mgmt: combine ndns-add-rr and ndns-add-rr-from-file to a single command
Change-Id: I5b1410be95710a629d6a2ca401d475b16837d357
Refs: #2229, #2701
diff --git a/src/mgmt/management-tool.cpp b/src/mgmt/management-tool.cpp
index 186cced..e74c601 100644
--- a/src/mgmt/management-tool.cpp
+++ b/src/mgmt/management-tool.cpp
@@ -35,6 +35,7 @@
#include <ndn-cxx/encoding/oid.hpp>
#include <ndn-cxx/security/v1/cryptopp.hpp>
#include <ndn-cxx/link.hpp>
+#include <ndn-cxx/security/signing-helpers.hpp>
namespace ndn {
namespace ndns {
@@ -270,11 +271,12 @@
}
void
-ManagementTool::addRrSet(const Name& zoneName,
- const std::string& inFile,
- const time::seconds& ttl,
- const Name& inputDskCertName,
- const ndn::io::IoEncoding encoding)
+ManagementTool::addRrsetFromFile(const Name& zoneName,
+ const std::string& inFile,
+ const time::seconds& ttl,
+ const Name& inputDskCertName,
+ const ndn::io::IoEncoding encoding,
+ bool needResign)
{
//check precondition
Zone zone(zoneName);
@@ -301,7 +303,7 @@
}
}
- //first load the data
+ // load data
shared_ptr<Data> data;
if (inFile == DEFAULT_IO)
data = ndn::io::load<ndn::Data>(std::cin, encoding);
@@ -312,41 +314,8 @@
throw Error("input does not contain a valid Data packet");
}
- // determine whether the data is a self-signed certificate
- shared_ptr<Regex> regex1 = make_shared<Regex>("(<>*)<KEY>(<>+)<ID-CERT><>");
- if (regex1->match(data->getName())) {
- IdentityCertificate scert(*data);
- Name keyName = scert.getPublicKeyName();
- if (keyName.getPrefix(zoneName.size()) != zoneName) {
- throw Error("the input key does not belong to the zone");
- }
-
- Name keyLocator = scert.getSignature().getKeyLocator().getName();
-
- // if it is, extract the content and name from the data, and resign it using the dsk.
- shared_ptr<Regex> regex2 = make_shared<Regex>("(<>*)<KEY>(<>+)<ID-CERT>");
- BOOST_VERIFY(regex2->match(keyLocator) == true);
- if (keyName == regex2->expand("\\1\\2")) {
-
- Name canonicalName;
- canonicalName
- .append(zoneName)
- .append("KEY")
- .append(keyName.getSubName(zoneName.size(), keyName.size() - zoneName.size()))
- .append("ID-CERT")
- .append(data->getName().get(-1));
-
- if (data->getName() != canonicalName) {
- // name need to be adjusted
- auto newData = make_shared<Data>();
- newData->setName(canonicalName);
- newData->setMetaInfo(data->getMetaInfo());
- newData->setContent(data->getContent());
- m_keyChain.sign(*newData);
-
- data = newData;
- }
- }
+ if (needResign) {
+ m_keyChain.sign(*data, signingByCertificate(dskCertName));
}
// create response for the input data
diff --git a/src/mgmt/management-tool.hpp b/src/mgmt/management-tool.hpp
index f147b09..efa8138 100644
--- a/src/mgmt/management-tool.hpp
+++ b/src/mgmt/management-tool.hpp
@@ -124,26 +124,26 @@
void
exportCertificate(const Name& certName, const std::string& outFile = DEFAULT_IO);
- /** @brief Add rrset to the NDNS local database
+ /** @brief Add rrset to the NDNS local database from a file
*
- * This overload is capable of adding any data to the rrset as long as the supplied data is
- * valid.
- * A special case is to add the ID-CERT of KSK to the parent zone. At this case, the SS cert
- * should be supplied, and therefore it will use the parent zone's DSK to resign the certificate.
- * For other cases, the data will be added directly without any modification.
+ * The function Loads data from file and then adds it to the rrset without modification
+ * Loaded data is assummed to be valid
+ * Data will be resigned by zone's DSK, if needResign is true.
