1 | #define MODULE_LOG_PREFIX "client"
|
---|
2 |
|
---|
3 | #include "globals.h"
|
---|
4 |
|
---|
5 | #include "cscrypt/md5.h"
|
---|
6 | #include "module-anticasc.h"
|
---|
7 | #include "module-cccam.h"
|
---|
8 | #include "module-webif.h"
|
---|
9 | #include "oscam-array.h"
|
---|
10 | #include "oscam-conf-chk.h"
|
---|
11 | #include "oscam-client.h"
|
---|
12 | #include "oscam-ecm.h"
|
---|
13 | #include "oscam-failban.h"
|
---|
14 | #include "oscam-garbage.h"
|
---|
15 | #include "oscam-lock.h"
|
---|
16 | #include "oscam-net.h"
|
---|
17 | #include "oscam-reader.h"
|
---|
18 | #include "oscam-string.h"
|
---|
19 | #include "oscam-time.h"
|
---|
20 | #include "oscam-work.h"
|
---|
21 | #include "reader-common.h"
|
---|
22 | #include "oscam-chk.h"
|
---|
23 |
|
---|
24 | extern CS_MUTEX_LOCK fakeuser_lock;
|
---|
25 |
|
---|
26 | static char *processUsername;
|
---|
27 | static struct s_client *first_client_hashed[CS_CLIENT_HASHBUCKETS]; // Alternative hashed client list
|
---|
28 |
|
---|
29 | /* Gets the unique thread number from the client. Used in monitor and newcamd. */
|
---|
30 | int32_t get_threadnum(struct s_client *client)
|
---|
31 | {
|
---|
32 | struct s_client *cl;
|
---|
33 | int32_t count = 0;
|
---|
34 |
|
---|
35 | for(cl = first_client->next; cl ; cl = cl->next)
|
---|
36 | {
|
---|
37 | if(cl->typ == client->typ)
|
---|
38 | { count++; }
|
---|
39 | if(cl == client)
|
---|
40 | { return count; }
|
---|
41 | }
|
---|
42 | return 0;
|
---|
43 | }
|
---|
44 |
|
---|
45 | struct s_auth *get_account_by_name(char *name)
|
---|
46 | {
|
---|
47 | struct s_auth *account;
|
---|
48 | for(account = cfg.account; (account); account = account->next)
|
---|
49 | {
|
---|
50 | if(streq(name, account->usr))
|
---|
51 | { return account; }
|
---|
52 | }
|
---|
53 | return NULL;
|
---|
54 | }
|
---|
55 |
|
---|
56 | int8_t is_valid_client(struct s_client *client)
|
---|
57 | {
|
---|
58 | struct s_client *cl;
|
---|
59 | int32_t bucket = (uintptr_t)client / 16 % CS_CLIENT_HASHBUCKETS;
|
---|
60 | for(cl = first_client_hashed[bucket]; cl; cl = cl->nexthashed)
|
---|
61 | {
|
---|
62 | if(cl == client)
|
---|
63 | { return 1; }
|
---|
64 | }
|
---|
65 | return 0;
|
---|
66 | }
|
---|
67 |
|
---|
68 | const char *remote_txt(void)
|
---|
69 | {
|
---|
70 | return cur_client()->typ == 'c' ? "client" : "remote server";
|
---|
71 | }
|
---|
72 |
|
---|
73 | const char *client_get_proto(struct s_client *cl)
|
---|
74 | {
|
---|
75 | const char *ctyp;
|
---|
76 | switch(cl->typ)
|
---|
77 | {
|
---|
78 | case 's':
|
---|
79 | ctyp = "server";
|
---|
80 | break;
|
---|
81 | case 'h':
|
---|
82 | ctyp = "http";
|
---|
83 | break;
|
---|
84 | case 'p':
|
---|
85 | case 'r':
|
---|
86 | ctyp = reader_get_type_desc(cl->reader, 1);
|
---|
87 | break;
|
---|
88 | #ifdef CS_ANTICASC
|
---|
89 | case 'a':
|
---|
90 | ctyp = "anticascader";
|
---|
91 | break;
|
---|
92 | #endif
|
---|
93 | case 'c':
|
---|
94 | if(cccam_client_extended_mode(cl))
|
---|
95 | {
|
---|
96 | ctyp = "cccam_ext";
|
---|
97 | break;
|
---|
98 | }
|
---|
99 | default:
|
---|
