4 * The routines for sending/receiving Instant Messages.
6 * Note the term ICBM (Inter-Client Basic Message) which blankets
7 * all types of genericly routed through-server messages. Within
8 * the ICBM types (family 4), a channel is defined. Each channel
9 * represents a different type of message. Channel 1 is used for
10 * what would commonly be called an "instant message". Channel 2
11 * is used for negotiating "rendezvous". These transactions end in
12 * something more complex happening, such as a chat invitation, or
15 * In addition to the channel, every ICBM contains a cookie. For
16 * standard IMs, these are only used for error messages. However,
17 * the more complex rendezvous messages make suitably more complex
26 * Takes a msghdr (and a length) and returns a client type
27 * code. Note that this is *only a guess* and has a low likelihood
28 * of actually being accurate.
30 * Its based on experimental data, with the help of Eric Warmenhoven
31 * who seems to have collected a wide variety of different AIM clients.
34 * Heres the current collection:
35 * 0501 0003 0101 0101 01 AOL Mobile Communicator, WinAIM 1.0.414
36 * 0501 0003 0101 0201 01 WinAIM 2.0.847, 2.1.1187, 3.0.1464,
38 * 0501 0004 0101 0102 0101 WinAIM 4.1.2010, libfaim (right here)
39 * 0501 0001 0101 01 AOL v6.0, CompuServe 2000 v6.0, any
42 * Note that in this function, only the feature bytes are tested, since
43 * the rest will always be the same.
46 faim_export fu16_t aim_fingerprintclient(fu8_t *msghdr, int len)
53 /* AOL Mobile Communicator, WinAIM 1.0.414 */
55 3, {0x01, 0x01, 0x01}},
57 /* WinAIM 2.0.847, 2.1.1187, 3.0.1464, 4.3.2229, 4.4.2286 */
58 { AIM_CLIENTTYPE_WINAIM,
59 3, {0x01, 0x01, 0x02}},
61 /* WinAIM 4.1.2010, libfaim */
62 { AIM_CLIENTTYPE_WINAIM41,
63 4, {0x01, 0x01, 0x01, 0x02}},
65 /* AOL v6.0, CompuServe 2000 v6.0, any TOC client */
66 { AIM_CLIENTTYPE_AOL_TOC,
73 if (!msghdr || (len <= 0))
74 return AIM_CLIENTTYPE_UNKNOWN;
76 for (i = 0; fingerprints[i].len; i++) {
77 if (fingerprints[i].len != len)
79 if (memcmp(fingerprints[i].data, msghdr, fingerprints[i].len) == 0)
80 return fingerprints[i].clientid;
83 return AIM_CLIENTTYPE_UNKNOWN;
86 /* This should be endian-safe now... but who knows... */
87 faim_export fu32_t aim_iconsum(const fu8_t *buf, int buflen)
92 for (i = 0, sum = 0; i < buflen; i += 2)
93 sum += (buf[i+1] << 8) + buf[i];
95 sum = ((sum & 0xffff0000) >> 16) + (sum & 0x0000ffff);
101 * Send an ICBM (instant message).
105 * AIM_IMFLAGS_AWAY -- Marks the message as an autoresponse
106 * AIM_IMFLAGS_ACK -- Requests that the server send an ack
107 * when the message is received (of type 0x0004/0x000c)
108 * AIM_IMFLAGS_UNICODE--Instead of ASCII7, the passed message is
109 * made up of UNICODE duples. If you set
110 * this, you'd better be damn sure you know
112 * AIM_IMFLAGS_ISO_8859_1 -- The message contains the ASCII8 subset
113 * known as ISO-8859-1.
115 * Generally, you should use the lowest encoding possible to send
116 * your message. If you only use basic punctuation and the generic
117 * Latin alphabet, use ASCII7 (no flags). If you happen to use non-ASCII7
118 * characters, but they are all clearly defined in ISO-8859-1, then
119 * use that. Keep in mind that not all characters in the PC ASCII8
120 * character set are defined in the ISO standard. For those cases (most
121 * notably when the (r) symbol is used), you must use the full UNICODE
122 * encoding for your message. In UNICODE mode, _all_ characters must
123 * occupy 16bits, including ones that are not special. (Remember that
124 * the first 128 UNICODE symbols are equivelent to ASCII7, however they
125 * must be prefixed with a zero high order byte.)
127 * I strongly discourage the use of UNICODE mode, mainly because none
128 * of the clients I use can parse those messages (and besides that,
129 * wchars are difficult and non-portable to handle in most UNIX environments).
130 * If you really need to include special characters, use the HTML UNICODE
131 * entities. These are of the form ߪ where 2026 is the hex
132 * representation of the UNICODE index (in this case, UNICODE
133 * "Horizontal Ellipsis", or 133 in in ASCII8).
135 * Implementation note: Since this is one of the most-used functions
136 * in all of libfaim, it is written with performance in mind. As such,
137 * it is not as clear as it could be in respect to how this message is
138 * supposed to be layed out. Most obviously, tlvlists should be used
139 * instead of writing out the bytes manually.
141 * XXX support multipart
144 faim_export int aim_send_im_ext(aim_session_t *sess, aim_conn_t *conn, struct aim_sendimext_args *args)
146 static const fu8_t deffeatures[] = {
147 0x01, 0x01, 0x01, 0x02, 0x42,
153 if (!sess || !conn || !args)
156 if (!args->msg || (args->msglen <= 0))
159 if (args->msglen >= MAXMSGLEN)
162 msgtlvlen = 12 + args->msglen;
163 if (args->flags & AIM_IMFLAGS_CUSTOMFEATURES)
164 msgtlvlen += args->featureslen;
166 msgtlvlen += sizeof(deffeatures);
168 if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x02, args->msglen+512)))
171 /* XXX should be optional */
172 snacid = aim_cachesnac(sess, 0x0004, 0x0006, 0x0000, args->destsn, strlen(args->destsn)+1);
173 aim_putsnac(&fr->data, 0x0004, 0x0006, 0x0000, snacid);
176 * Generate a random message cookie
178 * We could cache these like we do SNAC IDs. (In fact, it
179 * might be a good idea.) In the message error functions,
180 * the 8byte message cookie is returned as well as the
184 for (i = 0; i < 8; i++)
185 aimbs_put8(&fr->data, (fu8_t) rand());
190 aimbs_put16(&fr->data, 0x0001);
193 * Destination SN (prepended with byte length)
195 aimbs_put8(&fr->data, strlen(args->destsn));
196 aimbs_putraw(&fr->data, args->destsn, strlen(args->destsn));
201 aimbs_put16(&fr->data, 0x0002);
202 aimbs_put16(&fr->data, msgtlvlen);
208 aimbs_put8(&fr->data, 0x05);
209 aimbs_put8(&fr->data, 0x01);
211 if (args->flags & AIM_IMFLAGS_CUSTOMFEATURES) {
212 aimbs_put16(&fr->data, args->featureslen);
213 aimbs_putraw(&fr->data, args->features, args->featureslen);
215 aimbs_put16(&fr->data, sizeof(deffeatures));
216 aimbs_putraw(&fr->data, deffeatures, sizeof(deffeatures));
219 aimbs_put16(&fr->data, 0x0101);
222 * Message block length.
224 aimbs_put16(&fr->data, args->msglen + 0x04);
229 if (args->flags & AIM_IMFLAGS_UNICODE)
230 aimbs_put16(&fr->data, 0x0002);
231 else if (args->flags & AIM_IMFLAGS_ISO_8859_1)
232 aimbs_put16(&fr->data, 0x0003);
234 aimbs_put16(&fr->data, 0x0000);
236 aimbs_put16(&fr->data, 0x0000);
239 * Message. Not terminated.
241 aimbs_putraw(&fr->data, args->msg, args->msglen);
244 * Set the Request Acknowledge flag.
246 if (args->flags & AIM_IMFLAGS_ACK) {
247 aimbs_put16(&fr->data, 0x0003);
248 aimbs_put16(&fr->data, 0x0000);
252 * Set the Autoresponse flag.
254 if (args->flags & AIM_IMFLAGS_AWAY) {
255 aimbs_put16(&fr->data, 0x0004);
256 aimbs_put16(&fr->data, 0x0000);
260 * Set the Buddy Icon Requested flag.
262 if (args->flags & AIM_IMFLAGS_BUDDYREQ) {
263 aimbs_put16(&fr->data, 0x0009);
264 aimbs_put16(&fr->data, 0x0000);
268 * Set the I HAVE A REALLY PURTY ICON flag.
270 if (args->flags & AIM_IMFLAGS_HASICON) {
271 aimbs_put16(&fr->data, 0x0008);
272 aimbs_put16(&fr->data, 0x000c);
273 aimbs_put32(&fr->data, args->iconlen);
274 aimbs_put32(&fr->data, args->iconsum);
275 aimbs_put32(&fr->data, args->iconstamp);
278 aim_tx_enqueue(sess, fr);
280 #if 1 /* XXX do this with autoconf or something... */
281 aim_cleansnacs(sess, 60); /* clean out all SNACs over 60sec old */
288 * Simple wrapper for aim_send_im_ext()
290 * You cannot use aim_send_im if you need the HASICON flag. You must
291 * use aim_send_im_ext directly for that.
293 * aim_send_im also cannot be used if you require UNICODE messages, because
294 * that requires an explicit message length. Use aim_send_im_ext().
297 faim_export int aim_send_im(aim_session_t *sess, aim_conn_t *conn, const char *destsn, fu16_t flags, const char *msg)
299 struct aim_sendimext_args args;
301 args.destsn = destsn;
304 args.msglen = strlen(msg);
306 /* Make these don't get set by accident -- they need aim_send_im_ext */
307 args.flags &= ~(AIM_IMFLAGS_CUSTOMFEATURES | AIM_IMFLAGS_HASICON);
309 return aim_send_im_ext(sess, conn, &args);
313 * This is also performance sensative. (If you can believe it...)
