1 #define MODULE_LOG_PREFIX "chk"
4 #include "oscam-cache.h"
7 #include "oscam-client.h"
8 #include "oscam-lock.h"
10 #include "oscam-string.h"
11 #include "module-stat.h"
12 #include "oscam-reader.h"
14 #define CS_NANO_CLASS 0xE2
18 uint32_t get_fallbacktimeout(uint16_t caid
)
20 uint32_t ftimeout
= caidvaluetab_get_value(&cfg
.ftimeouttab
, caid
, 0);
22 if(ftimeout
== 0) { ftimeout
= cfg
.ftimeout
; }
24 if(ftimeout
< 100) { ftimeout
= CS_CLIENT_TIMEOUT
/ 2; }
25 if(ftimeout
>= cfg
.ctimeout
) { ftimeout
= cfg
.ctimeout
- 100; }
30 static int32_t find_nano(uint8_t *ecm
, int32_t l
, uint8_t nano
, int32_t s
)
34 if(s
>= l
) { return 0; }
35 if(!s
) { s
= (ecm
[4] == 0xD2) ? 12 : 9; } // tpsflag -> offset+3
38 while((*snano
!= nano
) && (s
< l
))
40 if(*snano
== 0xEA) { return 0; }
45 return (s
< l
) ? ++s
: 0;
48 static int32_t chk_class(ECM_REQUEST
*er
, CLASSTAB
*clstab
, const char *type
, const char *name
)
50 int32_t i
, j
, an
, cl_n
, l
;
53 if(er
->caid
!= 0x0500 && er
->caid
!= 0x4AE1) { return 1; }
54 if(!clstab
->bn
&& !clstab
->an
) { return 1; }
56 j
= an
= cl_n
= l
= 0;
58 if(er
->caid
== 0x0500)
60 while((j
= find_nano(er
->ecm
, er
->ecmlen
, CS_NANO_CLASS
, j
)) > 0)
63 if(l
+ j
> er
->ecmlen
) { continue; } // skip, this is not a valid class identifier!
65 ecm_class
= er
->ecm
[j
+ l
];
66 cs_log_dbg(D_CLIENT
, "ecm class=%02X", ecm_class
);
68 for(i
= 0; i
< clstab
->bn
; i
++) // search in blocked
70 if(ecm_class
== clstab
->bclass
[i
])
72 cs_log_dbg(D_CLIENT
, "class %02X rejected by %s '%s' !%02X filter",
73 ecm_class
, type
, name
, ecm_class
);
79 for(i
= 0; i
< clstab
->an
; i
++) // search in allowed
81 if(ecm_class
== clstab
->aclass
[i
])
92 if(er
->prid
!= 0x11 || er
->ecm
[0] == 0) { return 1; }
95 ecm_class
= er
->ecm
[5];
96 cs_log_dbg(D_CLIENT
, "ecm class=%02X", ecm_class
);
98 for(i
= 0; i
< clstab
->bn
; i
++) // search in blocked
100 if(ecm_class
== clstab
->bclass
[i
])
102 cs_log_dbg(D_CLIENT
, "class %02X rejected by %s '%s' !%02X filter",
103 ecm_class
, type
, name
, ecm_class
);
108 for(i
= 0; i
< clstab
->an
; i
++) // search in allowed
110 if(ecm_class
== clstab
->aclass
[i
])
118 if(cl_n
&& clstab
->an
)
121 { cs_log_dbg(D_CLIENT
, "ECM classes allowed by %s '%s' filter", type
, name
); }
124 cs_log_dbg(D_CLIENT
, "ECM classes don't match %s '%s' filter, rejecting", type
, name
);
132 int32_t chk_srvid_match(ECM_REQUEST
*er
, SIDTAB
*sidtab
)
136 if(!sidtab
->num_caid
)
139 for(i
= 0; (i
< sidtab
->num_caid
) && (!(rc
& 1)); i
++)
140 if(er
->caid
== sidtab
->caid
[i
]) { rc
|= 1; }
142 if(!er
->prid
|| !sidtab
->num_provid
)
145 for(i
= 0; (i
< sidtab
->num_provid
) && (!(rc
& 2)); i
++)
146 if(er
->prid
== sidtab
->provid
[i
]) { rc
|= 2; }
148 if(!sidtab
->num_srvid
)
151 for(i
= 0; (i
< sidtab
->num_srvid
) && (!(rc
& 4)); i
++)
152 if(er
->srvid
== sidtab
->srvid
[i
]) { rc
|= 4; }
157 int32_t chk_srvid(struct s_client
*cl
, ECM_REQUEST
*er
)
