[Spice-devel] [PATCH] Be more specific in the case of authentication error
mkasik at redhat.com
mkasik at redhat.com
Thu Nov 19 06:08:23 PST 2015
From: Marek Kasik <mkasik at redhat.com>
This patch adds SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME error
for the case when authentication fails because of missing username.
This can happen when GSSAPI method is used.
https://bugs.freedesktop.org/show_bug.cgi?id=92994
---
src/spice-channel-priv.h | 3 ++-
src/spice-channel.c | 31 +++++++++++++++++++++++++++----
src/spice-client.h | 2 ++
3 files changed, 31 insertions(+), 5 deletions(-)
diff --git a/src/spice-channel-priv.h b/src/spice-channel-priv.h
index 4b2d1e6..d60ea73 100644
--- a/src/spice-channel-priv.h
+++ b/src/spice-channel-priv.h
@@ -143,7 +143,8 @@ struct _SpiceChannelPrivate {
GSList *flushing;
gboolean disable_channel_msg;
- gboolean auth_needs_username_and_password;
+ gboolean auth_needs_username;
+ gboolean auth_needs_password;
GError *error;
};
diff --git a/src/spice-channel.c b/src/spice-channel.c
index 1c96ded..d8bba5c 100644
--- a/src/spice-channel.c
+++ b/src/spice-channel.c
@@ -110,7 +110,8 @@ static void spice_channel_init(SpiceChannel *channel)
c->out_serial = 1;
c->in_serial = 1;
c->fd = -1;
- c->auth_needs_username_and_password = FALSE;
+ c->auth_needs_username = FALSE;
+ c->auth_needs_password = FALSE;
strcpy(c->name, "?");
c->caps = g_array_new(FALSE, TRUE, sizeof(guint32));
c->common_caps = g_array_new(FALSE, TRUE, sizeof(guint32));
@@ -1019,11 +1020,21 @@ static void spice_channel_failed_authentication(SpiceChannel *channel,
{
SpiceChannelPrivate *c = channel->priv;
- if (c->auth_needs_username_and_password)
+ if (c->auth_needs_username && c->auth_needs_password)
g_set_error_literal(&c->error,
SPICE_CLIENT_ERROR,
SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME,
_("Authentication failed: password and username are required"));
+ else if (c->auth_needs_username)
+ g_set_error_literal(&c->error,
+ SPICE_CLIENT_ERROR,
+ SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME,
+ _("Authentication failed: username is required"));
+ else if (c->auth_needs_password)
+ g_set_error_literal(&c->error,
+ SPICE_CLIENT_ERROR,
+ SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD,
+ _("Authentication failed: password is required"));
else if (invalidPassword)
g_set_error_literal(&c->error,
SPICE_CLIENT_ERROR,
@@ -1287,7 +1298,18 @@ spice_channel_gather_sasl_credentials(SpiceChannel *channel,
switch (interact[ninteract].id) {
case SASL_CB_AUTHNAME:
case SASL_CB_USER:
- c->auth_needs_username_and_password = TRUE;
+ c->auth_needs_username = TRUE;
+ break;
+ case SASL_CB_PASS:
+ c->auth_needs_password = TRUE;
+ break;
+ }
+ }
+
+ for (ninteract = 0 ; interact[ninteract].id != 0 ; ninteract++) {
+ switch (interact[ninteract].id) {
+ case SASL_CB_AUTHNAME:
+ case SASL_CB_USER:
if (spice_session_get_username(c->session) == NULL)
return FALSE;
@@ -2626,7 +2648,8 @@ static void channel_reset(SpiceChannel *channel, gboolean migrating)
c->fd = -1;
- c->auth_needs_username_and_password = FALSE;
+ c->auth_needs_username = FALSE;
+ c->auth_needs_password = FALSE;
g_free(c->peer_msg);
c->peer_msg = NULL;
diff --git a/src/spice-client.h b/src/spice-client.h
index b794472..32b79ea 100644
--- a/src/spice-client.h
+++ b/src/spice-client.h
@@ -67,6 +67,7 @@ G_BEGIN_DECLS
* @SPICE_CLIENT_ERROR_USB_DEVICE_REJECTED: device redirection rejected by host
* @SPICE_CLIENT_ERROR_USB_DEVICE_LOST: device disconnected (fatal IO error)
* @SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD: password is required
+ * @SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME: username is required
* @SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME: password and username are required
* @SPICE_CLIENT_ERROR_USB_SERVICE: USB service error
*
@@ -78,6 +79,7 @@ typedef enum
SPICE_CLIENT_ERROR_USB_DEVICE_REJECTED,
SPICE_CLIENT_ERROR_USB_DEVICE_LOST,
SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD,
+ SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME,
SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME,
SPICE_CLIENT_ERROR_USB_SERVICE,
} SpiceClientError;
--
2.5.0
More information about the Spice-devel
mailing list