Introduced a test that checks for the correct matching behavious for combinations
of the read/write access control settings in the governance xml (enable read/write
access control in the topic rules) and in the permissions xml (the publish/subscribe
grants for a topic).
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Add validate_local_permissions to the set of access control plugin
hooks tests, and add discovery_protection_enabled as an additional
parameter for the access control hook tests.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Add testing liveness protection to the existing discovery protection
test. The test checks if the P2P_BUILTIN_PARTICIPANT_MESSAGE_SECURE_WRITER
is using the encode_decode_submessage function of the crypto plugin
to secure liveliness messages.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
A test that checks that the security handshake fails in case of non-matching
encoding settings in the governance xml. All combinations of values for
rtps, discovery and liveliness protection are checked. For meta-data and
payload encoding, this test checks that a reader and writer do not connect
in case of non-matching values.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Adding a test that checks the effects of using different configuration settings
for discovery protection. This test set uses the cryptography wrapper to count
the number of invocations of the encode and decode functions during a session
and checks the counts with the expected values.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Introduced a test that checks if all crypto tokens send by a node are
received correctly by the remote node. To support this test, the crypto
wrapper plugin is extended with a token_log mode, that stores all tokens
that are exchanged after the security handshake is finished.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Add test cases for the join_access_control governance setting and for
the access control plugin check_create_ and check_remote_ hooks,
using a wrapper plugin that simulates failure for each of these,
to test the DDSI integration with the access control plugin.
This commit also contains fixes for:
- an assert on DDS_RETCODE_OK in dds_create_reader and
dds_create_writer that cased the application to terminate in case
creation of a reader or writer is not allowed by security
- do not match a proxy reader that has the 'relay_only' set to
true, which is currently unsupported
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
The conversion of incoming discovery data (in "parameter list" format)
check for the presence of the entity GUID parameter for the particular
type of endpoint and use it as the key field in subsequent processing.
If the parameter is absent, deserialisation fails and the handlers are
never called and the old check is therefore no longer necessary.
Signed-off-by: Erik Boasson <eb@ilities.com>
The initialization of remote participant's key material was not protected
by the remote_participant_crypto lock, which could result in using partially
initialized remote key material. This caused intermittent test failures
with assertions on key_size in crypto_cipher_decrypt_data. This commit fixes
this issue by adding locking for the remote key material.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
expiry tests and add timestamps to test logging to get more stable
test results on Travis and enable analysing timeing issues.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Impement the revoke identity callback in ddsi that is called when
the identity certificate of a participant expires. In case the
identity handle that expires is from a local participant, all
proxy pp connections will be dropped for this participant. In case
the identity that expires is from a remote participant, the
corresponding proxy participant is deleted.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Implement handler for access control on_revoke_permissions. This callback
function disconnects and deletes all proxy participant that are using the
revoked permissions handle (in case of remote permissions expire) and
proxy participant that are connected with a participant for which the
permissions expire (local permissions expire).
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Refactoring security core tests and adding more tests:
- Dynamically generate ca and identity certificates in authentication tests, so that certificate expiry is tested.
Added writing/reading samples to these tests to ensure that nodes can (or cannot) communicate in a specific test case
- Secure communication tests: improved the validation of encryption in wrapper
- Added test for access control plugin settings
- Replaced the in-code test identities (and included ca private keys), added an additional identity
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Including FreeBSD in preprocessor conditionals for APPLE fixes issues with UDP make_socket, as described in issue #488.
Signed-off-by: Michael Gary Dodson <md403@cam.ac.uk>
