RFC 9567 error reporting agent demonstration #4
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…main` crate server functionality.
ximon18
commented
May 1, 2024
|
|
||
| fn init_middleware() -> MiddlewareChain<Vec<u8>, Vec<u8>> { | ||
| let mut middleware = MiddlewareBuilder::<Vec<u8>, Vec<u8>>::standard(); | ||
| let mut server_secret = [0u8; 16]; |
There was a problem hiding this comment.
If this were to be deployed on multiple servers the cookies need special attention m, e.g. to ensure they match on each server, plus there should be some mechanism to rotate them, etc, basically the guidelines in the cookie RFC should be taken into account.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Initial version of an RFC 9567 error report monitoring agent.
See the README for more introduction and usage.
Builds upon the existing
introducing-idnsbranch of this project for compatability with the domain crate, https://github.com/NLnetLabs/domain for server functionality and https://github.com/NLnetLabs/daemonbase for process daemonisation.Note: This code uses Tokio Tracing for logging with the intent that it would fit well with the Tokio Tracing logging emitted by the server functionality of the domain crate. However, when combined with daemonbase it's not clear to me how to leverage this properly. For example at present passing
-vcauses all levels of tracing logging within this new tool to be enabled at once irrespective of level, and at the same time no number of-varguments cause the underlying domain crate server side logging to be emitted, at least not so far in my limited testing.It currently lacks tests. It should at least have unit tests of the QNAME parsing, but I held off adding those yet as I'd like to know if the way I'm parsing the QNAME makes sense, or should I collect it to a Vec or even convert it to a string and parse it that way?