[evolution/gnome-3-8] Bug 703181 - Asked for password which is never used



commit 447f7d38f3c759de7ccd999b6ef99795239f806d
Author: David Woodhouse <David Woodhouse intel com>
Date:   Thu Jun 27 22:03:49 2013 +0100

    Bug 703181 - Asked for password which is never used
    
    When the SASL mechanism reports that it can try an "empty password", give
    it the opportunity to do so before we demand that the user provide one.
    
    (Patch mostly by mbarnes; thanks)
    
    (cherry picked from commit 046a17ba199e79b44337ac376131a2d566a3e7d8)

 libemail-engine/e-mail-session.c |   36 +++++++++++++++++++++++++++---------
 1 files changed, 27 insertions(+), 9 deletions(-)
---
diff --git a/libemail-engine/e-mail-session.c b/libemail-engine/e-mail-session.c
index db756ee..a517f2a 100644
--- a/libemail-engine/e-mail-session.c
+++ b/libemail-engine/e-mail-session.c
@@ -1505,6 +1505,7 @@ mail_session_authenticate_sync (CamelSession *session,
        CamelAuthenticationResult result;
        const gchar *uid;
        gboolean authenticated;
+       gboolean try_empty_password = FALSE;
        GError *local_error = NULL;
 
        /* Do not chain up.  Camel's default method is only an example for
@@ -1541,23 +1542,28 @@ mail_session_authenticate_sync (CamelSession *session,
                CamelProvider *provider;
                CamelSasl *sasl;
                const gchar *service_name;
-               gboolean success = FALSE;
 
                provider = camel_service_get_provider (service);
                service_name = provider->protocol;
 
                /* XXX Would be nice if camel_sasl_try_empty_password_sync()
-                *     returned CamelAuthenticationResult so it's easier to
-                *     detect errors. */
+                *     returned the result in an "out" parameter so it's
+                *     easier to distinguish errors from a "no" answer.
+                * YYY There are precisely two states. Either we appear to
+                *     have credentials (although we don't yet know if the
+                *     server would *accept* them, of course). Or we don't
+                *     have any credentials, and we can't even try. There
+                *     is no middle ground.
+                *     N.B. For 'have credentials', read 'the ntlm_auth
+                *          helper exists and at first glance seems to
+                *          be responding sanely'. */
                sasl = camel_sasl_new (service_name, mechanism, service);
                if (sasl != NULL) {
-                       success = camel_sasl_try_empty_password_sync (
+                       try_empty_password =
+                               camel_sasl_try_empty_password_sync (
                                sasl, cancellable, &local_error);
                        g_object_unref (sasl);
                }
-
-               if (success)
-                       return TRUE;
        }
 
        /* Abort authentication if we got cancelled.
@@ -1581,9 +1587,21 @@ mail_session_authenticate_sync (CamelSession *session,
 
        auth = e_mail_authenticator_new (service, mechanism);
 
-       authenticated = e_source_registry_authenticate_sync (
-               registry, source, auth, cancellable, error);
+       result = CAMEL_AUTHENTICATION_REJECTED;
+
+       if (try_empty_password) {
+               result = camel_service_authenticate_sync (
+                       service, mechanism, cancellable, error);
+       }
 
+       if (result == CAMEL_AUTHENTICATION_REJECTED) {
+               /* We need a password, preferrably one cached in
+                * the keyring or else by interactive user prompt. */
+               authenticated = e_source_registry_authenticate_sync (
+                       registry, source, auth, cancellable, error);
+       } else {
+               authenticated = (result == CAMEL_AUTHENTICATION_ACCEPTED);
+       }
        g_object_unref (auth);
 
        g_object_unref (source);


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]