introduce ignoreValidity in SVS related logic

Author: tianyuan129

std/ndn/client.go

@@ -125,6 +125,8 @@ type ConsumeExtArgs struct {
 	OnProgress func(status ConsumeState)
 	// NoMetadata disables fetching RDR metadata (advanced usage).
 	NoMetadata bool
+	// IgnoreValidity ignores validity period in the validation chain
+	IgnoreValidity optional.Optional[bool]
 }
 
 // ExpressRArgs are the arguments for the express retry API.

std/object/client_consume.go

@@ -63,29 +63,31 @@ func (c *Client) consumeObject(state *ConsumeState) {
 		// if metadata fetching is disabled, just attempt to fetch one segment
 		// with the prefix, then get the versioned name from the segment.
 		if state.args.NoMetadata {
-			c.fetchDataByPrefix(name, state.args.TryStore, func(data ndn.Data, err error) {
-				if err != nil {
-					state.finalizeError(err)
-					return
-				}
-				meta, err := extractSegMetadata(data)
+			c.fetchDataByPrefix(name, state.args.TryStore, state.args.IgnoreValidity.GetOr(false),
+				func(data ndn.Data, err error) {
+					if err != nil {
+						state.finalizeError(err)
+						return
+					}
+					meta, err := extractSegMetadata(data)
+					if err != nil {
+						state.finalizeError(err)
+						return
+					}
+					c.consumeObjectWithMeta(state, meta)
+				})
+			return
+		}
+
+		// fetch RDR metadata for this object
+		c.fetchMetadata(name, state.args.TryStore, state.args.IgnoreValidity.GetOr(false),
+			func(meta *rdr.MetaData, err error) {
 				if err != nil {
 					state.finalizeError(err)
 					return
 				}
 				c.consumeObjectWithMeta(state, meta)
 			})
-			return
-		}
-
-		// fetch RDR metadata for this object
-		c.fetchMetadata(name, state.args.TryStore, func(meta *rdr.MetaData, err error) {
-			if err != nil {
-				state.finalizeError(err)
-				return
-			}
-			c.consumeObjectWithMeta(state, meta)
-		})
 		return
 	}
 
@@ -104,6 +106,7 @@ func (c *Client) consumeObjectWithMeta(state *ConsumeState, meta *rdr.MetaData)
 func (c *Client) fetchMetadata(
 	name enc.Name,
 	tryStore bool,
+	ignoreValidity bool,
 	callback func(meta *rdr.MetaData, err error),
 ) {
 	log.Debug(c, "Fetching object metadata", "name", name)
@@ -126,25 +129,29 @@ func (c *Client) fetchMetadata(
 				callback(nil, fmt.Errorf("%w: fetch metadata failed with result: %s", ndn.ErrNetwork, args.Result))
 				return
 			}
-
-			c.Validate(args.Data, args.SigCovered, func(valid bool, err error) {
-				// validate with trust config
-				if !valid {
-					callback(nil, fmt.Errorf("%w: validate metadata failed: %w", ndn.ErrSecurity, err))
-					return
-				}
-
-				// parse metadata
-				metadata, err := rdr.ParseMetaData(enc.NewWireView(args.Data.Content()), false)
-				if err != nil {
-					callback(nil, fmt.Errorf("%w: failed to parse object metadata: %w", ndn.ErrProtocol, err))
-					return
-				}
-
-				// clone fields for lifetime
-				metadata.Name = metadata.Name.Clone()
-				metadata.FinalBlockID = slices.Clone(metadata.FinalBlockID)
-				callback(metadata, nil)
+			c.ValidateExt(ndn.ValidateExtArgs{
+				Data:           args.Data,
+				SigCovered:     args.SigCovered,
+				IgnoreValidity: optional.Some(ignoreValidity),
+				Callback: func(valid bool, err error) {
+					// validate with trust config
+					if !valid {
+						callback(nil, fmt.Errorf("%w: validate metadata failed: %w", ndn.ErrSecurity, err))
+						return
+					}
+
+					// parse metadata
+					metadata, err := rdr.ParseMetaData(enc.NewWireView(args.Data.Content()), false)
+					if err != nil {
+						callback(nil, fmt.Errorf("%w: failed to parse object metadata: %w", ndn.ErrProtocol, err))
+						return
+					}
+
+					// clone fields for lifetime
+					metadata.Name = metadata.Name.Clone()
+					metadata.FinalBlockID = slices.Clone(metadata.FinalBlockID)
+					callback(metadata, nil)
+				},
 			})
 		},
 	})
@@ -154,6 +161,7 @@ func (c *Client) fetchMetadata(
 func (c *Client) fetchDataByPrefix(
 	name enc.Name,
 	tryStore bool,
+	ignoreValidity bool,
 	callback func(data ndn.Data, err error),
 ) {
 	log.Debug(c, "Fetching data with prefix", "name", name)
@@ -176,14 +184,18 @@ func (c *Client) fetchDataByPrefix(
 				callback(nil, fmt.Errorf("%w: fetch by prefix failed with result: %s", ndn.ErrNetwork, args.Result))
 				return
 			}
-
-			c.Validate(args.Data, args.SigCovered, func(valid bool, err error) {
-				if !valid {
-					callback(nil, fmt.Errorf("%w: validate by prefix failed: %w", ndn.ErrSecurity, err))
-					return
-				}
-
-				callback(args.Data, nil)
+			c.ValidateExt(ndn.ValidateExtArgs{
+				Data:           args.Data,
+				SigCovered:     args.SigCovered,
+				IgnoreValidity: optional.Some(ignoreValidity),
+				Callback: func(valid bool, err error) {
+					if !valid {
+						callback(nil, fmt.Errorf("%w: validate by prefix failed: %w", ndn.ErrSecurity, err))
+						return
+					}
+
+					callback(args.Data, nil)
+				},
 			})
 		},
 	})

