4 * The routines for sending/receiving Instant Messages.
12 * Takes a msghdr (and a length) and returns a client type
13 * code. Note that this is *only a guess* and has a low likelihood
14 * of actually being accurate.
16 * Its based on experimental data, with the help of Eric Warmenhoven
17 * who seems to have collected a wide variety of different AIM clients.
20 * Heres the current collection:
21 * 0501 0003 0101 0101 01 AOL Mobile Communicator, WinAIM 1.0.414
22 * 0501 0003 0101 0201 01 WinAIM 2.0.847, 2.1.1187, 3.0.1464,
24 * 0501 0004 0101 0102 0101 WinAIM 4.1.2010, libfaim (right here)
25 * 0501 0001 0101 01 AOL v6.0, CompuServe 2000 v6.0, any
28 faim_export unsigned short aim_fingerprintclient(unsigned char *msghdr, int len)
31 unsigned short clientid;
33 unsigned char data[10];
35 /* AOL Mobile Communicator, WinAIM 1.0.414 */
37 9, {0x05, 0x01, 0x00, 0x03, 0x01, 0x01, 0x01, 0x01, 0x01}},
39 /* WinAIM 2.0.847, 2.1.1187, 3.0.1464, 4.3.2229, 4.4.2286 */
40 { AIM_CLIENTTYPE_WINAIM,
41 9, {0x05, 0x01, 0x00, 0x03, 0x01, 0x01, 0x02, 0x01, 0x01}},
43 /* WinAIM 4.1.2010, libfaim */
44 { AIM_CLIENTTYPE_WINAIM41,
45 10, {0x05, 0x01, 0x00, 0x04, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01}},
47 /* AOL v6.0, CompuServe 2000 v6.0, any TOC client */
48 { AIM_CLIENTTYPE_AOL_TOC,
49 7, {0x05, 0x01, 0x00, 0x01, 0x01, 0x01, 0x01}},
55 if (!msghdr || (len <= 0))
58 for (i = 0; fingerprints[i].len; i++) {
59 if (fingerprints[i].len != len)
61 if (memcmp(fingerprints[i].data, msghdr, fingerprints[i].len) == 0)
62 return fingerprints[i].clientid;
65 return AIM_CLIENTTYPE_UNKNOWN;
68 /* This should be endian-safe now... but who knows... */
69 faim_export unsigned short aim_iconsum(const unsigned char *buf, int buflen)
74 for (i = 0, sum = 0; i < buflen; i += 2)
75 sum += (buf[i+1] << 8) + buf[i];
77 sum = ((sum & 0xffff0000) >> 16) + (sum & 0x0000ffff);
83 * Send an ICBM (instant message).
87 * AIM_IMFLAGS_AWAY -- Marks the message as an autoresponse
88 * AIM_IMFLAGS_ACK -- Requests that the server send an ack
89 * when the message is received (of type 0x0004/0x000c)
90 * AIM_IMFLAGS_UNICODE--Instead of ASCII7, the passed message is
91 * made up of UNICODE duples. If you set
92 * this, you'd better be damn sure you know
94 * AIM_IMFLAGS_ISO_8859_1 -- The message contains the ASCII8 subset
95 * known as ISO-8859-1.
97 * Generally, you should use the lowest encoding possible to send
98 * your message. If you only use basic punctuation and the generic
99 * Latin alphabet, use ASCII7 (no flags). If you happen to use non-ASCII7
100 * characters, but they are all clearly defined in ISO-8859-1, then
101 * use that. Keep in mind that not all characters in the PC ASCII8
102 * character set are defined in the ISO standard. For those cases (most
103 * notably when the (r) symbol is used), you must use the full UNICODE
104 * encoding for your message. In UNICODE mode, _all_ characters must
105 * occupy 16bits, including ones that are not special. (Remember that
106 * the first 128 UNICODE symbols are equivelent to ASCII7, however they
107 * must be prefixed with a zero high order byte.)
109 * I strongly discourage the use of UNICODE mode, mainly because none
110 * of the clients I use can parse those messages (and besides that,
111 * wchars are difficult and non-portable to handle in most UNIX environments).
112 * If you really need to include special characters, use the HTML UNICODE
113 * entities. These are of the form ߪ where 2026 is the hex
114 * representation of the UNICODE index (in this case, UNICODE
115 * "Horizontal Ellipsis", or 133 in in ASCII8).
