Package: release.debian.org Severity: normal User: [email protected] Usertags: pu
Hi, as already explained in #744216, the evolution version in wheezy needs minor changes to support Exchange 2013. According to my tests, this patch in libsoup fixes NTLM authentication without domain (typical setup with login=email). Please consider for wheezy. -- Joss
Index: debian/control =================================================================== --- debian/control (révision 41301) +++ debian/control (copie de travail) @@ -7,7 +7,7 @@ Section: devel Priority: optional Maintainer: Debian GNOME Maintainers <[email protected]> -Uploaders: Gustavo Noronha Silva <[email protected]>, Martin Pitt <[email protected]>, Michael Biebl <[email protected]> +Uploaders: Gustavo Noronha Silva <[email protected]>, Josselin Mouette <[email protected]>, Martin Pitt <[email protected]>, Michael Biebl <[email protected]> Build-Depends: debhelper (>= 9), cdbs (>= 0.4.93~), gnome-pkg-tools, Index: debian/patches/series =================================================================== --- debian/patches/series (révision 41301) +++ debian/patches/series (copie de travail) @@ -0,0 +1 @@ +01_ntlm_domain.patch Index: debian/patches/01_ntlm_domain.patch =================================================================== --- debian/patches/01_ntlm_domain.patch (révision 0) +++ debian/patches/01_ntlm_domain.patch (révision 41302) @@ -0,0 +1,51 @@ +From 501d327ad2312a97fb585369f3537563b8d296fc Mon Sep 17 00:00:00 2001 +From: Dan Winship <[email protected]> +Date: Tue, 16 Oct 2012 10:55:18 -0400 +Subject: soup-auth-manager-ntlm.c: don't include the default domain in the + response + +If the user didn't specify a domain in their username, then send "" +for the domain in the response, rather than echoing back the default +domain. This is apparently more compatible with what other apps do. + +https://bugzilla.gnome.org/show_bug.cgi?id=624613 + +diff --git a/libsoup/soup-auth-manager-ntlm.c b/libsoup/soup-auth-manager-ntlm.c +index f2b67d1..ecb9c7c 100644 +--- a/libsoup/soup-auth-manager-ntlm.c ++++ b/libsoup/soup-auth-manager-ntlm.c +@@ -459,7 +459,7 @@ ssofailure: + *slash = '\0'; + username = slash + 1; + } else +- domain = conn->domain; ++ domain = g_strdup (""); + + conn->response_header = soup_ntlm_response (conn->nonce, + username, password, +@@ -470,8 +470,7 @@ ssofailure: + soup_session_requeue_message (priv->session, msg); + + done: +- if (domain != conn->domain) +- g_free (domain); ++ g_free (domain); + g_free (conn->domain); + conn->domain = NULL; + g_free (conn->nonce); +diff --git a/tests/ntlm-test.c b/tests/ntlm-test.c +index 00222e8..e473ba6 100644 +--- a/tests/ntlm-test.c ++++ b/tests/ntlm-test.c +@@ -24,7 +24,7 @@ typedef enum { + + #define NTLM_CHALLENGE "TlRMTVNTUAACAAAADAAMADAAAAABAoEAASNFZ4mrze8AAAAAAAAAAGIAYgA8AAAARABPAE0AQQBJAE4AAgAMAEQATwBNAEEASQBOAAEADABTAEUAUgBWAEUAUgAEABQAZABvAG0AYQBpAG4ALgBjAG8AbQADACIAcwBlAHIAdgBlAHIALgBkAG8AbQBhAGkAbgAuAGMAbwBtAAAAAAA=" + +-#define NTLM_RESPONSE_USER(response) ((response)[102] == 'E' ? NTLM_AUTHENTICATED_ALICE : NTLM_AUTHENTICATED_BOB) ++#define NTLM_RESPONSE_USER(response) ((response)[86] == 'E' ? NTLM_AUTHENTICATED_ALICE : NTLM_AUTHENTICATED_BOB) + + static void + clear_state (gpointer connections, GObject *ex_connection) +-- +cgit v0.10.1 + Index: debian/changelog =================================================================== --- debian/changelog (révision 41301) +++ debian/changelog (copie de travail) @@ -1,3 +1,10 @@ +libsoup2.4 (2.38.1-3) stable; urgency=low + + * 01_ntlm_domain.patch: patch from upstream git. Fix some cases of + NTLM authentication on W2012 servers. + + -- Josselin Mouette <[email protected]> Fri, 11 Apr 2014 15:56:32 +0200 + libsoup2.4 (2.38.1-2) unstable; urgency=low * Make test suite failures non-fatal so we don't block testing migration due
