On 08/26/2015 09:50 AM, Lukas Slebodnik wrote:
On (25/08/15 19:45), Nikolai Kondrashov wrote:
On 08/25/2015 06:59 PM, Lukas Slebodnik wrote:
On (25/08/15 15:57), Nikolai Kondrashov wrote:
Still, judging from the code distribution and overall architecture, I would
say the first candidates will be providers. They are very complicated and have
a relatively well defined interface to SSSD core. Most of them talk over
network and any slowdown from Lua will likely be swamped by network latency.
Providers are very complicated due to compicated servers (LDAP, IPA, AD)
We will not be able to replace high level iplementation with scripting language
in short time (Lua -> C) . In short time, there still will need to be two way
comunication between C and Lua (Lua <-> C). Which would not be simplify code as
the first way.
Sure. It's complicated. That's why a higher level language might be
beneficial. If we can cut off some parts of a provider cleanly (which is a
good idea for refactoring anyway), we can reimplement them in Lua with
relatively low overhead. Thus, going by pieces we can reduce the disruption.
We separated logic to small parts with tevent style.
* create request
* do staff
* register callback
* call callback after finishing asynchronous operation.
If we want to use tevent + lua there might not be a huge saving in LOC;
You safe few lines with lua code, but you add extra lines for bingins to
wrap tevent request. Maybe it would help to write some example.
BTW you might find simple example of tevent style in libtevent (samba) itself.
It might be faster way then extracting LDAP example from sssd.
Thanks a lot, Lukas. I'll see what can be done, once I have time.
I have some ideas already.
Well, I know little of certification, and I'm worried about security too,
however, would C be safer, really?
Do you anticipate any specific security problems?
I do not have anything specific; It's just key factor which shoudl be
considered for
such step as using scripting language in sssd.
Alright, I'll do some research on this.
You can write secure code even in C.
https://docs.fedoraproject.org/en-US/Fedora_Security_Team/1/html/Defensive_Coding/index.html
Sure. The question is effort.
I should read that though.
Thanks!
Nick
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
