void Forwarder::onIncomingInterest(Face& inFace, const Interest& interest) { // receive Interest NFD_LOG_DEBUG("onIncomingInterest face=" << inFace.getId() << " interest=" << interest.getName()); const_cast<Interest&>(interest).setIncomingFaceId(inFace.getId()); ++m_counters.getNInInterests(); // /localhost scope control bool isViolatingLocalhost = !inFace.isLocal() && LOCALHOST_NAME.isPrefixOf(interest.getName()); if (isViolatingLocalhost) { NFD_LOG_DEBUG("onIncomingInterest face=" << inFace.getId() << " interest=" << interest.getName() << " violates /localhost"); // (drop) return; } // PIT insert shared_ptr<pit::Entry> pitEntry = m_pit.insert(interest).first; // detect duplicate Nonce int dnw = pitEntry->findNonce(interest.getNonce(), inFace); bool hasDuplicateNonce = (dnw != pit::DUPLICATE_NONCE_NONE) || m_deadNonceList.has(interest.getName(), interest.getNonce()); if (hasDuplicateNonce) { // goto Interest loop pipeline this->onInterestLoop(inFace, interest, pitEntry); return; } // cancel unsatisfy & straggler timer this->cancelUnsatisfyAndStragglerTimer(pitEntry); // is pending? const pit::InRecordCollection& inRecords = pitEntry->getInRecords(); bool isPending = inRecords.begin() != inRecords.end(); if (!isPending) { if (m_csFromNdnSim == nullptr) { m_cs.find(interest, bind(&Forwarder::onContentStoreHit, this, ref(inFace), pitEntry, _1, _2), bind(&Forwarder::onContentStoreMiss, this, ref(inFace), pitEntry, _1)); } else { shared_ptr<Data> match = m_csFromNdnSim->Lookup(interest.shared_from_this()); if (match != nullptr) { this->onContentStoreHit(inFace, pitEntry, interest, *match); } else { this->onContentStoreMiss(inFace, pitEntry, interest); } } } else { this->onContentStoreMiss(inFace, pitEntry, interest); } }
/** * @brief Send Interest towards application */ virtual void sendInterest(const Interest& interest) { NS_LOG_DEBUG("<< Interest " << interest); shared_ptr<const Interest> interestPtr = interest.shared_from_this(); m_appFaceImpl.m_scheduler.scheduleEvent(time::seconds(0), [this, interestPtr] { m_appFaceImpl.processInterestFilters(*interestPtr); }); }
virtual void checkPolicy(const Interest& interest, int stepCount, const ndn::OnInterestValidated& onValidated, const ndn::OnInterestValidationFailed& onValidationFailed, std::vector<shared_ptr<ndn::ValidationRequest> >& nextSteps) { onValidationFailed(interest.shared_from_this(), "No rules for interest."); }
void AppFace::sendInterest(const Interest& interest) { NS_LOG_FUNCTION(this << &interest); this->emitSignal(onSendInterest, interest); // to decouple callbacks Simulator::ScheduleNow(&App::OnInterest, m_app, interest.shared_from_this()); }
void InternalFace::sendInterest(const Interest& interest) { this->emitSignal(onSendInterest, interest); // Invoke .processInterest a bit later, // to avoid potential problems in forwarding pipelines. scheduler::schedule(time::seconds(0), bind(&InternalFace::processInterest, this, interest.shared_from_this())); }
void ValidatorConfig::checkPolicy(const Interest& interest, int nSteps, const OnInterestValidated& onValidated, const OnInterestValidationFailed& onValidationFailed, std::vector<shared_ptr<ValidationRequest> >& nextSteps) { if (!m_shouldValidate) return onValidated(interest.shared_from_this()); if (m_stepLimit == nSteps) return onValidationFailed(interest.shared_from_this(), "Maximum steps of validation reached"); bool isMatched = false; int8_t checkResult = -1; for (InterestRuleList::iterator it = m_interestRules.begin(); it != m_interestRules.end(); it++) { if ((*it)->match(interest)) { isMatched = true; checkResult = (*it)->check(interest, onValidated, onValidationFailed); break; } } if (!isMatched) return onValidationFailed(interest.shared_from_this(), "No rule matched!"); if (checkResult == 0) { const Name& interestName = interest.getName(); Name signedName = interestName.getPrefix(-2); Signature signature(interestName[-2].blockFromValue(), interestName[-1].blockFromValue()); checkSignature(interest, signature, nSteps, onValidated, onValidationFailed, nextSteps); } }
void ValidatorInvitation::checkPolicy (const Interest& interest, int stepCount, const OnInterestValidated& onValidated, const OnInterestValidationFailed& onValidationFailed, vector<shared_ptr<ValidationRequest> >& nextSteps) { const Name& interestName = interest.getName(); if (!m_invitationInterestRule.match(interestName)) return onValidationFailed(interest.shared_from_this(), "Invalid interest name: " + interest.getName().toUri()); Name signedName = interestName.getPrefix(-1); ndn::Buffer signedBlob = ndn::Buffer(signedName.wireEncode().value(), signedName.wireEncode().value_size()); Block signatureBlock = interestName.get(Invitation::SIGNATURE).blockFromValue(); Block signatureInfo = interestName.get(Invitation::KEY_LOCATOR).blockFromValue(); Signature signature(signatureInfo, signatureBlock); if (signature.getKeyLocator().getType() != KeyLocator::KeyLocator_Name) return onValidationFailed(interest.shared_from_this(), "KeyLocator is not a name: " + interest.getName().toUri()); const Name & keyLocatorName = signature.getKeyLocator().getName(); Data innerData; innerData.wireDecode(interestName.get(Invitation::INVITER_CERT).blockFromValue()); return internalCheck(signedBlob.buf(), signedBlob.size(), signature, keyLocatorName, innerData, bind(onValidated, interest.shared_from_this()), bind(onValidationFailed, interest.shared_from_this(), _1)); }
void Validator::validate(const Interest& interest, const OnInterestValidated& onValidated, const OnInterestValidationFailed& onValidationFailed, int nSteps) { std::vector<shared_ptr<ValidationRequest> > nextSteps; checkPolicy(interest, nSteps, onValidated, onValidationFailed, nextSteps); if (nextSteps.empty()) { // If there is no nextStep, // that means InterestPolicy has already been able to verify the Interest. // No more further processes. return; } OnFailure onFailure = bind(onValidationFailed, interest.shared_from_this(), _1); afterCheckPolicy(nextSteps, onFailure); }
void Forwarder::onIncomingInterest(Face& inFace, const Interest& interest) { // receive Interest NFD_LOG_DEBUG("onIncomingInterest face=" << inFace.getId() << " interest=" << interest.getName()); const_cast<Interest&>(interest).setIncomingFaceId(inFace.getId()); ++m_counters.getNInInterests(); // /localhost scope control bool isViolatingLocalhost = !inFace.isLocal() && LOCALHOST_NAME.isPrefixOf(interest.getName()); if (isViolatingLocalhost) { NFD_LOG_DEBUG("onIncomingInterest face=" << inFace.getId() << " interest=" << interest.getName() << " violates /localhost"); // (drop) return; } // PIT insert shared_ptr<pit::Entry> pitEntry = m_pit.insert(interest).first; // detect duplicate Nonce int dnw = pitEntry->findNonce(interest.getNonce(), inFace); bool hasDuplicateNonce = (dnw != pit::DUPLICATE_NONCE_NONE) || m_deadNonceList.has(interest.getName(), interest.getNonce()); if (hasDuplicateNonce) { // goto Interest loop pipeline this->onInterestLoop(inFace, interest, pitEntry); return; } // cancel unsatisfy & straggler timer this->cancelUnsatisfyAndStragglerTimer(pitEntry); // is pending? const pit::InRecordCollection& inRecords = pitEntry->getInRecords(); bool isPending = inRecords.begin() != inRecords.end(); if (!isPending) { // CS lookup const Data* csMatch; shared_ptr<Data> match; if (m_csFromNdnSim == nullptr) csMatch = m_cs.find(interest); else { match = m_csFromNdnSim->Lookup(interest.shared_from_this()); csMatch = match.get(); } if (csMatch != 0) { const_cast<Data*>(csMatch)->setIncomingFaceId(FACEID_CONTENT_STORE); // XXX should we lookup PIT for other Interests that also match csMatch? // invoke PIT satisfy callback beforeSatisfyInterest(*pitEntry, *m_csFace, *csMatch); this->dispatchToStrategy(pitEntry, bind(&Strategy::beforeSatisfyInterest, _1, pitEntry, cref(*m_csFace), cref(*csMatch))); // set PIT straggler timer this->setStragglerTimer(pitEntry, true, csMatch->getFreshnessPeriod()); // goto outgoing Data pipeline this->onOutgoingData(*csMatch, inFace); return; } } // insert InRecord pitEntry->insertOrUpdateInRecord(inFace.shared_from_this(), interest); // set PIT unsatisfy timer this->setUnsatisfyTimer(pitEntry); // FIB lookup shared_ptr<fib::Entry> fibEntry = m_fib.findLongestPrefixMatch(*pitEntry); // dispatch to strategy this->dispatchToStrategy(pitEntry, bind(&Strategy::afterReceiveInterest, _1, cref(inFace), cref(interest), fibEntry, pitEntry)); }
