Re: AIM login

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: AIM login

dequis
Hey Donald!

As you may have heard we already released pidgin 2.12.0 (together with libpurple and finch 2.12.0), updating the distid/devids.

Here's what we used:

Pidgin:
Distid: 1715
Devid: do1UCeb5gNqxB1S1

Libpurple:
Distid: 1717
Devid: ma19CwYN9i9Mw5nY

Finch:
Distid: 1718
Devid: ma18nmEklXMR7Cj_

The first two are normal.

The third said in the original email "No usage since August 2014 so no need new DistID and DevID", which is clearly wrong. There's also that "another libpurple" with distid 1502 which doesn't match any client we own, and we don't know how you found that one.

So for the sake of avoiding a roundtrip in our communication and getting the release packaged ASAP, we went ahead and used the remaining 1718 distid for finch.

This looks like it was a mistake, since we're now getting "Method not allowed - clientLogin Not Allowed for this devId" errors in finch.

Did the 1718 distid get invalidated? Can you re-enable it so that we don't have to make another release?

Thanks

On 27 January 2017 at 01:54, Donald Le <[hidden email]> wrote:
All,

My comments are inline.

Thanks,

Donald Le
Tech Director | Product Management and Support AIM Platform
O: 703-265-5645 | M: 703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Thu, Oct 27, 2016 at 8:45 AM, Donald Le <[hidden email]> wrote:
All,

Quick update: we had to delay AIM client upgrade due to other integration, the date is tbd.
I will answer your questions in the coming weeks.


Thanks,

Donald Le
Tech Director | Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Fri, Oct 14, 2016 at 2:58 AM, dequis <[hidden email]> wrote:
Hi, I have a couple of questions, since there may have been a
misunderstanding here.

Pidgin currently supports three auth methods for AIM:

- MD5 using slogin.oscar.aol.com. Uses the DistID, does not use the DevID

<Donald> All DistID used for login.oscar.aol.com and slogin.oscar.aol.com will be blocked. The date is tbd and AIM client upgrade will start Feb 24th 2017.

- clientLogin aka OpenAuth using
api.screenname.aol.com/auth/clientLogin. Uses DistID and DevID. Has
been the default setting for pidgin releases since 2009

<Donald> This login path will stay but you need to update the DistID and DevID. We will give you a new set.

- Kerberos using kdc.uas.aol.com. Uses DistID and DevID. Introduced in
pidgin 2.11.0, released four months ago.

<Donald> Same as above with OpenAuth.

If I'm understanding this right, the first method is being
discontinued and the other two will continue working. It's possible a
lot of users are using that - the account setting is a bit too
visible, so users might just switch to it for the sake of changing
settings. But as far as I can see, pidgin with the default
configuration won't stop working.

<Donald> If Pidgin uses DistID = 1502 or 0, the login will be blocked.

What I don't understand is why we're changing the DistID and DevID.
I'm 90% sure that clientlogin sends both in the same way as the
official client. Did the previous ones get invalidated?

<Donald> Yes.

We're currently using these:

Pidgin
DistID: 1550
DevID: ma1cSASNCKFtrdv9

<Donald> I reached out to Pidgin, see below.
 
From: Donald Le <[hidden email]>
Date: Thu, Sep 22, 2016 at 6:20 PM
Subject: Re: AIM login
To: Richard Vickery <[hidden email]>, [hidden email], Pidgin Support List <[hidden email]>

new DevID = do1UCeb5gNqxB1S1
new distID = 1715


Finch:
DistID: 1552
DevID: ma19sqWV9ymU6UYc

<Donald> No usage since August 2014 so no need new DistID and DevID.

Libpurple:
DistID: 1553
DevID: ma15d7JTxbmVG-RP

<Donald> new DistID = 1717, new DevID = ma19CwYN9i9Mw5nY

I found another Libpurple
DistID: 1502 with no DevID >> new DistID = 1718, new DevID =
ma18nmEklXMR7Cj_

The source code says they are owned by the AIM account "markdoliner".

Are these still valid? If they are, I think you can go ahead and pull
the plug of the old auth method.

Thanks


On 14 October 2016 at 01:11, Gary Kramlich <[hidden email]> wrote:
> Hi Donald,
>
> This is Gary Kramlich the current maintainer of Pidgin.  Please excuse
> my tardiness in this matter as I haven't had much time to dedicate to
> Pidgin in the past few weeks.
>
> That said.  We are staging a new version which will have this updates,
> but we will most likely miss the 20161016 date.  If we could get that
> extended it would be great.
>
> Also our code base has contains two clients that connect to AIM and as
> I've learned recently they do not share keys.  The other clients name
> is Finch and if we could get a set of keys for it that would be
> awesome.  Otherwise we'll just reuse the Pidgin ones for the time
> being.
>
> Also is there a web portal or something where we can manage this keys?
>  If so, please respond to me directly as I assume we'll want to
> control access to it.
>
> Thanks,
>
> --
> Gary Kramlich <[hidden email]>
>
> _______________________________________________
> [hidden email] mailing list
> Want to unsubscribe?  Use this link:
> https://pidgin.im/cgi-bin/mailman/listinfo/support




_______________________________________________
Devel mailing list
[hidden email]
https://pidgin.im/cgi-bin/mailman/listinfo/devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: AIM login

dequis
Hi, can confirm that finch is fixed now, thank you!

That issue with pidgin 2.12.0 is really odd! I just tested both windows installers (online and offline) and they seem fine. We did have one user reporting a similar issue, but we couldn't reproduce it or explain it.

Please verify the version with buddy list -> help menu -> about, the first line should say "Pidgin 2.12.0 (libpurple 2.12.0)" followed by "unknown". Also, help menu -> plugin information should say 2.12.0 for the AIM plugin. That kind of mixup is rare but who knows!

You can also enable extra debug by opening cmd.exe and doing "set PURPLE_UNSAFE_DEBUG=1" before executing pidgin.

Then open help menu -> debug window and connect the account. This is what I get:

[...]
(12:27:52) certificate: Successfully verified certificate for api.screenname.aol.com
(12:27:52) util: Request: 'POST /auth/clientLogin HTTP/1.0
Connection: close
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 85
 
devId=do1UCeb5gNqxB1S1&f=xml&pwd=[password]&s=dx%40dxzone.com.ar'
(12:27:53) util: Response headers: 'HTTP/1.1 200 OK
[...]
(12:27:53) util: requested to fetch (https://api.oscar.aol.com/aim/startOSCARSession?a=[access token]&distId=1715&f=xml&k=do1UCeb5gNqxB1S1&ts=1489418868&useTLS=1&sig_sha256=[signature]), full=1, user_agent=((null)), http11=0

So as far as I can see everything is fine. I hope that helps narrow it down.

By the way, is the message supposed to be shown on every login from a legacy auth method? I don't see it when I intentionally set pidgin to connect to "login.oscar.aol.com" with "don't use encryption" and "MD5-based" - it just succeeds without complaining.

By the way, slogin.oscar.aol.com is down but login.oscar.aol.com isn't. I thought slogin.oscar.aol.com was supposed to die at the end of this month. I think that's breaking adium (mac OS X pidgin derivative) and we still haven't managed to contact their devs to fix it. So what is the fate of slogin supposed to be?

Thanks.

On 13 March 2017 at 09:38, Donald Le <[hidden email]> wrote:
Hi again,

I download Pidgin 2.12.0 and test login.

The "new" distID and devID were not used, and I received the upgrade message.
The client is still on the old distID and NO devID.
Could you double-check?

LSI: PLOT  4224.8888   1502    10.172.189.32   Mon Mar 13 08:02:11 2017  bos_srv-l014b        Mon Mar 13 08:20:19 2017 bos_srv-l014b                                      
LSI: PLOT  4224.8888   1502    10.172.189.32   Mon Mar 13 07:43:23 2017  bos_srv-l014b        Mon Mar 13 07:49:22 2017 bos_srv-l014b

Thanks,

Donald Le
Product Management and Support AIM Platform
O: 703-265-5645 | M: 703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Mon, Mar 13, 2017 at 7:33 AM, Donald Le <[hidden email]> wrote:
Hi,

The third said in the original email "No usage since August 2014 so no need new DistID and DevID", which is clearly wrong. There's also that "another libpurple" with distid 1502 which doesn't match any client we own, and we don't know how you found that one.
I can't explain but you did the right thing to use 1718 for Finch.

Did the 1718 distid get invalidated? Can you re-enable it so that we don't have to make another release?
Please try again now and let me know, I correct a typo in the devID just now.

Thanks,

Donald Le
Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Sun, Mar 12, 2017 at 1:25 PM, dequis <[hidden email]> wrote:
Hey Donald!

As you may have heard we already released pidgin 2.12.0 (together with libpurple and finch 2.12.0), updating the distid/devids.

Here's what we used:

Pidgin:
Distid: 1715
Devid: do1UCeb5gNqxB1S1

Libpurple:
Distid: 1717
Devid: ma19CwYN9i9Mw5nY

Finch:
Distid: 1718
Devid: ma18nmEklXMR7Cj_

The first two are normal.

The third said in the original email "No usage since August 2014 so no need new DistID and DevID", which is clearly wrong. There's also that "another libpurple" with distid 1502 which doesn't match any client we own, and we don't know how you found that one.

So for the sake of avoiding a roundtrip in our communication and getting the release packaged ASAP, we went ahead and used the remaining 1718 distid for finch.

This looks like it was a mistake, since we're now getting "Method not allowed - clientLogin Not Allowed for this devId" errors in finch.

Did the 1718 distid get invalidated? Can you re-enable it so that we don't have to make another release?

Thanks

On 27 January 2017 at 01:54, Donald Le <[hidden email]> wrote:
All,

My comments are inline.

Thanks,

Donald Le
Tech Director | Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Thu, Oct 27, 2016 at 8:45 AM, Donald Le <[hidden email]> wrote:
All,

Quick update: we had to delay AIM client upgrade due to other integration, the date is tbd.
I will answer your questions in the coming weeks.


Thanks,

Donald Le
Tech Director | Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Fri, Oct 14, 2016 at 2:58 AM, dequis <[hidden email]> wrote:
Hi, I have a couple of questions, since there may have been a
misunderstanding here.

Pidgin currently supports three auth methods for AIM:

- MD5 using slogin.oscar.aol.com. Uses the DistID, does not use the DevID

<Donald> All DistID used for login.oscar.aol.com and slogin.oscar.aol.com will be blocked. The date is tbd and AIM client upgrade will start Feb 24th 2017.

- clientLogin aka OpenAuth using
api.screenname.aol.com/auth/clientLogin. Uses DistID and DevID. Has
been the default setting for pidgin releases since 2009

<Donald> This login path will stay but you need to update the DistID and DevID. We will give you a new set.

- Kerberos using kdc.uas.aol.com. Uses DistID and DevID. Introduced in
pidgin 2.11.0, released four months ago.

<Donald> Same as above with OpenAuth.

If I'm understanding this right, the first method is being
discontinued and the other two will continue working. It's possible a
lot of users are using that - the account setting is a bit too
visible, so users might just switch to it for the sake of changing
settings. But as far as I can see, pidgin with the default
configuration won't stop working.

<Donald> If Pidgin uses DistID = 1502 or 0, the login will be blocked.

What I don't understand is why we're changing the DistID and DevID.
I'm 90% sure that clientlogin sends both in the same way as the
official client. Did the previous ones get invalidated?

<Donald> Yes.

