Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 3e3a989096055bcf8134c5578941edbd443ae94d / . / src / security / v2 / validator-config / rule.cpp
blob: 2cc31243d1a4122b91c2dd67f75c31ec9a5046cb [file] [log] [blame]
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/*
Davide Pesavento5df42a82018-03-08 20:06:51 -0500[diff] [blame]3 * Copyright (c) 2013-2018 Regents of the University of California.
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#include "rule.hpp"
23#include "util/logger.hpp"
24
25#include <boost/algorithm/string/predicate.hpp>
26
27NDN_LOG_INIT(ndn.security.validator_config.Rule);
28
29namespace ndn {
30namespace security {
31namespace v2 {
32namespace validator_config {
33
34Rule::Rule(const std::string& id, uint32_t pktType)
35 : m_id(id)
36 , m_pktType(pktType)
37{
38}
39
40void
41Rule::addFilter(unique_ptr<Filter> filter)
42{
43 m_filters.push_back(std::move(filter));
44}
45
46void
47Rule::addChecker(unique_ptr<Checker> checker)
48{
49 m_checkers.push_back(std::move(checker));
50}
51
52bool
53Rule::match(uint32_t pktType, const Name& pktName) const
54{
55 NDN_LOG_TRACE("Trying to match " << pktName);
56 if (pktType != m_pktType) {
57 BOOST_THROW_EXCEPTION(Error("Invalid packet type supplied (" +
58 to_string(pktType) + " != " + to_string(m_pktType) + ")"));
59 }
60
61 if (m_filters.empty()) {
62 return true;
63 }
64
65 bool retval = false;
66 for (const auto& filter : m_filters) {
67 retval |= filter->match(pktType, pktName);
68 if (retval) {
69 break;
70 }
71 }
72 return retval;
73}
74
75bool
Davide Pesavento5df42a82018-03-08 20:06:51 -0500[diff] [blame]76Rule::check(uint32_t pktType, const Name& pktName, const Name& klName,
77 const shared_ptr<ValidationState>& state) const
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800[diff] [blame]78{
79 NDN_LOG_TRACE("Trying to check " << pktName << " with keyLocator " << klName);
80
81 if (pktType != m_pktType) {
82 BOOST_THROW_EXCEPTION(Error("Invalid packet type supplied (" +
83 to_string(pktType) + " != " + to_string(m_pktType) + ")"));
84 }
85
86 bool hasPendingResult = false;
87 for (const auto& checker : m_checkers) {
88 bool result = checker->check(pktType, pktName, klName, state);
89 if (!result) {
90 return result;
91 }
92 hasPendingResult = true;
93 }
94
95 return hasPendingResult;
96}
97
98unique_ptr<Rule>
99Rule::create(const ConfigSection& configSection, const std::string& configFilename)
100{
101 auto propertyIt = configSection.begin();
102
103 // Get rule.id
104 if (propertyIt == configSection.end() || !boost::iequals(propertyIt->first, "id")) {
105 BOOST_THROW_EXCEPTION(Error("Expecting <rule.id>"));
106 }
107
108 std::string ruleId = propertyIt->second.data();
109 propertyIt++;
110
111 // Get rule.for
112 if (propertyIt == configSection.end() || !boost::iequals(propertyIt->first, "for")) {
113 BOOST_THROW_EXCEPTION(Error("Expecting <rule.for> in rule: " + ruleId));
114 }
115
116 std::string usage = propertyIt->second.data();
117 propertyIt++;
118
119 bool isForData = false;
120 if (boost::iequals(usage, "data")) {
121 isForData = true;
122 }
123 else if (boost::iequals(usage, "interest")) {
124 isForData = false;
125 }
126 else {
127 BOOST_THROW_EXCEPTION(Error("Unrecognized <rule.for>: " + usage + " in rule: " + ruleId));
128 }
129
130 auto rule = make_unique<Rule>(ruleId, isForData ? tlv::Data : tlv::Interest);
131
132 // Get rule.filter(s)
133 for (; propertyIt != configSection.end(); propertyIt++) {
134 if (!boost::iequals(propertyIt->first, "filter")) {
135 if (boost::iequals(propertyIt->first, "checker")) {
136 break;
137 }
138 BOOST_THROW_EXCEPTION(Error("Expecting <rule.filter> in rule: " + ruleId));
139 }
140
141 rule->addFilter(Filter::create(propertyIt->second, configFilename));
142 }
143
144 // Get rule.checker(s)
145 bool hasCheckers = false;
146 for (; propertyIt != configSection.end(); propertyIt++) {
147 if (!boost::iequals(propertyIt->first, "checker")) {
148 BOOST_THROW_EXCEPTION(Error("Expecting <rule.checker> in rule: " + ruleId));
149 }
150
151 rule->addChecker(Checker::create(propertyIt->second, configFilename));
152 hasCheckers = true;
153 }
154
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800[diff] [blame]155 if (propertyIt != configSection.end()) {
Davide Pesavento5df42a82018-03-08 20:06:51 -0500[diff] [blame]156 BOOST_THROW_EXCEPTION(Error("Expecting end of <rule>: " + ruleId));
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800[diff] [blame]157 }
158
159 if (!hasCheckers) {
160 BOOST_THROW_EXCEPTION(Error("No <rule.checker> is specified in rule: " + ruleId));
161 }
162
163 return rule;
164}
165
166} // namespace validator_config
167} // namespace v2
168} // namespace security
169} // namespace ndn