164 if(!cl
->sidtabs
.no
) { return (1); }
168 for(nr
= 0, sidtab
= cfg
.sidtab
; sidtab
; sidtab
= sidtab
->next
, nr
++)
170 if(sidtab
->num_caid
| sidtab
->num_provid
| sidtab
->num_srvid
)
172 if((cl
->sidtabs
.no
& ((SIDTABBITS
)1 << nr
)) && (chk_srvid_match(er
, sidtab
)))
175 if((cl
->sidtabs
.ok
& ((SIDTABBITS
)1 << nr
)) && (chk_srvid_match(er
, sidtab
)))
182 int32_t has_srvid(struct s_client
*cl
, ECM_REQUEST
*er
)
190 for(nr
= 0, sidtab
= cfg
.sidtab
; sidtab
; sidtab
= sidtab
->next
, nr
++)
192 if(sidtab
->num_srvid
)
194 if((cl
->sidtabs
.ok
& ((SIDTABBITS
)1 << nr
)) && (chk_srvid_match(er
, sidtab
)))
201 int32_t has_lb_srvid(struct s_client
*cl
, ECM_REQUEST
*er
)
203 if(!cl
->lb_sidtabs
.ok
)
209 for(nr
= 0, sidtab
= cfg
.sidtab
; sidtab
; sidtab
= sidtab
->next
, nr
++)
211 if((cl
->lb_sidtabs
.ok
& ((SIDTABBITS
)1 << nr
)) && (chk_srvid_match(er
, sidtab
)))
217 int32_t chk_srvid_match_by_caid_prov(uint16_t caid
, uint32_t provid
, SIDTAB
*sidtab
)
221 if(!sidtab
->num_caid
)
224 for(i
= 0; (i
< sidtab
->num_caid
) && (!(rc
& 1)); i
++)
225 if(caid
== sidtab
->caid
[i
]) { rc
|= 1; }
227 if(!sidtab
->num_provid
)
230 for(i
= 0; (i
< sidtab
->num_provid
) && (!(rc
& 2)); i
++)
231 if(provid
== sidtab
->provid
[i
]) { rc
|= 2; }
236 int32_t chk_srvid_by_caid_prov(struct s_client
*cl
, uint16_t caid
, uint32_t provid
)
243 if(!cl
->sidtabs
.no
) { return (1); }
247 for(nr
= 0, sidtab
= cfg
.sidtab
; sidtab
; sidtab
= sidtab
->next
, nr
++)
249 if(sidtab
->num_caid
| sidtab
->num_provid
)
251 if((cl
->sidtabs
.no
& ((SIDTABBITS
)1 << nr
)) && !sidtab
->num_srvid
&&
252 (chk_srvid_match_by_caid_prov(caid
, provid
, sidtab
)))
255 if((cl
->sidtabs
.ok
& ((SIDTABBITS
)1 << nr
)) &&
256 (chk_srvid_match_by_caid_prov(caid
, provid
, sidtab
)))
263 int32_t chk_srvid_by_caid_prov_rdr(struct s_reader
*rdr
, uint16_t caid
, uint32_t provid
)
270 if(!rdr
->sidtabs
.no
) { return (1); }
274 for(nr
= 0, sidtab
= cfg
.sidtab
; sidtab
; sidtab
= sidtab
->next
, nr
++)
276 if(sidtab
->num_caid
| sidtab
->num_provid
)
278 if((rdr
->sidtabs
.no
& ((SIDTABBITS
)1 << nr
)) && !sidtab
->num_srvid
&&
279 (chk_srvid_match_by_caid_prov(caid
, provid
, sidtab
)))
282 if((rdr
->sidtabs
.ok
& ((SIDTABBITS
)1 << nr
)) &&
283 (chk_srvid_match_by_caid_prov(caid
, provid
, sidtab
)))
290 int32_t chk_is_betatunnel_caid(uint16_t caid
)
292 if(caid
== 0x1702 || caid
== 0x1722) { return 1; }
293 if(caid
== 0x1801 || caid
== 0x1833 || caid
== 0x1834 || caid
== 0x1835) { return 2; }
297 uint16_t chk_on_btun(uint8_t chk_sx
, struct s_client
*cl
, ECM_REQUEST
*er
)
299 if(chk_is_betatunnel_caid(er
->caid
))
307 for(i
= 0; i
< ttab
->ttnum
; i
++)
309 if(er
->caid
== ttab
->ttdata
[i
].bt_caidfrom
)
311 if(er
->srvid
== ttab
->ttdata
[i
].bt_srvid
) { return ttab
->ttdata
[i
].bt_caidto
; }
312 if(chk_sx
&& ttab
->ttdata
[i
].bt_srvid
== 0xFFFF) { return ttab
->ttdata
[i
].bt_caidto
; }
313 if(!chk_sx
&& !ttab
->ttdata
[i
