DDS Security built-in Access Control plugin

This commit adds the build-in Access Control plugin that is part of the DDS Security implementation for Cyclone. The Access Control Plugin API defines the types and operations necessary to support an access control mechanism for DDS Domain Participants. Similar to other builtin plugins, the DDS Security access control plugin is built as a shared library to allow dynamic library loading on runtime. This enables DDS participants to use specific plugin implementations with different configurations. This commit includes some basic tests for the access control functions. This initial version of the plugin does not support permissions expiry (not-valid-after date in permissions configuration). Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com> Process review comments for access control plugin Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com> Part 2 of processing review changes for access control Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com> Add test for topicname dcps, add comment for xml date parser Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com> Fixed an bug in leap year count for year 2200, changed the rounding for sub-ns fraction and added an additional overflow test in DDS_Security_parse_xml_date Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
2019-11-21 12:01:34 +01:00 · 2019-11-21 12:01:34 +01:00 · 3b4facbd45
commit 3b4facbd45
parent 68f789d77b
101 changed files with 19154 additions and 52 deletions
--- a/src/security/api/include/dds/security/dds_security_api_err.h
+++ b/src/security/api/include/dds/security/dds_security_api_err.h
@ -97,16 +97,14 @@ extern "C" {
 #define DDS_SECURITY_ERR_INVALID_SUBJECT_NAME_CODE 146
 #define DDS_SECURITY_ERR_INVALID_SUBJECT_NAME_MESSAGE "Subject name is invalid"
 #define DDS_SECURITY_ERR_VALIDITY_PERIOD_EXPIRED_CODE 147
-#define DDS_SECURITY_ERR_VALIDITY_PERIOD_EXPIRED_MESSAGE "Permissions validity period expired for %s"
+#define DDS_SECURITY_ERR_VALIDITY_PERIOD_EXPIRED_MESSAGE "Permissions validity period expired for %s (expired: %s)"
 #define DDS_SECURITY_ERR_VALIDITY_PERIOD_NOT_STARTED_CODE 148
-#define DDS_SECURITY_ERR_VALIDITY_PERIOD_NOT_STARTED_MESSAGE "Permissions validity period has not started yet for %s"
+#define DDS_SECURITY_ERR_VALIDITY_PERIOD_NOT_STARTED_MESSAGE "Permissions validity period has not started yet for %s (start: %s)"
 #define DDS_SECURITY_ERR_CAN_NOT_FIND_PERMISSIONS_GRANT_CODE 149
 #define DDS_SECURITY_ERR_CAN_NOT_FIND_PERMISSIONS_GRANT_MESSAGE "Could not find valid grant in permissions"
-#define DDS_SECURITY_ERR_PERMISSIONS_OUT_OF_VALIDITY_DATE_CODE 150
-#define DDS_SECURITY_ERR_PERMISSIONS_OUT_OF_VALIDITY_DATE_MESSAGE "Permissions of subject (%s) outside validity date: %s - %s"
-#define DDS_SECURITY_ERR_URI_TYPE_NOT_SUPPORTED_CODE 151
+#define DDS_SECURITY_ERR_URI_TYPE_NOT_SUPPORTED_CODE 150
 #define DDS_SECURITY_ERR_URI_TYPE_NOT_SUPPORTED_MESSAGE "Unsupported URI type: %s"
-#define DDS_SECURITY_ERR_INVALID_CRYPTO_DATA_NOT_ALIGNED_CODE 152
+#define DDS_SECURITY_ERR_INVALID_CRYPTO_DATA_NOT_ALIGNED_CODE 151
 #define DDS_SECURITY_ERR_INVALID_CRYPTO_DATA_NOT_ALIGNED_MESSAGE "The payload is not aligned at 4 bytes"

 #define DDS_SECURITY_ERR_UNDEFINED_CODE 200