[prev in list] [next in list] [prev in thread] [next in thread]
List: openconnect-devel
Subject: Re: [PATCH] Fix stoken support for Juniper VPN
From: Andy Wang <dopey () moonteeth ! com>
Date: 2017-12-21 3:05:26
Message-ID: CAGjaHhtsw_TRowBp9FwfAvb6QYp531nYg4aHVX8BHnSJJLpv5A () mail ! gmail ! com
[Download RAW message or body]
Any thoughts on this? Something I should do different?
Thanks,
Andy
On Wed, Nov 22, 2017 at 8:33 PM, Andy Wang <dopey@moonteeth.com> wrote:
> Allow using stoken code for frmLogin form type.
> Ensure stoken seed is properly prepared using block copied from Cisco
> VPN support in auth.c
>
> Signed-off-by: Andy Wang <dopey@moonteeth.com>
> ---
> auth-juniper.c | 11 ++++++++++-
> 1 file changed, 10 insertions(+), 1 deletion(-)
>
> diff --git a/auth-juniper.c b/auth-juniper.c
> index 4b889d6..d818cf3 100644
> --- a/auth-juniper.c
> +++ b/auth-juniper.c
> @@ -77,7 +77,8 @@ static int oncp_can_gen_tokencode(struct openconnect_info *vpninfo,
>
> if (strcmp(form->auth_id, "frmDefender") &&
> strcmp(form->auth_id, "frmNextToken") &&
> - strcmp(form->auth_id, "ftmTotpToken"))
> + strcmp(form->auth_id, "ftmTotpToken") &&
> + strcmp(form->auth_id, "frmLogin"))
> return -EINVAL;
>
> return can_gen_tokencode(vpninfo, form, opt);
> @@ -570,6 +571,14 @@ int oncp_obtain_cookie(struct openconnect_info *vpninfo)
> char *form_id = NULL;
> int try_tncc = !!vpninfo->csd_wrapper;
>
> +#ifdef HAVE_LIBSTOKEN
> + if (vpninfo->token_mode == OC_TOKEN_MODE_STOKEN) {
> + ret = prepare_stoken(vpninfo);
> + if (ret)
> + goto out;
> + }
> +#endif
> +
> resp_buf = buf_alloc();
> if (buf_error(resp_buf))
> return -ENOMEM;
> --
> 2.14.3
>
_______________________________________________
openconnect-devel mailing list
openconnect-devel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/openconnect-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic