[Spice-devel] [PATCH] Be more specific in the case of authentication error

mkasik at redhat.com mkasik at redhat.com
Thu Nov 19 06:08:23 PST 2015


From: Marek Kasik <mkasik at redhat.com>

This patch adds SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME error
for the case when authentication fails because of missing username.
This can happen when GSSAPI method is used.

https://bugs.freedesktop.org/show_bug.cgi?id=92994
---
 src/spice-channel-priv.h |  3 ++-
 src/spice-channel.c      | 31 +++++++++++++++++++++++++++----
 src/spice-client.h       |  2 ++
 3 files changed, 31 insertions(+), 5 deletions(-)

diff --git a/src/spice-channel-priv.h b/src/spice-channel-priv.h
index 4b2d1e6..d60ea73 100644
--- a/src/spice-channel-priv.h
+++ b/src/spice-channel-priv.h
@@ -143,7 +143,8 @@ struct _SpiceChannelPrivate {
     GSList                      *flushing;
 
     gboolean                    disable_channel_msg;
-    gboolean                    auth_needs_username_and_password;
+    gboolean                    auth_needs_username;
+    gboolean                    auth_needs_password;
     GError                      *error;
 };
 
diff --git a/src/spice-channel.c b/src/spice-channel.c
index 1c96ded..d8bba5c 100644
--- a/src/spice-channel.c
+++ b/src/spice-channel.c
@@ -110,7 +110,8 @@ static void spice_channel_init(SpiceChannel *channel)
     c->out_serial = 1;
     c->in_serial = 1;
     c->fd = -1;
-    c->auth_needs_username_and_password = FALSE;
+    c->auth_needs_username = FALSE;
+    c->auth_needs_password = FALSE;
     strcpy(c->name, "?");
     c->caps = g_array_new(FALSE, TRUE, sizeof(guint32));
     c->common_caps = g_array_new(FALSE, TRUE, sizeof(guint32));
@@ -1019,11 +1020,21 @@ static void spice_channel_failed_authentication(SpiceChannel *channel,
 {
     SpiceChannelPrivate *c = channel->priv;
 
-    if (c->auth_needs_username_and_password)
+    if (c->auth_needs_username && c->auth_needs_password)
         g_set_error_literal(&c->error,
                             SPICE_CLIENT_ERROR,
                             SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME,
                             _("Authentication failed: password and username are required"));
+    else if (c->auth_needs_username)
+        g_set_error_literal(&c->error,
+                            SPICE_CLIENT_ERROR,
+                            SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME,
+                            _("Authentication failed: username is required"));
+    else if (c->auth_needs_password)
+        g_set_error_literal(&c->error,
+                            SPICE_CLIENT_ERROR,
+                            SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD,
+                            _("Authentication failed: password is required"));
     else if (invalidPassword)
         g_set_error_literal(&c->error,
                             SPICE_CLIENT_ERROR,
@@ -1287,7 +1298,18 @@ spice_channel_gather_sasl_credentials(SpiceChannel *channel,
         switch (interact[ninteract].id) {
         case SASL_CB_AUTHNAME:
         case SASL_CB_USER:
-            c->auth_needs_username_and_password = TRUE;
+            c->auth_needs_username = TRUE;
+            break;
+        case SASL_CB_PASS:
+            c->auth_needs_password = TRUE;
+            break;
+        }
+    }
+
+    for (ninteract = 0 ; interact[ninteract].id != 0 ; ninteract++) {
+        switch (interact[ninteract].id) {
+        case SASL_CB_AUTHNAME:
+        case SASL_CB_USER:
             if (spice_session_get_username(c->session) == NULL)
                 return FALSE;
 
@@ -2626,7 +2648,8 @@ static void channel_reset(SpiceChannel *channel, gboolean migrating)
 
     c->fd = -1;
 
-    c->auth_needs_username_and_password = FALSE;
+    c->auth_needs_username = FALSE;
+    c->auth_needs_password = FALSE;
 
     g_free(c->peer_msg);
     c->peer_msg = NULL;
diff --git a/src/spice-client.h b/src/spice-client.h
index b794472..32b79ea 100644
--- a/src/spice-client.h
+++ b/src/spice-client.h
@@ -67,6 +67,7 @@ G_BEGIN_DECLS
  * @SPICE_CLIENT_ERROR_USB_DEVICE_REJECTED: device redirection rejected by host
  * @SPICE_CLIENT_ERROR_USB_DEVICE_LOST: device disconnected (fatal IO error)
  * @SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD: password is required
+ * @SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME: username is required
  * @SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME: password and username are required
  * @SPICE_CLIENT_ERROR_USB_SERVICE: USB service error
  *
@@ -78,6 +79,7 @@ typedef enum
     SPICE_CLIENT_ERROR_USB_DEVICE_REJECTED,
     SPICE_CLIENT_ERROR_USB_DEVICE_LOST,
     SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD,
+    SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME,
     SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME,
     SPICE_CLIENT_ERROR_USB_SERVICE,
 } SpiceClientError;
-- 
2.5.0



More information about the Spice-devel mailing list