Mercurial > pidgin.yaz

comparison src/protocols/oscar/auth.c @ 2703:441b84ab7f4e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
[gaim-migrate @ 2716] it's not what you think committer: Tailor Script <tailor@pidgin.im>
author Eric Warmenhoven <eric@warmenhoven.org>
date Sat, 10 Nov 2001 01:48:17 +0000
parents 933346315b9b
children fee85ed7fc3f
comparison
equal deleted inserted replaced
2702:94b4271b9567 2703:441b84ab7f4e
1 /* 1 /*
2 * aim_auth.c 2 * Deals with the authorizer (group 0x0017=23, and old-style non-SNAC login).
3 *
4 * Deals with the authorizer.
5 * 3 *
6 */ 4 */
7 5
8 #define FAIM_INTERNAL 6 #define FAIM_INTERNAL
9 #include <aim.h> 7 #include <aim.h>
10 8
11 /* this just pushes the passed cookie onto the passed connection -- NO SNAC! */ 9 #include "md5.h"
12 faim_export int aim_auth_sendcookie(aim_session_t *sess, aim_conn_t *conn, const fu8_t *chipsahoy) 10
11 static int aim_encode_password(const char *password, unsigned char *encoded);
12
13 /*
14 * This just pushes the passed cookie onto the passed connection, without
15 * the SNAC header or any of that.
16 *
17 * Very commonly used, as every connection except auth will require this to
18 * be the first thing you send.
19 *
20 */
21 faim_export int aim_sendcookie(aim_session_t *sess, aim_conn_t *conn, const fu8_t *chipsahoy)
13 { 22 {
14 aim_frame_t *fr; 23 aim_frame_t *fr;
15 aim_tlvlist_t *tl = NULL; 24 aim_tlvlist_t *tl = NULL;
16 25
17 if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x0001, 4+2+2+AIM_COOKIELEN))) 26 if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x0001, 4+2+2+AIM_COOKIELEN)))
21 aim_addtlvtochain_raw(&tl, 0x0006, AIM_COOKIELEN, chipsahoy); 30 aim_addtlvtochain_raw(&tl, 0x0006, AIM_COOKIELEN, chipsahoy);
22 aim_writetlvchain(&fr->data, &tl); 31 aim_writetlvchain(&fr->data, &tl);
23 aim_freetlvchain(&tl); 32 aim_freetlvchain(&tl);
24 33
25 aim_tx_enqueue(sess, fr); 34 aim_tx_enqueue(sess, fr);
35
36 return 0;
37 }
38
39 /*
40 * Normally the FLAP version is sent as the first few bytes of the cookie,
41 * meaning you generally never call this.
42 *
43 * But there are times when something might want it seperate. Specifically,
44 * libfaim sends this internally when doing SNAC login.
45 *
46 */
47 faim_export int aim_sendflapver(aim_session_t *sess, aim_conn_t *conn)
48 {
49 aim_frame_t *fr;
50
51 if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x01, 4)))
52 return -ENOMEM;
53
54 aimbs_put32(&fr->data, 0x00000001);
55
56 aim_tx_enqueue(sess, fr);
57
58 return 0;
59 }
60
61 /*
62 * This is a bit confusing.
63 *
64 * Normal SNAC login goes like this:
65 * - connect
66 * - server sends flap version
67 * - client sends flap version
68 * - client sends screen name (17/6)
69 * - server sends hash key (17/7)
70 * - client sends auth request (17/2 -- aim_send_login)
71 * - server yells
72 *
73 * XOR login (for ICQ) goes like this:
74 * - connect
75 * - server sends flap version
76 * - client sends auth request which contains flap version (aim_send_login)
77 * - server yells
78 *
79 * For the client API, we make them implement the most complicated version,
80 * and for the simpler version, we fake it and make it look like the more
81 * complicated process.
82 *
83 * This is done by giving the client a faked key, just so we can convince
84 * them to call aim_send_login right away, which will detect the session
85 * flag that says this is XOR login and ignore the key, sending an ICQ
86 * login request instead of the normal SNAC one.
