4 * The routines for sending/receiving Instant Messages.
12 * Takes a msghdr (and a length) and returns a client type
13 * code. Note that this is *only a guess* and has a low likelihood
14 * of actually being accurate.
16 * Its based on experimental data, with the help of Eric Warmenhoven
17 * who seems to have collected a wide variety of different AIM clients.
20 * Heres the current collection:
21 * 0501 0003 0101 0101 01 AOL Mobile Communicator, WinAIM 1.0.414
22 * 0501 0003 0101 0201 01 WinAIM 2.0.847, 2.1.1187, 3.0.1464,
24 * 0501 0004 0101 0102 0101 WinAIM 4.1.2010, libfaim (right here)
25 * 0501 0001 0101 01 AOL v6.0, CompuServe 2000 v6.0, any
28 faim_export unsigned short aim_fingerprintclient(unsigned char *msghdr, int len)
31 unsigned short clientid;
33 unsigned char data[10];
35 /* AOL Mobile Communicator, WinAIM 1.0.414 */
37 9, {0x05, 0x01, 0x00, 0x03, 0x01, 0x01, 0x01, 0x01, 0x01}},
39 /* WinAIM 2.0.847, 2.1.1187, 3.0.1464, 4.3.2229, 4.4.2286 */
40 { AIM_CLIENTTYPE_WINAIM,
41 9, {0x05, 0x01, 0x00, 0x03, 0x01, 0x01, 0x02, 0x01, 0x01}},
43 /* WinAIM 4.1.2010, libfaim */
44 { AIM_CLIENTTYPE_WINAIM41,
45 10, {0x05, 0x01, 0x00, 0x04, 0x01, 0x01, 0x01, 0x02, 0x01, 0x01}},
47 /* AOL v6.0, CompuServe 2000 v6.0, any TOC client */
48 { AIM_CLIENTTYPE_AOL_TOC,
49 7, {0x05, 0x01, 0x00, 0x01, 0x01, 0x01, 0x01}},
55 if (!msghdr || (len <= 0))
58 for (i = 0; fingerprints[i].len; i++) {
59 if (fingerprints[i].len != len)
61 if (memcmp(fingerprints[i].data, msghdr, fingerprints[i].len) == 0)
62 return fingerprints[i].clientid;
65 return AIM_CLIENTTYPE_UNKNOWN;
68 /* This should be endian-safe now... but who knows... */
69 faim_export unsigned short aim_iconsum(const unsigned char *buf, int buflen)
74 for (i = 0, sum = 0; i < buflen; i += 2)
75 sum += (buf[i+1] << 8) + buf[i];
77 sum = ((sum & 0xffff0000) >> 16) + (sum & 0x0000ffff);
83 * Send an ICBM (instant message).
87 * AIM_IMFLAGS_AWAY -- Marks the message as an autoresponse
88 * AIM_IMFLAGS_ACK -- Requests that the server send an ack
89 * when the message is received (of type 0x0004/0x000c)
90 * AIM_IMFLAGS_UNICODE--Instead of ASCII7, the passed message is
91 * made up of UNICODE duples. If you set
92 * this, you'd better be damn sure you know
94 * AIM_IMFLAGS_ISO_8859_1 -- The message contains the ASCII8 subset
95 * known as ISO-8859-1.
97 * Generally, you should use the lowest encoding possible to send
98 * your message. If you only use basic punctuation and the generic
99 * Latin alphabet, use ASCII7 (no flags). If you happen to use non-ASCII7
100 * characters, but they are all clearly defined in ISO-8859-1, then
101 * use that. Keep in mind that not all characters in the PC ASCII8
102 * character set are defined in the ISO standard. For those cases (most
103 * notably when the (r) symbol is used), you must use the full UNICODE
104 * encoding for your message. In UNICODE mode, _all_ characters must
105 * occupy 16bits, including ones that are not special. (Remember that
106 * the first 128 UNICODE symbols are equivelent to ASCII7, however they
107 * must be prefixed with a zero high order byte.)
109 * I strongly discourage the use of UNICODE mode, mainly because none
110 * of the clients I use can parse those messages (and besides that,
111 * wchars are difficult and non-portable to handle in most UNIX environments).
112 * If you really need to include special characters, use the HTML UNICODE
113 * entities. These are of the form ߪ where 2026 is the hex
114 * representation of the UNICODE index (in this case, UNICODE
115 * "Horizontal Ellipsis", or 133 in in ASCII8).
118 faim_export int aim_send_im_ext(struct aim_session_t *sess, struct aim_conn_t *conn, struct aim_sendimext_args *args)
121 struct command_tx_struct *newpacket;
123 if (!sess || !conn || !args)
126 if (!args->msg || (args->msglen <= 0))
129 if (args->msglen >= MAXMSGLEN)
132 if (!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, args->msglen+512)))
135 newpacket->lock = 1; /* lock struct */
138 curbyte += aim_putsnac(newpacket->data+curbyte,
139 0x0004, 0x0006, 0x0000, sess->snac_nextid);
142 * Generate a random message cookie
144 * We could cache these like we do SNAC IDs. (In fact, it
145 * might be a good idea.) In the message error functions,
146 * the 8byte message cookie is returned as well as the
150 for (i = 0; i < 8; i++) {
151 curbyte += aimutil_put8(newpacket->data+curbyte,
152 (unsigned char) rand());
158 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0001);
161 * Destination SN (prepended with byte length)
163 curbyte += aimutil_put8(newpacket->data+curbyte, strlen(args->destsn));
164 curbyte += aimutil_putstr(newpacket->data+curbyte,
165 args->destsn, strlen(args->destsn));
170 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0002);
171 curbyte += aimutil_put16(newpacket->data+curbyte, args->msglen + 0x10);
174 * Flag data / ICBM Parameters?
176 * I don't know what these are...
179 curbyte += aimutil_put8(newpacket->data+curbyte, 0x05);
180 curbyte += aimutil_put8(newpacket->data+curbyte, 0x01);
182 /* number of bytes to follow */
183 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0004);
184 curbyte += aimutil_put8(newpacket->data+curbyte, 0x01);
185 curbyte += aimutil_put8(newpacket->data+curbyte, 0x01);
186 curbyte += aimutil_put8(newpacket->data+curbyte, 0x01);
187 curbyte += aimutil_put8(newpacket->data+curbyte, 0x02);
189 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0101);
192 * Message block length.
194 curbyte += aimutil_put16(newpacket->data+curbyte, args->msglen + 0x04);
199 if (args->flags & AIM_IMFLAGS_UNICODE)
200 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0002);
201 else if (args->flags & AIM_IMFLAGS_ISO_8859_1)
202 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0003);
204 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0000);
206 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0000);
209 * Message. Not terminated.
211 curbyte += aimutil_putstr(newpacket->data+curbyte,
212 args->msg, args->msglen);
215 * Set the Request Acknowledge flag.
217 if (args->flags & AIM_IMFLAGS_ACK) {
218 curbyte += aimutil_put16(newpacket->data+curbyte,0x0003);
219 curbyte += aimutil_put16(newpacket->data+curbyte,0x0000);
223 * Set the Autoresponse flag.
225 if (args->flags & AIM_IMFLAGS_AWAY) {
226 curbyte += aimutil_put16(newpacket->data+curbyte,0x0004);
227 curbyte += aimutil_put16(newpacket->data+curbyte,0x0000);
231 * Set the Buddy Icon Requested flag.
233 if (args->flags & AIM_IMFLAGS_BUDDYREQ) {
234 curbyte += aimutil_put16(newpacket->data+curbyte,0x0009);
235 curbyte += aimutil_put16(newpacket->data+curbyte,0x0000);
239 * Set the I HAVE A REALLY PURTY ICON flag (with timestamp).
241 if (args->flags & AIM_IMFLAGS_HASICON) {
242 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0008);
243 curbyte += aimutil_put16(newpacket->data+curbyte, 0x000c);
244 curbyte += aimutil_put32(newpacket->data+curbyte, args->iconlen);
245 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0001);
246 curbyte += aimutil_put16(newpacket->data+curbyte, args->iconsum);
247 curbyte += aimutil_put32(newpacket->data+curbyte, args->iconstamp);
250 newpacket->commandlen = curbyte;
253 aim_tx_enqueue(sess, newpacket);
255 #if 1 /* XXX do this with autoconf or something... */
256 aim_cachesnac(sess, 0x0004, 0x0006, 0x0000, args->destsn, strlen(args->destsn)+1);
257 aim_cleansnacs(sess, 60); /* clean out all SNACs over 60sec old */
264 * Simple wrapper for aim_send_im_ext()
266 * You cannot use aim_send_im if you need the HASICON flag. You must
267 * use aim_send_im_ext directly for that.
269 * aim_send_im also cannot be used if you require UNICODE messages, because
270 * that requires an explicit message length. Use aim_send_im_ext().
