This is my third attempt at addressing the various authgroup selection issues involving XML POST[1] and second-auth[2]. The basic idea is that whenever the user changes the selected authgroup (whose name is passed to the UI via oc_auth_form->authgroup_field), the process_auth_form callback returns back to libopenconnect with a special status code, and allows the library to construct a new form. In XML POST mode this results in a new POST to the gateway (and probably a new <opaque> data blob); in second-auth mode the form fields are manipulated locally. The changes are intended to be mostly backward compatible. The only incompatible change is that opt->value is prepopulated if secondary_username is marked editable, as the Cisco clients do allow the server to specify the initial value for this field. Library users that do not know about this may overwrite the pointer (leaking memory) and will probably ignore the prepopulated value. Also, users that do not know about the API change will still not be able to handle authgroup changes properly. This has been lightly tested with network-manager-openconnect and the command-line client. [1] https://bugs.launchpad.net/bugs/1229195 [2] http://lists.infradead.org/pipermail/openconnect-devel/2013-June/001088.html Kevin Cernekee (13): main: Move username/password/authgroup vars into main.c auth: Add <group-access> node to XML POST initial request library: Use named constants for process_auth_form() return value library: Decouple internal and external oc_* auth form structs main: Rename process_auth_form() to avoid conflict with library Create a common process_auth_form() wrapper function Split user-visible oc_* fields from internal fields auth: Provide information on which auth choice is currently selected process_auth_form: Add code to support NEWGROUP return status from UI auth: Remove outdated comment for parse_auth_choice() auth: Parse second-auth-related properties from the auth form auth: Hide unused form fields based on the selected authgroup library: Bump API version to 2.3 and document changes auth.c | 421 +++++++++++++++++++++++++++++++----------------- gnutls.c | 30 ++-- http.c | 22 ++- library.c | 1 + main.c | 54 ++++--- openconnect-internal.h | 37 ++++- openconnect.h | 13 +- openssl.c | 28 ++-- ssl.c | 21 ++- 9 files changed, 400 insertions(+), 227 deletions(-) -- 1.7.9.5
