4 * This contains all the functions needed to actually login.
13 static int aim_encode_password(const char *password, unsigned char *encoded);
15 faim_export int aim_sendconnack(struct aim_session_t *sess,
16 struct aim_conn_t *conn)
20 struct command_tx_struct *newpacket;
22 if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0001, 4)))
27 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0000);
28 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0001);
31 return aim_tx_enqueue(sess, newpacket);
35 * In AIM 3.5 protocol, the first stage of login is to request
36 * login from the Authorizer, passing it the screen name
37 * for verification. If the name is invalid, a 0017/0003
38 * is spit back, with the standard error contents. If valid,
39 * a 0017/0007 comes back, which is the signal to send
40 * it the main login command (0017/0002).
42 faim_export int aim_request_login(struct aim_session_t *sess,
43 struct aim_conn_t *conn,
47 struct command_tx_struct *newpacket;
49 if (!sess || !conn || !sn)
53 * For ICQ, we enable the ancient horrible login and stuff
54 * a key packet into the queue to make it look like we got
55 * a reply back. This is so the client doesn't know we're
56 * really not doing MD5 login.
58 * This may sound stupid, but I'm not in the best of moods and
59 * I don't plan to keep support for this crap around much longer.
60 * Its all AOL's fault anyway, really. I hate AOL. Really. They
61 * always seem to be able to piss me off by doing the dumbest little
62 * things. Like disabling MD5 logins for ICQ UINs, or adding purposefully
63 * wrong TLV lengths, or adding superfluous information to host strings,
67 if ((sn[0] >= '0') && (sn[0] <= '9')) {
68 struct command_rx_struct *newrx;
71 if (!(newrx = (struct command_rx_struct *)malloc(sizeof(struct command_rx_struct))))
73 memset(newrx, 0x00, sizeof(struct command_rx_struct));
75 newrx->hdrtype = AIM_FRAMETYPE_OSCAR;
76 newrx->hdr.oscar.type = 0x02;
77 newrx->hdr.oscar.seqnum = 0;
78 newrx->commandlen = 10+2+1;
80 if (!(newrx->data = malloc(newrx->commandlen))) {
85 i = aim_putsnac(newrx->data, 0x0017, 0x0007, 0x0000, 0x0000);
86 i += aimutil_put16(newrx->data+i, 0x01);
87 i += aimutil_putstr(newrx->data+i, "0", 1);
91 newrx->next = sess->queue_incoming;
92 sess->queue_incoming = newrx;
96 sess->flags &= ~AIM_SESS_FLAGS_SNACLOGIN;
101 sess->flags |= AIM_SESS_FLAGS_SNACLOGIN;
103 aim_sendconnack(sess, conn);
105 if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+2+2+strlen(sn))))
110 curbyte = aim_putsnac(newpacket->data, 0x0017, 0x0006, 0x0000, 0x00010000);
111 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0001, strlen(sn), sn);
113 newpacket->commandlen = curbyte;
116 return aim_tx_enqueue(sess, newpacket);
120 * send_login(int socket, char *sn, char *password)
122 * This is the initial login request packet.
124 * The password is encoded before transmition, as per
125 * encode_password(). See that function for their
126 * stupid method of doing it.
129 * clientstring = "AOL Instant Messenger (SM), version 4.3.2188/WIN32"
135 * unknown = 0x00000086
140 * Latest WinAIM that libfaim can emulate without server-side buddylists:
141 * clientstring = "AOL Instant Messenger (SM), version 3.5.1670/WIN32"
147 * unknown =0x0000002a
150 faim_export int aim_send_login (struct aim_session_t *sess,
151 struct aim_conn_t *conn,
152 char *sn, char *password,
153 struct client_info_s *clientinfo,
157 struct command_tx_struct *newpacket;
159 if (!clientinfo || !sn || !password)
162 if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 1152)))
167 newpacket->hdr.oscar.type = (sess->flags & AIM_SESS_FLAGS_SNACLOGIN)?0x02:0x01;
169 if (sess->flags & AIM_SESS_FLAGS_SNACLOGIN)
170 curbyte = aim_putsnac(newpacket->data, 0x0017, 0x0002, 0x0000, 0x00010000);
172 curbyte = aimutil_put16(newpacket->data, 0x0000);
173 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0001);
176 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0001, strlen(sn), sn);
178 if (sess->flags & AIM_SESS_FLAGS_SNACLOGIN) {