316 faim_export int aim_send_icon(aim_session_t *sess, aim_conn_t *conn, const char *sn, const fu8_t *icon, int iconlen, time_t stamp, fu32_t iconsum)
323 if (!sess || !conn || !sn || !icon || (iconlen <= 0) || (iconlen >= MAXICONLEN))
326 if (conn->type != AIM_CONN_TYPE_BOS)
329 for (i = 0; i < 8; i++)
330 aimutil_put8(ck+i, (fu8_t) rand());
332 if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x02, 10+8+2+1+strlen(sn)+2+2+2+8+16+2+2+2+2+2+2+2+4+4+4+iconlen+strlen(AIM_ICONIDENT)+2+2)))
335 snacid = aim_cachesnac(sess, 0x0004, 0x0006, 0x0000, NULL, 0);
336 aim_putsnac(&fr->data, 0x0004, 0x0006, 0x0000, snacid);
341 aimbs_putraw(&fr->data, ck, 8);
346 aimbs_put16(&fr->data, 0x0002);
351 aimbs_put8(&fr->data, strlen(sn));
352 aimbs_putraw(&fr->data, sn, strlen(sn));
357 * Encompasses everything below.
359 aimbs_put16(&fr->data, 0x0005);
360 aimbs_put16(&fr->data, 2+8+16+6+4+4+iconlen+4+4+4+strlen(AIM_ICONIDENT));
362 aimbs_put16(&fr->data, 0x0000);
363 aimbs_putraw(&fr->data, ck, 8);
364 aim_putcap(&fr->data, AIM_CAPS_BUDDYICON);
367 aimbs_put16(&fr->data, 0x000a);
368 aimbs_put16(&fr->data, 0x0002);
369 aimbs_put16(&fr->data, 0x0001);
372 aimbs_put16(&fr->data, 0x000f);
373 aimbs_put16(&fr->data, 0x0000);
376 aimbs_put16(&fr->data, 0x2711);
377 aimbs_put16(&fr->data, 4+4+4+iconlen+strlen(AIM_ICONIDENT));
378 aimbs_put32(&fr->data, iconsum);
379 aimbs_put32(&fr->data, iconlen);
380 aimbs_put32(&fr->data, stamp);
381 aimbs_putraw(&fr->data, icon, iconlen);
382 aimbs_putraw(&fr->data, AIM_ICONIDENT, strlen(AIM_ICONIDENT));
385 aimbs_put16(&fr->data, 0x0003);
386 aimbs_put16(&fr->data, 0x0000);
388 aim_tx_enqueue(sess, fr);
393 static int outgoingim(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
396 aim_rxcallback_t userfunc;
399 aim_tlvlist_t *tlvlist;
402 fu16_t icbmflags = 0;
403 fu8_t flag1 = 0, flag2 = 0;
408 for (i = 0; i < 8; i++)
409 cookie[i] = aimbs_get8(bs);
412 channel = aimbs_get16(bs);
414 if (channel != 0x01) {
415 faimdprintf(sess, 0, "icbm: ICBM recieved on unsupported channel. Ignoring. (chan = %04x)\n", channel);
419 snlen = aimbs_get8(bs);
420 sn = aimbs_getstr(bs, snlen);
422 tlvlist = aim_readtlvchain(bs);
424 if (aim_gettlv(tlvlist, 0x0003, 1))
425 icbmflags |= AIM_IMFLAGS_ACK;
426 if (aim_gettlv(tlvlist, 0x0004, 1))
427 icbmflags |= AIM_IMFLAGS_AWAY;
429 if ((msgblock = aim_gettlv(tlvlist, 0x0002, 1))) {
431 int featurelen, msglen;
433 aim_bstream_init(&mbs, msgblock->value, msgblock->length);
437 for (featurelen = aimbs_get16(&mbs); featurelen; featurelen--)
442 msglen = aimbs_get16(&mbs) - 4; /* final block length */
444 flag1 = aimbs_get16(&mbs);
445 flag2 = aimbs_get16(&mbs);
447 msg = aimbs_getstr(&mbs, msglen);
450 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
451 ret = userfunc(sess, rx, channel, sn, msg, icbmflags, flag1, flag2);
454 aim_freetlvchain(&tlvlist);
461 * This should use tlvlists, but doesn't for performance reasons.
463 * XXX support multipart IMs:
465 * 0004 0007 0000 8f08 d295
466 * 0031 6520 3b7b f9fd
472 * 0010 0004 0000 01a3
473 * 0002 0004 3ab6 94fa
474 * 0003 0004 3b7b f85a
477 * 0101 000a 0000 0000 3c48 544d 4c3e ASCII part
479 * 0101 0016 0003 0000 6c6b 7364 6a6b 6c6a 676c a56b 3b73 646a 6b6a
480 * 0101 000b 0000 0000 3c2f 4854 4d4c 3e another ASCII part
483 static int incomingim_ch1(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, fu16_t channel, struct aim_userinfo_s *userinfo, aim_bstream_t *bs, fu8_t *cookie)
486 aim_rxcallback_t userfunc;
488 struct aim_incomingim_ch1_args args;
491 memset(&args, 0, sizeof(args));
494 * This used to be done using tlvchains. For performance reasons,
495 * I've changed it to process the TLVs in-place. This avoids lots
496 * of per-IM memory allocations.
