niklas/cyclonedds
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Don't accept plain payload in case payload encryption or payload signing is enabled in the security settings. And fixed a typo in writer not allowed message

Browse source 
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
This commit is contained in:
Dennis Potman 2020-05-11 21:49:16 +02:00 committed by eboasson
parent 6185a5ab2a
commit 9ba54c70e7
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/core/ddsi/src/ddsi_security_omg.c
View file

@ -1469,7 +1469,7 @@ bool q_omg_security_check_create_writer(struct participant *pp, uint32_t domain_
result = sc->access_control_context->check_create_datawriter(sc->access_control_context, pp->sec_attr->permissions_handle, (DDS_Security_DomainId)domain_id, topic_name, &security_qos, &partitions, NULL, &exception); result = sc->access_control_context->check_create_datawriter(sc->access_control_context, pp->sec_attr->permissions_handle, (DDS_Security_DomainId)domain_id, topic_name, &security_qos, &partitions, NULL, &exception);
if (!result) if (!result)
handle_not_allowed(pp->e.gv, pp->sec_attr->permissions_handle, sc->access_control_context, &exception, topic_name, "Local topic permission denied"); handle_not_allowed(pp->e.gv, pp->sec_attr->permissions_handle, sc->access_control_context, &exception, topic_name, "Writer is not permitted");
q_omg_shallow_free_security_qos(&security_qos); q_omg_shallow_free_security_qos(&security_qos);
g_omg_shallow_free_StringSeq(&partitions.name); g_omg_shallow_free_StringSeq(&partitions.name);
@ -3340,7 +3340,7 @@ static bool decode_payload (const struct ddsi_domaingv *gv, struct nn_rsample_in
if (!q_omg_security_decode_serialized_payload (sampleinfo->pwr, payloadp, *payloadsz, &dst_buf, &dst_len)) if (!q_omg_security_decode_serialized_payload (sampleinfo->pwr, payloadp, *payloadsz, &dst_buf, &dst_len))
{ {
GVTRACE ("decode_payload: failed to decrypt data from "PGUIDFMT"\n", PGUID (sampleinfo->pwr->e.guid)); GVTRACE ("decode_payload: failed to decrypt data from "PGUIDFMT"\n", PGUID (sampleinfo->pwr->e.guid));
return true; return false;
} }
/* Expect result to always fit into the original buffer. */ /* Expect result to always fit into the original buffer. */