Working snac 01,03 for boss server. Also shuffed some things around

DrewML · Dec 25, 2020 · ea87e8f · ea87e8f
1 parent f37daf4
commit ea87e8f
Show file tree

Hide file tree

Showing 11 changed files with 159 additions and 25 deletions.
diff --git a/src/clientSnacs.ts → src/AIMAuthServer/clientSnacs.ts b/src/clientSnacs.ts → src/AIMAuthServer/clientSnacs.ts
@@ -1,5 +1,5 @@
-import { parseTLVs } from './parseTLVs';
-import { TLVS } from './constants';
+import { parseTLVs } from '../parseTLVs';
+import { TLVS } from '../constants';
 
 /**
  * @see http://iserverd1.khstu.ru/oscar/snac_17_06.html

diff --git a/src/hashClientLogin.ts → src/AIMAuthServer/hashClientLogin.ts b/src/hashClientLogin.ts → src/AIMAuthServer/hashClientLogin.ts
diff --git a/src/AIMAuthServer.ts → src/AIMAuthServer/index.ts b/src/AIMAuthServer.ts → src/AIMAuthServer/index.ts
@@ -1,15 +1,15 @@
-import { OscarServer, OscarSocket } from './OscarServer';
+import { OscarServer, OscarSocket } from '../OscarServer';
 import assert from 'assert';
 import crypto from 'crypto';
 import { hashClientPassword } from './hashClientLogin';
-import { matchSnac, parseSnac } from './snacUtils';
+import { matchSnac, parseSnac } from '../snacUtils';
 import {
     authKeyResponseSnac,
     loginErrorSnac,
     loginSuccessSnac,
-} from './serverSentSnacs';
+} from './serverSnacs';
 import { parseAuthRequest, parseMD5LoginRequest } from './clientSnacs';
-import { LOGIN_ERRORS } from './constants';
+import { LOGIN_ERRORS } from '../constants';
 
 /**
  * @summary The first server an Oscar Protocol client
@@ -74,7 +74,10 @@ export class AIMAuthServer extends OscarServer {
                     salt: state.getSalt(),
                 });
                 const isValidUsername = true; // TODO: Real lookup
-                const isValidPass = payload.passwordHash.equals(hashToMatch);
+                const isValidPass = crypto.timingSafeEqual(
+                    payload.passwordHash,
+                    hashToMatch,
+                );
 
                 // TODO: handle various diff error types,
                 // rather than mapping all to INCORRECT_NICK_OR_PASS
@@ -114,19 +117,20 @@ export class AIMAuthServer extends OscarServer {
                 oscarSocket.write(responseFlap);
                 return;
             }
-            console.log('Unhandled Channel 2 Flap: ', flap);
+            console.log('AIMAuthServer Unhandled Channel 2 Flap: ', flap);
         });
 
         oscarSocket.onChannel(0x3, (flap) => {
-            console.log('Unimplemented channel 3 flap: ', flap);
+            console.log('AIMAuthServer unimplemented channel 3 flap: ', flap);
         });
 
         oscarSocket.onChannel(0x4, (flap) => {
-            console.log('Unimplemented channel 4 flap: ', flap);
+            // TODO: handle disconnect negotiation
+            console.log('AIMAuthServer unimplemented channel 4 flap: ', flap);
         });
 
         oscarSocket.onChannel(0x5, (flap) => {
-            console.log('Unimplemented channel 5 flap: ', flap);
+            console.log('AIMAuthServer unimplemented channel 5 flap: ', flap);
         });
 
         // Initialize state needed for auth requests

diff --git a/src/serverSentSnacs.ts → src/AIMAuthServer/serverSnacs.ts b/src/serverSentSnacs.ts → src/AIMAuthServer/serverSnacs.ts
@@ -1,7 +1,7 @@
 import assert from 'assert';
-import { stringTLV, uint16TLV } from './buildTLV';
-import { buildSnac } from './snacUtils';
-import { LOGIN_ERRORS, SNACS, TLVS } from './constants';
+import { stringTLV, uint16TLV } from '../buildTLV';
+import { buildSnac } from '../snacUtils';
+import { SNACS, TLVS } from '../constants';
 
