openconnect stoken support not working properly with our form
Kevin Cernekee
cernekee at gmail.com
Mon Nov 13 21:57:24 PST 2017
On Mon, Nov 13, 2017 at 1:29 PM, Andy Wang <dopey at moonteeth.com> wrote:
> @@ -562,7 +563,7 @@ static struct oc_auth_form
> *parse_roles_form_node(xmlNodePtr node)
>
> int oncp_obtain_cookie(struct openconnect_info *vpninfo)
> {
> - int ret;
> + int ret, result;
> struct oc_text_buf *resp_buf = NULL;
> xmlDocPtr doc = NULL;
> xmlNodePtr node;
> @@ -570,6 +571,15 @@ int oncp_obtain_cookie(struct openconnect_info
> *vpninfo)
> char *form_id = NULL;
> int try_tncc = !!vpninfo->csd_wrapper;
>
> +#ifdef HAVE_LIBSTOKEN
> + /* Step 1: Unlock software token (if applicable) */
You can delete "Step 1" since oncp_obtain_cookie() isn't annotated the
same way as cstp_obtain_cookie().
> + if (vpninfo->token_mode == OC_TOKEN_MODE_STOKEN) {
> + result = prepare_stoken(vpninfo);
> + if (result)
> + goto out;
This can probably reuse |ret| (otherwise |ret| will be left
uninitialized). Be sure to test the case where the user hits Cancel
on the PIN form, and the case where libstoken returns an error (like
from a missing stokenrc file).
> + }
> +#endif
> +
> resp_buf = buf_alloc();
> if (buf_error(resp_buf))
> return -ENOMEM;
More information about the openconnect-devel
mailing list