std/object/client_consume_seg.go

@@ -283,12 +283,17 @@ func (s *rrSegFetcher) handleResult(args ndn.ExpressCallbackArgs, state *Consume
 // It is necessary that this function be called only from one goroutine - the engine.
 // The notable exception here is when there is a timeout, which has a separate goroutine.
 func (s *rrSegFetcher) handleData(args ndn.ExpressCallbackArgs, state *ConsumeState) {
-	s.client.Validate(args.Data, args.SigCovered, func(valid bool, err error) {
-		if !valid {
-			state.finalizeError(fmt.Errorf("%w: validate seg failed: %w", ndn.ErrSecurity, err))
-		} else {
-			s.handleValidatedData(args, state)
-		}
+	s.client.ValidateExt(ndn.ValidateExtArgs{
+		Data:           args.Data,
+		SigCovered:     args.SigCovered,
+		IgnoreValidity: state.args.IgnoreValidity,
+		Callback: func(valid bool, err error) {
+			if !valid {
+				state.finalizeError(fmt.Errorf("%w: validate seg failed: %w", ndn.ErrSecurity, err))
+			} else {
+				s.handleValidatedData(args, state)
+			}
+		},
 	})
 }
 

std/sync/snapshot_node_history.go

@@ -8,6 +8,7 @@ import (
 	"github.com/named-data/ndnd/std/log"
 	"github.com/named-data/ndnd/std/ndn"
 	"github.com/named-data/ndnd/std/ndn/svs_ps"
+	"github.com/named-data/ndnd/std/types/optional"
 )
 
 const SnapHistoryIndexFreshness = time.Millisecond * 10
@@ -43,6 +44,8 @@ type SnapshotNodeHistory struct {
 
 	// In Repo mode, all snapshots are fetched automtically for persistence.
 	IsRepo bool
+	// IgnoreValidity ignores validity period in the validation chain
+	IgnoreValidity optional.Optional[bool]
 	// repoKnown is the known snapshot sequence number.
 	repoKnown SvMap[uint64]
 
@@ -155,8 +158,12 @@ func (s *SnapshotNodeHistory) idxName(node enc.Name, boot uint64) enc.Name {
 
 // fetchIndex fetches the latest index for a remote node.
 func (s *SnapshotNodeHistory) fetchIndex(node enc.Name, boot uint64, known uint64) {
-	s.Client.Consume(s.idxName(node, boot), func(cstate ndn.ConsumeState) {
-		go s.handleIndex(node, boot, known, cstate)
+	s.Client.ConsumeExt(ndn.ConsumeExtArgs{
+		Name:           s.idxName(node, boot),
+		IgnoreValidity: s.IgnoreValidity,
+		Callback: func(cstate ndn.ConsumeState) {
+			go s.handleIndex(node, boot, known, cstate)
+		},
 	})
 }
 
@@ -199,7 +206,11 @@ func (s *SnapshotNodeHistory) handleIndex(node enc.Name, boot uint64, known uint
 			snapC := make(chan ndn.ConsumeState)
 
 			snapName := s.snapName(node, boot).WithVersion(seqNo)
-			s.Client.Consume(snapName, func(cstate ndn.ConsumeState) { snapC <- cstate })
+			s.Client.ConsumeExt(ndn.ConsumeExtArgs{
+				Name:           snapName,
+				IgnoreValidity: s.IgnoreValidity,
+				Callback: func(cstate ndn.ConsumeState) { snapC <- cstate },
+			})
 
 			scstate := <-snapC
 			if err := scstate.Error(); err != nil {

std/sync/snapshot_node_latest.go

@@ -7,6 +7,7 @@ import (
 	enc "github.com/named-data/ndnd/std/encoding"
 	"github.com/named-data/ndnd/std/log"
 	"github.com/named-data/ndnd/std/ndn"
+	"github.com/named-data/ndnd/std/types/optional"
 )
 
 // SnapshotNodeLatest is a snapshot strategy that takes a snapshot of the
@@ -32,6 +33,8 @@ type SnapshotNodeLatest struct {
 	SnapMe func(enc.Name) (enc.Wire, error)
 	// Threshold is the number of updates before a snapshot is taken.
 	Threshold uint64
+	// IgnoreValidity ignores validity period in the validation chain
+	IgnoreValidity optional.Optional[bool]
 
 	// pss is the struct from the svs layer.
 	pss snapPsState
@@ -113,15 +116,19 @@ func (s *SnapshotNodeLatest) snapName(node enc.Name, boot uint64) enc.Name {
 // fetchSnap fetches the latest snapshot for a remote node.
 func (s *SnapshotNodeLatest) fetchSnap(node enc.Name, boot uint64) {
 	// Discover the latest snapshot
-	s.Client.Consume(s.snapName(node, boot), func(cstate ndn.ConsumeState) {
-		if cstate.Error() != nil {
-			// Do not try too fast in case NFD returns NACK
-			time.AfterFunc(2*time.Second, func() {
+	s.Client.ConsumeExt(ndn.ConsumeExtArgs{
+		Name:           s.snapName(node, boot),
+		IgnoreValidity: s.IgnoreValidity,
+		Callback: func(cstate ndn.ConsumeState) {
+			if cstate.Error() != nil {
+				// Do not try too fast in case NFD returns NACK
+				time.AfterFunc(2*time.Second, func() {
+					s.handleSnap(node, boot, cstate)
+				})
+			} else {
 				s.handleSnap(node, boot, cstate)
-			})
-		} else {
-			s.handleSnap(node, boot, cstate)
-		}
+			}
+		},
 	})
 }
 

std/sync/svs.go

@@ -69,6 +69,8 @@ type SvSyncOpts struct {
 
 	// Passive mode does not send sign Sync Interests
 	Passive bool
+	// IgnoreValidity ignores validity period in the validation chain
+	IgnoreValidity optional.Optional[bool]
 }
 
 type SvSyncUpdate struct {
@@ -511,24 +513,29 @@ func (s *SvSync) onSyncData(dataWire enc.Wire) {
 	}
 
 	// Validate signature
-	s.o.Client.Validate(data, sigCov, func(valid bool, err error) {
-		if !valid || err != nil {
-			log.Warn(s, "SvSync failed to validate signature", "name", data.Name(), "valid", valid, "err", err)
-			return
-		}
+	s.o.Client.ValidateExt(ndn.ValidateExtArgs{
+		Data:           data,
+		SigCovered:     sigCov,
+		IgnoreValidity: s.o.IgnoreValidity,
+		Callback: func(valid bool, err error) {
+			if !valid || err != nil {
+				log.Warn(s, "SvSync failed to validate signature", "name", data.Name(), "valid", valid, "err", err)
+				return
+			}
 
-		// Decode state vector
-		svWire := data.Content().Join()
-		params, err := spec_svs.ParseSvsData(enc.NewBufferView(svWire), false)
-		if err != nil || params.StateVector == nil {
-			log.Warn(s, "onSyncInterest failed to parse StateVec", "err", err)
-			return
-		}
+			// Decode state vector
+			svWire := data.Content().Join()
+			params, err := spec_svs.ParseSvsData(enc.NewBufferView(svWire), false)
+			if err != nil || params.StateVector == nil {
+				log.Warn(s, "onSyncInterest failed to parse StateVec", "err", err)
+				return
+			}
 
-		s.recvSv <- svSyncRecvSvArgs{
-			sv:   params.StateVector,
-			data: dataWire,
-		}
+			s.recvSv <- svSyncRecvSvArgs{
+				sv:   params.StateVector,
+				data: dataWire,
+			}
+		},
 	})
 }
 

std/sync/svs_alo.go

@@ -140,6 +140,14 @@ func NewSvsALO(opts SvsAloOpts) (*SvsALO, error) {
 		}, s.state)
 	}
 
+	// Overeide IgnoreValidity from SVS (incorect but practical)
+	if latest, ok := s.opts.Snapshot.(*SnapshotNodeLatest); ok {
+		latest.IgnoreValidity = s.opts.Svs.IgnoreValidity
+	}
+	if history, ok := s.opts.Snapshot.(*SnapshotNodeHistory); ok {
+		history.IgnoreValidity = s.opts.Svs.IgnoreValidity
+	}
+
 	return s, nil
 }