87 *
88 * As soon as AOL makes ICQ log in the same way as AIM, this is /gone/.
89 *
90 * XXX This may cause problems if the client relies on callbacks only
91 * being called from the context of aim_rxdispatch()...
92 *
93 */
94 static int goddamnicq(aim_session_t *sess, aim_conn_t *conn, const char *sn)
95 {
96 aim_frame_t fr;
97 aim_rxcallback_t userfunc;
98
99 sess->flags &= ~AIM_SESS_FLAGS_SNACLOGIN;
100 sess->flags |= AIM_SESS_FLAGS_XORLOGIN;
101
102 fr.conn = conn;
103
104 if ((userfunc = aim_callhandler(sess, conn, 0x0017, 0x0007)))
105 userfunc(sess, &fr, "");
106
107 return 0;
108 }
109
110 /*
111 * In AIM 3.5 protocol, the first stage of login is to request login from the
112 * Authorizer, passing it the screen name for verification. If the name is
113 * invalid, a 0017/0003 is spit back, with the standard error contents. If
114 * valid, a 0017/0007 comes back, which is the signal to send it the main
115 * login command (0017/0002).
116 *
117 */
118 faim_export int aim_request_login(aim_session_t *sess, aim_conn_t *conn, const char *sn)
119 {
120 aim_frame_t *fr;
121 aim_snacid_t snacid;
122 aim_tlvlist_t *tl = NULL;
123
124 if (!sess || !conn || !sn)
125 return -EINVAL;
126
127 if ((sn[0] >= '0') && (sn[0] <= '9'))
128 return goddamnicq(sess, conn, sn);
129
130 sess->flags |= AIM_SESS_FLAGS_SNACLOGIN;
131
132 aim_sendflapver(sess, conn);
133
134 if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x02, 10+2+2+strlen(sn))))
135 return -ENOMEM;
136
137 snacid = aim_cachesnac(sess, 0x0017, 0x0006, 0x0000, NULL, 0);
138 aim_putsnac(&fr->data, 0x0017, 0x0006, 0x0000, snacid);
139
140 aim_addtlvtochain_raw(&tl, 0x0001, strlen(sn), sn);
141 aim_writetlvchain(&fr->data, &tl);
142 aim_freetlvchain(&tl);
143
144 aim_tx_enqueue(sess, fr);
145
146 return 0;
147 }
148
149 /*
150 * Part two of the ICQ hack. Note the ignoring of the key and clientinfo.
151 */
152 static int goddamnicq2(aim_session_t *sess, aim_conn_t *conn, const char *sn, const char *password)
153 {
154 static const char clientstr[] = {"ICQ Inc. - Product of ICQ (TM) 2000b.4.65.1.3281.85"};
155 static const char lang[] = {"en"};
156 static const char country[] = {"us"};
157 aim_frame_t *fr;
158 aim_tlvlist_t *tl = NULL;
159 char *password_encoded;
160
161 if (!(password_encoded = (char *) malloc(strlen(password))))
162 return -ENOMEM;
163
164 if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x01, 1152))) {
165 free(password_encoded);
166 return -ENOMEM;
167 }
168
169 aim_encode_password(password, password_encoded);
170
171 aimbs_put32(&fr->data, 0x00000001);
172 aim_addtlvtochain_raw(&tl, 0x0001, strlen(sn), sn);
173 aim_addtlvtochain_raw(&tl, 0x0002, strlen(password), password_encoded);
174 aim_addtlvtochain_raw(&tl, 0x0003, strlen(clientstr), clientstr);
175 aim_addtlvtochain16(&tl, 0x0016, 0x010a);
176 aim_addtlvtochain16(&tl, 0x0017, 0x0004);
177 aim_addtlvtochain16(&tl, 0x0018, 0x0041);
178 aim_addtlvtochain16(&tl, 0x0019, 0x0001);
179 aim_addtlvtochain16(&tl, 0x001a, 0x0cd1);
180 aim_addtlvtochain32(&tl, 0x0014, 0x00000055);
181 aim_addtlvtochain_raw(&tl, 0x000f, strlen(lang), lang);
182 aim_addtlvtochain_raw(&tl, 0x000e, strlen(country), country);
183
184 aim_writetlvchain(&fr->data, &tl);
185
186 free(password_encoded);
187 aim_freetlvchain(&tl);
188
189 aim_tx_enqueue(sess, fr);
190
191 return 0;
192 }
193
194 /*
195 * send_login(int socket, char *sn, char *password)
196 *
197 * This is the initial login request packet.
