1 | #include "globals.h"
|
---|
2 |
|
---|
3 | #define REQ_SIZE 4
|
---|
4 | static uchar camdbug[256]; // camd send wrong order
|
---|
5 | static uchar *req;
|
---|
6 |
|
---|
7 | static int camd33_send(uchar *buf, int ml)
|
---|
8 | {
|
---|
9 | int l;
|
---|
10 | if (!pfd) return(-1);
|
---|
11 | l=boundary(4, ml);
|
---|
12 | memset(buf+ml, 0, l-ml);
|
---|
13 | cs_ddump(buf, l, "send %d bytes to client", l);
|
---|
14 | if (client[cs_idx].crypted)
|
---|
15 | aes_encrypt(buf, l);
|
---|
16 | return(send(pfd, buf, l, 0));
|
---|
17 | }
|
---|
18 |
|
---|
19 | static int camd33_recv(uchar *buf, int l)
|
---|
20 | {
|
---|
21 | int n;
|
---|
22 | if (!pfd) return(-1);
|
---|
23 | if ((n=recv(pfd, buf, l, 0))>0)
|
---|
24 | {
|
---|
25 | client[cs_idx].last=time((time_t *) 0);
|
---|
26 | if (client[cs_idx].crypted)
|
---|
27 | aes_decrypt(buf, n);
|
---|
28 | }
|
---|
29 | cs_ddump(buf, n, "received %d bytes from client", n);
|
---|
30 | return(n);
|
---|
31 | }
|
---|
32 |
|
---|
33 | static void camd33_request_emm()
|
---|
34 | {
|
---|
35 | int au;
|
---|
36 | au=client[cs_idx].au;
|
---|
37 | if ((au<0) || (au>CS_MAXREADER)) return; // TODO
|
---|
38 | if (reader[au].hexserial[0])
|
---|
39 | {
|
---|
40 | log_emm_request(au);
|
---|
41 | mbuf[0]=0;
|
---|
42 | mbuf[1]=reader[au].caid[0]>>8;
|
---|
43 | mbuf[2]=reader[au].caid[0]&0xff;
|
---|
44 | memcpy(mbuf+3, reader[au].hexserial, 4);
|
---|
45 | memcpy(mbuf+7, &reader[au].prid[0][1], 3);
|
---|
46 | memcpy(mbuf+10, &reader[au].prid[2][1], 3);
|
---|
47 | camd33_send(mbuf, 13);
|
---|
48 | }
|
---|
49 | }
|
---|
50 |
|
---|
51 | static void camd33_auth_client(in_addr_t ip)
|
---|
52 | {
|
---|
53 | int i, rc;
|
---|
54 | uchar *usr=NULL, *pwd=NULL;
|
---|
55 | struct s_auth *account;
|
---|
56 |
|
---|
57 | client[cs_idx].crypted=cfg->c33_crypted;
|
---|
58 | if (client[cs_idx].crypted)
|
---|
59 | {
|
---|
60 | struct s_ip *p_ip;
|
---|
61 | for (p_ip=cfg->c33_plain; (p_ip) && (client[cs_idx].crypted); p_ip=p_ip->next)
|
---|
62 | if ((client[cs_idx].ip>=p_ip->ip[0]) && (client[cs_idx].ip<=p_ip->ip[1]))
|
---|
63 | client[cs_idx].crypted=0;
|
---|
64 | }
|
---|
65 | if (client[cs_idx].crypted)
|
---|
66 | aes_set_key((char *) cfg->c33_key);
|
---|
67 |
|
---|
68 | mbuf[0]=0;
|
---|
69 | camd33_send(mbuf, 1); // send login-request
|
---|
70 |
|
---|
71 | for (rc=0, camdbug[0]=0, mbuf[0]=1; (rc<2) && (mbuf[0]); rc++)
|
---|
72 | {
|
---|
73 | i=process_input(mbuf, sizeof(mbuf), 1);
|
---|
74 | if ((i>0) && (!mbuf[0]))
|
---|
75 | {
|
---|
76 | usr=mbuf+1;
|
---|
77 | pwd=usr+strlen((char *)usr)+2;
|
---|
78 | }
|
---|
79 | else
|
---|
80 | memcpy(camdbug+1, mbuf, camdbug[0]=i);
|
---|
81 | }
|
---|
82 | for (rc=-1, account=cfg->account; (usr) && (account) && (rc<0); account=account->next)
|
---|
83 | if ((!strcmp((char *)usr, account->usr)) && (!strcmp((char *)pwd, account->pwd)))
|
---|
84 | rc=cs_auth_client(account, NULL);
|
---|
85 | if (!rc)
|
---|
86 | camd33_request_emm();
|
---|
87 | else
|
---|
88 | {
|
---|
89 | if (rc<0) cs_auth_client(0, usr ? "invalid account" : "no user given");
|
---|
90 | cs_exit(0);
|
---|
91 | }
|
---|
92 | }
|
---|
93 |
|
---|
94 | static int get_request(uchar *buf, int n)
|
---|
95 | {
|
---|
96 | int rc, w;
|
---|
97 |
|
---|
98 | if (camdbug[0])
|
---|
99 | {
|
---|
100 | memcpy(buf, camdbug+1, rc=camdbug[0]);
|
---|
101 | camdbug[0]=0;
|
---|
102 | return(rc);
|
---|
103 | }
|
---|
104 | for (rc=w=0; !rc;)
|
---|
105 | {
|
---|
106 | switch (rc=process_input(buf, 16, (w) ? cfg->ctimeout : cfg->cmaxidle))
|
---|
107 | {
|
---|
108 | case -9:
|
---|
109 | rc=0;
|
---|
110 | case 0:
|
---|
111 | if ((w) || cfg->c33_passive)
|
---|
112 | rc=-1;
|
---|
113 | else
|
---|
114 | {
|
---|
115 | buf[0]=0;
|
---|
116 | camd33_send(buf, 1);
|
---|
117 | w++;
|
---|
118 | }
|
---|
119 | case -1:
|
---|
120 | break;
|
---|
121 | default:
|
---|
122 | if (!memcmp(buf+1, client[cs_idx].usr, strlen(client[cs_idx].usr)))
|
---|
123 | {
|
---|
124 | cs_log("%s still alive", cs_inet_ntoa(client[cs_idx].ip));
|
---|
125 | rc=w=0;
|
---|
126 | }
|
---|
127 | else
|
---|
128 | {
|
---|
129 | switch (buf[0])
|
---|
130 | {
|
---|
131 | case 2:
|
---|
132 | case 3: w=boundary(4, buf[9]+10); break;
|
---|
133 | default: w=n; // garbage ?
