1 | #include "globals.h"
|
---|
2 |
|
---|
3 | #define REQ_SIZE 4
|
---|
4 | static uchar camdbug[256]; // camd send wrong order
|
---|
5 | static uchar *req;
|
---|
6 |
|
---|
7 | static int camd33_send(uchar *buf, int ml)
|
---|
8 | {
|
---|
9 | int l;
|
---|
10 | if (!pfd) return(-1);
|
---|
11 | l=boundary(4, ml);
|
---|
12 | memset(buf+ml, 0, l-ml);
|
---|
13 | cs_ddump(buf, l, "send %d bytes to client", l);
|
---|
14 | if (client[cs_idx].crypted)
|
---|
15 | aes_encrypt(buf, l);
|
---|
16 | return(send(pfd, buf, l, 0));
|
---|
17 | }
|
---|
18 |
|
---|
19 | static int camd33_recv(uchar *buf, int l)
|
---|
20 | {
|
---|
21 | int n;
|
---|
22 | if (!pfd) return(-1);
|
---|
23 | if ((n=recv(pfd, buf, l, 0))>0)
|
---|
24 | {
|
---|
25 | client[cs_idx].last=time((time_t *) 0);
|
---|
26 | if (client[cs_idx].crypted)
|
---|
27 | aes_decrypt(buf, n);
|
---|
28 | }
|
---|
29 | cs_ddump(buf, n, "received %d bytes from client", n);
|
---|
30 | return(n);
|
---|
31 | }
|
---|
32 |
|
---|
33 | static void camd33_request_emm()
|
---|
34 | {
|
---|
35 | int au;
|
---|
36 | au=client[cs_idx].au;
|
---|
37 | if ((au<0) || (au>CS_MAXREADER)) return; // TODO
|
---|
38 | if (reader[au].hexserial[0])
|
---|
39 | {
|
---|
40 | log_emm_request(au);
|
---|
41 | mbuf[0]=0;
|
---|
42 | mbuf[1]=reader[au].caid[0]>>8;
|
---|
43 | mbuf[2]=reader[au].caid[0]&0xff;
|
---|
44 | memcpy(mbuf+3, reader[au].hexserial, 4);
|
---|
45 | memcpy(mbuf+7, &reader[au].prid[0][1], 3);
|
---|
46 | memcpy(mbuf+10, &reader[au].prid[2][1], 3);
|
---|
47 | camd33_send(mbuf, 13);
|
---|
48 | }
|
---|
49 | }
|
---|
50 |
|
---|
51 | static int camd33_auth_client(in_addr_t ip)
|
---|
52 | {
|
---|
53 | int i, rc;
|
---|
54 | uchar *usr=NULL, *pwd=NULL;
|
---|
55 | struct s_auth *account;
|
---|
56 |
|
---|
57 | if (client[cs_idx].crypted=cfg->c33_crypted)
|
---|
58 | {
|
---|
59 | struct s_ip *p_ip;
|
---|
60 | for (p_ip=cfg->c33_plain; (p_ip) && (client[cs_idx].crypted); p_ip=p_ip->next)
|
---|
61 | if ((client[cs_idx].ip>=p_ip->ip[0]) && (client[cs_idx].ip<=p_ip->ip[1]))
|
---|
62 | client[cs_idx].crypted=0;
|
---|
63 | }
|
---|
64 | if (client[cs_idx].crypted)
|
---|
65 | aes_set_key((char *) cfg->c33_key);
|
---|
66 |
|
---|
67 | mbuf[0]=0;
|
---|
68 | camd33_send(mbuf, 1); // send login-request
|
---|
69 |
|
---|
70 | for (rc=0, camdbug[0]=0, mbuf[0]=1; (rc<2) && (mbuf[0]); rc++)
|
---|
71 | {
|
---|
72 | i=process_input(mbuf, sizeof(mbuf), 1);
|
---|
73 | if ((i>0) && (!mbuf[0]))
|
---|
74 | {
|
---|
75 | usr=mbuf+1;
|
---|
76 | pwd=usr+strlen((char *)usr)+2;
|
---|
77 | }
|
---|
78 | else
|
---|
79 | memcpy(camdbug+1, mbuf, camdbug[0]=i);
|
---|
80 | }
|
---|
81 | for (rc=-1, account=cfg->account; (usr) && (account) && (rc<0); account=account->next)
|
---|
82 | if ((!strcmp((char *)usr, account->usr)) && (!strcmp((char *)pwd, account->pwd)))
|
---|
83 | rc=cs_auth_client(account, NULL);
|
---|
84 | if (!rc)
|
---|
85 | camd33_request_emm();
|
---|
86 | else
|
---|
87 | {
|
---|
88 | if (rc<0) cs_auth_client(0, usr ? "invalid account" : "no user given");
|
---|
89 | cs_exit(0);
|
---|
90 | }
|
---|
91 | }
|
---|
92 |
|
---|
93 | static int get_request(uchar *buf, int n)
|
---|
94 | {
|
---|
95 | int rc, w;
|
---|
96 |
|
---|
97 | if (camdbug[0])
|
---|
98 | {
|
---|
99 | memcpy(buf, camdbug+1, rc=camdbug[0]);
|
---|
100 | camdbug[0]=0;
|
---|
101 | return(rc);
|
---|
102 | }
|
---|
103 | for (rc=w=0; !rc;)
|
---|
104 | {
|
---|
105 | switch (rc=process_input(buf, 16, (w) ? cfg->ctimeout : cfg->cmaxidle))
|
---|
106 | {
|
---|
107 | case -9:
|
---|
108 | rc=0;
|
---|
109 | case 0:
|
---|
110 | if ((w) || cfg->c33_passive)
|
---|
111 | rc=-1;
|
---|
112 | else
|
---|
113 | {
|
---|
114 | buf[0]=0;
|
---|
115 | camd33_send(buf, 1);
|
---|
116 | w++;
|
---|
117 | }
|
---|
118 | case -1:
|
---|
119 | break;
|
---|
120 | default:
|
---|
121 | if (!memcmp(buf+1, client[cs_idx].usr, strlen(client[cs_idx].usr)))
|
---|
122 | {
|
---|
123 | cs_log("%s still alive", cs_inet_ntoa(client[cs_idx].ip));
|
---|
124 | rc=w=0;
|
---|
125 | }
|
---|
126 | else
|
---|
127 | {
|
---|
128 | switch (buf[0])
|
---|
129 | {
|
---|
130 | case 2:
|
---|
131 | case 3: w=boundary(4, buf[9]+10); break;
|
---|
132 | default: w=n; // garbage ?
