Bugfix RSA SecurID token decryption and PIN entry forms

As of
https://gitlab.com/openconnect/openconnect/-/commit/386a6edb6d2d1d2cd3e9c9de8d85dc7bfda60d34,
all auth forms are required to have a non-NULL `auth_id`.

However, we forget to make stoken.c set the `auth_id` for the forms that it
creates for RSA SecurID token decryption and PIN entry.  Let's name these:

  - `_rsa_unlock`, for token decryption.
  - `_rsa_pin`, for PIN entry.  Also, rename the numeric PIN field to `pin`
    rather than `password`; there can't be any existing users relying on
    `--form-entry` to set its value, because that wouldn't work without the
    `auth_id`.

Fixes #388.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>

diff --git a/stoken.c b/stoken.c
index 00a676254bbdea9c526c61ecd4f07c83efdc4e9e..45d849f54fd098b9d2951e8fc8db0a48248d22ae 100644 (file)
--- a/stoken.c
+++ b/stoken.c
@@ -100,6 +100,7 @@ static int decrypt_stoken(struct openconnect_info *vpninfo)
 
        form.opts = opts;
        form.message = _("Enter credentials to unlock software token.");
+       form.auth_id = "_rsa_unlock";
 
        if (stoken_devid_required(vpninfo->stoken_ctx)) {
                opt->type = OC_FORM_OPT_TEXT;
@@ -206,9 +207,10 @@ static int request_stoken_pin(struct openconnect_info *vpninfo)
 
        form.opts = opts;
        form.message = _("Enter software token PIN.");
+       form.auth_id = "_rsa_pin";
 
        opt->type = OC_FORM_OPT_PASSWORD;
-       opt->name = (char *)"password";
+       opt->name = (char *)"pin";
        opt->label = _("PIN:");
        opt->flags = OC_FORM_OPT_NUMERIC;