 /**
  * @see http://iserverd1.khstu.ru/oscar/snac_17_07.html

diff --git a/src/BossServer.ts b/src/BossServer.ts
diff --git a/src/BossServer/clientSnacs.ts b/src/BossServer/clientSnacs.ts
@@ -0,0 +1,16 @@
+import assert from 'assert';
+import { parseTLVs } from '../parseTLVs';
+import { TLVS } from '../constants';
+
+/**
+ * @see http://iserverd.khstu.ru/oscar/cli_cookie.html
+ */
+export function parseCookieRequest(data: Buffer) {
+    const flapVersion = data.readUInt32BE(0);
+    assert(flapVersion === 0x1, 'Incorrect client FLAP version');
+
+    const tlvs = parseTLVs(data.subarray(4));
+    const authCookie = tlvs.first(TLVS.AUTH_COOKIE).value;
+
+    return { authCookie };
+}
diff --git a/src/BossServer/index.ts b/src/BossServer/index.ts
@@ -0,0 +1,44 @@
+import { timingSafeEqual } from 'crypto';
+import { parseCookieRequest } from './clientSnacs';
+import { OscarServer, OscarSocket } from '../OscarServer';
+import { supportedFamiliesSnac } from './serverSnacs';
+import { assert } from 'console';
+
+export class BossServer extends OscarServer {
+    onConnection(oscarSocket: OscarSocket) {
+        const { host, port } = oscarSocket.remoteAddress;
+        console.log(`BossServer: New connection from ${host}:${port}`);
+
+        oscarSocket.sendStartFlap();
+
+        oscarSocket.onChannel(0x1, (flap) => {
+            const { authCookie } = parseCookieRequest(flap.data);
+            // TODO: Grab cookie from shared storage with auth service
+            const expectedCookie = Buffer.from('111111111', 'ascii');
+            const validCookie = timingSafeEqual(authCookie, expectedCookie);
+
+            // TODO: Unsure of what client expects for invalid cookie,
+            //       maybe close via channel 4?
+            assert(validCookie, 'BossServer: Invalid auth cookie');
+
+            const snac = supportedFamiliesSnac({ reqID: 1 });
+            oscarSocket.write({ channel: 2, data: snac });
+        });
+
+        oscarSocket.onChannel(0x2, (flap) => {
+            console.log('boss channel 2 flap: ', flap);
+        });
+
+        oscarSocket.onChannel(0x3, (flap) => {
+            console.log('boss channel 3 flap: ', flap);
+        });
+
+        oscarSocket.onChannel(0x4, (flap) => {
+            console.log('boss channel 4 flap: ', flap);
+        });
+
+        oscarSocket.onChannel(0x5, (flap) => {
+            console.log('boss channel 5 flap: ', flap);
+        });
+    }
+}
diff --git a/src/BossServer/serverSnacs.ts b/src/BossServer/serverSnacs.ts
@@ -0,0 +1,38 @@
+import { buildSnac } from '../snacUtils';
+import { SNACS } from '../constants';
+import { endianness } from 'os';
+
+/**
+ * @see http://iserverd.khstu.ru/oscar/snac_01_03.html
+ */
+export function supportedFamiliesSnac(opts: { reqID: number }) {
+    /**
+     * @see http://iserverd.khstu.ru/oscar/families.html
+     */
+    const families = Buffer.from(
+        Uint16Array.from([
+            SNACS.GENERAL.family,
+            SNACS.LOCATION.family,
+            SNACS.BUDDYLIST.family,
+            SNACS.ICBM.family,
+            SNACS.INVITATION.family,
+            SNACS.ADMINISTRATIVE.family,
+            SNACS.POPUP_NOTICE.family,
+            SNACS.PRIVACY_MGMT.family,
+            SNACS.USER_LOOKUP.family,
+            SNACS.USAGE_STATS.family,
+            SNACS.SSI.family,
+            SNACS.OFFLINE.family,
+        ]).buffer,
+    );
+    // There has to be less noisy sugar for generating a BE
+    // list of 16 bit ints...
+    if (endianness() === 'LE') families.swap16();
+
+    return buildSnac({
+        family: SNACS.GENERAL.family,
+        subtype: SNACS.GENERAL.subtypes.SUPPORTED_FAMILIES,
+        reqID: opts.reqID,
+        data: Buffer.from(Uint16Array.from(families).buffer).swap16(),
+    });
+}
diff --git a/src/OscarServer.ts b/src/OscarServer.ts
@@ -56,6 +56,7 @@ export class OscarSocket {
 
     constructor(private socket: Socket) {
         socket.on('data', this.onData.bind(this));
+        socket.on('error', (e) => console.error(e));
     }
 
     get remoteAddress() {
@@ -68,12 +69,12 @@ export class OscarSocket {
     /**
      * @summary Send the FLAP version number (always 0x1).
      *          OSCAR clients will not start sending flaps
-     *          until the start FLAP is sent
+     *          until the start FLAP is sent from the server
      */
     sendStartFlap() {
         this.write({
             channel: 1,
-            data: Buffer.from([0x1]),
+            data: Buffer.from([0x0, 0x0, 0x0, 0x1]),
         });
     }
 

diff --git a/src/constants.ts b/src/constants.ts
@@ -40,6 +40,45 @@ export const TLVS = {
  * @see http://iserverd1.khstu.ru/oscar/families.html
  */
 export const SNACS = {
+    GENERAL: {
+        family: 0x1,
+        subtypes: {
+            SUPPORTED_FAMILIES: 0x3,
+        },
+    },
+    LOCATION: {
+        family: 0x2,
+    },
+    BUDDYLIST: {
+        family: 0x3,
+    },
+    ICBM: {
+        family: 0x4,
+    },
+    INVITATION: {
+        family: 0x6,
+    },
+    ADMINISTRATIVE: {
+        family: 0x7,
+    },
+    POPUP_NOTICE: {
+        family: 0x8,
+    },
+    PRIVACY_MGMT: {
+        family: 0x9,
+    },
+    USER_LOOKUP: {
+        family: 0x0a,
+    },
+    USAGE_STATS: {
+        family: 0x0b,
+    },
+    SSI: {
+        family: 0x13,
+    },
+    OFFLINE: {
+        family: 0x15,
+    },
     AUTH: {
         family: 0x17,
         subtypes: {

diff --git a/src/parseTLVs.ts b/src/parseTLVs.ts
@@ -29,7 +29,7 @@ export function parseTLVs(data: Buffer) {
         tlvs.set(type, { type, length, value });
 
         cursor = valueEnd;
-        assert(cursor <= data.byteLength, 'Overflow that should never happen');
+        assert(cursor <= data.byteLength, 'parseTLVs: Malformed data');
     }
 
     return tlvs;