Accepting request 248077 from GNOME:Factory
1 OBS-URL: https://build.opensuse.org/request/show/248077 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/evolution-data-server?expand=0&rev=138
This commit is contained in:
Stephan Kulow
Git OBS Bridge
commit
ec954a1779
@ -1,187 +0,0 @@
|
||||
From 5e9d80092b19f9bd2c02712ab0a50fa70b052c74 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Barnes <mbarnes@redhat.com>
|
||||
Date: Mon, 25 Aug 2014 11:01:20 -0400
|
||||
Subject: Bug 735311 - Adapt to new Google HTTP restriction
|
||||
|
||||
Google has recently imposed a limit on the number of unauthorized HTTP
|
||||
requests to its OAuth2-based interfaces.
|
||||
|
||||
The normal operation of SoupSession is to issue the first HTTP request
|
||||
unauthorized and see if the server issues a "401 Unauthorized" response
|
||||
(since not all HTTP services require authorization).
|
||||
|
||||
On a "401 Unauthorized" response, SoupSession emits an "authenticate"
|
||||
signal, which the application is supposed to handle. Once credentials
|
||||
are in hand, SoupSession resends the same HTTP request and subsequent
|
||||
requests with an Authenticate header while the socket connection holds.
|
||||
|
||||
Google's unauthorized request limit breaks this logic flow. Once the
|
||||
limit is exceeded, the Google server issues a "403 Forbidden" response
|
||||
instead of "401 Unauthorized" to an unauthorized HTTP request. This
|
||||
breaks error handling in the E-D-S CalDAV backend.
|
||||
|
||||
The workaround is to preload the SoupAuthManager with a pre-configured
|
||||
SoupAuth when using OAuth 2.0 authentication. This avoids the initial
|
||||
unauthorized HTTP round-trip.
|
||||
|
||||
The backend implements the GInitable interface for this since obtaining
|
||||
a valid access token is a failable step.
|
||||
|
||||
(cherry picked from commit 00a465670ef3d8adbaf011b3e697ba5befb00623)
|
||||
|
||||
diff --git a/calendar/backends/caldav/e-cal-backend-caldav.c b/calendar/backends/caldav/e-cal-backend-caldav.c
|
||||
index f189126..686020e 100644
|
||||
--- a/calendar/backends/caldav/e-cal-backend-caldav.c
|
||||
+++ b/calendar/backends/caldav/e-cal-backend-caldav.c
|
||||
@@ -133,6 +133,8 @@ struct _ECalBackendCalDAVPrivate {
|
||||
};
|
||||
|
||||
/* Forward Declarations */
|
||||
+static void e_caldav_backend_initable_init
|
||||
+ (GInitableIface *interface);
|
||||
static void caldav_source_authenticator_init
|
||||
(ESourceAuthenticatorInterface *iface);
|
||||
|
||||
@@ -141,6 +143,9 @@ G_DEFINE_TYPE_WITH_CODE (
|
||||
e_cal_backend_caldav,
|
||||
E_TYPE_CAL_BACKEND_SYNC,
|
||||
G_IMPLEMENT_INTERFACE (
|
||||
+ G_TYPE_INITABLE,
|
||||
+ e_caldav_backend_initable_init)
|
||||
+ G_IMPLEMENT_INTERFACE (
|
||||
E_TYPE_SOURCE_AUTHENTICATOR,
|
||||
caldav_source_authenticator_init))
|
||||
|
||||
@@ -5238,11 +5243,83 @@ e_cal_backend_caldav_finalize (GObject *object)
|
||||
G_OBJECT_CLASS (parent_class)->finalize (object);
|
||||
}
|
||||
|
||||
-static void
|
||||
-e_cal_backend_caldav_init (ECalBackendCalDAV *cbdav)
|
||||
+static gboolean
|
||||
