Sorry for not reply for a while, a little bit busy lately. > I think a --use-keychain argument which either stands alone *or* takes > a field name in the same form as the '--form-field' I just added in the > 'fields' branch, might make sense? Let me check out `--form-field` patch and think this again. I agree that keychain password filling or similar behavior may be handled by the other helper app such as UI automation tools. > Do we need to allow OpenConnect to *write* those secrets to the > keychain/libsecret too? Or is reading them sufficient? I think, if it is supporting reading, supporting writing as well would be easy for users in many cases. but it?s optional for sure. > I would certainly welcome a patch on that for gnutls! Let me take a look at gnutls more..., I?m not familiar with it yet much. Thank you, Yoshi -- Yoshimasa Niwa
