[virt-tools-list] [v2: virt-viewer: PATCH 1/3] Ask for username when connecting with SASL

Christophe Fergeau cfergeau at redhat.com
Mon Oct 6 13:24:45 UTC 2014


Hey,

Series looks good to me, ACK.

Christophe

On Mon, Oct 06, 2014 at 01:58:02PM +0200, Fabiano Fidêncio wrote:
> When connecting with SASL for authentication, some authentication
> mechanisms need a username (the plain text and md5 ones, for example).
> ---
> Changes since v1:
> - Fix typos
> - Improve the error message on reconnecting
> - Always set username property
> ---
>  src/virt-viewer-session-spice.c | 33 ++++++++++++++++++++++++++++++---
>  1 file changed, 30 insertions(+), 3 deletions(-)
> 
> diff --git a/src/virt-viewer-session-spice.c b/src/virt-viewer-session-spice.c
> index 885399c..2d142d2 100644
> --- a/src/virt-viewer-session-spice.c
> +++ b/src/virt-viewer-session-spice.c
> @@ -483,6 +483,7 @@ virt_viewer_session_spice_main_channel_event(SpiceChannel *channel G_GNUC_UNUSED
>      VirtViewerSessionSpice *self = VIRT_VIEWER_SESSION_SPICE(session);
>      gchar *password = NULL, *user = NULL;
>      gboolean ret;
> +    static gboolean username_required = FALSE;
>  
>      g_return_if_fail(self != NULL);
>  
> @@ -502,22 +503,47 @@ virt_viewer_session_spice_main_channel_event(SpiceChannel *channel G_GNUC_UNUSED
>          g_debug("main channel: switching host");
>          break;
>      case SPICE_CHANNEL_ERROR_AUTH:
> -        g_debug("main channel: auth failure (wrong password?)");
> +    {
> +        const GError *error = NULL;
> +        g_debug("main channel: auth failure (wrong username/password?)");
> +
> +#if SPICE_GTK_CHECK_VERSION(0, 23, 21)
> +        {
> +            error = spice_channel_get_error(channel);
> +            if (error != NULL) {
> +                /* When the password is invalid, SPICE_CHANNEL_ERROR_AUTH is
> +                 * returned with no GError associated. */
> +                username_required = g_error_matches(error,
> +                                                    SPICE_CHANNEL_ERROR,
> +                                                    SPICE_CHANNEL_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME);
> +            }
> +        }
> +#endif
>  
>          if (self->priv->pass_try > 0)
>              g_signal_emit_by_name(session, "session-auth-failed",
> -                                  _("invalid password"));
> +                                  error != NULL ? error->message : _("Invalid password"));
>          self->priv->pass_try++;
>  
> +        /* A username is *only* pre-filled in case where some authentication
> +         * error happened. Unfortunately, we don't have a clear way to
> +         * differantiate between invalid username and invalid password.
> +         * So, in both cases the username entry will be pre-filled with the
> +         * username used in the previous attempt. */
> +        if (username_required)
> +            g_object_get(self->priv->session, "username", &user, NULL);
> +
>          ret = virt_viewer_auth_collect_credentials(self->priv->main_window,
>                                                     "SPICE",
>                                                     NULL,
> -                                                   NULL, &password);
> +                                                   username_required ? &user : NULL,
> +                                                   &password);
>          if (!ret) {
>              g_signal_emit_by_name(session, "session-cancelled");
>          } else {
>              gboolean openfd;
>  
> +            g_object_set(self->priv->session, "username", user, NULL);
>              g_object_set(self->priv->session, "password", password, NULL);
>              g_object_get(self->priv->session, "client-sockets", &openfd, NULL);
>  
> @@ -527,6 +553,7 @@ virt_viewer_session_spice_main_channel_event(SpiceChannel *channel G_GNUC_UNUSED
>                  spice_session_connect(self->priv->session);
>          }
>          break;
> +    }
>      case SPICE_CHANNEL_ERROR_CONNECT:
>  #if SPICE_GTK_CHECK_VERSION(0, 23, 21)
>      {
> -- 
> 2.1.0
> 
> _______________________________________________
> virt-tools-list mailing list
> virt-tools-list at redhat.com
> https://www.redhat.com/mailman/listinfo/virt-tools-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/virt-tools-list/attachments/20141006/656ec3a8/attachment.sig>


More information about the virt-tools-list mailing list