Some of the liveliness qos tests were not using unique topic names
for the tests for local and remote readers. Re-using the participant
for these 2 tests results in unexpected reader-proxywriter matches
in the latter test. Fixed by adding a sequence number in the topic name.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
This commit adds support for liveliness QoS when using local readers.
The implementation for (liveliness) expiration of writers used here is
similar to that used with proxy writers, and it also supports the three
liveliness kinds (1) automatic, which is trivial when using a local
reader and writer, (2) manual-by-participant and (3) manual-by-topic.
In addition, these changes and fixes are included in this commit:
- Fixed a bug in heartbeat handling in the reader: for manual-by-
participant writers the lease was not updated on reception of a
heartbeat message with liveliness flag set. This is fixed and a
test-case is added.
- Include the liveliness flag in a heartbeat message to the trace
- Trace all lease renewals, including liveliness leases
- Replaced liveliness changed state 'twitch' by 2 subsequent calls
to the status callback
- Added a test for liveliness duration 0 and 1ns (for both local
and remote readers)
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
This commit adds the build-in Access Control plugin that is part of the
DDS Security implementation for Cyclone.
The Access Control Plugin API defines the types and operations necessary
to support an access control mechanism for DDS Domain Participants.
Similar to other builtin plugins, the DDS Security access control plugin
is built as a shared library to allow dynamic library loading on runtime.
This enables DDS participants to use specific plugin implementations with
different configurations.
This commit includes some basic tests for the access control functions.
This initial version of the plugin does not support permissions expiry
(not-valid-after date in permissions configuration).
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Process review comments for access control plugin
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Part 2 of processing review changes for access control
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Add test for topicname dcps, add comment for xml date parser
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Fixed an bug in leap year count for year 2200, changed the rounding for sub-ns fraction and added an additional overflow test in DDS_Security_parse_xml_date
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Signed-off-by: Erik Boasson <eb@ilities.com>
Fix typo in dlopen_unknown test
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Signed-off-by: Erik Boasson <eb@ilities.com>
This works around a termination issue on Windows caused by the process
sometimes being unable to send a packet to itself to wake up a thread
stuck in a blocking read on a socket.
Signed-off-by: Erik Boasson <eb@ilities.com>
Dispatchers are added to a custom linked list while each dispatcher owns a
fibheap of callbacks that are ordered by expiry timestamp. A seperate
fibheap is use for each dispatcher to allow disabling and enabling of
each dispatcher. A new and free function is added that creates a
timed_cd_data object that is used by every public function. A thread is
initialized at object creation instead of using a counter. Add
a protection for the terminate flag.
Signed-off-by: Joao Rebelo <jrebelo@s2e-systems.com>
A generic FSM has been added to DDS Security Core component to realize authentication handshake process.
The list of the states and the transitions are given in the creation and the FSM is started with a start call.
Passing arguments to transition funstions is possible.
Timeout transitions are possible.
Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
Lease handling removes expired leases from the heap, and so a proxy
writer that transitions from not-alive to alive needs to re-schedule
expiry again or it will remain alive forever after having regained
liveliness once. This was missing for a manual-by-topic lease.
Signed-off-by: Erik Boasson <eb@ilities.com>
The transition to not-alive can occur between registering the lease and
making the proxy writer visible in the GUID hash table, so handling
lease expiry for proxy writer must not depend on it being visible
there.
Signed-off-by: Erik Boasson <eb@ilities.com>
And updated dds_read_instance_mask and dds_take_instance_mask to work with DDS_READ_WITHOUT_LOCK
Signed-off-by: Thijs Sassen <thijs.sassen@adlinktech.com>
This commit contains the implementation of the deadline QoS
for readers and writers. The description of this QoS in
the DDS specification (section 2.2.3.7):
"This policy is useful for cases where a Topic is expected to
have each instance updated periodically. On the publishing side this
setting establishes a contract that the application must meet.
On the subscribing side the setting establishes a minimum
requirement for the remote publishers that are expected to supply
the data values."
On the writer side, the deadline missed event also needs to trigger in
case only local readers exist. The implementation for this inserts
the sample in the writer history cache temporary, so that an instance
is created in the whc. Immediately after inserting the sample, it is
removed again. With the creation of the instance, the deadline missed event
is created, which will take care of triggering the deadline missed
callback if required. In case the instance already existed, the timer
of the event is renewed.
