Signed-off-by: Kevin Cernekee <cernekee at gmail.com> --- TODO | 1 - openconnect.8.in | 7 +++++++ www/building.xml | 1 + www/features.xml | 1 + 4 files changed, 9 insertions(+), 1 deletions(-) diff --git a/TODO b/TODO index b8e3efd..8bfde64 100644 --- a/TODO +++ b/TODO @@ -1,7 +1,6 @@ openconnect: Port to/test on Windows, Symbian, etc. - Proper SecurID support nm-auth-dialog: Store cookie in GNOME keyring and reuse it instead of logging in again diff --git a/openconnect.8.in b/openconnect.8.in index 0313420..4c5b355 100644 --- a/openconnect.8.in +++ b/openconnect.8.in @@ -49,6 +49,7 @@ openconnect \- Connect to Cisco AnyConnect VPN .OP \-\-no\-passwd .OP \-\-non\-inter .OP \-\-passwd\-on\-stdin +.OP \-\-stoken[=\fItoken-string\fP] .OP \-\-reconnect\-timeout .OP \-\-servercert sha1 .OP \-\-useragent string @@ -322,6 +323,12 @@ Do not expect user input; exit if it is required. .B \-\-passwd\-on\-stdin Read password from standard input .TP +.B \-\-stoken[=\fItoken-string\fP] +Use libstoken to generate one-time passwords compatible with the RSA SecurID +system (when built with libstoken support). If \fItoken-string\fP is omitted, +libstoken will try to use the software token seed stored in \fI~/.stokenrc\fP, +if this file exists. +.TP .B \-\-reconnect\-timeout Keep reconnect attempts until so much seconds are elapsed. The default timeout is 300 seconds, which means that openconnect can recover diff --git a/www/building.xml b/www/building.xml index c11ccb1..07f3689 100644 --- a/www/building.xml +++ b/www/building.xml @@ -32,6 +32,7 @@ And <em>optionally</em> also: <ul> <li><b><tt><a href="http://code.google.com/p/libproxy/";>libproxy</a></tt></b></li> <li><b><tt><a href="http://trousers.sourceforge.net/";>trousers</a></tt></b> <i>(for TPM support if using GnuTLS)</i></li> + <li><b><tt><a href="http://stoken.sourceforge.net/";>libstoken</a></tt></b> <i>(for SecurID software token support)</i></li> </ul> <p>OpenConnect supports the use of HTTP and SOCKS proxies to connect to the AnyConnect service, even without using libproxy. You may wish to use libproxy diff --git a/www/features.xml b/www/features.xml index 44f9d1f..0f8eeec 100644 --- a/www/features.xml +++ b/www/features.xml @@ -17,6 +17,7 @@ <li>Automatic detection of IPv4 and IPv6 address, routes.</li> <li>Authentication via HTTP forms.</li> <li>Authentication using SSL certificates — from local file, <a href="http://en.wikipedia.org/wiki/Trusted_Platform_Module";>Trusted Platform Module</a> and <i>(when built with GnuTLS)</i> PKCS#11 smartcards.</li> + <li>Authentication using SecurID software tokens <i>(when built with libstoken)</i></li> <li><i>UserGroup</i> support for selecting between multiple configurations on a single VPN server.</li> <li>Data transport over TCP <i>(HTTPS)</i> or UDP <i>(DTLS)</i>.</li> <li>Keepalive and Dead Peer Detection on both HTTPS and DTLS.</li> -- 1.7.5.4
