handle GSSError exceptions. Fixes #4913
This commit is contained in:
		
							parent
							
								
									9900698dc5
								
							
						
					
					
						commit
						346dbc04b2
					
				
					 1 changed files with 28 additions and 20 deletions
				
			
		|  | @ -196,8 +196,12 @@ class SASL(PlugIn): | |||
| 			self.mecs.remove('ANONYMOUS') | ||||
| 			node = Node('auth',attrs={'xmlns': NS_SASL, 'mechanism': 'ANONYMOUS'}) | ||||
| 			self.mechanism = 'ANONYMOUS' | ||||
| 		elif 'GSSAPI' in self.mecs and have_kerberos: | ||||
| 			self.startsasl = SASL_IN_PROCESS | ||||
| 			self._owner.send(str(node)) | ||||
| 			raise NodeProcessed | ||||
| 		if 'GSSAPI' in self.mecs and have_kerberos: | ||||
| 			self.mecs.remove('GSSAPI') | ||||
| 			try: | ||||
| 				self.gss_vc = kerberos.authGSSClientInit('xmpp@' + \ | ||||
| 					self._owner.xmpp_hostname)[1] | ||||
| 				kerberos.authGSSClientStep(self.gss_vc, '') | ||||
|  | @ -206,25 +210,29 @@ class SASL(PlugIn): | |||
| 					payload=(response or '')) | ||||
| 				self.mechanism = 'GSSAPI' | ||||
| 				self.gss_step = GSS_STATE_STEP | ||||
| 		elif 'DIGEST-MD5' in self.mecs: | ||||
| 				self.startsasl = SASL_IN_PROCESS | ||||
| 				self._owner.send(str(node)) | ||||
| 				raise NodeProcessed | ||||
| 			except GSSError, e: | ||||
| 				log.info('GSSAPI authentication failed: %s' % str(e) | ||||
| 		if 'DIGEST-MD5' in self.mecs: | ||||
| 			self.mecs.remove('DIGEST-MD5') | ||||
| 			node = Node('auth',attrs={'xmlns': NS_SASL, 'mechanism': 'DIGEST-MD5'}) | ||||
| 			self.mechanism = 'DIGEST-MD5' | ||||
| 		elif 'PLAIN' in self.mecs: | ||||
| 			self.startsasl = SASL_IN_PROCESS | ||||
| 			self._owner.send(str(node)) | ||||
| 			raise NodeProcessed | ||||
| 		if 'PLAIN' in self.mecs: | ||||
| 			self.mecs.remove('PLAIN') | ||||
| 			self.mechanism = 'PLAIN' | ||||
| 			self._owner._caller.get_password(self.set_password) | ||||
| 			self.startsasl = SASL_IN_PROCESS | ||||
| 			raise NodeProcessed | ||||
| 		else: | ||||
| 		self.startsasl = SASL_FAILURE | ||||
| 		log.error('I can only use DIGEST-MD5, GSSAPI and PLAIN mecanisms.') | ||||
| 		if self.on_sasl: | ||||
| 			self.on_sasl() | ||||
| 		return | ||||
| 		self.startsasl = SASL_IN_PROCESS | ||||
| 		self._owner.send(str(node)) | ||||
| 		raise NodeProcessed | ||||
| 
 | ||||
| 	def SASLHandler(self, conn, challenge): | ||||
| 		''' Perform next SASL auth step. Used internally. ''' | ||||
|  |  | |||
		Loading…
	
	Add table
		
		Reference in a new issue