]>
Commit | Line | Data |
---|---|---|
9de3ca7e | 1 | /* |
2 | * aim_login.c | |
3 | * | |
4 | * This contains all the functions needed to actually login. | |
5 | * | |
6 | */ | |
7 | ||
37ee990e | 8 | #define FAIM_INTERNAL |
dd60ff8b | 9 | #include <aim.h> |
9de3ca7e | 10 | |
b5bc2a8c | 11 | #include "md5.h" |
12 | ||
5daacaa3 | 13 | static int aim_encode_password(const char *password, unsigned char *encoded); |
9de3ca7e | 14 | |
78b3fb13 | 15 | faim_export int aim_sendconnack(struct aim_session_t *sess, |
16 | struct aim_conn_t *conn) | |
01b59e1e | 17 | { |
18 | int curbyte=0; | |
19 | ||
5b79dc93 | 20 | struct command_tx_struct *newpacket; |
01b59e1e | 21 | |
646c6b52 | 22 | if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0001, 4))) |
01b59e1e | 23 | return -1; |
24 | ||
5b79dc93 | 25 | newpacket->lock = 1; |
01b59e1e | 26 | |
5b79dc93 | 27 | curbyte += aimutil_put16(newpacket->data+curbyte, 0x0000); |
28 | curbyte += aimutil_put16(newpacket->data+curbyte, 0x0001); | |
01b59e1e | 29 | |
5b79dc93 | 30 | newpacket->lock = 0; |
31 | return aim_tx_enqueue(sess, newpacket); | |
01b59e1e | 32 | } |
33 | ||
01b59e1e | 34 | /* |
35 | * In AIM 3.5 protocol, the first stage of login is to request | |
36 | * login from the Authorizer, passing it the screen name | |
37 | * for verification. If the name is invalid, a 0017/0003 | |
38 | * is spit back, with the standard error contents. If valid, | |
39 | * a 0017/0007 comes back, which is the signal to send | |
40 | * it the main login command (0017/0002). | |
41 | */ | |
78b3fb13 | 42 | faim_export int aim_request_login(struct aim_session_t *sess, |
43 | struct aim_conn_t *conn, | |
44 | char *sn) | |
01b59e1e | 45 | { |
5daacaa3 | 46 | int curbyte; |
5b79dc93 | 47 | struct command_tx_struct *newpacket; |
01b59e1e | 48 | |
5daacaa3 | 49 | if (!sess || !conn || !sn) |
50 | return -1; | |
51 | ||
52 | /* | |
53 | * For ICQ, we enable the ancient horrible login and stuff | |
54 | * a key packet into the queue to make it look like we got | |
55 | * a reply back. This is so the client doesn't know we're | |
56 | * really not doing MD5 login. | |
57 | * | |
58 | * This may sound stupid, but I'm not in the best of moods and | |
59 | * I don't plan to keep support for this crap around much longer. | |
60 | * Its all AOL's fault anyway, really. I hate AOL. Really. They | |
61 | * always seem to be able to piss me off by doing the dumbest little | |
62 | * things. Like disabling MD5 logins for ICQ UINs, or adding purposefully | |
63 | * wrong TLV lengths, or adding superfluous information to host strings, | |
64 | * or... I'll stop. | |
65 | * | |
66 | */ | |
67 | if ((sn[0] >= '0') && (sn[0] <= '9')) { | |
68 | struct command_rx_struct *newrx; | |
69 | int i; | |
70 | ||
71 | if (!(newrx = (struct command_rx_struct *)malloc(sizeof(struct command_rx_struct)))) | |
72 | return -1; | |
73 | memset(newrx, 0x00, sizeof(struct command_rx_struct)); | |
74 | newrx->lock = 1; | |
75 | newrx->hdrtype = AIM_FRAMETYPE_OSCAR; | |
76 | newrx->hdr.oscar.type = 0x02; | |
77 | newrx->hdr.oscar.seqnum = 0; | |
78 | newrx->commandlen = 10+2+1; | |
79 | newrx->nofree = 0; | |
80 | if (!(newrx->data = malloc(newrx->commandlen))) { | |
81 | free(newrx); | |
82 | return -1; | |
83 | } | |
84 | ||
85 | i = aim_putsnac(newrx->data, 0x0017, 0x0007, 0x0000, 0x0000); | |
