Secure PDP exchange (#3175)

* Refs #16603. Initial changes on PDPClient. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Removed unused method on PDPClient. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Matching on PDPClient. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Initial refactor on PDPServer. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Using discovered_builtin_* on PDPClient. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Additional changes on PDPClient. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Fixes on PDPServer::assignRemoteEndpoints. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Fixes on PDPServer::removeRemoteEndpoints. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Perform matching on PDPServer. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Use security manager on PDPServer. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Using discovered_builtin_* on PDPServer. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Pairing endpoints moved to PDP. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Pairing endpoints on PDPClient. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Pairing endpoints on PDPServer. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Uncrustify. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Fixed communications without security. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Take into account that notifyAboveRemoteEndpoints is called only once. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Temporarily disabling secure endpoints on EDPClient. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> * Refs #16603. Temporarily using mangled prefix on system test. Signed-off-by: Miguel Company <MiguelCompany@eprosima.com> Signed-off-by: Miguel Company <MiguelCompany@eprosima.com>
eProsima · Jan 3, 2023 · 727451c · 727451c
1 parent 1b96cf8
commit 727451c
Show file tree

Hide file tree

Showing 10 changed files with 365 additions and 116 deletions.
diff --git a/include/fastdds/rtps/builtin/discovery/participant/PDP.h b/include/fastdds/rtps/builtin/discovery/participant/PDP.h
@@ -385,6 +385,16 @@ class PDP
  return temp_writer_proxies_;
  }
 
+#if HAVE_SECURITY
+ virtual bool pairing_remote_writer_with_local_reader_after_security(
+ const GUID_t& local_reader,
+ const WriterProxyData& remote_writer_data);
+
+ virtual bool pairing_remote_reader_with_local_writer_after_security(
+ const GUID_t& local_writer,
+ const ReaderProxyData& remote_reader_data);
+#endif // HAVE_SECURITY
+
 protected:
 
  //!Pointer to the builtin protocols object.

diff --git a/src/cpp/rtps/builtin/discovery/endpoint/EDPClient.cpp b/src/cpp/rtps/builtin/discovery/endpoint/EDPClient.cpp
@@ -46,7 +46,8 @@ bool EDPClient::processLocalReaderProxyData(
 
  auto* writer = &subscriptions_writer_;
 
-#if HAVE_SECURITY
+// TODO(Miguel C): Re-enable this when EDPServer creates the secure EDP endpoints
+#if 0 // HAVE_SECURITY
  if (local_reader->getAttributes().security_attributes().is_discovery_protected)
  {
  writer = &subscriptions_secure_writer_;
@@ -79,7 +80,8 @@ bool EDPClient::processLocalWriterProxyData(
 
  auto* writer = &publications_writer_;
 
-#if HAVE_SECURITY
+ // TODO(Miguel C): Re-enable this when EDPServer creates the secure EDP endpoints
+#if 0 //HAVE_SECURITY
  if (local_writer->getAttributes().security_attributes().is_discovery_protected)
  {
  writer = &publications_secure_writer_;
@@ -110,7 +112,8 @@ bool EDPClient::removeLocalWriter(
 
  auto* writer = &publications_writer_;
 
-#if HAVE_SECURITY
+ // TODO(Miguel C): Re-enable this when EDPServer creates the secure EDP endpoints
+#if 0 // HAVE_SECURITY
  if (W->getAttributes().security_attributes().is_discovery_protected)
  {
  writer = &publications_secure_writer_;
@@ -163,7 +166,8 @@ bool EDPClient::removeLocalReader(
 
  auto* writer = &subscriptions_writer_;
 
-#if HAVE_SECURITY
+ // TODO(Miguel C): Re-enable this when EDPServer creates the secure EDP endpoints
+#if 0 // HAVE_SECURITY
  if (R->getAttributes().security_attributes().is_discovery_protected)
  {
  writer = &subscriptions_secure_writer_;

diff --git a/src/cpp/rtps/builtin/discovery/participant/PDP.cpp b/src/cpp/rtps/builtin/discovery/participant/PDP.cpp
@@ -919,6 +919,23 @@ WriterProxyData* PDP::addWriterProxyData(
  return nullptr;
 }
 
+#if HAVE_SECURITY
+bool PDP::pairing_remote_writer_with_local_reader_after_security(
+ const GUID_t& local_reader,
+ const WriterProxyData& remote_writer_data)
+{
+ return mp_EDP->pairing_remote_writer_with_local_reader_after_security(local_reader, remote_writer_data);
+}
+
+bool PDP::pairing_remote_reader_with_local_writer_after_security(
+ const GUID_t& local_writer,
+ const ReaderProxyData& remote_reader_data)
+{
+ return mp_EDP->pairing_remote_reader_with_local_writer_after_security(local_writer, remote_reader_data);
+}
+
+#endif // HAVE_SECURITY
+
 bool PDP::remove_remote_participant(
  const GUID_t& partGUID,
  ParticipantDiscoveryInfo::DISCOVERY_STATUS reason)