On 09/14/2012 11:23 AM, Alex Rousskov wrote:
Each approach differs in how it addresses backward compatibility:
>>
>>
>> 0) Screw backward compatibility and just start interpreting "quoted
>> strings" in ACL values as such. We can minimize breakage by detecting
>> unusual patterns such as quotes"in"the"middle and
>> "/quotes/without/any/spaces", treating them as the old parser would
>> (with a warning). We can also refuse to honor more than one value per
>> ACL when a value is quoted. Very few old configurations will be broken
>> by this, but I bet there will be some!
>>
>> # this will work OK
>> acl badOne1 user_cert CN "Bad Guy"
>>
>> # this will also work as before, with a warning
>> acl badOnes user_cert CN "/var/share/bad.guys"
>>
>> # this will be silently broken
>> acl badOnes user_cert CN "/var/share/my bad guys list"
>>
>> # new file loading syntax required here:
>> acl badOnes user_cert CN file:"/var/share/my bad guys list"
>
> I vote for this, with a few more changes that will reduce the breakages.
Interesting. I did not expect much support for this, but two out of
three responses so far suggest this approach, essentially. When the dust
settles, perhaps we should post to squid-users as well to get more feedback?
I do not like any solution that breaks things silently since it will
give you frustrated admins looking hours for solutions to a problem,
years of questions on the mailing list and many references
to a new FAQ section.
I think that admins are responsible for the configuration of Squid and that
Squid does not need a "clever" parser to guess what an admin wants.
Therefore I prefer option 2 (configuration_value_parser quoted_strings).
And with support for escaping quotes with a backslash.
Marcus
