Detect redirection command in authentication response

In some situations server may command user agent to redirect to a
specific page as a result of (failed?) authentication attempt.

Examples of such responses:
1. ret=0,redir=/remote/login?&err=sslvpn_login_permission_denied&lang=en
2. ret=0,redir=/remote/login?&err=sslvpn_login_password_expired&lang=en

When using a real web browser it results in JavaScript redirecting user
to the URL from "redir" key.

In future we may try to use redirection info to retreive the cause of
authentication failure. It's not clear what would be the best way to
handle that. Check for "err" parameter value? Send another HTTP request?

For now just log relevant info for debugging purposes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Author: Rafał Miłecki

src/http.c

@@ -661,7 +661,7 @@ int auth_log_in(struct tunnel *tunnel)
 	                  sizeof("ajax=1")
 	          )] = { '\0' };
 #undef OFV_MAX
-	char token[128], tokenresponse[256], tokenparams[320];
+	char redir[128], token[128], tokenresponse[256], tokenparams[320];
 	char action_url[1024] = { '\0' };
 	char *res = NULL;
 	uint32_t response_size;
@@ -730,6 +730,12 @@ int auth_log_in(struct tunnel *tunnel)
 			ret = ERR_HTTP_BAD_RES_CODE;
 		goto end;
 	}
+
+	ret = get_value_from_response(res, "redir=", redir, 128);
+	if (ret == 1) {
+		log_debug("Received redirection: \"%s\"\n", redir);
+	}
+
 	ret = auth_get_cookie(tunnel, res, response_size);
 	if (ret == ERR_HTTP_NO_COOKIE) {
 		struct vpn_config *cfg = tunnel->config;