[PATCH] Fix stoken support for Juniper VPN

Andy Wang dopey at moonteeth.com
Tue Apr 10 14:26:20 PDT 2018


Another follow up on this.  Is there something I should change to get
this considered for inclusion?

Thanks,
Andy

On Wed, Dec 20, 2017 at 9:05 PM, Andy Wang <dopey at moonteeth.com> wrote:
> Any thoughts on this?  Something I should do different?
>
> Thanks,
> Andy
>
> On Wed, Nov 22, 2017 at 8:33 PM, Andy Wang <dopey at moonteeth.com> wrote:
>> Allow using stoken code for frmLogin form type.
>> Ensure stoken seed is properly prepared using block copied from Cisco
>> VPN support in auth.c
>>
>> Signed-off-by: Andy Wang <dopey at moonteeth.com>
>> ---
>>  auth-juniper.c | 11 ++++++++++-
>>  1 file changed, 10 insertions(+), 1 deletion(-)
>>
>> diff --git a/auth-juniper.c b/auth-juniper.c
>> index 4b889d6..d818cf3 100644
>> --- a/auth-juniper.c
>> +++ b/auth-juniper.c
>> @@ -77,7 +77,8 @@ static int oncp_can_gen_tokencode(struct openconnect_info *vpninfo,
>>
>>         if (strcmp(form->auth_id, "frmDefender") &&
>>             strcmp(form->auth_id, "frmNextToken") &&
>> -           strcmp(form->auth_id, "ftmTotpToken"))
>> +           strcmp(form->auth_id, "ftmTotpToken") &&
>> +           strcmp(form->auth_id, "frmLogin"))
>>                 return -EINVAL;
>>
>>         return can_gen_tokencode(vpninfo, form, opt);
>> @@ -570,6 +571,14 @@ int oncp_obtain_cookie(struct openconnect_info *vpninfo)
>>         char *form_id = NULL;
>>         int try_tncc = !!vpninfo->csd_wrapper;
>>
>> +#ifdef HAVE_LIBSTOKEN
>> +        if (vpninfo->token_mode == OC_TOKEN_MODE_STOKEN) {
>> +                ret = prepare_stoken(vpninfo);
>> +                if (ret)
>> +                        goto out;
>> +        }
>> +#endif
>> +
>>         resp_buf = buf_alloc();
>>         if (buf_error(resp_buf))
>>                 return -ENOMEM;
>> --
>> 2.14.3
>>



More information about the openconnect-devel mailing list