]> andersk Git - libfaim.git/blame - src/login.c
andersk / libfaim.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- Wed Mar 28 16:51:25 PST 2001
[libfaim.git] / src / login.c
CommitLineData
9de3ca7e 1/*
2 * aim_login.c
3 *
4 * This contains all the functions needed to actually login.
5 *
6 */
7
37ee990e 8#define FAIM_INTERNAL
dd60ff8b 9#include <aim.h>
9de3ca7e 10
b5bc2a8c 11#include "md5.h"
12
5daacaa3 13static int aim_encode_password(const char *password, unsigned char *encoded);
9de3ca7e 14
78b3fb13 15faim_export int aim_sendconnack(struct aim_session_t *sess,
16 struct aim_conn_t *conn)
01b59e1e 17{
18 int curbyte=0;
19
5b79dc93 20 struct command_tx_struct *newpacket;
01b59e1e 21
646c6b52 22 if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0001, 4)))
01b59e1e 23 return -1;
24
5b79dc93 25 newpacket->lock = 1;
01b59e1e 26
5b79dc93 27 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0000);
28 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0001);
01b59e1e 29
5b79dc93 30 newpacket->lock = 0;
31 return aim_tx_enqueue(sess, newpacket);
01b59e1e 32}
33
01b59e1e 34/*
35 * In AIM 3.5 protocol, the first stage of login is to request
36 * login from the Authorizer, passing it the screen name
37 * for verification. If the name is invalid, a 0017/0003
38 * is spit back, with the standard error contents. If valid,
39 * a 0017/0007 comes back, which is the signal to send
40 * it the main login command (0017/0002).
41 */
78b3fb13 42faim_export int aim_request_login(struct aim_session_t *sess,
43 struct aim_conn_t *conn,
44 char *sn)
01b59e1e 45{
5daacaa3 46 int curbyte;
5b79dc93 47 struct command_tx_struct *newpacket;
01b59e1e 48
5daacaa3 49 if (!sess || !conn || !sn)
50 return -1;
51
52 /*
53 * For ICQ, we enable the ancient horrible login and stuff
54 * a key packet into the queue to make it look like we got
55 * a reply back. This is so the client doesn't know we're
56 * really not doing MD5 login.
57 *
58 * This may sound stupid, but I'm not in the best of moods and
59 * I don't plan to keep support for this crap around much longer.
60 * Its all AOL's fault anyway, really. I hate AOL. Really. They
61 * always seem to be able to piss me off by doing the dumbest little
62 * things. Like disabling MD5 logins for ICQ UINs, or adding purposefully
63 * wrong TLV lengths, or adding superfluous information to host strings,
64 * or... I'll stop.
65 *
66 */
67 if ((sn[0] >= '0') && (sn[0] <= '9')) {
68 struct command_rx_struct *newrx;
69 int i;
70
71 if (!(newrx = (struct command_rx_struct *)malloc(sizeof(struct command_rx_struct))))
72 return -1;
73 memset(newrx, 0x00, sizeof(struct command_rx_struct));
74 newrx->lock = 1;
75 newrx->hdrtype = AIM_FRAMETYPE_OSCAR;
76 newrx->hdr.oscar.type = 0x02;
77 newrx->hdr.oscar.seqnum = 0;
78 newrx->commandlen = 10+2+1;
79 newrx->nofree = 0;
80 if (!(newrx->data = malloc(newrx->commandlen))) {
81 free(newrx);
82 return -1;
83 }
84
85 i = aim_putsnac(newrx->data, 0x0017, 0x0007, 0x0000, 0x0000);
86 i += aimutil_put16(newrx->data+i, 0x01);
87 i += aimutil_putstr(newrx->data+i, "0", 1);
88
89 newrx->conn = conn;
90
91 newrx->next = sess->queue_incoming;
92 sess->queue_incoming = newrx;
93
94 newrx->lock = 0;
95
22517493 96 sess->flags &= ~AIM_SESS_FLAGS_SNACLOGIN;
97
5daacaa3 98 return 0;
99 }
100
22517493 101 sess->flags |= AIM_SESS_FLAGS_SNACLOGIN;
5daacaa3 102
103 aim_sendconnack(sess, conn);
104
646c6b52 105 if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+2+2+strlen(sn))))
5b79dc93 106 return -1;
01b59e1e 107
5b79dc93 108 newpacket->lock = 1;
01b59e1e 109
5daacaa3 110 curbyte = aim_putsnac(newpacket->data, 0x0017, 0x0006, 0x0000, 0x00010000);
5b79dc93 111 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0001, strlen(sn), sn);
01b59e1e 112
5daacaa3 113 newpacket->commandlen = curbyte;
5b79dc93 114 newpacket->lock = 0;
5daacaa3 115
5b79dc93 116 return aim_tx_enqueue(sess, newpacket);
01b59e1e 117}
01b59e1e 118
9de3ca7e 119/*
24286d93 120 * send_login(int socket, char *sn, char *password)
9de3ca7e 121 *
122 * This is the initial login request packet.
