Opened 11 years ago

Closed 9 years ago

#5325 closed defect

QQ protocol version too old

Reported by: themadhatter Owned by: csyfek
Milestone: Component: QQ
Version: Keywords: QQ protocol
Cc: ccpaging@…, Universe_JDJ, huanglijun.3

Description

Dear Pidgin developers,

I think this is a known issue, but I cannot find a relevant ticket.

When attempting to connect to QQ, the debug log looks like this (on the latest mtn head):

(12:50:52) account: Connecting to account <NO SPAM PLEASE>
(12:50:52) connection: Connecting. gc = 0x8931b08
(12:50:52) dns: DNS query for 'tcpconn3.tencent.com' queued
(12:50:52) dns: Created new DNS child 13591, there are now 1 children.
(12:50:52) dns: Successfully sent DNS request to child 13591
(12:50:52) dns: Got response for 'tcpconn3.tencent.com'
(12:50:52) dnsquery: IP resolved for tcpconn3.tencent.com
(12:50:52) proxy: Attempting connection to 58.60.14.199
(12:50:52) proxy: Connecting to tcpconn3.tencent.com:8000 with no proxy
(12:50:52) proxy: Connection in progress
(12:50:52) proxy: Connected to tcpconn3.tencent.com:8000.
(12:50:52) QQ: ==> [24336] QQ_CMD_REQUEST_LOGIN_TOKEN, from (QQ unknown version)
(12:50:52) QQ: ack [24336] QQ_CMD_REQUEST_LOGIN_TOKEN, remove from sendqueue
(12:50:52) QQ: <<< got a token with 24 bytes -> [default] decrypt and dump
0000:  54 D5 C7 C2 F4 E5 5E 80 7D 7E 8B 6C 15 49 C3 DA  TUGBte^.}~.l.ICZ
0016:  42 76 6E 62 4F 0D 94 AB                          BvnbO..+
(12:50:53) QQ: ==> [24337] QQ_CMD_LOGIN, from (QQ unknown version)
(12:50:53) QQ: ack [24337] QQ_CMD_LOGIN, remove from sendqueue
(12:50:53) QQ: Decrypt login reply packet with inikey, 11 bytes
(12:50:53) QQ: Redirected to new server: 58.61.34.24:80
(12:50:53) QQ: 0 packets in sendqueue are freed!
(12:50:53) QQ: 0 group packets are freed!
(12:50:53) QQ: 0 groups are freed
(12:50:53) QQ: 0 add buddy requests are freed!
(12:50:53) QQ: 0 info queries are freed!
(12:50:53) QQ: 0 qq_buddy structures are freed!
(12:50:53) dns: DNS query for '58.61.34.24' queued
(12:50:53) dns: Created new DNS child 13593, there are now 1 children.
(12:50:53) dns: Successfully sent DNS request to child 13593
(12:50:53) dns: Got response for '58.61.34.24'
(12:50:53) dnsquery: IP resolved for 58.61.34.24
(12:50:53) proxy: Attempting connection to 58.61.34.24
(12:50:53) proxy: Connecting to 58.61.34.24:80 with no proxy
(12:50:53) proxy: Connection in progress
(12:50:53) proxy: Connected to 58.61.34.24:80.
(12:50:53) QQ: ==> [02089] QQ_CMD_REQUEST_LOGIN_TOKEN, from (QQ unknown version)
(12:50:53) QQ: ack [02089] QQ_CMD_REQUEST_LOGIN_TOKEN, remove from sendqueue
(12:50:53) QQ: <<< got a token with 24 bytes -> [default] decrypt and dump
0000:  56 48 0F 0B E0 BE 6F 18 7D 32 2E 39 32 75 25 5F  VH..`>o.}2.92u%_
0016:  D3 BC 70 C1 B6 44 0C F2                          S<pA6D.r
(12:50:53) QQ: ==> [02090] QQ_CMD_LOGIN, from (QQ unknown version)
(12:50:53) QQ: ack [02090] QQ_CMD_LOGIN, remove from sendqueue
(12:50:53) QQ: Decrypt login reply packet with inikey, 78 bytes
(12:50:53) QQ: Unknown reply code: 6
(12:50:53) QQ: >>> 88 bytes -> [default] decrypt and dump
0000:  06 C4 FA B5 C4 51 51 B0 E6 B1 BE B9 FD B5 CD A3  .Dz5DQQ0f1>9}5M#
0016:  AC CE AA C1 CB B1 A3 BB A4 C4 FA B5 C4 D5 CA BA  ,N*AK1#;$Dz5DUJ:
0032:  C5 B0 B2 C8 AB A3 AC C7 EB B5 BD 68 74 74 70 3A  E02H+#,Gk5=http:
0048:  2F 2F 69 6D 2E 71 71 2E 63 6F 6D C9 FD BC B6 B5  //im.qq.comI}<65
0064:  BD D7 EE D0 C2 B0 E6 B5 C4 51 51 A1 A3 00        =WnPB0f5DQQ!#.
(12:50:53) QQ: Try extract GB msg: 您的QQ版本过低,为了保护您的帐号安全,请到http://im.qq.com升级到最新版的QQ。
(12:50:53) account: Disconnecting account 0x817d860
(12:50:53) connection: Disconnecting connection 0x8931b08
(12:50:53) QQ: 0 packets in sendqueue are freed!
(12:50:53) QQ: 0 group packets are freed!
(12:50:53) QQ: 0 groups are freed
(12:50:53) QQ: 0 add buddy requests are freed!
(12:50:53) QQ: 0 info queries are freed!
(12:50:53) QQ: 0 qq_buddy structures are freed!

The important feature here is:

(12:50:53) QQ: Try extract GB msg: 您的QQ版本过低,为了保护您的帐号安全,请到http://im.qq.com升级到最新版的QQ。

Which, being translated, reads: Your version of QQ is too old. To ensure your account's safety, your login has been denied. Please upgrade your version of QQ at http://im.qq.com.

For QQ users, this is prohibitive.

Kind Regards, Matthew

Change History (35)

comment:1 Changed 11 years ago by Sim-on

  • Milestone set to 2.4.1

i dont find another ticket, too. But i think this is an important issue!

comment:2 Changed 11 years ago by emilal

Tencent with latest version of TM 2007 changed internally the protocol for some users. I'm thinking they consecutively will replace the old QQ messengers with the new TM, now in preview stage http://pcsofts.cn/internet/tm-2008-preview2-beta-2.html

If somebody try to log in an account (that requests captcha verification) will see with some sniffer tool (Wireshark for example) different packets from existing now. Pidgin does not supprt such users.

You can try to login couple of time with wrong password, till recceive the captcha verification screen in TM 2008. When you re-enable the account, the captcha is still requested from Tencent, and libpurple returns "Can not login" error.

The new QQ_CLIENT mow is 0x140f - but is not enough, because packet are changed. Do somebody have idea what happened now?

comment:3 Changed 11 years ago by rlaager

  • Owner changed from seanegan to csyfek

comment:4 Changed 11 years ago by csyfek

  • Cc ccpaging@… added
  • Keywords QQ protocol added
  • priority changed from minor to critical
  • Status changed from new to assigned

comment:5 Changed 11 years ago by csyfek

yes, next step, we'll try to fix the protocols.

comment:6 Changed 11 years ago by csyfek

  • Milestone set to 2.5.0

comment:7 Changed 11 years ago by themadhatter

It will be nice to have QQ working again. I hope this IS ready by 2.5.0!

Thanks csyfek!

Matthew

comment:8 Changed 11 years ago by csyfek

Matthew: Don't thank me, thank all the members of OpenQ Google Group. :D Yes, when we finished the 06-patch, a usable OpenQ will appear again.

comment:9 Changed 11 years ago by themadhatter

Hurrah... QQ works again for me! Thanks OpenQ Google Group :P.

