On 02/04, Paul Wouters wrote: > > Antony brought up a while ago that due to our use of ipsec.conf.common, > the test cases do not work very well as documentation. It would be much > better to write out the full configurations so people can read them and > understand them better. > > I did not like his idea at the time, because it means a lot of copy and > pasting. And for raw RSA keys it also means a lot of long blobs and > changing a lot of config files if we ever change RSA keys for hosts. > > I'm beginning to lean more and more towards Antony's view. Take the > pain for the additional free documentation it generates. > > What do other people think? >
I tend to just copy and paste what I need from the common file connections instead of using the also= stuff Generally I found that there were some assumptions (ie. leftcert/rightcert) that don't apply in all cases, and I would also have to always go back to reference .common and figure out the tests, so I like being able to see the whole configuration there. Matt _______________________________________________ Swan-dev mailing list Swan-dev@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-dev