/**
* Subtype 0x0005 - Receive a buddy icon.
*
* This is sent in response to a buddy icon request.
*/
static int parseicon(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
int ret = 0;
aim_rxcallback_t userfunc;
char *sn;
fu16_t flags, iconlen;
fu8_t iconcsumtype, iconcsumlen, *iconcsum, *icon;
sn = aimbs_getstr(bs, aimbs_get8(bs));
flags = aimbs_get16(bs);
iconcsumtype = aimbs_get8(bs);
iconcsumlen = aimbs_get8(bs);
iconcsum = aimbs_getraw(bs, iconcsumlen);
iconlen = aimbs_get16(bs);
icon = aimbs_getraw(bs, iconlen);
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, sn, iconcsumtype, iconcsum, iconcsumlen, icon, iconlen);
free(sn);
free(iconcsum);
free(icon);
return ret;
}
/*
* This still takes a length parameter even with a bstream because capabilities
* are not naturally bounded.
*
*/
faim_internal fu16_t aim_getcap(aim_session_t *sess, aim_bstream_t *bs, int len)
{
fu16_t flags = 0;
int offset;
for (offset = 0; aim_bstream_empty(bs) && (offset < len); offset += 0x10) {
fu8_t *cap;
int i, identified;
cap = aimbs_getraw(bs, 0x10);
for (i = 0, identified = 0; !(aim_caps[i].flag & AIM_CAPS_LAST); i++) {
if (memcmp(&aim_caps[i].data, cap, 0x10) == 0) {
flags |= aim_caps[i].flag;
identified++;
break; /* should only match once... */
}
}
if (!identified)
faimdprintf(sess, 0, "unknown capability!\n");
free(cap);
}
return flags;
}
static int incomingim_ch4(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, guint16 channel, aim_userinfo_t *userinfo, aim_tlvlist_t *tlvlist, guint8 *cookie)
{
aim_bstream_t meat;
aim_rxcallback_t userfunc;
aim_tlv_t *block;
struct aim_incomingim_ch4_args args;
int ret = 0;
/*
* Make a bstream for the meaty part. Yum. Meat.
*/
if (!(block = aim_gettlv(tlvlist, 0x0005, 1)))
return -1;
aim_bstream_init(&meat, block->value, block->length);
args.uin = aimbs_getle32(&meat);
args.type = aimbs_getle16(&meat);
args.msg = (char *)aimbs_getraw(&meat, aimbs_getle16(&meat));
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, channel, userinfo, &args);
g_free(args.msg);
return ret;
}
/* called for both reply and change-reply */
static int infochange(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
/*
* struct {
* guint16 perms;
* guint16 tlvcount;
* aim_tlv_t tlvs[tlvcount];
* } admin_info[n];
*/
while (aim_bstream_empty(bs)) {
guint16 perms, tlvcount;
perms = aimbs_get16(bs);
tlvcount = aimbs_get16(bs);
while (tlvcount && aim_bstream_empty(bs)) {
aim_rxcallback_t userfunc;
guint16 type, len;
guint8 *val;
int str = 0;
type = aimbs_get16(bs);
len = aimbs_get16(bs);
if ((type == 0x0011) || (type == 0x0004)) {
str = 1;
}
if (str) {
val = (guint8 *) aimbs_getstr(bs, len);
} else {
val = aimbs_getraw(bs, len);
}
/* XXX fix so its only called once for the entire packet */
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype))) {
userfunc(sess, rx, (snac->subtype == 0x0005) ? 1 : 0, perms, type, len, val, str);
}
g_free(val);
tlvcount--;
}
}
return 1;
}
/**
* Read a TLV chain from a buffer.
*
* Reads and parses a series of TLV patterns from a data buffer; the
* returned structure is manipulatable with the rest of the TLV
* routines. When done with a TLV chain, aim_tlvlist_free() should
* be called to free the dynamic substructures.
