26 #include <boost/algorithm/string/predicate.hpp>
33 namespace validator_config {
44 m_filters.push_back(std::move(filter));
50 m_checkers.push_back(std::move(checker));
54 Rule::match(uint32_t pktType,
const Name& pktName,
const shared_ptr<ValidationState>& state)
const
57 if (pktType != m_pktType) {
62 if (m_filters.empty()) {
67 for (
const auto& filter : m_filters) {
68 retval |= filter->match(pktType, pktName, state);
78 const shared_ptr<ValidationState>& state)
const
80 NDN_LOG_TRACE(
"Trying to check " << pktName <<
" with KeyLocator " << klName);
82 if (pktType != m_pktType) {
87 std::vector<Checker::Result> checkerResults;
88 checkerResults.reserve(m_checkers.size());
89 for (
const auto& checker : m_checkers) {
90 auto result = checker->check(pktType, sigType, pktName, klName, *state);
94 checkerResults.push_back(std::move(result));
97 std::ostringstream err;
98 err <<
"Packet " << pktName <<
" (KeyLocator=" << klName <<
") cannot pass any checker.";
99 for (
size_t i = 0; i < checkerResults.size(); ++i) {
100 err <<
"\nChecker " << i <<
": " << checkerResults[i].getErrorMessage();
109 auto propertyIt = configSection.begin();
112 if (propertyIt == configSection.end() || !boost::iequals(propertyIt->first,
"id")) {
116 std::string ruleId = propertyIt->second.data();
120 if (propertyIt == configSection.end() || !boost::iequals(propertyIt->first,
"for")) {
124 std::string usage = propertyIt->second.data();
127 bool isForData =
false;
128 if (boost::iequals(usage,
"data")) {
131 else if (boost::iequals(usage,
"interest")) {
135 NDN_THROW(
Error(
"Unrecognized <rule.for>: " + usage +
" in rule: " + ruleId));
141 for (; propertyIt != configSection.end(); propertyIt++) {
142 if (!boost::iequals(propertyIt->first,
"filter")) {
143 if (boost::iequals(propertyIt->first,
"checker")) {
149 rule->addFilter(
Filter::create(propertyIt->second, configFilename));
153 bool hasCheckers =
false;
154 for (; propertyIt != configSection.end(); propertyIt++) {
155 if (!boost::iequals(propertyIt->first,
"checker")) {
163 if (propertyIt != configSection.end()) {
168 NDN_THROW(
Error(
"No <rule.checker> is specified in rule: " + ruleId));
Represents an absolute name.
@ POLICY_ERROR
The packet violates the validation rules enforced by the policy.
static unique_ptr< Checker > create(const ConfigSection &configSection, const std::string &configFilename)
Create a checker from configuration section.
static unique_ptr< Filter > create(const ConfigSection &configSection, const std::string &configFilename)
Create a filter from the configuration section.
void addChecker(unique_ptr< Checker > checker)
static unique_ptr< Rule > create(const ConfigSection &configSection, const std::string &configFilename)
Create a rule from configuration section.
bool match(uint32_t pktType, const Name &pktName, const shared_ptr< ValidationState > &state) const
Check if the packet name matches rule's filter.
Rule(const std::string &id, uint32_t pktType)
bool check(uint32_t pktType, tlv::SignatureTypeValue sigType, const Name &pktName, const Name &klName, const shared_ptr< ValidationState > &state) const
Check if packet satisfies rule's condition.
void addFilter(unique_ptr< Filter > filter)
#define NDN_LOG_TRACE(expression)
Log at TRACE level.
#define NDN_LOG_INIT(name)
Define a non-member log module.
std::string to_string(const errinfo_stacktrace &x)
boost::property_tree::ptree ConfigSection
SignatureTypeValue
SignatureType values.