[PATCH 10/10] Update documentation, manpage with libstoken information

Kevin Cernekee cernekee at gmail.com
Sun Oct 7 21:03:44 EDT 2012

Signed-off-by: Kevin Cernekee <cernekee at gmail.com>
 TODO             |    1 -
 openconnect.8.in |    7 +++++++
 www/building.xml |    1 +
 www/features.xml |    1 +
 4 files changed, 9 insertions(+), 1 deletions(-)

diff --git a/TODO b/TODO
index b8e3efd..8bfde64 100644
--- a/TODO
+++ b/TODO
@@ -1,7 +1,6 @@
 	Port to/test on Windows, Symbian, etc.
-	Proper SecurID support
 	Store cookie in GNOME keyring and reuse it instead of logging in again
diff --git a/openconnect.8.in b/openconnect.8.in
index 0313420..4c5b355 100644
--- a/openconnect.8.in
+++ b/openconnect.8.in
@@ -49,6 +49,7 @@ openconnect \- Connect to Cisco AnyConnect VPN
 .OP \-\-no\-passwd
 .OP \-\-non\-inter
 .OP \-\-passwd\-on\-stdin
+.OP \-\-stoken[=\fItoken-string\fP]
 .OP \-\-reconnect\-timeout
 .OP \-\-servercert sha1
 .OP \-\-useragent string
@@ -322,6 +323,12 @@ Do not expect user input; exit if it is required.
 .B \-\-passwd\-on\-stdin
 Read password from standard input
+.B \-\-stoken[=\fItoken-string\fP]
+Use libstoken to generate one-time passwords compatible with the RSA SecurID
+system (when built with libstoken support).  If \fItoken-string\fP is omitted,
+libstoken will try to use the software token seed stored in \fI~/.stokenrc\fP,
+if this file exists.
 .B \-\-reconnect\-timeout
 Keep reconnect attempts until so much seconds are elapsed. The default
 timeout is 300 seconds, which means that openconnect can recover
diff --git a/www/building.xml b/www/building.xml
index c11ccb1..07f3689 100644
--- a/www/building.xml
+++ b/www/building.xml
@@ -32,6 +32,7 @@ And <em>optionally</em> also:
   <li><b><tt><a href="http://code.google.com/p/libproxy/">libproxy</a></tt></b></li>
   <li><b><tt><a href="http://trousers.sourceforge.net/">trousers</a></tt></b> <i>(for TPM support if using GnuTLS)</i></li>
+  <li><b><tt><a href="http://stoken.sourceforge.net/">libstoken</a></tt></b> <i>(for SecurID software token support)</i></li>
 <p>OpenConnect supports the use of HTTP and SOCKS proxies to connect to the
 AnyConnect service, even without using libproxy. You may wish to use libproxy
diff --git a/www/features.xml b/www/features.xml
index 44f9d1f..0f8eeec 100644
--- a/www/features.xml
+++ b/www/features.xml
@@ -17,6 +17,7 @@
   <li>Automatic detection of IPv4 and IPv6 address, routes.</li>
   <li>Authentication via HTTP forms.</li>
   <li>Authentication using SSL certificates — from local file, <a href="http://en.wikipedia.org/wiki/Trusted_Platform_Module">Trusted Platform Module</a> and <i>(when built with GnuTLS)</i> PKCS#11 smartcards.</li>
+  <li>Authentication using SecurID software tokens <i>(when built with libstoken)</i></li>
   <li><i>UserGroup</i> support for selecting between multiple configurations on a single VPN server.</li>
   <li>Data transport over TCP <i>(HTTPS)</i> or UDP <i>(DTLS)</i>.</li>
   <li>Keepalive and Dead Peer Detection on both HTTPS and DTLS.</li>

More information about the openconnect-devel mailing list