Remove --cert-type option from command line

With the impending v4.00 release and the soname change, this is a good
time to obsolete the --cert-type option. We've been automatically
detecting key types for a *long* time.

Only remove it from the command line for now; the library never exposed
it, but if the GnuTLS cert-loading code ends up being contributed back
to GnuTLS then they might want something similar there. So leave it in
place but unused.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

diff --git a/main.c b/main.c
index 48d5048..ad0722b 100644 (file)
--- a/main.c
+++ b/main.c
@@ -135,7 +135,6 @@ static struct option long_options[] = {
        OPTION("script", 1, 's'),
        OPTION("script-tun", 0, 'S'),
        OPTION("syslog", 0, 'l'),
-       OPTION("key-type", 1, 'K'),
        OPTION("key-password", 1, 'p'),
        OPTION("proxy", 1, 'P'),
        OPTION("user", 1, 'u'),
@@ -321,7 +320,7 @@ static int next_option(int argc, char **argv, char **config_arg)
  next:
        if (!config_file) {
                opt = getopt_long(argc, argv,
-                                 "bC:c:e:Ddg:hi:k:K:lpP:Q:qSs:U:u:Vvx:",
+                                 "bC:c:e:Ddg:hi:k:lpP:Q:qSs:U:u:Vvx:",
                                  long_options, NULL);
 
                *config_arg = optarg;
@@ -537,19 +536,6 @@ int main(int argc, char **argv)
                case 'k':
                        vpninfo->sslkey = keep_config_arg();
                        break;
-               case 'K':
-                       if (!strcasecmp(config_arg, "PKCS#12") ||
-                           !strcasecmp(config_arg, "PKCS12")) {
-                               vpninfo->cert_type = CERT_TYPE_PKCS12;
-                       } else if (!strcasecmp(config_arg, "TPM")) {
-                               vpninfo->cert_type = CERT_TYPE_TPM;
-                       } else if (!strcasecmp(config_arg, "PEM")) {
-                               vpninfo->cert_type = CERT_TYPE_PEM;
-                       } else {
-                               fprintf(stderr, _("Unknown certificate type '%s'\n"),
-                                       config_arg);
-                               usage();
-                       }
                case 'd':
                        vpninfo->deflate = 1;
                        break;

diff --git a/openconnect.8.in b/openconnect.8.in
index 68ea207..57ebc51 100644 (file)
--- a/openconnect.8.in
+++ b/openconnect.8.in
@@ -9,7 +9,6 @@ openconnect \- Connect to Cisco AnyConnect VPN
 .OP \-c,\-\-certificate cert
 .OP \-e,\-\-cert\-expire\-warning days
 .OP \-k,\-\-sslkey key
-.OP \-K,\-\-key\-type type
 .OP \-C,\-\-cookie cookie
 .OP \-\-cookie\-on\-stdin
 .OP \-d,\-\-deflate
@@ -28,7 +27,6 @@ openconnect \- Connect to Cisco AnyConnect VPN
 .OP \-\-no\-proxy
 .OP \-\-libproxy
 .OP \-\-key\-password\-from\-fsid
-.OP \-\-key\-type type
 .OP \-q,\-\-quiet
 .OP \-Q,\-\-queue\-len len
 .OP \-s,\-\-script vpnc\-script
@@ -203,9 +201,6 @@ stat \-\-file\-system \-\-printf=%i\e\en $CERTIFICATE
 .EE
 It is not the same as the 128\-bit UUID of the file system.
 .TP
-.B \-\-key\-type=TYPE
-Type of private key file (PKCS#12, TPM or PEM)
-.TP
 .B \-q,\-\-quiet
 Less output
 .TP