (answer_challenge): This one is fine and
could actually be replaced with ipa_ccm_id_get_parse after this commit
is merged.
Change-Id: I6efc852dfc041192f554e41a58290a0f63298021
This reverts commit 1261db1505.
The patch broke openbsc's external tests, and currently it is unclear
whether it is just an error in the test or if openbsc makes wrong
assumptions about the length value. Let's revert the patch to unblock
the master-openbsc jenkins job.
Related: OS#3851
Change-Id: I9adea35ff6de36c1611c7f85dde1b15bc1c0e786
IPA CCM is using a somewhat weird TLV encoding scheme:
* 16bit length (of tag and value)
* 8bit tag
* value
Our existing code mapping the CCM to 'struct tlv_parse' used the plain
length value without accounting for the one-byte tag.
This patch ensures we only report the length of the "value" part,
excluding the tag.
Change-Id: I435aaa33605bd48635715a2c81aa2d231c1abf51
The function gsm0808_sc_cfg_from_gsm48_mr_cfg() is used to convert a
gsm48 multirate struct into a set of S-bits (S0 to S15). However, the
conversion function currently does not take into account that bit S1
actually stands for four rates at once (Config-NB-Code = 1). Lets make
sure that S1 is only set when the multirate configuration permits all
four required rates.
Change-Id: I6ad531d4e70c2252e32e2bbaca8e14a7ec6d9840
Related: SYS#4470
The function gsm0808_sc_cfg_from_gsm48_mr_cfg() takes an S15 to S0
bitmask and converts that bitmask into an AMR multirate configuration
struct.
Unfortunately the current implementation implements 3GPP TS 28.062,
Table 7.11.3.1.3-2 wrongly in some aspects. Lets fix this.
- Fix wrong interpretation of the bitpatterns
- 5,15K is invalid and must never be selected
- Make sure that no more than 4 rates are selected in the active set
- Extend unit-test
Change-Id: I6fd7f4073b84093742c322752f2fd878d1071e15
Related: SYS#4470
CGI to Cell ID: for example, for Paging, osmo-msc has a CGI for a subscriber
and needs to send out a Cell Identifier IE. Makes sense to add this conversion
here.
Cell ID to CGI: for a Layer 3 Complete, a subscriber sends the current cell in
the form of a Cell Identifier, which we store as a CGI, if necessary enriched
with the local PLMN.
Add enum with bitmask values to identify parts of a CGI, for the return value
of gsm0808_cell_id_to_cgi(). Can't use enum CELL_IDENT for that, because it
doesn't have a value for just a PLMN (and is not a bitmask).
Change-Id: Ib9af67b100c4583342a2103669732dab2e577b04
Add functions to dump LCLS (without GCR) and GCR. Dumping entire struct
results in inconveniently long string hence the separate functions. Both
use talloc functions so they expect caller to take care of providing
proper allocation context and freeing memory.
Change-Id: Ic3609224c8f3282d667e75f68bc20327e36eb9e6
This single function has a quite different behavior than the other
gsm0808_ functions in terms of how the resulting msgb l3h
pointers are set. Let's document that to avoid more confusion.
Change-Id: I0367760a588fc968c5a2dea46001ef1ee7965c8c
In Change-Id Id8a75e1da2d5f520064666e4ee413d1c91da6ae3 we recently
introduced adding the "CSFB INDICATOR" IE to the CLEAR COMMAND,
but we did so with a wrong length value.
Change-Id: I4d07d25fb03ca0f89fd7b94226c54309c77a010a
Closes: OS#3805
Related: OS#2778
When the initial patch was tweaked from osmo_classmark_* to
osmo_gsm48_classmark_* naming, the libosmogsm.map entries were forgotten to be
changed as well.
Change-Id: I53a41b5e965a529d3c146ee85102f7f1725c6014
In OsmoMSC, it's required to be able to specify a particular GSM 04.07
transaction ID for GSM 04.80 Release complete message instead of the
hard-coded value, that is used gsm0480_create_ussd_release_complete().
Let's finally deprecate gsm0480_create_ussd_release_complete(), and
introduce a new function without USSD prefix, as this message
is also used in other "structured" supplementary services.
