search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- fix for ticker #4787
[oscam.git] / module-newcamd.c
blobfe82c4f018396128a2161612f806b5789f1fdc76
1 #define MODULE_LOG_PREFIX "newcamd"
2
3 #include "globals.h"
4
5 #ifdef MODULE_NEWCAMD
6
7 #include "cscrypt/des.h"
8 #include "cscrypt/md5.h"
9 #include "module-newcamd.h"
10 #include "module-newcamd-des.h"
11 #include "oscam-array.h"
12 #include "oscam-conf-chk.h"
13 #include "oscam-chk.h"
14 #include "oscam-client.h"
15 #include "oscam-ecm.h"
16 #include "oscam-emm.h"
17 #include "oscam-net.h"
18 #include "oscam-reader.h"
19 #include "oscam-string.h"
20 #include "oscam-time.h"
21
22 const int32_t CWS_NETMSGSIZE = 1024; // csp 0.8.9 (default: 400). This is CWS_NETMSGSIZE. The old default was 240
23
24 #define NCD_CLIENT_ID 0x8888
25 #define CWS_FIRSTCMDNO 0xE0
26
27 typedef enum
28 {
29 MSG_CLIENT_2_SERVER_LOGIN = CWS_FIRSTCMDNO,
30 MSG_CLIENT_2_SERVER_LOGIN_ACK,
31 MSG_CLIENT_2_SERVER_LOGIN_NAK,
32 MSG_CARD_DATA_REQ,
33 MSG_CARD_DATA,
34 MSG_SERVER_2_CLIENT_NAME,
35 MSG_SERVER_2_CLIENT_NAME_ACK,
36 MSG_SERVER_2_CLIENT_NAME_NAK,
37 MSG_SERVER_2_CLIENT_LOGIN,
38 MSG_SERVER_2_CLIENT_LOGIN_ACK,
39 MSG_SERVER_2_CLIENT_LOGIN_NAK,
40 MSG_ADMIN,
41 MSG_ADMIN_ACK,
42 MSG_ADMIN_LOGIN,
43 MSG_ADMIN_LOGIN_ACK,
44 MSG_ADMIN_LOGIN_NAK,
45 MSG_ADMIN_COMMAND,
46 MSG_ADMIN_COMMAND_ACK,
47 MSG_ADMIN_COMMAND_NAK,
48 MSG_KEEPALIVE = CWS_FIRSTCMDNO + 0x1D,
49 MSG_SERVER_2_CLIENT_OSD = 0xD1,
50 MSG_SERVER_2_CLIENT_ALLCARDS = 0xD2,
51 MSG_SERVER_2_CLIENT_ADDCARD = 0xD3,
52 MSG_SERVER_2_CLIENT_REMOVECARD = 0xD4,
53 MSG_SERVER_2_CLIENT_CHANGE_KEY = 0xD5,
54 MSG_SERVER_2_CLIENT_GET_VERSION = 0xD6,
55 MSG_SERVER_2_CLIENT_ADDSID = 0xD7,
56 MSG_CLIENT_2_SERVER_CARDDISCOVER = 0xD8
57 } net_msg_type_t;
58
59 typedef enum
60 {
61 COMMTYPE_CLIENT,
62 COMMTYPE_SERVER
63 } comm_type_t;
64
65 typedef struct custom_data
66 {
67 uint16_t sid;
68 uint16_t caid;
69 int32_t provid;
70 uint8_t x;
71 } custom_data_t;
72
73 #define REQ_SIZE 2
74
75 static int32_t network_message_send(int32_t handle, uint16_t *netMsgId, uint8_t *buffer, int32_t len,
76 uint8_t *deskey, comm_type_t commType, uint16_t sid, custom_data_t *cd)
77 {
78 uint8_t netbuf[CWS_NETMSGSIZE];
79 int32_t head_size;
80 struct s_client *cl = cur_client();
81
82 head_size = (cl->ncd_proto == NCD_524) ? 8 : 12;
83
84 if(len < 3 || len + head_size > CWS_NETMSGSIZE || handle < 0)
85 {
86 return -1;
87 }
88
89 buffer[1] = (buffer[1] & 0xF0) | (((len - 3) >> 8) & 0x0F);
90 buffer[2] = (len - 3) & 0xFF;
91
92 memcpy(netbuf + head_size, buffer, len);
93 len += head_size;
94
95 if(netMsgId)
96 {
97 if(commType == COMMTYPE_CLIENT)
98 {
99 (*netMsgId)++;
100 }
101
102 netbuf[2] = (*netMsgId) >> 8;
103 netbuf[3] = (*netMsgId) & 0xFF;
104 }
105 else
106 {
107 netbuf[2] = 0;
108 netbuf[3] = 0;
109 }
110
111 memset(netbuf + 4, 0, (cl->ncd_proto == NCD_524) ? 4 : 8);
112
113 if(sid)
114 {
115 if(cl->reader && cl->reader->ncd_disable_server_filt
116 && sid != NCD_CLIENT_ID && cl->ncd_proto != NCD_524) // mgclient send header
117 {
118 memcpy(netbuf + 4, cl->ncd_header + 4, 7);
119 }
120
121 netbuf[(cl->ncd_proto == NCD_524) ? 6 : 4] = (uint8_t)(sid >> 8); // sid
122 netbuf[(cl->ncd_proto == NCD_524) ? 7 : 5] = (uint8_t)(sid);
123 }
124
125 //if((!ncd_proto == NCD_524) && (buffer[0] >= 0xD1) && (buffer[0] <= 0xD8)) // extended proto for mg
126 //{
127 // cs_log_dbg(D_CLIENT, "newcamd: extended: msg");
128
129 if(cd)
130 {
131 cs_log_dbg(D_CLIENT, "newcamd: has cd");
132
133 netbuf[4] = cd->sid >> 8;
134 netbuf[5] = cd->sid & 0xFF;
135 netbuf[6] = cd->caid >> 8;
136 netbuf[7] = cd->caid & 0xFF;
137 netbuf[8] = (cd->provid >> 16) & 0xFF;
138 netbuf[9] = (cd->provid >> 8) & 0xFF;
139 netbuf[10] = cd->provid & 0xFF;
140 }
141 //}
142
143 if(NCD_525 == cl->ncd_proto && cfg.ncd_mgclient && MSG_CLIENT_2_SERVER_LOGIN_ACK == buffer[0])
144 {
145 netbuf[4] = 0x6E; // From ExtNewcamSession.java CSP line 65-66 getLoginOkMsg()
146 netbuf[5] = 0x73;
147 netbuf[11] = 0x14;
148 }
149
150 if(NCD_525 == cl->ncd_proto && MSG_SERVER_2_CLIENT_ADDSID == buffer[0])
151 {
152 netbuf[11] = 0x14;
153 }
154
155 //if(buffer[0] == MSG_CLIENT_2_SERVER_LOGIN && cur_client()->reader->ncd_disable_server_filt)
156 //{
157 // netbuf[11] = 0x11; // From ChameleonCwsConnector.java CSP line 59-61 run()
158 //}
159
160 netbuf[0] = (len - 2) >> 8;
161 netbuf[1] = (len - 2) & 0xFF;
162
163 cs_log_dump_dbg(D_CLIENT, netbuf, len, "send %d bytes to %s", len, remote_txt());
164
165 if((len = nc_des_encrypt(netbuf, len, deskey)) < 0)
166 {
167 return -1;
168 }
169
170 netbuf[0] = (len - 2) >> 8;
171 netbuf[1] = (len - 2) & 0xFF;
172
173 return send(handle, netbuf, len, 0);
174 }
175
176 static int32_t send_sid_list(void)
177 {
178 struct s_client *cl = cur_client();
179
180 if(1 != cl->ftab.nfilts || !cl->sidtabs.no || !cfg.ncd_ptab.ports[cl->port_idx].ncd)
181 {
182 cs_log("SID list will not be send to mgcamd client.");
183 return 0;
184 }
185
186 uint8_t mbuf[CWS_NETMSGSIZE];
187 int32_t n = 0, nr = 0, portion_sid_num = 0, i = 0, sid_num = 0, portion_num = 0;
188 SIDTAB *sidtab = 0;
189 custom_data_t cd;
190
191 cs_log_dbg(D_TRACE, "Send SID list to mgcamd client.");
192
193 memset(&cd, 0, sizeof(cd));
194 FILTER *pfilts = cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts;
195
196 //memset(mbuf, 0, sizeof(mbuf)); // not nessesery
197
198 for(nr = 0, sidtab = cfg.sidtab; sidtab; sidtab = sidtab->next, nr++)
199 {
200 if((cl->sidtabs.no & ((SIDTABBITS)1 << nr)) && (sidtab->num_caid | sidtab->num_provid | sidtab->num_srvid))
201 {
202 for(n = 0; n < pfilts[0].nprids; n++)
203 {
204 if(chk_srvid_match_by_caid_prov(pfilts[0].caid, pfilts[0].prids[n], sidtab))
205 {
206 for(i = 0; i < sidtab->num_srvid; i++)
207 {
208 // First SID goes to header
209 if(0 == portion_sid_num)
210 {
211 cd.sid = sidtab->srvid[i]; // first sid
212 cd.caid = cfg.ncd_ptab.ports[cl->port_idx].s_port; // assigned port
