OSCam Güncel Latest Oscam with emu

[kingsman]

oscam-git11926-802

fix: security crash guard
- Harden DVBAPI filter handling: require a valid curpid before touching ECM fields and abort section-filter setup when the demux PID lookup fails, preventing null-pointer crashes.
- WebIF robustness sweep: gate every popen/fopen/access use and preserve pointer assignments so the UI now reports missing scripts/files instead of dereferencing null handles.
- Reader safety: add missing allocation checks in Conax/DRE code paths and keep Nagra readers’ csystem_data alive after failed init to avoid double-free crashes.
- Crash/diagnostics fixes: protect cs_dumpstack()/detect_valgrind() against failed file opens and clamp the CoolAPI status lookup to stay inside the cnxt_status[] table.

thx to @lpm11

cleanup deadcode clocktypes
* Remove librt dependency
clock_gettime no longer used after cleanup deadcode clocktypes patch.
CLOCKFIX now only uses gettimeofday() which doesn't require librt.
* cleanup deadcode clocktypes

thx to @lpm11

Remove dead code, simplify functions, drop libm dependency
- eliminate dead code: ifd_azbox.c while(ret), ifd_sci.c sh4_stb,
reader-dre-st20.c verbose, module-cccam.c is_dcw_corrupted
- remove constant parameters: chk_is_null_nodeid len (always 8),
CAK7do_cmd len (always 0x10)
- simplify: NULLFREE macro (free(NULL) is safe), cs_strlen,
tolower/toupper without isupper/islower check, ifd_stinger.c
mhz assignment, ifd_sci.c tries++ refactoring
- use MIN/MAX macros in module-cccam.c rating clamping
- refactor reader-conax.c CWPK_CNX with memcpy
- replace fmod with pure C in reader-nagracak7.c, drop libm dependency
- Makefile/CMakeLists.txt: remove libm, keep $(LIB_PTHREAD),
$(LIB_DL), $(LIB_RT) variables for toolchain flexibility

thx to @lpm11

 

[kingsman]

oscam-git11927-802

cleanup nagra-merlin code
- Flatten the IRDINFO parser to compute expire_date once and set card_valid_to where applicable, eliminating redundant cs_add_entitlement()/addProvider() calls.
- Reuse a single IDEA_KEY_SCHEDULE and drop redundant zeroing of MDC2 buffers since the crypto routines already overwrite them.
- Replace the generic xxxor() helper with a dedicated xor8() to reflect the only actual usage and tighten the CAK7 key builders.

thx to @lpm11

 

[kingsman]

oscam-git11929-802

cleanup reader macros
* Fix cak7_mode guard mismatch
- cak7_mode: used by both READER_NAGRA and READER_NAGRA_MERLIN
- cak7type: used only by READER_NAGRA_MERLIN
Separate guards save 1 byte in READER_NAGRA-only builds and
ensure no unused struct members exist in any build configuration.
* cleanup reader macros
- Gate struct s_reader members, WebIF fields, and config tokens behind precise reader macros so builds exclude Videoguard/Nagra/Viaccess-only data when those modules aren’t compiled.
- Wrap AES-key helpers, reader option handlers, and Nagra/Videoguard EMM logic in the same feature flags to keep unused code out of minimal builds.
- Ensure Merlin-only arrays and filters, GPIO/ATR settings, and sendcmd handling compile only with the relevant reader backends.

thx @lpm11

fix build without READER_NAGRA_MERLIN
The cak7type member is only defined in struct s_reader when
READER_NAGRA_MERLIN is enabled. Wrap all cak7type references
in icc_async.c and reader-nagra-common.c with the same ifdef
guard to fix compilation errors when building without
READER_NAGRA_MERLIN support.

The reader-nagra-common.c functions are shared between both
READER_NAGRA and READER_NAGRA_MERLIN. The else block (standard
NAGRA code) is always compiled and used by READER_NAGRA, while
the cak7type checks are only needed for READER_NAGRA_MERLIN.

