search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix whitespaces thanks to Optimum Power
[oscam.git] / module-newcamd.c
blob5514962ddf70463fb22cde79a51c315e5962bdb1
1 #define MODULE_LOG_PREFIX "newcamd"
2
3 #include "globals.h"
4
5 #ifdef MODULE_NEWCAMD
6
7 #include "cscrypt/des.h"
8 #include "cscrypt/md5.h"
9 #include "module-newcamd.h"
10 #include "module-newcamd-des.h"
11 #include "oscam-array.h"
12 #include "oscam-conf-chk.h"
13 #include "oscam-chk.h"
14 #include "oscam-client.h"
15 #include "oscam-ecm.h"
16 #include "oscam-emm.h"
17 #include "oscam-net.h"
18 #include "oscam-reader.h"
19 #include "oscam-string.h"
20 #include "oscam-time.h"
21
22 const int32_t CWS_NETMSGSIZE = 1024; // csp 0.8.9 (default: 400). This is CWS_NETMSGSIZE. The old default was 240
23 int32_t portion_sid_num = 0;
24
25 #define NCD_CLIENT_ID 0x8888
26 #define CWS_FIRSTCMDNO 0xE0
27
28 typedef enum
29 {
30 MSG_CLIENT_2_SERVER_LOGIN = CWS_FIRSTCMDNO,
31 MSG_CLIENT_2_SERVER_LOGIN_ACK,
32 MSG_CLIENT_2_SERVER_LOGIN_NAK,
33 MSG_CARD_DATA_REQ,
34 MSG_CARD_DATA,
35 MSG_SERVER_2_CLIENT_NAME,
36 MSG_SERVER_2_CLIENT_NAME_ACK,
37 MSG_SERVER_2_CLIENT_NAME_NAK,
38 MSG_SERVER_2_CLIENT_LOGIN,
39 MSG_SERVER_2_CLIENT_LOGIN_ACK,
40 MSG_SERVER_2_CLIENT_LOGIN_NAK,
41 MSG_ADMIN,
42 MSG_ADMIN_ACK,
43 MSG_ADMIN_LOGIN,
44 MSG_ADMIN_LOGIN_ACK,
45 MSG_ADMIN_LOGIN_NAK,
46 MSG_ADMIN_COMMAND,
47 MSG_ADMIN_COMMAND_ACK,
48 MSG_ADMIN_COMMAND_NAK,
49 MSG_KEEPALIVE = CWS_FIRSTCMDNO + 0x1D,
50 MSG_SERVER_2_CLIENT_OSD = 0xD1,
51 MSG_SERVER_2_CLIENT_ALLCARDS = 0xD2,
52 MSG_SERVER_2_CLIENT_ADDCARD = 0xD3,
53 MSG_SERVER_2_CLIENT_REMOVECARD = 0xD4,
54 MSG_SERVER_2_CLIENT_CHANGE_KEY = 0xD5,
55 MSG_SERVER_2_CLIENT_GET_VERSION = 0xD6,
56 MSG_SERVER_2_CLIENT_ADDSID = 0xD7,
57 MSG_CLIENT_2_SERVER_CARDDISCOVER = 0xD8
58 } net_msg_type_t;
59
60 typedef enum
61 {
62 COMMTYPE_CLIENT,
63 COMMTYPE_SERVER
64 } comm_type_t;
65
66 typedef struct custom_data
67 {
68 uint16_t sid;
69 uint16_t caid;
70 int32_t provid;
71 uint8_t x;
72 } custom_data_t;
73
74 #define REQ_SIZE 2
75
76 static int32_t network_message_send(int32_t handle, uint16_t *netMsgId, uint8_t *buffer, int32_t len,
77 uint8_t *deskey, comm_type_t commType, uint16_t sid, custom_data_t *cd)
78 {
79 uint8_t netbuf[CWS_NETMSGSIZE];
80 int32_t head_size;
81 struct s_client *cl = cur_client();
82
83 head_size = (cl->ncd_proto == NCD_524) ? 8 : 12;
84
85 if(len < 3 || len + head_size > CWS_NETMSGSIZE || handle < 0)
86 {
87 return -1;
88 }
89
90 buffer[1] = (buffer[1] & 0xF0) | (((len - 3) >> 8) & 0x0F);
91 buffer[2] = (len - 3) & 0xFF;
92
93 memcpy(netbuf + head_size, buffer, len);
94 len += head_size;
95
96 if(netMsgId)
97 {
98 if(commType == COMMTYPE_CLIENT)
99 {
100 (*netMsgId)++;
101 }
102
103 netbuf[2] = (*netMsgId) >> 8;
104 netbuf[3] = (*netMsgId) & 0xFF;
105 }
106 else
107 {
108 netbuf[2] = 0;
109 netbuf[3] = 0;
110 }
111
112 memset(netbuf + 4, 0, (cl->ncd_proto == NCD_524) ? 4 : 8);
113
114 if(sid)
115 {
116 if(cl->reader && cl->reader->ncd_disable_server_filt
117 && sid != NCD_CLIENT_ID && cl->ncd_proto != NCD_524) // mgclient send header
118 {
119 memcpy(netbuf + 4, cl->ncd_header + 4, 7);
120 }
121
122 netbuf[(cl->ncd_proto == NCD_524) ? 6 : 4] = (uint8_t)(sid >> 8); // sid
123 netbuf[(cl->ncd_proto == NCD_524) ? 7 : 5] = (uint8_t)(sid);
124 }
125
126 //if((!ncd_proto == NCD_524) && (buffer[0] >= 0xD1) && (buffer[0] <= 0xD8)) // extended proto for mg
127 //{
128 // cs_log_dbg(D_CLIENT, "newcamd: extended: msg");
129
130 if(cd)
131 {
132 cs_log_dbg(D_CLIENT, "newcamd: has cd");
133
134 netbuf[4] = cd->sid >> 8;
135 netbuf[5] = cd->sid & 0xFF;
136 netbuf[6] = cd->caid >> 8;
137 netbuf[7] = cd->caid & 0xFF;
138 netbuf[8] = (cd->provid >> 16) & 0xFF;
139 netbuf[9] = (cd->provid >> 8) & 0xFF;
140 netbuf[10] = cd->provid & 0xFF;
141 }
142 //}
143
144 if(NCD_525 == cl->ncd_proto && cfg.ncd_mgclient && MSG_CLIENT_2_SERVER_LOGIN_ACK == buffer[0])
145 {
146 netbuf[4] = 0x6E; // From ExtNewcamSession.java CSP line 65-66 getLoginOkMsg()
147 netbuf[5] = 0x73;
148 netbuf[11] = 0x14;
149 }
150
151 if(NCD_525 == cl->ncd_proto && MSG_SERVER_2_CLIENT_ADDSID == buffer[0])
152 {
153 netbuf[11] = 0x14;
154 }
155
156 //if(buffer[0] == MSG_CLIENT_2_SERVER_LOGIN && cur_client()->reader->ncd_disable_server_filt)
157 //{
158 // netbuf[11] = 0x11; // From ChameleonCwsConnector.java CSP line 59-61 run()
159 //}
160
161 netbuf[0] = (len - 2) >> 8;
162 netbuf[1] = (len - 2) & 0xFF;
163
164 cs_log_dump_dbg(D_CLIENT, netbuf, len, "send %d bytes to %s", len, remote_txt());
165
166 if((len = nc_des_encrypt(netbuf, len, deskey)) < 0)
167 {
168 return -1;
169 }
170
171 netbuf[0] = (len - 2) >> 8;
172 netbuf[1] = (len - 2) & 0xFF;
173
174 return send(handle, netbuf, len, 0);
175 }
176
177 static int32_t send_sid_list(void)
178 {
179 struct s_client *cl = cur_client();
180
181 if(1 != cl->ftab.nfilts || !cl->sidtabs.no || !cfg.ncd_ptab.ports[cl->port_idx].ncd)
182 {
183 cs_log("SID list will not be send to mgcamd client.");
184 return 0;
185 }
186
187 uint8_t mbuf[CWS_NETMSGSIZE];
188 int32_t n = 0, nr = 0, i = 0, sid_num = 0, portion_num = 0;
189 SIDTAB *sidtab = 0;
190 custom_data_t cd;
191
192 cs_log_dbg(D_TRACE, "Send SID list to mgcamd client.");
193
194 memset(&cd, 0, sizeof(cd));
195 FILTER *pfilts = cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts;
196
197 //memset(mbuf, 0, sizeof(mbuf)); // not nessesery
198
199 for(nr = 0, sidtab = cfg.sidtab; sidtab; sidtab = sidtab->next, nr++)
200 {
201 if((cl->sidtabs.no & ((SIDTABBITS)1 << nr)) && (sidtab->num_caid | sidtab->num_provid | sidtab->num_srvid))
202 {
203 for(n = 0; n < pfilts[0].nprids; n++)
204 {
205 if(chk_srvid_match_by_caid_prov(pfilts[0].caid, pfilts[0].prids[n], sidtab))
206 {
207 for(i = 0; i < sidtab->num_srvid; i++)
208 {
209 // First SID goes to header
210 if(0 == portion_sid_num)
211 {
212 cd.sid = sidtab->srvid[i]; // first sid
213 cd.caid = cfg.ncd_ptab.ports[cl->port_idx].s_port; // assigned port
214 cd.provid = 0x1; // mark as deny
215 }
216
217 mbuf[portion_sid_num * 3] = (uint8_t)(sidtab->srvid[i] >> 8);
218 mbuf[portion_sid_num * 3 + 1] = (uint8_t)(sidtab->srvid[i] & 0xFF);
219 mbuf[portion_sid_num * 3 + 2] = 0x1; // mark as deny
220
221 ++sid_num;
222 ++portion_sid_num;
223
224 if(portion_sid_num >= 50)
225 {
226 ++portion_num;
227
228 cs_log_dump_dbg(0x0800, mbuf, (portion_sid_num) * 3, "Portion %d contains %d SIDs",
229 portion_num, portion_sid_num);
230
231 mbuf[0] = MSG_SERVER_2_CLIENT_ADDSID;
232 mbuf[1] = 0x00;
233 mbuf[2] = 0x00;
234
235 network_message_send(cl->udp_fd, &cl->ncd_msgid, mbuf, portion_sid_num * 3,
236 cl->ncd_skey, COMMTYPE_SERVER, 0, &cd);
237 portion_sid_num = 0;
238 }
239 }
240
241 break;
242 }
243 }
244 }
245 }
246
247 if(portion_sid_num)
248 {
249 ++portion_num;
250
251 cs_log_dump_dbg(0x0800, mbuf, (portion_sid_num) * 3, "Portion %d contains %d SIDs",
252 portion_num, portion_sid_num);
253
254 mbuf[0] = MSG_SERVER_2_CLIENT_ADDSID;
255 mbuf[1] = 0x0;
256 mbuf[2] = 0x0;
257
258 network_message_send(cl->udp_fd, &cl->ncd_msgid, mbuf, portion_sid_num * 3,
259 cl->ncd_skey, COMMTYPE_SERVER, 0, &cd);
260 portion_sid_num = 0;
261 }
262
263 cs_log("%d deny SIDs in the %d messages were sent to the client.", sid_num, portion_num);
264
265 return sid_num;
266 }
267
268 static int32_t network_message_receive(int32_t handle, uint16_t *netMsgId, uint8_t *buffer,
269 uint8_t *deskey, comm_type_t commType)
270 {
271 int32_t len, ncd_off, msgid;
272 uint8_t netbuf[CWS_NETMSGSIZE];
273 int32_t returnLen;
274 struct s_client *cl = cur_client();
275
276 if(!buffer || handle < 0)
277 {
278 return -1;
279 }
280
281 len = cs_recv(handle, netbuf, 2, 0);
282
283 cs_log_dbg(D_CLIENT, "nmr(): len=%d, errno=%d", len, (len == -1) ? errno : 0);
284
285 if(!len)
286 {
287 cs_log_dbg(D_CLIENT, "nmr: 1 return 0");
288
289 if(commType == COMMTYPE_CLIENT)
290 {
291 network_tcp_connection_close(cl->reader, "receive error1");
292 }
293 else
294 {
295 cs_disconnect_client(cl);
296 }
297
298 return 0;
299 }
300
301 if(len != 2)
302 {
303 cs_log_dbg(D_CLIENT, "nmr: len!=2");
304
305 if(commType == COMMTYPE_CLIENT)
306 {
307 network_tcp_connection_close(cl->reader, "receive error2");
308 }
309 else
310 {
311 cs_disconnect_client(cl);
312 }
313
314 return -1;
315 }
316
317 if(((netbuf[0] << 8) | netbuf[1]) > CWS_NETMSGSIZE - 2)
318 {
319 cs_log_dbg(D_CLIENT, "nmr: received data len=%d longer than CWS_NETMSGSIZE=%d",
320 ((netbuf[0] << 8) | netbuf[1]), CWS_NETMSGSIZE);
321 cs_log_dbg(D_CLIENT, "nmr: 1 return -1");
322 return -1;
323 }
324
325 len = cs_recv(handle, netbuf + 2, (netbuf[0] << 8) | netbuf[1], 0);
326 if(!len)
327 {
328 cs_log_dbg(D_CLIENT, "nmr: 2 return 0");
329 return 0;
330 }
331
332 if(len != ((netbuf[0] << 8) | netbuf[1]))
333 {
334 cs_log_dbg(D_CLIENT, "nmr: 2 return -1");
335 return -1;
336 }
337
338 len += 2;
339
340 if((len = nc_des_decrypt(netbuf, len, deskey)) < 11) // 15(newcamd525) or 11 ???
341 {
342 cs_log_dbg(D_CLIENT, "nmr: can't decrypt, invalid des key?");
343 cs_sleepms(2000);
344 return -1;
345 }
346
347 //cs_log_dump_dbg(D_CLIENT, netbuf, len, "nmr: decrypted data, len=%d", len);
348
349 msgid = (netbuf[2] << 8) | netbuf[3];
350
351 if(cl->ncd_proto == NCD_AUTO)
352 {
353 // auto detect
354 int32_t l5 = (((netbuf[13] & 0x0F) << 8) | netbuf[14]) + 3;
355 int32_t l4 = (((netbuf[9] & 0x0F) << 8) | netbuf[10]) + 3;
356
357 if((l5 <= len - 12) && ((netbuf[12] & 0xF0) == 0xE0 || (netbuf[12] & 0xF0) == 0x80))
358 {
359 cl->ncd_proto = NCD_525;
360 }
361 else if((l4 <= len - 8) && ((netbuf[8] & 0xF0) == 0xE0 || (netbuf[9] & 0xF0) == 0x80))
362 {
363 cl->ncd_proto = NCD_524;
364 }
365 else
366 {
367 cs_log_dbg(D_CLIENT, "nmr: 4 return -1");
368 return -1;
369 }
370
371 cs_log_dbg(D_CLIENT, "nmr: autodetect: newcamd52%d used", (cl->ncd_proto == NCD_525) ? 5 : 4);
372 }
373
374 ncd_off = (cl->ncd_proto == NCD_525) ? 4 : 0;
375
376 returnLen = (((netbuf[9 + ncd_off] & 0x0F) << 8) | netbuf[10 + ncd_off]) + 3;
377 if(returnLen > (len - (8 + ncd_off)))
378 {
379 cs_log_dbg(D_CLIENT, "nmr: 4 return -1");
380 return -1;
381 }
382
383 //cs_log_dump_dbg(D_CLIENT, netbuf, len, "nmr: decrypted data");
384
385 if(netMsgId)
386 {
387 switch(commType)
388 {
389 case COMMTYPE_SERVER:
390 *netMsgId = msgid;
391 break;
392
393 case COMMTYPE_CLIENT:
394 //if(*netMsgId != ((netbuf[2] << 8) | netbuf[3]))
395 //{
396 cs_log_dbg(D_CLIENT, "nmr: netMsgId=%d, from server=%d, ", *netMsgId, msgid);
397 //return -2;
398 //}
399 break;
400
401 default:
402 cs_log_dbg(D_CLIENT, "nmr: 5 return -1");
403 return -1;
404 break;
405 }
406 }
407
408 switch(commType)
409 {
410 case COMMTYPE_SERVER:
411 memcpy(cl->ncd_header, netbuf, (8 + ncd_off));
412 buffer[0] = (cl->ncd_proto == NCD_525) ? netbuf[4] : netbuf[6]; // sid
413 buffer[1] = (cl->ncd_proto == NCD_525) ? netbuf[5] : netbuf[7];
414 break;
415
416 case COMMTYPE_CLIENT:
417 memcpy(cl->ncd_header, netbuf, (8 + ncd_off));
418 buffer[0] = netbuf[2]; // msgid
419 buffer[1] = netbuf[3];
420 break;
421 }
422
423 memcpy(buffer + 2, netbuf + (8 + ncd_off), returnLen);
424 return returnLen + 2;
425 }
426
427 static void network_cmd_no_data_send(int32_t handle, uint16_t *netMsgId, net_msg_type_t cmd,
428 uint8_t *deskey, comm_type_t commType)
429 {
430 uint8_t buffer[3];
431
432 buffer[0] = cmd;
433 buffer[1] = 0;
434 buffer[2] = 0;
435
436 network_message_send(handle, netMsgId, buffer, 3, deskey, commType, 0, NULL);
437 }
438
439 static int32_t network_cmd_no_data_receive(int32_t handle, uint16_t *netMsgId, uint8_t *deskey,
440 comm_type_t commType)
441 {
442 uint8_t buffer[CWS_NETMSGSIZE];
443
444 if(network_message_receive(handle, netMsgId, buffer, deskey, commType) != 3 + 2)
445 {
446 return -1;
447 }
448
449 return buffer[2];
450 }
451
452 void newcamd_reply_ka(void)
453 {
454 struct s_client *cl = cur_client();
455
456 if(!cl)
457 {
458 return;
459 }
460
461 if(!cl->udp_fd)
462 {
463 cs_log_dbg(D_CLIENT, "invalid client fd=%d", cl->udp_fd);
464 return;
465 }
466
467 cs_log_dbg(D_CLIENT, "send keepalive to client fd=%d", cl->udp_fd);
468
469 if(cl->reader)
470 {
471 cl->reader->last_s = time((time_t *)0);
472 }
473
474 network_cmd_no_data_send(cl->udp_fd, &cl->ncd_msgid, MSG_KEEPALIVE, cl->ncd_skey, COMMTYPE_SERVER);
475 }
476
477 static int32_t connect_newcamd_server(void)
478 {
479 int32_t i;
480 uint8_t buf[CWS_NETMSGSIZE];
481 uint8_t keymod[14];
482 uint8_t key[16];
483 int32_t handle = 0;
484
485 uint32_t idx;
486 uint8_t passwdcrypt[120];
487 uint8_t login_answer;
488 int32_t bytes_received;
489 struct s_client *cl = cur_client();
490
491 if(cl->reader->device[0] == 0 || cl->reader->r_pwd[0] == 0
492 || cl->reader->r_usr[0] == 0 || cl->reader->r_port == 0)
493 {
494 return -5;
495 }
496
497 // 1. Connect
498 handle = network_tcp_connection_open(cl->reader);
499 if(handle < 0)
500 {
501 return -1;
502 }
503
504 // 2. Get init sequence
505 cl->ncd_msgid = 0;
506 if(read(handle, keymod, sizeof(keymod)) != sizeof(keymod))
507 {
508 cs_log("server does not return 14 bytes");
509 network_tcp_connection_close(cl->reader, "connect error");
510 return -2;
511 }
512
513 cs_log_dump_dbg(D_CLIENT, keymod, sizeof(cl->reader->ncd_key), "server init sequence:");
514 nc_des_login_key_get(keymod, cl->reader->ncd_key, sizeof(cl->reader->ncd_key), key);
515
516 // 3. Send login info
517 idx = 3;
518 buf[0] = MSG_CLIENT_2_SERVER_LOGIN;
519 buf[1] = 0;
520
521 cs_strncpy((char *)buf + idx, cl->reader->r_usr, sizeof(buf) - idx);
522 __md5_crypt(cl->reader->r_pwd, "$1$abcdefgh$", (char *)passwdcrypt);
523 idx += cs_strlen(cl->reader->r_usr) + 1;
524 cs_strncpy((char *)buf + idx, (const char *)passwdcrypt, sizeof(buf) - idx);
525
526 network_message_send(handle, 0, buf, idx + cs_strlen((char *)passwdcrypt) + 1, key,
527 COMMTYPE_CLIENT, NCD_CLIENT_ID, NULL);
528
529 // 3.1 Get login answer
530 login_answer = network_cmd_no_data_receive(handle, &cl->ncd_msgid, key, COMMTYPE_CLIENT);
531 if(login_answer == MSG_CLIENT_2_SERVER_LOGIN_NAK)
532 {
533 cs_log("login failed for user '%s'", cl->reader->r_usr);
534 network_tcp_connection_close(cl->reader, "login error1");
535 return -3;
536 }
537
538 if(login_answer != MSG_CLIENT_2_SERVER_LOGIN_ACK)
539 {
540 cs_log("expected MSG_CLIENT_2_SERVER_LOGIN_ACK (%02X), received %02X",
541 MSG_CLIENT_2_SERVER_LOGIN_ACK, login_answer);
542
543 network_tcp_connection_close(cl->reader, "login error2");
544 return -3;
545 }
546
547 // 3.2 Set connection info
548 cl->reader->tcp_connected = 1;
549 cl->crypted = 1;
550
551 // 4. Send MSG_CARD_DATE_REQ
552 nc_des_login_key_get(cl->reader->ncd_key, passwdcrypt, cs_strlen((char *)passwdcrypt), key);
553 network_cmd_no_data_send(handle, &cl->ncd_msgid, MSG_CARD_DATA_REQ, key, COMMTYPE_CLIENT);
554
555 bytes_received = network_message_receive(handle, &cl->ncd_msgid, buf, key, COMMTYPE_CLIENT);
556 if(bytes_received < 16 || buf[2] != MSG_CARD_DATA)
557 {
558 cs_log("expected MSG_CARD_DATA (%02X), received %02X", MSG_CARD_DATA, buf[2]);
559
560 network_tcp_connection_close(cl->reader, "receive error");
561 return -4;
562 }
563
564 // 5. Parse CAID and PROVID(s)
565 cl->reader->caid = (uint16_t)((buf[6] << 8) | buf[7]);
566
567 // handle special serial format in newcamd. See newcamd_auth_client
568 newcamd_to_hexserial(buf + 10, cl->reader->hexserial, cl->reader->caid);
569
570 cs_log("Newcamd Server: %s:%d - UserID: %i", cl->reader->device, cl->reader->r_port, buf[3 + 2]);
571
572 cs_log("CAID: %04X - UA: %02X%02X%02X%02X%02X%02X%02X%02X - Provider # %i",
573 cl->reader->caid, cl->reader->hexserial[0], cl->reader->hexserial[1], cl->reader->hexserial[2],
574 cl->reader->hexserial[3], cl->reader->hexserial[4], cl->reader->hexserial[5], cl->reader->hexserial[6],
575 cl->reader->hexserial[7], buf[14 + 2]);
576
577 cl->reader->nprov = buf[14 + 2];
578 memset(cl->reader->prid, 0x00, sizeof(cl->reader->prid));
579
580 for(i = 0; i < cl->reader->nprov; i++)
581 {
582 if(caid_is_betacrypt(cl->reader->caid) || caid_is_irdeto(cl->reader->caid))
583 {
584 memcpy(&cl->reader->prid[i], buf + 22 + 2 + 11 * i, 4);
585 }
586 else
587 {
588 cl->reader->prid[i][1] = buf[15 + 2 + 11 * i];
589 cl->reader->prid[i][2] = buf[16 + 2 + 11 * i];
590 cl->reader->prid[i][3] = buf[17 + 2 + 11 * i];
591 }
592
593 memcpy(&cl->reader->sa[i], buf + 22 + 2 + 11 * i, 4); // the 4 first bytes are not read
594
595 cs_log("Provider ID: %02X%02X%02X - SA: %02X%02X%02X%02X",
596 cl->reader->prid[i][1], cl->reader->prid[i][2], cl->reader->prid[i][3], cl->reader->sa[i][0],
597 cl->reader->sa[i][1], cl->reader->sa[i][2], cl->reader->sa[i][3]);
598 }
599
600 memcpy(cl->reader->ncd_skey, key, 16);
601
602 // 6. Set card inserted
603 cl->reader->tcp_connected = 2;
604 cl->reader->card_status = CARD_INSERTED;
605 cl->reader->last_g = cl->reader->last_s = time((time_t *)0);
606
607 // Only after connect() on cl->udp_fd (Linux)
608 cl->pfd = cl->udp_fd;
609
610 if(cl->reader->ncd_disable_server_filt) // act like mgclient
611 {
612 network_cmd_no_data_send(handle, &cl->ncd_msgid, MSG_SERVER_2_CLIENT_GET_VERSION, key, COMMTYPE_CLIENT);
613 }
614
615 return 0;
616 }
617
618 static int32_t newcamd_connect(void)
619 {
620 struct s_client *cl = cur_client();
621
622 if(cl->reader->tcp_connected < 2 && connect_newcamd_server() < 0)
623 {
624 return 0;
625 }
626
627 if(!cl->udp_fd)
628 {
629 return 0;
630 }
631
632 return 1;
633 }
634
635 static int32_t newcamd_send(uint8_t *buf, int32_t ml, uint16_t sid)
636 {
637 struct s_client *cl = cur_client();
638
639 if(!newcamd_connect())
640 {
641 return -1;
642 }
643
644 return network_message_send(cl->udp_fd, &cl->ncd_msgid, buf, ml,
645 cl->reader->ncd_skey, COMMTYPE_CLIENT, sid, NULL);
646 }
647
648 static int32_t newcamd_recv(struct s_client *client, uint8_t *buf, int32_t UNUSED(l))
649 {
650 int32_t rc, rs;
651
652 if(client->typ == 'c')
653 {
654 rs = network_message_receive(client->udp_fd, &client->ncd_msgid, buf,
655 client->ncd_skey, COMMTYPE_SERVER);
656 }
657 else
658 {
659 if(!client->udp_fd)
660 {
661 return (-1);
662 }
663
664 rs = network_message_receive(client->udp_fd, &client->ncd_msgid, buf,
665 client->reader->ncd_skey, COMMTYPE_CLIENT);
666 }
667
668 if(rs < 5)
669 {
670 rc = -1;
671 }
672 else
673 {
674 rc = rs;
675 }
676
677 cs_log_dump_dbg(D_CLIENT, buf, rs, "received %d bytes from %s", rs, remote_txt());
678
679 client->last = time((time_t *) 0);
680
681 if(rc == -1)
682 {
683 if(rs > 0)
684 {
685 cs_log("packet is too small (%d bytes)", rs);
686 }
687 else
688 {
689 cs_log("Connection closed to %s", remote_txt());
690 }
691 }
692
693 return (rc);
694 }
695
696 static void mk_user_au_ftab(struct s_reader *aureader, FILTER *filt)
697 {
698 int32_t i, j, found;
699 FILTER old_filter;
700
701 memcpy(&old_filter, filt, sizeof(old_filter));
702 memset(filt, 0, sizeof(*filt));
703
704 filt->caid = aureader->caid;
705 if(filt->caid == 0)
706 {
707 filt->caid = old_filter.caid;
708 }
709
710 for(i = 0; i < aureader->nprov && filt->nprids < CS_MAXPROV; i++)
711 {
712 filt->prids[filt->nprids++] = b2i(3, &aureader->prid[i][1]);
713 }
714
715 for(i = 0; i < old_filter.nprids && filt->nprids < CS_MAXPROV; i++)
716 {
717 for(j = found = 0; (!found) && (j < filt->nprids); j++)
718 {
719 if(old_filter.prids[i] == filt->prids[j])
720 {
721 found = 1;
722 }
723 }
724
725 if(!found)
726 {
727 filt->prids[filt->nprids++] = old_filter.prids[i];
728 }
729 }
730 }
731
732 static void mk_user_ftab(FILTER *filt)
733 {
734 int32_t port_idx, i, j, k, c;
735 struct s_client *cl = cur_client();
736
737 memset(filt, 0, sizeof(*filt));
738
739 port_idx = cl->port_idx;
740 if(!cfg.ncd_ptab.ports[port_idx].ncd)
741 {
742 return;
743 }
744
745 FILTER *psfilt = &cfg.ncd_ptab.ports[port_idx].ncd->ncd_ftab.filts[0];
746
747 // 1. CAID
748 // search server CAID in client CAID
749 for(c = i = 0; i < cl->ctab.ctnum; i++)
750 {
751 CAIDTAB_DATA *d = &cl->ctab.ctdata[i];
752
753 int32_t ctab_caid = d->caid & d->mask;
754 if(ctab_caid)
755 {
756 c++;
757 }
758
759 if(psfilt->caid == ctab_caid)
760 {
761 filt->caid = ctab_caid;
762 break;
763 }
764 }
765
766 if(c && !filt->caid)
767 {
768 cs_log("no valid CAID found in CAID for user '%s'", cl->account->usr);
769 return;
770 }
771
772 // search CAID in client IDENT
773 cs_log_dbg(D_CLIENT, "client[%8lX].%s nfilts=%d, filt.caid=%04X", (unsigned long)pthread_self(),
774 cl->account->usr, cl->ftab.nfilts, filt->caid);
775
776 if(!filt->caid && cl->ftab.nfilts)
777 {
778 int32_t fcaids;
779 for(i = fcaids = 0; i < cl->ftab.nfilts; i++)
780 {
781 uint16_t ucaid = cl->ftab.filts[i].caid;
782 if(ucaid)
783 {
784 fcaids++;
785 }
786
787 if(ucaid && psfilt->caid == ucaid)
788 {
789 filt->caid = ucaid;
790 break;
791 }
792 }
793
794 if(fcaids == cl->ftab.nfilts && !filt->caid)
795 {
796 cs_log("no valid CAID found in IDENT for user '%s'", cl->account->usr);
797 //cs_disconnect_client();
798 return;
799 }
800 }
801
802 // empty client CAID - use server CAID
803 if(!filt->caid)
804 {
805 filt->caid = psfilt->caid;
806 }
807
808 // 2. PROVID
809 if(!cl->ftab.nfilts)
810 {
811 int32_t add;
812 for(i = 0; i < psfilt->nprids && filt->nprids < CS_MAXPROV; i++)
813 {
814 // use server PROVID(s) (and only those which are in user's groups)
815 add = 0;
816 struct s_reader *rdr;
817
818 for(rdr = first_active_reader; rdr ; rdr = rdr->next)
819 {
820 if(rdr->grp & cl->grp)
821 {
822 if(!rdr->ftab.nfilts)
823 {
824 if(is_network_reader(rdr))
825 {
826 add = 1;
827 }
828
829 for(j = 0; !add && j < rdr->nprov; j++)
830 {
831 if(b2i(3, &rdr->prid[j][1]) == psfilt->prids[i])
832 {
833 add = 1;
834 }
835 }
836 }
837 else
838 {
839 for(j = 0; !add && j < rdr->ftab.nfilts; j++)
840 {
841 uint32_t rcaid = rdr->ftab.filts[j].caid;
842 if(!rcaid || rcaid == filt->caid)
843 {
844 for(k = 0; !add && k < rdr->ftab.filts[j].nprids; k++)
845 {
846 if(rdr->ftab.filts[j].prids[k] == psfilt->prids[i])
847 {
848 add = 1;
849 }
850 }
851 }
852 }
853 }
854 }
855 }
856
857 if(add)
858 {
859 filt->prids[filt->nprids++] = psfilt->prids[i];
860 }
861 }
862
863 memcpy(filt, psfilt, sizeof(*filt));
864 return;
865 }
866
867 // search in client IDENT
868 for(j = 0; j < cl->ftab.nfilts; j++)
869 {
870 uint32_t ucaid = cl->ftab.filts[j].caid;
871
872 cs_log_dbg(D_CLIENT, "client caid %d: %04X", j, ucaid);
873
874 if(!ucaid || ucaid == filt->caid)
875 {
876 for(i = 0; i < psfilt->nprids && filt->nprids < CS_MAXPROV; i++)
877 {
878 cs_log_dbg(D_CLIENT, "search server provid %d: %06X", i, psfilt->prids[i]);
879
880 if(cl->ftab.filts[j].nprids)
881 {
882 for(k = 0; k < cl->ftab.filts[j].nprids && filt->nprids < CS_MAXPROV; k++)
883 {
884 if(cl->ftab.filts[j].prids[k] == psfilt->prids[i])
885 {
886 filt->prids[filt->nprids++] = cl->ftab.filts[j].prids[k];
887 }
888 }
889 }
890 else
891 {
892 filt->prids[filt->nprids++] = psfilt->prids[i];
893 // allow server PROVID(s) if no PROVID(s) specified in IDENT
894 }
895 }
896 }
897 }
898
899 if(!filt->nprids)
900 {
901 cs_log("no valid PROVID(s) found in CAID for user '%s'", cl->account->usr);
902 //cs_disconnect_client();
903 }
904 }
905
906 static int8_t newcamd_auth_client(IN_ADDR_T ip, uint8_t *deskey)
907 {
908 int32_t i, ok, rc, sid_list;
909 uint8_t *usr = NULL, *pwd = NULL;
910 struct s_auth *account;
911 uint8_t buf[14];
912 uint8_t key[16];
913 uint8_t passwdcrypt[120];
914 struct s_reader *aureader = NULL, *rdr = NULL;
915 struct s_client *cl = cur_client();
916 uint8_t mbuf[CWS_NETMSGSIZE];
917
918 sid_list = 0;
919
920 ok = cfg.ncd_allowed ? check_ip(cfg.ncd_allowed, ip) : 1;
921
922 if(!ok)
923 {
924 cs_auth_client(cl, (struct s_auth *)0, NULL);
925 return -1;
926 }
927
928 // make random 14 bytes
929 get_random_bytes(buf, 14);
930
931 // send init sequence
932 send(cl->udp_fd, buf, 14, 0);