We're currently using these:

Pidgin
DistID: 1550
DevID: ma1cSASNCKFtrdv9

<Donald> I reached out to Pidgin, see below.
 
From: Donald Le <[hidden email]>
Date: Thu, Sep 22, 2016 at 6:20 PM
Subject: Re: AIM login
To: Richard Vickery <[hidden email]>, [hidden email], Pidgin Support List <[hidden email]>

new DevID = do1UCeb5gNqxB1S1
new distID = 1715


Finch:
DistID: 1552
DevID: ma19sqWV9ymU6UYc

<Donald> No usage since August 2014 so no need new DistID and DevID.

Libpurple:
DistID: 1553
DevID: ma15d7JTxbmVG-RP

<Donald> new DistID = 1717, new DevID = ma19CwYN9i9Mw5nY

I found another Libpurple
DistID: 1502 with no DevID >> new DistID = 1718, new DevID =
ma18nmEklXMR7Cj_

The source code says they are owned by the AIM account "markdoliner".

Are these still valid? If they are, I think you can go ahead and pull
the plug of the old auth method.

Thanks


On 14 October 2016 at 01:11, Gary Kramlich <[hidden email]> wrote:
> Hi Donald,
>
> This is Gary Kramlich the current maintainer of Pidgin.  Please excuse
> my tardiness in this matter as I haven't had much time to dedicate to
> Pidgin in the past few weeks.
>
> That said.  We are staging a new version which will have this updates,
> but we will most likely miss the 20161016 date.  If we could get that
> extended it would be great.
>
> Also our code base has contains two clients that connect to AIM and as
> I've learned recently they do not share keys.  The other clients name
> is Finch and if we could get a set of keys for it that would be
> awesome.  Otherwise we'll just reuse the Pidgin ones for the time
> being.
>
> Also is there a web portal or something where we can manage this keys?
>  If so, please respond to me directly as I assume we'll want to
> control access to it.
>
> Thanks,
>
> --
> Gary Kramlich <[hidden email]>
>
> _______________________________________________
> [hidden email] mailing list
> Want to unsubscribe?  Use this link:
> https://pidgin.im/cgi-bin/mailman/listinfo/support







_______________________________________________
Devel mailing list
[hidden email]
https://pidgin.im/cgi-bin/mailman/listinfo/devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: AIM login

Robert Vehse-3
Hi,

[…]

> By the way, slogin.oscar.aol.com is down but login.oscar.aol.com isn't. I thought slogin.oscar.aol.com was supposed to die at the end of this month. I think that's breaking adium (mac OS X pidgin derivative) and we still haven't managed to contact their devs to fix it. So what is the fate of slogin supposed to be?

As far as I know Eric, Adium's Project Manager (https://trac.adium.im/wiki/edr1084), has tried to contact Donald Le via email on multiple occasions but hasn't received a response yet.

Regards,
Robbie
_______________________________________________
Devel mailing list
[hidden email]
https://pidgin.im/cgi-bin/mailman/listinfo/devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: AIM login

Eric Richie-3
Just got a response from him this afternoon. Following up.

-Eric

Sent from my iPhone

> On Mar 13, 2017, at 4:38 PM, Robert Vehse <[hidden email]> wrote:
>
> Hi,
>
> […]
>
>> By the way, slogin.oscar.aol.com is down but login.oscar.aol.com isn't. I thought slogin.oscar.aol.com was supposed to die at the end of this month. I think that's breaking adium (mac OS X pidgin derivative) and we still haven't managed to contact their devs to fix it. So what is the fate of slogin supposed to be?
>
> As far as I know Eric, Adium's Project Manager (https://trac.adium.im/wiki/edr1084), has tried to contact Donald Le via email on multiple occasions but hasn't received a response yet.
>
> Regards,
> Robbie
> _______________________________________________
> Devel mailing list
> [hidden email]
> https://pidgin.im/cgi-bin/mailman/listinfo/devel

_______________________________________________
Devel mailing list
[hidden email]
https://pidgin.im/cgi-bin/mailman/listinfo/devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: AIM login

Eion Robb-3
In reply to this post by dequis
Hi Donald,

We've heard through a few of our support channels that you're still seeing people not using the correct details when they're logging into AIM from Pidgin.

Dequis emailed you last month with the urls that we're fetching that are indeed showing distId=1715 and devId=do1UCeb5gNqxB1S1 - he also asked if you could send through the details of your Pidgin version that you were testing with.

Are you able to confirm which auth URLs we should be using so we can try track down why you're not seeing the updated distId/devId?

Cheers,
Eion

On 14 March 2017 at 05:01, dequis <[hidden email]> wrote:
Hi, can confirm that finch is fixed now, thank you!

That issue with pidgin 2.12.0 is really odd! I just tested both windows installers (online and offline) and they seem fine. We did have one user reporting a similar issue, but we couldn't reproduce it or explain it.

Please verify the version with buddy list -> help menu -> about, the first line should say "Pidgin 2.12.0 (libpurple 2.12.0)" followed by "unknown". Also, help menu -> plugin information should say 2.12.0 for the AIM plugin. That kind of mixup is rare but who knows!

You can also enable extra debug by opening cmd.exe and doing "set PURPLE_UNSAFE_DEBUG=1" before executing pidgin.

Then open help menu -> debug window and connect the account. This is what I get:

[...]
(12:27:52) certificate: Successfully verified certificate for api.screenname.aol.com
(12:27:52) util: Request: 'POST /auth/clientLogin HTTP/1.0
Connection: close
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 85
 
devId=do1UCeb5gNqxB1S1&f=xml&pwd=[password]&s=dx%40dxzone.com.ar'
(12:27:53) util: Response headers: 'HTTP/1.1 200 OK
[...]
(12:27:53) util: requested to fetch (https://api.oscar.aol.com/aim/startOSCARSession?a=[access token]&distId=1715&f=xml&k=do1UCeb5gNqxB1S1&ts=1489418868&useTLS=1&sig_sha256=[signature]), full=1, user_agent=((null)), http11=0

So as far as I can see everything is fine. I hope that helps narrow it down.

By the way, is the message supposed to be shown on every login from a legacy auth method? I don't see it when I intentionally set pidgin to connect to "login.oscar.aol.com" with "don't use encryption" and "MD5-based" - it just succeeds without complaining.

By the way, slogin.oscar.aol.com is down but login.oscar.aol.com isn't. I thought slogin.oscar.aol.com was supposed to die at the end of this month. I think that's breaking adium (mac OS X pidgin derivative) and we still haven't managed to contact their devs to fix it. So what is the fate of slogin supposed to be?

Thanks.

On 13 March 2017 at 09:38, Donald Le <[hidden email]> wrote:
Hi again,

I download Pidgin 2.12.0 and test login.

The "new" distID and devID were not used, and I received the upgrade message.
The client is still on the old distID and NO devID.
Could you double-check?

LSI: PLOT  4224.8888   1502    10.172.189.32   Mon Mar 13 08:02:11 2017  bos_srv-l014b        Mon Mar 13 08:20:19 2017 bos_srv-l014b                                      
LSI: PLOT  4224.8888   1502    10.172.189.32   Mon Mar 13 07:43:23 2017  bos_srv-l014b        Mon Mar 13 07:49:22 2017 bos_srv-l014b

Thanks,

Donald Le
Product Management and Support AIM Platform
O: 703-265-5645 | M: 703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Mon, Mar 13, 2017 at 7:33 AM, Donald Le <[hidden email]> wrote:
Hi,

The third said in the original email "No usage since August 2014 so no need new DistID and DevID", which is clearly wrong. There's also that "another libpurple" with distid 1502 which doesn't match any client we own, and we don't know how you found that one.
I can't explain but you did the right thing to use 1718 for Finch.

Did the 1718 distid get invalidated? Can you re-enable it so that we don't have to make another release?
Please try again now and let me know, I correct a typo in the devID just now.

Thanks,

Donald Le
Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Sun, Mar 12, 2017 at 1:25 PM, dequis <[hidden email]> wrote:
Hey Donald!

As you may have heard we already released pidgin 2.12.0 (together with libpurple and finch 2.12.0), updating the distid/devids.

Here's what we used:

Pidgin:
Distid: 1715
Devid: do1UCeb5gNqxB1S1

Libpurple:
Distid: 1717
Devid: ma19CwYN9i9Mw5nY

Finch:
Distid: 1718
Devid: ma18nmEklXMR7Cj_

The first two are normal.

The third said in the original email "No usage since August 2014 so no need new DistID and DevID", which is clearly wrong. There's also that "another libpurple" with distid 1502 which doesn't match any client we own, and we don't know how you found that one.

So for the sake of avoiding a roundtrip in our communication and getting the release packaged ASAP, we went ahead and used the remaining 1718 distid for finch.

This looks like it was a mistake, since we're now getting "Method not allowed - clientLogin Not Allowed for this devId" errors in finch.

Did the 1718 distid get invalidated? Can you re-enable it so that we don't have to make another release?

Thanks

On 27 January 2017 at 01:54, Donald Le <[hidden email]> wrote:
All,

My comments are inline.

Thanks,

Donald Le
Tech Director | Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Thu, Oct 27, 2016 at 8:45 AM, Donald Le <[hidden email]> wrote:
All,

Quick update: we had to delay AIM client upgrade due to other integration, the date is tbd.
I will answer your questions in the coming weeks.


Thanks,

Donald Le
Tech Director | Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Fri, Oct 14, 2016 at 2:58 AM, dequis <[hidden email]> wrote:
Hi, I have a couple of questions, since there may have been a
misunderstanding here.

Pidgin currently supports three auth methods for AIM:

- MD5 using slogin.oscar.aol.com. Uses the DistID, does not use the DevID

<Donald> All DistID used for login.oscar.aol.com and slogin.oscar.aol.com will be blocked. The date is tbd and AIM client upgrade will start Feb 24th 2017.

- clientLogin aka OpenAuth using
api.screenname.aol.com/auth/clientLogin. Uses DistID and DevID. Has
been the default setting for pidgin releases since 2009

<Donald> This login path will stay but you need to update the DistID and DevID. We will give you a new set.

- Kerberos using kdc.uas.aol.com. Uses DistID and DevID. Introduced in
pidgin 2.11.0, released four months ago.

<Donald> Same as above with OpenAuth.

If I'm understanding this right, the first method is being
discontinued and the other two will continue working. It's possible a
lot of users are using that - the account setting is a bit too
visible, so users might just switch to it for the sake of changing
settings. But as far as I can see, pidgin with the default
configuration won't stop working.

<Donald> If Pidgin uses DistID = 1502 or 0, the login will be blocked.

What I don't understand is why we're changing the DistID and DevID.
I'm 90% sure that clientlogin sends both in the same way as the
official client. Did the previous ones get invalidated?

<Donald> Yes.

We're currently using these:

Pidgin
DistID: 1550
DevID: ma1cSASNCKFtrdv9

<Donald> I reached out to Pidgin, see below.
 
From: Donald Le <[hidden email]>
Date: Thu, Sep 22, 2016 at 6:20 PM
Subject: Re: AIM login
To: Richard Vickery <[hidden email]>, [hidden email], Pidgin Support List <[hidden email]>

new DevID = do1UCeb5gNqxB1S1
new distID = 1715


Finch:
DistID: 1552
DevID: ma19sqWV9ymU6UYc

<Donald> No usage since August 2014 so no need new DistID and DevID.

