module-camd33.c

   1 #include "globals.h"
   2
   3 #define REQ_SIZE        4
   4 static  uchar   camdbug[256];           // camd send wrong order
   5 static  uchar   *req;
   6
   7 static int camd33_send(uchar *buf, int ml)
   8 {
   9   int l;
  10   if (!pfd) return(-1);
  11   l=boundary(4, ml);
  12   memset(buf+ml, 0, l-ml);
  13   cs_ddump(buf, l, "send %d bytes to client", l);
  14   if (client[cs_idx].crypted)
  15     aes_encrypt(buf, l);
  16   return(send(pfd, buf, l, 0));
  17 }
  18
  19 static int camd33_recv(uchar *buf, int l)
  20 {
  21   int n;
  22   if (!pfd) return(-1);
  23   if ((n=recv(pfd, buf, l, 0))>0)
  24   {
  25     client[cs_idx].last=time((time_t *) 0);
  26     if (client[cs_idx].crypted)
  27       aes_decrypt(buf, n);
  28   }
  29   cs_ddump(buf, n, "received %d bytes from client", n);
  30   return(n);
  31 }
  32
  33 static void camd33_request_emm()
  34 {
  35   int au;
  36   au=client[cs_idx].au;
  37   if ((au<0) || (au>CS_MAXREADER)) return;  // TODO
  38   if (reader[au].hexserial[0])
  39   {
  40     log_emm_request(au);
  41     mbuf[0]=0;
  42     mbuf[1]=reader[au].caid[0]>>8;
  43     mbuf[2]=reader[au].caid[0]&0xff;
  44     memcpy(mbuf+3, reader[au].hexserial, 4);
  45     memcpy(mbuf+7, &reader[au].prid[0][1], 3);
  46     memcpy(mbuf+10, &reader[au].prid[2][1], 3);
  47     camd33_send(mbuf, 13);
  48   }
  49 }
  50
  51 static int camd33_auth_client(in_addr_t ip)
  52 {
  53   int i, rc;
  54   uchar *usr=NULL, *pwd=NULL;
  55   struct s_auth *account;
  56
  57   if (client[cs_idx].crypted=cfg->c33_crypted)
  58   {
  59     struct s_ip *p_ip;
  60     for (p_ip=cfg->c33_plain; (p_ip) && (client[cs_idx].crypted); p_ip=p_ip->next)
  61       if ((client[cs_idx].ip>=p_ip->ip[0]) && (client[cs_idx].ip<=p_ip->ip[1]))
  62         client[cs_idx].crypted=0;
  63   }
  64   if (client[cs_idx].crypted)
  65     aes_set_key(cfg->c33_key);
  66
  67   mbuf[0]=0;
  68   camd33_send(mbuf, 1); // send login-request
  69
  70   for (rc=0, camdbug[0]=0, mbuf[0]=1; (rc<2) && (mbuf[0]); rc++)
  71   {
  72     i=process_input(mbuf, sizeof(mbuf), 1);
  73     if ((i>0) && (!mbuf[0]))
  74     {
  75       usr=mbuf+1;
  76       pwd=usr+strlen(usr)+2;
  77     }
  78     else
  79       memcpy(camdbug+1, mbuf, camdbug[0]=i);
  80   }
  81   for (rc=-1, account=cfg->account; (usr) && (account) && (rc<0); account=account->next)
  82     if ((!strcmp(usr, account->usr)) && (!strcmp(pwd, account->pwd)))
  83       rc=cs_auth_client(account, NULL);
  84   if (!rc)
  85     camd33_request_emm();
  86   else
  87   {
  88     if (rc<0) cs_auth_client(0, usr ? "invalid account" : "no user given");
  89     cs_exit(0);
  90   }
  91 }
  92
  93 static int get_request(uchar *buf, int n)
  94 {
  95   int rc, w;
  96
  97   if (camdbug[0])
  98   {
  99     memcpy(buf, camdbug+1, rc=camdbug[0]);
 100     camdbug[0]=0;
 101     return(rc);
 102   }
 103   for (rc=w=0; !rc;)
 104   {
 105     switch (rc=process_input(buf, 16, (w) ? cfg->ctimeout : cfg->cmaxidle))
 106     {
 107       case -9:
 108         rc=0;
 109       case  0:
 110         if ((w) || cfg->c33_passive)
 111           rc=-1;
 112         else
 113         {
 114           buf[0]=0;
 115           camd33_send(buf, 1);
 116           w++;
 117         }
 118       case -1:
 119         break;
 120       default:
 121         if (!memcmp(buf+1, client[cs_idx].usr, strlen(client[cs_idx].usr)))
 122         {
 123           cs_log("%s still alive", cs_inet_ntoa(client[cs_idx].ip));
 124           rc=w=0;
 125         }
 126               else
 127         {
 128           switch (buf[0])
 129           {
 130             case  2:
 131             case  3: w=boundary(4, buf[9]+10); break;
 132             default: w=n;       // garbage ?