Change-Id: Ie3ac85fcef90a5e532334ba3482804d5305c88d7
When a call that was established in a CSFB context ends the CLEAR
COMMAND that is send from the BSC to the MSC should contain a CSFB
indication IE, which consists of just the IE byte itsslef. This
additional IE tells the BSC to include other CSFB related IEs into the
RR Release message.
Change-Id: Id8a75e1da2d5f520064666e4ee413d1c91da6ae3
Related: OS#3778
Replace osmo_gsup_get_err_msg_type() with a wrapper to
OSMO_GSUP_TO_MSGT_ERROR(). This macro assumes, that all error messages
are (request message | 0x000001). Add a big comment header for
osmo_gsup_message_type, describing this already implicitly followed rule
and therefore making it explicit.
With this change, we don't need to maintain the request -> error message
mapping in osmo_gsup_get_err_msg_type() anymore.
Related: Iec1b4ce4b7d8eb157406f006e1c4241e8fba2cd6 (osmo-gsm-manuals)
Change-Id: I46d9f2327791978710e2f90b4d28a3761d723d8f
osmo-bsc and osmo-msc implement identical Classmark structures. It makes sense
to define once near the gsm48 protocol definitions.
Also move along some generic Classmark API from osmo-msc.
Change-Id: Ifd27bab0380f7ad0c44c719aa6c8bd62cf7b034c
Add
* osmo_lai_cmp() (to use in gsm0808_cell_id_u_matches())
* osmo_cgi_cmp() (to use in gsm0808_cell_id_u_matches())
* gsm0808_cell_id_u_match() (to re-use for single IDs and lists)
* gsm0808_cell_ids_match()
* gsm0808_cell_id_matches_list()
* Unit tests in gsm0808_test.c
Rationale:
For inter-BSC handover, it is interesting to find matches between *differing*
Cell Identity kinds. For example, if a cell as CGI 23-42-3-5, and a HO for
LAC-CI 3-5 should be handled, we need to see the match.
This is most interesting for osmo-msc, i.e. to direct the BSSMAP Handover
Request towards the correct BSC or MSC.
It is also interesting for osmo-bsc's VTY interface, to be able to manage
cells' neighbors and to trigger manual handovers by various Cell Identity
handles, as the user would expect them.
Change-Id: I5535f0d149c2173294538df75764dd181b023312
The longest BCd-digit type identity is the IMEISV with 16, so there's
no point in trying to parse up to 255 decimal digits, which will do
nothing but to overflow the caller-provided output buffer.
Let's also clearly define the required minimum size of the output
buffer and add a reltead #define for it.
Change-Id: Ic8488bc7f77dc9182e372741b88f0f06100dddc9
This resolves an issue introduced in 84fb5bb6a0
when msgb_wrap_with_TL() was introduced as an inline function with
*exactly the same name* as in osmo-msc.git and openbsc.git. We *NEVER*
do something like this. Functions moved from applications to library
*MUST* always be renamed. This has been the case for almost a decade
now.
With this subsequent change we make sure the libosmocore function
has a different name and doesn't clash. After this commit, old
openbsc.git and osmo-bsc.git should again build fine.
Change-Id: If1e851ac605c8d2fde3da565b0bd674ea6350c2e
Most of the time we'll have GCR filled anyway so it make sense to have
it as static parameter instead of a pointer to separately allocated
structure. Update tests to cover both static and dynamic osmo_lcls
allocation variants.
Change-Id: I905c36d8455911c68c30bc429379b7313dd46aea
* add gsm0808_create_ass_compl2() with additional gsm0808_lcls_status
parameter and make gsm0808_create_ass_compl() into trivial wrapper
around it
* update tests accordingly
Change-Id: I547c6b8707123aa8c1ef636db88908df112d90a4
Related: OS#2487
The function msgb_sgsap_name_put() assignes the return code of
osmo_apn_from_str() directly to len. Len is an uint8_t and the return
code an int. If osmo_apn_from_str() returns -1. Len would become 0xFF
causing a buffer overrun with msgb_tlv_put. Lets use the proper type to
catch the return code and check it before using it as length.
Change-Id: Ic0bc5114eee47bdcf2300a6e4b0df473d3d1903a
Fixes: CID#190405
Fixes: CID#190401
Related: OS#3615
Prepare handling multiple CM Service Requests in osmo-msc: an enum is more
clear than an int and #defines for passing around and count CM Service types.
Change-Id: I9c2a7adc45ab7a1a7519168e965e7d805e1481ff
Verify 14 digit and 15 digit IMEI strings. OsmoHLR will use the 14
digit version to check IMEIs before writing them to the DB.
Place the Luhn checksum code in a dedicated osmo_luhn() function, so
it can be used elsewhere.
Related: OS#2541
Change-Id: Id2d2a3a93b033bafc74c62e15297034bf4aafe61
As part of fixing issue OS#3075, we want to migrate support
for encoding system information from osmo-bsc to libosmocore.
This change ports osmo-bsc code for encoding SI rest octets.
The conversion was a bit tricky in some places because some
functions receive a 'struct gsm_bts' parameter in osmo-bsc.
In this libosmocore version, such functions expect parameters
which correspond to the individual fields of 'struct gsm_bts'
which are used by these functions.
Several structs from osmo-bsc's system_information.h are now
also declared in libosmocore headers, with an added osmo_ prefix
to avoid collisions with existing definitions in osmo-bsc.
Some helpers were ported from osmo-bsc's system_information.c
to libosmocore's gsm48_rest_octets.c. Contrary to osmo-bsc's
implementation they are now only visible within this file.
Unfortunately, this code ported from osmo-bsc lacks unit tests.
Change-Id: I47888965ab11bba1186c21987f1365c9270abeab
Related: OS#3075
As part of fixing issue OS#3075, we want to migrate support
for encoding system information from osmo-bsc to libosmocore.
This change ports one of the prerequisites for doing so:
osmo-bsc code for range-encoding ARFCNs, including tests.
An osmo_gsm48_ prefix has been prepended to public symbols in
order to avoid clashes with existing symbols in osmo-bsc code.
Change-Id: Ia220764fba451be5e975ae7c5eefb1a25ac2bf2c
Related: OS#3075
We have gsm48_mi_to_string() and osmo_bcd2str(), but still lack a function that
conveniently prints both MI type and value in one function call.
Related: http://people.osmocom.org/neels/mi_mi_mi.jpg
Change-Id: I7798c3ef983c2e333b2b9cbffef6f366f370bd81
Previously it could encode both incorrect values as well as incorrect
message. Let's fix this by explicitly checking for invalid values and
ensuring that at least one of the parameters is valid.
This function have no external or internal users so it's better to fix
type signature as well to match the rest of gsm0808_create_lcls_*().
Change-Id: I7b33a771acbd391c5f9a494d6450edb18511433f
Disable GnuTLS fallback if sufficient glibc version detected. Previously
GnuTLS fallback was used regardless of getrandom() availability in
glibc. Fix this by automatically disabling it when not needed. This does
not affect the ability to manually disable it unconditionally.
Change-Id: Ibe2117afc050261668a4d5a590044aabcd08aefe
* use macro for version check
* report glibc version upon random.h detection
* comment where various #endif belongs to
* explicitly check for embedded build (our target toolchain don't use
libc so there's no point in checking its version)
Change-Id: Ia54f0b7a861f955be65bb0cf06eb10af9372d062
In the MSC, we have RAN types GERAN_A and UTRAN_IU, now we need a similar enum
in osmo-hlr's GSUP client.
Naming: in the MAP specifications, the RAN type is mostly called RAT type,
(Radio Access Network vs. Radio Access Technology?). Since GSUP is more about
MAP messages, I'm calling the enum osmo_rat_type.
Rationale: osmo-msc and osmo-sgsn want to tell the osmo-hlr which RAT a
subscriber is calling on. A subsequent patch will extend the GSUP protocol and
add a RAT types IE.
Change-Id: I659687aef7a4d67ca372a39fef31dee07aed7631
In 3GPP TS 48.008 the Global Call Reference IE is only used in HANDOVER
REQUEST (§3.2.1.8) and ASSIGNMENT REQUEST (§3.2.1.1) messages which
also include LCLS Config and CSC parameters. Hence, there's no point in
using GCR encode/decode functions alone.
Introduce gsm0808_dec_lcls() and gsm0808_enc_lcls() as trivial wrappers
on top of GCR enc/dec routines which are made static. Adjust tests
accordingly. Test output intentionally left unchanged.
Change-Id: Icfbb2404e1a1d500243e2071173299b557369335
Implement necessary messages for Procedure Check_IMEI_VLR (TS 23.018
Chapter 7.1.2.9). This lets the VLR ask the EIR to check if an IMEI
is valid. In the Osmocom stack, we don't have an EIR and this request
will be handled by the HLR. We will be able to store the IMEI in the
HLR as side-effect (OS#2541).
This is roughly based on TS 29.002 8.7.1 MAP_CHECK_IMEI service, but
only implements the bare minimum required IEs (imei and imei_result).
Related: OS#3733
Change-Id: I085819df0ea7f3bfeb0cabebb5fd1942a23c6155
According to 3GPP TS 29.002, section 12.4, MAP-READY-FOR-SM is
used between the MSC and VLR as well as between the VLR and the
HLR to indicate that a subscriber has memory available for SMS.
This change replicates this service in GSUP as READY_FOR_SM_*.
The only mandatory IE for this service (excluding Invoke ID) is
'Alert Reason' that is replicated by OSMO_GSUP_SM_ALERT_RSN_IE.
Change-Id: Ic37f3b2114b8095cfce22977e67133b9103942e3
Related Change-Id: (docs) I549b6c8840a1e86caac09e77fb8bc5042d939e62
Related Change-Id: (TTCN) If2256607527ecfcb10285583332fb8b0515d7c78
Related: OS#3587
According to 3GPP TS 29.002, there are two services:
- MAP-MO-FORWARD-SHORT-MESSAGE (see 12.2),
- MAP-MT-FORWARD-SHORT-MESSAGE (see 12.9),
which are used to forward MO/MT short messages.
This change replicates both services as GSUP messages:
- OSMO_GSUP_MSGT_MO_FORWARD_SM_*,
- OSMO_GSUP_MSGT_MT_FORWARD_SM_*.
Please note, that only the 'must-have' IEs are introduced
by this change, in particular the following:
- OSMO_GSUP_SM_RP_MR_IE (see note below),
- OSMO_GSUP_SM_RP_DA_IE (see 7.6.8.1),
- OSMO_GSUP_SM_RP_OA_IE (see 7.6.8.2),
- OSMO_GSUP_SM_RP_UI_IE (see 7.6.8.4),
- OSMO_GSUP_SM_RP_MMS_IE (see 7.6.8.7),
- OSMO_GSUP_SM_RP_CAUSE_IE (see GSM TS 04.11, 8.2.5.4),
where both SM_RP_DA and SM_RP_OA IEs basically contain
a single nested TV of the following format:
- T: identity type (see 'osmo_gsup_sms_sm_rp_oda_t'),
- V: encoded identity itself (optional).
According to GSM TS 04.11, every single message on the SM-RL has
an unique message reference (see 8.2.3), that is used to link
an RP-ACK or RP-ERROR message to the associated (preceding)
RP-DATA or RP-SMMA message transfer attempt.
In case of TCAP/MAP, this message reference is being mapped to the
Invoke ID. But since GSUP has no 'Invoke ID' IE, and it is not
required for other applications (other than SMS), this change
introduces a special 'SM_RP_MR' IE that doesn't exist in MAP.
Change-Id: Ibe325c64ae2d6c626b232533bb4cbc65fc2b5d71
Related Change-Id: (docs) Ie0150756c33c1352bc4eb49421824542c711175c
Related Change-Id: (TTCN) Ibf49474a81235096c032ea21f217170f523bd94e
Related: OS#3587
* add functions to encode Global Call. Ref. from TS 29.205 as 3GPP TS
48.008 §3.2.2.115 information element
* add corresponding tests
Change-Id: I82ce0207dc8de50689a8806c6471ad7fbae6219d
Add functions to encode and decode Global Call Reference as per
3GPP TS 29.205 Table B 2.1.9.1 add corresponding tests.
