127 lines
4.8 KiB
Diff
127 lines
4.8 KiB
Diff
From 21acda1c51241ff2cce013509900e0a8373d409d Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
|
|
Date: Tue, 16 Dec 2014 14:24:24 +0100
|
|
Subject: [PATCH spice-gtk 2/6] channel: factorize failed authentication
|
|
|
|
There are a few things that should be common to all wrong authentication
|
|
cases. Let's put them all in the same function.
|
|
---
|
|
gtk/spice-channel-priv.h | 1 +
|
|
gtk/spice-channel.c | 62 ++++++++++++++++++++++++++----------------------
|
|
2 files changed, 34 insertions(+), 29 deletions(-)
|
|
|
|
diff --git a/gtk/spice-channel-priv.h b/gtk/spice-channel-priv.h
|
|
index 07012db..671e9fe 100644
|
|
--- a/gtk/spice-channel-priv.h
|
|
+++ b/gtk/spice-channel-priv.h
|
|
@@ -66,6 +66,7 @@ struct _SpiceMsgIn {
|
|
|
|
enum spice_channel_state {
|
|
SPICE_CHANNEL_STATE_UNCONNECTED = 0,
|
|
+ SPICE_CHANNEL_STATE_FAILED_AUTHENTICATION,
|
|
SPICE_CHANNEL_STATE_CONNECTING,
|
|
SPICE_CHANNEL_STATE_READY,
|
|
SPICE_CHANNEL_STATE_SWITCHING,
|
|
diff --git a/gtk/spice-channel.c b/gtk/spice-channel.c
|
|
index ea0ed34..d0e6df8 100644
|
|
--- a/gtk/spice-channel.c
|
|
+++ b/gtk/spice-channel.c
|
|
@@ -1052,6 +1052,29 @@ static void spice_channel_send_spice_ticket(SpiceChannel *channel)
|
|
}
|
|
|
|
/* coroutine context */
|
|
+static void spice_channel_failed_authentication(SpiceChannel *channel)
|
|
+{
|
|
+ SpiceChannelPrivate *c = channel->priv;
|
|
+
|
|
+ if (c->auth_needs_username_and_password)
|
|
+ g_set_error_literal(&c->error,
|
|
+ SPICE_CLIENT_ERROR,
|
|
+ SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME,
|
|
+ _("Authentication failed: password and username are required"));
|
|
+ else
|
|
+ g_set_error_literal(&c->error,
|
|
+ SPICE_CLIENT_ERROR,
|
|
+ SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD,
|
|
+ _("Authentication failed: password is required"));
|
|
+
|
|
+ c->state = SPICE_CHANNEL_STATE_FAILED_AUTHENTICATION;
|
|
+
|
|
+ g_coroutine_signal_emit(channel, signals[SPICE_CHANNEL_EVENT], 0, SPICE_CHANNEL_ERROR_AUTH);
|
|
+
|
|
+ c->has_error = TRUE; /* force disconnect */
|
|
+}
|
|
+
|
|
+/* coroutine context */
|
|
static void spice_channel_recv_auth(SpiceChannel *channel)
|
|
{
|
|
SpiceChannelPrivate *c = channel->priv;
|
|
@@ -1068,7 +1091,7 @@ static void spice_channel_recv_auth(SpiceChannel *channel)
|
|
|
|
if (link_res != SPICE_LINK_ERR_OK) {
|
|
CHANNEL_DEBUG(channel, "link result: reply %d", link_res);
|
|
- g_coroutine_signal_emit(channel, signals[SPICE_CHANNEL_EVENT], 0, SPICE_CHANNEL_ERROR_AUTH);
|
|
+ spice_channel_failed_authentication(channel);
|
|
return;
|
|
}
|
|
|
|
@@ -1310,22 +1333,6 @@ spice_channel_gather_sasl_credentials(SpiceChannel *channel,
|
|
#define SASL_MAX_MECHNAME_LEN 100
|
|
#define SASL_MAX_DATA_LEN (1024 * 1024)
|
|
|
|
-static void spice_channel_set_detailed_authentication_error(SpiceChannel *channel)
|
|
-{
|
|
- SpiceChannelPrivate *c = channel->priv;
|
|
-
|
|
- if (c->auth_needs_username_and_password)
|
|
- g_set_error_literal(&c->error,
|
|
- SPICE_CLIENT_ERROR,
|
|
- SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME,
|
|
- _("Authentication failed: password and username are required"));
|
|
- else
|
|
- g_set_error_literal(&c->error,
|
|
- SPICE_CLIENT_ERROR,
|
|
- SPICE_CLIENT_ERROR_AUTH_NEEDS_PASSWORD,
|
|
- _("Authentication failed: password is required"));
|
|
-}
|
|
-
|
|
/* Perform the SASL authentication process
|
|
*/
|
|
static gboolean spice_channel_perform_auth_sasl(SpiceChannel *channel)
|
|
@@ -1644,23 +1651,20 @@ restart:
|
|
complete:
|
|
CHANNEL_DEBUG(channel, "%s", "SASL authentication complete");
|
|
spice_channel_read(channel, &len, sizeof(len));
|
|
- if (len != SPICE_LINK_ERR_OK) {
|
|
- spice_channel_set_detailed_authentication_error(channel);
|
|
- g_coroutine_signal_emit(channel, signals[SPICE_CHANNEL_EVENT], 0, SPICE_CHANNEL_ERROR_AUTH);
|
|
+ if (len == SPICE_LINK_ERR_OK) {
|
|
+ ret = TRUE;
|
|
+ /* This must come *after* check-auth-result, because the former
|
|
+ * is defined to be sent unencrypted, and setting saslconn turns
|
|
+ * on the SSF layer encryption processing */
|
|
+ c->sasl_conn = saslconn;
|
|
+ goto cleanup;
|
|
}
|
|
- ret = len == SPICE_LINK_ERR_OK;
|
|
- /* This must come *after* check-auth-result, because the former
|
|
- * is defined to be sent unencrypted, and setting saslconn turns
|
|
- * on the SSF layer encryption processing */
|
|
- c->sasl_conn = saslconn;
|
|
- goto cleanup;
|
|
|
|
error:
|
|
if (saslconn)
|
|
sasl_dispose(&saslconn);
|
|
- spice_channel_set_detailed_authentication_error(channel);
|
|
- g_coroutine_signal_emit(channel, signals[SPICE_CHANNEL_EVENT], 0, SPICE_CHANNEL_ERROR_AUTH);
|
|
- c->has_error = TRUE; /* force disconnect */
|
|
+
|
|
+ spice_channel_failed_authentication(channel);
|
|
ret = FALSE;
|
|
|
|
cleanup:
|
|
--
|
|
2.1.0
|
|
|