[Spice-devel] [v3: PATCH 2/3] Add "username" property to SpiceSession

2014-10-07 Thread Fabiano FidĂȘncio 
From: Dietmar Maurer 

---
Changes since v2:
- Parse the username from the URI instead of adding an additional parameter
---
 gtk/spice-session-priv.h |  2 ++
 gtk/spice-session.c  | 63 +---
 2 files changed, 61 insertions(+), 4 deletions(-)

diff --git a/gtk/spice-session-priv.h b/gtk/spice-session-priv.h
index 4b2c151..da43866 100644
--- a/gtk/spice-session-priv.h
+++ b/gtk/spice-session-priv.h
@@ -45,6 +45,7 @@ struct _SpiceSessionPrivate {
 char  *host;
 char  *port;
 char  *tls_port;
+char  *username;
 char  *password;
 char  *ca_file;
 char  *ciphers;
@@ -146,6 +147,7 @@ void spice_session_set_migration_state(SpiceSession 
*session, SpiceSessionMigrat
 void spice_session_set_port(SpiceSession *session, int port, gboolean tls);
 void spice_session_get_pubkey(SpiceSession *session, guint8 **pubkey, guint 
*size);
 guint spice_session_get_verify(SpiceSession *session);
+const gchar* spice_session_get_username(SpiceSession *session);
 const gchar* spice_session_get_password(SpiceSession *session);
 const gchar* spice_session_get_host(SpiceSession *session);
 const gchar* spice_session_get_cert_subject(SpiceSession *session);
diff --git a/gtk/spice-session.c b/gtk/spice-session.c
index 49afc97..17c18f9 100644
--- a/gtk/spice-session.c
+++ b/gtk/spice-session.c
@@ -111,7 +111,8 @@ enum {
 PROP_CA,
 PROP_PROXY,
 PROP_SECURE_CHANNELS,
-PROP_SHARED_DIR
+PROP_SHARED_DIR,
+PROP_USERNAME
 };
 
 /* signals */
@@ -217,6 +218,7 @@ spice_session_finalize(GObject *gobject)
 g_free(s->host);
 g_free(s->port);
 g_free(s->tls_port);
+g_free(s->username);
 g_free(s->password);
 g_free(s->ca_file);
 g_free(s->ciphers);
@@ -262,11 +264,12 @@ static int spice_uri_create(SpiceSession *session, char 
*dest, int len)
 static int spice_parse_uri(SpiceSession *session, const char *original_uri)
 {
 SpiceSessionPrivate *s = session->priv;
-gchar *host = NULL, *port = NULL, *tls_port = NULL, *uri = NULL, *password 
= NULL;
+gchar *host = NULL, *port = NULL, *tls_port = NULL, *uri = NULL, *username 
= NULL, *password = NULL;
 gchar *path = NULL;
 gchar *unescaped_path = NULL;
 gchar *authority = NULL;
 gchar *query = NULL;
+gchar *tmp = NULL;
 
 g_return_val_if_fail(original_uri != NULL, -1);
 
@@ -281,6 +284,22 @@ static int spice_parse_uri(SpiceSession *session, const 
char *original_uri)
 goto fail;
 }
 authority = uri + strlen(URI_SCHEME_SPICE);
+
+tmp = strchr(authority, '@');
+if (tmp) {
+gchar *buffer = g_strndup(authority, tmp - authority);
+if (strstr(buffer, "%40") == NULL) {
+username = buffer;
+buffer = NULL;
+} else {
+username = g_uri_unescape_string(buffer, NULL);
+g_free(buffer);
+}
+
+authority = ++tmp;
+tmp = NULL;
+}
+
 path = strchr(authority, '/');
 if (path) {
 path[0] = '\0';
@@ -303,7 +322,7 @@ static int spice_parse_uri(SpiceSession *session, const 
char *original_uri)
 /* Now process the individual parts */
 