933 nc_des_login_key_get(buf, deskey, 14, key);
934 memcpy(cl->ncd_skey, key, 16);
935 cl->ncd_msgid = 0;
936
937 i = process_input(mbuf, sizeof(mbuf), cfg.cmaxidle);
938 if(i > 0)
939 {
940 if(mbuf[2] != MSG_CLIENT_2_SERVER_LOGIN)
941 {
942 cs_log_dbg(D_CLIENT, "expected MSG_CLIENT_2_SERVER_LOGIN (%02X), received %02X",
943 MSG_CLIENT_2_SERVER_LOGIN, mbuf[2]);
944 return -1;
945 }
946
947 usr = mbuf + 5;
948 pwd = usr + cs_strlen((char *)usr) + 1;
949 }
950 else
951 {
952 cs_log_dbg(D_CLIENT, "bad client login request");
953 return -1;
954 }
955
956 cl->ncd_client_id = (mbuf[0] << 8) | mbuf[1];
957 const char *client_name = newcamd_get_client_name(cl->ncd_client_id);
958
959 #if defined(TCP_KEEPIDLE)
960 if(cl->ncd_client_id == 0x4453) // DiabloWifi has problems with TCPKeepAlive
961 {
962 int32_t flag = 600;
963
964 // send first keepalive packet after 600 seconds of
965 // last package received (keepalive packets included)
966 if(setsockopt(cl->udp_fd, IPPROTO_TCP, TCP_KEEPIDLE, &flag, sizeof(flag)) && errno != EBADF)
967 {
968 cs_log("Setting TCP_KEEPIDLE failed, errno=%d, %s", errno, strerror(errno));
969 }
970 else
971 {
972 cs_log("WARNING: Setting TCP_KEEPIDLE to 10 minutes for bugged DiabloWifi. Note that this might lead to not detected broken connections or multiple connections.");
973 }
974 }
975 #endif
976
977 if(cl->ncd_proto == NCD_525 && 0x6D == mbuf[0] && 0x67 == mbuf[1] && 0x11 == cl->ncd_header[11])
978 {
979 sid_list = 1;
980 }
981
982 for(ok = 0, account = cfg.account; usr && account && (!ok); account = account->next)
983 {
984 cs_log_dbg(D_CLIENT, "account->usr=%s", account->usr);
985
986 if(strcmp((char *)usr, account->usr) == 0)
987 {
988 __md5_crypt(ESTR(account->pwd), "$1$abcdefgh$", (char *)passwdcrypt);
989 cs_log_dbg(D_CLIENT, "account->pwd=%s", passwdcrypt);
990
991 if(strcmp((char *)pwd, (const char *)passwdcrypt) == 0)
992 {
993 cl->crypted = 1;
994 char e_txt[20];
995
996 snprintf(e_txt, 20, "%s:%d", "newcamd", cfg.ncd_ptab.ports[cl->port_idx].s_port);
997
998 if((rc = cs_auth_client(cl, account, e_txt)) == 2)
999 {
1000 cs_log("hostname or ip mismatch for user %s (%s)", usr, client_name);
1001 break;
1002 }
1003 else if(rc != 0)
1004 {
1005 cs_log("account is invalid for user %s (%s)", usr, client_name);
1006 break;
1007 }
1008 else
1009 {
1010 cs_log("user %s authenticated successfully (%s)", usr, client_name);
1011 ok = 1;
1012 break;
1013 }
1014 }
1015 else
1016 {
1017 cs_log("user %s is providing a wrong password (%s)", usr, client_name);
1018 }
1019 }
1020 }
1021
1022 if(!ok && !account)
1023 {
1024 cs_log("user %s is trying to connect but doesnt exist ! (%s)", usr, client_name);
1025 usr = 0;
1026 }
1027
1028 // check for non ready reader and reject client
1029 for(rdr = first_active_reader; rdr ; rdr = rdr->next)
1030 {
1031 if(!cfg.ncd_ptab.ports[cl->port_idx].ncd)
1032 {
1033 continue;
1034 }
1035
1036 if(rdr->caid == cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid)
1037 {
1038 if(rdr->card_status == CARD_NEED_INIT)
1039 {
1040 cs_log("init for reader %s not finished -> reject client", rdr->label);
1041 ok = 0;
1042 }
1043 break;
1044 }
1045 }
1046
1047 if(ok)
1048 {
1049 LL_ITER itr = ll_iter_create(cl->aureader_list);
1050 while((rdr = ll_iter_next(&itr)))
1051 {
1052 int32_t n;
1053
1054 if(!cfg.ncd_ptab.ports[cl->port_idx].ncd)
1055 {
1056 continue;
1057 }
1058
1059 if(cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid == 0
1060 && !rdr->audisabled && (is_network_reader(rdr) || rdr->card_status == CARD_INSERTED))
1061 {
1062 aureader = rdr;
1063 break;
1064 }
1065
1066 for(n = 0; n < cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].nprids; n++)
1067 {
1068 if(emm_reader_match(rdr, cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid,
1069 cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].prids[n]))
1070 {
1071 aureader = rdr;
1072 break;
1073 }
1074 }
1075
1076 if(aureader)
1077 {
1078 break;
1079 }
1080 }
1081
1082 if(aureader)
1083 {
1084 cs_log("AU enabled for user %s on reader %s", usr, aureader->label);
1085 }
1086 else
1087 {
1088 cs_log("AU disabled for user %s", usr);
1089 }
1090 }
1091
1092 network_cmd_no_data_send(cl->udp_fd, &cl->ncd_msgid,
1093 (ok) ? MSG_CLIENT_2_SERVER_LOGIN_ACK : MSG_CLIENT_2_SERVER_LOGIN_NAK,
1094 cl->ncd_skey, COMMTYPE_SERVER);
1095
1096 if(ok)
1097 {
1098 FILTER usr_filter;
1099 FILTER *pufilt = &usr_filter;
1100
1101 nc_des_login_key_get(deskey, passwdcrypt, cs_strlen((char *)passwdcrypt), key);
1102 memcpy(cl->ncd_skey, key, 16);
1103
1104 i = process_input(mbuf, sizeof(mbuf), cfg.cmaxidle);
1105 if(i > 0)
1106 {
1107 int32_t j, len = 15;
1108
1109 if(mbuf[2] != MSG_CARD_DATA_REQ)
1110 {
1111 cs_log_dbg(D_CLIENT, "expected MSG_CARD_DATA_REQ (%02X), received %02X",
1112 MSG_CARD_DATA_REQ, mbuf[2]);
1113 return -1;
1114 }
1115
1116 mk_user_ftab(&usr_filter);
1117
1118 // set userfilter for au enabled clients
1119 if(aureader)
1120 {
1121 #ifdef WITH_EMU
1122 if(aureader->typ == R_EMU)
1123 {
1124 usr_filter = *get_emu_prids_for_caid(aureader, cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid);
1125 }
1126 else
1127 #endif
1128 mk_user_au_ftab(aureader, &usr_filter);
1129 }
1130
1131 ftab_clear(&cl->ftab);
1132
1133 if(!cfg.ncd_mgclient)
1134 {
1135 ftab_add(&cl->ftab, &usr_filter);
1136 }
1137
1138 mbuf[0] = MSG_CARD_DATA;
1139 mbuf[1] = 0x00;
1140 mbuf[2] = 0x00;
1141
1142 if(aureader)
1143 {
1144 mbuf[3] = 1;
1145 }
1146 else
1147 {
1148 mbuf[3] = get_threadnum(cl) + 10; // Unique user number
1149 }
1150
1151 mbuf[4] = (uint8_t)(pufilt->caid >> 8);
1152 mbuf[5] = (uint8_t)(pufilt->caid);
1153 mbuf[6] = 0x00;
1154 mbuf[7] = 0x00;
1155
1156 if(aureader)
1157 {
1158 hexserial_to_newcamd(aureader->hexserial, mbuf + 8, pufilt->caid);
1159 }
1160 else
1161 {
1162 memset(&mbuf[8], 0, 6); // mbuf[8] - mbuf[13]
1163 }
1164
1165 mbuf[14] = pufilt->nprids;
1166
1167 for(j = 0; j < pufilt->nprids; j++)
1168 {
