[Swan-dev] Merging algorithm tests?
Andrew Cagney
andrew.cagney at gmail.com
Wed Mar 15 14:35:38 UTC 2017
For the DH19/DH20/DH21, since the test objective was to just
demonstrate a basic crypto suite interop, i grouped everything
reducing the number of tests (the convention seems to be one test per
crypto suite). For instance, ikev2-algo-ike-dh-ecp-01's westrun.sh
looks like:
../bin/libreswan-up-down.sh ikev2-ike=aes128-sha1-dh19 -I 192.0.1.254
192.0.2.254
../bin/libreswan-up-down.sh ikev2-ike=aes128-sha1-dh20 -I 192.0.1.254
192.0.2.254
../bin/libreswan-up-down.sh ikev2-ike=aes128-sha1-dh21 -I 192.0.1.254
192.0.2.254
this seems to work remarkably well(1)(2). I'm now wondering if this
is a better more general approach for crypto suite interop tests like
this.
(1) my implementation is simple (I suspect there's a way to do this
directly with whack; but that means learning whack :-)
(2) anyone know a way to do this with strongswan as the initiator?
More information about the Swan-dev
mailing list