diff --git a/include/fastdds/rtps/builtin/discovery/participant/PDP.h b/include/fastdds/rtps/builtin/discovery/participant/PDP.h index 4e30f3d9b40..5160bdd32f1 100644 --- a/include/fastdds/rtps/builtin/discovery/participant/PDP.h +++ b/include/fastdds/rtps/builtin/discovery/participant/PDP.h @@ -385,6 +385,16 @@ class PDP return temp_writer_proxies_; } +#if HAVE_SECURITY + virtual bool pairing_remote_writer_with_local_reader_after_security( + const GUID_t& local_reader, + const WriterProxyData& remote_writer_data); + + virtual bool pairing_remote_reader_with_local_writer_after_security( + const GUID_t& local_writer, + const ReaderProxyData& remote_reader_data); +#endif // HAVE_SECURITY + protected: //!Pointer to the builtin protocols object. diff --git a/src/cpp/rtps/builtin/discovery/endpoint/EDPClient.cpp b/src/cpp/rtps/builtin/discovery/endpoint/EDPClient.cpp index 5dbba385624..10398dfa09b 100644 --- a/src/cpp/rtps/builtin/discovery/endpoint/EDPClient.cpp +++ b/src/cpp/rtps/builtin/discovery/endpoint/EDPClient.cpp @@ -46,7 +46,8 @@ bool EDPClient::processLocalReaderProxyData( auto* writer = &subscriptions_writer_; -#if HAVE_SECURITY +// TODO(Miguel C): Re-enable this when EDPServer creates the secure EDP endpoints +#if 0 // HAVE_SECURITY if (local_reader->getAttributes().security_attributes().is_discovery_protected) { writer = &subscriptions_secure_writer_; @@ -79,7 +80,8 @@ bool EDPClient::processLocalWriterProxyData( auto* writer = &publications_writer_; -#if HAVE_SECURITY + // TODO(Miguel C): Re-enable this when EDPServer creates the secure EDP endpoints +#if 0 //HAVE_SECURITY if (local_writer->getAttributes().security_attributes().is_discovery_protected) { writer = &publications_secure_writer_; @@ -110,7 +112,8 @@ bool EDPClient::removeLocalWriter( auto* writer = &publications_writer_; -#if HAVE_SECURITY + // TODO(Miguel C): Re-enable this when EDPServer creates the secure EDP endpoints +#if 0 // HAVE_SECURITY if (W->getAttributes().security_attributes().is_discovery_protected) { writer = &publications_secure_writer_; @@ -163,7 +166,8 @@ bool EDPClient::removeLocalReader( auto* writer = &subscriptions_writer_; -#if HAVE_SECURITY + // TODO(Miguel C): Re-enable this when EDPServer creates the secure EDP endpoints +#if 0 // HAVE_SECURITY if (R->getAttributes().security_attributes().is_discovery_protected) { writer = &subscriptions_secure_writer_; diff --git a/src/cpp/rtps/builtin/discovery/participant/PDP.cpp b/src/cpp/rtps/builtin/discovery/participant/PDP.cpp index 49bd8f7ffff..7b075cb6f74 100644 --- a/src/cpp/rtps/builtin/discovery/participant/PDP.cpp +++ b/src/cpp/rtps/builtin/discovery/participant/PDP.cpp @@ -919,6 +919,23 @@ WriterProxyData* PDP::addWriterProxyData( return nullptr; } +#if HAVE_SECURITY +bool PDP::pairing_remote_writer_with_local_reader_after_security( + const GUID_t& local_reader, + const WriterProxyData& remote_writer_data) +{ + return mp_EDP->pairing_remote_writer_with_local_reader_after_security(local_reader, remote_writer_data); +} + +bool PDP::pairing_remote_reader_with_local_writer_after_security( + const GUID_t& local_writer, + const ReaderProxyData& remote_reader_data) +{ + return mp_EDP->pairing_remote_reader_with_local_writer_after_security(local_writer, remote_reader_data); +} + +#endif // HAVE_SECURITY + bool PDP::remove_remote_participant( const GUID_t& partGUID, ParticipantDiscoveryInfo::DISCOVERY_STATUS reason) diff --git a/src/cpp/rtps/builtin/discovery/participant/PDPClient.cpp b/src/cpp/rtps/builtin/discovery/participant/PDPClient.cpp index d1e19256c4a..822f1a13fe0 100644 --- a/src/cpp/rtps/builtin/discovery/participant/PDPClient.cpp +++ b/src/cpp/rtps/builtin/discovery/participant/PDPClient.cpp @@ -123,21 +123,21 @@ void