Being able to connect with a --cookie parameter

[fretn]

It would be nice if you are able to connect with a --cookie parameter.

I'm working on a wrapper gui for openfortivpn which does the fortinet http auth to catch the SVPNCOOKIE, it would be nice if openfortivpn could create a connection if it receives the cookie

then in ps -ef the password wouldn't show up, and the password wouldn't be exposed in a openfortivpn config file

Ofcourse its possible to specify the password through an interactive prompt, but this is a bit complex to handle when you spawn openfortivpn in a background process

[mrbaseman]

@fretn I'm just looking through old tickets. Is this still relevant? Wouldn't be an exported environment variable for the cookie be better than a --cookie command line option which again would be visible from ps -ef?

[fretn]

yeah an environment variable would be better

but this is not really relevant anymore

[mrbaseman]

with an environment variable it's not much effort to implement either. can you try this branch? You can set an environment variable called SVPNCOOKIE which then taken instead of performing the login procedure. I have tried to test, but with my two factor authentication and client certificate password I guess I'm simply too slow when typing in the passwords.... At least the debug output shows the correct cookie, but I get a "403 Forbidden"

[fretn]

Okay, Somewhere next week I'll try this. I'll have to dig up what and how I was trying to do this, the memory is a bit fuzzy in my brain :)

[DimitriPapadopoulos]

@fretn I shall close this issue for now, since it is now possible to supply a cookie using the SVPNCOOKIE environment variable. Do not hesitate to reopen if you still encounter problems.