498 while (aim_bstream_empty(bs)) {
500 type = aimbs_get16(bs);
501 length = aimbs_get16(bs);
503 endpos = aim_bstream_curpos(bs) + length;
505 if (type == 0x0002) { /* Message Block */
508 * This TLV consists of the following:
510 * - Features: Don't know how to interpret these
516 aimbs_get8(bs); /* 05 */
517 aimbs_get8(bs); /* 01 */
519 args.featureslen = aimbs_get16(bs);
520 /* XXX XXX this is all evil! */
521 args.features = bs->data + bs->offset;
522 aim_bstream_advance(bs, args.featureslen);
523 args.icbmflags |= AIM_IMFLAGS_CUSTOMFEATURES;
525 aimbs_get8(bs); /* 01 */
526 aimbs_get8(bs); /* 01 */
528 /* Message string length, including flag words. */
529 args.msglen = aimbs_get16(bs);
532 args.flag1 = aimbs_get16(bs);
533 if (args.flag1 == 0x0000)
535 else if (args.flag1 == 0x0002)
536 args.icbmflags |= AIM_IMFLAGS_UNICODE;
537 else if (args.flag1 == 0x0003)
538 args.icbmflags |= AIM_IMFLAGS_ISO_8859_1;
539 else if (args.flag1 == 0xffff)
540 ; /* no encoding (yeep!) */
542 args.flag2 = aimbs_get16(bs);
543 if (args.flag2 == 0x0000)
544 ; /* standard subencoding? */
545 else if (args.flag2 == 0x000b)
546 args.icbmflags |= AIM_IMFLAGS_SUBENC_MACINTOSH;
547 else if (args.flag2 == 0xffff)
548 ; /* no subencoding */
550 /* XXX this isn't really necesary... */
551 if ( ((args.flag1 != 0x0000) &&
552 (args.flag1 != 0x0002) &&
553 (args.flag1 != 0x0003) &&
554 (args.flag1 != 0xffff)) ||
555 ((args.flag2 != 0x0000) &&
556 (args.flag2 != 0x000b) &&
557 (args.flag2 != 0xffff))) {
558 faimdprintf(sess, 0, "icbm: **warning: encoding flags are being used! {%04x, %04x}\n", args.flag1, args.flag2);
563 if (args.icbmflags & AIM_IMFLAGS_UNICODE) {
566 /* Can't use getstr because of wide null */
567 umsg = aimbs_getraw(bs, args.msglen);
568 args.msg = malloc(args.msglen+2);
569 memcpy(args.msg, umsg, args.msglen);
570 args.msg[args.msglen] = '\0'; /* wide NULL */
571 args.msg[args.msglen+1] = '\0';
576 args.msg = aimbs_getstr(bs, args.msglen);
578 } else if (type == 0x0003) { /* Server Ack Requested */
580 args.icbmflags |= AIM_IMFLAGS_ACK;
582 } else if (type == 0x0004) { /* Message is Auto Response */
584 args.icbmflags |= AIM_IMFLAGS_AWAY;
586 } else if (type == 0x0008) { /* I-HAVE-A-REALLY-PURTY-ICON Flag */
588 args.iconsum = aimbs_get32(bs);
589 args.iconlen = aimbs_get32(bs);
590 args.iconstamp = aimbs_get32(bs);
591 args.icbmflags |= AIM_IMFLAGS_HASICON;
593 } else if (type == 0x0009) {
595 args.icbmflags |= AIM_IMFLAGS_BUDDYREQ;
597 } else if (type == 0x0017) {
599 args.extdatalen = length;
600 args.extdata = aimbs_getraw(bs, args.extdatalen);
603 faimdprintf(sess, 0, "incomingim_ch1: unknown TLV 0x%04x (len %d)\n", type, length);
607 * This is here to protect ourselves from ourselves. That
608 * is, if something above doesn't completly parse its value
609 * section, or, worse, overparses it, this will set the
610 * stream where it needs to be in order to land on the next
611 * TLV when the loop continues.
614 aim_bstream_setpos(bs, endpos);
618 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
619 ret = userfunc(sess, rx, channel, userinfo, &args);
627 static int incomingim_ch2_buddylist(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, struct aim_userinfo_s *userinfo, struct aim_incomingim_ch2_args *args, aim_tlvlist_t *list2)
629 aim_rxcallback_t userfunc;
634 if (args->status != 0x0000)
635 return 1; /* ignore it -- not sure what it means */
637 tse = aim_gettlv(list2, 0x2711, 1);
638 aim_bstream_init(&tbs, tse->value, tse->length);
641 * This goes like this...
645 * num of buddies in group
653 * num of buddies in group
659 while (aim_bstream_empty(&tbs)) {
664 gnlen = aimbs_get16(&tbs);
665 gn = aimbs_getstr(&tbs, gnlen);
666 numb = aimbs_get16(&tbs);
668 for (i = 0; i < numb; i++) {
672 bnlen = aimbs_get16(&tbs);
673 bn = aimbs_getstr(&tbs, bnlen);
675 faimdprintf(sess, 0, "got a buddy list from %s: group %s, buddy %s\n", userinfo->sn, gn, bn);
683 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
684 ret = userfunc(sess, rx, 0x0002, userinfo, args);
689 static int incomingim_ch2_buddyicon(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, struct aim_userinfo_s *userinfo, struct aim_incomingim_ch2_args *args, aim_tlvlist_t *list2)
691 aim_rxcallback_t userfunc;
696 miscinfo = aim_gettlv(list2, 0x2711, 1);
697 aim_bstream_init(&tbs, miscinfo->value, miscinfo->length);
699 args->info.icon.checksum = aimbs_get32(&tbs);
700 args->info.icon.length = aimbs_get32(&tbs);
701 args->info.icon.timestamp = aimbs_get32(&tbs);
702 args->info.icon.icon = aimbs_getraw(&tbs, args->info.icon.length);
704 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
705 ret = userfunc(sess, rx, 0x0002, userinfo, args);
707 free(args->info.icon.icon);
712 static int incomingim_ch2_voice(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, struct aim_userinfo_s *userinfo, struct aim_incomingim_ch2_args *args, aim_tlvlist_t *list2)
714 aim_msgcookie_t *cachedcook;
716 aim_rxcallback_t userfunc;
718 faimdprintf(sess, 1, "rend: voice!\n");
720 if (!(cachedcook = (aim_msgcookie_t*)calloc(1, sizeof(aim_msgcookie_t))))
723 memcpy(cachedcook->cookie, args->cookie, 8);
724 cachedcook->type = AIM_COOKIETYPE_OFTVOICE;
725 cachedcook->data = NULL;
727 if (aim_cachecookie(sess, cachedcook) == -1)
728 faimdprintf(sess, 0, "ERROR caching message cookie\n");
730 /* XXX: implement all this */
732 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
733 ret = userfunc(sess, rx, 0x0002, userinfo, &args);
738 static int incomingim_ch2_chat(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, struct aim_userinfo_s *userinfo, struct aim_incomingim_ch2_args *args, aim_tlvlist_t *list2)
742 aim_rxcallback_t userfunc;
745 miscinfo = aim_gettlv(list2, 0x2711, 1);
746 aim_bstream_init(&tbs, miscinfo->value, miscinfo->length);
748 aim_chat_readroominfo(&tbs, &args->info.chat.roominfo);
750 if (aim_gettlv(list2, 0x000c, 1))
751 args->info.chat.msg = aim_gettlv_str(list2, 0x000c, 1);
753 if (aim_gettlv(list2, 0x000d, 1))
754 args->info.chat.encoding = aim_gettlv_str(list2, 0x000d, 1);
756 if (aim_gettlv(list2, 0x000e, 1))
757 args->info.chat.lang = aim_gettlv_str(list2, 0x000e, 1);
759 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
760 ret = userfunc(sess, rx, 0x0002, userinfo, &args);
762 /* XXX free_roominfo */
763 free(args->info.chat.roominfo.name);
764 free(args->info.chat.msg);
765 free(args->info.chat.encoding);
766 free(args->info.chat.lang);
771 static int incomingim_ch2_getfile(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, struct aim_userinfo_s *userinfo, struct aim_incomingim_ch2_args *args, aim_tlvlist_t *list2)
774 aim_msgcookie_t *cachedcook;
776 aim_tlv_t *iptlv, *porttlv;
778 aim_rxcallback_t userfunc;
782 if (!(cachedcook = calloc(1, sizeof(aim_msgcookie_t)))) {
783 aim_freetlvchain(&list2);
787 if (!(miscinfo = aim_gettlv(list2, 0x2711, 1)) ||
788 !(iptlv = aim_gettlv(list2, 0x0003, 1)) ||
789 !(porttlv = aim_gettlv(list2, 0x0005, 1))) {
791 faimdprintf(sess, 0, "rend: badly damaged file get request from %s...\n", userinfo->sn);
792 aim_cookie_free(sess, cachedcook);
793 aim_freetlvchain(&list2);
798 snprintf(ip, 30, "%d.%d.%d.%d:%d",
799 aimutil_get8(iptlv->value+0),
800 aimutil_get8(iptlv->value+1),
801 aimutil_get8(iptlv->value+2),
802 aimutil_get8(iptlv->value+3),
803 aimutil_get16(porttlv->value));
805 faimdprintf(sess, 0, "rend: file get request from %s (%s)\n", userinfo->sn, ip);
807 args->info.getfile.ip = ip;
808 memcpy(args->info.getfile.cookie, args->cookie, 8);
810 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
811 ret = userfunc(sess, rx, 0x0002, userinfo, &args);
816 static int incomingim_ch2_sendfile(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, struct aim_userinfo_s *userinfo, struct aim_incomingim_ch2_args *args, aim_tlvlist_t *list2)
820 aim_msgcookie_t *cachedcook;
822 aim_tlv_t *iptlv, *porttlv;
824 aim_rxcallback_t userfunc;
829 if (!(cachedcook = calloc(1, sizeof(aim_msgcookie_t))))
832 if (!(miscinfo = aim_gettlv(list2, 0x2711, 1)) ||
833 !(iptlv = aim_gettlv(list2, 0x0003, 1)) ||
834 !(porttlv = aim_gettlv(list2, 0x0005, 1))) {
836 faimdprintf(sess, 0, "rend: badly damaged file get request from %s...\n", userinfo->sn);
837 aim_cookie_free(sess, cachedcook);
842 snprintf(ip, 30, "%d.%d.%d.%d:%d",
843 aimutil_get8(iptlv->value+0),
844 aimutil_get8(iptlv->value+1),
845 aimutil_get8(iptlv->value+2),
846 aimutil_get8(iptlv->value+3),
847 aimutil_get16(porttlv->value));
849 if (aim_gettlv(list2, 0x000c, 1))
850 desc = aim_gettlv_str(list2, 0x000c, 1);
852 faimdprintf(sess, 0, "rend: file transfer request from %s: %s (%s)\n",
853 userinfo->sn, desc, ip);
855 memcpy(cachedcook->cookie, args->cookie, 8);
857 ft = malloc(sizeof(struct aim_filetransfer_priv)); /* XXX */
858 strncpy(ft->sn, userinfo.sn, sizeof(ft->sn));
859 strncpy(ft->ip, ip, sizeof(ft->ip));
860 strncpy(ft->fh.name, miscinfo->value+8, sizeof(ft->fh.name));
861 cachedcook->type = AIM_COOKIETYPE_OFTSEND;
862 cachedcook->data = ft;
864 if (aim_cachecookie(sess, cachedcook) == -1)
865 faimdprintf(sess, 0, "ERROR caching message cookie\n");
867 aim_accepttransfer(sess, rx->conn, ft->sn, cookie, AIM_CAPS_SENDFILE);
872 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
873 ret = userfunc(sess, rx, 0x0002, userinfo, &args);
878 static int incomingim_ch2_imimage(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, struct aim_userinfo_s *userinfo, struct aim_incomingim_ch2_args *args, aim_tlvlist_t *list2)
880 aim_rxcallback_t userfunc;
883 /* Primary IP address */
884 if (aim_gettlv(list2, 0x0003, 1)) {
887 tlv = aim_gettlv(list2, 0x0003, 1);
889 snprintf(args->info.imimage.ip, sizeof(args->info.imimage.ip),
898 * Alternate IP address
900 * Sort of. The peer doesn't send this -- the OSCAR
901 * server does. So it will be the IP address that the
902 * peer is directly connected to the internet with, which
903 * may not be the same as the IP above. If these two
904 * values differ, it's rather unlikely that this
905 * rendezvous is going to happen...
908 if (aim_gettlv(list2, 0x0004, 1))
911 /* Port number (not correct -- ignore) */
912 if (aim_gettlv(list2, 0x0005, 1))
915 /* Unknown -- two bytes = 0x0001 */
916 if (aim_gettlv(list2, 0x000a, 1))
919 /* Unknown -- no value */
920 if (aim_gettlv(list2, 0x000f, 1))
923 faimdprintf(sess, 1, "rend: directIM request from %s (%s)\n", userinfo->sn, args->info.imimage.ip);
926 * XXX: there are a couple of different request packets for
930 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
931 ret = userfunc(sess, rx, 0x0002, userinfo, args);
936 /* XXX Ugh. I think its obvious. */
937 static int incomingim_ch2(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, fu16_t channel, struct aim_userinfo_s *userinfo, aim_tlvlist_t *tlvlist, fu8_t *cookie)
940 aim_tlvlist_t *list2;
942 struct aim_incomingim_ch2_args args;
946 memset(&args, 0, sizeof(args));
949 * There's another block of TLVs embedded in the type 5 here.
951 if (!(block1 = aim_gettlv(tlvlist, 0x0005, 1)) || !block1->value) {
952 faimdprintf(sess, 0, "no tlv 0x0005 in rendezvous transaction!\n");
956 aim_bstream_init(&bbs, block1->value, block1->length);
959 * First two bytes represent the status of the connection.
961 * 0 is a request, 2 is an accept
963 args.status = aimbs_get16(&bbs);
966 * Next comes the cookie. Should match the ICBM cookie.
968 cookie2 = aimbs_getraw(&bbs, 8);
969 if (memcmp(cookie, cookie2, 8) != 0)
970 faimdprintf(sess, 0, "rend: warning cookies don't match!\n");
971 memcpy(args.cookie, cookie2, 8);
975 * The next 16bytes are a capability block so we can
976 * identify what type of rendezvous this is.
978 * Thanks to Eric Warmenhoven <warmenhoven@linux.com> (of GAIM)
979 * for pointing some of this out to me. In fact, a lot of
980 * the client-to-client info comes from the work of the GAIM
981 * developers. Thanks!
983 * Read off one capability string and we should have it ID'd.
986 if ((args.reqclass = aim_getcap(sess, &bbs, 0x10)) == 0x0000) {
987 faimdprintf(sess, 0, "rend: no ID block\n");
992 * What follows may be TLVs or nothing, depending on the
993 * purpose of the message.
995 * Ack packets for instance have nothing more to them.
997 list2 = aim_readtlvchain(&bbs);
999 #if 0 /* this should be in the per-type blocks */
1000 if (!list2 || ((args.reqclass != AIM_CAPS_IMIMAGE) && !(aim_gettlv(list2, 0x2711, 1)))) {
1001 aim_msgcookie_t *cook;
1004 type = aim_msgcookie_gettype(args.reqclass); /* XXX: fix this shitty code */
1006 if ((cook = aim_checkcookie(sess, cookie, type)) == NULL) {
1007 faimdprintf(sess, 0, "non-data rendezvous thats not in cache (type %d)\n", type);
1008 aim_freetlvchain(&list2);
1012 if (cook->type == AIM_COOKIETYPE_OFTGET) {
1013 struct aim_filetransfer_priv *ft;
1016 int errorcode = -1; /* XXX shouldnt this be 0? */
1018 ft = (struct aim_filetransfer_priv *)cook->data;
1020 if (args.status != 0x0002) {
1022 if (aim_gettlv(list2, 0x000b, 1))
1023 errorcode = aim_gettlv16(list2, 0x000b, 1);
1025 /* XXX this should make it up to the client, you know.. */
1027 faimdprintf(sess, 0, "transfer from %s (%s) for %s cancelled (error code %d)\n", ft->sn, ft->ip, ft->fh.name, errorcode);
1028 } /* args.status != 0x0002 */
1031 faimdprintf(sess, 0, "no data attached to file transfer\n");
1034 } else if (cook->type == AIM_CAPS_VOICE) {
1036 faimdprintf(sess, 0, "voice request cancelled\n");
1040 faimdprintf(sess, 0, "unknown cookie cache type %d\n", cook->type);
1043 aim_freetlvchain(&list2);
1050 * The rest of the handling depends on what type it is.