86 | i += aimutil_put16(newrx->data+i, 0x01); | |
87 | i += aimutil_putstr(newrx->data+i, "0", 1); | |
88 | ||
89 | newrx->conn = conn; | |
90 | ||
91 | newrx->next = sess->queue_incoming; | |
92 | sess->queue_incoming = newrx; | |
93 | ||
94 | newrx->lock = 0; | |
95 | ||
22517493 | 96 | sess->flags &= ~AIM_SESS_FLAGS_SNACLOGIN; |
97 | ||
5daacaa3 | 98 | return 0; |
99 | } | |
100 | ||
22517493 | 101 | sess->flags |= AIM_SESS_FLAGS_SNACLOGIN; |
5daacaa3 | 102 | |
103 | aim_sendconnack(sess, conn); | |
104 | ||
646c6b52 | 105 | if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+2+2+strlen(sn)))) |
5b79dc93 | 106 | return -1; |
01b59e1e | 107 | |
5b79dc93 | 108 | newpacket->lock = 1; |
01b59e1e | 109 | |
5daacaa3 | 110 | curbyte = aim_putsnac(newpacket->data, 0x0017, 0x0006, 0x0000, 0x00010000); |
5b79dc93 | 111 | curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0001, strlen(sn), sn); |
01b59e1e | 112 | |
5daacaa3 | 113 | newpacket->commandlen = curbyte; |
5b79dc93 | 114 | newpacket->lock = 0; |
5daacaa3 | 115 | |
5b79dc93 | 116 | return aim_tx_enqueue(sess, newpacket); |
01b59e1e | 117 | } |
01b59e1e | 118 | |
9de3ca7e | 119 | /* |
24286d93 | 120 | * send_login(int socket, char *sn, char *password) |
9de3ca7e | 121 | * |
122 | * This is the initial login request packet. | |
123 | * | |
124 | * The password is encoded before transmition, as per | |
125 | * encode_password(). See that function for their | |
126 | * stupid method of doing it. | |
127 | * | |
355982c5 | 128 | * Latest WinAIM: |
129 | * clientstring = "AOL Instant Messenger (SM), version 4.3.2188/WIN32" | |
130 | * major2 = 0x0109 | |
131 | * major = 0x0400 | |
132 | * minor = 0x0003 | |
133 | * minor2 = 0x0000 | |
134 | * build = 0x088c | |
135 | * unknown = 0x00000086 | |
136 | * lang = "en" | |
137 | * country = "us" | |
138 | * unknown4a = 0x01 | |
154b4093 | 139 | * |
140 | * Latest WinAIM that libfaim can emulate without server-side buddylists: | |
141 | * clientstring = "AOL Instant Messenger (SM), version 3.5.1670/WIN32" | |
142 | * major2 = 0x0004 | |
143 | * major = 0x0003 | |
144 | * minor = 0x0005 | |
145 | * minor2 = 0x0000 | |
146 | * build = 0x0686 | |
147 | * unknown =0x0000002a | |
148 | * | |
9de3ca7e | 149 | */ |
78b3fb13 | 150 | faim_export int aim_send_login (struct aim_session_t *sess, |
151 | struct aim_conn_t *conn, | |
152 | char *sn, char *password, | |
153 | struct client_info_s *clientinfo, | |
154 | char *key) | |
9de3ca7e | 155 | { |
9de3ca7e | 156 | int curbyte=0; |
5b79dc93 | 157 | struct command_tx_struct *newpacket; |
9de3ca7e | 158 | |
01b59e1e | 159 | if (!clientinfo || !sn || !password) |
160 | return -1; | |
161 | ||
646c6b52 | 162 | if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 1152))) |
5b79dc93 | 163 | return -1; |
9de3ca7e | 164 | |
5b79dc93 | 165 | newpacket->lock = 1; |
01b59e1e | 166 | |
22517493 | 167 | newpacket->hdr.oscar.type = (sess->flags & AIM_SESS_FLAGS_SNACLOGIN)?0x02:0x01; |
b5bc2a8c | 168 | |
22517493 | 169 | if (sess->flags & AIM_SESS_FLAGS_SNACLOGIN) |
5daacaa3 | 170 | curbyte = aim_putsnac(newpacket->data, 0x0017, 0x0002, 0x0000, 0x00010000); |
171 | else { | |
172 | curbyte = aimutil_put16(newpacket->data, 0x0000); | |
173 | curbyte += aimutil_put16(newpacket->data+curbyte, 0x0001); | |
174 | } | |
b5bc2a8c | 175 | |
5daacaa3 | 176 | curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0001, strlen(sn), sn); |
9de3ca7e | 177 | |
22517493 | 178 | if (sess->flags & AIM_SESS_FLAGS_SNACLOGIN) { |
9f1a4013 | 179 | unsigned char digest[16]; |
5daacaa3 | 180 | |
181 | aim_encode_password_md5(password, key, digest); | |
182 | curbyte+= aim_puttlv_str(newpacket->data+curbyte, 0x0025, 16, (char *)digest); | |
183 | } else { | |
184 | char *password_encoded; | |
185 | ||
186 | password_encoded = (char *) malloc(strlen(password)); | |
187 | aim_encode_password(password, password_encoded); | |
188 | curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0002, strlen(password), password_encoded); | |
189 | free(password_encoded); | |
190 | } | |
191 | ||
13ebc4c4 | 192 | /* XXX is clientstring required by oscar? */ |
193 | if (strlen(clientinfo->clientstring)) | |
194 | curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0003, strlen(clientinfo->clientstring), clientinfo->clientstring); | |
195 | ||
22517493 | 196 | if (sess->flags & AIM_SESS_FLAGS_SNACLOGIN) { |
154b4093 | 197 | |
5daacaa3 | 198 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0016, (unsigned short)clientinfo->major2); |
199 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0017, (unsigned short)clientinfo->major); | |
200 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0018, (unsigned short)clientinfo->minor); | |
201 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0019, (unsigned short)clientinfo->minor2); | |
202 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x001a, (unsigned short)clientinfo->build); | |
b5bc2a8c | 203 | |
5daacaa3 | 204 | curbyte += aim_puttlv_32(newpacket->data+curbyte, 0x0014, clientinfo->unknown); |
205 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0009, 0x0015); | |
154b4093 | 206 | |
5daacaa3 | 207 | } else { |
355982c5 | 208 | /* Use very specific version numbers, to further indicate the hack. */ |
5daacaa3 | 209 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0016, 0x010a); |
210 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0017, 0x0004); | |
211 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0018, 0x003c); | |
212 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0019, 0x0001); | |
213 | curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x001a, 0x0cce); | |
214 | curbyte += aim_puttlv_32(newpacket->data+curbyte, 0x0014, 0x00000055); | |
215 | } | |
9de3ca7e | 216 | |
13ebc4c4 | 217 | if (strlen(clientinfo->country)) |
154b4093 | 218 | curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x000f, strlen(clientinfo->country), clientinfo->country); |
13ebc4c4 | 219 | else |
154b4093 | 220 | curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x000f, 2, "us"); |
13ebc4c4 | 221 | |
222 | if (strlen(clientinfo->lang)) | |
154b4093 | 223 | curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x000e, strlen(clientinfo->lang), clientinfo->lang); |
13ebc4c4 | 224 | else |
154b4093 | 225 | curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x000e, 2, "en"); |
13ebc4c4 | 226 | |
227 | newpacket->commandlen = curbyte; | |
9de3ca7e | 228 | |
5b79dc93 | 229 | newpacket->lock = 0; |
230 | return aim_tx_enqueue(sess, newpacket); | |
9de3ca7e | 231 | } |
9de3ca7e | 232 | |
9f1a4013 | 233 | faim_export int aim_encode_password_md5(const char *password, const char *key, unsigned char *digest) |
b5bc2a8c | 234 | { |
235 | md5_state_t state; | |
236 | ||