Change-Id: Iee95aa4e5c056645b6cb5667e4a067097d52dfbf
Related: OS#2487
All successful cases already return from the switch(), so simply handle all
errors below it by returning an empty string (if there is enough string
buffer).
Change-Id: I709ac3b9efb7b4258d8660715b10312e11b9b571
For MI encoding, see 3GPP TS 24.008, 10.5.1.4 Mobile Identity. The 'odd' flag
indicates whether the last BCD nibble is used. Of course that flag should be
made sure to reflect the actual length.
Change-Id: Id6e695ebf9f86b295eaa7e2c6228989256f37e68
By using osmo_bcd2str(), ensure that the resulting string is always nul
terminated, and always return strlen()+1 whether truncated or not.
Still keep up the previous return value style, even if that isn't consistent at
all.
The difference between IMSI/IMEI and TMSI return values remains and is not part
of this patch.
Change-Id: I1b51b72a721e1cc9d69796b804ebda741ff0f36b
At the moment the all gsm0808 cause codes are encoded directly using the
tlv API directly to put a one byte TLV field. This works ok for most
situations where the cause code consists of a single byte. However,
gsm0808 specifies a two byte cause code model where cause codes may be
extended up to two bytes. Instead of implementing the encoding over and
over and again, let's rather have an encoder function we can call.
- Add an encoder function that can generate single byte and extended
cause codeds and makes the length decision automatically.
- Use only this function to append cause codes
Change-Id: I71d58fad89502a43532f60717ca022c15c73f8bb
We already have some GSM29118 related definitions and functions in
libosmocore. Lets also add some functions to generate GSM29118 messages
(similar to those we have for GSM0808).
Change-Id: Ic87f8a771b87b52215d0a7451b67794557b80b8a
Related: OS#3615
We currently have no generator function that can generate BSSMAP
HANDOVER PERFORMED messages. Lets add function for this.
Change-Id: I825106858bd89afc9837811b8fed2e8accc82441
Related: OS#3645
* add spec reference
* remove LCLS note: CI parameter is optional but have nothing to do with
LCLS
It's pretty hard to decipher from the spec what CI is useful for and we
have not used it anyway so let's just keep it as "Optional" for now.
Change-Id: I5552732afcec48047d993ae6ffb73a3e5d7c9202
ARFCNs are values in well defined ranges. Until this patch, ARFCNs not
belonging to any band were blindly assigned to DCS1800 by
gsm_arfcn2band, causing unnoticed bugs and misconfigurations in
osmo-bsc.
Previous API gsm_arfcn2band cannot accomodate this kind of check easily,
so let's deprecate it to tell people to use a new API gsm_arfcn2band_rc
which performs this kind of checks and allows callers to log failures,
misconfigurations, etc.
At the same time, modify implementation of gsm_arfcn2band to abort if an
invalid ARFCN is passed, this way users of this API can notice they are
passing wrong data to it that most probably will produce unexpected
results.
Related: OS#3063
Change-Id: I780d452dcebce385469e32ef2fd844df6033393a
* add function to generate cipher mode reject with extended (2-byte)
Cause IE
* add function to get (extended) Cause value
* add corresponding (extended cause) test
* update existing (non-extended cause) test
* use enum as a parameter for existing non-extended version to make
interface more unified
Change-Id: Id5509b94a18180a44f45300caaa02b843c166fa3
Related: OS#3187
The msgb_wrap_with_TL() is generally useful so it make sense to make it
public to facilitate code re-use.
Other helpers can be implemented as trivial wrappers over existing tlv.h
functions. Update headers and code accordingly.
Change-Id: I37e91d031fba28cf1c6735b8069b0265746f55e6
Add values indicating that LCLS control/config/status value has not been
received yet.
Change-Id: I52dc6a52f5ee043ed2c1625ffecfd495e3c746b1
Related: OS#2487
* add Class definitions
* add helper to check for extended bit
* add helper to get Cause's Class
* use enum in gsm0808_cause_name() and gsm0808_create_cipher_reject() to
avoid confusion between class and cause
* update gsm0808_create_cipher_reject() comments
Change-Id: I31b31dfc22eb4b6b07089e1255246ac458125340
Related: OS#3187
The value strings for the SGSAP IEI are missing, lets add a set of value
strings and a function to retrieve them.
