<div dir="ltr">Hi Alex,<div><br></div><div>I wrote a toy example to use the SecRuleRelative (the code is listed below ) . </div><div><br></div><div>I thought the data should satisfy the rule, but I always get "unsatisfied" on my ubuntu 14.04.1 ... Could you tell me what's wrong with the code?</div><div><br></div><div>=================</div><div>    Name dataName("/test/site2/user2");<br></div><div><div>    dataName.append("testApp"); // the <b>data name</b> is <b>/test/site2/user2/testApp</b></div></div><div><br></div><div><div>    // Create Data packet</div><div>    static const std::string content = "HELLO WORLD";</div><div>    shared_ptr<Data> data = make_shared<Data>();</div><div>    data->setName(dataName);</div><div>    data->setFreshnessPeriod(time::seconds(10));</div><div>    data->setContent(reinterpret_cast<const uint8_t*>(content.c_str()), content.size());</div></div><div><br></div><div><div>    Name producerId("/test/site2/user2");</div><div>    m_keyChain.signByIdentity(*data, producerId); // now the <b>keyLocator</b> is <b>/test/site2/user2/KEY/ksk-1425277773626/ID-CERT</b></div></div><div><br></div><div>    SecRuleRelative rule("<b>^(<>*)$</b>",</div><div>                         "<b>^([^<KEY>]*)<KEY>(<>*)<dsk-.*><ID-CERT>$</b>",</div><div>                         <b>">", "\\1", "\\1\\2", true</b>);</div><div>    /*  <b>/test/site2/user2/testApp </b>should match the packetRegex "<b>^(<>*)$, </b>expand is <b>/test/site2/user2/testApp</b></div><div><b>  </b>      <b>/test/site2/user2/KEY/ksk-1425277773626/ID-CERT</b> should match the signerRegex, expand is <b>/test/site2/user2/</b></div><div><b>        </b>The data name<b> /test/site2/user2/testApp </b>is<b> under </b>the signer's namespace<b> </b><b>/test/site2/user2/</b></div><div><b>    */</b></div><div><br></div><div>    if (rule.satisfy(*data))</div><div>      std::cout << "satisfied" << std::endl;</div><div>    else {</div><div>      std::cout << "unsatisfied" << std::endl;</div><div>    }</div><div>=================</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Mar 2, 2015 at 9:48 AM, Chengyu Fan <span dir="ltr"><<a href="mailto:chengy.fan@gmail.com" target="_blank">chengy.fan@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Hi Alex,</div><div><br></div>Thanks for the reply.<div><br></div><div>Further questions in line.</div><div class="gmail_extra"><br><div class="gmail_quote"><span class="">On Sat, Feb 28, 2015 at 4:45 PM, Alex Afanasyev <span dir="ltr"><<a href="mailto:alexander.afanasyev@ucla.edu" target="_blank">alexander.afanasyev@ucla.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div style="word-wrap:break-word">Hi Chengyu,<div><br></div><div>I assumed there is a documentation for this method, but the commit that adds it is not yet merged.  Here is the description we will have soon:</div><div><br></div><div><div>  /**</div><div>   * @brief Construct the rule</div><div>   * @param packetRegex regular expression to match the packet name that is qualified for the</div><div>   *                    the rule (e.g., `^(<.*>)$`)</div><div>   * @param signerRegex regular expression to match the the KeyLocator of the packet (e.g.,</div><div>   *                    `^(<.*>)<KEY>(<.*>)<ID-CERT><>$`)</div><div>   * @param comparator Defines the way expanded signer's name is matched against expanded</div><div>   *                   packet's name.  Possible values are:</div><div>   *                     - "is-prefix-of"</div><div>   *                     - "is-strict-prefix-of"</div><div>   *                     - "equal"</div></div></div></blockquote><div><br></div></span><div>Which symbol refers to which value?</div><span class=""><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div style="word-wrap:break-word"><div><div>   * @param packetExpand Expansion rule for packet's name (e.g., `\1`)</div><div>   * @param signerExpand Expansion rule for signer's name (e.g., `\1\2`)</div><div>   * @param isPositive flag denoting whether the rule is positive or negative</div><div>   *</div><div>   * @note A packet complies with the rule only if both \p packetRegex matches the packet name</div><div>   *       and \p signerRegex matches the KeyLocator name</div></div></div></blockquote><div><br></div></span><div>According to the comparator description, I think this function also needs to test if the expanded signer's name matched against the expanded packet's name?</div><div><div class="h5"><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div style="word-wrap:break-word"><div><div>   */</div><div><div><div><br></div><div><br></div><div><blockquote type="cite"><div>On Feb 27, 2015, at 7:59 PM, Chengyu Fan <<a href="mailto:chengy.fan@gmail.com" target="_blank">chengy.fan@gmail.com</a>> wrote:</div><br><div><div dir="ltr">Could you tell me how the SecRuleRelative Rule works? <div><br></div><div>Specifically, what's the meaning of each parameter? What conditions the rule will test to make a incoming data satisfy the rule?</div><div><div><table style="margin:0px 0px 0px 6px;padding:0px;font-family:'Lucida Grande',Verdana,Geneva,Arial,sans-serif;font-size:13px;line-height:1.3;border:0px;font-weight:bold"><tbody style="margin:0px;padding:0px"><tr style="margin:0px;padding:0px"><td style="margin-left:6px;padding:0px;font-size:14px;direction:ltr;vertical-align:bottom"><a href="http://named-data.net/doc/ndn-cxx/0.2.0/doxygen/d6/de6/classndn_1_1SecRuleRelative.html#ae75d154107abd094ad47b9195aa3f896" style="color:rgb(39,149,182);margin:0px;padding:0px;line-height:inherit" target="_blank">ndn::SecRuleRelative::SecRuleRelative</a></td><td style="padding:0px;font-size:14px;direction:ltr;vertical-align:bottom">(</td><td style="padding:0px;font-size:14px;direction:ltr;white-space:nowrap;vertical-align:bottom">const std::string & </td><td style="padding:0px;font-size:14px;direction:ltr;color:rgb(96,32,32);white-space:nowrap;vertical-align:bottom"><span style="margin:0px;padding:0px;line-height:inherit;border:none">dataRegex</span>,</td></tr><tr style="margin:0px;padding:0px"><td style="padding:0px;font-size:14px;direction:ltr;text-align:right;vertical-align:bottom"></td><td style="padding:0px;font-size:14px;direction:ltr;vertical-align:bottom"></td><td style="padding:0px;font-size:14px;direction:ltr;white-space:nowrap;vertical-align:bottom">const std::string & </td><td style="padding:0px;font-size:14px;direction:ltr;color:rgb(96,32,32);white-space:nowrap;vertical-align:bottom"><span style="margin:0px;padding:0px;line-height:inherit;border:none">signerRegex</span>,</td></tr><tr style="margin:0px;padding:0px"><td style="padding:0px;font-size:14px;direction:ltr;text-align:right;vertical-align:bottom"></td><td style="padding:0px;font-size:14px;direction:ltr;vertical-align:bottom"></td><td style="padding:0px;font-size:14px;direction:ltr;white-space:nowrap;vertical-align:bottom">const std::string & </td><td style="padding:0px;font-size:14px;direction:ltr;color:rgb(96,32,32);white-space:nowrap;vertical-align:bottom"><span style="margin:0px;padding:0px;line-height:inherit;border:none">op</span>,</td></tr><tr style="margin:0px;padding:0px"><td style="padding:0px;font-size:14px;direction:ltr;text-align:right;vertical-align:bottom"></td><td style="padding:0px;font-size:14px;direction:ltr;vertical-align:bottom"></td><td style="padding:0px;font-size:14px;direction:ltr;white-space:nowrap;vertical-align:bottom">const std::string & </td><td style="padding:0px;font-size:14px;direction:ltr;color:rgb(96,32,32);white-space:nowrap;vertical-align:bottom"><span style="margin:0px;padding:0px;line-height:inherit;border:none">dataExpand</span>,</td></tr><tr style="margin:0px;padding:0px"><td style="padding:0px;font-size:14px;direction:ltr;text-align:right;vertical-align:bottom"></td><td style="padding:0px;font-size:14px;direction:ltr;vertical-align:bottom"></td><td style="padding:0px;font-size:14px;direction:ltr;white-space:nowrap;vertical-align:bottom">const std::string & </td><td style="padding:0px;font-size:14px;direction:ltr;color:rgb(96,32,32);white-space:nowrap;vertical-align:bottom"><span style="margin:0px;padding:0px;line-height:inherit;border:none">signerExpand</span>,</td></tr><tr style="margin:0px;padding:0px"><td style="padding:0px;font-size:14px;direction:ltr;text-align:right;vertical-align:bottom"></td><td style="padding:0px;font-size:14px;direction:ltr;vertical-align:bottom"></td><td style="padding:0px;font-size:14px;direction:ltr;white-space:nowrap;vertical-align:bottom">bool </td><td style="padding:0px;font-size:14px;direction:ltr;color:rgb(96,32,32);white-space:nowrap;vertical-align:bottom"><span style="margin:0px;padding:0px;line-height:inherit;border:none">isPositive</span> </td></tr><tr style="margin:0px;padding:0px"><td style="font-family:'Lucida Grande',Verdana,Geneva,Arial,sans-serif;padding:0px;font-size:14px;direction:ltr;vertical-align:bottom;color:rgb(50,50,50);background-color:rgb(232,232,232)"></td><td style="font-family:'Lucida Grande',Verdana,Geneva,Arial,sans-serif;padding:0px;font-size:14px;direction:ltr;vertical-align:bottom;color:rgb(50,50,50);background-color:rgb(232,232,232)">)</td></tr></tbody></table></div><div><br></div><div><br></div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Feb 27, 2015 at 1:59 PM, Alex Afanasyev <span dir="ltr"><<a href="mailto:alexander.afanasyev@ucla.edu" target="_blank">alexander.afanasyev@ucla.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div style="word-wrap:break-word"><div><div><br><div><blockquote type="cite"><div>On Feb 27, 2015, at 12:10 PM, Chengyu Fan <<a href="mailto:chengy.fan@gmail.com" target="_blank">chengy.fan@gmail.com</a>> wrote:</div><br><div><div dir="ltr"><div>Hi,</div><div><br></div><div>I'm trying to use the validator-regex to validate the incoming data, but I stuck at how to add the SecRuleRelative Rule.</div><div><br></div>Can somebody tell me some clues?<div><br><div>Specifically, I find the example in SecurityLibrary(<a href="http://redmine.named-data.net/projects/ndn-cxx/wiki/SecurityLibrary" target="_blank">http://redmine.named-data.net/projects/ndn-cxx/wiki/SecurityLibrary</a>), but I don't understand the RuleRelative rule below ...</div><div><pre style="padding:6px 10px;border-radius:3px;margin-right:1em;margin-left:1.6em;border:1px solid rgb(226,226,226);width:auto;color:rgb(72,72,72);font-size:12px;background-color:rgb(250,250,250)"><code>SecRuleRelative rule(<span><span style="color:rgb(68,102,170)">"</span><span style="color:rgb(68,102,170)">^(<>*)$</span><span style="color:rgb(68,102,170)">"</span></span>, <span><span style="color:rgb(68,102,170)">"</span><span style="color:rgb(68,102,170)">^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$</span><span style="color:rgb(68,102,170)">"</span></span>, 
                     <span><span style="color:rgb(68,102,170)">"</span><span style="color:rgb(68,102,170)">></span><span style="color:rgb(68,102,170)">"</span></span>, <span><span style="color:rgb(68,102,170)">"</span><span style="color:rgb(68,102,170)">\\</span><span style="color:rgb(68,102,170)">1</span><span style="color:rgb(68,102,170)">"</span></span>, <span><span style="color:rgb(68,102,170)">"</span><span style="color:rgb(68,102,170)">\\</span><span style="color:rgb(68,102,170)">1</span><span style="color:rgb(68,102,170)">\\</span><span style="color:rgb(68,102,170)">2</span><span style="color:rgb(68,102,170)">"</span></span>, <span style="color:rgb(0,102,153)">true</span>);
</code>
</pre><div>What's the meaning of <span style="color:rgb(72,72,72);font-size:12px;background-color:rgb(250,250,250)"><span style="color:rgb(68,102,170)">"</span><span style="color:rgb(68,102,170)">></span><span style="color:rgb(68,102,170)">"</span></span><span style="color:rgb(72,72,72);font-size:12px;background-color:rgb(250,250,250)">, </span><span style="color:rgb(72,72,72);font-size:12px;background-color:rgb(250,250,250)"><span style="color:rgb(68,102,170)">"</span><span style="color:rgb(68,102,170)">\\</span><span style="color:rgb(68,102,170)">1</span><span style="color:rgb(68,102,170)">"</span></span><span style="color:rgb(72,72,72);font-size:12px;background-color:rgb(250,250,250)">, </span><span style="color:rgb(72,72,72);font-size:12px;background-color:rgb(250,250,250)"><span style="color:rgb(68,102,170)">"</span><span style="color:rgb(68,102,170)">\\</span><span style="color:rgb(68,102,170)">1</span><span style="color:rgb(68,102,170)">\\</span><span style="color:rgb(68,102,170)">2</span><span style="color:rgb(68,102,170)">" </span></span>? Can someone give me an example?</div></div></div></div></div></blockquote><br></div></div></div><div>This is just a regular expression rules.  <a>\\1</a> (\1, it’s just \ needs to be escaped in c++) refer to th first group of the regular expression, <a>\\2</a> refer to the second group, etc.</div><div><br></div><div>There are many documentation sources about regexps, e.g., <a href="http://www.boost.org/doc/libs/1_57_0/libs/regex/doc/html/boost_regex/syntax/perl_syntax.html" target="_blank">http://www.boost.org/doc/libs/1_57_0/libs/regex/doc/html/boost_regex/syntax/perl_syntax.html</a>.</div><div><br></div><div>The only difference in our regular expressions is the fact that it is defined over name components, not just strings.  There is a documentation for this at <a href="http://named-data.net/doc/ndn-cxx/current/tutorials/utils-ndn-regex.html" target="_blank">http://named-data.net/doc/ndn-cxx/current/tutorials/utils-ndn-regex.html</a></div><div><br></div><div>—</div><span><font color="#888888"><div>Alex</div><div><br></div><br></font></span></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div><div dir="ltr"><div>Thanks,</div><div><br></div>Chengyu</div></div>
</div>
</div></blockquote></div><br></div></div></div></div></blockquote></div></div></div><span class="HOEnZb"><font color="#888888"><br><br clear="all"><div><br></div>-- <br><div><div dir="ltr"><div>Thanks,</div><div><br></div>Chengyu</div></div>
</font></span></div></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div>Thanks,</div><div><br></div>Chengyu</div></div>
</div>