118 faim_export int aim_send_im_ext(struct aim_session_t *sess, struct aim_conn_t *conn, struct aim_sendimext_args *args)
121 struct command_tx_struct *newpacket;
123 if (!sess || !conn || !args)
126 if (!args->msg || (args->msglen <= 0))
129 if (args->msglen >= MAXMSGLEN)
132 if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, args->msglen+512)))
135 newpacket->lock = 1; /* lock struct */
138 curbyte += aim_putsnac(newpacket->data+curbyte,
139 0x0004, 0x0006, 0x0000, sess->snac_nextid);
142 * Generate a random message cookie
144 * We could cache these like we do SNAC IDs. (In fact, it
145 * might be a good idea.) In the message error functions,
146 * the 8byte message cookie is returned as well as the
150 for (i = 0; i < 8; i++) {
151 curbyte += aimutil_put8(newpacket->data+curbyte,
152 (unsigned char) rand());
158 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0001);
161 * Destination SN (prepended with byte length)
163 curbyte += aimutil_put8(newpacket->data+curbyte, strlen(args->destsn));
164 curbyte += aimutil_putstr(newpacket->data+curbyte,
165 args->destsn, strlen(args->destsn));
170 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0002);
171 curbyte += aimutil_put16(newpacket->data+curbyte, args->msglen + 0x10);
174 * Flag data / ICBM Parameters?
176 * I don't know what these are...
179 curbyte += aimutil_put8(newpacket->data+curbyte, 0x05);
180 curbyte += aimutil_put8(newpacket->data+curbyte, 0x01);
182 /* number of bytes to follow */
183 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0004);
184 curbyte += aimutil_put8(newpacket->data+curbyte, 0x01);
185 curbyte += aimutil_put8(newpacket->data+curbyte, 0x01);
186 curbyte += aimutil_put8(newpacket->data+curbyte, 0x01);
187 curbyte += aimutil_put8(newpacket->data+curbyte, 0x02);
189 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0101);
192 * Message block length.
194 curbyte += aimutil_put16(newpacket->data+curbyte, args->msglen + 0x04);
199 if (args->flags & AIM_IMFLAGS_UNICODE)
200 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0002);
201 else if (args->flags & AIM_IMFLAGS_ISO_8859_1)
202 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0003);
204 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0000);
206 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0000);
209 * Message. Not terminated.
211 curbyte += aimutil_putstr(newpacket->data+curbyte,
212 args->msg, args->msglen);
215 * Set the Request Acknowledge flag.
217 if (args->flags & AIM_IMFLAGS_ACK) {
218 curbyte += aimutil_put16(newpacket->data+curbyte,0x0003);
219 curbyte += aimutil_put16(newpacket->data+curbyte,0x0000);
223 * Set the Autoresponse flag.
225 if (args->flags & AIM_IMFLAGS_AWAY) {
226 curbyte += aimutil_put16(newpacket->data+curbyte,0x0004);
227 curbyte += aimutil_put16(newpacket->data+curbyte,0x0000);
231 * Set the Buddy Icon Requested flag.
233 if (args->flags & AIM_IMFLAGS_BUDDYREQ) {
234 curbyte += aimutil_put16(newpacket->data+curbyte,0x0009);
235 curbyte += aimutil_put16(newpacket->data+curbyte,0x0000);
239 * Set the I HAVE A REALLY PURTY ICON flag (with timestamp).
241 if (args->flags & AIM_IMFLAGS_HASICON) {
242 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0008);
243 curbyte += aimutil_put16(newpacket->data+curbyte, 0x000c);
244 curbyte += aimutil_put32(newpacket->data+curbyte, args->iconlen);
245 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0001);
246 curbyte += aimutil_put16(newpacket->data+curbyte, args->iconsum);
247 curbyte += aimutil_put32(newpacket->data+curbyte, args->iconstamp);
250 newpacket->commandlen = curbyte;
253 aim_tx_enqueue(sess, newpacket);
255 #if 1 /* XXX do this with autoconf or something... */
256 aim_cachesnac(sess, 0x0004, 0x0006, 0x0000, args->destsn, strlen(args->destsn)+1);
257 aim_cleansnacs(sess, 60); /* clean out all SNACs over 60sec old */
264 * Simple wrapper for aim_send_im_ext()
266 * You cannot use aim_send_im if you need the HASICON flag. You must
267 * use aim_send_im_ext directly for that.
269 * aim_send_im also cannot be used if you require UNICODE messages, because
270 * that requires an explicit message length. Use aim_send_im_ext().