237 | md5_init(&state); | |
238 | md5_append(&state, (const md5_byte_t *)key, strlen(key)); | |
239 | md5_append(&state, (const md5_byte_t *)password, strlen(password)); | |
240 | md5_append(&state, (const md5_byte_t *)AIM_MD5_STRING, strlen(AIM_MD5_STRING)); | |
241 | md5_finish(&state, (md5_byte_t *)digest); | |
242 | ||
243 | return 0; | |
244 | } | |
245 | ||
5daacaa3 | 246 | /** |
247 | * aim_encode_password - Encode a password using old XOR method | |
248 | * @password: incoming password | |
249 | * @encoded: buffer to put encoded password | |
9de3ca7e | 250 | * |
251 | * This takes a const pointer to a (null terminated) string | |
252 | * containing the unencoded password. It also gets passed | |
253 | * an already allocated buffer to store the encoded password. | |
254 | * This buffer should be the exact length of the password without | |
5daacaa3 | 255 | * the null. The encoded password buffer /is not %NULL terminated/. |
9de3ca7e | 256 | * |
257 | * The encoding_table seems to be a fixed set of values. We'll | |
258 | * hope it doesn't change over time! | |
259 | * | |
5daacaa3 | 260 | * This is only used for the XOR method, not the better MD5 method. |
b5bc2a8c | 261 | * |
9de3ca7e | 262 | */ |
b5bc2a8c | 263 | static int aim_encode_password(const char *password, unsigned char *encoded) |
9de3ca7e | 264 | { |
265 | u_char encoding_table[] = { | |
b69540e3 | 266 | #if 0 /* old v1 table */ |
9de3ca7e | 267 | 0xf3, 0xb3, 0x6c, 0x99, |
268 | 0x95, 0x3f, 0xac, 0xb6, | |
269 | 0xc5, 0xfa, 0x6b, 0x63, | |
270 | 0x69, 0x6c, 0xc3, 0x9f | |
b69540e3 | 271 | #else /* v2.1 table, also works for ICQ */ |
5e02cf44 | 272 | 0xf3, 0x26, 0x81, 0xc4, |
b69540e3 | 273 | 0x39, 0x86, 0xdb, 0x92, |
274 | 0x71, 0xa3, 0xb9, 0xe6, | |
275 | 0x53, 0x7a, 0x95, 0x7c | |
276 | #endif | |
5e02cf44 | 277 | }; |
278 | ||
279 | int i; | |
b69540e3 | 280 | |
5e02cf44 | 281 | for (i = 0; i < strlen(password); i++) |
282 | encoded[i] = (password[i] ^ encoding_table[i]); | |
283 | ||
284 | return 0; | |
285 | } | |
286 | ||
e6b05d80 | 287 | /* |
288 | * Generate an authorization response. | |
289 | * | |
290 | * You probably don't want this unless you're writing an AIM server. | |
291 | * | |
292 | */ | |
78b3fb13 | 293 | faim_export unsigned long aim_sendauthresp(struct aim_session_t *sess, |
294 | struct aim_conn_t *conn, | |
355982c5 | 295 | char *sn, int errorcode, |
296 | char *errorurl, char *bosip, | |
78b3fb13 | 297 | char *cookie, char *email, |
298 | int regstatus) | |
e6b05d80 | 299 | { |
5b79dc93 | 300 | struct command_tx_struct *tx; |
e6b05d80 | 301 | struct aim_tlvlist_t *tlvlist = NULL; |
302 | ||
646c6b52 | 303 | if (!(tx = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0004, 1152))) |
5b79dc93 | 304 | return -1; |
e6b05d80 | 305 | |
5b79dc93 | 306 | tx->lock = 1; |
e6b05d80 | 307 | |
308 | if (sn) | |
309 | aim_addtlvtochain_str(&tlvlist, 0x0001, sn, strlen(sn)); | |
310 | else | |
355982c5 | 311 | aim_addtlvtochain_str(&tlvlist, 0x0001, sess->sn, strlen(sess->sn)); |
e6b05d80 | 312 | |
355982c5 | 313 | if (errorcode) { |
314 | aim_addtlvtochain16(&tlvlist, 0x0008, errorcode); | |
315 | aim_addtlvtochain_str(&tlvlist, 0x0004, errorurl, strlen(errorurl)); | |
e6b05d80 | 316 | } else { |
317 | aim_addtlvtochain_str(&tlvlist, 0x0005, bosip, strlen(bosip)); | |
318 | aim_addtlvtochain_str(&tlvlist, 0x0006, cookie, AIM_COOKIELEN); | |
