[PATCH] Fix FTP/SFTP authentication cancellation

From: Christian Neumair <chris gnome-de org>
To: gnome-vfs-list gnome org
Subject: [PATCH] Fix FTP/SFTP authentication cancellation
Date: Fri, 07 Oct 2005 20:47:42 +0200

The attached patch is meant to fix FTP/SFTP (and finally, SMB and HTTP)
authentication issues. Together with a patch to Nautilus (work in
progress, just needs some cleanups), it will take care that a cancelled
authentication request is not displayed again.

caveats

a) SMB domain authentication cancellation still doesn't work (no clue
why)
b) Neon cancellation is tricky since Neon only knows two retvals (0, !0)
in its neon_session_supply_auth wrapper. Maybe we'll have to change API
and also try to push that patch upstream to Neon.
c) I refuse to work on the non-Neon HTTP method because it should IMHO
die a sudden death

-- 
Christian Neumair <chris gnome-de org>

Index: modules/ftp-method.c
===================================================================
RCS file: /cvs/gnome/gnome-vfs/modules/ftp-method.c,v
retrieving revision 1.117
diff -u -p -r1.117 ftp-method.c
--- modules/ftp-method.c	2 Jun 2005 14:10:56 -0000	1.117
+++ modules/ftp-method.c	7 Oct 2005 18:29:06 -0000
@@ -809,7 +809,8 @@ save_authn_info (GnomeVFSURI *uri,
 
 static gboolean
 query_user_for_authn_info (GnomeVFSURI *uri, 
-			   char **user, char **pass, char **keyring, gboolean *save,
+			   char **user, char **pass, char **keyring,
+			   gboolean *save, gboolean *aborted,
 			   gboolean no_username)
 {
 	GnomeVFSModuleCallbackFullAuthenticationIn in_args;
@@ -851,7 +852,7 @@ query_user_for_authn_info (GnomeVFSURI *
                 goto error;
         }
 	
-        ret = !out_args.abort_auth;
+	*aborted = out_args.abort_auth;
 	
         if (!ret) {
                 goto error;
@@ -882,8 +883,8 @@ query_user_for_authn_info (GnomeVFSURI *
        	g_free (out_args.domain);
        	g_free (out_args.password);
        	g_free (out_args.keyring);
-	
-	return ret;
+
+	return ret && !out_args.abort_auth;
 } 
 
 static gboolean
@@ -1249,6 +1250,7 @@ ftp_connection_create (FtpConnectionPool
 	gboolean got_connection;
 	gboolean ret;
 	gboolean connection_failed;
+	gboolean aborted;
 	
 	cancellation = get_cancellation (context);
 	
@@ -1320,7 +1322,7 @@ ftp_connection_create (FtpConnectionPool
 				pool->num_connections++;
 				G_UNLOCK (connection_pools);
 				ret = query_user_for_authn_info (uri, &user, &pass, &keyring, &save_authn, 
-								 !uri_has_username); 
+								 &aborted, !uri_has_username); 
 				G_LOCK (connection_pools);
 				pool->num_connections--;
 				if (!ret) {
@@ -1330,7 +1332,12 @@ ftp_connection_create (FtpConnectionPool
 					g_free (user);
 					g_free (pass);
 					g_free (keyring);
-                                	return GNOME_VFS_ERROR_LOGIN_FAILED;
+
+					if (aborted) {
+						return GNOME_VFS_ERROR_CANCELLED;
+					} else {
+						return GNOME_VFS_ERROR_LOGIN_FAILED;
+					}
 				}
 				g_string_free (conn->response_buffer, TRUE);
                         	conn->response_buffer = g_string_new ("");
Index: modules/sftp-method.c
===================================================================
RCS file: /cvs/gnome/gnome-vfs/modules/sftp-method.c,v
retrieving revision 1.35
diff -u -p -r1.35 sftp-method.c
--- modules/sftp-method.c	18 Jul 2005 08:19:28 -0000	1.35
+++ modules/sftp-method.c	7 Oct 2005 18:29:09 -0000
@@ -927,7 +927,8 @@ invoke_full_auth (const GnomeVFSURI *uri
 		  char **user_out,
 		  char **object_out,
 		  char **authtype_out,
-		  gboolean *save_password_out)
+		  gboolean *save_password_out,
+		  gboolean *abort_auth_out)
 {
 	GnomeVFSModuleCallbackFullAuthenticationIn in_args;
 	GnomeVFSModuleCallbackFullAuthenticationOut out_args;
@@ -970,6 +971,8 @@ invoke_full_auth (const GnomeVFSURI *uri
 		*password_out = NULL;
 	}
 
+	*abort_auth_out = out_args.abort_auth;
+
 	g_free (in_args.uri);
 	g_free (in_args.username);
 	g_free (in_args.object);
@@ -1208,6 +1211,7 @@ sftp_connect (SftpConnection **connectio
 		char *endpos;
 		char *hostname = NULL;
 		char *fingerprint = NULL;
+		gboolean aborted;
 
 		if (client_vendor == SFTP_VENDOR_SSH) {
 			prompt_fd = err_fd;
@@ -1255,11 +1259,14 @@ sftp_connect (SftpConnection **connectio
 					g_io_channel_write_chars (tty_channel, "\n", 1, &len, NULL);
 					g_io_channel_flush (tty_channel, NULL);
 				} else if (invoke_full_auth (uri, done_auth, buffer, &password, &keyring, 
-							     &user, &object, &authtype, &save_password) && password != NULL) {
+							     &user, &object, &authtype, &save_password, &aborted) && password != NULL) {
 					full_auth = TRUE;
 					g_io_channel_write_chars (tty_channel, password, -1, &len, NULL);
 					g_io_channel_write_chars (tty_channel, "\n", 1, &len, NULL);
 					g_io_channel_flush (tty_channel, NULL);
+				} else if (aborted) {
+					res = GNOME_VFS_ERROR_CANCELLED;
+					goto bail;
 				} else {
 					res = GNOME_VFS_ERROR_ACCESS_DENIED;
 					goto bail;
Index: modules/smb-method.c
===================================================================
RCS file: /cvs/gnome/gnome-vfs/modules/smb-method.c,v
retrieving revision 1.33
diff -u -p -r1.33 smb-method.c
--- modules/smb-method.c	24 May 2005 16:41:44 -0000	1.33
+++ modules/smb-method.c	7 Oct 2005 18:29:09 -0000
@@ -922,13 +923,14 @@ prefill_authentication (SmbAuthContext *
 }
 
 static gboolean
-prompt_authentication (SmbAuthContext *actx)
+prompt_authentication (SmbAuthContext *actx,
+		       gboolean       *cancelled)
 {
 	/* IMPORTANT: We are NOT in the lock at this point */
 
 	GnomeVFSModuleCallbackFullAuthenticationIn in_args;
 	GnomeVFSModuleCallbackFullAuthenticationOut out_args;
-	gboolean invoked, cancelled = FALSE;
+	gboolean invoked;
 	
 	g_return_val_if_fail (actx != NULL, FALSE);
 	g_return_val_if_fail (actx->for_server != NULL, FALSE);
@@ -961,7 +963,7 @@ prompt_authentication (SmbAuthContext *a
 		 &out_args, sizeof (out_args));
 
 	if (invoked) {
-		cancelled = out_args.abort_auth;
+		*cancelled = out_args.abort_auth;
                 if (in_args.flags & GNOME_VFS_MODULE_CALLBACK_FULL_AUTHENTICATION_NEED_USERNAME) {
                      g_free (actx->use_user);
                        actx->use_user = string_dup_nzero (out_args.username);
@@ -1125,7 +1127,7 @@ init_authentication (SmbAuthContext *act
 static int
 perform_authentication (SmbAuthContext *actx)
 {
-	gboolean cont, auth_failed = FALSE;
+	gboolean cont, auth_failed = FALSE, auth_cancelled;
 	int ret = -1;
 	
 	/* IMPORTANT: We are IN the lock at this point */
@@ -1203,7 +1205,7 @@ perform_authentication (SmbAuthContext *
 				}
 				
 				if (!cont)
-					cont = prompt_authentication (actx);
+					cont = prompt_authentication (actx, &auth_cancelled);
 				
 			LOCK_SMB();
 			
@@ -1214,9 +1216,14 @@ perform_authentication (SmbAuthContext *
 			if (cont)
 				ret = 1;
 			else {
-				/* Note that we leave actx->res set to whatever it was set to */
-				DEBUG_SMB(("[auth] Authentication cancelled by user.\n"));
 				ret = -1;
+
+				if (auth_cancelled) {
+					actx->res = GNOME_VFS_ERROR_CANCELLED;
+				} else {
+					/* Note that we leave actx->res set to whatever it was set to */
+					DEBUG_SMB(("[auth] Authentication cancelled by user.\n"));
+				}
 			}
 					
 		/* Weird, don't want authentication, but failed */

Attachment: signature.asc
Description: This is a digitally signed message part

Follow-Ups:
- Re: [PATCH] Fix FTP/SFTP authentication cancellation
  - From: Christian Neumair
- Re: [PATCH] Fix FTP/SFTP authentication cancellation
  - From: Alexander Larsson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]