Yahoo warning: Version of messenger will expire on April 2, 2008

[anonymous]

Upon logging in to Yahoo! via bitlbee, I've got the following notice:

YAHOO - Logging in: Connecting
YAHOO - Yahoo! system message: Warning: This version of Messenger will expire on April 2, 2008. Please upgrade to the latest supported version: ​http://messenger.yahoo.com Learn more: ​http://messenger.yahoo.com/eol
YAHOO - Logged in

It seems as if bitlbee may lose the ability to connect to Yahoo! IM if nothing is being done here...?

I'm using bitlbee 1.0.3 from Ubuntu Gutsy (7.10) at the moment.

[wilmer]

Hmm, this is annoying. :-( Pidgin doesn't seem to have this problem. I wonder what's different in their Yahoo! module...

[wilmer]

Their module seems quite different from where libyahoo2 is now. I tried simply copying version strings from libpurple, but that wasn't enough. I'm not sure what would help. Surprisingly, this hasn't come up on the libyahoo2 mailing lists yet, I may have to bring it up myself.

I'm not sure how much time I'll need (and have) to fix this in time...

[wilmer]

Okay, looked at some traffic dumps. For some reason, the Yahoo! servers send a recent libpurple a different authentication method request than to BitlBee. I can't see any obvious reason why this happens but may find out later.

[wilmer]

Ok, theoretically this is a one-line fix:

--- protocols/yahoo/libyahoo2.c 2007-11-23 23:07:44 +0000
+++ protocols/yahoo/libyahoo2.c 2008-03-10 23:01:30 +0000
@@ -736,7 +736,8 @@
        data = y_new0(unsigned char, len + 1);
 
        memcpy(data + pos, "YMSG", 4); pos += 4;
-       pos += yahoo_put16(data + pos, 0x0a00);
+//     pos += yahoo_put16(data + pos, 0x0a00);
+       pos += yahoo_put16(data + pos, 0x000f);
        pos += yahoo_put16(data + pos, 0x0000);
        pos += yahoo_put16(data + pos, pktlen + extra_pad);
        pos += yahoo_put16(data + pos, pkt->service);

With this, the warning doesn't show up anymore. I'm not convinced that this would be a full solution though, I assume there will be more changes. For example, with this change the server requests a different authentication method, while BitlBee (and libpurple as well) still uses the "old" one. It's quite likely that Yahoo! will drop support for this authentication method in April.

[wilmer]

The new authentication is HTTPS-based, like the MS Passport authentication. I'll let someone else figure out how that works...

[anonymous]

I know wilmer knows this, but for others: this will be a problem on the latest version, 1.0.4 too.

[wilmer]

Not just 1.0.4, but all BitlBee versions. And if they're going to replace the current authentication method, probably all existing "alternative" Yahoo! clients.

[wilmer]

Lots of interesting information at: ​http://www.google.com/search?q=pwtoken_login

[bitlbee-trac@…]

If someone with a Windows machine, a copy of Wireshark and some spare time wants to find out if the one line fix is likely to work there is a fairly simple test possible.

Go to ​http://www.oldversion.com/program.php?n=yahoo and get copies of the old official yahoo client versions and determine the oldest one that doesn't generate this warning. Then look with Wireshark and see if it uses http or https protocols when logging in. If http then the one line fix will probably work for now.

[wilmer]

After a short chat on the libyahoo2 mailing list, I decided to bounce this to 0x000c. This is the oldest version that doesn't generate this message and also it doesn't request HTTPS-based authentication.

Actually I also implemented the HTTPS-based authentication, but won't commit it for now since it's not required, and I noticed some changes in server behaviour I'd have to handle properly. (New way of sending the contact list.)

So I'll bounce this to 0x000c then. This is probably a good reason to try to release 1.2 before the second of April...

[wilmer]

This patch implements the HTTPS-based authentication.

[wilmer]

Protocol version bumped in changeset:devel,345. I hope this indeed doesn't break anything else.

[xpert.developer@…]

Hello, I have developed Yahoo Messenger for J2Me. I am having the same problem "This version of Messenger will expire on April 2, 2008. Please upgrade to the latest supported version: ​http://messenger.yahoo.com Learn more: ​http://messenger.yahoo.com/eol" I have gone thorugh the link given in the last messages but not getting anything.So,Please please help me.... I can provide you my code if anybody can help me to resolve this problem in Java/J2Me.

Thanks in advance.

Replying to wilmer:

Protocol version bumped in changeset:devel,345. I hope this indeed doesn't break anything else.

[wilmer]

Sir, you were repeating yourself a bit (three almost identical comments). :-)

Anyway, the fix is *very* simple. At least in my case (libyahoo2) it was. Just increase the version number sent in every packet (right after the "YMSG" header), experiment with it a bit. Possibly you may have to change handling of some packet types slightly, depending on the state of your other code. See that changelist 345 linked to above.

[wilmer]

Oops, sorry, I removed all three comments now. Anyway, please stop reopening this ticket, this is the *BitlBee* bug tracker. Your comments are visible even when the ticket is closed.

I don't "speak" Java so there's not much I can do for you. You should probably talk to the author of the Yahoo! module you use in your program. Simply look for the part of the code that sends the "YMSG" header, the version number comes right after that.

[xpert.developer@…]

Thanks for your reply. Just one last help.

1. Can you please tell me what should be the version number?

Right now i am using : {10, 0x00,0x00,0x00}

2. What other changes should be made to the parser?

Thanks. Please reply.

Replying to wilmer:

Oops, sorry, I removed all three comments now. Anyway, please stop reopening this ticket, this is the *BitlBee* bug tracker. Your comments are visible even when the ticket is closed.

I don't "speak" Java so there's not much I can do for you. You should probably talk to the author of the Yahoo! module you use in your program. Simply look for the part of the code that sends the "YMSG" header, the version number comes right after that.

[Wilmer van der Gaast <wilmer@…>]

BitlBee wrote:

1. Can you please tell me what should be the version number?
   Right now i am using : {10, 0x00,0x00,0x00}

Try 12. Or 13. You may have to swap the version number and the last 0x00.

2. What other changes should be made to the parser?
   

I don't know.

Good luck.

[bitlbee@…]

Hi,

What source tree version is this patch for, and where/how to get it?

Thanks

[xpert.developer@…]

Hi, Thanks for your interest. You can get the source code / API documents for yahoo messenger from here ​http://jymsg9.sourceforge.net/

Thanks Replying to bitlbee@faxm0dem.org:

Hi,

What source tree version is this patch for, and where/how to get it?

Thanks

[bitlbee@…]

Replying to xpert.developer@gmail.com:

Hi, Thanks for your interest. You can get the source code / API documents for yahoo messenger from here ​http://jymsg9.sourceforge.net/

hmmm thanks but I was looking for the source code for bitlbee I grabbed 1.2 and the debian source package but none work with the attached patch

[sangngdht@…]

Yahoo System Message: This version of Messenger expired on April help My this Error