Ribbit
Description
Ribbit is (an implementation of?) a new way of retrieving version information for products, with built-in caching and message verification via signatures. Uses sequence numbers returned by the summary (and every other request) to indicate whether something is outdated or not.
Commands
Instead of using HTTP like the previous TACT system does, this uses a simple TCP socket. Commands are to be sent to either us.version.battle.net or eu.version.battle.net on port 1119 (ending in a \r\n). In this table, bold indicates a variable replaced in the actual query.
Commands | Description |
---|---|
v1/summary | Gets a list of endpoints and their current sequence number (example) |
v1/products/product/versions | Similar to TACT's versions file, also referred to as version in other parts |
v1/products/product/cdns | Similar to TACT's cdns file, also referred to as cdn in other parts |
v1/products/product/bgdl | Similar to TACT's bgdl file |
v1/certs/hash | Get a certificate |
v1/ocsp/hash | Check revocation status |
v1/ext | Unknown |
Sequence numbers
These can be found in every message and have been included in TACT HTTP requests since April 12 2018. Every time a file is updated the sequence number increases and the number in summary updates to let clients know that file has been updated. Sequence numbers never go down, if a lower one is detected that message/update can be treated as out of date. As such, rollbacks will also increase sequence numbers even though any other content in the file will go back to an older version.แต
Cached messages
Cached messages can be found in C:\ProgramData\Battle.net\Agent\data\cache. Filenames are structured like command-argument(s?)-seqn.bmime. If no arguments are present, argument in filename is #. If no seqn is present, it is 0.
Examples:
Filename | Description |
---|---|
cdn-wow_beta-14722.bmime | Cached /cdns message for product wow_beta with sequence number 14722. |
summary-#-32324.bmime | Cached /summary message with no arguments but with sequence number 32324. |
cert-5168ff90af0207753cccd9656462a212b859723b-0.bmime | Cached /cert message with certificate hash as argument and no sequence number. |
Message structure
Messages are MIME formatted and as such contain headers, boundaries (with content inside) and such.
One of the parts of the message is always ASN.1 base-64 formatted data to ensure message validity and prevent MITM attacks. Eaach new update to a command's output yields a new base-64 chunk. While largely useless for our purposes, these are timestamped to their time of creation, giving exact time at which an update to a command was published (and thus when an update is rolled out). AN implementation of ASN.1 parsing in Javascript can be found here.
Summary file
Similar to other TACT pipe (|) separated files. Contains a list of products/endpoints and their current sequence number. If the flags column is empty, it seems to refer to the version file. This file should be used to check for differences instead of checking all individual products like is currently done in HTTP TACT.