static int incomingim_ch4(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, guint16 channel, aim_userinfo_t *userinfo, aim_tlvlist_t *tlvlist, guint8 *cookie)
{
aim_bstream_t meat;
aim_rxcallback_t userfunc;
aim_tlv_t *block;
struct aim_incomingim_ch4_args args;
int ret = 0;
/*
* Make a bstream for the meaty part. Yum. Meat.
*/
if (!(block = aim_gettlv(tlvlist, 0x0005, 1)))
return -1;
aim_bstream_init(&meat, block->value, block->length);
args.uin = aimbs_getle32(&meat);
args.type = aimbs_getle16(&meat);
args.msg = (char *)aimbs_getraw(&meat, aimbs_getle16(&meat));
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, channel, userinfo, &args);
g_free(args.msg);
return ret;
}
faim_internal int aim_addtlvtochain_userinfo(aim_tlvlist_t **list, fu16_t type, aim_userinfo_t *ui)
{
fu8_t buf[1024]; /* bleh */
aim_bstream_t bs;
aim_bstream_init(&bs, buf, sizeof(buf));
aim_putuserinfo(&bs, ui);
return aim_addtlvtochain_raw(list, type, aim_bstream_curpos(&bs), buf);
}
/**
* aim_addtlvtochain_caps - Add a capability block to a TLV chain
* @list: Destination chain
* @type: TLV type to add
* @caps: Bitfield of capability flags to send
*
* Adds a block of capability blocks to a TLV chain. The bitfield
* passed in should be a bitwise %OR of any of the %AIM_CAPS constants:
*
* %AIM_CAPS_BUDDYICON Supports Buddy Icons
*
* %AIM_CAPS_VOICE Supports Voice Chat
*
* %AIM_CAPS_IMIMAGE Supports DirectIM/IMImage
*
* %AIM_CAPS_CHAT Supports Chat
*
* %AIM_CAPS_GETFILE Supports Get File functions
*
* %AIM_CAPS_SENDFILE Supports Send File functions
*
*/
faim_internal int aim_addtlvtochain_caps(aim_tlvlist_t **list, const fu16_t t, const fu16_t caps)
{
fu8_t buf[16*16]; /* icky fixed length buffer */
aim_bstream_t bs;
if (!caps)
return 0; /* nothing there anyway */
aim_bstream_init(&bs, buf, sizeof(buf));
aim_putcap(&bs, caps);
return aim_addtlvtochain_raw(list, t, aim_bstream_curpos(&bs), buf);
}
/*
* Read a FLAP header from conn into fr, and return the number of bytes in the payload.
*/
static int aim_get_command_flap(aim_session_t *sess, aim_conn_t *conn,
aim_frame_t *fr)
{
fu8_t flaphdr_raw[6];
aim_bstream_t flaphdr;
fu16_t payloadlen;
aim_bstream_init(&flaphdr, flaphdr_raw, sizeof(flaphdr_raw));
/*
* Read FLAP header. Six bytes:
* 0 char -- Always 0x2a
* 1 char -- Channel ID. Usually 2 -- 1 and 4 are used during login.
* 2 short -- Sequence number
* 4 short -- Number of data bytes that follow.
*/
if (aim_bstream_recv(&flaphdr, conn->fd, 6) < 6) {
aim_conn_close(conn);
return -1;
}
aim_bstream_rewind(&flaphdr);
/*
* This shouldn't happen unless the socket breaks, the server breaks,
* or we break. We must handle it just in case.
*/
if (aimbs_get8(&flaphdr) != 0x2a) {
fu8_t start;
aim_bstream_rewind(&flaphdr);
start = aimbs_get8(&flaphdr);
faimdprintf(sess, 0, "FLAP framing disrupted (0x%02x)", start);
aim_conn_close(conn);
return -1;
}
/* we're doing FLAP if we're here */
fr->hdrtype = AIM_FRAMETYPE_FLAP;
fr->hdr.flap.type = aimbs_get8(&flaphdr);
fr->hdr.flap.seqnum = aimbs_get16(&flaphdr);
payloadlen = aimbs_get16(&flaphdr); /* length of payload */
return payloadlen;
}
/*
* Read a rendezvous header from conn into fr, and return the number of bytes in the payload.
*/
static int aim_get_command_rendezvous(aim_session_t *sess, aim_conn_t *conn,
aim_frame_t *fr)
{
fu8_t rendhdr_raw[8];
aim_bstream_t rendhdr;
aim_bstream_init(&rendhdr, rendhdr_raw, sizeof(rendhdr_raw));
if (aim_bstream_recv(&rendhdr, conn->fd, 8) < 8) {
aim_conn_close(conn);
return -1;
}
aim_bstream_rewind(&rendhdr);
fr->hdrtype = AIM_FRAMETYPE_OFT; /* a misnomer--rendezvous */
aimbs_getrawbuf(&rendhdr, fr->hdr.rend.magic, 4);
fr->hdr.rend.hdrlen = aimbs_get16(&rendhdr) - 8;
fr->hdr.rend.type = aimbs_get16(&rendhdr);
return fr->hdr.rend.hdrlen;
}
/*
* Note that the inner TLV chain will not be modifiable as a tlvchain once
* it is written using this. Or rather, it can be, but updates won't be
* made to this.
*
* XXX should probably support sublists for real.
*
* This is so neat.
*
*/
faim_internal int aim_addtlvtochain_frozentlvlist(aim_tlvlist_t **list, fu16_t type, aim_tlvlist_t **tl)
{
fu8_t *buf;
int buflen;
aim_bstream_t bs;
buflen = aim_sizetlvchain(tl);
if (buflen <= 0)
return 0;
if (!(buf = malloc(buflen)))
return 0;
aim_bstream_init(&bs, buf, buflen);
aim_writetlvchain(&bs, tl);
aim_addtlvtochain_raw(list, type, aim_bstream_curpos(&bs), buf);
free(buf);
return buflen;
}
static int aim_addtlvtochain_chatroom(aim_tlvlist_t **list, fu16_t type, fu16_t exchange, const char *roomname, fu16_t instance)
{
fu8_t *buf;
int buflen;
aim_bstream_t bs;
buflen = 2 + 1 + strlen(roomname) + 2;
if (!(buf = malloc(buflen)))
return 0;
aim_bstream_init(&bs, buf, buflen);
aimbs_put16(&bs, exchange);
aimbs_put8(&bs, strlen(roomname));
aimbs_putraw(&bs, roomname, strlen(roomname));
aimbs_put16(&bs, instance);
aim_addtlvtochain_raw(list, type, aim_bstream_curpos(&bs), buf);
free(buf);
return 0;
}
/*
* Grab a single command sequence off the socket, and enqueue
* it in the incoming event queue in a seperate struct.
*/
int aim_get_command(aim_session_t *sess, aim_conn_t *conn)
{
guint8 flaphdr_raw[6];
aim_bstream_t flaphdr;
aim_frame_t *newrx;
guint16 payloadlen;
if (!sess || !conn)
return 0;
if (conn->fd == -1)
return -1; /* its a aim_conn_close()'d connection */
/* KIDS, THIS IS WHAT HAPPENS IF YOU USE CODE WRITTEN FOR GUIS IN A DAEMON!
And wouldn't it make sense to return something that prevents this function
from being called again IMMEDIATELY (and making the program suck up all
CPU time)?...
if (conn->fd < 3)
return 0;
*/
if (conn->status & AIM_CONN_STATUS_INPROGRESS)
return aim_conn_completeconnect(sess, conn);
aim_bstream_init(&flaphdr, flaphdr_raw, sizeof(flaphdr_raw));
/*
* Read FLAP header. Six bytes:
*
* 0 char -- Always 0x2a
* 1 char -- Channel ID. Usually 2 -- 1 and 4 are used during login.
* 2 short -- Sequence number
* 4 short -- Number of data bytes that follow.
*/
if (aim_bstream_recv(&flaphdr, conn->fd, 6) < 6) {
aim_conn_close(conn);
return -1;
}
aim_bstream_rewind(&flaphdr);
/*
* This shouldn't happen unless the socket breaks, the server breaks,
* or we break. We must handle it just in case.
*/
if (aimbs_get8(&flaphdr) != 0x2a) {
aim_bstream_rewind(&flaphdr);
aimbs_get8(&flaphdr);
imcb_error(sess->aux_data, "FLAP framing disrupted");
aim_conn_close(conn);
return -1;
}
/* allocate a new struct */
if (!(newrx = (aim_frame_t *)g_new0(aim_frame_t,1)))
return -1;
/* we're doing FLAP if we're here */
newrx->hdrtype = AIM_FRAMETYPE_FLAP;
newrx->hdr.flap.type = aimbs_get8(&flaphdr);
newrx->hdr.flap.seqnum = aimbs_get16(&flaphdr);
payloadlen = aimbs_get16(&flaphdr);
newrx->nofree = 0; /* free by default */
if (payloadlen) {
guint8 *payload = NULL;
if (!(payload = (guint8 *) g_malloc(payloadlen))) {
aim_frame_destroy(newrx);
return -1;
}
aim_bstream_init(&newrx->data, payload, payloadlen);
/* read the payload */
if (aim_bstream_recv(&newrx->data, conn->fd, payloadlen) < payloadlen) {
aim_frame_destroy(newrx); /* free's payload */
aim_conn_close(conn);
return -1;
}
} else
aim_bstream_init(&newrx->data, NULL, 0);
aim_bstream_rewind(&newrx->data);
newrx->conn = conn;
newrx->next = NULL; /* this will always be at the bottom */
if (!sess->queue_incoming)
sess->queue_incoming = newrx;
else {
aim_frame_t *cur;
for (cur = sess->queue_incoming; cur->next; cur = cur->next)
;
cur->next = newrx;
}
newrx->conn->lastactivity = time(NULL);
return 0;
}
/*
* Subtype 0x0006
*
* We could probably include this in the normal ICBM parsing
* code as channel 0x0003, however, since only the start
* would be the same, we might as well do it here.
*
* General outline of this SNAC:
* snac
* cookie
* channel id
* tlvlist
* unknown
* source user info
* name
* evility
* userinfo tlvs
* online time
* etc
* message metatlv
* message tlv
* message string
* possibly others
*
*/
static int incomingim_ch3(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
int ret = 0, i;
aim_rxcallback_t userfunc;
aim_userinfo_t userinfo;
fu8_t cookie[8];
fu16_t channel;
aim_tlvlist_t *otl;
char *msg = NULL;
int len = 0;
char *encoding = NULL, *language = NULL;
aim_msgcookie_t *ck;
memset(&userinfo, 0, sizeof(aim_userinfo_t));
/*
* Read ICBM Cookie.
*/
for (i = 0; i < 8; i++)
cookie[i] = aimbs_get8(bs);
if ((ck = aim_uncachecookie(sess, cookie, AIM_COOKIETYPE_CHAT))) {
free(ck->data);
free(ck);
}
/*
* Channel ID
*
* Channel 0x0003 is used for chat messages.
*
*/
channel = aimbs_get16(bs);
if (channel != 0x0003) {
faimdprintf(sess, 0, "faim: chat_incoming: unknown channel! (0x%04x)\n", channel);
return 0;
}
/*
* Start parsing TLVs right away.
*/
otl = aim_tlvlist_read(bs);
/*
* Type 0x0003: Source User Information
*/
if (aim_tlv_gettlv(otl, 0x0003, 1)) {
aim_tlv_t *userinfotlv;
aim_bstream_t tbs;
userinfotlv = aim_tlv_gettlv(otl, 0x0003, 1);
aim_bstream_init(&tbs, userinfotlv->value, userinfotlv->length);
aim_info_extract(sess, &tbs, &userinfo);
}
/*
* Type 0x0001: If present, it means it was a message to the
* room (as opposed to a whisper).
*/
if (aim_tlv_gettlv(otl, 0x0001, 1))
;
/*
* Type 0x0005: Message Block. Conains more TLVs.
*/
if (aim_tlv_gettlv(otl, 0x0005, 1)) {
aim_tlvlist_t *itl;
aim_tlv_t *msgblock;
aim_bstream_t tbs;
msgblock = aim_tlv_gettlv(otl, 0x0005, 1);
aim_bstream_init(&tbs, msgblock->value, msgblock->length);
itl = aim_tlvlist_read(&tbs);
/*
* Type 0x0001: Message.
*/
if (aim_tlv_gettlv(itl, 0x0001, 1)) {
msg = aim_tlv_getstr(itl, 0x0001, 1);
len = aim_tlv_gettlv(itl, 0x0001, 1)->length;
}
/*
* Type 0x0002: Encoding.
*/
if (aim_tlv_gettlv(itl, 0x0002, 1))
encoding = aim_tlv_getstr(itl, 0x0002, 1);
/*
* Type 0x0003: Language.
*/
if (aim_tlv_gettlv(itl, 0x0003, 1))
language = aim_tlv_getstr(itl, 0x0003, 1);
aim_tlvlist_free(&itl);
}
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, &userinfo, len, msg, encoding, language);
aim_info_free(&userinfo);
free(msg);
aim_tlvlist_free(&otl);
return ret;
}
/*
* Grab a single command sequence off the socket, and enqueue it in the incoming event queue
* in a separate struct.
*/
faim_export int aim_get_command(aim_session_t *sess, aim_conn_t *conn)
{
aim_frame_t *newrx;
fu16_t payloadlen;
if (!sess || !conn)
return -EINVAL;
if (conn->fd == -1)
return -1; /* it's an aim_conn_close()'d connection */
if (conn->fd < 3) /* can happen when people abuse the interface */
return -1;
if (conn->status & AIM_CONN_STATUS_INPROGRESS)
return aim_conn_completeconnect(sess, conn);
if (!(newrx = (aim_frame_t *)calloc(sizeof(aim_frame_t), 1)))
return -ENOMEM;
/*
* Rendezvous (client to client) connections do not speak FLAP, so this
* function will break on them.
*/
if (conn->type == AIM_CONN_TYPE_RENDEZVOUS) {
int ret = aim_get_command_rendezvous(sess, conn, newrx);
if (ret < 0) {
free(newrx);
return -1;
}
payloadlen = ret;
} else if (conn->type == AIM_CONN_TYPE_LISTENER) {
faimdprintf(sess, 0, "AIM_CONN_TYPE_LISTENER on fd %d\n",
conn->fd);
free(newrx);
return -1;
} else
payloadlen = aim_get_command_flap(sess, conn, newrx);
newrx->nofree = 0; /* free by default */
if (payloadlen) {
fu8_t *payload = NULL;
if (!(payload = (fu8_t *)malloc(payloadlen))) {
aim_frame_destroy(newrx);
return -1;
}
aim_bstream_init(&newrx->data, payload, payloadlen);
/* read the payload */
if (aim_bstream_recv(&newrx->data, conn->fd,
payloadlen) < payloadlen) {
aim_frame_destroy(newrx); /* free's payload */
aim_conn_close(conn);
return -1;
}
} else
aim_bstream_init(&newrx->data, NULL, 0);
aim_bstream_rewind(&newrx->data);
newrx->conn = conn;
newrx->next = NULL; /* this will always be at the bottom */
if (!sess->queue_incoming)
sess->queue_incoming = newrx;
else {
aim_frame_t *cur;
for (cur = sess->queue_incoming; cur->next; cur = cur->next) ;
cur->next = newrx;
}
newrx->conn->lastactivity = time(NULL);
return 0;
}
/**
* Subtype 0x0003 - Response to 0x0015/0x002, contains an ICQesque packet.
