From d93bf0dce89fc309ee7bf830559bcd6616bf0ced Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw2@infradead.org>
Date: Wed, 3 Oct 2018 08:06:52 +0100
Subject: [PATCH] Make yubikey less picky about what it'll generate tokens for

The protocol should validate which form fields are OK; no need to apply
CSTP-specific filters (which are now out of date) in the yubikey code.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
---
 yubikey.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/yubikey.c b/yubikey.c
index b45ed1e6..20863b0c 100644
--- a/yubikey.c
+++ b/yubikey.c
@@ -480,8 +480,7 @@ int can_gen_yubikey_code(struct openconnect_info *vpninfo,
 			 struct oc_auth_form *form,
 			 struct oc_form_opt *opt)
 {
-	if ((strcmp(opt->name, "secondary_password") != 0) ||
-	    vpninfo->token_bypassed)
+	if (vpninfo->token_bypassed)
 		return -EINVAL;
 	if (vpninfo->token_tries == 0) {
 		vpn_progress(vpninfo, PRG_DEBUG,