273 faim_export int aim_send_im(struct aim_session_t *sess, struct aim_conn_t *conn, const char *destsn, unsigned short flags, const char *msg)
275 struct aim_sendimext_args args;
277 args.destsn = destsn;
280 args.msglen = strlen(msg);
282 return aim_send_im_ext(sess, conn, &args);
285 faim_export int aim_send_icon(struct aim_session_t *sess, struct aim_conn_t *conn, const char *sn, const unsigned char *icon, int iconlen, time_t stamp, unsigned short iconsum)
287 struct command_tx_struct *np;
291 if (!sess || !conn || !sn || !icon || (iconlen <= 0) || (iconlen >= MAXICONLEN))
294 if (conn->type != AIM_CONN_TYPE_BOS)
297 for (i = 0, curbyte = 0; i < 8; i++)
298 curbyte += aimutil_put8(ck+curbyte, (u_char)rand());
300 if (!(np = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+8+2+1+strlen(sn)+2+2+2+8+16+2+2+2+2+2+2+2+4+4+4+iconlen+strlen(AIM_ICONIDENT)+2+2)))
305 curbyte = aim_putsnac(np->data, 0x0004, 0x0006, 0x0000, sess->snac_nextid);
310 memcpy(np->data+curbyte, ck, 8);
316 curbyte += aimutil_put16(np->data+curbyte, 0x0002);
321 curbyte += aimutil_put8(np->data+curbyte, strlen(sn));
322 curbyte += aimutil_putstr(np->data+curbyte, sn, strlen(sn));
327 curbyte += aimutil_put16(np->data+curbyte, 0x0005);
328 curbyte += aimutil_put16(np->data+curbyte, 2+8+16+6+4+4+iconlen+4+4+4+strlen(AIM_ICONIDENT));
330 curbyte += aimutil_put16(np->data+curbyte, 0x0000);
332 memcpy(np->data+curbyte, ck, 8);
335 curbyte += aim_putcap(np->data+curbyte, 16, AIM_CAPS_BUDDYICON);
338 curbyte += aimutil_put16(np->data+curbyte, 0x000a);
339 curbyte += aimutil_put16(np->data+curbyte, 0x0002);
340 curbyte += aimutil_put16(np->data+curbyte, 0x0001);
343 curbyte += aimutil_put16(np->data+curbyte, 0x000f);
344 curbyte += aimutil_put16(np->data+curbyte, 0x0000);
347 curbyte += aimutil_put16(np->data+curbyte, 0x2711);
348 curbyte += aimutil_put16(np->data+curbyte, 4+4+4+iconlen+strlen(AIM_ICONIDENT));
349 curbyte += aimutil_put16(np->data+curbyte, 0x0000);
350 curbyte += aimutil_put16(np->data+curbyte, iconsum);
351 curbyte += aimutil_put32(np->data+curbyte, iconlen);
352 curbyte += aimutil_put32(np->data+curbyte, stamp);
353 memcpy(np->data+curbyte, icon, iconlen);
355 memcpy(np->data+curbyte, AIM_ICONIDENT, strlen(AIM_ICONIDENT));
356 curbyte += strlen(AIM_ICONIDENT);
359 curbyte += aimutil_put16(np->data+curbyte, 0x0003);
360 curbyte += aimutil_put16(np->data+curbyte, 0x0000);
362 np->commandlen = curbyte;
364 aim_tx_enqueue(sess, np);
369 static int outgoingim(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
371 unsigned int i, ret = 0;
372 aim_rxcallback_t userfunc;
373 unsigned char cookie[8];
375 struct aim_tlvlist_t *tlvlist;
377 unsigned short icbmflags = 0;
378 unsigned char flag1 = 0, flag2 = 0;
379 unsigned char *msgblock = NULL, *msg = NULL;
382 for (i = 0; i < 8; i++)
383 cookie[i] = aimutil_get8(data+i);
386 channel = aimutil_get16(data+i);
389 if (channel != 0x01) {
390 faimdprintf(sess, 0, "icbm: ICBM recieved on unsupported channel. Ignoring. (chan = %04x)\n", channel);
394 strncpy(sn, (char *) data+i+1, (int) *(data+i));
395 i += 1 + (int) *(data+i);
397 tlvlist = aim_readtlvchain(data+i, datalen-i);
399 if (aim_gettlv(tlvlist, 0x0003, 1))
400 icbmflags |= AIM_IMFLAGS_ACK;
401 if (aim_gettlv(tlvlist, 0x0004, 1))
402 icbmflags |= AIM_IMFLAGS_AWAY;
404 if (aim_gettlv(tlvlist, 0x0002, 1)) {
407 msgblock = (unsigned char *)aim_gettlv_str(tlvlist, 0x0002, 1);
409 /* no, this really is correct. I'm not high or anything either. */
411 j += 2 + aimutil_get16(msgblock+j);
414 j += 2; /* final block length */
416 flag1 = aimutil_get16(msgblock);
418 flag2 = aimutil_get16(msgblock);
424 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
425 ret = userfunc(sess, rx, channel, sn, msg, icbmflags, flag1, flag2);
429 aim_freetlvchain(&tlvlist);
434 static int incomingim_ch1(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned short channel, struct aim_userinfo_s *userinfo, unsigned char *data, int datalen, unsigned char *cookie)
436 unsigned short type, length;
437 aim_rxcallback_t userfunc;
439 struct aim_incomingim_ch1_args args;
441 memset(&args, 0, sizeof(args));
444 * This used to be done using tlvchains. For performance reasons,
445 * I've changed it to process the TLVs in-place. This avoids lots
446 * of per-IM memory allocations.
