Hi all, attached is a patch which addresses the following issue: - the POP or SMTP server advertises Kerberos (GSSAPI) authentication, and Balsa is built w/ GSS support - user does not have a Kerberos ticket (but a password) - GSS auth fails, and Balsa stops authentication. This /might/ be the issue detected by John Jack Doe recently. With the patch, if GSS is supported and available, Balsa will first emit the signal to get the user name, but not the password, and try GSS authentication. If the GSS authentication fails, the signal is emitted again, but now /with/ requesting the password, and the most secure of the other auth methods is tried. This avoids the situation outlined above, whilst avoiding unnecessary password requests. Opinions? Best, Albrecht. --- Patch details: - libnetclient/net-client-pop.c, libnetclient/net-client-smtp.c: retry auth with password if GSS auth failed; small performance improvement checking the various auth methods - libnetclient/net-client-utils.c: print more (internal) debug info about failed GSS operations, fix nit-picks
Attachment:
gss-auth-fallback.diff.bz2
Description: application/bzip
Attachment:
pgpifhznETk_K.pgp
Description: PGP signature