1 #define MODULE_LOG_PREFIX "emm"
4 #include "cscrypt/md5.h"
5 #include "module-dvbapi.h"
6 #include "module-led.h"
7 #include "oscam-client.h"
8 #include "oscam-config.h"
10 #include "oscam-string.h"
11 #include "oscam-time.h"
12 #include "oscam-work.h"
13 #include "reader-common.h"
14 #include "oscam-chk.h"
15 #include "oscam-emm-cache.h"
17 const char *entitlement_type
[] = { "", "package", "PPV-Event", "chid", "tier", "class", "PBM", "admin" };
19 static struct timeb last_emm_clean
;
20 static int8_t cs_emmlen_is_blocked(struct s_reader
*rdr
, int16_t len
)
22 struct s_emmlen_range
*blocklen
;
23 if(!rdr
->blockemmbylen
)
25 LL_ITER it
= ll_iter_create(rdr
->blockemmbylen
);
26 while((blocklen
= ll_iter_next(&it
)))
28 if(blocklen
->min
<= len
29 && (len
<= blocklen
->max
|| blocklen
->max
== 0))
36 * Function to filter emm by cardsystem.
37 * Every cardsystem can export a function "get_emm_filter"
39 * the emm is checked against it and returns 1 for a valid emm or 0 if not
41 static int8_t do_simple_emm_filter(struct s_reader
*rdr
, const struct s_cardsystem
*csystem
, EMM_PACKET
*ep
, int8_t cl_dvbapi
)
43 if(is_network_reader(rdr
)) { return 1; } // dont evaluate on network readers, server with local reader will check it
45 //copied and enhanced from module-dvbapi.c
46 //dvbapi_start_emm_filter()
49 struct s_csystem_emm_filter
*dmx_filter
= NULL
;
50 unsigned int j
, filter_count
= 0;
52 // Call cardsystems emm filter
53 csystem
->get_emm_filter(rdr
, &dmx_filter
, &filter_count
);
55 // Only check matching emmtypes:
57 if(ep
->type
== UNKNOWN
)
58 { org_emmtype
= EMM_UNKNOWN
; }
60 { org_emmtype
= 1 << (ep
->type
- 1); }
62 // Now check all filter values
65 for(j
= 0; j
< filter_count
; j
++)
67 if(dmx_filter
[j
].enabled
== 0)
70 uint8_t emmtype
= dmx_filter
[j
].type
;
71 if(emmtype
!= org_emmtype
)
75 for(i
= 0, k
= 0; i
< 16 && k
< ep
->emmlen
&& match
; i
++, k
++)
77 mask
= dmx_filter
[j
].mask
[i
];
78 if(k
== 1 && cl_dvbapi
) // fixup for emms send by dvbapi
79 { k
+= 2; } //skip emm len bytes
82 //cs_log("**** filter %d [%d] = %02X, filter mask[%d] = %02X, flt&mask = %02X , ep->emm[%d] = %02X, ep->emm[%d] & mask = %02X ****", j, i,
83 // dmx_filter[j].filter[i], i, dmx_filter[j].mask[i], flt&mask, k, ep->emm[k], k, ep->emm[k] & mask);
84 flt
= (dmx_filter
[j
].filter
[i
] & mask
);
85 match
= (flt
== (ep
->emm
[k
] & mask
));
98 return 0; //emm filter does not match, illegal emm, return
101 static void reader_log_emm(struct s_reader
*reader
, EMM_PACKET
*ep
, int32_t count
, int32_t rc
, struct timeb
*tps
)
106 is_network_reader(reader
) ? "sent" : "written",
110 char *typedesc
[] = { "unknown", "unique", "shared", "global" };
111 struct s_client
*cl
= reader
->client
;
114 if(reader
->logemm
& (1 << rc
))
120 rdr_log(reader
, "%s emmtype=%s, len=%d (hex: 0x%.2X), cnt=%d: %s (%"PRId64
" ms)",
121 username(ep
->client
), typedesc
[ep
->type
], SCT_LEN(ep
->emm
)-3, SCT_LEN(ep
->emm
)-3, count
, rtxt
[rc
], comp_timeb(&tpe
, tps
));
126 cl
->lastemm
= time(NULL
);
130 #if defined(WEBIF) || defined(LCDSUPPORT)
135 reader
->emmerror
[ep
->type
]++;
136 reader
->webif_emmerror