inline void CommandInterestValidator::checkPolicy(const Interest& interest, int stepCount, const OnInterestValidated& onValidated, const OnInterestValidationFailed& onValidationFailed, std::vector<shared_ptr<ValidationRequest> >& nextSteps) { const Name& interestName = interest.getName(); //Prepare if (interestName.size() < MIN_LENGTH) return onValidationFailed(interest.shared_from_this(), "Interest is not signed: " + interest.getName().toUri()); Name keyName; try { Signature signature(interestName[POS_SIG_INFO].blockFromValue(), interestName[POS_SIG_VALUE].blockFromValue()); if (signature.getType() != Signature::Sha256WithRsa) return onValidationFailed(interest.shared_from_this(), "Require SignatureSha256WithRsa"); SignatureSha256WithRsa sig(signature); const KeyLocator& keyLocator = sig.getKeyLocator(); if (keyLocator.getType() != KeyLocator::KeyLocator_Name) return onValidationFailed(interest.shared_from_this(), "Key Locator is not a name"); keyName = IdentityCertificate::certificateNameToPublicKeyName(keyLocator.getName()); //Check if command is in the trusted scope bool isInScope = false; for (std::list<SecRuleSpecific>::iterator scopeIt = m_trustScopeForInterest.begin(); scopeIt != m_trustScopeForInterest.end(); ++scopeIt) { if (scopeIt->satisfy(interestName, keyName)) { if (scopeIt->isExempted()) { return onValidated(interest.shared_from_this()); } isInScope = true; break; } } if (isInScope == false) return onValidationFailed(interest.shared_from_this(), "Signer cannot be authorized for the command: " + keyName.toUri()); //Check signature if (!Validator::verifySignature(interestName.wireEncode().value(), interestName.wireEncode().value_size() - interestName[-1].size(), sig, m_trustAnchorsForInterest[keyName])) return onValidationFailed(interest.shared_from_this(), "Signature cannot be validated: " + interest.getName().toUri()); //Check if timestamp is valid time::system_clock::TimePoint interestTime = time::fromUnixTimestamp(time::milliseconds(interestName.get(POS_TIMESTAMP).toNumber())); time::system_clock::TimePoint currentTime = time::system_clock::now(); LastTimestampMap::iterator timestampIt = m_lastTimestamp.find(keyName); if (timestampIt == m_lastTimestamp.end()) { if (!(currentTime - m_graceInterval <= interestTime && interestTime <= currentTime + m_graceInterval)) return onValidationFailed(interest.shared_from_this(), "The command is not in grace interval: " + interest.getName().toUri()); } else { if (interestTime <= timestampIt->second) return onValidationFailed(interest.shared_from_this(), "The command is outdated: " + interest.getName().toUri()); } //Update timestamp if (timestampIt == m_lastTimestamp.end()) { m_lastTimestamp[keyName] = interestTime; } else { timestampIt->second = interestTime; } } catch (Signature::Error& e) { return onValidationFailed(interest.shared_from_this(), "No valid signature"); } catch (IdentityCertificate::Error& e) { return onValidationFailed(interest.shared_from_this(), "Cannot locate the signing key"); } catch (Tlv::Error& e) { return onValidationFailed(interest.shared_from_this(), "Cannot decode signature related TLVs"); } return onValidated(interest.shared_from_this()); }
Entry::Entry(const Interest& interest) : m_interest(interest.shared_from_this()) { }
Entry::Entry(const Interest& interest) : m_interest(interest.shared_from_this()) , m_nameTreeEntry(nullptr) { }