1052 if (args.reqclass & AIM_CAPS_BUDDYICON)
1053 ret = incomingim_ch2_buddyicon(sess, mod, rx, snac, userinfo, &args, list2);
1054 else if (args.reqclass & AIM_CAPS_SENDBUDDYLIST)
1055 ret = incomingim_ch2_buddylist(sess, mod, rx, snac, userinfo, &args, list2);
1056 else if (args.reqclass & AIM_CAPS_VOICE)
1057 ret = incomingim_ch2_voice(sess, mod, rx, snac, userinfo, &args, list2);
1058 else if (args.reqclass & AIM_CAPS_IMIMAGE)
1059 ret = incomingim_ch2_imimage(sess, mod, rx, snac, userinfo, &args, list2);
1060 else if (args.reqclass & AIM_CAPS_CHAT)
1061 ret = incomingim_ch2_chat(sess, mod, rx, snac, userinfo, &args, list2);
1062 else if (args.reqclass & AIM_CAPS_GETFILE)
1063 ret = incomingim_ch2_getfile(sess, mod, rx, snac, userinfo, &args, list2);
1064 else if (args.reqclass & AIM_CAPS_SENDFILE)
1065 ret = incomingim_ch2_sendfile(sess, mod, rx, snac, userinfo, &args, list2);
1067 faimdprintf(sess, 0, "rend: unknown rendezvous 0x%04x\n", args.reqclass);
1069 aim_freetlvchain(&list2);
1075 * It can easily be said that parsing ICBMs is THE single
1076 * most difficult thing to do in the in AIM protocol. In
1077 * fact, I think I just did say that.
1079 * Below is the best damned solution I've come up with
1080 * over the past sixteen months of battling with it. This
1081 * can parse both away and normal messages from every client
1082 * I have access to. Its not fast, its not clean. But it works.
1085 static int incomingim(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
1090 struct aim_userinfo_s userinfo;
1092 memset(&userinfo, 0x00, sizeof(struct aim_userinfo_s));
1095 * Read ICBM Cookie. And throw away.
1097 for (i = 0; i < 8; i++)
1098 cookie[i] = aimbs_get8(bs);
1103 * Channel 0x0001 is the message channel. There are
1104 * other channels for things called "rendevous"
1105 * which represent chat and some of the other new
1106 * features of AIM2/3/3.5.
1108 * Channel 0x0002 is the Rendevous channel, which
1109 * is where Chat Invitiations and various client-client
1110 * connection negotiations come from.
1113 channel = aimbs_get16(bs);
1116 * Technically Channel 3 in chat could be done here too.
1118 if ((channel != 0x01) && (channel != 0x02)) {
1119 faimdprintf(sess, 0, "icbm: ICBM received on an unsupported channel. Ignoring.\n (chan = %04x)", channel);
1124 * Extract the standard user info block.
1126 * Note that although this contains TLVs that appear contiguous
1127 * with the TLVs read below, they are two different pieces. The
1128 * userinfo block contains the number of TLVs that contain user
1129 * information, the rest are not even though there is no seperation.
1130 * aim_extractuserinfo() returns the number of bytes used by the
1131 * userinfo tlvs, so you can start reading the rest of them right
1134 * That also means that TLV types can be duplicated between the
1135 * userinfo block and the rest of the message, however there should
1136 * never be two TLVs of the same type in one block.
1139 aim_extractuserinfo(sess, bs, &userinfo);
1142 * From here on, its depends on what channel we're on.
1144 * Technically all channels have a TLV list have this, however,
1145 * for the common channel 1 case, in-place parsing is used for
1146 * performance reasons (less memory allocation).
1150 ret = incomingim_ch1(sess, mod, rx, snac, channel, &userinfo, bs, cookie);
1152 } else if (channel == 0x0002) {
1153 aim_tlvlist_t *tlvlist;
1156 * Read block of TLVs (not including the userinfo data). All
1157 * further data is derived from what is parsed here.
1159 tlvlist = aim_readtlvchain(bs);
1161 ret = incomingim_ch2(sess, mod, rx, snac, channel, &userinfo, tlvlist, cookie);
1164 * Free up the TLV chain.