273 faim_export int aim_send_im(struct aim_session_t *sess, struct aim_conn_t *conn, const char *destsn, unsigned short flags, const char *msg)
275 struct aim_sendimext_args args;
277 args.destsn = destsn;
280 args.msglen = strlen(msg);
282 return aim_send_im_ext(sess, conn, &args);
285 faim_export int aim_send_icon(struct aim_session_t *sess, struct aim_conn_t *conn, const char *sn, const unsigned char *icon, int iconlen, time_t stamp, unsigned short iconsum)
287 struct command_tx_struct *np;
291 if (!sess || !conn || !sn || !icon || (iconlen <= 0) || (iconlen >= MAXICONLEN))
294 if (conn->type != AIM_CONN_TYPE_BOS)
297 for (i = 0, curbyte = 0; i < 8; i++)
298 curbyte += aimutil_put8(ck+curbyte, (u_char)rand());
300 if (!(np = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+8+2+1+strlen(sn)+2+2+2+8+16+2+2+2+2+2+2+2+4+4+4+iconlen+strlen(AIM_ICONIDENT)+2+2)))
305 curbyte = aim_putsnac(np->data, 0x0004, 0x0006, 0x0000, sess->snac_nextid);
310 memcpy(np->data+curbyte, ck, 8);
316 curbyte += aimutil_put16(np->data+curbyte, 0x0002);
321 curbyte += aimutil_put8(np->data+curbyte, strlen(sn));
322 curbyte += aimutil_putstr(np->data+curbyte, sn, strlen(sn));
327 curbyte += aimutil_put16(np->data+curbyte, 0x0005);
328 curbyte += aimutil_put16(np->data+curbyte, 2+8+16+6+4+4+iconlen+4+4+4+strlen(AIM_ICONIDENT));
330 curbyte += aimutil_put16(np->data+curbyte, 0x0000);
332 memcpy(np->data+curbyte, ck, 8);
335 curbyte += aim_putcap(np->data+curbyte, 16, AIM_CAPS_BUDDYICON);
338 curbyte += aimutil_put16(np->data+curbyte, 0x000a);
339 curbyte += aimutil_put16(np->data+curbyte, 0x0002);
340 curbyte += aimutil_put16(np->data+curbyte, 0x0001);
343 curbyte += aimutil_put16(np->data+curbyte, 0x000f);
344 curbyte += aimutil_put16(np->data+curbyte, 0x0000);
347 curbyte += aimutil_put16(np->data+curbyte, 0x2711);
348 curbyte += aimutil_put16(np->data+curbyte, 4+4+4+iconlen+strlen(AIM_ICONIDENT));
349 curbyte += aimutil_put16(np->data+curbyte, 0x0000);
350 curbyte += aimutil_put16(np->data+curbyte, iconsum);
351 curbyte += aimutil_put32(np->data+curbyte, iconlen);
352 curbyte += aimutil_put32(np->data+curbyte, stamp);
353 memcpy(np->data+curbyte, icon, iconlen);
355 memcpy(np->data+curbyte, AIM_ICONIDENT, strlen(AIM_ICONIDENT));
356 curbyte += strlen(AIM_ICONIDENT);
359 curbyte += aimutil_put16(np->data+curbyte, 0x0003);
360 curbyte += aimutil_put16(np->data+curbyte, 0x0000);
362 np->commandlen = curbyte;
364 aim_tx_enqueue(sess, np);
369 static int outgoingim(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
371 unsigned int i, ret = 0;
372 aim_rxcallback_t userfunc;
373 unsigned char cookie[8];
375 struct aim_tlvlist_t *tlvlist;
377 unsigned short icbmflags = 0;
378 unsigned char flag1 = 0, flag2 = 0;
379 unsigned char *msgblock = NULL, *msg = NULL;
382 for (i = 0; i < 8; i++)
383 cookie[i] = aimutil_get8(data+i);
386 channel = aimutil_get16(data+i);
389 if (channel != 0x01) {
390 faimdprintf(sess, 0, "icbm: ICBM recieved on unsupported channel. Ignoring. (chan = %04x)\n", channel);
394 strncpy(sn, (char *) data+i+1, (int) *(data+i));
395 i += 1 + (int) *(data+i);
397 tlvlist = aim_readtlvchain(data+i, datalen-i);
399 if (aim_gettlv(tlvlist, 0x0003, 1))
400 icbmflags |= AIM_IMFLAGS_ACK;
401 if (aim_gettlv(tlvlist, 0x0004, 1))
402 icbmflags |= AIM_IMFLAGS_AWAY;
404 if (aim_gettlv(tlvlist, 0x0002, 1)) {
407 msgblock = (unsigned char *)aim_gettlv_str(tlvlist, 0x0002, 1);
409 /* no, this really is correct. I'm not high or anything either. */
411 j += 2 + aimutil_get16(msgblock+j);
414 j += 2; /* final block length */
416 flag1 = aimutil_get16(msgblock);
418 flag2 = aimutil_get16(msgblock);
424 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
425 ret = userfunc(sess, rx, channel, sn, msg, icbmflags, flag1, flag2);
429 aim_freetlvchain(&tlvlist);
434 static int incomingim_ch1(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned short channel, struct aim_userinfo_s *userinfo, unsigned char *data, int datalen, unsigned char *cookie)
436 unsigned short type, length;
437 aim_rxcallback_t userfunc;
439 struct aim_incomingim_ch1_args args;
441 memset(&args, 0, sizeof(args));
444 * This used to be done using tlvchains. For performance reasons,
445 * I've changed it to process the TLVs in-place. This avoids lots
446 * of per-IM memory allocations.
