After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 746455 - Cancel SoupMessage processing when should not authenticate
Cancel SoupMessage processing when should not authenticate
Status: RESOLVED INVALID
Product: librest
Classification: Platform
Component: proxy
git master
Other All
: Normal normal
: ---
Assigned To: librest-maint
librest-maint
Depends on:
Blocks:
 
 
Reported: 2015-03-19 13:21 UTC by Pavel Grunt
Modified: 2015-03-20 15:18 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
Cancel SoupMessage processing when should not authenticate (1.22 KB, patch)
2015-03-19 13:21 UTC, Pavel Grunt 		reviewed Details | Review

Description Pavel Grunt 2015-03-19 13:21:02 UTC 
Created attachment 299817 [details] [review]
Cancel SoupMessage processing when should not authenticate

Cancel the message processing if soup_auth_authenticate should not be called because of NULL parameters.

It can help determining the cause of authentication problem and it also silences runtime warnings in remote-viewer like: libsoup-CRITICAL **: soup_auth_authenticate: assertion 'password != NULL' failed
Comment 1 Christophe Fergeau 2015-03-19 14:23:02 UTC 
Review of attachment 299817 [details] [review]:

::: rest/rest-proxy.c
@@ +239,3 @@
+  if (try_auth && !rest_proxy_auth_is_paused (rest_auth)) {
+    if (priv->username != NULL && priv->password != NULL)
+      soup_auth_authenticate (soup_auth, priv->username, priv->password);

Hmm I think it could sometimes be valid to try to authenticate with no username/password?
Maybe introducing rest_proxy_auth_cancel() in the public API would be better?
Comment 2 Pavel Grunt 2015-03-19 14:36:57 UTC 
(In reply to Christophe Fergeau from comment #1)
> Review of attachment 299817 [details] [review] [review]:
> 
> ::: rest/rest-proxy.c
> @@ +239,3 @@
> +  if (try_auth && !rest_proxy_auth_is_paused (rest_auth)) {
> +    if (priv->username != NULL && priv->password != NULL)
> +      soup_auth_authenticate (soup_auth, priv->username, priv->password);
> 
> Hmm I think it could sometimes be valid to try to authenticate with no
> username/password?

Hm, in soup_auth_authenticate there are checks for NULL parameters, so the call has no effect:
	g_return_if_fail (username != NULL);
	g_return_if_fail (password != NULL);

> Maybe introducing rest_proxy_auth_cancel() in the public API would be better?

Ok, I will try this approach
Comment 3 Fabiano Fidêncio 2015-03-19 16:23:02 UTC 
(In reply to Christophe Fergeau from comment #1)
> Review of attachment 299817 [details] [review] [review]:
> 
> ::: rest/rest-proxy.c
> @@ +239,3 @@
> +  if (try_auth && !rest_proxy_auth_is_paused (rest_auth)) {
> +    if (priv->username != NULL && priv->password != NULL)
> +      soup_auth_authenticate (soup_auth, priv->username, priv->password);
> 
> Hmm I think it could sometimes be valid to try to authenticate with no
> username/password?

Would not be the case to send down "" instead of NULL? Or at least the case to treat it down as "" instead of NULL?
Comment 4 Christophe Fergeau 2015-03-19 16:53:55 UTC 
(In reply to Fabiano Fidêncio from comment #3)
> Would not be the case to send down "" instead of NULL?

Looks like it given that libsoup catches NULL username or password with g_return_if_fail() checks.
Comment 5 Christophe Fergeau 2015-03-20 15:02:27 UTC 
I'm still wary of having some magic behaviour in the authentication handling, especially with the documentation saying

   * If these credentials fail, the signal will be
   * emitted again, with @retrying set to %TRUE, which will
   * continue until %FALSE is returned from the callback.
 
(arguably, it does not say anything about what happens when the params are NULL).

Explicit API to do that would be better I think.
Comment 6 Pavel Grunt 2015-03-20 15:18:40 UTC 
Ok, I will do it that way.