[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Tue May 12 00:34:16 UTC 2020
New commits:
commit 65a497959a0e1ca615341109eaad5e75723839d6
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon May 11 20:29:19 2020 -0400
nss: Set NSS_PKCS11_2_0_COMPAT to ensure using the compat interface for now.
This might resolve the issue seen in https://github.com/libreswan/libreswan/issues/334
As per conversation with Bob:
The issue is building with nss 3.52, If you build with 3.51 and run with
3.52 you won't run into the issue. It's the default for the definition
of CK_GCM_PARAMS. The spec and the released headers were different from
OASIS. In that case, the header is authoritative and we used the spec NSS
needs to move the new definition, but doing so will break things that
compile with NSS. To get around it you can add -DNSS_PKCS11_2_0_COMPAT
or include it in your .c file
Long term, you'll actually want to move the the AEAD interface.
There's a new PKCS #11 interface that allows you to operate multiple AEAD
operations on a single key. It allows token IV generation. I added new
wrappers in 3.52 to handle the differences between tokens and mechanism
commit 739fbabf633d476d23e16cc3ccf7e1aac19aa3ab
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon May 11 20:27:18 2020 -0400
pluto: initialize a bool - s390 compiler thinks it can be used uninitialized
commit e69147ed844be7cf402ba49868f60e0903c9e545
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon May 11 12:02:00 2020 -0400
documentation: use original diff mangling by gpg and resign :)
More information about the Swan-commit
mailing list