reverse password and secondary_password?
David Woodhouse
dwmw2 at infradead.org
Mon Jan 29 07:19:22 PST 2018
On Mon, 2018-01-29 at 15:07 +0000, Dave Walker wrote:
>
> The password and secondary_password are reversed.
>
> On this page it states the ordering:
> http://www.infradead.org/openconnect/token.html
>
> "SecurID token codes will automatically fill in the primary password
> field in the authentication form presented by the server" .. "This
> behaviour is empirically determined by the requirements of the servers
> that we have tested with; if you find a configuration in which it is
> not appropriate, please let us know."
>
> This mail is letting you know... is there a workaround?
I think we should patch the code to use a 'secondary_password' field
*if* it exists, and 'password' otherwise. That will require a slightly
non-trivial modification to the cstp_can_gen_tokencode() function in
auth.c, because now it's no longer *purely* a function of the one
option it's being asked to consider. But not *so* hard... patches
welcome :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5213 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20180129/af2bae75/attachment-0001.bin>
More information about the openconnect-devel
mailing list