Task #1559
closed
Enable wildcard in authorize section of NFD configuration file
Description
The authorize section in NFD configuration specifies how to validate NFD command interest.
For some NFD command interest (such as Face management), validation may not be required.
Therefore it would be desired to support wildcard in the authorize section.
An example would be:
authorize
{
certfile any
privileges
{
faces
}
}
Since NFD use CommandInterestValidator, this change also requires CommandInterestValidator to support wildcard.
Updated by Junxiao Shi almost 10 years ago
- Description updated (diff)
All ControlCommands SHOULD be validated.
If some operation does not need validation, it SHOULD NOT be designed as a ControlCommand.
Updated by Alex Afanasyev almost 10 years ago
Yes. Nobody argues that they "should". The other thing is that we should have a simple ability to turn this validation off, at least for the initial roll out.
This issue is to make sure we have consistent dumb (no-verify) behavior for RIB management and and other FIB management tasks (another option would be to switch FIB authorization to validator-config, but I would expect this to take much longer that this simple hack).
Updated by Alex Afanasyev almost 10 years ago
- Status changed from New to Code review
- % Done changed from 0 to 100
Updated by Alex Afanasyev almost 10 years ago
- Status changed from Code review to In Progress
- % Done changed from 100 to 0
Updated by Yingdi Yu almost 10 years ago
- Status changed from In Progress to Code review
- % Done changed from 0 to 100
Updated by Alex Afanasyev almost 10 years ago
- Status changed from Code review to Closed