448 for (i = 0; i < datalen; ) {
450 type = aimutil_get16(data+i);
453 length = aimutil_get16(data+i);
456 if (type == 0x0002) { /* Message Block */
457 unsigned short wastebits;
458 unsigned char *msgblock;
459 int j = 0, y = 0, z = 0;
464 * Extracting the message from the unknown cruft.
466 * This is a bit messy, and I'm not really qualified,
467 * even as the author, to comment on it. At least
468 * its not as bad as a while loop shooting into
471 * "Do you believe in magic?"
475 wastebits = aimutil_get8(msgblock+j++);
476 wastebits = aimutil_get8(msgblock+j++);
478 y = aimutil_get16(msgblock+j);
480 for (z = 0; z < y; z++)
481 wastebits = aimutil_get8(msgblock+j++);
482 wastebits = aimutil_get8(msgblock+j++);
483 wastebits = aimutil_get8(msgblock+j++);
486 if (args.finlen > sizeof(args.fingerprint))
487 args.finlen = sizeof(args.fingerprint);
488 memcpy(args.fingerprint, msgblock, args.finlen);
490 /* Message string length, including flag words. */
491 args.msglen = aimutil_get16(msgblock+j);
495 args.flag1 = aimutil_get16(msgblock+j);
496 if (args.flag1 == 0x0000)
498 else if (args.flag1 == 0x0002)
499 args.icbmflags |= AIM_IMFLAGS_UNICODE;
500 else if (args.flag1 == 0x0003)
501 args.icbmflags |= AIM_IMFLAGS_ISO_8859_1;
502 else if (args.flag1 == 0xffff)
503 ; /* no encoding (yeep!) */
506 args.flag2 = aimutil_get16(msgblock+j);
507 if (args.flag2 == 0x0000)
508 ; /* standard subencoding? */
509 else if (args.flag2 == 0x000b)
510 args.icbmflags |= AIM_IMFLAGS_SUBENC_MACINTOSH;
511 else if (args.flag2 == 0xffff)
512 ; /* no subencoding */
515 if ( ((args.flag1 != 0x0000) &&
516 (args.flag1 != 0x0002) &&
517 (args.flag1 != 0x0003) &&
518 (args.flag1 != 0xffff)) ||
519 ((args.flag2 != 0x0000) &&
520 (args.flag2 != 0x000b) &&
521 (args.flag2 != 0xffff))) {
522 faimdprintf(sess, 0, "icbm: **warning: encoding flags are being used! {%04x, %04x}\n", args.flag1, args.flag2);
525 /* Message string. */
527 if (args.icbmflags & AIM_IMFLAGS_UNICODE) {
528 args.msg = malloc(args.msglen+2);
529 memcpy(args.msg, msgblock+j, args.msglen);
530 args.msg[args.msglen] = '\0'; /* wide NULL */
531 args.msg[args.msglen+1] = '\0';
533 args.msg = malloc(args.msglen+1);
534 memcpy(args.msg, msgblock+j, args.msglen);
535 args.msg[args.msglen] = '\0';
538 } else if (type == 0x0003) { /* Server Ack Requested */
540 args.icbmflags |= AIM_IMFLAGS_ACK;
542 } else if (type == 0x0004) { /* Message is Auto Response */
544 args.icbmflags |= AIM_IMFLAGS_AWAY;
546 } else if ((type == 0x0008) && (length == 0x000c)) { /* I-HAVE-A-REALLY-PURTY-ICON Flag */
548 args.iconstamp = aimutil_get32(data+i+8);
549 args.icbmflags |= AIM_IMFLAGS_HASICON;
551 } else if (type == 0x0009) {
553 args.icbmflags |= AIM_IMFLAGS_BUDDYREQ;
555 } else if (type == 0x0017) {
557 args.extdatalen = length;
558 args.extdata = data+i;
561 fprintf(stderr, "incomingim_ch1: unknown TLV 0x%04x (len %d)\n", type, length);
568 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
569 ret = userfunc(sess, rx, channel, userinfo, &args);
576 static int incomingim_ch2(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned short channel, struct aim_userinfo_s *userinfo, struct aim_tlvlist_t *tlvlist, unsigned char *cookie)
578 aim_rxcallback_t userfunc;
579 struct aim_tlv_t *block1;
580 struct aim_tlvlist_t *list2;
582 struct aim_incomingim_ch2_args args;
584 memset(&args, 0, sizeof(args));
587 * There's another block of TLVs embedded in the type 5 here.
