Bug: xmlpost ignores command line authgroup

Darrin Thompson darrinth at gmail.com
Wed Sep 25 19:51:33 EDT 2013

Openconnect is trying to log into an anyconnect host using the wrong
group when xmlpost is enabled.

exec openconnect --user me --script myscript thehost.domain
--authgroup=CORRECT --dump-http-traffic #--no-xmlpost

Edited form from server:

< <?xml version="1.0" encoding="UTF-8"?>
< <config-auth client="vpn" type="auth-request">
< <version>9.1(2)</version>
< <opaque>
< <tunnel-group>WRONG</tunnel-group>
< <group-alias>WRONG</group-alias>
< <config-hash>12345</config-hash>
< </opaque>
< <auth id="main">
< <form>
< <input type="text" name="username" label="Username:"></input>
< <input type="password" name="password" label="Password:"></input>
< <select name="group_list" label="GROUP:">
< <option selected="true">WRONG</option>
< <option>CORRECT</option>
< </select>
< </form>
< </auth>
< </config-auth>

After this point openconnect ignores my command line preference for
CORRECT and procedes to use the WRONG group. If I disable xmlpost this
behavior goes away.


More information about the openconnect-devel mailing list