[Swan-dev] testing: swan-prep break on conflicting config files
antony at phenome.org
Mon Sep 21 17:12:18 UTC 2020
I do not quite follow your arguments.
when did wel allow west.ipsec.secrets to work? It should not work! I had
quick look at v3.30 west.ipsec.secrets would not be copied instead
/etc/baseconfig/host/etc/ipsec.secerts will be copied as /etc/ipsec.secrets.
For host specific secerts file only allow west.secrets
May be you are confusing with weststrongswan.conf some other combinations.
it is good to clean up the logic.
I added support for ipsec.secrets, which be coppied all test hosts, and not
copy when there is ipsec.secrets and west.secrets (any host specific) files.
Most likely Paul still dislike ipsec.secrets:( as far I am concerned that is
a different discussion for another day.
On Mon, Sep 21, 2020 at 12:37:57PM -0400, Andrew Cagney wrote:
> FYI, I removed the code because it seemed arbitrary. It would reject some, but
> not all combinations of:
> I figured reducing this list to just:
> (and perhaps only allowing one) + logging the result was for a later pass.
> On Mon, 21 Sep 2020 at 11:34, Antony Antony <antony at vault.libreswan.fi> wrote:
> New commits:
> commit eff59a46350f2e638f1ef5051ab6f7a29033e5cf
> Author: Antony Antony <antony at phenome.org>
> Date: Mon Sep 21 15:24:13 2020 +0000
> testing: swan-prep break on conflicting config files
> fix 1e0b14ec0b20c3 this is a nice improvement, however, allowing
> conflicting files and picking the first one is less than ideal.
> We would end up with test cases with reduntant config files and endless
> confusion. Even with this fix I suspect 1e0b14ec0b20c3 would allow more
> config files than what a test would use.
> This is a first step to refuse to copy config file when there are
> conflicting files. The checks could stricter than this.
> Swan-commit mailing list
> Swan-commit at lists.libreswan.org
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
More information about the Swan-dev