From: Daniel Lenski Date: Mon, 22 Feb 2021 08:42:21 +0000 (-0800) Subject: Fortinet: fix crash caused by absence of redirect X-Git-Tag: v8.20~325^2~9 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=f85cda87362d4d80f62148ae77a19a4747e8a50c;p=users%2Fdwmw2%2Fopenconnect.git Fortinet: fix crash caused by absence of redirect And make fake server emulate this behavior to test it. Signed-off-by: Daniel Lenski --- diff --git a/fortinet.c b/fortinet.c index 467fdf7d..c7d95590 100644 --- a/fortinet.c +++ b/fortinet.c @@ -113,12 +113,14 @@ int fortinet_obtain_cookie(struct openconnect_info *vpninfo) * capture and save it. That is, for example: * 'GET /MyRealmName' will redirect to '/remote/login?realm=MyRealmName' */ - for (realm = strchr(vpninfo->urlpath, '?'); realm && *++realm; realm=strchr(realm, '&')) { - if (!strncmp(realm, "realm=", 6)) { - const char *end = strchrnul(realm+1, '&'); - realm = strndup(realm+6, end-realm); - vpn_progress(vpninfo, PRG_INFO, _("Got login realm '%s'\n"), realm); - break; + if (vpninfo->urlpath) { + for (realm = strchr(vpninfo->urlpath, '?'); realm && *++realm; realm=strchr(realm, '&')) { + if (!strncmp(realm, "realm=", 6)) { + const char *end = strchrnul(realm+1, '&'); + realm = strndup(realm+6, end-realm); + vpn_progress(vpninfo, PRG_INFO, _("Got login realm '%s'\n"), realm); + break; + } } } diff --git a/tests/fake-fortinet-server.py b/tests/fake-fortinet-server.py index 1f3be2dc..757fe989 100755 --- a/tests/fake-fortinet-server.py +++ b/tests/fake-fortinet-server.py @@ -80,14 +80,18 @@ def check_form_against_session(*fields): ######################################## -# Respond to initial 'GET /' or 'GET /' with a redirect to '/remote/login?realm=' +# Respond to initial 'GET /' with a login form +# Respond to initial 'GET /' with a redirect to '/remote/login?realm=' # [Save want_2fa query parameter in the session for use later] @app.route('/') @app.route('/') def realm(realm=None): - session.update(step='initial-GET', want_2fa='want_2fa' in request.args) + session.update(step='GET-realm', want_2fa='want_2fa' in request.args) # print(session) - return redirect(url_for('login', realm=realm or None)) + if realm: + return redirect(url_for('login', realm=realm)) + else: + return login() # Respond to 'GET /remote/login?realm=' with a placeholder stub (since OpenConnect doesn't even try to parse the form)