+ Function is_valid_protocol() must use openconnect_get_supported_protocols.
+ Also the static const char *protocols[] would be unnecessary.
+
+ Reading the stderr with byte-by-byte approach is to be removed, as well as
+ are the PKCS failures and requests in stderr IO channel processing.
+
+ The use of interactive mode toggle is to be removed. Non-interactive mode
+ must be used, which leads to using --syslog with each authentication type
+ as task arg.
+
+ If the peer certificate cannot be verified with normal means it is because
+ the peer certificate is self signed and the user setting
+ "AllowSelfSignedCert" has to be used for the verify certificate callback
+ reply. The callback for certificate validation must return zero if user has
+ allowed self signed certificates. In such case save the SHA1 fingerprint of
+ server certificate as it is done now, otherwise indicate error to
+ libopenconnect.
+
+Tools
+=====
+
+- Add Clock API support to connmanctl