[virt-tools-list] [PATCH] Ask for username when connecting with SASL
Fabiano Fidêncio
fidencio at redhat.com
Thu Sep 25 12:26:21 UTC 2014
When connecting with SASL for authentication, some authentication
mechanisms need a username (the plain text and md5 ones, for example).
---
For testing this patch, please, apply these 3 patches sent to
spice-devel at lists.freedesktop.org:
[0]: http://lists.freedesktop.org/archives/spice-devel/2014-September/017486.html
[1]: http://lists.freedesktop.org/archives/spice-devel/2014-September/017487.html
[2]: http://lists.freedesktop.org/archives/spice-devel/2014-September/017488.html
---
src/virt-viewer-auth.c | 2 +-
src/virt-viewer-session-spice.c | 80 +++++++++++++++++++++++++++++------------
2 files changed, 58 insertions(+), 24 deletions(-)
diff --git a/src/virt-viewer-auth.c b/src/virt-viewer-auth.c
index d08f2c0..973d360 100644
--- a/src/virt-viewer-auth.c
+++ b/src/virt-viewer-auth.c
@@ -72,7 +72,7 @@ virt_viewer_auth_collect_credentials(GtkWindow *window,
promptPassword = GTK_WIDGET(gtk_builder_get_object(creds, "prompt-password"));
checkPassword = GTK_WIDGET(gtk_builder_get_object(creds, "show-password"));
- gtk_widget_set_sensitive(credUsername, username != NULL);
+ gtk_widget_set_sensitive(credUsername, username != NULL && *username != NULL);
if (username && *username) {
gtk_entry_set_text(GTK_ENTRY(credUsername), *username);
/* if username is pre-filled, move focus to password field */
diff --git a/src/virt-viewer-session-spice.c b/src/virt-viewer-session-spice.c
index dd96fdf..49f4e7f 100644
--- a/src/virt-viewer-session-spice.c
+++ b/src/virt-viewer-session-spice.c
@@ -343,11 +343,19 @@ fill_session(VirtViewerFile *file, SpiceSession *session)
g_object_set(G_OBJECT(session), "port", port, NULL);
g_free(port);
}
+
if (virt_viewer_file_is_set(file, "tls-port")) {
gchar *tls_port = g_strdup_printf("%d", virt_viewer_file_get_tls_port(file));
g_object_set(G_OBJECT(session), "tls-port", tls_port, NULL);
g_free(tls_port);
}
+
+ if (virt_viewer_file_is_set(file, "username")) {
+ gchar *val = virt_viewer_file_get_username(file);
+ g_object_set(G_OBJECT(session), "username", val, NULL);
+ g_free(val);
+ }
+
if (virt_viewer_file_is_set(file, "password")) {
gchar *val = virt_viewer_file_get_password(file);
g_object_set(G_OBJECT(session), "password", val, NULL);
@@ -476,6 +484,50 @@ virt_viewer_session_spice_channel_open_fd_request(SpiceChannel *channel,
}
static void
+virt_viewer_session_spice_authenticate(VirtViewerSession *session,
+ gboolean username_required)
+{
+ VirtViewerSessionSpice *self = VIRT_VIEWER_SESSION_SPICE(session);
+ gchar *username = NULL;
+ gchar *password = NULL;
+ gboolean ret;
+
+ if (self->priv->pass_try > 0)
+ g_signal_emit_by_name(session, "session-auth-failed", _("invalid password"));
+
+ self->priv->pass_try++;
+
+ if (username_required)
+ username = g_strdup(g_get_user_name());
+
+ ret = virt_viewer_auth_collect_credentials(self->priv->main_window,
+ "SPICE",
+ NULL,
+ &username,
+ &password);
+ if (!ret) {
+ g_signal_emit_by_name(session, "session-cancelled");
+ } else {
+ gboolean openfd;
+
+ if (username_required) {
+ g_object_set(self->priv->session, "username", username, NULL);
+ username_required = FALSE;
+ }
+ g_object_set(self->priv->session, "password", password, NULL);
+ g_object_get(self->priv->session, "client-sockets", &openfd, NULL);
+
+ if (openfd)
+ spice_session_open_fd(self->priv->session, -1);
+ else
+ spice_session_connect(self->priv->session);
+ }
+
+ g_free(username);
+ g_free(password);
+}
+
+static void
virt_viewer_session_spice_main_channel_event(SpiceChannel *channel G_GNUC_UNUSED,
SpiceChannelEvent event,
VirtViewerSession *session)
@@ -483,6 +535,7 @@ virt_viewer_session_spice_main_channel_event(SpiceChannel *channel G_GNUC_UNUSED
VirtViewerSessionSpice *self = VIRT_VIEWER_SESSION_SPICE(session);
gchar *password = NULL, *user = NULL;
gboolean ret;
+ gboolean username_required = FALSE;
g_return_if_fail(self != NULL);
@@ -501,31 +554,12 @@ virt_viewer_session_spice_main_channel_event(SpiceChannel *channel G_GNUC_UNUSED
case SPICE_CHANNEL_SWITCHING:
g_debug("main channel: switching host");
break;
+ case SPICE_CHANNEL_ERROR_AUTH_USER_AND_PASS:
+ username_required = TRUE;
case SPICE_CHANNEL_ERROR_AUTH:
- g_debug("main channel: auth failure (wrong password?)");
-
- if (self->priv->pass_try > 0)
- g_signal_emit_by_name(session, "session-auth-failed",
- _("invalid password"));
- self->priv->pass_try++;
-
- ret = virt_viewer_auth_collect_credentials(self->priv->main_window,
- "SPICE",
- NULL,
- NULL, &password);
- if (!ret) {
- g_signal_emit_by_name(session, "session-cancelled");
- } else {
- gboolean openfd;
+ g_debug("main channel: auth failure (wrong %s?)", username_required ? "username" : "password");
- g_object_set(self->priv->session, "password", password, NULL);
- g_object_get(self->priv->session, "client-sockets", &openfd, NULL);
-
- if (openfd)
- spice_session_open_fd(self->priv->session, -1);
- else
- spice_session_connect(self->priv->session);
- }
+ virt_viewer_session_spice_authenticate(session, username_required);
break;
case SPICE_CHANNEL_ERROR_CONNECT:
#if SPICE_GTK_CHECK_VERSION(0, 23, 21)
--
1.9.3
More information about the virt-tools-list
mailing list