Mercurial > pidgin.yaz
comparison libpurple/protocols/jabber/auth.c @ 21853:c95eaf2ae085
If no sasl mechs are appropriate, attempt a jabber:iq:auth connection. Note that this isn't the same as a failed authentication over sasl. Detailed comments in the code regarding my reasoning for this behavior.
author | Evan Schoenberg <evan.s@dreskin.net> |
---|---|
date | Mon, 17 Dec 2007 23:18:34 +0000 |
parents | 665e04562de0 |
children | cb715de60eb2 |
comparison
equal
deleted
inserted
replaced
21850:944f7ada49e0 | 21853:c95eaf2ae085 |
---|---|
328 2, js->gc->account, NULL, NULL, js->gc->account, | 328 2, js->gc->account, NULL, NULL, js->gc->account, |
329 allow_cyrus_plaintext_auth, | 329 allow_cyrus_plaintext_auth, |
330 disallow_plaintext_auth); | 330 disallow_plaintext_auth); |
331 g_free(msg); | 331 g_free(msg); |
332 return; | 332 return; |
333 /* Everything else has failed, so fail the | 333 |
334 * connection. Should probably have a better | |
335 * error here. | |
336 */ | |
337 } else { | 334 } else { |
338 purple_connection_error_reason (js->gc, | 335 /* We have no mechs which can work. |
339 PURPLE_CONNECTION_ERROR_AUTHENTICATION_IMPOSSIBLE, | 336 * Try falling back on the old jabber:iq:auth method. We get here if the server supports |
340 _("Server does not use any supported authentication method")); | 337 * one or more sasl mechs, we are compiled with cyrus-sasl support, but we support or can connect with none of |
338 * the offerred mechs. jabberd 2.0 w/ SASL and Apple's iChat Server 10.5 both handle and expect | |
339 * jabber:iq:auth in this situation. iChat Server in particular offers SASL GSSAPI by default, which is often | |
340 * not configured on the client side, and expects a fallback to jabber:iq:auth when it (predictably) fails. | |
341 * | |
342 * Note: xep-0078 points out that using jabber:iq:auth after a sasl failure is wrong. However, | |
343 * I believe this refers to actual authentication failure, not a simple lack of concordant mechanisms. | |
344 * Doing otherwise means that simply compiling with SASL support renders the client unable to connect to servers | |
345 * which would connect without issue otherwise. -evands | |
346 */ | |
347 jabber_auth_start_old(js); | |
341 return; | 348 return; |
342 } | 349 } |
343 /* not reached */ | 350 /* not reached */ |
344 break; | 351 break; |
345 | 352 |