netinet6/ipsec.h declares
extern int ipsec_errcode;
which is used to pass an error code from the IPsec policy manipulation library to a program.
ipsec_strerror() can be used to obtain the error message string for the error code.
The array pointed to is not to be modified by the calling program. Since
ipsec_strerror() uses
strerror(3) as underlying function, calling
strerror(3) after
ipsec_strerror() will make the return value from
ipsec_strerror() invalid or overwritten.