]> www.infradead.org Git - users/dwmw2/openconnect.git/commit
projects / users / dwmw2 / openconnect.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 7f4e2d0) | patch
Refuse to handle forms without ->auth_id (but do it in the right place, and noisily)
authorDaniel Lenski <dlenski@gmail.com>
Sat, 20 Nov 2021 21:12:34 +0000 (13:12 -0800)
committerDaniel Lenski <dlenski@gmail.com>
Sat, 20 Nov 2021 22:19:50 +0000 (14:19 -0800)
commit386a6edb6d2d1d2cd3e9c9de8d85dc7bfda60d34
tree2087b7649364483e0f2813092bcb9d2b41d2c276tree
parent7f4e2d0a699b3a26f92555451bda843779def872commit | diff
Refuse to handle forms without ->auth_id (but do it in the right place, and noisily)

In 0b47ea1882346fdedfcd8a315f51aeb39e13459e ("Refuse to handle forms without
->auth_id"), the process_auth_form_cb for the OpenConnect CLI was modified
to silently reject forms with auth_id unset.

Issues with this:

1. If a form doesn't have its auth_id set, it'll fail *silently*, which
   makes it confusingly difficult to identify the root cause. (See #351.)
2. As that commit message says, GUIs/front-ends need the auth_id to be set,
   but it didn't do anything to enforce it other than for the CLI.

The solution is to reject forms with auth_id unset in process_auth_form()
itself, rather than expecting the front-ends’ callback functions to check
this, and to do so with an error message explaining that this is a bug in
OpenConnect.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
library.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.