Ed2k protocol

From AMule Project FAQ
Revision as of 14:25, 24 February 2007 by Abeco (Talk | contribs)

Jump to: navigation, search

ed2k protocol

The amule client uses the ed2k protocol to connect to the server. This page is based on the document of emule-project.net called: "The eMule/eDonkey protocol specification" by Yoram Kulbak and Danny Bickson and intents to update all messages that have changed in order that anyone can understand ed2k protocol, be able to implement it and to understand actual source codes like amule.

This page pretends to be an explanation on how to connect to the ed2k servers, perform searchs, file sharing, etc. Note: It is created by a newbie and WILL have errors, so I hope that people can help me to complete this article.

First of all. ALL MESSAGES ARE ENCODED IN LITTLE ENDIAN (the opposite of natural order).

Messages

All messages have a 6 bytes header with:

  • protocol (1 byte: 0xE3 indicates edonkey while 0xC5 indicates emule)
  • size (4 bytes: The message size not including this header)
  • type (1 byte:A unique message ID that indicates which message are you transmiting: i.e.: Login: 0x01).

Tag messages

"Tags are TLV-like (Type, Length, Value) structures which are used for appending optional data to eMule messages".

The structure is the following (as described on the protocol specification):

Each tag can have 4 fields (not all of them are mandatory).

  • type (1 byte)
  • name:
*variable length string
*1 byte
  • value
*4 byte Integer
*4 byte floating point number
*variable length String.
  • special (1 byte)

Login message

In order to connect to the network, you must have an IP address and port of an emule server. For example, if you have a emule server runing at localhost, the host will be: localhost and the port that you have configured.

After connecting, you must sent the first message to the server, this message is composed by (as the howto says):

HEADER

protocol  1 byte (default value for EMULE: 0xE3). [Red]
size      4 bytes (the size of the message not including this header) [Green]
type      1 byte (OP_LOGINREQUEST: 0x01) [Blue]
userhash  16 bytes generated randomly (it is said that positions 6th and 15th are not randomly generated, and their values are 14 and 111 respectively). [purple]
clientID  4 bytes (the fist time are 0x00 because the clientID is assigned by server). [white]
TCPport   2 bytes (default: 4662: 0x36 0x12) [yellow]
TagCount  4 bytes (default: 4: 0x04 0x00 0x00 0x00). CAUTION: In spite of having the name TAG is NOT a tag message. [White]

THE TAGS:

nametag   Is a String tag (not fixed length)
versiontag 8 bytes
porttag    8 bytes
flagstag   8 bytes


This is a screenshot which uses netcat on the port 46621 and hexdump to examine the login message. All fields underlined on different colors are identified, the rest are messages tags that are explained below.

http://img86.imageshack.us/img86/7065/datoshe0.png

Tag explanation according to the image (thanks skolnick):

Type of tag     (1 byte)        0x02 = String
tag name's size (2 bytes)       0x01 0x00 = tag name's size is 1 byte
tag name        (1 byte)        0x01 = tag name is client nickname
tag's size      (2 bytes)       0x14 0x00 = size is 20 bytes
tag contents    (20 bytes)      http://www.amule.org

Type of tag     (1 byte)        0x03 = DWORD
tag name's size (2 bytes)       0x01 0x00 = tag name's size is 1 byte
tag name        (1 byte)        0x11 = tag name is protocol version
tag contents    (4 bytes)       0x3c 0x00 0x00 0x00 = prot. version 60

Type of tag     (1 byte)        0x03 = DWORD
tag name's size (2 bytes)       0x01 0x00 = tag name's size is 1 byte
tag name        (1 byte)        0x20 = tag name is compresion
tag contents    (4 bytes)       0x1d 0x00 0x00 0x00 = compression status

Type of tag     (1 byte)        0x03 = DWORD
tag name's size (2 bytes)       0x01 0x00 = tag name's size is 1 byte
tag name        (1 byte)        0xfb = tag name is ???
tag contents    (4 bytes)       0x80 0x05 0x04 0x03 = tag data

How to do tests

If you are runing linux and your own donkey server

tcpdump -i lo -X

can be really usefull (lo is the loopback interface). If you want to perform translations from binary to hexadecimal

hexdump -C 

is usefull too.

For example, I use netcat with hexdump to "emulate" a server:

nc -l -p PORT|hexdump -C

This allows me to see byte per byte all the login message (for example).

If you want to run your own edonkey server to perform some test and not to be banned from some official servers you can download it from:

External links