Fixes:
error: 'struct s_reader' has no member named 'cak7type'

 

[kingsman]

oscam-git11930-802

reader-nagra: change cak7_mode guard to READER_NAGRA_MERLIN only
cak7_mode is a Nagra Merlin specific setting that is only meaningful
when READER_NAGRA_MERLIN is compiled. When only READER_NAGRA is enabled,
cak7_mode can never be set to 1, making the check in reader-nagra.c
pointless.

Changes:
- globals.h: Change guard from (READER_NAGRA || READER_NAGRA_MERLIN) to
READER_NAGRA_MERLIN only, consolidate three consecutive MERLIN blocks
- reader-nagra.c: Add inline #ifdef guard around cak7_mode check in
seca/nagra tunneled card detection
- oscam-config-reader.c: Move cak7_mode into existing READER_NAGRA_MERLIN
block with other Merlin options

 

[kingsman]

oscam-git11932-802

reader-nagra/irdeto: change force_irdeto guard to READER_IRDETO only
force_irdeto forces a card to use the Irdeto reader instead of Nagra.
In reader-nagra.c it causes the reader to reject the card so the
Irdeto reader can handle it. This only makes sense when READER_IRDETO
is compiled - otherwise there's no Irdeto reader to take over.

Changes:
- globals.h: Change guard from (READER_NAGRA || READER_IRDETO) to
READER_IRDETO only
- oscam-config-reader.c: Change guard to READER_IRDETO only
- module-webif.c: Change guard to READER_IRDETO only
- reader-nagra.c: Add READER_IRDETO guard around force_irdeto check

build: fix is_defined.txt generation for proper webif template filtering
The is_defined.txt file is used by pages_gen to filter templates based on enabled config options. Previously, this file was only created when explicitly calling config.sh with --enable/--disable/--restore, but not during normal builds.

The "webif clean" added in 96debcd7 ("Fix webif compression parameter") ensured pages.c was always rebuilt, but also deleted is_defined.txt which broke the filtering mechanism.

Changes:
- Call write_enabled() in make_config_mak() to ensure is_defined.txt is generated on every build
- Remove redundant "webif clean" from Makefile and CMakeLists.txt (write_enabled already deletes pages.c when needed)
- Add config.h dependency to pages.c target to trigger rebuild when config options change

This ensures proper filtering works for:
- Fresh checkouts with default config
- Builds after direct config.h modifications
- Builds after config.sh --enable/--disable changes

 

[kingsman]

oscam-git11933-802

webif: embedded wiki help system
Features
* Offline Help: All parameter descriptions are available directly in the binary
* Clickable Parameters: A click on the parameter name opens the help popup
* Draggable Popup: The popup can be freely moved (also via touch on mobile devices)
* Resizable: Size can be adjusted
* Position Remembered: The horizontal position and size are stored in the browser
* Reset Button: Reset to default position and size
* Wiki Link: The title in the popup is a link to the online wiki for more details
* Directly from OSCam Wiki: Parameters dynamically extracted from wiki pages during the build process
* Automatic Updates: Any changes to the wiki pages are automatically integrated into the binary on the next build
* LZO Compression: Wiki data is compressed like WebIF pages (~64% smaller), controlled via WITH_COMPRESS_WEBIF or USE_COMPRESS
* Smart Filtering: Only help texts for actually compiled modules are included in the binary (based on is_defined.txt)

Advantages
* Available Offline - no internet connection needed - perfect for isolated networks
* Fast - instant display without network latency
* Always Up-to-date - wiki content matches exactly the binary version
* User-friendly - help right where you need it
* Touch Support - also works on tablets and smartphones
* No Tracking - the wiki web server sees no requests from your device

Disadvantages
* Larger Binary - approx. 76 KB with LZO compression, or ~45 KB with UPX binary compression
* More RAM - wiki data is kept in memory
* Build Dependency - wiki markdown files must be present during build

