MSNP8:Authentication

From MSNPiki

Jump to: navigation, search
MSN Protocol Version 8

General · Connecting · Messaging

Authentication . Presence . Challenges . Getting Details . Setting Details . Messages . Miscellaneous . Example Session


Contents

Overview

The first step into authenticating yourself on the MSN Messenger network is to connect to the Dispatch Server, decide on which version of protocol you are using, and retrieve the IP address of the proper Notification Server.

When you first connect to a notification server, you are in the "login stage", which involves agreeing on a protocol version to use, authenticating yourself to the MSN server, and possibly being redirected to another notification server if the current one is overloaded.

During the login stage, the server behaves different from normal. Communication is essentially synchronous - the client sends a command to the server, the server responds, the client sends another command, and so on. If you send a command at the wrong time, the server will send Error 715, then close the connection. If you send a command which has no meaning during the login stage, the connection will close immediately with no error. None of these rules apply outside of the login stage.

Negotiating MSNP & Client Version

VER

The VER command notifies the server which protocol versions the client supports. The VER command is a standard command and lists the supported protocol versions as parameters (note that protocol versions are case sensitive). If the server supports at least one of these protocols the parameter(s) recieved will be a list of the supported protocol(s), otherwise the response will contain a single parameter of 0, and will disconnect you immediately (this shouldn't normally happen).

Successful protocol negotiation

- Open connection to messenger.hotmail.com:1863
< VER 1 MSNP11 CVR0\r\n
> VER 1 MSNP11 CVR0\r\n
- Continue authentication

Unsuccessful protocol negotiation

- Open connection to messenger.hotmail.com:1863
< VER 1 Unsupported CVR0\r\n
> VER 1 CVR0\r\n
- Server closes connection

Sending multiple versions, server supports one

- Open connection to messenger.hotmail.com:1863
< VER 1 MSNP11 Unsupported CVR0\r\n
> VER 1 MSNP11 CVR0\r\n
- Continue authentication

Sending multiple versions, server picks its favorite

- Open connection to messenger.hotmail.com:1863
< VER 1 MSNP9 MSNP10 MSNP11 MSNP12 CVR0\r\n
> VER 1 MSNP12 MSNP11 MSNP10 MSNP9 CVR0\r\n
- Continue authentication

CVR

The CVR command is also a standard command, that is used to send version information about a client and operating system to the server. The server will reply with information about the version of the client that users are currently recommended to use (which may be the same as the version currently being used).

The CVR command includes information about the language you speak, the name and version of your client, and the name and version of your OS. You can send a CVR command to the NS at any time after you have finished logging in, but the official client always sends it immediately after sending the initial CHG. You can send CVR as many or as few times as you like. CVR has a TrID and 8 parameters.

Like with any other command, the server will reply to a CVR command with a CVR reply. For some reason, though, the official client would be just as happy if you replaced CVR with CVQ in the reply. The reply command will contain 5 parameters:

If your current client version is less than the minimum safe version, that means MS is forcing a mandatory update or to update security holes..

Example using version 6.0.0602 of the official client

>>> CVR 2 0x0409 win 4.10 i386 MSNMSGR 5.0.0544 MSMSGS example@passport.com\r\n
<<< CVR 2 6.0.0602 6.0.0602 1.0.0000 http://download.microsoft.com/download/8/a/4/8a42bcae-f533-4468-b871-d2bc8dd32e9e/SETUP9x.EXE http://messenger.msn.com\r\n


Authentication

Initial USR

After receiving the response to CVR, you must send the USR command. It has a TrID.

If the server does not like your USR, it will close the connection with no reply, or possibly send an error first, Error 911 is sent when sending invalid account names such as "hotmail.com".

Sometimes, when the server is having problems or is down for maintenance, it will reply with an error instead of logging you in. Some possible errors include error 500, error 601, error 910, and error 921.

Otherwise, the server will either respond with a XFR (transferring you to another notification server) or a subsequent USR.

< USR 3 TWN I example@passport.com\r\n

XFR

When talking to the Dispatch server, it will always respond to the initial USR with an XFR. Other Notification servers very rarely send XFR - presumably, they send it when they are overloaded or going down for maintenance. Be prepared to gracefully handle this weird situation!

The XFR command will have the same TrID as the previous USR and four parameters.

