YAMAMOTO Takashi wrote:

> what's wrong with:
> 
> 	if (policy_is_loaded) {
> 		check with pw_policy_test();
> 	} else {
> 		check default;
> 	}

well i was thinking that since we provide a way to check a password
against a policy, it might be desired to use this api exclusively
when doing so, making the code look like:

	if (policy_is_not_loaded)
		load alternate policy;
	check with pw_policy_test();

...which might prove to be easier to do in some cases (i think).

of course, if exposing the struct poses limitations (or, simply
makes it more annoying to maintain), i should probably go with your
suggestion and make it opaque to the caller and later deal with the
above case.

would it be possible to avoid memory allocation and just typedef
the struct? (say, pw_policy_t)

-e.

-- 
Elad Efrat