[bind10-dev] ACL Syntax proposal

Michal 'vorner' Vaner michal.vaner at nic.cz
Mon May 30 15:48:31 UTC 2011


Hello

On Mon, May 30, 2011 at 04:30:13PM +0200, Shane Kerr wrote:
> In general I think this is reasonable. It's a shame there is no industry
> standard for this kind of stuff, but it appears every piece of software
> rolls its own.
> 
> One thing that we may want to do is to make our ACL implementation as
> re-usable as possible to help solve this problem. I guess I'm thinking
> that this should be something we can separate and ship on its own, sort
> of like the DNS library. I don't think that changes the syntax at all,
> but is something to consider when we code it. :)

I think we can make them some kind of template-ish, so when they would check
something else than ConstMessagePtr, they could be just recompiled with it. The
logic parts, the loading, optimising parts, all of that could probably be
reused. Classes like TSIG check would be worse, if someone would like to use it
against some other data type, though.

With regards

-- 
Next sleep is scheduled after 1k lines of code

Michal 'vorner' Vaner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind10-dev/attachments/20110530/e69ad8f8/attachment.bin>


More information about the bind10-dev mailing list