Mercurial > pidgin
changeset 29977:7eeb5a9d1d80
merge of '45c13cbd9c56429c7ed3b9a147b1d76692f3968d'
and '55f17462bcdf93474447c4505853b919e1247311'
| author | Daniel Atallah <daniel.atallah@gmail.com> |
|---|---|
| date | Wed, 19 May 2010 03:26:38 +0000 |
| parents | 62f0988c666c (current diff) 6c148063fdfd (diff) |
| children | 3409f6235155 |
| files | pidgin/win32/nsis/langmacros.nsh pidgin/win32/nsis/translations/afrikaans.nsh pidgin/win32/nsis/translations/albanian.nsh pidgin/win32/nsis/translations/arabic.nsh pidgin/win32/nsis/translations/basque.nsh pidgin/win32/nsis/translations/bulgarian.nsh pidgin/win32/nsis/translations/catalan.nsh pidgin/win32/nsis/translations/czech.nsh pidgin/win32/nsis/translations/danish.nsh pidgin/win32/nsis/translations/dutch.nsh pidgin/win32/nsis/translations/english.nsh pidgin/win32/nsis/translations/finnish.nsh pidgin/win32/nsis/translations/french.nsh pidgin/win32/nsis/translations/galician.nsh pidgin/win32/nsis/translations/german.nsh pidgin/win32/nsis/translations/hebrew.nsh pidgin/win32/nsis/translations/hungarian.nsh pidgin/win32/nsis/translations/italian.nsh pidgin/win32/nsis/translations/japanese.nsh pidgin/win32/nsis/translations/korean.nsh pidgin/win32/nsis/translations/kurdish.nsh pidgin/win32/nsis/translations/lithuanian.nsh pidgin/win32/nsis/translations/norwegian.nsh pidgin/win32/nsis/translations/norwegian_nynorsk.nsh pidgin/win32/nsis/translations/persian.nsh pidgin/win32/nsis/translations/polish.nsh pidgin/win32/nsis/translations/portuguese-br.nsh pidgin/win32/nsis/translations/portuguese.nsh pidgin/win32/nsis/translations/romanian.nsh pidgin/win32/nsis/translations/russian.nsh pidgin/win32/nsis/translations/serbian-latin.nsh pidgin/win32/nsis/translations/simp-chinese.nsh pidgin/win32/nsis/translations/slovak.nsh pidgin/win32/nsis/translations/slovenian.nsh pidgin/win32/nsis/translations/spanish.nsh pidgin/win32/nsis/translations/swedish.nsh pidgin/win32/nsis/translations/trad-chinese.nsh pidgin/win32/nsis/translations/valencian.nsh pidgin/win32/nsis/translations/vietnamese.nsh |
| diffstat | 1 files changed, 23 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/libpurple/protocols/jabber/auth_cyrus.c Wed May 19 03:26:05 2010 +0000 +++ b/libpurple/protocols/jabber/auth_cyrus.c Wed May 19 03:26:38 2010 +0000 @@ -252,6 +252,25 @@ g_free(msg); return JABBER_SASL_STATE_CONTINUE; + } else + js->auth_fail_count++; + + if (js->auth_fail_count == 1 && + (js->sasl_mechs->str && g_str_equal(js->sasl_mechs->str, "GSSAPI"))) { + /* If we tried GSSAPI first, it failed, and it was the only method we had to try, try jabber:iq:auth + * for compatibility with iChat 10.5 Server and other jabberd based servers. + * + * iChat Server 10.5 and certain other corporate servers offer SASL GSSAPI by default, which is often + * not configured on the client side, and expects a fallback to jabber:iq:auth when it (predictably) fails. + * + * Note: xep-0078 points out that using jabber:iq:auth after a sasl failure is wrong. However, + * I believe this refers to actual authentication failure, not a simple lack of concordant mechanisms. + * Doing otherwise means that simply compiling with SASL support renders the client unable to connect to servers + * which would connect without issue otherwise. -evands + */ + js->auth_mech = NULL; + jabber_auth_start_old(js); + return JABBER_SASL_STATE_CONTINUE; } break; @@ -266,6 +285,8 @@ default: purple_debug_info("sasl", "sasl_state is %d, failing the mech and trying again\n", js->sasl_state); + js->auth_fail_count++; + /* * DAA: is this right? * The manpage says that "mech" will contain the chosen mechanism on success. @@ -522,9 +543,9 @@ } else if ((js->auth_fail_count == 1) && (js->current_mech && g_str_equal(js->current_mech, "GSSAPI"))) { /* If we tried GSSAPI first, it failed, and it was the only method we had to try, try jabber:iq:auth - * for compatibility with iChat 10.5 Server. + * for compatibility with iChat 10.5 Server and other jabberd based servers. * - * iChat Server 10.5 offers SASL GSSAPI by default, which is often + * iChat Server 10.5 and certain other corporate servers offer SASL GSSAPI by default, which is often * not configured on the client side, and expects a fallback to jabber:iq:auth when it (predictably) fails. * * Note: xep-0078 points out that using jabber:iq:auth after a sasl failure is wrong. However,