213 cd.provid = 0x1; // mark as deny
214 }
215
216 mbuf[portion_sid_num * 3] = (uint8_t)(sidtab->srvid[i] >> 8);
217 mbuf[portion_sid_num * 3 + 1] = (uint8_t)(sidtab->srvid[i] & 0xFF);
218 mbuf[portion_sid_num * 3 + 2] = 0x1; // mark as deny
219
220 ++sid_num;
221 ++portion_sid_num;
222
223 if(portion_sid_num >= 50)
224 {
225 ++portion_num;
226
227 cs_log_dump_dbg(0x0800, mbuf, (portion_sid_num) * 3, "Portion %d contains %d SIDs",
228 portion_num, portion_sid_num);
229
230 mbuf[0] = MSG_SERVER_2_CLIENT_ADDSID;
231 mbuf[1] = 0x00;
232 mbuf[2] = 0x00;
233
234 network_message_send(cl->udp_fd, &cl->ncd_msgid, mbuf, portion_sid_num * 3,
235 cl->ncd_skey, COMMTYPE_SERVER, 0, &cd);
236 portion_sid_num = 0;
237 }
238 }
239
240 break;
241 }
242 }
243 }
244 }
245
246 if(portion_sid_num)
247 {
248 ++portion_num;
249
250 cs_log_dump_dbg(0x0800, mbuf, (portion_sid_num) * 3, "Portion %d contains %d SIDs",
251 portion_num, portion_sid_num);
252
253 mbuf[0] = MSG_SERVER_2_CLIENT_ADDSID;
254 mbuf[1] = 0x0;
255 mbuf[2] = 0x0;
256
257 network_message_send(cl->udp_fd, &cl->ncd_msgid, mbuf, portion_sid_num * 3,
258 cl->ncd_skey, COMMTYPE_SERVER, 0, &cd);
259 portion_sid_num = 0;
260 }
261
262 cs_log("%d deny SIDs in the %d messages were sent to the client.", sid_num, portion_num);
263
264 return sid_num;
265 }
266
267 static int32_t network_message_receive(int32_t handle, uint16_t *netMsgId, uint8_t *buffer,
268 uint8_t *deskey, comm_type_t commType)
269 {
270 int32_t len, ncd_off, msgid;
271 uint8_t netbuf[CWS_NETMSGSIZE];
272 int32_t returnLen;
273 struct s_client *cl = cur_client();
274
275 if(!buffer || handle < 0)
276 {
277 return -1;
278 }
279
280 len = cs_recv(handle, netbuf, 2, 0);
281
282 cs_log_dbg(D_CLIENT, "nmr(): len=%d, errno=%d", len, (len == -1) ? errno : 0);
283
284 if(!len)
285 {
286 cs_log_dbg(D_CLIENT, "nmr: 1 return 0");
287
288 if(commType == COMMTYPE_CLIENT)
289 {
290 network_tcp_connection_close(cl->reader, "receive error1");
291 }
292 else
293 {
294 cs_disconnect_client(cl);
295 }
296
297 return 0;
298 }
299
300 if(len != 2)
301 {
302 cs_log_dbg(D_CLIENT, "nmr: len!=2");
303
304 if(commType == COMMTYPE_CLIENT)
305 {
306 network_tcp_connection_close(cl->reader, "receive error2");
307 }
308 else
309 {
310 cs_disconnect_client(cl);
311 }
312
313 return -1;
314 }
315
316 if(((netbuf[0] << 8) | netbuf[1]) > CWS_NETMSGSIZE - 2)
317 {
318 cs_log_dbg(D_CLIENT, "nmr: received data len=%d longer than CWS_NETMSGSIZE=%d",
319 ((netbuf[0] << 8) | netbuf[1]), CWS_NETMSGSIZE);
320 cs_log_dbg(D_CLIENT, "nmr: 1 return -1");
321 return -1;
322 }
323
324 len = cs_recv(handle, netbuf + 2, (netbuf[0] << 8) | netbuf[1], 0);
325 if(!len)
326 {
327 cs_log_dbg(D_CLIENT, "nmr: 2 return 0");
328 return 0;
329 }
330
331 if(len != ((netbuf[0] << 8) | netbuf[1]))
332 {
333 cs_log_dbg(D_CLIENT, "nmr: 2 return -1");
334 return -1;
335 }
336
337 len += 2;
338
339 if((len = nc_des_decrypt(netbuf, len, deskey)) < 11) // 15(newcamd525) or 11 ???
340 {
341 cs_log_dbg(D_CLIENT, "nmr: can't decrypt, invalid des key?");
342 cs_sleepms(2000);
343 return -1;
344 }
345
346 //cs_log_dump_dbg(D_CLIENT, netbuf, len, "nmr: decrypted data, len=%d", len);
347
348 msgid = (netbuf[2] << 8) | netbuf[3];
349
350 if(cl->ncd_proto == NCD_AUTO)
351 {
352 // auto detect
353 int32_t l5 = (((netbuf[13] & 0x0F) << 8) | netbuf[14]) + 3;
354 int32_t l4 = (((netbuf[9] & 0x0F) << 8) | netbuf[10]) + 3;
355
356 if((l5 <= len - 12) && ((netbuf[12] & 0xF0) == 0xE0 || (netbuf[12] & 0xF0) == 0x80))
357 {
358 cl->ncd_proto = NCD_525;
359 }
360 else if((l4 <= len - 8) && ((netbuf[8] & 0xF0) == 0xE0 || (netbuf[9] & 0xF0) == 0x80))
361 {
362 cl->ncd_proto = NCD_524;
363 }
364 else
365 {
366 cs_log_dbg(D_CLIENT, "nmr: 4 return -1");
367 return -1;
368 }
369
370 cs_log_dbg(D_CLIENT, "nmr: autodetect: newcamd52%d used", (cl->ncd_proto == NCD_525) ? 5 : 4);
371 }
372
373 ncd_off = (cl->ncd_proto == NCD_525) ? 4 : 0;
374
375 returnLen = (((netbuf[9 + ncd_off] & 0x0F) << 8) | netbuf[10 + ncd_off]) + 3;
376 if(returnLen > (len - (8 + ncd_off)))
377 {
378 cs_log_dbg(D_CLIENT, "nmr: 4 return -1");
379 return -1;
380 }
381
382 //cs_log_dump_dbg(D_CLIENT, netbuf, len, "nmr: decrypted data");
383
384 if(netMsgId)
385 {
386 switch(commType)
387 {
388 case COMMTYPE_SERVER:
389 *netMsgId = msgid;
390 break;
391
392 case COMMTYPE_CLIENT:
393 //if(*netMsgId != ((netbuf[2] << 8) | netbuf[3]))
394 //{
395 cs_log_dbg(D_CLIENT, "nmr: netMsgId=%d, from server=%d, ", *netMsgId, msgid);
396 //return -2;
397 //}
398 break;
399
400 default:
401 cs_log_dbg(D_CLIENT, "nmr: 5 return -1");
402 return -1;
403 break;
404 }
405 }
406
407 switch(commType)
408 {
409 case COMMTYPE_SERVER:
410 memcpy(cl->ncd_header, netbuf, (8 + ncd_off));
411 buffer[0] = (cl->ncd_proto == NCD_525) ? netbuf[4] : netbuf[6]; // sid
412 buffer[1] = (cl->ncd_proto == NCD_525) ? netbuf[5] : netbuf[7];
413 break;
414
415 case COMMTYPE_CLIENT:
416 memcpy(cl->ncd_header, netbuf, (8 + ncd_off));
417 buffer[0] = netbuf[2]; // msgid
418 buffer[1] = netbuf[3];
419 break;
420 }
421
422 memcpy(buffer + 2, netbuf + (8 + ncd_off), returnLen);
423 return returnLen + 2;
424 }
425
426 static void network_cmd_no_data_send(int32_t handle, uint16_t *netMsgId, net_msg_type_t cmd,
427 uint8_t *deskey, comm_type_t commType)
428 {
429 uint8_t buffer[3];
430
431 buffer[0] = cmd;
432 buffer[1] = 0;
433 buffer[2] = 0;
434
435 network_message_send(handle, netMsgId, buffer, 3, deskey, commType, 0, NULL);
436 }
437
438 static int32_t network_cmd_no_data_receive(int32_t handle, uint16_t *netMsgId, uint8_t *deskey,
439 comm_type_t commType)
440 {
441 uint8_t buffer[CWS_NETMSGSIZE];
442
443 if(network_message_receive(handle, netMsgId, buffer, deskey, commType) != 3 + 2)
444 {
445 return -1;
446 }
447
448 return buffer[2];
449 }
450
451 void newcamd_reply_ka(void)
452 {
453 struct s_client *cl = cur_client();
454
455 if(!cl)
456 {
457 return;
458 }
459