123 *
b1eac25a 124 * NOTE!! If you want/need to make use of the aim_sendmemblock() function,
125 * then the client information you send here must exactly match the
126 * executable that you're pulling the data from.
9de3ca7e 127 *
355982c5 128 * Latest WinAIM:
129 * clientstring = "AOL Instant Messenger (SM), version 4.3.2188/WIN32"
130 * major2 = 0x0109
131 * major = 0x0400
132 * minor = 0x0003
133 * minor2 = 0x0000
134 * build = 0x088c
135 * unknown = 0x00000086
136 * lang = "en"
137 * country = "us"
138 * unknown4a = 0x01
154b4093 139 *
140 * Latest WinAIM that libfaim can emulate without server-side buddylists:
b1eac25a 141 * clientstring = "AOL Instant Messenger (SM), version 4.1.2010/WIN32"
142 * major2 = 0x0004
143 * major = 0x0004
144 * minor = 0x0001
145 * minor2 = 0x0000
146 * build = 0x07da
147 * unknown= 0x0000004b
148 *
149 * WinAIM 3.5.1670:
154b4093 150 * clientstring = "AOL Instant Messenger (SM), version 3.5.1670/WIN32"
151 * major2 = 0x0004
152 * major = 0x0003
153 * minor = 0x0005
154 * minor2 = 0x0000
155 * build = 0x0686
156 * unknown =0x0000002a
157 *
d32954e7 158 * Java AIM 1.1.19:
159 * clientstring = "AOL Instant Messenger (TM) version 1.1.19 for Java built 03/24/98, freeMem 215871 totalMem 1048567, i686, Linus, #2 SMP Sun Feb 11 03:41:17 UTC 2001 2.4.1-ac9, IBM Corporation, 1.1.8, 45.3, Tue Mar 27 12:09:17 PST 2001"
160 * major2 = 0x0001
161 * major = 0x0001
162 * minor = 0x0001
163 * minor2 = (not sent)
164 * build = 0x0013
165 * unknown= (not sent)
166 *
167 * AIM for Linux 1.1.112:
168 * clientstring = "AOL Instant Messenger (SM)"
169 * major2 = 0x1d09
170 * major = 0x0001
171 * minor = 0x0001
172 * minor2 = 0x0001
173 * build = 0x0070
174 * unknown= 0x0000008b
175 * serverstore = 0x01
176 *
9de3ca7e 177 */
78b3fb13 178faim_export int aim_send_login (struct aim_session_t *sess,
179 struct aim_conn_t *conn,
180 char *sn, char *password,
181 struct client_info_s *clientinfo,
182 char *key)
9de3ca7e 183{
9de3ca7e 184 int curbyte=0;
5b79dc93 185 struct command_tx_struct *newpacket;
9de3ca7e 186
01b59e1e 187 if (!clientinfo || !sn || !password)
188 return -1;
189
646c6b52 190 if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 1152)))
5b79dc93 191 return -1;
9de3ca7e 192
5b79dc93 193 newpacket->lock = 1;
01b59e1e 194
22517493 195 newpacket->hdr.oscar.type = (sess->flags & AIM_SESS_FLAGS_SNACLOGIN)?0x02:0x01;
b5bc2a8c 196
22517493 197 if (sess->flags & AIM_SESS_FLAGS_SNACLOGIN)
5daacaa3 198 curbyte = aim_putsnac(newpacket->data, 0x0017, 0x0002, 0x0000, 0x00010000);
199 else {
200 curbyte = aimutil_put16(newpacket->data, 0x0000);
201 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0001);
202 }
b5bc2a8c 203
5daacaa3 204 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0001, strlen(sn), sn);
9de3ca7e 205
22517493 206 if (sess->flags & AIM_SESS_FLAGS_SNACLOGIN) {
9f1a4013 207 unsigned char digest[16];
5daacaa3 208
209 aim_encode_password_md5(password, key, digest);
210 curbyte+= aim_puttlv_str(newpacket->data+curbyte, 0x0025, 16, (char *)digest);
211 } else {