].bt_srvid
) { return ttab
->ttdata
[i
].bt_caidto
; }
319 return lb_get_betatunnel_caid_to(er
);
324 // server filter for newcamd
325 int32_t chk_sfilter(ECM_REQUEST
*er
, PTAB
*ptab
)
327 #ifdef MODULE_NEWCAMD
328 int32_t i
, j
, pi
, rc
= 1;
329 uint16_t caid
, scaid
;
330 uint32_t prid
, sprid
;
332 if(!ptab
) { return (1); }
333 struct s_client
*cur_cl
= cur_client();
337 pi
= cur_cl
->port_idx
;
342 if(ptab
->nports
&& ptab
->ports
[pi
].ncd
&& ptab
->ports
[pi
].ncd
->ncd_ftab
.nfilts
)
344 for(rc
= j
= 0; (!rc
) && (j
< ptab
->ports
[pi
].ncd
->ncd_ftab
.nfilts
); j
++)
346 scaid
= ptab
->ports
[pi
].ncd
->ncd_ftab
.filts
[j
].caid
;
347 if(caid
== 0 || (caid
!= 0 && caid
== scaid
))
349 for(i
= 0; (!rc
) && i
< ptab
->ports
[pi
].ncd
->ncd_ftab
.filts
[j
].nprids
; i
++)
351 sprid
= ptab
->ports
[pi
].ncd
->ncd_ftab
.filts
[j
].prids
[i
];
352 cs_log_dbg(D_CLIENT
, "trying server filter %04X@%06X", scaid
, sprid
);
356 cs_log_dbg(D_CLIENT
, "%04X@%06X allowed by server filter %04X@%06X",
357 caid
, prid
, scaid
, sprid
);
365 cs_log_dbg(D_CLIENT
, "no match, %04X@%06X rejected by server filters", caid
, prid
);
366 snprintf(er
->msglog
, MSGLOGSIZE
, "no server match %04X@%06X", caid
, (uint32_t) prid
);
368 if(!er
->rcEx
) { er
->rcEx
= (E1_LSERVER
<< 4) | E2_IDENT
; }
380 static int32_t chk_chid(ECM_REQUEST
*er
, FTAB
*fchid
, char *type
, char *name
)
382 int32_t rc
= 1, i
, j
, found_caid
= 0;
383 if(!fchid
->nfilts
) { return 1; }
384 if(er
->chid
== 0 && er
->ecm
[0] == 0) { return 1; } // skip empty ecm, chid 00 to avoid no matching readers in dvbapi
386 for(i
= rc
= 0; (!rc
) && i
< fchid
->nfilts
; i
++)
388 if(er
->caid
== fchid
->filts
[i
].caid
)
391 for(j
= 0; (!rc
) && j
< fchid
->filts
[i
].nprids
; j
++)
393 cs_log_dbg(D_CLIENT
, "trying %s '%s' CHID filter %04X:%04X",
394 type
, name
, fchid
->filts
[i
].caid
, fchid
->filts
[i
].prids
[j
]);
396 if(er
->chid
== fchid
->filts
[i
].prids
[j
])
398 cs_log_dbg(D_CLIENT
, "%04X:%04X allowed by %s '%s' CHID filter %04X:%04X",
399 er
->caid
, er
->chid
, type
, name
, fchid
->filts
[i
].caid
, fchid
->filts
[i
].prids
[j
]);
409 cs_log_dbg(D_CLIENT
, "no match, %04X:%04X rejected by %s '%s' CHID filter(s)",
410 er
->caid
, er
->chid
, type
, name
);
414 cs_log_dbg(D_CLIENT
, "%04X:%04X allowed by %s '%s' CHID filter, CAID not spezified",
415 er
->caid
, er
->chid
, type
, name
);
421 int32_t chk_ident_filter(uint16_t rcaid
, uint32_t rprid
, FTAB
*ftab
)
423 int32_t i
, j
, rc
= 1;
429 for(rc
= i
= 0; (!rc
) && (i
< ftab
->nfilts
); i
++)
431 caid
= ftab
->filts
[i
].caid
;
432 if((caid
!= 0 && caid
== rcaid
) || caid
== 0)
434 for(j
= 0; (!rc
) && (j
< ftab
->filts
[i
].nprids
); j
++)
436 prid
= ftab
->filts
[i
].prids
[j
];
452 int32_t chk_ufilters(ECM_REQUEST
*er
)
457 struct s_client
*cur_cl
= cur_client();
460 if(cur_cl
->ftab
.nfilts
)
462 FTAB
*f
= &cur_cl
->ftab
;
463 for(i
= rc
= 0; (!rc
) && (i
< f
->nfilts
); i
++)
465 ucaid