448 for (i = 0; i < datalen; ) {
450 type = aimutil_get16(data+i);
453 length = aimutil_get16(data+i);
456 if (type == 0x0002) { /* Message Block */
457 unsigned short wastebits;
458 unsigned char *msgblock;
459 int j = 0, y = 0, z = 0;
464 * Extracting the message from the unknown cruft.
466 * This is a bit messy, and I'm not really qualified,
467 * even as the author, to comment on it. At least
468 * its not as bad as a while loop shooting into infinity.
470 * "Do you believe in magic?"
474 wastebits = aimutil_get8(msgblock+j++);
475 wastebits = aimutil_get8(msgblock+j++);
477 y = aimutil_get16(msgblock+j);
479 for (z = 0; z < y; z++)
480 wastebits = aimutil_get8(msgblock+j++);
481 wastebits = aimutil_get8(msgblock+j++);
482 wastebits = aimutil_get8(msgblock+j++);
485 if (args.finlen > sizeof(args.fingerprint))
486 args.finlen = sizeof(args.fingerprint);
487 memcpy(args.fingerprint, msgblock, args.finlen);
489 /* Message string length, including flag words. */
490 args.msglen = aimutil_get16(msgblock+j);
494 args.flag1 = aimutil_get16(msgblock+j);
495 if (args.flag1 == 0x0002)
496 args.icbmflags |= AIM_IMFLAGS_UNICODE;
497 else if (args.flag1 == 0x0003)
498 args.icbmflags |= AIM_IMFLAGS_ISO_8859_1;
501 args.flag2 = aimutil_get16(msgblock+j);
504 if ((args.flag1 && (args.flag1 != 0x0002) && (args.flag1 != 0x0003)) || args.flag2)
505 faimdprintf(sess, 0, "icbm: **warning: encoding flags are being used! {%04x, %04x}\n", args.flag1, args.flag2);
507 /* Message string. */
509 if (args.icbmflags & AIM_IMFLAGS_UNICODE) {
510 args.msg = malloc(args.msglen+2);
511 memcpy(args.msg, msgblock+j, args.msglen);
512 args.msg[args.msglen] = '\0'; /* wide NULL */
513 args.msg[args.msglen+1] = '\0';
515 args.msg = malloc(args.msglen+1);
516 memcpy(args.msg, msgblock+j, args.msglen);
517 args.msg[args.msglen] = '\0';
520 } else if (type == 0x0003) { /* Server Ack Requested */
522 args.icbmflags |= AIM_IMFLAGS_ACK;
524 } else if (type == 0x0004) { /* Message is Auto Response */
526 args.icbmflags |= AIM_IMFLAGS_AWAY;
528 } else if ((type == 0x0008) &&
529 (length == 0x000c)) { /* I-HAVE-A-REALLY-PURTY-ICON Flag */
531 args.iconstamp = aimutil_get32(data+i+8);
532 args.icbmflags |= AIM_IMFLAGS_HASICON;
534 } else if (type == 0x0009) {
536 args.icbmflags |= AIM_IMFLAGS_BUDDYREQ;
539 fprintf(stderr, "incomingim_ch1: unknown TLV 0x%04x (len %d)\n", type, length);
546 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
547 ret = userfunc(sess, rx, channel, userinfo, &args);
554 static int incomingim_ch2(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned short channel, struct aim_userinfo_s *userinfo, struct aim_tlvlist_t *tlvlist, unsigned char *cookie)
556 aim_rxcallback_t userfunc;
557 struct aim_tlv_t *block1;
558 struct aim_tlvlist_t *list2;
560 struct aim_incomingim_ch2_args args;
562 memset(&args, 0, sizeof(args));
565 * There's another block of TLVs embedded in the type 5 here.
567 block1 = aim_gettlv(tlvlist, 0x0005, 1);
568 if (!block1 || !block1->value) {
569 faimdprintf(sess, 0, "no tlv 0x0005 in rendezvous transaction!\n");
574 * First two bytes represent the status of the connection.
576 * 0 is a request, 2 is an accept
578 args.status = aimutil_get16(block1->value+0);
581 * Next comes the cookie. Should match the ICBM cookie.
583 if (memcmp(block1->value+2, cookie, 8) != 0)
584 faimdprintf(sess, 0, "rend: warning cookies don't match!\n");
587 * The next 16bytes are a capability block so we can
588 * identify what type of rendezvous this is.
590 * Thanks to Eric Warmenhoven <warmenhoven@linux.com> (of GAIM)
591 * for pointing some of this out to me. In fact, a lot of
592 * the client-to-client info comes from the work of the GAIM
593 * developers. Thanks!
595 * Read off one capability string and we should have it ID'd.
598 if ((args.reqclass = aim_getcap(sess, block1->value+2+8, 0x10)) == 0x0000) {
599 faimdprintf(sess, 0, "rend: no ID block\n");
604 * What follows may be TLVs or nothing, depending on the
605 * purpose of the message.
607 * Ack packets for instance have nothing more to them.
609 list2 = aim_readtlvchain(block1->value+2+8+16, block1->length-2-8-16);
611 if (!list2 || ((args.reqclass != AIM_CAPS_IMIMAGE) && !(aim_gettlv(list2, 0x2711, 1)))) {
612 struct aim_msgcookie_t *cook;
615 type = aim_msgcookie_gettype(args.reqclass); /* XXX: fix this shitty code */
617 if ((cook = aim_checkcookie(sess, cookie, type)) == NULL) {
618 faimdprintf(sess, 0, "non-data rendezvous thats not in cache %d/%s!\n", type, cookie);
619 aim_freetlvchain(&list2);
623 if (cook->type == AIM_COOKIETYPE_OFTGET) {
624 struct aim_filetransfer_priv *ft;
627 int errorcode = -1; /* XXX shouldnt this be 0? */
629 ft = (struct aim_filetransfer_priv *)cook->data;
631 if (args.status != 0x0002) {
633 if (aim_gettlv(list2, 0x000b, 1))
634 errorcode = aim_gettlv16(list2, 0x000b, 1);
636 /* XXX this should make it up to the client, you know.. */
638 faimdprintf(sess, 0, "transfer from %s (%s) for %s cancelled (error code %d)\n", ft->sn, ft->ip, ft->fh.name, errorcode);
641 faimdprintf(sess, 0, "no data attached to file transfer\n");
643 } else if (cook->type == AIM_CAPS_VOICE) {
644 faimdprintf(sess, 0, "voice request cancelled\n");
646 faimdprintf(sess, 0, "unknown cookie cache type %d\n", cook->type);
649 aim_freetlvchain(&list2);
655 * The rest of the handling depends on what type it is.
657 if (args.reqclass & AIM_CAPS_BUDDYICON) {
658 struct aim_tlv_t *miscinfo;
661 miscinfo = aim_gettlv(list2, 0x2711, 1);
663 /* aimutil_get32(miscinfo->value+curpos); i don't know what this is */
665 args.info.icon.length = aimutil_get32(miscinfo->value+curpos);
667 args.info.icon.timestamp = aimutil_get32(miscinfo->value+curpos);
669 args.info.icon.icon = malloc(args.info.icon.length);
670 memcpy(args.info.icon.icon, miscinfo->value+curpos, args.info.icon.length);
672 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
673 ret = userfunc(sess, rx, channel, userinfo, &args);
675 free(args.info.icon.icon);
677 } else if (args.reqclass & AIM_CAPS_VOICE) {
678 struct aim_msgcookie_t *cachedcook;
680 faimdprintf(sess, 0, "rend: voice!\n");
682 if(!(cachedcook = (struct aim_msgcookie_t*)calloc(1, sizeof(struct aim_msgcookie_t)))) {
683 aim_freetlvchain(&list2);
687 memcpy(cachedcook->cookie, cookie, 8);
688 cachedcook->type = AIM_COOKIETYPE_OFTVOICE;
689 cachedcook->data = NULL;
691 if (aim_cachecookie(sess, cachedcook) == -1)
692 faimdprintf(sess, 0, "ERROR caching message cookie\n");
694 /* XXX: implement all this */
696 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
697 ret = userfunc(sess, rx, channel, userinfo, &args);
699 } else if (args.reqclass & AIM_CAPS_IMIMAGE) {
701 struct aim_directim_priv *priv;
703 memset(ip, 0, sizeof(ip));
705 if (aim_gettlv(list2, 0x0003, 1) && aim_gettlv(list2, 0x0005, 1)) {
706 struct aim_tlv_t *iptlv, *porttlv;
708 iptlv = aim_gettlv(list2, 0x0003, 1);
709 porttlv = aim_gettlv(list2, 0x0005, 1);
711 snprintf(ip, 30, "%d.%d.%d.%d:%d",
712 aimutil_get8(iptlv->value+0),
713 aimutil_get8(iptlv->value+1),
714 aimutil_get8(iptlv->value+2),
715 aimutil_get8(iptlv->value+3),
716 4443 /*aimutil_get16(porttlv->value)*/);
719 faimdprintf(sess, 0, "rend: directIM request from %s (%s)\n",