212 char *password_encoded;
213
214 password_encoded = (char *) malloc(strlen(password));
215 aim_encode_password(password, password_encoded);
216 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0002, strlen(password), password_encoded);
217 free(password_encoded);
218 }
219
e80a0fa9 220 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0003, strlen(clientinfo->clientstring), clientinfo->clientstring);
13ebc4c4 221
22517493 222 if (sess->flags & AIM_SESS_FLAGS_SNACLOGIN) {
154b4093 223
5daacaa3 224 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0016, (unsigned short)clientinfo->major2);
225 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0017, (unsigned short)clientinfo->major);
226 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0018, (unsigned short)clientinfo->minor);
227 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0019, (unsigned short)clientinfo->minor2);
228 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x001a, (unsigned short)clientinfo->build);
b5bc2a8c 229
5daacaa3 230 } else {
355982c5 231 /* Use very specific version numbers, to further indicate the hack. */
5daacaa3 232 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0016, 0x010a);
233 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0017, 0x0004);
234 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0018, 0x003c);
235 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0019, 0x0001);
236 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x001a, 0x0cce);
237 curbyte += aim_puttlv_32(newpacket->data+curbyte, 0x0014, 0x00000055);
238 }
9de3ca7e 239
e80a0fa9 240 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x000e, strlen(clientinfo->country), clientinfo->country);
241 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x000f, strlen(clientinfo->lang), clientinfo->lang);
13ebc4c4 242
e80a0fa9 243 if (sess->flags & AIM_SESS_FLAGS_SNACLOGIN) {
244 curbyte += aim_puttlv_32(newpacket->data+curbyte, 0x0014, clientinfo->unknown);
245 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0009, 0x0015);
246 }
247
13ebc4c4 248 newpacket->commandlen = curbyte;
9de3ca7e 249
5b79dc93 250 newpacket->lock = 0;
251 return aim_tx_enqueue(sess, newpacket);
9de3ca7e 252}
9de3ca7e 253
9f1a4013 254faim_export int aim_encode_password_md5(const char *password, const char *key, unsigned char *digest)
b5bc2a8c 255{
256 md5_state_t state;
257
258 md5_init(&state);
259 md5_append(&state, (const md5_byte_t *)key, strlen(key));
260 md5_append(&state, (const md5_byte_t *)password, strlen(password));
261 md5_append(&state, (const md5_byte_t *)AIM_MD5_STRING, strlen(AIM_MD5_STRING));
262 md5_finish(&state, (md5_byte_t *)digest);
263
264 return 0;
265}
266
5daacaa3 267/**
268 * aim_encode_password - Encode a password using old XOR method
269 * @password: incoming password
270 * @encoded: buffer to put encoded password
9de3ca7e 271 *
272 * This takes a const pointer to a (null terminated) string
273 * containing the unencoded password. It also gets passed
274 * an already allocated buffer to store the encoded password.