100 | ctyp = get_module(cl)->desc;
|
---|
101 | }
|
---|
102 | return ctyp;
|
---|
103 | }
|
---|
104 |
|
---|
105 | static void cs_fake_client(struct s_client *client, char *usr, int32_t uniq, IN_ADDR_T ip)
|
---|
106 | {
|
---|
107 | /* Uniq = 1: only one connection per user
|
---|
108 | *
|
---|
109 | * Uniq = 2: set (new connected) user only to fake if source
|
---|
110 | * ip is different (e.g. for newcamd clients with
|
---|
111 | * different CAID's -> Ports)
|
---|
112 | *
|
---|
113 | * Uniq = 3: only one connection per user, but only the last
|
---|
114 | * login will survive (old mpcs behavior)
|
---|
115 | *
|
---|
116 | * Uniq = 4: set user only to fake if source ip is
|
---|
117 | * different, but only the last login will survive
|
---|
118 | */
|
---|
119 | struct s_client *cl;
|
---|
120 | struct s_auth *account;
|
---|
121 | cs_writelock(&fakeuser_lock);
|
---|
122 | for(cl = first_client->next; cl; cl = cl->next)
|
---|
123 | {
|
---|
124 | account = cl->account;
|
---|
125 | if(cl != client && cl->typ == 'c' && !cl->dup && account && streq(account->usr, usr)
|
---|
126 | && uniq < 5 && ((uniq % 2) || !IP_EQUAL(cl->ip, ip)))
|
---|
127 | {
|
---|
128 | char buf[20];
|
---|
129 | if(uniq == 3 || uniq == 4)
|
---|
130 | {
|
---|
131 | cl->dup = 1;
|
---|
132 | cl->aureader_list = NULL;
|
---|
133 | cs_strncpy(buf, cs_inet_ntoa(cl->ip), sizeof(buf));
|
---|
134 | cs_log("client(%8lX) duplicate user '%s' from %s (prev %s) set to fake (uniq=%d)",
|
---|
135 | (unsigned long)cl->thread, usr, cs_inet_ntoa(ip), buf, uniq);
|
---|
136 | if(cl->failban & BAN_DUPLICATE)
|
---|
137 | {
|
---|
138 | cs_add_violation(cl, usr);
|
---|
139 | }
|
---|
140 | if(cfg.dropdups)
|
---|
141 | {
|
---|
142 | cs_writeunlock(&fakeuser_lock);
|
---|
143 | cs_sleepms(120); // sleep a bit to prevent against saturation from fast reconnecting clients
|
---|
144 | kill_thread(cl);
|
---|
145 | cs_writelock(&fakeuser_lock);
|
---|
146 | }
|
---|
147 | }
|
---|
148 | else
|
---|
149 | {
|
---|
150 | client->dup = 1;
|
---|
151 | client->aureader_list = NULL;
|
---|
152 | cs_strncpy(buf, cs_inet_ntoa(ip), sizeof(buf));
|
---|
153 | cs_log("client(%8lX) duplicate user '%s' from %s (current %s) set to fake (uniq=%d)",
|
---|
154 | (unsigned long)pthread_self(), usr, cs_inet_ntoa(cl->ip), buf, uniq);
|
---|
155 | if(client->failban & BAN_DUPLICATE)
|
---|
156 | {
|
---|
157 | cs_add_violation_by_ip(ip, get_module(client)->ptab.ports[client->port_idx].s_port, usr);
|
---|
158 | }
|
---|
159 | if(cfg.dropdups)
|
---|
160 | {
|
---|
161 | cs_writeunlock(&fakeuser_lock); // we need to unlock here as cs_disconnect_client kills the current thread!
|
---|
162 | cs_sleepms(120); // sleep a bit to prevent against saturation from fast reconnecting clients
|
---|
163 | cs_disconnect_client(client);
|
---|
164 | cs_writelock(&fakeuser_lock);
|
---|
165 | }
|
---|
166 | break;
|
---|
167 | }
|
---|
168 | }
|
---|
169 | }
|
---|
170 | cs_writeunlock(&fakeuser_lock);
|
---|
171 | }
|
---|
172 |
|
---|
173 | /* Resolves the ip of the hostname of the specified account and saves it in account->dynip.
|
---|
174 | If the hostname is not configured, the ip is set to 0. */
|
---|
175 | static void cs_user_resolve(struct s_auth *account)
|
---|
176 | {
|
---|
177 | if(account->dyndns)
|
---|
178 | {
|
---|
179 | IN_ADDR_T lastip;
|
---|
180 | IP_ASSIGN(lastip, account->dynip);
|
---|
181 | cs_resolve(account->dyndns, &account->dynip, NULL, NULL);
|
---|
182 | if(!IP_EQUAL(lastip, account->dynip))
|
---|
183 | {
|
---|
184 | cs_log("%s: resolved ip=%s", account->dyndns, cs_inet_ntoa(account->dynip));
|
---|
185 | }
|
---|
186 | }
|
---|
187 | else
|
---|
188 | {
|
---|
189 | set_null_ip(&account->dynip);
|
---|
190 | }
|
---|
191 | }
|
---|
192 |
|
---|
193 | /* Returns the username from the client. You will always get a char reference back (no NULLs but it may be string containting "NULL")
|
---|
194 | which you should never modify and not free()! */
|
---|
195 | char *username(struct s_client *client)
|
---|
196 | {
|
---|
197 | if(!check_client(client))
|
---|
198 | { return "NULL"; }
|
---|
199 |
|
---|
200 | if(client->typ == 's' || client->typ == 'h' || client->typ == 'a')
|
---|
201 | {
|
---|
202 | return processUsername ? processUsername : "NULL";
|
---|
203 | }
|
---|
204 |
|
---|
205 | if(client->typ == 'c' || client->typ == 'm')
|
---|
206 | {
|
---|
207 | struct s_auth *acc = client->account;
|
---|
208 | if(acc)
|
---|
209 | {
|
---|
210 | if(acc->usr[0])
|
---|
211 | { return acc->usr; }
|
---|
212 | else
|
---|
213 | { return "anonymous"; }
|
---|
214 | }
|
---|
215 | else
|
---|
216 | {
|
---|
217 | return "NULL";
|
---|
218 | }
|
---|
219 | }
|
---|
220 | else if(client->typ == 'r' || client->typ == 'p')
|
---|
221 | {
|
---|
222 | struct s_reader *rdr = client->reader;
|
---|
223 | if(rdr)
|
---|
224 | { return rdr->label; }
|
---|
225 | }
|
---|
226 | return "NULL";
|
---|
227 | }
|
---|
228 |
|
---|
229 |
|
---|
230 | struct s_client *create_client(IN_ADDR_T ip)
|
---|
231 | {
|
---|
232 | struct s_client *cl;
|
---|
233 | if(!cs_malloc(&cl, sizeof(struct s_client)))
|
---|
234 | {
|
---|
235 | cs_log("max connections reached (out of memory) -> reject client %s", IP_ISSET(ip) ? cs_inet_ntoa(ip) : "with null address");
|
---|
236 | return NULL;
|
---|
237 | }
|
---|
238 | //client part
|
---|
239 | IP_ASSIGN(cl->ip, ip);
|
---|
240 | cl->account = first_client->account;
|
---|
241 | //master part
|
---|
242 | pthread_mutex_init(&cl->thread_lock, NULL);
|
---|
243 | cl->login = cl->last = time(NULL);
|
---|
244 | cl->tid = (uint32_t)(uintptr_t)cl; // Use pointer adress of client as threadid (for monitor and log)
|
---|
245 | //Now add new client to the list:
|
---|
246 | struct s_client *last;
|
---|
247 | cs_writelock(&clientlist_lock);
|
---|
248 | if(sizeof(uintptr_t) > 4) // 64bit systems can have collisions because of the cast so lets check if there are some
|
---|
249 | {
|
---|
250 | int8_t found;
|
---|
251 | do
|
---|
252 | {
|
---|
253 | found = 0;
|
---|
254 | for(last = first_client; last; last = last->next)
|
---|
255 | {
|
---|
256 | if(last->tid == cl->tid)
|
---|
257 | {
|
---|
258 | found = 1;
|
---|
259 | break;
|
---|
260 | }
|
---|
261 | }
|
---|
262 | if(found || cl->tid == 0)
|
---|
263 | {
|
---|
264 | cl->tid = (uint32_t)rand();
|
---|
265 | }
|
---|
266 | }
|
---|
267 | while(found || cl->tid == 0);
|
---|
268 | }
|
---|
269 | for(last = first_client; last && last->next; last = last->next)
|
---|
270 | { ; } //ends with cl on last client
|
---|
271 | if (last)
|
---|
272 | last->next = cl;
|
---|
273 | int32_t bucket = (uintptr_t)cl / 16 % CS_CLIENT_HASHBUCKETS;
|
---|
274 | cl->nexthashed = first_client_hashed[bucket];
|
---|
275 | first_client_hashed[bucket] = cl;
|
---|
276 | cs_writeunlock(&clientlist_lock);
