Protocols/OSCAR/Sign On/FLAP

From NINA Wiki
Jump to navigation Jump to search
OSCAR Protocol
IntroductionTermsClients
Basic
DatatypesFLAPSNACTLV
UUIDsErrorsTool IDs
Host Interaction
Rate LimitsMigrationMessages
Other Services
ADMINADVERTALERT
BARTBOSBUCPCHAT
CHAT_NAV
Tutorials
Sign OnBARTRendezvous
ICBMLocateBuddies
Foodgroups
OSERVICE (0x0001)
LOCATE (0x0002)
BUDDY (0x0003)
ICBM (0x0004)
ADVERT (0x0005)
INVITE (0x0006)
ADMIN (0x0007)
POPUP (0x0008)
PD (0x0009)
USER_LOOKUP (0x000A)
STATS (0x000B)
TRANSLATE (0x000C)
CHAT_NAV (0x000D)
CHAT (0x000E)
ODIR (0x000F)
BART (0x0010)
FEEDBAG (0x0013)
ICQ (0x0015)
BUCP (0x0017)
ALERT (0x0018)
PLUGIN (0x0022)
UNNAMED_FG_24 (0x0024)
MDIR (0x0025)
ARS (0x044A)

This is for the FLAP-level sign on method. This is the oldest method of sign on, used prior to AIM 3.5. This refers to the FLAP__FRAME_SIGNON authentication method for a user to authenticate to the network. This works similar to, but is not the same as, FLAP__FRAME_SIGNON sequences used to connect to BOSS and other services.

Sequence

Below is a table laying out the sequence, which is further detailed in the sections below. Keep in mind that all of the packets are FLAP packets, and thus only the data is discussed.

Origin Name Length Value Note
Host FLAP_VERSION 4 00 00 00 01 Always 0x01
Client FLAP_FRAME_SIGNON blob xx .. TLV chain containing authentication information
Host FLAP_FRAME_SIGNOFF blob xx .. TLV chain of either BOSS or error information

FLAP_FRAME_SIGNON

X

FLAP_FRAME_SIGNOFF

X

Clients are allowed to, but not required to, send their own empty FLAP_FRAME_SIGNOFF after receiving this one.


From Aleksandr Shutko: SRV_COOKIE: server authorization response

SRV_COOKIE   


This is the server reply for for cli_ident packet. It contain BOS address / authorization cookie. It always come from FLAP channel 0x04. See also channel 0x01 authorization sequence info.

 00 01   word   TLV.Type(0x01) - screen name (uin)
 xx xx   word   TLV.Length
 xx ..   string   Screen name (uin)
 00 05   word   TLV.Type(0x05) - BOS server address
 xx xx   word   TLV.Length
 xx ..   string   BOS server address string
 00 06   word   TLV.Type(0x06) - authorization cookie
 xx xx   word   TLV.Length
 xx ..   array   authorization cookie
 may contain other tlv from the following list


Example SNAC dump with flap header:


  2A 04 62 BF 01 21 00 01  00 06 37 37 37 37 37 37 *.b..!....777777
  00 05 00 0F 31 30 2E 31  30 2E 31 30 2E 39 3A 35 ....10.10.10.9:5
  31 39 30 00 06 01 00 37  37 37 37 37 37 39 63 64 190....7777779cd
  42 63 66 39 61 32 36 38  35 63 44 32 66 4E 39 66 Bcf9a2685cD2fN9f
  42 61 61 66 42 61 63 31  43 31 36 54 63 44 66 39 BaafBac1C16TcDf9
  37 44 37 31 37 61 44 30  44 66 35 30 33 45 31 63 7D717aD0Df503E1c
  37 31 31 65 44 41 41 41  41 41 41 41 41 41 41 41 711eDAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41 41  41 41 41 41 41 41 41 41 AAAAAAAAAAAAAAAA
  41 41 41 41 41 41 41                             AAAAAAA

Next steps


From Aleksandr Shutko: CLI_IDENT: client authorization request (channel 0x01)

CLI_IDENT   


     Client use this packet in FLAP channel 0x01 based authorization sequence. So client should send it on FLAP channel 0x01. Server should reply via srv_cookie packet, containing BOS address/cookie or via auth_failed packet, containing error code.

     Passwords are roasted when sent to the host. This is done so they aren't sent in "clear text" over the wire, although they are still trivial to decode. Roasting is performed by first xoring each byte in the password with the equivalent modulo byte in the roasting array ( 0xF3, 0x26, 0x81, 0xC4, 0x39, 0x86, 0xDB, 0x92, 0x71, 0xA3, 0xB9, 0xE6, 0x53, 0x7A, 0x95, 0x7C )

 00 00 00 01 dword protocol version number


 00 01   word   TLV.Type(0x01) - screen name (uin)
 xx xx   word   TLV.Length
 xx ..   string   Screen name (uin)


 00 02   word   TLV.Type(0x02) - roasted password
 xx xx   word   TLV.Length
 xx ..   array   roasted password array


 00 03   word   TLV.Type(0x03) - client id string
 xx xx   word   TLV.Length
 xx ..   string   Client id string (name, version)


 00 16   word   TLV.Type(0x16) - client id
 00 02   word   TLV.Length
 xx xx   word   Client id number


 00 17   word   TLV.Type(0x17) - client major version
 00 02   word   TLV.Length
 xx xx   word   Client major version


 00 18   word   TLV.Type(0x18) - client minor version
 00 02   word   TLV.Length
 xx xx   word   Client minor version


 00 19   word   TLV.Type(0x19) - client lesser version
 00 02   word   TLV.Length
 xx xx   word   Client lesser version


 00 1A   word   TLV.Type(0x1A) - client build number
 00 02   word   TLV.Length
 xx xx   word   Client build number


 00 14   word   TLV.Type(0x14) - distribution number
 00 04   word   TLV.Length
 xx xx xx xx   dword   Distribution number


 00 0F   word   TLV.Type(0x0F) - client language (2 symbols)
 xx xx   word   TLV.Length
 xx ..   string   Client language


 00 0E   word   TLV.Type(0x0E) - client country (2 symbols)
 xx xx   word   TLV.Length
 xx ..   string   Client country
 May contain other tlv from the following list


Example SNAC dump with flap header (uin="777777", pass="password"):


  2A 01 13 5A 00 83 00 00 00 01 00 01 00 06 37 37 *..Z..........77
  37 37 37 37 00 02 00 08 83 47 F2 B7 4E E9 A9 F6 7777.....G..N...
  00 03 00 33 49 43 51 20 49 6E 63 2E 20 2D 20 50 ...3ICQ Inc. - P
  72 6F 64 75 63 74 20 6F 66 20 49 43 51 20 28 54 roduct of ICQ (T
  4D 29 2E 32 30 30 30 62 2E 34 2E 36 35 2E 31 2E M).2000b.4.65.1.
  33 32 38 31 2E 38 35 00 16 00 02 01 0A 00 17 00 3281.85.........
  02 00 04 00 18 00 02 00 41 00 19 00 02 00 01 00 ........A.......
  1A 00 02 0C D1 00 14 00 04 00 00 00 55 00 0F 00 ............U...
  02 65 6E 00 0E 00 02 75 73                      .en....us