-
Íñigo Huguet authored
When using the auth dialog, nmcli and other agents reject using as secrets values without "IsSecret=true" option. Because of this, the value entered by the user as challenge-response was ignored with the "echo" mode enabled: because we were setting "IsSecret=false" to make the input visible. Instead of that, send a new "ForceEcho" option that is recognized by nmcli and other agents since NM 1.46. Additionally, prefix the "challenge-response" hint with "x-vpn-challenge(-echo):" to make nmcli recognizing this request as the 2nd step of a 2FA authentication in all cases, avoiding to request the password twice. This is also supported since NM 1.46. This change is backwards compatible for clients that uses the auth-dialog method to get the list of secrets to require: they pass the hints to nm-openvpn-auth-dialog and it will understand the new "x-vpn-challenge*" tags. These clients won't understand the new ForceEcho but they will just ignore...
b45ecc16