From 04be66415eaa271207e8613877b2159062d6db80 Mon Sep 17 00:00:00 2001 From: Mikael Arguedas Date: Thu, 9 Apr 2020 23:48:58 +0200 Subject: [PATCH 1/3] security-context -> enclave Signed-off-by: Mikael Arguedas --- rcl/CMakeLists.txt | 2 +- rcl/include/rcl/arguments.h | 3 +- rcl/include/rcl/graph.h | 10 +-- rcl/include/rcl/security.h | 6 +- ...context_name.h => validate_enclave_name.h} | 50 ++++++------- rcl/src/rcl/arguments.c | 60 ++++++++-------- rcl/src/rcl/arguments_impl.h | 2 +- rcl/src/rcl/graph.c | 18 ++--- rcl/src/rcl/init.c | 24 +++---- rcl/src/rcl/security.c | 12 ++-- ...context_name.c => validate_enclave_name.c} | 70 +++++++++---------- rcl/test/rcl/test_get_node_names.cpp | 24 +++---- rcl/test/rcl/test_security.cpp | 34 ++++----- .../dummy_enclave}/.gitkeep | 0 .../group1/dummy_enclave}/.gitkeep | 0 15 files changed, 158 insertions(+), 157 deletions(-) rename rcl/include/rcl/{validate_security_context_name.h => validate_enclave_name.h} (55%) rename rcl/src/rcl/{validate_security_context_name.c => validate_enclave_name.c} (60%) rename rcl/test/resources/test_security_directory/{contexts/dummy_security_context => enclaves/dummy_enclave}/.gitkeep (100%) rename rcl/test/resources/test_security_directory/{contexts/group1/dummy_security_context => enclaves/group1/dummy_enclave}/.gitkeep (100%) diff --git a/rcl/CMakeLists.txt b/rcl/CMakeLists.txt index 7245207e8..a2244cf38 100644 --- a/rcl/CMakeLists.txt +++ b/rcl/CMakeLists.txt @@ -58,7 +58,7 @@ set(${PROJECT_NAME}_sources src/rcl/subscription.c src/rcl/time.c src/rcl/timer.c - src/rcl/validate_security_context_name.c + src/rcl/validate_enclave_name.c src/rcl/validate_topic_name.c src/rcl/wait.c ) diff --git a/rcl/include/rcl/arguments.h b/rcl/include/rcl/arguments.h index e13ace33f..efdad17e7 100644 --- a/rcl/include/rcl/arguments.h +++ b/rcl/include/rcl/arguments.h @@ -42,7 +42,8 @@ typedef struct rcl_arguments_t #define RCL_PARAM_FILE_FLAG "--params-file" #define RCL_REMAP_FLAG "--remap" #define RCL_SHORT_REMAP_FLAG "-r" -#define RCL_SECURITY_CONTEXT_FLAG "--security-context" +#define RCL_ENCLAVE_FLAG "--enclave" +#define RCL_SHORT_ENCLAVE_FLAG "-e" #define RCL_LOG_LEVEL_FLAG "--log-level" #define RCL_EXTERNAL_LOG_CONFIG_FLAG "--log-config-file" // To be prefixed with --enable- or --disable- diff --git a/rcl/include/rcl/graph.h b/rcl/include/rcl/graph.h index 6614d9fb7..1a53162c4 100644 --- a/rcl/include/rcl/graph.h +++ b/rcl/include/rcl/graph.h @@ -441,9 +441,9 @@ rcl_get_node_names( rcutils_string_array_t * node_names, rcutils_string_array_t * node_namespaces); -/// Return a list of available nodes in the ROS graph, including their security context names. +/// Return a list of available nodes in the ROS graph, including their enclave names. /** - * An \ref rcl_get_node_names equivalent, but including in its output the security context + * An \ref rcl_get_node_names equivalent, but including in its output the enclave * name the node is using. * *
@@ -459,7 +459,7 @@ rcl_get_node_names( * \param[in] allocator used to control allocation and deallocation of names * \param[out] node_names struct storing discovered node names * \param[out] node_namesspaces struct storing discovered node namespaces - * \param[out] security_contexts struct storing discovered node security contexts + * \param[out] enclaves struct storing discovered node enclaves * \return `RCL_RET_OK` if the query was successful, or * \return `RCL_RET_BAD_ALLOC` if an error occurred while allocating memory, or * \return `RCL_RET_ERROR` if an unspecified error occurs. @@ -467,12 +467,12 @@ rcl_get_node_names( RCL_PUBLIC RCL_WARN_UNUSED rcl_ret_t -rcl_get_node_names_with_security_contexts( +rcl_get_node_names_with_enclaves( const rcl_node_t * node, rcl_allocator_t allocator, rcutils_string_array_t * node_names, rcutils_string_array_t * node_namespaces, - rcutils_string_array_t * security_contexts); + rcutils_string_array_t * enclaves); /// Return the number of publishers on a given topic. /** diff --git a/rcl/include/rcl/security.h b/rcl/include/rcl/security.h index ac570d2c0..f4f9fe743 100644 --- a/rcl/include/rcl/security.h +++ b/rcl/include/rcl/security.h @@ -92,9 +92,9 @@ RCL_PUBLIC rcl_ret_t rcl_get_enforcement_policy(rmw_security_enforcement_policy_t * policy); -/// Return the secure root given a security context name. +/// Return the secure root given a enclave name. /** - * Return the security directory associated with the security context name. + * Return the security directory associated with the enclave name. * * The value of the environment variable `ROS_SECURITY_ROOT_DIRECTORY` is used as a root. * The specific directory to be used, is found from that root using the `name` passed. @@ -104,7 +104,7 @@ rcl_get_enforcement_policy(rmw_security_enforcement_policy_t * policy); * However, this expansion can be overridden by setting the secure directory override environment * (`ROS_SECURITY_DIRECTORY_OVERRIDE`) variable, allowing users to explicitly specify the exact secure * root directory to be utilized. - * Such an override is useful for applications where the security context is non-deterministic + * Such an override is useful for applications where the enclave is non-deterministic * before runtime, or when testing and using additional tools that may not otherwise be easily * provisioned. * diff --git a/rcl/include/rcl/validate_security_context_name.h b/rcl/include/rcl/validate_enclave_name.h similarity index 55% rename from rcl/include/rcl/validate_security_context_name.h rename to rcl/include/rcl/validate_enclave_name.h index ceb5c3756..68e15e76e 100644 --- a/rcl/include/rcl/validate_security_context_name.h +++ b/rcl/include/rcl/validate_enclave_name.h @@ -12,8 +12,8 @@ // See the License for the specific language governing permissions and // limitations under the License. -#ifndef RCL__VALIDATE_SECURITY_CONTEXT_NAME_H_ -#define RCL__VALIDATE_SECURITY_CONTEXT_NAME_H_ +#ifndef RCL__VALIDATE_ENCLAVE_NAME_H_ +#define RCL__VALIDATE_ENCLAVE_NAME_H_ #ifdef __cplusplus extern "C" @@ -27,27 +27,27 @@ extern "C" #include "rcl/types.h" #include "rcl/visibility_control.h" -#define RCL_SECURITY_CONTEXT_NAME_VALID RMW_NAMESPACE_VALID -#define RCL_SECURITY_CONTEXT_NAME_INVALID_IS_EMPTY_STRING RMW_NAMESPACE_INVALID_IS_EMPTY_STRING -#define RCL_SECURITY_CONTEXT_NAME_INVALID_NOT_ABSOLUTE RMW_NAMESPACE_INVALID_NOT_ABSOLUTE -#define RCL_SECURITY_CONTEXT_NAME_INVALID_ENDS_WITH_FORWARD_SLASH \ +#define RCL_ENCLAVE_NAME_VALID RMW_NAMESPACE_VALID +#define RCL_ENCLAVE_NAME_INVALID_IS_EMPTY_STRING RMW_NAMESPACE_INVALID_IS_EMPTY_STRING +#define RCL_ENCLAVE_NAME_INVALID_NOT_ABSOLUTE RMW_NAMESPACE_INVALID_NOT_ABSOLUTE +#define RCL_ENCLAVE_NAME_INVALID_ENDS_WITH_FORWARD_SLASH \ RMW_NAMESPACE_INVALID_ENDS_WITH_FORWARD_SLASH -#define RCL_SECURITY_CONTEXT_NAME_INVALID_CONTAINS_UNALLOWED_CHARACTERS \ +#define RCL_ENCLAVE_NAME_INVALID_CONTAINS_UNALLOWED_CHARACTERS \ RMW_NAMESPACE_INVALID_CONTAINS_UNALLOWED_CHARACTERS -#define RCL_SECURITY_CONTEXT_NAME_INVALID_CONTAINS_REPEATED_FORWARD_SLASH \ +#define RCL_ENCLAVE_NAME_INVALID_CONTAINS_REPEATED_FORWARD_SLASH \ RMW_NAMESPACE_INVALID_CONTAINS_REPEATED_FORWARD_SLASH -#define RCL_SECURITY_CONTEXT_NAME_INVALID_NAME_TOKEN_STARTS_WITH_NUMBER \ +#define RCL_ENCLAVE_NAME_INVALID_NAME_TOKEN_STARTS_WITH_NUMBER \ RMW_NAMESPACE_INVALID_NAME_TOKEN_STARTS_WITH_NUMBER -#define RCL_SECURITY_CONTEXT_NAME_INVALID_TOO_LONG RMW_NAMESPACE_INVALID_TOO_LONG +#define RCL_ENCLAVE_NAME_INVALID_TOO_LONG RMW_NAMESPACE_INVALID_TOO_LONG -#define RCL_SECURITY_CONTEXT_NAME_MAX_LENGTH RMW_NODE_NAME_MAX_NAME_LENGTH +#define RCL_ENCLAVE_NAME_MAX_LENGTH RMW_NODE_NAME_MAX_NAME_LENGTH -/// Determine if a given security context name is valid. +/// Determine if a given enclave name is valid. /** * The same rules as \ref rmw_validate_namespace are used. * The only difference is in the maximum allowed length, which can be up to 255 characters. * - * \param[in] security_context security_context to be validated + * \param[in] enclave enclave to be validated * \param[out] validation_result int in which the result of the check is stored * \param[out] invalid_index index of the input string where an error occurred * \returns `RMW_RET_OK` on successfully running the check, or @@ -57,35 +57,35 @@ extern "C" RCL_PUBLIC RCL_WARN_UNUSED rcl_ret_t -rcl_validate_security_context_name( - const char * security_context, +rcl_validate_enclave_name( + const char * enclave, int * validation_result, size_t * invalid_index); -/// Deterimine if a given security context name is valid. +/// Deterimine if a given enclave name is valid. /** - * This is an overload of \ref rcl_validate_security_context_name with an extra parameter - * for the length of security_context. + * This is an overload of \ref rcl_validate_enclave_name with an extra parameter + * for the length of enclave. * - * \param[in] security_context The number of characters in security_context. + * \param[in] enclave The number of characters in enclave. */ RCL_PUBLIC RCL_WARN_UNUSED rcl_ret_t -rcl_validate_security_context_name_with_size( - const char * security_context, - size_t security_context_length, +rcl_validate_enclave_name_with_size( + const char * enclave, + size_t enclave_length, int * validation_result, size_t * invalid_index); -/// Return a validation result description, or NULL if unknown or RCL_SECURITY_CONTEXT_NAME_VALID. +/// Return a validation result description, or NULL if unknown or RCL_ENCLAVE_NAME_VALID. RCL_PUBLIC RCL_WARN_UNUSED const char * -rcl_security_context_name_validation_result_string(int validation_result); +rcl_enclave_name_validation_result_string(int validation_result); #ifdef __cplusplus } #endif -#endif // RCL__VALIDATE_SECURITY_CONTEXT_NAME_H_ +#endif // RCL__VALIDATE_ENCLAVE_NAME_H_ diff --git a/rcl/src/rcl/arguments.c b/rcl/src/rcl/arguments.c index 9bb3cdf62..20db3a594 100644 --- a/rcl/src/rcl/arguments.c +++ b/rcl/src/rcl/arguments.c @@ -190,21 +190,21 @@ _rcl_parse_param_file( rcl_params_t * params, char ** param_file); -/// Parse a security context argument. +/// Parse an enclave argument. /** * \param[in] arg the argument to parse * \param[in] allocator an allocator to use - * \param[in,out] security_context parsed security context - * \return RCL_RET_OK if a valid security context was parsed, or + * \param[in,out] enclave parsed security enclave + * \return RCL_RET_OK if a valid security enclave was parsed, or * \return RCL_RET_BAD_ALLOC if an allocation failed, or * \return RLC_RET_ERROR if an unspecified error occurred. */ RCL_LOCAL rcl_ret_t -_rcl_parse_security_context( +_rcl_parse_enclave( const char * arg, rcl_allocator_t allocator, - char ** security_context); + char ** enclave); #define RCL_ENABLE_FLAG_PREFIX "--enable-" #define RCL_DISABLE_FLAG_PREFIX "--disable-" @@ -495,33 +495,33 @@ rcl_parse_arguments( goto fail; } - // Attempt to parse argument as a security context - if (strcmp(RCL_SECURITY_CONTEXT_FLAG, argv[i]) == 0) { + // Attempt to parse argument as a security enclave + if (strcmp(RCL_ENCLAVE_FLAG, argv[i]) == 0 || strcmp(RCL_SHORT_ENCLAVE_FLAG, argv[i]) == 0) { if (i + 1 < argc) { - if (NULL != args_impl->security_context) { + if (NULL != args_impl->enclave) { RCUTILS_LOG_DEBUG_NAMED( - ROS_PACKAGE_NAME, "Overriding security context name : %s\n", - args_impl->security_context); - allocator.deallocate(args_impl->security_context, allocator.state); - args_impl->security_context = NULL; + ROS_PACKAGE_NAME, "Overriding security enclave : %s\n", + args_impl->enclave); + allocator.deallocate(args_impl->enclave, allocator.state); + args_impl->enclave = NULL; } - if (RCL_RET_OK == _rcl_parse_security_context( - argv[i + 1], allocator, &args_impl->security_context)) + if (RCL_RET_OK == _rcl_parse_enclave( + argv[i + 1], allocator, &args_impl->enclave)) { RCUTILS_LOG_DEBUG_NAMED( - ROS_PACKAGE_NAME, "Got security context : %s\n", - args_impl->security_context); + ROS_PACKAGE_NAME, "Got enclave: %s\n", + args_impl->enclave); ++i; // Skip flag here, for loop will skip value. continue; } rcl_error_string_t prev_error_string = rcl_get_error_string(); rcl_reset_error(); RCL_SET_ERROR_MSG_WITH_FORMAT_STRING( - "Couldn't parse security context name: '%s %s'. Error: %s", argv[i], argv[i + 1], + "Couldn't parse enclave name: '%s %s'. Error: %s", argv[i], argv[i + 1], prev_error_string.str); } else { RCL_SET_ERROR_MSG_WITH_FORMAT_STRING( - "Couldn't parse trailing %s flag. No security context path provided.", argv[i]); + "Couldn't parse trailing %s flag. No enclave path provided.", argv[i]); } ret = RCL_RET_INVALID_ROS_ARGS; goto fail; @@ -920,16 +920,16 @@ rcl_arguments_copy( } } } - char * security_context_copy = rcutils_strdup(args->impl->security_context, allocator); - if (args->impl->security_context && !security_context_copy) { + char * enclave_copy = rcutils_strdup(args->impl->enclave, allocator); + if (args->impl->enclave && !enclave_copy) { if (RCL_RET_OK != rcl_arguments_fini(args_out)) { RCL_SET_ERROR_MSG("Error while finalizing arguments due to another error"); } else { - RCL_SET_ERROR_MSG("Error while copying security context argument"); + RCL_SET_ERROR_MSG("Error while copying enclave argument"); } return RCL_RET_BAD_ALLOC; } - args_out->impl->security_context = security_context_copy; + args_out->impl->enclave = enclave_copy; return RCL_RET_OK; } @@ -977,7 +977,7 @@ rcl_arguments_fini( args->impl->num_param_files_args = 0; args->impl->parameter_files = NULL; } - args->impl->allocator.deallocate(args->impl->security_context, args->impl->allocator.state); + args->impl->allocator.deallocate(args->impl->enclave, args->impl->allocator.state); if (NULL != args->impl->external_log_config_file) { args->impl->allocator.deallocate( @@ -1807,17 +1807,17 @@ _rcl_parse_external_log_config_file( } rcl_ret_t -_rcl_parse_security_context( +_rcl_parse_enclave( const char * arg, rcl_allocator_t allocator, - char ** security_context) + char ** enclave) { RCL_CHECK_ARGUMENT_FOR_NULL(arg, RCL_RET_INVALID_ARGUMENT); - RCL_CHECK_ARGUMENT_FOR_NULL(security_context, RCL_RET_INVALID_ARGUMENT); + RCL_CHECK_ARGUMENT_FOR_NULL(enclave, RCL_RET_INVALID_ARGUMENT); - *security_context = rcutils_strdup(arg, allocator); - if (NULL == *security_context) { - RCL_SET_ERROR_MSG("Failed to allocate memory for security context name"); + *enclave = rcutils_strdup(arg, allocator); + if (NULL == *enclave) { + RCL_SET_ERROR_MSG("Failed to