Re: ipsec: slight inconsistency

To: tlaronde%polynum.com@localhost
Subject: Re: ipsec: slight inconsistency
From: Greg Troxel <gdt%lexort.com@localhost>
Date: Sat, 01 Jul 2023 10:49:45 -0400

tlaronde%polynum.com@localhost writes:

> The two functions are said "inverse" from each other but the problem is
> that if one gives a delimiter to ipsec_dump_policy(3) that is neither
> a blank nor a new line, the string obtained can not be an input
> to ipsec_set_policy(3). So there are not really inverse from each other.
>
> Wouldn't it be more logical whether to have no delimiter to
> ipsec_dump_policy(3) (defaulting to '\n' for separating the elementary
> statements) or to allow a delimiter to ipsec_set_policy(3) when parsing
> the policy passed?

I think it would be most logical to document in ipsec_dump_policy that
the default delimeter matches what is expected by ipsec_set_policy, and
that alternate delimiters might be useful for people but do not produce
valid syntax.  That resolves your consternation but does not break
anyone relying on the current behavior.  This problem is surely
longstanding and that you seem to be the first to notice or care, so the
severity would seem to be extremely low.

Follow-Ups:
- Re: ipsec: slight inconsistency
  - From: tlaronde

References:
- ipsec: slight inconsistency
  - From: tlaronde

Prev by Date: ipsec: slight inconsistency
Next by Date: Re: Trivial program size inflation
Previous by Thread: ipsec: slight inconsistency
Next by Thread: Re: ipsec: slight inconsistency
Indexes:

Home | Main Index | Thread Index | Old Index