|
---|
277 | return cl;
|
---|
278 | }
|
---|
279 |
|
---|
280 | /* Creates the master client of OSCam and inits some global variables/mutexes. */
|
---|
281 | void init_first_client(void)
|
---|
282 | {
|
---|
283 | // get username OScam is running under
|
---|
284 | struct passwd pwd;
|
---|
285 | struct passwd *pwdbuf;
|
---|
286 | #ifdef __ANDROID__
|
---|
287 | pwdbuf = getpwuid(getuid()); // This is safe
|
---|
288 | if(pwdbuf)
|
---|
289 | {
|
---|
290 | memcpy(&pwd, pwdbuf, sizeof(pwd));
|
---|
291 | processUsername = cs_strdup(pwd.pw_name);
|
---|
292 | }
|
---|
293 | #else
|
---|
294 | char buf[256];
|
---|
295 | if(getpwuid_r(getuid(), &pwd, buf, sizeof(buf), &pwdbuf) == 0)
|
---|
296 | { processUsername = cs_strdup(pwd.pw_name); }
|
---|
297 | #endif
|
---|
298 | if(!cs_malloc(&first_client, sizeof(struct s_client)))
|
---|
299 | {
|
---|
300 | fprintf(stderr, "Could not allocate memory for master client, exiting...");
|
---|
301 | exit(1);
|
---|
302 | }
|
---|
303 | memset(first_client_hashed, 0, sizeof(first_client_hashed));
|
---|
304 | int32_t bucket = (uintptr_t)first_client / 16 % CS_CLIENT_HASHBUCKETS;
|
---|
305 | first_client_hashed[bucket] = first_client;
|
---|
306 |
|
---|
307 | first_client->next = NULL; //terminate clients list with NULL
|
---|
308 | first_client->login = time(NULL);
|
---|
309 | first_client->typ = 's';
|
---|
310 | first_client->thread = pthread_self();
|
---|
311 | set_localhost_ip(&first_client->ip);
|
---|
312 |
|
---|
313 | struct s_auth *null_account;
|
---|
314 | if(!cs_malloc(&null_account, sizeof(struct s_auth)))
|
---|
315 | {
|
---|
316 | fprintf(stderr, "Could not allocate memory for master account, exiting...");
|
---|
317 | exit(1);
|
---|
318 | }
|
---|
319 |
|
---|
320 | first_client->account = null_account;
|
---|
321 | if(pthread_setspecific(getclient, first_client))
|
---|
322 | {
|
---|
323 | fprintf(stderr, "Could not setspecific getclient in master process, exiting...");
|
---|
324 | exit(1);
|
---|
325 | }
|
---|
326 | }
|
---|
327 |
|
---|
328 | int32_t cs_auth_client(struct s_client *client, struct s_auth *account, const char *e_txt)
|
---|
329 | {
|
---|
330 | int32_t rc = 0;
|
---|
331 | unsigned char md5tmp[MD5_DIGEST_LENGTH];
|
---|
332 | char buf[32];
|
---|
333 | char *t_crypt = "encrypted";
|
---|
334 | char *t_plain = "plain";
|
---|
335 | char *t_grant = " granted";
|
---|
336 | char *t_reject = " rejected";
|
---|
337 | char *t_msg[] = { buf, "invalid access", "invalid ip", "unknown reason", "protocol not allowed" };
|
---|
338 | struct s_module *module = get_module(client);
|
---|
339 |
|
---|
340 | memset(&client->grp, 0xff, sizeof(uint64_t));
|
---|
341 | //client->grp=0xffffffffffffff;
|
---|
342 | if((intptr_t)account != 0 && (intptr_t)account != -1 && account->disabled)
|
---|
343 | {
|
---|
344 | cs_add_violation(client, account->usr);
|
---|
345 | cs_log("%s %s-client %s%s (%s%sdisabled account)",
|
---|
346 | client->crypted ? t_crypt : t_plain,
|
---|
347 | module->desc,
|
---|
348 | IP_ISSET(client->ip) ? cs_inet_ntoa(client->ip) : "",
|
---|
349 | IP_ISSET(client->ip) ? t_reject : t_reject + 1,
|
---|
350 | e_txt ? e_txt : "",
|
---|
351 | e_txt ? " " : "");
|
---|
352 | return 1;
|
---|
353 | }
|
---|
354 |
|
---|
355 | // check whether client comes in over allowed protocol
|
---|
356 | if((intptr_t)account != 0 && (intptr_t)account != -1 && (intptr_t)account->allowedprotocols &&
|
---|
357 | (((intptr_t)account->allowedprotocols & module->listenertype) != module->listenertype))
|
---|
358 | {
|
---|
359 | cs_add_violation(client, account->usr);
|
---|
360 | cs_log("%s %s-client %s%s (%s%sprotocol not allowed)",
|
---|
361 | client->crypted ? t_crypt : t_plain,