275 * This buffer should be the exact length of the password without
5daacaa3 276 * the null. The encoded password buffer /is not %NULL terminated/.
9de3ca7e 277 *
278 * The encoding_table seems to be a fixed set of values. We'll
279 * hope it doesn't change over time!
280 *
5daacaa3 281 * This is only used for the XOR method, not the better MD5 method.
b5bc2a8c 282 *
9de3ca7e 283 */
b5bc2a8c 284static int aim_encode_password(const char *password, unsigned char *encoded)
9de3ca7e 285{
286 u_char encoding_table[] = {
b69540e3 287#if 0 /* old v1 table */
9de3ca7e 288 0xf3, 0xb3, 0x6c, 0x99,
289 0x95, 0x3f, 0xac, 0xb6,
290 0xc5, 0xfa, 0x6b, 0x63,
291 0x69, 0x6c, 0xc3, 0x9f
b69540e3 292#else /* v2.1 table, also works for ICQ */
5e02cf44 293 0xf3, 0x26, 0x81, 0xc4,
b69540e3 294 0x39, 0x86, 0xdb, 0x92,
295 0x71, 0xa3, 0xb9, 0xe6,
296 0x53, 0x7a, 0x95, 0x7c
297#endif
5e02cf44 298 };
299
300 int i;
b69540e3 301
5e02cf44 302 for (i = 0; i < strlen(password); i++)
303 encoded[i] = (password[i] ^ encoding_table[i]);
304
305 return 0;
306}
307
e6b05d80 308/*
309 * Generate an authorization response.
310 *
311 * You probably don't want this unless you're writing an AIM server.
312 *
313 */
78b3fb13 314faim_export unsigned long aim_sendauthresp(struct aim_session_t *sess,
315 struct aim_conn_t *conn,
355982c5 316 char *sn, int errorcode,
317 char *errorurl, char *bosip,
78b3fb13 318 char *cookie, char *email,
319 int regstatus)
e6b05d80 320{
5b79dc93 321 struct command_tx_struct *tx;
e6b05d80 322 struct aim_tlvlist_t *tlvlist = NULL;
323
646c6b52 324 if (!(tx = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0004, 1152)))
5b79dc93 325 return -1;
e6b05d80 326
5b79dc93 327 tx->lock = 1;
e6b05d80 328
329 if (sn)
330 aim_addtlvtochain_str(&tlvlist, 0x0001, sn, strlen(sn));
331 else
355982c5 332 aim_addtlvtochain_str(&tlvlist, 0x0001, sess->sn, strlen(sess->sn));
e6b05d80 333
355982c5 334 if (errorcode) {
335 aim_addtlvtochain16(&tlvlist, 0x0008, errorcode);
336 aim_addtlvtochain_str(&tlvlist, 0x0004, errorurl, strlen(errorurl));
e6b05d80 337 } else {
338 aim_addtlvtochain_str(&tlvlist, 0x0005, bosip, strlen(bosip));
339 aim_addtlvtochain_str(&tlvlist, 0x0006, cookie, AIM_COOKIELEN);
340 aim_addtlvtochain_str(&tlvlist, 0x0011, email, strlen(email));
5ac21963 341 aim_addtlvtochain16(&tlvlist, 0x0013, (unsigned short)regstatus);
e6b05d80 342 }
343
5b79dc93 344 tx->commandlen = aim_writetlvchain(tx->data, tx->commandlen, &tlvlist);
345 tx->lock = 0;
355982c5 346
5b79dc93 347 return aim_tx_enqueue(sess, tx);
e6b05d80 348}
349
350/*
351 * Generate a random cookie. (Non-client use only)
352 */
78b3fb13 353faim_export int aim_gencookie(unsigned char *buf)
e6b05d80 354{
355 int i;
356
357 srand(time(NULL));
358
359 for (i=0; i < AIM_COOKIELEN; i++)
360 buf[i] = 1+(int) (256.0*rand()/(RAND_MAX+0.0));
361
362 return i;
363}
364
365/*
366 * Send Server Ready. (Non-client)
367 */
78b3fb13 368faim_export int aim_sendserverready(struct aim_session_t *sess, struct aim_conn_t *conn)
e6b05d80 369{
5b79dc93 370 struct command_tx_struct *tx;
e6b05d80 371 int i = 0;
372
