Mercurial > pidgin
changeset 30010:1518b6b70556
jabber: Blacklist EXTERNAL when using Cyrus. Allows connecting when it's advertised.
This fixes what I think is a bug/quirk in Cyrus SASL. The EXTERNAL mech
returns SASL_NOMECH to indicate the client hasn't set the necessary data,
except SASL_NOMECH is supposed to mean (AFAICT) "None of the mechs given
are supported/meet the current security requirements". No other mech
does that!
| author | Paul Aurich <paul@darkrain42.org> |
|---|---|
| date | Fri, 21 May 2010 05:35:33 +0000 |
| parents | 1b1fee952341 |
| children | 2519dd5b92c5 da8c00c5b4e5 |
| files | ChangeLog libpurple/protocols/jabber/auth_cyrus.c |
| diffstat | 2 files changed, 7 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Fri May 21 05:28:59 2010 +0000 +++ b/ChangeLog Fri May 21 05:35:33 2010 +0000 @@ -18,6 +18,10 @@ * Fix unnecessary bandwidth consumption for buddy icon requests when buddies have capital letters in their passport addresses. + XMPP: + * Allow connecting to servers that advertise EXTERNAL (broken in + 2.7.0) + version 2.7.0 (05/12/2010): General: * Changed GTK+ minimum version requirement to 2.10.0.
--- a/libpurple/protocols/jabber/auth_cyrus.c Fri May 21 05:28:59 2010 +0000 +++ b/libpurple/protocols/jabber/auth_cyrus.c Fri May 21 05:35:33 2010 +0000 @@ -408,7 +408,8 @@ { char *mech_name = xmlnode_get_data(mechnode); - if (!mech_name || !*mech_name) { + if (!mech_name || !*mech_name || + g_str_equal(mech_name, "EXTERNAL")) { g_free(mech_name); continue; } @@ -550,7 +551,7 @@ return jabber_auth_start_cyrus(js, reply, error); - } else if ((js->auth_fail_count == 1) && + } else if ((js->auth_fail_count == 1) && (js->current_mech && g_str_equal(js->current_mech, "GSSAPI"))) { /* If we tried GSSAPI first, it failed, and it was the only method we had to try, try jabber:iq:auth * for compatibility with iChat 10.5 Server and other jabberd based servers.