Kopete and Yahoo!
I've just committed the implementation of the new Yahoo! protocol authentication to Subversion and wanted to provide more information on what the problem was and how to get the fix.
Hey, why can't I login in anymore?
The problem that affected Kopete is with the authentication mechanism. Yahoo Messenger 6 used a heinously complicated password obfuscation method to "encrypt" the password as it was being sent over the wire to Yahoo's servers. Way back when, Cerulean Studios, the creators of the Trillian client, were kind enough to implement this authentication mechanism. Pidgin got it, as well as the libyahoo2 library we were using at the time. When we switched to our own Yahoo! library some time later, we carried it over. As part of this change, we began to identify to the Yahoo servers as Yahoo Messenger 6. Everything was working, and everybody was happy.
The real problem came relatively recently. As time went by, we started updating which version of Yahoo Messenger we presented ourselves as. When those changes were made, the authentication code was never updated. So, even though we said, hey we're version 15, we were using the older scheme. I even found out in February that Yahoo! was going to be changing their authentication mechanism. I didn't do anything because I was too busy with other stuff, and this fell by the wayside.
Yahoo began upgrading their servers at some point recently to phase out the older clients. It became a problem for us because when they upgraded, they started requiring protocol version 15 clients to speak the version 15 authentication scheme, which we never implemented. Since we still spoke version 13's authentication, this cut us off entirely.
So where do I get the fix?
A nice person pointed the Pidgin folks at some documentation, and when this problem reared its ugly head a few days ago, they got to work on a fix. I pulled the fix from their code and now we authenticate the same way Pidgin does. That code is now in KDE's subversion repositories in trunk, the 4.3 branch, and the 4.2 branch. I've sent a message to the packager mailing list with the revision number from the 4.2 branch that needs to be integrated. I've also asked for a retagging of KDE 4.3 RC1 so that the fix can be included there as well.
So, you'll need to wait for your distribution to provide package upgrades or compile from Subversion yourself.
What the fix does
It does three things:
- Implements the new authentication mechanism - which is much simpler
- Sets the default server to scsa.msg.yahoo.com - this is what Pidgin is using now as well
- Converts any configuration that was using a yahoo.com server to login to point at scsa.msg.yahoo.com instead, so that you have the highest possibility of logging in
Other Yahoo! login problems
If after you've upgraded, you still can't login, please file a new bug so that it can be investigated and handled properly. Adding comments to the already existing bug are not as likely to net a solution that will actually work.
Credits
Thanks to the Pidgin folks for the code and the new release which is how I actually noticed the problem in the first place. I didn't see the original bug report come in.
Thanks in particular to John Bailey, whose post on the subject from Pidgin's point of view provided the inspiration and some small bits of content for this blog post and its format.
June 25th, 2009 - 03:23
Thank you and everyone else. I thought I had a busted yahoo plugin and didn’t know that it was yahoo’s fault >.>. But yeah, I’m surprised from what I remember msnp never did this, you can still use msn from like 5 years ago and still work today as long as it’s above 10 iirc. But blah, I only have yahoo to talk to my friends. I hate yahoo >.<
June 25th, 2009 - 03:49
Thanks for the fix!
Will this fix also bring the email notification back? Or is it completely unrelated? (the email notification has not been working for a much longer time now, but who knows, maybe it was related to this issue).
June 25th, 2009 - 05:43
Will this get pushed back to the 3.5 series as well ? I see you writing about the 4 series but no talk about # ?
June 25th, 2009 - 21:10
I would like to know if this affects kopete from kde 3.5.10, and in that case, is there any patch to solve it?
Why is it that when we finally have something good and stable going on, like kde 3, support stops and we are forced to move to something new, slow and full of bugs like kde 4, only because kde 3 is not exciting anymore to develop.
Thats the problem with opensource, as soon as its not exciting anymore, its not supported.
June 26th, 2009 - 07:09
Pepe, yep. Every method of development has its + and -.
June 26th, 2009 - 11:52
Actually, the advantage of Open Source is that you can modify it yourself, or have someone (anyone who can) to do it for you.
You do not need to move to KDE 4; I’m sure the fix can easily be ported to the KDE 3 code. Probably some one will be willing to do it and posted back to the community.
June 26th, 2009 - 12:11
One more thing for those waiting on packages from their distributions: In the mean time, you can override the default server for your Yahoo
accounts with: cn.scs.msg.yahoo.com
It is working now and will continue to work until Yahoo upgrades this
server.
June 26th, 2009 - 12:42
This doesn’t fix the email notifications.
It won’t be available for KDE 3.5, even if it affects those versions. KDE as a whole doesn’t have the manpower to support the KDE 3 series anymore. But like Jim said, the patch is available and can be backported.
July 4th, 2009 - 03:16
Well, then:
bye bye Kopete, it was nice but I have no time for trouble, again and again installing and fiddeling with the OS… going for Pidgin now… best to use a desktop for desktop and not bloat it with a lot of proggies that then get out of support!
July 15th, 2009 - 21:49
Jim, thanks for that. Works
July 27th, 2009 - 22:42
Matt,
Trying to install the Kopete subversion on Jaunty Kubuntu Linux. Thanks for the fix. Glad to know I can continue with Kopete.
September 15th, 2009 - 21:56
For the KDE 3.5 users there is a bug here:
https://bugs.launchpad.net/ubuntu/+source/kdenetwork/+bug/430069
Please vote for a fix.
Murray