[Ndn-interest] How to add the SecRuleRelative Rules in validator-regex?
Alex Afanasyev
alexander.afanasyev at ucla.edu
Sat Feb 28 15:45:15 PST 2015
Hi Chengyu,
I assumed there is a documentation for this method, but the commit that adds it is not yet merged. Here is the description we will have soon:
/**
* @brief Construct the rule
* @param packetRegex regular expression to match the packet name that is qualified for the
* the rule (e.g., `^(<.*>)$`)
* @param signerRegex regular expression to match the the KeyLocator of the packet (e.g.,
* `^(<.*>)<KEY>(<.*>)<ID-CERT><>$`)
* @param comparator Defines the way expanded signer's name is matched against expanded
* packet's name. Possible values are:
* - "is-prefix-of"
* - "is-strict-prefix-of"
* - "equal"
* @param packetExpand Expansion rule for packet's name (e.g., `\1`)
* @param signerExpand Expansion rule for signer's name (e.g., `\1\2`)
* @param isPositive flag denoting whether the rule is positive or negative
*
* @note A packet complies with the rule only if both \p packetRegex matches the packet name
* and \p signerRegex matches the KeyLocator name
*/
> On Feb 27, 2015, at 7:59 PM, Chengyu Fan <chengy.fan at gmail.com> wrote:
>
> Could you tell me how the SecRuleRelative Rule works?
>
> Specifically, what's the meaning of each parameter? What conditions the rule will test to make a incoming data satisfy the rule?
> ndn::SecRuleRelative::SecRuleRelative <http://named-data.net/doc/ndn-cxx/0.2.0/doxygen/d6/de6/classndn_1_1SecRuleRelative.html#ae75d154107abd094ad47b9195aa3f896> ( const std::string & dataRegex,
> const std::string & signerRegex,
> const std::string & op,
> const std::string & dataExpand,
> const std::string & signerExpand,
> bool isPositive
> )
>
>
>
> On Fri, Feb 27, 2015 at 1:59 PM, Alex Afanasyev <alexander.afanasyev at ucla.edu <mailto:alexander.afanasyev at ucla.edu>> wrote:
>
>> On Feb 27, 2015, at 12:10 PM, Chengyu Fan <chengy.fan at gmail.com <mailto:chengy.fan at gmail.com>> wrote:
>>
>> Hi,
>>
>> I'm trying to use the validator-regex to validate the incoming data, but I stuck at how to add the SecRuleRelative Rule.
>>
>> Can somebody tell me some clues?
>>
>> Specifically, I find the example in SecurityLibrary(http://redmine.named-data.net/projects/ndn-cxx/wiki/SecurityLibrary <http://redmine.named-data.net/projects/ndn-cxx/wiki/SecurityLibrary>), but I don't understand the RuleRelative rule below ...
>> SecRuleRelative rule("^(<>*)$", "^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$",
>> ">", "\\1", "\\1\\2", true);
>>
>> What's the meaning of ">", "\\1", "\\1\\2" ? Can someone give me an example?
>
> This is just a regular expression rules. \\1 <> (\1, it’s just \ needs to be escaped in c++) refer to th first group of the regular expression, \\2 <> refer to the second group, etc.
>
> There are many documentation sources about regexps, e.g., http://www.boost.org/doc/libs/1_57_0/libs/regex/doc/html/boost_regex/syntax/perl_syntax.html <http://www.boost.org/doc/libs/1_57_0/libs/regex/doc/html/boost_regex/syntax/perl_syntax.html>.
>
> The only difference in our regular expressions is the fact that it is defined over name components, not just strings. There is a documentation for this at http://named-data.net/doc/ndn-cxx/current/tutorials/utils-ndn-regex.html <http://named-data.net/doc/ndn-cxx/current/tutorials/utils-ndn-regex.html>
>
> —
> Alex
>
>
>
>
>
> --
> Thanks,
>
> Chengyu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20150228/3a50ccd2/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20150228/3a50ccd2/attachment.bin>
More information about the Ndn-interest
mailing list