GP: fix bug in blind retry of login credentials after portal-to-gatew…

…ay redirect We had been incorrectly relying on the first character of the 'auth_id' being '_' to indicate a non-challenge form, in which case the username/password can be "blindly retried" from portal to gateway. However, this has been wrong since v8.09 (specifically, the commit 593df6b). Unfortunately, it may be responsible for some user reports of inability to login via portal interface. Discovered while writing gp-auth-and-config tests. Signed-off-by: Daniel Lenski <dlenski@gmail.com>
sailfishos-mirror · May 3, 2021 · 9b5652e · 9b5652e
1 parent cbb75f7
commit 9b5652e
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/auth-globalprotect.c b/auth-globalprotect.c
@@ -649,7 +649,7 @@ static int gpst_login(struct openconnect_info *vpninfo, int portal, struct login
 				 * unless it was a challenge auth form or alt-secret form.
 				 */
 				portal = 0;
-				if (ctx->form->auth_id[0] == '_' && !ctx->alt_secret) {
+				if (strcmp(ctx->form->auth_id, "_challenge") && !ctx->alt_secret) {
 					blind_retry = 1;
 					goto replay_form;
 				}