From: Daniel Lenski Date: Fri, 2 Apr 2021 09:26:21 +0000 (-0700) Subject: make --authgroup fill EITHER the role and/or the realm for Juniper X-Git-Tag: v8.20~311^2~5 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=65de4bd72449a548e712701f14e46fc02ac7ffec;p=users%2Fdwmw2%2Fopenconnect.git make --authgroup fill EITHER the role and/or the realm for Juniper Signed-off-by: Daniel Lenski --- diff --git a/auth-juniper.c b/auth-juniper.c index d298dc65..dbff5ea1 100644 --- a/auth-juniper.c +++ b/auth-juniper.c @@ -355,6 +355,7 @@ static struct oc_auth_form *parse_roles_table_node(xmlNodePtr node) opt->form.label = strdup("frmSelectRoles"); opt->form.name = strdup("frmSelectRoles"); opt->form.type = OC_FORM_OPT_SELECT; + form->authgroup_opt = opt; /* XX: --authgroup also sets realm field (see parse_select_node in auth-html.c) */ for (table_itr = node->children; table_itr; table_itr = table_itr->next) { if (!table_itr->name || strcasecmp((const char *)table_itr->name, "tr")) diff --git a/tests/juniper-auth b/tests/juniper-auth index f985df2a..7355f165 100755 --- a/tests/juniper-auth +++ b/tests/juniper-auth @@ -72,10 +72,9 @@ echo -n "frmLogin with username/password → frmNextToken" ok -# only one role because we don't have a way to auto-fill this -# (TODO: make --authgroup fill in the role instead, if there's no realm?) +# --authgroup will now fill in EITHER the role and/or the realm echo -n "frmLogin with username/password → frmConfirmation → frmSelectRoles" -( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT --protocol=nc -q "$ADDRESS:443/?confirm=1&roles=only_one_role" -u test $FINGERPRINT --cookieonly >/dev/null 2>&1) || +( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT --protocol=nc -q "$ADDRESS:443/?confirm=1&roles=foo,bar,baz" --authgroup=bar -u test $FINGERPRINT --cookieonly >/dev/null 2>&1) || fail $PID "Could not receive cookie from fake Juniper server" echo ok