1 | #define MODULE_LOG_PREFIX "chk"
|
---|
2 |
|
---|
3 | #include "globals.h"
|
---|
4 | #include "oscam-cache.h"
|
---|
5 | #include "oscam-chk.h"
|
---|
6 | #include "oscam-ecm.h"
|
---|
7 | #include "oscam-client.h"
|
---|
8 | #include "oscam-lock.h"
|
---|
9 | #include "oscam-net.h"
|
---|
10 | #include "oscam-string.h"
|
---|
11 | #include "module-stat.h"
|
---|
12 | #include "oscam-reader.h"
|
---|
13 |
|
---|
14 | #define CS_NANO_CLASS 0xE2
|
---|
15 | #define OK 1
|
---|
16 | #define ERROR 0
|
---|
17 |
|
---|
18 | uint32_t get_fallbacktimeout(uint16_t caid)
|
---|
19 | {
|
---|
20 | uint32_t ftimeout = caidvaluetab_get_value(&cfg.ftimeouttab, caid, 0);
|
---|
21 |
|
---|
22 | if(ftimeout == 0) { ftimeout = cfg.ftimeout; }
|
---|
23 |
|
---|
24 | if(ftimeout < 100) { ftimeout = CS_CLIENT_TIMEOUT / 2; }
|
---|
25 | if(ftimeout >= cfg.ctimeout) { ftimeout = cfg.ctimeout - 100; }
|
---|
26 |
|
---|
27 | return ftimeout;
|
---|
28 | }
|
---|
29 |
|
---|
30 | static int32_t find_nano(uint8_t *ecm, int32_t l, uint8_t nano, int32_t s)
|
---|
31 | {
|
---|
32 | uint8_t *snano;
|
---|
33 |
|
---|
34 | if(s >= l) { return 0; }
|
---|
35 | if(!s) { s = (ecm[4] == 0xD2) ? 12 : 9; } // tpsflag -> offset+3
|
---|
36 | snano = ecm + s;
|
---|
37 |
|
---|
38 | while((*snano != nano) && (s < l))
|
---|
39 | {
|
---|
40 | if(*snano == 0xEA) { return 0; }
|
---|
41 | snano++;
|
---|
42 | s++;
|
---|
43 | }
|
---|
44 |
|
---|
45 | return (s < l) ? ++s : 0;
|
---|
46 | }
|
---|
47 |
|
---|
48 | static int32_t chk_class(ECM_REQUEST *er, CLASSTAB *clstab, const char *type, const char *name)
|
---|
49 | {
|
---|
50 | int32_t i, j, an, cl_n, l;
|
---|
51 | uint8_t ecm_class;
|
---|
52 |
|
---|
53 | if(er->caid != 0x0500 && er->caid != 0x4AE1) { return 1; }
|
---|
54 | if(!clstab->bn && !clstab->an) { return 1; }
|
---|
55 |
|
---|
56 | j = an = cl_n = 0;
|
---|
57 |
|
---|
58 | if(er->caid == 0x0500)
|
---|
59 | {
|
---|
60 | while((j = find_nano(er->ecm, er->ecmlen, CS_NANO_CLASS, j)) > 0)
|
---|
61 | {
|
---|
62 | l = er->ecm[j];
|
---|
63 | if(l + j > er->ecmlen) { continue; } // skip, this is not a valid class identifier!
|
---|
64 |
|
---|
65 | ecm_class = er->ecm[j + l];
|
---|
66 | cs_log_dbg(D_CLIENT, "ecm class=%02X", ecm_class);
|
---|
67 |
|
---|
68 | for(i = 0; i < clstab->bn; i++) // search in blocked
|
---|
69 | {
|
---|
70 | if(ecm_class == clstab->bclass[i])
|
---|
71 | {
|
---|
72 | cs_log_dbg(D_CLIENT, "class %02X rejected by %s '%s' !%02X filter",
|
---|
73 | ecm_class, type, name, ecm_class);
|
---|
74 | return 0;
|
---|
75 | }
|
---|
76 | }
|
---|
77 | cl_n++;
|
---|
78 |
|
---|
79 | for(i = 0; i < clstab->an; i++) // search in allowed
|
---|
80 | {
|
---|
81 | if(ecm_class == clstab->aclass[i])
|
---|
82 | {
|
---|
83 | an++;
|
---|
84 | break;
|
---|
85 | }
|
---|
86 | }
|
---|
87 | j += l;
|
---|
88 | }
|
---|
89 | }
|
---|
90 | else
|
---|
91 | {
|
---|
92 | if(er->prid != 0x11 || er->ecm[0] == 0) { return 1; }
|
---|
93 |
|
---|
94 | cl_n++;
|
---|
95 | ecm_class = er->ecm[5];
|
---|
96 | cs_log_dbg(D_CLIENT, "ecm class=%02X", ecm_class);
|
---|
97 |
|
---|
98 | for(i = 0; i < clstab->bn; i++) // search in blocked
|
---|
99 | {
|
---|
100 | if(ecm_class == clstab->bclass[i])
|
---|
101 | {
|
---|
102 | cs_log_dbg(D_CLIENT, "class %02X rejected by %s '%s' !%02X filter",
|
---|
103 | ecm_class, type, name, ecm_class);
|
---|
104 | return 0;
|
---|
105 | }
|
---|
106 | }
|
---|
107 |
|
---|
108 | for(i = 0; i < clstab->an; i++) // search in allowed
|
---|
109 | {
|
---|
110 | if(ecm_class == clstab->aclass[i])
|
---|
111 | {
|
---|
112 | an++;
|
---|
113 | break;
|
---|
114 | }
|
---|
115 | }
|
---|
116 | }
|
---|
117 |
|
---|
118 | if(cl_n && clstab->an)
|
---|
119 | {
|
---|
120 | if(an)
|
---|
121 | { cs_log_dbg(D_CLIENT, "ECM classes allowed by %s '%s' filter", type, name); }
|
---|
122 | else
|
---|
123 | {
|
---|
124 | cs_log_dbg(D_CLIENT, "ECM classes don't match %s '%s' filter, rejecting", type, name);
|
---|
125 | return 0;
|
---|
126 | }
|
---|
127 | }
|
---|
128 |
|
---|
129 | return 1;
|
---|
130 | }
|
---|
131 |
|
---|
132 | int32_t chk_srvid_match(ECM_REQUEST *er, SIDTAB *sidtab)
|
---|
133 | {
|
---|
134 | int32_t i, rc = 0;
|
---|
135 |
|
---|
136 | if(!sidtab->num_caid)
|
---|
137 | { rc |= 1; }
|
---|
138 | else
|
---|
139 | for(i = 0; (i < sidtab->num_caid) && (!(rc & 1)); i++)
|
---|
140 | if(er->caid == sidtab->caid[i]) { rc |= 1; }
|
---|
141 |
|
---|
142 | if(!er->prid || !sidtab->num_provid)
|
---|
143 | { rc |= 2; }
|
---|
144 | else
|
---|
145 | for(i = 0; (i < sidtab->num_provid) && (!(rc & 2)); i++)
|
---|
146 | if(er->prid == sidtab->provid[i]) { rc |= 2; }
|
---|
147 |
|
---|
148 | if(!sidtab->num_srvid)
|
---|
149 | { rc |= 4; }
|
---|
150 | else
|
---|
151 | for(i = 0; (i < sidtab->num_srvid) && (!(rc & 4)); i++)
|
---|
152 | if(er->srvid == sidtab->srvid[i]) { rc |= 4; }
|
---|
153 |
|
---|
154 | return (rc == 7);
|
---|
155 | }
|
---|
156 |
|
---|
157 | #ifdef CS_CACHEEX_AIO
|
---|
158 | int32_t chk_srvid_disablecrccws_only_for_exception(ECM_REQUEST *er)
|
---|
159 | {
|
---|
160 | int32_t nr;
|
---|
161 | SIDTAB *sidtab;
|
---|
162 |
|
---|
163 | for(nr = 0, sidtab = cfg.sidtab; sidtab; sidtab = sidtab->next, nr++)
|
---|
164 | {
|
---|
165 | if(sidtab->disablecrccws_only_for_exception && (sidtab->num_caid | sidtab->num_provid | sidtab->num_srvid) && chk_srvid_match(er, sidtab))
|
---|
166 | {
|
---|
167 | return(1);
|
---|
168 | }
|
---|
169 | }
|
---|
170 | return(0);
|
---|
171 | }
|
---|
172 |
|
---|
173 | int32_t chk_srvid_no_wait_time(ECM_REQUEST *er)
|
---|
174 | {
|
---|
175 | int32_t nr;
|
---|
176 | SIDTAB *sidtab;
|
---|
177 |
|
---|
178 | for(nr = 0, sidtab = cfg.sidtab; sidtab; sidtab = sidtab->next, nr++)
|
---|
179 | {
|
---|
180 | if(sidtab->no_wait_time && (sidtab->num_caid | sidtab->num_provid | sidtab->num_srvid) && chk_srvid_match(er, sidtab))
|
---|
181 | {
|
---|
182 | return(1);
|
---|
183 | }
|
---|
184 | }
|
---|
185 | return(0);
|
---|
186 | }
|
---|
187 |
|
---|
188 | int32_t chk_srvid_localgenerated_only_exception(ECM_REQUEST *er)
|
---|
189 | {
|
---|
190 | int32_t nr;
|
---|
191 | SIDTAB *sidtab;
|
---|
192 |
|
---|
193 | for(nr = 0, sidtab = cfg.sidtab; sidtab; sidtab = sidtab->next, nr++)
|
---|
194 | {
|
---|
195 | if(sidtab->lg_only_exception && (sidtab->num_caid | sidtab->num_provid | sidtab->num_srvid) && chk_srvid_match(er, sidtab))
|
---|
196 | {
|
---|
197 | return(1);
|
---|
198 | }
|
---|
199 | }
|
---|
200 | return(0);
|
---|
201 | }
|
---|
202 | #endif
|
---|
203 |
|
---|
204 | int32_t chk_srvid(struct s_client *cl, ECM_REQUEST *er)
|
---|
205 | {
|
---|
206 | int32_t nr, rc = 0;
|
---|
207 | SIDTAB *sidtab;
|
---|
208 |
|
---|
209 | if(!cl->sidtabs.ok)
|
---|
210 | {
|
---|
211 | if(!cl->sidtabs.no) { return (1); }
|
---|
212 | rc = 1;
|
---|
213 | }
|
---|
214 |
|
---|
215 | for(nr = 0, sidtab = cfg.sidtab; sidtab; sidtab = sidtab->next, nr++)
|
---|
216 | {
|
---|
217 | if(sidtab->num_caid | sidtab->num_provid | sidtab->num_srvid)
|
---|
218 | {
|
---|
219 | if((cl->sidtabs.no & ((SIDTABBITS)1 << nr)) && (chk_srvid_match(er, sidtab)))
|
---|
220 | { return (0); }
|
---|
221 |
|
---|
222 | if((cl->sidtabs.ok & ((SIDTABBITS)1 << nr)) && (chk_srvid_match(er, sidtab)))
|
---|
223 | { rc = 1; }
|
---|
224 | }
|
---|
225 | }
|
---|
226 | return (rc);
|
---|
227 | }
|
---|
228 |
|
---|
229 | int32_t has_srvid(struct s_client *cl, ECM_REQUEST *er)
|
---|
230 | {
|
---|
231 | if(!cl->sidtabs.ok)
|
---|
232 | { return 0; }
|
---|
233 |
|
---|
234 | int32_t nr;
|
---|
235 | SIDTAB *sidtab;
|
---|
236 |
|
---|
237 | for(nr = 0, sidtab = cfg.sidtab; sidtab; sidtab = sidtab->next, nr++)
|
---|
238 | {
|
---|
239 | if(sidtab->num_srvid)
|
---|
240 | {
|
---|
241 | if((cl->sidtabs.ok & ((SIDTABBITS)1 << nr)) && (chk_srvid_match(er, sidtab)))
|
---|
242 | { return 1; }
|
---|
243 | }
|
---|
244 | }
|
---|
245 | return 0;
|
---|
246 | }
|
---|
247 |
|
---|
248 | int32_t has_lb_srvid(struct s_client *cl, ECM_REQUEST *er)
|
---|
249 | {
|
---|
250 | if(!cl->lb_sidtabs.ok)
|
---|
251 | { return 0; }
|
---|
252 |
|
---|
253 | int32_t nr;
|
---|
254 | SIDTAB *sidtab;
|
---|
255 |
|
---|
256 | for(nr = 0, sidtab = cfg.sidtab; sidtab; sidtab = sidtab->next, nr++)
|
---|
257 | {
|
---|
258 | if((cl->lb_sidtabs.ok & ((SIDTABBITS)1 << nr)) && (chk_srvid_match(er, sidtab)))
|
---|
259 | { return 1; }
|
---|
260 | }
|
---|
261 | return 0;
|
---|
262 | }
|
---|
263 |
|
---|
264 | int32_t chk_srvid_match_by_caid_prov(uint16_t caid, uint32_t provid, SIDTAB *sidtab)
|
---|
265 | {
|
---|
266 | int32_t i, rc = 0;
|
---|
267 |
|
---|
268 | if(!sidtab->num_caid)
|
---|
269 | { rc |= 1; }
|
---|
270 | else
|
---|
271 | for(i = 0; (i < sidtab->num_caid) && (!(rc & 1)); i++)
|
---|
272 | if(caid == sidtab->caid[i]) { rc |= 1; }
|
---|
273 |
|
---|
274 | if(!sidtab->num_provid)
|
---|
275 | { rc |= 2; }
|
---|
276 | else
|
---|
277 | for(i = 0; (i < sidtab->num_provid) && (!(rc & 2)); i++)
|
---|
278 | if(provid == sidtab->provid[i]) { rc |= 2; }
|
---|
279 |
|
---|
280 | return (rc == 3);
|
---|
281 | }
|
---|
282 |
|
---|
283 | int32_t chk_srvid_by_caid_prov(struct s_client *cl, uint16_t caid, uint32_t provid)
|
---|
284 | {
|
---|
285 | int32_t nr, rc = 0;
|
---|
286 | SIDTAB *sidtab;
|
---|
287 |
|
---|
288 | if(!cl->sidtabs.ok)
|
---|
289 | {
|
---|
290 | if(!cl->sidtabs.no) { return (1); }
|
---|
291 | rc = 1;
|
---|
292 | }
|
---|
293 |
|
---|
294 | for(nr = 0, sidtab = cfg.sidtab; sidtab; sidtab = sidtab->next, nr++)
|
---|
295 | {
|
---|
296 | if(sidtab->num_caid | sidtab->num_provid)
|
---|
297 | {
|
---|
298 | if((cl->sidtabs.no & ((SIDTABBITS)1 << nr)) && !sidtab->num_srvid &&
|
---|
299 | (chk_srvid_match_by_caid_prov(caid, provid, sidtab)))
|
---|
300 | { return (0); }
|
---|
301 |
|
---|
302 | if((cl->sidtabs.ok & ((SIDTABBITS)1 << nr)) &&
|
---|
303 | (chk_srvid_match_by_caid_prov(caid, provid, sidtab)))
|
---|
304 | { rc = 1; }
|
---|
305 | }
|
---|
306 | }
|
---|
307 | return (rc);
|
---|
308 | }
|
---|
309 |
|
---|
310 | int32_t chk_srvid_by_caid_prov_rdr(struct s_reader *rdr, uint16_t caid, uint32_t provid)
|
---|
311 | {
|
---|
312 | int32_t nr, rc = 0;
|
---|
313 | SIDTAB *sidtab;
|
---|
314 |
|
---|
315 | if(!rdr->sidtabs.ok)
|
---|
316 | {
|
---|
317 | if(!rdr->sidtabs.no) { return (1); }
|
---|
318 | rc = 1;
|
---|
319 | }
|
---|
320 |
|
---|
321 | for(nr = 0, sidtab = cfg.sidtab; sidtab; sidtab = sidtab->next, nr++)
|
---|
322 | {
|
---|
323 | if(sidtab->num_caid | sidtab->num_provid)
|
---|
324 | {
|
---|
325 | if((rdr->sidtabs.no & ((SIDTABBITS)1 << nr)) && !sidtab->num_srvid &&
|
---|
326 | (chk_srvid_match_by_caid_prov(caid, provid, sidtab)))
|
---|
327 | { return (0); }
|
---|
328 |
|
---|
329 | if((rdr->sidtabs.ok & ((SIDTABBITS)1 << nr)) &&
|
---|
330 | (chk_srvid_match_by_caid_prov(caid, provid, sidtab)))
|
---|
331 | { rc = 1; }
|
---|
332 | }
|
---|
333 | }
|
---|
334 | return (rc);
|
---|
335 | }
|
---|
336 |
|
---|
337 | int32_t chk_is_betatunnel_caid(uint16_t caid)
|
---|
338 | {
|
---|
339 | if(caid == 0x1702 || caid == 0x1722) { return 1; }
|
---|
340 | if(caid == 0x1801 || caid == 0x1833 || caid == 0x1834 || caid == 0x1835) { return 2; }
|
---|
341 | return 0;
|
---|
342 | }
|
---|
343 |
|
---|
344 | uint16_t chk_on_btun(uint8_t chk_sx, struct s_client *cl, ECM_REQUEST *er)
|
---|
345 | {
|
---|
346 | if(chk_is_betatunnel_caid(er->caid))
|
---|
347 | {
|
---|
348 | int32_t i;
|
---|
349 | TUNTAB *ttab;
|
---|
350 | ttab = &cl->ttab;
|
---|
351 |
|
---|
352 | if(ttab->ttdata)
|
---|
353 | {
|
---|
354 | for(i = 0; i < ttab->ttnum; i++)
|
---|
355 | {
|
---|
356 | if(er->caid == ttab->ttdata[i].bt_caidfrom)
|
---|
357 | {
|
---|
358 | if(er->srvid == ttab->ttdata[i].bt_srvid) { return ttab->ttdata[i].bt_caidto; }
|
---|
359 | if(chk_sx && ttab->ttdata[i].bt_srvid == 0xFFFF) { return ttab->ttdata[i].bt_caidto; }
|
---|
360 | if(!chk_sx && !ttab->ttdata[i].bt_srvid) { return ttab->ttdata[i].bt_caidto; }
|
---|
361 | }
|
---|
362 | }
|
---|
363 | }
|
---|
364 |
|
---|
365 | if(chk_sx)
|
---|
366 | return lb_get_betatunnel_caid_to(er);
|
---|
367 | }
|
---|
368 | return 0;
|
---|
369 | }
|
---|
370 |
|
---|
371 | // server filter for newcamd
|
---|
372 | int32_t chk_sfilter(ECM_REQUEST *er, PTAB *ptab)
|
---|
373 | {
|
---|
374 | #ifdef MODULE_NEWCAMD
|
---|
375 | int32_t i, j, pi, rc = 1;
|
---|
376 | uint16_t caid, scaid;
|
---|
377 | uint32_t prid, sprid;
|
---|
378 |
|
---|
379 | if(!ptab) { return (1); }
|
---|
380 | struct s_client *cur_cl = cur_client();
|
---|
381 |
|
---|
382 | caid = er->caid;
|
---|
383 | prid = er->prid;
|
---|
384 | pi = cur_cl->port_idx;
|
---|
385 |
|
---|
386 | if(cfg.ncd_mgclient)
|
---|
387 | { return 1; }
|
---|
388 |
|
---|
389 | if(ptab->nports && ptab->ports[pi].ncd && ptab->ports[pi].ncd->ncd_ftab.nfilts)
|
---|
390 | {
|
---|
391 | for(rc = j = 0; (!rc) && (j < ptab->ports[pi].ncd->ncd_ftab.nfilts); j++)
|
---|
392 | {
|
---|
393 | scaid = ptab->ports[pi].ncd->ncd_ftab.filts[j].caid;
|
---|
394 | if(caid == 0 || (caid != 0 && caid == scaid))
|
---|
395 | {
|
---|
396 | for(i = 0; (!rc) && i < ptab->ports[pi].ncd->ncd_ftab.filts[j].nprids; i++)
|
---|
397 | {
|
---|
398 | sprid = ptab->ports[pi].ncd->ncd_ftab.filts[j].prids[i];
|
---|
399 | cs_log_dbg(D_CLIENT, "trying server filter %04X@%06X", scaid, sprid);
|
---|
400 | if(prid == sprid)
|
---|
401 | {
|
---|
402 | rc = 1;
|
---|
403 | cs_log_dbg(D_CLIENT, "%04X@%06X allowed by server filter %04X@%06X",
|
---|
404 | caid, prid, scaid, sprid);
|
---|
405 | }
|
---|
406 | }
|
---|
407 | }
|
---|
408 | }
|
---|
409 |
|
---|
410 | if(!rc)
|
---|
411 | {
|
---|
412 | cs_log_dbg(D_CLIENT, "no match, %04X@%06X rejected by server filters", caid, prid);
|
---|
413 | snprintf(er->msglog, MSGLOGSIZE, "no server match %04X@%06X", caid, (uint32_t) prid);
|
---|
414 |
|
---|
415 | if(!er->rcEx) { er->rcEx = (E1_LSERVER << 4) | E2_IDENT; }
|
---|
416 | return (rc);
|
---|
417 | }
|
---|
418 | }
|
---|
419 | return (rc);
|
---|
420 | #else
|
---|
421 | (void)er;
|
---|
422 | (void)ptab;
|
---|
423 | return 1;
|
---|
424 | #endif
|
---|
425 | }
|
---|
426 |
|
---|
427 | static int32_t chk_chid(ECM_REQUEST *er, FTAB *fchid, char *type, char *name)
|
---|
428 | {
|
---|
429 | int32_t rc = 1, i, j, found_caid = 0;
|
---|
430 | if(!fchid->nfilts) { return 1; }
|
---|
431 | if(er->chid == 0 && er->ecm[0] == 0) { return 1; } // skip empty ecm, chid 00 to avoid no matching readers in dvbapi
|
---|
432 |
|
---|
433 | for(i = rc = 0; (!rc) && i < fchid->nfilts; i++)
|
---|
434 | {
|
---|
435 | if(er->caid == fchid->filts[i].caid)
|
---|
436 | {
|
---|
437 | found_caid = 1;
|
---|
438 | for(j = 0; (!rc) && j < fchid->filts[i].nprids; j++)
|
---|
439 | {
|
---|
440 | cs_log_dbg(D_CLIENT, "trying %s '%s' CHID filter %04X:%04X",
|
---|
441 | type, name, fchid->filts[i].caid, fchid->filts[i].prids[j]);
|
---|
442 |
|
---|
443 | if(er->chid == fchid->filts[i].prids[j])
|
---|
444 | {
|
---|
445 | cs_log_dbg(D_CLIENT, "%04X:%04X allowed by %s '%s' CHID filter %04X:%04X",
|
---|
446 | er->caid, er->chid, type, name, fchid->filts[i].caid, fchid->filts[i].prids[j]);
|
---|
447 | rc = 1;
|
---|
448 | }
|
---|
449 | }
|
---|
450 | }
|
---|
451 | }
|
---|
452 |
|
---|
453 | if(!rc)
|
---|
454 | {
|
---|
455 | if(found_caid)
|
---|
456 | cs_log_dbg(D_CLIENT, "no match, %04X:%04X rejected by %s '%s' CHID filter(s)",
|
---|
457 | er->caid, er->chid, type, name);
|
---|
458 | else
|
---|
459 | {
|
---|
460 | rc = 1;
|
---|
461 | cs_log_dbg(D_CLIENT, "%04X:%04X allowed by %s '%s' CHID filter, CAID not spezified",
|
---|
462 | er->caid, er->chid, type, name);
|
---|
463 | }
|
---|
464 | }
|
---|
465 | return (rc);
|
---|
466 | }
|
---|
467 |
|
---|
468 | int32_t chk_ident_filter(uint16_t rcaid, uint32_t rprid, FTAB *ftab)
|
---|
469 | {
|
---|
470 | int32_t i, j, rc = 1;
|
---|
471 | uint16_t caid = 0;
|
---|
472 | uint32_t prid = 0;
|
---|
473 |
|
---|
474 | if(ftab->nfilts)
|
---|
475 | {
|
---|
476 | for(rc = i = 0; (!rc) && (i < ftab->nfilts); i++)
|
---|
477 | {
|
---|
478 | caid = ftab->filts[i].caid;
|
---|
479 | if((caid != 0 && caid == rcaid) || caid == 0)
|
---|
480 | {
|
---|
481 | for(j = 0; (!rc) && (j < ftab->filts[i].nprids); j++)
|
---|
482 | {
|
---|
483 | prid = ftab->filts[i].prids[j];
|
---|
484 | if(prid == rprid)
|
---|
485 | {
|
---|
486 | rc=1;
|
---|
487 | }
|
---|
488 | }
|
---|
489 | }
|
---|
490 | }
|
---|
491 |
|
---|
492 | if(!rc)
|
---|
493 | { return 0; }
|
---|
494 | }
|
---|
495 |
|
---|
496 | return(rc);
|
---|
497 | }
|
---|
498 |
|
---|
499 | int32_t chk_ufilters(ECM_REQUEST *er)
|
---|
500 | {
|
---|
501 | int32_t i, j, rc = 1;
|
---|
502 | uint16_t ucaid;
|
---|
503 | uint32_t uprid;
|
---|
504 | struct s_client *cur_cl = cur_client();
|
---|
505 |
|
---|
506 | if(cur_cl->ftab.nfilts)
|
---|
507 | {
|
---|
508 | FTAB *f = &cur_cl->ftab;
|
---|
509 | for(i = rc = 0; (!rc) && (i < f->nfilts); i++)
|
---|
510 | {
|
---|
511 | ucaid = f->filts[i].caid;
|
---|
512 | if(er->caid == 0 || ucaid == 0 || (er->caid != 0 && er->caid == ucaid))
|
---|
513 | {
|
---|
514 | if (er->prid == 0)
|
---|
515 | {
|
---|
516 | cs_log_dbg(D_CLIENT, "%04X@%06X allowed by user '%s' filter caid %04X prid %06X",
|
---|
517 | er->caid, er->prid, cur_cl->account->usr, ucaid, 0);
|
---|
518 | rc = 1;
|
---|
519 | break;
|
---|
520 | }
|
---|
521 |
|
---|
522 | for(j = rc = 0; (!rc) && (j < f->filts[i].nprids); j++)
|
---|
523 | {
|
---|
524 | uprid = f->filts[i].prids[j];
|
---|
525 | cs_log_dbg(D_CLIENT, "trying user '%s' filter %04X@%06X", cur_cl->account->usr, ucaid, uprid);
|
---|
526 |
|
---|
527 | if(er->prid == uprid)
|
---|
528 | {
|
---|
529 | rc = 1;
|
---|
530 | cs_log_dbg(D_CLIENT, "%04X@%06X allowed by user '%s' filter %04X@%06X",
|
---|
531 | er->caid, er->prid, cur_cl->account->usr, ucaid, uprid);
|
---|
532 | }
|
---|
533 | }
|
---|
534 | }
|
---|
535 | }
|
---|
536 |
|
---|
537 | if(!rc)
|
---|
538 | {
|
---|
539 | cs_log_dbg(D_CLIENT, "no match, %04X@%06X rejected by user '%s' filters",
|
---|
540 | er->caid, er->prid, cur_cl->account->usr);
|
---|
541 |
|
---|
542 | snprintf(er->msglog, MSGLOGSIZE, "no card support %04X@%06X", er->caid, (uint32_t) er->prid);
|
---|
543 |
|
---|
544 | if(!er->rcEx) { er->rcEx = (E1_USER << 4) | E2_IDENT; }
|
---|
545 | return (rc);
|
---|
546 | }
|
---|
547 | }
|
---|
548 |
|
---|
549 | if(!(rc = chk_class(er, &cur_cl->cltab, "user", cur_cl->account->usr)))
|
---|
550 | {
|
---|
551 | if(!er->rcEx) { er->rcEx = (E1_USER << 4) | E2_CLASS; }
|
---|
552 | }
|
---|
553 | else if(!(rc = chk_chid(er, &cur_cl->fchid, "user", cur_cl->account->usr)))
|
---|
554 | {
|
---|
555 | if(!er->rcEx) { er->rcEx = (E1_USER << 4) | E2_CHID; }
|
---|
556 | }
|
---|
557 |
|
---|
558 | if(rc) { er->rcEx = 0; }
|
---|
559 |
|
---|
560 | return (rc);
|
---|
561 | }
|
---|
562 |
|
---|
563 | int32_t chk_rsfilter(struct s_reader *reader, ECM_REQUEST *er)
|
---|
564 | {
|
---|
565 | int32_t i, rc = 1;
|
---|
566 | uint16_t caid;
|
---|
567 | uint32_t prid;
|
---|
568 |
|
---|
569 | if(reader->ncd_disable_server_filt)
|
---|
570 | {
|
---|
571 | cs_log_dbg(D_CLIENT, "%04X@%06X allowed - server filters disabled", er->caid, er->prid);
|
---|
572 | return 1;
|
---|
573 | }
|
---|
574 |
|
---|
575 | rc = 0;
|
---|
576 | caid = reader->caid;
|
---|
577 | if(caid == er->caid)
|
---|
578 | {
|
---|
579 | for(i = 0; (!rc) && (i < reader->nprov); i++)
|
---|
580 | {
|
---|
581 | prid = (uint32_t)((reader->prid[i][1] << 16) | (reader->prid[i][2] << 8) | (reader->prid[i][3]));
|
---|
582 | cs_log_dbg(D_CLIENT, "trying server '%s' filter %04X@%06X", reader->device, caid, prid);
|
---|
583 |
|
---|
584 | if(prid == er->prid || !er->prid)
|
---|
585 | {
|
---|
586 | rc = 1;
|
---|
587 | cs_log_dbg(D_CLIENT, "%04X@%06X allowed by server '%s' filter %04X@%06X",
|
---|
588 | er->caid, er->prid, reader->device, caid, prid);
|
---|
589 | }
|
---|
590 | }
|
---|
591 | }
|
---|
592 |
|
---|
593 | if(!rc)
|
---|
594 | {
|
---|
595 | cs_log_dbg(D_CLIENT, "no match, %04X@%06X rejected by server '%s' filters",
|
---|
596 | er->caid, er->prid, reader->device);
|
---|
597 |
|
---|
598 | if(!er->rcEx) { er->rcEx = (E1_SERVER << 4) | E2_IDENT; }
|
---|
599 | return 0;
|
---|
600 | }
|
---|
601 |
|
---|
602 | return (rc);
|
---|
603 | }
|
---|
604 |
|
---|
605 | int32_t chk_rfilter2(uint16_t rcaid, uint32_t rprid, struct s_reader *rdr)
|
---|
606 | {
|
---|
607 | int32_t i, j, rc = 1;
|
---|
608 | uint16_t caid = 0;
|
---|
609 | uint32_t prid = 0;
|
---|
610 |
|
---|
611 | if(rdr->ftab.nfilts)
|
---|
612 | {
|
---|
613 | for(rc = i = 0; (!rc) && (i < rdr->ftab.nfilts); i++)
|
---|
614 | {
|
---|
615 | caid = rdr->ftab.filts[i].caid;
|
---|
616 | if((caid != 0 && caid == rcaid) || caid == 0)
|
---|
617 | {
|
---|
618 | for(j = 0; (!rc) && (j < rdr->ftab.filts[i].nprids); j++)
|
---|
619 | {
|
---|
620 | prid = rdr->ftab.filts[i].prids[j];
|
---|
621 | cs_log_dbg(D_CLIENT, "trying reader '%s' filter %04X@%06X", rdr->label, caid, prid);
|
---|
622 |
|
---|
623 | if(prid == rprid)
|
---|
624 | {
|
---|
625 | rc = 1;
|
---|
626 | cs_log_dbg(D_CLIENT, "%04X@%06X allowed by reader '%s' filter %04X@%06X",
|
---|
627 | rcaid, rprid, rdr->label, caid, prid);
|
---|
628 | }
|
---|
629 | }
|
---|
630 | }
|
---|
631 | }
|
---|
632 |
|
---|
633 | if(!rc)
|
---|
634 | {
|
---|
635 | cs_log_dbg(D_CLIENT, "no match, %04X@%06X rejected by reader '%s' filters",
|
---|
636 | rcaid, rprid, rdr->label);
|
---|
637 | return 0;
|
---|
638 | }
|
---|
639 | }
|
---|
640 |
|
---|
641 | return (rc);
|
---|
642 | }
|
---|
643 |
|
---|
644 | static int32_t chk_rfilter(ECM_REQUEST *er, struct s_reader *rdr)
|
---|
645 | {
|
---|
646 | return chk_rfilter2(er->caid, er->prid, rdr);
|
---|
647 | }
|
---|
648 |
|
---|
649 | int32_t chk_ctab(uint16_t caid, CAIDTAB *ctab)
|
---|
650 | {
|
---|
651 | if(!caid || !ctab->ctnum)
|
---|
652 | { return 1; }
|
---|
653 |
|
---|
654 | int32_t i;
|
---|
655 | for(i = 0; i < ctab->ctnum; i++)
|
---|
656 | {
|
---|
657 | CAIDTAB_DATA *d = &ctab->ctdata[i];
|
---|
658 | if(!d->caid)
|
---|
659 | {
|
---|
660 | return 0;
|
---|
661 | }
|
---|
662 | if((caid & d->mask) == d->caid)
|
---|
663 | { return 1; }
|
---|
664 | }
|
---|
665 | return 0;
|
---|
666 | }
|
---|
667 |
|
---|
668 | int32_t chk_ctab_ex(uint16_t caid, CAIDTAB *ctab)
|
---|
669 | {
|
---|
670 | if(!caid || !ctab->ctnum)
|
---|
671 | { return 0; }
|
---|
672 |
|
---|
673 | int32_t i;
|
---|
674 | for(i = 0; i < ctab->ctnum; i++)
|
---|
675 | {
|
---|
676 | CAIDTAB_DATA *d = &ctab->ctdata[i];
|
---|
677 | if(!d->caid)
|
---|
678 | {
|
---|
679 | return 0;
|
---|
680 | }
|
---|
681 |
|
---|
682 | if((caid & d->mask) == d->caid)
|
---|
683 | {
|
---|
684 | return 1;
|
---|
685 | }
|
---|
686 | }
|
---|
687 | return 0;
|
---|
688 | }
|
---|
689 |
|
---|