*
* @param zoneName the name of the zone to hold the rrset
* @param inFile the path to the supplied data
* @param ttl the ttl of the rrset
* @param dskCertName the DSK to signed the special case, default is the zone's DSK
* @param encoding the encoding of the input file
+ * @param needResign whether data should be resigned by DSK
*/
void
- addRrSet(const Name& zoneName,
- const std::string& inFile = DEFAULT_IO,
- const time::seconds& ttl = DEFAULT_RR_TTL,
- const Name& dskCertName = DEFAULT_CERT,
- const ndn::io::IoEncoding encoding = ndn::io::BASE64);
+ addRrsetFromFile(const Name& zoneName,
+ const std::string& inFile = DEFAULT_IO,
+ const time::seconds& ttl = DEFAULT_RR_TTL,
+ const Name& dskCertName = DEFAULT_CERT,
+ const ndn::io::IoEncoding encoding = ndn::io::BASE64,
+ bool needResign = false);
/** @brief Add rrset to the NDNS local database
*
diff --git a/tests/unit/mgmt/management-tool.cpp b/tests/unit/mgmt/management-tool.cpp
index 8f042f2..d08eb17 100644
--- a/tests/unit/mgmt/management-tool.cpp
+++ b/tests/unit/mgmt/management-tool.cpp
@@ -575,17 +575,17 @@
// Check: throw if zone not exist
std::string certPath = TEST_CERTDIR.string();
- BOOST_CHECK_THROW(m_tool.addRrSet(zoneName, certPath), ndns::ManagementTool::Error);
+ BOOST_CHECK_THROW(m_tool.addRrsetFromFile(zoneName, certPath), ndns::ManagementTool::Error);
m_tool.createZone(zoneName, ROOT_ZONE);
// Check: throw if certificate does not match
- BOOST_CHECK_THROW(m_tool.addRrSet(zoneName, certPath), ndns::ManagementTool::Error);
+ BOOST_CHECK_THROW(m_tool.addRrsetFromFile(zoneName, certPath), ndns::ManagementTool::Error);
std::string rightCertPath = TEST_CERTDIR.string() + "/ss.cert";
m_tool.exportCertificate(otherKsk, rightCertPath);
- BOOST_CHECK_NO_THROW(m_tool.addRrSet(zoneName, rightCertPath));
+ BOOST_CHECK_NO_THROW(m_tool.addRrsetFromFile(zoneName, rightCertPath));
}
BOOST_AUTO_TEST_CASE(AddRrSetDskCert)
@@ -607,19 +607,8 @@
std::string output = TEST_CERTDIR.string() + "/ss.cert";
m_tool.exportCertificate(ksk, output);
- BOOST_CHECK_NO_THROW(m_tool.addRrSet(parentZoneName, output));
+ BOOST_CHECK_NO_THROW(m_tool.addRrsetFromFile(parentZoneName, output));
BOOST_CHECK_NO_THROW(findIdCert(parentZone, ksk));
-
- // Add KSK ID-CERT with illegal name and convert it
- Name iZoneName = Name(parentZoneName).append("illegal");
- Name illegalCertName = m_keyChain.createIdentity(iZoneName);
- m_tool.exportCertificate(illegalCertName, output);
- BOOST_CHECK_NO_THROW(m_tool.addRrSet(parentZoneName, output));
-
- Name legalCertName = Name(parentZoneName).append("KEY")
- .append("illegal")
- .append(illegalCertName.getSubName(3));
- BOOST_CHECK_NO_THROW(findIdCert(parentZone, legalCertName));
}
BOOST_AUTO_TEST_CASE(AddRrSetDskCertUserProvidedCert)
@@ -632,7 +621,7 @@
shared_ptr<IdentityCertificate> dskCert = m_keyChain.selfSign(dskName);
m_keyChain.addCertificateAsKeyDefault(*dskCert);
- // check addRrSet1
+ // check addRrsetFromFile1
m_tool.createZone(parentZoneName, ROOT_ZONE, time::seconds(1), time::days(1), otherKsk, otherDsk);
m_tool.createZone(zoneName, parentZoneName);
@@ -646,7 +635,7 @@
std::string output = TEST_CERTDIR.string() + "/ss.cert";
m_tool.exportCertificate(ksk, output);
- BOOST_CHECK_NO_THROW(m_tool.addRrSet(parentZoneName, output, time::seconds(4600),
+ BOOST_CHECK_NO_THROW(m_tool.addRrsetFromFile(parentZoneName, output, time::seconds(4600),
dskCert->getName()));
}
@@ -661,7 +650,7 @@
std::string output = TEST_CERTDIR.string() + "/ss.cert";
ndn::io::save(content, output);
- BOOST_CHECK_THROW(m_tool.addRrSet(zoneName, output), ndns::ManagementTool::Error);
+ BOOST_CHECK_THROW(m_tool.addRrsetFromFile(zoneName, output), ndns::ManagementTool::Error);
}
BOOST_AUTO_TEST_CASE(AddRrSetVersionControl)
@@ -721,7 +710,7 @@
ndn::io::save(*dskCert, output, ndn::io::BASE64);
BOOST_CHECK_NO_THROW(
- m_tool.addRrSet(zoneName, output, DEFAULT_CACHE_TTL, DEFAULT_CERT, ndn::io::BASE64));
+ m_tool.addRrsetFromFile(zoneName, output, DEFAULT_CACHE_TTL, DEFAULT_CERT, ndn::io::BASE64));
// raw
dskName = m_keyChain.generateRsaKeyPair(zoneName, false);
@@ -729,7 +718,7 @@
ndn::io::save(*dskCert, output, ndn::io::NO_ENCODING);
BOOST_CHECK_NO_THROW(
- m_tool.addRrSet(zoneName, output, DEFAULT_CACHE_TTL, DEFAULT_CERT, ndn::io::NO_ENCODING));
+ m_tool.addRrsetFromFile(zoneName, output, DEFAULT_CACHE_TTL, DEFAULT_CERT, ndn::io::NO_ENCODING));
// hex
dskName = m_keyChain.generateRsaKeyPair(zoneName, false);
@@ -737,7 +726,7 @@
ndn::io::save(*dskCert, output, ndn::io::HEX);
BOOST_CHECK_NO_THROW(
- m_tool.addRrSet(zoneName, output, DEFAULT_CACHE_TTL, DEFAULT_CERT, ndn::io::HEX));
+ m_tool.addRrsetFromFile(zoneName, output, DEFAULT_CACHE_TTL, DEFAULT_CERT, ndn::io::HEX));
// incorrect encoding input
dskName = m_keyChain.generateRsaKeyPair(zoneName, false);
@@ -745,7 +734,7 @@
ndn::io::save(*dskCert, output, ndn::io::HEX);
BOOST_CHECK_THROW(
- m_tool.addRrSet(zoneName, output, DEFAULT_CACHE_TTL, DEFAULT_CERT,
+ m_tool.addRrsetFromFile(zoneName, output, DEFAULT_CACHE_TTL, DEFAULT_CERT,
static_cast<ndn::io::IoEncoding>(127)),
ndns::ManagementTool::Error);
}
@@ -798,7 +787,7 @@
shared_ptr<Data> data1 = re1.toData();
m_keyChain.sign(*data1, otherDsk);
ndn::io::save(*data1, output);
- m_tool.addRrSet("/ndns-test", output);
+ m_tool.addRrsetFromFile("/ndns-test", output);
// Add TXT in normal way
Rrset rrset3 = rf.generateTxtRrset("/label3", label::TXT_RR_TYPE, 3333, DEFAULT_RR_TTL, {"Hello", "World"});
diff --git a/tools/ndns-add-rr-from-file.cpp b/tools/ndns-add-rr-from-file.cpp
deleted file mode 100644
index 5394b19..0000000
--- a/tools/ndns-add-rr-from-file.cpp
+++ /dev/null
@@ -1,140 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2014, Regents of the University of California.
- *
- * This file is part of NDNS (Named Data Networking Domain Name Service).
- * See AUTHORS.md for complete list of NDNS authors and contributors.
- *
- * NDNS is free software: you can redistribute it and/or modify it under the terms
- * of the GNU General Public License as published by the Free Software Foundation,
- * either version 3 of the License, or (at your option) any later version.
- *
- * NDNS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
- * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
- * PURPOSE. See the GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * NDNS, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "mgmt/management-tool.hpp"
-#include "ndns-label.hpp"
-#include "logger.hpp"
-#include <boost/program_options.hpp>
-#include <boost/filesystem.hpp>
-#include <string>
-
-#include <ndn-cxx/util/io.hpp>
-
-
-// @todo combine this command with ndns-add-rr
-int
-main(int argc, char* argv[])
-{
- using std::string;
- using namespace ndn;
- using namespace ndns;
-
- ndn::ndns::log::init();
- int ttlInt = -1;
- string zoneStr;
- string dskStr;
- string db;
- string file = "-";
- string encoding = "base64";
- try {
- namespace po = boost::program_options;
- po::variables_map vm;
-
- po::options_description options("Generic Options");
- options.add_options()
- ("help,h", "print help message")
- ("db,b", po::value<std::string>(&db), "Set the path of NDNS server database. "
- "Default: " DEFAULT_DATABASE_PATH "/ndns.db")
- ;
-
- po::options_description config("Record Options");
- config.add_options()
- ("file,f", po::value<string>(&file), "Path to the data. Default is stdin(-)")
- ("dsk,d", po::value<std::string>(&dskStr), "Set the name of DSK's certificate. "
- "Default: use default DSK and its default certificate")
- ("ttl,a", po::value<int>(&ttlInt), "Set ttl of the rrset. Default: 3600 seconds")
- ("encoding,e", po::value<string>(&encoding),
- "Set encoding format of input. Default: base64")
- ;
-
- options.add(config);
-
- po::options_description hidden("Hidden Options");
- hidden.add_options()
- ("zone", po::value<string>(&zoneStr), "host zone name")
- ;
-
- po::positional_options_description postion;
- postion.add("zone", 1);
- postion.add("file", 1);
-
- po::options_description cmdlineOptions;
- cmdlineOptions.add(options).add(hidden);
-
- // po::options_description config_file_options;
- // config_file_options.add(config).add(hidden);
-
- po::parsed_options parsed =
- po::command_line_parser(argc, argv).options(cmdlineOptions).positional(postion).run();
-
- po::store(parsed, vm);
- po::notify(vm);
-
- if (vm.count("help")) {
- std::cout << "Usage: ndns-add-rr-from-file [-b db] zone [-f file] [-d dskCert] [-a ttl] "
- "[-e raw|base64|hex] [file]" << std::endl
- << std::endl;
- std::cout << options << std::endl;
- return 0;
- }
-
- if (vm.count("zone") == 0) {
- std::cerr << "Error: zone must be specified" << std::endl;
- return 1;
- }
- }
- catch (const std::exception& ex) {
- std::cerr << "Parameter Error: " << ex.what() << std::endl;
- return 1;
- }
-
- try {
- Name zoneName(zoneStr);
- Name dskName(dskStr);
- time::seconds ttl;
- if (ttlInt == -1)
- ttl = ndns::DEFAULT_CACHE_TTL;
- else
- ttl = time::seconds(ttlInt);
-
- ndn::io::IoEncoding ioEncoding;
- if (encoding == "raw") {
- ioEncoding = ndn::io::NO_ENCODING;
- }
- else if (encoding == "hex") {
- ioEncoding = ndn::io::HEX;
- }
- else if (encoding == "base64") {
- ioEncoding = ndn::io::BASE64;
- }
- else {
- std::cerr << "Error: not supported encoding format '" << encoding
- << "' (valid options are: raw, hex, and base64)" << std::endl;
- return 1;
- }
-
- ndn::KeyChain keyChain;
- ndn::ndns::ManagementTool tool(db, keyChain);
- tool.addRrSet(zoneName, file, ttl, dskName, ioEncoding);
- }
- catch (const std::exception& ex) {
- std::cerr << "Error: " << ex.what() << std::endl;
- return 1;
- }
-}
diff --git a/tools/ndns-add-rr.cpp b/tools/ndns-add-rr.cpp
index 4e0a757..23f5b90 100644
--- a/tools/ndns-add-rr.cpp
+++ b/tools/ndns-add-rr.cpp
@@ -48,6 +48,10 @@
string rrLabelStr;
string rrTypeStr;
std::vector<std::string> content;
+ string file = "-";
+ string encoding = "base64";
+ bool setFile = false;
+ bool needResign = false;
try {
namespace po = boost::program_options;
po::variables_map vm;
@@ -56,17 +60,22 @@
options.add_options()
("help,h", "print help message")
("db,b", po::value<std::string>(&db), "Set the path of NDNS server database. "
- "Default: " DEFAULT_DATABASE_PATH "/ndns.db")
+ "Default: " DEFAULT_DATABASE_PATH "/ndns.db")
;
po::options_description config("Record Options");
config.add_options()
("dsk,d", po::value<Name>(&dsk), "Set the name of DSK's certificate. "
- "Default: use default DSK and its default certificate")
+ "Default: use default DSK and its default certificate")
("content,c", po::value<std::vector<std::string>>(&content),
"Set the content of resource record. Default: empty string")
("ttl,a", po::value<int>(&ttlInt), "Set ttl of the rrset. Default: 3600 seconds")
("version,v", po::value<int>(&ttlInt), "Set version of the rrset. Default: Unix Timestamp")
+ ("file,f", po::value<string>(&file), "Set path to file containing a rrset. If set, label, "
+ "type, content-type, content, and version parameters will be ignored. Default is stdin(-)")
+ ("encoding,e", po::value<string>(&encoding),
+ "Set encoding format of input file. Default: base64")
+ ("resign,r", po::value<bool>(&needResign), "Resign the input with DSK")
;
// add "Record Options" as a separate section
@@ -97,9 +106,9 @@
po::store(parsed, vm);
po::notify(vm);
-
if (vm.count("help")) {
- std::cout << "Usage: ndns-add-rr [options] zone label type [content ...]" << std::endl
+ std::cout << "Usage: ndns-add-rr [options] zone label type [content ...]" << std::endl;
+ std::cout << " ndns-add-rr [options] zone [-f file] [-e raw|base64|hex]" << std::endl
<< std::endl;
std::cout << options << std::endl;
return 0;
@@ -110,14 +119,21 @@
return 1;
}
- if (vm.count("label") == 0) {
- std::cerr << "Error: label and type must be specified" << std::endl;
- return 1;
- }
+ if (vm.count("file") == 0) {
+ if (vm.count("label") == 0) {
+ std::cerr << "Error: label and type must be specified" << std::endl;
+ return 1;
+ }
- if (vm.count("type") == 0) {
- std::cerr << "Error: type must be specified" << std::endl;
- return 1;
+ if (vm.count("type") == 0) {
+ std::cerr << "Error: type must be specified" << std::endl;
+ return 1;
+ }
+ } else {
+ if (vm.count("resign")) {
+ needResign = true;
+ }
+ setFile = true;
}
}
catch (const std::exception& ex) {
@@ -138,35 +154,54 @@
ttl = time::seconds(ttlInt);
uint64_t version = static_cast<uint64_t>(versionInt);
- // todo: reduce copy
- RrsetFactory rrsetFactory(db, zoneName, keyChain, dsk);
- rrsetFactory.checkZoneKey();
- Rrset rrset;
+ if (setFile) {
+ ndn::io::IoEncoding ioEncoding;
+ if (encoding == "raw") {
+ ioEncoding = ndn::io::NO_ENCODING;
+ }
+ else if (encoding == "hex") {
+ ioEncoding = ndn::io::HEX;
+ }
+ else if (encoding == "base64") {
+ ioEncoding = ndn::io::BASE64;
+ }
+ else {
+ std::cerr << "Error: not supported encoding format '" << encoding
+ << "' (valid options are: raw, hex, and base64)" << std::endl;
+ return 1;
+ }
+ ndn::ndns::ManagementTool tool(db, keyChain);
+ tool.addRrsetFromFile(zoneName, file, ttl, dsk, ioEncoding, needResign);
+ }
+ else {
+ RrsetFactory rrsetFactory(db, zoneName, keyChain, dsk);
+ rrsetFactory.checkZoneKey();
+ Rrset rrset;
- if (type == label::NS_RR_TYPE) {
- ndn::Link::DelegationSet delegations;
- for (const auto& i : content) {
- std::vector<string> data;
- boost::split(data, i, boost::is_any_of(","));
- uint32_t priority = boost::lexical_cast<uint32_t>(data[0]);
- // assert that data has two number.
- delegations.insert(std::make_pair(priority, data[1]));
+ if (type == label::NS_RR_TYPE) {
+ ndn::Link::DelegationSet delegations;
+ for (const auto& i : content) {
+ std::vector<string> data;
+ boost::split(data, i, boost::is_any_of(","));
+ uint32_t priority = boost::lexical_cast<uint32_t>(data[0]);
+ delegations.insert(std::make_pair(priority, data[1]));
+ }
+
+ rrset = rrsetFactory.generateNsRrset(label, type,
+ version, ttl, delegations);
+ } else if (type == label::TXT_RR_TYPE) {
+ rrset = rrsetFactory.generateTxtRrset(label, type,
+ version, ttl, content);
}
- rrset = rrsetFactory.generateNsRrset(label, type,
- version, ttl, delegations);
- } else if (type == label::TXT_RR_TYPE) {
- rrset = rrsetFactory.generateTxtRrset(label, type,
- version, ttl, content);
- }
+ ndn::ndns::ManagementTool tool(db, keyChain);
- ndn::ndns::ManagementTool tool(db, keyChain);
-
- if (label.size() > 1) {
- NDNS_LOG_TRACE("add multi-level label Rrset, using the same TTL as the Rrset");
- tool.addMultiLevelLabelRrset(rrset, rrsetFactory, ttl);
- } else {
- tool.addRrset(rrset);
+ if (label.size() > 1) {
+ NDNS_LOG_TRACE("add multi-level label Rrset, using the same TTL as the Rrset");
+ tool.addMultiLevelLabelRrset(rrset, rrsetFactory, ttl);
+ } else {
+ tool.addRrset(rrset);
+ }
}
/// @todo Report success or failure