589 block1 = aim_gettlv(tlvlist, 0x0005, 1);
590 if (!block1 || !block1->value) {
591 faimdprintf(sess, 0, "no tlv 0x0005 in rendezvous transaction!\n");
596 * First two bytes represent the status of the connection.
598 * 0 is a request, 2 is an accept
600 args.status = aimutil_get16(block1->value+0);
603 * Next comes the cookie. Should match the ICBM cookie.
605 if (memcmp(block1->value+2, cookie, 8) != 0)
606 faimdprintf(sess, 0, "rend: warning cookies don't match!\n");
609 * The next 16bytes are a capability block so we can
610 * identify what type of rendezvous this is.
612 * Thanks to Eric Warmenhoven <warmenhoven@linux.com> (of GAIM)
613 * for pointing some of this out to me. In fact, a lot of
614 * the client-to-client info comes from the work of the GAIM
615 * developers. Thanks!
617 * Read off one capability string and we should have it ID'd.
620 if ((args.reqclass = aim_getcap(sess, block1->value+2+8, 0x10)) == 0x0000) {
621 faimdprintf(sess, 0, "rend: no ID block\n");
626 * What follows may be TLVs or nothing, depending on the
627 * purpose of the message.
629 * Ack packets for instance have nothing more to them.
631 list2 = aim_readtlvchain(block1->value+2+8+16, block1->length-2-8-16);
633 if (!list2 || ((args.reqclass != AIM_CAPS_IMIMAGE) && !(aim_gettlv(list2, 0x2711, 1)))) {
634 struct aim_msgcookie_t *cook;
637 type = aim_msgcookie_gettype(args.reqclass); /* XXX: fix this shitty code */
639 if ((cook = aim_checkcookie(sess, cookie, type)) == NULL) {
640 faimdprintf(sess, 0, "non-data rendezvous thats not in cache %d/%s!\n", type, cookie);
641 aim_freetlvchain(&list2);
645 if (cook->type == AIM_COOKIETYPE_OFTGET) {
646 struct aim_filetransfer_priv *ft;
649 int errorcode = -1; /* XXX shouldnt this be 0? */
651 ft = (struct aim_filetransfer_priv *)cook->data;
653 if (args.status != 0x0002) {
655 if (aim_gettlv(list2, 0x000b, 1))
656 errorcode = aim_gettlv16(list2, 0x000b, 1);
658 /* XXX this should make it up to the client, you know.. */
660 faimdprintf(sess, 0, "transfer from %s (%s) for %s cancelled (error code %d)\n", ft->sn, ft->ip, ft->fh.name, errorcode);
663 faimdprintf(sess, 0, "no data attached to file transfer\n");
665 } else if (cook->type == AIM_CAPS_VOICE) {
666 faimdprintf(sess, 0, "voice request cancelled\n");
668 faimdprintf(sess, 0, "unknown cookie cache type %d\n", cook->type);
671 aim_freetlvchain(&list2);
677 * The rest of the handling depends on what type it is.
679 if (args.reqclass & AIM_CAPS_BUDDYICON) {
680 struct aim_tlv_t *miscinfo;
683 miscinfo = aim_gettlv(list2, 0x2711, 1);
685 /* aimutil_get32(miscinfo->value+curpos); i don't know what this is */
687 args.info.icon.length = aimutil_get32(miscinfo->value+curpos);
689 args.info.icon.timestamp = aimutil_get32(miscinfo->value+curpos);
691 args.info.icon.icon = malloc(args.info.icon.length);
692 memcpy(args.info.icon.icon, miscinfo->value+curpos, args.info.icon.length);
694 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
695 ret = userfunc(sess, rx, channel, userinfo, &args);
697 free(args.info.icon.icon);
699 } else if (args.reqclass & AIM_CAPS_VOICE) {
700 struct aim_msgcookie_t *cachedcook;
702 faimdprintf(sess, 0, "rend: voice!\n");
704 if(!(cachedcook = (struct aim_msgcookie_t*)calloc(1, sizeof(struct aim_msgcookie_t)))) {
705 aim_freetlvchain(&list2);
709 memcpy(cachedcook->cookie, cookie, 8);
710 cachedcook->type = AIM_COOKIETYPE_OFTVOICE;
711 cachedcook->data = NULL;
713 if (aim_cachecookie(sess, cachedcook) == -1)
714 faimdprintf(sess, 0, "ERROR caching message cookie\n");
716 /* XXX: implement all this */
718 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