179 unsigned char digest[16];
181 aim_encode_password_md5(password, key, digest);
182 curbyte+= aim_puttlv_str(newpacket->data+curbyte, 0x0025, 16, (char *)digest);
184 char *password_encoded;
186 password_encoded = (char *) malloc(strlen(password));
187 aim_encode_password(password, password_encoded);
188 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0002, strlen(password), password_encoded);
189 free(password_encoded);
192 /* XXX is clientstring required by oscar? */
193 if (strlen(clientinfo->clientstring))
194 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x0003, strlen(clientinfo->clientstring), clientinfo->clientstring);
196 if (sess->flags & AIM_SESS_FLAGS_SNACLOGIN) {
198 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0016, (unsigned short)clientinfo->major2);
199 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0017, (unsigned short)clientinfo->major);
200 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0018, (unsigned short)clientinfo->minor);
201 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0019, (unsigned short)clientinfo->minor2);
202 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x001a, (unsigned short)clientinfo->build);
204 curbyte += aim_puttlv_32(newpacket->data+curbyte, 0x0014, clientinfo->unknown);
205 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0009, 0x0015);
208 /* Use very specific version numbers, to further indicate the hack. */
209 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0016, 0x010a);
210 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0017, 0x0004);
211 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0018, 0x003c);
212 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0019, 0x0001);
213 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x001a, 0x0cce);
214 curbyte += aim_puttlv_32(newpacket->data+curbyte, 0x0014, 0x00000055);
217 if (strlen(clientinfo->country))
218 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x000f, strlen(clientinfo->country), clientinfo->country);
220 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x000f, 2, "us");
222 if (strlen(clientinfo->lang))
223 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x000e, strlen(clientinfo->lang), clientinfo->lang);
225 curbyte += aim_puttlv_str(newpacket->data+curbyte, 0x000e, 2, "en");
227 newpacket->commandlen = curbyte;
230 return aim_tx_enqueue(sess, newpacket);
233 faim_export int aim_encode_password_md5(const char *password, const char *key, unsigned char *digest)
238 md5_append(&state, (const md5_byte_t *)key, strlen(key));
239 md5_append(&state, (const md5_byte_t *)password, strlen(password));
240 md5_append(&state, (const md5_byte_t *)AIM_MD5_STRING, strlen(AIM_MD5_STRING));
241 md5_finish(&state, (md5_byte_t *)digest);
247 * aim_encode_password - Encode a password using old XOR method
248 * @password: incoming password
249 * @encoded: buffer to put encoded password
251 * This takes a const pointer to a (null terminated) string
252 * containing the unencoded password. It also gets passed
253 * an already allocated buffer to store the encoded password.
254 * This buffer should be the exact length of the password without
255 * the null. The encoded password buffer /is not %NULL terminated/.
257 * The encoding_table seems to be a fixed set of values. We'll
258 * hope it doesn't change over time!
260 * This is only used for the XOR method, not the better MD5 method.
263 static int aim_encode_password(const char *password, unsigned char *encoded)
265 u_char encoding_table[] = {
266 #if 0 /* old v1 table */
267 0xf3, 0xb3, 0x6c, 0x99,
268 0x95, 0x3f, 0xac, 0xb6,
269 0xc5, 0xfa, 0x6b, 0x63,
270 0x69, 0x6c, 0xc3, 0x9f
271 #else /* v2.1 table, also works for ICQ */
272 0xf3, 0x26, 0x81, 0xc4,
273 0x39, 0x86, 0xdb, 0x92,
274 0x71, 0xa3, 0xb9, 0xe6,
275 0x53, 0x7a, 0x95, 0x7c
281 for (i = 0; i < strlen(password); i++)
282 encoded[i] = (password[i] ^ encoding_table[i]);
288 * Generate an authorization response.
290 * You probably don't want this unless you're writing an AIM server.
293 faim_export unsigned long aim_sendauthresp(struct aim_session_t *sess,
294 struct aim_conn_t *conn,
295 char *sn, int errorcode,
296 char *errorurl, char *bosip,
297 char *cookie, char *email,
300 struct command_tx_struct *tx;
301 struct aim_tlvlist_t *tlvlist = NULL;
303 if (!(tx = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0004, 1152)))
309 aim_addtlvtochain_str(&tlvlist, 0x0001, sn, strlen(sn));
311 aim_addtlvtochain_str(&tlvlist, 0x0001, sess->sn, strlen(sess->sn));
314 aim_addtlvtochain16(&tlvlist, 0x0008, errorcode);
315 aim_addtlvtochain_str(&tlvlist, 0x0004, errorurl, strlen(errorurl));
317 aim_addtlvtochain_str(&tlvlist, 0x0005, bosip, strlen(bosip));
318 aim_addtlvtochain_str(&tlvlist, 0x0006, cookie, AIM_COOKIELEN);
319 aim_addtlvtochain_str(&tlvlist, 0x0011, email, strlen(email));
320 aim_addtlvtochain16(&tlvlist, 0x0013, (unsigned short)regstatus);
323 tx->commandlen = aim_writetlvchain(tx->data, tx->commandlen, &tlvlist);
326 return aim_tx_enqueue(sess, tx);
330 * Generate a random cookie. (Non-client use only)
332 faim_export int aim_gencookie(unsigned char *buf)
338 for (i=0; i < AIM_COOKIELEN; i++)
339 buf[i] = 1+(int) (256.0*rand()/(RAND_MAX+0.0));
345 * Send Server Ready. (Non-client)
347 faim_export int aim_sendserverready(struct aim_session_t *sess, struct aim_conn_t *conn)
349 struct command_tx_struct *tx;
352 if (!(tx = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+0x22)))
357 i += aim_putsnac(tx->data, 0x0001, 0x0003, 0x0000, sess->snac_nextid++);
359 i += aimutil_put16(tx->data+i, 0x0001);
360 i += aimutil_put16(tx->data+i, 0x0002);
361 i += aimutil_put16(tx->data+i, 0x0003);
362 i += aimutil_put16(tx->data+i, 0x0004);
363 i += aimutil_put16(tx->data+i, 0x0006);
364 i += aimutil_put16(tx->data+i, 0x0008);
365 i += aimutil_put16(tx->data+i, 0x0009);
366 i += aimutil_put16(tx->data+i, 0x000a);
367 i += aimutil_put16(tx->data+i, 0x000b);
368 i += aimutil_put16(tx->data+i, 0x000c);
369 i += aimutil_put16(tx->data+i, 0x0013);
370 i += aimutil_put16(tx->data+i, 0x0015);
374 return aim_tx_enqueue(sess, tx);
379 * Send service redirect. (Non-Client)
381 faim_export unsigned long aim_sendredirect(struct aim_session_t *sess,
382 struct aim_conn_t *conn,
383 unsigned short servid,
387 struct command_tx_struct *tx;
388 struct aim_tlvlist_t *tlvlist = NULL;
391 if (!(tx = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 1152)))
396 i += aim_putsnac(tx->data+i, 0x0001, 0x0005, 0x0000, 0x00000000);
398 aim_addtlvtochain16(&tlvlist, 0x000d, servid);
399 aim_addtlvtochain_str(&tlvlist, 0x0005, ip, strlen(ip));
400 aim_addtlvtochain_str(&tlvlist, 0x0006, cookie, AIM_COOKIELEN);
402 tx->commandlen = aim_writetlvchain(tx->data+i, tx->commandlen-i, &tlvlist)+i;
403 aim_freetlvchain(&tlvlist);
406 return aim_tx_enqueue(sess, tx);
410 static int hostonline(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
412 rxcallback_t userfunc;
414 unsigned short *families;
417 famcount = datalen/2;
419 if (!(families = malloc(datalen)))
422 for (i = 0; i < famcount; i++)
423 families[i] = aimutil_get16(data+(i*2));
425 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
426 ret = userfunc(sess, rx, famcount, families);
433 static int redirect(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
436 unsigned char *cookie;
438 rxcallback_t userfunc;
439 struct aim_tlvlist_t *tlvlist;
440 char *chathack = NULL;
444 tlvlist = aim_readtlvchain(data, datalen);
446 if (!aim_gettlv(tlvlist, 0x000d, 1) ||
447 !aim_gettlv(tlvlist, 0x0005, 1) ||
448 !aim_gettlv(tlvlist, 0x0006, 1)) {
449 aim_freetlvchain(&tlvlist);
453 serviceid = aim_gettlv16(tlvlist, 0x000d, 1);
454 ip = aim_gettlv_str(tlvlist, 0x0005, 1);
455 cookie = aim_gettlv_str(tlvlist, 0x0006, 1);
461 if ((serviceid == AIM_CONN_TYPE_CHAT) && sess->pendingjoin) {
462 chathack = sess->pendingjoin;
463 chathackex = sess->pendingjoinexchange;
464 sess->pendingjoin = NULL;
465 sess->pendingjoinexchange = 0;
468 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
469 ret = userfunc(sess, rx, serviceid, ip, cookie, chathack, chathackex);
475 aim_freetlvchain(&tlvlist);
481 * The Rate Limiting System, An Abridged Guide to Nonsense.
483 * OSCAR defines several 'rate classes'. Each class has seperate
484 * rate limiting properties (limit level, alert level, disconnect
485 * level, etc), and a set of SNAC family/type pairs associated with
486 * it. The rate classes, their limiting properties, and the definitions
487 * of which SNACs are belong to which class, are defined in the
488 * Rate Response packet at login to each host.
490 * Logically, all rate offenses within one class count against further
491 * offenses for other SNACs in the same class (ie, sending messages
492 * too fast will limit the number of user info requests you can send,
493 * since those two SNACs are in the same rate class).
495 * Since the rate classes are defined dynamically at login, the values
496 * below may change. But they seem to be fairly constant.
498 * Currently, BOS defines five rate classes, with the commonly used
499 * members as follows...
502 * - Everything thats not in any of the other classes
505 * - Buddy list add/remove
506 * - Permit list add/remove
507 * - Deny list add/remove
510 * - User information requests
514 * - A few unknowns: 2/9, 2/b, and f/2
518 * - Outgoing chat ICBMs
520 * The only other thing of note is that class 5 (chat) has slightly looser
521 * limiting properties than class 3 (normal messages). But thats just a
522 * small bit of trivia for you.
524 * The last thing that needs to be learned about the rate limiting
525 * system is how the actual numbers relate to the passing of time. This
526 * seems to be a big mystery.
531 static int rateresp(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
533 rxcallback_t userfunc;
535 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
536 return userfunc(sess, rx);
541 static int ratechange(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
543 rxcallback_t userfunc;
545 unsigned long currentavg, maxavg;
546 unsigned long rateclass, windowsize, clear, alert, limit, disconnect;
548 code = aimutil_get16(data+i);
551 rateclass = aimutil_get16(data+i);
554 windowsize = aimutil_get32(data+i);
556 clear = aimutil_get32(data+i);
558 alert = aimutil_get32(data+i);
560 limit = aimutil_get32(data+i);
562 disconnect = aimutil_get32(data+i);
564 currentavg = aimutil_get32(data+i);
566 maxavg = aimutil_get32(data+i);
569 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
570 return userfunc(sess, rx, code, rateclass, windowsize, clear, alert, limit, disconnect, currentavg, maxavg);
576 static int selfinfo(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
578 rxcallback_t userfunc;
580 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
581 return userfunc(sess, rx);
586 static int evilnotify(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
588 rxcallback_t userfunc = NULL;
590 unsigned short newevil;
591 struct aim_userinfo_s userinfo;
593 newevil = aimutil_get16(data);
596 memset(&userinfo, 0, sizeof(struct aim_userinfo_s));
599 i += aim_extractuserinfo(sess, data+i, &userinfo);
601 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
602 return userfunc(sess, rx, newevil, &userinfo);
607 static int motd(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
609 rxcallback_t userfunc;
612 struct aim_tlvlist_t *tlvlist;
619 * 1 Mandatory upgrade
622 * 4 Nothing's wrong ("top o the world" -- normal)
625 id = aimutil_get16(data);
630 if ((tlvlist = aim_readtlvchain(data+2, datalen-2)))
631 msg = aim_gettlv_str(tlvlist, 0x000b, 1);
633 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
634 ret = userfunc(sess, rx, id, msg);
638 aim_freetlvchain(&tlvlist);
643 static int hostversions(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
645 rxcallback_t userfunc;
648 vercount = datalen/4;
650 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
651 return userfunc(sess, rx, vercount, data);
656 static int snachandler(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
659 if (snac->subtype == 0x0003)
660 return hostonline(sess, mod, rx, snac, data, datalen);
661 else if (snac->subtype == 0x0005)
662 return redirect(sess, mod, rx, snac, data, datalen);
663 else if (snac->subtype == 0x0007)
664 return rateresp(sess, mod, rx, snac, data, datalen);
665 else if (snac->subtype == 0x000a)
666 return ratechange(sess, mod, rx, snac, data, datalen);
667 else if (snac->subtype == 0x000f)
668 return selfinfo(sess, mod, rx, snac, data, datalen);
669 else if (snac->subtype == 0x0010)
670 return evilnotify(sess, mod, rx, snac, data, datalen);
671 else if (snac->subtype == 0x0013)
672 return motd(sess, mod, rx, snac, data, datalen);
673 else if (snac->subtype == 0x0018)
674 return hostversions(sess, mod, rx, snac, data, datalen);
679 faim_internal int general_modfirst(struct aim_session_t *sess, aim_module_t *mod)
682 mod->family = 0x0001;
683 mod->version = 0x0000;
685 strncpy(mod->name, "general", sizeof(mod->name));
686 mod->snachandler = snachandler;