+caldav_backend_initable_init (GInitable *initable,
|
||||
+ GCancellable *cancellable,
|
||||
+ GError **error)
|
||||
{
|
||||
+ ECalBackendCalDAVPrivate *priv;
|
||||
SoupSessionFeature *feature;
|
||||
+ ESource *source;
|
||||
+ const gchar *extension_name;
|
||||
+ gchar *auth_method = NULL;
|
||||
+ gboolean success = TRUE;
|
||||
+
|
||||
+ priv = E_CAL_BACKEND_CALDAV_GET_PRIVATE (initable);
|
||||
+
|
||||
+ feature = soup_session_get_feature (
|
||||
+ priv->session, SOUP_TYPE_AUTH_MANAGER);
|
||||
+
|
||||
+ /* Add the "Bearer" auth type to support OAuth 2.0. */
|
||||
+ soup_session_feature_add_feature (feature, E_TYPE_SOUP_AUTH_BEARER);
|
||||
+ g_mutex_init (&priv->bearer_auth_error_lock);
|
||||
+
|
||||
+ /* Preload the SoupAuthManager with a valid "Bearer" token
|
||||
+ * when using OAuth 2.0. This avoids an extra unauthorized
|
||||
+ * HTTP round-trip, which apparently Google doesn't like. */
|
||||
+
|
||||
+ source = e_backend_get_source (E_BACKEND (initable));
|
||||
+
|
||||
+ extension_name = E_SOURCE_EXTENSION_AUTHENTICATION;
|
||||
+ if (e_source_has_extension (source, extension_name)) {
|
||||
+ ESourceAuthentication *extension;
|
||||
+
|
||||
+ extension = e_source_get_extension (source, extension_name);
|
||||
+ auth_method = e_source_authentication_dup_method (extension);
|
||||
+ }
|
||||
+
|
||||
+ if (g_strcmp0 (auth_method, "OAuth2") == 0) {
|
||||
+ ESourceWebdav *extension;
|
||||
+ SoupAuth *soup_auth;
|
||||
+ SoupURI *soup_uri;
|
||||
+ gchar *access_token = NULL;
|
||||
+ gint expires_in_seconds = -1;
|
||||
+
|
||||
+ extension_name = E_SOURCE_EXTENSION_WEBDAV_BACKEND;
|
||||
+ extension = e_source_get_extension (source, extension_name);
|
||||
+ soup_uri = e_source_webdav_dup_soup_uri (extension);
|
||||
|
||||
+ soup_auth = g_object_new (
|
||||
+ E_TYPE_SOUP_AUTH_BEARER,
|
||||
+ SOUP_AUTH_HOST, soup_uri->host, NULL);
|
||||
+
|
||||
+ success = e_source_get_oauth2_access_token_sync (
|
||||
+ source, cancellable, &access_token,
|
||||
+ &expires_in_seconds, error);
|
||||
+
|
||||
+ if (success) {
|
||||
+ e_soup_auth_bearer_set_access_token (
|
||||
+ E_SOUP_AUTH_BEARER (soup_auth),
|
||||
+ access_token, expires_in_seconds);
|
||||
+
|
||||
+ soup_auth_manager_use_auth (
|
||||
+ SOUP_AUTH_MANAGER (feature),
|
||||
+ soup_uri, soup_auth);
|
||||
+ }
|
||||
+
|
||||
+ g_free (access_token);
|
||||
+ g_object_unref (soup_auth);
|
||||
+ soup_uri_free (soup_uri);
|
||||
+ }
|
||||
+
|
||||
+ g_free (auth_method);
|
||||
+
|
||||
+ return success;
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+e_cal_backend_caldav_init (ECalBackendCalDAV *cbdav)
|
||||
+{
|
||||
cbdav->priv = E_CAL_BACKEND_CALDAV_GET_PRIVATE (cbdav);
|
||||
cbdav->priv->session = soup_session_sync_new ();
|
||||
g_object_set (
|
||||
@@ -5257,17 +5334,6 @@ e_cal_backend_caldav_init (ECalBackendCalDAV *cbdav)
|
||||
cbdav->priv->session, "proxy-resolver",
|
||||
G_BINDING_SYNC_CREATE);
|
||||
|
||||
- /* XXX SoupAuthManager is public API as of libsoup 2.42, but
|
||||
- * this isn't worth bumping our libsoup requirement over.
