openconnect stoken support not working properly with our form
Kevin Cernekee
cernekee at gmail.com
Mon Nov 13 10:22:33 PST 2017
On Mon, Nov 13, 2017 at 10:12 AM, Andy Wang <dopey at moonteeth.com> wrote:
> That still didn't solve my problem and I used --dump-http-traffic and see that
> the stoken code being sent is completely different than what
> the stoken command actually generates. I had no idea why that would
> have been the case.
The PIN and timestamp are the two main factors (assuming you don't
have a bunch of different token seeds / rc files lying around).
The PIN will only affect 4 digits of the tokencode:
$ stoken --force --pin 0000 ; stoken --force --pin 9999
83862206
83861195
If it helps, you can modify the openconnect code to print out the time
being passed to the library, and simulate it from the command line
like this:
$ stoken --force --pin 0000 --use-time=`date +%s`
20276056
More information about the openconnect-devel
mailing list