[ep
->type
]++;
139 reader
->emmwritten
[ep
->type
]++;
140 reader
->webif_emmwritten
[ep
->type
]++;
143 reader
->emmskipped
[ep
->type
]++;
144 reader
->webif_emmskipped
[ep
->type
]++;
147 reader
->emmblocked
[ep
->type
]++;
148 reader
->webif_emmblocked
[ep
->type
]++;
154 int32_t emm_reader_match(struct s_reader
*reader
, uint16_t caid
, uint32_t provid
)
158 // if physical reader a card needs to be inserted
159 if(!is_network_reader(reader
) && reader
->card_status
!= CARD_INSERTED
)
162 if(reader
->audisabled
)
165 if(reader
->caid
!= caid
)
168 if (!reader
->csystem
)
170 for(i
= 0; reader
->csystem
->caids
[i
]; i
++)
172 uint16_t cs_caid
= reader
->csystem
->caids
[i
];
173 if (reader
->caid
&& cs_caid
== caid
)
179 if ( (reader
->caid
== 0) && chk_ctab_ex(caid
, &reader
->ctab
) )
188 rdr_log_dbg(reader
, D_EMM
, "reader_caid %04X != emmpid caid %04X -> SKIP!", reader
->caid
, caid
);
193 //if (!hexserialset(reader)) { There are cards without serial, they should get emm of type global and shared!
194 // rdr_log_dbg(reader, D_EMM, "no hexserial is set");
200 rdr_log_dbg(reader
, D_EMM
, "reader %04X match since emmpid has no provid -> SEND!", caid
);
204 uint32_t prid
= reader
->auprovid
;
206 if(caid_is_viaccess(caid
) && (prid
!= 0) && ((prid
&0xFFFFF0) != prid
)) // viaccess fixup last digit of provid is a dont care!
209 rdr_log_dbg(reader
, D_EMM
, "reader auprovid = %06X fixup to %06X (ignoring last digit)", reader
->auprovid
, prid
);
214 rdr_log_dbg(reader
, D_EMM
, "reader auprovid = %06X matching with emm provid = %06X -> SEND!", prid
, provid
);
218 for(i
= 0; i
< reader
->nprov
; i
++)
220 prid
= b2i(4, reader
->prid
[i
]);
222 if(caid_is_viaccess(caid
) && (prid
!= 0) && ((prid
&0xFFFFF0) != prid
)) // viaccess fixup last digit of provid is a dont care!
224 rdr_log_dbg(reader
, D_EMM
, "reader provid = %06X fixup to %06X (ignoring last digit)", prid
, (prid
&0xFFFFF0));
230 rdr_log_dbg(reader
, D_EMM
, "reader provid %06X matching with emm provid %06X -> SEND!", prid
, provid
);
234 if((reader
->typ
== R_CAMD35
|| reader
->typ
== R_CS378X
) && (prid
& 0xFFFF) == (provid
& 0xFFFF))
236 rdr_log_dbg(reader
, D_EMM
, "CS378: Match after fixing reader provid %06X to ??%04X and emm provid %06X to ??%04X -> SEND!", prid
, prid
&0xFFFF, provid
, provid
&0xFFFF);
240 rdr_log_dbg(reader
, D_EMM
, "reader provid %06X no match with emm provid %06X -> SKIP!", prid
, provid
);
245 static char *get_emmlog_filename(char *dest
, size_t destlen
, const char *basefilename
, const char *type
, const char *ext
)
247 char filename
[64 + 16];
248 snprintf(filename
, sizeof(filename
), "%s_%s_emm.%s", basefilename
, type
, ext
);
251 get_config_filename(dest
, destlen
, filename
);
255 const char *slash
= "/";
256 if(cfg
.emmlogdir
[strlen(cfg
.emmlogdir
) - 1] == '/') { slash
= ""; }
257 snprintf(dest
, destlen
, "%s%s%s", cfg
.emmlogdir
, slash
, filename
);
262 static void saveemm(struct s_reader
*aureader
, EMM_PACKET
*ep
, const char *proceded
)
272 if(ep
->type
== UNKNOWN
)
273 { emmtype
= EMM_UNKNOWN
; }
275 { emmtype
= 1 << (ep
->type
- 1); }
276 // should this nano be saved?
