After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 788238 - Fallback to another authentication type if the current failed
Fallback to another authentication type if the current failed
Status: RESOLVED FIXED
Product: libsoup
Classification: Core
Component: HTTP Transport
unspecified
Other Linux
: Normal normal
: ---
Assigned To: libsoup-maint@gnome.bugs
libsoup-maint@gnome.bugs
Depends on:
Blocks:
 
 
Reported: 2017-09-27 13:26 UTC by Tomas Popela
Modified: 2017-10-04 18:23 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
Proposed patch (1.80 KB, patch)
2017-09-27 13:32 UTC, Tomas Popela 		none Details | Review
Address review comments (1.63 KB, patch)
2017-09-27 17:04 UTC, Tomas Popela 		accepted-commit_now Details | Review

Description Tomas Popela 2017-09-27 13:26:42 UTC 
Fallback to another authentication type if the current type failed. More specifically if the Negotiate failed (kerberos is not properly configured), then libsoup should fallback to Basic auth (if server supports it). Currently in a such case it is not possible to load the page at all (in WebKitGTK+).
Comment 1 Tomas Popela 2017-09-27 13:32:03 UTC 
Created attachment 360532 [details] [review]
Proposed patch
Comment 2 Dan Winship 2017-09-27 15:29:03 UTC 
Comment on attachment 360532 [details] [review]
Proposed patch

Ah... the code was written assuming that soup_auth_new() would never fail for a known type. I think you could simplify this patch by just moving the "auth = soup_auth_new ..." inside the loop, and only break out of the loop if it succeeds.
Comment 3 Tomas Popela 2017-09-27 17:04:03 UTC 
Created attachment 360555 [details] [review]
Address review comments
Comment 4 Tomas Popela 2017-09-29 09:15:41 UTC 
Fixed with the following commits:

commit adb51cb5 in the gnome-3-22 branch
commit bf183e2a in the gnome-3-24 branch
commit 6a1ab1ee in the master branch
Comment 5 David Woodhouse 2017-10-04 08:59:03 UTC 
Drive-by heckling... does this handle the fact that GSSAPI auth is per-connection, while others are per-request?
Comment 6 Dan Winship 2017-10-04 18:23:40 UTC 
That already worked fine. The title is slightly confusing; it's talking about failure to construct a SoupAuth, not failure to perform auth-specific negotiation with the peer.