 133           }
 134           w=process_input(buf+16, w-16, 0);
 135           if (w>0) rc+=w;
 136         }
 137     }
 138   }
 139   if (rc<0) rc=0;
 140   return(rc);
 141 }
 142
 143 static void camd33_send_dcw(ECM_REQUEST *er)
 144 {
 145   mbuf[0]=2;
 146   memcpy(mbuf+1, req+(er->cpti*REQ_SIZE), 4);   // get pin
 147   memcpy(mbuf+5, er->cw, 16);
 148   camd33_send(mbuf, 21);
 149   if (!cfg->c33_passive)
 150     camd33_request_emm();
 151 }
 152
 153 static void camd33_process_ecm(uchar *buf, int l)
 154 {
 155   ECM_REQUEST *er;
 156   if (!(er=get_ecmtask()))
 157     return;
 158   memcpy(req+(er->cpti*REQ_SIZE), buf+3, 4);    // save pin
 159   er->l=l-7;
 160   er->caid=b2i(2, buf+1);
 161   memcpy(er->ecm , buf+7, er->l);
 162   get_cw(er);
 163 }
 164
 165 static void camd33_process_emm(uchar *buf, int l)
 166 {
 167   memset(&epg, 0, sizeof(epg));
 168   epg.l=l-7;
 169   memcpy(epg.caid     , buf+1, 2);
 170   memcpy(epg.hexserial, buf+3, 4);
 171   memcpy(epg.emm      , buf+7, epg.l);
 172   do_emm(&epg);
 173 }
 174
 175 static void camd33_server()
 176 {
 177   int n;
 178
 179   req=(uchar *)malloc(CS_MAXPENDING*REQ_SIZE);
 180   if (!req)
 181   {
 182     cs_log("Cannot allocate memory (errno=%d)", errno);
 183     cs_exit(1);
 184   }
 185   memset(req, 0, CS_MAXPENDING*REQ_SIZE);
 186
 187   camd33_auth_client(client[cs_idx].ip);
 188
 189   while ((n=get_request(mbuf, sizeof(mbuf)))>0)
 190   {
 191     switch(mbuf[0])
 192     {
 193       case 2:
 194         camd33_process_ecm(mbuf, n);
 195         break;
 196       case 3:
 197         camd33_process_emm(mbuf, n);
 198         break;
 199       default:
 200         cs_debug("unknown command !");
 201     }
 202   }
 203   cs_disconnect_client();
 204 }
 205
 206 void module_camd33(struct s_module *ph)
 207 {
 208   static PTAB ptab;
 209   ptab.ports[0].s_port = cfg->c33_port;
 210   ph->ptab = &ptab;
 211   ph->ptab->nports = 1;
 212
 213   strcpy(ph->desc, "camd 3.3x");
 214   ph->type=MOD_CONN_TCP;
 215   ph->logtxt=cfg->c33_crypted ? ", crypted" : ", UNCRYPTED!";
 216   ph->multi=1;
 217   ph->watchdog=1;
 218   ph->s_ip=cfg->c33_srvip;
 219   ph->s_handler=camd33_server;
 220   ph->recv=camd33_recv;
 221   ph->send_dcw=camd33_send_dcw;
 222 }