277 if(((1 << (ep
->emm
[0] % 0x80)) & aureader
->s_nano
) || (aureader
->saveemm
& emmtype
))
280 localtime_r(&rawtime
, &timeinfo
); // to access LOCAL date/time info
281 int32_t emm_length
= SCT_LEN(ep
->emm
);
282 strftime(buf
, sizeof(buf
), "%Y/%m/%d %H:%M:%S", &timeinfo
);
286 fp_log
= fopen(get_emmlog_filename(token_log
, sizeof(token_log
), aureader
->label
, "global", "log"), "a");
289 fp_log
= fopen(get_emmlog_filename(token_log
, sizeof(token_log
), aureader
->label
, "shared", "log"), "a");
292 fp_log
= fopen(get_emmlog_filename(token_log
, sizeof(token_log
), aureader
->label
, "unique", "log"), "a");
296 fp_log
= fopen(get_emmlog_filename(token_log
, sizeof(token_log
), aureader
->label
, "unknown", "log"), "a");
301 rdr_log(aureader
, "ERROR: Cannot open file '%s' (errno=%d: %s)\n", token_log
, errno
, strerror(errno
));
305 if(cs_malloc(&tmp2
, emm_length
* 2 + 1))
307 fprintf(fp_log
, "%s %s ", buf
, cs_hexdump(0, ep
->hexserial
, 8, tmp
, sizeof(tmp
)));
308 fprintf(fp_log
, "%s %s\n", cs_hexdump(0, ep
->emm
, emm_length
, tmp2
, emm_length
* 2 + 1), proceded
);
310 rdr_log(aureader
, "Successfully added EMM to %s", token_log
);
317 void do_emm(struct s_client
*client
, EMM_PACKET
*ep
)
319 char *typtext
[] = {"unknown", "unique", "shared", "global"};
322 bool lastseendone
= false;
324 struct s_reader
*aureader
= NULL
;
329 cs_log("EMM size %d invalid, ignored! client %s", ep
->emmlen
, username(client
));
333 if(ep
->emmlen
> MAX_EMM_SIZE
)
335 cs_log("EMM size %d > Max EMM size %d, ignored! client %s", ep
->emmlen
, MAX_EMM_SIZE
, username(client
));
339 sct_len
= SCT_LEN(ep
->emm
);
340 if(sct_len
> ep
->emmlen
)
342 cs_log("Real EMM size %d > EMM size %d, ignored! client %s", sct_len
, ep
->emmlen
, username(client
));
345 ep
->emmlen
= sct_len
;
347 cs_log_dump_dbg(D_EMM
, ep
->emm
, ep
->emmlen
, "emm:");
350 bool cl_dvbapi
= is_dvbapi_usr(client
->account
->usr
);
351 if(client
->account
->emm_reassembly
> 1 || (client
->account
->emm_reassembly
&& cl_dvbapi
))
354 LL_ITER itr
= ll_iter_create(client
->aureader_list
);
355 while((aureader
= ll_iter_next(&itr
)))
357 if(!aureader
->enable
)
360 uint16_t caid
= b2i(2, ep
->caid
);
361 uint32_t provid
= b2i(4, ep
->provid
);
363 if(caid_is_viaccess(caid
)) // viaccess fixup last digit is a dont care!
368 if(aureader
->audisabled
)
370 rdr_log_dbg(aureader
, D_EMM
, "AU is disabled");
371 /* we have to write the log for blocked EMM here because
372 this EMM never reach the reader module where the rest
373 of EMM log is done. */
374 if(aureader
->logemm
& 0x10)
376 rdr_log(aureader
, "%s emmtype=%s, len=%d (hex: 0x%02X), idx=0, cnt=1: audisabled (0 ms)",
377 client
->account
->usr
,
385 if(!(aureader
->grp
& client
->grp
))
387 rdr_log_dbg(aureader
, D_EMM
, "skip emm, group mismatch");
391 //TODO: provider possibly not set yet, this is done in get_emm_type()
392 if(!emm_reader_match(aureader
, caid
, provid
))
395 const struct s_cardsystem
*csystem
= NULL
;
397 if(is_network_reader(aureader
)) // network reader (R_CAMD35 R_NEWCAMD R_CS378X R_CCCAM)
399 if(!aureader
->ph
.c_send_emm
) // no emm support
402 csystem
= get_cardsystem_by_caid(caid
);
405 rdr_log_dbg(aureader
, D_EMM
, "unable to find cardsystem for caid %04X", caid
);
411 if(aureader
->csystem_active
)
412 { csystem
= aureader
->csystem
; }
415 if(csystem
&& csystem
->get_emm_type
)
417 if(!csystem
->get_emm_type(ep
, aureader
))
419 rdr_log_dbg(aureader
, D_EMM
, "emm skipped, get_emm_type() returns error");
425 if(!ep
->skip_filter_check
&& csystem
&& csystem
->get_emm_filter
)
427 if(!do_simple_emm_filter(aureader
, csystem
, ep
, 1)) // do check with dvbapi fixup enabled
429 if(!do_simple_emm_filter(aureader
, csystem
, ep
, 0)) // do check with dvbapi fixup disabled
431 rdr_log_dbg(aureader
, D_EMM
, "emm skipped, do_simple_emm_filter() returns invalid");
438 if(csystem
&& csystem
->do_emm_reassembly
)
442 if(!csystem
->do_emm_reassembly(aureader
, client
, ep
))
443 { continue; } // skip this reader
447 rdr_log_dbg(aureader
, D_EMM
, "processing raw emm");
451 rdr_log_dbg_sensitive(aureader
, D_EMM
, "emmtype %s. Reader serial {%s}.", typtext
[ep
->type
],
452 cs_hexdump(0, aureader
->hexserial
, 8, tmp
, sizeof(tmp
)));
453 rdr_log_dbg_sensitive(aureader
, D_EMM
, "emm UA/SA: {%s}.",
454 cs_hexdump(0, ep
->hexserial
, 8, tmp
, sizeof(tmp
)));
456 client
->last
= time(NULL
);
458 int32_t is_blocked
= 0;
460 if (aureader
->fix_07
== 1 && ep
->type
== UNIQUE
)
462 if((caid
== 0x098D || caid
== 0x098C || caid
== 0x09C4) && ep
->emm
[1] == 0x70 && (ep
->emm
[8] * 0x100 + ep
->emm
[9] != 0x200))
464 rdr_log(aureader
,"emmtype 0x%04X marked as unknown for caid 0x%04X", (ep
->emm
[8] * 0x100 + ep
->emm
[9]),caid
);
468 if((caid
== 0x098D || caid
== 0x098C || caid
== 0x09C4) && ep
->emm
[1] == 0 && (ep
->emm
[4] * 0x100 + ep
->emm
[5] != 0x200))
470 rdr_log(aureader
,"emmtype 0x%04X marked as unknown for caid 0x%04X", (ep
->emm
[4] * 0x100 + ep
->emm
[5]),caid
);
474 if(caid
== 0x09AF && ep
->emm
[1] == 0x70 && ep
->emm
[11] != 2)
476 rdr_log(aureader
,"emmtype 0x%02X marked as unknown for caid 0x%04X", ep
->emm
[11],caid
);
480 if(caid
== 0x09AF && ep
->emm
[1] == 0 && ep
->emm
[7] != 2)
482 rdr_log(aureader
,"emmtype 0x%02X marked as unknown for caid 0x%04X", ep
->emm
[7],caid
);
490 is_blocked
= (aureader
->blockemm
& EMM_UNKNOWN
) == EMM_UNKNOWN
;
493 is_blocked
= (aureader
->blockemm
& EMM_UNIQUE
) == EMM_UNIQUE
