static int consumesnac(aim_session_t *sess, aim_frame_t *rx) { aim_module_t *cur; aim_modsnac_t snac; if (aim_bstream_empty(&rx->data) < 10) return 0; snac.family = aimbs_get16(&rx->data); snac.subtype = aimbs_get16(&rx->data); snac.flags = aimbs_get16(&rx->data); snac.id = aimbs_get32(&rx->data); for (cur = (aim_module_t *)sess->modlistv; cur; cur = cur->next) { if (!(cur->flags & AIM_MODFLAG_MULTIFAMILY) && (cur->family != snac.family)) continue; if (cur->snachandler(sess, cur, rx, &snac, &rx->data)) return 1; } return 0; }
static int paraminfo(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs) { struct aim_icbmparameters params; aim_rxcallback_t userfunc; params.maxchan = aimbs_get16(bs); params.flags = aimbs_get32(bs); params.maxmsglen = aimbs_get16(bs); params.maxsenderwarn = aimbs_get16(bs); params.maxrecverwarn = aimbs_get16(bs); params.minmsginterval = aimbs_get32(bs); if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype))) return userfunc(sess, rx, ¶ms); return 0; }
static int consumesnac(aim_session_t *sess, aim_frame_t *rx) { aim_module_t *cur; aim_modsnac_t snac; if (aim_bstream_empty(&rx->data) < 10) return 0; snac.family = aimbs_get16(&rx->data); snac.subtype = aimbs_get16(&rx->data); snac.flags = aimbs_get16(&rx->data); snac.id = aimbs_get32(&rx->data); /* SNAC flags are apparently uniform across all SNACs, so we handle them here */ if (snac.flags & 0x0001) { /* * This means the SNAC will be followed by another SNAC with * related information. We don't need to do anything about * this here. */ } if (snac.flags & 0x8000) { /* * This packet contains the version of the family that this SNAC is * in. You get this when your SSI module is version 2 or higher. * For now we have no need for this, but you could always save * it as a part of aim_modnsac_t, or something. The format is... * 2 byte length of total mini-header (which is 6 bytes), then TLV * of type 0x0001, length 0x0002, value is the 2 byte version * number */ aim_bstream_advance(&rx->data, aimbs_get16(&rx->data)); } for (cur = (aim_module_t *)sess->modlistv; cur; cur = cur->next) { if (!(cur->flags & AIM_MODFLAG_MULTIFAMILY) && (cur->family != snac.family)) continue; if (cur->snachandler(sess, cur, rx, &snac, &rx->data)) return 1; } return 0; }
/* * AIM is fairly regular about providing user info. This is a generic * routine to extract it in its standard form. */ faim_internal int aim_extractuserinfo(aim_session_t *sess, aim_bstream_t *bs, aim_userinfo_t *outinfo) { int curtlv, tlvcnt; fu8_t snlen; if (!bs || !outinfo) return -EINVAL; /* Clear out old data first */ memset(outinfo, 0x00, sizeof(aim_userinfo_t)); /* * Screen name. Stored as an unterminated string prepended with a * byte containing its length. */ snlen = aimbs_get8(bs); aimbs_getrawbuf(bs, outinfo->sn, snlen); /* * Warning Level. Stored as an unsigned short. */ outinfo->warnlevel = aimbs_get16(bs); /* * TLV Count. Unsigned short representing the number of * Type-Length-Value triples that follow. */ tlvcnt = aimbs_get16(bs); /* * Parse out the Type-Length-Value triples as they're found. */ for (curtlv = 0; curtlv < tlvcnt; curtlv++) { int endpos; fu16_t type, length; type = aimbs_get16(bs); length = aimbs_get16(bs); endpos = aim_bstream_curpos(bs) + length; if (type == 0x0001) { /* * Type = 0x0001: User flags * * Specified as any of the following ORed together: * 0x0001 Trial (user less than 60days) * 0x0002 Unknown bit 2 * 0x0004 AOL Main Service user * 0x0008 Unknown bit 4 * 0x0010 Free (AIM) user * 0x0020 Away * 0x0400 ActiveBuddy * */ outinfo->flags = aimbs_get16(bs); outinfo->present |= AIM_USERINFO_PRESENT_FLAGS; } else if (type == 0x0002) { /* * Type = 0x0002: Account creation time. * * The time/date that the user originally registered for * the service, stored in time_t format. * * I'm not sure how this differs from type 5 ("member * since"). * * Note: This is the field formerly known as "member * since". All these years and I finally found out * that I got the name wrong. */ outinfo->createtime = aimbs_get32(bs); outinfo->present |= AIM_USERINFO_PRESENT_CREATETIME; } else if (type == 0x0003) { /* * Type = 0x0003: On-Since date. * * The time/date that the user started their current * session, stored in time_t format. */ outinfo->onlinesince = aimbs_get32(bs); outinfo->present |= AIM_USERINFO_PRESENT_ONLINESINCE; } else if (type == 0x0004) { /* * Type = 0x0004: Idle time. * * Number of seconds since the user actively used the * service. * * Note that the client tells the server when to start * counting idle times, so this may or may not be * related to reality. */ outinfo->idletime = aimbs_get16(bs); outinfo->present |= AIM_USERINFO_PRESENT_IDLE; } else if (type == 0x0005) { /* * Type = 0x0005: Member since date. * * The time/date that the user originally registered for * the service, stored in time_t format. * * This is sometimes sent instead of type 2 ("account * creation time"), particularly in the self-info. */ outinfo->membersince = aimbs_get32(bs); outinfo->present |= AIM_USERINFO_PRESENT_MEMBERSINCE; } else if (type == 0x0006) { /* * Type = 0x0006: ICQ Online Status * * ICQ's Away/DND/etc "enriched" status. Some decoding * of values done by Scott <*****@*****.**> */ aimbs_get16(bs); outinfo->icqinfo.status = aimbs_get16(bs); outinfo->present |= AIM_USERINFO_PRESENT_ICQEXTSTATUS; } else if (type == 0x000a) { /* * Type = 0x000a * * ICQ User IP Address. * Ahh, the joy of ICQ security. */ outinfo->icqinfo.ipaddr = aimbs_get32(bs); outinfo->present |= AIM_USERINFO_PRESENT_ICQIPADDR; } else if (type == 0x000c) { /* * Type = 0x000c * * random crap containing the IP address, * apparently a port number, and some Other Stuff. * */ aimbs_getrawbuf(bs, outinfo->icqinfo.crap, 0x25); outinfo->present |= AIM_USERINFO_PRESENT_ICQDATA; } else if (type == 0x000d) { /* * Type = 0x000d * * Capability information. * */ outinfo->capabilities = aim_getcap(sess, bs, length); outinfo->present |= AIM_USERINFO_PRESENT_CAPABILITIES; } else if (type == 0x000e) { /* * Type = 0x000e * * Unknown. Always of zero length, and always only * on AOL users. * * Ignore. * */ } else if ((type == 0x000f) || (type == 0x0010)) { /* * Type = 0x000f: Session Length. (AIM) * Type = 0x0010: Session Length. (AOL) * * The duration, in seconds, of the user's current * session. * * Which TLV type this comes in depends on the * service the user is using (AIM or AOL). * */ outinfo->sessionlen = aimbs_get32(bs); outinfo->present |= AIM_USERINFO_PRESENT_SESSIONLEN; } else if (type == 0x001d) { /* * Type 29: Unknown. * * Currently very rare. Always 18 bytes of mostly zero. */ } else if (type == 0x001e) { /* * Type 30: Unknown. * * Always four bytes, but it doesn't look like an int. */ } else { /* * Reaching here indicates that either AOL has * added yet another TLV for us to deal with, * or the parsing has gone Terribly Wrong. * * Either way, inform the owner and attempt * recovery. * */ faimdprintf(sess, 0, "userinfo: **warning: unexpected TLV:\n"); faimdprintf(sess, 0, "userinfo: sn =%s\n", outinfo->sn); dumptlv(sess, type, bs, length); } /* Save ourselves. */ aim_bstream_setpos(bs, endpos); } return 0; }
/* * AIM is fairly regular about providing user info. This is a generic * routine to extract it in its standard form. */ faim_internal int aim_extractuserinfo(aim_session_t *sess, aim_bstream_t *bs, aim_userinfo_t *outinfo) { int curtlv, tlvcnt; fu8_t snlen; if (!bs || !outinfo) return -EINVAL; /* Clear out old data first */ memset(outinfo, 0x00, sizeof(aim_userinfo_t)); /* * Screen name. Stored as an unterminated string prepended with a * byte containing its length. */ snlen = aimbs_get8(bs); aimbs_getrawbuf(bs, outinfo->sn, snlen); /* * Warning Level. Stored as an unsigned short. */ outinfo->warnlevel = aimbs_get16(bs); /* * TLV Count. Unsigned short representing the number of * Type-Length-Value triples that follow. */ tlvcnt = aimbs_get16(bs); /* * Parse out the Type-Length-Value triples as they're found. */ for (curtlv = 0; curtlv < tlvcnt; curtlv++) { int endpos; fu16_t type, length; type = aimbs_get16(bs); length = aimbs_get16(bs); endpos = aim_bstream_curpos(bs) + length; if (type == 0x0001) { /* * Type = 0x0001: User flags * * Specified as any of the following ORed together: * 0x0001 Trial (user less than 60days) * 0x0002 Unknown bit 2 * 0x0004 AOL Main Service user * 0x0008 Unknown bit 4 * 0x0010 Free (AIM) user * 0x0020 Away * 0x0400 ActiveBuddy * */ outinfo->flags = aimbs_get16(bs); } else if (type == 0x0002) { /* * Type = 0x0002: Member-Since date. * * The time/date that the user originally registered for * the service, stored in time_t format. */ outinfo->membersince = aimbs_get32(bs); } else if (type == 0x0003) { /* * Type = 0x0003: On-Since date. * * The time/date that the user started their current * session, stored in time_t format. */ outinfo->onlinesince = aimbs_get32(bs); } else if (type == 0x0004) { /* * Type = 0x0004: Idle time. * * Number of seconds since the user actively used the * service. * * Note that the client tells the server when to start * counting idle times, so this may or may not be * related to reality. */ outinfo->idletime = aimbs_get16(bs); } else if (type == 0x0006) { /* * Type = 0x0006: ICQ Online Status * * ICQ's Away/DND/etc "enriched" status. Some decoding * of values done by Scott <*****@*****.**> */ aimbs_get16(bs); outinfo->icqinfo.status = aimbs_get16(bs); } else if (type == 0x000a) { /* * Type = 0x000a * * ICQ User IP Address. * Ahh, the joy of ICQ security. */ outinfo->icqinfo.ipaddr = aimbs_get32(bs); } else if (type == 0x000c) { /* * Type = 0x000c * * random crap containing the IP address, * apparently a port number, and some Other Stuff. * */ aimbs_getrawbuf(bs, outinfo->icqinfo.crap, 0x25); } else if (type == 0x000d) { /* * Type = 0x000d * * Capability information. * */ outinfo->capabilities = aim_getcap(sess, bs, length); outinfo->capspresent = 1; } else if (type == 0x000e) { /* * Type = 0x000e * * Unknown. Always of zero length, and always only * on AOL users. * * Ignore. * */ } else if ((type == 0x000f) || (type == 0x0010)) { /* * Type = 0x000f: Session Length. (AIM) * Type = 0x0010: Session Length. (AOL) * * The duration, in seconds, of the user's current * session. * * Which TLV type this comes in depends on the * service the user is using (AIM or AOL). * */ outinfo->sessionlen = aimbs_get32(bs); } else { /* * Reaching here indicates that either AOL has * added yet another TLV for us to deal with, * or the parsing has gone Terribly Wrong. * * Either way, inform the owner and attempt * recovery. * */ faimdprintf(sess, 0, "userinfo: **warning: unexpected TLV:\n"); faimdprintf(sess, 0, "userinfo: sn =%s\n", outinfo->sn); faimdprintf(sess, 0, "userinfo: type =0x%04x\n",type); faimdprintf(sess, 0, "userinfo: length=0x%04x\n", length); } /* Save ourselves. */ aim_bstream_setpos(bs, endpos); } return 0; }
static int incomingim_ch1(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, guint16 channel, aim_userinfo_t *userinfo, aim_bstream_t *bs, guint8 *cookie) { guint16 type, length; aim_rxcallback_t userfunc; int ret = 0; struct aim_incomingim_ch1_args args; int endpos; memset(&args, 0, sizeof(args)); aim_mpmsg_init(sess, &args.mpmsg); /* * This used to be done using tlvchains. For performance reasons, * I've changed it to process the TLVs in-place. This avoids lots * of per-IM memory allocations. */ while (aim_bstream_empty(bs)) { type = aimbs_get16(bs); length = aimbs_get16(bs); endpos = aim_bstream_curpos(bs) + length; if (type == 0x0002) { /* Message Block */ /* * This TLV consists of the following: * - 0501 -- Unknown * - Features: Don't know how to interpret these * - 0101 -- Unknown * - Message * */ aimbs_get8(bs); /* 05 */ aimbs_get8(bs); /* 01 */ args.featureslen = aimbs_get16(bs); /* XXX XXX this is all evil! */ args.features = bs->data + bs->offset; aim_bstream_advance(bs, args.featureslen); args.icbmflags |= AIM_IMFLAGS_CUSTOMFEATURES; /* * The rest of the TLV contains one or more message * blocks... */ incomingim_ch1_parsemsgs(sess, bs->data + bs->offset /* XXX evil!!! */, length - 2 - 2 - args.featureslen, &args); } else if (type == 0x0003) { /* Server Ack Requested */ args.icbmflags |= AIM_IMFLAGS_ACK; } else if (type == 0x0004) { /* Message is Auto Response */ args.icbmflags |= AIM_IMFLAGS_AWAY; } else if (type == 0x0006) { /* Message was received offline. */ /* XXX not sure if this actually gets sent. */ args.icbmflags |= AIM_IMFLAGS_OFFLINE; } else if (type == 0x0008) { /* I-HAVE-A-REALLY-PURTY-ICON Flag */ args.iconlen = aimbs_get32(bs); aimbs_get16(bs); /* 0x0001 */ args.iconsum = aimbs_get16(bs); args.iconstamp = aimbs_get32(bs); /* * This looks to be a client bug. MacAIM 4.3 will * send this tag, but with all zero values, in the * first message of a conversation. This makes no * sense whatsoever, so I'm going to say its a bug. * * You really shouldn't advertise a zero-length icon * anyway. * */ if (args.iconlen) args.icbmflags |= AIM_IMFLAGS_HASICON; } else if (type == 0x0009) { args.icbmflags |= AIM_IMFLAGS_BUDDYREQ; } else if (type == 0x0017) { args.extdatalen = length; args.extdata = aimbs_getraw(bs, args.extdatalen); } else { // imcb_error(sess->aux_data, "Unknown TLV encountered"); } /* * This is here to protect ourselves from ourselves. That * is, if something above doesn't completly parse its value * section, or, worse, overparses it, this will set the * stream where it needs to be in order to land on the next * TLV when the loop continues. * */ aim_bstream_setpos(bs, endpos); } if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype))) ret = userfunc(sess, rx, channel, userinfo, &args); aim_mpmsg_free(sess, &args.mpmsg); g_free(args.extdata); return ret; }