[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Extend peername styles in ACL (ITS#2907)

To: ando@sys-net.it
Subject: Re: Extend peername styles in ACL (ITS#2907)
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 07 Jan 2004 22:00:46 -0800
Cc: openldap-devel@OpenLDAP.org
In-reply-to: <200401072210.i07MAYrY017681@boole.openldap.org>
References: <200401072210.i07MAYrY017681@boole.openldap.org>

I dislike much of this, especially apply tree styles to IP addresses.
Even for PATH, they seem terrible useful.

For IP addresses, I rather see support for addr[/masklen][{ports}]
and/or addr[:mask][{ports}] where ports is a comma separated list
of port[-port], e.g., 127.0.0.0/8{10,12-30,200).

For PATH, I see no need for anything other than exact and regex.

Kurt

At 02:10 PM 1/7/2004, ando@sys-net.it wrote:
>Full_Name: Pierangelo Masarati
>Version: HEAD
>OS: Linux
>URL: http://www.sys-net.it/~ando/Download/peername-style-improvements.patch
>Submission from: (NULL) (81.72.89.40)
>Submitted by: ando
>
>
>This patch provides extended styles for peername which improve the semantics
>of the ACL clause and provide more efficient means to deal with typical issues
>(e.g. exact or most significant IP match without dealing with the port and so).
>
>See also ITS#2904
>
>p.

Prev by Date: Re: soname of libldap in openldap2.2
Next by Date: RE: Operational attributes
Index(es):
- Chronological
- Thread