*/
static int icqresponse(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
int ret = 0;
aim_tlvlist_t *tl;
aim_tlv_t *datatlv;
aim_bstream_t qbs;
fu32_t ouruin;
fu16_t cmdlen, cmd, reqid;
if (!(tl = aim_tlvlist_read(bs)) || !(datatlv = aim_tlv_gettlv(tl, 0x0001, 1))) {
aim_tlvlist_free(&tl);
faimdprintf(sess, 0, "corrupt ICQ response\n");
return 0;
}
aim_bstream_init(&qbs, datatlv->value, datatlv->length);
cmdlen = aimbs_getle16(&qbs);
ouruin = aimbs_getle32(&qbs);
cmd = aimbs_getle16(&qbs);
reqid = aimbs_getle16(&qbs);
faimdprintf(sess, 1, "icq response: %d bytes, %ld, 0x%04x, 0x%04x\n", cmdlen, ouruin, cmd, reqid);
if (cmd == 0x0041) { /* offline message */
struct aim_icq_offlinemsg msg;
aim_rxcallback_t userfunc;
memset(&msg, 0, sizeof(msg));
msg.sender = aimbs_getle32(&qbs);
msg.year = aimbs_getle16(&qbs);
msg.month = aimbs_getle8(&qbs);
msg.day = aimbs_getle8(&qbs);
msg.hour = aimbs_getle8(&qbs);
msg.minute = aimbs_getle8(&qbs);
msg.type = aimbs_getle8(&qbs);
msg.flags = aimbs_getle8(&qbs);
msg.msglen = aimbs_getle16(&qbs);
msg.msg = aimbs_getstr(&qbs, msg.msglen);
if ((userfunc = aim_callhandler(sess, rx->conn, AIM_CB_FAM_ICQ, AIM_CB_ICQ_OFFLINEMSG)))
ret = userfunc(sess, rx, &msg);
free(msg.msg);
} else if (cmd == 0x0042) {
aim_rxcallback_t userfunc;
if ((userfunc = aim_callhandler(sess, rx->conn, AIM_CB_FAM_ICQ, AIM_CB_ICQ_OFFLINEMSGCOMPLETE)))
ret = userfunc(sess, rx);
} else if (cmd == 0x07da) { /* information */
fu16_t subtype;
struct aim_icq_info *info;
aim_rxcallback_t userfunc;
subtype = aimbs_getle16(&qbs);
aim_bstream_advance(&qbs, 1); /* 0x0a */
/* find other data from the same request */
for (info = sess->icq_info; info && (info->reqid != reqid); info = info->next);
if (!info) {
info = (struct aim_icq_info *)calloc(1, sizeof(struct aim_icq_info));
info->reqid = reqid;
info->next = sess->icq_info;
sess->icq_info = info;
}
switch (subtype) {
case 0x00a0: { /* hide ip status */
/* nothing */
} break;
case 0x00aa: { /* password change status */
/* nothing */
} break;
case 0x00c8: { /* general and "home" information */
info->nick = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->first = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->last = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->email = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->homecity = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->homestate = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->homephone = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->homefax = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->homeaddr = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->mobile = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->homezip = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->homecountry = aimbs_getle16(&qbs);
/* 0x0a 00 02 00 */
/* 1 byte timezone? */
/* 1 byte hide email flag? */
} break;
case 0x00dc: { /* personal information */
info->age = aimbs_getle8(&qbs);
info->unknown = aimbs_getle8(&qbs);
info->gender = aimbs_getle8(&qbs); /* Not specified=0x00, Female=0x01, Male=0x02 */
info->personalwebpage = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->birthyear = aimbs_getle16(&qbs);
info->birthmonth = aimbs_getle8(&qbs);
info->birthday = aimbs_getle8(&qbs);
info->language1 = aimbs_getle8(&qbs);
info->language2 = aimbs_getle8(&qbs);
info->language3 = aimbs_getle8(&qbs);
/* 0x00 00 01 00 00 01 00 00 00 00 00 */
} break;
case 0x00d2: { /* work information */
info->workcity = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->workstate = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->workphone = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->workfax = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->workaddr = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->workzip = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->workcountry = aimbs_getle16(&qbs);
info->workcompany = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->workdivision = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->workposition = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
aim_bstream_advance(&qbs, 2); /* 0x01 00 */
info->workwebpage = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
} break;
case 0x00e6: { /* additional personal information */
info->info = aimbs_getstr(&qbs, aimbs_getle16(&qbs)-1);
} break;
case 0x00eb: { /* email address(es) */
int i;
info->numaddresses = aimbs_getle16(&qbs);
info->email2 = (char **)calloc(info->numaddresses, sizeof(char *));
for (i = 0; i < info->numaddresses; i++) {
info->email2[i] = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
if (i+1 != info->numaddresses)
aim_bstream_advance(&qbs, 1); /* 0x00 */
}
} break;
case 0x00f0: { /* personal interests */
} break;
case 0x00fa: { /* past background and current organizations */
} break;
case 0x0104: { /* alias info */
info->nick = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->first = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->last = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
aim_bstream_advance(&qbs, aimbs_getle16(&qbs)); /* email address? */
/* Then 0x00 02 00 */
} break;
case 0x010e: { /* unknown */
/* 0x00 00 */
} break;
case 0x019a: { /* simple info */
aim_bstream_advance(&qbs, 2);
info->uin = aimbs_getle32(&qbs);
info->nick = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->first = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->last = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
info->email = aimbs_getstr(&qbs, aimbs_getle16(&qbs));
/* Then 0x00 02 00 00 00 00 00 */
} break;
} /* End switch statement */
if (!(snac->flags & 0x0001)) {
if (subtype != 0x0104)
if ((userfunc = aim_callhandler(sess, rx->conn, AIM_CB_FAM_ICQ, AIM_CB_ICQ_INFO)))
ret = userfunc(sess, rx, info);
if (info->uin && info->nick)
if ((userfunc = aim_callhandler(sess, rx->conn, AIM_CB_FAM_ICQ, AIM_CB_ICQ_ALIAS)))
ret = userfunc(sess, rx, info);
if (sess->icq_info == info) {
sess->icq_info = info->next;
} else {
struct aim_icq_info *cur;
for (cur=sess->icq_info; (cur->next && (cur->next!=info)); cur=cur->next);
if (cur->next)
cur->next = cur->next->next;
}
aim_icq_freeinfo(info);
}
}
aim_tlvlist_free(&tl);
return ret;
}
static int userinfo(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
aim_userinfo_t userinfo;
char *text_encoding = NULL, *text = NULL;
aim_rxcallback_t userfunc;
aim_tlvlist_t *tlvlist;
aim_snac_t *origsnac = NULL;
struct aim_priv_inforeq *inforeq;
int ret = 0;
origsnac = aim_remsnac(sess, snac->id);
if (!origsnac || !origsnac->data) {
faimdprintf(sess, 0, "parse_userinfo_middle: major problem: no snac stored!\n");
return 0;
}
inforeq = (struct aim_priv_inforeq *)origsnac->data;
if ((inforeq->infotype != AIM_GETINFO_GENERALINFO) &&
(inforeq->infotype != AIM_GETINFO_AWAYMESSAGE) &&
(inforeq->infotype != AIM_GETINFO_CAPABILITIES)) {
faimdprintf(sess, 0, "parse_userinfo_middle: unknown infotype in request! (0x%04x)\n", inforeq->infotype);
return 0;
}
aim_extractuserinfo(sess, bs, &userinfo);
tlvlist = aim_readtlvchain(bs);
/*
* Depending on what informational text was requested, different
* TLVs will appear here.
*
* Profile will be 1 and 2, away message will be 3 and 4, caps
* will be 5.
*/
if (inforeq->infotype == AIM_GETINFO_GENERALINFO) {
text_encoding = aim_gettlv_str(tlvlist, 0x0001, 1);
text = aim_gettlv_str(tlvlist, 0x0002, 1);
} else if (inforeq->infotype == AIM_GETINFO_AWAYMESSAGE) {
text_encoding = aim_gettlv_str(tlvlist, 0x0003, 1);
text = aim_gettlv_str(tlvlist, 0x0004, 1);
} else if (inforeq->infotype == AIM_GETINFO_CAPABILITIES) {
aim_tlv_t *ct;
if ((ct = aim_gettlv(tlvlist, 0x0005, 1))) {
aim_bstream_t cbs;
aim_bstream_init(&cbs, ct->value, ct->length);
userinfo.capabilities = aim_getcap(sess, &cbs, ct->length);
userinfo.present = AIM_USERINFO_PRESENT_CAPABILITIES;
}
}
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, &userinfo, inforeq->infotype, text_encoding, text);
free(text_encoding);
free(text);
aim_freetlvchain(&tlvlist);
if (origsnac)
free(origsnac->data);
free(origsnac);
return ret;
}
/*
* We could probably include this in the normal ICBM parsing
* code as channel 0x0003, however, since only the start
* would be the same, we might as well do it here.
*
* General outline of this SNAC:
* snac
* cookie
* channel id
* tlvlist
* unknown
* source user info
* name
* evility
* userinfo tlvs
* online time
* etc
* message metatlv
* message tlv
* message string
* possibly others
*
*/
static int incomingmsg(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
aim_userinfo_t userinfo;
aim_rxcallback_t userfunc;
int ret = 0;
fu8_t *cookie;
fu16_t channel;
aim_tlvlist_t *otl;
char *msg = NULL;
aim_msgcookie_t *ck;
memset(&userinfo, 0, sizeof(aim_userinfo_t));
/*
* ICBM Cookie. Uncache it.
*/
cookie = aimbs_getraw(bs, 8);
if ((ck = aim_uncachecookie(sess, cookie, AIM_COOKIETYPE_CHAT))) {
free(ck->data);
free(ck);
}
/*
* Channel ID
*
* Channels 1 and 2 are implemented in the normal ICBM
* parser.
*
* We only do channel 3 here.
*
*/
channel = aimbs_get16(bs);
if (channel != 0x0003) {
faimdprintf(sess, 0, "faim: chat_incoming: unknown channel! (0x%04x)\n", channel);
return 0;
}
/*
* Start parsing TLVs right away.
*/
otl = aim_readtlvchain(bs);
/*
* Type 0x0003: Source User Information
*/
if (aim_gettlv(otl, 0x0003, 1)) {
aim_tlv_t *userinfotlv;
aim_bstream_t tbs;
userinfotlv = aim_gettlv(otl, 0x0003, 1);
aim_bstream_init(&tbs, userinfotlv->value, userinfotlv->length);
aim_extractuserinfo(sess, &tbs, &userinfo);
}
/*
* Type 0x0001: If present, it means it was a message to the
* room (as opposed to a whisper).
*/
if (aim_gettlv(otl, 0x0001, 1))
;
/*
* Type 0x0005: Message Block. Conains more TLVs.
*/
if (aim_gettlv(otl, 0x0005, 1)) {
aim_tlvlist_t *itl;
aim_tlv_t *msgblock;
aim_bstream_t tbs;
msgblock = aim_gettlv(otl, 0x0005, 1);
aim_bstream_init(&tbs, msgblock->value, msgblock->length);
itl = aim_readtlvchain(&tbs);
/*
* Type 0x0001: Message.
*/
if (aim_gettlv(itl, 0x0001, 1))
msg = aim_gettlv_str(itl, 0x0001, 1);
aim_freetlvchain(&itl);
}
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, &userinfo, msg);
free(cookie);
free(msg);
aim_freetlvchain(&otl);
return ret;
}
/*
* Grab a single command sequence off the socket, and enqueue
* it in the incoming event queue in a seperate struct.
*/
faim_export int aim_get_command(aim_session_t *sess, aim_conn_t *conn)
{
fu8_t flaphdr_raw[6];
aim_bstream_t flaphdr;
aim_frame_t *newrx;
fu16_t payloadlen;
if (!sess || !conn)
return 0;
if (conn->fd == -1)
return -1; /* its a aim_conn_close()'d connection */
if (conn->fd < 3) /* can happen when people abuse the interface */
return 0;
if (conn->status & AIM_CONN_STATUS_INPROGRESS)
return aim_conn_completeconnect(sess, conn);
/*
* Rendezvous (client-client) connections do not speak
* FLAP, so this function will break on them.
*/
if (conn->type == AIM_CONN_TYPE_RENDEZVOUS)
return aim_get_command_rendezvous(sess, conn);
else if (conn->type == AIM_CONN_TYPE_RENDEZVOUS_OUT) {
faimdprintf(sess, 0, "AIM_CONN_TYPE_RENDEZVOUS_OUT on fd %d\n", conn->fd);
return 0;
}
aim_bstream_init(&flaphdr, flaphdr_raw, sizeof(flaphdr_raw));
/*
* Read FLAP header. Six bytes:
*
* 0 char -- Always 0x2a
* 1 char -- Channel ID. Usually 2 -- 1 and 4 are used during login.
* 2 short -- Sequence number
* 4 short -- Number of data bytes that follow.
*/
if (aim_bstream_recv(&flaphdr, conn->fd, 6) < 6) {
aim_conn_close(conn);
return -1;
}
aim_bstream_rewind(&flaphdr);
/*
* This shouldn't happen unless the socket breaks, the server breaks,
* or we break. We must handle it just in case.
*/
if (aimbs_get8(&flaphdr) != 0x2a) {
fu8_t start;
aim_bstream_rewind(&flaphdr);
start = aimbs_get8(&flaphdr);
faimdprintf(sess, 0, "FLAP framing disrupted (0x%02x)", start);
aim_conn_close(conn);
return -1;
}
/* allocate a new struct */
if (!(newrx = (aim_frame_t *)malloc(sizeof(aim_frame_t))))
return -1;
memset(newrx, 0, sizeof(aim_frame_t));
/* we're doing FLAP if we're here */
newrx->hdrtype = AIM_FRAMETYPE_FLAP;
newrx->hdr.flap.type = aimbs_get8(&flaphdr);
newrx->hdr.flap.seqnum = aimbs_get16(&flaphdr);
payloadlen = aimbs_get16(&flaphdr);
newrx->nofree = 0; /* free by default */
if (payloadlen) {
fu8_t *payload = NULL;
if (!(payload = (fu8_t *) malloc(payloadlen))) {
aim_frame_destroy(newrx);
return -1;
}
aim_bstream_init(&newrx->data, payload, payloadlen);
/* read the payload */
if (aim_bstream_recv(&newrx->data, conn->fd, payloadlen) < payloadlen) {
free(payload);
aim_frame_destroy(newrx);
aim_conn_close(conn);
return -1;
}
} else
aim_bstream_init(&newrx->data, NULL, 0);
aim_bstream_rewind(&newrx->data);
newrx->conn = conn;
newrx->next = NULL; /* this will always be at the bottom */
if (!sess->queue_incoming)
sess->queue_incoming = newrx;
else {
aim_frame_t *cur;
for (cur = sess->queue_incoming; cur->next; cur = cur->next)
;
cur->next = newrx;
}
newrx->conn->lastactivity = time(NULL);
return 0;
}
/*
* conn must be a BOS connection!
*/
faim_export int aim_chat_invite(aim_session_t *sess, aim_conn_t *conn, const char *sn, const char *msg, fu16_t exchange, const char *roomname, fu16_t instance)
{
int i;
aim_frame_t *fr;
aim_msgcookie_t *cookie;
struct aim_invite_priv *priv;
fu8_t ckstr[8];
aim_snacid_t snacid;
aim_tlvlist_t *otl = NULL, *itl = NULL;
fu8_t *hdr;
int hdrlen;
aim_bstream_t hdrbs;
if (!sess || !conn || !sn || !msg || !roomname)
return -EINVAL;
if (conn->type != AIM_CONN_TYPE_BOS)
return -EINVAL;
if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x02, 1152+strlen(sn)+strlen(roomname)+strlen(msg))))
return -ENOMEM;
snacid = aim_cachesnac(sess, 0x0004, 0x0006, 0x0000, sn, strlen(sn)+1);
aim_putsnac(&fr->data, 0x0004, 0x0006, 0x0000, snacid);
/*
* Cookie
*/
for (i = 0; i < sizeof(ckstr); i++)
aimutil_put8(ckstr, (fu8_t) rand());
/* XXX should be uncached by an unwritten 'invite accept' handler */
if ((priv = malloc(sizeof(struct aim_invite_priv)))) {
priv->sn = strdup(sn);
priv->roomname = strdup(roomname);
priv->exchange = exchange;
priv->instance = instance;
}
if ((cookie = aim_mkcookie(ckstr, AIM_COOKIETYPE_INVITE, priv)))
aim_cachecookie(sess, cookie);
else
free(priv);
for (i = 0; i < sizeof(ckstr); i++)
aimbs_put8(&fr->data, ckstr[i]);
/*
* Channel (2)
*/
aimbs_put16(&fr->data, 0x0002);
/*
* Dest sn
*/
aimbs_put8(&fr->data, strlen(sn));
aimbs_putraw(&fr->data, sn, strlen(sn));
/*
* TLV t(0005)
*
* Everything else is inside this TLV.
