From d34bdb0d0532156d9d6d6f7cb61b714652b26763 Mon Sep 17 00:00:00 2001 From: Marek Kasik Date: Wed, 18 Nov 2015 16:34:22 +0100 Subject: [PATCH] Be more specific in the case of authentication error This patch adds SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME error for the case when authentication fails because of missing username. This can happen when GSSAPI method is used. --- src/spice-channel-priv.h | 3 ++- src/spice-channel.c | 31 +++++++++++++++++++++++++++---- src/spice-client.h | 2 ++ 3 files changed, 31 insertions(+), 5 deletions(-) diff --git a/src/spice-channel-priv.h b/src/spice-channel-priv.h index 4b2d1e6..d60ea73 100644 --- a/src/spice-channel-priv.h +++ b/src/spice-channel-priv.h @@ -143,7 +143,8 @@ struct _SpiceChannelPrivate { GSList *flushing; gboolean disable_channel_msg; - gboolean auth_needs_username_and_password; + gboolean auth_needs_username; + gboolean auth_needs_password; GError *error; }; diff --git a/src/spice-channel.c b/src/spice-channel.c index 1c96ded..d8bba5c 100644 --- a/src/spice-channel.c +++ b/src/spice-channel.c @@ -110,7 +110,8 @@ static void spice_channel_init(SpiceChannel *channel) c->out_serial = 1; c->in_serial = 1; c->fd = -1; - c->auth_needs_username_and_password = FALSE; + c->auth_needs_username = FALSE; + c->auth_needs_password = FALSE; strcpy(c->name, "?"); c->caps = g_array_new(FALSE, TRUE, sizeof(guint32)); c->common_caps = g_array_new(FALSE, TRUE, sizeof(guint32)); @@ -1019,11 +1020,21 @@ static void spice_channel_failed_authentication(SpiceChannel *channel, { SpiceChannelPrivate *c = channel->priv; - if (c->auth_needs_username_and_password) + if (c->auth_needs_username && c->auth_needs_password) g_set_error_literal(&c->error, SPICE_CLIENT_ERROR, SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME, _("Authentication failed: password and username are required")); + else if (c->auth_needs_username) + g_set_error_literal(&c->error, + SPICE_CLIENT_ERROR, + SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME, + _("Authentication failed: username is required")); + else if (c->auth_needs_password) + g_set_error_literal(&c->error, + SPICE_CLIENT_ERROR, + SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD, + _("Authentication failed: password is required")); else if (invalidPassword) g_set_error_literal(&c->error, SPICE_CLIENT_ERROR, @@ -1287,7 +1298,18 @@ spice_channel_gather_sasl_credentials(SpiceChannel *channel, switch (interact[ninteract].id) { case SASL_CB_AUTHNAME: case SASL_CB_USER: - c->auth_needs_username_and_password = TRUE; + c->auth_needs_username = TRUE; + break; + case SASL_CB_PASS: + c->auth_needs_password = TRUE; + break; + } + } + + for (ninteract = 0 ; interact[ninteract].id != 0 ; ninteract++) { + switch (interact[ninteract].id) { + case SASL_CB_AUTHNAME: + case SASL_CB_USER: if (spice_session_get_username(c->session) == NULL) return FALSE; @@ -2626,7 +2648,8 @@ static void channel_reset(SpiceChannel *channel, gboolean migrating) c->fd = -1; - c->auth_needs_username_and_password = FALSE; + c->auth_needs_username = FALSE; + c->auth_needs_password = FALSE; g_free(c->peer_msg); c->peer_msg = NULL; diff --git a/src/spice-client.h b/src/spice-client.h index b794472..32b79ea 100644 --- a/src/spice-client.h +++ b/src/spice-client.h @@ -67,6 +67,7 @@ G_BEGIN_DECLS * @SPICE_CLIENT_ERROR_USB_DEVICE_REJECTED: device redirection rejected by host * @SPICE_CLIENT_ERROR_USB_DEVICE_LOST: device disconnected (fatal IO error) * @SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD: password is required + * @SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME: username is required * @SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME: password and username are required * @SPICE_CLIENT_ERROR_USB_SERVICE: USB service error * @@ -78,6 +79,7 @@ typedef enum SPICE_CLIENT_ERROR_USB_DEVICE_REJECTED, SPICE_CLIENT_ERROR_USB_DEVICE_LOST, SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD, + SPICE_CLIENT_ERROR_AUTH_NEEDS_USERNAME, SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME, SPICE_CLIENT_ERROR_USB_SERVICE, } SpiceClientError; -- 2.5.0