6 * Copyright (C) 2010-11 SIPE Project <http://sipe.sourceforge.net/>
7 * Copyright (C) 2010 Jakub Adam <jakub.adam@ktknet.cz>
8 * Copyright (C) 2010 Tomáš Hrabčík <tomas.hrabcik@tieto.com>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
32 #include <glib/gprintf.h>
34 #include "sipe-backend.h"
35 #include "sipe-core.h"
36 #include "sipe-core-private.h"
37 #include "sipe-crypt.h"
38 #include "sipe-dialog.h"
39 #include "sipe-digest.h"
42 #include "sipe-utils.h"
44 #define BUFFER_SIZE 50
45 #define SIPE_FT_CHUNK_HEADER_LENGTH 3
48 write_exact(struct sipe_file_transfer_private
*ft_private
, const guchar
*data
,
51 gssize bytes_written
= sipe_backend_ft_write(SIPE_FILE_TRANSFER_PUBLIC
,
53 if ((bytes_written
< 0) || ((gsize
) bytes_written
!= size
))
59 read_exact(struct sipe_file_transfer_private
*ft_private
, guchar
*data
,
62 const gulong READ_TIMEOUT
= 10000000;
63 gulong time_spent
= 0;
66 gssize bytes_read
= sipe_backend_ft_read(SIPE_FILE_TRANSFER_PUBLIC
,
68 if (bytes_read
== 0) {
71 } else if (bytes_read
< 0 || time_spent
> READ_TIMEOUT
) {
83 read_line(struct sipe_file_transfer_private
*ft_private
, guchar
*data
,
88 if (size
< 2) return FALSE
;
90 memset(data
, 0, size
--);
92 if (!read_exact(ft_private
, data
+ pos
, 1))
94 } while ((data
[pos
] != '\n') && (++pos
< size
));
96 /* Buffer too short? */
97 if ((pos
== size
) && (data
[pos
- 1] != '\n')) {
106 raise_ft_socket_read_error_and_cancel(struct sipe_file_transfer_private
*ft_private
)
108 sipe_ft_raise_error_and_cancel(ft_private
, _("Socket read failed"));
112 raise_ft_socket_write_error_and_cancel(struct sipe_file_transfer_private
*ft_private
)
114 sipe_ft_raise_error_and_cancel(ft_private
, _("Socket write failed"));
118 sipe_cipher_context_init(const guchar
*enc_key
)
121 * Decryption of file from SIPE file transfer
124 * 1.) SHA1-Key = SHA1sum (Encryption-Key); Do SHA1 digest from Encryption-Key, return 20 bytes SHA1-Key.
125 * 2.) Decrypt-Data = RC4 (Encrypt-Data, substr(SHA1-Key, 0, 15)); Decryption of encrypted data, used 16 bytes SHA1-Key;
128 guchar k2
[SIPE_DIGEST_SHA1_LENGTH
];
131 sipe_digest_sha1(enc_key
, SIPE_FT_KEY_LENGTH
, k2
);
133 /* 2.) RC4 decryption */
134 return sipe_crypt_ft_start(k2
);
138 sipe_hmac_context_init(const guchar
*hash_key
)
144 * 1.) SHA1-Key = SHA1sum (Hash-Key); Do SHA1 digest from Hash-Key, return 20 bytes SHA1-Key.
145 * 2.) MAC = HMAC_SHA1 (Decrypt-Data, substr(HMAC-Key,0,15)); Digest of decrypted file and SHA1-Key (used again only 16 bytes)
148 guchar k2
[SIPE_DIGEST_SHA1_LENGTH
];
151 sipe_digest_sha1(hash_key
, SIPE_FT_KEY_LENGTH
, k2
);
153 /* 2.) HMAC (initialization only) */
154 return sipe_digest_ft_start(k2
);
158 sipe_hmac_finalize(gpointer hmac_context
)
160 guchar hmac_digest
[SIPE_DIGEST_FILETRANSFER_LENGTH
];
162 /* MAC = Digest of decrypted file and SHA1-Key (used again only 16 bytes) */
163 sipe_digest_ft_end(hmac_context
, hmac_digest
);
165 return g_base64_encode(hmac_digest
, sizeof (hmac_digest
));
169 sipe_core_tftp_incoming_start(struct sipe_file_transfer
*ft
, gsize total_size
)
171 static const guchar VER
[] = "VER MSN_SECURE_FTP\r\n";
172 static const guchar TFR
[] = "TFR\r\n";
173 const gsize FILE_SIZE_OFFSET
= 4;
175 struct sipe_file_transfer_private
*ft_private
= SIPE_FILE_TRANSFER_PRIVATE
;
176 guchar buf
[BUFFER_SIZE
];
180 if (!write_exact(ft_private
, VER
, sizeof(VER
) - 1)) {
181 raise_ft_socket_read_error_and_cancel(ft_private
);
184 if (!read_line(ft_private
, buf
, BUFFER_SIZE
)) {
185 raise_ft_socket_read_error_and_cancel(ft_private
);
189 request
= g_strdup_printf("USR %s %u\r\n",
190 ft_private
->sipe_private
->username
,
191 ft_private
->auth_cookie
);
192 if (!write_exact(ft_private
, (guchar
*)request
, strlen(request
))) {
193 raise_ft_socket_write_error_and_cancel(ft_private
);
199 if (!read_line(ft_private
, buf
, BUFFER_SIZE
)) {
200 raise_ft_socket_read_error_and_cancel(ft_private
);
204 file_size
= g_ascii_strtoull((gchar
*) buf
+ FILE_SIZE_OFFSET
, NULL
, 10);
205 if (file_size
!= total_size
) {
206 sipe_ft_raise_error_and_cancel(ft_private
,
207 _("File size is different from the advertised value."));
211 if (!sipe_backend_ft_write(SIPE_FILE_TRANSFER_PUBLIC
, TFR
, sizeof(TFR
) - 1)) {
212 raise_ft_socket_write_error_and_cancel(ft_private
);
216 ft_private
->bytes_remaining_chunk
= 0;
217 ft_private
->cipher_context
= sipe_cipher_context_init(ft_private
->encryption_key
);
218 ft_private
->hmac_context
= sipe_hmac_context_init(ft_private
->hash_key
);
222 sipe_core_tftp_incoming_stop(struct sipe_file_transfer
*ft
)
224 static const guchar BYE
[] = "BYE 16777989\r\n";
225 const gsize MAC_OFFSET
= 4;
227 struct sipe_file_transfer_private
*ft_private
= SIPE_FILE_TRANSFER_PRIVATE
;
228 gchar buffer
[BUFFER_SIZE
];
233 if (!sipe_backend_ft_write(SIPE_FILE_TRANSFER_PUBLIC
, BYE
, sizeof(BYE
) - 1)) {
234 raise_ft_socket_write_error_and_cancel(ft_private
);
238 if (!read_line(ft_private
, (guchar
*) buffer
, BUFFER_SIZE
)) {
239 raise_ft_socket_read_error_and_cancel(ft_private
);
243 mac_len
= strlen(buffer
);
244 if (mac_len
< (MAC_OFFSET
)) {
245 sipe_ft_raise_error_and_cancel(ft_private
,
246 _("Received MAC is corrupted"));
251 mac
= g_strndup(buffer
+ MAC_OFFSET
, mac_len
- MAC_OFFSET
);
252 mac1
= sipe_hmac_finalize(ft_private
->hmac_context
);
253 if (!sipe_strequal(mac
, mac1
)) {
256 sipe_ft_raise_error_and_cancel(ft_private
,
257 _("Received file is corrupted"));
267 sipe_core_tftp_outgoing_start(struct sipe_file_transfer
*ft
, gsize total_size
)
269 static const guchar VER
[] = "VER MSN_SECURE_FTP\r\n";
271 struct sipe_file_transfer_private
