Bug 675306 – async HTTP authentication is complicated, API-wise

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 675306 - async HTTP authentication is complicated, API-wise


Summary:	async HTTP authentication is complicated, API-wise


Status:	RESOLVED OBSOLETE

Product:	libsoup
Classification:	Core
Component:	HTTP Transport
Version:	2.39.x
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	---
Assigned To:	libsoup-maint@gnome.bugs
QA Contact:	libsoup-maint@gnome.bugs

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2012-05-02 15:53 UTC by Sergio Villar
Modified:	2018-09-21 16:10 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Sergio Villar 2012-05-02 15:53:13 UTC

With current master, SoupSession auth manager fails to stop SoupMessages

(epiphany:7004): libsoup-CRITICAL **: soup_session_pause_message: assertion `!item->new_api' failed

Breakpoint 2, g_log (log_domain=0x7ffff4c0db65 "libsoup", log_level=G_LOG_LEVEL_CRITICAL, format=0x7ffff441d7a0 "%s: assertion `%s' failed") at gmessages.c:791
791	  va_start (args, format);
(gdb) bt

+ Trace 230170

#0 g_log
at gmessages.c line 791
#1 g_return_if_fail_warning
at gmessages.c line 801
#2 soup_session_pause_message
at soup-session.c line 2231
#3 auth_required
at soup-session-async.c line 513
#4 auth_manager_authenticate
at soup-session.c line 1574
#5 _soup_marshal_VOID__OBJECT_OBJECT_BOOLEAN
at soup-marshal.c line 165
#6 g_closure_invoke
at gclosure.c line 777
#7 signal_emit_unlocked_R
at gsignal.c line 3547
#8 g_signal_emit_valist
at gsignal.c line 3296
#9 g_signal_emit
at gsignal.c line 3352
#10 soup_auth_manager_emit_authenticate
at soup-auth-manager.c line 218
#11 authenticate_auth
at soup-auth-manager.c line 457
#12 update_auth
at soup-auth-manager.c line 528
#13 g_cclosure_marshal_VOID__VOID
at gmarshal.c line 85
#14 status_handler_metamarshal
at soup-message.c line 1262
#15 g_closure_invoke
at gclosure.c line 777
#16 signal_emit_unlocked_R
at gsignal.c line 3547
#17 g_signal_emit_valist
at gsignal.c line 3296
#18 g_signal_emit
at gsignal.c line 3352
#19 soup_message_got_headers
at soup-message.c line 1068
#20 io_read
at soup-message-io.c line 603
#21 io_run_until
at soup-message-io.c line 824
#22 soup_message_io_run_until_read
at soup-message-io.c line 898
#23 try_run_until_read
at soup-session-async.c line 683
#24 read_ready_cb
at soup-session-async.c line 672
#25 message_source_dispatch
at soup-message-io.c line 713

Comment 1 Dan Winship 2012-05-02 16:24:35 UTC

Ah, it only fails if you're using SoupPasswordManager. The solution might be "finally kill off SoupPasswordManager" (qv bug 594377).

Comment 2 Sergio Villar 2012-05-02 16:33:14 UTC

ohhhhh yeah, I never really liked that long #define :)

Comment 3 Sergio Villar 2012-05-02 16:55:25 UTC

(In reply to comment #1)
> Ah, it only fails if you're using SoupPasswordManager. The solution might be
> "finally kill off SoupPasswordManager" (qv bug 594377).

Well, just to clarify this comment, in the specific case of epy it will fail even when not using the SoupPasswordManager (for example running a private session "epiphany -p") but that's because webkitgtk+ GtkAuthenticationDialog tries to pause() the message when it's shown and unpause() it when the dialog is destroyed.

Comment 4 Dan Winship 2012-05-02 18:31:13 UTC

right, but that part can be fixed by using defersLoading instead of pause_message(). Pause was needed with the old SoupMessage API because otherwise the message would keep getting processed while you were asking for the password. But with the SoupRequest API, if you want the message to stop being processed, just stop reading from its stream.

Comment 5 Sergio Villar 2012-05-07 17:06:52 UTC

(In reply to comment #4)
> right, but that part can be fixed by using defersLoading instead of
> pause_message(). Pause was needed with the old SoupMessage API because
> otherwise the message would keep getting processed while you were asking for
> the password. But with the SoupRequest API, if you want the message to stop
> being processed, just stop reading from its stream.

That'd indeed work but there is no way to access the ResourceHandle from that dialog AFAIK.

Comment 6 Dan Winship 2012-05-07 17:28:04 UTC

You can store a pointer to the ResourceHandle on the message. (In fact, we already do.)

But anyway, it turns out that there's still a problem; defersLoading will have no effect until soup_request_send_async() returns, but by the time that returns, it's too late (libsoup has already failed the request).

I am pondering this. (Short-term solution will probably be to make pause/unpause work up until send_async() returns. Longer-term solution may involve reorganizing how authentication works.)

Comment 7 Dan Winship 2012-05-08 16:56:05 UTC

soup_session_pause_message() is now re-enabled for this case

Comment 8 Sergio Villar 2012-05-08 18:44:36 UTC

(In reply to comment #7)
> soup_session_pause_message() is now re-enabled for this case

Authentication seems to work again with that change but I'm getting this whenever a new download is triggered by webkitgtk

(GtkLauncher:13666): libsoup-CRITICAL **: soup_message_io_pause: assertion `io->read_state < SOUP_MESSAGE_IO_STATE_BODY' failed
(gdb) bt

+ Trace 230192

#0 g_log
at gmessages.c line 791
#1 g_return_if_fail_warning
at gmessages.c line 801
#2 soup_message_io_pause
at soup-message-io.c line 1090
#3 soup_session_pause_message
at soup-session.c line 2234
#4 webkit_download_new_with_handle
at ../../Source/WebKit/gtk/webkit/webkitdownload.cpp line 426
#5 webkit_web_view_request_download
at ../../Source/WebKit/gtk/webkit/webkitwebview.cpp line 3628

Comment 9 Dan Winship 2012-10-04 21:34:38 UTC

(In reply to comment #6)
> But anyway, it turns out that there's still a problem; defersLoading will have
> no effect until soup_request_send_async() returns, but by the time that
> returns, it's too late (libsoup has already failed the request).
> 
> I am pondering this. (Short-term solution will probably be to make
> pause/unpause work up until send_async() returns. Longer-term solution may
> involve reorganizing how authentication works.)

Figured out what I'm going to do here: soup_request_send() will just return an error, and you can call soup_request_get_auth() or something to get the pending auth, eventually call soup_auth_authenticate() on it, and then soup_request_send() the request again.

Comment 10 Dan Winship 2015-02-10 11:57:42 UTC

[mass-moving all "UNCONFIRMED" libsoup bugs to "NEW" after disabling the "UNCONFIRMED" status for this product now that bugzilla.gnome.org allows that. bugspam-libsoup-20150210]

Comment 11 Michael Catanzaro 2016-11-26 15:19:55 UTC

Is this bug obsolete...? The title is surely wrong: "HTTP authentication broken" is definitely not generally true.

Comment 12 Dan Winship 2016-11-28 12:32:46 UTC

The part that's still valid is that async authentication handling requires connecting to signals and calling soup_session_pause_message() at the right time, etc. Ideally there'd be a simpler way (as in comment 9)

Comment 13 GNOME Infrastructure Team 2018-09-21 16:10:39 UTC

-- GitLab Migration Automatic Message --

This bug has been migrated to GNOME's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/libsoup/issues/43.