*
* XXX There should be a flag setable here to have the tlvlist contain
* bstream references, so that at least the ->value portion of each
* element doesn't need to be malloc/memcpy'd. This could prove to be
* just as effecient as the in-place TLV parsing used in a couple places
* in libfaim.
*
* @param bs Input bstream
* @param num The max number of TLVs that will be read, or -1 if unlimited.
* There are a number of places where you want to read in a tlvchain,
* but the chain is not at the end of the SNAC, and the chain is
* preceeded by the number of TLVs. So you can limit that with this.
*/
faim_internal aim_tlvlist_t *aim_tlvlist_readnum(aim_bstream_t *bs, fu16_t num)
{
aim_tlvlist_t *list = NULL, *cur;
while ((aim_bstream_empty(bs) > 0) && (num != 0)) {
fu16_t type, length;
type = aimbs_get16(bs);
length = aimbs_get16(bs);
if (length > aim_bstream_empty(bs)) {
aim_tlvlist_free(&list);
return NULL;
}
cur = (aim_tlvlist_t *)malloc(sizeof(aim_tlvlist_t));
if (!cur) {
aim_tlvlist_free(&list);
return NULL;
}
memset(cur, 0, sizeof(aim_tlvlist_t));
cur->tlv = createtlv(type, length, NULL);
if (!cur->tlv) {
free(cur);
aim_tlvlist_free(&list);
return NULL;
}
if (cur->tlv->length > 0) {
cur->tlv->value = aimbs_getraw(bs, length);
if (!cur->tlv->value) {
freetlv(&cur->tlv);
free(cur);
aim_tlvlist_free(&list);
return NULL;
}
}
if (num > 0)
num--;
cur->next = list;
list = cur;
}
return list;
}
/**
* aim_readtlvchain_len - Read a TLV chain from a buffer.
* @param bs Input bstream
* @param len The max length in bytes that will be read.
* There are a number of places where you want to read in a tlvchain,
* but the chain is not at the end of the SNAC, and the chain is
* preceeded by the length of the TLVs. So you can limit that with this.
*
* Reads and parses a series of TLV patterns from a data buffer; the
* returned structure is manipulatable with the rest of the TLV
* routines. When done with a TLV chain, aim_freetlvchain() should
* be called to free the dynamic substructures.
*
* XXX There should be a flag setable here to have the tlvlist contain
* bstream references, so that at least the ->value portion of each
* element doesn't need to be malloc/memcpy'd. This could prove to be
* just as effecient as the in-place TLV parsing used in a couple places
* in libfaim.
*
*/
faim_internal aim_tlvlist_t *aim_readtlvchain_len(aim_bstream_t *bs, fu16_t len)
{
aim_tlvlist_t *list = NULL, *cur;
while ((aim_bstream_empty(bs) > 0) && (len > 0)) {
fu16_t type, length;
type = aimbs_get16(bs);
length = aimbs_get16(bs);
if (length > aim_bstream_empty(bs)) {
aim_freetlvchain(&list);
return NULL;
}
cur = (aim_tlvlist_t *)malloc(sizeof(aim_tlvlist_t));
if (!cur) {
aim_freetlvchain(&list);
return NULL;
}
memset(cur, 0, sizeof(aim_tlvlist_t));
cur->tlv = createtlv();
if (!cur->tlv) {
free(cur);
aim_freetlvchain(&list);
return NULL;
}
cur->tlv->type = type;
if ((cur->tlv->length = length)) {
cur->tlv->value = aimbs_getraw(bs, length);
if (!cur->tlv->value) {
freetlv(&cur->tlv);
free(cur);
aim_freetlvchain(&list);
return NULL;
}
}
len -= aim_sizetlvchain(&cur);
cur->next = list;
list = cur;
}
return list;
}
/**
* aim_readtlvchain - Read a TLV chain from a buffer.
* @buf: Input buffer
* @maxlen: Length of input buffer
*
* Reads and parses a series of TLV patterns from a data buffer; the
* returned structure is manipulatable with the rest of the TLV
* routines. When done with a TLV chain, aim_freetlvchain() should
* be called to free the dynamic substructures.
*
* XXX There should be a flag setable here to have the tlvlist contain
* bstream references, so that at least the ->value portion of each
* element doesn't need to be malloc/memcpy'd. This could prove to be
* just as effecient as the in-place TLV parsing used in a couple places
* in libfaim.
*
*/
faim_internal aim_tlvlist_t *aim_readtlvchain(aim_bstream_t *bs)
{
aim_tlvlist_t *list = NULL, *cur;
fu16_t type, length;
while (aim_bstream_empty(bs)) {
type = aimbs_get16(bs);
length = aimbs_get16(bs);
#if 0 /* temporarily disabled until I know if they're still doing it or not */
/*
* Okay, so now AOL has decided that any TLV of
* type 0x0013 can only be two bytes, despite
* what the actual given length is. So here
* we dump any invalid TLVs of that sort. Hopefully
* theres no special cases to this special case.
* - mid (30jun2000)
*/
if ((type == 0x0013) && (length != 0x0002))
length = 0x0002;
#else
if (0)
;
#endif
else {
cur = (aim_tlvlist_t *)malloc(sizeof(aim_tlvlist_t));
memset(cur, 0, sizeof(aim_tlvlist_t));
cur->tlv = createtlv();
cur->tlv->type = type;
if ((cur->tlv->length = length))
cur->tlv->value = aimbs_getraw(bs, length);
cur->next = list;
list = cur;
}
}
return list;
}
static int msgack(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
aim_rxcallback_t userfunc;
guint16 type;
guint8 snlen, *ck;
char *sn;
int ret = 0;
ck = aimbs_getraw(bs, 8);
type = aimbs_get16(bs);
snlen = aimbs_get8(bs);
sn = aimbs_getstr(bs, snlen);
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, type, sn);
g_free(sn);
g_free(ck);
return ret;
}
/*
* This still takes a length parameter even with a bstream because capabilities
* are not naturally bounded.
*
*/
guint32 aim_getcap(aim_session_t *sess, aim_bstream_t *bs, int len)
{
guint32 flags = 0;
int offset;
for (offset = 0; aim_bstream_empty(bs) && (offset < len); offset += 0x10) {
guint8 *cap;
int i, identified;
cap = aimbs_getraw(bs, 0x10);
for (i = 0, identified = 0; !(aim_caps[i].flag & AIM_CAPS_LAST); i++) {
if (memcmp(&aim_caps[i].data, cap, 0x10) == 0) {
flags |= aim_caps[i].flag;
identified++;
break; /* should only match once... */
}
}
if (!identified) {
/*FIXME*/
/*REMOVEME :-)
g_strdup_printf("unknown capability: {%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x}\n",
cap[0], cap[1], cap[2], cap[3],
cap[4], cap[5],
cap[6], cap[7],
cap[8], cap[9],
cap[10], cap[11], cap[12], cap[13],
cap[14], cap[15]);
*/
}
g_free(cap);
}
return flags;
}
/*
* We could probably include this in the normal ICBM parsing
* code as channel 0x0003, however, since only the start
* would be the same, we might as well do it here.
*
* General outline of this SNAC:
* snac
* cookie
* channel id
* tlvlist
* unknown
* source user info
* name
* evility
* userinfo tlvs
* online time
* etc
* message metatlv
* message tlv
* message string
* possibly others
*
*/
static int incomingmsg(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
aim_userinfo_t userinfo;
aim_rxcallback_t userfunc;
int ret = 0;
fu8_t *cookie;
fu16_t channel;
aim_tlvlist_t *otl;
char *msg = NULL;
aim_msgcookie_t *ck;
memset(&userinfo, 0, sizeof(aim_userinfo_t));
/*
* ICBM Cookie. Uncache it.
*/
cookie = aimbs_getraw(bs, 8);
if ((ck = aim_uncachecookie(sess, cookie, AIM_COOKIETYPE_CHAT))) {
free(ck->data);
free(ck);
}
/*
* Channel ID
*
* Channels 1 and 2 are implemented in the normal ICBM
* parser.
