Protocols/OSCAR/SNAC/BUCP LOGIN REQUEST: Difference between revisions
No edit summary |
No edit summary |
||
(11 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{Template:Protocols/OSCAR}} | {{Template:Protocols/OSCAR}} | ||
This is the final SNAC sent by the client when authorizing via BUCP. After this sent, the server | This is the final SNAC sent by the client when authorizing via BUCP, and contains a hashed password among other things. After this is sent, the server should respond with a [[Protocols/OSCAR/SNAC/BUCP__LOGIN_RESPONSE|BUCP__LOGIN_RESPONSE]] SNAC. Whether the client were authorized or not shows in the TLVs of the aforementioned SNAC. | ||
{{Template:Protocols/OSCAR/SNAC/Header | {{Template:Protocols/OSCAR/SNAC/Header | ||
|foodgroup=00 17 | |foodgroup=00 17 | ||
|subgroup=00 02 | |subgroup=00 02 | ||
|flags=00 00 | |flags=00 00 | ||
|request_id=00 00 00 00}} | |request_id=00 00 00 00}} | ||
=== | {{Template:Protocols/OSCAR/SNAC/TLV | ||
|tlv_type=00 01 | |||
|tlv_type_desc=TLV Type (0x0001) - screen name | |||
|tlv_length=xx xx | |||
|tlv_data_val=xx .. | |||
|tlv_data_type=string | |||
|tlv_data_desc=Screen name}} | |||
{ | {{Template:Protocols/OSCAR/SNAC/TLV | ||
|tlv_type=00 25 | |||
|tlv_type_desc=TLV Type (0x0025) - password hashed in MD5 | |||
|tlv_length=00 10 | |||
| 00 | |tlv_data_val=xx .. | ||
|- | |tlv_data_type=array | ||
|tlv_data_desc=MD5-hashed password (see below on how to do so)}} | |||
| | |||
| | |||
| | |||
|- | |||
==== | {{Template:Protocols/OSCAR/SNAC/TLV | ||
Hashing the password, in some older AIM versions implementing BUCP authentication, hashes via MD5 in the following format: | |tlv_type=00 03 | ||
|tlv_type_desc=TLV Type (0x0003) - client ID string | |||
|tlv_length=xx xx | |||
|tlv_data_val=xx .. | |||
|tlv_data_type=string | |||
|tlv_data_desc=Client ID string with the name and version (i.e., "AOL Instant Messenger (SM), version 4.8.2540/WIN32")}} | |||
{{Template:Protocols/OSCAR/SNAC/TLV | |||
|tlv_type=00 16 | |||
|tlv_type_desc=TLV Type (0x0016) - client ID number | |||
|tlv_length=00 02 | |||
|tlv_data_val=xx xx | |||
|tlv_data_type=word | |||
|tlv_data_desc=Client ID number}} | |||
{{Template:Protocols/OSCAR/SNAC/TLV | |||
|tlv_type=00 17 | |||
|tlv_type_desc=TLV Type (0x0017) - client major version | |||
|tlv_length=00 02 | |||
|tlv_data_val=xx xx | |||
|tlv_data_type=word | |||
|tlv_data_desc=Client major version (i.e., "4" in "4.8.2540")}} | |||
{{Template:Protocols/OSCAR/SNAC/TLV | |||
|tlv_type=00 18 | |||
|tlv_type_desc=TLV Type (0x0018) - client minor version | |||
|tlv_length=00 02 | |||
|tlv_data_val=xx xx | |||
|tlv_data_type=word | |||
|tlv_data_desc=Client minor version (i.e., "8" in "4.8.2540")}} | |||
{{Template:Protocols/OSCAR/SNAC/TLV | |||
|tlv_type=00 19 | |||
|tlv_type_desc=TLV Type (0x0019) - client lesser version | |||
|tlv_length=00 02 | |||
|tlv_data_val=xx xx | |||
|tlv_data_type=word | |||
|tlv_data_desc=Client lesser version}} | |||
{{Template:Protocols/OSCAR/SNAC/TLV | |||
|tlv_type=00 1A | |||
|tlv_type_desc=TLV Type (0x001A) - client build number | |||
|tlv_length=00 02 | |||
|tlv_data_val=xx xx | |||
|tlv_data_type=word | |||
|tlv_data_desc=Client build number (i.e., "2540" in "4.8.2540")}} | |||
{{Template:Protocols/OSCAR/SNAC/TLV | |||
|tlv_type=00 14 | |||
|tlv_type_desc=TLV Type (0x0014) - client distribution number | |||
|tlv_length=00 04 | |||
|tlv_data_val=xx xx xx xx | |||
|tlv_data_type=dword | |||
|tlv_data_desc=Client distribution number}} | |||
{{Template:Protocols/OSCAR/SNAC/TLV | |||
|tlv_type=00 0F | |||
|tlv_type_desc=TLV Type (0x000F) - client language | |||
|tlv_length=00 02 | |||
|tlv_data_val=xx xx | |||
|tlv_data_type=string | |||
|tlv_data_desc=Client language (i.e., "en")}} | |||
{{Template:Protocols/OSCAR/SNAC/TLV | |||
|tlv_type=00 0E | |||
|tlv_type_desc=TLV Type (0x000E) - client country | |||
|tlv_length=00 02 | |||
|tlv_data_val=xx xx | |||
|tlv_data_type=string | |||
|tlv_data_desc=Client country (i.e., "us")}} | |||
<!-- I'm not sure what the flag values really mean --> | |||
{{Template:Protocols/OSCAR/SNAC/TLV | |||
|tlv_type=00 0F | |||
|tlv_type_desc=TLV Type (0x000F) - SSI flag | |||
|tlv_length=00 02 | |||
|tlv_data_val=xx xx | |||
|tlv_data_type=word | |||
|tlv_data_desc=SSI flag; 1 - use SSI only, 2 - foodgroup 0x03}} | |||
{{Template:Protocols/OSCAR/SNAC/CommonTLV}} | |||
{{Template:Protocols/OSCAR/SNAC/Footer}} | |||
Hashing the password, in some older AIM versions implementing BUCP authentication, hashes via MD5 in the following format (old_hash): | |||
* Challenge | * Challenge | ||
* Password | * Password | ||
* "AOL Instant Messenger (SM)" | * "AOL Instant Messenger (SM)" | ||
However, in some newer AIM versions, they hash via MD5 in the following format: | However, in some newer AIM versions, they hash via MD5 in the following format (new_hash): | ||
* Challenge | * Challenge | ||
* md5(password) | * md5(password) | ||
Line 59: | Line 125: | ||
</pre> | </pre> | ||
''Note | ''Note to server developers: You will have to hash the password in both formats, and compare both the hashes with what the client hashed to verify the password in order to support the full range of BUCP clients.'' | ||
Example dump (sent by a AIM 4.8.2540 client - dump contains a FLAP header): | Example dump (sent by a AIM 4.8.2540 client - dump contains a FLAP header): | ||
<pre> | <pre> | ||
0000 2a 02 17 8b 00 99 00 17 00 02 00 00 00 00 00 00 *............... | 0000 2a 02 17 8b 00 99 00 17 00 02 00 00 00 00 00 00 *............... | ||
0010 00 01 00 0a 74 6f 78 69 64 61 74 69 6f 6e 00 25 ....toxidation.% | 0010 00 01 00 0a 74 6f 78 69 64 61 74 69 6f 6e 00 25 ....toxidation.% | ||
0020 00 10 | 0020 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | ||
0030 | 0030 00 00 00 03 00 32 41 4f 4c 20 49 6e 73 74 61 6e .....2AOL Instan | ||
0040 74 20 4d 65 73 73 65 6e 67 65 72 20 28 53 4d 29 t Messenger (SM) | 0040 74 20 4d 65 73 73 65 6e 67 65 72 20 28 53 4d 29 t Messenger (SM) | ||
0050 2c 20 76 65 72 73 69 6f 6e 20 34 2e 38 2e 32 35 , version 4.8.25 | 0050 2c 20 76 65 72 73 69 6f 6e 20 34 2e 38 2e 32 35 , version 4.8.25 | ||
Line 75: | Line 141: | ||
0090 00 02 65 6e 00 0e 00 02 75 73 00 4a 00 01 01 ..en....us.J... | 0090 00 02 65 6e 00 0e 00 02 75 73 00 4a 00 01 01 ..en....us.J... | ||
</pre> | </pre> | ||
Latest revision as of 19:27, 21 July 2024
OSCAR Protocol |
Introduction • Terms • Clients |
Basic |
TODO |
Tutorials |
Sign On |
Foodgroups |
OSERVICE (0x0001) |
BUCP (0x0017) |
This is the final SNAC sent by the client when authorizing via BUCP, and contains a hashed password among other things. After this is sent, the server should respond with a BUCP__LOGIN_RESPONSE SNAC. Whether the client were authorized or not shows in the TLVs of the aforementioned SNAC.
|
Hashing the password, in some older AIM versions implementing BUCP authentication, hashes via MD5 in the following format (old_hash):
- Challenge
- Password
- "AOL Instant Messenger (SM)"
However, in some newer AIM versions, they hash via MD5 in the following format (new_hash):
- Challenge
- md5(password)
- "AOL Instant Messenger (SM)"
For example:
old_hash = md5(challenge + password + "AOL Instant Messenger (SM)") new_hash = md5(challenge + md5(password) + "AOL Instant Messenger (SM)")
Note to server developers: You will have to hash the password in both formats, and compare both the hashes with what the client hashed to verify the password in order to support the full range of BUCP clients.
Example dump (sent by a AIM 4.8.2540 client - dump contains a FLAP header):
0000 2a 02 17 8b 00 99 00 17 00 02 00 00 00 00 00 00 *............... 0010 00 01 00 0a 74 6f 78 69 64 61 74 69 6f 6e 00 25 ....toxidation.% 0020 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0030 00 00 00 03 00 32 41 4f 4c 20 49 6e 73 74 61 6e .....2AOL Instan 0040 74 20 4d 65 73 73 65 6e 67 65 72 20 28 53 4d 29 t Messenger (SM) 0050 2c 20 76 65 72 73 69 6f 6e 20 34 2e 38 2e 32 35 , version 4.8.25 0060 34 30 2f 57 49 4e 33 32 00 16 00 02 01 09 00 17 40/WIN32........ 0070 00 02 00 04 00 18 00 02 00 08 00 19 00 02 00 00 ................ 0080 00 1a 00 02 09 ec 00 14 00 04 00 00 00 af 00 0f ................ 0090 00 02 65 6e 00 0e 00 02 75 73 00 4a 00 01 01 ..en....us.J...