|
---|
362 | module->desc,
|
---|
363 | IP_ISSET(client->ip) ? cs_inet_ntoa(client->ip) : "",
|
---|
364 | IP_ISSET(client->ip) ? t_reject : t_reject + 1,
|
---|
365 | e_txt ? e_txt : "",
|
---|
366 | e_txt ? " " : "");
|
---|
367 | return 1;
|
---|
368 | }
|
---|
369 |
|
---|
370 | client->account = first_client->account;
|
---|
371 | switch((intptr_t)account)
|
---|
372 | {
|
---|
373 |
|
---|
374 | case 0: // reject access
|
---|
375 | {
|
---|
376 | rc = 1;
|
---|
377 | cs_add_violation(client, NULL);
|
---|
378 | cs_log("%s %s-client %s%s (%s)",
|
---|
379 | client->crypted ? t_crypt : t_plain,
|
---|
380 | module->desc,
|
---|
381 | IP_ISSET(client->ip) ? cs_inet_ntoa(client->ip) : "",
|
---|
382 | IP_ISSET(client->ip) ? t_reject : t_reject + 1,
|
---|
383 | e_txt ? e_txt : t_msg[rc]);
|
---|
384 | break;
|
---|
385 | }
|
---|
386 |
|
---|
387 | default: // grant/check access
|
---|
388 | {
|
---|
389 | if(IP_ISSET(client->ip) && account->dyndns)
|
---|
390 | {
|
---|
391 | if(!IP_EQUAL(client->ip, account->dynip))
|
---|
392 | { cs_user_resolve(account); }
|
---|
393 | if(!IP_EQUAL(client->ip, account->dynip))
|
---|
394 | {
|
---|
395 | cs_add_violation(client, account->usr);
|
---|
396 | rc = 2;
|
---|
397 | }
|
---|
398 | }
|
---|
399 | client->monlvl = account->monlvl;
|
---|
400 | client->account = account;
|
---|
401 | if(!rc)
|
---|
402 | {
|
---|
403 | client->dup = 0;
|
---|
404 | if(client->typ == 'c' || client->typ == 'm')
|
---|
405 | { client->pcrc = crc32(0L, MD5((uchar *)(ESTR(account->pwd)), strlen(ESTR(account->pwd)), md5tmp), MD5_DIGEST_LENGTH); }
|
---|
406 | if(client->typ == 'c')
|
---|
407 | {
|
---|
408 | client->last_caid = NO_CAID_VALUE;
|
---|
409 | client->last_srvid = NO_SRVID_VALUE;
|
---|
410 | client->expirationdate = account->expirationdate;
|
---|
411 | client->disabled = account->disabled;
|
---|
412 | client->allowedtimeframe[0] = account->allowedtimeframe[0];
|
---|
413 | client->allowedtimeframe[1] = account->allowedtimeframe[1];
|
---|
414 | if(account->firstlogin == 0) { account->firstlogin = time((time_t *)0); }
|
---|
415 | client->failban = account->failban;
|
---|
416 | client->c35_suppresscmd08 = account->c35_suppresscmd08;
|
---|
417 | client->ncd_keepalive = account->ncd_keepalive;
|
---|
418 | client->grp = account->grp;
|
---|
419 | client->aureader_list = account->aureader_list;
|
---|
420 | client->autoau = account->autoau;
|
---|
421 | client->tosleep = (60 * account->tosleep);
|
---|
422 | client->c35_sleepsend = account->c35_sleepsend;
|
---|
423 | caidtab_clone(&account->ctab, &client->ctab);
|
---|
424 | if(account->uniq)
|
---|
425 | { cs_fake_client(client, account->usr, account->uniq, client->ip); }
|
---|
426 | client->cltab = account->cltab; // CLASS filter
|
---|
427 | ftab_clone(&account->ftab, &client->ftab); // IDENT filter
|
---|
428 | ftab_clone(&account->fchid, &client->fchid); // CHID filter
|
---|
429 | client->sidtabs.ok = account->sidtabs.ok; // services
|
---|
430 | client->sidtabs.no = account->sidtabs.no; // services
|
---|
431 | tuntab_clone(&account->ttab, &client->ttab);
|
---|
432 | ac_init_client(client, account);
|
---|
433 | }
|
---|
434 | }
|
---|
435 | }
|
---|
436 |
|
---|
437 | case -1: // anonymous grant access
|
---|
438 | {
|
---|
439 | if(rc)
|
---|
440 | {
|
---|
441 | t_grant = t_reject;
|
---|
442 | }
|
---|
443 | else
|
---|
444 | {
|
---|
445 | if(client->typ == 'm')
|
---|
446 | {
|
---|
447 | snprintf(t_msg[0], sizeof(buf), "lvl=%d", client->monlvl);
|
---|
448 | }
|
---|
449 | else
|
---|
450 | {
|
---|
451 | int32_t rcount = ll_count(client->aureader_list);
|
---|
452 | snprintf(buf, sizeof(buf), "au=");
|
---|
453 | if(!rcount)
|
---|
