Context Navigation

source: protocols/oscar/auth.c @ 19ba56e

Last change on this file since 19ba56e was a39ede7, checked in by dequis <dx@…>, at 2018-03-31T02:04:45Z

oscar: remove old_icq_auth (XOR login, default off since 2010)

Holy crap this login method is *bad*

Property mode set to 100644

File size: 10.7 KB

Line
1	/*
2	* Deals with the authorizer (group 0x0017=23, and old-style non-SNAC login).
3	*
4	*/
5
6	#include <aim.h>
7
8	#include "md5.h"
9
10	/*
11	* This just pushes the passed cookie onto the passed connection, without
12	* the SNAC header or any of that.
13	*
14	* Very commonly used, as every connection except auth will require this to
15	* be the first thing you send.
16	*
17	*/
18	int aim_sendcookie(aim_session_t sess, aim_conn_t conn, const guint8 *chipsahoy)
19	{
20	aim_frame_t *fr;
21	aim_tlvlist_t *tl = NULL;
22
23	if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x0001, 4 + 2 + 2 + AIM_COOKIELEN))) {
24	return -ENOMEM;
25	}
26
27	aimbs_put32(&fr->data, 0x00000001);
28	aim_addtlvtochain_raw(&tl, 0x0006, AIM_COOKIELEN, chipsahoy);
29	aim_writetlvchain(&fr->data, &tl);
30	aim_freetlvchain(&tl);
31
32	aim_tx_enqueue(sess, fr);
33
34	return 0;
35	}
36
37	/*
38	* Normally the FLAP version is sent as the first few bytes of the cookie,
39	* meaning you generally never call this.
40	*
41	* But there are times when something might want it separate. Specifically,
42	* libfaim sends this internally when doing SNAC login.
43	*
44	*/
45	int aim_sendflapver(aim_session_t sess, aim_conn_t conn)
46	{
47	aim_frame_t *fr;
48
49	if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x01, 4))) {
50	return -ENOMEM;
51	}
52
53	aimbs_put32(&fr->data, 0x00000001);
54
55	aim_tx_enqueue(sess, fr);
56
57	return 0;
58	}
59
60	/*
61	* In AIM 3.5 protocol, the first stage of login is to request login from the
62	* Authorizer, passing it the screen name for verification. If the name is
63	* invalid, a 0017/0003 is spit back, with the standard error contents. If
64	* valid, a 0017/0007 comes back, which is the signal to send it the main
65	* login command (0017/0002).
66	*
67	*/
68	int aim_request_login(aim_session_t sess, aim_conn_t conn, const char *sn)
69	{
70	aim_frame_t *fr;
71	aim_snacid_t snacid;
72	aim_tlvlist_t *tl = NULL;
73
74	if (!sess \|\| !conn \|\| !sn) {
75	return -EINVAL;
76	}
77
78	sess->flags \|= AIM_SESS_FLAGS_SNACLOGIN;
79
80	aim_sendflapver(sess, conn);
81
82	if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x02, 10 + 2 + 2 + strlen(sn)))) {
83	return -ENOMEM;
84	}
85
86	snacid = aim_cachesnac(sess, 0x0017, 0x0006, 0x0000, NULL, 0);
87	aim_putsnac(&fr->data, 0x0017, 0x0006, 0x0000, snacid);
88
89	aim_addtlvtochain_raw(&tl, 0x0001, strlen(sn), (guint8 *) sn);
90	aim_writetlvchain(&fr->data, &tl);
91	aim_freetlvchain(&tl);
92
93	aim_tx_enqueue(sess, fr);
94
95	return 0;
96	}
97
98	/*
99	* send_login(int socket, char sn, char password)
100	*
101	* This is the initial login request packet.
102	*
103	* NOTE!! If you want/need to make use of the aim_sendmemblock() function,
