bugfix for OTP "challenge" form handling (!38) · Merge requests · OpenConnect VPN projects / OpenConnect

The source project of this merge request has been removed.

Daniel Lenski requested to merge (removed):bugfix_OTP_challenge_form_handling into master Apr 03, 2019

In the patch entitled 'Recognise auth forms named "challenge" as token requests' (commit 51f8feb6, released in v8.00) the condition for using an OTP token in an AnyConnect login form was changed from:

(field is named secondary_password)

… to:

(field is named secondary_password) AND (form is named challenge)

This was almost certainly a mistake, and should have been as follows:

(field is named secondary_password) OR (form is named challenge)

This patch rewrites the condition to do just that, in a clearer form, and should fix GitLab issue #24 (closed) (#24 (comment 157035052)).

Signed-off-by: Daniel Lenski dlenski@gmail.com

bugfix for OTP "challenge" form handling

Merge request reports