[PATCH 1/4] auth: Implement special handling of <select> dropdowns on XML POST

Kevin Cernekee cernekee at gmail.com
Sat Feb 16 19:18:04 EST 2013

Experimentation with the Cisco AnyConnect client showed that the
following changes need to be made for compatibility:

1) If the "value" attribute is missing from the <option> node, use the
XML node content instead.  i.e. this should post as

    <select name="dropdown">

And this should post as "<dropdown>optname</dropdown>":

    <select name="dropdown">
      <option value="optname">vpn</option>

2) If the name of the <select> node happens to be "group_list", put the
response in a special <group-select> node right under the <config-auth>
node, instead of putting it under the <auth> node.  (These strings are
hardcoded into the Cisco client.)

Reported-by: Fabian Jäger <fabian.jaeger at chungwasoft.com>
Signed-off-by: Kevin Cernekee <cernekee at gmail.com>
 auth.c |   11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/auth.c b/auth.c
index 5634224..a4f95d6 100644
--- a/auth.c
+++ b/auth.c
@@ -144,6 +144,8 @@ static int parse_auth_choice(struct openconnect_info *vpninfo, struct oc_auth_fo
 		form_id = (char *)xmlGetProp(xml_node, (unsigned char *)"value");
 		if (!form_id)
+			form_id = (char *)xmlNodeGetContent(xml_node);
+		if (!form_id)
@@ -678,6 +680,7 @@ void free_auth_form(struct oc_auth_form *form)
  *     <username><!-- same treatment as the old form options --></username>
  *     <password><!-- ditto -->
  *   </auth>
+ *   <group-select><!-- name of selected authgroup --></group-select>
  *   <host-scan-token><!-- vpninfo->csd_ticket --></host-scan-token>
@@ -793,6 +796,14 @@ static int xmlpost_append_form_opts(struct openconnect_info *vpninfo,
 		goto bad;
 	for (opt = form->opts; opt; opt = opt->next) {
+		/* group_list: create a new <group-select> node under <config-auth> */
+		if (!strcmp(opt->name, "group_list")) {
+			if (!xmlNewTextChild(root, NULL, XCAST("group-select"), XCAST(opt->value)))
+				goto bad;
+			continue;
+		}
+		/* everything else: create <foo>user_input</foo> under <auth> */
 		if (!xmlNewTextChild(node, NULL, XCAST(opt->name), XCAST(opt->value)))
 			goto bad;

More information about the openconnect-devel mailing list