1166 aim_freetlvchain(&tlvlist);
1174 * AIM_TRANSFER_DENY_NOTSUPPORTED -- "client does not support"
1175 * AIM_TRANSFER_DENY_DECLINE -- "client has declined transfer"
1176 * AIM_TRANSFER_DENY_NOTACCEPTING -- "client is not accepting transfers"
1179 faim_export int aim_denytransfer(aim_session_t *sess, aim_conn_t *conn, const char *sender, const char *cookie, fu16_t code)
1182 aim_snacid_t snacid;
1183 aim_tlvlist_t *tl = NULL;
1185 if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x02, 10+8+2+1+strlen(sender)+6)))
1188 snacid = aim_cachesnac(sess, 0x0004, 0x000b, 0x0000, NULL, 0);
1189 aim_putsnac(&fr->data, 0x0004, 0x000b, 0x0000, snacid);
1191 aimbs_putraw(&fr->data, cookie, 8);
1193 aimbs_put16(&fr->data, 0x0002); /* channel */
1194 aimbs_put8(&fr->data, strlen(sender));
1195 aimbs_putraw(&fr->data, sender, strlen(sender));
1197 aim_addtlvtochain16(&tl, 0x0003, code);
1198 aim_writetlvchain(&fr->data, &tl);
1199 aim_freetlvchain(&tl);
1201 aim_tx_enqueue(sess, fr);
1207 * aim_reqicbmparaminfo()
1209 * Request ICBM parameter information.
1212 faim_export int aim_reqicbmparams(aim_session_t *sess, aim_conn_t *conn)
1214 return aim_genericreq_n(sess, conn, 0x0004, 0x0004);
1219 * I definitly recommend sending this. If you don't, you'll be stuck
1220 * with the rather unreasonable defaults. You don't want those. Send this.
1223 faim_export int aim_seticbmparam(aim_session_t *sess, aim_conn_t *conn, struct aim_icbmparameters *params)
1226 aim_snacid_t snacid;
1228 if (!sess || !conn || !params)
1231 if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x02, 10+16)))
1234 snacid = aim_cachesnac(sess, 0x0004, 0x0002, 0x0000, NULL, 0);
1235 aim_putsnac(&fr->data, 0x0004, 0x0002, 0x0000, snacid);
1237 /* This is read-only (see Parameter Reply). Must be set to zero here. */
1238 aimbs_put16(&fr->data, 0x0000);
1240 /* These are all read-write */
1241 aimbs_put32(&fr->data, params->flags);
1242 aimbs_put16(&fr->data, params->maxmsglen);
1243 aimbs_put16(&fr->data, params->maxsenderwarn);
1244 aimbs_put16(&fr->data, params->maxrecverwarn);
1245 aimbs_put32(&fr->data, params->minmsginterval);
1247 aim_tx_enqueue(sess, fr);
1252 static int paraminfo(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
1254 struct aim_icbmparameters params;
1255 aim_rxcallback_t userfunc;
1257 params.maxchan = aimbs_get16(bs);
1258 params.flags = aimbs_get32(bs);
1259 params.maxmsglen = aimbs_get16(bs);
1260 params.maxsenderwarn = aimbs_get16(bs);
1261 params.maxrecverwarn = aimbs_get16(bs);
1262 params.minmsginterval = aimbs_get32(bs);
1264 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
1265 return userfunc(sess, rx, ¶ms);
1270 static int missedcall(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
1273 aim_rxcallback_t userfunc;
1274 fu16_t channel, nummissed, reason;
1275 struct aim_userinfo_s userinfo;
1277 while (aim_bstream_empty(bs)) {
1279 channel = aimbs_get16(bs);
1280 aim_extractuserinfo(sess, bs, &userinfo);
1281 nummissed = aimbs_get16(bs);
1282 reason = aimbs_get16(bs);
1284 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
1285 ret = userfunc(sess, rx, channel, &userinfo, nummissed, reason);
1291 static int clienterr(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
1294 aim_rxcallback_t userfunc;
1295 fu16_t channel, reason;
1299 ck = aimbs_getraw(bs, 8);
1300 channel = aimbs_get16(bs);
1301 snlen = aimbs_get8(bs);
1302 sn = aimbs_getstr(bs, snlen);
1303 reason = aimbs_get16(bs);
1305 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
1306 ret = userfunc(sess, rx, channel, sn, reason);
1311 static int msgack(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
1313 aim_rxcallback_t userfunc;
1318 ck = aimbs_getraw(bs, 8);
1319 type = aimbs_get16(bs);
1320 snlen = aimbs_get8(bs);
1321 sn = aimbs_getstr(bs, snlen);
1323 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
1324 return userfunc(sess, rx, type, sn);
1332 static int snachandler(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
1335 if (snac->subtype == 0x0005)
1336 return paraminfo(sess, mod, rx, snac, bs);
1337 else if (snac->subtype == 0x0006)
1338 return outgoingim(sess, mod, rx, snac, bs);
1339 else if (snac->subtype == 0x0007)
1340 return incomingim(sess, mod, rx, snac, bs);
1341 else if (snac->subtype == 0x000a)
1342 return missedcall(sess, mod, rx, snac, bs);
1343 else if (snac->subtype == 0x000b)
1344 return clienterr(sess, mod, rx, snac, bs);
1345 else if (snac->subtype == 0x000c)
1346 return msgack(sess, mod, rx, snac, bs);
1351 faim_internal int msg_modfirst(aim_session_t *sess, aim_module_t *mod)
1354 mod->family = 0x0004;
1355 mod->version = 0x0000;
1357 strncpy(mod->name, "messaging", sizeof(mod->name));
1358 mod->snachandler = snachandler;