[Swan] NSS transition questions

[Greg Scott]

Sorry for stepping out of the loop on this for a few days.  

> Preshared keys can still reside in /etc/ipsec.secrets or its include files

This was not the case with Openswan.  When I first stumbled across it in summer 2009, the Openswan RPM changed to read all its preshared keys from a local NSS database.  The NSS files were sitting in /etc/ipsec.d.  ipsec.secrets and include files were still there too, but I found out the hard way nobody looked at ipsec.secrets anymore.  This drove me nuts because I installed a new Fedora and Openswan version on a system, copied ipsec.secrets and its include files from the old to the new system, but none of those keys worked because the new version was getting its keys from NSS.  Ipsec.secrets was really just a placeholder.  

But now, with Libreswan - I can copy ipsec.secrets and its include files from an old Openswan system to a new Libreswan system and Libreswan will get its pre shared key from ipsec.secrets?  If so - thank you thank you thank you thank you!

- Greg