The build process:
- New build option WEBIF_WIKI (default=off)
- Git submodule is automatically initialized and updated
- wiki_gen.c parses all markdown files in the wiki/ folder
- Generates pages_wiki.c and pages_wiki.h with all parameter descriptions
- Compiles everything into the final binary

Technical details
- Position Storage: Browser localStorage (wikiPopupLeft, wikiPopupWidth, wikiPopupHeight)
- API Endpoint: /wiki.json?config=conf&param=serverip
- Generation: wiki_gen.c parses the markdown files and generates pages_wiki.c
- Compression: Controlled via WITH_COMPRESS_WEBIF (same as WebIF pages). Automatically disabled when using USE_COMPRESS=1 (UPX binary compression) - UPX compresses the entire binary more efficiently, making internal LZO compression redundant.

 

[kingsman]

oscam-git11934-802

submodule: rework submodule support
- Add --submodule <name> option to config.sh for unified submodule handling
- Automatically detects git repo vs tarball: uses 'git submodule update' in
git repos, falls back to 'git clone --depth 1' for source downloads
- Reads submodule URL from .gitmodules
- Use --remote flag only when branch is defined in .gitmodules (respect pinning)
- Simplify Makefile and CMakeLists.txt submodule handling to single call
- Make submodule init conditional on WEBIF_WIKI
- Remove duplicate GEN output from wiki_gen.c

 

[kingsman]

oscam-git11936-802

webif: add BOTTOM navigation link
- css.css: add BOTTOM navigation link and adjust TOP link position
- Both links positioned on the right side (right:10px)
- TOP link: bottom-right in footer
- BOTTOM link: top-right in menu area
- Arrow symbols after text for both links

- menu.html: add BOTTOM link element with class "bottom_link"
- Link anchors to #statusfooter for navigation to page footer

webif: fix BOTTOM navigation link
* define bottom_link as a html div container like top_link

 

[kingsman]

oscam-git11937-802

webif: fix PCSC devices not shown on scanusb.html
The write_enabled() function generates is_defined.txt which pages_gen
uses to filter templates based on enabled config options. However, it
only wrote config.h defines and missed USE_FLAG based card readers.

CARDREADER_PCSC is controlled via USE_PCSC flag passed at build time,
not a config.h define. Since it was never written to is_defined.txt,
pages_gen filtered out scanusb_pcscbit.html template, causing PCSC
devices to not appear on scanusb.html.

Fixes regression introduced in 5b7ec3c9 (11932).

 

[kingsman]

oscam-git11938-802

webif: add missing wiki link for ACoSC max_ecms_per_minute

 

[kingsman]

oscam-git11939-802

pipeline: add check for wiki documentation of config parameters - [ci skip]
- Add new helper 'check-wiki-documentation' in oscam-helper.yml
- Checks if all DEF_OPT_* parameters are documented in wiki
- Maps config files to wiki files:
- oscam-config-global.c -> oscam.conf.md
- oscam-config-account.c -> oscam.user.md
- oscam-config-reader.c -> oscam.server.md
- Colored output matching existing CI style
- Add new job 'wiki-check' in oscam-ci.yml
- Runs in stage 'fixup' after code-cleanup
- Triggers on merge_request_event and schedule
- allow_failure: true (warning only)

dvbapi: remove obsolete dvbapi config options
Remove deprecated [dvbapi] section options that have been obsolete for over 10 years:
- priority
- ignore
- cw_delay

These options were migrated to oscam.dvbapi file long ago.
Remove dvbapi_caidtab_fn() function and related extern declaration
as they are no longer needed.

Users with ancient configs will now see "unknown setting" warnings,
prompting them to migrate to oscam.dvbapi.

 

[kingsman]

oscam-git11940-802

reader: add maxparallel feature to limit simultaneous services per reader
This feature allows limiting the number of services that can use a reader
simultaneously, essential for card readers with slot restrictions.

=== NEW CONFIGURATION OPTIONS ===

maxparallel (default: 0 = unlimited)
Maximum number of active services per reader. When reached, the reader
is skipped and other readers are tried (fallover).

paralleltimeout (default: 1000 ms)
Buffer added to the measured ECM interval for slot expiration.
A slot expires when no ECM is received within (measured_interval + timeout).

parallelfactor (default: 1.5)
Multiplier for pending slots to support zapping without blackscreen.
Set to 0 to disable pending slots (strict maxparallel enforcement).

=== ARCHITECTURE ===

Dual-slot system with active and pending services:

- Active slots (size: maxparallel)
Confirmed services actively receiving CWs from this reader.

- Pending slots (size: maxparallel * parallelfactor)
Temporary overflow during channel zapping. Pending services are
promoted to active when slots free up (FIFO), or dropped when
active services need the capacity.

Slot reservation timing:
Slots are reserved when a reader DELIVERS a CW, not when the request
is sent. This prevents readers from blocking capacity for services
they don't end up serving when multiple readers are queried in parallel.

=== BLOCKLIST FOR CLEAN FALLOVER ===

When a pending service is dropped, the client+service combination is
added to a per-reader blocklist. This causes:

- Subsequent ECM requests for blocked combinations to skip this reader
- Clean fallover to other readers without repeated drop cycles
- No log spam from services repeatedly going to pending and getting dropped

Blocklist lifecycle:
- Added: when service is dropped from pending
- Removed: when client zaps to a different service
- Cleared: when an active slot becomes free

=== TYPICAL USE CASE ===

- Reader 1: maxparallel=1 (card allows only 1 service)
- Receiver records Service A on Reader 1, user zaps to Service B
- Service B goes to pending slot (no blackscreen during zap)
- Service A sends ECM -> Service B dropped from pending
- Service B blocklisted on Reader 1 -> falls over to Reader 2
- User stops Service B -> block cleared, Reader 1 available again

 

[Haitham]

thanks bro

 

[kingsman]

oscam-git11942-802

streamrelay: fix fallback host comparison and resource leaks
- Fix fallback host comparison using streq() instead of pointer comparison
- Fix socket leaks in connect_to_stream() on setsockopt/connect failures
- Add safety checks for glistenfd before close operations
- Fix remove_newline_chars() to also handle carriage returns
- NULL key pointers after dvbcsa_bs_key_free() to prevent double-free
- Rework stream_server() using do-while(0) pattern for cleaner error handling
- Some code formatting according to CODING.RULES.txt

webif: fix entitlements display for cccam
Separate card sorting functions from cccshare module to allow
cccam clients to view received entitlements in webif even when
MODULE_CCCSHARE is disabled.

This fixes a design issue where MODULE_CCCSHARE controlled both
share functionality (server-side) and entitlements display (client-side),
preventing pure cccam clients from seeing their entitlements.

 

[kingsman]

oscam-git11943-802

dvbapi: use SERVICE_TYPE_MASK descriptor to fix CW delivery for shared services
When stream_write_cw() successfully delivers a CW to a stream client,
it returns true and prevents the same CW from being written via the
CA device (ioctl/netsend). This exclusive routing causes a CW gap
on demuxers that require CA device delivery until the next cw cycle,
because stream_write_cw() consumes the CW before the stream client
has fully disconnected.

Parse the SERVICE_TYPE_MASK descriptor (0x85) from the CA PMT to identify whether a demux serves a stream client (type 7/8) or requires
direct CA device or netsend descrambling. For demuxers that require CA device or netsend delivery, always write the CW via dvbapi_write_cw
regardless of whether stream_write_cw() consumed it. For stream-only demuxers and clients that don't send descriptor 0x85, preserve the
original exclusive behavior.

 

[kingsman]

oscam-git11945-802

dvbapi: suppress pmt mode 6 connection retry log spam
Log the connection attempt and error only once, then silently retry every second until the CA PMT server becomes available.

warnings: fix C23 and glibc-2.43 -Wdiscarded-qualifiers warnings
For ISO C23, the function strstr that return pointers into their input arrays now have definitions as macros that return a pointer to a const-qualified type when the input argument is a pointer to a const-qualified type.

