Mixed up password/secondary_password
Kadrach
kadrach at gmail.com
Sat Jun 4 01:17:34 PDT 2016
Hi all,
I'm having issues with openconnect and --token-mode=rsa, using the
current git head. Stoken and openconnect are set up properly, and work
when I manually enter the password(s).
The issue is in itself quite simple - the form submission mixes up the
order of the passwords. The form is presented as:
<?xml version="1.0" encoding="UTF-8"?>
<config-auth client="vpn" type="auth-request">
<version who="sg">8.4(7)</version>
<opaque is-for="sg">
<tunnel-group>xxx</tunnel-group>
<config-hash>1450311914296</config-hash>
</opaque>
<auth id="main">
<title>Login</title>
<message>Please enter your username, password and pass-code.</message>
<banner></banner>
<form>
<input type="text" name="username" label="Username:"></input>
<input type="password" name="password" label="Password:"></input>
<input type="password" name="secondary_password" label="Password:"></input>
</form>
</auth>
</config-auth>
Watching the dumped http traffic, I can see that openconnect posts the
one-time token in the password field, and my "main" password in the
secondary password field.
Is there a configuration option I've overlooked?
Cheers,
Kad
More information about the openconnect-devel
mailing list