719 ret = userfunc(sess, rx, channel, userinfo, &args);
721 } else if (args.reqclass & AIM_CAPS_IMIMAGE) {
723 struct aim_directim_priv *priv;
725 memset(ip, 0, sizeof(ip));
727 if (aim_gettlv(list2, 0x0003, 1) && aim_gettlv(list2, 0x0005, 1)) {
728 struct aim_tlv_t *iptlv, *porttlv;
730 iptlv = aim_gettlv(list2, 0x0003, 1);
731 porttlv = aim_gettlv(list2, 0x0005, 1);
733 snprintf(ip, 30, "%d.%d.%d.%d:%d",
734 aimutil_get8(iptlv->value+0),
735 aimutil_get8(iptlv->value+1),
736 aimutil_get8(iptlv->value+2),
737 aimutil_get8(iptlv->value+3),
738 4443 /*aimutil_get16(porttlv->value)*/);
741 faimdprintf(sess, 0, "rend: directIM request from %s (%s)\n",
745 * XXX: there are a couple of different request packets for
749 args.info.directim = priv = (struct aim_directim_priv *)calloc(1, sizeof(struct aim_directim_priv));
750 memcpy(priv->ip, ip, sizeof(priv->ip));
751 memcpy(priv->sn, userinfo->sn, sizeof(priv->sn));
752 memcpy(priv->cookie, cookie, sizeof(priv->cookie));
754 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
755 ret = userfunc(sess, rx, channel, userinfo, &args);
757 } else if (args.reqclass & AIM_CAPS_CHAT) {
758 struct aim_tlv_t *miscinfo;
760 miscinfo = aim_gettlv(list2, 0x2711, 1);
761 aim_chat_readroominfo(miscinfo->value, &args.info.chat.roominfo);
763 if (aim_gettlv(list2, 0x000c, 1))
764 args.info.chat.msg = aim_gettlv_str(list2, 0x000c, 1);
766 if (aim_gettlv(list2, 0x000d, 1))
767 args.info.chat.encoding = aim_gettlv_str(list2, 0x000d, 1);
769 if (aim_gettlv(list2, 0x000e, 1))
770 args.info.chat.lang = aim_gettlv_str(list2, 0x000e, 1);
772 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
773 ret = userfunc(sess, rx, channel, userinfo, &args);
775 free(args.info.chat.roominfo.name);
776 free(args.info.chat.msg);
777 free(args.info.chat.encoding);
778 free(args.info.chat.lang);
780 } else if (args.reqclass & AIM_CAPS_GETFILE) {
782 struct aim_msgcookie_t *cachedcook;
783 struct aim_tlv_t *miscinfo;
784 struct aim_tlv_t *iptlv, *porttlv;
788 if (!(cachedcook = calloc(1, sizeof(struct aim_msgcookie_t)))) {
789 aim_freetlvchain(&list2);
793 if (!(miscinfo = aim_gettlv(list2, 0x2711, 1)) ||
794 !(iptlv = aim_gettlv(list2, 0x0003, 1)) ||
795 !(porttlv = aim_gettlv(list2, 0x0005, 1))) {
796 faimdprintf(sess, 0, "rend: badly damaged file get request from %s...\n", userinfo->sn);
797 aim_cookie_free(sess, cachedcook);
798 aim_freetlvchain(&list2);
802 snprintf(ip, 30, "%d.%d.%d.%d:%d",
803 aimutil_get8(iptlv->value+0),
804 aimutil_get8(iptlv->value+1),
805 aimutil_get8(iptlv->value+2),
806 aimutil_get8(iptlv->value+3),
807 aimutil_get16(porttlv->value));
809 faimdprintf(sess, 0, "rend: file get request from %s (%s)\n", userinfo->sn, ip);
811 args.info.getfile.ip = ip;
812 args.info.getfile.cookie = cookie;
814 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
815 ret = userfunc(sess, rx, channel, userinfo, &args);
817 } else if (args.reqclass & AIM_CAPS_SENDFILE) {
820 struct aim_msgcookie_t *cachedcook;
821 struct aim_tlv_t *miscinfo;
822 struct aim_tlv_t *iptlv, *porttlv;
826 if (!(cachedcook = calloc(1, sizeof(struct aim_msgcookie_t)))) {
827 aim_freetlvchain(&list2);
831 if (!(miscinfo = aim_gettlv(list2, 0x2711, 1)) ||
832 !(iptlv = aim_gettlv(list2, 0x0003, 1)) ||
833 !(porttlv = aim_gettlv(list2, 0x0005, 1))) {
834 faimdprintf(sess, 0, "rend: badly damaged file get request from %s...\n", userinfo->sn);
835 aim_cookie_free(sess, cachedcook);
836 aim_freetlvchain(&list2);
840 snprintf(ip, 30, "%d.%d.%d.%d:%d",
841 aimutil_get8(iptlv->value+0),
842 aimutil_get8(iptlv->value+1),
843 aimutil_get8(iptlv->value+2),
844 aimutil_get8(iptlv->value+3),
845 aimutil_get16(porttlv->value));
847 if (aim_gettlv(list2, 0x000c, 1))
848 desc = aim_gettlv_str(list2, 0x000c, 1);
850 faimdprintf(sess, 0, "rend: file transfer request from %s for %s: %s (%s)\n",
851 userinfo->sn, miscinfo->value+8,
854 memcpy(cachedcook->cookie, cookie, 8);
856 ft = malloc(sizeof(struct aim_filetransfer_priv));
857 strncpy(ft->sn, userinfo.sn, sizeof(ft->sn));
858 strncpy(ft->ip, ip, sizeof(ft->ip));
859 strncpy(ft->fh.name, miscinfo->value+8, sizeof(ft->fh.name));
860 cachedcook->type = AIM_COOKIETYPE_OFTSEND;
861 cachedcook->data = ft;
863 if (aim_cachecookie(sess, cachedcook) == -1)
864 faimdprintf(sess, 0, "ERROR caching message cookie\n");
866 aim_accepttransfer(sess, rx->conn, ft->sn, cookie, AIM_CAPS_SENDFILE);
871 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
872 ret = userfunc(sess, rx, channel, userinfo, &args);
876 faimdprintf(sess, 0, "rend: unknown rendezvous 0x%04x\n", args.reqclass);
878 aim_freetlvchain(&list2);
884 * It can easily be said that parsing ICBMs is THE single
885 * most difficult thing to do in the in AIM protocol. In
886 * fact, I think I just did say that.
888 * Below is the best damned solution I've come up with
889 * over the past sixteen months of battling with it. This
890 * can parse both away and normal messages from every client
891 * I have access to. Its not fast, its not clean. But it works.
894 static int incomingim(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
897 unsigned char cookie[8];
899 struct aim_userinfo_s userinfo;
901 memset(&userinfo, 0x00, sizeof(struct aim_userinfo_s));
904 * Read ICBM Cookie. And throw away.
906 for (i = 0; i < 8; i++)
907 cookie[i] = aimutil_get8(data+i);
912 * Channel 0x0001 is the message channel. There are
913 * other channels for things called "rendevous"
914 * which represent chat and some of the other new
915 * features of AIM2/3/3.5.
917 * Channel 0x0002 is the Rendevous channel, which
918 * is where Chat Invitiations and various client-client
919 * connection negotiations come from.
922 channel = aimutil_get16(data+i);
928 if ((channel != 0x01) && (channel != 0x02)) {
929 faimdprintf(sess, 0, "icbm: ICBM received on an unsupported channel. Ignoring.\n (chan = %04x)", channel);
934 * Extract the standard user info block.
936 * Note that although this contains TLVs that appear contiguous
937 * with the TLVs read below, they are two different pieces. The
938 * userinfo block contains the number of TLVs that contain user
939 * information, the rest are not even though there is no seperation.
940 * aim_extractuserinfo() returns the number of bytes used by the
941 * userinfo tlvs, so you can start reading the rest of them right
944 * That also means that TLV types can be duplicated between the
945 * userinfo block and the rest of the message, however there should
946 * never be two TLVs of the same type in one block.
949 i += aim_extractuserinfo(sess, data+i, &userinfo);
952 * From here on, its depends on what channel we're on.
954 * Technically all channels have a TLV list have this, however,
955 * for the common channel 1 case, in-place parsing is used for
956 * performance reasons (less memory allocation).
960 ret = incomingim_ch1(sess, mod, rx, snac, channel, &userinfo, data+i, datalen-i, cookie);
962 } else if (channel == 0x0002) {
963 struct aim_tlvlist_t *tlvlist;
966 * Read block of TLVs (not including the userinfo data). All
967 * further data is derived from what is parsed here.
969 tlvlist = aim_readtlvchain(data+i, datalen-i);
971 ret = incomingim_ch2(sess, mod, rx, snac, channel, &userinfo, tlvlist, cookie);
974 * Free up the TLV chain.