723 * XXX: there are a couple of different request packets for
727 args.info.directim = priv = (struct aim_directim_priv *)calloc(1, sizeof(struct aim_directim_priv));
728 memcpy(priv->ip, ip, sizeof(priv->ip));
729 memcpy(priv->sn, userinfo->sn, sizeof(priv->sn));
730 memcpy(priv->cookie, cookie, sizeof(priv->cookie));
732 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
733 ret = userfunc(sess, rx, channel, userinfo, &args);
735 } else if (args.reqclass & AIM_CAPS_CHAT) {
736 struct aim_tlv_t *miscinfo;
738 miscinfo = aim_gettlv(list2, 0x2711, 1);
739 aim_chat_readroominfo(miscinfo->value, &args.info.chat.roominfo);
741 if (aim_gettlv(list2, 0x000c, 1))
742 args.info.chat.msg = aim_gettlv_str(list2, 0x000c, 1);
744 if (aim_gettlv(list2, 0x000d, 1))
745 args.info.chat.encoding = aim_gettlv_str(list2, 0x000d, 1);
747 if (aim_gettlv(list2, 0x000e, 1))
748 args.info.chat.lang = aim_gettlv_str(list2, 0x000e, 1);
750 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
751 ret = userfunc(sess, rx, channel, userinfo, &args);
753 free(args.info.chat.roominfo.name);
754 free(args.info.chat.msg);
755 free(args.info.chat.encoding);
756 free(args.info.chat.lang);
758 } else if (args.reqclass & AIM_CAPS_GETFILE) {
760 struct aim_msgcookie_t *cachedcook;
761 struct aim_tlv_t *miscinfo;
762 struct aim_tlv_t *iptlv, *porttlv;
766 if (!(cachedcook = calloc(1, sizeof(struct aim_msgcookie_t)))) {
767 aim_freetlvchain(&list2);
771 if (!(miscinfo = aim_gettlv(list2, 0x2711, 1)) ||
772 !(iptlv = aim_gettlv(list2, 0x0003, 1)) ||
773 !(porttlv = aim_gettlv(list2, 0x0005, 1))) {
774 faimdprintf(sess, 0, "rend: badly damaged file get request from %s...\n", userinfo->sn);
775 aim_cookie_free(sess, cachedcook);
776 aim_freetlvchain(&list2);
780 snprintf(ip, 30, "%d.%d.%d.%d:%d",
781 aimutil_get8(iptlv->value+0),
782 aimutil_get8(iptlv->value+1),
783 aimutil_get8(iptlv->value+2),
784 aimutil_get8(iptlv->value+3),
785 aimutil_get16(porttlv->value));
787 faimdprintf(sess, 0, "rend: file get request from %s (%s)\n", userinfo->sn, ip);
789 args.info.getfile.ip = ip;
790 args.info.getfile.cookie = cookie;
792 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
793 ret = userfunc(sess, rx, channel, userinfo, &args);
795 } else if (args.reqclass & AIM_CAPS_SENDFILE) {
798 struct aim_msgcookie_t *cachedcook;
799 struct aim_tlv_t *miscinfo;
800 struct aim_tlv_t *iptlv, *porttlv;
804 if (!(cachedcook = calloc(1, sizeof(struct aim_msgcookie_t)))) {
805 aim_freetlvchain(&list2);
809 if (!(miscinfo = aim_gettlv(list2, 0x2711, 1)) ||
810 !(iptlv = aim_gettlv(list2, 0x0003, 1)) ||
811 !(porttlv = aim_gettlv(list2, 0x0005, 1))) {
812 faimdprintf(sess, 0, "rend: badly damaged file get request from %s...\n", userinfo->sn);
813 aim_cookie_free(sess, cachedcook);
814 aim_freetlvchain(&list2);
818 snprintf(ip, 30, "%d.%d.%d.%d:%d",
819 aimutil_get8(iptlv->value+0),
820 aimutil_get8(iptlv->value+1),
821 aimutil_get8(iptlv->value+2),
822 aimutil_get8(iptlv->value+3),
823 aimutil_get16(porttlv->value));
825 if (aim_gettlv(list2, 0x000c, 1))
826 desc = aim_gettlv_str(list2, 0x000c, 1);
828 faimdprintf(sess, 0, "rend: file transfer request from %s for %s: %s (%s)\n",
829 userinfo->sn, miscinfo->value+8,
832 memcpy(cachedcook->cookie, cookie, 8);
834 ft = malloc(sizeof(struct aim_filetransfer_priv));
835 strncpy(ft->sn, userinfo.sn, sizeof(ft->sn));
836 strncpy(ft->ip, ip, sizeof(ft->ip));
837 strncpy(ft->fh.name, miscinfo->value+8, sizeof(ft->fh.name));
838 cachedcook->type = AIM_COOKIETYPE_OFTSEND;
839 cachedcook->data = ft;
841 if (aim_cachecookie(sess, cachedcook) == -1)
842 faimdprintf(sess, 0, "ERROR caching message cookie\n");
844 aim_accepttransfer(sess, rx->conn, ft->sn, cookie, AIM_CAPS_SENDFILE);
849 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
850 ret = userfunc(sess, rx, channel, userinfo, &args);
854 faimdprintf(sess, 0, "rend: unknown rendezvous 0x%04x\n", args.reqclass);
856 aim_freetlvchain(&list2);
862 * It can easily be said that parsing ICBMs is THE single
863 * most difficult thing to do in the in AIM protocol. In
864 * fact, I think I just did say that.
