On Fri, 29 Apr 2022, Ian Willis wrote:
So far it appears to just be the card reader itself which causes the issue.
It also appears to cause issues with Firefox which becomes unresponsive even
after the card reader is removed.
See /etc/crypto-policies/local.d/nss-p11-kit.config
name=p11-kit-proxy
library=p11-kit-proxy.so
It is p11-kit-proxy that pulls in the "system defaults" I believe.
My guess is if you delete/rename that file, it should no longer try
to any hardware within libreswan (or other nss apps!)
Paul
[34032.370329] usb 1-2.1.3: new full-speed USB device number 17 using
xhci_hcd
[34032.631033] usb 1-2.1.3: New USB device found, idVendor=096e,
idProduct=060d, bcdDevice= 3.52
[34032.631036] usb 1-2.1.3: New USB device strings: Mfr=1, Product=2,
SerialNumber=3
[34032.631038] usb 1-2.1.3: Product: R502
[34032.631039] usb 1-2.1.3: Manufacturer: Feitian
[34032.631040] usb 1-2.1.3: SerialNumber: F6325B88290000F5
[34066.200951] usb 1-2.1.3: USB disconnect, device number 17
Currently looking through https://access.redhat.com/articles/4253861 to gain
a bit more insight on this and will probably just use an alternative reader.
Kind Regards
-----Original Message-----
From: Paul Wouters <[email protected]>
To: Ian Willis <[email protected]>
Cc: [email protected]
Subject: Re: [Swan] libreswan smartcards unexpected side effects
Date: Thu, 28 Apr 2022 22:37:27 +0200
There is an nss automatic hardware module loader config that makes system wi
de hooks available in nss that can be disabled in /etc with some option but
I don’t remember exactly which one and a quick google didn’t help me. I ran
into it when I installed open dnssec that installed softhsm and then Pluto’s
nss also read it the softhsm stored as part of nss.
Sent using a virtual keyboard on a phone
On Apr 28, 2022, at 16:34, Ian Willis <
[email protected]
> wrote:
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
