validator: integrate validator-config for data validation
Change-Id: I782964f8d6ce9134b2b849425a13b82aef741e2f
refs #1479
diff --git a/repo-ng.conf.sample b/repo-ng.conf.sample
index 31a508e..aa4a6b3 100644
--- a/repo-ng.conf.sample
+++ b/repo-ng.conf.sample
@@ -34,8 +34,8 @@
validator
{
- ; This rule is just an example of validation of signed interests for commands.
- ; User could define its own rule for signed command interest or data to be inserted
+ ; These rule is just an example of validation of signed interests for commands and data.
+ ; User could define its own rule for signed interest or data to be inserted
; according to Validator Configuration File Format.
; (http://redmine.named-data.net/projects/ndn-cxx/wiki/CommandValidatorConf)
rule
@@ -62,5 +62,30 @@
}
}
}
+
+ rule
+ {
+ id "Simple Rule For Data"
+ for data
+ filter
+ {
+ type name
+ name /example/data/1
+ relation is-prefix-of
+ }
+ checker
+ {
+ type fixed-signer
+ sig-type rsa-sha256
+ signer
+ {
+ type file
+ ; repo-ng.cert.sample is just a non-existent certificate.
+ ; User should create its own certification using Security Tool.
+ ; (http://redmine.named-data.net/projects/ndn-cxx/wiki/SecurityTools)
+ file-name "repo-ng.cert.sample"
+ }
+ }
+ }
}
}
\ No newline at end of file
diff --git a/src/handles/write-handle.cpp b/src/handles/write-handle.cpp
index 91557f3..07a5664 100644
--- a/src/handles/write-handle.cpp
+++ b/src/handles/write-handle.cpp
@@ -47,8 +47,8 @@
WriteHandle::onInterest(const Name& prefix, const Interest& interest)
{
m_validator.validate(interest,
- bind(&WriteHandle::onValidated, this, _1, prefix),
- bind(&WriteHandle::onValidationFailed, this, _1, _2));
+ bind(&WriteHandle::onValidated, this, _1, prefix),
+ bind(&WriteHandle::onValidationFailed, this, _1, _2));
}
void
@@ -61,6 +61,7 @@
void
WriteHandle::onRegisterFailed(const Name& prefix, const std::string& reason)
{
+ std::cerr << reason << std::endl;
throw Error("Insert prefix registration failed");
}
@@ -68,6 +69,7 @@
void
WriteHandle::onCheckRegisterFailed(const Name& prefix, const std::string& reason)
{
+ std::cerr << reason << std::endl;
throw Error("Insert check prefix registration failed");
}
@@ -107,6 +109,15 @@
void
WriteHandle::onData(const Interest& interest, ndn::Data& data, ProcessId processId)
{
+ m_validator.validate(data,
+ bind(&WriteHandle::onDataValidated, this, interest, _1, processId),
+ bind(&WriteHandle::onDataValidationFailed, this, _1, _2));
+}
+
+void
+WriteHandle::onDataValidated(const Interest& interest, const shared_ptr<const Data>& data,
+ ProcessId processId)
+{
if (m_processes.count(processId) == 0) {
return;
}
@@ -115,7 +126,7 @@
RepoCommandResponse& response = process.response;
if (response.getInsertNum() == 0) {
- getStorageHandle().insertData(data);
+ getStorageHandle().insertData(*data);
response.setInsertNum(1);
}
@@ -123,15 +134,31 @@
}
void
+WriteHandle::onDataValidationFailed(const shared_ptr<const Data>& data, const std::string& reason)
+{
+ std::cerr << reason << std::endl;
+}
+
+void
WriteHandle::onSegmentData(const Interest& interest, Data& data, ProcessId processId)
{
+ m_validator.validate(data,
+ bind(&WriteHandle::onSegmentDataValidated, this, interest, _1, processId),
+ bind(&WriteHandle::onDataValidationFailed, this, _1, _2));
+}
+
+void
+WriteHandle::onSegmentDataValidated(const Interest& interest,
+ const shared_ptr<const Data>& data,
+ ProcessId processId)
+{
if (m_processes.count(processId) == 0) {
return;
}
RepoCommandResponse& response = m_processes[processId].response;
//refresh endBlockId
- Name::Component finalBlockId = data.getFinalBlockId();
+ Name::Component finalBlockId = data->getFinalBlockId();
if (!finalBlockId.empty()) {
SegmentNo final = finalBlockId.toSegment();
@@ -146,7 +173,7 @@
}
//insert data
- if (getStorageHandle().insertData(data)) {
+ if (getStorageHandle().insertData(*data)) {
response.setInsertNum(response.getInsertNum() + 1);
}
@@ -367,8 +394,8 @@
WriteHandle::onCheckInterest(const Name& prefix, const Interest& interest)
{
m_validator.validate(interest,
- bind(&WriteHandle::onCheckValidated, this, _1, prefix),
- bind(&WriteHandle::onCheckValidationFailed, this, _1));
+ bind(&WriteHandle::onCheckValidated, this, _1, prefix),
+ bind(&WriteHandle::onCheckValidationFailed, this, _1, _2));
}
@@ -419,8 +446,10 @@
}
void
-WriteHandle::onCheckValidationFailed(const shared_ptr<const Interest>& interest)
+WriteHandle::onCheckValidationFailed(const shared_ptr<const Interest>& interest,
+ const std::string& reason)
{
+ std::cerr << reason << std::endl;
negativeReply(*interest, 401);
}
diff --git a/src/handles/write-handle.hpp b/src/handles/write-handle.hpp
index 1fe147a..8638a23 100644
--- a/src/handles/write-handle.hpp
+++ b/src/handles/write-handle.hpp
@@ -128,6 +128,10 @@
void
onData(const Interest& interest, Data& data, ProcessId processId);
+ void
+ onDataValidated(const Interest& interest, const shared_ptr<const Data>& data,
+ ProcessId processId);
+
/**
* @brief handle when fetching one data timeout
*/
@@ -144,6 +148,10 @@
void
onSegmentData(const Interest& interest, Data& data, ProcessId processId);
+ void
+ onSegmentDataValidated(const Interest& interest, const shared_ptr<const Data>& data,
+ ProcessId processId);
+
/**
* @brief Timeout when fetching segmented data. Data can be fetched RETRY_TIMEOUT times.
*/
@@ -171,6 +179,13 @@
void
processSegmentedInsertCommand(const Interest& interest, RepoCommandParameter& parameter);
+private:
+ /**
+ * @brief failure of validation for both one or segmented data
+ */
+ void
+ onDataValidationFailed(const shared_ptr<const Data>& data, const std::string& reason);
+
/**
* @brief extends noEndTime of process if not noEndTimeout, set StatusCode 405
*
@@ -197,7 +212,7 @@
onCheckValidated(const shared_ptr<const Interest>& interest, const Name& prefix);
void
- onCheckValidationFailed(const shared_ptr<const Interest>& interest);
+ onCheckValidationFailed(const shared_ptr<const Interest>& interest, const std::string& reason);
private:
void
diff --git a/tests/integrated/insert-delete-validator-config.conf b/tests/integrated/insert-delete-validator-config.conf
index e5a44f8..8a777c5 100644
--- a/tests/integrated/insert-delete-validator-config.conf
+++ b/tests/integrated/insert-delete-validator-config.conf
@@ -1,6 +1,6 @@
-; This test rule is for test suite TestBasicCommandInsertDelete.
-; Signed interests are generated by default certificate.
-; In this test rule, the type of checker is fixed signer and signer type is file.
+; The test rules below are for test suite TestBasicCommandInsertDelete.
+; Signed interests and data packets are signed by default certificate.
+; In these test rules, the type of checker is fixed signer and signer type is file.
; So user who wants to run this test could use security tool to dump the defualt
; certificate into a file named "insert-delete-test.cert"
rule
@@ -23,4 +23,26 @@
file-name "insert-delete-test.cert"
}
}
+}
+
+rule
+{
+ id "Test Rule For Datat"
+ for data
+ filter
+ {
+ type name
+ name /
+ relation is-prefix-of
+ }
+ checker
+ {
+ type fixed-signer
+ sig-type rsa-sha256
+ signer
+ {
+ type file
+ file-name "insert-delete-test.cert"
+ }
+ }
}
\ No newline at end of file
diff --git a/tests/integrated/test-basic-command-insert-delete.cpp b/tests/integrated/test-basic-command-insert-delete.cpp
index eed4764..db53f43 100644
--- a/tests/integrated/test-basic-command-insert-delete.cpp
+++ b/tests/integrated/test-basic-command-insert-delete.cpp
@@ -146,7 +146,7 @@
Data data(Name(interest.getName()));
data.setContent(content, sizeof(content));
data.setFreshnessPeriod(milliseconds(0));
- keyChain.sign(data);
+ keyChain.signByIdentity(data, keyChain.getDefaultIdentity());
insertFace.put(data);
std::map<Name, EventId>::iterator event = insertEvents.find(interest.getName());