openconnect stoken support not working properly with our form
Andy Wang
dopey at moonteeth.com
Mon Nov 13 13:05:09 PST 2017
On Mon, Nov 13, 2017 at 2:15 PM, Andy Wang <dopey at moonteeth.com> wrote:
>
> I tried adding:
> + fprintf(stderr,"%d %s %s\n",vpninfo->token_time,
> vpninfo->stoken_pin, tokencode);
> to do_gen_stoken_code and got the following output (token redacted):
> 1510603286 (null) <token>
> running stoken --force --use-time=1510603286
> and I get a totally different value.
>
> There's only a single stokenrc file. I have a pin 0000 saved in the
> stokenrc file.
Figured it out:
auth.c's cstp_obtain_cookie was calling prepare_stoken which decrypts the seed
auth-juniper.c's oncp_obtain_cookie was not doing the same thing.
Adding that gets me one step further.
More information about the openconnect-devel
mailing list