;
496 is_blocked
= (aureader
->blockemm
& EMM_SHARED
) == EMM_SHARED
;
499 is_blocked
= (aureader
->blockemm
& EMM_GLOBAL
) == EMM_GLOBAL
;
503 // if not already blocked we check for block by len
504 if(!is_blocked
) { is_blocked
= cs_emmlen_is_blocked(aureader
, SCT_LEN(ep
->emm
)-3) ; }
509 aureader
->emmblocked
[ep
->type
]++;
510 aureader
->webif_emmblocked
[ep
->type
]++;
511 is_blocked
= aureader
->emmblocked
[ep
->type
];
513 /* we have to write the log for blocked EMM here because
514 this EMM never reach the reader module where the rest
515 of EMM log is done. */
516 if(aureader
->logemm
& 0x08)
518 rdr_log(aureader
, "%s emmtype=%s, len=%d (hex: 0x%02X), idx=0, cnt=%d: blocked (0 ms)",
519 client
->account
->usr
,
525 saveemm(aureader
, ep
, "blocked");
529 client
->lastemm
= time((time_t *)0);
533 { client
->account
->emmok
++; }
534 first_client
->emmok
++;
538 int32_t writeemm
= 1; // 0= dont write emm, 1=write emm, default = write
540 if(aureader
->cachemm
&& !(caid_is_irdeto(caid
) || caid_is_videoguard(caid
))) //Check emmcache early:
542 unsigned char md5tmp
[MD5_DIGEST_LENGTH
];
544 MD5(ep
->emm
, SCT_LEN(ep
->emm
), md5tmp
);
546 struct s_emmcache
*emmcache
= find_emm_cache(md5tmp
); // check emm cache
547 if(emmcache
&& !lastseendone
)
549 cs_ftime(&emmcache
->lastseen
);
550 lastseendone
= true; // in case several aureaders, only do lastseen once!
553 struct s_emmstat
*emmstat
= get_emm_stat(aureader
, md5tmp
, ep
->type
);
556 rdr_log_dbg(aureader
, D_EMM
, "emm count %d rewrite %d", emmstat
->count
, aureader
->rewritemm
);
558 if(emmstat
->count
>= aureader
->rewritemm
)
560 reader_log_emm(aureader
, ep
, emmstat
->count
, 2, NULL
);
561 writeemm
= 0; // dont write emm!
562 saveemm(aureader
, ep
, "emmcache");
563 continue; // found emm match needs no further handling, proceed with next reader!
568 if(writeemm
) // only write on no cache hit or cache hit that needs further rewrite
570 EMM_PACKET
*emm_pack
;
571 if(cs_malloc(&emm_pack
, sizeof(EMM_PACKET
)))
573 rdr_log_dbg(aureader
, D_EMM
, "emm is being sent to reader");
574 memcpy(emm_pack
, ep
, sizeof(EMM_PACKET
));
575 add_job(aureader
->client
, ACTION_READER_EMM
, emm_pack
, sizeof(EMM_PACKET
));
576 saveemm(aureader
, ep
, "written");
580 } // done with this reader, process next reader!
582 if(emmnok
> 0 && emmnok
== ll_count(client
->aureader_list
))
586 { client
->account
->emmnok
++; }
587 first_client
->emmnok
++;
592 int32_t reader_do_emm(struct s_reader
*reader
, EMM_PACKET
*ep
)
594 int32_t rc
, ecs
= 0,count
= 0;
595 unsigned char md5tmp
[MD5_DIGEST_LENGTH
];
599 uint16_t caid
= b2i(2, ep
->caid
);
600 if(reader
->cachemm
&& !(caid_is_irdeto(caid
) || caid_is_videoguard(caid
)))
602 MD5(ep
->emm
, SCT_LEN(ep
->emm
), md5tmp
);
603 int64_t gone
= comp_timeb(&tps
, &last_emm_clean
);
604 if(gone
> (int64_t)1000*60*60*24*30 || gone
< 0) // dont run every time, only on first emm oscam is started and then every 30 days
606 last_emm_clean
= tps
;
607 count
= clean_stale_emm_cache_and_stat(md5tmp
, (int64_t)1000*60*60*24*30); // clean global all emms from all readers after 30 days emm is last seen!
