[Pidgin] #9517: Cannot connect to Y! when using SOCKS4/5 to go through a compliance solution
Pidgin
trac at pidgin.im
Sat Jun 27 00:26:49 EDT 2009
#9517: Cannot connect to Y! when using SOCKS4/5 to go through a compliance
solution
------------------------+---------------------------------------------------
Reporter: dlevine278 | Owner: sulabh.dev
Type: defect | Status: new
Milestone: | Component: Yahoo!
Version: 2.5.7 | Resolution:
Keywords: |
------------------------+---------------------------------------------------
Comment(by sulabh.dev):
How we authenticate:
We send yahoo server (port 5050) a packet saying we want to authenticate,
in response we get a seed. We setup a ssl connection to another yahoo
server, and with this seed obtain a token, which we again use (through ssl
connection) to obtain a crumb. We combine the crumb and seed, and perform
some functions over it to obtain a string.[[BR]]
This string is then sent in response to the original authentication packet
received from yahoo server (port 5050).[[BR]]
Role of https was only to retrieve crumb (and token).
[[BR]]
[[BR]]
In the packet capture you gave us, official client doesn't seem to be
needing crumb/token from yahoo's https server. The only reason I can think
of is that official client has built in the algorithm that generates crumb
(and/or token) and eventually the coded string.[[BR]]
[[BR]]
The only way we can implement this is if we know that algorithm.[[BR]]
(This is the new login mechanism, only difference being that what we
obtain from yahoo servers over ssl connection, is computed locally).[[BR]]
[[BR]]
Take a look at:[[BR]]
http://www.carbonize.co.uk/ymsg16.html
--
Ticket URL: <http://developer.pidgin.im/ticket/9517#comment:9>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list