Ron,
I see two possibilities for the error I get:
1. http://crazney.net/programs/itunes/authentication.html New for iTunes 4.5 - 29 April 2004.
Yesterday Apple released a new version of iTunes which updates the DAAP protocol. Amongst these changes to the protocol include a new authentication algorithm. They have changed the strings that get used for the hash table, include a few more things in the hash table - and more importantly, no longer use a real MD5 algorithm.
This is one year after your quote, so I assume it's an update with more recent iTunes.
2. Maybe I automatically (not sure how) logout after each request, thus expiring the session-id I just gathered, I read that that problem occured with wget. if you close the connection. I'll try to keep the connection open and see from there
**EDIT** 2. doesn't seem to be the problem, because when after a request, I'm still listed as a connected client in iTunes.
Yann
(this may be a resend, my email client sometimes gets confused between my different identities...)
On 7 nov. 06, at 17:22, Ron Teitelbaum wrote:
Yann,
It sure looks to me like the sessionID is returned from the server from the logon. So you logon and get back a loginresponse with has the 4 byte sessionid attached to it. Maybe the problem you are having is with endianness. What platform are you working on? Try changing the sessionID from AABBCCDD to DDCCBBAA. If that works then that is your problem and we can discuss ways of fixing that for a general implementation. I don't see anything about the response being encrypted or validated, do you have a reference to that somewhere?
From: http://molelog.molehill.org/blox/Computers/Macintosh/ DAAP3.writeback
/login No arguments required (or apparently used).
The response is too short; my current parser handles this by just stopping when it finds an all-0 tag.
dmap.loginresponse 0x00000024 dmap.status 0x00000004 number 0x000000c8(200) dmap.sessionid 0x00000004 number 0x0000040e(1038) ==== END ====
The dmap.sessionid will be the value for the 'session-id' parameter to the following requests.
Ron Teitelbaum Squeak Cryptography Team Leader
-----Original Message----- From: Yann Monclair Sent: Tuesday, November 07, 2006 3:21 AM
(Sorry if this is a resend, it seems I sent the first email before being completely registered to the mailing list, it must have been moderated.)
Hello,
I just started an implementation of the Digital Audio Access Protocol [1] in Squeak. This protocol is used by Apples iTunes [2] to share music over a lan. I found very little documentation[3] on this protocol, since Apple has decided not to disclose the documentation on its specifics. I have published the little code I wrote so far on SqueakSource [4]. I am stuck after the login request. As I understand it, iTunes doesn't send you the session-id, but an encrypted id, leaving you to decrypt it. Unfortunately, Apple added some byte switching or something to the classic MD5 encryption (I'm far from an expert in crypto, so I might not be using the appropriate vocabulary). I found a c library to connect to daap shares [5], but I didn't really get, even after looking at the code.
I would appreciate any help to figure this session-id thing out :) I think having a daap implementation in Squeak, can be really useful for multimedia purposes, and we could probably find cool applications :p
Here the code I write in a workspace to get a daapsession
DaapSession connectTo: 'localhost'.
this will return a DaapSession knowing the server, the content codes (typing info) and a DaapLogin. the encrytped session-id is accessible via DaapSession>>sid (or DaapLogin>>mlid)
Thanks,
Yann
[1] http://en.wikipedia.org/wiki/Digital_Audio_Access_Protocol [2] http://www.apple.com/itunes/overview/ [3] http://tapjam.net/daap/ [4] http://www.squeaksource.com/daap.html [5] http://crazney.net/programs/itunes/authentication.html
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography