[01:22] <wgrant> blr: I've got three MPs up on https://code.launchpad.net/launchpad/+activereviews when you've stopped having fun with juju and mojo.
[02:49] <blr> yes, "fun"...
[02:49] <blr> will have a look
[03:19] <wgrant> I am adjusting squid-forwardproxy atm.
[03:25] <blr> wgrant: ah, what in particular?
[03:28] <wgrant> blr: More flexible ACLs.
[03:29] <blr> wgrant: are you touching auth_list?
[03:29] <wgrant> blr: It is likely.
[03:29] <wgrant> I'm trying to work out how to salvage it.
[03:30] <wgrant> That doesn't go near your work, does it?
[03:30] <blr> yeah, it isn't great by any means.
[03:30] <blr> no that's fine, might need to update the mojo spec though.
[03:31] <blr> wgrant: did you have a look at the auth_param changes btw?
[03:31] <wgrant> blr: Ah, no, I didn't see an MP.
[03:56]  * wgrant scratches head
[03:56] <wgrant> "This charm requires the following relation settings from clients:
[03:56] <wgrant> ip: service ip address
[03:56] <wgrant> port: service port
[03:56] <wgrant> sitenames: space-delimited list of sites to whitelist
[03:56] <wgrant> "
[03:56] <wgrant> What possible use could the service port be to the proxy?
[08:45] <wgrant> blr: https://code.launchpad.net/~wgrant/charms/precise/squid-forwardproxy/auth_list-deny/+merge/267626
[21:10] <blr> wgrant: looks like you've already merged it, sorry - certainly an improvement, particularly handling the inverse is nice.
[21:13] <blr> wgrant: wrt to auth_param, without any special casing we would need a dict without nesting similar to {'scheme': 'basic', 'children': '0 startup=N idle=N'} etc.
[21:16] <blr> was inclined to have all of the params mapped to keys, but probably just as clear that way
[22:35] <wgrant> blr: I haven't merged it yet, and I realised a case last night that I'm not sure I can be bothered handling in a backward-compatible way, so it can probably wait for the more sensible redesign.
[22:35] <wgrant> Specifically, there's no way to specify the order of ACL elements within an http_access line, which can be relevant when you're relying on short-circuiting for performance or to avoid unnecessary auth prompts.
[23:49] <blr> wgrant: any thoughts on the auth_param stuff above? ^ will that suffice?
[23:51] <wgrant> blr: Hm, perhaps have a special case that if the "children" key is a dict then it gets turned into a string?
[23:53] <wgrant> So {"scheme": "basic", "children": "11", "utf8": "off"} and {"scheme": "basic", "children": {"number": 11}, "utf8": "off"} would be equivalent.
[23:53] <wgrant> I suppose turning bools into strs would also make sense.
[23:54] <wgrant> So you can still specify anything you want using strings, but there are also niceties for certain keys.
[23:54] <blr> right
[23:54] <wgrant> Does that make sense to you?
[23:54] <wgrant> I think it's the least jarring approach.
[23:55] <blr> yep, that seems reasonable