CSD_HOSTNAME is a known-valid hostname on which (hopefully) our script
won't have to perform too much input validation to know it's safe.
CSD_TOKEN is passed in as the "sdesktop" cookie from host scan.
Signed-off-by: Kevin Cernekee <cernekee at gmail.com>
---
http.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/http.c b/http.c
index 1c59a73..d3eca46 100644
--- a/http.c
+++ b/http.c
@@ -603,6 +603,11 @@ static int run_csd_script(struct openconnect_info *vpninfo, char *buf, int bufle
csd_argv[i++]= (char *)"-langselen";
csd_argv[i++] = NULL;
+ if (setenv("CSD_TOKEN", vpninfo->csd_token, 1))
+ goto out;
+ if (setenv("CSD_HOSTNAME", vpninfo->hostname, 1))
+ goto out;
+
execv(csd_argv[0], csd_argv);
out:
--
1.7.10.4