|
---|
134 | }
|
---|
135 | w=process_input(buf+16, w-16, 0);
|
---|
136 | if (w>0) rc+=w;
|
---|
137 | }
|
---|
138 | }
|
---|
139 | }
|
---|
140 | if (rc<0) rc=0;
|
---|
141 | return(rc);
|
---|
142 | }
|
---|
143 |
|
---|
144 | static void camd33_send_dcw(ECM_REQUEST *er)
|
---|
145 | {
|
---|
146 | mbuf[0]=2;
|
---|
147 | memcpy(mbuf+1, req+(er->cpti*REQ_SIZE), 4); // get pin
|
---|
148 | memcpy(mbuf+5, er->cw, 16);
|
---|
149 | camd33_send(mbuf, 21);
|
---|
150 | if (!cfg->c33_passive)
|
---|
151 | camd33_request_emm();
|
---|
152 | }
|
---|
153 |
|
---|
154 | static void camd33_process_ecm(uchar *buf, int l)
|
---|
155 | {
|
---|
156 | ECM_REQUEST *er;
|
---|
157 | if (!(er=get_ecmtask()))
|
---|
158 | return;
|
---|
159 | memcpy(req+(er->cpti*REQ_SIZE), buf+3, 4); // save pin
|
---|
160 | er->l=l-7;
|
---|
161 | er->caid=b2i(2, buf+1);
|
---|
162 | memcpy(er->ecm , buf+7, er->l);
|
---|
163 | get_cw(er);
|
---|
164 | }
|
---|
165 |
|
---|
166 | static void camd33_process_emm(uchar *buf, int l)
|
---|
167 | {
|
---|
168 | memset(&epg, 0, sizeof(epg));
|
---|
169 | epg.l=l-7;
|
---|
170 | memcpy(epg.caid , buf+1, 2);
|
---|
171 | memcpy(epg.hexserial, buf+3, 4);
|
---|
172 | memcpy(epg.emm , buf+7, epg.l);
|
---|
173 | do_emm(&epg);
|
---|
174 | }
|
---|
175 |
|
---|
176 | static void camd33_server()
|
---|
177 | {
|
---|
178 | int n;
|
---|
179 |
|
---|
180 | req=(uchar *)malloc(CS_MAXPENDING*REQ_SIZE);
|
---|
181 | if (!req)
|
---|
182 | {
|
---|
183 | cs_log("Cannot allocate memory (errno=%d)", errno);
|
---|
184 | cs_exit(1);
|
---|
185 | }
|
---|
186 | memset(req, 0, CS_MAXPENDING*REQ_SIZE);
|
---|
187 |
|
---|
188 | camd33_auth_client(client[cs_idx].ip);
|
---|
189 |
|
---|
190 | while ((n=get_request(mbuf, sizeof(mbuf)))>0)
|
---|
191 | {
|
---|
192 | switch(mbuf[0])
|
---|
193 | {
|
---|
194 | case 2:
|
---|
195 | camd33_process_ecm(mbuf, n);
|
---|
196 | break;
|
---|
197 | case 3:
|
---|
198 | camd33_process_emm(mbuf, n);
|
---|
199 | break;
|
---|
200 | default:
|
---|
201 | cs_debug("unknown command !");
|
---|
202 | }
|
---|
203 | }
|
---|
204 | cs_disconnect_client();
|
---|
205 | }
|
---|
206 |
|
---|
207 | void module_camd33(struct s_module *ph)
|
---|
208 | {
|
---|
209 | static PTAB ptab;
|
---|
210 | ptab.ports[0].s_port = cfg->c33_port;
|
---|
211 | ph->ptab = &ptab;
|
---|
212 | ph->ptab->nports = 1;
|
---|
213 |
|
---|
214 | strcpy(ph->desc, "camd 3.3x");
|
---|
215 | ph->type=MOD_CONN_TCP;
|
---|
216 | ph->logtxt=cfg->c33_crypted ? ", crypted" : ", UNCRYPTED!";
|
---|
217 | ph->multi=1;
|
---|
218 | ph->watchdog=1;
|
---|
219 | ph->s_ip=cfg->c33_srvip;
|
---|
220 | ph->s_handler=camd33_server;
|
---|
221 | ph->recv=camd33_recv;
|
---|
222 | ph->send_dcw=camd33_send_dcw;
|
---|
223 | }
|
---|