454 | { snprintf(buf + 3, sizeof(buf) - 3, "off"); }
|
---|
455 | else
|
---|
456 | {
|
---|
457 | if(client->autoau)
|
---|
458 | { snprintf(buf + 3, sizeof(buf) - 3, "auto (%d reader)", rcount); }
|
---|
459 | else
|
---|
460 | { snprintf(buf + 3, sizeof(buf) - 3, "on (%d reader)", rcount); }
|
---|
461 | }
|
---|
462 | }
|
---|
463 | }
|
---|
464 | cs_log("%s %s-client %s%s (%s, %s)",
|
---|
465 | client->crypted ? t_crypt : t_plain,
|
---|
466 | e_txt ? e_txt : module->desc,
|
---|
467 | IP_ISSET(client->ip) ? cs_inet_ntoa(client->ip) : "",
|
---|
468 | IP_ISSET(client->ip) ? t_grant : t_grant + 1,
|
---|
469 | username(client), t_msg[rc]);
|
---|
470 | break;
|
---|
471 | }
|
---|
472 | }
|
---|
473 | return rc;
|
---|
474 | }
|
---|
475 |
|
---|
476 | void cs_disconnect_client(struct s_client *client)
|
---|
477 | {
|
---|
478 | char buf[32] = { 0 };
|
---|
479 | if(IP_ISSET(client->ip))
|
---|
480 | { snprintf(buf, sizeof(buf), " from %s", cs_inet_ntoa(client->ip)); }
|
---|
481 | cs_log("%s disconnected%s", username(client), buf);
|
---|
482 | if(client == cur_client())
|
---|
483 | { cs_exit(0); }
|
---|
484 | else
|
---|
485 | { kill_thread(client); }
|
---|
486 | }
|
---|
487 |
|
---|
488 | void kill_all_clients(void)
|
---|
489 | {
|
---|
490 | struct s_client *cl;
|
---|
491 | for(cl = first_client->next; cl; cl = cl->next)
|
---|
492 | {
|
---|
493 | if(cl->typ == 'c' || cl->typ == 'm')
|
---|
494 | {
|
---|
495 | if(cl->account && cl->account->usr)
|
---|
496 | { cs_log("killing client %s", cl->account->usr); }
|
---|
497 | kill_thread(cl);
|
---|
498 | }
|
---|
499 | }
|
---|
500 | NULLFREE(processUsername);
|
---|
501 | }
|
---|
502 |
|
---|
503 | void cs_reinit_clients(struct s_auth *new_accounts)
|
---|
504 | {
|
---|
505 | struct s_auth *account;
|
---|
506 | unsigned char md5tmp[MD5_DIGEST_LENGTH];
|
---|
507 |
|
---|
508 | struct s_client *cl;
|
---|
509 | for(cl = first_client->next; cl; cl = cl->next)
|
---|
510 | {
|
---|
511 | if((cl->typ == 'c' || cl->typ == 'm') && cl->account)
|
---|
512 | {
|
---|
513 | for(account = new_accounts; (account) ; account = account->next)
|
---|
514 | {
|
---|
515 | if(!strcmp(cl->account->usr, account->usr))
|
---|
516 | { break; }
|
---|
517 | }
|
---|
518 | if(account && !account->disabled && cl->pcrc == crc32(0L, MD5((uchar *)ESTR(account->pwd), strlen(ESTR(account->pwd)), md5tmp), MD5_DIGEST_LENGTH))
|
---|
519 | {
|
---|
520 | cl->account = account;
|
---|
521 | if(cl->typ == 'c')
|
---|
522 | {
|
---|
523 | cl->grp = account->grp;
|
---|
524 | cl->aureader_list = account->aureader_list;
|
---|
525 | cl->autoau = account->autoau;
|
---|
526 | cl->expirationdate = account->expirationdate;
|
---|
527 | cl->allowedtimeframe[0] = account->allowedtimeframe[0];
|
---|
528 | cl->allowedtimeframe[1] = account->allowedtimeframe[1];
|
---|
529 | cl->ncd_keepalive = account->ncd_keepalive;
|
---|
530 | cl->c35_suppresscmd08 = account->c35_suppresscmd08;
|
---|
531 | cl->tosleep = (60 * account->tosleep);
|
---|
532 | cl->c35_sleepsend = account->c35_sleepsend;
|
---|
533 | cl->monlvl = account->monlvl;
|
---|
534 | cl->disabled = account->disabled;
|
---|
535 | cl->cltab = account->cltab; // Class
|
---|
536 | // newcamd module doesn't like ident reloading
|
---|
537 | if(!cl->ncd_server)
|
---|
538 | {
|
---|
539 | ftab_clone(&account->ftab, &cl->ftab); // IDENT filter
|
---|
540 | ftab_clone(&account->fchid, &cl->fchid); // CHID filter
|
---|
541 | }
|
---|
542 |
|
---|
543 | cl->sidtabs.ok = account->sidtabs.ok; // services
|
---|
544 | cl->sidtabs.no = account->sidtabs.no; // services
|
---|
545 | cl->failban = account->failban;
|
---|
546 |
|
---|
547 | caidtab_clone(&account->ctab, &cl->ctab);
|
---|
548 |
