diff options
| author | David Woodhouse <David.Woodhouse@intel.com> | 2013-06-28 05:03:49 +0800 |
|---|---|---|
| committer | David Woodhouse <David.Woodhouse@intel.com> | 2013-06-28 05:06:15 +0800 |
| commit | 046a17ba199e79b44337ac376131a2d566a3e7d8 (patch) | |
| tree | f079e5beba2d5458cdbd888b86d2df410a9685d8 | |
| parent | 0cb0dc0dddf915d0c6d6baa522beaa0cfeb0fefe (diff) | |
| download | gsoc2013-evolution-046a17ba199e79b44337ac376131a2d566a3e7d8.tar gsoc2013-evolution-046a17ba199e79b44337ac376131a2d566a3e7d8.tar.gz gsoc2013-evolution-046a17ba199e79b44337ac376131a2d566a3e7d8.tar.bz2 gsoc2013-evolution-046a17ba199e79b44337ac376131a2d566a3e7d8.tar.lz gsoc2013-evolution-046a17ba199e79b44337ac376131a2d566a3e7d8.tar.xz gsoc2013-evolution-046a17ba199e79b44337ac376131a2d566a3e7d8.tar.zst gsoc2013-evolution-046a17ba199e79b44337ac376131a2d566a3e7d8.zip | |
Bug 703181 - Asked for password which is never used
When the SASL mechanism reports that it can try an "empty password", give
it the opportunity to do so before we demand that the user provide one.
(Patch mostly by mbarnes; thanks)
| -rw-r--r-- | libemail-engine/e-mail-session.c | 36 |
1 files changed, 27 insertions, 9 deletions
diff --git a/libemail-engine/e-mail-session.c b/libemail-engine/e-mail-session.c index db756ee7ea..a517f2a8e2 100644 --- a/libemail-engine/e-mail-session.c +++ b/libemail-engine/e-mail-session.c @@ -1505,6 +1505,7 @@ mail_session_authenticate_sync (CamelSession *session, CamelAuthenticationResult result; const gchar *uid; gboolean authenticated; + gboolean try_empty_password = FALSE; GError *local_error = NULL; /* Do not chain up. Camel's default method is only an example for @@ -1541,23 +1542,28 @@ mail_session_authenticate_sync (CamelSession *session, CamelProvider *provider; CamelSasl *sasl; const gchar *service_name; - gboolean success = FALSE; provider = camel_service_get_provider (service); service_name = provider->protocol; /* XXX Would be nice if camel_sasl_try_empty_password_sync() - * returned CamelAuthenticationResult so it's easier to - * detect errors. */ + * returned the result in an "out" parameter so it's + * easier to distinguish errors from a "no" answer. + * YYY There are precisely two states. Either we appear to + * have credentials (although we don't yet know if the + * server would *accept* them, of course). Or we don't + * have any credentials, and we can't even try. There + * is no middle ground. + * N.B. For 'have credentials', read 'the ntlm_auth + * helper exists and at first glance seems to + * be responding sanely'. */ sasl = camel_sasl_new (service_name, mechanism, service); if (sasl != NULL) { - success = camel_sasl_try_empty_password_sync ( + try_empty_password = + camel_sasl_try_empty_password_sync ( sasl, cancellable, &local_error); g_object_unref (sasl); } - - if (success) - return TRUE; } /* Abort authentication if we got cancelled. @@ -1581,9 +1587,21 @@ mail_session_authenticate_sync (CamelSession *session, auth = e_mail_authenticator_new (service, mechanism); - authenticated = e_source_registry_authenticate_sync ( - registry, source, auth, cancellable, error); + result = CAMEL_AUTHENTICATION_REJECTED; + + if (try_empty_password) { + result = camel_service_authenticate_sync ( + service, mechanism, cancellable, error); + } + if (result == CAMEL_AUTHENTICATION_REJECTED) { + /* We need a password, preferrably one cached in + * the keyring or else by interactive user prompt. */ + authenticated = e_source_registry_authenticate_sync ( + registry, source, auth, cancellable, error); + } else { + authenticated = (result == CAMEL_AUTHENTICATION_ACCEPTED); + } g_object_unref (auth); g_object_unref (source); |