[PATCH 1/5] detect user[name], pass[word] form fields using only the first 4 characters
Daniel Lenski
dlenski at gmail.com
Sun Mar 4 01:31:57 PST 2018
The current process_auth_form_cb hard-codes the interpretation of these form
fields based on their names. GlobalProtect has identical fields but with
slightly different names.
Signed-off-by: Daniel Lenski <dlenski at gmail.com>
Signed-off-by: David Woodhouse <dwmw2 at infradead.org>
---
main.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/main.c b/main.c
index d09efd5..086df2b 100644
--- a/main.c
+++ b/main.c
@@ -1976,7 +1976,7 @@ static int process_auth_form_cb(void *_vpninfo,
} else if (opt->type == OC_FORM_OPT_TEXT) {
if (username &&
- !strcmp(opt->name, "username")) {
+ !strncmp(opt->name, "user", 4)) {
opt->_value = username;
username = NULL;
} else {
@@ -1989,7 +1989,7 @@ static int process_auth_form_cb(void *_vpninfo,
} else if (opt->type == OC_FORM_OPT_PASSWORD) {
if (password &&
- !strcmp(opt->name, "password")) {
+ !strncmp(opt->name, "pass", 4)) {
opt->_value = password;
password = NULL;
} else {
--
2.7.4
More information about the openconnect-devel
mailing list