[Ndn-interest] How to add the SecRuleRelative Rules in validator-regex?

Chengyu Fan chengy.fan at gmail.com
Mon Mar 2 08:48:49 PST 2015 

Hi Alex,

Thanks for the reply.

Further questions in line.

On Sat, Feb 28, 2015 at 4:45 PM, Alex Afanasyev <
alexander.afanasyev at ucla.edu> wrote:

> Hi Chengyu,
>
> I assumed there is a documentation for this method, but the commit that
> adds it is not yet merged.  Here is the description we will have soon:
>
>   /**
>    * @brief Construct the rule
>    * @param packetRegex regular expression to match the packet name that
> is qualified for the
>    *                    the rule (e.g., `^(<.*>)$`)
>    * @param signerRegex regular expression to match the the KeyLocator of
> the packet (e.g.,
>    *                    `^(<.*>)<KEY>(<.*>)<ID-CERT><>$`)
>    * @param comparator Defines the way expanded signer's name is matched
> against expanded
>    *                   packet's name.  Possible values are:
>    *                     - "is-prefix-of"
>    *                     - "is-strict-prefix-of"
>    *                     - "equal"
>

Which symbol refers to which value?


>    * @param packetExpand Expansion rule for packet's name (e.g., `\1`)
>    * @param signerExpand Expansion rule for signer's name (e.g., `\1\2`)
>    * @param isPositive flag denoting whether the rule is positive or
> negative
>    *
>    * @note A packet complies with the rule only if both \p packetRegex
> matches the packet name
>    *       and \p signerRegex matches the KeyLocator name
>

According to the comparator description, I think this function also needs
to test if the expanded signer's name matched against the expanded packet's
name?


>    */
>
>
> On Feb 27, 2015, at 7:59 PM, Chengyu Fan <chengy.fan at gmail.com> wrote:
>
> Could you tell me how the SecRuleRelative Rule works?
>
> Specifically, what's the meaning of each parameter? What conditions the
> rule will test to make a incoming data satisfy the rule?
> ndn::SecRuleRelative::SecRuleRelative
> <http://named-data.net/doc/ndn-cxx/0.2.0/doxygen/d6/de6/classndn_1_1SecRuleRelative.html#ae75d154107abd094ad47b9195aa3f896>
> (const std::string & dataRegex,const std::string & signerRegex,const
> std::string & op,const std::string & dataExpand,const std::string &
> signerExpand,bool isPositive )
>
>
>
> On Fri, Feb 27, 2015 at 1:59 PM, Alex Afanasyev <
> alexander.afanasyev at ucla.edu> wrote:
>
>>
>> On Feb 27, 2015, at 12:10 PM, Chengyu Fan <chengy.fan at gmail.com> wrote:
>>
>> Hi,
>>
>> I'm trying to use the validator-regex to validate the incoming data, but
>> I stuck at how to add the SecRuleRelative Rule.
>>
>> Can somebody tell me some clues?
>>
>> Specifically, I find the example in SecurityLibrary(
>> http://redmine.named-data.net/projects/ndn-cxx/wiki/SecurityLibrary),
>> but I don't understand the RuleRelative rule below ...
>>
>> SecRuleRelative rule("^(<>*)$", "^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$",
>>                      ">", "\\1", "\\1\\2", true);
>>
>> What's the meaning of ">", "\\1", "\\1\\2" ? Can someone give me an
>> example?
>>
>>
>> This is just a regular expression rules.  \\1 (\1, it’s just \ needs to
>> be escaped in c++) refer to th first group of the regular expression, \\2 refer
>> to the second group, etc.
>>
>> There are many documentation sources about regexps, e.g.,
>> http://www.boost.org/doc/libs/1_57_0/libs/regex/doc/html/boost_regex/syntax/perl_syntax.html
>> .
>>
>> The only difference in our regular expressions is the fact that it is
>> defined over name components, not just strings.  There is a documentation
>> for this at
>> http://named-data.net/doc/ndn-cxx/current/tutorials/utils-ndn-regex.html
>>
>>>> Alex
>>
>>
>>
>
>
> --
> Thanks,
>
> Chengyu
>
>
>


-- 
Thanks,

Chengyu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20150302/18f38caf/attachment.html>

More information about the Ndn-interest mailing list