*
* We only do channel 3 here.
*
*/
channel = aimbs_get16(bs);
if (channel != 0x0003) {
faimdprintf(sess, 0, "faim: chat_incoming: unknown channel! (0x%04x)\n", channel);
return 0;
}
/*
* Start parsing TLVs right away.
*/
otl = aim_readtlvchain(bs);
/*
* Type 0x0003: Source User Information
*/
if (aim_gettlv(otl, 0x0003, 1)) {
aim_tlv_t *userinfotlv;
aim_bstream_t tbs;
userinfotlv = aim_gettlv(otl, 0x0003, 1);
aim_bstream_init(&tbs, userinfotlv->value, userinfotlv->length);
aim_extractuserinfo(sess, &tbs, &userinfo);
}
/*
* Type 0x0001: If present, it means it was a message to the
* room (as opposed to a whisper).
*/
if (aim_gettlv(otl, 0x0001, 1))
;
/*
* Type 0x0005: Message Block. Conains more TLVs.
*/
if (aim_gettlv(otl, 0x0005, 1)) {
aim_tlvlist_t *itl;
aim_tlv_t *msgblock;
aim_bstream_t tbs;
msgblock = aim_gettlv(otl, 0x0005, 1);
aim_bstream_init(&tbs, msgblock->value, msgblock->length);
itl = aim_readtlvchain(&tbs);
/*
* Type 0x0001: Message.
*/
if (aim_gettlv(itl, 0x0001, 1))
msg = aim_gettlv_str(itl, 0x0001, 1);
aim_freetlvchain(&itl);
}
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, &userinfo, msg);
free(cookie);
free(msg);
aim_freetlvchain(&otl);
return ret;
}
static int incomingim_ch2(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, guint16 channel, aim_userinfo_t *userinfo, aim_tlvlist_t *tlvlist, guint8 *cookie)
{
aim_rxcallback_t userfunc;
aim_tlv_t *block1, *servdatatlv;
aim_tlvlist_t *list2;
struct aim_incomingim_ch2_args args;
aim_bstream_t bbs, sdbs, *sdbsptr = NULL;
guint8 *cookie2;
int ret = 0;
char clientip1[30] = {""};
char clientip2[30] = {""};
char verifiedip[30] = {""};
memset(&args, 0, sizeof(args));
/*
* There's another block of TLVs embedded in the type 5 here.
*/
block1 = aim_gettlv(tlvlist, 0x0005, 1);
aim_bstream_init(&bbs, block1->value, block1->length);
/*
* First two bytes represent the status of the connection.
*
* 0 is a request, 1 is a deny (?), 2 is an accept
*/
args.status = aimbs_get16(&bbs);
/*
* Next comes the cookie. Should match the ICBM cookie.
*/
cookie2 = aimbs_getraw(&bbs, 8);
if (memcmp(cookie, cookie2, 8) != 0)
imcb_error(sess->aux_data, "rend: warning cookies don't match!");
memcpy(args.cookie, cookie2, 8);
g_free(cookie2);
/*
* The next 16bytes are a capability block so we can
* identify what type of rendezvous this is.
*/
args.reqclass = aim_getcap(sess, &bbs, 0x10);
/*
* What follows may be TLVs or nothing, depending on the
* purpose of the message.
*
* Ack packets for instance have nothing more to them.
*/
list2 = aim_readtlvchain(&bbs);
/*
* IP address from the perspective of the client.
*/
if (aim_gettlv(list2, 0x0002, 1)) {
aim_tlv_t *iptlv;
iptlv = aim_gettlv(list2, 0x0002, 1);
g_snprintf(clientip1, sizeof(clientip1), "%d.%d.%d.%d",
aimutil_get8(iptlv->value+0),
aimutil_get8(iptlv->value+1),
aimutil_get8(iptlv->value+2),
aimutil_get8(iptlv->value+3));
}
/*
* Secondary IP address from the perspective of the client.
