Created attachment 914590 [details]
Suggested GSSAPI fixes

Description of problem:
There are some deficiencies with the GSSAPI implementation that was added to EWS, some of which are addressed by this proposed patch.

1) It still asks for a password.  GSSAPI should allow SSO authentication, but the gssapi patch forgot to tell the auth system that user input may not be required.  This affects mail, the calendar, the contacts, and the configuration pages, resulting in repeated requests for passwords even from the Gnome desktop itself.

2) The autodiscover code does not support GSSAPI at all.

3) The GSSAPI mechanism uses the "got-body" signal as a hack to add the GSSAPI authentication information.  It should use the "authenticate" signal instead.

4) The auth method discovery code first checks whether the "host" is reachable.  This will always fail because it only sets its Host URL for the service, and the camel code relies on the host and port itself being set before it can answer that question.  Even after setting the host and port, it is necessary to give the underlying system time to query the network service.  So this check should not be done at all.

5) [nitpick] Not all reposts are due to redirects, so the post_restarted callback should check the message status before assuming so.  In this case, reposts happen because of GSSAPI negotiation.

6) (not addressed in this patch):  If using GSSAPI, it should verify that the credentials exist and are current before attempting to initiate a connection.  It should not act as if a hard error occurred in this case; it should only wait until credentials are renewed to make another connection attempt.

Version-Release number of selected component (if applicable):
evolution-ews-3.12.3-1.fc21.x86_64