= f
->filts
[i
].caid
;
466 if(er
->caid
== 0 || ucaid
== 0 || (er
->caid
!= 0 && er
->caid
== ucaid
))
470 cs_log_dbg(D_CLIENT
, "%04X@%06X allowed by user '%s' filter caid %04X prid %06X",
471 er
->caid
, er
->prid
, cur_cl
->account
->usr
, ucaid
, 0);
476 for(j
= rc
= 0; (!rc
) && (j
< f
->filts
[i
].nprids
); j
++)
478 uprid
= f
->filts
[i
].prids
[j
];
479 cs_log_dbg(D_CLIENT
, "trying user '%s' filter %04X@%06X", cur_cl
->account
->usr
, ucaid
, uprid
);
481 if(er
->prid
== uprid
)
484 cs_log_dbg(D_CLIENT
, "%04X@%06X allowed by user '%s' filter %04X@%06X",
485 er
->caid
, er
->prid
, cur_cl
->account
->usr
, ucaid
, uprid
);
493 cs_log_dbg(D_CLIENT
, "no match, %04X@%06X rejected by user '%s' filters",
494 er
->caid
, er
->prid
, cur_cl
->account
->usr
);
496 snprintf(er
->msglog
, MSGLOGSIZE
, "no card support %04X@%06X", er
->caid
, (uint32_t) er
->prid
);
498 if(!er
->rcEx
) { er
->rcEx
= (E1_USER
<< 4) | E2_IDENT
; }
503 if(!(rc
= chk_class(er
, &cur_cl
->cltab
, "user", cur_cl
->account
->usr
)))
505 if(!er
->rcEx
) { er
->rcEx
= (E1_USER
<< 4) | E2_CLASS
; }
507 else if(!(rc
= chk_chid(er
, &cur_cl
->fchid
, "user", cur_cl
->account
->usr
)))
509 if(!er
->rcEx
) { er
->rcEx
= (E1_USER
<< 4) | E2_CHID
; }
512 if(rc
) { er
->rcEx
= 0; }
517 int32_t chk_rsfilter(struct s_reader
*reader
, ECM_REQUEST
*er
)
523 if(reader
->ncd_disable_server_filt
)
525 cs_log_dbg(D_CLIENT
, "%04X@%06X allowed - server filters disabled", er
->caid
, er
->prid
);
533 for(i
= 0; (!rc
) && (i
< reader
->nprov
); i
++)
535 prid
= (uint32_t)((reader
->prid
[i
][1] << 16) | (reader
->prid
[i
][2] << 8) | (reader
->prid
[i
][3]));
536 cs_log_dbg(D_CLIENT
, "trying server '%s' filter %04X@%06X", reader
->device
, caid
, prid
);
538 if(prid
== er
->prid
|| !er
->prid
)
541 cs_log_dbg(D_CLIENT
, "%04X@%06X allowed by server '%s' filter %04X@%06X",
542 er
->caid
, er
->prid
, reader
->device
, caid
, prid
);
549 cs_log_dbg(D_CLIENT
, "no match, %04X@%06X rejected by server '%s' filters",
550 er
->caid
, er
->prid
, reader
->device
);
552 if(!er
->rcEx
) { er
->rcEx
= (E1_SERVER
<< 4) | E2_IDENT
; }
559 int32_t chk_rfilter2(uint16_t rcaid
, uint32_t rprid
, struct s_reader
*rdr
)
561 int32_t i
, j
, rc
= 1;
567 for(rc
= i
= 0; (!rc
) && (i
< rdr
->ftab
.nfilts
); i
++)
569 caid
= rdr
->ftab
.filts
[i
].caid
;
570 if((caid
!= 0 && caid
== rcaid
) || caid
== 0)
572 for(j
= 0; (!rc
) && (j
< rdr
->ftab
.filts
[i
].nprids
); j
++)
574 prid
= rdr
->ftab
.filts
[i
].prids
[j
];
575 cs_log_dbg(D_CLIENT
, "trying reader '%s' filter %04X@%06X", rdr
->label
, caid
, prid
);
580 cs_log_dbg(D_CLIENT
, "%04X@%06X allowed by reader '%s' filter %04X@%06X",
581 rcaid
, rprid
, rdr
->label
, caid
, prid
);
589 cs_log_dbg(D_CLIENT
, "no match, %04X@%06X rejected by reader '%s' filters",
590 rcaid
, rprid
, rdr
->label
);
598 static int32_t chk_rfilter(ECM_REQUEST
*er
, struct s_reader
*rdr
)
600 return chk_rfilter2(er
->caid
, er
->prid
