security: Adding wildcard support in CommandInterestValidator
Change-Id: I21beb5704f2e2584155377c5b2de59f0ea46c4fa
Refs: #1561
diff --git a/src/security/sec-rule-specific.cpp b/src/security/sec-rule-specific.cpp
index 58bcc26..9b44d83 100644
--- a/src/security/sec-rule-specific.cpp
+++ b/src/security/sec-rule-specific.cpp
@@ -26,6 +26,14 @@
: SecRule(true)
, m_dataRegex(dataRegex)
, m_signerRegex(signerRegex)
+ , m_isExempted(false)
+{
+}
+
+SecRuleSpecific::SecRuleSpecific(shared_ptr<Regex> dataRegex)
+ : SecRule(true)
+ , m_dataRegex(dataRegex)
+ , m_isExempted(true)
{
}
@@ -33,6 +41,7 @@
: SecRule(true)
, m_dataRegex(rule.m_dataRegex)
, m_signerRegex(rule.m_signerRegex)
+ , m_isExempted(rule.m_isExempted)
{
}
@@ -45,6 +54,9 @@
bool
SecRuleSpecific::matchSignerName(const Data& data)
{
+ if (m_isExempted)
+ return true;
+
try
{
SignatureSha256WithRsa sig(data.getSignature());
@@ -66,7 +78,8 @@
bool
SecRuleSpecific::satisfy(const Name& dataName, const Name& signerName)
{
- return (m_dataRegex->match(dataName) && m_signerRegex->match(signerName));
+ bool isSignerMatched = m_isExempted || m_signerRegex->match(signerName);
+ return (m_dataRegex->match(dataName) && isSignerMatched);
}
} // namespace ndn
diff --git a/src/security/sec-rule-specific.hpp b/src/security/sec-rule-specific.hpp
index 278bbcd..a7bf833 100644
--- a/src/security/sec-rule-specific.hpp
+++ b/src/security/sec-rule-specific.hpp
@@ -28,6 +28,8 @@
SecRuleSpecific(shared_ptr<Regex> dataRegex,
shared_ptr<Regex> signerRegex);
+ SecRuleSpecific(shared_ptr<Regex> dataRegex);
+
SecRuleSpecific(const SecRuleSpecific& rule);
virtual
@@ -45,9 +47,16 @@
bool
satisfy(const Name& dataName, const Name& signerName);
+ bool
+ isExempted() const
+ {
+ return m_isExempted;
+ }
+
private:
shared_ptr<Regex> m_dataRegex;
shared_ptr<Regex> m_signerRegex;
+ bool m_isExempted;
};
} // namespace ndn