1169 if(caid_is_betacrypt(pufilt->caid) || caid_is_irdeto(pufilt->caid))
1170 {
1171 mbuf[15 + 11 * j] = 0;
1172 mbuf[16 + 11 * j] = 0;
1173 mbuf[17 + 11 * j] = j;
1174 }
1175 else
1176 {
1177 mbuf[15 + 11 * j] = (uint8_t)(pufilt->prids[j] >> 16);
1178 mbuf[16 + 11 * j] = (uint8_t)(pufilt->prids[j] >> 8);
1179 mbuf[17 + 11 * j] = (uint8_t)(pufilt->prids[j]);
1180 }
1181
1182 mbuf[18 + 11 * j] = 0x00;
1183 mbuf[19 + 11 * j] = 0x00;
1184 mbuf[20 + 11 * j] = 0x00;
1185 mbuf[21 + 11 * j] = 0x00;
1186
1187 if(aureader)
1188 {
1189 // check if user provid from IDENT exists on card
1190 int32_t k, found;
1191 uint32_t rprid;
1192 found = 0;
1193
1194 if(pufilt->caid == aureader->caid && aureader->typ != R_EMU)
1195 {
1196 for(k = 0; k < aureader->nprov; k++)
1197 {
1198 rprid = b2i(3, &aureader->prid[k][1]);
1199 if(rprid == pufilt->prids[j])
1200 {
1201 if(caid_is_betacrypt(pufilt->caid) || caid_is_irdeto(pufilt->caid))
1202 {
1203 mbuf[22 + 11 * j] = aureader->prid[k][0];
1204 mbuf[23 + 11 * j] = aureader->prid[k][1];
1205 mbuf[24 + 11 * j] = aureader->prid[k][2];
1206 mbuf[25 + 11 * j] = aureader->prid[k][3];
1207 }
1208 else
1209 {
1210 mbuf[22 + 11 * j] = aureader->sa[k][0];
1211 mbuf[23 + 11 * j] = aureader->sa[k][1];
1212 mbuf[24 + 11 * j] = aureader->sa[k][2];
1213 mbuf[25 + 11 * j] = aureader->sa[k][3];
1214 }
1215
1216 found = 1;
1217 break;
1218 }
1219 }
1220 }
1221
1222 if(!found)
1223 {
1224 mbuf[22 + 11 * j] = 0x00;
1225 mbuf[23 + 11 * j] = 0x00;
1226 mbuf[24 + 11 * j] = 0x00;
1227 mbuf[25 + 11 * j] = 0x00;
1228 }
1229 }
1230 else
1231 {
1232 if(caid_is_betacrypt(pufilt->caid) || caid_is_irdeto(pufilt->caid))
1233 {
1234 mbuf[22 + 11 * j] = 0x00;
1235 mbuf[23 + 11 * j] = (uint8_t)(pufilt->prids[j] >> 16);
1236 mbuf[24 + 11 * j] = (uint8_t)(pufilt->prids[j] >> 8);
1237 mbuf[25 + 11 * j] = (uint8_t)(pufilt->prids[j]);
1238 }
1239 else
1240 {
1241 mbuf[22 + 11 * j] = 0x00;
1242 mbuf[23 + 11 * j] = 0x00;
1243 mbuf[24 + 11 * j] = 0x00;
1244 mbuf[25 + 11 * j] = 0x00;
1245 }
1246 }
1247
1248 len += 11;
1249 }
1250
1251 custom_data_t cd;
1252 memset(&cd, 0, sizeof(cd));
1253
1254 if(aureader)
1255 {
1256 if((aureader->blockemm & EMM_GLOBAL) && !(aureader->saveemm & EMM_GLOBAL))
1257 {
1258 cd.sid |= 4;
1259 }
1260
1261 if((aureader->blockemm & EMM_SHARED) && !(aureader->saveemm & EMM_SHARED))
1262 {
1263 cd.sid |= 2;
1264 }
1265
1266 if((aureader->blockemm & EMM_UNIQUE) && !(aureader->saveemm & EMM_UNIQUE))
1267 {
1268 cd.sid |= 1;
1269 }
1270 }
1271
1272 if(network_message_send(cl->udp_fd, &cl->ncd_msgid, mbuf, len, key, COMMTYPE_SERVER, 0, &cd) < 0)
1273 {
1274 return -1;
1275 }
1276 }
1277
1278 // send SID list
1279 if(sid_list)
1280 {
1281 send_sid_list();
1282 }
1283 }
1284 else
1285 {
1286 cs_auth_client(cl, 0, usr ? "login failure" : "no such user");
1287 return -1;
1288 }
1289
1290 return 0;
1291 }
1292
1293 static void newcamd_send_dcw(struct s_client *client, ECM_REQUEST *er)
1294 {
1295 int32_t len;
1296 uint16_t cl_msgid;
1297 uint8_t mbuf[19];
1298
1299 if(!client->udp_fd)
1300 {
1301 cs_log_dbg(D_CLIENT, "ncd_send_dcw: error: client->udp_fd=%d", client->udp_fd);
1302 return;
1303 }
1304
1305 cl_msgid = er->msgid;
1306 mbuf[0] = er->ecm[0];
1307
1308 if(er->rc >= E_NOTFOUND) // not found
1309 {
1310 len = 3;
1311 mbuf[1] = mbuf[2] = 0x00;
1312 }
1313 else
1314 {
1315 len = 19;
1316 mbuf[1] = mbuf[2] = 0x10;
1317 memcpy(mbuf + 3, er->cw, 16);
1318 }
1319
1320 cs_log_dbg(D_CLIENT, "ncd_send_dcw: er->msgid=%d, cl_msgid=%d, %02X", er->msgid, cl_msgid, mbuf[0]);
1321
1322 network_message_send(client->udp_fd, &cl_msgid, mbuf, len, client->ncd_skey, COMMTYPE_SERVER, 0, NULL);
1323 }
1324
1325 static void newcamd_process_ecm(struct s_client *cl, uint8_t *buf, int32_t len)
1326 {
1327 int32_t pi;
1328 ECM_REQUEST *er;
1329 uint16_t ecmlen;
1330
1331 if(len < 5)
1332 {
1333 return;
1334 }
1335
1336 ecmlen = SCT_LEN((&buf[2]));
1337 if(ecmlen < 4 || ecmlen > MAX_ECM_SIZE || ecmlen + 2 > len)
1338 {
1339 return;
1340 }
1341
1342 if(!(er = get_ecmtask()))
1343 {
1344 return;
1345 }
1346
1347 // save client ncd_msgid
1348 er->msgid = cl->ncd_msgid;
1349 er->ecmlen = ecmlen;
1350
1351 cs_log_dbg(D_CLIENT, "ncd_process_ecm: er->msgid=%d len=%d ecmlen=%d", er->msgid, len, er->ecmlen);
1352
1353 er->srvid = cl->ncd_header[4] << 8 | cl->ncd_header[5];
1354 er->caid = cl->ncd_header[6] << 8 | cl->ncd_header[7];
1355 er->prid = cl->ncd_header[8] << 16 | cl->ncd_header[9] << 8 | cl->ncd_header[10];
1356
1357 if(!er->caid)
1358 {
1359 pi = cl->port_idx;
1360 if(cfg.ncd_ptab.nports && cfg.ncd_ptab.nports >= pi && cfg.ncd_ptab.ports[pi].ncd)
1361 {
1362 er->caid = cfg.ncd_ptab.ports[pi].ncd->ncd_ftab.filts[0].caid;
1363 }
1364 }
1365
1366 memcpy(er->ecm, buf + 2, er->ecmlen);
1367 get_cw(cl, er);
1368 }
1369
1370 static void newcamd_process_emm(uint8_t *buf, int32_t len)
1371 {
1372 int32_t ok = 1, provid;
1373 uint16_t caid = 0;
1374 struct s_client *cl = cur_client();
1375 EMM_PACKET epg;
1376
1377 if(len < 3)
1378 {
1379 return;
1380 }
1381
1382 memset(&epg, 0, sizeof(epg));
1383
1384 epg.emmlen = SCT_LEN(buf);
1385 if(epg.emmlen > MAX_EMM_SIZE || epg.emmlen > len)
1386 {
1387 return;
1388 }
1389
1390 caid = cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid;
1391
1392 epg.caid[0] = (uint8_t)(caid >> 8);
1393 epg.caid[1] = (uint8_t)(caid);
1394
1395 provid = cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].prids[0];
1396
1397 epg.provid[0] = (uint8_t)(provid >> 24);
1398 epg.provid[1] = (uint8_t)(provid >> 16);
1399 epg.provid[2] = (uint8_t)(provid >> 8);
1400 epg.provid[3] = (uint8_t)(provid);
1401
1402 /*if(caid == 0x0500)
1403 {
1404 uint16_t emm_head;
1405
1406 emm_head = (buf[0]<<8) | buf[1];
1407 switch( emm_head )
1408 {
1409 case 0x8e70: // EMM-S
1410 memcpy(epg.hexserial+1, buf+3, 4);
1411 epg.hexserial[4]=aureader->hexserial[4];
1412 break;
1413 case 0x8870: // EMM-U
1414 case 0x8c70: // confidential?
