AC SAML: cookies might be empty

author Luca Boccassi <luca.boccassi@microsoft.com>

Thu, 30 Dec 2021 17:45:22 +0000 (17:45 +0000)

committer Luca Boccassi <bluca@debian.org>

Wed, 23 Feb 2022 19:22:53 +0000 (19:22 +0000)
author Luca Boccassi <luca.boccassi@microsoft.com>
Thu, 30 Dec 2021 17:45:22 +0000 (17:45 +0000)
committer Luca Boccassi <bluca@debian.org>
Wed, 23 Feb 2022 19:22:53 +0000 (19:22 +0000)
diff --git a/cstp.c b/cstp.c

index e8fbc4d930a7d8cb115ccc5e989c249556ce617e..d390973f3a1b949fe1da49152b45a1a46d8f800d 100644 (file)
--- a/cstp.c
+++ b/cstp.c
@@ -1254,12 +1254,13 @@ int cstp_sso_detect_done(struct openconnect_info *vpninfo,
  {
         int i;
  
+       /* Note that, at least with some backends (eg: Google's), empty cookies might be set */
         for (i=0; result->cookies[i] != NULL; i+=2) {
                 const char *cname = result->cookies[i], *cval = result->cookies[i+1];
-               if (!strcmp(vpninfo->sso_token_cookie, cname)) {
+               if (!strcmp(vpninfo->sso_token_cookie, cname) && cval && cval[0] != '\0') {
                         vpninfo->sso_cookie_value = strdup(cval);
                         break;
-               } else if (!strcmp(vpninfo->sso_error_cookie, cname)) {
+               } else if (!strcmp(vpninfo->sso_error_cookie, cname) && cval && cval[0] != '\0') {
                         /* XX: or should we combine both the error cookie name and its value? */
                         vpninfo->quit_reason = strdup(cval);
                         return -EINVAL;
author	Luca Boccassi <luca.boccassi@microsoft.com>
	Thu, 30 Dec 2021 17:45:22 +0000 (17:45 +0000)
committer	Luca Boccassi <bluca@debian.org>
	Wed, 23 Feb 2022 19:22:53 +0000 (19:22 +0000)