[gnutls-devel] GnuTLS | Draft: lib/priority: add a [includes] section and file-optional/file-required keys (!1849)

[Read-only notification of GnuTLS library development activities]

adrien commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1849#note_1990397829


@tomato42 My goal is also to avoid having change the main file: with the above, distros would "include" the tool-managed file from the main config file but not package it.

I think the implementation for a whole directory could be pretty similar to this one; listing a directory in memory or in the configuration file are two ways to do the same thing.

There is an issue with the global section however as it could appear in an included file and it's supposed to be parsed first. We could use  ini_parse_stream  to feed all files at once. There would be some inefficiencies in opening and closing files silently twice in the callback but that sounds very minor for an uncommon operation which will involve a few files only.

So far, my main concern with introducing a directory is its location. I don't feel like creating something out of the blue and adding new build-time and runtime variables. What about the following?

- Use the directory at  GNUTLS_SYSTEM_PRIORITY_FILE  + ".d"; on Debian and Ubuntu, that would be  /etc/gnutls/config.d  which I find pretty good.
- From a parsing point-of-view, read files in one go through ini_parse_stream as outlined above; these files could contain the same lines as the current configuration but spread over several files
- List files in alphabetical order.
- Don't add specific variable/directive to include other files.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1849#note_1990397829
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20240709/e03d61d2/attachment.html>