security: don't crash if received segment lacks KeyLocator
And while at it:
* move afterSegmentValidated() to a lambda
* remove unused loopback parameter from setInterestFilter()
* delete unused clear() method
* improve logging
* prevent building without PSync if tests are enabled, since that
configuration is currently unsupported
Change-Id: I930744296d3fa295787c16e6829d1dc27b06a195
diff --git a/tests/communication/test-sync-logic-handler.cpp b/tests/communication/test-sync-logic-handler.cpp
index c4a630b..9a0c7e3 100644
--- a/tests/communication/test-sync-logic-handler.cpp
+++ b/tests/communication/test-sync-logic-handler.cpp
@@ -39,7 +39,7 @@
getSync()
{
if (m_sync == nullptr) {
- m_sync.reset(new SyncLogicHandler(face, m_keyChain, testIsLsaNew, opts));
+ m_sync = std::make_unique<SyncLogicHandler>(face, m_keyChain, testIsLsaNew, opts);
}
return *m_sync;
}
@@ -50,9 +50,11 @@
this->advanceClocks(1_ms, 10);
face.sentInterests.clear();
+#ifdef HAVE_PSYNC
std::vector<psync::MissingDataInfo> updates;
updates.push_back({prefix, 0, seqNo, 0});
getSync().m_syncLogic.onPSyncUpdate(updates);
+#endif
this->advanceClocks(1_ms, 10);
}
diff --git a/tests/security/test-certificate-store.cpp b/tests/security/test-certificate-store.cpp
index 03e086a..484959e 100644
--- a/tests/security/test-certificate-store.cpp
+++ b/tests/security/test-certificate-store.cpp
@@ -85,7 +85,6 @@
advanceClocks(20_ms);
}
-public:
void
checkForInterest(ndn::Name& interstName)
{
@@ -99,8 +98,8 @@
BOOST_CHECK(didFindInterest);
}
+protected:
ndn::DummyClientFace face;
-
ConfParameter conf;
DummyConfFileProcessor confProcessor;
@@ -223,29 +222,23 @@
data.setContent(nameLsa.wireEncode());
data.setFinalBlock(lsaDataName[-1]);
- // Sign data with this NLSR's key (in real it would be different NLSR)
- m_keyChain.sign(data, conf.m_signingInfo);
- face.put(data);
+ // Test with unsigned data first (lacks KeyLocator).
+ // This should not happen during normal operations, but CertificateStore
+ // should still be able to handle invalid packets without crashing
+ lsdb.emitSegmentValidatedSignal(data);
- this->advanceClocks(1_ms);
+ // Sign data with this NLSR's key (in reality it would be a different NLSR)
+ m_keyChain.sign(data, conf.m_signingInfo);
// Make NLSR validate data signed by its own key
conf.getValidator().validate(data,
- [] (const ndn::Data&) { BOOST_CHECK(true); },
- [] (const ndn::Data&, const ndn::security::ValidationError& e) {
- BOOST_ERROR(e);
- });
+ [] (const auto&) { BOOST_CHECK(true); },
+ [] (const auto&, const auto& err) { BOOST_ERROR(err); });
lsdb.emitSegmentValidatedSignal(data);
auto certName = data.getSignatureInfo().getKeyLocator().getName();
auto keyName = ndn::security::extractKeyNameFromCertName(certName);
BOOST_CHECK(certStore.find(keyName) != nullptr);
-
- // testing a callback after segment validation signal from lsdb
- ndn::signal::ScopedConnection connection = lsdb.afterSegmentValidatedSignal.connect(
- [&] (const ndn::Data& lsaSegment) {
- BOOST_CHECK_EQUAL(lsaSegment.getName(), data.getName());
- });
}
BOOST_AUTO_TEST_SUITE_END()