460 if(!cl->udp_fd)
461 {
462 cs_log_dbg(D_CLIENT, "invalid client fd=%d", cl->udp_fd);
463 return;
464 }
465
466 cs_log_dbg(D_CLIENT, "send keepalive to client fd=%d", cl->udp_fd);
467
468 if(cl->reader)
469 {
470 cl->reader->last_s = time((time_t *)0);
471 }
472
473 network_cmd_no_data_send(cl->udp_fd, &cl->ncd_msgid, MSG_KEEPALIVE, cl->ncd_skey, COMMTYPE_SERVER);
474 }
475
476 static int32_t connect_newcamd_server(void)
477 {
478 int32_t i;
479 uint8_t buf[CWS_NETMSGSIZE];
480 uint8_t keymod[14];
481 uint8_t key[16];
482 int32_t handle = 0;
483
484 uint32_t idx;
485 uint8_t passwdcrypt[120];
486 uint8_t login_answer;
487 int32_t bytes_received;
488 struct s_client *cl = cur_client();
489
490 if(cl->reader->device[0] == 0 || cl->reader->r_pwd[0] == 0
491 || cl->reader->r_usr[0] == 0 || cl->reader->r_port == 0)
492 {
493 return -5;
494 }
495
496 // 1. Connect
497 handle = network_tcp_connection_open(cl->reader);
498 if(handle < 0)
499 {
500 return -1;
501 }
502
503 // 2. Get init sequence
504 cl->ncd_msgid = 0;
505 if(read(handle, keymod, sizeof(keymod)) != sizeof(keymod))
506 {
507 cs_log("server does not return 14 bytes");
508 network_tcp_connection_close(cl->reader, "connect error");
509 return -2;
510 }
511
512 cs_log_dump_dbg(D_CLIENT, keymod, sizeof(cl->reader->ncd_key), "server init sequence:");
513 nc_des_login_key_get(keymod, cl->reader->ncd_key, sizeof(cl->reader->ncd_key), key);
514
515 // 3. Send login info
516 idx = 3;
517 buf[0] = MSG_CLIENT_2_SERVER_LOGIN;
518 buf[1] = 0;
519
520 cs_strncpy((char *)buf + idx, cl->reader->r_usr, sizeof(buf) - idx);
521 __md5_crypt(cl->reader->r_pwd, "$1$abcdefgh$", (char *)passwdcrypt);
522 idx += strlen(cl->reader->r_usr) + 1;
523 cs_strncpy((char *)buf + idx, (const char *)passwdcrypt, sizeof(buf) - idx);
524
525 network_message_send(handle, 0, buf, idx + strlen((char *)passwdcrypt) + 1, key,
526 COMMTYPE_CLIENT, NCD_CLIENT_ID, NULL);
527
528 // 3.1 Get login answer
529 login_answer = network_cmd_no_data_receive(handle, &cl->ncd_msgid, key, COMMTYPE_CLIENT);
530 if(login_answer == MSG_CLIENT_2_SERVER_LOGIN_NAK)
531 {
532 cs_log("login failed for user '%s'", cl->reader->r_usr);
533 network_tcp_connection_close(cl->reader, "login error1");
534 return -3;
535 }
536
537 if(login_answer != MSG_CLIENT_2_SERVER_LOGIN_ACK)
538 {
539 cs_log("expected MSG_CLIENT_2_SERVER_LOGIN_ACK (%02X), received %02X",
540 MSG_CLIENT_2_SERVER_LOGIN_ACK, login_answer);
541
542 network_tcp_connection_close(cl->reader, "login error2");
543 return -3;
544 }
545
546 // 3.2 Set connection info
547 cl->reader->tcp_connected = 1;
548 cl->crypted = 1;
549
550 // 4. Send MSG_CARD_DATE_REQ
551 nc_des_login_key_get(cl->reader->ncd_key, passwdcrypt, strlen((char *)passwdcrypt), key);
552 network_cmd_no_data_send(handle, &cl->ncd_msgid, MSG_CARD_DATA_REQ, key, COMMTYPE_CLIENT);
553
554 bytes_received = network_message_receive(handle, &cl->ncd_msgid, buf, key, COMMTYPE_CLIENT);
555 if(bytes_received < 16 || buf[2] != MSG_CARD_DATA)
556 {
557 cs_log("expected MSG_CARD_DATA (%02X), received %02X", MSG_CARD_DATA, buf[2]);
558
559 network_tcp_connection_close(cl->reader, "receive error");
560 return -4;
561 }
562
563 // 5. Parse CAID and PROVID(s)
564 cl->reader->caid = (uint16_t)((buf[6] << 8) | buf[7]);
565
566 // handle special serial format in newcamd. See newcamd_auth_client
567 newcamd_to_hexserial(buf + 10, cl->reader->hexserial, cl->reader->caid);
568
569 cs_log("Newcamd Server: %s:%d - UserID: %i", cl->reader->device, cl->reader->r_port, buf[3 + 2]);
570
571 cs_log("CAID: %04X - UA: %02X%02X%02X%02X%02X%02X%02X%02X - Provider # %i",
572 cl->reader->caid, cl->reader->hexserial[0], cl->reader->hexserial[1], cl->reader->hexserial[2],
573 cl->reader->hexserial[3], cl->reader->hexserial[4], cl->reader->hexserial[5], cl->reader->hexserial[6],
574 cl->reader->hexserial[7], buf[14 + 2]);
575
576 cl->reader->nprov = buf[14 + 2];
577 memset(cl->reader->prid, 0x00, sizeof(cl->reader->prid));
578
579 for(i = 0; i < cl->reader->nprov; i++)
580 {
581 if(caid_is_betacrypt(cl->reader->caid) || caid_is_irdeto(cl->reader->caid))
582 {
583 memcpy(&cl->reader->prid[i], buf + 22 + 2 + 11 * i, 4);
584 }
585 else
586 {
587 cl->reader->prid[i][1] = buf[15 + 2 + 11 * i];
588 cl->reader->prid[i][2] = buf[16 + 2 + 11 * i];
589 cl->reader->prid[i][3] = buf[17 + 2 + 11 * i];
590 }
591
592 memcpy(&cl->reader->sa[i], buf + 22 + 2 + 11 * i, 4); // the 4 first bytes are not read
593
594 cs_log("Provider ID: %02X%02X%02X - SA: %02X%02X%02X%02X",
595 cl->reader->prid[i][1], cl->reader->prid[i][2], cl->reader->prid[i][3], cl->reader->sa[i][0],
596 cl->reader->sa[i][1], cl->reader->sa[i][2], cl->reader->sa[i][3]);
597 }
598
599 memcpy(cl->reader->ncd_skey, key, 16);
600
601 // 6. Set card inserted
602 cl->reader->tcp_connected = 2;
603 cl->reader->card_status = CARD_INSERTED;
604 cl->reader->last_g = cl->reader->last_s = time((time_t *)0);
605
606 // Only after connect() on cl->udp_fd (Linux)
607 cl->pfd = cl->udp_fd;
608
609 if(cl->reader->ncd_disable_server_filt) // act like mgclient
610 {
611 network_cmd_no_data_send(handle, &cl->ncd_msgid, MSG_SERVER_2_CLIENT_GET_VERSION, key, COMMTYPE_CLIENT);
612 }
613
614 return 0;
615 }
616
617 static int32_t newcamd_connect(void)
618 {
619 struct s_client *cl = cur_client();
620
621 if(cl->reader->tcp_connected < 2 && connect_newcamd_server() < 0)
622 {
623 return 0;
624 }
625
626 if(!cl->udp_fd)
627 {
628 return 0;
629 }
630
631 return 1;
632 }
633
634 static int32_t newcamd_send(uint8_t *buf, int32_t ml, uint16_t sid)
635 {
636 struct s_client *cl = cur_client();
637
638 if(!newcamd_connect())
639 {
640 return -1;
641 }
642
643 return network_message_send(cl->udp_fd, &cl->ncd_msgid, buf, ml,
644 cl->reader->ncd_skey, COMMTYPE_CLIENT, sid, NULL);
645 }
646
647 static int32_t newcamd_recv(struct s_client *client, uint8_t *buf, int32_t UNUSED(l))
648 {
649 int32_t rc, rs;
650