198 *
199 * NOTE!! If you want/need to make use of the aim_sendmemblock() function,
200 * then the client information you send here must exactly match the
201 * executable that you're pulling the data from.
202 *
203 * Latest WinAIM:
204 * clientstring = "AOL Instant Messenger (SM), version 4.3.2188/WIN32"
205 * major2 = 0x0109
206 * major = 0x0400
207 * minor = 0x0003
208 * minor2 = 0x0000
209 * build = 0x088c
210 * unknown = 0x00000086
211 * lang = "en"
212 * country = "us"
213 * unknown4a = 0x01
214 *
215 * Latest WinAIM that libfaim can emulate without server-side buddylists:
216 * clientstring = "AOL Instant Messenger (SM), version 4.1.2010/WIN32"
217 * major2 = 0x0004
218 * major = 0x0004
219 * minor = 0x0001
220 * minor2 = 0x0000
221 * build = 0x07da
222 * unknown= 0x0000004b
223 *
224 * WinAIM 3.5.1670:
225 * clientstring = "AOL Instant Messenger (SM), version 3.5.1670/WIN32"
226 * major2 = 0x0004
227 * major = 0x0003
228 * minor = 0x0005
229 * minor2 = 0x0000
230 * build = 0x0686
231 * unknown =0x0000002a
232 *
233 * Java AIM 1.1.19:
234 * clientstring = "AOL Instant Messenger (TM) version 1.1.19 for Java built 03/24/98, freeMem 215871 totalMem 1048567, i686, Linus, #2 SMP Sun Feb 11 03:41:17 UTC 2001 2.4.1-ac9, IBM Corporation, 1.1.8, 45.3, Tue Mar 27 12:09:17 PST 2001"
235 * major2 = 0x0001
236 * major = 0x0001
237 * minor = 0x0001
238 * minor2 = (not sent)
239 * build = 0x0013
240 * unknown= (not sent)
241 *
242 * AIM for Linux 1.1.112:
243 * clientstring = "AOL Instant Messenger (SM)"
244 * major2 = 0x1d09
245 * major = 0x0001
246 * minor = 0x0001
247 * minor2 = 0x0001
248 * build = 0x0070
249 * unknown= 0x0000008b
250 * serverstore = 0x01
251 *
252 */
253 faim_export int aim_send_login(aim_session_t *sess, aim_conn_t *conn, const char *sn, const char *password, struct client_info_s *clientinfo, const char *key)
254 {
255 aim_frame_t *fr;
256 aim_tlvlist_t *tl = NULL;
257 fu8_t digest[16];
258 aim_snacid_t snacid;
259
260 if (!clientinfo || !sn || !password)
261 return -EINVAL;
262
263 if (sess->flags & AIM_SESS_FLAGS_XORLOGIN)
264 return goddamnicq2(sess, conn, sn, password);
265
266 if (!(fr = aim_tx_new(sess, conn, AIM_FRAMETYPE_FLAP, 0x02, 1152)))
267 return -ENOMEM;
268
269 if (sess->flags & AIM_SESS_FLAGS_XORLOGIN) {
270 fr->hdr.flap.type = 0x01;
271
272 /* Use very specific version numbers to further indicate hack */
273 clientinfo->major2 = 0x010a;
274 clientinfo->major = 0x0004;
275 clientinfo->minor = 0x003c;
276 clientinfo->minor2 = 0x0001;
277 clientinfo->build = 0x0cce;
278 clientinfo->unknown = 0x00000055;
279 }
280
281 snacid = aim_cachesnac(sess, 0x0017, 0x0002, 0x0000, NULL, 0);
282 aim_putsnac(&fr->data, 0x0017, 0x0002, 0x0000, snacid);
