Intend to remove openconnect_set_server_cert_sha1()

David Woodhouse dwmw2 at
Fri Nov 7 08:45:22 PST 2014

I don't think anyone uses this except openconnect(8). It's redundant
since you can just call openconnect_set_system_trust(vpninfo, 0) and
then do the check in your own verify_cert callback.

I know that none of the Windows, Android, GNOME and KDE tools use it,
and I'd be surprised if Shimo does.

So I'm going to move the handling of --servercert into main.c and kill
the API function. At some point over the weekend, unless someone

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <>

More information about the openconnect-devel mailing list