allocate memory for enclave name"); return RCL_RET_BAD_ALLOC; } return RCL_RET_OK; @@ -1925,7 +1925,7 @@ _rcl_allocate_initialized_arguments_impl(rcl_arguments_t * args, rcl_allocator_t args_impl->log_stdout_disabled = false; args_impl->log_rosout_disabled = false; args_impl->log_ext_lib_disabled = false; - args_impl->security_context = NULL; + args_impl->enclave = NULL; args_impl->allocator = *allocator; return RCL_RET_OK; diff --git a/rcl/src/rcl/arguments_impl.h b/rcl/src/rcl/arguments_impl.h index b4f3eff04..7eb32c031 100644 --- a/rcl/src/rcl/arguments_impl.h +++ b/rcl/src/rcl/arguments_impl.h @@ -62,7 +62,7 @@ typedef struct rcl_arguments_impl_t bool log_ext_lib_disabled; /// Security context to be used. - char * security_context; + char * enclave; /// Allocator used to allocate objects in this struct rcl_allocator_t allocator; diff --git a/rcl/src/rcl/graph.c b/rcl/src/rcl/graph.c index 767e00083..9fa3be327 100644 --- a/rcl/src/rcl/graph.c +++ b/rcl/src/rcl/graph.c @@ -340,12 +340,12 @@ rcl_get_node_names( } rcl_ret_t -rcl_get_node_names_with_security_contexts( +rcl_get_node_names_with_enclaves( const rcl_node_t * node, rcl_allocator_t allocator, rcutils_string_array_t * node_names, rcutils_string_array_t * node_namespaces, - rcutils_string_array_t * security_contexts) + rcutils_string_array_t * enclaves) { if (!rcl_node_is_valid(node)) { return RCL_RET_NODE_INVALID; // error already set @@ -368,21 +368,21 @@ rcl_get_node_names_with_security_contexts( RCL_SET_ERROR_MSG("node_namespaces is not null"); return RCL_RET_INVALID_ARGUMENT; } - RCL_CHECK_ARGUMENT_FOR_NULL(security_contexts, RCL_RET_INVALID_ARGUMENT); - if (security_contexts->size != 0) { - RCL_SET_ERROR_MSG("security_contexts size is not zero"); + RCL_CHECK_ARGUMENT_FOR_NULL(enclaves, RCL_RET_INVALID_ARGUMENT); + if (enclaves->size != 0) { + RCL_SET_ERROR_MSG("enclaves size is not zero"); return RCL_RET_INVALID_ARGUMENT; } - if (security_contexts->data) { - RCL_SET_ERROR_MSG("security_contexts is not null"); + if (enclaves->data) { + RCL_SET_ERROR_MSG("enclaves is not null"); return RCL_RET_INVALID_ARGUMENT; } (void)allocator; // to be used in rmw_get_node_names in the future - rmw_ret_t rmw_ret = rmw_get_node_names_with_security_contexts( + rmw_ret_t rmw_ret = rmw_get_node_names_with_enclaves( rcl_node_get_rmw_handle(node), node_names, node_namespaces, - security_contexts); + enclaves); return rcl_convert_rmw_ret_to_rcl_ret(rmw_ret); } diff --git a/rcl/src/rcl/init.c b/rcl/src/rcl/init.c index a5151b275..cbf05c4e1 100644 --- a/rcl/src/rcl/init.c +++ b/rcl/src/rcl/init.c @@ -33,7 +33,7 @@ extern "C" #include "rcl/localhost.h" #include "rcl/logging.h" #include "rcl/security.h" -#include "rcl/validate_security_context_name.h" +#include "rcl/validate_enclave_name.h" #include "./arguments_impl.h" #include "./common.h" @@ -174,35 +174,35 @@ rcl_init( } } - if (context->global_arguments.impl->security_context) { - context->impl->init_options.impl->rmw_init_options.security_context = rcutils_strdup( - context->global_arguments.impl->security_context, + if (context->global_arguments.impl->enclave) { + context->impl->init_options.impl->rmw_init_options.enclave = rcutils_strdup( + context->global_arguments.impl->enclave, context->impl->allocator); } else { - context->impl->init_options.impl->rmw_init_options.security_context = rcutils_strdup( + context->impl->init_options.impl->rmw_init_options.enclave = rcutils_strdup( "/", context->impl->allocator); } int validation_result; size_t invalid_index; - ret = rcl_validate_security_context_name( - context->impl->init_options.impl->rmw_init_options.security_context, + ret = rcl_validate_enclave_name( + context->impl->init_options.impl->rmw_init_options.enclave, &validation_result, &invalid_index); if (RCL_RET_OK != ret) { - RCL_SET_ERROR_MSG("rcl_validate_security_context_name() failed"); + RCL_SET_ERROR_MSG("rcl_validate_enclave_name() failed"); fail_ret = ret; goto fail; } - if (RCL_SECURITY_CONTEXT_NAME_VALID != validation_result) { + if (RCL_ENCLAVE_NAME_VALID != validation_result) { RCL_SET_ERROR_MSG_WITH_FORMAT_STRING( "Security context name is not valid: '%s'. Invalid index: %zu", - rcl_security_context_name_validation_result_string(validation_result), + rcl_enclave_name_validation_result_string(validation_result), invalid_index); fail_ret = RMW_RET_ERROR; goto fail; } - if (!context->impl->init_options.impl->rmw_init_options.security_context) { + if (!context->impl->init_options.impl->rmw_init_options.enclave) { RCL_SET_ERROR_MSG("failed to set context name"); fail_ret = RMW_RET_BAD_ALLOC; goto fail; @@ -211,7 +211,7 @@ rcl_init( rmw_security_options_t * security_options = &context->impl->init_options.impl->rmw_init_options.security_options; ret = rcl_get_security_options_from_environment( - context->impl->init_options.impl->rmw_init_options.security_context, + context->impl->init_options.impl->rmw_init_options.enclave, &context->impl->allocator, security_options); if (RMW_RET_OK != ret) { diff --git a/rcl/src/rcl/security.c b/rcl/src/rcl/security.c index 820d07ac4..8d18ae76b 100644 --- a/rcl/src/rcl/security.c +++ b/rcl/src/rcl/security.c @@ -109,21 +109,21 @@ char * exact_match_lookup( const char * ros_secure_root_env, const rcl_allocator_t * allocator) { - // Perform an exact match for the context name in directory . + // Perform an exact match for the enclave name in directory . char * secure_root = NULL; - char * contexts_dir = NULL; - contexts_dir = rcutils_join_path(ros_secure_root_env, "contexts", *allocator); + char * enclaves_dir = NULL; + enclaves_dir = rcutils_join_path(ros_secure_root_env, "enclaves", *allocator); // "/" case when root namespace is explicitly passed in if (0 == strcmp(name, "/")) { - secure_root = contexts_dir; + secure_root = enclaves_dir; } else { char * relative_path = NULL; // Get native path, ignore the leading forward slash // TODO(ros2team): remove the hard-coded length, use the length of the root namespace instead relative_path = rcutils_to_native_path(name + 1, *allocator); - secure_root = rcutils_join_path(contexts_dir, relative_path, *allocator); + secure_root = rcutils_join_path(enclaves_dir, relative_path, *allocator); allocator->deallocate(relative_path, allocator->state); - allocator->deallocate(contexts_dir, allocator->state); + allocator->deallocate(enclaves_dir, allocator->state); } return secure_root; } diff --git a/rcl/src/rcl/validate_security_context_name.c b/rcl/src/rcl/validate_enclave_name.c similarity index 60% rename from rcl/src/rcl/validate_security_context_name.c rename to rcl/src/rcl/validate_enclave_name.c index 655253af3..0db544d3d 100644 --- a/rcl/src/rcl/validate_security_context_name.c +++ b/rcl/src/rcl/validate_enclave_name.c @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -#include "rcl/validate_security_context_name.h" +#include "rcl/validate_enclave_name.h" #include #include @@ -27,26 +27,26 @@ #include "./common.h" rcl_ret_t -rcl_validate_security_context_name( - const char * security_context, +rcl_validate_enclave_name( + const char * enclave, int * validation_result, size_t * invalid_index) { - if (!security_context) { + if (!enclave) { return RCL_RET_INVALID_ARGUMENT; } - return rcl_validate_security_context_name_with_size( - security_context, strlen(security_context), validation_result, invalid_index); + return rcl_validate_enclave_name_with_size( + enclave, strlen(enclave), validation_result, invalid_index); } rcl_ret_t -rcl_validate_security_context_name_with_size( - const char * security_context, - size_t security_context_length, +rcl_validate_enclave_name_with_size( + const char * enclave, + size_t enclave_length, int * validation_result, size_t * invalid_index) { - if (!security_context) { + if (!enclave) { return RCL_RET_INVALID_ARGUMENT; } if (!validation_result) { @@ -56,7 +56,7 @@ rcl_validate_security_context_name_with_size( int tmp_validation_result; size_t tmp_invalid_index; rmw_ret_t ret = rmw_validate_namespace_with_size( - security_context, security_context_length, &tmp_validation_result, &tmp_invalid_index); + enclave, enclave_length, &tmp_validation_result, &tmp_invalid_index); if (ret != RMW_RET_OK) { return rcl_convert_rmw_ret_to_rcl_ret(ret); } @@ -66,22 +66,22 @@ rcl_validate_security_context_name_with_size( { switch (tmp_validation_result) { case RMW_NAMESPACE_INVALID_IS_EMPTY_STRING: - *validation_result = RCL_SECURITY_CONTEXT_NAME_INVALID_IS_EMPTY_STRING; + *validation_result = RCL_ENCLAVE_NAME_INVALID_IS_EMPTY_STRING; break; case RMW_NAMESPACE_INVALID_NOT_ABSOLUTE: - *validation_result = RCL_SECURITY_CONTEXT_NAME_INVALID_NOT_ABSOLUTE; + *validation_result = RCL_ENCLAVE_NAME_INVALID_NOT_ABSOLUTE; break; case RMW_NAMESPACE_INVALID_ENDS_WITH_FORWARD_SLASH: - *validation_result = RCL_SECURITY_CONTEXT_NAME_INVALID_ENDS_WITH_FORWARD_SLASH; + *validation_result = RCL_ENCLAVE_NAME_INVALID_ENDS_WITH_FORWARD_SLASH; break; case RMW_NAMESPACE_INVALID_CONTAINS_UNALLOWED_CHARACTERS: - *validation_result = RCL_SECURITY_CONTEXT_NAME_INVALID_CONTAINS_UNALLOWED_CHARACTERS; + *validation_result = RCL_ENCLAVE_NAME_INVALID_CONTAINS_UNALLOWED_CHARACTERS; break; case RMW_NAMESPACE_INVALID_CONTAINS_REPEATED_FORWARD_SLASH: - *validation_result = RCL_SECURITY_CONTEXT_NAME_INVALID_CONTAINS_REPEATED_FORWARD_SLASH; + *validation_result = RCL_ENCLAVE_NAME_INVALID_CONTAINS_REPEATED_FORWARD_SLASH; break; case RMW_NAMESPACE_INVALID_NAME_TOKEN_STARTS_WITH_NUMBER: - *validation_result = RCL_SECURITY_CONTEXT_NAME_INVALID_NAME_TOKEN_STARTS_WITH_NUMBER; + *validation_result = RCL_ENCLAVE_NAME_INVALID_NAME_TOKEN_STARTS_WITH_NUMBER; break; default: { @@ -89,12 +89,12 @@ rcl_validate_security_context_name_with_size( // explicitly not taking return value which is number of bytes written int ret = rcutils_snprintf( default_err_msg, sizeof(default_err_msg), - "rcl_validate_security_context_name_with_size(): " + "rcl_validate_enclave_name_with_size(): " "unknown rmw_validate_namespace_with_size() result '%d'", tmp_validation_result); if (ret < 0) { RCL_SET_ERROR_MSG( - "rcl_validate_security_context_name_with_size(): " + "rcl_validate_enclave_name_with_size(): " "rcutils_snprintf() failed while reporting an unknown validation result"); } else { RCL_SET_ERROR_MSG(default_err_msg); @@ -108,45 +108,45 @@ rcl_validate_security_context_name_with_size( return RCL_RET_OK; } - // security_context might be longer that namespace length, check false positives and correct + // enclave might be longer that namespace length, check false positives and correct if (RMW_NAMESPACE_INVALID_TOO_LONG == tmp_validation_result) { - if (RCL_SECURITY_CONTEXT_NAME_MAX_LENGTH >= security_context_length) { - *validation_result = RCL_SECURITY_CONTEXT_NAME_VALID; + if (RCL_ENCLAVE_NAME_MAX_LENGTH >= enclave_length) { + *validation_result = RCL_ENCLAVE_NAME_VALID; } else { - *validation_result = RCL_SECURITY_CONTEXT_NAME_INVALID_TOO_LONG; + *validation_result = RCL_ENCLAVE_NAME_INVALID_TOO_LONG; if (invalid_index) { - *invalid_index = RCL_SECURITY_CONTEXT_NAME_MAX_LENGTH - 1; + *invalid_index = RCL_ENCLAVE_NAME_MAX_LENGTH - 1; } } return RCL_RET_OK; } // everything was ok, set result to valid namespace, avoid setting invalid_index, and return - *validation_result = RCL_SECURITY_CONTEXT_NAME_VALID; + *validation_result = RCL_ENCLAVE_NAME_VALID; return RCL_RET_OK; } const char * -rcl_security_context_name_validation_result_string(int validation_result) +rcl_enclave_name_validation_result_string(int validation_result) { switch (validation_result) { - case RCL_SECURITY_CONTEXT_NAME_VALID: + case RCL_ENCLAVE_NAME_VALID: return NULL; - case RCL_SECURITY_CONTEXT_NAME_INVALID_IS_EMPTY_STRING: + case RCL_ENCLAVE_NAME_INVALID_IS_EMPTY_STRING: return "context name must not be empty"; - case RCL_SECURITY_CONTEXT_NAME_INVALID_NOT_ABSOLUTE: + case RCL_ENCLAVE_NAME_INVALID_NOT_ABSOLUTE: return "context name must be absolute, it must lead with a '/'"; - case RCL_SECURITY_CONTEXT_NAME_INVALID_ENDS_WITH_FORWARD_SLASH: + case RCL_ENCLAVE_NAME_INVALID_ENDS_WITH_FORWARD_SLASH: return "context name must not end with a '/', unless only a '/'"; - case RCL_SECURITY_CONTEXT_NAME_INVALID_CONTAINS_UNALLOWED_CHARACTERS: + case RCL_ENCLAVE_NAME_INVALID_CONTAINS_UNALLOWED_CHARACTERS: return "context name must not contain characters other than alphanumerics, '_', or '/'"; - case RCL_SECURITY_CONTEXT_NAME_INVALID_CONTAINS_REPEATED_FORWARD_SLASH: + case RCL_ENCLAVE_NAME_INVALID_CONTAINS_REPEATED_FORWARD_SLASH: return "context name must not contain repeated '/'"; - case RCL_SECURITY_CONTEXT_NAME_INVALID_NAME_TOKEN_STARTS_WITH_NUMBER: + case RCL_ENCLAVE_NAME_INVALID_NAME_TOKEN_STARTS_WITH_NUMBER: return "context name must not have a token that starts with a number"; - case RCL_SECURITY_CONTEXT_NAME_INVALID_TOO_LONG: + case RCL_ENCLAVE_NAME_INVALID_TOO_LONG: return "context name should not exceed '" - RCUTILS_STRINGIFY(RCL_SECURITY_CONTEXT_NAME_MAX_NAME_LENGTH) "'"; + RCUTILS_STRINGIFY(RCL_ENCLAVE_NAME_MAX_NAME_LENGTH) "'"; default: return "unknown result code for rcl context name validation"; } diff --git a/rcl/test/rcl/test_get_node_names.cpp b/rcl/test/rcl/test_get_node_names.cpp index f57af5d18..734dc1d4a 100644 --- a/rcl/test/rcl/test_get_node_names.cpp +++ b/rcl/test/rcl/test_get_node_names.cpp @@ -165,7 +165,7 @@ TEST_F(CLASSNAME(TestGetNodeNames, RMW_IMPLEMENTATION), test_rcl_get_node_names) } TEST_F( - CLASSNAME(TestGetNodeNames, RMW_IMPLEMENTATION), test_rcl_get_node_names_with_security_contexts) + CLASSNAME(TestGetNodeNames, RMW_IMPLEMENTATION), test_rcl_get_node_names_with_enclave) { rcl_ret_t ret; rcl_init_options_t init_options = rcl_get_zero_initialized_init_options(); @@ -176,8 +176,8 @@ TEST_F( EXPECT_EQ(RCL_RET_OK, rcl_init_options_fini(&init_options)) << rcl_get_error_string().str; }); rcl_context_t context = rcl_get_zero_initialized_context(); - const char * security_context_name = "/default"; - const char * argv[] = {"--ros-args", "--security-context", security_context_name}; + const char * enclave_name = "/enclave"; + const char * argv[] = {"--ros-args", "--enclave", enclave_name}; ret = rcl_init(3, argv, &init_options, &context); ASSERT_EQ(RCL_RET_OK, ret) << rcl_get_error_string().str; OSRF_TESTING_TOOLS_CPP_SCOPE_EXIT( @@ -198,7 +198,7 @@ TEST_F( std::make_tuple( std::string(node1_name), std::string(node1_namespace), - std::string(security_context_name))); + std::string(enclave_name))); rcl_node_t