319 | aim_addtlvtochain_str(&tlvlist, 0x0011, email, strlen(email)); | |
5ac21963 | 320 | aim_addtlvtochain16(&tlvlist, 0x0013, (unsigned short)regstatus); |
e6b05d80 | 321 | } |
322 | ||
5b79dc93 | 323 | tx->commandlen = aim_writetlvchain(tx->data, tx->commandlen, &tlvlist); |
324 | tx->lock = 0; | |
355982c5 | 325 | |
5b79dc93 | 326 | return aim_tx_enqueue(sess, tx); |
e6b05d80 | 327 | } |
328 | ||
329 | /* | |
330 | * Generate a random cookie. (Non-client use only) | |
331 | */ | |
78b3fb13 | 332 | faim_export int aim_gencookie(unsigned char *buf) |
e6b05d80 | 333 | { |
334 | int i; | |
335 | ||
336 | srand(time(NULL)); | |
337 | ||
338 | for (i=0; i < AIM_COOKIELEN; i++) | |
339 | buf[i] = 1+(int) (256.0*rand()/(RAND_MAX+0.0)); | |
340 | ||
341 | return i; | |
342 | } | |
343 | ||
344 | /* | |
345 | * Send Server Ready. (Non-client) | |
346 | */ | |
78b3fb13 | 347 | faim_export int aim_sendserverready(struct aim_session_t *sess, struct aim_conn_t *conn) |
e6b05d80 | 348 | { |
5b79dc93 | 349 | struct command_tx_struct *tx; |
e6b05d80 | 350 | int i = 0; |
351 | ||
646c6b52 | 352 | if (!(tx = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+0x22))) |
5b79dc93 | 353 | return -1; |
e6b05d80 | 354 | |
5b79dc93 | 355 | tx->lock = 1; |
e6b05d80 | 356 | |
67c0bb2f | 357 | i += aim_putsnac(tx->data, 0x0001, 0x0003, 0x0000, sess->snac_nextid++); |
5b79dc93 | 358 | |
359 | i += aimutil_put16(tx->data+i, 0x0001); | |
360 | i += aimutil_put16(tx->data+i, 0x0002); | |
361 | i += aimutil_put16(tx->data+i, 0x0003); | |
362 | i += aimutil_put16(tx->data+i, 0x0004); | |
363 | i += aimutil_put16(tx->data+i, 0x0006); | |
364 | i += aimutil_put16(tx->data+i, 0x0008); | |
365 | i += aimutil_put16(tx->data+i, 0x0009); | |
366 | i += aimutil_put16(tx->data+i, 0x000a); | |
367 | i += aimutil_put16(tx->data+i, 0x000b); | |
368 | i += aimutil_put16(tx->data+i, 0x000c); | |
67c0bb2f | 369 | i += aimutil_put16(tx->data+i, 0x0013); |
370 | i += aimutil_put16(tx->data+i, 0x0015); | |
5b79dc93 | 371 | |
67c0bb2f | 372 | tx->commandlen = i; |
5b79dc93 | 373 | tx->lock = 0; |
5b79dc93 | 374 | return aim_tx_enqueue(sess, tx); |
e6b05d80 | 375 | } |
376 | ||
377 | ||
378 | /* | |
379 | * Send service redirect. (Non-Client) | |
380 | */ | |
78b3fb13 | 381 | faim_export unsigned long aim_sendredirect(struct aim_session_t *sess, |
382 | struct aim_conn_t *conn, | |
383 | unsigned short servid, | |
384 | char *ip, | |
385 | char *cookie) | |
e6b05d80 | 386 | { |
5b79dc93 | 387 | struct command_tx_struct *tx; |
e6b05d80 | 388 | struct aim_tlvlist_t *tlvlist = NULL; |
389 | int i = 0; | |
390 | ||
646c6b52 | 391 | if (!(tx = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 1152))) |
5b79dc93 | 392 | return -1; |
393 | ||
394 | tx->lock = 1; | |
e6b05d80 | 395 | |
13ebc4c4 | 396 | i += aim_putsnac(tx->data+i, 0x0001, 0x0005, 0x0000, 0x00000000); |
e6b05d80 | 397 | |
398 | aim_addtlvtochain16(&tlvlist, 0x000d, servid); | |
399 | aim_addtlvtochain_str(&tlvlist, 0x0005, ip, strlen(ip)); | |
400 | aim_addtlvtochain_str(&tlvlist, 0x0006, cookie, AIM_COOKIELEN); | |
401 | ||
5b79dc93 | 402 | tx->commandlen = aim_writetlvchain(tx->data+i, tx->commandlen-i, &tlvlist)+i; |
e6b05d80 | 403 | aim_freetlvchain(&tlvlist); |
404 | ||
5b79dc93 | 405 | tx->lock = 0; |
406 | return aim_tx_enqueue(sess, tx); | |
e6b05d80 | 407 | } |