Libpurple:
DistID: 1553
DevID: ma15d7JTxbmVG-RP

<Donald> new DistID = 1717, new DevID = ma19CwYN9i9Mw5nY

I found another Libpurple
DistID: 1502 with no DevID >> new DistID = 1718, new DevID =
ma18nmEklXMR7Cj_

The source code says they are owned by the AIM account "markdoliner".

Are these still valid? If they are, I think you can go ahead and pull
the plug of the old auth method.

Thanks


On 14 October 2016 at 01:11, Gary Kramlich <[hidden email]> wrote:
> Hi Donald,
>
> This is Gary Kramlich the current maintainer of Pidgin.  Please excuse
> my tardiness in this matter as I haven't had much time to dedicate to
> Pidgin in the past few weeks.
>
> That said.  We are staging a new version which will have this updates,
> but we will most likely miss the 20161016 date.  If we could get that
> extended it would be great.
>
> Also our code base has contains two clients that connect to AIM and as
> I've learned recently they do not share keys.  The other clients name
> is Finch and if we could get a set of keys for it that would be
> awesome.  Otherwise we'll just reuse the Pidgin ones for the time
> being.
>
> Also is there a web portal or something where we can manage this keys?
>  If so, please respond to me directly as I assume we'll want to
> control access to it.
>
> Thanks,
>
> --
> Gary Kramlich <[hidden email]>
>
> _______________________________________________
> [hidden email] mailing list
> Want to unsubscribe?  Use this link:
> https://pidgin.im/cgi-bin/mailman/listinfo/support







_______________________________________________
Devel mailing list
[hidden email]
https://pidgin.im/cgi-bin/mailman/listinfo/devel


_______________________________________________
Devel mailing list
[hidden email]
https://pidgin.im/cgi-bin/mailman/listinfo/devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: AIM login

Mark Zeldis

Donald,

Can you confirm that you made the change last night?  I believe that the MD5 login (and AIM 7.5) are gone. 

Pidgin appears to be working still.  I guess there was no issue after all?  Are we good going forward?

Thanks everyone.

-Mark Zeldis


On Thu, Apr 6, 2017 at 9:05 AM, Donald Le <[hidden email]> wrote:
Eio et al,

I was able to verify with Pidgin 2.12.0, startOSCARSession has the correct info distId=1715&f=xml&k=do1UCeb5gNqxB1S1 but they were not passed through our rules.

Could you add to imApp=Pidgin/2.12.0 the devID? It should read: Pidgin/2.12.0 key=do1UCeb5gNqxB1S1.

Our trace log should read: Got FLAP CLIENT IDENTITY Pidgin/2.12.0 key=do1UCeb5gNqxB1S1
Note:...2.12.0(space)key...


Thanks,

Donald Le
Product Management and Support AIM Platform
O: <a href="tel:(703)%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:(703)%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Mon, Apr 3, 2017 at 10:49 PM, Eion Robb <[hidden email]> wrote:
Hi Donald,

We've heard through a few of our support channels that you're still seeing people not using the correct details when they're logging into AIM from Pidgin.

Dequis emailed you last month with the urls that we're fetching that are indeed showing distId=1715 and devId=do1UCeb5gNqxB1S1 - he also asked if you could send through the details of your Pidgin version that you were testing with.

Are you able to confirm which auth URLs we should be using so we can try track down why you're not seeing the updated distId/devId?

Cheers,
Eion

On 14 March 2017 at 05:01, dequis <[hidden email]> wrote:
Hi, can confirm that finch is fixed now, thank you!

That issue with pidgin 2.12.0 is really odd! I just tested both windows installers (online and offline) and they seem fine. We did have one user reporting a similar issue, but we couldn't reproduce it or explain it.

Please verify the version with buddy list -> help menu -> about, the first line should say "Pidgin 2.12.0 (libpurple 2.12.0)" followed by "unknown". Also, help menu -> plugin information should say 2.12.0 for the AIM plugin. That kind of mixup is rare but who knows!

You can also enable extra debug by opening cmd.exe and doing "set PURPLE_UNSAFE_DEBUG=1" before executing pidgin.

Then open help menu -> debug window and connect the account. This is what I get:

[...]
(12:27:52) certificate: Successfully verified certificate for api.screenname.aol.com
(12:27:52) util: Request: 'POST /auth/clientLogin HTTP/1.0
Connection: close
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 85
 
devId=do1UCeb5gNqxB1S1&f=xml&pwd=[password]&s=dx%40dxzone.com.ar'
(12:27:53) util: Response headers: 'HTTP/1.1 200 OK
[...]
(12:27:53) util: requested to fetch (https://api.oscar.aol.com/aim/startOSCARSession?a=[access token]&distId=1715&f=xml&k=do1UCeb5gNqxB1S1&ts=1489418868&useTLS=1&sig_sha256=[signature]), full=1, user_agent=((null)), http11=0

So as far as I can see everything is fine. I hope that helps narrow it down.

By the way, is the message supposed to be shown on every login from a legacy auth method? I don't see it when I intentionally set pidgin to connect to "login.oscar.aol.com" with "don't use encryption" and "MD5-based" - it just succeeds without complaining.

By the way, slogin.oscar.aol.com is down but login.oscar.aol.com isn't. I thought slogin.oscar.aol.com was supposed to die at the end of this month. I think that's breaking adium (mac OS X pidgin derivative) and we still haven't managed to contact their devs to fix it. So what is the fate of slogin supposed to be?

Thanks.

On 13 March 2017 at 09:38, Donald Le <[hidden email]> wrote:
Hi again,

I download Pidgin 2.12.0 and test login.

The "new" distID and devID were not used, and I received the upgrade message.
The client is still on the old distID and NO devID.
Could you double-check?

LSI: PLOT  4224.8888   1502    10.172.189.32   Mon Mar 13 08:02:11 2017  bos_srv-l014b        Mon Mar 13 08:20:19 2017 bos_srv-l014b                                      
LSI: PLOT  4224.8888   1502    10.172.189.32   Mon Mar 13 07:43:23 2017  bos_srv-l014b        Mon Mar 13 07:49:22 2017 bos_srv-l014b

Thanks,

Donald Le
Product Management and Support AIM Platform
O: <a href="tel:(703)%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:(703)%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Mon, Mar 13, 2017 at 7:33 AM, Donald Le <[hidden email]> wrote:
Hi,

The third said in the original email "No usage since August 2014 so no need new DistID and DevID", which is clearly wrong. There's also that "another libpurple" with distid 1502 which doesn't match any client we own, and we don't know how you found that one.
I can't explain but you did the right thing to use 1718 for Finch.

Did the 1718 distid get invalidated? Can you re-enable it so that we don't have to make another release?
Please try again now and let me know, I correct a typo in the devID just now.

Thanks,

Donald Le
Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Sun, Mar 12, 2017 at 1:25 PM, dequis <[hidden email]> wrote:
Hey Donald!

As you may have heard we already released pidgin 2.12.0 (together with libpurple and finch 2.12.0), updating the distid/devids.

Here's what we used:

Pidgin:
Distid: 1715
Devid: do1UCeb5gNqxB1S1

Libpurple:
Distid: 1717
Devid: ma19CwYN9i9Mw5nY

Finch:
Distid: 1718
Devid: ma18nmEklXMR7Cj_

The first two are normal.

The third said in the original email "No usage since August 2014 so no need new DistID and DevID", which is clearly wrong. There's also that "another libpurple" with distid 1502 which doesn't match any client we own, and we don't know how you found that one.

So for the sake of avoiding a roundtrip in our communication and getting the release packaged ASAP, we went ahead and used the remaining 1718 distid for finch.

This looks like it was a mistake, since we're now getting "Method not allowed - clientLogin Not Allowed for this devId" errors in finch.

Did the 1718 distid get invalidated? Can you re-enable it so that we don't have to make another release?

Thanks

On 27 January 2017 at 01:54, Donald Le <[hidden email]> wrote:
All,

My comments are inline.

Thanks,

Donald Le
Tech Director | Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Thu, Oct 27, 2016 at 8:45 AM, Donald Le <[hidden email]> wrote:
All,

Quick update: we had to delay AIM client upgrade due to other integration, the date is tbd.
I will answer your questions in the coming weeks.


Thanks,

Donald Le
Tech Director | Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Fri, Oct 14, 2016 at 2:58 AM, dequis <[hidden email]> wrote:
Hi, I have a couple of questions, since there may have been a
misunderstanding here.

Pidgin currently supports three auth methods for AIM:

- MD5 using slogin.oscar.aol.com. Uses the DistID, does not use the DevID

<Donald> All DistID used for login.oscar.aol.com and slogin.oscar.aol.com will be blocked. The date is tbd and AIM client upgrade will start Feb 24th 2017.

- clientLogin aka OpenAuth using
api.screenname.aol.com/auth/clientLogin. Uses DistID and DevID. Has
been the default setting for pidgin releases since 2009

<Donald> This login path will stay but you need to update the DistID and DevID. We will give you a new set.

- Kerberos using kdc.uas.aol.com. Uses DistID and DevID. Introduced in
pidgin 2.11.0, released four months ago.

<Donald> Same as above with OpenAuth.

If I'm understanding this right, the first method is being
discontinued and the other two will continue working. It's possible a
lot of users are using that - the account setting is a bit too
visible, so users might just switch to it for the sake of changing
settings. But as far as I can see, pidgin with the default
configuration won't stop working.

<Donald> If Pidgin uses DistID = 1502 or 0, the login will be blocked.

What I don't understand is why we're changing the DistID and DevID.
I'm 90% sure that clientlogin sends both in the same way as the
official client. Did the previous ones get invalidated?

<Donald> Yes.

We're currently using these:

Pidgin
DistID: 1550
DevID: ma1cSASNCKFtrdv9

<Donald> I reached out to Pidgin, see below.
 
From: Donald Le <[hidden email]>
Date: Thu, Sep 22, 2016 at 6:20 PM
Subject: Re: AIM login
To: Richard Vickery <[hidden email]>, [hidden email], Pidgin Support List <[hidden email]>

new DevID = do1UCeb5gNqxB1S1
new distID = 1715


Finch:
DistID: 1552
DevID: ma19sqWV9ymU6UYc

<Donald> No usage since August 2014 so no need new DistID and DevID.

Libpurple:
DistID: 1553
DevID: ma15d7JTxbmVG-RP

<Donald> new DistID = 1717, new DevID = ma19CwYN9i9Mw5nY

I found another Libpurple
DistID: 1502 with no DevID >> new DistID = 1718, new DevID =
ma18nmEklXMR7Cj_

The source code says they are owned by the AIM account "markdoliner".

Are these still valid? If they are, I think you can go ahead and pull
the plug of the old auth method.

Thanks


On 14 October 2016 at 01:11, Gary Kramlich <[hidden email]> wrote:
> Hi Donald,
>
> This is Gary Kramlich the current maintainer of Pidgin.  Please excuse
> my tardiness in this matter as I haven't had much time to dedicate to
> Pidgin in the past few weeks.
>
> That said.  We are staging a new version which will have this updates,
> but we will most likely miss the 20161016 date.  If we could get that
> extended it would be great.
>
> Also our code base has contains two clients that connect to AIM and as
> I've learned recently they do not share keys.  The other clients name
> is Finch and if we could get a set of keys for it that would be
> awesome.  Otherwise we'll just reuse the Pidgin ones for the time
> being.
>
> Also is there a web portal or something where we can manage this keys?
>  If so, please respond to me directly as I assume we'll want to
> control access to it.
>
> Thanks,
>
> --
> Gary Kramlich <[hidden email]>
>
> _______________________________________________
> [hidden email] mailing list
> Want to unsubscribe?  Use this link:
> https://pidgin.im/cgi-bin/mailman/listinfo/support







_______________________________________________
Devel mailing list
[hidden email]
https://pidgin.im/cgi-bin/mailman/listinfo/devel




_______________________________________________
Devel mailing list
[hidden email]
https://pidgin.im/cgi-bin/mailman/listinfo/devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: AIM login

Mark Zeldis

Thanks Crystal. I don't believe the pidgin team made any additional changes, so I assume you found a way to work around the issue below?

