tlaro...@polynum.com writes: > The two functions are said "inverse" from each other but the problem is > that if one gives a delimiter to ipsec_dump_policy(3) that is neither > a blank nor a new line, the string obtained can not be an input > to ipsec_set_policy(3). So there are not really inverse from each other. > > Wouldn't it be more logical whether to have no delimiter to > ipsec_dump_policy(3) (defaulting to '\n' for separating the elementary > statements) or to allow a delimiter to ipsec_set_policy(3) when parsing > the policy passed?
I think it would be most logical to document in ipsec_dump_policy that the default delimeter matches what is expected by ipsec_set_policy, and that alternate delimiters might be useful for people but do not produce valid syntax. That resolves your consternation but does not break anyone relying on the current behavior. This problem is surely longstanding and that you seem to be the first to notice or care, so the severity would seem to be extremely low.
