static struct option long_options[] = {
{"certificate", 1, 0, 'c'},
+ {"sslkey", 1, 0, 'k'},
{"cookie", 1, 0, 'C'},
{"deflate", 0, 0, 'd'},
{"no-deflate", 0, 0, 'D'},
printf("Usage: anyconnect [options] <server>\n");
printf("Connect to Cisco AnyConnect server.\n\n");
printf(" -c, --certificate=CERT Use SSL client certificate CERT\n");
+ printf(" -k, --sslkey=KEY Use SSL private key file KEY\n");
printf(" -C, --cookie=COOKIE Use WebVPN cookie COOKIE\n");
printf(" -d, --deflate Enable compression (default)\n");
printf(" -D, --no-deflate Disable compression\n");
printf(" -m, --mtu=MTU Request MTU from server\n");
printf(" -p, --tpm-password=PASS Set TPM SRK PIN\n");
printf(" -s, --script=SCRIPT Use vpnc-compatible config script\n");
- printf(" -t, --tpm-key=KEY Use KEY as private key, with TPM\n");
+ printf(" -t, --tpm Use TPM engine for private key\n");
printf(" -u, --useragent=AGENT Set HTTP User-Agent AGENT\n");
printf(" -v, --verbose More output\n");
printf(" --cafile=FILE Cert file for server verification\n");
else
vpninfo->localname = "localhost";
- while ((opt = getopt_long(argc, argv, "C:c:hvdDu:i:t:p:s:h",
+ while ((opt = getopt_long(argc, argv, "C:c:hvdDu:i:tk:p:s:h",
long_options, NULL))) {
if (opt < 0)
break;
case 'c':
vpninfo->cert = optarg;
break;
+ case 'k':
+ vpninfo->sslkey = optarg;
+ break;
case 'd':
vpninfo->deflate = 1;
break;
vpninfo->vpnc_script = optarg;
break;
case 't':
- vpninfo->tpmkey = optarg;
+ vpninfo->tpm = 1;
break;
case 'u':
vpninfo->useragent = optarg;
usage();
}
+ if (!vpninfo->sslkey)
+ vpninfo->sslkey = vpninfo->cert;
+
vpninfo->hostname = argv[optind];
/* FIXME: Allow lookup in XML config file, once we fetch that */
return -EINVAL;
}
- if (vpninfo->tpmkey) {
+ if (vpninfo->tpm) {
ENGINE *e;
EVP_PKEY *key;
ENGINE_load_builtin_engines();
ERR_print_errors_fp(stderr);
}
}
- key = ENGINE_load_private_key(e, vpninfo->tpmkey,
- NULL, NULL);
+ key = ENGINE_load_private_key(e, vpninfo->sslkey, NULL, NULL);
if (!key) {
fprintf(stderr,
"Failed to load TPM private key\n");