Move protocol-specific decisions about when to use tokencodes into pr…

…otocol code Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
sailfishos-mirror · Jan 30, 2015 · bf937a6 · bf937a6
1 parent 5f40f74
commit bf937a6
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 15 deletions.
diff --git a/auth.c b/auth.c
@@ -223,12 +223,10 @@ static int parse_form(struct openconnect_info *vpninfo, struct oc_auth_form *for
 		} else if (!strcmp(input_type, "text")) {
 			opt->type = OC_FORM_OPT_TEXT;
 		} else if (!strcmp(input_type, "password")) {
-			if (vpninfo->token_mode != OC_TOKEN_MODE_NONE &&
-			    (can_gen_tokencode(vpninfo, form, opt) == 0)) {
+			if (!can_gen_tokencode(vpninfo, form, opt))
 				opt->type = OC_FORM_OPT_TOKEN;
-			} else {
+			else
 				opt->type = OC_FORM_OPT_PASSWORD;
-			}
 		} else {
 			vpn_progress(vpninfo, PRG_INFO,
 				     _("Unknown input type %s in form\n"),
@@ -879,11 +877,22 @@ static int can_gen_tokencode(struct openconnect_info *vpninfo,
 			     struct oc_auth_form *form,
 			     struct oc_form_opt *opt)
 {
-	switch (vpninfo->token_mode) {
+	if (vpninfo->token_mode == OC_TOKEN_MODE_NONE ||
+	    vpninfo->token_bypassed)
+		return -EINVAL;
+
 #ifdef HAVE_LIBSTOKEN
-	case OC_TOKEN_MODE_STOKEN:
+	if (vpninfo->token_mode == OC_TOKEN_MODE_STOKEN) {
+		if (strcmp(opt->name, "password") &&
+		    strcmp(opt->name, "answer"))
+			return -EINVAL;
 		return can_gen_stoken_code(vpninfo, form, opt);
+	}
 #endif
+	/* Otherwise it's an OATH token of some kind. */
+	if (strcmp(opt->name, "secondary_password"))
+		return -EINVAL;
+	switch (vpninfo->token_mode) {
 #ifdef HAVE_LIBOATH
 	case OC_TOKEN_MODE_TOTP:
 		return can_gen_totp_code(vpninfo, form, opt);

diff --git a/oath.c b/oath.c
@@ -232,9 +232,6 @@ int can_gen_totp_code(struct openconnect_info *vpninfo,
 		      struct oc_auth_form *form,
 		      struct oc_form_opt *opt)
 {
-	if ((strcmp(opt->name, "secondary_password") != 0) ||
-	    vpninfo->token_bypassed)
-		return -EINVAL;
 	if (vpninfo->token_tries == 0) {
 		vpn_progress(vpninfo, PRG_DEBUG,
 			     _("OK to generate INITIAL tokencode\n"));
@@ -260,9 +257,6 @@ int can_gen_hotp_code(struct openconnect_info *vpninfo,
 		      struct oc_auth_form *form,
 		      struct oc_form_opt *opt)
 {
-	if ((strcmp(opt->name, "secondary_password") != 0) ||
-	    vpninfo->token_bypassed)
-		return -EINVAL;
 	if (vpninfo->token_tries == 0) {
 		vpn_progress(vpninfo, PRG_DEBUG,
 			     _("OK to generate INITIAL tokencode\n"));

diff --git a/stoken.c b/stoken.c
@@ -267,9 +267,6 @@ int can_gen_stoken_code(struct openconnect_info *vpninfo,
 			struct oc_auth_form *form,
 			struct oc_form_opt *opt)
 {
-	if ((strcmp(opt->name, "password") && strcmp(opt->name, "answer")) ||
-	    vpninfo->token_bypassed)
-		return -EINVAL;
 	if (vpninfo->token_tries == 0) {
 		vpn_progress(vpninfo, PRG_DEBUG,
 			     _("OK to generate INITIAL tokencode\n"));