Introduce a dedicated direct::LocalHttp target type#1417
Introduce a dedicated direct::LocalHttp target type#1417olix0r merged 4 commits intomatei/opaque-n-http-trafficfrom
Conversation
mateiidavid
left a comment
mateiidavid
left a comment
There was a problem hiding this comment.
Makes for a much nicer read now :) It also seems to put me at ease with the policy questions I had. The only thing that I'm really unsure of (and that I put in a comment) is whether through the old approach we'd end up checking the policy twice: once here, and once through the http stack.
| negotiated_protocol: client.alpn, | ||
| }, | ||
| ); | ||
| let permit = policy |
There was a problem hiding this comment.
Ah nice, so when we go direct w/o a protocol we can just check the policy here. This is something I was wondering about in my approach; if we check the policy in the direct stack, it'll be checked once again in the http stack?
There was a problem hiding this comment.
yeah, in this case we only check the authorization for the tcp stack -- this is why the LocalTcp type takes a permit: to prove that it has been authorized.
the http stack will do its own authorization checks on requests.
| protocol: SessionProtocol, | ||
| } | ||
|
|
||
| type Local = svc::Either<LocalTcp, LocalHttp>; |
There was a problem hiding this comment.
This is neat! So this basically allows us to just return the inner predicate on L129 and have the switch layer in one line? That's really cool.
2 participants
No description provided.