|
---|
133 | }
|
---|
134 | w=process_input(buf+16, w-16, 0);
|
---|
135 | if (w>0) rc+=w;
|
---|
136 | }
|
---|
137 | }
|
---|
138 | }
|
---|
139 | if (rc<0) rc=0;
|
---|
140 | return(rc);
|
---|
141 | }
|
---|
142 |
|
---|
143 | static void camd33_send_dcw(ECM_REQUEST *er)
|
---|
144 | {
|
---|
145 | mbuf[0]=2;
|
---|
146 | memcpy(mbuf+1, req+(er->cpti*REQ_SIZE), 4); // get pin
|
---|
147 | memcpy(mbuf+5, er->cw, 16);
|
---|
148 | camd33_send(mbuf, 21);
|
---|
149 | if (!cfg->c33_passive)
|
---|
150 | camd33_request_emm();
|
---|
151 | }
|
---|
152 |
|
---|
153 | static void camd33_process_ecm(uchar *buf, int l)
|
---|
154 | {
|
---|
155 | ECM_REQUEST *er;
|
---|
156 | if (!(er=get_ecmtask()))
|
---|
157 | return;
|
---|
158 | memcpy(req+(er->cpti*REQ_SIZE), buf+3, 4); // save pin
|
---|
159 | er->l=l-7;
|
---|
160 | er->caid=b2i(2, buf+1);
|
---|
161 | memcpy(er->ecm , buf+7, er->l);
|
---|
162 | get_cw(er);
|
---|
163 | }
|
---|
164 |
|
---|
165 | static void camd33_process_emm(uchar *buf, int l)
|
---|
166 | {
|
---|
167 | memset(&epg, 0, sizeof(epg));
|
---|
168 | epg.l=l-7;
|
---|
169 | memcpy(epg.caid , buf+1, 2);
|
---|
170 | memcpy(epg.hexserial, buf+3, 4);
|
---|
171 | memcpy(epg.emm , buf+7, epg.l);
|
---|
172 | do_emm(&epg);
|
---|
173 | }
|
---|
174 |
|
---|
175 | static void camd33_server()
|
---|
176 | {
|
---|
177 | int n;
|
---|
178 |
|
---|
179 | req=(uchar *)malloc(CS_MAXPENDING*REQ_SIZE);
|
---|
180 | if (!req)
|
---|
181 | {
|
---|
182 | cs_log("Cannot allocate memory (errno=%d)", errno);
|
---|
183 | cs_exit(1);
|
---|
184 | }
|
---|
185 | memset(req, 0, CS_MAXPENDING*REQ_SIZE);
|
---|
186 |
|
---|
187 | camd33_auth_client(client[cs_idx].ip);
|
---|
188 |
|
---|
189 | while ((n=get_request(mbuf, sizeof(mbuf)))>0)
|
---|
190 | {
|
---|
191 | switch(mbuf[0])
|
---|
192 | {
|
---|
193 | case 2:
|
---|
194 | camd33_process_ecm(mbuf, n);
|
---|
195 | break;
|
---|
196 | case 3:
|
---|
197 | camd33_process_emm(mbuf, n);
|
---|
198 | break;
|
---|
199 | default:
|
---|
200 | cs_debug("unknown command !");
|
---|
201 | }
|
---|
202 | }
|
---|
203 | cs_disconnect_client();
|
---|
204 | }
|
---|
205 |
|
---|
206 | void module_camd33(struct s_module *ph)
|
---|
207 | {
|
---|
208 | static PTAB ptab;
|
---|
209 | ptab.ports[0].s_port = cfg->c33_port;
|
---|
210 | ph->ptab = &ptab;
|
---|
211 | ph->ptab->nports = 1;
|
---|
212 |
|
---|
213 | strcpy(ph->desc, "camd 3.3x");
|
---|
214 | ph->type=MOD_CONN_TCP;
|
---|
215 | ph->logtxt=cfg->c33_crypted ? ", crypted" : ", UNCRYPTED!";
|
---|
216 | ph->multi=1;
|
---|
217 | ph->watchdog=1;
|
---|
218 | ph->s_ip=cfg->c33_srvip;
|
---|
219 | ph->s_handler=camd33_server;
|
---|
220 | ph->recv=camd33_recv;
|
---|
221 | ph->send_dcw=camd33_send_dcw;
|
---|
222 | }
|
---|