690 | uint8_t is_localreader(struct s_reader *rdr, ECM_REQUEST *er) // to be used for LB/reader selections checks only
|
---|
691 | {
|
---|
692 | if(!rdr) return 0;
|
---|
693 |
|
---|
694 | if(!is_network_reader(rdr))
|
---|
695 | {
|
---|
696 | return 1;
|
---|
697 | }
|
---|
698 |
|
---|
699 | if(!rdr->localcards.nfilts) { return 0; }
|
---|
700 |
|
---|
701 | int32_t i, k;
|
---|
702 | for(i = 0; i < rdr->localcards.nfilts; i++)
|
---|
703 | {
|
---|
704 | uint16_t tcaid = rdr->localcards.filts[i].caid;
|
---|
705 | if(tcaid && tcaid == er->caid) // caid match
|
---|
706 | {
|
---|
707 | int32_t nprids = rdr->localcards.filts[i].nprids;
|
---|
708 | if(!nprids) // No Provider -> Ok
|
---|
709 | { return 1; }
|
---|
710 |
|
---|
711 | for(k = 0; k < nprids; k++)
|
---|
712 | {
|
---|
713 | uint32_t prid = rdr->localcards.filts[i].prids[k];
|
---|
714 | if(prid == er->prid) // Provider matches
|
---|
715 | {
|
---|
716 | return 1;
|
---|
717 | }
|
---|
718 | }
|
---|
719 | }
|
---|
720 | }
|
---|
721 |
|
---|
722 | return 0;
|
---|
723 | }
|
---|
724 |
|
---|
725 | uint8_t chk_is_fixed_fallback(struct s_reader *rdr, ECM_REQUEST *er)
|
---|
726 | {
|
---|
727 | if(!rdr->fallback && !rdr->fallback_percaid.nfilts) { return 0; }
|
---|
728 |
|
---|
729 | if(!rdr->fallback_percaid.nfilts)
|
---|
730 | {
|
---|
731 | if(rdr->fallback)
|
---|
732 | { return 1; }
|
---|
733 | }
|
---|
734 |
|
---|
735 | int32_t i, k;
|
---|
736 | for(i = 0; i < rdr->fallback_percaid.nfilts; i++)
|
---|
737 | {
|
---|
738 | uint16_t tcaid = rdr->fallback_percaid.filts[i].caid;
|
---|
739 | if(tcaid && (tcaid == er->caid || (tcaid < 0x0100 && (er->caid >> 8) == tcaid))) // caid match
|
---|
740 | {
|
---|
741 | int32_t nprids = rdr->fallback_percaid.filts[i].nprids;
|
---|
742 | if(!nprids) // No Provider ->Ok
|
---|
743 | { return 1; }
|
---|
744 |
|
---|
745 | for(k = 0; k < nprids; k++)
|
---|
746 | {
|
---|
747 | uint32_t prid = rdr->fallback_percaid.filts[i].prids[k];
|
---|
748 | if(prid == er->prid) // Provider matches
|
---|
749 | {
|
---|
750 | return 1;
|
---|
751 | }
|
---|
752 | }
|
---|
753 | }
|
---|
754 | }
|
---|
755 |
|
---|
756 | return 0;
|
---|
757 | }
|
---|
758 |
|
---|
759 | #ifdef CS_CACHEEX_AIO
|
---|
760 | uint8_t chk_lg_only(ECM_REQUEST *er, FTAB *lg_only_ftab)
|
---|
761 | {
|
---|
762 | int32_t i, k;
|
---|
763 |
|
---|
764 | if(!lg_only_ftab->nfilts)
|
---|
765 | return 0;
|
---|
766 |
|
---|
767 | for(i = 0; i < lg_only_ftab->nfilts; i++)
|
---|
768 | {
|
---|
769 | uint16_t tcaid = lg_only_ftab->filts[i].caid;
|
---|
770 | if(tcaid && (tcaid == er->caid || (tcaid < 0x0100 && (er->caid >> 8) == tcaid))) // caid match
|
---|
771 | {
|
---|
772 | int32_t nprids = lg_only_ftab->filts[i].nprids;
|
---|
773 | if(!nprids) // No Provider ->Ok
|
---|
774 | { return 1; }
|
---|
775 |
|
---|
776 | for(k = 0; k < nprids; k++)
|
---|
777 | {
|
---|
778 | uint32_t prid = lg_only_ftab->filts[i].prids[k];
|
---|
779 | if(prid == NO_PROVID_VALUE || prid == er->prid) // Provider matches
|
---|
780 | {
|
---|
781 | return 1;
|
---|
782 | }
|
---|
783 | }
|
---|
784 | }
|
---|
785 | }
|
---|
786 |
|
---|
787 | return 0;
|
---|
788 | }
|
---|
789 |
|
---|
790 | uint8_t chk_lg_only_cp(uint16_t caid, uint32_t prid, FTAB *lg_only_ftab)
|
---|
791 | {
|
---|
792 | int32_t i, k;
|
---|
793 |
|
---|
794 | if(!lg_only_ftab->nfilts)
|
---|
795 | return 0;
|
---|
796 |
|
---|
797 | for(i = 0; i < lg_only_ftab->nfilts; i++)
|
---|
798 | {
|
---|
799 | uint16_t tcaid = lg_only_ftab->filts[i].caid;
|
---|
800 | if(tcaid && (tcaid == caid || (tcaid < 0x0100 && (caid >> 8) == tcaid))) // caid match
|
---|
801 | {
|
---|
802 | int32_t nprids = lg_only_ftab->filts[i].nprids;
|
---|
803 | if(!nprids) // No Provider ->Ok
|
---|
804 | { return 1; }
|
---|
805 |
|
---|
806 | for(k = 0; k < nprids; k++)
|
---|
807 | {
|
---|
808 | uint32_t fprid = lg_only_ftab->filts[i].prids[k];
|
---|
809 | if(fprid == NO_PROVID_VALUE || fprid == prid) // Provider matches
|
---|
810 | {
|
---|
811 | return 1;
|
---|
812 | }
|
---|
813 | }
|
---|
814 | }
|
---|
815 | }
|
---|
816 |
|
---|
817 | return 0;
|
---|
818 | }
|
---|
819 | #endif
|
---|
820 |
|
---|
821 | uint8_t chk_has_fixed_fallback(ECM_REQUEST *er)
|
---|
822 | {
|
---|
823 | struct s_ecm_answer *ea;
|
---|
824 | struct s_reader *rdr;
|
---|
825 | int32_t n_falb = 0;
|
---|
826 | for(ea = er->matching_rdr; ea; ea = ea->next)
|
---|
827 | {
|
---|
828 | rdr = ea->reader;
|
---|
829 | if(chk_is_fixed_fallback(rdr, er))
|
---|
830 | { n_falb++; }
|
---|
831 | }
|
---|
832 | return n_falb;
|
---|
833 | }
|
---|
834 |
|
---|
835 | uint8_t chk_if_ignore_checksum(ECM_REQUEST *er, FTAB *disablecrc_only_for)
|
---|
836 | {
|
---|
837 | if(!disablecrc_only_for->nfilts) { return 0; }
|
---|
838 |
|
---|
839 | int32_t i, k;
|
---|
840 | for(i = 0; i < disablecrc_only_for->nfilts; i++)
|
---|
841 | {
|
---|
842 | uint16_t tcaid = disablecrc_only_for->filts[i].caid;
|
---|
843 | if(tcaid && (tcaid == er->caid || (tcaid < 0x0100 && (er->caid >> 8) == tcaid))) // caid match
|
---|
844 | {
|
---|
845 | int32_t nprids = disablecrc_only_for->filts[i].nprids;
|
---|
846 | if(!nprids) // No Provider ->Ok
|
---|
847 | { return 1; }
|
---|
848 |
|
---|
849 | for(k = 0; k < nprids; k++)
|
---|
850 | {
|
---|
851 | uint32_t prid =disablecrc_only_for->filts[i].prids[k];
|
---|
852 | if(prid == er->prid) // Provider matches
|
---|
853 | { return 1; }
|
---|
854 | }
|
---|
855 | }
|
---|
856 | }
|
---|
857 |
|
---|
858 | return 0;
|
---|
859 | }
|
---|
860 |
|
---|
861 | int32_t matching_reader(ECM_REQUEST *er, struct s_reader *rdr)
|
---|
862 | {
|
---|
863 | // simple checks first:
|
---|
864 | if(!er || !rdr)
|
---|
865 | { return (0); }
|
---|
866 |
|
---|
867 | // reader active?
|
---|
868 | struct s_client *cl = rdr->client;
|
---|
869 | if(!cl || !rdr->enable)
|
---|
870 | { return (0); }
|
---|
871 |
|
---|
872 | // if physical reader a card needs to be inserted
|
---|
873 | if(!is_network_reader(rdr) && rdr->card_status != CARD_INSERTED)
|
---|
874 | { return (0); }
|
---|
875 |
|
---|
876 | // Checking connected & group valid:
|
---|
877 | struct s_client *cur_cl = er->client; //cur_client();
|
---|
878 |
|
---|
879 | #ifdef CS_CACHEEX
|
---|
880 | // Cacheex=3 defines a Cacheex-only reader. never match them.
|
---|
881 | if(rdr->cacheex.mode == 3)
|
---|
882 | { return (0); }
|
---|
883 | if(rdr->cacheex.mode == 2 && !rdr->cacheex.allow_request)
|
---|
884 | { return (0); }
|
---|
885 | #endif
|
---|
886 |
|
---|
887 | if(!(rdr->grp & cur_cl->grp))
|
---|
888 | { return (0); }
|
---|
889 |
|
---|
890 | // Checking caids:
|
---|
891 | if((!er->ocaid || !chk_ctab(er->ocaid, &rdr->ctab)) && !chk_ctab(er->caid, &rdr->ctab))
|
---|
892 | {
|
---|
893 | cs_log_dbg(D_TRACE, "caid %04X not found in caidlist reader %s", er->caid, rdr->label);
|
---|
894 | return 0;
|
---|
895 | }
|
---|
896 |
|
---|
897 | if(!(rdr->typ == R_EMU) && !is_network_reader(rdr) && ((rdr->caid >> 8) != ((er->caid >> 8) & 0xFF) && (rdr->caid >> 8) != ((er->ocaid >> 8) & 0xFF)))
|
---|
898 | {
|
---|
899 | if (!rdr->csystem)
|
---|
900 | { return 0; }
|
---|
901 |
|
---|
902 | int i, caid_found = 0;
|
---|
903 | for(i = 0; rdr->csystem->caids[i]; i++)
|
---|
904 | {
|
---|
905 | uint16_t cs_caid = rdr->csystem->caids[i];
|
---|
906 | if(!cs_caid)
|
---|
907 | { continue; }
|
---|
908 |
|
---|
909 | if(cs_caid == er->caid || cs_caid == er->ocaid)
|
---|
910 | {
|
---|
911 | caid_found = 1;
|
---|
912 | break;
|
---|
913 | }
|
---|
914 | }
|
---|
915 |
|
---|
916 | if(!caid_found)
|
---|
917 | { return 0; }
|
---|
918 | }
|
---|
919 |
|
---|
920 | // Supports long ecms?
|
---|
921 | if(er->ecmlen > 255 && is_network_reader(rdr) && !rdr->ph.large_ecm_support)
|
---|
922 | {
|
---|
923 | cs_log_dbg(D_TRACE, "no large ecm support (l=%d) for reader %s", er->ecmlen, rdr->label);
|
---|
924 | return 0;
|
---|
925 | }
|
---|
926 |
|
---|
927 | // Checking services:
|
---|
928 | if(!chk_srvid(rdr->client, er))
|
---|
929 | {
|
---|
930 | cs_log_dbg(D_TRACE, "service %04X not matching reader %s", er->srvid, rdr->label);
|
---|
931 | return (0);
|
---|
932 | }
|
---|
933 |
|
---|
934 | // Checking ident:
|
---|
935 | if(!(rdr->typ == R_EMU && caid_is_biss(er->caid)) && !chk_rfilter(er, rdr))
|
---|
936 | {
|
---|
937 | cs_log_dbg(D_TRACE, "r-filter reader %s", rdr->label);
|
---|
938 | return (0);
|
---|
939 | }
|
---|
940 |
|
---|
941 | // Check ECM nanos:
|
---|
942 | if(!chk_class(er, &rdr->cltab, "reader", rdr->label))
|
---|
943 | {
|
---|
944 | cs_log_dbg(D_TRACE, "class filter reader %s", rdr->label);
|
---|
945 | return (0);
|
---|
946 | }
|
---|
947 |
|
---|
948 | // CDS NL: check for right seca type
|
---|
949 | if(!is_network_reader(rdr) && er->caid == 0x100 && er->prid == 0x00006a
|
---|
950 | && !(er->ecm[8] == 0x00 && er->ecm[9] == 0x00)) // no empty ecm
|
---|
951 | {
|
---|
952 | if(er->ecm[8] == 0x00 && rdr->secatype == 2)
|
---|
953 | {
|
---|
954 | cs_log_dbg(D_TRACE, "Error: this is a nagra/mediaguard3 ECM and readertype is seca2!");
|
---|
955 | return 0; // we dont send a nagra/mediaguard3 ecm to a seca2 reader!
|
---|
956 | }
|
---|
957 |
|
---|
958 | if((er->ecm[8] == 0x10) && (er->ecm[9] == 0x01) && rdr->secatype == 3)
|
---|
959 | {
|
---|
960 | cs_log_dbg(D_TRACE, "Error: this is a seca2 ECM and readertype is nagra/mediaguard3!");
|
---|
961 | return 0; // we dont send a seca2 ecm to a nagra/mediaguard3 reader!
|
---|
962 | }
|
---|
963 | }
|
---|
964 |
|
---|
965 | // CDS NL: check for right seca type by ECMPID
|
---|
966 | if(!is_network_reader(rdr) && er->caid == 0x100 && er->prid == 0x00006a)
|
---|
967 | {
|
---|
968 | if(rdr->secatype == 2 && er->pid >> 8 == 7)
|
---|
969 | {
|
---|
970 | cs_log_dbg(D_TRACE, "Error: this is a nagra/mediaguard3 ECM and readertype is seca2!");
|
---|
971 | return 0; // we dont send a nagra/mediaguard3 ecm to a seca2 reader!
|
---|
972 | }
|
---|
973 |
|
---|
974 | if(rdr->secatype == 3 && er->pid >> 8 == 6)
|
---|
975 | {
|
---|
976 | cs_log_dbg(D_TRACE, "Error: this is a seca2 ECM and readertype is nagra/mediaguard3!");
|
---|
977 | return 0; // we dont send a seca2 ecm to a nagra/mediaguard3 reader!
|
---|
978 | }
|
---|
979 | }
|
---|
980 |
|
---|
981 | // Checking chid:
|
---|
982 | if(!chk_chid(er, &rdr->fchid, "reader", rdr->label))
|
---|
983 | {
|
---|
984 | cs_log_dbg(D_TRACE, "chid filter reader %s", rdr->label);
|
---|
985 | return (0);
|
---|
986 | }
|
---|
987 |
|
---|
988 | // Schlocke reader-defined function, reader-self-check
|
---|
989 | if(rdr->ph.c_available && !rdr->ph.c_available(rdr, AVAIL_CHECK_CONNECTED, er))
|
---|
990 | {
|
---|
991 | cs_log_dbg(D_TRACE, "reader unavailable %s", rdr->label);
|
---|
992 | return 0;
|
---|
993 | }
|
---|
994 |
|
---|
995 | // Checking entitlements:
|
---|
996 | if(ll_count(rdr->ll_entitlements) > 0 && !(rdr->typ == R_EMU))
|
---|
997 | {
|
---|
998 | LL_ITER itr = ll_iter_create(rdr->ll_entitlements);
|
---|
999 | S_ENTITLEMENT *item;
|
---|
1000 | int8_t found = 0;
|
---|
1001 |
|
---|
1002 | while((item = ll_iter_next(&itr)))
|
---|
1003 | {
|
---|
1004 | if(item->caid != er->caid) continue; // skip wrong caid!
|
---|
1005 | if(item->type == 7) continue; // skip seca-admin type (provid 000000) since its not used for decoding!
|
---|
1006 | if(er->prid && item->provid && er->prid != item->provid) continue; // skip non matching provid!
|
---|
1007 | if(!er->prid && caid_is_seca(er->caid)) continue; // dont accept requests without provid for seca cas.
|
---|
1008 | if(!er->prid && caid_is_viaccess(er->caid)) continue; // dont accept requests without provid for viaccess cas
|
---|
1009 | if(!er->prid && caid_is_cryptoworks(er->caid)) continue; // dont accept requests without provid for cryptoworks cas
|
---|
1010 | found =1;
|
---|
1011 | break;
|
---|
1012 | }
|
---|
1013 |
|
---|
1014 | if(!found && er->ecm[0]) // ecmrequest can get corrected provid parsed from payload in ecm
|
---|
1015 | {
|
---|
1016 | cs_log_dbg(D_TRACE, "entitlements check failed on reader %s", rdr->label);
|
---|
1017 | return 0;
|
---|
1018 | }
|
---|
1019 | }
|
---|
1020 |
|
---|
1021 | // Checking ecmlength:
|
---|
1022 | if(rdr->ecm_whitelist.ewnum && er->ecmlen)
|
---|
1023 | {
|
---|
1024 | int32_t i;
|
---|
1025 | int8_t ok = 0, foundident = 0;
|
---|
1026 |
|
---|
1027 | for (i = 0; i < rdr->ecm_whitelist.ewnum; i++)
|
---|
1028 | {
|
---|
1029 | ECM_WHITELIST_DATA *d = &rdr->ecm_whitelist.ewdata[i];
|
---|
1030 | if ((d->caid == 0 || d->caid == er->caid) && (d->ident == 0 || d->ident == er->prid))
|
---|
1031 | {
|
---|
1032 | foundident = 1;
|
---|
1033 | if (d->len == er->ecmlen)
|
---|
1034 | {
|
---|
1035 | ok = 1;
|
---|
1036 | break;
|
---|
1037 | }
|
---|
1038 | }
|
---|
1039 | }
|
---|
1040 |
|
---|
1041 | if(foundident == 1 && ok == 0)
|
---|
1042 | {
|
---|
1043 | cs_log_dbg(D_TRACE, "ECM is not in ecmwhitelist of reader %s.", rdr->label);
|
---|
1044 | rdr->ecmsfilteredlen += 1;
|
---|
1045 | rdr->webif_ecmsfilteredlen += 1;
|
---|
1046 | return (0);
|
---|
1047 | }
|
---|
1048 | }
|
---|
1049 |
|
---|
1050 | // ECM Header Check
|
---|
1051 | if(rdr->ecm_hdr_whitelist.ehdata && er->ecmlen)
|
---|
1052 | {
|
---|
1053 | int8_t byteok = 0;
|
---|
1054 | int8_t entryok = 0;
|
---|
1055 | int8_t foundcaid = 0;
|
---|
1056 | int8_t foundprovid = 0;
|
---|
1057 | int16_t len = 0;
|
---|
1058 | int32_t i = 0;
|
---|
1059 | int8_t skip = 0;
|
---|
1060 | int32_t r;
|
---|
1061 |
|
---|
1062 | for(r = 0; r < rdr->ecm_hdr_whitelist.ehnum; r++)
|
---|
1063 | {
|
---|
1064 | ECM_HDR_WHITELIST_DATA *tmp = &rdr->ecm_hdr_whitelist.ehdata[r];
|
---|
1065 | skip = 0;
|
---|
1066 | byteok = 0;
|
---|
1067 | entryok = 0;
|
---|
1068 |
|
---|
1069 | if(tmp->caid == 0 || tmp->caid == er->caid)
|
---|
1070 | {
|
---|
1071 | foundcaid = 1; //-> caid was in list
|
---|
1072 | //rdr_log_dbg(rdr, D_READER, "Headerwhitelist: found matching CAID: %04X in list", tmp->caid);
|
---|
1073 |
|
---|
1074 | if(tmp->provid == 0 || tmp->provid == er->prid)
|
---|
1075 | {
|
---|
1076 | foundprovid = 1; //-> provid was in list
|
---|
1077 | //rdr_log_dbg(rdr, D_READER, "Headerwhitelist: found matching Provid: %06X in list", tmp->provid);
|
---|
1078 |
|
---|
1079 | len = tmp->len;
|
---|
1080 | for(i = 0; i < len / 2; i++)
|
---|
1081 | {
|
---|
1082 | if(tmp->header[i] == er->ecm[i])
|
---|
1083 | {
|
---|
1084 | byteok = 1;
|
---|
1085 | //rdr_log_dbg(rdr, D_READER, "ECM Byte: %i of ECMHeaderwhitelist is correct. (%02X = %02X Headerlen: %i)", i, er->ecm[i], tmp->header[i], len/2);
|
---|
1086 | }
|
---|
1087 | else
|
---|
1088 | {
|
---|
1089 | byteok = 0;
|
---|
1090 | //rdr_log_dbg(rdr, D_READER, "ECM Byte: %i of ECMHeaderwhitelist is not valid. (%02X != %02X Headerlen: %i)", i, er->ecm[i], tmp->header[i], len/2);
|
---|
1091 | entryok = 0;
|
---|
1092 | break;
|
---|
1093 | }
|
---|
1094 |
|
---|
1095 | if(i == len / 2 - 1 && byteok == 1)
|
---|
1096 | {
|
---|
1097 | entryok = 1;
|
---|
1098 | }
|
---|
1099 | }
|
---|
1100 | }
|
---|
1101 | else
|
---|
1102 | {
|
---|
1103 | //rdr_log_dbg(rdr, D_READER, "ECMHeaderwhitelist: Provid: %06X not found in List-Entry -> skipping check", er->prid);
|
---|
1104 | skip = 1;
|
---|
1105 | continue;
|
---|
1106 | }
|
---|
1107 | }
|
---|
1108 | else
|
---|
1109 | {
|
---|
1110 | //rdr_log_dbg(rdr, D_READER, "ECMHeaderwhitelist: CAID: %04X not found in List-Entry -> skipping check", er->caid);
|
---|
1111 | skip = 1;
|
---|
1112 | continue;
|
---|
1113 | }
|
---|
1114 |
|
---|
1115 | if(entryok == 1)
|
---|
1116 | {
|
---|
1117 | break;
|
---|
1118 | }
|
---|
1119 | }
|
---|
1120 |
|
---|
1121 | if(foundcaid == 1 && foundprovid == 1 && byteok == 1 && entryok == 1)
|
---|
1122 | {
|
---|
1123 | //cs_log("ECM for %04X@%06X:%04X is valid for ECMHeaderwhitelist of reader %s.", er->caid, er->prid, er->srvid, rdr->label);
|
---|
1124 | }
|
---|
1125 | else
|
---|
1126 | {
|
---|
1127 | if(skip == 0 || (foundcaid == 1 && foundprovid == 1 && entryok == 0 && skip == 1))
|
---|
1128 | {
|
---|
1129 | cs_log_dump_dbg(D_TRACE, er->ecm, er->ecmlen, "following ECM %04X@%06X:%04X was filtered by ECMHeaderwhitelist of Reader %s from User %s because of not matching Header:", er->caid, er->prid, er->srvid, rdr->label, username(er->client));
|
---|
1130 | rdr->ecmsfilteredhead += 1;
|
---|
1131 | rdr->webif_ecmsfilteredhead += 1;
|
---|
1132 | return (0);
|
---|
1133 | }
|
---|
1134 | }
|
---|
1135 | }
|
---|
1136 |
|
---|
1137 | // Simple ring connection check:
|
---|
1138 |
|
---|
1139 | // Check ip source+dest:
|
---|
1140 | if(cfg.block_same_ip && IP_EQUAL(cur_cl->ip, rdr->client->ip) && get_module(cur_cl)->listenertype != LIS_DVBAPI && is_network_reader(rdr))
|
---|
1141 | {
|
---|
1142 | rdr_log_dbg(rdr, D_TRACE, "User (%s) has the same ip (%s) as the reader, blocked because block_same_ip=1!", username(cur_cl), cs_inet_ntoa(rdr->client->ip));
|
---|
1143 | return 0;
|
---|
1144 | }
|
---|
1145 |
|
---|
1146 | if(cfg.block_same_name && strcmp(username(cur_cl), rdr->label) == 0)
|
---|
1147 | {
|
---|
1148 | rdr_log_dbg(rdr, D_TRACE, "User (%s) has the same name as the reader, blocked because block_same_name=1!", username(cur_cl));
|
---|
1149 | return 0;
|
---|
1150 | }
|
---|
1151 |
|
---|
1152 | if(!reader_slots_available(rdr, er)&& er->ecmlen > 0) // check free slots, er->ecmlen>0 trick to skip this test for matching readers in dvbapi module
|
---|
1153 | {
|
---|
1154 | return 0;
|
---|
1155 | }
|
---|
1156 |
|
---|
1157 | // All checks done, reader is matching!
|
---|
1158 | return (1);
|
---|
1159 | }
|
---|
1160 |
|
---|
1161 | int32_t chk_caid(uint16_t caid, CAIDTAB *ctab)
|
---|
1162 | {
|
---|
1163 | int32_t i;
|
---|
1164 |
|
---|
1165 | if (!ctab->ctnum) { return caid; }
|
---|
1166 |
|
---|
1167 | for(i = 0; i < ctab->ctnum; i++)
|
---|
1168 | {
|
---|
1169 | CAIDTAB_DATA *d = &ctab->ctdata[i];
|
---|
1170 | if((caid & d->mask) == d->caid) { return d->cmap ? d->cmap : caid; }
|
---|
1171 | }
|
---|
1172 | return -1;
|
---|
1173 | }
|
---|
1174 |
|
---|
1175 | int32_t chk_caid_rdr(struct s_reader *rdr, uint16_t caid)
|
---|
1176 | {
|
---|
1177 | if(is_network_reader(rdr) || rdr->typ == R_EMU)
|
---|
1178 | {
|
---|
1179 | return 1; // reader caid is not real caid
|
---|
1180 | }
|
---|
1181 | else if(rdr->caid == caid)
|
---|
1182 | {
|
---|
1183 | return 1;
|
---|
1184 | }
|
---|
1185 | return 0;
|
---|
1186 | }
|
---|
1187 |
|
---|
1188 | int32_t chk_bcaid(ECM_REQUEST *er, CAIDTAB *ctab)
|
---|
1189 | {
|
---|
1190 | int32_t caid;
|
---|
1191 | caid = chk_caid(er->caid, ctab);
|
---|
1192 | if(caid < 0) { return 0; }
|
---|
1193 | er->caid = caid;
|
---|
1194 | return 1;
|
---|
1195 | }
|
---|
1196 |
|
---|
1197 | /**
|
---|
1198 | * Check for NULL CWs
|
---|
1199 | **/
|
---|
1200 | int32_t chk_is_null_CW(uint8_t cw[])
|
---|
1201 | {
|
---|
1202 | int8_t i;
|
---|
1203 | for(i = 0; i < 16; i++)
|
---|
1204 | {
|
---|
1205 | if(cw[i])
|
---|
1206 | { return 0; }
|
---|
1207 | }
|
---|
1208 | return 1;
|
---|
1209 | }
|
---|
1210 |
|
---|
1211 | /**
|
---|
1212 | * Check for ecm request that expects half cw format
|
---|
1213 | **/
|
---|
1214 | int8_t is_halfCW_er(ECM_REQUEST *er)
|
---|
1215 | {
|
---|
1216 | if( caid_is_videoguard(er->caid) && (er->caid == 0x09C4 || er->caid == 0x098C || er->caid == 0x098D || er->caid == 0x0963 || er->caid == 0x09CD || er->caid == 0x0919 || er->caid == 0x093B || er->caid == 0x098E))
|
---|
1217 | { return 1; }
|
---|
1218 | return 0;
|
---|
1219 | }
|
---|
1220 |
|
---|
1221 | /**
|
---|
1222 | * Check for wrong half CWs
|
---|
1223 | **/
|
---|
1224 | int8_t chk_halfCW(ECM_REQUEST *er, uint8_t *cw)
|
---|
1225 | {
|
---|
1226 | if(is_halfCW_er(er) && cw)
|
---|
1227 | {
|
---|
1228 | uint8_t cw15 = cw[15];
|
---|
1229 | if(get_odd_even(er) == 0x80 && cw[15] == 0xF0) { cw[15] = 0; }
|
---|
1230 |
|
---|
1231 | int8_t part1 = checkCWpart(cw, 0);
|
---|
1232 | int8_t part2 = checkCWpart(cw, 1);
|
---|
1233 |
|
---|
1234 | // check for correct half cw format
|
---|
1235 | if(part1 && part2){ cw[15] = cw15; return 0; }
|
---|
1236 |
|
---|
1237 | // check for correct cw position
|
---|
1238 | if((get_odd_even(er) == 0x80 && part1 && !part2) // xxxxxxxx00000000
|
---|
1239 | ||(get_odd_even(er) == 0x81 && !part1 && part2)) // 00000000xxxxxxxx
|
---|
1240 | {
|
---|
1241 | return 1;
|
---|
1242 | }
|
---|
1243 |
|
---|
1244 | cw[15] = cw15;
|
---|
1245 | return 0; // not correct swapped cw
|
---|
1246 | }
|
---|
1247 | else
|
---|
1248 | {
|
---|
1249 | return 1;
|
---|
1250 | }
|
---|
1251 | }
|
---|
1252 |
|
---|
1253 | /**
|
---|
1254 | * Check for NULL nodeid
|
---|
1255 | **/
|
---|
1256 | int32_t chk_is_null_nodeid(uint8_t node_id[], uint8_t len)
|
---|
1257 | {
|
---|
1258 | int8_t i;
|
---|
1259 | for(i = 0; i < len; i++)
|
---|
1260 | {
|
---|
1261 | if(node_id[i]) { return 0; }
|
---|
1262 | }
|
---|
1263 | return 1;
|
---|
1264 | }
|
---|
1265 |
|
---|
1266 | // check if client structure is accessible
|
---|
1267 | bool check_client(struct s_client *cl)
|
---|
1268 | {
|
---|
1269 | if(cl && !cl->kill) { return true; }
|
---|
1270 | return false;
|
---|
1271 | }
|
---|
1272 |
|
---|
1273 | uint16_t caidvaluetab_get_value(CAIDVALUETAB *cv, uint16_t caid, uint16_t default_value)
|
---|
1274 | {
|
---|
1275 | int32_t i;
|
---|
1276 | for(i = 0; i < cv->cvnum; i++)
|
---|
1277 | {
|
---|
1278 | CAIDVALUETAB_DATA *cvdata = &cv->cvdata[i];
|
---|
1279 | if(cvdata->caid == caid || cvdata->caid == caid >> 8) { return cvdata->value; }
|
---|
1280 | }
|
---|
1281 | return default_value;
|
---|
1282 | }
|
---|
1283 |
|
---|
1284 | int32_t chk_is_fakecw(uint8_t *cw)
|
---|
1285 | {
|
---|
1286 | uint32_t i, is_fakecw = 0;
|
---|
1287 | uint32_t idx = ((cw[0] & 0xF) << 4) | (cw[8] & 0xF);
|
---|
1288 |
|
---|
1289 | cs_readlock(__func__, &config_lock);
|
---|
1290 |
|
---|
1291 | for(i = 0; i < cfg.fakecws[idx].count; i++)
|
---|
1292 | {
|
---|
1293 | if(memcmp(cw, cfg.fakecws[idx].data[i].cw, 16) == 0)
|
---|
1294 | {
|
---|
1295 | is_fakecw = 1;
|
---|
1296 | break;
|
---|
1297 | }
|
---|
1298 | }
|
---|
1299 | cs_readunlock(__func__, &config_lock);
|
---|
1300 |
|
---|
1301 | return is_fakecw;
|
---|
1302 | }
|
---|
1303 |
|
---|
1304 | #ifdef CS_CACHEEX_AIO
|
---|
1305 | bool chk_nopushafter(uint16_t caid, CAIDVALUETAB *cv, int32_t ecm_time)
|
---|
1306 | {
|
---|
1307 | uint16_t npa_time = caidvaluetab_get_value(cv, caid, 0);
|
---|
1308 | if(npa_time && (ecm_time > npa_time))
|
---|
1309 | {
|
---|
1310 | cs_log_dbg(D_CACHEEX, "REJECTED push: nopushafter %u < ecm_time %i", npa_time, ecm_time);
|
---|
1311 | return 0;
|
---|
1312 | }
|
---|
1313 | else
|
---|
1314 | return 1;
|
---|
1315 | }
|
---|
1316 | #endif
|
---|