 if (authority[0] == '[') {
-gchar *tmp = strchr(authority, ']');
+tmp = strchr(authority, ']');
 if (!tmp) {
 g_warning("Missing closing ']' in authority for URI '%s'", uri);
 goto fail;
@@ -314,7 +333,7 @@ static int spice_parse_uri(SpiceSession *session, const 
char *original_uri)
 if (tmp[0] == ':')
 port = g_strdup(tmp + 1);
 } else {
-gchar *tmp = strchr(authority, ':');
+tmp = strchr(authority, ':');
 if (tmp) {
 *tmp = '\0';
 tmp++;
@@ -375,10 +394,12 @@ static int spice_parse_uri(SpiceSession *session, const 
char *original_uri)
 g_free(s->host);
 g_free(s->port);
 g_free(s->tls_port);
+g_free(s->username);
 g_free(s->password);
 s->host = host;
 s->port = port;
 s->tls_port = tls_port;
+s->username = username;
 s->password = password;
 return 0;
 
@@ -388,6 +409,7 @@ fail:
 g_free(host);
 g_free(port);
 g_free(tls_port);
+g_free(username);
 g_free(password);
 return -1;
 }
@@ -412,6 +434,9 @@ static void spice_session_get_property(GObject*gobject,
 case PROP_TLS_PORT:
 g_value_set_string(value, s->tls_port);
break;
+case PROP_USERNAME:
+g_value_set_string(value, s->username);
+   break;
 case PROP_PASSWORD:
 g_value_set_string(value, s->password);
break;
@@ -522,6 +547,10 @@ static void spice_session_set_property(GObject  
*gobject,
 g_free(s->tls_port);
 s->tls_port = g_value_dup_string(value);
 break;
+case PROP_USERNAME:
+g_free(s->username);
+s->username = g_value_dup_string(value);
+break;
 case

[Spice-devel] [v3: PATCH 3/3] Add support to handle username when connecting with SASL

2014-10-07 Thread Fabiano FidĂȘncio 
Based on a patch from Dietmar Maurer 
http://lists.freedesktop.org/archives/spice-devel/2013-October/015138.html
---
Changes since v2:
Adapt the patch according to the changes made in the previous one
---
 gtk/spice-channel-priv.h |  1 +
 gtk/spice-channel.c  | 45 -
 po/POTFILES.in   |  1 +
 3 files changed, 42 insertions(+), 5 deletions(-)

diff --git a/gtk/spice-channel-priv.h b/gtk/spice-channel-priv.h
index 03eed38..6067abc 100644
--- a/gtk/spice-channel-priv.h
+++ b/gtk/spice-channel-priv.h
@@ -136,6 +136,7 @@ struct _SpiceChannelPrivate {
 GSList  *flushing;
 
 gbooleandisable_channel_msg;
+gbooleanauth_needs_username_and_password;
 GError  *error;
 };
 
diff --git a/gtk/spice-channel.c b/gtk/spice-channel.c
index a8b4e35..0086679 100644
--- a/gtk/spice-channel.c
+++ b/gtk/spice-channel.c
@@ -26,6 +26,8 @@
 #include "spice-marshal.h"
 #include "bio-gio.h"
 
+#include 
+
 #include 
 #include 
 #include 
@@ -118,6 +120,7 @@ static void spice_channel_init(SpiceChannel *channel)
 c->out_serial = 1;
 c->in_serial = 1;
 c->fd = -1;
+c->auth_needs_username_and_password = FALSE;
 strcpy(c->name, "?");
 c->caps = g_array_new(FALSE, TRUE, sizeof(guint32));
 c->common_caps = g_array_new(FALSE, TRUE, sizeof(guint32));
@@ -1253,6 +1256,7 @@ spice_channel_gather_sasl_credentials(SpiceChannel 
*channel,
 {
 SpiceChannelPrivate *c;
 int ninteract;
+gboolean ret = TRUE;
 
