NDN project issue tracking system: Issueshttps://redmine.named-data.net/https://redmine.named-data.net/favicon.ico?14759811232020-04-20T16:58:26ZNDN project issue tracking system
Redmine ndn-tools - Bug #5103 (Rejected): Does not compile correctly without specifying OpenSSL pathhttps://redmine.named-data.net/issues/51032020-04-20T16:58:26ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>OS: MACOS 10.15.4<br>
Openssl: Installed by HomeBrew</p>
<pre><code>brew list openssl
/usr/local/Cellar/openssl@1.1/1.1.1f/.bottle/etc/ (7 files)
/usr/local/Cellar/openssl@1.1/1.1.1f/bin/c_rehash
/usr/local/Cellar/openssl@1.1/1.1.1f/bin/openssl
/usr/local/Cellar/openssl@1.1/1.1.1f/include/openssl/ (104 files)
/usr/local/Cellar/openssl@1.1/1.1.1f/lib/libcrypto.1.1.dylib
/usr/local/Cellar/openssl@1.1/1.1.1f/lib/libssl.1.1.dylib
/usr/local/Cellar/openssl@1.1/1.1.1f/lib/engines-1.1/ (2 files)
/usr/local/Cellar/openssl@1.1/1.1.1f/lib/pkgconfig/ (3 files)
/usr/local/Cellar/openssl@1.1/1.1.1f/lib/ (4 other files)
/usr/local/Cellar/openssl@1.1/1.1.1f/share/doc/ (3963 files)
/usr/local/Cellar/openssl@1.1/1.1.1f/share/man/ (3963 files)
</code></pre>
<p>Replay the error:</p>
<pre><code>./waf configure
Setting top to : /Users/ZhangZhiyi/Develop/ndn-tools
Setting out to : /Users/ZhangZhiyi/Develop/ndn-tools/build
Checking for 'clang++' (C++ compiler) : /usr/bin/clang++
Checking C++ compiler version : 11.0.0
Checking supported CXXFLAGS : -std=c++14 -isystem /usr/local/include -isystem /opt/local/include
Checking for program 'sphinx-build' : /usr/local/opt/sphinx-doc/bin/sphinx-build
Checking for program 'pkg-config' : /usr/local/bin/pkg-config
Checking for 'libndn-cxx' : yes
Checking for program 'dpkg-architecture' : not found
Checking boost includes : 1.70.0
Checking boost libs : boost_system-mt boost_program_options-mt boost_filesystem-mt
Checking for boost linkage : ok
Checking for 'libpcap' : yes
Checking if struct tcphdr has member th_off : yes
Checking if struct udphdr has member uh_ulen : yes
Checking supported CXXFLAGS : -O2 -g -pedantic -Wall -Wextra -Wnon-virtual-dtor -Wno-unused-parameter -fcolor-diagnostics -Wextra-semi -Wundefined-func-template -Wno-unused-local-typedef
Checking supported LINKFLAGS : not found
Tools to build : peek, ping, dissect, dissect-wireshark, chunks, dump
'configure' finished successfully (2.331s)
</code></pre><pre><code>./waf
Waf: Entering directory `/Users/ZhangZhiyi/Develop/ndn-tools/build'
[ 2/38] Compiling build/core/version.cpp
[ 3/38] Compiling tools/peek/ndnpeek/ndnpeek.cpp
[ 4/38] Compiling tools/peek/ndnpeek/main.cpp
[ 5/38] Compiling tools/peek/ndnpoke/ndnpoke.cpp
[ 6/38] Compiling tools/peek/ndnpoke/main.cpp
[ 7/38] Compiling tools/ping/client/statistics-collector.cpp
[ 8/38] Compiling tools/ping/client/ping.cpp
[ 9/38] Compiling tools/ping/client/tracer.cpp
[10/38] Compiling tools/ping/client/main.cpp
[11/38] Compiling tools/ping/server/tracer.cpp
[12/38] Compiling tools/ping/server/ping-server.cpp
[13/38] Compiling tools/ping/server/main.cpp
[14/38] Compiling tools/dissect/ndn-dissect.cpp
[15/38] Compiling tools/dissect/main.cpp
[16/38] Compiling tools/chunks/catchunks/data-fetcher.cpp
[17/38] Compiling tools/chunks/catchunks/discover-version.cpp
[18/38] Linking build/bin/ndnpoke
ld: library not found for -lcrypto
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Waf: Leaving directory `/Users/ZhangZhiyi/Develop/ndn-tools/build'
Build failed
-> task in 'ndnpoke' failed with exit status 1 (run with -v to display more information)
</code></pre> ndncert - Task #4976 (New): Add unit tests for command line toolshttps://redmine.named-data.net/issues/49762019-07-30T20:38:32ZZhiyi Zhangzhangzhiyi1919@gmail.comndncert - Bug #4966 (Closed): All identities got removed when running Unit Testhttps://redmine.named-data.net/issues/49662019-07-04T23:22:42ZZhiyi Zhangzhangzhiyi1919@gmail.comndn-cxx - Feature #4550 (New): Improve AES support in security::transformhttps://redmine.named-data.net/issues/45502018-03-16T13:37:50ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>Name-based Access Control (NAC) relies AES and RSA encryption/decryption process. <br>
We'd better provide interfaces in ndn-cxx/sec/transform for AES encryption/decryption, and some helper functions for AES key generation and export/import.</p>
NFD - Feature #4510 (Rejected): Allowing the same packet to come in and go out the same facehttps://redmine.named-data.net/issues/45102018-02-18T16:07:01ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>The issue is about NFD's limitation of not allowing the same packet to come in and go out the same face.<br>
When simulating a wireless network, NFD only allows Interest packets to come in and go out the same face, but not Data packet.<br>
Consider the case of wireless forwarding: a node may only have one ad-hoc WiFi network face, so if it wants to serve as part of the path, it needs to help forward both Interest packets, and Data packets.</p>
ndncert - Feature #4455 (Closed): NDN testbed CA should port the issued certificate to repohttps://redmine.named-data.net/issues/44552018-01-11T13:54:53ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>As the title implies, ndncert-ca-server should have the parameter to port the issued cert to repo. If <code>-r</code> and <code>-c</code> are specified, the command line tool should port the issued cert to designated repo service.<br>
For now, it only supports one ca identity to publish issued certificate to repo.</p>
<pre><code>ndncert-ca-server -r -c ca-identity-name
</code></pre>
<p>This function does not belong to the ndncert library but should belong to the command line tool only.</p>
ndncert - Task #4361 (Closed): LIST functionhttps://redmine.named-data.net/issues/43612017-10-27T11:13:26ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>To support the LIST function, we need to update the CA configuration.<br>
For LIST function detail: <a href="https://github.com/named-data/ndncert/wiki/List-Function">https://github.com/named-data/ndncert/wiki/List-Function</a></p>
ndn-cxx - Feature #4350 (New): Combine the direct fetch and key bundlehttps://redmine.named-data.net/issues/43502017-10-19T10:47:01ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>In NLSR, there is a use case to leverage direct fetch to fetch the certificate from a router. Given more than one certificate will be fetched, the key bundle would be a good choice.<br>
We may want to combine direct fetch and key bundle to save RTTs for NLSR.</p>
ndncert - Task #4348 (New): Get rid of the long term storage assumption from NDNCERT CA designhttps://redmine.named-data.net/issues/43482017-10-18T14:22:17ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>We cannot make the assumption that CA will have long term storage. For example, CA may not remember all issued certificates and renewal records.<br>
A possible way is to put extra info into the certificate extension fields.</p>
<p>Besides, we may make use of the certificate extension to do more things. For instance, let CA trust anchor certificate carries ca introduction, and probe instructions? -> a new command tool to generate new cert? or change current key gen to accept mroe info.</p>
ndncert - Feature #4347 (Closed): Mechanisms to fetch CA certificate with configurationhttps://redmine.named-data.net/issues/43472017-10-18T13:58:37ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>CA needs to provide mechanism for requester or other CAs to fetch the certificate with the configuration</p>
ndncert - Feature #4346 (New): Need trust anchor storage support from ndn-cxxhttps://redmine.named-data.net/issues/43462017-10-18T12:37:34ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>In NDNCERT, a CA needs to keep the trust anchors for other CAs.<br>
For instance, ndn testbed root CA /ndn/CA should keep certificates for /ndn/edu/ucla/CA, /ndn/edu/arizona/CA, /ndn/edu/memphis/CA, etc.<br>
The currently available solution is to have NDNCERT app to maintain those certs in file system or in database.</p>
<p>In NDN, trust is an essential thing for signature verifying.<br>
We may want a general storage for those trust anchors, just like the way we use the keychain.<br>
NDN apps could use the trust anchors that are trusted by the device.</p>
<p>Current trust anchor container in ndn-cxx has lifetime same as the validator.<br>
And the container is using the memory for storage.</p>
ndn-cxx - Bug #4339 (Closed): Incorrect interpretation of checker.key-locator in v2:ValidatorConfighttps://redmine.named-data.net/issues/43392017-10-13T13:47:29ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p><code>checker.key-locator</code> is incorrectly interpreted as identity name instead of, as the name suggests, name of the key.</p>
<p>This result in authentication failure with NLSR rules:</p>
<pre><code> rule
{
id "NLSR ControlCommand Rule"
for interest
filter
{
type name
regex ^<localhost><nlsr><prefix-update>[<advertise><withdraw>]<><><>$
}
checker
{
type customized
sig-type rsa-sha256
key-locator
{
type name
regex ^<>*<KEY><>$ ; TODO: correct regex for key name
}
}
}
rule
{
id "NLSR Hierarchy Rule"
for data
filter
{
type name
regex ^[^<KEY>]*<KEY><ksk-.*><ID-CERT><>$
}
checker
{
type hierarchical
sig-type rsa-sha256
}
}
trust-anchor
{
type file
file-name "site.cert"
}
</code></pre>
<p>Expected: success to match command interests and then check against trust anchor</p>
<p>Actual: failure to pass the first checker</p>
<pre><code>1507222563.583 DEBUG: [PrefixUpdateProcessor] reject /localhost/nlsr/prefix-update/advertise/h%19%07%17%08%06prefix%08%02to%08%09advertise/%00%00%01I%9DY%8C%AA/%BF%D0Xr%9B%AF%8E%FD/%16%3D%1B%01%03%1C8%076%08%03edu%08%09test-site%08%0A%C1.Operator%08%09%FD%00%00%01I%9DY%8C%A0%08%03KEY%08%08%C1R%20%29%87O%CF%FE/%17H0F%02%21%00%BB-ZG%0D%06%B6%89%E3%22t%FD%3A%B5%94.WGS%F7%C1%01%15%84%7D%F6%F5t%C4%A8%A5%B8%02%21%00%C8T%12%27%9C%2C%0D%060x%15%C4%DE%03P%B5%CD%88.%AE%B5%D8%5Cc%04_%A2%E2%8A%D9%F3%02 signer=? Validation policy error (KeyLocator check failed: regex ^<>*<KEY><>$ for packet /localhost/nlsr/prefix-update/advertise/h%19%07%17%08%06prefix%08%02to%08%09advertise/%00%00%01I%9DY%8C%AA/%BF%D0Xr%9B%AF%8E%FD is invalid (KeyLocator=/edu/test-site/%C1.Operator/%FD%00%00%01I%9DY%8C%A0/KEY/%C1R%20%29%87O%CF%FE, identity=/edu/test-site/%C1.Operator/%FD%00%00%01I%9DY%8C%A0))
</code></pre> ndn-cxx - Task #4124 (Closed): Add unit tests for security::transform::PublicKey encryption/decry...https://redmine.named-data.net/issues/41242017-06-08T15:41:10ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>Unit tests are needed for encryption/decryption function of <code>security::transform::PublicKey</code>.</p>
repo-ng - Task #4091 (Closed): Adapt to ndn-cxx v2::KeyChain and Validatorhttps://redmine.named-data.net/issues/40912017-05-24T10:24:16ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>Adapt repo-ng codebase to use ndn-cxx <code>v2::KeyChain</code> and <code>v2::Validator</code>.</p>
ChronoSync - Task #4090 (Closed): Urgent bugs caused by ndn-cxx change 3547https://redmine.named-data.net/issues/40902017-05-24T10:23:31ZZhiyi Zhangzhangzhiyi1919@gmail.com
<p>In the ndn-cxx change 3547 "breaking change: Switch Face and related classes to v2::KeyChain", we switch Face and other related classes to v2::KeyChain. This change caused urgent bugs. Given security::v2::KeyChain is exposed as ndn::KeyChain, hope most dependent code can still be compiled.</p>
<p>To fix the urgent bug, one needs to compile and install the latest commit of ndn-cxx change 3547 and compile the project and fix all the urgent bugs.</p>
<p>Here is the corresponding ndn-cxx-breaks run (<a href="https://travis-ci.org/yoursunny/ndn-cxx-breaks/builds/235615592">https://travis-ci.org/yoursunny/ndn-cxx-breaks/builds/235615592</a>).</p>