Protocol change (24 April 2012)

[ghost]

Just got an Error: Protocol incompatible. Please upgrade libpiano. I've got a functioning internet connection, and I'm not behind a proxy or anything, so it looks like Pandora changed the protocol on us again…

[cmdlinegeek]

I second that.

[jakerella]

I have the latest package (2012-04-24) from the main site and I am still seeing the "Error: Protocol incompatible" message. Internet connection is good and no proxies or firewalls. Not sure if Pandora changed the protocol that quick or if I have a bad install (was working yesterday though).

~$ pianobar
Welcome to pianobar (2012.04.24)! Press ? for a list of commands.
(i) Control fifo at /home/jordan/.config/pianobar/ctl opened
(i) Login... Error: Protocol incompatible. Please upgrade libpiano.

[MTecknology]

Bastards! Why they be changing it!?
Can't wait for you guys to figure out what changed. This little application happens to be what keeps me from beating the life out of one particular co-worker. Many thanks!!

[nikomaresco]

also getting this error with the latest package (2012.04.24-dev). thanks!

[mhajda]

Same issue today

[clarkewd]

Just tried installing the latest build to fix it but I'm also getting the error:

Welcome to pianobar (2012.04.24-dev)! Press ? for a list of commands.
(i) Login... Error: Protocol incompatible. Please upgrade libpiano.

[ok100]

Same issue here.

[ghost]

Not sure if this is at all relevant, but Pandora's official iOS client is still functioning without updates. So is the webOS client, whose source code is easily accessible, being written in Javascript and all.

[ghost]

Dear Lars-Dominik Braun & other contributors...

You Rock! I too am affected. I lack the skills to help. You have my FULL emotional support.
Thanks for pianobar,

Brad Norman - Vero Beach, Florida

[romm-zz]

faultStringorg.apache.xmlrpc.XmlRpcException: 000.000.000.000|0|INCOMPATIBLE_VERSION|Pandora does not support your client version.faultCode1

That would be the case...

[romm-zz]

When bumped version to 34, I am getting:

faultStringcom.savagebeast.radio.api.protocol.xmlrpc.RadioXmlRpcException: com.savagebeast.radio.api.internal.xmlrpc.handler.HandlerMisc.sync()faultCode0

when syncing

[PromyLOPh]

1. Version 2012.04.24 does not work. I released it yesterday and a few hours after that Pandora changed the API.
2. Things don’t look very promising right now, as Pandora rolled out an updated 3rd party client protection. It’s similar to the one described in DAILY_SKIP_LIMIT_REACHED Error Not Handled/New #214 (and the linked blog post), but they completely block pianobar and others now and they made it very difficult (if not impossible without a debugger) to obtain the client key via injected JavaScript. A few 3rd party client developers are idle’ing in #saver2 at irc.coldfront.net, so if you cracked the code make sure you stop by.
3. As Pandora won’t talk to me: Make use of their support email address and tell them what you think about this change. And please stay calm and be polite. Thanks.

@theswordfish Can you send me (lars@6xq.net) the webOS source, please?

[PlaidShirtPat]

Just got the same problem. New-ish Developer here, but love this app! If there is something I can do to help, please point me in the right direction!

[ghost]

@PromyLOPh: It's on its way. :)

[nikomaresco]

in case anyone is having trouble finding it, here is the link to contact Pandora: https://help.pandora.com/customer/portal/emails/new

[cintacks]

Contacted them! If this is an attempt to get us to pay $39 for their app, that's sad but I suppose it makes business sense.

[dustmoo]

What would it take to get on as an official third party client? There are other official clients that do not show graphic ads and only support their audio ads.

Though many may not agree with me, I like pianobar because of it's low footprint, I have no problem supporting pandora by listening to ads and or upgrading to pandora one if I want uninterrupted music.

Just curious if you have explored this at all PromyLOPh?

[PromyLOPh]

I have, @dustmoo, and their response was “not interested”.

[dustmoo]

Well then, happy cracking, I am sure we can find a solution. :)

[sodabrew]

Coincidentally, I just got my annual Pandora One renewal notice. Good time to let them know which is my favorite way of listening :)

[b-dub]

In asking to roll back the protocol change, this is the response from pandora:

"Thanks for writing. This is an unauthorized third-party application, and using it is a violation of our Terms of Use.

You can use Pandora for free at http://www.pandora.com
If you have problems with that service, then please let me know.

Best,
Jed
Listener Advocate
PANDORA® internet radio
"

[dragos240]

I wouldn't worry much about it. PromyLOPh has done a fine job on updating the source promptly after an update. It's a rare occasion when the protocol isn't working, and an even rarer occasion in which it isn't fixed after fetching the latest sources.

As for asking pandora to roll back the changes, I highly doubt they'd be interested. This client does not include adverts, and it includes a feature which allows users from outside the US to use pandora, which is breaking their ToS.

A thank you to PromyLOPh for your work on this application, it is greatly appreciated.

[jhixson74]

Similar response here:

Thanks for writing. This is an unauthorized third-party application, and using it is a violation of our Terms of Use.

You can use Pandora for free at http://www.pandora.com, and I would be happy to give you troubleshooting help with that if you like.

If you would like your subscription canceled in the end, just let me know.

Best,
Jed
Listener Advocate
PANDORA® internet radio
Need help? http://help.pandora.com

[ladinu]

@theswordfish Can you please post the WebOS code so that we all can see?

[jnwatts]

Email sent to Pandora specifically pointing out that there are plenty of us who refuse to use Adobe Air and prefer not to keep a web-browser open just for Pandora: And most importantly, are happy to pay for a ad-free account just to use a 3rd-party (ad-free) client. If I get something other than the canned response, will post it here.

[ghost]

@ladinu: Sure thing.

I suspect the relevant code is in app/core/api.js, partly because of the name (duh) and also because the entire thing was obfuscated. I ran it through JSBeautifier and saved the deobfuscated version in the root directory under the name api deobfuscated.js.

http://www.mediafire.com/?5zgrfm61u9e0l6u

Good luck!

Edit: I finally found time to look through the thing, and it's full of crypto code. Hopefully it'll be of some use.

[dcode]

I could only find one set of keys in those files. Beginning on Line 337 in 'api deobfuscated.js'.

However, that function seems to generate keys on the fly give an app 'key' (i.e. password). These 'keys' are found on lines 860-863. Looks like only AppConstants.r and AppConstants.s are used for the keys. Looks like 'r' is the XMLRPC and 's' is for the song urls? (I'd have to dig a bit further here).

The other constants there are the 3rd party partner username/password. :D

I wrote a small python script that extracts the base key into a C array (this is before I figured out how the other keys are generated). You could extend that and reimplement the 'createFromKey' function to generate the other two keys. Not familiar enough with the rest of the API to determine if that's all that is needed.

https://gist.github.com/2495271

[ghost]

Thanks for the quick work! Back in business on my MBP (Which, fwiw, installed fine via macports).

[admdrew]

wizzahd's patch worked for me (#236 (comment)), and (as a paying Pandora customer) I sent off a message to them voicing my support for both their service, and the pianobar client. Here's hoping they listen to all of us!

[nikomaresco]

let me just be clear that this is not my patch :) all credit goes to @PromyLOPh; I only listed the commands to make it easier to apply the patch.

[admdrew]

Oops! Ok, well thanks (again!) to @PromyLOPh for the patch, and thanks @wizzahd for allowing noobs like me to continue listening to music.

[PromyLOPh]

I merged my json work into master, so this issue is fixed. It should
work out-of-the-box, although there are a few glitches that need a fix,
so give it a try. If you find a bug open a new issue, please.

Thanks to everyone who helped out with reverse-engineering, provided
documentation or gave feedback! Let’s hope this fix lasts longer than a
few hours.

To packagers/distributions: There will be a new version released once I
ironed out all the nasty bugs. Maybe in a week or two.

Before:
-rwxr-xr-x 1 lars lars 118K 1. Mai 12:17 pianobar
After:
-rwxr-xr-x 1 lars lars 85K 1. Mai 12:17 pianobar
In other words:
22 files changed, 1407 insertions(+), 3502 deletions(-)
in one week, two new dependencies, a documentation wiki at
http://pan-do-ra-api.wikia.com/ and a lot of fun with C ;)

[thedmd]

Magnificent!

[cintacks]

Excellent! Thank you thank you. Just recompiled and works perfectly.

[b-dub]

I'm confused (happens a lot), how do I get the this change?

Thanks

[perette]

The compiler bitches a lot about libgcrypt:
/opt/local/include/gcrypt.h:1639: warning: ‘gcry_ac_scheme_t’ is deprecated /opt/local/include/gcrypt.h:1641: warning: ‘gcry_ac_key_t’ is deprecated /opt/local/include/gcrypt.h:1642: warning: ‘gcry_ac_io_t’ is deprecated /opt/local/include/gcrypt.h:1643: warning: ‘gcry_ac_io_t’ is deprecated /opt/local/include/gcrypt.h:1649: warning: ‘gcry_ac_id_t’ is deprecated
(Repeated like 300 times.) But runs fine on my variant despite the compiler's angst.

[nperez]

On Tue, 1 May 2012 03:29:43 -0700
PromyLOPh
reply@reply.github.com
wrote:

I merged my json work into master, so this issue is fixed. It should
work out-of-the-box, although there are a few glitches that need a
fix, so give it a try. If you find a bug open a new issue, please.

Thanks to everyone who helped out with reverse-engineering, provided
documentation or gave feedback! Let’s hope this fix lasts longer than
a few hours.

To packagers/distributions: There will be a new version released once
I ironed out all the nasty bugs. Maybe in a week or two.

Before:
-rwxr-xr-x 1 lars lars 118K 1. Mai 12:17 pianobar
After:
-rwxr-xr-x 1 lars lars 85K 1. Mai 12:17 pianobar
In other words:
22 files changed, 1407 insertions(+), 3502 deletions(-)
in one week, two new dependencies, a documentation wiki at
http://pan-do-ra-api.wikia.com/ and a lot of fun with C ;)

---

Reply to this email directly or view it on GitHub:
#236 (comment)

Slick. This works without issue for me.

apt-get install libjson0-dev;
make;

PromyLOPh++

Nicholas Perez
XMPP/Email: nick@nickandperla.net
https://metacpan.org/author/NPEREZ
http://github.com/nperez

[grota]

❤️

[TRWulfgar]

For those of us who are new and slow... I'd much appreciate if someone could comment in a very basic fashion on how to implement the newest patch.

I just keep telling myself "Everyone was new once".

Thanks much.

[b-dub]

TRWulfgar
What OS/env? My windows xp cygwin build required some tweeking to get it going but the basic steps should be similar on most systems.

//to get the source
git clone git://github.com/PromyLOPh/pianobar.git

// to get libjson-devel (I had to get apt_cyg ~ apt_get???)
apt-cyg install libjson-devel

cd pianobar
make

// I have to do a 'make CC=CC CFLAGS="-std=gnu99 -L /usr/local/lib" ' but that's because I'm special and don't always know what I'm doing, but can usually make it work.

[TRWulfgar]

Sorry, n00b mistake.

I'm running Ubuntu.

[dustineichler]

What directory am I installing this patch?

[PromyLOPh]

The issue has been closed for a while now. Please use the latest
release.

[dustineichler]

just a heads up, I'm seeing this error (again), therefore I comment.