james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Burrell Donkin <robertburrelldon...@gmail.com>
Subject Re: NetMatcher
Date Tue, 10 Feb 2009 17:58:31 GMT
On Tue, Feb 10, 2009 at 5:47 PM, Stefano Bagnara <io@bago.org> wrote:
> Robert Burrell Donkin ha scritto:
>>
>> On Tue, Feb 10, 2009 at 5:23 PM, Aidan Skinner <aidan@apache.org> wrote:
>>>
>>> Hi JAMESers,
>>
>> hi Aidan
>>
>>> I'm borrowing o.a.james.util.NetMatcher.java for Qpid to implement
>>> netmask matching for access restriction purpouses. I'd rather not
>>> maintain a fork in-tree for long, and wondered if there'd be any
>>> interest in your side in moving this somewhere more generally useful
>>> (it's pretty nifty code). commons-net seemed like the obvious place to
>>> me but I'm open to other suggestions.
>>
>> (i'm not knowledgable about this part of the code base so hopefully
>> someone who knows more will jump)
>>
>> the NetMatcher implementation in 2.3 seems like a reasonable candidate
>> for a micro-library such as commons-net
>>
>> the implementation has been refactored in the 3.x branch so that an
>> external DNS service can be used. so, james already maintains an
>> internal fork. the revised code is unlikely to be suitable for a
>> commons-net.
>
> We removed all usages of java net dns related classes because the internal
> resolver does not handle cache expiration, so it is useless and very
> dangerous in a server environment where you don't restart the java
> application every 5 minutes.
>
> I don't remember why NetMatcher needs dns lookups.

   /**
     * Return true if the network contains the given name
     *
     * @param name hostname or ipAddress
     * @return true if the network contains the given name
     * @throws java.net.UnknownHostException if the given name can not resolved
     */
    public boolean contains(final String name) throws
java.net.UnknownHostException
    {
        return network.equals(maskIP(dnsServer.getByName(name), netmask));
    }
...

    /**
     * Get InetNetwork of the given String
     *
     * @param netspec the String which is will converted to InetNetwork
     * @return network the InetNetwork
     * @throws java.net.UnknownHostException
     */
    public InetNetwork getFromString(String netspec) throws
java.net.UnknownHostException
    {
        if (netspec.endsWith("*")) netspec = normalizeFromAsterisk(netspec);
        else
        {
            int iSlash = netspec.indexOf('/');
            if (iSlash == -1) netspec += "/255.255.255.255";
            else if (netspec.indexOf('.', iSlash) == -1) netspec =
normalizeFromCIDR(netspec);
        }

        return new
InetNetwork(dnsServer.getByName(netspec.substring(0,
netspec.indexOf('/'))),

dnsServer.getByName(netspec.substring(netspec.indexOf('/') + 1)));
    }

(so maybe it could be split up)

>> i would support forking the 2.3 version to commons-net and maintaining it
>> there
>
> Maybe commons-net already rely on java net dns classes, so it seems a good
> plan.

i still have commons karma. i'll start a discussion there.

- robert

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message