command-line client should fill in any password field with value supplied via --passw...

I previously proposed adding form field hints to suggest which fields should
be populated with username/password values.  David Woodhouse was hesitant to
accept this and we settled on matching the form field names by the first
four characters ("user", "pass") as a temporary compromise:

    http://lists.infradead.org/pipermail/openconnect-devel/2017-August/004458.html

There's at least one specific case where this interferes with the
usage of the command-line client: some GlobalProtect users need to
specify an "alternative secret field" instead of the default "passwd"
field (using `--usergroup :field_name`).

Because this field's name normally doesn't start with "pass", openconnect
won't accept it via `--passwd-on-stdin`:

    script_to_do_fancy_GlobalProtect_SAML_login |
      openconnect --protocol=gp -u user --passwd-on-stdin --usergroup portal:portal_cookie_field_name globalprotect.company.com

As far as I can tell, there's not actually any good reason why openconnect
should *only* fill in a password-type field with the supplied password
if its name starts with "pass", so we should get rid of that check.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>

diff --git a/main.c b/main.c
index 379cf5dea01aa6f68894db7ffe67777c974e7494..d2e21c074d30a395a38ae3f46f3aef24990bc881 100644 (file)
--- a/main.c
+++ b/main.c
@@ -1999,8 +1999,7 @@ static int process_auth_form_cb(void *_vpninfo,
                        empty = 0;
 
                } else if (opt->type == OC_FORM_OPT_PASSWORD) {
-                       if (password &&
-                           !strncmp(opt->name, "pass", 4)) {
+                       if (password) {
                                opt->_value = password;
                                password = NULL;
                        } else {