From: Daniel Lenski <dlenski@gmail.com>
Date: Sat, 20 Nov 2021 21:12:34 +0000 (-0800)
Subject: Refuse to handle forms without ->auth_id (but do it in the right place, and noisily)
X-Git-Tag: v8.20~41^2
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=386a6edb6d2d1d2cd3e9c9de8d85dc7bfda60d34;p=users%2Fdwmw2%2Fopenconnect.git

Refuse to handle forms without ->auth_id (but do it in the right place, and noisily)

In 0b47ea1882346fdedfcd8a315f51aeb39e13459e ("Refuse to handle forms without
->auth_id"), the process_auth_form_cb for the OpenConnect CLI was modified
to silently reject forms with auth_id unset.

Issues with this:

1. If a form doesn't have its auth_id set, it'll fail *silently*, which
   makes it confusingly difficult to identify the root cause. (See #351.)
2. As that commit message says, GUIs/front-ends need the auth_id to be set,
   but it didn't do anything to enforce it other than for the CLI.

The solution is to reject forms with auth_id unset in process_auth_form()
itself, rather than expecting the front-ends’ callback functions to check
this, and to do so with an error message explaining that this is a bug in
OpenConnect.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
---

diff --git a/library.c b/library.c
index 4448118d..37b7f9bc 100644
--- a/library.c
+++ b/library.c
@@ -1532,6 +1532,10 @@ int process_auth_form(struct openconnect_info *vpninfo, struct oc_auth_form *for
 		vpn_progress(vpninfo, PRG_ERR, _("No form handler; cannot authenticate.\n"));
 		return OC_FORM_RESULT_ERR;
 	}
+	if (!form->auth_id) {
+		vpn_progress(vpninfo, PRG_ERR, _("No form ID. This is a bug in OpenConnect's authentication code.\n"));
+		return OC_FORM_RESULT_ERR;
+	}
 
 retry:
 	auth_choice = NULL;