 

[kingsman]

oscam-git11946-802

signing: fix build with OpenSSL 4

 

[kingsman]

oscam-git11949-802

webif: remove poll from request read loop
Simplify WebIf request handling by relying on check_request() to detect complete HTTP headers and request bodies instead of polling the socket between reads.

This removes the extra poll-based wait path while preserving correct handling for fragmented GET and POST requests.

thx to @lpm11

Extend service and group handling to 128 entries and harden related limits
Add platform-aware 128-bit group and service support for builds with __int128, while preserving correct 64-bit fallback behavior.

- introduce group_t and GROUP_BITS so group and sidtab bitmasks scale to 128 entries where supported
- enforce MAX_SIDBITS consistently across parsing, runtime checks, and WebIF handling
- fix off-by-one, buffer sizing, and numbering issues in group and service serialization
- improve validation, truncation handling, and warning messages for invalid or oversized group/service definitions
- add and document the httpmaxrequestsize config option, and make WebIF request parsing enforce the configured limit
- add clearer startup diagnostics for effective group/service capacity and ABI details
- update WebIF limits and documentation to reflect build-dependent 64 or 128 entry support

chore: align README with markdown rules

 

[kingsman]

oscam-git11950-802

* chore: remove 64 services/groups startup warning

 

[kingsman]

oscam-git11953-802

net: remove obsolete gethostbyname resolver and use getaddrinfo exclusively
gethostbyname() is not thread-safe and has been marked obsolescent by
POSIX. Newer glibc versions could emit a linker warning for any binary
referencing this symbol, even if the code path is gated behind a
runtime config option.

The modern replacement getaddrinfo() was already fully implemented as
the default resolver (resolvegethostbyname=0). This removes the legacy
gethostbyname() fallback path along with:

- the resolvegethostbyname config option (oscam.conf [global])
- the Resolver dropdown from the webinterface
- the gethostbyname_lock mutex (no longer needed since getaddrinfo
is thread-safe)

cmake: switch library detection from auto-detect to opt-in
* cmake: declare STATIC_* and LIBCRYPTO_LIB/SSL_LIB as cache variables

When a user passes -DSTATIC_PCSC=0 while HAVE_PCSC is also 0 (or
vice-versa for libcrypto/libssl/libusb/libdvbcsa), cmake prints:

CMake Warning:
Manually-specified variables were not used by the project:
STATIC_PCSC

The warning is harmless but confusing: the STATIC_* flag is only
read inside if (HAVE_*) blocks, so when the feature is disabled
the -D value is indeed unreferenced.

Declare the flags via option() (and LIBCRYPTO_LIB/SSL_LIB via
set(... CACHE STRING ...)) at the top of the file so cmake
considers them known even when the feature guard is inactive.
Placed before system detection so they don't override the
macOS-specific set(STATIC_LIBUSB True).

* cmake: add LIBCRYPTO_LIB and SSL_LIB overrides for Makefile parity

The Makefile allows passing a full library path to override the
default detection:

make USE_LIBCRYPTO=1 LIBCRYPTO_LIB=/usr/lib/libcrypto.a
make USE_SSL=1 SSL_LIB=/usr/lib/libssl.a

Mirror this in cmake by honouring LIBCRYPTO_LIB and SSL_LIB when
set. The supplied path is used as-is for OPENSSL_CRYPTO_LIBRARIES
and OPENSSL_SSL_LIBRARIES, bypassing the static auto-detection.

Both static and dynamic archives work. Existing flags
(STATIC_LIBCRYPTO, STATIC_SSL, OPENSSL_*_LIBRARY) keep working.

* cmake: simplify libusb and libdvbcsa status summary

Apply the same pattern used for PCSC to libusb and libdvbcsa:
report the final resolved link mode instead of mixing request
flags with result flags.

