From 1869e03ed53fcc0e56da31c10b78789e00a9ff2d Mon Sep 17 00:00:00 2001
From: Stefan Becker <chemobejk@gmail.com>
Date: Sat, 23 Feb 2013 19:18:17 +0200
Subject: [PATCH] http: fix Single Sign-On handling

sipe-cal.c and sipe-svc.c should only re-use the SIP credentials if the
user hasn't selected Single-Sign On.
---
 src/core/http-conn.c |  2 +-
 src/core/sipe-cal.c  | 17 +++++++++--------
 src/core/sipe-svc.c  |  5 +++--
 3 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/src/core/http-conn.c b/src/core/http-conn.c
index 65ecb518..9304aac9 100644
--- a/src/core/http-conn.c
+++ b/src/core/http-conn.c
@@ -445,7 +445,7 @@ http_conn_process_input_message(HttpConn *http_conn,
 		const char *auth_name;
 		char *authorization;
 		char *output_toked_base64;
-		int use_sso = !http_conn->auth || (http_conn->auth && !http_conn->auth->user);
+		int use_sso = !http_conn->auth || !http_conn->auth->user;
 		long ret = -1;
 
 		http_conn->retries++;
diff --git a/src/core/sipe-cal.c b/src/core/sipe-cal.c
index 8b3b9bdf..37ab1d4d 100644
--- a/src/core/sipe-cal.c
+++ b/src/core/sipe-cal.c
@@ -3,7 +3,7 @@
  *
  * pidgin-sipe
  *
- * Copyright (C) 2010-13 SIPE Project <http://sipe.sourceforge.net/>
+ * Copyright (C) 2010-2013 SIPE Project <http://sipe.sourceforge.net/>
  * Copyright (C) 2009 pier11 <pier11@operamail.com>
  *
  *
@@ -183,8 +183,8 @@ sipe_cal_calendar_free(struct sipe_calendar *cal)
 		g_free(cal->auth->domain);
 		g_free(cal->auth->user);
 		g_free(cal->auth->password);
+		g_free(cal->auth);
 	}
-	g_free(cal->auth);
 	g_free(cal->as_url);
 	g_free(cal->oof_url);
 	g_free(cal->oab_url);
@@ -229,14 +229,14 @@ sipe_cal_calendar_init(struct sipe_core_private *sipe_private,
 			cal->domino_url  = g_strdup(value);
 		}
 
-		cal->auth = g_new0(HttpConnAuth, 1);
-
 		/* user specified email login? */
 		value = sipe_backend_setting(SIPE_CORE_PUBLIC, SIPE_SETTING_EMAIL_LOGIN);
 		if (!is_empty(value)) {
+			const char *tmp = strstr(value, "\\");
+
+			cal->auth = g_new0(HttpConnAuth, 1);
 
 			/* user specified email login domain? */
-			const char *tmp = strstr(value, "\\");
 			if (tmp) {
 				cal->auth->domain = g_strndup(value, tmp - value);
 				cal->auth->user   = g_strdup(tmp + 1);
@@ -246,10 +246,11 @@ sipe_cal_calendar_init(struct sipe_core_private *sipe_private,
 			cal->auth->password = g_strdup(sipe_backend_setting(SIPE_CORE_PUBLIC,
 										 SIPE_SETTING_EMAIL_PASSWORD));
 
-		} else {
-			/* re-use SIPE credentials */
+		} else if (!SIPE_CORE_PUBLIC_FLAG_IS(SSO)) {
+			/* re-use SIP credentials when SSO is not selected */
+			cal->auth = g_new0(HttpConnAuth, 1);
 			cal->auth->domain   = g_strdup(sipe_private->authdomain);
-			cal->auth->user     = g_strdup(sipe_private->authuser);
+			cal->auth->user     = sipe_private->authuser ? g_strdup(sipe_private->authuser) : g_strdup(sipe_private->username);
 			cal->auth->password = g_strdup(sipe_private->password);
 		}
 		return TRUE;
diff --git a/src/core/sipe-svc.c b/src/core/sipe-svc.c
index ad73a14e..963a9625 100644
--- a/src/core/sipe-svc.c
+++ b/src/core/sipe-svc.c
@@ -3,7 +3,7 @@
  *
  * pidgin-sipe
  *
- * Copyright (C) 2011-12 SIPE Project <http://sipe.sourceforge.net/>
+ * Copyright (C) 2011-2013 SIPE Project <http://sipe.sourceforge.net/>
  *
  *
  * This program is free software; you can redistribute it and/or modify
@@ -190,7 +190,8 @@ static gboolean sipe_svc_https_request(struct sipe_core_private *sipe_private,
 				      body,
 				      content_type,
 				      data->soap_action,
-				      &data->auth,
+				      /* use credentials only when SSO is not selected */
+				      SIPE_CORE_PUBLIC_FLAG_IS(SSO) ? NULL : &data->auth,
 				      sipe_svc_https_response,
 				      data);
 
-- 
2.11.4.GIT