Change-Id: I2787303174f74ffba86675bce2c12f680d8ea708
Related: OS#3615
The API documentation lacks the the description for the last parameter,
lets add a description for it.
Change-Id: Ibcd25d3a7ddd7075eb15daff6dba42236d14d945
* add note about (yet) unsupported standard feature
* use enum constant instead of hex value
Change-Id: I5cc5fc1ae8d5474dbc8d3385a493adf6420a3c98
Related: OS#3187
The function that generates the clear command takes a parameter
"reason", which is the cause code. Lets give it the name "cause" to have
a coherent naming scheme that matches the other functions and the 3gpp
specs.
Change-Id: I7b6c15e8fa8db13deef5041095944ca1c58fb99f
The api documentation names a parametery by a different name than it is
listed in the parameter list of the function. Lets make the apidoc
coherent.
Change-Id: Id21ed1e920fb64522a734f206efbe2871ec05b06
Missing (unset) type of to be encoded message is not a memory
allocation failure (-ENOMEM), this is definitely a mistake.
Change-Id: Ibbac18e2b68b765c17c2bc959c4c085037953a7f
3GPP_TS_48.008, 3.2.2.103 Speech Codec List states the following:
"The length indicator (octet 2) is a binary number indicating the
absolute length of the contents after the length indicator.
The length depends on the number and type of Speech Codec Elements
to be included. The minimum length of one Speech Codec Element is 1
octet and the maximum length is 3 octets. The maximum number of
Speech Codec Elements within the Speech Codec List is not defined."
This clearly refers only to the length of a single speech codec
element but not on the overall list. So speech codec lists with
length 0 are indeed permitted by the spec.
- Remove the assertion that checks on zero length speech codec
lists.
Change-Id: I1eb1f4466b98bdd26d765b0e4cc690b5e89e9dd6
Related: OS#3657
Add a function to convert S0-S15 bits to struct gsm48_multi_rate_conf,
which hold the codec settings for AMR.
Change-Id: I973736273c236eee84decf15868190e339c3fed4
Related: OS#3548
parameter cfg in gsm0808_sc_cfg_from_gsm48_mr_cfg() is used read only.
Lets add a const to make this clear to the compiler.
Change-Id: I31e8d273b070b0afc446a298299d4f502d6c396b
Add a function to convert struct gsm48_multi_rate_conf, which holds the
codec settings for AMR, to S0-S15 bit representation as defined in
3GPP TS 48.008 3.2.2.49
This resurrects change-id I4e656731b16621736c7a2f4e64d9ce63b1064e98
which was reverted in I9e0d405e303ed86d23703ca6362e958dddb2f861
due to gsm0808_test failing.
The test failure is fixed by properly clearing the struct
gsm48_multirate_cfg prior to running tests (add memset(0)).
Change-Id: Ia782e21c206c15e840226d79b4209d13658ee916
Related: OS#3548
Add a function to convert struct gsm48_multi_rate_conf, which holds the
codec settings for AMR, to S0-S15 bit representation as defined in
3GPP TS 48.008 3.2.2.49
Change-Id: I4e656731b16621736c7a2f4e64d9ce63b1064e98
Related: OS#3548
The cell identifier list parameter is mandatory. Document it as
such, and tweak code which treated it like an optional parameter.
No functional change. The existing code already asserts that
a non-NULL value is passed for this parameter.
Change-Id: I3716f9d5b210e0a7e6f45c9fe3fc34024e5234ad
Related: OS#3021
There was gsm0480_l3hdr_push() declared in a header file, but
not exposed in 'libosmogsm.map'. Furthermore, for some reason
it was a part of GSM 04.80 API, what is not actually correct.
Let's rename this symbol, and properly expose it as a part of
the GSM 04.08 API. Also, let's introduce an auxiliary wrapper
for messages, where the transaction identifier is required
(see GSM 04.07, section 11.2.3.1.2).
