Commit 5c4d37a1 authored by Kevin Cernekee's avatar Kevin Cernekee Committed by David Woodhouse

auth: Implement special handling of <select> dropdowns on XML POST

Experimentation with the Cisco AnyConnect client showed that the
following changes need to be made for compatibility:

1) If the "value" attribute is missing from the <option> node, use the
XML node content instead.  i.e. this should post as

    <select name="dropdown">

And this should post as "<dropdown>optname</dropdown>":

    <select name="dropdown">
      <option value="optname">vpn</option>

2) If the name of the <select> node happens to be "group_list", put the
response in a special <group-select> node right under the <config-auth>
node, instead of putting it under the <auth> node.  (These strings are
hardcoded into the Cisco client.)
Reported-by: default avatarFabian Jäger <>
Signed-off-by: default avatarKevin Cernekee <>
Signed-off-by: default avatarDavid Woodhouse <>
parent 91462d2e
......@@ -143,6 +143,8 @@ static int parse_auth_choice(struct openconnect_info *vpninfo, struct oc_auth_fo
form_id = (char *)xmlGetProp(xml_node, (unsigned char *)"value");
if (!form_id)
form_id = (char *)xmlNodeGetContent(xml_node);
if (!form_id)
......@@ -678,6 +680,7 @@ void free_auth_form(struct oc_auth_form *form)
* <username><!-- same treatment as the old form options --></username>
* <password><!-- ditto -->
* </auth>
* <group-select><!-- name of selected authgroup --></group-select>
* <host-scan-token><!-- vpninfo->csd_ticket --></host-scan-token>
......@@ -793,6 +796,14 @@ static int xmlpost_append_form_opts(struct openconnect_info *vpninfo,
goto bad;
for (opt = form->opts; opt; opt = opt->next) {
/* group_list: create a new <group-select> node under <config-auth> */
if (!strcmp(opt->name, "group_list")) {
if (!xmlNewTextChild(root, NULL, XCAST("group-select"), XCAST(opt->value)))
goto bad;
/* everything else: create <foo>user_input</foo> under <auth> */
if (!xmlNewTextChild(node, NULL, XCAST(opt->name), XCAST(opt->value)))
goto bad;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment