[Swan-dev] DBG_PRIVATE vs DBG_CRYPT

Andrew Cagney andrew.cagney at gmail.com
Tue Sep 8 15:41:28 UTC 2020


  crypt: encryption/decryption of messages: DANGER!
  private: displays private information: DANGER!

I believe the idea behind private is that it dumps just enough information
for commands like tcpdump to decrypt packets (see ikev2_logParentSA()) and
perhaps recover DH material?

With that in mind I suspect most of the DBG_PRIVATE calls should be
DBG_CRYPT?

thoughts?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20200908/9ca4523e/attachment.html>


More information about the Swan-dev mailing list