1415 default:
1416 cs_log("unsupported emm type: %04X", emm_head);
1417 ok=0;
1418 }
1419
1420 if(!ok) cs_log("only EMM-S supported");
1421 }
1422 else*/
1423
1424 memcpy(epg.emm, buf, epg.emmlen);
1425
1426 if(ok)
1427 {
1428 do_emm(cl, &epg);
1429 }
1430
1431 // Should always send an answer to client (also if au is disabled),
1432 // some clients will disconnect if they get no answer
1433 buf[1] = 0x10;
1434 buf[2] = 0x00;
1435
1436 network_message_send(cl->udp_fd, &cl->ncd_msgid, buf, 3, cl->ncd_skey, COMMTYPE_SERVER, 0, NULL);
1437 }
1438
1439 static void newcamd_report_cards(struct s_client *client)
1440 {
1441 int32_t j, k, l;
1442 uint8_t buf[512];
1443 custom_data_t *cd;
1444
1445 if(!cs_malloc(&cd, sizeof(struct custom_data)))
1446 {
1447 return;
1448 }
1449
1450 memset(buf, 0, sizeof(buf));
1451
1452 cd->sid = cfg.ncd_ptab.ports[client->port_idx].s_port;
1453 buf[0] = MSG_SERVER_2_CLIENT_ADDCARD;
1454
1455 struct s_reader *rdr;
1456 for(rdr = first_active_reader; rdr ; rdr = rdr->next)
1457 {
1458 int32_t flt = 0;
1459
1460 if(!(rdr->grp & client->grp))
1461 {
1462 continue; // test - skip unaccesible readers
1463 }
1464
1465 if(rdr->ftab.filts)
1466 {
1467 for(j = 0; j < rdr->ftab.nfilts; j++)
1468 {
1469 if(rdr->ftab.filts[j].caid)
1470 {
1471 cd->caid = rdr->ftab.filts[j].caid;
1472
1473 if(!rdr->ftab.filts[j].nprids)
1474 {
1475 cd->provid = 0;
1476 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X svc", cd->caid, cd->provid);
1477
1478 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1479 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1480 }
1481
1482 for(k = 0; k < rdr->ftab.filts[j].nprids; k++)
1483 {
1484 cd->provid = rdr->ftab.filts[j].prids[k];
1485 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X svc", cd->caid, cd->provid);
1486
1487 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1488 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1489 flt = 1;
1490 }
1491 }
1492 }
1493 }
1494
1495 if(rdr->caid && !flt)
1496 {
1497 if((rdr->tcp_connected || rdr->card_status == CARD_INSERTED))
1498 {
1499 cd->caid = rdr->caid;
1500 if(!rdr->nprov)
1501 {
1502 cd->provid = 0;
1503 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X caid", cd->caid, cd->provid);
1504
1505 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1506 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1507 }
1508
1509 for(j = 0; j < rdr->nprov; j++)
1510 {
1511 cd->provid = (rdr->prid[j][1]) << 16 | (rdr->prid[j][2] << 8) | rdr->prid[j][3];
1512 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X caid", cd->caid, cd->provid);
1513
1514 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1515 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1516 }
1517 }
1518 }
1519 }
1520
1521 if(cfg.sidtab && client->account)
1522 {
1523 struct s_sidtab *ptr;
1524 for(j = 0, ptr = cfg.sidtab; ptr; ptr = ptr->next, j++)
1525 {
1526 if(client->account->sidtabs.ok & ((SIDTABBITS)1 << j))
1527 {
1528 for(k = 0; k < ptr->num_caid; k++)
1529 {
1530 cd->caid = ptr->caid[k];
1531
1532 if(!ptr->num_provid)
1533 {
1534 cd->provid = 0;
1535 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X acs", cd->caid, cd->provid);
1536
1537 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1538 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1539 }
1540
1541 for(l = 0; l < ptr->num_provid; l++)
1542 {
1543 cd->provid = ptr->provid[l];
1544 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X acs", cd->caid, cd->provid);
1545
1546 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1547 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1548 }
1549 }
1550 }
1551 }
1552 }
1553
1554 NULLFREE(cd);
1555 }
1556
1557 static void newcamd_server_init(struct s_client *client)
1558 {
1559 int8_t res = 0;
1560
1561 client->ncd_server = 1;
1562 cs_log("client connected to %d port", cfg.ncd_ptab.ports[client->port_idx].s_port);
1563
1564 if(cfg.ncd_ptab.ports[client->port_idx].ncd && cfg.ncd_ptab.ports[client->port_idx].ncd->ncd_key_is_set)
1565 {
1566 // port has a des key specified
1567 res = newcamd_auth_client(client->ip, cfg.ncd_ptab.ports[client->port_idx].ncd->ncd_key);
1568 }
1569 else
1570 {
1571 // default global des key
1572 res = newcamd_auth_client(client->ip, cfg.ncd_key);
1573 }
1574
1575 if(res == -1)
1576 {
1577 cs_disconnect_client(client);
1578 return;
1579 }
1580
1581 // report all cards if using extended mg proto
1582 if(cfg.ncd_mgclient)
1583 {
1584 cs_log_dbg(D_CLIENT, "newcamd: extended: report all available cards");
1585 newcamd_report_cards(client);
1586 }
1587
1588 }
1589
1590 #define EXT_VERSION_STR "1.67"
1591 #define EXT_VERSION_LEN 4
1592
1593 static void newcamd_send_version(struct s_client *client)
1594 {
1595 uint8_t buf[30];
1596 memset(buf, 0, sizeof(buf));
1597
1598 buf[0] = MSG_SERVER_2_CLIENT_GET_VERSION;
1599 buf[1] = EXT_VERSION_LEN >> 8;
1600 buf[2] = EXT_VERSION_LEN & 0xFF;
1601 memcpy(buf + 3, EXT_VERSION_STR, EXT_VERSION_LEN);
1602
1603 network_message_send(client->udp_fd, &client->ncd_msgid, buf, EXT_VERSION_LEN + 3,
1604 client->ncd_skey, COMMTYPE_SERVER, 0, NULL);
1605 }
1606
1607 static void *newcamd_server(struct s_client *client, uint8_t *mbuf, int32_t len)
1608 {
1609 // check for clienttimeout, if timeout occurs try to send keepalive / wait for answer
1610 // befor client was disconnected. If keepalive was disabled, exit after clienttimeout
1611
1612 if(len < 3)
1613 {
1614 return NULL;
1615 }
1616
1617 cs_log_dbg(D_CLIENT, "newcamd: got cmd %d", mbuf[2]);
1618
1619 switch(mbuf[2])
1620 {
1621 case 0x80:
1622 case 0x81:
1623 {
1624 newcamd_process_ecm(client, mbuf, len);
1625 break;
1626 }
1627
1628 case MSG_SERVER_2_CLIENT_GET_VERSION:
1629 {
1630 cs_log_dbg(D_CLIENT, "newcamd: extended: send Version 1.67");
1631 newcamd_send_version(client);
1632 break;
1633 }
1634
1635 case MSG_KEEPALIVE:
1636 {
1637 newcamd_reply_ka();
1638 break;
1639 }
1640
1641 default:
1642 {
1643 if(mbuf[2] > 0x81 && mbuf[2] < 0x92)
1644 {
1645 newcamd_process_emm(mbuf + 2, len - 2);
1646 }
1647 else
