28 #include <ndn-cxx/util/io.hpp>
29 #include <ndn-cxx/security/identity-certificate.hpp>
31 #include <boost/filesystem.hpp>
58 if (!ss.str().empty())
68 const std::string& filename)
70 using namespace boost::filesystem;
76 if (section.begin() == section.end())
81 std::stringstream dryRunErrors;
82 ConfigSection::const_iterator authIt;
83 for (authIt = section.begin(); authIt != section.end(); authIt++)
88 certfile = authIt->second.get<std::string>(
"certfile");
90 catch (
const std::runtime_error& e)
92 std::string msg =
"No certfile specified";
101 shared_ptr<ndn::IdentityCertificate> id;
103 if (certfile !=
"any")
105 path certfilePath = absolute(certfile, path(filename).parent_path());
106 NFD_LOG_DEBUG(
"generated certfile path: " << certfilePath.native());
109 in.open(certfilePath.c_str());
112 std::string msg =
"Unable to open certificate file " + certfilePath.native();
123 id = ndn::io::load<ndn::IdentityCertificate>(in);
125 catch (
const std::runtime_error& error)
130 if (!static_cast<bool>(
id)) {
131 std::string msg =
"Malformed certificate file " + certfilePath.native();
143 std::string keyNameForLogging;
144 if (static_cast<bool>(
id))
145 keyNameForLogging =
id->getPublicKeyName().toUri();
148 keyNameForLogging =
"wildcard";
149 NFD_LOG_WARN(
"Wildcard identity is intended for demo purpose only and " <<
150 "SHOULD NOT be used in production environment");
155 privileges = &authIt->second.get_child(
"privileges");
157 catch (
const std::runtime_error& error)
159 std::string msg =
"No privileges section found for certificate file " +
160 certfile +
" (" + keyNameForLogging +
")";
169 if (privileges->begin() == privileges->end())
171 NFD_LOG_WARN(
"No privileges specified for certificate file " << certfile
172 <<
" (" << keyNameForLogging <<
")");
175 ConfigSection::const_iterator privIt;
176 for (privIt = privileges->begin(); privIt != privileges->end(); privIt++)
178 const std::string& privilegeName = privIt->first;
179 if (m_supportedPrivileges.find(privilegeName) != m_supportedPrivileges.end())
182 <<
"\" to identity " << keyNameForLogging);
185 const std::string regex =
"^<localhost><nfd><" + privilegeName +
">";
186 if (static_cast<bool>(
id))
187 m_validator.addInterestRule(regex, *
id);
189 m_validator.addInterestBypassRule(regex);
195 std::string msg =
"Invalid privilege \"" + privilegeName +
196 "\" for certificate file " + certfile +
" (" + keyNameForLogging +
")";
206 if (!dryRunErrors.str().empty())
215 if (m_supportedPrivileges.find(privilege) != m_supportedPrivileges.end())
219 m_supportedPrivileges.insert(privilege);
void setConfigFile(ConfigFile &configFile)
#define NFD_LOG_DEBUG(expression)
void onConfig(const ConfigSection §ion, bool isDryRun, const std::string &filename)
#define NFD_LOG_WARN(expression)
#define NFD_LOG_INFO(expression)
void addSectionHandler(const std::string §ionName, ConfigSectionHandler subscriber)
setup notification of configuration file sections
boost::property_tree::ptree ConfigSection
static void aggregateErrors(std::stringstream &ss, const std::string &msg)
#define NFD_LOG_INIT(name)
void addSupportedPrivilege(const std::string &privilege)