On Mon, 2018-01-29 at 15:07 +0000, Dave Walker wrote: > > The password and secondary_password are reversed. > > On this page it states the ordering: > http://www.infradead.org/openconnect/token.html > > "SecurID token codes will automatically fill in the primary password > field in the authentication form presented by the server" .. "This > behaviour is empirically determined by the requirements of the servers > that we have tested with; if you find a configuration in which it is > not appropriate, please let us know." > > This mail is letting you know... is there a workaround?
I think we should patch the code to use a 'secondary_password' field *if* it exists, and 'password' otherwise. That will require a slightly non-trivial modification to the cstp_can_gen_tokencode() function in auth.c, because now it's no longer *purely* a function of the one option it's being asked to consider. But not *so* hard... patches welcome :)
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list [email protected] http://lists.infradead.org/mailman/listinfo/openconnect-devel