976 aim_freetlvchain(&tlvlist);
984 * AIM_TRANSFER_DENY_NOTSUPPORTED -- "client does not support"
985 * AIM_TRANSFER_DENY_DECLINE -- "client has declined transfer"
986 * AIM_TRANSFER_DENY_NOTACCEPTING -- "client is not accepting transfers"
989 faim_export unsigned long aim_denytransfer(struct aim_session_t *sess,
990 struct aim_conn_t *conn,
995 struct command_tx_struct *newpacket;
998 if(!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+8+2+1+strlen(sender)+6)))
1001 newpacket->lock = 1;
1003 curbyte = aim_putsnac(newpacket->data, 0x0004, 0x000b, 0x0000, sess->snac_nextid);
1004 for (i = 0; i < 8; i++)
1005 curbyte += aimutil_put8(newpacket->data+curbyte, cookie[i]);
1006 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0002);
1007 curbyte += aimutil_put8(newpacket->data+curbyte, strlen(sender));
1008 curbyte += aimutil_putstr(newpacket->data+curbyte, sender, strlen(sender));
1009 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0003, code);
1011 newpacket->lock = 0;
1012 aim_tx_enqueue(sess, newpacket);
1014 return (sess->snac_nextid++);
1018 * Not real sure what this does, nor does anyone I've talk to.
1020 * Didn't use to send it. But now I think it might be a good
1024 faim_export unsigned long aim_seticbmparam(struct aim_session_t *sess,
1025 struct aim_conn_t *conn)
1027 struct command_tx_struct *newpacket;
1030 if(!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+16)))
1033 newpacket->lock = 1;
1035 curbyte = aim_putsnac(newpacket->data, 0x0004, 0x0002, 0x0000, sess->snac_nextid);
1036 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0000);
1037 curbyte += aimutil_put32(newpacket->data+curbyte, 0x00000003);
1038 curbyte += aimutil_put16(newpacket->data+curbyte, 0x1f40);
1039 curbyte += aimutil_put16(newpacket->data+curbyte, 0x03e7);
1040 curbyte += aimutil_put16(newpacket->data+curbyte, 0x03e7);
1041 curbyte += aimutil_put32(newpacket->data+curbyte, 0x00000000);
1043 newpacket->lock = 0;
1044 aim_tx_enqueue(sess, newpacket);
1046 return (sess->snac_nextid++);
1049 static int paraminfo(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
1051 unsigned long defflags, minmsginterval;
1052 unsigned short maxicbmlen, maxsenderwarn, maxrecverwarn, maxchannel;
1053 aim_rxcallback_t userfunc;
1056 maxchannel = aimutil_get16(data+i);
1059 defflags = aimutil_get32(data+i);
1062 maxicbmlen = aimutil_get16(data+i);
1065 maxsenderwarn = aimutil_get16(data+i);
1068 maxrecverwarn = aimutil_get16(data+i);
1071 minmsginterval = aimutil_get32(data+i);
1074 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
1075 return userfunc(sess, rx, maxchannel, defflags, maxicbmlen, maxsenderwarn, maxrecverwarn, minmsginterval);
1080 static int missedcall(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
1083 aim_rxcallback_t userfunc;
1084 unsigned short channel, nummissed, reason;
1085 struct aim_userinfo_s userinfo;
1088 * XXX: supposedly, this entire packet can repeat as many times
1089 * as necessary. Should implement that.
1095 channel = aimutil_get16(data+i);
1099 * Extract the standard user info block.
1101 i += aim_extractuserinfo(sess, data+i, &userinfo);
1103 nummissed = aimutil_get16(data+i);
1106 reason = aimutil_get16(data+i);
1109 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
1110 return userfunc(sess, rx, channel, &userinfo, nummissed, reason);
1115 static int msgack(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
1117 aim_rxcallback_t userfunc;
1119 unsigned char ck[8];
1120 unsigned short type;
1122 unsigned char snlen;
1124 memcpy(ck, data, 8);
1127 type = aimutil_get16(data+i);
1130 snlen = aimutil_get8(data+i);
1133 memset(sn, 0, sizeof(sn));
1134 strncpy(sn, (char *)data+i, snlen);
1136 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
1137 return userfunc(sess, rx, type, sn);
1142 static int snachandler(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
1145 if (snac->subtype == 0x0005)
1146 return paraminfo(sess, mod, rx, snac, data, datalen);
1147 else if (snac->subtype == 0x0006)
1148 return outgoingim(sess, mod, rx, snac, data, datalen);
1149 else if (snac->subtype == 0x0007)
1150 return incomingim(sess, mod, rx, snac, data, datalen);
1151 else if (snac->subtype == 0x000a)
1152 return missedcall(sess, mod, rx, snac, data, datalen);
1153 else if (snac->subtype == 0x000c)
1154 return msgack(sess, mod, rx, snac, data, datalen);
1159 faim_internal int msg_modfirst(struct aim_session_t *sess, aim_module_t *mod)
1162 mod->family = 0x0004;
1163 mod->version = 0x0000;
1165 strncpy(mod->name, "messaging", sizeof(mod->name));
1166 mod->snachandler = snachandler;