23 #include "../pib/key.hpp" 32 , m_index(m_container.get<0>())
33 , m_queue(m_container.get<1>())
35 if (inner ==
nullptr) {
36 BOOST_THROW_EXCEPTION(std::invalid_argument(
"inner policy is missing"));
56 uint64_t timestamp = 0;
57 std::tie(isOk, keyName, timestamp) = parseCommandInterest(interest, state);
62 if (!checkTimestamp(state, keyName, timestamp)) {
69 ValidationPolicyCommandInterest::cleanup()
73 while ((!m_queue.empty() && m_queue.front().lastRefreshed <= expiring) ||
75 m_queue.size() >
static_cast<size_t>(m_options.
maxRecords))) {
80 std::tuple<bool, Name, uint64_t>
81 ValidationPolicyCommandInterest::parseCommandInterest(
const Interest& interest,
82 const shared_ptr<ValidationState>& state)
const 88 return std::make_tuple(
false,
Name(), 0);
94 interest.
getName().
toUri() +
"` doesn't include timestamp component"});
95 return std::make_tuple(
false,
Name(), 0);
99 if (!state->getOutcome()) {
100 return std::make_tuple(
false,
Name(), 0);
103 return std::make_tuple(
true, klName, timestampComp.
toNumber());
107 ValidationPolicyCommandInterest::checkTimestamp(
const shared_ptr<ValidationState>& state,
108 const Name& keyName, uint64_t timestamp)
114 if (timestampPoint < now - m_options.gracePeriod || timestampPoint > now + m_options.
gracePeriod) {
118 auto it = m_index.find(keyName);
119 if (it != m_index.end()) {
120 if (timestamp <= it->timestamp) {
127 interestState->
afterSuccess.connect(bind(&ValidationPolicyCommandInterest::insertNewRecord,
128 this, _1, keyName, timestamp));
133 ValidationPolicyCommandInterest::insertNewRecord(
const Interest& interest,
const Name& keyName,
140 LastTimestampRecord newRecord{keyName, timestamp, now};
141 std::tie(i, isNew) = m_queue.push_back(newRecord);
144 BOOST_ASSERT(i->keyName == keyName);
148 isNew = m_queue.push_back(newRecord).second;
void setInnerPolicy(unique_ptr< ValidationPolicy > innerPolicy)
Set inner policy.
time::nanoseconds gracePeriod
tolerance of initial timestamp
const Name & getName() const
Copyright (c) 2011-2015 Regents of the University of California.
static time_point now() noexcept
boost::posix_time::time_duration milliseconds(long duration)
represents an Interest packet
ValidationPolicy & getInnerPolicy()
Return the inner policy.
void checkPolicy(const Data &data, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation) override
Check data against the policy.
static time_point now() noexcept
Catch-all error for security policy errors that don't fit in other categories.
Table::const_iterator iterator
std::string toUri() const
Get URI representation of the name.
std::function< void(const shared_ptr< CertificateRequest > &certRequest, const shared_ptr< ValidationState > &state)> ValidationContinuation
static Name getKeyLocatorName(const SignatureInfo &si, ValidationState &state)
Validation state for an interest packet.
util::Signal< InterestValidationState, Interest > afterSuccess
size_t size() const
Get number of components.
const size_t MIN_SIZE
minimal number of components for Command Interest
Represents an absolute name.
const Component & at(ssize_t i) const
Get the component at the given index.
time::nanoseconds recordLifetime
max lifetime of a last timestamp record
ssize_t maxRecords
max number of distinct public keys of which to record the last timestamp
Component holds a read-only name component value.
const ssize_t POS_TIMESTAMP
system_clock::TimePoint fromUnixTimestamp(const milliseconds &duration)
Convert UNIX timestamp to system_clock::TimePoint.
bool isNumber() const
Check if the component is nonNegativeInteger.
virtual void checkPolicy(const Data &data, const shared_ptr< ValidationState > &state, const ValidationContinuation &continueValidation)=0
Check data against the policy.
Represents a Data packet.
uint64_t toNumber() const
Interpret this name component as nonNegativeInteger.
ValidationPolicyCommandInterest(unique_ptr< ValidationPolicy > inner, const Options &options={})
constructor