*
* Sigh. AOL was rather inconsistent right here. So we have
* to play some minor tricks. Right inside the type 5 is some
* raw data, followed by a series of TLVs.
*
*/
hdrlen = 2+8+16+6+4+4+strlen(msg)+4+2+1+strlen(roomname)+2;
hdr = malloc(hdrlen);
aim_bstream_init(&hdrbs, hdr, hdrlen);
aimbs_put16(&hdrbs, 0x0000); /* Unknown! */
aimbs_putraw(&hdrbs, ckstr, sizeof(ckstr)); /* I think... */
aim_putcap(&hdrbs, AIM_CAPS_CHAT);
aim_addtlvtochain16(&itl, 0x000a, 0x0001);
aim_addtlvtochain_noval(&itl, 0x000f);
aim_addtlvtochain_raw(&itl, 0x000c, strlen(msg), msg);
aim_addtlvtochain_chatroom(&itl, 0x2711, exchange, roomname, instance);
aim_writetlvchain(&hdrbs, &itl);
aim_addtlvtochain_raw(&otl, 0x0005, aim_bstream_curpos(&hdrbs), hdr);
aim_writetlvchain(&fr->data, &otl);
free(hdr);
aim_freetlvchain(&itl);
aim_freetlvchain(&otl);
aim_tx_enqueue(sess, fr);
return 0;
}
/*
* General room information. Lots of stuff.
*
* Values I know are in here but I havent attached
* them to any of the 'Unknown's:
* - Language (English)
*
* SNAC 000e/0002
*/
static int infoupdate(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
aim_userinfo_t *userinfo = NULL;
aim_rxcallback_t userfunc;
int ret = 0;
int usercount = 0;
fu8_t detaillevel = 0;
char *roomname = NULL;
struct aim_chat_roominfo roominfo;
fu16_t tlvcount = 0;
aim_tlvlist_t *tlvlist;
char *roomdesc = NULL;
fu16_t flags = 0;
fu32_t creationtime = 0;
fu16_t maxmsglen = 0, maxvisiblemsglen = 0;
fu16_t unknown_d2 = 0, unknown_d5 = 0;
aim_chat_readroominfo(bs, &roominfo);
detaillevel = aimbs_get8(bs);
if (detaillevel != 0x02) {
faimdprintf(sess, 0, "faim: chat_roomupdateinfo: detail level %d not supported\n", detaillevel);
return 1;
}
tlvcount = aimbs_get16(bs);
/*
* Everything else are TLVs.
*/
tlvlist = aim_readtlvchain(bs);
/*
* TLV type 0x006a is the room name in Human Readable Form.
*/
if (aim_gettlv(tlvlist, 0x006a, 1))
roomname = aim_gettlv_str(tlvlist, 0x006a, 1);
/*
* Type 0x006f: Number of occupants.
*/
if (aim_gettlv(tlvlist, 0x006f, 1))
usercount = aim_gettlv16(tlvlist, 0x006f, 1);
/*
* Type 0x0073: Occupant list.
*/
if (aim_gettlv(tlvlist, 0x0073, 1)) {
int curoccupant = 0;
aim_tlv_t *tmptlv;
aim_bstream_t occbs;
tmptlv = aim_gettlv(tlvlist, 0x0073, 1);
/* Allocate enough userinfo structs for all occupants */
userinfo = calloc(usercount, sizeof(aim_userinfo_t));
aim_bstream_init(&occbs, tmptlv->value, tmptlv->length);
while (curoccupant < usercount)
aim_extractuserinfo(sess, &occbs, &userinfo[curoccupant++]);
}
/*
* Type 0x00c9: Flags. (AIM_CHATROOM_FLAG)
*/
if (aim_gettlv(tlvlist, 0x00c9, 1))
flags = aim_gettlv16(tlvlist, 0x00c9, 1);
/*
* Type 0x00ca: Creation time (4 bytes)
*/
if (aim_gettlv(tlvlist, 0x00ca, 1))
creationtime = aim_gettlv32(tlvlist, 0x00ca, 1);
/*
* Type 0x00d1: Maximum Message Length
*/
if (aim_gettlv(tlvlist, 0x00d1, 1))
maxmsglen = aim_gettlv16(tlvlist, 0x00d1, 1);
/*
* Type 0x00d2: Unknown. (2 bytes)
*/
if (aim_gettlv(tlvlist, 0x00d2, 1))
unknown_d2 = aim_gettlv16(tlvlist, 0x00d2, 1);
/*
* Type 0x00d3: Room Description
*/
if (aim_gettlv(tlvlist, 0x00d3, 1))
roomdesc = aim_gettlv_str(tlvlist, 0x00d3, 1);
/*
* Type 0x000d4: Unknown (flag only)
*/
if (aim_gettlv(tlvlist, 0x000d4, 1))
;
/*
* Type 0x00d5: Unknown. (1 byte)
*/
if (aim_gettlv(tlvlist, 0x00d5, 1))
unknown_d5 = aim_gettlv8(tlvlist, 0x00d5, 1);
/*
* Type 0x00d6: Encoding 1 ("us-ascii")
*/
if (aim_gettlv(tlvlist, 0x000d6, 1))
;
/*
* Type 0x00d7: Language 1 ("en")
*/
if (aim_gettlv(tlvlist, 0x000d7, 1))
;
/*
* Type 0x00d8: Encoding 2 ("us-ascii")
*/
if (aim_gettlv(tlvlist, 0x000d8, 1))
;
/*
* Type 0x00d9: Language 2 ("en")
*/
if (aim_gettlv(tlvlist, 0x000d9, 1))
;
/*
* Type 0x00da: Maximum visible message length
*/
if (aim_gettlv(tlvlist, 0x000da, 1))
maxvisiblemsglen = aim_gettlv16(tlvlist, 0x00da, 1);
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype))) {
ret = userfunc(sess,
rx,
&roominfo,
roomname,
usercount,
userinfo,
roomdesc,
flags,
creationtime,
maxmsglen,
unknown_d2,
unknown_d5,
maxvisiblemsglen);
}
free(roominfo.name);
free(userinfo);
free(roomname);
free(roomdesc);
aim_freetlvchain(&tlvlist);
return ret;
}
/*
* Response to 15/2, contains an ICQ packet.