, rdr
);
603 int32_t chk_ctab(uint16_t caid
, CAIDTAB
*ctab
)
605 if(!caid
|| !ctab
->ctnum
)
609 for(i
= 0; i
< ctab
->ctnum
; i
++)
611 CAIDTAB_DATA
*d
= &ctab
->ctdata
[i
];
616 if((caid
& d
->mask
) == d
->caid
)
622 int32_t chk_ctab_ex(uint16_t caid
, CAIDTAB
*ctab
)
624 if(!caid
|| !ctab
->ctnum
)
628 for(i
= 0; i
< ctab
->ctnum
; i
++)
630 CAIDTAB_DATA
*d
= &ctab
->ctdata
[i
];
636 if((caid
& d
->mask
) == d
->caid
)
644 uint8_t is_localreader(struct s_reader
*rdr
, ECM_REQUEST
*er
) // to be used for LB/reader selections checks only
648 if(!is_network_reader(rdr
))
653 if(!rdr
->localcards
.nfilts
) { return 0; }
656 for(i
= 0; i
< rdr
->localcards
.nfilts
; i
++)
658 uint16_t tcaid
= rdr
->localcards
.filts
[i
].caid
;
659 if(tcaid
&& tcaid
== er
->caid
) // caid match
661 int32_t nprids
= rdr
->localcards
.filts
[i
].nprids
;
662 if(!nprids
) // No Provider -> Ok
665 for(k
= 0; k
< nprids
; k
++)
667 uint32_t prid
= rdr
->localcards
.filts
[i
].prids
[k
];
668 if(prid
== er
->prid
) // Provider matches
679 uint8_t chk_is_fixed_fallback(struct s_reader
*rdr
, ECM_REQUEST
*er
)
681 if(!rdr
->fallback
&& !rdr
->fallback_percaid
.nfilts
) { return 0; }
683 if(!rdr
->fallback_percaid
.nfilts
)
690 for(i
= 0; i
< rdr
->fallback_percaid
.nfilts
; i
++)
692 uint16_t tcaid
= rdr
->fallback_percaid
.filts
[i
].caid
;
693 if(tcaid
&& (tcaid
== er
->caid
|| (tcaid
< 0x0100 && (er
->caid
>> 8) == tcaid
))) // caid match
695 int32_t nprids
= rdr
->fallback_percaid
.filts
[i
].nprids
;
696 if(!nprids
) // No Provider ->Ok
699 for(k
= 0; k
< nprids
; k
++)
701 uint32_t prid
= rdr
->fallback_percaid
.filts
[i
].prids
[k
];
702 if(prid
== er
->prid
) // Provider matches
713 uint8_t chk_has_fixed_fallback(ECM_REQUEST
*er
)
715 struct s_ecm_answer
*ea
;
716 struct s_reader
*rdr
;
718 for(ea
= er
->matching_rdr
; ea
; ea
= ea
->next
)
721 if(chk_is_fixed_fallback(rdr
, er
))
727 uint8_t chk_if_ignore_checksum(ECM_REQUEST
*er
, FTAB
*disablecrc_only_for
)
729 if(!disablecrc_only_for
->nfilts
) { return 0; }
732 for(i
= 0; i
< disablecrc_only_for
->nfilts
; i
++)
734 uint16_t tcaid
= disablecrc_only_for
->filts
[i
].caid
;
735 if(tcaid
&& (tcaid
== er
->caid
|| (tcaid
< 0x0100 && (er
->caid
>> 8) == tcaid
))) // caid match
737 int32_t nprids
= disablecrc_only_for
->filts
[i
].nprids
;
738 if(!nprids
) // No Provider ->Ok
741 for(k
= 0; k
< nprids
; k
++)
743 uint32_t prid
=disablecrc_only_for
->filts
[i
].prids
[k
];
744 if(prid
== er
->prid
) // Provider matches
753 int32_t matching_reader(ECM_REQUEST
*er
, struct s_reader
*rdr
)
755 // simple checks first:
760 struct s_client
*cl
= rdr
->client
;
761 if(!cl
|| !rdr
->enable
)
764 // if physical reader a card needs to be inserted
765 if(!is_network_reader(rdr
) && rdr
->card_status
!= CARD_INSERTED
)
768 // Checking connected & group valid:
769 struct s_client
*cur_cl
= er
->client
; //cur_client();
772 // Cacheex=3 defines a Cacheex-only reader. never match them.
