[PATCH 3/4] http: Fix redirect handling in auth form loop

Woodhouse, David david.woodhouse at intel.com
Sun Feb 17 17:03:15 EST 2013


On Sat, 2013-02-16 at 16:18 -0800, Kevin Cernekee wrote:
> The refactored openconnect_obtain_cookie() loop tried to post the
> challenge/response data to index.html, preventing successful login.
> This patch changes the logic so that it will honor the new "action"
> attribute if present.

Point of order: the 'action' attribute isn't new; it's been there for
years. Since commit 7ba752f8 in April 2009, to be precise, when the
struct auth_form was first introduced.

I already fixed the non-xmlpost case to honour it, in fact.

We now have two callers of parse_xml_response() which do, and two which
don't. I'm suspect that's a bad thing, and we should put it *into*
parse_xml_response() rather than leaving it to the caller...

I've applied this series as-is, in the meantime. Thanks.

-- 
                   Sent with MeeGo's ActiveSync support.

David Woodhouse                            Open Source Technology Centre
David.Woodhouse at intel.com                              Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6242 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20130217/50e1d6fd/attachment-0001.bin>


More information about the openconnect-devel mailing list