From cf1ac7e9351c20c4ca40186c6fa5a12978a571e9 Mon Sep 17 00:00:00 2001
From: Dimitri Papadopoulos
 <3350651+DimitriPapadopoulos@users.noreply.gitlab.com>
Date: Fri, 11 Jun 2021 20:22:10 +0200
Subject: [PATCH] Better document obsolete code and why we keep it

This code has been disabled by default in openfortivpn:
https://github.com/adrienverge/openfortivpn/pull/902

We keep it in openconnect for now, commenetd out, for debugging purposes.

Signed-off-by: Dimitri Papadopoulos <3350651+DimitriPapadopoulos@users.noreply.gitlab.com>
---
 fortinet.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/fortinet.c b/fortinet.c
index 75b17813..0b220b7a 100644
--- a/fortinet.c
+++ b/fortinet.c
@@ -537,9 +537,14 @@ static int fortinet_configure(struct openconnect_info *vpninfo)
 		goto out;
 	}
 
-	/* XXX: Why do Forticlient and Openfortivpn do this anyway?
-	 * It's fetching the legacy non-XML configuration, isn't it?
-	 * Do we *actually* have to do this, before fetching the XML config?
+	/* XXX: Forticlient and Openfortivpn fetch the legacy HTTP configuration.
+	 * FortiOS 4 was the last version to send the legacy HTTP configuration.
+	 * FortiOS 5 and later send the current XML configuration.
+	 * We clearly do not need to support FortiOS 4 anymore.
+	 * 
+	 * Yet we keep this code around in order to get a sanity check about
+	 * whether the SVPNCOOKIE is still valid/alive, until we are sure we've
+	 * worked out the weirdness with reconnects.
 	 */
 #if 0 /* Nah... */
 	free(vpninfo->urlpath);
-- 
2.49.0