651 if(client->typ == 'c')
652 {
653 rs = network_message_receive(client->udp_fd, &client->ncd_msgid, buf,
654 client->ncd_skey, COMMTYPE_SERVER);
655 }
656 else
657 {
658 if(!client->udp_fd)
659 {
660 return (-1);
661 }
662
663 rs = network_message_receive(client->udp_fd, &client->ncd_msgid, buf,
664 client->reader->ncd_skey, COMMTYPE_CLIENT);
665 }
666
667 if(rs < 5)
668 {
669 rc = -1;
670 }
671 else
672 {
673 rc = rs;
674 }
675
676 cs_log_dump_dbg(D_CLIENT, buf, rs, "received %d bytes from %s", rs, remote_txt());
677
678 client->last = time((time_t *) 0);
679
680 if(rc == -1)
681 {
682 if(rs > 0)
683 {
684 cs_log("packet is too small (%d bytes)", rs);
685 }
686 else
687 {
688 cs_log("Connection closed to %s", remote_txt());
689 }
690 }
691
692 return (rc);
693 }
694
695 static void mk_user_au_ftab(struct s_reader *aureader, FILTER *filt)
696 {
697 int32_t i, j, found;
698 FILTER old_filter;
699
700 memcpy(&old_filter, filt, sizeof(old_filter));
701 memset(filt, 0, sizeof(*filt));
702
703 filt->caid = aureader->caid;
704 if(filt->caid == 0)
705 {
706 filt->caid = old_filter.caid;
707 }
708
709 for(i = 0; i < aureader->nprov && filt->nprids < CS_MAXPROV; i++)
710 {
711 filt->prids[filt->nprids++] = b2i(3, &aureader->prid[i][1]);
712 }
713
714 for(i = 0; i < old_filter.nprids && filt->nprids < CS_MAXPROV; i++)
715 {
716 for(j = found = 0; (!found) && (j < filt->nprids); j++)
717 {
718 if(old_filter.prids[i] == filt->prids[j])
719 {
720 found = 1;
721 }
722 }
723
724 if(!found)
725 {
726 filt->prids[filt->nprids++] = old_filter.prids[i];
727 }
728 }
729 }
730
731 static void mk_user_ftab(FILTER *filt)
732 {
733 int32_t port_idx, i, j, k, c;
734 struct s_client *cl = cur_client();
735
736 memset(filt, 0, sizeof(*filt));
737
738 port_idx = cl->port_idx;
739 if(!cfg.ncd_ptab.ports[port_idx].ncd)
740 {
741 return;
742 }
743
744 FILTER *psfilt = &cfg.ncd_ptab.ports[port_idx].ncd->ncd_ftab.filts[0];
745
746 // 1. CAID
747 // search server CAID in client CAID
748 for(c = i = 0; i < cl->ctab.ctnum; i++)
749 {
750 CAIDTAB_DATA *d = &cl->ctab.ctdata[i];
751
752 int32_t ctab_caid = d->caid & d->mask;
753 if(ctab_caid)
754 {
755 c++;
756 }
757
758 if(psfilt->caid == ctab_caid)
759 {
760 filt->caid = ctab_caid;
761 break;
762 }
763 }
764
765 if(c && !filt->caid)
766 {
767 cs_log("no valid CAID found in CAID for user '%s'", cl->account->usr);
768 return;
769 }
770
771 // search CAID in client IDENT
772 cs_log_dbg(D_CLIENT, "client[%8lX].%s nfilts=%d, filt.caid=%04X", (unsigned long)pthread_self(),
773 cl->account->usr, cl->ftab.nfilts, filt->caid);
774
775 if(!filt->caid && cl->ftab.nfilts)
776 {
777 int32_t fcaids;
778 for(i = fcaids = 0; i < cl->ftab.nfilts; i++)
779 {
780 uint16_t ucaid = cl->ftab.filts[i].caid;
781 if(ucaid)
782 {
783 fcaids++;
784 }
785
786 if(ucaid && psfilt->caid == ucaid)
787 {
788 filt->caid = ucaid;
789 break;
790 }
791 }
792
793 if(fcaids == cl->ftab.nfilts && !filt->caid)
794 {
795 cs_log("no valid CAID found in IDENT for user '%s'", cl->account->usr);
796 //cs_disconnect_client();
797 return;
798 }
799 }
800
801 // empty client CAID - use server CAID
802 if(!filt->caid)
803 {
804 filt->caid = psfilt->caid;
805 }
806
807 // 2. PROVID
808 if(!cl->ftab.nfilts)
809 {
810 int32_t add;
811 for(i = 0; i < psfilt->nprids && filt->nprids < CS_MAXPROV; i++)
812 {
813 // use server PROVID(s) (and only those which are in user's groups)
814 add = 0;
815 struct s_reader *rdr;
816
817 for(rdr = first_active_reader; rdr ; rdr = rdr->next)
818 {
819 if(rdr->grp & cl->grp)
820 {
821 if(!rdr->ftab.nfilts)
822 {
823 if(is_network_reader(rdr))
824 {
825 add = 1;
826 }
827
828 for(j = 0; !add && j < rdr->nprov; j++)
829 {
830 if(b2i(3, &rdr->prid[j][1]) == psfilt->prids[i])
831 {
832 add = 1;
833 }
834 }
835 }
836 else
837 {
838 for(j = 0; !add && j < rdr->ftab.nfilts; j++)
839 {
840 uint32_t rcaid = rdr->ftab.filts[j].caid;
841 if(!rcaid || rcaid == filt->caid)
842 {
843 for(k = 0; !add && k < rdr->ftab.filts[j].nprids; k++)
844 {
845 if(rdr->ftab.filts[j].prids[k] == psfilt->prids[i])
846 {
847 add = 1;
848 }
849 }
850 }
851 }
852 }
853 }
854 }
855
856 if(add)
857 {
858 filt->prids[filt->nprids++] = psfilt->prids[i];
859 }
860 }
861
862 memcpy(filt, psfilt, sizeof(*filt));
863 return;
864 }
865
866 // search in client IDENT
867 for(j = 0; j < cl->ftab.nfilts; j++)
868 {
869 uint32_t ucaid = cl->ftab.filts[j].caid;
870
871 cs_log_dbg(D_CLIENT, "client caid %d: %04X", j, ucaid);
872
873 if(!ucaid || ucaid == filt->caid)
874 {
875 for(i = 0; i < psfilt->nprids && filt->nprids < CS_MAXPROV; i++)
876 {
877 cs_log_dbg(D_CLIENT, "search server provid %d: %06X", i, psfilt->prids[i]);
878
879 if(cl->ftab.filts[j].nprids)
880 {
881 for(k = 0; k < cl->ftab.filts[j].nprids && filt->nprids < CS_MAXPROV; k++)
882 {
883 if(cl->ftab.filts[j].prids[k] == psfilt->prids[i])
884 {
885 filt->prids[filt->nprids++] = cl->ftab.filts[j].prids[k];
886 }
887 }
888 }
889 else
890 {
891 filt->prids[filt->nprids++] = psfilt->prids[i];
892 // allow server PROVID(s) if no PROVID(s) specified in IDENT
893 }
894 }
895 }
896 }
897
898 if(!filt->nprids)
899 {
900 cs_log("no valid PROVID(s) found in CAID for user '%s'", cl->account->usr);
901 //cs_disconnect_client();
902 }
903 }
904
905 static int8_t newcamd_auth_client(IN_ADDR_T ip, uint8_t *deskey)
906 {
907 int32_t i, ok, rc, sid_list;
908 uint8_t *usr = NULL, *pwd = NULL;
909 struct s_auth *account;
910 uint8_t buf[14];
911 uint8_t key[16];
912 uint8_t passwdcrypt[120];
913 struct s_reader *aureader = NULL, *rdr = NULL;
914 struct s_client *cl = cur_client();
915 uint8_t mbuf[CWS_NETMSGSIZE];
916
917 sid_list = 0;
918
919 ok = cfg.ncd_allowed ? check_ip(cfg.ncd_allowed, ip) : 1;
920
921 if(!ok)
922 {
923 cs_auth_client(cl, (struct s_auth *)0, NULL);
924 return -1;
925 }
926
927 // make random 14 bytes
928 get_random_bytes(buf, 14);
929
930 // send init sequence
931 send(cl->udp_fd, buf, 14, 0);