LIBUSBDIR/LIBDVBCSADIR -> custom location selected
STATICLIBUSB/STATICLIBDVBCSA -> static linking was selected

Removes the redundant "You selected to enable static" messages
(the result message already covers that case) and the duplicate
LIBUSBDIR branches.

* cmake: simplify PCSC status summary

Restructure the PCSC summary block to describe the final resolved
link mode instead of mixing request flags with result flags:

PCSCDIR -> user selected a custom PCSC location
STATICPCSC -> static linking was actually selected

STATIC_PCSC (user request) and STATICPCSC (actual result) are not
always the same, e.g. when libpcsclite.a cannot be found despite
STATIC_PCSC=1. Using only STATICPCSC in the summary keeps the
status message aligned with the real build result.

* cmake: add static libcrypto and libssl support

Add STATIC_LIBCRYPTO and STATIC_SSL flags to independently control
static linking of libcrypto and libssl, matching the Makefile where
LIBCRYPTO_LIB and SSL_LIB can be set to .a paths separately.

When either flag is set, OPENSSL_USE_STATIC_LIBS is enabled for
find_package(OpenSSL), then find_library locates the static archives
relative to the OpenSSL include directory. The native CMake variables
OPENSSL_CRYPTO_LIBRARY and OPENSSL_SSL_LIBRARY can also be used to
pass explicit paths directly.

Usage:
cmake -DHAVE_LIBCRYPTO=1 -DSTATIC_LIBCRYPTO=1 ..
cmake -DHAVE_LIBCRYPTO=1 -DSTATIC_SSL=1 ..
cmake -DHAVE_LIBCRYPTO=1 -DSTATIC_LIBCRYPTO=1 -DSTATIC_SSL=1 ..
cmake -DHAVE_LIBCRYPTO=1 -DOPENSSL_CRYPTO_LIBRARY=/pfad/libcrypto.a ..

* cmake: add static PCSC and custom PCSCDIR support

Add PCSCDIR and STATIC_PCSC support for PCSC linking, bringing it
on par with libusb (LIBUSBDIR/STATIC_LIBUSB) and libdvbcsa
(LIBDVBCSADIR). Previously cmake could only link PCSC dynamically
with the bare -lpcsclite flag.

PCSCDIR uses find_library with IMPORTED targets for both static
and dynamic linking. Without PCSCDIR, -DSTATIC_PCSC=1 searches
the system for libpcsclite.a and falls back to dynamic if not found.

Usage:
cmake -DHAVE_PCSC=1 ..
cmake -DHAVE_PCSC=1 -DSTATIC_PCSC=1 ..
cmake -DHAVE_PCSC=1 -DPCSCDIR=/opt/pcsc ..
cmake -DHAVE_PCSC=1 -DPCSCDIR=/opt/pcsc -DSTATIC_PCSC=1 ..

* cmake: switch library detection from auto-detect to opt-in

Libraries like pcsclite, libusb and OpenSSL were auto-detected via
check_include_file, causing unwanted dynamic linking when the toolchain
sysroot contained these libraries. This changes cmake to match the
Makefile behavior where libraries must be explicitly requested.

Use -DHAVE_PCSC=1, -DHAVE_LIBUSB=1 or -DHAVE_LIBCRYPTO=1 to enable.
OpenSSL/libcrypto is auto-enabled when WITH_SSL is active in config.

Wrap the static library link step in --start-group/--end-group
(GNU ld) to resolve circular dependencies between csoscam, csmodules
and csreaders. Since 28f2598b (cleanup reader macros) the
READER_VIACCESS ifdef in oscam-aes.c caused oscam-aes.o to not be
pulled from libcsoscam.a when READER_VIACCESS was disabled, leaving
aes_encrypt_idx/aes_decrypt/aes_set_key_alloc unresolved for modules
like camd35 and camd33. Simple reordering is not possible since
csoscam and csmodules have mutual dependencies. macOS is excluded
as Apple ld rescans archives automatically.

build: isolate test build artifacts into a separate directory