866 * Below is the best damned solution I've come up with
867 * over the past sixteen months of battling with it. This
868 * can parse both away and normal messages from every client
869 * I have access to. Its not fast, its not clean. But it works.
872 static int incomingim(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
875 unsigned char cookie[8];
877 struct aim_userinfo_s userinfo;
879 memset(&userinfo, 0x00, sizeof(struct aim_userinfo_s));
882 * Read ICBM Cookie. And throw away.
884 for (i = 0; i < 8; i++)
885 cookie[i] = aimutil_get8(data+i);
890 * Channel 0x0001 is the message channel. There are
891 * other channels for things called "rendevous"
892 * which represent chat and some of the other new
893 * features of AIM2/3/3.5.
895 * Channel 0x0002 is the Rendevous channel, which
896 * is where Chat Invitiations and various client-client
897 * connection negotiations come from.
900 channel = aimutil_get16(data+i);
906 if ((channel != 0x01) && (channel != 0x02)) {
907 faimdprintf(sess, 0, "icbm: ICBM received on an unsupported channel. Ignoring.\n (chan = %04x)", channel);
912 * Extract the standard user info block.
914 * Note that although this contains TLVs that appear contiguous
915 * with the TLVs read below, they are two different pieces. The
916 * userinfo block contains the number of TLVs that contain user
917 * information, the rest are not even though there is no seperation.
918 * aim_extractuserinfo() returns the number of bytes used by the
919 * userinfo tlvs, so you can start reading the rest of them right
922 * That also means that TLV types can be duplicated between the
923 * userinfo block and the rest of the message, however there should
924 * never be two TLVs of the same type in one block.
927 i += aim_extractuserinfo(sess, data+i, &userinfo);
930 * From here on, its depends on what channel we're on.
932 * Technically all channels have a TLV list have this, however,
933 * for the common channel 1 case, in-place parsing is used for
934 * performance reasons (less memory allocation).
938 ret = incomingim_ch1(sess, mod, rx, snac, channel, &userinfo, data+i, datalen-i, cookie);
940 } else if (channel == 0x0002) {
941 struct aim_tlvlist_t *tlvlist;
944 * Read block of TLVs (not including the userinfo data). All
945 * further data is derived from what is parsed here.
947 tlvlist = aim_readtlvchain(data+i, datalen-i);
949 ret = incomingim_ch2(sess, mod, rx, snac, channel, &userinfo, tlvlist, cookie);
952 * Free up the TLV chain.
954 aim_freetlvchain(&tlvlist);
962 * AIM_TRANSFER_DENY_NOTSUPPORTED -- "client does not support"
963 * AIM_TRANSFER_DENY_DECLINE -- "client has declined transfer"
964 * AIM_TRANSFER_DENY_NOTACCEPTING -- "client is not accepting transfers"
967 faim_export unsigned long aim_denytransfer(struct aim_session_t *sess,
968 struct aim_conn_t *conn,
973 struct command_tx_struct *newpacket;
976 if(!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+8+2+1+strlen(sender)+6)))
981 curbyte = aim_putsnac(newpacket->data, 0x0004, 0x000b, 0x0000, sess->snac_nextid);
982 for (i = 0; i < 8; i++)
983 curbyte += aimutil_put8(newpacket->data+curbyte, cookie[i]);
984 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0002);
985 curbyte += aimutil_put8(newpacket->data+curbyte, strlen(sender));
986 curbyte += aimutil_putstr(newpacket->data+curbyte, sender, strlen(sender));
987 curbyte += aim_puttlv_16(newpacket->data+curbyte, 0x0003, code);
990 aim_tx_enqueue(sess, newpacket);
992 return (sess->snac_nextid++);
996 * Not real sure what this does, nor does anyone I've talk to.
998 * Didn't use to send it. But now I think it might be a good
1002 faim_export unsigned long aim_seticbmparam(struct aim_session_t *sess,
1003 struct aim_conn_t *conn)
1005 struct command_tx_struct *newpacket;
1008 if(!(newpacket = aim_tx_new(sess, conn, AIM_FRAMETYPE_OSCAR, 0x0002, 10+16)))
1011 newpacket->lock = 1;
1013 curbyte = aim_putsnac(newpacket->data, 0x0004, 0x0002, 0x0000, sess->snac_nextid);
1014 curbyte += aimutil_put16(newpacket->data+curbyte, 0x0000);
1015 curbyte += aimutil_put32(newpacket->data+curbyte, 0x00000003);
1016 curbyte += aimutil_put16(newpacket->data+curbyte, 0x1f40);
1017 curbyte += aimutil_put16(newpacket->data+curbyte, 0x03e7);
1018 curbyte += aimutil_put16(newpacket->data+curbyte, 0x03e7);
1019 curbyte += aimutil_put32(newpacket->data+curbyte, 0x00000000);
1021 newpacket->lock = 0;
1022 aim_tx_enqueue(sess, newpacket);
1024 return (sess->snac_nextid++);
1027 static int paraminfo(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
1029 unsigned long defflags, minmsginterval;
1030 unsigned short maxicbmlen, maxsenderwarn, maxrecverwarn, maxchannel;
1031 aim_rxcallback_t userfunc;
1034 maxchannel = aimutil_get16(data+i);
1037 defflags = aimutil_get32(data+i);
1040 maxicbmlen = aimutil_get16(data+i);
1043 maxsenderwarn = aimutil_get16(data+i);
1046 maxrecverwarn = aimutil_get16(data+i);
1049 minmsginterval = aimutil_get32(data+i);
1052 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
1053 return userfunc(sess, rx, maxchannel, defflags, maxicbmlen, maxsenderwarn, maxrecverwarn, minmsginterval);
1058 static int missedcall(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
1061 aim_rxcallback_t userfunc;
1062 unsigned short channel, nummissed, reason;
1063 struct aim_userinfo_s userinfo;
1066 * XXX: supposedly, this entire packet can repeat as many times
1067 * as necessary. Should implement that.
1073 channel = aimutil_get16(data+i);
1077 * Extract the standard user info block.
1079 i += aim_extractuserinfo(sess, data+i, &userinfo);
1081 nummissed = aimutil_get16(data+i);
1084 reason = aimutil_get16(data+i);
1087 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
1088 return userfunc(sess, rx, channel, &userinfo, nummissed, reason);
1093 static int msgack(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
1095 aim_rxcallback_t userfunc;
1097 unsigned char ck[8];
1098 unsigned short type;
1100 unsigned char snlen;
1102 memcpy(ck, data, 8);
1105 type = aimutil_get16(data+i);
1108 snlen = aimutil_get8(data+i);
1111 memset(sn, 0, sizeof(sn));
1112 strncpy(sn, (char *)data+i, snlen);
1114 if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
1115 return userfunc(sess, rx, type, sn);
1120 static int snachandler(struct aim_session_t *sess, aim_module_t *mod, struct command_rx_struct *rx, aim_modsnac_t *snac, unsigned char *data, int datalen)
1123 if (snac->subtype == 0x0005)
1124 return paraminfo(sess, mod, rx, snac, data, datalen);
1125 else if (snac->subtype == 0x0006)
1126 return outgoingim(sess, mod, rx, snac, data, datalen);
1127 else if (snac->subtype == 0x0007)
1128 return incomingim(sess, mod, rx, snac, data, datalen);
1129 else if (snac->subtype == 0x000a)
1130 return missedcall(sess, mod, rx, snac, data, datalen);
1131 else if (snac->subtype == 0x000c)
1132 return msgack(sess, mod, rx, snac, data, datalen);
1137 faim_internal int msg_modfirst(struct aim_session_t *sess, aim_module_t *mod)
1140 mod->family = 0x0004;
1141 mod->version = 0x0000;
1143 strncpy(mod->name, "messaging", sizeof(mod->name));
1144 mod->snachandler = snachandler;