[PATCH] Fix stoken support for Juniper VPN
Andy Wang
dopey at moonteeth.com
Wed Nov 22 18:33:56 PST 2017
Allow using stoken code for frmLogin form type.
Ensure stoken seed is properly prepared using block copied from Cisco
VPN support in auth.c
Signed-off-by: Andy Wang <dopey at moonteeth.com>
---
auth-juniper.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/auth-juniper.c b/auth-juniper.c
index 4b889d6..d818cf3 100644
--- a/auth-juniper.c
+++ b/auth-juniper.c
@@ -77,7 +77,8 @@ static int oncp_can_gen_tokencode(struct openconnect_info *vpninfo,
if (strcmp(form->auth_id, "frmDefender") &&
strcmp(form->auth_id, "frmNextToken") &&
- strcmp(form->auth_id, "ftmTotpToken"))
+ strcmp(form->auth_id, "ftmTotpToken") &&
+ strcmp(form->auth_id, "frmLogin"))
return -EINVAL;
return can_gen_tokencode(vpninfo, form, opt);
@@ -570,6 +571,14 @@ int oncp_obtain_cookie(struct openconnect_info *vpninfo)
char *form_id = NULL;
int try_tncc = !!vpninfo->csd_wrapper;
+#ifdef HAVE_LIBSTOKEN
+ if (vpninfo->token_mode == OC_TOKEN_MODE_STOKEN) {
+ ret = prepare_stoken(vpninfo);
+ if (ret)
+ goto out;
+ }
+#endif
+
resp_buf = buf_alloc();
if (buf_error(resp_buf))
return -ENOMEM;
--
2.14.3
More information about the openconnect-devel
mailing list