[evolution-ews/evolution-ews-3-12] Bug 703181 - Work around libsoup's failure to recover from NTLM auth failure
- From: David Woodhouse <dwmw2 src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [evolution-ews/evolution-ews-3-12] Bug 703181 - Work around libsoup's failure to recover from NTLM auth failure
- Date: Wed, 23 Jul 2014 16:10:33 +0000 (UTC)
commit c75a7a818e4448277932d69ee41cd1ad629f7207
Author: David Woodhouse <David Woodhouse intel com>
Date: Tue Jul 22 16:13:38 2014 +0100
Bug 703181 - Work around libsoup's failure to recover from NTLM auth failure
Left to its own devices, libsoup will end up with NTLM authentication
permanently in SOUP_NTLM_FAILED state, even if we give it a new password.
Even without winbind/ntlm_auth in the picture, this was a problem. If a
user mistyped their password once, it wouldn't be accepted on the second
attempt even if they did get it right.
With automatic NTLM authentication being attempted, this failed state was
happening even more frequently. Hence the reversion of commit addcca8 when
it was noticed (see bug 703181 comments 20-21).
Proper fixes are going into libsoup, of course, but this serves to work
around it for now by cancelling the message when we can't authenticate.
(cherry picked from commit ba4f47aa266d5e36ad0077d575524330c8038402)
src/server/e-ews-connection.c | 16 ++++++++++++++--
src/server/e-ews-notification.c | 15 ++++++++++++++-
2 files changed, 28 insertions(+), 3 deletions(-)
---
diff --git a/src/server/e-ews-connection.c b/src/server/e-ews-connection.c
index 352855a..eedb5dd 100644
--- a/src/server/e-ews-connection.c
+++ b/src/server/e-ews-connection.c
@@ -1898,9 +1898,21 @@ ews_connection_authenticate (SoupSession *sess,
user = camel_network_settings_dup_user (network_settings);
password = e_ews_connection_dup_password (cnc);
-
- if (password != NULL)
+ if (password != NULL) {
soup_auth_authenticate (auth, user, password);
+ } else {
+ /* The NTLM implementation in libsoup doesn't cope very well
+ * with recovering from authentication failures (bug 703181).
+ * So cancel the message now while it's in-flight, and we'll
+ * get a shiny new connection for the next attempt. */
+ const char *scheme = soup_auth_get_scheme_name (auth);
+
+ if (!g_ascii_strcasecmp(scheme, "NTLM")) {
+ soup_session_cancel_message(cnc->priv->soup_session,
+ msg,
+ SOUP_STATUS_UNAUTHORIZED);
+ }
+ }
g_free (password);
g_free (user);
diff --git a/src/server/e-ews-notification.c b/src/server/e-ews-notification.c
index d984d72..df6c43a 100644
--- a/src/server/e-ews-notification.c
+++ b/src/server/e-ews-notification.c
@@ -87,8 +87,21 @@ ews_notification_authenticate (SoupSession *session,
password = e_ews_connection_dup_password (connection);
- if (password != NULL)
+ if (password != NULL) {
soup_auth_authenticate (auth, user, password);
+ } else {
+ /* The NTLM implementation in libsoup doesn't cope very well
+ * with recovering from authentication failures (bug 703181).
+ * So cancel the message now while it's in-flight, and we'll
+ * get a shiny new connection for the next attempt. */
+ const char *scheme = soup_auth_get_scheme_name (auth);
+
+ if (!g_ascii_strcasecmp(scheme, "NTLM")) {
+ soup_session_cancel_message(notification->priv->soup_session,
+ message,
+ SOUP_STATUS_UNAUTHORIZED);
+ }
+ }
g_free (password);
g_free (user);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]