*/
if (aim_gettlv(list2, 0x0003, 1)) {
aim_tlv_t *iptlv;
iptlv = aim_gettlv(list2, 0x0003, 1);
g_snprintf(clientip2, sizeof(clientip2), "%d.%d.%d.%d",
aimutil_get8(iptlv->value+0),
aimutil_get8(iptlv->value+1),
aimutil_get8(iptlv->value+2),
aimutil_get8(iptlv->value+3));
}
/*
* Verified IP address (from the perspective of Oscar).
*
* This is added by the server.
*/
if (aim_gettlv(list2, 0x0004, 1)) {
aim_tlv_t *iptlv;
iptlv = aim_gettlv(list2, 0x0004, 1);
g_snprintf(verifiedip, sizeof(verifiedip), "%d.%d.%d.%d",
aimutil_get8(iptlv->value+0),
aimutil_get8(iptlv->value+1),
aimutil_get8(iptlv->value+2),
aimutil_get8(iptlv->value+3));
}
/*
* Port number for something.
*/
if (aim_gettlv(list2, 0x0005, 1))
args.port = aim_gettlv16(list2, 0x0005, 1);
/*
* Error code.
*/
if (aim_gettlv(list2, 0x000b, 1))
args.errorcode = aim_gettlv16(list2, 0x000b, 1);
/*
* Invitation message / chat description.
*/
if (aim_gettlv(list2, 0x000c, 1))
args.msg = aim_gettlv_str(list2, 0x000c, 1);
/*
* Character set.
*/
if (aim_gettlv(list2, 0x000d, 1))
args.encoding = aim_gettlv_str(list2, 0x000d, 1);
/*
* Language.
*/
if (aim_gettlv(list2, 0x000e, 1))
args.language = aim_gettlv_str(list2, 0x000e, 1);
/* Unknown -- two bytes = 0x0001 */
if (aim_gettlv(list2, 0x000a, 1))
;
/* Unknown -- no value */
if (aim_gettlv(list2, 0x000f, 1))
;
if (strlen(clientip1))
args.clientip = (char *)clientip1;
if (strlen(clientip2))
args.clientip2 = (char *)clientip2;
if (strlen(verifiedip))
args.verifiedip = (char *)verifiedip;
/*
* This is must be present in PROPOSALs, but will probably not
* exist in CANCELs and ACCEPTs.
*
* Service Data blocks are module-specific in format.
*/
if ((servdatatlv = aim_gettlv(list2, 0x2711 /* 10001 */, 1))) {
aim_bstream_init(&sdbs, servdatatlv->value, servdatatlv->length);
sdbsptr = &sdbs;
}
if (args.reqclass & AIM_CAPS_ICQSERVERRELAY)
incomingim_ch2_icqserverrelay(sess, mod, rx, snac, userinfo, &args, sdbsptr);
else if (args.reqclass & AIM_CAPS_CHAT)
incomingim_ch2_chat(sess, mod, rx, snac, userinfo, &args, sdbsptr);
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, channel, userinfo, &args);
if (args.destructor)
((ch2_args_destructor_t)args.destructor)(sess, &args);
g_free((char *)args.msg);
g_free((char *)args.encoding);
g_free((char *)args.language);
aim_freetlvchain(&list2);
return ret;
}
/*
* The relationship between AIM_CAPS_ICQSERVERRELAY and AIM_CAPS_ICQRTF is
* kind of odd. This sends the client ICQRTF since that is all that I've seen
* SERVERRELAY used for.
*
* Note that this is all little-endian. Cringe.
