Package: reaim
Version: 0.8-2
Severity: important
Tags: patch
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i586)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.22-rc1
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages reaim depends on:
ii iptables 1.3.2-1 Linux kernel 2.4+ iptables adminis
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii logrotate 3.7-2 Log rotation utility
reaim recommends no packages.
-- no debconf information
Important because:
----
Description: Enable AIM and MSN file transfer on Linux iptables based NAT
ReAIM is a compact transparent proxy designed to be run on or behind a Linux
iptables based firewall. When run behind a simple address-translating
firewall, the current AIM client software does not allow direct-connections
between users to work. AIM requires direct-connections for file and image
transfers.
----
So if DirectIM fails, the package is completely useless. The rest of the
functionality
will work with standard NAT.
I checked current CVS and it has the same problem. fp_oscar_tx is parsing the
outbound
packet, but it only checks the FIRST TLV in a packet. Recent versions of Gaim
and Trillian
do not always put the DirectIM in the first TLV.
The following patch applies cleanly to 0.8 to test each TLV in a packet for
DirectIM setup, then
proccesses that TLV. This patch was designed for brevity, but has worked for
me since october 2004.
*** /home/harik/old/src/reaim-patch
diff -ur reaim-0.8/reaim.c reaim-0.8.new/reaim.c
--- reaim-0.8/reaim.c 2003-04-22 21:49:14.000000000 -0400
+++ reaim-0.8.new/reaim.c 2004-10-11 21:06:01.000000000 -0400
@@ -1917,7 +1917,7 @@
listen_track_struct *lt;
struct timeval tv_now;
#endif
-
+ //
// Not long enough for us to check properly...
if (len < 26)
return len;
@@ -1927,13 +1927,28 @@
return len;
// Does it look like a potential Direct Connection setup packet ?
- if ((AIM_CMDSTART(buff) == 0x2a) &&
- (AIM_CHANNEL(buff) == 0x02) &&
- (AIM_FNAC_FAMILY(buff) == 0x0004) &&
- (AIM_FNAC_SUBTYPE(buff) == 0x0006) &&
- (AIM_FNAC_FLAGS(buff) == 0x0000) &&
- (AIM_SNAC_CHAN(buff) == 0x0002) &&
- (AIM_SNAC_TLV_TYPE(buff) == 0x0005)) {
+ if (AIM_CMDSTART(buff) == 0x2a)
+ if (AIM_CHANNEL(buff) == 0x02)
+ if (AIM_FNAC_FAMILY(buff) == 0x0004)
+ if (AIM_FNAC_SUBTYPE(buff) == 0x0006)
+ if (AIM_FNAC_FLAGS(buff) == 0x0000)
+ if (AIM_SNAC_CHAN(buff) == 0x0002) { // look for the 0x0005 type
+
+ unsigned char * tlv_p;
+ struct { unsigned short type __attribute__((packed)),
+ len __attribute__((packed));} tlv;
+ tlv_p=buff+AIM_BUD_NEXT(buff);
+ while (tlv_p < buff+len) {
+ memcpy(&tlv, tlv_p, 4);
+ tlv_p += 4;
+ tlv.type=ntohs(tlv.type);
+ tlv.len=ntohs(tlv.len);
+ if (tlv.type==0x0005)
+ break;
+ tlv_p += tlv.len;
+ }
+
+ if (tlv.type == 0x0005) {
int alloc_port, orig_dcc_port;
int ip[4], ip_offset, src_ip[4], offset;
@@ -1942,6 +1957,8 @@
unsigned char scan[12], mask[12];
pending_dc_struct *pdc;
+ write_log(log_file, "Found the right type!");
+
// Read the source IP for the client connection.
// We use this for extra sanity checks in locating the client IP
// in the setup packet
@@ -2065,6 +2082,7 @@
pdc->next = dc_list.next;
dc_list.next = pdc;
}
+ }
return len;
}
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