932 nc_des_login_key_get(buf, deskey, 14, key);
933 memcpy(cl->ncd_skey, key, 16);
934 cl->ncd_msgid = 0;
935
936 i = process_input(mbuf, sizeof(mbuf), cfg.cmaxidle);
937 if(i > 0)
938 {
939 if(mbuf[2] != MSG_CLIENT_2_SERVER_LOGIN)
940 {
941 cs_log_dbg(D_CLIENT, "expected MSG_CLIENT_2_SERVER_LOGIN (%02X), received %02X",
942 MSG_CLIENT_2_SERVER_LOGIN, mbuf[2]);
943 return -1;
944 }
945
946 usr = mbuf + 5;
947 pwd = usr + strlen((char *)usr) + 1;
948 }
949 else
950 {
951 cs_log_dbg(D_CLIENT, "bad client login request");
952 return -1;
953 }
954
955 cl->ncd_client_id = (mbuf[0] << 8) | mbuf[1];
956 const char *client_name = newcamd_get_client_name(cl->ncd_client_id);
957
958 #if defined(TCP_KEEPIDLE)
959 if(cl->ncd_client_id == 0x4453) // DiabloWifi has problems with TCPKeepAlive
960 {
961 int32_t flag = 600;
962
963 // send first keepalive packet after 600 seconds of
964 // last package received (keepalive packets included)
965 if(setsockopt(cl->udp_fd, IPPROTO_TCP, TCP_KEEPIDLE, &flag, sizeof(flag)) && errno != EBADF)
966 {
967 cs_log("Setting TCP_KEEPIDLE failed, errno=%d, %s", errno, strerror(errno));
968 }
969 else
970 {
971 cs_log("WARNING: Setting TCP_KEEPIDLE to 10 minutes for bugged DiabloWifi. Note that this might lead to not detected broken connections or multiple connections.");
972 }
973 }
974 #endif
975
976 if(cl->ncd_proto == NCD_525 && 0x6D == mbuf[0] && 0x67 == mbuf[1] && 0x11 == cl->ncd_header[11])
977 {
978 sid_list = 1;
979 }
980
981 for(ok = 0, account = cfg.account; usr && account && (!ok); account = account->next)
982 {
983 cs_log_dbg(D_CLIENT, "account->usr=%s", account->usr);
984
985 if(strcmp((char *)usr, account->usr) == 0)
986 {
987 __md5_crypt(ESTR(account->pwd), "$1$abcdefgh$", (char *)passwdcrypt);
988 cs_log_dbg(D_CLIENT, "account->pwd=%s", passwdcrypt);
989
990 if(strcmp((char *)pwd, (const char *)passwdcrypt) == 0)
991 {
992 cl->crypted = 1;
993 char e_txt[20];
994
995 snprintf(e_txt, 20, "%s:%d", "newcamd", cfg.ncd_ptab.ports[cl->port_idx].s_port);
996
997 if((rc = cs_auth_client(cl, account, e_txt)) == 2)
998 {
999 cs_log("hostname or ip mismatch for user %s (%s)", usr, client_name);
1000 break;
1001 }
1002 else if(rc != 0)
1003 {
1004 cs_log("account is invalid for user %s (%s)", usr, client_name);
1005 break;
1006 }
1007 else
1008 {
1009 cs_log("user %s authenticated successfully (%s)", usr, client_name);
1010 ok = 1;
1011 break;
1012 }
1013 }
1014 else
1015 {
1016 cs_log("user %s is providing a wrong password (%s)", usr, client_name);
1017 }
1018 }
1019 }
1020
1021 if(!ok && !account)
1022 {
1023 cs_log("user %s is trying to connect but doesnt exist ! (%s)", usr, client_name);
1024 usr = 0;
1025 }
1026
1027 // check for non ready reader and reject client
1028 for(rdr = first_active_reader; rdr ; rdr = rdr->next)
1029 {
1030 if(!cfg.ncd_ptab.ports[cl->port_idx].ncd)
1031 {
1032 continue;
1033 }
1034
1035 if(rdr->caid == cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid)
1036 {
1037 if(rdr->card_status == CARD_NEED_INIT)
1038 {
1039 cs_log("init for reader %s not finished -> reject client", rdr->label);
1040 ok = 0;
1041 }
1042 break;
1043 }
1044 }
1045
1046 if(ok)
1047 {
1048 LL_ITER itr = ll_iter_create(cl->aureader_list);
1049 while((rdr = ll_iter_next(&itr)))
1050 {
1051 int32_t n;
1052
1053 if(!cfg.ncd_ptab.ports[cl->port_idx].ncd)
1054 {
1055 continue;
1056 }
1057
1058 if(cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid == 0
1059 && !rdr->audisabled && (is_network_reader(rdr) || rdr->card_status == CARD_INSERTED))
1060 {
1061 aureader = rdr;
1062 break;
1063 }
1064
1065 for(n = 0; n < cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].nprids; n++)
1066 {
1067 if(emm_reader_match(rdr, cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid,
1068 cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].prids[n]))
1069 {
1070 aureader = rdr;
1071 break;
1072 }
1073 }
1074
1075 if(aureader)
1076 {
1077 break;
1078 }
1079 }
1080
1081 if(aureader)
1082 {
1083 cs_log("AU enabled for user %s on reader %s", usr, aureader->label);
1084 }
1085 else
1086 {
1087 cs_log("AU disabled for user %s", usr);
1088 }
1089 }
1090
1091 network_cmd_no_data_send(cl->udp_fd, &cl->ncd_msgid,
1092 (ok) ? MSG_CLIENT_2_SERVER_LOGIN_ACK : MSG_CLIENT_2_SERVER_LOGIN_NAK,
1093 cl->ncd_skey, COMMTYPE_SERVER);
1094
1095 if(ok)
1096 {
1097 FILTER usr_filter;
1098 FILTER *pufilt = &usr_filter;
1099
1100 nc_des_login_key_get(deskey, passwdcrypt, strlen((char *)passwdcrypt), key);
1101 memcpy(cl->ncd_skey, key, 16);
1102
1103 i = process_input(mbuf, sizeof(mbuf), cfg.cmaxidle);
1104 if(i > 0)
1105 {
1106 int32_t j, len = 15;
1107
1108 if(mbuf[2] != MSG_CARD_DATA_REQ)
1109 {
1110 cs_log_dbg(D_CLIENT, "expected MSG_CARD_DATA_REQ (%02X), received %02X",
1111 MSG_CARD_DATA_REQ, mbuf[2]);
1112 return -1;
1113 }
1114
1115 mk_user_ftab(&usr_filter);
1116
1117 // set userfilter for au enabled clients
1118 if(aureader)
1119 {
1120 #ifdef WITH_EMU
1121 if(aureader->typ == R_EMU)
1122 {
1123 usr_filter = *get_emu_prids_for_caid(aureader, cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid);
1124 }
1125 else
1126 #endif
1127 mk_user_au_ftab(aureader, &usr_filter);
1128 }
1129
1130 ftab_clear(&cl->ftab);
1131
1132 if(!cfg.ncd_mgclient)
1133 {
1134 ftab_add(&cl->ftab, &usr_filter);
1135 }
1136
1137 mbuf[0] = MSG_CARD_DATA;
1138 mbuf[1] = 0x00;
1139 mbuf[2] = 0x00;
1140
1141 if(aureader)
1142 {
1143 mbuf[3] = 1;
1144 }
1145 else
1146 {
1147 mbuf[3] = get_threadnum(cl) + 10; // Unique user number
1148 }
1149
1150 mbuf[4] = (uint8_t)(pufilt->caid >> 8);
1151 mbuf[5] = (uint8_t)(pufilt->caid);
1152 mbuf[6] = 0x00;
1153 mbuf[7] = 0x00;
1154
1155 if(aureader)
1156 {
1157 hexserial_to_newcamd(aureader->hexserial, mbuf + 8, pufilt->caid);
1158 }
1159 else
1160 {
1161 memset(&mbuf[8], 0, 6); // mbuf[8] - mbuf[13]
1162 }
1163
1164 mbuf[14] = pufilt->nprids;
1165
1166 for(j = 0; j < pufilt->nprids; j++)
1167 {
1168 if(caid_is_betacrypt(pufilt->caid) || caid_is_irdeto(pufilt->caid))
1169 {
1170 mbuf[15 + 11 * j] = 0;
1171 mbuf[16 + 11 * j] = 0;
1172 mbuf[17 + 11 * j] = j;
1173 }
1174 else
1175 {
1176 mbuf[15 + 11 * j] = (uint8_t)(pufilt->prids[j] >> 16);
1177 mbuf[16 + 11 * j] = (uint8_t)(pufilt->prids[j] >> 8);
1178 mbuf[17 + 11 * j] = (uint8_t)(pufilt->prids[j]);
1179 }
1180
1181 mbuf[18 + 11 * j] = 0x00;
1182 mbuf[19 + 11 * j] = 0x00;
1183 mbuf[20 + 11 * j] = 0x00;
1184 mbuf[21 + 11 * j] = 0x00;
1185
1186 if(aureader)
1187 {
1188 // check if user provid from IDENT exists on card
1189 int32_t k, found;
1190 uint32_t rprid;
1191 found = 0;
1192
1193 if(pufilt->caid == aureader->caid && aureader->typ != R_EMU)
1194 {
1195 for(k = 0; k < aureader->nprov; k++)
1196 {
1197 rprid = b2i(3, &aureader->prid[k][1]);
1198 if(rprid == pufilt->prids[j])
1199 {
1200 if(caid_is_betacrypt(pufilt->caid) || caid_is_irdeto(pufilt->caid))
1201 {
1202 mbuf[22 + 11 * j] = aureader->prid[k][0];
1203 mbuf[23 + 11 * j] = aureader->prid[k][1];
1204 mbuf[24 + 11 * j] = aureader->prid[k][2];
1205 mbuf[25 + 11 * j] = aureader->prid[k][3];
1206 }
1207 else
1208 {
1209 mbuf[22 + 11 * j] = aureader->sa[k][0];
1210 mbuf[23 + 11 * j] = aureader->sa[k][1];
1211 mbuf[24 + 11 * j] = aureader->sa[k][2];
1212 mbuf[25 + 11 * j] = aureader->sa[k][3];
1213 }
1214
1215 found = 1;
1216 break;
1217 }
1218 }
1219 }
1220
1221 if(!found)
1222 {
1223 mbuf[22 + 11 * j] = 0x00;
1224 mbuf[23 + 11 * j] = 0x00;
1225 mbuf[24 + 11 * j] = 0x00;
1226 mbuf[25 + 11 * j] = 0x00;
1227 }
1228 }
1229 else
1230 {
1231 if(caid_is_betacrypt(pufilt->caid) || caid_is_irdeto(pufilt->caid))
1232 {
1233 mbuf[22 + 11 * j] = 0x00;
1234 mbuf[23 + 11 * j] = (uint8_t)(pufilt->prids[j] >> 16);
1235 mbuf[24 + 11 * j] = (uint8_t)(pufilt->prids[j] >> 8);
1236 mbuf[25 + 11 * j] = (uint8_t)(pufilt->prids[j]);
1237 }
1238 else
1239 {
1240 mbuf[22 + 11 * j] = 0x00;
1241 mbuf[23 + 11 * j] = 0x00;
1242 mbuf[24 + 11 * j] = 0x00;
1243 mbuf[25 + 11 * j] = 0x00;
1244 }
1245 }
1246
1247 len += 11;
1248 }
1249
1250 custom_data_t cd;
1251 memset(&cd, 0, sizeof(cd));
1252
1253 if(aureader)
1254 {
1255 if((aureader->blockemm & EMM_GLOBAL) && !(aureader->saveemm & EMM_GLOBAL))
1256 {
1257 cd.sid |= 4;
1258 }
1259
1260 if((aureader->blockemm & EMM_SHARED) && !(aureader->saveemm & EMM_SHARED))
1261 {
1262 cd.sid |= 2;
1263 }
1264
1265 if((aureader->blockemm & EMM_UNIQUE) && !(aureader->saveemm & EMM_UNIQUE))
1266 {
1267 cd.sid |= 1;
1268 }
1269 }
1270
1271 if(network_message_send(cl->udp_fd, &cl->ncd_msgid, mbuf, len, key, COMMTYPE_SERVER, 0, &cd) < 0)
1272 {
1273 return -1;
1274 }
1275 }
1276
1277 // send SID list
1278 if(sid_list)
1279 {
1280 send_sid_list();
1281 }
1282 }
1283 else
1284 {
1285 cs_auth_client(cl, 0, usr ? "login failure" : "no such user");
1286 return -1;
1287 }
1288
1289 return 0;
1290 }
1291
1292 static void newcamd_send_dcw(struct s_client *client, ECM_REQUEST *er)
1293 {
1294 int32_t len;
1295 uint16_t cl_msgid;
1296 uint8_t mbuf[19];
1297
1298 if(!client->udp_fd)
1299 {
1300 cs_log_dbg(D_CLIENT, "ncd_send_dcw: error: client->udp_fd=%d", client->udp_fd);
1301 return;
1302 }
1303
1304 cl_msgid = er->msgid;
1305 mbuf[0] = er->ecm[0];
1306
1307 if(er->rc >= E_NOTFOUND) // not found
1308 {
1309 len = 3;
1310 mbuf[1] = mbuf[2] = 0x00;
1311 }
1312 else
1313 {
1314 len = 19;
1315 mbuf[1] = mbuf[2] = 0x10;
1316 memcpy(mbuf + 3, er->cw, 16);
1317 }
1318
1319 cs_log_dbg(D_CLIENT, "ncd_send_dcw: er->msgid=%d, cl_msgid=%d, %02X", er->msgid, cl_msgid, mbuf[0]);
1320
1321 network_message_send(client->udp_fd, &cl_msgid, mbuf, len, client->ncd_skey, COMMTYPE_SERVER, 0, NULL);
1322 }
1323
1324 static void newcamd_process_ecm(struct s_client *cl, uint8_t *buf, int32_t len)
1325 {
1326 int32_t pi;
1327 ECM_REQUEST *er;
1328 uint16_t ecmlen;
1329
1330 if(len < 5)
1331 {
1332 return;
1333 }
1334
1335 ecmlen = SCT_LEN((&buf[2]));
1336 if(ecmlen < 4 || ecmlen > MAX_ECM_SIZE || ecmlen + 2 > len)
1337 {
1338 return;
1339 }
1340
1341 if(!(er = get_ecmtask()))
1342 {
1343 return;
1344 }
1345
1346 // save client ncd_msgid
1347 er->msgid = cl->ncd_msgid;
1348 er->ecmlen = ecmlen;
1349
1350 cs_log_dbg(D_CLIENT, "ncd_process_ecm: er->msgid=%d len=%d ecmlen=%d", er->msgid, len, er->ecmlen);
1351
1352 er->srvid = cl->ncd_header[4] << 8 | cl->ncd_header[5];
1353 er->caid = cl->ncd_header[6] << 8 | cl->ncd_header[7];
1354 er->prid = cl->ncd_header[8] << 16 | cl->ncd_header[9] << 8 | cl->ncd_header[10];
1355
1356 if(!er->caid)
1357 {
1358 pi = cl->port_idx;
1359 if(cfg.ncd_ptab.nports && cfg.ncd_ptab.nports >= pi && cfg.ncd_ptab.ports[pi].ncd)
1360 {
1361 er->caid = cfg.ncd_ptab.ports[pi].ncd->ncd_ftab.filts[0].caid;
1362 }
1363 }
1364
1365 memcpy(er->ecm, buf + 2, er->ecmlen);
1366 get_cw(cl, er);
1367 }
1368
1369 static void newcamd_process_emm(uint8_t *buf, int32_t len)
1370 {
1371 int32_t ok = 1, provid;
1372 uint16_t caid = 0;
1373 struct s_client *cl = cur_client();
1374 EMM_PACKET epg;
1375
1376 if(len < 3)
1377 {
1378 return;
1379 }
1380
1381 memset(&epg, 0, sizeof(epg));
1382
1383 epg.emmlen = SCT_LEN(buf);
1384 if(epg.emmlen > MAX_EMM_SIZE || epg.emmlen > len)
1385 {
1386 return;
1387 }
1388
1389 caid = cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid;
1390
1391 epg.caid[0] = (uint8_t)(caid >> 8);
1392 epg.caid[1] = (uint8_t)(caid);
1393
1394 provid = cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].prids[0];
1395
1396 epg.provid[0] = (uint8_t)(provid >> 24);
1397 epg.provid[1] = (uint8_t)(provid >> 16);
1398 epg.provid[2] = (uint8_t)(provid >> 8);
1399 epg.provid[3] = (uint8_t)(provid);
1400
1401 /*if(caid == 0x0500)
1402 {
1403 uint16_t emm_head;
1404
1405 emm_head = (buf[0]<<8) | buf[1];
1406 switch( emm_head )
1407 {
1408 case 0x8e70: // EMM-S
1409 memcpy(epg.hexserial+1, buf+3, 4);
1410 epg.hexserial[4]=aureader->hexserial[4];
1411 break;
1412 case 0x8870: // EMM-U
1413 case 0x8c70: // confidential?
1414 default:
1415 cs_log("unsupported emm type: %04X", emm_head);
1416 ok=0;
1417 }
1418
1419 if(!ok) cs_log("only EMM-S supported");
1420 }
1421 else*/
1422
1423 memcpy(epg.emm, buf, epg.emmlen);
1424
1425 if(ok)
1426 {
1427 do_emm(cl, &epg);
1428 }
1429
1430 // Should always send an answer to client (also if au is disabled),
1431 // some clients will disconnect if they get no answer
1432 buf[1] = 0x10;
1433 buf[2] = 0x00;
1434
1435 network_message_send(cl->udp_fd, &cl->ncd_msgid, buf, 3, cl->ncd_skey, COMMTYPE_SERVER, 0, NULL);
1436 }
1437
1438 static void newcamd_report_cards(struct s_client *client)
1439 {
1440 int32_t j, k, l;
1441 uint8_t buf[512];
1442 custom_data_t *cd;
1443
1444 if(!cs_malloc(&cd, sizeof(struct custom_data)))
1445 {
1446 return;
1447 }
1448
1449 memset(buf, 0, sizeof(buf));
1450
1451 cd->sid = cfg.ncd_ptab.ports[client->port_idx].s_port;
1452 buf[0] = MSG_SERVER_2_CLIENT_ADDCARD;
1453
1454 struct s_reader *rdr;
1455 for(rdr = first_active_reader; rdr ; rdr = rdr->next)
1456 {
1457 int32_t flt = 0;
1458
1459 if(!(rdr->grp & client->grp))
1460 {
1461 continue; // test - skip unaccesible readers
1462 }
1463
1464 if(rdr->ftab.filts)
1465 {
1466 for(j = 0; j < rdr->ftab.nfilts; j++)
1467 {
1468 if(rdr->ftab.filts[j].caid)
1469 {
1470 cd->caid = rdr->ftab.filts[j].caid;
1471
1472 if(!rdr->ftab.filts[j].nprids)
1473 {
1474 cd->provid = 0;
1475 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X svc", cd->caid, cd->provid);
1476
1477 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1478 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1479 }
1480
1481 for(k = 0; k < rdr->ftab.filts[j].nprids; k++)
1482 {
1483 cd->provid = rdr->ftab.filts[j].prids[k];
1484 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X svc", cd->caid, cd->provid);
1485
1486 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1487 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1488 flt = 1;
1489 }
1490 }
1491 }
1492 }
1493
1494 if(rdr->caid && !flt)
1495 {
1496 if((rdr->tcp_connected || rdr->card_status == CARD_INSERTED))
1497 {
1498 cd->caid = rdr->caid;
1499 if(!rdr->nprov)
1500 {
1501 cd->provid = 0;
1502 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X caid", cd->caid, cd->provid);
1503
1504 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1505 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1506 }
1507
1508 for(j = 0; j < rdr->nprov; j++)
1509 {
1510 cd->provid = (rdr->prid[j][1]) << 16 | (rdr->prid[j][2] << 8) | rdr->prid[j][3];
1511 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X caid", cd->caid, cd->provid);
1512
1513 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1514 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1515 }
1516 }
1517 }
1518 }
1519
1520 if(cfg.sidtab && client->account)
1521 {
1522 struct s_sidtab *ptr;
1523 for(j = 0, ptr = cfg.sidtab; ptr; ptr = ptr->next, j++)
1524 {
1525 if(client->account->sidtabs.ok & ((SIDTABBITS)1 << j))
1526 {
1527 for(k = 0; k < ptr->num_caid; k++)
1528 {
1529 cd->caid = ptr->caid[k];
1530
1531 if(!ptr->num_provid)
1532 {
1533 cd->provid = 0;
1534 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X acs", cd->caid, cd->provid);
1535
1536 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1537 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1538 }
1539
1540 for(l = 0; l < ptr->num_provid; l++)
1541 {
1542 cd->provid = ptr->provid[l];
1543 cs_log_dbg(D_CLIENT, "newcamd: extended: report card %04X@%06X acs", cd->caid, cd->provid);
1544
1545 network_message_send(client->udp_fd, &client->ncd_msgid, buf, 3,
1546 client->ncd_skey, COMMTYPE_SERVER, 0, cd);
1547 }
1548 }
1549 }
1550 }
1551 }
1552
1553 NULLFREE(cd);
1554 }
1555
1556 static void newcamd_server_init(struct s_client *client)
1557 {
1558 int8_t res = 0;
1559
1560 client->ncd_server = 1;
1561 cs_log("client connected to %d port", cfg.ncd_ptab.ports[client->port_idx].s_port);
1562
1563 if(cfg.ncd_ptab.ports[client->port_idx].ncd && cfg.ncd_ptab.ports[client->port_idx].ncd->ncd_key_is_set)
1564 {
1565 // port has a des key specified
1566 res = newcamd_auth_client(client->ip, cfg.ncd_ptab.ports[client->port_idx].ncd->ncd_key);
1567 }
1568 else
1569 {
1570 // default global des key
1571 res = newcamd_auth_client(client->ip, cfg.ncd_key);
1572 }
1573
1574 if(res == -1)
1575 {
1576 cs_disconnect_client(client);
1577 return;
1578 }
1579
1580 // report all cards if using extended mg proto
1581 if(cfg.ncd_mgclient)
1582 {
1583 cs_log_dbg(D_CLIENT, "newcamd: extended: report all available cards");
1584 newcamd_report_cards(client);
1585 }
1586
1587 }
1588
1589 #define EXT_VERSION_STR "1.67"
1590 #define EXT_VERSION_LEN 4
1591
1592 static void newcamd_send_version(struct s_client *client)
1593 {
1594 uint8_t buf[30];
1595 memset(buf, 0, sizeof(buf));
1596
1597 buf[0] = MSG_SERVER_2_CLIENT_GET_VERSION;
1598 buf[1] = EXT_VERSION_LEN >> 8;
1599 buf[2] = EXT_VERSION_LEN & 0xFF;
1600 memcpy(buf + 3, EXT_VERSION_STR, EXT_VERSION_LEN);
1601
1602 network_message_send(client->udp_fd, &client->ncd_msgid, buf, EXT_VERSION_LEN + 3,
1603 client->ncd_skey, COMMTYPE_SERVER, 0, NULL);
1604 }
1605
1606 static void *newcamd_server(struct s_client *client, uint8_t *mbuf, int32_t len)
1607 {
1608 // check for clienttimeout, if timeout occurs try to send keepalive / wait for answer
1609 // befor client was disconnected. If keepalive was disabled, exit after clienttimeout
1610
1611 if(len < 3)
1612 {
1613 return NULL;
1614 }
1615
1616 cs_log_dbg(D_CLIENT, "newcamd: got cmd %d", mbuf[2]);
1617
1618 switch(mbuf[2])
1619 {
1620 case 0x80:
1621 case 0x81:
1622 {
1623 newcamd_process_ecm(client, mbuf, len);
1624 break;
1625 }
1626
1627 case MSG_SERVER_2_CLIENT_GET_VERSION:
1628 {
1629 cs_log_dbg(D_CLIENT, "newcamd: extended: send Version 1.67");
1630 newcamd_send_version(client);
1631 break;
1632 }
1633
1634 case MSG_KEEPALIVE:
1635 {
1636 newcamd_reply_ka();
1637 break;
1638 }
1639
1640 default:
1641 {
1642 if(mbuf[2] > 0x81 && mbuf[2] < 0x92)
1643 {
1644 newcamd_process_emm(mbuf + 2, len - 2);
1645 }
1646 else
1647 {
1648 cs_log_dbg(D_CLIENT, "unknown newcamd command! (%d)", mbuf[2]);
1649 }
1650 }
1651 }
1652
1653 return NULL;
1654 }
1655
1656 void newcamd_idle(void)
1657 {
1658 struct s_client *client = cur_client();
1659 struct s_reader *rdr = client->reader;
1660
1661 if(!rdr)
1662 {
1663 return;
1664 }
1665
1666 if(rdr->tcp_ito > 0)
1667 {
1668 // inactivitytimeout > 0 enables protocol keepalive packages
1669 time_t now;
1670 int32_t time_diff;
1671
1672 time(&now);
1673 time_diff = llabs(now - rdr->last_s);
1674
1675 if(time_diff > (rdr->tcp_ito))
1676 {
1677 if(client->ncd_keepalive)
1678 {
1679 newcamd_reply_ka();
1680 }
1681 else
1682 {
1683 network_tcp_connection_close(client->reader, "inactivity");
1684 }
1685 }
1686 }
1687 else if(rdr->tcp_ito == -1)
1688 {
1689 // idle reconnect
1690 newcamd_connect();
1691 }
1692 }
1693
1694 /*
1695 * client functions
1696 */
1697
1698 int32_t newcamd_client_init(struct s_client *client)
1699 {
1700 char ptxt[1] = { "\0" };
1701
1702 client->ncd_proto = client->reader->ncd_proto;
1703
1704 cs_log("proxy %s:%d newcamd52%d (fd=%d%s)", client->reader->device, client->reader->r_port,
1705 (client->reader->ncd_proto == NCD_525) ? 5 : 4, client->udp_fd, ptxt);
1706
1707 // try to connect. ignore possible failures
1708 // idle reconnect (tcp_ito = -1) will trigger an additional connect anyway
1709 if(client->reader->ncd_connect_on_init && client->reader->tcp_ito != -1)
1710 {
1711 newcamd_connect();
1712 }
1713
1714 return 0;
1715 }
1716
1717 static int32_t newcamd_send_ecm(struct s_client *client, ECM_REQUEST *er)
1718 {
1719 struct s_reader *rdr = client->reader;
1720
1721 if(!newcamd_connect())
1722 {
1723 return -1;
1724 }
1725
1726 // check server filters
1727 if(!chk_rsfilter(rdr, er))
1728 {
1729 return -1;
1730 }
1731
1732 uint8_t *buf;
1733 if(!cs_malloc(&buf, er->ecmlen))
1734 {
1735 return -1;
1736 }
1737
1738 memcpy(buf, er->ecm, er->ecmlen);
1739
1740 client->ncd_header[4] = er->srvid >> 8;
1741 client->ncd_header[5] = er->srvid & 0xFF;
1742 client->ncd_header[6] = er->caid >> 8;
1743 client->ncd_header[7] = er->caid & 0xFF;
1744 client->ncd_header[8] = er->prid >> 16;
1745 client->ncd_header[9] = er->prid >> 8;
1746 client->ncd_header[10] = er->prid & 0xFF;
1747
1748 int32_t rc = (newcamd_send(buf, er->ecmlen, er->srvid) < 1) ? -1 : 0;
1749
1750 NULLFREE(buf);
1751 return (rc);
1752 }
1753
1754 static int32_t newcamd_send_emm(EMM_PACKET *ep)
1755 {
1756 uint8_t buf[ep->emmlen];
1757
1758 if(!newcamd_connect())
1759 {
1760 return -1;
1761 }
1762
1763 memcpy(buf, ep->emm, ep->emmlen);
1764
1765 return (newcamd_send(buf, ep->emmlen, 0) < 1) ? 0 : 1;
1766 }
1767
1768 static int32_t newcamd_recv_chk(struct s_client *client, uint8_t *dcw, int32_t *rc, uint8_t *buf, int32_t n)
1769 {
1770 uint16_t idx = -1;
1771
1772 if(n < 5)
1773 {
1774 return -1;
1775 }
1776
1777 switch(buf[2])
1778 {
1779 case 0x80:
1780 case 0x81:
1781 {
1782 idx = (buf[0] << 8) | buf[1];
1783
1784 if(n == 5) // not found on server
1785 {
1786 *rc = 0;
1787 memset(dcw, 0, 16);
1788 break;
1789 }
1790
1791 if(n < 21)
1792 {
1793 cs_log_dbg(D_CLIENT, "invalid newcamd answer");
1794 return (-1);
1795 }
1796
1797 *rc = 1;
1798 memcpy(dcw, buf + 5, 16);
1799 break;
1800 }
1801
1802 case MSG_KEEPALIVE:
1803 {
1804 return -1;
1805 }
1806
1807 case MSG_SERVER_2_CLIENT_ADDCARD:
1808 {
1809 if(client->reader)
1810 {
1811 client->reader->ncd_disable_server_filt = 1;
1812 }
1813
1814 return -1;
1815 }
1816
1817 default:
1818 {
1819 if(buf[2] > 0x81 && buf[2] < 0x92) // answer to emm
1820 {
1821 return -1;
1822 }
1823
1824 cs_log_dbg(D_CLIENT, "unknown newcamd command from server");
1825 return -1;
1826 }
1827 }
1828
1829 return idx;
1830 }
1831
1832 /*
1833 * resolve client type for newcamd protocol
1834 */
1835 const char *newcamd_get_client_name(uint16_t client_id)
1836 {
1837 // When adding new entries keep the list sorted!
1838 static const struct
1839 {
1840 uint16_t id;
1841 const char *client;
1842 } ncd_service_ids[] =
1843 {
1844 { 0x0000, "generic" },
1845 { 0x02C2, "Opticum" },
1846 { 0x0665, "rq-sssp-client-CS" },
1847 { 0x0666, "rqcamd" },
1848 { 0x0667, "rq-echo-client" },
1849 { 0x0669, "rq-sssp-client-CW" },
1850 { 0x0769, "JlsRq" },
1851 { 0x414C, "AlexCS" },
1852 { 0x4333, "camd3" },
1853 { 0x4343, "CCcam" },
1854 { 0x434C, "Cardlink" },
1855 { 0x4453, "DiabloCam-UW" },
1856 { 0x4543, "eyetvCamd" },
1857 { 0x4765, "Octagon" },
1858 { 0x4C43, "LCE" },
1859 { 0x4E58, "NextYE2k" },
1860 { 0x5342, "SBCL" },
1861 { 0x5456, "Tecview" },
1862 { 0x5644, "vdr-sc" },
1863 { 0x5743, "WiCard" },
1864 { 0x6378, "cx" },
1865 { 0x6502, "Tvheadend" },
1866 { 0x6576, "evocamd" },
1867 { 0x6762, "gbox2CS" },
1868 { 0x6B61, "Kaffeine" },
1869 { 0x6B63, "kpcs" },
1870 { 0x6D63, "mpcs" },
1871 { 0x6D67, "mgcamd" },
1872 { 0x6E65, "NextYE2k" },
1873 { 0x6E73, "NewCS" },
1874 { 0x7264, "radegast" },
1875 { 0x7363, "Scam" },
1876 { 0x7763, "WinCSC" },
1877 { 0x7878, "tsdecrypt" },
1878 { 0x8888, "OSCam" },
1879 { 0x9911, "ACamd" },
1880 { 0x9922, "DVBplug" },
1881 { 0xFFFF, NULL }
1882 };
1883
1884 int i = 0;
1885
1886 while(1)
1887 {
1888 if(!ncd_service_ids[i].client)
1889 {
1890 break;
1891 }
1892
1893 if(ncd_service_ids[i].id == client_id)
1894 {
1895 return ncd_service_ids[i].client;
1896 }
1897
1898 i++;
1899 }
1900
1901 return "unknown - please report";
1902 }
1903
1904 void module_newcamd(struct s_module *ph)
1905 {
1906 ph->desc = "newcamd";
1907 ph->type = MOD_CONN_TCP;
1908 ph->large_ecm_support = 1;
1909 ph->listenertype = LIS_NEWCAMD;
1910 IP_ASSIGN(ph->s_ip, cfg.ncd_srvip);
1911 ph->s_handler = newcamd_server;
1912 ph->s_init = newcamd_server_init;
1913 ph->recv = newcamd_recv;
1914 ph->send_dcw = newcamd_send_dcw;
1915 ph->ptab = cfg.ncd_ptab;
1916 ph->c_init = newcamd_client_init;
1917 ph->c_recv_chk = newcamd_recv_chk;
1918 ph->c_send_ecm = newcamd_send_ecm;
1919 ph->c_send_emm = newcamd_send_emm;
1920 ph->c_idle = newcamd_idle;
1921 ph->num = R_NEWCAMD;
1922 }
1923 #endif
Open Source Conditional Access Modul