To verify the changes to the writer history cache, add an additional
test to check the write history cache state. This test checks the state
of the whc after writing samples by a writer with specific combinations
of qos settings. The state of the whc is checked for stored
samples (min/max sequence number) and the absence of unacked data, after
writing samples and wait for acks by the local and/or remote
readers (which is also a parameter for this test). This test is
introduced as part of the deadline implementation, but its scope is
wider than only the changes that were made in the whc implementation for
the deadline qos.
This test showed that even before the deadline support was added,
whc_default_remove_acked_messages_full data was not marked as acked in
case of transient-local keep-all. This resulted in data in whc that
never gets in acked state. This has been fixed as well.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
These topics are non-standard and not actually used anywhere in Cyclone,
so it is rather silly to keep them.
Signed-off-by: Erik Boasson <eb@ilities.com>
Security plugin loading with the given configuration has been added.
The configuration can be given by either the Cyclone DDS configuration file or ParticipantQoS during participant creation.
ParticipantQoS is required by DDS Security spec. However, the configuration file is an additional useful feature that helps the user to add security to the DDS application without changing the binary.
If ParticipantQoS has a Property starting with the name "dds.sec", then the configuration file is ignored.
If the participant is the first participant, the security component is initialized. If the participant is the last active participant, then the security component is de-initialized.
Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
This commit enables specifying a duration for data to be valid when writing
samples. After this duration, samples are dropped from the reader and writer
history cache. See section 2.2.3.16 of the DDS specification for more
details on this QoS.
The expiration of samples in the reader history cache is calculated
based on the reception timestamp of the sample and uses the monotonic
clock. As a result, the current implementation does not rely on clock
synchronisation between reader and writer. There may be reasons to
change this behavior in future and use the source timestamp instead.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Some changes in the xevents code for deleting callback events,
required for the lifespan QoS implementation. With these changes,
there is no longer a possibility of the callback still being
executing or getting invoked after delete_xevent_callback has
returned.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Maintain an index of all entities on (kind, topic, GUID) in addition to
the concurrent hash table on GUID and use that when looking for matching
entities. For endpoint matching, restrict the scan to readers/writers
of the right topic, for regular iterators, restrict it to the range of
the correct entity kind.
Signed-off-by: Erik Boasson <eb@ilities.com>
* Fix array keys on little-endian machines
Signed-off-by: Erik Boasson <eb@ilities.com>
* Test for writing topics with an array as key
Signed-off-by: Erik Boasson <eb@ilities.com>
* DDS Security built-in Cryptographic plugin
This commit adds the built-in Cryptographic plugin that is part of the
DDS Security implementation for Cyclone.
The Cryptographic plugin defines the types and operations necessary
to support encryption, digest, message authentication codes, and key
exchange for DDS DomainParticipants, DataWriters and DDS DataReaders.
Similar to other builtin plugins, the DDS Security cryptographic plugin
is built as a shared library to allow dynamic library loading on runtime.
This enables DDS participants to use specific plugin implementations
with different configurations.
Although I think this initial version is a reasonable starting point to be
merged in the security branch, some parts of the code will need refactoring:
* crypto_key_factory.c: crypto_factory_get_endpoint_relation returns
arbitrary local-remote relation if no specific key for remote is found,
which will not work in Cyclone because participants can have different
security settings
* performance of encoding data can be improved by not copying
plain_rtps_message to a new buffer (to enable this, crypto_cipher_encrypt_data
should allow encrypting parts of a message)
* when decoding a message the message is split in several parts (header, body,
footer, etc) and for this memory is allocated which is probably not necessary.
Performance should be improved by removing these allocations and use pointers
to the data instead.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP processing crypto plugin review comments
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP more refactoring based on review comments
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP fixing crypto plugin support for 128 bit key size
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP refactored master key storage to reduce memory usage when using 128 bit keys
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP fixing windows build linker issue
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* WIP refactored crypto key types, avoid returning pointers to released ref-counted object
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Fixed bug in test decode_datareader_submessage.invalid_data
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Fixed issues from review: use correct constant for hashing and handle different src/dst keysize correctly
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
- moved de-registration of a lease to a separate function, so that
it is called synchronously when a pwr is deleted, to prevent the
lease from expiring (before this change, the lease was renewed with
t_never, but that does not work because of a check with early out
in lease_renew)
- handle proxypp->owns_lease correctly: when an OpenSplice instance
was running in the same network and participants from OpenSplice were
discovered, the lease-renewal fails in case the proxy participant's
lease was not registered in minl_auto, which happens when the
proxypp depends on its parent (ddsi2) participant.
- increased lease duration in create_delete_writer stress test
to avoid failed tests due to delayed pmd messages
- fixed the indenting in liveliness tests source file
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