node2 = rcl_get_zero_initialized_node(); const char * node2_name = "node2"; @@ -210,7 +210,7 @@ TEST_F( std::make_tuple( std::string(node2_name), std::string(node2_namespace), - std::string(security_context_name))); + std::string(enclave_name))); rcl_node_t node3 = rcl_get_zero_initialized_node(); const char * node3_name = "node3"; @@ -222,7 +222,7 @@ TEST_F( std::make_tuple( std::string(node3_name), std::string(node3_namespace), - std::string(security_context_name))); + std::string(enclave_name))); rcl_node_t node4 = rcl_get_zero_initialized_node(); const char * node4_name = "node2"; @@ -234,7 +234,7 @@ TEST_F( std::make_tuple( std::string(node4_name), std::string(node4_namespace), - std::string(security_context_name))); + std::string(enclave_name))); rcl_node_t node5 = rcl_get_zero_initialized_node(); const char * node5_name = "node1"; @@ -246,15 +246,15 @@ TEST_F( std::make_tuple( std::string(node5_name), std::string(node5_namespace), - std::string(security_context_name))); + std::string(enclave_name))); std::this_thread::sleep_for(1s); rcutils_string_array_t node_names = rcutils_get_zero_initialized_string_array(); rcutils_string_array_t node_namespaces = rcutils_get_zero_initialized_string_array(); - rcutils_string_array_t security_contexts = rcutils_get_zero_initialized_string_array(); - ret = rcl_get_node_names_with_security_contexts( - &node1, node1_options.allocator, &node_names, &node_namespaces, &security_contexts); + rcutils_string_array_t enclaves = rcutils_get_zero_initialized_string_array(); + ret = rcl_get_node_names_with_enclaves( + &node1, node1_options.allocator, &node_names, &node_namespaces, &enclaves); ASSERT_EQ(RCUTILS_RET_OK, ret) << rcl_get_error_string().str; std::stringstream ss; @@ -269,7 +269,7 @@ TEST_F( std::make_tuple( std::string(node_names.data[i]), std::string(node_namespaces.data[i]), - std::string(security_contexts.data[i]))); + std::string(enclaves.data[i]))); } EXPECT_EQ(discovered_nodes, expected_nodes); diff --git a/rcl/test/rcl/test_security.cpp b/rcl/test/rcl/test_security.cpp index a7b3527fb..b31314100 100644 --- a/rcl/test/rcl/test_security.cpp +++ b/rcl/test/rcl/test_security.cpp @@ -29,8 +29,8 @@ #define TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME "/test_security_directory" -#define TEST_SECURITY_CONTEXT "dummy_security_context" -#define TEST_SECURITY_CONTEXT_ABSOLUTE "/" TEST_SECURITY_CONTEXT +#define TEST_ENCLAVE "dummy_enclave" +#define TEST_ENCLAVE_ABSOLUTE "/" TEST_ENCLAVE #ifndef _WIN32 # define PATH_SEPARATOR "/" @@ -38,8 +38,8 @@ # define PATH_SEPARATOR "\\" #endif -#define TEST_SECURITY_CONTEXT_MULTIPLE_TOKENS \ - "/group1" PATH_SEPARATOR TEST_SECURITY_CONTEXT +#define TEST_ENCLAVE_MULTIPLE_TOKENS \ + "/group1" PATH_SEPARATOR TEST_ENCLAVE char g_envstring[512] = {0}; @@ -120,16 +120,16 @@ class TestGetSecureRoot : public ::testing::Test TEST_F(TestGetSecureRoot, failureScenarios) { EXPECT_EQ( - rcl_get_secure_root(TEST_SECURITY_CONTEXT_ABSOLUTE, &allocator), + rcl_get_secure_root(TEST_ENCLAVE_ABSOLUTE, &allocator), (char *) NULL); rcl_reset_error(); putenv_wrapper(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY); /* Security directory is set, but there's no matching directory */ - /// Wrong security context + /// Wrong enclave EXPECT_EQ( - rcl_get_secure_root("some_other_security_context", &allocator), + rcl_get_secure_root("some_other_enclave", &allocator), (char *) NULL); rcl_reset_error(); } @@ -151,12 +151,12 @@ TEST_F(TestGetSecureRoot, successScenarios_local_exactMatch) { ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME); - secure_root = rcl_get_secure_root(TEST_SECURITY_CONTEXT_ABSOLUTE, &allocator); + secure_root = rcl_get_secure_root(TEST_ENCLAVE_ABSOLUTE, &allocator); ASSERT_NE(nullptr, secure_root); std::string secure_root_str(secure_root); ASSERT_STREQ( - TEST_SECURITY_CONTEXT, - secure_root_str.substr(secure_root_str.size() - strlen(TEST_SECURITY_CONTEXT)).c_str()); + TEST_ENCLAVE, + secure_root_str.substr(secure_root_str.size() - strlen(TEST_ENCLAVE)).c_str()); } TEST_F(TestGetSecureRoot, successScenarios_local_exactMatch_multipleTokensName) { @@ -165,12 +165,12 @@ TEST_F(TestGetSecureRoot, successScenarios_local_exactMatch_multipleTokensName) TEST_RESOURCES_DIRECTORY TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME); secure_root = rcl_get_secure_root( - TEST_SECURITY_CONTEXT_MULTIPLE_TOKENS, &allocator); + TEST_ENCLAVE_MULTIPLE_TOKENS, &allocator); ASSERT_NE(nullptr, secure_root); std::string secure_root_str(secure_root); ASSERT_STREQ( - TEST_SECURITY_CONTEXT, - secure_root_str.substr(secure_root_str.size() - strlen(TEST_SECURITY_CONTEXT)).c_str()); + TEST_ENCLAVE, + secure_root_str.substr(secure_root_str.size() - strlen(TEST_ENCLAVE)).c_str()); } TEST_F(TestGetSecureRoot, nodeSecurityDirectoryOverride_validDirectory) { @@ -198,12 +198,12 @@ TEST_F(TestGetSecureRoot, nodeSecurityDirectoryOverride_invalidDirectory) { ROS_SECURITY_DIRECTORY_OVERRIDE "=TheresN_oWayThi_sDirectory_Exists_hence_this_should_fail"); EXPECT_EQ( - rcl_get_secure_root(TEST_SECURITY_CONTEXT_ABSOLUTE, &allocator), + rcl_get_secure_root(TEST_ENCLAVE_ABSOLUTE, &allocator), (char *) NULL); } TEST_F(TestGetSecureRoot, test_get_security_options) { - /* The override provided should exist. Providing correct security context name/root dir + /* The override provided should exist. Providing correct enclave name/root dir * won't help if the node override is invalid. */ rmw_security_options_t options = rmw_get_zero_initialized_security_options(); putenv_wrapper(ROS_SECURITY_ENABLE_VAR_NAME "=false"); @@ -231,11 +231,11 @@ TEST_F(TestGetSecureRoot, test_get_security_options) { ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME); ret = rcl_get_security_options_from_environment( - TEST_SECURITY_CONTEXT_ABSOLUTE, &allocator, &options); + TEST_ENCLAVE_ABSOLUTE, &allocator, &options); ASSERT_EQ(RMW_RET_OK, ret) << rmw_get_error_string().str; EXPECT_EQ(RMW_SECURITY_ENFORCEMENT_ENFORCE, options.enforce_security); EXPECT_STREQ( TEST_RESOURCES_DIRECTORY TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME - PATH_SEPARATOR "contexts" PATH_SEPARATOR TEST_SECURITY_CONTEXT, + PATH_SEPARATOR "enclaves" PATH_SEPARATOR TEST_ENCLAVE, options.security_root_path); } diff --git a/rcl/test/resources/test_security_directory/contexts/dummy_security_context/.gitkeep b/rcl/test/resources/test_security_directory/enclaves/dummy_enclave/.gitkeep similarity index 100% rename from rcl/test/resources/test_security_directory/contexts/dummy_security_context/.gitkeep rename to rcl/test/resources/test_security_directory/enclaves/dummy_enclave/.gitkeep diff --git a/rcl/test/resources/test_security_directory/contexts/group1/dummy_security_context/.gitkeep b/rcl/test/resources/test_security_directory/enclaves/group1/dummy_enclave/.gitkeep similarity index 100% rename from rcl/test/resources/test_security_directory/contexts/group1/dummy_security_context/.gitkeep rename to rcl/test/resources/test_security_directory/enclaves/group1/dummy_enclave/.gitkeep From 452860344d33ffee8d67263ce2e6f544b9e8a0ce Mon Sep 17 00:00:00 2001 From: Mikael Arguedas Date: Fri, 10 Apr 2020 12:26:20 +0200 Subject: [PATCH 2/3] 'Security context' -> 'Enclave' Signed-off-by: Mikael Arguedas --- rcl/src/rcl/arguments_impl.h | 2 +- rcl/src/rcl/init.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/rcl/src/rcl/arguments_impl.h b/rcl/src/rcl/arguments_impl.h index 7eb32c031..a7e85dd0f 100644 --- a/rcl/src/rcl/arguments_impl.h +++ b/rcl/src/rcl/arguments_impl.h @@ -61,7 +61,7 @@ typedef struct rcl_arguments_impl_t /// A boolean value indicating if the external lib handler should be used for log output bool log_ext_lib_disabled; - /// Security context to be used. + /// Enclave to be used. char * enclave; /// Allocator used to allocate objects in this struct diff --git a/rcl/src/rcl/init.c b/rcl/src/rcl/init.c index cbf05c4e1..539f02835 100644 --- a/rcl/src/rcl/init.c +++ b/rcl/src/rcl/init.c @@ -195,7 +195,7 @@ rcl_init( } if (RCL_ENCLAVE_NAME_VALID != validation_result) { RCL_SET_ERROR_MSG_WITH_FORMAT_STRING( - "Security context name is not valid: '%s'. Invalid index: %zu", + "Enclave name is not valid: '%s'. Invalid index: %zu", rcl_enclave_name_validation_result_string(validation_result), invalid_index); fail_ret = RMW_RET_ERROR; From f0d86fc9cfd65257686f55e62b94c1706e0c3eec Mon Sep 17 00:00:00 2001 From: Mikael Arguedas Date: Fri, 10 Apr 2020 21:21:53 +0200 Subject: [PATCH 3/3] update newly added test Signed-off-by: Mikael Arguedas --- rcl/test/rcl/test_security.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rcl/test/rcl/test_security.cpp b/rcl/test/rcl/test_security.cpp index b31314100..f6b2c5e3a 100644 --- a/rcl/test/rcl/test_security.cpp +++ b/rcl/test/rcl/test_security.cpp @@ -134,7 +134,7 @@ TEST_F(TestGetSecureRoot, failureScenarios) { rcl_reset_error(); } -TEST_F(TestGetSecureRoot, successScenarios_local_root_security_context) { +TEST_F(TestGetSecureRoot, successScenarios_local_root_enclave) { putenv_wrapper( ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "=" TEST_RESOURCES_DIRECTORY TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME); @@ -142,7 +142,7 @@ TEST_F(TestGetSecureRoot, successScenarios_local_root_security_context) { secure_root = rcl_get_secure_root("/", &allocator); ASSERT_NE(nullptr, secure_root); ASSERT_STREQ( - TEST_RESOURCES_DIRECTORY TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME PATH_SEPARATOR "contexts", + TEST_RESOURCES_DIRECTORY TEST_SECURITY_DIRECTORY_RESOURCES_DIR_NAME PATH_SEPARATOR "enclaves", secure_root); }