commit 58f33715bf33d00bfacba927a6ba9a9a7618fc44
author Yingdi Yu <yuyingdi@gmail.com> Wed Apr 16 16:57:47 2014 -0700
committer Yingdi Yu <yuyingdi@gmail.com> Tue Apr 29 14:30:27 2014 -0700
tree 61409ab11e4b3a8beaa40265a6eaaf050572bc8a
parent b52d02877c0f0a2a2c882ebba0e86599c32b63ad

security: Clean up ValidatorConfig when it is re-loaded.

Refs: #1492

Change-Id: I203a57c0cf18c3c5993abfa9c3c7ca9decbed6c2

src/security/certificate-cache-ttl.cpp

diff --git a/src/security/certificate-cache-ttl.cpp b/src/security/certificate-cache-ttl.cpp
deleted file mode 100644
index 4ea644e..0000000
--- a/src/security/certificate-cache-ttl.cpp
+++ /dev/null
@@ -1,77 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
-/**
- * Copyright (c) 2013-2014,  Regents of the University of California.
- * All rights reserved.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- *
- * This file licensed under New BSD License.  See COPYING for detailed information about
- * ndn-cxx library copyright, permissions, and redistribution restrictions.
- *
- * @author Yingdi Yu <http://irl.cs.ucla.edu/~yingdi/>
- */
-
-#include "common.hpp"
-#include "certificate-cache-ttl.hpp"
-
-using namespace std;
-
-namespace ndn {
-
-CertificateCacheTtl::CertificateCacheTtl(shared_ptr<boost::asio::io_service> io,
-                                         const time::seconds& defaultTtl)
-  : m_defaultTtl(defaultTtl)
-  , m_scheduler(*io)
-{
-}
-
-CertificateCacheTtl::~CertificateCacheTtl()
-{
-}
-
-void
-CertificateCacheTtl::insertCertificate(shared_ptr<const IdentityCertificate> certificate)
-{
-  time::milliseconds expire = (certificate->getFreshnessPeriod() >= time::seconds::zero() ?
-                               certificate->getFreshnessPeriod() : m_defaultTtl);
-
-  Name trackerIndex = certificate->getName().getPrefix(-1);
-  EventTracker::iterator it = m_tracker.find(trackerIndex);
-  if (it != m_tracker.end())
-      m_scheduler.cancelEvent(m_tracker[trackerIndex]);
-
-  m_scheduler.scheduleEvent(time::seconds(0),
-                            bind(&CertificateCacheTtl::insert, this, certificate));
-  m_tracker[trackerIndex] = m_scheduler.scheduleEvent(expire,
-                                                      bind(&CertificateCacheTtl::remove,
-                                                           this, certificate->getName()));
-}
-
-void
-CertificateCacheTtl::insert(shared_ptr<const IdentityCertificate> certificate)
-{
-  Name name = certificate->getName().getPrefix(-1);
-  m_cache[name] = certificate;
-}
-
-void
-CertificateCacheTtl::remove(const Name& certificateName)
-{
-  Name name = certificateName.getPrefix(-1);
-  Cache::iterator it = m_cache.find(name);
-  if (it != m_cache.end())
-    m_cache.erase(it);
-}
-
-shared_ptr<const IdentityCertificate>
-CertificateCacheTtl::getCertificate(const Name& certificateName)
-{
-  Cache::iterator it = m_cache.find(certificateName);
-  if (it != m_cache.end())
-    return it->second;
-  else
-    return shared_ptr<IdentityCertificate>();
-}
-
-} // namespace ndn

src/security/certificate-cache-ttl.hpp

diff --git a/src/security/certificate-cache-ttl.hpp b/src/security/certificate-cache-ttl.hpp
index a86ee5e..4cf20e2 100644
--- a/src/security/certificate-cache-ttl.hpp
+++ b/src/security/certificate-cache-ttl.hpp
@@ -24,35 +24,116 @@
 class CertificateCacheTtl : public CertificateCache
 {
 public:
-  CertificateCacheTtl(shared_ptr<boost::asio::io_service> io,
-                      const time::seconds& defaultTtl = time::seconds(3600));
+  CertificateCacheTtl(boost::asio::io_service& io,
+                      const time::seconds& defaultTtl = time::seconds(3600))
+    : m_defaultTtl(defaultTtl)
+    , m_scheduler(io)
+  {
+  }
 
   virtual
-  ~CertificateCacheTtl();
+  ~CertificateCacheTtl()
+  {
+  }
 
-  virtual void
+  virtual inline void
   insertCertificate(shared_ptr<const IdentityCertificate> certificate);
 
-  virtual shared_ptr<const IdentityCertificate>
+  virtual inline shared_ptr<const IdentityCertificate>
   getCertificate(const Name& certificateNameWithoutVersion);
 
+  virtual inline void
+  reset();
+
+  virtual inline size_t
+  getSize();
+
 private:
-  void
+  inline void
   insert(shared_ptr<const IdentityCertificate> certificate);
 
-  void
+  inline void
   remove(const Name& certificateName);
 
+  inline void
+  removeAll();
+
 protected:
-  typedef std::map<Name, shared_ptr<const IdentityCertificate> > Cache;
-  typedef std::map<Name, EventId> EventTracker;
+  typedef std::map<Name, std::pair<shared_ptr<const IdentityCertificate>, EventId> > Cache;
 
   time::seconds m_defaultTtl;
   Cache m_cache;
-  EventTracker m_tracker;
   Scheduler m_scheduler;
 };
 
+inline void
+CertificateCacheTtl::insertCertificate(shared_ptr<const IdentityCertificate> certificate)
+{
+  m_scheduler.scheduleEvent(time::seconds(0),
+                            bind(&CertificateCacheTtl::insert, this, certificate));
+}
+
+inline shared_ptr<const IdentityCertificate>
+CertificateCacheTtl::getCertificate(const Name& certificateName)
+{
+  Cache::iterator it = m_cache.find(certificateName);
+  if (it != m_cache.end())
+    return it->second.first;
+  else
+    return shared_ptr<IdentityCertificate>();
+}
+
+inline void
+CertificateCacheTtl::reset()
+{
+  m_scheduler.scheduleEvent(time::seconds(0),
+                            bind(&CertificateCacheTtl::removeAll, this));
+}
+
+inline size_t
+CertificateCacheTtl::getSize()
+{
+  return m_cache.size();
+}
+
+inline void
+CertificateCacheTtl::insert(shared_ptr<const IdentityCertificate> certificate)
+{
+  time::milliseconds expire = (certificate->getFreshnessPeriod() >= time::seconds::zero() ?
+                               certificate->getFreshnessPeriod() : m_defaultTtl);
+
+  Name index = certificate->getName().getPrefix(-1);
+
+  Cache::iterator it = m_cache.find(index);
+  if (it != m_cache.end())
+    m_scheduler.cancelEvent(it->second.second);
+
+  EventId eventId = m_scheduler.scheduleEvent(expire,
+                                              bind(&CertificateCacheTtl::remove,
+                                                   this, certificate->getName()));
+
+  m_cache[index] = std::make_pair(certificate, eventId);
+}
+
+inline void
+CertificateCacheTtl::remove(const Name& certificateName)
+{
+  Name name = certificateName.getPrefix(-1);
+  Cache::iterator it = m_cache.find(name);
+  if (it != m_cache.end())
+    m_cache.erase(it);
+}
+
+inline void
+CertificateCacheTtl::removeAll()
+{
+  for(Cache::iterator it = m_cache.begin(); it != m_cache.end(); it++)
+    m_scheduler.cancelEvent(it->second.second);
+
+  m_cache.clear();
+}
+
+
 } // namespace ndn
 
 #endif //NDN_SECURITY_CERTIFICATE_CACHE_TTL_HPP

src/security/certificate-cache.hpp

diff --git a/src/security/certificate-cache.hpp b/src/security/certificate-cache.hpp
index 8f2c068..c22de67 100644
--- a/src/security/certificate-cache.hpp
+++ b/src/security/certificate-cache.hpp
@@ -33,6 +33,18 @@
 
   virtual shared_ptr<const IdentityCertificate>
   getCertificate(const Name& certificateNameWithoutVersion) = 0;
+
+  virtual void
+  reset() = 0;
+
+  virtual size_t
+  getSize() = 0;
+
+  bool
+  isEmpty()
+  {
+    return (getSize() == 0);
+  }
 };
 
 } // namespace ndn

src/security/validator-config.cpp

diff --git a/src/security/validator-config.cpp b/src/security/validator-config.cpp
index aa8ec27..054c843 100644
--- a/src/security/validator-config.cpp
+++ b/src/security/validator-config.cpp
@@ -32,7 +32,7 @@
   , m_certificateCache(certificateCache)
 {
   if (!static_cast<bool>(m_certificateCache))
-    m_certificateCache = make_shared<CertificateCacheTtl>(m_face.ioService());
+    m_certificateCache = make_shared<CertificateCacheTtl>(boost::ref(m_face.getIoService()));
 }
 
 void
@@ -84,6 +84,8 @@
 {
   BOOST_ASSERT(!filename.empty());
 
+  reset();
+
   if (configSection.begin() == configSection.end())
     {
       std::string msg = "Error processing configuration file";

src/security/validator-config.hpp

diff --git a/src/security/validator-config.hpp b/src/security/validator-config.hpp
index a5a8af1..e22c446 100644
--- a/src/security/validator-config.hpp
+++ b/src/security/validator-config.hpp
@@ -60,6 +60,12 @@
   load(const security::conf::ConfigSection& configSection,
        const std::string& filename);
 
+  inline void
+  reset();
+
+  inline bool
+  isEmpty();
+
 protected:
   virtual void
   checkPolicy(const Data& data,
@@ -122,6 +128,26 @@
   AnchorList m_anchors;
 };
 
+inline void
+ValidatorConfig::reset()
+{
+  m_certificateCache->reset();
+  m_interestRules.clear();
+  m_dataRules.clear();
+  m_anchors.clear();
+}
+
+inline bool
+ValidatorConfig::isEmpty()
+{
+  if (m_certificateCache->isEmpty() &&
+      m_interestRules.empty() &&
+      m_dataRules.empty() &&
+      m_anchors.empty())
+    return true;
+  return false;
+}
+
 template<class Packet, class OnValidated, class OnFailed>
 void
 ValidatorConfig::checkSignature(const Packet& packet,

src/security/validator-regex.cpp

diff --git a/src/security/validator-regex.cpp b/src/security/validator-regex.cpp
index d84f897..c0797c7 100644
--- a/src/security/validator-regex.cpp
+++ b/src/security/validator-regex.cpp
@@ -36,7 +36,7 @@
   , m_certificateCache(certificateCache)
 {
   if (!static_cast<bool>(m_certificateCache))
-    m_certificateCache = make_shared<CertificateCacheTtl>(m_face.ioService());
+    m_certificateCache = make_shared<CertificateCacheTtl>(boost::ref(m_face.getIoService()));
 }
 
 void