[virt-tools-list] [virt-viewer: PATCH 1/3] Ask for username when connecting with SASL
Fabiano Fidêncio
fidencio at redhat.com
Wed Oct 1 14:41:28 UTC 2014
When connecting with SASL for authentication, some authentication
mechanisms need a username (the plain text and md5 ones, for example).
---
For testing the patch, please, apply:
http://lists.freedesktop.org/archives/spice-devel/2014-October/017505.html
---
src/virt-viewer-session-spice.c | 35 +++++++++++++++++++++++++++++++++--
1 file changed, 33 insertions(+), 2 deletions(-)
diff --git a/src/virt-viewer-session-spice.c b/src/virt-viewer-session-spice.c
index 885399c..41a9a49 100644
--- a/src/virt-viewer-session-spice.c
+++ b/src/virt-viewer-session-spice.c
@@ -483,6 +483,7 @@ virt_viewer_session_spice_main_channel_event(SpiceChannel *channel G_GNUC_UNUSED
VirtViewerSessionSpice *self = VIRT_VIEWER_SESSION_SPICE(session);
gchar *password = NULL, *user = NULL;
gboolean ret;
+ static gboolean username_required = FALSE;
g_return_if_fail(self != NULL);
@@ -502,22 +503,52 @@ virt_viewer_session_spice_main_channel_event(SpiceChannel *channel G_GNUC_UNUSED
g_debug("main channel: switching host");
break;
case SPICE_CHANNEL_ERROR_AUTH:
- g_debug("main channel: auth failure (wrong password?)");
+ g_debug("main channel: auth failure (wrong username/password?)");
+#if SPICE_GTK_CHECK_VERSION(0, 23, 21)
+ {
+ const GError *error = spice_channel_get_error(channel);
+ if (error != NULL) {
+ /* When the password is invalid, SPICE_CHANNEL_ERROR_AUTH is
+ * returned with no GError associated. It means we just want
+ * to change the 'user_required' according to the first try
+ * to connect to the server and where a GError will be set to
+ * indicate if the authentication needs password and username
+ * (SALS case when using authentication mechanisms like
+ * md5-digest or plain-text) or if the authencation needs the
+ * password only. */
+ username_required = g_error_matches(error,
+ SPICE_CHANNEL_ERROR,
+ SPICE_CHANNEL_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME);
+ }
+ }
+#endif
if (self->priv->pass_try > 0)
g_signal_emit_by_name(session, "session-auth-failed",
_("invalid password"));
+
self->priv->pass_try++;
+ /* A username is *only* pre-filled in case where some authentication
+ * error happened. Unfortunately, we don't have a clear way to
+ * differantiate bewteen invalid username and invalid password.
+ * So, in both cases the username entry will be pre-filled with the
+ * username used in the previous attempt. */
+ if (username_required)
+ g_object_get(self->priv->session, "username", &user, NULL);
+
ret = virt_viewer_auth_collect_credentials(self->priv->main_window,
"SPICE",
NULL,
- NULL, &password);
+ username_required ? &user : NULL,
+ &password);
if (!ret) {
g_signal_emit_by_name(session, "session-cancelled");
} else {
gboolean openfd;
+ if (username_required)
+ g_object_set(self->priv->session, "username", user, NULL);
g_object_set(self->priv->session, "password", password, NULL);
g_object_get(self->priv->session, "client-sockets", &openfd, NULL);
--
1.9.3
More information about the virt-tools-list
mailing list