diff options
author | David Woodhouse <David.Woodhouse@intel.com> | 2013-06-27 22:57:09 +0100 |
---|---|---|
committer | David Woodhouse <David.Woodhouse@intel.com> | 2013-09-13 14:38:36 +0100 |
commit | 2b9345730cd95ea9efb4e1b78d40574f6c316f96 (patch) | |
tree | 6af6a7f757cd1e281aa58d4b1dbe53c7091e70c5 | |
parent | b63d08471391c35b7c67d414f24fecf0d1810c74 (diff) | |
download | libsoup-2b9345730cd95ea9efb4e1b78d40574f6c316f96.tar.gz |
Bug 703186 - fallback from automatic NTLM auth not working
There were two issues. Firstly, when the automatic NTLM authentication
failed we were setting conn->state to SOUP_NTLM_FAILED. So although we
would emit the 'authenticate' signal and obtain a password, we'd never
actually *try* it. We have the SOUP_NTLM_SSO_FAILED state for this, which
makes it work.
Secondly, the resulting 'authenticate' signal we being emitted with the
'retrying' property set, even when it was the first time we actually asked
for a password. This was confusing Evolution (bug 703181 comments 1-3).
Fix the latter problem by making soup_auth_ntlm_is_connection_ready()
return TRUE when the state is SOUP_NTLM_SSO_FAILED. That makes
auth_got_headers() do the right thing, and Evolution is happy again.
With this fixed, Evolution will now automatically try to connect to an
Exchange server using automatic NTLM authentication, and will fall back
to asking for a password only if it actually needs to.
-rw-r--r-- | libsoup/soup-auth-ntlm.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/libsoup/soup-auth-ntlm.c b/libsoup/soup-auth-ntlm.c index cff469f7..19be6928 100644 --- a/libsoup/soup-auth-ntlm.c +++ b/libsoup/soup-auth-ntlm.c @@ -298,8 +298,6 @@ soup_auth_ntlm_update_connection (SoupConnectionAuth *auth, SoupMessage *msg, return FALSE; if (conn->state > SOUP_NTLM_SENT_REQUEST) { - conn->state = SOUP_NTLM_FAILED; - if (priv->password_state == SOUP_NTLM_PASSWORD_ACCEPTED) { /* We know our password is correct, so a 401 * means "permission denied". Since the conn @@ -307,11 +305,17 @@ soup_auth_ntlm_update_connection (SoupConnectionAuth *auth, SoupMessage *msg, * is_ready() for this message, so this will * cause a "retrying" authenticate signal. */ + conn->state = SOUP_NTLM_FAILED; return TRUE; } - /* Otherwise, we just have a bad password. */ - priv->password_state = SOUP_NTLM_PASSWORD_REJECTED; + if (priv->sso_available) { + conn->state = SOUP_NTLM_SSO_FAILED; + priv->password_state = SOUP_NTLM_PASSWORD_NONE; + } else { + conn->state = SOUP_NTLM_FAILED; + priv->password_state = SOUP_NTLM_PASSWORD_REJECTED; + } return TRUE; } @@ -433,7 +437,7 @@ soup_auth_ntlm_is_connection_ready (SoupConnectionAuth *auth, if (priv->password_state == SOUP_NTLM_PASSWORD_PROVIDED) return TRUE; - return conn->state != SOUP_NTLM_FAILED && conn->state != SOUP_NTLM_SSO_FAILED; + return conn->state != SOUP_NTLM_FAILED; } static void |