PDPClient::initializeParticipantProxyData( std::string>({fastdds::dds::parameter_property_ds_version, fastdds::dds::parameter_property_current_ds_version})); - //#if HAVE_SECURITY - // if (getRTPSParticipant()->getAttributes().builtin.discovery_config.m_simpleEDP - // .enable_builtin_secure_publications_writer_and_subscriptions_reader) - // { - // participant_data->m_availableBuiltinEndpoints |= DISC_BUILTIN_ENDPOINT_PUBLICATION_SECURE_ANNOUNCER; - // participant_data->m_availableBuiltinEndpoints |= DISC_BUILTIN_ENDPOINT_SUBSCRIPTION_SECURE_DETECTOR; - // } - // - // if (getRTPSParticipant()->getAttributes().builtin.discovery_config.m_simpleEDP - // .enable_builtin_secure_subscriptions_writer_and_publications_reader) - // { - // participant_data->m_availableBuiltinEndpoints |= DISC_BUILTIN_ENDPOINT_SUBSCRIPTION_SECURE_ANNOUNCER; - // participant_data->m_availableBuiltinEndpoints |= DISC_BUILTIN_ENDPOINT_PUBLICATION_SECURE_DETECTOR; - // } - //#endif +#if HAVE_SECURITY + if (getRTPSParticipant()->getAttributes().builtin.discovery_config.m_simpleEDP + .enable_builtin_secure_publications_writer_and_subscriptions_reader) + { + participant_data->m_availableBuiltinEndpoints |= DISC_BUILTIN_ENDPOINT_PUBLICATION_SECURE_ANNOUNCER; + participant_data->m_availableBuiltinEndpoints |= DISC_BUILTIN_ENDPOINT_SUBSCRIPTION_SECURE_DETECTOR; + } + + if (getRTPSParticipant()->getAttributes().builtin.discovery_config.m_simpleEDP + .enable_builtin_secure_subscriptions_writer_and_publications_reader) + { + participant_data->m_availableBuiltinEndpoints |= DISC_BUILTIN_ENDPOINT_SUBSCRIPTION_SECURE_ANNOUNCER; + participant_data->m_availableBuiltinEndpoints |= DISC_BUILTIN_ENDPOINT_PUBLICATION_SECURE_DETECTOR; + } +#endif // HAVE_SECURITY } @@ -472,11 +472,73 @@ void PDPClient::assignRemoteEndpoints( } } - notifyAboveRemoteEndpoints(*pdata); +#if HAVE_SECURITY + if (mp_RTPSParticipant->security_manager().discovered_participant(*pdata)) +#endif // HAVE_SECURITY + { + perform_builtin_endpoints_matching(*pdata); + } } void PDPClient::notifyAboveRemoteEndpoints( const ParticipantProxyData& pdata) +{ +#if HAVE_SECURITY + if (should_protect_discovery()) + { + eprosima::shared_lock disc_lock(mp_builtin->getDiscoveryMutex()); + + // Verify if this participant is a server + for (auto& svr : mp_builtin->m_DiscoveryServers) + { + if (svr.guidPrefix == pdata.m_guid.guidPrefix) + { + match_pdp_reader_nts_(svr, pdata.m_guid.guidPrefix); + match_pdp_writer_nts_(svr, pdata.m_guid.guidPrefix); + break; + } + } + } +#endif // HAVE_SECURITY + + perform_builtin_endpoints_matching(pdata); +} + +#if HAVE_SECURITY +bool PDPClient::pairing_remote_writer_with_local_reader_after_security( + const GUID_t& local_reader, + const WriterProxyData& remote_writer_data) +{ + auto endpoints = static_cast(builtin_endpoints_.get()); + + if (local_reader == endpoints->reader.reader_->getGuid()) + { + endpoints->reader.reader_->matched_writer_add(remote_writer_data); + return true; + } + + return PDP::pairing_remote_writer_with_local_reader_after_security(local_reader, remote_writer_data); +} + +bool PDPClient::pairing_remote_reader_with_local_writer_after_security( + const GUID_t& local_writer, + const ReaderProxyData& remote_reader_data) +{ + auto endpoints = static_cast(builtin_endpoints_.get()); + + if (local_writer == endpoints->writer.writer_->getGuid()) + { + endpoints->writer.writer_->matched_reader_add(remote_reader_data); + return true; + } + + return PDP::pairing_remote_reader_with_local_writer_after_security(local_writer, remote_reader_data); +} + +#endif // HAVE_SECURITY + +void PDPClient::perform_builtin_endpoints_matching( + const ParticipantProxyData& pdata) { // No EDP notification needed. EDP endpoints would be match when PDP synchronization is granted if (mp_builtin->mp_WLP != nullptr) @@ -517,49 +579,59 @@ void PDPClient::removeRemoteEndpoints( const NetworkFactory& network = mp_RTPSParticipant->network_factory(); uint32_t endp = pdata->m_availableBuiltinEndpoints; uint32_t auxendp = endp; - auxendp &= DISC_BUILTIN_ENDPOINT_PARTICIPANT_ANNOUNCER; + auxendp &= (DISC_BUILTIN_ENDPOINT_PARTICIPANT_ANNOUNCER | DISC_BUILTIN_ENDPOINT_PARTICIPANT_SECURE_ANNOUNCER); if (auxendp != 0) { GUID_t wguid; wguid.guidPrefix = pdata->m_guid.guidPrefix; - wguid.entityId = c_EntityId_SPDPWriter; + wguid.entityId = endpoints->writer.writer_->getGuid().entityId; endpoints->reader.reader_->matched_writer_remove(wguid); - // rematch but discarding any previous state of the server - // because we know the server shutdown intencionally - auto temp_writer_data = get_temporary_writer_proxies_pool().get(); - - temp_writer_data->clear(); - temp_writer_data->guid(wguid); - temp_writer_data->persistence_guid(pdata->get_persistence_guid()); - temp_writer_data->set_persistence_entity_id(c_EntityId_SPDPWriter); - temp_writer_data->set_remote_locators(pdata->metatraffic_locators, network, true); - temp_writer_data->m_qos.m_reliability.kind = RELIABLE_RELIABILITY_QOS; - temp_writer_data->m_qos.m_durability.kind = TRANSIENT_DURABILITY_QOS; - endpoints->reader.reader_->matched_writer_add(*temp_writer_data); +#if HAVE_SECURITY + if (!should_protect_discovery()) +#endif // HAVE_SECURITY + { + // rematch but discarding any previous state of the server + // because we know the server shutdown intentionally + auto temp_writer_data = get_temporary_writer_proxies_pool().get(); + + temp_writer_data->clear(); + temp_writer_data->guid(wguid); + temp_writer_data->persistence_guid(pdata->get_persistence_guid()); + temp_writer_data->set_persistence_entity_id(c_EntityId_SPDPWriter); + temp_writer_data->set_remote_locators(pdata->metatraffic_locators, network, true); + temp_writer_data->m_qos.m_reliability.kind = RELIABLE_RELIABILITY_QOS; + temp_writer_data->m_qos.m_durability.kind = TRANSIENT_DURABILITY_QOS; + endpoints->reader.reader_->matched_writer_add(*temp_writer_data); + } } auxendp = endp; - auxendp &= DISC_BUILTIN_ENDPOINT_PARTICIPANT_DETECTOR; + auxendp &= (DISC_BUILTIN_ENDPOINT_PARTICIPANT_DETECTOR | DISC_BUILTIN_ENDPOINT_PARTICIPANT_SECURE_DETECTOR); if (auxendp != 0) { GUID_t rguid; rguid.guidPrefix = pdata->m_guid.guidPrefix; - rguid.entityId = c_EntityId_SPDPReader; + rguid.entityId = endpoints->reader.reader_->getGuid().entityId; endpoints->writer.writer_->matched_reader_remove(rguid); - auto temp_reader_data = get_temporary_reader_proxies_pool().get(); - - temp_reader_data->clear(); - temp_reader_data->m_expectsInlineQos = false; - temp_reader_data->guid(rguid); - temp_reader_data->set_remote_locators(pdata->metatraffic_locators, network, true); - temp_reader_data->m_qos.m_reliability.kind = RELIABLE_RELIABILITY_QOS; - temp_reader_data->m_qos.m_durability.kind = TRANSIENT_LOCAL_DURABILITY_QOS; - endpoints->writer.writer_->matched_reader_add(*temp_reader_data); +#if HAVE_SECURITY + if (!should_protect_discovery()) +#endif // HAVE_SECURITY + { + auto temp_reader_data = get_temporary_reader_proxies_pool().get(); + + temp_reader_data->clear(); + temp_reader_data->m_expectsInlineQos = false; + temp_reader_data->guid(rguid); + temp_reader_data->set_remote_locators(pdata->metatraffic_locators, network, true); + temp_reader_data->m_qos.m_reliability.kind = RELIABLE_RELIABILITY_QOS; + temp_reader_data->m_qos.m_durability.kind = TRANSIENT_LOCAL_DURABILITY_QOS; + endpoints->writer.writer_->matched_reader_add(*temp_reader_data); + } } } } @@ -674,6 +746,7 @@ void PDPClient::announceParticipantState( } } + // TODO: This should be done with the configuration of the reliable writer direct_send(getRTPSParticipant(), remote_readers, locators, *change); } @@ -723,30 +796,6 @@ void PDPClient::announceParticipantState( } } -bool PDPClient::match_servers_EDP_endpoints() -{ - // PDP must have been initialize - assert(mp_EDP); - - bool all = true; // have all servers been discovered? - - eprosima::shared_lock disc_lock(mp_builtin->getDiscoveryMutex()); - for (auto& svr : mp_builtin->m_DiscoveryServers) - { - all &= (svr.proxy != nullptr); - - if (svr.proxy && !mp_EDP->areRemoteEndpointsMatched(svr.proxy)) - { - EPROSIMA_LOG_INFO(RTPS_PDP, "Client " - << mp_EDP->mp_PDP->getRTPSParticipant()->getGuid() - << " matching servers EDP endpoints"); - mp_EDP->assignRemoteEndpoints(*svr.proxy); - } - } - - return all; -} - void PDPClient::update_remote_servers_list() { auto endpoints = static_cast(builtin_endpoints_.get()); @@ -756,18 +805,23 @@ void PDPClient::update_remote_servers_list() return; } - eprosima::shared_lock disc_lock(mp_builtin->getDiscoveryMutex()); - - for (const eprosima::fastdds::rtps::RemoteServerAttributes& it : mp_builtin->m_DiscoveryServers) +#if HAVE_SECURITY + if (!should_protect_discovery()) +#endif // HAVE_SECURITY { - if (!endpoints->reader.reader_->matched_writer_is_matched(it.GetPDPWriter())) - { - match_pdp_writer_nts_(it); - } + eprosima::shared_lock disc_lock(mp_builtin->getDiscoveryMutex()); - if (!endpoints->writer.writer_->matched_reader_is_matched(it.GetPDPReader())) + for (const eprosima::fastdds::rtps::RemoteServerAttributes& it : mp_builtin->m_DiscoveryServers) { - match_pdp_reader_nts_(it); + if (!endpoints->reader.reader_->matched_writer_is_matched(it.GetPDPWriter())) + { + match_pdp_writer_nts_(it); + } + + if (!endpoints->writer.writer_->matched_reader_is_matched(it.GetPDPReader())) + { + match_pdp_reader_nts_(it); + } } } mp_sync->restart_timer(); @@ -775,34 +829,70 @@ void PDPClient::update_remote_servers_list() void PDPClient::match_pdp_writer_nts_( const eprosima::fastdds::rtps::RemoteServerAttributes& server_att) +{ + match_pdp_writer_nts_(server_att, server_att.guidPrefix); +} + +void PDPClient::match_pdp_writer_nts_( + const eprosima::fastdds::rtps::RemoteServerAttributes& server_att, + const eprosima::fastdds::rtps::GuidPrefix_t& prefix_override) { auto endpoints = static_cast(builtin_endpoints_.get()); const NetworkFactory& network = mp_RTPSParticipant->network_factory(); auto temp_writer_data = get_temporary_writer_proxies_pool().get(); temp_writer_data->clear(); - temp_writer_data->guid(server_att.GetPDPWriter()); + temp_writer_data->guid({ prefix_override, endpoints->writer.writer_->getGuid().entityId }); temp_writer_data->set_multicast_locators(server_att.metatrafficMulticastLocatorList, network); temp_writer_data->set_remote_unicast_locators(server_att.metatrafficUnicastLocatorList, network); temp_writer_data->m_qos.m_durability.kind = TRANSIENT_DURABILITY_QOS; temp_writer_data->m_qos.m_reliability.kind = RELIABLE_RELIABILITY_QOS; - endpoints->reader.reader_->matched_writer_add(*temp_writer_data); +#if HAVE_SECURITY + if (should_protect_discovery()) + { + mp_RTPSParticipant->security_manager().discovered_builtin_writer( + endpoints->reader.reader_->getGuid(), { prefix_override, c_EntityId_RTPSParticipant }, + *temp_writer_data, endpoints->reader.reader_->getAttributes().security_attributes()); + } + else +#endif // HAVE_SECURITY + { + endpoints->reader.reader_->matched_writer_add(*temp_writer_data); + } } void PDPClient::match_pdp_reader_nts_( const eprosima::fastdds::rtps::RemoteServerAttributes& server_att) +{ + match_pdp_reader_nts_(server_att, server_att.guidPrefix); +} + +void PDPClient::match_pdp_reader_nts_( + const eprosima::fastdds::rtps::RemoteServerAttributes& server_att, + const eprosima::fastdds::rtps::GuidPrefix_t& prefix_override) { auto endpoints = static_cast(builtin_endpoints_.get()); const NetworkFactory& network = mp_RTPSParticipant->network_factory(); auto temp_reader_data = get_temporary_reader_proxies_pool().get(); temp_reader_data->clear(); - temp_reader_data->guid(server_att.GetPDPReader()); + temp_reader_data->guid({ prefix_override, endpoints->reader.reader_->getGuid().entityId }); temp_reader_data->set_multicast_locators(server_att.metatrafficMulticastLocatorList, network); temp_reader_data->set_remote_unicast_locators(server_att.metatrafficUnicastLocatorList, network); temp_reader_data->m_qos.m_durability.kind = TRANSIENT_LOCAL_DURABILITY_QOS; temp_reader_data->m_qos.m_reliability.kind = RELIABLE_RELIABILITY_QOS; - endpoints->writer.writer_->matched_reader_add(*temp_reader_data); +#if HAVE_SECURITY + if (should_protect_discovery()) + { + mp_RTPSParticipant->security_manager().discovered_builtin_reader( + endpoints->writer.writer_->getGuid(), { prefix_override, c_EntityId_RTPSParticipant }, + *temp_reader_data, endpoints->writer.writer_->getAttributes().security_attributes()); + } + else +#endif // HAVE_SECURITY + { + endpoints->writer.writer_->matched_reader_add(*temp_reader_data); + } } const std::string& ros_discovery_server_env() @@ -1157,12 +1247,12 @@ bool PDPClient::remove_remote_participant( // Erase Proxies created before having the Participant GUID_t wguid; wguid.guidPrefix = partGUID.guidPrefix; - wguid.entityId = c_EntityId_SPDPWriter; + wguid.entityId = endpoints->writer.writer_->getGuid().entityId; endpoints->reader.reader_->matched_writer_remove(wguid); GUID_t rguid; rguid.guidPrefix = partGUID.guidPrefix; - rguid.entityId = c_EntityId_SPDPReader; + rguid.entityId = endpoints->reader.reader_->getGuid().entityId; endpoints->writer.writer_->matched_reader_remove(rguid); update_remote_servers_list(); diff --git a/src/cpp/rtps/builtin/discovery/participant/PDPClient.h b/src/cpp/rtps/builtin/discovery/participant/PDPClient.h index b754f681401..1098d379fde 100644 --- a/src/cpp/rtps/builtin/discovery/participant/PDPClient.h +++ b/src/cpp/rtps/builtin/discovery/participant/PDPClient.h @@ -135,11 +135,15 @@ class PDPClient : public PDP const GUID_t& participant_guid, ParticipantDiscoveryInfo::DISCOVERY_STATUS reason) override; - /** - * Matching server EDP endpoints - * @return true if all servers have been discovered - */ - bool match_servers_EDP_endpoints(); +#if HAVE_SECURITY + bool pairing_remote_writer_with_local_reader_after_security( + const GUID_t& local_reader, + const WriterProxyData& remote_writer_data) override; + + bool pairing_remote_reader_with_local_writer_after_security( + const GUID_t& local_reader, + const ReaderProxyData& remote_reader_data) override; +#endif // HAVE_SECURITY /* * Update the list of remote servers @@ -168,6 +172,24 @@ class PDPClient : public PDP private: + /** + * Manually match the local PDP reader with the PDP writer of a given server. The function is + * not thread safe (nts) in the sense that it does not take the PDP mutex. It does however take + * temp_data_lock_ + */ + void match_pdp_writer_nts_( + const eprosima::fastdds::rtps::RemoteServerAttributes& server_att, + const eprosima::fastdds::rtps::GuidPrefix_t& prefix_override); + + /** + * Manually match the local PDP writer with the PDP reader of a given server. The function is + * not thread safe (nts) in the sense that it does not take the PDP mutex. It does however take + * temp_data_lock_ + */ + void match_pdp_reader_nts_( + const eprosima::fastdds::rtps::RemoteServerAttributes& server_att, + const eprosima::fastdds::rtps::GuidPrefix_t& prefix_override); + #if HAVE_SECURITY /** * Returns whether discovery should be secured @@ -208,6 +230,12 @@ class PDPClient : public PDP bool create_ds_pdp_best_effort_reader( DiscoveryServerPDPEndpointsSecure& endpoints); + /** + * Provides the functionality of notifyAboveRemoteEndpoints without being an override of that method. + */ + void perform_builtin_endpoints_matching( + const ParticipantProxyData& pdata); + /** * TimedEvent for server synchronization: * first stage: periodically resend the local RTPSParticipant information until diff --git a/src/cpp/rtps/builtin/discovery/participant/PDPServer.cpp b/src/cpp/rtps/builtin/discovery/participant/PDPServer.cpp index eb0a1372f34..aec494360cb 100644 --- a/src/cpp/rtps/builtin/discovery/participant/PDPServer.cpp +++ b/src/cpp/rtps/builtin/discovery/participant/PDPServer.cpp @@ -571,68 +571,143 @@ void PDPServer::initializeParticipantProxyData( std::string>({dds::parameter_property_ds_version, dds::parameter_property_current_ds_version})); } -void PDPServer::assignRemoteEndpoints( - ParticipantProxyData* pdata) +void PDPServer::match_reliable_pdp_endpoints( + const ParticipantProxyData& pdata) { - EPROSIMA_LOG_INFO(RTPS_PDP_SERVER, "Assigning remote endpoint for RTPSParticipant: " << pdata->m_guid.guidPrefix); - auto endpoints = static_cast(builtin_endpoints_.get()); const NetworkFactory& network = mp_RTPSParticipant->network_factory(); - uint32_t endp = pdata->m_availableBuiltinEndpoints; + uint32_t endp = pdata.m_availableBuiltinEndpoints; bool use_multicast_locators = !mp_RTPSParticipant->getAttributes().builtin.avoid_builtin_multicast || - pdata->metatraffic_locators.unicast.empty(); + pdata.metatraffic_locators.unicast.empty(); // only SERVER and CLIENT participants will be received. All builtin must be there - uint32_t auxendp = endp & DISC_BUILTIN_ENDPOINT_PARTICIPANT_ANNOUNCER; + uint32_t auxendp = endp & + (DISC_BUILTIN_ENDPOINT_PARTICIPANT_ANNOUNCER | + DISC_BUILTIN_ENDPOINT_PARTICIPANT_SECURE_ANNOUNCER); if (0 != auxendp) { auto temp_writer_data = get_temporary_writer_proxies_pool().get(); temp_writer_data->clear(); - temp_writer_data->guid().guidPrefix = pdata->m_guid.guidPrefix; - temp_writer_data->guid().entityId = c_EntityId_SPDPWriter; - temp_writer_data->persistence_guid(pdata->get_persistence_guid()); + temp_writer_data->guid().guidPrefix = pdata.m_guid.guidPrefix; + temp_writer_data->guid().entityId = endpoints->writer.writer_->getGuid().entityId; + temp_writer_data->persistence_guid(pdata.get_persistence_guid()); temp_writer_data->set_persistence_entity_id(c_EntityId_SPDPWriter); - temp_writer_data->set_remote_locators(pdata->metatraffic_locators, network, use_multicast_locators); + temp_writer_data->set_remote_locators(pdata.metatraffic_locators, network, use_multicast_locators); temp_writer_data->m_qos.m_reliability.kind = dds::RELIABLE_RELIABILITY_QOS; temp_writer_data->m_qos.m_durability.kind = dds::TRANSIENT_LOCAL_DURABILITY_QOS; - endpoints->reader.reader_->matched_writer_add(*temp_writer_data); +#if HAVE_SECURITY + if (should_protect_discovery()) + { + mp_RTPSParticipant->security_manager().discovered_builtin_writer( + endpoints->reader.reader_->getGuid(), pdata.m_guid, + *temp_writer_data, endpoints->reader.reader_->getAttributes().security_attributes()); + } + else +#endif // HAVE_SECURITY + { + endpoints->reader.reader_->matched_writer_add(*temp_writer_data); + } } else { - EPROSIMA_LOG_ERROR(RTPS_PDP_SERVER, "Participant " << pdata->m_guid.guidPrefix + EPROSIMA_LOG_ERROR(RTPS_PDP_SERVER, "Participant " << pdata.m_guid.guidPrefix << " did not send information about builtin writers"); return; } // only SERVER and CLIENT participants will be received. All builtin must be there - auxendp = endp & DISC_BUILTIN_ENDPOINT_PARTICIPANT_DETECTOR; + auxendp = endp & (DISC_BUILTIN_ENDPOINT_PARTICIPANT_DETECTOR | DISC_BUILTIN_ENDPOINT_PARTICIPANT_SECURE_DETECTOR); if (0 != auxendp) { auto temp_reader_data = get_temporary_reader_proxies_pool().get(); temp_reader_data->clear(); temp_reader_data->m_expectsInlineQos = false; - temp_reader_data->guid().guidPrefix = pdata->m_guid.guidPrefix; - temp_reader_data->guid().entityId = c_EntityId_SPDPReader; - temp_reader_data->set_remote_locators(pdata->metatraffic_locators, network, use_multicast_locators); + temp_reader_data->guid().guidPrefix = pdata.m_guid.guidPrefix; + temp_reader_data->guid().entityId = endpoints->reader.reader_->getGuid().entityId; + temp_reader_data->set_remote_locators(pdata.metatraffic_locators, network, use_multicast_locators); temp_reader_data->m_qos.m_reliability.kind = dds::RELIABLE_RELIABILITY_QOS; temp_reader_data->m_qos.m_durability.kind = dds::TRANSIENT_LOCAL_DURABILITY_QOS; - endpoints->writer.writer_->matched_reader_add(*temp_reader_data); +#if HAVE_SECURITY + if (should_protect_discovery()) + { + mp_RTPSParticipant->security_manager().discovered_builtin_reader( + endpoints->writer.writer_->getGuid(), pdata.m_guid, + *temp_reader_data, endpoints->writer.writer_->getAttributes().security_attributes()); + } + else +#endif // HAVE_SECURITY + { + endpoints->writer.writer_->matched_reader_add(*temp_reader_data); + } } else { - EPROSIMA_LOG_ERROR(RTPS_PDP_SERVER, "Participant " << pdata->m_guid.guidPrefix + EPROSIMA_LOG_ERROR(RTPS_PDP_SERVER, "Participant " << pdata.m_guid.guidPrefix << " did not send information about builtin readers"); return; } +} - //Inform EDP of new RTPSParticipant data: - notifyAboveRemoteEndpoints(*pdata); +void PDPServer::assignRemoteEndpoints( + ParticipantProxyData* pdata) +{ + EPROSIMA_LOG_INFO(RTPS_PDP_SERVER, "Assigning remote endpoint for RTPSParticipant: " << pdata->m_guid.guidPrefix); + + match_reliable_pdp_endpoints(*pdata); + +#if HAVE_SECURITY + if (mp_RTPSParticipant->security_manager().discovered_participant(*pdata)) +#endif // HAVE_SECURITY + { + perform_builtin_endpoints_matching(*pdata); + } } void PDPServer::notifyAboveRemoteEndpoints( const ParticipantProxyData& pdata) +{ +#if HAVE_SECURITY + match_reliable_pdp_endpoints(pdata); +#endif // HAVE_SECURITY +} + +#if HAVE_SECURITY +bool PDPServer::pairing_remote_writer_with_local_reader_after_security( + const GUID_t& local_reader, + const WriterProxyData& remote_writer_data) +{ + auto endpoints = static_cast(builtin_endpoints_.get()); + + if (local_reader == endpoints->reader.reader_->getGuid()) + { + endpoints->reader.reader_->matched_writer_add(remote_writer_data); + return true; + } + + return PDP::pairing_remote_writer_with_local_reader_after_security(local_reader, remote_writer_data); +} + +bool PDPServer::pairing_remote_reader_with_local_writer_after_security( + const GUID_t& local_writer, + const ReaderProxyData& remote_reader_data) +{ + auto endpoints = static_cast(builtin_endpoints_.get()); + + if (local_writer == endpoints->writer.writer_->getGuid()) + { + endpoints->writer.writer_->matched_reader_add(remote_reader_data); + return true; + } + + return PDP::pairing_remote_reader_with_local_writer_after_security(local_writer, remote_reader_data); +} + +#endif // HAVE_SECURITY + +void PDPServer::perform_builtin_endpoints_matching( + const ParticipantProxyData& pdata) { //Inform EDP of new RTPSParticipant data: if (mp_EDP != nullptr) @@ -654,9 +729,9 @@ void PDPServer::removeRemoteEndpoints( auto endpoints = static_cast(builtin_endpoints_.get()); - if (endp & DISC_BUILTIN_ENDPOINT_PARTICIPANT_ANNOUNCER) + if (endp & (DISC_BUILTIN_ENDPOINT_PARTICIPANT_ANNOUNCER | DISC_BUILTIN_ENDPOINT_PARTICIPANT_SECURE_ANNOUNCER)) { - GUID_t writer_guid(pdata->m_guid.guidPrefix, c_EntityId_SPDPWriter); + GUID_t writer_guid(pdata->m_guid.guidPrefix, endpoints->writer.writer_->getGuid().entityId); endpoints->reader.reader_->matched_writer_remove(writer_guid); } else @@ -666,9 +741,9 @@ void PDPServer::removeRemoteEndpoints( return; } - if (endp & DISC_BUILTIN_ENDPOINT_PARTICIPANT_DETECTOR) + if (endp & (DISC_BUILTIN_ENDPOINT_PARTICIPANT_DETECTOR | DISC_BUILTIN_ENDPOINT_PARTICIPANT_SECURE_DETECTOR)) { - GUID_t reader_guid(pdata->m_guid.guidPrefix, c_EntityId_SPDPReader); + GUID_t reader_guid(pdata->m_guid.guidPrefix, endpoints->reader.reader_->getGuid().entityId); endpoints->writer.writer_->matched_reader_remove(reader_guid); } else diff --git a/src/cpp/rtps/builtin/discovery/participant/PDPServer.hpp b/src/cpp/rtps/builtin/discovery/participant/PDPServer.hpp index 1cbc1608d8f..933a91cd3f9 100644 --- a/src/cpp/rtps/builtin/discovery/participant/PDPServer.hpp +++ b/src/cpp/rtps/builtin/discovery/participant/PDPServer.hpp @@ -137,6 +137,16 @@ class PDPServer : public fastrtps::rtps::PDP void notifyAboveRemoteEndpoints( const fastrtps::rtps::ParticipantProxyData& pdata) override; +#if HAVE_SECURITY + bool pairing_remote_writer_with_local_reader_after_security( + const fastrtps::rtps::GUID_t& local_reader, + const fastrtps::rtps::WriterProxyData& remote_writer_data) override; + + bool pairing_remote_reader_with_local_writer_after_security( + const fastrtps::rtps::GUID_t& local_reader, + const fastrtps::rtps::ReaderProxyData& remote_reader_data) override; +#endif // HAVE_SECURITY + //! Get filename for writer persistence database file std::string get_writer_persistence_file_name() const; @@ -346,6 +356,15 @@ class PDPServer : public fastrtps::rtps::PDP bool create_ds_pdp_best_effort_reader( DiscoveryServerPDPEndpointsSecure& endpoints); + /** + * Provides the functionality of notifyAboveRemoteEndpoints without being an override of that method. + */ + void perform_builtin_endpoints_matching( + const fastrtps::rtps::ParticipantProxyData& pdata); + + void match_reliable_pdp_endpoints( + const fastrtps::rtps::ParticipantProxyData& pdata); + //! Server thread eprosima::fastrtps::rtps::ResourceEvent resource_event_thread_; diff --git a/src/cpp/rtps/participant/RTPSParticipantImpl.cpp b/src/cpp/rtps/participant/RTPSParticipantImpl.cpp index 3505645560f..768f632a252 100644 --- a/src/cpp/rtps/participant/RTPSParticipantImpl.cpp +++ b/src/cpp/rtps/participant/RTPSParticipantImpl.cpp @@ -2108,7 +2108,7 @@ bool RTPSParticipantImpl::pairing_remote_reader_with_local_writer_after_security { bool return_value; - return_value = mp_builtinProtocols->mp_PDP->getEDP()->pairing_remote_reader_with_local_writer_after_security( + return_value = mp_builtinProtocols->mp_PDP->pairing_remote_reader_with_local_writer_after_security( local_writer, remote_reader_data); if (!return_value && mp_builtinProtocols->mp_WLP != nullptr) { @@ -2125,7 +2125,7 @@ bool RTPSParticipantImpl::pairing_remote_writer_with_local_reader_after_security { bool return_value; - return_value = mp_builtinProtocols->mp_PDP->getEDP()->pairing_remote_writer_with_local_reader_after_security( + return_value = mp_builtinProtocols->mp_PDP->pairing_remote_writer_with_local_reader_after_security( local_reader, remote_writer_data); if (!return_value && mp_builtinProtocols->mp_WLP != nullptr) { diff --git a/test/communication/secure_ds_simple_secure_msg_crypto_pub.xml b/test/communication/secure_ds_simple_secure_msg_crypto_pub.xml index 854cf1a6e59..b0380b20a77 100644 --- a/test/communication/secure_ds_simple_secure_msg_crypto_pub.xml +++ b/test/communication/secure_ds_simple_secure_msg_crypto_pub.xml @@ -7,7 +7,10 @@ CLIENT + + diff --git a/test/communication/secure_ds_simple_secure_msg_crypto_sub.xml b/test/communication/secure_ds_simple_secure_msg_crypto_sub.xml index 115ae3ddaa5..e413a5c0ab9 100644 --- a/test/communication/secure_ds_simple_secure_msg_crypto_sub.xml +++ b/test/communication/secure_ds_simple_secure_msg_crypto_sub.xml @@ -7,7 +7,10 @@ CLIENT + +