Kind Regards, Matthew

comment:10 Changed 11 years ago by themadhatter

Is there are a reason that this bug is still listed against 2.5.0?

comment:11 Changed 11 years ago by chenxq

Hi:

When will the support for new QQ protocol be merged into pidgin?How can I get a beta test? Download code from svn and compile, can I?

comment:12 Changed 11 years ago by csyfek

we don't want to lie heavy to the server of pidgin, so please visit our developer web site, http://groups.google.com/group/openq there you can download the latest openq source code. thanks!

comment:13 Changed 11 years ago by phroggie

Quoting from an email that was probably meant to go here:

We are pushing qq protocol to version 2006. It is next generation's target. QQ protocol version is always too old since TX update 2-3 times once a year.

comment:14 Changed 11 years ago by emilal

2006 Tencent protocol is too old and obsolate. I provided you working version of 2007, including captcha verification, which code is based on LumaQQ open source. Why you don't implement these changes?

comment:15 Changed 11 years ago by csyfek

emilal: Ah? I haven't received your code. Have you sent your code to me? please check your outgoing emails.

comment:16 Changed 11 years ago by emilal

csyfek, can you send me your email, please?

comment:17 Changed 11 years ago by csyfek

Emilal: Get it! Thanks for your help! :)

comment:18 Changed 11 years ago by themadhatter

I am not sure if you are already aware, but there is a bug in the current QQ code, such that when you "Set My Information", the fields are scrambled (such that nickname becomes something else, age -> something else, etc).

Also, it no longer displays the QQ level in the popup bubble.

Is this code finalised yet?

Kind Regards, Matthew

comment:19 Changed 11 years ago by ccpaging

We have never tested "Set My Information". May create new ticket for this bug.

The the QQ level in the popup bubble is always ok, It seems QQ server only reply "online" buddy's levels. Please check it again in 2.5.0.

This ticket is not a nice topic. When server said, "QQ version is too lower to login", it is not really mean this version has been closed. When QQ server find client is not in normal, for example, error login procedure, can not decrypt, server will record your IP address, and disable login in a short time for protecting. If use client version 2007/2008, client should get some confirm picture.

The protocol before QQ 2006 can not confirm your client is in safe.

Please conside: http://translate.google.cn/translate?u=http%3A%2F%2Fccpaging.blog.ubuntu.org.cn%2F2008%2F08%2F02%2F%25E5%259C%25A8pidgin%25E7%259A%2584qq%25E9%2587%258C%25E8%25BE%25B9%25E7%25AC%25AC%25E4%25B8%2580%25E6%25AC%25A1%25E7%25A2%25B0%25E4%25B8%258A%25E2%2580%259C%25E6%2582%25A8%25E7%259A%2584qq%25E7%2589%2588%25E6%259C%25AC%25E5%25A4%25AA%25E4%25BD%258E%25EF%25BC%258C%25E6%2597%25A0%25E6%25B3%2595%25E7%2599%25BB%25E5%25BD%2595%2F&sl=zh-CN&tl=en&hl=zh-CN&ie=UTF-8

comment:20 follow-up: Changed 11 years ago by themadhatter

@ccpaging: 你好!谢谢你 for your prompt response. I am using the latest MTN head, and so I am simply reporting a regression which resulted from the latest QQ protocol changes. Should I create a new issue?

上, Matthew (吴文浩)

comment:21 in reply to: ↑ 20 Changed 11 years ago by ccpaging

Replying to themadhatter:

@ccpaging: 你好!谢谢你 for your prompt response. I am using the latest MTN head, and so I am simply reporting a regression which resulted from the latest QQ protocol changes. Should I create a new issue?

上, Matthew (吴文浩)

Please conside to create new ticket like: QQ can not "Set My Information"

comment:22 Changed 11 years ago by dal987

Pidgin can fail to log in to QQ, but does not indicate why as QQ software does.

Using QQ I found

  • to reactivate the account, you have to go to a page in Chinese and enter Chinese characters. (Enter Chinese friend (via email, not QQ!!), stage right...).
  • More.... Even when that has been done, you should be aware that English QQ then continues to prompt on several subsequent logins for you to then enter 4 Roman characters (not Chinese) with more warnings about suspicious use.

I only found out more by using English QQ 2008 beta. That told me my account had been used 'suspiciously'. Prior to this, I hadn't been able to locate a useable English version.

Meanwhile I'm using QQ, - real QQ - but... two programs so far have warned about trojans in it..

(I've added this here having recently reported this on a now closed thread as this content does not appear here).

It seems Pidgin may stay behind QQ in these things for a long time, as I first lost the ability to log in in June...and it's now September..

Guess you need both Pidgin and QQ..

dal987

comment:23 Changed 11 years ago by dal987

(I should have said I added this info here as I was referred to this thread as duplicating my issue.. dal987)

comment:24 follow-up: Changed 10 years ago by slacka

I can confirm that this is still an issue with Pidgin-2.5.2

(19:35:58) QQ: Try extract GB msg: 您的QQ版本过低,为了保护您的帐号安全,请到http://im.qq.com升级到最新版的QQ

this roughly translates to: Your version of the QQ is too low, in order to protect the security of your account, please http://im.qq.com upgrade to the latest version of the QQ.

comment:25 Changed 10 years ago by dal987

Thanks, after this failure to be able to resolve this login problem, I had to give up on Pidgin on return to the UK in August.

I finally found there is at last a 2008 beta English version of QQ that works well, allows pictures to be sent and received (not supported in pidgin as repoted elsewhere), video, audio..

Previously I'd only been able to find old or odd English versions of QQ which were unsatisfactory.

comment:26 Changed 10 years ago by ccpaging

QQ plugin has been pushed to QQ2007/2008 protocol. The login problem has resolved.

Only for mtn server's problem, the testing code did not release in pidgin 2.5.2.

There are many problems in new protocol, include add buddy, join chat etc. Since QQ2007/2008 change much since QQ2005. It should be a long time to get perfect qq plugin for QQ2007/2008.

comment:27 in reply to: ↑ 24 Changed 10 years ago by ccpaging

Replying to slacka:

I can confirm that this is still an issue with Pidgin-2.5.2

(19:35:58) QQ: Try extract GB msg: 您的QQ版本过低,为了保护您的帐号安全,请到http://im.qq.com升级到最新版的QQ

this roughly translates to: Your version of the QQ is too low, in order to protect the security of your account, please http://im.qq.com upgrade to the latest version of the QQ.

The message is come from QQ Server in Chinese. It may be changed any time. If display another english message, we may lost something.

comment:28 follow-up: Changed 10 years ago by huanglijun.3

I am a Fedora 10 user. this issue is not fixed on Pidgin 2.5.3-1.fc11

comment:29 in reply to: ↑ 28 Changed 10 years ago by huanglijun.3

Replying to huanglijun.3:

I am a Fedora 10 user. this issue is not fixed on Pidgin 2.5.3-1.fc11

Oh. my mistake on Pidgin 2.5.3-1.fc11 QQ is available if set Client Verison *QQ2008* but now the default setting is *QQ2005*,

comment:30 Changed 10 years ago by Smaller X

But now,Tecent maybe change the protocol in QQ2009.Because when my pidgin login ,I will receive the msg like "this version is too old".I want to know how to set the version string in the pidgin code? Thank you!

comment:31 Changed 10 years ago by Smaller X

I am a soft engineer ,I want to join in the OpenQ develepment project? What should do I?

comment:32 Changed 10 years ago by csyfek

Hi Smaller X,

It is no use only changing the version string of OpenQ. Join us at: http://groups.google.com/group/openq :)

comment:33 Changed 10 years ago by bernmeister

Does this mean QQ in Pidgin is now dead/defunct?

comment:34 Changed 9 years ago by Robby

  • Status changed from new to pending

Does this remain an issue?

comment:35 Changed 9 years ago by trac-robot

  • Status changed from pending to closed

This ticket was closed automatically by the system. It was previously set to a Pending status and hasn't been updated within 14 days.

Note: See TracTickets for help on using tickets.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!