 g_return_val_if_fail(channel != NULL, FALSE);
 g_return_val_if_fail(channel->priv != NULL, FALSE);
@@ -1265,12 +1269,22 @@ spice_channel_gather_sasl_credentials(SpiceChannel 
*channel,
 switch (interact[ninteract].id) {
 case SASL_CB_AUTHNAME:
 case SASL_CB_USER:
-g_warn_if_reached();
+c->auth_needs_username_and_password = TRUE;
+if (spice_session_get_username(c->session) == NULL)
+return FALSE;
+
+interact[ninteract].result =  
spice_session_get_username(c->session);
+interact[ninteract].len = strlen(interact[ninteract].result);
 break;
 
 case SASL_CB_PASS:
-if (spice_session_get_password(c->session) == NULL)
-return FALSE;
+if (spice_session_get_password(c->session) == NULL) {
+/* Even if we reach this point, we have to continue looking for
+ * SASL_CB_AUTHNAME|SASL_CB_USER, otherwise we would return a
+ * wrong error to the applications */
+ret = FALSE;
+continue;
+}
 
 interact[ninteract].result =  
spice_session_get_password(c->session);
 interact[ninteract].len = strlen(interact[ninteract].result);
@@ -1280,7 +1294,7 @@ spice_channel_gather_sasl_credentials(SpiceChannel 
*channel,
 
 CHANNEL_DEBUG(channel, "Filled SASL interact");
 
-return TRUE;
+return ret;
 }
 
 /*
@@ -1319,6 +1333,22 @@ spice_channel_gather_sasl_credentials(SpiceChannel 
*channel,
 #define SASL_MAX_MECHNAME_LEN 100
 #define SASL_MAX_DATA_LEN (1024 * 1024)
 
+static void spice_channel_set_detailed_authentication_error(SpiceChannel 
*channel)
+{
+SpiceChannelPrivate *c = channel->priv;
+
+if (c->auth_needs_username_and_password)
+g_set_error_literal(&c->error,
+SPICE_CHANNEL_ERROR,
+
SPICE_CHANNEL_ERROR_AUTH_NEEDS_PASSWORD_AND_USERNAME,
+_("Authentication failed: password and username 
are required"));
+else
+g_set_error_literal(&c->error,
+SPICE_CHANNEL_ERROR,
+SPICE_CHANNEL_ERROR_AUTH_NEEDS_PASSWORD,
+_("Authentication failed: password is required"));
+}
+
 /* Perform the SASL authentication process
  */
 static gboolean spice_channel_perform_auth_sasl(SpiceChannel *channel)
@@ -1334,6 +1364,8 @@ static gboolean 
spice_channel_perform_auth_sasl(SpiceChannel *channel)
 const void *val;
 sasl_ssf_t ssf;
 static const sasl_callback_t saslcb[] = {
+{ .id = SASL_CB_USER },
+{ .id = SASL_CB_AUTHNAME },
 { .id = SASL_CB_PASS },
 { .id = 0 },
 };
@@ -1635,8 +1667,10 @@ restart:
 complete:
 CHANNEL_DEBUG(channel, "%s", "SASL authentication complete");
 spice_channel_read(channel, &len, sizeof(len));
-if (len != SPICE_LINK_ERR_OK)
+if (len != SPICE_LINK_ERR_OK) {
+spice_channel_set_detailed_authentication_error(channel);
 g_coroutine_signal_emit(channel, signals[SPICE_CHANNEL_EVENT], 0, 
SPICE_CHANNEL_ERROR_AUTH);
+}
 ret = len == SPICE_LINK_ERR_OK;
 /* This must come *after* check-auth-result, because the former
  * is defined to be sent unencrypted, and setting saslconn turns
@@ -1647,6 +1681,7 @@ complete:
 error

Re: [Spice-devel] [PATCH] m4: Update manywarnings from gnulib

2014-10-07 Thread Daniel P. Berrange 
On Thu, Oct 02, 2014 at 06:17:53PM +0200, Fabiano FidĂȘncio wrote:
> From: Cole Robinson 
> 
> Fixes these noisy errors on Fedora 21:
> 
> gcc: warning: switch '-Wmudflap' is no longer supported

Thanks, I've applied this


Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|
___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel