New commits:
commit 0d67228837c737012b5bc8f60ffb44d682143908
Author: Andrew Cagney <[email protected]>
Date: Tue Sep 22 12:57:36 2020 -0400
crypto: log when ever a private key is loaded from NSS
(to the log file, but not to whack - that messes up tests)
The load happens too often.
Because a connection has no counted reference to its private key,
operations such as <<delete all secrets>> leave connections/states
dangling. This is why IKE_AUTH has to try and re-load its private key
(even when it was pre-loaded by add connection say).
One working theory is:
- "add" pre-loads private keys with counted reference
- orient() checks private keys present (since ends needs known)
- IKE_AUTH has the key pre-loaded
_______________________________________________
Swan-commit mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-commit
