This is an automated email from the git hooks/post-receive script.
hefee-guest pushed a commit to annotated tag upstream/2.1.1+dfsg
in repository owncloud-client.
commit ef9483c82d111464e67291cd134beef99d0afcfc
Author: Markus Goetz <markus at woboq.com>
Date: Wed Jan 6 11:22:35 2016 +0100
Revert "HTTP Creds: Do not send the password at every request"
We need this for #4326
This reverts commit ae17f58b80208df0e6318dbabbfabd7ae842332e.
---
src/libsync/creds/httpcredentials.cpp | 41 +++++++++++++++++++++++------------
1 file changed, 27 insertions(+), 14 deletions(-)
diff --git a/src/libsync/creds/httpcredentials.cpp b/src/libsync/creds/httpcredentials.cpp
index 6e8e7ba..c60f854 100644
--- a/src/libsync/creds/httpcredentials.cpp
+++ b/src/libsync/creds/httpcredentials.cpp
@@ -16,7 +16,6 @@
#include <QMutex>
#include <QDebug>
#include <QNetworkReply>
-#include <QAuthenticator>
#include <QSettings>
#include <QInputDialog>
@@ -43,6 +42,22 @@ const char certifPasswdC[] = "certificatePasswd";
const char authenticationFailedC[] = "owncloud-authentication-failed";
} // ns
+class HttpCredentialsAccessManager : public AccessManager {
+public:
+ HttpCredentialsAccessManager(const HttpCredentials *cred, QObject* parent = 0)
+ : AccessManager(parent), _cred(cred) {}
+protected:
+ QNetworkReply *createRequest(Operation op, const QNetworkRequest &request, QIODevice *outgoingData) Q_DECL_OVERRIDE {
+ QByteArray credHash = QByteArray(_cred->user().toUtf8()+":"+_cred->password().toUtf8()).toBase64();
+ QNetworkRequest req(request);
+ req.setRawHeader(QByteArray("Authorization"), QByteArray("Basic ") + credHash);
+ //qDebug() << "Request for " << req.url() << "with authorization" << QByteArray::fromBase64(credHash);
+ return AccessManager::createRequest(op, req, outgoingData);
+ }
+private:
+ const HttpCredentials *_cred;
+};
+
HttpCredentials::HttpCredentials()
: _ready(false)
{
@@ -107,7 +122,7 @@ void HttpCredentials::setAccount(Account* account)
QNetworkAccessManager* HttpCredentials::getQNAM() const
{
- AccessManager* qnam = new AccessManager;
+ AccessManager* qnam = new HttpCredentialsAccessManager(this);
connect( qnam, SIGNAL(authenticationRequired(QNetworkReply*, QAuthenticator*)),
this, SLOT(slotAuthentication(QNetworkReply*,QAuthenticator*)));
@@ -161,7 +176,10 @@ void HttpCredentials::fetchFromKeychain()
}
bool HttpCredentials::stillValid(QNetworkReply *reply)
{
- return (reply->error() != QNetworkReply::AuthenticationRequiredError);
+ return ((reply->error() != QNetworkReply::AuthenticationRequiredError)
+ // returned if user or password is incorrect
+ && (reply->error() != QNetworkReply::OperationCanceledError
+ || !reply->property(authenticationFailedC).toBool()));
}
void HttpCredentials::slotReadJobDone(QKeychain::Job *job)
@@ -280,18 +298,13 @@ void HttpCredentials::slotWriteJobDone(QKeychain::Job *job)
void HttpCredentials::slotAuthentication(QNetworkReply* reply, QAuthenticator* authenticator)
{
- if (reply->property(authenticationFailedC).toBool()) {
- qDebug() << "Authentication failed for " << reply->url().toString();
- return;
- }
-
- // QNAM sends the user and password in latin-1, but the server expects UTF-8.
- // So send mojibake on purpose
- authenticator->setUser(QString::fromLatin1(user().toUtf8()));
- authenticator->setPassword(QString::fromLatin1(password().toUtf8()));
-
- // Set a property so we don't send the same password twice
+ Q_UNUSED(authenticator)
+ // we cannot use QAuthenticator, because it sends username and passwords with latin1
+ // instead of utf8 encoding. Instead, we send it manually. Thus, if we reach this signal,
+ // those credentials were invalid and we terminate.
+ qDebug() << "Stop request: Authentication failed for " << reply->url().toString();
reply->setProperty(authenticationFailedC, true);
+ reply->close();
}
} // namespace OCC
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud-client.git