diff --git a/cmdline.c b/cmdline.c index 8fa293c..b7134f8 100644 --- a/cmdline.c +++ b/cmdline.c @@ -66,8 +66,6 @@ void cmdline_parser_print_help (void) { " setups)\n" " -B, --buggy-encrypt-proxy Equivalent to -E -W, provided for backwards\n" " compatibility\n" -/*" -L, --tlsenforce Enforce TLSv1 connection (legacy)\n" -" -T, --no-ssl3 Do not connect using SSLv3 (legacy)\n"*/ " -z, --no-check-certificate Don't verify server SSL certificate\n" " -C, --cacert=STRING Path to trusted CA certificate or directory\n" " -4, --ipv4 Enforce IPv4 connection to local proxy\n" @@ -148,7 +146,6 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar args_info->clientkey_given = 0; args_info->wa_bug_29744_given = 0; args_info->proctitle_given = 0; - /* args_info->enforcetls1_given = 0; */ args_info->host_given = 0; args_info->cacert_given = 0; args_info->no_sni_flag = 0; @@ -182,9 +179,7 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar args_info->clientcert_arg = NULL; \ args_info->clientkey_arg = NULL; \ args_info->wa_bug_29744_flag = 0; \ - /* args_info->no_ssl3_flag = 0; */\ args_info->proctitle_arg = NULL; \ - /* args_info->enforcetls1_flag = 0; */\ args_info->host_arg = NULL; \ args_info->no_check_cert_flag = 0; \ args_info->cacert_arg = NULL; \ @@ -220,7 +215,6 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar { "remproxyauth", 1, NULL, 'R' }, { "proctitle", 1, NULL, 'x' }, { "host", 1, NULL, 'o' }, - { "tlsenforce", 0, NULL, 'L' }, { "header", 1, NULL, 'H' }, { "verbose", 0, NULL, 'v' }, { "ntlm", 0, NULL, 'N' }, @@ -234,7 +228,6 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar { "key", 1, NULL, 'k' }, { "wa-bug-29744", 0, NULL, 'W' }, { "buggy-encrypt-proxy", 0, NULL, 'B' }, - { "no-ssl3", 0, NULL, 'T' }, { "no-check-certificate",0,NULL,'z' }, { "cacert", 1, NULL, 'C' }, { "ipv4", 0, NULL, '4' }, @@ -243,9 +236,9 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar { NULL, 0, NULL, 0 } }; - c = getopt_long (argc, argv, "hVia:u:s:t:F:p:P:r:R:d:H:x:c:k:vNeEXWBqLo:TzC:46I", long_options, &option_index); + c = getopt_long (argc, argv, "hVia:u:s:t:F:p:P:r:R:d:H:x:c:k:vNeEXWBqo:zC:46I", long_options, &option_index); #else - c = getopt( argc, argv, "hVia:u:s:t:F:p:P:r:R:d:H:x:c:k:vNeEXWBqLo:TzC:46I" ); + c = getopt( argc, argv, "hVia:u:s:t:F:p:P:r:R:d:H:x:c:k:vNeEXWBqo:zC:46I" ); #endif if (c == -1) @@ -335,13 +328,6 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar args_info->proctitle_arg = gengetopt_strdup (optarg); break; - case 'L': - /* args_info->enforcetls1_given = 1; - message("Enforcing TLSv1\n"); - args_info->enforcetls1_flag = 1; */ - message ("Option -L/--tlsenforce is deprecated and without effect\n"); - break; - case 'o': args_info->host_given = 1; message("Host-header/SNI override enabled\n"); @@ -433,13 +419,6 @@ int cmdline_parser( int argc, char * const *argv, struct gengetopt_args_info *ar message("SSL local to remote proxy enabled\n"); break; - case 'T': /* Turn off SSLv3 */ - /* args_info->no_ssl3_flag = !(args_info->no_ssl3_flag); - if( args_info->verbose_flag ) - message("SSLv3 disabled\n"); */ - message ("Option -T/--no-ssl3 is deprecated and without effect\n"); - break; - case 'd': /* Destination host to built the tunnel to. */ if (args_info->dest_given) { fprintf (stderr, "%s: `--dest' (`-d') option given more than once\n", PACKAGE); diff --git a/cmdline.h b/cmdline.h index 1ad3eb1..e5f87da 100644 --- a/cmdline.h +++ b/cmdline.h @@ -53,9 +53,7 @@ struct gengetopt_args_info { char *clientcert_arg; /* client SSL certificate */ char *clientkey_arg; /* client SSL key */ int wa_bug_29744_flag; /* Use SSL encryption only until CONNECT, if at all (def=off).*/ - /* int no_ssl3_flag; Turn off SSLv3 (default=on) */ char *proctitle_arg; /* Override process title (default=off). */ - /* int enforcetls1_flag; Override default and enforce TLSv1 */ char *host_arg; /* Optional Host Header */ int no_check_cert_flag; /* Turn off server SSL certificate verification (default=on) */ int enforceipv4_flag; /* Enforce IPv4 (default=off). */ @@ -90,7 +88,6 @@ struct gengetopt_args_info { int clientkey_given; /* Whether client SSL key was given */ int wa_bug_29744_given; /* Whether work around was given */ int proctitle_given; /* Whether to override process title */ - /* int enforcetls1_given; Wheter to enforce TLSv1 */ int host_given; /* Wheter we override the Host Header */ int cacert_given; /* Whether cacert was given */ int no_sni_flag; /* Disable SNI */