Mercurial > pidgin

comparison libpurple/protocols/jabber/auth.c @ 21853:c95eaf2ae085

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
If no sasl mechs are appropriate, attempt a jabber:iq:auth connection. Note that this isn't the same as a failed authentication over sasl. Detailed comments in the code regarding my reasoning for this behavior.
author Evan Schoenberg <evan.s@dreskin.net>
date Mon, 17 Dec 2007 23:18:34 +0000
parents 665e04562de0
children cb715de60eb2
comparison
equal deleted inserted replaced
21850:944f7ada49e0 21853:c95eaf2ae085
328 2, js->gc->account, NULL, NULL, js->gc->account, 328 2, js->gc->account, NULL, NULL, js->gc->account,
329 allow_cyrus_plaintext_auth, 329 allow_cyrus_plaintext_auth,
330 disallow_plaintext_auth); 330 disallow_plaintext_auth);
331 g_free(msg); 331 g_free(msg);
332 return; 332 return;
333 /* Everything else has failed, so fail the 333
334 * connection. Should probably have a better
335 * error here.
336 */
337 } else { 334 } else {
338 purple_connection_error_reason (js->gc, 335 /* We have no mechs which can work.
339 PURPLE_CONNECTION_ERROR_AUTHENTICATION_IMPOSSIBLE, 336 * Try falling back on the old jabber:iq:auth method. We get here if the server supports
340 _("Server does not use any supported authentication method")); 337 * one or more sasl mechs, we are compiled with cyrus-sasl support, but we support or can connect with none of
338 * the offerred mechs. jabberd 2.0 w/ SASL and Apple's iChat Server 10.5 both handle and expect
339 * jabber:iq:auth in this situation. iChat Server in particular offers SASL GSSAPI by default, which is often
340 * not configured on the client side, and expects a fallback to jabber:iq:auth when it (predictably) fails.
341 *
342 * Note: xep-0078 points out that using jabber:iq:auth after a sasl failure is wrong. However,
343 * I believe this refers to actual authentication failure, not a simple lack of concordant mechanisms.
344 * Doing otherwise means that simply compiling with SASL support renders the client unable to connect to servers
345 * which would connect without issue otherwise. -evands
346 */
347 jabber_auth_start_old(js);
341 return; 348 return;
342 } 349 }
343 /* not reached */ 350 /* not reached */
344 break; 351 break;
345 352