Change-Id: I8a045efe8335d83fcbe8d43eb180972e3b1d9dda
I was contacted by the (previously unknown) author who provided
the new location of the original code.
Change-Id: I2dabab20ad018ce473817986bdb250131c010bf1
In the previous commit we deprecated ipa_ccm_idtag_parse() but
also removed ipa_ccm_idtag_parse_off(), for which I couldn't find
any users. However, legacy openbsc.git still uses this function,
so let's re-introiduce it in its original form.
Change-Id: Ibfe53b04340eb355c8bfb8453a2af1522a4b6baf
In the past, the function ipa_ccm_idtag_parse() was used to parse
the payload of IPA CCM ID RESP packets. However, the function was
based on a possible misunderstanding of the message encoding, and
callers actually counted the first (upper) length nibble as part
of the header and passed a pointer to the second
(lower) length nibble of the first TLV into this function. As such,
it was unfixable, and had to be replaced with a new function called
ipa_ccm_id_resp_parse(). At the same time, we also add
ipa_ccm_id_get_parse() to parse the slightly different format of
the IPA CCM ID GET payload.
We can never be 100% sure what is "correct", as our understanding
of the protocol is entirely based on protocol analysis, without any
official documentation available.
This patch also introduces unit test coverage for both of the new
functions.
Revert "ipa: Add libosmogsm.map entry for ipa_ccm_idtag_parse_off"
This reverts commit 7f31c90b80.
Revert "ipa: Properly parse LV stream of a ID_GET request"
This reverts commit f558ed4bb9.
It introduced a function/behavior that was not originally intended:
The parse of IPA CCM ID GET (8bit length followed by 1 byte tag
and variable-length payload) instead of the IPA CCM ID RESP (16bit
length followed by 1 byte tag and variable-length payload).
Change-Id: I1834d90fbcdbfcb05f5b8cfe39bfe9543737ef8f
As we're moving this to a common/shared library now, we need to use
the osmo_ namespace prefix for symbol names, struct/type names and
constants.
Change-Id: Ie36729996abd30b84d1c30a09f62ebc6a9794950
This imports the code from osmo-msc 6afef893e17bce67e4d4119acd34d480ed03ba77
with minimal changes to make it compile. Symbol renaming to osmo_
prefix is done separately in a follow-up patch to have a as-clean-as-possible
import first.
Change-Id: I9bc38102318da02d1fe46ef516df3cfd6bf8e3da
Contrary to the existing gsm0480_create_ussd_resp(), the new function
only generates the value part of the FACILITY IE, and not the IE
Tag/Length or the 04.08 L3 header. This is needed in the context of
GSUP-encapsulated USSD, as here we don't work with L3 messages, but
only pass on the FACILITY IE value.
Change-Id: Ide240279240322f643e142229eb7829f538c6314
enum gsm0808_permitted_speech does not have any value strings. Lets
add value strings to make debugging easier.
Change-Id: I5b5612a5df2758b0137a34c17f7c8c2b3f07c806
The conv_gen.py utility was tested against both Python 2 and 3,
so there is no need to enforce Python 2. Also, having:
#!/usr/local/bin/python{2|3}
is a bad idea, because Python may be installed in a different location.
Change-Id: I6007d481047b584db13d6eda70fb99f11f9ddaa1
A loooong time ago, we introduced osmo_panic() as a wrapper around
abort(). The advantage is, that this wrapper can be overridden, and
that it will also work in embedded (bare iron) targets, where the
abort simply translates to an infinite loop.
Change-Id: I5a70eb65952cbc329bf96eacb428b07a9da32433
Add:
gsm0808_create_handover_detect()
gsm0808_create_handover_complete()
gsm0808_create_handover_failure()
To existing structs gsm0808_old_bss_to_new_bss_info and
gsm0808_handover_required, add a final 'more_items' flag that makes future
extensions API and ABI compatible.
Fix the msgb string for Handover Request Ack.
Extend some API doc comments.
Related: OS#2283 (inter-BSC Handover, BSC side, MT)
Change-Id: I03ee7ce840ecfa0b6a33358e7385528aabd4873f