608 cs_log_dbg(D_EMM
, "Cleaned %d emm stale stats and cache entries", count
);
611 struct s_emmcache
*emmcache
= find_emm_cache(md5tmp
); // check emm cache
614 emm_edit_cache(md5tmp
, ep
, true);
617 struct s_emmstat
*emmstat
= get_emm_stat(reader
, md5tmp
, ep
->type
);
620 if(reader
->cachemm
&& emmstat
->count
>= reader
->rewritemm
)
626 ecs
= 1; //rewrite emm
629 cs_ftime(&emmstat
->firstwritten
);
630 emmstat
->lastwritten
= emmstat
->firstwritten
;
634 cs_ftime(&emmstat
->lastwritten
);
636 count
= ++emmstat
->count
;
641 cs_log("abort: oscam seems out of resources!");
646 // Ecs=0 not found in cache
647 // Ecs=1 found in cache, rewrite emm
651 if(is_network_reader(reader
))
653 rdr_log_dbg(reader
, D_READER
, "network emm reader");
654 if(reader
->ph
.c_send_emm
)
656 rc
= reader
->ph
.c_send_emm(ep
);
660 rdr_log_dbg(reader
, D_READER
, "send_emm() support missing");
666 rdr_log_dbg(reader
, D_READER
, "local emm reader");
667 rc
= cardreader_do_emm(reader
, ep
);
671 reader_log_emm(reader
, ep
, count
, rc
, &tps
);
676 void do_emm_from_file(struct s_reader
*reader
)
684 if(reader
->emmfile
[0] == '/')
685 { snprintf(token
, sizeof(token
), "%s", reader
->emmfile
); } //pathname included
687 { get_config_filename(token
, sizeof(token
), reader
->emmfile
); } //only file specified, look in confdir for this file
689 if(!(fp
= fopen(token
, "rb")))
691 rdr_log(reader
, "ERROR: Cannot open EMM file '%s' (errno=%d %s)\n", token
, errno
, strerror(errno
));
696 if(!cs_malloc(&eptmp
, sizeof(EMM_PACKET
)))
702 size_t ret
= fread(eptmp
, sizeof(EMM_PACKET
), 1, fp
);
703 if(ret
< 1 && ferror(fp
))
705 rdr_log(reader
, "ERROR: Can't read EMM from file '%s' (errno=%d %s)", token
, errno
, strerror(errno
));
713 eptmp
->caid
[0] = (reader
->caid
>> 8) & 0xFF;
714 eptmp
->caid
[1] = reader
->caid
& 0xFF;
715 if(reader
->nprov
> 0)
716 { memcpy(eptmp
->provid
, reader
->prid
[0], sizeof(eptmp
->provid
)); }
717 eptmp
->emmlen
= SCT_LEN(eptmp
->emm
);
719 const struct s_cardsystem
*csystem
= get_cardsystem_by_caid(reader
->caid
);
720 if(csystem
&& csystem
->get_emm_type
&& !csystem
->get_emm_type(eptmp
, reader
))
722 rdr_log_dbg(reader
, D_EMM
, "emm skipped, get_emm_type() returns error");
727 //save old b_nano value
728 //clear lsb and lsb+1, so no blocking, and no saving for this nano
729 uint16_t save_s_nano
= reader
->s_nano
;
730 uint16_t save_b_nano
= reader
->b_nano
;
731 uint32_t save_saveemm
= reader
->saveemm
;
733 reader
->s_nano
= reader
->b_nano
= 0;
737 rc
= cardreader_do_emm(reader
, eptmp
);
739 { rdr_log(reader
, "EMM from file %s was successfully written.", token
); }
741 { rdr_log(reader
, "ERROR: EMM read from file %s NOT processed correctly! (rc=%d)", token
, rc
); }
743 //restore old block/save settings
744 reader
->s_nano
= save_s_nano
;
745 reader
->b_nano
= save_b_nano
;
746 reader
->saveemm
= save_saveemm
;
751 void emm_sort_nanos(unsigned char *dest
, const unsigned char *src
, int32_t len
)
753 int32_t w
= 0, c
= -1, j
= 0;
759 int32_t l
= src
[j
+ 1] + 2;
764 cs_log_dbg(D_EMM
, "sortnanos: sanity check failed. Exceeding memory area. Probably corrupted nanos!");
765 memset(dest
, 0, len
); // zero out everything
768 memcpy(&dest
[w
], &src
[j
], l
);
771 else if(src
[j
] > c
&& src
[j
] < n
)