|
---|
549 | tuntab_clone(&account->ttab, &cl->ttab);
|
---|
550 |
|
---|
551 | webif_client_reset_lastresponsetime(cl);
|
---|
552 | if(account->uniq)
|
---|
553 | { cs_fake_client(cl, account->usr, (account->uniq == 1 || account->uniq == 2) ? account->uniq + 2 : account->uniq, cl->ip); }
|
---|
554 | ac_init_client(cl, account);
|
---|
555 | }
|
---|
556 | }
|
---|
557 | else
|
---|
558 | {
|
---|
559 | if(get_module(cl)->type & MOD_CONN_NET)
|
---|
560 | {
|
---|
561 | cs_log_dbg(D_TRACE, "client '%s', thread=%8lX not found in db (or password changed)", cl->account->usr, (unsigned long)cl->thread);
|
---|
562 | kill_thread(cl);
|
---|
563 | }
|
---|
564 | else
|
---|
565 | {
|
---|
566 | cl->account = first_client->account;
|
---|
567 | }
|
---|
568 | }
|
---|
569 | }
|
---|
570 | else
|
---|
571 | {
|
---|
572 | cl->account = NULL;
|
---|
573 | }
|
---|
574 | }
|
---|
575 | }
|
---|
576 |
|
---|
577 | void client_check_status(struct s_client *cl)
|
---|
578 | {
|
---|
579 | if(!cl || cl->kill || !cl->init_done)
|
---|
580 | { return; }
|
---|
581 | switch(cl->typ)
|
---|
582 | {
|
---|
583 | case 'm':
|
---|
584 | case 'c':
|
---|
585 |
|
---|
586 | //Check umaxidle to avoid client is killed for inactivity, it has priority than cmaxidle
|
---|
587 | if(!cl->account->umaxidle)
|
---|
588 | break;
|
---|
589 |
|
---|
590 | // Check user for exceeding umaxidle by checking cl->last
|
---|
591 | if(!(cl->ncd_keepalive && (get_module(cl)->listenertype & LIS_NEWCAMD)) && cl->account->umaxidle>0 &&
|
---|
592 | cl->last && (time(NULL) - cl->last) > (time_t)cl->account->umaxidle)
|
---|
593 | {
|
---|
594 | add_job(cl, ACTION_CLIENT_IDLE, NULL, 0);
|
---|
595 | }
|
---|
596 |
|
---|
597 | // Check clients for exceeding cmaxidle by checking cl->last
|
---|
598 | if(!(cl->ncd_keepalive && (get_module(cl)->listenertype & LIS_NEWCAMD)) &&
|
---|
599 | cl->last && cl->account->umaxidle==-1 && cfg.cmaxidle && (time(NULL) - cl->last) > (time_t)cfg.cmaxidle)
|
---|
600 | {
|
---|
601 | add_job(cl, ACTION_CLIENT_IDLE, NULL, 0);
|
---|
602 | }
|
---|
603 |
|
---|
604 | break;
|
---|
605 | case 'r':
|
---|
606 | cardreader_checkhealth(cl, cl->reader);
|
---|
607 | break;
|
---|
608 | case 'p':
|
---|
609 | {
|
---|
610 | struct s_reader *rdr = cl->reader;
|
---|
611 | if(!rdr || !rdr->enable || !rdr->active) //reader is disabled or restarting at this moment
|
---|
612 | { break; }
|
---|
613 | // execute reader do idle on proxy reader after a certain time (rdr->tcp_ito = inactivitytimeout)
|
---|
614 | // disconnect when no keepalive available
|
---|
615 | if((rdr->tcp_ito && is_cascading_reader(rdr)) || (rdr->typ == R_CCCAM) || (rdr->typ == R_CAMD35) || (rdr->typ == R_CS378X) || (rdr->typ == R_SCAM) || (rdr->tcp_ito != 0 && rdr->typ == R_RADEGAST))
|
---|
616 | {
|
---|
617 | time_t now = time(NULL);
|
---|
618 | int32_t time_diff = llabs(now - rdr->last_check);
|
---|
619 | if(time_diff > 60 || (time_diff > 30 && (rdr->typ == R_CCCAM || rdr->typ == R_CAMD35 || rdr->typ == R_CS378X)) || ((time_diff > (rdr->tcp_rto?rdr->tcp_rto:60)) && rdr->typ == R_RADEGAST)) //check 1x per minute or every 30s for cccam/camd35 or reconnecttimeout radegast if 0 defaut 60s
|
---|
620 | {
|
---|
621 | add_job(rdr->client, ACTION_READER_IDLE, NULL, 0);
|
---|
622 | rdr->last_check = now;
|
---|
623 | }
|
---|
624 | }
|
---|
625 | break;
|
---|
626 | }
|
---|
627 | }
|
---|
628 | }
|
---|
629 |
|
---|
630 | void free_client(struct s_client *cl)
|
---|
631 | {
|
---|
632 | if(!cl)
|
---|
633 | { return; }
|
---|
634 | struct s_reader *rdr = cl->reader;
|
---|
635 |
|
---|
636 | // Remove client from client list. kill_thread also removes this client, so here just if client exits itself...