*ft_private
= SIPE_FILE_TRANSFER_PRIVATE
;
272 guchar buf
[BUFFER_SIZE
];
274 unsigned auth_cookie_received
;
275 gboolean users_match
;
277 if (!read_line(ft_private
, buf
, BUFFER_SIZE
)) {
278 raise_ft_socket_read_error_and_cancel(ft_private
);
282 if (!sipe_strequal((gchar
*)buf
, (gchar
*)VER
)) {
283 sipe_ft_raise_error_and_cancel(ft_private
,
284 _("File transfer initialization failed."));
285 SIPE_DEBUG_INFO("File transfer VER string incorrect, received: %s expected: %s",
290 if (!write_exact(ft_private
, VER
, sizeof(VER
) - 1)) {
291 raise_ft_socket_write_error_and_cancel(ft_private
);
295 if (!read_line(ft_private
, buf
, BUFFER_SIZE
)) {
296 raise_ft_socket_read_error_and_cancel(ft_private
);
300 parts
= g_strsplit((gchar
*)buf
, " ", 3);
301 auth_cookie_received
= g_ascii_strtoull(parts
[2], NULL
, 10);
302 /* dialog->with has 'sip:' prefix, skip these four characters */
303 users_match
= sipe_strcase_equal(parts
[1],
304 (ft_private
->dialog
->with
+ 4));
307 SIPE_DEBUG_INFO("File transfer authentication: %s Expected: USR %s %u",
309 ft_private
->dialog
->with
+ 4,
310 ft_private
->auth_cookie
);
313 (ft_private
->auth_cookie
!= auth_cookie_received
)) {
314 sipe_ft_raise_error_and_cancel(ft_private
,
315 _("File transfer authentication failed."));
319 g_sprintf((gchar
*)buf
, "FIL %" G_GSIZE_FORMAT
"\r\n", total_size
);
320 if (!write_exact(ft_private
, buf
, strlen((gchar
*)buf
))) {
321 raise_ft_socket_write_error_and_cancel(ft_private
);
326 if (!read_line(ft_private
,buf
, BUFFER_SIZE
)) {
327 raise_ft_socket_read_error_and_cancel(ft_private
);
331 ft_private
->bytes_remaining_chunk
= 0;
332 ft_private
->cipher_context
= sipe_cipher_context_init(ft_private
->encryption_key
);
333 ft_private
->hmac_context
= sipe_hmac_context_init(ft_private
->hash_key
);
337 sipe_core_tftp_outgoing_stop(struct sipe_file_transfer
*ft
)
339 struct sipe_file_transfer_private
*ft_private
= SIPE_FILE_TRANSFER_PRIVATE
;
340 guchar buffer
[BUFFER_SIZE
];
345 if (!read_line(ft_private
, buffer
, BUFFER_SIZE
)) {
346 raise_ft_socket_read_error_and_cancel(ft_private
);
350 mac
= sipe_hmac_finalize(ft_private
->hmac_context
);
351 g_sprintf((gchar
*)buffer
, "MAC %s \r\n", mac
);
354 mac_len
= strlen((gchar
*)buffer
);
355 /* There must be this zero byte between mac and \r\n */
356 buffer
[mac_len
- 3] = 0;
358 if (!write_exact(ft_private
, buffer
, mac_len
)) {
359 raise_ft_socket_write_error_and_cancel(ft_private
);
366 static void raise_ft_error(struct sipe_file_transfer_private
*ft_private
,
369 gchar
*tmp
= g_strdup_printf("%s: %s", errmsg
,
370 sipe_backend_ft_get_error(SIPE_FILE_TRANSFER_PUBLIC
));
371 sipe_backend_ft_error(SIPE_FILE_TRANSFER_PUBLIC
, tmp
);
376 sipe_core_tftp_read(struct sipe_file_transfer
*ft
, guchar
**buffer
,
377 gsize bytes_remaining
, gsize bytes_available
)
379 struct sipe_file_transfer_private
*ft_private
= SIPE_FILE_TRANSFER_PRIVATE
;
383 if (ft_private
->bytes_remaining_chunk
== 0) {
384 guchar hdr_buf
[SIPE_FT_CHUNK_HEADER_LENGTH
];
386 /* read chunk header */
387 if (!read_exact(ft_private
, hdr_buf
, sizeof(hdr_buf
))) {
388 raise_ft_error(ft_private
, _("Socket read failed"));
392 /* chunk header format:
394 * 0: 00 unknown (always zero?)
395 * 1: LL chunk size in bytes (low byte)
396 * 2: HH chunk size in bytes (high byte)
398 * Convert size from little endian to host order
400 ft_private
->bytes_remaining_chunk
=
401 hdr_buf
[1] + (hdr_buf
[2] << 8);
404 bytes_to_read
= MIN(bytes_remaining
, bytes_available
);
405 bytes_to_read
= MIN(bytes_to_read
, ft_private
->bytes_remaining_chunk
);
407 *buffer
= g_malloc(bytes_to_read
);
409 sipe_backend_ft_error(SIPE_FILE_TRANSFER_PUBLIC
, _("Out of memory"));
410 SIPE_DEBUG_ERROR("sipe_core_ft_read: can't allocate %" G_GSIZE_FORMAT
" bytes for receive buffer",
415 bytes_read
= sipe_backend_ft_read(SIPE_FILE_TRANSFER_PUBLIC
, *buffer
, bytes_to_read
);
416 if (bytes_read
< 0) {
417 raise_ft_error(ft_private
, _("Socket read failed"));
423 if (bytes_read
> 0) {
424 guchar
*decrypted
= g_malloc(bytes_read
);
427 sipe_backend_ft_error(SIPE_FILE_TRANSFER_PUBLIC
, _("Out of memory"));
428 SIPE_DEBUG_ERROR("sipe_core_ft_read: can't allocate %" G_GSIZE_FORMAT
" bytes for decryption buffer",
434 sipe_crypt_ft_stream(ft_private
->cipher_context
,
435 *buffer
, bytes_read
, decrypted
);
439 sipe_digest_ft_update(ft_private
->hmac_context
,
440 decrypted
, bytes_read
);
442 ft_private
->bytes_remaining_chunk
-= bytes_read
;
449 sipe_core_tftp_write(struct sipe_file_transfer
*ft
, const guchar
*buffer
,
452 struct sipe_file_transfer_private
*ft_private
= SIPE_FILE_TRANSFER_PRIVATE
;
453 gssize bytes_written
;
455 /* When sending data via server with ForeFront installed, block bigger than
456 * this default causes ending of transmission. Hard limit block to this value
457 * when libpurple sends us more data. */
458 const gsize DEFAULT_BLOCK_SIZE
= 2045;
459 if (size
> DEFAULT_BLOCK_SIZE
)
460 size
= DEFAULT_BLOCK_SIZE
;
462 if (ft_private
->bytes_remaining_chunk
== 0) {
464 guchar local_buf
[16];
465 guchar hdr_buf
[SIPE_FT_CHUNK_HEADER_LENGTH
];
467 memset(local_buf
, 0, sizeof local_buf
);
469 /* Check if receiver did not cancel the transfer
470 before it is finished */
471 bytes_read
= sipe_backend_ft_read(SIPE_FILE_TRANSFER_PUBLIC
,
474 if (bytes_read
< 0) {
475 sipe_backend_ft_error(SIPE_FILE_TRANSFER_PUBLIC
,
476 _("Socket read failed"));
478 } else if ((bytes_read
> 0) &&
479 (g_str_has_prefix((gchar
*)local_buf
, "CCL\r\n") ||
480 g_str_has_prefix((gchar
*)local_buf
, "BYE 2164261682\r\n"))) {
484 if (ft_private
->outbuf_size
< size
) {
485 g_free(ft_private
->encrypted_outbuf
);
486 ft_private
->outbuf_size
= size
;
487 ft_private
->encrypted_outbuf
= g_malloc(ft_private
->outbuf_size
);
488 if (!ft_private
->encrypted_outbuf
) {
489 sipe_backend_ft_error(SIPE_FILE_TRANSFER_PUBLIC
,
491 SIPE_DEBUG_ERROR("sipe_core_ft_write: can't allocate %" G_GSIZE_FORMAT
" bytes for send buffer",
492 ft_private
->outbuf_size
);
497 ft_private
->bytes_remaining_chunk
= size
;
498 ft_private
->outbuf_ptr
= ft_private
->encrypted_outbuf
;
499 sipe_crypt_ft_stream(ft_private
->cipher_context
,
501 ft_private
->encrypted_outbuf
);
502 sipe_digest_ft_update(ft_private
->hmac_context
,
505 /* chunk header format:
507 * 0: 00 unknown (always zero?)
508 * 1: LL chunk size in bytes (low byte)
509 * 2: HH chunk size in bytes (high byte)
511 * Convert size from host order to little endian
514 hdr_buf
[1] = (ft_private
->bytes_remaining_chunk
& 0x00FF);
515 hdr_buf
[2] = (ft_private
->bytes_remaining_chunk
& 0xFF00) >> 8;
517 /* write chunk header */
518 if (!sipe_backend_ft_write(SIPE_FILE_TRANSFER_PUBLIC
, hdr_buf
, sizeof(hdr_buf
))) {
519 sipe_backend_ft_error(SIPE_FILE_TRANSFER_PUBLIC
,
520 _("Socket write failed"));
525 bytes_written
= sipe_backend_ft_write(SIPE_FILE_TRANSFER_PUBLIC
,
526 ft_private
->outbuf_ptr
,
527 ft_private
->bytes_remaining_chunk
);
528 if (bytes_written
< 0) {
529 raise_ft_error(ft_private
, _("Socket write failed"));
530 } else if (bytes_written
> 0) {
531 ft_private
->bytes_remaining_chunk
-= bytes_written
;
532 ft_private
->outbuf_ptr
+= bytes_written
;
535 return bytes_written
;