283
284 aim_addtlvtochain_raw(&tl, 0x0001, strlen(sn), sn);
285
286 aim_encode_password_md5(password, key, digest);
287 aim_addtlvtochain_raw(&tl, 0x0025, 16, digest);
288
289 aim_addtlvtochain_raw(&tl, 0x0003, strlen(clientinfo->clientstring), clientinfo->clientstring);
290 aim_addtlvtochain16(&tl, 0x0016, (fu16_t)clientinfo->major2);
291 aim_addtlvtochain16(&tl, 0x0017, (fu16_t)clientinfo->major);
292 aim_addtlvtochain16(&tl, 0x0018, (fu16_t)clientinfo->minor);
293 aim_addtlvtochain16(&tl, 0x0019, (fu16_t)clientinfo->minor2);
294 aim_addtlvtochain16(&tl, 0x001a, (fu16_t)clientinfo->build);
295 aim_addtlvtochain_raw(&tl, 0x000e, strlen(clientinfo->country), clientinfo->country);
296 aim_addtlvtochain_raw(&tl, 0x000f, strlen(clientinfo->lang), clientinfo->lang);
297 aim_addtlvtochain16(&tl, 0x0009, 0x0015);
298
299 aim_writetlvchain(&fr->data, &tl);
300
301 aim_freetlvchain(&tl);
302
303 aim_tx_enqueue(sess, fr);
304
305 return 0;
306 }
307
308 faim_export int aim_encode_password_md5(const char *password, const char *key, fu8_t *digest)
309 {
310 md5_state_t state;
311
312 md5_init(&state);
313 md5_append(&state, (const md5_byte_t *)key, strlen(key));
314 md5_append(&state, (const md5_byte_t *)password, strlen(password));
315 md5_append(&state, (const md5_byte_t *)AIM_MD5_STRING, strlen(AIM_MD5_STRING));
316 md5_finish(&state, (md5_byte_t *)digest);
317
318 return 0;
319 }
320
321 /**
322 * aim_encode_password - Encode a password using old XOR method
323 * @password: incoming password
324 * @encoded: buffer to put encoded password
325 *
326 * This takes a const pointer to a (null terminated) string
327 * containing the unencoded password. It also gets passed
328 * an already allocated buffer to store the encoded password.
329 * This buffer should be the exact length of the password without
330 * the null. The encoded password buffer /is not %NULL terminated/.
331 *
332 * The encoding_table seems to be a fixed set of values. We'll
333 * hope it doesn't change over time!
334 *
335 * This is only used for the XOR method, not the better MD5 method.
336 *
337 */
338 static int aim_encode_password(const char *password, fu8_t *encoded)
339 {
340 fu8_t encoding_table[] = {
341 #if 0 /* old v1 table */
342 0xf3, 0xb3, 0x6c, 0x99,
343 0x95, 0x3f, 0xac, 0xb6,
344 0xc5, 0xfa, 0x6b, 0x63,
345 0x69, 0x6c, 0xc3, 0x9f
346 #else /* v2.1 table, also works for ICQ */
347 0xf3, 0x26, 0x81, 0xc4,
348 0x39, 0x86, 0xdb, 0x92,
349 0x71, 0xa3, 0xb9, 0xe6,
350 0x53, 0x7a, 0x95, 0x7c
351 #endif
352 };
353 int i;
354
355 for (i = 0; i < strlen(password); i++)
356 encoded[i] = (password[i] ^ encoding_table[i]);
26 357
27 return 0; 358 return 0;
28 } 359 }
29 360
30 /* 361 /*