Example USR command and XFR reply

< USR 2 TWN I example@passport.com\r\n
> XFR 2 NS 207.46.106.145:1863 0 207.46.104.20:1863\r\n

After you receive the XFR, the server will close the connection. You must connect to the specified notification server and start the login process again. There is no communication between notification servers, so you could specify a different protocol version, name and so on when logging into the new notification server.

Subsequent USR

After negotiating the MSN protocol version and redirecting to a proper Notification server, the server will send a subsequent USR. It is a standard command with 3 parameters.

< USR 3 TWN I example@passport.com\r\n
> USR 3 TWN S lc=1033,id=507,tw=40,fs=1,ru=http%3A%2F%2Fmessenger%2Emsn%2Ecom,ct=1062764229,kpp=1,kv=5,ver=2.1.0173.1,tpf=43f8a4c8ed940c04e3740be46c4d1619\r\n

Tweener (TWN) Authentication

Now the client must actually authenticate with the server, in MSNP11 this is done with Tweener which is MSN Messengers method of tying into the Microsoft .NET Passport system.

Final USR

After getting your ticket, you must send the final USR command. It has a TrID, the first parameter is TWN, the second parameter is S, and the third parameter is your ticket.

If the ticket is correct, the server will respond with a USR with OK as the first parameter, your account name as the second parameter, your URL-encoded display name as the third parameter, 0 or 1 as the fourth parameter, and 0 as the fifth. The fourth parameter represents whether or not your Passport has been verified (1 is true, 0 is false). We don't yet know what the fifth parameter means.

If your your ticket is incorrect, the server will respond with error 911 and close the connection. If anything else is wrong (including an invalid digest size), the server will close the connection with no error.

Sometimes, when the server is having problems or is down for maintenance, it will reply with an error instead of logging you in. Some possible errors include error 500, error 601, error 910, and error 921.

Example Session

Client connects to the Dispatch server
>>> VER 1 MSNP11 CVR0\r\n <<< VER 1 MSNP11 CVR0\r\n
>>> CVR 2 0x0409 win 4.10 i386 MSNMSGR 5.0.0544 MSMSGS example@passport.com\r\n <<< CVR 2 6.0.0602 6.0.0602 1.0.0000 http://download.microsoft.com/download/8/a/4/8a42bcae-f533-4468-b871-d2bc8dd32e9e/SETUP9x.EXE http://messenger.msn.com\r\n
>>> USR 3 TWN I example@passport.com\r\n <<< XFR 3 NS 207.46.106.35:1863 0 207.46.104.20:1863\r\n
Client closes connection and connects to 207.46.106.35, port 1863
>>> VER 1 MSNP11 CVR0\r\n <<< VER 1 MSNP11 CVR0\r\n
>>> CVR 2 0x0409 win 4.10 i386 MSNMSGR 5.0.0544 MSMSGS example@passport.com\r\n <<< CVR 2 6.0.0602 6.0.0602 1.0.0000 http://download.microsoft.com/download/8/a/4/8a42bcae-f533-4468-b871-d2bc8dd32e9e/SETUP9x.EXE http://messenger.msn.com\r\n
>>> USR 3 TWN I example@passport.com\r\n <<< USR 3 TWN S lc=1033,id=507,tw=40,fs=1,ru=http%3A%2F%2Fmessenger%2Emsn%2Ecom,ct=1062764229,kpp=1,kv=5,ver=2.1.0173.1,tpf=43f8a4c8ed940c04e3740be46c4d1619\r\n
Client authenticates with Tweener
>>> USR 4 TWN S t=53*1hAu8ADuD3TEwdXoOMi08sD*2!cMrntTwVMTjoB3p6stWTqzbkKZPVQzA5NOt19SLI60PY!b8K4YhC!Ooo5ug$$&p=5eKBBC!yBH6ex5mftp!a9DrSb0B3hU8aqAWpaPn07iCGBw5akemiWSd7t2ot!okPvIR!Wqk!MKvi1IMpxfhkao9wpxlMWYAZ!DqRfACmyQGG112Bp9xrk04!BVBUa9*H9mJLoWw39m63YQRE1yHnYNv08nyz43D3OnMcaCoeSaEHVM7LpR*LWDme29qq2X3j8N\r\n <<< USR 4 OK example@passport.com example%20display%20name 1 0\r\n
Personal tools
Namespaces
Variants
Actions
Windows Live Network Protocol
Windows Live Client Protocol
Reference
Toolbox