*/
static int icqresponse(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
int ret = 0;
aim_tlvlist_t *tl;
aim_tlv_t *datatlv;
aim_bstream_t qbs;
fu32_t ouruin;
fu16_t cmdlen, cmd, reqid;
if (!(tl = aim_readtlvchain(bs)) || !(datatlv = aim_gettlv(tl, 0x0001, 1))) {
aim_freetlvchain(&tl);
faimdprintf(sess, 0, "corrupt ICQ response\n");
return 0;
}
aim_bstream_init(&qbs, datatlv->value, datatlv->length);
cmdlen = aimbs_getle16(&qbs);
ouruin = aimbs_getle32(&qbs);
cmd = aimbs_getle16(&qbs);
reqid = aimbs_getle16(&qbs);
faimdprintf(sess, 1, "icq response: %d bytes, %ld, 0x%04x, 0x%04x\n", cmdlen, ouruin, cmd, reqid);
if (cmd == 0x0041) {
fu16_t msglen;
struct aim_icq_offlinemsg msg;
aim_rxcallback_t userfunc;
memset(&msg, 0, sizeof(msg));
msg.sender = aimbs_getle32(&qbs);
msg.year = aimbs_getle16(&qbs);
msg.month = aimbs_getle8(&qbs);
msg.day = aimbs_getle8(&qbs);
msg.hour = aimbs_getle8(&qbs);
msg.minute = aimbs_getle8(&qbs);
msg.type = aimbs_getle16(&qbs);
msglen = aimbs_getle16(&qbs);
msg.msg = aimbs_getstr(&qbs, msglen);
if ((userfunc = aim_callhandler(sess, rx->conn, AIM_CB_FAM_ICQ, AIM_CB_ICQ_OFFLINEMSG)))
ret = userfunc(sess, rx, &msg);
free(msg.msg);
} else if (cmd == 0x0042) {
aim_rxcallback_t userfunc;
if ((userfunc = aim_callhandler(sess, rx->conn, AIM_CB_FAM_ICQ, AIM_CB_ICQ_OFFLINEMSGCOMPLETE)))
ret = userfunc(sess, rx);
} else if (cmd == 0x07da) {
fu16_t subtype;
subtype = aimbs_getle16(&qbs);
if (subtype == 0x019a) {
fu16_t tlen;
struct aim_icq_simpleinfo info;
aim_rxcallback_t userfunc;
memset(&info, 0, sizeof(info));
aimbs_getle8(&qbs); /* no clue */
aimbs_getle16(&qbs); /* no clue */
info.uin = aimbs_getle32(&qbs);
tlen = aimbs_getle16(&qbs);
info.nick = aimbs_getstr(&qbs, tlen);
tlen = aimbs_getle16(&qbs);
info.first = aimbs_getstr(&qbs, tlen);
tlen = aimbs_getle16(&qbs);
info.last = aimbs_getstr(&qbs, tlen);
tlen = aimbs_getle16(&qbs);
info.email = aimbs_getstr(&qbs, tlen);
/* no clue what the rest of it is */
if ((userfunc = aim_callhandler(sess, rx->conn, AIM_CB_FAM_ICQ, AIM_CB_ICQ_SIMPLEINFO)))
ret = userfunc(sess, rx, &info);
free(info.nick);
free(info.first);
free(info.last);
free(info.email);
}
else if (subtype == 100 || subtype == 150) {
fu16_t tlen;
struct aim_icq_smsresponse response;
aim_rxcallback_t userfunc;
memset(&response, 0, sizeof(response));
for(tlen = 0; tlen < 7; tlen++)
aimbs_getle8(&qbs); /* no clue */
response.type = subtype;
tlen = aimbs_getle16(&qbs);
response.tag = aimbs_getstr(&qbs, tlen);
tlen = aimbs_getle16(&qbs);
response.xml = aimbs_getstr(&qbs, tlen);
if ((userfunc = aim_callhandler(sess, rx->conn, AIM_CB_FAM_ICQ, AIM_CB_ICQ_SMSRESPONSE)))
ret = userfunc(sess, rx, &response);
free(response.tag);
free(response.xml);
}
else faimdprintf(sess, 1, "unknown subtype 0x%04x\n", subtype);
}
aim_freetlvchain(&tl);
return ret;
}
static int parseinfo_create(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs, aim_snac_t *snac2)
{
aim_rxcallback_t userfunc;
aim_tlvlist_t *tlvlist, *innerlist;
char *ck = NULL, *fqcn = NULL, *name = NULL;
fu16_t exchange = 0, instance = 0, unknown = 0, flags = 0, maxmsglen = 0, maxoccupancy = 0;
fu32_t createtime = 0;
fu8_t createperms = 0, detaillevel;
int cklen;
aim_tlv_t *bigblock;
int ret = 0;
aim_bstream_t bbbs;
tlvlist = aim_readtlvchain(bs);
if (!(bigblock = aim_gettlv(tlvlist, 0x0004, 1))) {
faimdprintf(sess, 0, "no bigblock in top tlv in create room response\n");
aim_freetlvchain(&tlvlist);
return 0;
}
aim_bstream_init(&bbbs, bigblock->value, bigblock->length);
exchange = aimbs_get16(&bbbs);
cklen = aimbs_get8(&bbbs);
ck = aimbs_getstr(&bbbs, cklen);
instance = aimbs_get16(&bbbs);
detaillevel = aimbs_get8(&bbbs);
if (detaillevel != 0x02) {
faimdprintf(sess, 0, "unknown detaillevel in create room response (0x%02x)\n", detaillevel);
aim_freetlvchain(&tlvlist);
free(ck);
return 0;
}
unknown = aimbs_get16(&bbbs);
innerlist = aim_readtlvchain(&bbbs);
if (aim_gettlv(innerlist, 0x006a, 1))
fqcn = aim_gettlv_str(innerlist, 0x006a, 1);
if (aim_gettlv(innerlist, 0x00c9, 1))
flags = aim_gettlv16(innerlist, 0x00c9, 1);
if (aim_gettlv(innerlist, 0x00ca, 1))
createtime = aim_gettlv32(innerlist, 0x00ca, 1);
if (aim_gettlv(innerlist, 0x00d1, 1))
maxmsglen = aim_gettlv16(innerlist, 0x00d1, 1);
if (aim_gettlv(innerlist, 0x00d2, 1))
maxoccupancy = aim_gettlv16(innerlist, 0x00d2, 1);
if (aim_gettlv(innerlist, 0x00d3, 1))
name = aim_gettlv_str(innerlist, 0x00d3, 1);
if (aim_gettlv(innerlist, 0x00d5, 1))
createperms = aim_gettlv8(innerlist, 0x00d5, 1);
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype))) {
ret = userfunc(sess, rx, snac2->type, fqcn, instance, exchange, flags, createtime, maxmsglen, maxoccupancy, createperms, unknown, name, ck);
}
free(ck);
free(name);
free(fqcn);
aim_freetlvchain(&innerlist);
aim_freetlvchain(&tlvlist);
return ret;
}
static int incomingim_ch2(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, guint16 channel, aim_userinfo_t *userinfo, aim_tlvlist_t *tlvlist, guint8 *cookie)
{
aim_rxcallback_t userfunc;
aim_tlv_t *block1, *servdatatlv;
aim_tlvlist_t *list2;
struct aim_incomingim_ch2_args args;
aim_bstream_t bbs, sdbs, *sdbsptr = NULL;
guint8 *cookie2;
int ret = 0;
char clientip1[30] = {""};
char clientip2[30] = {""};
char verifiedip[30] = {""};
memset(&args, 0, sizeof(args));
/*
* There's another block of TLVs embedded in the type 5 here.
*/
block1 = aim_gettlv(tlvlist, 0x0005, 1);
aim_bstream_init(&bbs, block1->value, block1->length);
/*
* First two bytes represent the status of the connection.
*
* 0 is a request, 1 is a deny (?), 2 is an accept
*/
args.status = aimbs_get16(&bbs);
/*
* Next comes the cookie. Should match the ICBM cookie.
*/
cookie2 = aimbs_getraw(&bbs, 8);
if (memcmp(cookie, cookie2, 8) != 0)
imcb_error(sess->aux_data, "rend: warning cookies don't match!");
memcpy(args.cookie, cookie2, 8);
g_free(cookie2);
/*
* The next 16bytes are a capability block so we can
* identify what type of rendezvous this is.
*/
args.reqclass = aim_getcap(sess, &bbs, 0x10);
/*
* What follows may be TLVs or nothing, depending on the
* purpose of the message.
*
* Ack packets for instance have nothing more to them.
*/
list2 = aim_readtlvchain(&bbs);
/*
* IP address from the perspective of the client.
*/
if (aim_gettlv(list2, 0x0002, 1)) {
aim_tlv_t *iptlv;
iptlv = aim_gettlv(list2, 0x0002, 1);
g_snprintf(clientip1, sizeof(clientip1), "%d.%d.%d.%d",
aimutil_get8(iptlv->value+0),
aimutil_get8(iptlv->value+1),
aimutil_get8(iptlv->value+2),
aimutil_get8(iptlv->value+3));
}
/*
* Secondary IP address from the perspective of the client.
*/
if (aim_gettlv(list2, 0x0003, 1)) {
aim_tlv_t *iptlv;
iptlv = aim_gettlv(list2, 0x0003, 1);
g_snprintf(clientip2, sizeof(clientip2), "%d.%d.%d.%d",
aimutil_get8(iptlv->value+0),
aimutil_get8(iptlv->value+1),
aimutil_get8(iptlv->value+2),
aimutil_get8(iptlv->value+3));
}
/*
* Verified IP address (from the perspective of Oscar).
*
* This is added by the server.
*/
if (aim_gettlv(list2, 0x0004, 1)) {
aim_tlv_t *iptlv;
iptlv = aim_gettlv(list2, 0x0004, 1);
g_snprintf(verifiedip, sizeof(verifiedip), "%d.%d.%d.%d",
aimutil_get8(iptlv->value+0),
aimutil_get8(iptlv->value+1),
aimutil_get8(iptlv->value+2),
aimutil_get8(iptlv->value+3));
}
/*
* Port number for something.
*/
if (aim_gettlv(list2, 0x0005, 1))
args.port = aim_gettlv16(list2, 0x0005, 1);
/*
* Error code.
*/
if (aim_gettlv(list2, 0x000b, 1))
args.errorcode = aim_gettlv16(list2, 0x000b, 1);
/*
* Invitation message / chat description.
*/
if (aim_gettlv(list2, 0x000c, 1))
args.msg = aim_gettlv_str(list2, 0x000c, 1);
/*
* Character set.
*/
if (aim_gettlv(list2, 0x000d, 1))
args.encoding = aim_gettlv_str(list2, 0x000d, 1);
/*
* Language.
*/
if (aim_gettlv(list2, 0x000e, 1))
args.language = aim_gettlv_str(list2, 0x000e, 1);
/* Unknown -- two bytes = 0x0001 */
if (aim_gettlv(list2, 0x000a, 1))
;
/* Unknown -- no value */
if (aim_gettlv(list2, 0x000f, 1))
;
if (strlen(clientip1))
args.clientip = (char *)clientip1;
if (strlen(clientip2))
args.clientip2 = (char *)clientip2;
if (strlen(verifiedip))
args.verifiedip = (char *)verifiedip;
/*
* This is must be present in PROPOSALs, but will probably not
* exist in CANCELs and ACCEPTs.
*
* Service Data blocks are module-specific in format.
*/
if ((servdatatlv = aim_gettlv(list2, 0x2711 /* 10001 */, 1))) {
aim_bstream_init(&sdbs, servdatatlv->value, servdatatlv->length);
sdbsptr = &sdbs;
}
if (args.reqclass & AIM_CAPS_ICQSERVERRELAY)
incomingim_ch2_icqserverrelay(sess, mod, rx, snac, userinfo, &args, sdbsptr);
else if (args.reqclass & AIM_CAPS_CHAT)
incomingim_ch2_chat(sess, mod, rx, snac, userinfo, &args, sdbsptr);
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, channel, userinfo, &args);
if (args.destructor)
((ch2_args_destructor_t)args.destructor)(sess, &args);
g_free((char *)args.msg);
g_free((char *)args.encoding);
g_free((char *)args.language);
aim_freetlvchain(&list2);
return ret;
}
/*
* Start by building the multipart structures, then pick the first
* human-readable section and stuff it into args->msg so no one gets
* suspicious.
*
*/
static int incomingim_ch1_parsemsgs(aim_session_t *sess, guint8 *data, int len, struct aim_incomingim_ch1_args *args)
{
static const guint16 charsetpri[] = {
0x0000, /* ASCII first */
0x0003, /* then ISO-8859-1 */
0x0002, /* UNICODE as last resort */
};
static const int charsetpricount = 3;
int i;
aim_bstream_t mbs;
aim_mpmsg_section_t *sec;
aim_bstream_init(&mbs, data, len);
while (aim_bstream_empty(&mbs)) {
guint16 msglen, flag1, flag2;
char *msgbuf;
aimbs_get8(&mbs); /* 01 */
aimbs_get8(&mbs); /* 01 */
/* Message string length, including character set info. */
msglen = aimbs_get16(&mbs);
/* Character set info */
flag1 = aimbs_get16(&mbs);
flag2 = aimbs_get16(&mbs);
/* Message. */
msglen -= 4;
/*
* For now, we don't care what the encoding is. Just copy
* it into a multipart struct and deal with it later. However,
* always pad the ending with a NULL. This makes it easier
* to treat ASCII sections as strings. It won't matter for
* UNICODE or binary data, as you should never read past
* the specified data length, which will not include the pad.
*
* XXX There's an API bug here. For sending, the UNICODE is
* given in host byte order (aim_mpmsg_addunicode), but here
* the received messages are given in network byte order.
*
*/
msgbuf = aimbs_getstr(&mbs, msglen);
mpmsg_addsection(sess, &args->mpmsg, flag1, flag2, (guint8 *)msgbuf, (guint16) msglen);
} /* while */
args->icbmflags |= AIM_IMFLAGS_MULTIPART; /* always set */
/*
* Clients that support multiparts should never use args->msg, as it
* will point to an arbitrary section.
*
* Here, we attempt to provide clients that do not support multipart
* messages with something to look at -- hopefully a human-readable
* string. But, failing that, a UNICODE message, or nothing at all.
*
* Which means that even if args->msg is NULL, it does not mean the
* message was blank.
*
*/
for (i = 0; i < charsetpricount; i++) {
for (sec = args->mpmsg.parts; sec; sec = sec->next) {
if (sec->charset != charsetpri[i])
continue;
/* Great. We found one. Fill it in. */
args->charset = sec->charset;
args->charsubset = sec->charsubset;
args->icbmflags |= AIM_IMFLAGS_CUSTOMCHARSET;
/* Set up the simple flags */
if (args->charset == 0x0000)
; /* ASCII */
else if (args->charset == 0x0002)
args->icbmflags |= AIM_IMFLAGS_UNICODE;
else if (args->charset == 0x0003)
args->icbmflags |= AIM_IMFLAGS_ISO_8859_1;
else if (args->charset == 0xffff)
; /* no encoding (yeep!) */
if (args->charsubset == 0x0000)
; /* standard subencoding? */
else if (args->charsubset == 0x000b)
args->icbmflags |= AIM_IMFLAGS_SUBENC_MACINTOSH;
else if (args->charsubset == 0xffff)
; /* no subencoding */
#if 0
/* XXX this isn't really necesary... */
if ( ((args.flag1 != 0x0000) &&
(args.flag1 != 0x0002) &&
(args.flag1 != 0x0003) &&
(args.flag1 != 0xffff)) ||
((args.flag2 != 0x0000) &&
(args.flag2 != 0x000b) &&
(args.flag2 != 0xffff))) {
faimdprintf(sess, 0, "icbm: **warning: encoding flags are being used! {%04x, %04x}\n", args.flag1, args.flag2);
}
#endif
args->msg = (char *)sec->data;
args->msglen = sec->datalen;
return 0;
}
}
/* No human-readable sections found. Oh well. */
args->charset = args->charsubset = 0xffff;
args->msg = NULL;
args->msglen = 0;
return 0;
}
static int outgoingim(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
int i, ret = 0;
aim_rxcallback_t userfunc;
guint16 channel;
aim_tlvlist_t *tlvlist;
char *sn;
int snlen;
guint16 icbmflags = 0;
guint8 flag1 = 0, flag2 = 0;
char *msg = NULL;
aim_tlv_t *msgblock;
/* ICBM Cookie. */
for (i = 0; i < 8; i++)
aimbs_get8(bs);
/* Channel ID */
channel = aimbs_get16(bs);
if (channel != 0x01) {
imcb_error(sess->aux_data, "icbm: ICBM received on unsupported channel. Ignoring.");
return 0;
}
snlen = aimbs_get8(bs);
sn = aimbs_getstr(bs, snlen);
tlvlist = aim_readtlvchain(bs);
if (aim_gettlv(tlvlist, 0x0003, 1))
icbmflags |= AIM_IMFLAGS_ACK;
if (aim_gettlv(tlvlist, 0x0004, 1))
icbmflags |= AIM_IMFLAGS_AWAY;
if ((msgblock = aim_gettlv(tlvlist, 0x0002, 1))) {
aim_bstream_t mbs;
int featurelen, msglen;
aim_bstream_init(&mbs, msgblock->value, msgblock->length);
aimbs_get8(&mbs);
aimbs_get8(&mbs);
for (featurelen = aimbs_get16(&mbs); featurelen; featurelen--)
aimbs_get8(&mbs);
aimbs_get8(&mbs);
aimbs_get8(&mbs);
msglen = aimbs_get16(&mbs) - 4; /* final block length */
flag1 = aimbs_get16(&mbs);
flag2 = aimbs_get16(&mbs);
msg = aimbs_getstr(&mbs, msglen);
}
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, channel, sn, msg, icbmflags, flag1, flag2);
g_free(sn);
aim_freetlvchain(&tlvlist);
return ret;
}
static int parseinfo_perms(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs, aim_snac_t *snac2)
{
aim_rxcallback_t userfunc;
int ret = 0;
struct aim_chat_exchangeinfo *exchanges = NULL;
int curexchange;
aim_tlv_t *exchangetlv;
fu8_t maxrooms = 0;
aim_tlvlist_t *tlvlist, *innerlist;
tlvlist = aim_readtlvchain(bs);
/*
* Type 0x0002: Maximum concurrent rooms.
