CSD stub URL is optional

The recent change in commit b6ef1c86b6d29684e5a24b62e19827afafec13ed ('Fix
CSD trojan download') was wrong; for the XML POST case we don't necessarily
get handed a trojan to download. We're expected to have a local 'wrapper'
script which will act like a locally-installed 'hostscan'.

The wait URL *is* required though.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

diff --git a/http.c b/http.c
index c05d7a69eaaf0cf8f105c709f186ac07cecef868..1df1ffdb92d936b46cefa4b4b28a40780c7dd6fe 100644 (file)
--- a/http.c
+++ b/http.c
@@ -999,8 +999,7 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
                vpn_progress(vpninfo, PRG_INFO, _("XML POST enabled\n"));
 
        /* Step 4: Run the CSD trojan, if applicable */
-       if (vpninfo->csd_starturl && vpninfo->csd_waiturl &&
-           vpninfo->csd_stuburl) {
+       if (vpninfo->csd_starturl && vpninfo->csd_waiturl) {
                char *form_path = NULL;
 
                if (vpninfo->urlpath) {
@@ -1011,15 +1010,13 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
                        }
                }
 
-               /* fetch the CSD program */
-               vpninfo->redirect_url = vpninfo->csd_stuburl;
-               vpninfo->csd_stuburl = NULL;
-               handle_redirect(vpninfo);
-
-               buflen = do_https_request(vpninfo, "GET", NULL, NULL, &form_buf, 0);
-               if (buflen <= 0) {
-                       result = -EINVAL;
-                       goto out;
+               /* fetch the CSD program, if available */
+               if (vpninfo->csd_stuburl) {
+                       buflen = do_https_request(vpninfo, "GET", NULL, NULL, &form_buf, 0);
+                       if (buflen <= 0) {
+                               result = -EINVAL;
+                               goto out;
+                       }
                }
 
                /* This is the CSD stub script, which we now need to run */