1648 {
1649 cs_log_dbg(D_CLIENT, "unknown newcamd command! (%d)", mbuf[2]);
1650 }
1651 }
1652 }
1653
1654 return NULL;
1655 }
1656
1657 void newcamd_idle(void)
1658 {
1659 struct s_client *client = cur_client();
1660 struct s_reader *rdr = client->reader;
1661
1662 if(!rdr)
1663 {
1664 return;
1665 }
1666
1667 if(rdr->tcp_ito > 0)
1668 {
1669 // inactivitytimeout > 0 enables protocol keepalive packages
1670 time_t now;
1671 int32_t time_diff;
1672
1673 time(&now);
1674 time_diff = llabs(now - rdr->last_s);
1675
1676 if(time_diff > (rdr->tcp_ito))
1677 {
1678 if(client->ncd_keepalive)
1679 {
1680 newcamd_reply_ka();
1681 }
1682 else
1683 {
1684 network_tcp_connection_close(client->reader, "inactivity");
1685 }
1686 }
1687 }
1688 else if(rdr->tcp_ito == -1)
1689 {
1690 // idle reconnect
1691 newcamd_connect();
1692 }
1693 }
1694
1695 /*
1696 * client functions
1697 */
1698
1699 int32_t newcamd_client_init(struct s_client *client)
1700 {
1701 char ptxt[1] = { "\0" };
1702
1703 client->ncd_proto = client->reader->ncd_proto;
1704
1705 cs_log("proxy %s:%d newcamd52%d (fd=%d%s)", client->reader->device, client->reader->r_port,
1706 (client->reader->ncd_proto == NCD_525) ? 5 : 4, client->udp_fd, ptxt);
1707
1708 // try to connect. ignore possible failures
1709 // idle reconnect (tcp_ito = -1) will trigger an additional connect anyway
1710 if(client->reader->ncd_connect_on_init && client->reader->tcp_ito != -1)
1711 {
1712 newcamd_connect();
1713 }
1714
1715 return 0;
1716 }
1717
1718 static int32_t newcamd_send_ecm(struct s_client *client, ECM_REQUEST *er)
1719 {
1720 struct s_reader *rdr = client->reader;
1721
1722 if(!newcamd_connect())
1723 {
1724 return -1;
1725 }
1726
1727 // check server filters
1728 if(!chk_rsfilter(rdr, er))
1729 {
1730 return -1;
1731 }
1732
1733 uint8_t *buf;
1734 if(!cs_malloc(&buf, er->ecmlen))
1735 {
1736 return -1;
1737 }
1738
1739 memcpy(buf, er->ecm, er->ecmlen);
1740
1741 client->ncd_header[4] = er->srvid >> 8;
1742 client->ncd_header[5] = er->srvid & 0xFF;
1743 client->ncd_header[6] = er->caid >> 8;
1744 client->ncd_header[7] = er->caid & 0xFF;
1745 client->ncd_header[8] = er->prid >> 16;
1746 client->ncd_header[9] = er->prid >> 8;
1747 client->ncd_header[10] = er->prid & 0xFF;
1748
1749 int32_t rc = (newcamd_send(buf, er->ecmlen, er->srvid) < 1) ? -1 : 0;
1750
1751 NULLFREE(buf);
1752 return (rc);
1753 }
1754
1755 static int32_t newcamd_send_emm(EMM_PACKET *ep)
1756 {
1757 uint8_t buf[ep->emmlen];
1758
1759 if(!newcamd_connect())
1760 {
1761 return -1;
1762 }
1763
1764 memcpy(buf, ep->emm, ep->emmlen);
1765
1766 return (newcamd_send(buf, ep->emmlen, 0) < 1) ? 0 : 1;
1767 }
1768
1769 static int32_t newcamd_recv_chk(struct s_client *client, uint8_t *dcw, int32_t *rc, uint8_t *buf, int32_t n)
1770 {
1771 uint16_t idx = -1;
1772
1773 if(n < 5)
1774 {
1775 return -1;
1776 }
1777
1778 switch(buf[2])
1779 {
1780 case 0x80:
1781 case 0x81:
1782 {
1783 idx = (buf[0] << 8) | buf[1];
1784
1785 if(n == 5) // not found on server
1786 {
1787 *rc = 0;
1788 memset(dcw, 0, 16);
1789 break;
1790 }
1791
1792 if(n < 21)
1793 {
1794 cs_log_dbg(D_CLIENT, "invalid newcamd answer");
1795 return (-1);
1796 }
1797
1798 *rc = 1;
1799 memcpy(dcw, buf + 5, 16);
1800 break;
1801 }
1802
1803 case MSG_KEEPALIVE:
1804 {
1805 return -1;
1806 }
1807
1808 case MSG_SERVER_2_CLIENT_ADDCARD:
1809 {
1810 if(client->reader)
1811 {
1812 client->reader->ncd_disable_server_filt = 1;
1813 }
1814
1815 return -1;
1816 }
1817
1818 default:
1819 {
1820 if(buf[2] > 0x81 && buf[2] < 0x92) // answer to emm
1821 {
1822 return -1;
1823 }
1824
1825 cs_log_dbg(D_CLIENT, "unknown newcamd command from server");
1826 return -1;
1827 }
1828 }
1829
1830 return idx;
1831 }
1832
1833 /*
1834 * resolve client type for newcamd protocol
1835 */
1836 const char *newcamd_get_client_name(uint16_t client_id)
1837 {
1838 // When adding new entries keep the list sorted!
1839 static const struct
1840 {
1841 uint16_t id;
1842 const char *client;
1843 } ncd_service_ids[] =
1844 {
1845 { 0x0000, "generic" },
1846 { 0x02C2, "Opticum" },
1847 { 0x0665, "rq-sssp-client-CS" },
1848 { 0x0666, "rqcamd" },
1849 { 0x0667, "rq-echo-client" },
1850 { 0x0669, "rq-sssp-client-CW" },
1851 { 0x0769, "JlsRq" },
1852 { 0x414C, "AlexCS" },
1853 { 0x4333, "camd3" },
1854 { 0x4343, "CCcam" },
1855 { 0x434C, "Cardlink" },
1856 { 0x4453, "DiabloCam-UW" },
1857 { 0x4543, "eyetvCamd" },
1858 { 0x4765, "Octagon" },
1859 { 0x4C43, "LCE" },
1860 { 0x4E58, "NextYE2k" },
1861 { 0x5342, "SBCL" },
1862 { 0x5456, "Tecview" },
1863 { 0x5644, "vdr-sc" },
1864 { 0x5743, "WiCard" },
1865 { 0x6378, "cx" },
1866 { 0x6502, "Tvheadend" },
1867 { 0x6576, "evocamd" },
1868 { 0x6762, "gbox2CS" },
1869 { 0x6B61, "Kaffeine" },
1870 { 0x6B63, "kpcs" },
1871 { 0x6D63, "mpcs" },
1872 { 0x6D67, "mgcamd" },
1873 { 0x6E65, "NextYE2k" },
1874 { 0x6E73, "NewCS" },
1875 { 0x7264, "radegast" },
1876 { 0x7363, "Scam" },
1877 { 0x7763, "WinCSC" },
1878 { 0x7878, "tsdecrypt" },
1879 { 0x8888, "OSCam" },
1880 { 0x9911, "ACamd" },
1881 { 0x9922, "DVBplug" },
1882 { 0xFFFF, NULL }
1883 };
1884
1885 int i = 0;
1886
1887 while(1)
1888 {
1889 if(!ncd_service_ids[i].client)
1890 {
1891 break;
1892 }
1893
1894 if(ncd_service_ids[i].id == client_id)
1895 {
1896 return ncd_service_ids[i].client;
1897 }
1898
1899 i++;
1900 }
1901
1902 return "unknown - please report";
1903 }
1904
1905 void module_newcamd(struct s_module *ph)
1906 {
1907 ph->desc = "newcamd";
1908 ph->type = MOD_CONN_TCP;
1909 ph->large_ecm_support = 1;
1910 ph->listenertype = LIS_NEWCAMD;
1911 IP_ASSIGN(ph->s_ip, cfg.ncd_srvip);
1912 ph->s_handler = newcamd_server;
1913 ph->s_init = newcamd_server_init;
1914 ph->recv = newcamd_recv;
1915 ph->send_dcw = newcamd_send_dcw;
1916 ph->ptab = cfg.ncd_ptab;
1917 ph->c_init = newcamd_client_init;
1918 ph->c_recv_chk = newcamd_recv_chk;
1919 ph->c_send_ecm = newcamd_send_ecm;
1920 ph->c_send_emm = newcamd_send_emm;
1921 ph->c_idle = newcamd_idle;
1922 ph->num = R_NEWCAMD;
1923 }
1924 #endif
Open Source Conditional Access Modul