[Swan-dev] DBG_PRIVATE vs DBG_CRYPT
Andrew Cagney
andrew.cagney at gmail.com
Tue Sep 8 15:41:28 UTC 2020
crypt: encryption/decryption of messages: DANGER!
private: displays private information: DANGER!
I believe the idea behind private is that it dumps just enough information
for commands like tcpdump to decrypt packets (see ikev2_logParentSA()) and
perhaps recover DH material?
With that in mind I suspect most of the DBG_PRIVATE calls should be
DBG_CRYPT?
thoughts?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20200908/9ca4523e/attachment.html>
More information about the Swan-dev
mailing list