|
||||
- * So get the SoupAuthManager GType by its type name. */
|
||||
- feature = soup_session_get_feature (
|
||||
- cbdav->priv->session,
|
||||
- g_type_from_name ("SoupAuthManager"));
|
||||
-
|
||||
- /* Add the "Bearer" auth type to support OAuth 2.0. */
|
||||
- soup_session_feature_add_feature (feature, E_TYPE_SOUP_AUTH_BEARER);
|
||||
- g_mutex_init (&cbdav->priv->bearer_auth_error_lock);
|
||||
-
|
||||
if (G_UNLIKELY (caldav_debug_show (DEBUG_MESSAGE)))
|
||||
caldav_debug_setup (cbdav->priv->session);
|
||||
|
||||
@@ -5337,3 +5403,10 @@ e_cal_backend_caldav_class_init (ECalBackendCalDAVClass *class)
|
||||
|
||||
backend_class->start_view = caldav_start_view;
|
||||
}
|
||||
+
|
||||
+static void
|
||||
+e_caldav_backend_initable_init (GInitableIface *interface)
|
||||
+{
|
||||
+ interface->init = caldav_backend_initable_init;
|
||||
+}
|
||||
+
|
||||
diff --git a/libedataserver/e-source-webdav.c b/libedataserver/e-source-webdav.c
|
||||
index eda83d5..9ddbbc0 100644
|
||||
--- a/libedataserver/e-source-webdav.c
|
||||
+++ b/libedataserver/e-source-webdav.c
|
||||
@@ -244,7 +244,9 @@ source_webdav_update_soup_uri_from_properties (ESourceWebdav *webdav_extension)
|
||||
|
||||
soup_uri_set_user (soup_uri, user);
|
||||
soup_uri_set_host (soup_uri, host);
|
||||
- soup_uri_set_port (soup_uri, port);
|
||||
+
|
||||
+ if (port > 0)
|
||||
+ soup_uri_set_port (soup_uri, port);
|
||||
|
||||
/* SoupURI doesn't like NULL paths. */
|
||||
soup_uri_set_path (soup_uri, (path != NULL) ? path : "");
|
||||
--
|
||||
cgit v0.10.1
|
||||
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:d3a2f832f823cb2a41467926dcaec984a15b2cb51ef89cf41267e337ca750811
|
||||
size 5398264
|
||||
3
evolution-data-server-3.12.6.tar.xz
Normal file
3
evolution-data-server-3.12.6.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:f05ea462b591b24b927afd943258199a4c05f23ff07fa04355bc04bcec15a7c2
|
||||
size 5396524
|
||||
@ -1,3 +1,20 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 8 09:29:16 UTC 2014 - dimstar@opensuse.org
|
||||
|
||||
- Update to version 3.12.6:
|
||||
+ Miscellaneous:
|
||||
- Do not add GTasks source when the GTasks backend is not
|
||||
built.
|
||||
- [IMAPx] Deleted messages not always saved to the server
|
||||
properly.
|
||||
- [IMAPx] Incorrect mailbox used for untagged OK/NO/BAD with
|
||||
pending SELECT.
|
||||
+ Bugs fixed: bgo#735311, bgo#486018, bgo#734853, bgo#694112,
|
||||
bgo#735523, bgo#735191, bgo#733733, bgo#735200, bgo#735523.
|
||||
+ Upated translations.
|
||||
- Drop 0001-Bug-735311-Adapt-to-new-Google-HTTP-restriction.patch:
|
||||
fixed upstream.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 27 12:17:03 UTC 2014 - fcrozat@suse.com
|
||||
|
||||
|
||||
@ -32,7 +32,7 @@
|
||||
|
||||
Name: evolution-data-server
|
||||
%define _evo_version 3.12
|
||||
Version: 3.12.5
|
||||
Version: 3.12.6
|
||||
Release: 0
|
||||
Summary: Evolution Data Server
|
||||
License: LGPL-2.1+
|
||||
@ -40,8 +40,6 @@ Group: Development/Libraries/GNOME
|
||||
Url: http://www.gnome.org
|
||||
Source0: http://download.gnome.org/sources/evolution-data-server/3.12/%{name}-%{version}.tar.xz
|
||||
Source99: baselibs.conf
|
||||
# PATCH-FIX-UPSTREAM 0001-Bug-735311-Adapt-to-new-Google-HTTP-restriction.patch bnc#893775 bgo#735311 fcrozat@suse.com -- Adapt to new Google HTTP restriction
|
||||
Patch0: 0001-Bug-735311-Adapt-to-new-Google-HTTP-restriction.patch
|
||||
BuildRequires: db-devel
|
||||
%if %USE_EVOLDAP
|
||||
BuildRequires: evoldap2-devel
|
||||
@ -257,7 +255,6 @@ This package contains developer documentation.
|
||||
%prep
|
||||
%setup -q
|
||||
translation-update-upstream
|
||||
%patch0 -p1
|
||||
|
||||
%build
|
||||
%{configure} \
|
||||
|
||||
Loading…
Reference in New Issue
Block a user