On Apr 11, 2017, at 11:52 AM, Crystal Birnie <[hidden email]> wrote:

Confirmed. The change was made.

Sent from my iPhone

On Apr 11, 2017, at 11:40 AM, Mark Zeldis <[hidden email]> wrote:


Donald,

Can you confirm that you made the change last night?  I believe that the MD5 login (and AIM 7.5) are gone. 

Pidgin appears to be working still.  I guess there was no issue after all?  Are we good going forward?

Thanks everyone.

-Mark Zeldis


On Thu, Apr 6, 2017 at 9:05 AM, Donald Le <[hidden email]> wrote:
Eio et al,

I was able to verify with Pidgin 2.12.0, startOSCARSession has the correct info distId=1715&f=xml&k=do1UCeb5gNqxB1S1 but they were not passed through our rules.

Could you add to imApp=Pidgin/2.12.0 the devID? It should read: Pidgin/2.12.0 key=do1UCeb5gNqxB1S1.

Our trace log should read: Got FLAP CLIENT IDENTITY Pidgin/2.12.0 key=do1UCeb5gNqxB1S1
Note:...2.12.0(space)key...


Thanks,

Donald Le
Product Management and Support AIM Platform
O: <a href="tel:(703)%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:(703)%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Mon, Apr 3, 2017 at 10:49 PM, Eion Robb <[hidden email]> wrote:
Hi Donald,

We've heard through a few of our support channels that you're still seeing people not using the correct details when they're logging into AIM from Pidgin.

Dequis emailed you last month with the urls that we're fetching that are indeed showing distId=1715 and devId=do1UCeb5gNqxB1S1 - he also asked if you could send through the details of your Pidgin version that you were testing with.

Are you able to confirm which auth URLs we should be using so we can try track down why you're not seeing the updated distId/devId?

Cheers,
Eion

On 14 March 2017 at 05:01, dequis <[hidden email]> wrote:
Hi, can confirm that finch is fixed now, thank you!

That issue with pidgin 2.12.0 is really odd! I just tested both windows installers (online and offline) and they seem fine. We did have one user reporting a similar issue, but we couldn't reproduce it or explain it.

Please verify the version with buddy list -> help menu -> about, the first line should say "Pidgin 2.12.0 (libpurple 2.12.0)" followed by "unknown". Also, help menu -> plugin information should say 2.12.0 for the AIM plugin. That kind of mixup is rare but who knows!

You can also enable extra debug by opening cmd.exe and doing "set PURPLE_UNSAFE_DEBUG=1" before executing pidgin.

Then open help menu -> debug window and connect the account. This is what I get:

[...]
(12:27:52) certificate: Successfully verified certificate for api.screenname.aol.com
(12:27:52) util: Request: 'POST /auth/clientLogin HTTP/1.0
Connection: close
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 85
 
devId=do1UCeb5gNqxB1S1&f=xml&pwd=[password]&s=dx%40dxzone.com.ar'
(12:27:53) util: Response headers: 'HTTP/1.1 200 OK
[...]
(12:27:53) util: requested to fetch (https://api.oscar.aol.com/aim/startOSCARSession?a=[access token]&distId=1715&f=xml&k=do1UCeb5gNqxB1S1&ts=1489418868&useTLS=1&sig_sha256=[signature]), full=1, user_agent=((null)), http11=0

So as far as I can see everything is fine. I hope that helps narrow it down.

By the way, is the message supposed to be shown on every login from a legacy auth method? I don't see it when I intentionally set pidgin to connect to "login.oscar.aol.com" with "don't use encryption" and "MD5-based" - it just succeeds without complaining.

By the way, slogin.oscar.aol.com is down but login.oscar.aol.com isn't. I thought slogin.oscar.aol.com was supposed to die at the end of this month. I think that's breaking adium (mac OS X pidgin derivative) and we still haven't managed to contact their devs to fix it. So what is the fate of slogin supposed to be?

Thanks.

On 13 March 2017 at 09:38, Donald Le <[hidden email]> wrote:
Hi again,

I download Pidgin 2.12.0 and test login.

The "new" distID and devID were not used, and I received the upgrade message.
The client is still on the old distID and NO devID.
Could you double-check?

LSI: PLOT  4224.8888   1502    10.172.189.32   Mon Mar 13 08:02:11 2017  bos_srv-l014b        Mon Mar 13 08:20:19 2017 bos_srv-l014b                                      
LSI: PLOT  4224.8888   1502    10.172.189.32   Mon Mar 13 07:43:23 2017  bos_srv-l014b        Mon Mar 13 07:49:22 2017 bos_srv-l014b

Thanks,

Donald Le
Product Management and Support AIM Platform
O: <a href="tel:(703)%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:(703)%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Mon, Mar 13, 2017 at 7:33 AM, Donald Le <[hidden email]> wrote:
Hi,

The third said in the original email "No usage since August 2014 so no need new DistID and DevID", which is clearly wrong. There's also that "another libpurple" with distid 1502 which doesn't match any client we own, and we don't know how you found that one.
I can't explain but you did the right thing to use 1718 for Finch.

Did the 1718 distid get invalidated? Can you re-enable it so that we don't have to make another release?
Please try again now and let me know, I correct a typo in the devID just now.

