Project

General

Profile

Actions

Bug #2080

closed

examples/producer: certificate does not exist

Added by Junxiao Shi about 10 years ago. Updated about 10 years ago.

Status:
Closed
Priority:
Immediate
Category:
Base
Target version:
Start date:
10/20/2014
Due date:
% Done:

100%

Estimated time:
2.00 h

Description

Steps to reproduce:

rm -rf $HOME/.ndn
build/examples/producer

Expected: ERROR: error while connecting to the forwarder (No such file or directory)

Actual: ERROR: SecPublicInfoSqlite3::getCertificate certificate does not exist

This is a regression caused by commit 6a90f37ebab99764d8d3f7fd8dcae4ff286eb8ee.


Files

patch.patch (983 Bytes) patch.patch Alex Afanasyev, 10/20/2014 09:00 AM
Actions #1

Updated by Junxiao Shi about 10 years ago

  • Status changed from New to In Progress

I'm pretty sure this problem is related to

This commit also removes a deprecated feature in ndn::nfd::Controller::start(
ControlParameter, CommandSuccessCallback, CommandFailCallback,
IdentityCertificate, time::milliseconds), where empty IdentityCertificate()
was previously acceptable as the fourth parameter to pick the default
certificate, but now it's interpreted as a certificate with empty Name.

I have checked NFD, but I didn't check ndn-cxx itself.
And ndn::Face is relying on this feature.

Actions #2

Updated by Alex Afanasyev about 10 years ago

After all, that code wasn't deprecated (I don't even remember why we marked it deprecated).

We either revert the change or the change in the attached patch fixes the problem. Without the fix, as of the commit:6a90f37ebab99764d8d3f7fd8dcae4ff286eb8ee, all apps that are based on ndn-cxx would fail, not just example.

Actions #3

Updated by Alex Afanasyev about 10 years ago

Also. To reproduce the error, you don't need to remove ~/.ndn. The error is related to a bug of using any "default" certificate during prefix registration, not about the missing default cert.

Actions #4

Updated by Junxiao Shi about 10 years ago

I'm not going to put that patch back to nfd-controller.hpp. An IdentityCertificate with empty Name is a valid identity certificate. I'm changing face.hpp to call the correct overload (but this seems tricky).

Actions #5

Updated by Alex Afanasyev about 10 years ago

Actually, this is not true. IdentityCertificate with empty name is an invalid certificate! A valid IdentityCertificate has at least 4 name components, as it must follow <...>/KEY/<...>/<key-id>/ID-CERT/<version>.

Identity's name can be empty and this was the reason I have put default parameter to IdentityCertificate version of the registerPrefix.

Do not introduce more complexity in already complex code. A simple fix would be enough.

Actions #6

Updated by Junxiao Shi about 10 years ago

  • Assignee changed from Junxiao Shi to Alex Afanasyev

OK, I'll let Alex do the fix. Please be sure to add a comment with the reasoning in note-5.

I figured out how to use boost::mpl::if_ to select the other overload, but I can't figure out how to bind to it.

Actions #7

Updated by Alex Afanasyev about 10 years ago

  • Status changed from In Progress to Code review
Actions #8

Updated by Junxiao Shi about 10 years ago

Change is not properly uploaded. If it is indeed uploaded, please paste Change-Id line here.

Actions #9

Updated by Junxiao Shi about 10 years ago

  • Status changed from Code review to Closed
  • % Done changed from 0 to 100
Actions

Also available in: Atom PDF