pidgin: 3161d3b0: Now that Adium has cyrus-sasl enabled, I...

Stu Tomlinson stu at nosnilmot.com
Thu Mar 20 14:11:39 EDT 2008 

On Thu, 2008-03-20 at 13:33 -0400, Greg Hudson wrote:
> On Wed, 2008-03-19 at 20:59 -0400, Evan Schoenberg wrote:
> > Take a look, for example, at the logs in http://trac.adiumx.com/ticket/9492 
> > .  Upon updating from Adium 1.2.3 (libpurple 2.3.1) to Adium 1.2.4  
> > beta (libpurple 2.4.0), GSSAPI began actually working for this user  
> > and his friend; I'm not sure why it was broken previously.
> 
> When I investigated this for Ken, I uncovered three bugs:
> 
>   1. libpurple selects the wrong server FQDN for SASL authentication if
> a connect server is specified.  The workaround is to use a SRV lookup
> instead of a connect server.  http://developer.pidgin.im/ticket/4530

This issue was fixed in libpurple 2.4.0, as I explained in that ticket
now.

>   2. Openfire 3.3.x gives a spurious authorization error for GSSAPI
> authentication against libpurple, because libpurple does not specify an
> authz name (which should be perfectly acceptable but it triggers a bug).
> Fixed in Openfire 3.4.x, but MIT is not running this yet.

I brought this up on devel at pidgin.im in October 2007 with a potential
workaround, but Openfire 3.4.x came out so I dropped the issue, hoping
everyone would upgrade to 3.4.x :)

--- libpurple/protocols/jabber/auth.c   be6b7606ec2984e0c958da8b43b3d1f55cb52938
+++ libpurple/protocols/jabber/auth.c   9d215cafa4b38a689d474feaf8cac54e8594da51
@@ -147,7 +147,7 @@ static int jabber_sasl_cb_simple(void *c
            *res = js->user->node;
            break;
        case SASL_CB_USER:
-           *res = "";
+           *res = js->user->node;
            break;
        default:
            return SASL_BADPARAM;

It's another workaround though, so I'm still not overly keen on the
idea, but it's less visible than an account preference.

>   3. Adium successfully falls back from GSSAPI to password auth if
> GSSAPI auth fails early enough (e.g. due to bug #1), but not it if fails
> late enough (e.g. due to bug #2).  In the latter case, it repeatedly
> asks you for your password but never manages to use it.  I did not
> discover the code reason for this fallback issue.
> 
> I do not know if bug #1 or #3 were addressed in later Adium releases.

It looks like #1 was addressed but not #2 or #3.

Regards,


Stu.

More information about the Devel mailing list