646c6b52 373 if (!(tx = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+0x22)))
5b79dc93 374 return -1;
e6b05d80 375
5b79dc93 376 tx->lock = 1;
e6b05d80 377
67c0bb2f 378 i += aim_putsnac(tx->data, 0x0001, 0x0003, 0x0000, sess->snac_nextid++);
5b79dc93 379
380 i += aimutil_put16(tx->data+i, 0x0001);
381 i += aimutil_put16(tx->data+i, 0x0002);
382 i += aimutil_put16(tx->data+i, 0x0003);
383 i += aimutil_put16(tx->data+i, 0x0004);
384 i += aimutil_put16(tx->data+i, 0x0006);
385 i += aimutil_put16(tx->data+i, 0x0008);
386 i += aimutil_put16(tx->data+i, 0x0009);
387 i += aimutil_put16(tx->data+i, 0x000a);
388 i += aimutil_put16(tx->data+i, 0x000b);
389 i += aimutil_put16(tx->data+i, 0x000c);
67c0bb2f 390 i += aimutil_put16(tx->data+i, 0x0013);
391 i += aimutil_put16(tx->data+i, 0x0015);
5b79dc93 392
67c0bb2f 393 tx->commandlen = i;
5b79dc93 394 tx->lock = 0;
5b79dc93 395 return aim_tx_enqueue(sess, tx);
e6b05d80 396}
397
398
399/*
400 * Send service redirect. (Non-Client)
401 */
78b3fb13 402faim_export unsigned long aim_sendredirect(struct aim_session_t *sess,
403 struct aim_conn_t *conn,
404 unsigned short servid,
405 char *ip,
406 char *cookie)
e6b05d80 407{
5b79dc93 408 struct command_tx_struct *tx;
e6b05d80 409 struct aim_tlvlist_t *tlvlist = NULL;
410 int i = 0;
411
646c6b52 412 if (!(tx = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 1152)))
5b79dc93 413 return -1;
414
415 tx->lock = 1;
e6b05d80 416
13ebc4c4 417 i += aim_putsnac(tx->data+i, 0x0001, 0x0005, 0x0000, 0x00000000);
e6b05d80 418
419 aim_addtlvtochain16(&tlvlist, 0x000d, servid);
420 aim_addtlvtochain_str(&tlvlist, 0x0005, ip, strlen(ip));
421 aim_addtlvtochain_str(&tlvlist, 0x0006, cookie, AIM_COOKIELEN);
422
5b79dc93 423 tx->commandlen = aim_writetlvchain(tx->data+i, tx->commandlen-i, &tlvlist)+i;
e6b05d80 424 aim_freetlvchain(&tlvlist);
425
5b79dc93 426 tx->lock = 0;
427 return aim_tx_enqueue(sess, tx);
e6b05d80 428}
00ef5271 429
430
431static int hostonline(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
432{
433 rxcallback_t userfunc;
434 int ret = 0;
435 unsigned short *families;
436 int famcount, i;
437
438 famcount = datalen/2;
439
440 if (!(families = malloc(datalen)))
441 return 0;
442
443 for (i = 0; i < famcount; i++)
444 families[i] = aimutil_get16(data+(i*2));
445
446 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
447 ret = userfunc(sess, rx, famcount, families);
448
449 free(families);
450
451 return ret;
452}
453
454static int redirect(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
455{
456 int serviceid;
457 unsigned char *cookie;
458 char *ip;
459 rxcallback_t userfunc;
460 struct aim_tlvlist_t *tlvlist;
461 char *chathack = NULL;
462 int chathackex = 0;
463 int ret = 0;
464
465 tlvlist = aim_readtlvchain(data, datalen);
466
467 if (!aim_gettlv(tlvlist, 0x000d, 1) ||
468 !aim_gettlv(tlvlist, 0x0005, 1) ||
469 !aim_gettlv(tlvlist, 0x0006, 1)) {
470 aim_freetlvchain(&tlvlist);
471 return 0;
472 }
473
474 serviceid = aim_gettlv16(tlvlist, 0x000d, 1);
475 ip = aim_gettlv_str(tlvlist, 0x0005, 1);
476 cookie = aim_gettlv_str(tlvlist, 0x0006, 1);
477
478 /*
479 * Chat hack.
480 *
481 */
482 if ((serviceid == AIM_CONN_TYPE_CHAT) && sess->pendingjoin) {
483 chathack = sess->pendingjoin;
484 chathackex = sess->pendingjoinexchange;
485 sess->pendingjoin = NULL;
486 sess->pendingjoinexchange = 0;
487 }
488
489 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
490 ret = userfunc(sess, rx, serviceid, ip, cookie, chathack, chathackex);
491
492 free(ip);
493 free(cookie);
494 free(chathack);
495
496 aim_freetlvchain(&tlvlist);
497
498 return ret;
499}
500
501/*
502 * The Rate Limiting System, An Abridged Guide to Nonsense.
503 *
504 * OSCAR defines several 'rate classes'. Each class has seperate
505 * rate limiting properties (limit level, alert level, disconnect
506 * level, etc), and a set of SNAC family/type pairs associated with
507 * it. The rate classes, their limiting properties, and the definitions
508 * of which SNACs are belong to which class, are defined in the
509 * Rate Response packet at login to each host.
510 *
511 * Logically, all rate offenses within one class count against further
512 * offenses for other SNACs in the same class (ie, sending messages
513 * too fast will limit the number of user info requests you can send,
514 * since those two SNACs are in the same rate class).
515 *
516 * Since the rate classes are defined dynamically at login, the values
517 * below may change. But they seem to be fairly constant.
518 *
519 * Currently, BOS defines five rate classes, with the commonly used
520 * members as follows...
521 *
522 * Rate class 0x0001:
523 * - Everything thats not in any of the other classes
524 *
525 * Rate class 0x0002:
526 * - Buddy list add/remove
527 * - Permit list add/remove
528 * - Deny list add/remove
529 *
530 * Rate class 0x0003:
531 * - User information requests
532 * - Outgoing ICBMs
533 *
534 * Rate class 0x0004:
535 * - A few unknowns: 2/9, 2/b, and f/2
536 *
537 * Rate class 0x0005:
538 * - Chat room create
539 * - Outgoing chat ICBMs
540 *
541 * The only other thing of note is that class 5 (chat) has slightly looser
542 * limiting properties than class 3 (normal messages). But thats just a
543 * small bit of trivia for you.
544 *
545 * The last thing that needs to be learned about the rate limiting
546 * system is how the actual numbers relate to the passing of time. This
547 * seems to be a big mystery.
548 *
549 */
550
551/* XXX parse this */
552static int rateresp(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
553{
554 rxcallback_t userfunc;
555
556 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
557 return userfunc(sess, rx);
558
559 return 0;
560}
561
562static int ratechange(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
563{
564 rxcallback_t userfunc;
565 int i = 0, code;
566 unsigned long currentavg, maxavg;
567 unsigned long rateclass, windowsize, clear, alert, limit, disconnect;
568
569 code = aimutil_get16(data+i);
570 i += 2;
571
572 rateclass = aimutil_get16(data+i);
573 i += 2;
574
575 windowsize = aimutil_get32(data+i);
576 i += 4;
577 clear = aimutil_get32(data+i);
578 i += 4;
579 alert = aimutil_get32(data+i);
580 i += 4;
581 limit = aimutil_get32(data+i);
582 i += 4;
583 disconnect = aimutil_get32(data+i);
584 i += 4;
585 currentavg = aimutil_get32(data+i);
586 i += 4;
587 maxavg = aimutil_get32(data+i);
588 i += 4;
589
590 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
591 return userfunc(sess, rx, code, rateclass, windowsize, clear, alert, limit, disconnect, currentavg, maxavg);
592
593 return 0;
594}
595
596/* XXX parse this */
597static int selfinfo(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
598{
599 rxcallback_t userfunc;
600
601 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
602 return userfunc(sess, rx);
603
604 return 0;
605}
606
607static int evilnotify(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
608{
609 rxcallback_t userfunc = NULL;
610 int i = 0;
611 unsigned short newevil;
612 struct aim_userinfo_s userinfo;
613
614 newevil = aimutil_get16(data);
615 i += 2;
616
617 memset(&userinfo, 0, sizeof(struct aim_userinfo_s));
618
619 if (datalen-i)
620 i += aim_extractuserinfo(sess, data+i, &userinfo);
621
622 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
623 return userfunc(sess, rx, newevil, &userinfo);
624
625 return 0;
626}
627
628static int motd(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
629{
630 rxcallback_t userfunc;
631 char *msg = NULL;
632 int ret = 0;
633 struct aim_tlvlist_t *tlvlist;
634 unsigned short id;
635
636 /*
637 * Code.
638 *
639 * Valid values:
640 * 1 Mandatory upgrade
641 * 2 Advisory upgrade
642 * 3 System bulletin
643 * 4 Nothing's wrong ("top o the world" -- normal)
644 *
645 */
646 id = aimutil_get16(data);
647
648 /*
649 * TLVs follow
650 */
651 if ((tlvlist = aim_readtlvchain(data+2, datalen-2)))
652 msg = aim_gettlv_str(tlvlist, 0x000b, 1);
653
654 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
655 ret = userfunc(sess, rx, id, msg);
656
657 free(msg);
658
659 aim_freetlvchain(&tlvlist);
660
661 return ret;
662}
663
664static int hostversions(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
665{
666 rxcallback_t userfunc;
667 int vercount;
668
669 vercount = datalen/4;
670
671 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
672 return userfunc(sess, rx, vercount, data);
673
674 return 0;
675}
b1eac25a 676
d32954e7 677/*
b1eac25a 678 * Starting this past week (26 Mar 2001, say), AOL has started sending
679 * this nice little extra SNAC. AFAIK, it has never been used until now.
680 *
681 * The request contains eight bytes. The first four are an offset, the
682 * second four are a length.
d32954e7 683 *
b1eac25a 684 * The offset is an offset into aim.exe when it is mapped during execution
685 * on Win32. So far, AOL has only been requesting bytes in static regions
686 * of memory. (I won't put it past them to start requesting data in
687 * less static regions -- regions that are initialized at run time, but still
688 * before the client recieves this request.)
689 *
690 * When the client recieves the request, it adds it to the current ds
691 * (0x00400000) and dereferences it, copying the data into a buffer which
692 * it then runs directly through the MD5 hasher. The 16 byte output of
693 * the hash is then sent back to the server.
694 *
695 * If the client does not send any data back, or the data does not match
696 * the data that the specific client should have, the client will get the
697 * following message from "AOL Instant Messenger":
698 * "You have been disconnected from the AOL Instant Message Service (SM)
699 * for accessing the AOL network using unauthorized software. You can
700 * download a FREE, fully featured, and authorized client, here
701 * http://www.aol.com/aim/download2.html"
702 * The connection is then closed, recieving disconnect code 1, URL
703 * http://www.aim.aol.com/errors/USER_LOGGED_OFF_NEW_LOGIN.html.
704 *
705 * Note, however, that numerous inconsistencies can cause the above error,
706 * not just sending back a bad hash. Do not immediatly suspect this code
707 * if you get disconnected. AOL and the open/free software community have
708 * played this game for a couple years now, generating the above message
709 * on numerous ocassions.
