Re: UDS decisions
In message <1e149bf9-4347-d924-8942-803b8e4dd...@schokola.de>, Nils Goroll writ es: >WFM, but one thing: > >> 1. We will use bogo-IP numbers for client UDS connections > >As long as we get VCL access to the accept socket name, we should not need the >uds socket path. But we should have a way to differentiate between >/untrusted/external.socket and /highly/secure/internal.socket Something like 'local.endpoint' and/or 'local.acceptor' returning the address and name of the acceptor socket respectively. >P.S. FTR I can't quite follow the "UDS is hackisch" argument, but that >discussion would not get us anywhere. UDS wa a hack to absorb named pipes into this newfangled "network" part of the kernel. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 p...@freebsd.org | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. ___ varnish-dev mailing list varnish-dev@varnish-cache.org https://www.varnish-cache.org/lists/mailman/listinfo/varnish-dev
Re: UDS decisions
On Tue, Feb 13, 2018 at 3:47 PM, Nils Goroll wrote: > WFM, but one thing: > >> 1. We will use bogo-IP numbers for client UDS connections > > As long as we get VCL access to the accept socket name, we should not need the > uds socket path. But we should have a way to differentiate between > /untrusted/external.socket and /highly/secure/internal.socket That would be "named listen addresses" described in the same VIP as UDS, and currently half-implemented in trunk (names exist, but aren't usable in VCL). While at it, WFM too. Dridi ___ varnish-dev mailing list varnish-dev@varnish-cache.org https://www.varnish-cache.org/lists/mailman/listinfo/varnish-dev
Re: UDS decisions
WFM, but one thing: > 1. We will use bogo-IP numbers for client UDS connections As long as we get VCL access to the accept socket name, we should not need the uds socket path. But we should have a way to differentiate between /untrusted/external.socket and /highly/secure/internal.socket Nils P.S. FTR I can't quite follow the "UDS is hackisch" argument, but that discussion would not get us anywhere. Nils ___ varnish-dev mailing list varnish-dev@varnish-cache.org https://www.varnish-cache.org/lists/mailman/listinfo/varnish-dev