From b2b9630c38b556530001168ce8177e85b56876c3 Mon Sep 17 00:00:00 2001 From: Dennis Potman Date: Sun, 5 Apr 2020 20:54:24 +0200 Subject: [PATCH] Prevent time-out in handshake The security handshake is started when a node receives an SPDP message. The SPDP receiver will reply with an SPDP, followed by a dds.sec.auth_request. Because the initial SPDP sender will receive the auth_request immediately after (or even before) the SPDP reply message, that node may not have finished (or not even started) matching the remote writers and therefore it drops the auth_request message. This results in a time-out in the handshake process, and the auth_request has to be re-send. To avoid this, a short (rather arbitrarily chosen, based on local testing) sleep is introduced before the auth_request message is sent. Signed-off-by: Dennis Potman --- src/core/ddsi/src/ddsi_handshake.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/core/ddsi/src/ddsi_handshake.c b/src/core/ddsi/src/ddsi_handshake.c index b23d214..61f8477 100644 --- a/src/core/ddsi/src/ddsi_handshake.c +++ b/src/core/ddsi/src/ddsi_handshake.c @@ -553,7 +553,15 @@ static void func_validate_remote_identity(struct dds_security_fsm *fsm, void *ar * to be send. */ if (handshake->local_auth_request_token.class_id && strlen(handshake->local_auth_request_token.class_id) != 0) + { + /* A short sleep to give the remote node some time for matching the + BuiltinParticipantStatelessMessageWriter, so that it won't drop the + sample we're sending (that would result in a time-out and the + handshake taking 1s longer than required) */ + dds_sleepfor (DDS_MSECS(10)); + HSTRACE("FSM: validate_remote_identity: send_handshake_message AUTH_REQUEST\n"); (void)send_handshake_message(handshake, &handshake->local_auth_request_token, pp, proxypp, 1); + } validation_failed: ident_token_missing: