Don't forget key password on reconnect / change hosts in GUI.

As part of the password handling cleanup, we were clearing the stored
->cert_password after using it. This means we have to retain the https_ctx
or https_cred structure for the whole lifetime of the vpninfo, even across
reconnects. Fix openconnect_reset_ssl() accordingly.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

diff --git a/library.c b/library.c
index 0a3c87d..8c1560f 100644 (file)
--- a/library.c
+++ b/library.c
@@ -68,7 +68,8 @@ static void free_optlist (struct vpn_option *opt)
 
 void openconnect_vpninfo_free (struct openconnect_info *vpninfo)
 {
-       openconnect_reset_ssl(vpninfo);
+       openconnect_close_https(vpninfo, 1);
+       free(vpninfo->peer_addr);
        free_optlist(vpninfo->cookies);
        free_optlist(vpninfo->cstp_options);
        free_optlist(vpninfo->dtls_options);
@@ -171,7 +172,7 @@ void openconnect_clear_cookie (struct openconnect_info *vpninfo)
 
 void openconnect_reset_ssl (struct openconnect_info *vpninfo)
 {
-       openconnect_close_https(vpninfo, 1);
+       openconnect_close_https(vpninfo, 0);
        if (vpninfo->peer_addr) {
                free(vpninfo->peer_addr);
                vpninfo->peer_addr = NULL;

diff --git a/www/changelog.xml b/www/changelog.xml
index 54f7586..78febca 100644 (file)
--- a/www/changelog.xml
+++ b/www/changelog.xml
@@ -17,6 +17,7 @@
 <ul>
    <li><b>OpenConnect HEAD</b>
      <ul>
+       <li>Don't forget key password on GUI reconnect.</li>
        <li>Fix GnuTLS v3 build on OpenBSD.</li>
      </ul><br/>
   </li>