104	* then the client information you send here must exactly match the
105	* executable that you're pulling the data from.
106	*
107	* WinAIM 4.8.2540
108	* clientstring = "AOL Instant Messenger (SM), version 4.8.2540/WIN32"
109	* clientid = 0x0109
110	* major = 0x0004
111	* minor = 0x0008
112	* point = 0x0000
113	* build = 0x09ec
114	* t(0x0014) = 0x000000af
115	* t(0x004a) = 0x01
116	*
117	* WinAIM 4.3.2188:
118	* clientstring = "AOL Instant Messenger (SM), version 4.3.2188/WIN32"
119	* clientid = 0x0109
120	* major = 0x0400
121	* minor = 0x0003
122	* point = 0x0000
123	* build = 0x088c
124	* unknown = 0x00000086
125	* lang = "en"
126	* country = "us"
127	* unknown4a = 0x01
128	*
129	* Latest WinAIM that libfaim can emulate without server-side buddylists:
130	* clientstring = "AOL Instant Messenger (SM), version 4.1.2010/WIN32"
131	* clientid = 0x0004
132	* major = 0x0004
133	* minor = 0x0001
134	* point = 0x0000
135	* build = 0x07da
136	* unknown= 0x0000004b
137	*
138	* WinAIM 3.5.1670:
139	* clientstring = "AOL Instant Messenger (SM), version 3.5.1670/WIN32"
140	* clientid = 0x0004
141	* major = 0x0003
142	* minor = 0x0005
143	* point = 0x0000
144	* build = 0x0686
145	* unknown =0x0000002a
146	*
147	* Java AIM 1.1.19:
148	* clientstring = "AOL Instant Messenger (TM) version 1.1.19 for Java built 03/24/98, freeMem 215871 totalMem 1048567, i686, Linus, #2 SMP Sun Feb 11 03:41:17 UTC 2001 2.4.1-ac9, IBM Corporation, 1.1.8, 45.3, Tue Mar 27 12:09:17 PST 2001"
149	* clientid = 0x0001
150	* major = 0x0001
151	* minor = 0x0001
152	* point = (not sent)
153	* build = 0x0013
154	* unknown= (not sent)
155	*
156	* AIM for Linux 1.1.112:
157	* clientstring = "AOL Instant Messenger (SM)"
158	* clientid = 0x1d09
159	* major = 0x0001
160	* minor = 0x0001
161	* point = 0x0001
162	* build = 0x0070
163	* unknown= 0x0000008b
164	* serverstore = 0x01
165	*
166	*/
167	int aim_send_login(aim_session_t sess, aim_conn_t conn, const char sn, const char password,
168	struct client_info_s ci, const char key)
169	{
170	aim_frame_t *fr;
171	aim_tlvlist_t *tl = NULL;
172	guint8 digest[16];
173	aim_snacid_t snacid;
174
175	if (!ci \|\| !sn \|\| !password) {
176	return -EINVAL;
177	}
178
179	if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x02, 1152))) {
180	return -ENOMEM;
181	}
182
183	snacid = aim_cachesnac(sess, 0x0017, 0x0002, 0x0000, NULL, 0);
184	aim_putsnac(&fr->data, 0x0017, 0x0002, 0x0000, snacid);
185
186	aim_addtlvtochain_raw(&tl, 0x0001, strlen(sn), (guint8 *) sn);
187
188	aim_encode_password_md5(password, key, digest);
189	aim_addtlvtochain_raw(&tl, 0x0025, 16, digest);
190
191	/*
192	* Newer versions of winaim have an empty type x004c TLV here.
193	*/
194
195	if (ci->clientstring) {
196	aim_addtlvtochain_raw(&tl, 0x0003, strlen(ci->clientstring), (guint8 *) ci->clientstring);
197	}
198	aim_addtlvtochain16(&tl, 0x0016, (guint16) ci->clientid);
199	aim_addtlvtochain16(&tl, 0x0017, (guint16) ci->major);
200	aim_addtlvtochain16(&tl, 0x0018, (guint16) ci->minor);
201	aim_addtlvtochain16(&tl, 0x0019, (guint16) ci->point);
202	aim_addtlvtochain16(&tl, 0x001a, (guint16) ci->build);
203	aim_addtlvtochain_raw(&tl, 0x000e, strlen(ci->country), (guint8 *) ci->country);
204	aim_addtlvtochain_raw(&tl, 0x000f, strlen(ci->lang), (guint8 *) ci->lang);
205
206	/*
207	* If set, old-fashioned buddy lists will not work. You will need
208	* to use SSI.
209	*/
210	aim_addtlvtochain8(&tl, 0x004a, 0x01);
211
212	aim_writetlvchain(&fr->data, &tl);
213
214	aim_freetlvchain(&tl);
215
216	aim_tx_enqueue(sess, fr);
217
218	return 0;
219	}
220
221	int aim_encode_password_md5(const char password, const char key, guint8 *digest)
222	{
223	md5_state_t state;
224
225	md5_init(&state);
226	md5_append(&state, (const md5_byte_t *) key, strlen(key));
227	md5_append(&state, (const md5_byte_t *) password, strlen(password));
228	md5_append(&state, (const md5_byte_t *) AIM_MD5_STRING, strlen(AIM_MD5_STRING));
229	md5_finish(&state, (md5_byte_t *) digest);
230
231	return 0;
232	}
233
234	/*
235	* This is sent back as a general response to the login command.
236	* It can be either an error or a success, depending on the
237	* precense of certain TLVs.
238	*
239	* The client should check the value passed as errorcode. If
240	* its nonzero, there was an error.
241	*
242	*/
243	static int parse(aim_session_t sess, aim_module_t mod, aim_frame_t rx, aim_modsnac_t snac, aim_bstream_t *bs)
244	{
245	aim_tlvlist_t *tlvlist;
246	aim_rxcallback_t userfunc;
247	struct aim_authresp_info info;
248	int ret = 0;
249
250	memset(&info, 0, sizeof(info));
251
252	/*
253	* Read block of TLVs. All further data is derived
254	* from what is parsed here.
255	*/
256	tlvlist = aim_readtlvchain(bs);
257
258	/*
259	* No matter what, we should have a screen name.
260	*/
261	memset(sess->sn, 0, sizeof(sess->sn));
262	if (aim_gettlv(tlvlist, 0x0001, 1)) {
263	info.sn = aim_gettlv_str(tlvlist, 0x0001, 1);
264	strncpy(sess->sn, info.sn, sizeof(sess->sn));
265	}
266
267	/*
268	* Check for an error code. If so, we should also
269	* have an error url.
270	*/
271	if (aim_gettlv(tlvlist, 0x0008, 1)) {
272	info.errorcode = aim_gettlv16(tlvlist, 0x0008, 1);
273	}
274	if (aim_gettlv(tlvlist, 0x0004, 1)) {
275	info.errorurl = aim_gettlv_str(tlvlist, 0x0004, 1);
276	}
277
278	/*
279	* BOS server address.
280	*/
281	if (aim_gettlv(tlvlist, 0x0005, 1)) {
282	info.bosip = aim_gettlv_str(tlvlist, 0x0005, 1);
283	}
284
285	/*
286	* Authorization cookie.
287	*/
288	if (aim_gettlv(tlvlist, 0x0006, 1)) {
289	aim_tlv_t *tmptlv;
290
291	tmptlv = aim_gettlv(tlvlist, 0x0006, 1);
292
293	info.cookie = tmptlv->value;
294	}
295
296	/*
297	* The email address attached to this account
298	* Not available for ICQ logins.
299	*/
300	if (aim_gettlv(tlvlist, 0x0011, 1)) {
301	info.email = aim_gettlv_str(tlvlist, 0x0011, 1);
302	}
303
304	/*
305	* The registration status. (Not real sure what it means.)
306	* Not available for ICQ logins.
307	*
308	* 1 = No disclosure
309	* 2 = Limited disclosure
310	* 3 = Full disclosure
311	*
312	* This has to do with whether your email address is available
313	* to other users or not. AFAIK, this feature is no longer used.
314	*
315	*/
316	if (aim_gettlv(tlvlist, 0x0013, 1)) {
317	info.regstatus = aim_gettlv16(tlvlist, 0x0013, 1);
318	}
319
320	if (aim_gettlv(tlvlist, 0x0040, 1)) {
321	info.latestbeta.build = aim_gettlv32(tlvlist, 0x0040, 1);
322	}
323	if (aim_gettlv(tlvlist, 0x0041, 1)) {
324	info.latestbeta.url = aim_gettlv_str(tlvlist, 0x0041, 1);
325	}
326	if (aim_gettlv(tlvlist, 0x0042, 1)) {
327	info.latestbeta.info = aim_gettlv_str(tlvlist, 0x0042, 1);
328	}
329	if (aim_gettlv(tlvlist, 0x0043, 1)) {
330	info.latestbeta.name = aim_gettlv_str(tlvlist, 0x0043, 1);
331	}
332	if (aim_gettlv(tlvlist, 0x0048, 1)) {
333	; /* no idea what this is */
334
335	}
336	if (aim_gettlv(tlvlist, 0x0044, 1)) {
337	info.latestrelease.build = aim_gettlv32(tlvlist, 0x0044, 1);
338	}
339	if (aim_gettlv(tlvlist, 0x0045, 1)) {
340	info.latestrelease.url = aim_gettlv_str(tlvlist, 0x0045, 1);
341	}
342	if (aim_gettlv(tlvlist, 0x0046, 1)) {
343	info.latestrelease.info = aim_gettlv_str(tlvlist, 0x0046, 1);
344	}
345	if (aim_gettlv(tlvlist, 0x0047, 1)) {
346	info.latestrelease.name = aim_gettlv_str(tlvlist, 0x0047, 1);
347	}
348	if (aim_gettlv(tlvlist, 0x0049, 1)) {
349	; /* no idea what this is */
350
351
352	}
353	if ((userfunc = aim_callhandler(sess, rx->conn, snac ? snac->family : 0x0017, snac ? snac->subtype : 0x0003))) {
354	ret = userfunc(sess, rx, &info);
355	}
356
357	g_free(info.sn);
358	g_free(info.bosip);
359	g_free(info.errorurl);
360	g_free(info.email);
361	g_free(info.latestrelease.name);
362	g_free(info.latestrelease.url);
363	g_free(info.latestrelease.info);
364	g_free(info.latestbeta.name);
365	g_free(info.latestbeta.url);
366	g_free(info.latestbeta.info);
367
368	aim_freetlvchain(&tlvlist);
369
370	return ret;
371	}
372
373	/*
374	* Middle handler for 0017/0007 SNACs. Contains the auth key prefixed
375	* by only its length in a two byte word.
376	*
377	* Calls the client, which should then use the value to call aim_send_login.
378	*
379	*/
380	static int keyparse(aim_session_t sess, aim_module_t mod, aim_frame_t rx, aim_modsnac_t snac, aim_bstream_t *bs)
381	{
382	int keylen, ret = 1;
383	aim_rxcallback_t userfunc;
384	char *keystr;
385
386	keylen = aimbs_get16(bs);
387	keystr = aimbs_getstr(bs, keylen);
388
389	if ((userfunc = aim_callhandler(sess, rx->conn, snac->family, snac->subtype))) {
390	ret = userfunc(sess, rx, keystr);
391	}
392
393	g_free(keystr);
394
395	return ret;
396	}
397
398	static int snachandler(aim_session_t sess, aim_module_t mod, aim_frame_t rx, aim_modsnac_t snac, aim_bstream_t *bs)
399	{
400
401	if (snac->subtype == 0x0003) {
402	return parse(sess, mod, rx, snac, bs);
403	} else if (snac->subtype == 0x0007) {
404	return keyparse(sess, mod, rx, snac, bs);
405	}
406
407	return 0;
408	}
409
410	int auth_modfirst(aim_session_t sess, aim_module_t mod)
411	{
412
413	mod->family = 0x0017;
414	mod->version = 0x0000;
415	mod->flags = 0;
416	strncpy(mod->name, "auth", sizeof(mod->name));
417	mod->snachandler = snachandler;
418
419	return 0;
420	}
421

Note: See TracBrowser for help on using the repository browser.

Download in other formats: