Posts by fairbird

- Update free server from 0 to 8
- dvbapi: suppress pmt mode 6 connection retry log spam
Log the connection attempt and error only once, then silently retry every second until the CA PMT server becomes available.
cherry-picked > https://git.streamboard.tv/common/oscam/-/commit/26f83abe88f4319982828cded32f22c05dd543a8
- warnings: fix C23 and glibc-2.43 -Wdiscarded-qualifiers warnings
For ISO C23, the function strstr that return pointers into their input
arrays now have definitions as macros that return a pointer to a
const-qualified type when the input argument is a pointer to a const-qualified
type.
https://lists.gnu.org/archive/html/info-gnu/2026-01/msg00005.html
Co-authored-by: default avatarRudi Heitbaum <rudi@heitbaum.com>
cherry-picked > https://git.streamboard.tv/common/oscam/-/commit/6c8324e0518ad2c145b3fe3778f5259dc5c5520d
- cleanup reader macros Separate guards save 1 byte in READER_NAGRA-only builds and ensure no unused struct members exist in any build configuration.
* cleanup reader macros
- Gate struct s_reader members, WebIF fields, and config tokens behind precise reader macros so builds exclude Videoguard/Nagra/Viaccess-only data when those modules aren’t compiled.
- Wrap AES-key helpers, reader option handlers, and Nagra/Videoguard EMM logic in the same feature flags to keep unused code out of minimal builds.
- Ensure Merlin-only arrays and filters, GPIO/ATR settings, and sendcmd handling compile only with the relevant reader backends.
thx @lpm11
Co-authored-by: default avatarWXbet <4-WXbet@users.noreply.git.streamboard.tv>
cherry-pick > https://git.streamboard.tv/common/oscam/-/commit/28f2598b92338560d70989880eafd53ee00d0d53
- reader-nagra/irdeto: change force_irdeto guard to READER_IRDETO only
force_irdeto forces a card to use the Irdeto reader instead of Nagra.
In reader-nagra.c it causes the reader to reject the card so the
Irdeto reader can handle it. This only makes sense when READER_IRDETO
is compiled - otherwise there's no Irdeto reader to take over.
Changes:
- globals.h: Change guard from (READER_NAGRA || READER_IRDETO) to
  READER_IRDETO only
- oscam-config-reader.c: Change guard to READER_IRDETO only
- module-webif.c: Change guard to READER_IRDETO only
- reader-nagra.c: Add READER_IRDETO guard around force_irdeto check
cherry-pick > https://git.streamboard.tv/common/oscam/-/commit/2c8c34c966c7994eb3d28389fd47fc41c4e858d3
- signing: fix build with OpenSSL 4
* fix -Wdiscarded-qualifiers on X509_get_subject/issuer_name
OpenSSL 4 changed X509_get_subject_name() and X509_get_issuer_name()
to return 'const X509_NAME *', which breaks the call to our local
helper _X509_NAME_oneline_utf8() that still takes a non-const
X509_NAME *:
    ncam-signing.c:235:46: warning: passing argument 1 of
    '_X509_NAME_oneline_utf8' discards 'const' qualifier from
    pointer target type [-Wdiscarded-qualifiers]
Route the result of the X509 getters through a uintptr_t cast to
explicitly drop the const qualifier at the call sites, mirroring the
approach already used for ASN1_STRING_type() in ASN1_TIME_to_posix_time().
This avoids changing the helper's signature, which would require a
more invasive const-correctness pass given that older OpenSSL versions
(including 0.9.x, still supported by this file) declared many X509
APIs as non-const.
* fix ASN1_STRING_type() accessor
In OpenSSL 4 the ASN1_STRING / ASN1_TIME struct became fully opaque,
so struct members can no longer be accessed directly from public
headers. This broke the WITH_SIGNING build:
    ncam-signing.c:124:17: error: invalid use of incomplete typedef
    'ASN1_TIME' {aka 'const struct asn1_string_st'}
        switch(t->type)
The data pointer was already handled via ASN1_STRING_get0_data() for
OpenSSL >= 1.1.0, but t->type was still accessed directly and was
overlooked until OpenSSL 4 removed the last bit of struct visibility.
Replace the direct member access with the ASN1_STRING_type() accessor
function, which has existed since OpenSSL 0.9.x and is therefore
available in all supported versions (1.0, 1.1, 3.x, 4.x) without a
version guard.
Since older OpenSSL versions declare ASN1_STRING_type() as taking a
non-const ASN1_STRING *, the cast is routed through uintptr_t to
explicitly drop the const qualifier of t without triggering
-Wdiscarded-qualifiers (treated as error by the 'ancient' CI build).
uintptr_t is already available via globals.h (stdint.h).
cherry-picked > https://git.streamboard.tv/common/oscam/-/commit/5d00e7e267b612e25fc5dee628b56cdf2d1be528
- Extend service and group handling to 128 entries and harden related limits
Add platform-aware 128-bit group and service support for builds with __int128, while preserving correct 64-bit fallback behavior.
- introduce group_t and GROUP_BITS so group and sidtab bitmasks scale to 128 entries where supported
- enforce MAX_SIDBITS consistently across parsing, runtime checks, and WebIF handling
- fix off-by-one, buffer sizing, and numbering issues in group and service serialization
- improve validation, truncation handling, and warning messages for invalid or oversized group/service definitions
- add and document the httpmaxrequestsize config option, and make WebIF request parsing enforce the configured limit
- add clearer startup diagnostics for effective group/service capacity and ABI details
- update WebIF limits and documentation to reflect build-dependent 64 or 128 entry support
cherry-picked > https://git.streamboard.tv/common/oscam/-/commit/45927f29b9a4fd9f7d0e62a1ff584b1301e3ce25
- webif: remove poll from request read loop
Simplify WebIf request handling by relying on check_request()
to detect complete HTTP headers and request bodies instead of
polling the socket between reads.
This removes the extra poll-based wait path while preserving
correct handling for fragmented GET and POST requests.
thx to @lpm11
cherry-picked > https://git.streamboard.tv/common/oscam/-/commit/53e2466a4a4ba9ab7d21433771076cad2f220e21
- chore: remove 64 services/groups startup warning
cherry-picked > https://git.streamboard.tv/common/oscam/-/commit/783ef1bc5c49c43b4a95d1e983f0816f939a0c4e
- net: remove obsolete gethostbyname resolver and use getaddrinfo exclusively
gethostbyname() is not thread-safe and has been marked obsolescent by
POSIX. Newer glibc versions could emit a linker warning for any binary
referencing this symbol, even if the code path is gated behind a
runtime config option.
The modern replacement getaddrinfo() was already fully implemented as
the default resolver (resolvegethostbyname=0). This removes the legacy
gethostbyname() fallback path along with:
- the resolvegethostbyname config option (oscam.conf [global])
- the Resolver dropdown from the webinterface
- the gethostbyname_lock mutex (no longer needed since getaddrinfo
  is thread-safe)
cherry-picked > https://git.streamboard.tv/common/oscam/-/commit/ca91dc965ed38e02508e5f2f9875c955cf93462a