ietf-openproxy
[Top] [All Lists]

Re: P work in new charter

2004-06-30 14:50:22

Alex Rousskov wrote:

> Let's call the service-configuration language "S". Suppose we have
> service "foo", with three parameters: "a", "b", and "z".

What about something like

    // P code starts here
    if (message meets criteria) then {
        service := services.find("foo");
        call service(message.body, 1, 2, message.size);
    }

assuming the service is defined as a function with four input parameters, e.g foo(body, a, b, z).

You do not foresee something like the "encapsulated" code below, do
you?

    // P code starts is here
    if (message meets criteria) then {
        service := services.find("foo"); // still P code
        service.configure(<![SCODE[>     // P code ends here
            a = 1;               // S code to be passed to the service
            b = 2;               // S code
            z = message.size;    // S code accessing P objects??
        <]SCODE]>);                      // P code resumes here
        call service(message.body);      // P code
    }

The approach with "encapsulated" code would allow me to program the entire service in "P", i.e. using "encapsulated" code to write a virus scanner or anything I want, and then just call a service that does nothing else then executing the "encapsulated" code fragment - not a good idea, IMHO.

Or is there a better way? Please give an example of how to configure a
dynamically selected service in S without tainting P.

Maybe we were talking about diferent things... When you talk about "customizing a service", do you mean "passing dynamic input parameters to a service"? If yes, I think we're aligned - I would assume that this is possible (see my example above). If it also includes passing code fragments to the service for execution, I start feeling uncomfortable.

Here is another example calling (and configuring) an HTTP-unaware
content scanning service that needs to know the content MIME type:

  if (http.message.mime == "application/exe") then
    call services.scan("Windows binary", http.message.body);
  else
  if (http.message.mime == "text/html") then
    call services.scan("HTML page", http.message.body);

How can the above selection/configuration be done without tainting P?

That makes sense to me and seems to be pretty much in line with the example I gave above. I would consider this ok - this is just calinbg a service with the correct parameters.

-Markus




<Prev in Thread] Current Thread [Next in Thread>