*/
if (aim_gettlv(tlvlist, 0x0002, 1))
maxrooms = aim_gettlv8(tlvlist, 0x0002, 1);
/*
* Type 0x0003: Exchange information
*
* There can be any number of these, each one
* representing another exchange.
*
*/
for (curexchange = 0; ((exchangetlv = aim_gettlv(tlvlist, 0x0003, curexchange+1))); ) {
aim_bstream_t tbs;
aim_bstream_init(&tbs, exchangetlv->value, exchangetlv->length);
curexchange++;
exchanges = realloc(exchanges, curexchange * sizeof(struct aim_chat_exchangeinfo));
/* exchange number */
exchanges[curexchange-1].number = aimbs_get16(&tbs);
innerlist = aim_readtlvchain(&tbs);
/*
* Type 0x000a: Unknown.
*
* Usually three bytes: 0x0114 (exchange 1) or 0x010f (others).
*
*/
if (aim_gettlv(innerlist, 0x000a, 1))
;
/*
* Type 0x000d: Unknown.
*/
if (aim_gettlv(innerlist, 0x000d, 1))
;
/*
* Type 0x0004: Unknown
*/
if (aim_gettlv(innerlist, 0x0004, 1))
;
/*
* Type 0x0002: Unknown
*/
if (aim_gettlv(innerlist, 0x0002, 1)) {
fu16_t classperms;
classperms = aim_gettlv16(innerlist, 0x0002, 1);
faimdprintf(sess, 1, "faim: class permissions %x\n", classperms);
}
/*
* Type 0x00c9: Flags
*
* 1 Evilable
* 2 Nav Only
* 4 Instancing Allowed
* 8 Occupant Peek Allowed
*
*/
if (aim_gettlv(innerlist, 0x00c9, 1))
exchanges[curexchange-1].flags = aim_gettlv16(innerlist, 0x00c9, 1);
/*
* Type 0x00ca: Creation Date
*/
if (aim_gettlv(innerlist, 0x00ca, 1))
;
/*
* Type 0x00d0: Mandatory Channels?
*/
if (aim_gettlv(innerlist, 0x00d0, 1))
;
/*
* Type 0x00d1: Maximum Message length
*/
if (aim_gettlv(innerlist, 0x00d1, 1))
;
/*
* Type 0x00d2: Maximum Occupancy?
*/
if (aim_gettlv(innerlist, 0x00d2, 1))
;
/*
* Type 0x00d3: Exchange Description
*/
if (aim_gettlv(innerlist, 0x00d3, 1))
exchanges[curexchange-1].name = aim_gettlv_str(innerlist, 0x00d3, 1);
else
exchanges[curexchange-1].name = NULL;
/*
* Type 0x00d4: Exchange Description URL
*/
if (aim_gettlv(innerlist, 0x00d4, 1))
;
/*
* Type 0x00d5: Creation Permissions
*
* 0 Creation not allowed
* 1 Room creation allowed
* 2 Exchange creation allowed
*
*/
if (aim_gettlv(innerlist, 0x00d5, 1)) {
fu8_t createperms;
createperms = aim_gettlv8(innerlist, 0x00d5, 1);
}
/*
* Type 0x00d6: Character Set (First Time)
*/
if (aim_gettlv(innerlist, 0x00d6, 1))
exchanges[curexchange-1].charset1 = aim_gettlv_str(innerlist, 0x00d6, 1);
else
exchanges[curexchange-1].charset1 = NULL;
/*
* Type 0x00d7: Language (First Time)
*/
if (aim_gettlv(innerlist, 0x00d7, 1))
exchanges[curexchange-1].lang1 = aim_gettlv_str(innerlist, 0x00d7, 1);
else
exchanges[curexchange-1].lang1 = NULL;
/*
* Type 0x00d8: Character Set (Second Time)
*/
if (aim_gettlv(innerlist, 0x00d8, 1))
exchanges[curexchange-1].charset2 = aim_gettlv_str(innerlist, 0x00d8, 1);
else
exchanges[curexchange-1].charset2 = NULL;
/*
* Type 0x00d9: Language (Second Time)
*/
if (aim_gettlv(innerlist, 0x00d9, 1))
exchanges[curexchange-1].lang2 = aim_gettlv_str(innerlist, 0x00d9, 1);
else
exchanges[curexchange-1].lang2 = NULL;
/*
* Type 0x00da: Unknown
*/
if (aim_gettlv(innerlist, 0x00da, 1))
;
aim_freetlvchain(&innerlist);
}
/*
* Call client.
*/
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, snac2->type, maxrooms, curexchange, exchanges);
for (curexchange--; curexchange >= 0; curexchange--) {
free(exchanges[curexchange].name);
free(exchanges[curexchange].charset1);
free(exchanges[curexchange].lang1);
free(exchanges[curexchange].charset2);
free(exchanges[curexchange].lang2);
}
free(exchanges);
aim_freetlvchain(&tlvlist);
return ret;
}
/**
* Subtype 0x0003 - Response to 0x0015/0x002, contains an ICQesque packet.
*/
static int icqresponse(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
int ret = 0;
aim_tlvlist_t *tl;
aim_tlv_t *datatlv;
aim_bstream_t qbs;
guint32 ouruin;
guint16 cmdlen, cmd, reqid;
if (!(tl = aim_readtlvchain(bs)) || !(datatlv = aim_gettlv(tl, 0x0001, 1))) {
aim_freetlvchain(&tl);
imcb_error(sess->aux_data, "corrupt ICQ response\n");
return 0;
}
aim_bstream_init(&qbs, datatlv->value, datatlv->length);
cmdlen = aimbs_getle16(&qbs);
ouruin = aimbs_getle32(&qbs);
cmd = aimbs_getle16(&qbs);
reqid = aimbs_getle16(&qbs);
if (cmd == 0x0041) { /* offline message */
guint16 msglen;
struct aim_icq_offlinemsg msg;
aim_rxcallback_t userfunc;
memset(&msg, 0, sizeof(msg));
msg.sender = aimbs_getle32(&qbs);
msg.year = aimbs_getle16(&qbs);
msg.month = aimbs_getle8(&qbs);
msg.day = aimbs_getle8(&qbs);
msg.hour = aimbs_getle8(&qbs);
msg.minute = aimbs_getle8(&qbs);
msg.type = aimbs_getle16(&qbs);
msglen = aimbs_getle16(&qbs);
msg.msg = aimbs_getstr(&qbs, msglen);
if ((userfunc = aim_callhandler(sess, rx->conn, AIM_CB_FAM_ICQ, AIM_CB_ICQ_OFFLINEMSG)))
ret = userfunc(sess, rx, &msg);
g_free(msg.msg);
} else if (cmd == 0x0042) {
aim_rxcallback_t userfunc;
if ((userfunc = aim_callhandler(sess, rx->conn, AIM_CB_FAM_ICQ, AIM_CB_ICQ_OFFLINEMSGCOMPLETE)))
ret = userfunc(sess, rx);
} else if (cmd == 0x07da) { /* information */
guint16 subtype;
struct aim_icq_info *info;
aim_rxcallback_t userfunc;
subtype = aimbs_getle16(&qbs);
aim_bstream_advance(&qbs, 1); /* 0x0a */
/* find another data from the same request */
for (info = sess->icq_info; info && (info->reqid != reqid); info = info->next);
if (!info) {
info = g_new0(struct aim_icq_info, 1);
info->reqid = reqid;
info->next = sess->icq_info;
sess->icq_info = info;
}
