[PATCH 1/2] use can_gen_tokencode() in auth-globalprotect.c

[Daniel Lenski]

Signed-off-by: Daniel Lenski <dlenski at gmail.com>
---
 auth-globalprotect.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/auth-globalprotect.c b/auth-globalprotect.c
index ca6748c..e5183c2 100644
--- a/auth-globalprotect.c
+++ b/auth-globalprotect.c
@@ -65,10 +65,14 @@ static struct oc_auth_form *auth_form(struct openconnect_info *vpninfo,
 		goto nomem;
 	opt2->name = strdup("passwd");
 	opt2->label = auth_id ? strdup(_("Challenge: ")) : strdup(_("Password: "));
-	if (vpninfo->token_mode == OC_TOKEN_MODE_NONE)
+
+	/* XX: Some VPNs use a password in the first form, followed by a
+	 * a token in the second ("challenge") form. Others use only a
+	 * token. How can we distinguish these? */
+	if (!can_gen_tokencode(vpninfo, form, opt2))
+		opt2->type = OC_FORM_OPT_TOKEN;
+	else
 		opt2->type = OC_FORM_OPT_PASSWORD;
-	else
-		opt2->type = OC_FORM_OPT_TOKEN; /* Don't we normally have to check can_gen_tokencode()? */
 
 	return form;
 }
-- 
2.7.4