|
---|
637 | struct s_client *prev, *cl2;
|
---|
638 | cs_writelock(&clientlist_lock);
|
---|
639 | if(!cl->kill_started)
|
---|
640 | {
|
---|
641 | cl->kill_started = 1;
|
---|
642 | }
|
---|
643 | else
|
---|
644 | {
|
---|
645 | cs_writeunlock(&clientlist_lock);
|
---|
646 | cs_log("[free_client] ERROR: free already started!");
|
---|
647 | return;
|
---|
648 | }
|
---|
649 | cl->kill = 1;
|
---|
650 | for(prev = first_client, cl2 = first_client->next;
|
---|
651 | prev->next != NULL;
|
---|
652 | prev = prev->next, cl2 = cl2->next)
|
---|
653 | {
|
---|
654 | if(cl == cl2)
|
---|
655 | { break; }
|
---|
656 | }
|
---|
657 | if(cl == cl2)
|
---|
658 | { prev->next = cl2->next; } // Remove client from list
|
---|
659 | int32_t bucket = (uintptr_t)cl / 16 % CS_CLIENT_HASHBUCKETS;
|
---|
660 | // Remove client from hashed list
|
---|
661 | if(first_client_hashed[bucket] == cl)
|
---|
662 | {
|
---|
663 | first_client_hashed[bucket] = cl->nexthashed;
|
---|
664 | }
|
---|
665 | else
|
---|
666 | {
|
---|
667 | for(prev = first_client_hashed[bucket], cl2 = first_client_hashed[bucket]->nexthashed;
|
---|
668 | prev->nexthashed != NULL;
|
---|
669 | prev = prev->nexthashed, cl2 = cl2->nexthashed)
|
---|
670 | {
|
---|
671 | if(cl == cl2)
|
---|
672 | { break; }
|
---|
673 | }
|
---|
674 | if(cl == cl2)
|
---|
675 | { prev->nexthashed = cl2->nexthashed; }
|
---|
676 | }
|
---|
677 | cs_writeunlock(&clientlist_lock);
|
---|
678 |
|
---|
679 | cleanup_ecmtasks(cl);
|
---|
680 |
|
---|
681 | // Clean reader. The cleaned structures should be only used by the reader thread, so we should be save without waiting
|
---|
682 | if(rdr)
|
---|
683 | {
|
---|
684 | ll_destroy_data(&rdr->emmstat);
|
---|
685 | remove_reader_from_active(rdr);
|
---|
686 |
|
---|
687 | cs_sleepms(1000); //just wait a bit that really really nobody is accessing client data
|
---|
688 |
|
---|
689 | if(rdr->ph.cleanup)
|
---|
690 | { rdr->ph.cleanup(cl); }
|
---|
691 | if(cl->typ == 'r')
|
---|
692 | { cardreader_close(rdr); }
|
---|
693 | if(cl->typ == 'p')
|
---|
694 | { network_tcp_connection_close(rdr, "cleanup"); }
|
---|
695 | cl->reader = NULL;
|
---|
696 | }
|
---|
697 |
|
---|
698 | // Clean client specific data
|
---|
699 | if(cl->typ == 'c')
|
---|
700 | {
|
---|
701 | cs_statistics(cl);
|
---|
702 | cl->last_caid = NO_CAID_VALUE;
|
---|
703 | cl->last_srvid = NO_SRVID_VALUE;
|
---|
704 | cs_statistics(cl);
|
---|
705 |
|
---|
706 | cs_sleepms(1000); //just wait a bit that really really nobody is accessing client data
|
---|
707 | }
|
---|
708 |
|
---|
709 | struct s_module *module = get_module(cl);
|
---|
710 | if(module->cleanup)
|
---|
711 | { module->cleanup(cl); }
|
---|
712 |
|
---|
713 | // Close network socket if not already cleaned by previous cleanup functions
|
---|
714 | if(cl->pfd)
|
---|
715 | { close(cl->pfd); }
|
---|
716 |
|
---|
717 | // Clean all remaining structures
|
---|
718 | free_joblist(cl);
|
---|
719 | NULLFREE(cl->work_mbuf);
|
---|
720 |
|
---|
721 | if(cl->ecmtask)
|
---|
722 | {
|
---|
723 | add_garbage(cl->ecmtask);
|
---|
724 | cl->ecmtask = NULL;
|
---|
725 | }
|
---|
726 |
|
---|
727 | ll_destroy_data(&cl->cascadeusers);
|
---|
728 |
|
---|
729 | ftab_clear(&cl->ftab);
|
---|
730 | ftab_clear(&cl->fchid);
|
---|
731 | tuntab_clear(&cl->ttab);
|
---|
732 | caidtab_clear(&cl->ctab);
|
---|
733 |
|
---|
734 | NULLFREE(cl->cw_rass);
|
---|
735 | ll_destroy_data(&cl->ra_buf);
|
---|
736 | NULLFREE(cl->aes_keys);
|
---|
737 |
|
---|
738 | #ifdef MODULE_CCCAM
|
---|
739 | add_garbage(cl->cc);
|
---|
740 | #endif
|
---|
741 | #ifdef MODULE_SERIAL
|
---|
742 | add_garbage(cl->serialdata);
|
---|
743 | #endif
|
---|
744 | add_garbage(cl);
|
---|
745 | }
|
---|