Thanks,

Donald Le
Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166

On Sun, Mar 12, 2017 at 1:25 PM, dequis <[hidden email]> wrote:
Hey Donald!

As you may have heard we already released pidgin 2.12.0 (together with libpurple and finch 2.12.0), updating the distid/devids.

Here's what we used:

Pidgin:
Distid: 1715
Devid: do1UCeb5gNqxB1S1

Libpurple:
Distid: 1717
Devid: ma19CwYN9i9Mw5nY

Finch:
Distid: 1718
Devid: ma18nmEklXMR7Cj_

The first two are normal.

The third said in the original email "No usage since August 2014 so no need new DistID and DevID", which is clearly wrong. There's also that "another libpurple" with distid 1502 which doesn't match any client we own, and we don't know how you found that one.

So for the sake of avoiding a roundtrip in our communication and getting the release packaged ASAP, we went ahead and used the remaining 1718 distid for finch.

This looks like it was a mistake, since we're now getting "Method not allowed - clientLogin Not Allowed for this devId" errors in finch.

Did the 1718 distid get invalidated? Can you re-enable it so that we don't have to make another release?

Thanks

On 27 January 2017 at 01:54, Donald Le <[hidden email]> wrote:
All,

My comments are inline.

Thanks,

Donald Le
Tech Director | Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166
<image001.png>

On Thu, Oct 27, 2016 at 8:45 AM, Donald Le <[hidden email]> wrote:
All,

Quick update: we had to delay AIM client upgrade due to other integration, the date is tbd.
I will answer your questions in the coming weeks.


Thanks,

Donald Le
Tech Director | Product Management and Support AIM Platform
O: <a href="tel:%28703%29%20265-5645" value="+17032655645" target="_blank">703-265-5645 | M: <a href="tel:%28703%29%20678-1073" value="+17036781073" target="_blank">703-678-1073
AOL Inc. 22070 Broderick Drive Dulles, VA 20166
<image001.png>

On Fri, Oct 14, 2016 at 2:58 AM, dequis <[hidden email]> wrote:
Hi, I have a couple of questions, since there may have been a
misunderstanding here.

Pidgin currently supports three auth methods for AIM:

- MD5 using slogin.oscar.aol.com. Uses the DistID, does not use the DevID

<Donald> All DistID used for login.oscar.aol.com and slogin.oscar.aol.com will be blocked. The date is tbd and AIM client upgrade will start Feb 24th 2017.

- clientLogin aka OpenAuth using
api.screenname.aol.com/auth/clientLogin. Uses DistID and DevID. Has
been the default setting for pidgin releases since 2009

<Donald> This login path will stay but you need to update the DistID and DevID. We will give you a new set.

- Kerberos using kdc.uas.aol.com. Uses DistID and DevID. Introduced in
pidgin 2.11.0, released four months ago.

<Donald> Same as above with OpenAuth.

If I'm understanding this right, the first method is being
discontinued and the other two will continue working. It's possible a
lot of users are using that - the account setting is a bit too
visible, so users might just switch to it for the sake of changing
settings. But as far as I can see, pidgin with the default
configuration won't stop working.

<Donald> If Pidgin uses DistID = 1502 or 0, the login will be blocked.

What I don't understand is why we're changing the DistID and DevID.
I'm 90% sure that clientlogin sends both in the same way as the
official client. Did the previous ones get invalidated?

<Donald> Yes.

We're currently using these:

Pidgin
DistID: 1550
DevID: ma1cSASNCKFtrdv9

<Donald> I reached out to Pidgin, see below.
 
From: Donald Le <[hidden email]>
Date: Thu, Sep 22, 2016 at 6:20 PM
Subject: Re: AIM login
To: Richard Vickery <[hidden email]>, [hidden email], Pidgin Support List <[hidden email]>

new DevID = do1UCeb5gNqxB1S1
new distID = 1715


Finch:
DistID: 1552
DevID: ma19sqWV9ymU6UYc

<Donald> No usage since August 2014 so no need new DistID and DevID.

Libpurple:
DistID: 1553
DevID: ma15d7JTxbmVG-RP

<Donald> new DistID = 1717, new DevID = ma19CwYN9i9Mw5nY

I found another Libpurple
DistID: 1502 with no DevID >> new DistID = 1718, new DevID =
ma18nmEklXMR7Cj_

The source code says they are owned by the AIM account "markdoliner".

Are these still valid? If they are, I think you can go ahead and pull
the plug of the old auth method.

Thanks


On 14 October 2016 at 01:11, Gary Kramlich <[hidden email]> wrote:
> Hi Donald,
>
> This is Gary Kramlich the current maintainer of Pidgin.  Please excuse
> my tardiness in this matter as I haven't had much time to dedicate to
> Pidgin in the past few weeks.
>
> That said.  We are staging a new version which will have this updates,
> but we will most likely miss the 20161016 date.  If we could get that
> extended it would be great.
>
> Also our code base has contains two clients that connect to AIM and as
> I've learned recently they do not share keys.  The other clients name
> is Finch and if we could get a set of keys for it that would be
> awesome.  Otherwise we'll just reuse the Pidgin ones for the time
> being.
>
> Also is there a web portal or something where we can manage this keys?
>  If so, please respond to me directly as I assume we'll want to
> control access to it.
>
> Thanks,
>
> --
> Gary Kramlich <[hidden email]>
>
> _______________________________________________
> [hidden email] mailing list
> Want to unsubscribe?  Use this link:
> https://pidgin.im/cgi-bin/mailman/listinfo/support







_______________________________________________
Devel mailing list
[hidden email]
https://pidgin.im/cgi-bin/mailman/listinfo/devel




_______________________________________________
Devel mailing list
[hidden email]
https://pidgin.im/cgi-bin/mailman/listinfo/devel
Loading...