Ribbit: Difference between revisions

From wowdev
Jump to navigation Jump to search
No edit summary
 
(6 intermediate revisions by 3 users not shown)
Line 1: Line 1:
==Description==
==Description==
Ribbit is (an implementation of?) a new way of retrieving version information for products, with built-in caching and message verification via signatures. Uses sequence numbers returned by the summary (and every other request) to indicate whether something is outdated or not.
Ribbit is (an implementation of?) a new way of retrieving version information for products, with message verification via signatures (v1 only) and built-in caching. Uses sequence numbers returned by the summary (and every other request) to indicate whether something is outdated or not.


==Commands==
==Commands==
Instead of using HTTP like the previous TACT system does, this uses a simple TCP socket. Commands are to be sent to either us.version.battle.net or eu.version.battle.net on port 1119 (ending in a \r\n). In this table, '''bold''' indicates a variable replaced in the actual query.
Instead of using HTTP like the previous TACT system does, this uses a simple TCP socket. Commands are to be sent to either us.version.battle.net or eu.version.battle.net on port 1119 (ending in a \r\n). In this table, '''bold''' indicates a variable replaced in the actual query.


{| border="1" cellpadding="2" style="background:#FCFCFC; color:black"
{| border="1" cellpadding="2" class="wikitable"
! width="90" | Commands
! width="90" | Commands
! width="450" | Description
! width="450" | Description
Line 22: Line 22:
|-
|-
| v1/ext || Unknown
| v1/ext || Unknown
|-
| v2/summary || See v1 summary and note on v2 message structure below
|-
| v2/products/'''product'''/versions || See v1 versions and note on v2 message structure below
|-
| v2/products/'''product'''/cdns || '''''(NYI)''''' See v1 cdns and note on v2 message structure below
|-
| v2/products/'''product'''/bgdl || See v1 bgdl and note on v2 message structure below
|}
|}


==Sequence numbers==
==Sequence numbers==
These can be found in every message and have been included in TACT HTTP requests since April 12 2018. Every time a file is updated the sequence number increases and the number in summary updates to let clients know that file has been updated. Sequence numbers never go down, if a lower one is detected that message/update can be treated as out of date. As such, rollbacks will only increase sequence numbers even though any other content in the file will go back to an older version.
These can be found in every message and have been included in TACT HTTP requests since April 12 2018. Every time a file is updated the sequence number increases and the number in summary updates to let clients know that file has been updated. {{Verified|Sequence numbers never go down, if a lower one is detected that message/update can be treated as out of date. As such, rollbacks will also increase sequence numbers even though any other content in the file will go back to an older version.}}
 
'''NOTE:''' As of June 10th 2022, sequence numbers returned by the summary and the endpoints themselves no longer match due to a change/issue on Blizzard's end. Summary seqns and endpoint seqns both still change when an endpoint changes but don't match.


==Cached messages==
==Cached messages==
Line 31: Line 42:


Examples:  
Examples:  
{| border="1" cellpadding="2" style="background:#FCFCFC; color:black"
{| border="1" cellpadding="2" class="wikitable"
! width="90" | Filename
! width="90" | Filename
! width="450" | Description
! width="450" | Description
Line 43: Line 54:


=Message structure=
=Message structure=
Messages are [https://en.wikipedia.org/wiki/MIME MIME] formatted and as such contain headers, boundaries (with content inside) and such.
==V1==
V1 messages are [https://en.wikipedia.org/wiki/MIME MIME] formatted and as such contain headers, boundaries (with content inside) and such.
 
One of the parts of the V1 message is always ASN.1 base-64 formatted data to ensure message validity and prevent MITM attacks. Each new update to a command's output yields a new base-64 chunk. While largely useless for our purposes, these are timestamped to their time of creation, giving exact time at which an update to a command was published (and thus when an update is rolled out). AN implementation of ASN.1 parsing in Javascript can be found [https://lapo.it/asn1js/ here].


One of the parts of the message is always ASN.1 base-64 formatted data to ensure message validity and prevent MITM attacks. Eaach new update to a command's output yields a new base-64 chunk. While largely useless for our purposes, these are timestamped to their time of creation, giving exact time at which an update to a command was published (and thus when an update is rolled out). AN implementation of ASN.1 parsing in Javascript can be found [https://lapo.it/asn1js/ here].
Each V1 message ends with a SHA-256 checksum which is a checksum of all of the message except for the checksum line.
==V2==
At time of writing (June 16th 2022) V2 messages only return actual content and don't contain any of the above metadata. V2 is used to retrieve content by the old HTTP *.patch.battle.net URLs.


==Summary file==
=Summary file=
Similar to other TACT pipe (|) separated files. Contains a list of products/endpoints and their current sequence number. If the flags column is empty, it seems to refer to the version file. This file should be used to check for differences instead of checking all individual products like is currently done in HTTP TACT.
Similar to other TACT pipe (|) separated files. Contains a list of products/endpoints and their current sequence number. If the flags column is empty, it seems to refer to the version file. This file should be used to check for differences instead of checking all individual products like is currently done in HTTP TACT.

Latest revision as of 16:49, 16 March 2024

Description

Ribbit is (an implementation of?) a new way of retrieving version information for products, with message verification via signatures (v1 only) and built-in caching. Uses sequence numbers returned by the summary (and every other request) to indicate whether something is outdated or not.

Commands

Instead of using HTTP like the previous TACT system does, this uses a simple TCP socket. Commands are to be sent to either us.version.battle.net or eu.version.battle.net on port 1119 (ending in a \r\n). In this table, bold indicates a variable replaced in the actual query.

Commands Description
v1/summary Gets a list of endpoints and their current sequence number (example)
v1/products/product/versions Similar to TACT's versions file, also referred to as version in other parts
v1/products/product/cdns Similar to TACT's cdns file, also referred to as cdn in other parts
v1/products/product/bgdl Similar to TACT's bgdl file
v1/certs/hash Get a certificate
v1/ocsp/hash Check revocation status
v1/ext Unknown
v2/summary See v1 summary and note on v2 message structure below
v2/products/product/versions See v1 versions and note on v2 message structure below
v2/products/product/cdns (NYI) See v1 cdns and note on v2 message structure below
v2/products/product/bgdl See v1 bgdl and note on v2 message structure below


Sequence numbers

These can be found in every message and have been included in TACT HTTP requests since April 12 2018. Every time a file is updated the sequence number increases and the number in summary updates to let clients know that file has been updated. Sequence numbers never go down, if a lower one is detected that message/update can be treated as out of date. As such, rollbacks will also increase sequence numbers even though any other content in the file will go back to an older version.

NOTE: As of June 10th 2022, sequence numbers returned by the summary and the endpoints themselves no longer match due to a change/issue on Blizzard's end. Summary seqns and endpoint seqns both still change when an endpoint changes but don't match.

Cached messages

Cached messages can be found in C:\ProgramData\Battle.net\Agent\data\cache. Filenames are structured like command-argument(s?)-seqn.bmime. If no arguments are present, argument in filename is #. If no seqn is present, it is 0.

Examples:

Filename Description
cdn-wow_beta-14722.bmime Cached /cdns message for product wow_beta with sequence number 14722.
summary-#-32324.bmime Cached /summary message with no arguments but with sequence number 32324.
cert-5168ff90af0207753cccd9656462a212b859723b-0.bmime Cached /cert message with certificate hash as argument and no sequence number.

Message structure

V1

V1 messages are MIME formatted and as such contain headers, boundaries (with content inside) and such.

One of the parts of the V1 message is always ASN.1 base-64 formatted data to ensure message validity and prevent MITM attacks. Each new update to a command's output yields a new base-64 chunk. While largely useless for our purposes, these are timestamped to their time of creation, giving exact time at which an update to a command was published (and thus when an update is rolled out). AN implementation of ASN.1 parsing in Javascript can be found here.

Each V1 message ends with a SHA-256 checksum which is a checksum of all of the message except for the checksum line.

V2

At time of writing (June 16th 2022) V2 messages only return actual content and don't contain any of the above metadata. V2 is used to retrieve content by the old HTTP *.patch.battle.net URLs.

Summary file

Similar to other TACT pipe (|) separated files. Contains a list of products/endpoints and their current sequence number. If the flags column is empty, it seems to refer to the version file. This file should be used to check for differences instead of checking all individual products like is currently done in HTTP TACT.