Prefix registration error in mbps sample applications

[phylib]

Starting the sample applications, e.g., app2 frequently causes prefix registration errors. To reproduce the identical environment, spin-up a VM using the following Vagrantfile:

# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
  config.vm.define "dct-dev-1" 
  config.vm.box = "bento/ubuntu-20.04"
  config.vm.hostname = "dct"
  config.vm.provider "virtualbox" do |vb|
    vb.name = "dct-dev-1"
    vb.cpus = "4"
    vb.memory = "8000"
  end
  config.vm.provision "shell", privileged: false, inline: <<-SHELL
    sudo apt-get update
    sudo apt-get -y install gcc-10 g++-10 build-essential \
                            pkg-config python3-minimal libboost-all-dev \
                            libssl-dev libsqlite3-dev libpcap-dev \
                            libsodium-dev libz-dev \
                            liblog4cxx-dev
    sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 100
    sudo update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-10 100
    sudo update-alternatives --install /usr/bin/c++ c++ /usr/bin/g++-10 100
    git clone https://github.com/pollere/NDNpatches
    git clone https://github.com/named-data/ndn-cxx
    cd ndn-cxx
    git apply ../NDNpatches/patch.key-impl
    ./waf configure
    ./waf
    sudo ./waf install
    sudo ldconfig
    cd ..
    git clone https://github.com/named-data/NFD
    cd NFD
    git submodule update --init
    ./waf configure
    ./waf
    sudo ./waf install
    sudo cp /usr/local/etc/ndn/nfd.conf.sample /usr/local/etc/ndn/nfd.conf
    cd ..
    git clone https://github.com/operantnetworks/ndn-ind
    cd ndn-ind
    git apply ../NDNpatches/patch.ndn-ind
    ./configure
    make -j
    sudo make install
    sudo ldconfig
    cd ..
    git clone https://github.com/pollere/DCT
    cd DCT/
    cd tools/
    make -j
    cd ../examples/mbps
    make -j
    wget https://github.com/pollere/DCT/releases/download/v3.0/linux-schemaCompile-bin-1.2.0.tgz
    tar -xzvf linux-schemaCompile-bin-1.2.0.tgz
    rm linux-schemaCompile-bin-1.2.0.tgz
    ./schemaCompile -o mbps1.scm mbps1.trust
    ../../tools/make_cert -s EdDSA -o mbps1.root myNet/mbps1
    ../../tools/schema_cert -o mbps1.schema mbps1.scm mbps1.root
    ../../tools/make_cert -s EdDSA -o alice.cert myNet/mbps1/operator/alice mbps1.root
    ../../tools/make_cert -s EdDSA -o bob.cert myNet/mbps1/operator/bob mbps1.root
    ../../tools/make_cert -s EdDSA -o cathy.cert myNet/mbps1/operator/cathy mbps1.root
    ../../tools/make_bundle -o alice.bundle mbps1.root mbps1.schema +alice.cert
    ../../tools/make_bundle -o bob.bundle mbps1.root mbps1.schema +bob.cert
    ../../tools/make_bundle -o cathy.bundle mbps1.root mbps1.schema +cathy.cert
    cd ../../..
    ndnsec key-gen /ndn/alice
  SHELL
end

The Vagrantfile already creates three identities for the operators "Alice", "Bob", and "Cathy" in the folder DCT/examples/mbps/.

After starting NFD, repeatedly starting app2 causes the following error:

./app2 alice.bundle 
22:50.000232 ERROR /localnet/mbps1/cert  onRegisterFailed /localnet/mbps1/cert
22:50.000232 ERROR ndn.Node      Node::RegisterResponse::operator(): Error in onRegisterFailed: onRegisterFailed /localnet/mbps1/cert

[kmnichols]

My profound apologies. I neglected to push the patch to ndn-cxx that prevents this. It is the cxx-register-bug.patch which is now in the NDNpatches repo. DCT is setting up multiple syncps collections and attempting to register the prefixes. The 1 ms restriction is what causes this issue.

[phylib]

I would like to highlight that this patch allows for potential replay attacks and should be seen as temporary fix only. Thanks for pointing to the error's cause.

[kmnichols]

Okay. Note that the original code does not actually prevent replay (identical Interests) but limits the number of Command Interests to one per millisecond as a sort of proxy for replay prevention code.