Merge branch 'number-formats'

Document the accepted number formats in swanctl.conf/strongswan.conf and
clarify some details for specific options.

Closes strongswan/strongswan#1329

conf/options/charon.opt

@@ -392,7 +392,7 @@ charon.retransmit_jitter = 0
 charon.retransmit_limit = 0
 	Upper limit in seconds for calculated retransmission timeout (0 to disable).
 
-charon.retry_initiate_interval = 0
+charon.retry_initiate_interval = 0s
 	Interval in seconds to use when retrying to initiate an IKE_SA (e.g. if DNS
 	resolution failed), 0 to disable retries.
 

conf/plugins/eap-radius.opt

@@ -5,7 +5,7 @@ charon.plugins.eap-radius.accounting_close_on_timeout = yes
 	Close the IKE_SA if there is a timeout during interim RADIUS accounting
 	updates.
 
-charon.plugins.eap-radius.accounting_interval = 0
+charon.plugins.eap-radius.accounting_interval = 0s
 	Interval in seconds for interim RADIUS accounting updates, if not specified
 	by the RADIUS server in the Access-Accept message.
 

conf/strongswan.conf.5.head.in

@@ -59,6 +59,27 @@ An example file in this format might look like this:
 .PP
 Indentation is optional, you may use tabs or spaces.
 
+.SH NUMBER FORMATS
+Options that define an integer value can be specified as decimal (the default)
+or hexadecimal ("0x" prefix, upper- or lowercase letters are accepted).
+Locale-dependent strings (e.g. the thousands separator of the current locale)
+may also be accepted in locales other than "C".
+.PP
+Options that define a floating-point value can be specified as decimal (the
+default) or hexadecimal ("0x" prefix, upper- or lowercase letters are accepted).
+The radix character (decimal separator) in either case is locale-dependent,
+usually ".".
+
+.SH TIME FORMATS
+Unless stated otherwise, options that define a time are specified in seconds.
+The "s", "m", "h" and "d" suffixes may be used to automatically convert values
+given in seconds, minutes, hours or days (for instance, instead of configuring
+a rekey time of 4 hours as "14400" seconds, "4h" may be used).
+.PP
+There are some global options that don't accept these suffixes as they are
+configured as integer values in seconds or milliseconds, or even as
+floating-point numbers (e.g. the retransmission timeout). Options that accept
+the suffixes have a corresponding default value.
 
 .SH REFERENCING OTHER SECTIONS
 It is possible to inherit settings and sections from another section. This

src/swanctl/swanctl.conf.5.head.in

@@ -6,20 +6,11 @@ swanctl.conf is the configuration file used by the
 .BR swanctl (8)
 tool to load configurations and credentials into the strongSwan IKE daemon.
 
-For a description of the basic file syntax, including how to reference sections
-or split the configuration in multiple files by including other files, refer to
+For a description of the basic file syntax, including numer/time formats, or how
+to reference sections or split the configuration in multiple files by including
+other files, refer to
 .BR strongswan.conf (5).
 
-.SH TIME FORMATS
-For all options that define a time, the time is specified in seconds. The
-.RI "" "s" ","
-.RI "" "m" ","
-.RI "" "h" ""
-and
-.RI "" "d" ""
-suffixes explicitly define the units for seconds, minutes, hours and days,
-respectively.
-
 .SH SETTINGS
 The following settings can be used to configure connections, credentials and
 pools.

src/swanctl/swanctl.opt

@@ -301,12 +301,22 @@ connections.<conn>.if_id_in = 0
 	XFRM interface ID set on inbound policies/SA, can be overridden by child
 	config, see there for details.
 
+	The special value _%unique_ allocates a unique interface ID per IKE_SA,
+	which is inherited by all its CHILD_SAs (unless overriden there), beyond
+	that the value _%unique-dir_ assigns a different unique interface ID for
+	each direction (in/out).
+
 connections.<conn>.if_id_out = 0
 	Default outbound XFRM interface ID for children.
 
 	XFRM interface ID set on outbound policies/SA, can be overridden by child
 	config, see there for details.
 
+	The special value _%unique_ allocates a unique interface ID per IKE_SA,
+	which is inherited by all its CHILD_SAs (unless overriden there), beyond
+	that the value _%unique-dir_ assigns a different unique interface ID for
+	each direction (in/out).
+
 connections.<conn>.mediation = no
 	Whether this connection is a mediation connection.
 
@@ -992,7 +1002,7 @@ connections.<conn>.children.<child>.set_mark_out = 0/0x00000000
 	requires at least Linux 4.19.
 
 connections.<conn>.children.<child>.if_id_in = 0
-	Inbound XFRM interface ID.
+	Inbound XFRM interface ID (32-bit unsigned integer).
 
 	XFRM interface ID set on inbound policies/SA. This allows installing
 	duplicate policies/SAs and associates them with an interface with the same
@@ -1001,7 +1011,7 @@ connections.<conn>.children.<child>.if_id_in = 0
 	interface ID for each CHILD_SA direction (in/out).
 
 connections.<conn>.children.<child>.if_id_out = 0
-	Outbound XFRM interface ID.
+	Outbound XFRM interface ID (32-bit unsigned integer).
 
 	XFRM interface ID set on outbound policies/SA. This allows installing
 	duplicate policies/SAs and associates them with an interface with the same