773 if(rdr
->cacheex
.mode
== 3)
775 if(rdr
->cacheex
.mode
== 2 && !rdr
->cacheex
.allow_request
)
779 if(!(rdr
->grp
& cur_cl
->grp
))
783 if((!er
->ocaid
|| !chk_ctab(er
->ocaid
, &rdr
->ctab
)) && !chk_ctab(er
->caid
, &rdr
->ctab
))
785 cs_log_dbg(D_TRACE
, "caid %04X not found in caidlist reader %s", er
->caid
, rdr
->label
);
789 if(!(rdr
->typ
== R_EMU
) && !is_network_reader(rdr
) && ((rdr
->caid
>> 8) != ((er
->caid
>> 8) & 0xFF) && (rdr
->caid
>> 8) != ((er
->ocaid
>> 8) & 0xFF)))
794 int i
, caid_found
= 0;
795 for(i
= 0; rdr
->csystem
->caids
[i
]; i
++)
797 uint16_t cs_caid
= rdr
->csystem
->caids
[i
];
801 if(cs_caid
== er
->caid
|| cs_caid
== er
->ocaid
)
812 // Supports long ecms?
813 if(er
->ecmlen
> 255 && is_network_reader(rdr
) && !rdr
->ph
.large_ecm_support
)
815 cs_log_dbg(D_TRACE
, "no large ecm support (l=%d) for reader %s", er
->ecmlen
, rdr
->label
);
819 // Checking services:
820 if(!chk_srvid(rdr
->client
, er
))
822 cs_log_dbg(D_TRACE
, "service %04X not matching reader %s", er
->srvid
, rdr
->label
);
827 if(!(rdr
->typ
== R_EMU
&& caid_is_biss(er
->caid
)) && !chk_rfilter(er
, rdr
))
829 cs_log_dbg(D_TRACE
, "r-filter reader %s", rdr
->label
);
834 if(!chk_class(er
, &rdr
->cltab
, "reader", rdr
->label
))
836 cs_log_dbg(D_TRACE
, "class filter reader %s", rdr
->label
);
840 // CDS NL: check for right seca type
841 if(!is_network_reader(rdr
) && er
->caid
== 0x100 && er
->prid
== 0x00006a
842 && !(er
->ecm
[8] == 0x00 && er
->ecm
[9] == 0x00)) // no empty ecm
844 if(er
->ecm
[8] == 0x00 && rdr
->secatype
== 2)
846 cs_log_dbg(D_TRACE
, "Error: this is a nagra/mediaguard3 ECM and readertype is seca2!");
847 return 0; // we dont send a nagra/mediaguard3 ecm to a seca2 reader!
850 if((er
->ecm
[8] == 0x10) && (er
->ecm
[9] == 0x01) && rdr
->secatype
== 3)
852 cs_log_dbg(D_TRACE
, "Error: this is a seca2 ECM and readertype is nagra/mediaguard3!");
853 return 0; // we dont send a seca2 ecm to a nagra/mediaguard3 reader!
857 // CDS NL: check for right seca type by ECMPID
858 if(!is_network_reader(rdr
) && er
->caid
== 0x100 && er
->prid
== 0x00006a)
860 if(rdr
->secatype
== 2 && er
->pid
>> 8 == 7)
862 cs_log_dbg(D_TRACE
, "Error: this is a nagra/mediaguard3 ECM and readertype is seca2!");
863 return 0; // we dont send a nagra/mediaguard3 ecm to a seca2 reader!
866 if(rdr
->secatype
== 3 && er
->pid
>> 8 == 6)
868 cs_log_dbg(D_TRACE
, "Error: this is a seca2 ECM and readertype is nagra/mediaguard3!");
869 return 0; // we dont send a seca2 ecm to a nagra/mediaguard3 reader!
874 if(!chk_chid(er
, &rdr
->fchid
, "reader", rdr
->label
))
876 cs_log_dbg(D_TRACE
, "chid filter reader %s", rdr
->label
);
880 // Schlocke reader-defined function, reader-self-check
881 if(rdr
->ph
.c_available
&& !rdr
->ph
.c_available(rdr
, AVAIL_CHECK_CONNECTED
, er
))
883 cs_log_dbg(D_TRACE
, "reader unavailable %s", rdr
->label
);
887 // Checking entitlements:
888 if(ll_count(rdr
->ll_entitlements
) > 0 && !(rdr
->typ
== R_EMU
))
890 LL_ITER itr
= ll_iter_create(rdr
->ll_entitlements
);
894 while((item
= ll_iter_next(&itr
)))
896 if(item
->caid
!= er
->caid
) continue; // skip wrong caid!
897 if(item
->type
== 7) continue; // skip seca-admin type (provid 000000) since its not used for decoding!
898 if(er
->prid
&& item
->provid
&& er
->prid
!= item
->provid
) continue; // skip non matching provid!
899 if(!er
->prid
&& caid_is_seca(er
->caid
)) continue; // dont accept requests without provid for seca cas.
900 if(!er
->prid
&& caid_is_viaccess(er
->caid
)) continue; // dont accept requests without provid for viaccess cas
901 if(!er
->prid
&& caid_is_cryptoworks(er
->caid
)) continue; // dont accept requests without provid for cryptoworks cas
906 if(!found
&& er
->ecm
[0]) // ecmrequest can get corrected provid parsed from payload in ecm
908 cs_log_dbg(D_TRACE
, "entitlements check failed on reader %s", rdr
->label
);
913 // Checking ecmlength:
914 if(rdr
->ecm_whitelist
.ewnum
&& er
->ecmlen
)
917 int8_t ok
= 0, foundident
= 0;
919 for (i
= 0; i
< rdr
->ecm_whitelist
.ewnum
; i
++)
921 ECM_WHITELIST_DATA
*d
= &rdr
->ecm_whitelist
.ewdata
[i
];
922 if ((d
->caid
== 0 || d
->caid
== er
->caid
) && (d
->ident
== 0 || d
->ident
== er
->prid
))
925 if (d
->len
== er
->ecmlen
)
933 if(foundident
== 1 && ok
== 0)
935 cs_log_dbg(D_TRACE
, "ECM is not in ecmwhitelist of reader %s.", rdr
->label
);
936 rdr
->ecmsfilteredlen
+= 1;
937 rdr
->webif_ecmsfilteredlen
+= 1;
943 if(rdr
->ecm_hdr_whitelist
.ehdata
&& er
->ecmlen
)
947 int8_t foundcaid
= 0;
948 int8_t foundprovid
= 0;
954 for(r
= 0; r
< rdr
->ecm_hdr_whitelist
.ehnum
; r
++)
956 ECM_HDR_WHITELIST_DATA
*tmp
= &rdr
->ecm_hdr_whitelist
.ehdata
[r
];
962 if(tmp
->caid
== 0 || tmp
->caid
== er
->caid
)
964 foundcaid
= 1; //-> caid was in list
965 //rdr_log_dbg(rdr, D_READER, "Headerwhitelist: found matching CAID: %04X in list", tmp->caid);
967 if(tmp
->provid
== 0 || tmp
->provid
== er
->prid
)
969 foundprovid
= 1; //-> provid was in list
970 //rdr_log_dbg(rdr, D_READER, "Headerwhitelist: found matching Provid: %06X in list", tmp->provid);
973 for(i
= 0; i
< len
/ 2; i
++)
975 if(tmp
->header
[i
] == er
->ecm
[i
])
978 //rdr_log_dbg(rdr, D_READER, "ECM Byte: %i of ECMHeaderwhitelist is correct. (%02X = %02X Headerlen: %i)", i, er->ecm[i], tmp->header[i], len/2);
983 //rdr_log_dbg(rdr, D_READER, "ECM Byte: %i of ECMHeaderwhitelist is not valid. (%02X != %02X Headerlen: %i)", i, er->ecm[i], tmp->header[i], len/2);
988 if(i
== len
/ 2 - 1 && byteok
== 1)
996 //rdr_log_dbg(rdr, D_READER, "ECMHeaderwhitelist: Provid: %06X not found in List-Entry -> skipping check", er->prid);
1003 //rdr_log_dbg(rdr, D_READER, "ECMHeaderwhitelist: CAID: %04X not found in List-Entry -> skipping check", er->caid);
1014 if(foundcaid
== 1 && foundprovid
== 1 && byteok
== 1 && entryok
== 1)
1016 //cs_log("ECM for %04X@%06X:%04X is valid for ECMHeaderwhitelist of reader %s.", er->caid, er->prid, er->srvid, rdr->label);
1020 if(skip
== 0 || (foundcaid
== 1 && foundprovid
== 1 && entryok
== 0 && skip
== 1))
1022 cs_log_dump_dbg(D_TRACE
, er
->ecm
, er
->ecmlen
, "following ECM %04X@%06X:%04X was filtered by ECMHeaderwhitelist of Reader %s from User %s because of not matching Header:", er
->caid
, er
->prid
, er
->srvid
, rdr
->label
, username(er
->client
));
1023 rdr
->ecmsfilteredhead
+= 1;
1024 rdr
->webif_ecmsfilteredhead
+= 1;
1030 // Simple ring connection check:
1032 // Check ip source+dest:
1033 if(cfg
.block_same_ip
&& IP_EQUAL(cur_cl
->ip
, rdr
->client
->ip
) && get_module(cur_cl
)->listenertype
!= LIS_DVBAPI
&& is_network_reader(rdr
))
1035 rdr_log_dbg(rdr
, D_TRACE
, "User (%s) has the same ip (%s) as the reader, blocked because block_same_ip=1!", username(cur_cl
), cs_inet_ntoa(rdr
->client
->ip
));
1039 if(cfg
.block_same_name
&& strcmp(username(cur_cl
), rdr
->label
) == 0)
1041 rdr_log_dbg(rdr
, D_TRACE
, "User (%s) has the same name as the reader, blocked because block_same_name=1!", username(cur_cl
));
1045 if(!reader_slots_available(rdr
, er
)&& er
->ecmlen
> 0) // check free slots, er->ecmlen>0 trick to skip this test for matching readers in dvbapi module
1050 // All checks done, reader is matching!
1054 int32_t chk_caid(uint16_t caid
, CAIDTAB
*ctab
)
1058 if (!ctab
->ctnum
) { return caid
; }
1060 for(i
= 0; i
< ctab
->ctnum
; i
++)
1062 CAIDTAB_DATA
*d
= &ctab
->ctdata
[i
];
1063 if((caid
& d
->mask
) == d
->caid
) { return d
->cmap
? d
->cmap
: caid
; }
1068 int32_t chk_caid_rdr(struct s_reader
*rdr
, uint16_t caid
)
1070 if(is_network_reader(rdr
) || rdr
->typ
== R_EMU
)
1072 return 1; // reader caid is not real caid
1074 else if(rdr
->caid
== caid
)
1081 int32_t chk_bcaid(ECM_REQUEST
*er
, CAIDTAB
*ctab
)
1084 caid
= chk_caid(er
->caid
, ctab
);
1085 if(caid
< 0) { return 0; }
1091 * Check for NULL CWs
1093 int32_t chk_is_null_CW(uint8_t cw
[])
1096 for(i
= 0; i
< 16; i
++)
1105 * Check for ecm request that expects half cw format
1107 int8_t is_halfCW_er(ECM_REQUEST
*er
)
1109 if( caid_is_videoguard(er
->caid
) && (er
->caid
== 0x09C4 || er
->caid
== 0x098C || er
->caid
== 0x098D || er
->caid
== 0x0963 || er
->caid
== 0x09CD || er
->caid
== 0x0919 || er
->caid
== 0x093B || er
->caid
== 0x098E))
1115 * Check for wrong half CWs
1117 int8_t chk_halfCW(ECM_REQUEST
*er
, uint8_t *cw
)
1119 if(is_halfCW_er(er
) && cw
)
1121 uint8_t cw15
= cw
[15];
1122 if(get_odd_even(er
) == 0x80 && cw
[15] == 0xF0) { cw
[15] = 0; }
1124 int8_t part1
= checkCWpart(cw
, 0);
1125 int8_t part2
= checkCWpart(cw
, 1);
1127 // check for correct half cw format
1128 if(part1
&& part2
){ cw
[15] = cw15
; return 0; }
1130 // check for correct cw position
1131 if((get_odd_even(er
) == 0x80 && part1
&& !part2
) // xxxxxxxx00000000
1132 ||(get_odd_even(er
) == 0x81 && !part1
&& part2
)) // 00000000xxxxxxxx
1138 return 0; // not correct swapped cw
1147 * Check for NULL nodeid
1149 int32_t chk_is_null_nodeid(uint8_t node_id
[], uint8_t len
)
1152 for(i
= 0; i
< len
; i
++)
1154 if(node_id
[i
]) { return 0; }
1159 // check if client structure is accessible
1160 bool check_client(struct s_client
*cl
)
1162 if(cl
&& !cl
->kill
) { return true; }
1166 uint16_t caidvaluetab_get_value(CAIDVALUETAB
*cv
, uint16_t caid
, uint16_t default_value
)
1169 for(i
= 0; i
< cv
->cvnum
; i
++)
1171 CAIDVALUETAB_DATA
*cvdata
= &cv
->cvdata
[i
];
1172 if(cvdata
->caid
== caid
|| cvdata
->caid
== caid
>> 8) { return cvdata
->value
; }
1174 return default_value
;
1177 int32_t chk_is_fakecw(uint8_t *cw
)
1179 uint32_t i
, is_fakecw
= 0;
1180 uint32_t idx
= ((cw
[0] & 0xF) << 4) | (cw
[8] & 0xF);
1182 cs_readlock(__func__
, &config_lock
);
1184 for(i
= 0; i
< cfg
.fakecws
[idx
].count
; i
++)
1186 if(memcmp(cw
, cfg
.fakecws
[idx
].data
[i
].cw
, 16) == 0)
1192 cs_readunlock(__func__
, &config_lock
);