On Wed, 22 Mar 2017, Andrew Cagney wrote:
We support multiple run scripts, they are run in C locale sort order (cf nss-cert-ocsp-01-strict).
Oh, I should try and use that new feature then!
There's a tradeoff. Constantly cleaning the slate means we don't notice the small amount of grime we leave behind (we might have noticed the PK11SymKey leak earlier) and no matter what the framework, being able to add tests that take each take ~1s is always going to be a win.
if you want to find those, we'd better run a bunch of tests under valgrind? :) (but not all because it slows things down so much :)
Here the only goal is to prove that when the two ends agree to aes-sha1-DH21, say, they perform the same operations.
As long as only 1 conn is loaded, sure. But if you load multiple conns you need to prove it didnt actually pick the wrong one. That's why simplicity is often better.
I'm using auto add/delete up/down with a config file hardwired with algorithms. It is probably possible to avoid this and specify the algorithms on the whack line but that means consulting the book of magic.
Yes, but I don't think that's really worth the trouble. You would be doing the exact same thing but with whack. Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