*
* This cap is used for auto status message replies, too [ft]
*
*/
static void incomingim_ch2_icqserverrelay(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_userinfo_t *userinfo, struct aim_incomingim_ch2_args *args, aim_bstream_t *servdata)
{
guint16 hdrlen, msglen, dc;
guint8 msgtype;
guint8 *plugin;
int i = 0, tmp = 0;
struct im_connection *ic = sess->aux_data;
/* at the moment we just can deal with requests, not with cancel or accept */
if (args->status != 0) return;
hdrlen = aimbs_getle16(servdata);
aim_bstream_advance(servdata, 0x02); /* protocol version */
plugin = aimbs_getraw(servdata, 0x10); /* following data is a message or
something plugin specific */
/* as there is no plugin handling, just skip the rest */
aim_bstream_advance(servdata, hdrlen - 0x12);
hdrlen = aimbs_getle16(servdata);
dc = aimbs_getle16(servdata); /* save the sequence number */
aim_bstream_advance(servdata, hdrlen - 0x02);
/* TODO is it a message or something for a plugin? */
for (i = 0; i < 0x10; i++) {
tmp |= plugin[i];
}
if (!tmp) { /* message follows */
msgtype = aimbs_getle8(servdata);
aimbs_getle8(servdata); /* msgflags */
aim_bstream_advance(servdata, 0x04); /* status code and priority code */
msglen = aimbs_getle16(servdata); /* message string length */
args->info.rtfmsg.rtfmsg = aimbs_getstr(servdata, msglen);
switch(msgtype) {
case AIM_MTYPE_PLAIN:
args->info.rtfmsg.fgcolor = aimbs_getle32(servdata);
args->info.rtfmsg.bgcolor = aimbs_getle32(servdata);
hdrlen = aimbs_getle32(servdata);
aim_bstream_advance(servdata, hdrlen);
/* XXX This is such a hack. */
args->reqclass = AIM_CAPS_ICQRTF;
break;
case AIM_MTYPE_AUTOAWAY:
case AIM_MTYPE_AUTOBUSY:
case AIM_MTYPE_AUTONA:
case AIM_MTYPE_AUTODND:
case AIM_MTYPE_AUTOFFC:
case 0x9c: /* ICQ 5 seems to send this */
aim_send_im_ch2_statusmessage(sess, userinfo->sn, args->cookie,
ic->away ? ic->away : "", sess->aim_icq_state, dc);
break;
}
} /* message or plugin specific */
g_free(plugin);
args->destructor = (void *)incomingim_ch2_icqserverrelay_free;
return;
}
static int incomingim_ch1(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, guint16 channel, aim_userinfo_t *userinfo, aim_bstream_t *bs, guint8 *cookie)
{
guint16 type, length;
aim_rxcallback_t userfunc;
int ret = 0;
struct aim_incomingim_ch1_args args;
int endpos;
memset(&args, 0, sizeof(args));
aim_mpmsg_init(sess, &args.mpmsg);
/*
* This used to be done using tlvchains. For performance reasons,
* I've changed it to process the TLVs in-place. This avoids lots
* of per-IM memory allocations.
*/
while (aim_bstream_empty(bs)) {
type = aimbs_get16(bs);
length = aimbs_get16(bs);
endpos = aim_bstream_curpos(bs) + length;
if (type == 0x0002) { /* Message Block */
/*
* This TLV consists of the following:
* - 0501 -- Unknown
* - Features: Don't know how to interpret these
* - 0101 -- Unknown
* - Message
*
*/
aimbs_get8(bs); /* 05 */
aimbs_get8(bs); /* 01 */
args.featureslen = aimbs_get16(bs);
/* XXX XXX this is all evil! */
args.features = bs->data + bs->offset;
aim_bstream_advance(bs, args.featureslen);
args.icbmflags |= AIM_IMFLAGS_CUSTOMFEATURES;
/*
* The rest of the TLV contains one or more message
* blocks...
*/
incomingim_ch1_parsemsgs(sess, bs->data + bs->offset /* XXX evil!!! */, length - 2 - 2 - args.featureslen, &args);
} else if (type == 0x0003) { /* Server Ack Requested */
args.icbmflags |= AIM_IMFLAGS_ACK;
} else if (type == 0x0004) { /* Message is Auto Response */
args.icbmflags |= AIM_IMFLAGS_AWAY;
} else if (type == 0x0006) { /* Message was received offline. */
/* XXX not sure if this actually gets sent. */
args.icbmflags |= AIM_IMFLAGS_OFFLINE;
} else if (type == 0x0008) { /* I-HAVE-A-REALLY-PURTY-ICON Flag */
args.iconlen = aimbs_get32(bs);
aimbs_get16(bs); /* 0x0001 */
args.iconsum = aimbs_get16(bs);
args.iconstamp = aimbs_get32(bs);
/*
* This looks to be a client bug. MacAIM 4.3 will
* send this tag, but with all zero values, in the
* first message of a conversation. This makes no
* sense whatsoever, so I'm going to say its a bug.
*
* You really shouldn't advertise a zero-length icon
* anyway.
*
*/
if (args.iconlen)
args.icbmflags |= AIM_IMFLAGS_HASICON;
} else if (type == 0x0009) {
args.icbmflags |= AIM_IMFLAGS_BUDDYREQ;
} else if (type == 0x0017) {
args.extdatalen = length;
args.extdata = aimbs_getraw(bs, args.extdatalen);
} else {
// imcb_error(sess->aux_data, "Unknown TLV encountered");
}
/*
* This is here to protect ourselves from ourselves. That
* is, if something above doesn't completly parse its value
* section, or, worse, overparses it, this will set the
* stream where it needs to be in order to land on the next
* TLV when the loop continues.
*
*/
aim_bstream_setpos(bs, endpos);
}
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, channel, userinfo, &args);
aim_mpmsg_free(sess, &args.mpmsg);
g_free(args.extdata);
return ret;
}
/*
* Receive the response from an ICQ status message request. This contains the
* ICQ status message. Go figure.
*/
static int clientautoresp(aim_session_t *sess, aim_module_t *mod, aim_frame_t *rx, aim_modsnac_t *snac, aim_bstream_t *bs)
{
int ret = 0;
aim_rxcallback_t userfunc;
guint16 channel, reason;
char *sn;
guint8 *ck, snlen;
ck = aimbs_getraw(bs, 8);
channel = aimbs_get16(bs);
snlen = aimbs_get8(bs);
sn = aimbs_getstr(bs, snlen);
reason = aimbs_get16(bs);
switch (reason) {
case 0x0003: { /* ICQ status message. Maybe other stuff too, you never know with these people. */
guint8 statusmsgtype, *msg;
guint16 len;
guint32 state;
len = aimbs_getle16(bs); /* Should be 0x001b */
aim_bstream_advance(bs, len); /* Unknown */
len = aimbs_getle16(bs); /* Should be 0x000e */
aim_bstream_advance(bs, len); /* Unknown */
statusmsgtype = aimbs_getle8(bs);
switch (statusmsgtype) {
case 0xe8:
state = AIM_ICQ_STATE_AWAY;
break;
case 0xe9:
state = AIM_ICQ_STATE_AWAY | AIM_ICQ_STATE_BUSY;
break;
case 0xea:
state = AIM_ICQ_STATE_AWAY | AIM_ICQ_STATE_OUT;
break;
case 0xeb:
state = AIM_ICQ_STATE_AWAY | AIM_ICQ_STATE_DND | AIM_ICQ_STATE_BUSY;
break;
case 0xec:
state = AIM_ICQ_STATE_CHAT;
break;
default:
state = 0;
break;
}
aimbs_getle8(bs); /* Unknown - 0x03 Maybe this means this is an auto-reply */
aimbs_getle16(bs); /* Unknown - 0x0000 */
aimbs_getle16(bs); /* Unknown - 0x0000 */
len = aimbs_getle16(bs);
msg = aimbs_getraw(bs, len);
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, channel, sn, reason, state, msg);
g_free(msg);
} break;
default: {
if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype)))
ret = userfunc(sess, rx, channel, sn, reason);
} break;
} /* end switch */
g_free(ck);
g_free(sn);
return ret;
}