710 *
711 * Anyway, neener. We win again.
d32954e7 712 *
713 */
714static int memrequest(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
715{
b1eac25a 716 rxcallback_t userfunc;
717 unsigned long offset, len;
718
719 offset = aimutil_get32(data);
720 len = aimutil_get32(data+4);
721
722 faimdprintf(sess, 1, "data at 0x%08lx (%d bytes) requested\n", offset, len);
723
724 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
725 return userfunc(sess, rx, offset, len);
726
727 return 0;
728}
729
730faim_export int aim_sendmemblock(struct aim_session_t *sess, struct aim_conn_t *conn, unsigned long offset, unsigned long len, const unsigned char *buf)
731{
732 struct command_tx_struct *tx;
733 int i = 0;
734
735 if (!sess || !conn || ((offset == 0) && !buf))
736 return 0;
737
738 if (!(tx = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+2+16)))
739 return -1;
740
741 tx->lock = 1;
742
743 i = aim_putsnac(tx->data, 0x0001, 0x0020, 0x0000, sess->snac_nextid++);
744 i += aimutil_put16(tx->data+i, 0x0010); /* md5 is always 16 bytes */
745
746 if (buf && (len > 0)) { /* use input buffer */
747 md5_state_t state;
748
749 md5_init(&state);
750 md5_append(&state, (const md5_byte_t *)buf, len);
751 md5_finish(&state, (md5_byte_t *)(tx->data+i));
752 i += 0x10;
753
754 } else {
755
756 if ((offset != 0x00001004) || (len != 0x00000004))
757 faimdprintf(sess, 0, "sendmemblock: WARNING: sending bad hash... you will be disconnected soon...\n");
758
759 /*
760 * This data is correct for AIM 3.5.1670, offset 0x1004, length 4
761 *
762 * Using this block is as close to "legal" as you can get without
763 * using an AIM binary.
764 */
765 i += aimutil_put32(tx->data+i, 0x92bd6757);
766 i += aimutil_put32(tx->data+i, 0x3722cbd3);
767 i += aimutil_put32(tx->data+i, 0x2b048ab9);
768 i += aimutil_put32(tx->data+i, 0xd0b1e4ab);
769
770 }
771
772 tx->commandlen = i;
773 tx->lock = 0;
774 aim_tx_enqueue(sess, tx);
775
776 return 0;
d32954e7 777}
00ef5271 778
779static int snachandler(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
780{
781
782 if (snac->subtype == 0x0003)
783 return hostonline(sess, mod, rx, snac, data, datalen);
784 else if (snac->subtype == 0x0005)
785 return redirect(sess, mod, rx, snac, data, datalen);
786 else if (snac->subtype == 0x0007)
787 return rateresp(sess, mod, rx, snac, data, datalen);
788 else if (snac->subtype == 0x000a)
789 return ratechange(sess, mod, rx, snac, data, datalen);
790 else if (snac->subtype == 0x000f)
791 return selfinfo(sess, mod, rx, snac, data, datalen);
792 else if (snac->subtype == 0x0010)
793 return evilnotify(sess, mod, rx, snac, data, datalen);
794 else if (snac->subtype == 0x0013)
795 return motd(sess, mod, rx, snac, data, datalen);
796 else if (snac->subtype == 0x0018)
797 return hostversions(sess, mod, rx, snac, data, datalen);
d32954e7 798 else if (snac->subtype == 0x001f)
799 return memrequest(sess, mod, rx, snac, data, datalen);
00ef5271 800
801 return 0;
802}
803
804faim_internal int general_modfirst(struct aim_session_t *sess, aim_module_t *mod)
805{
806
807 mod->family = 0x0001;
808 mod->version = 0x0000;
809 mod->flags = 0;
810 strncpy(mod->name, "general", sizeof(mod->name));
811 mod->snachandler = snachandler;
812
813 return 0;
814}
git-cvsimport mirror of libfaim
This page took 1.137973 seconds and 5 git commands to generate.