* Move wctime, mtime, etime types to ddsrt
* Add ddsrt_time_wallclock
* Change ddsrt_time_monontic, elapsed to use mtime, etime types
* Remove now, now_mt, now_et
* Rename X_to_sec_usec to ddsrt_X_to_sec_usec
* add_duration_to_X to ddsrt_X_add_duration (to be in line with the
existing ddsrt_time_add_duration)
* elimination of ddsrt/timeconv.h, it added more in the way of
complications than it did in making things more elegant
* rename of q_time.[ch] to ddsi_time.[ch]: that now only deals with DDSI
timestamps and durations on the wire
Signed-off-by: Erik Boasson <eb@ilities.com>
wsock32.lib is only needed for the legacy version of Winsock and is not needed with Winsock2 (the current version).
This appears to be a root cause of the multicast issue on Win10 and may allow us to reverse #404
Signed-off-by: Dan Rose <dan@digilabs.io>
Trusted CA dir in security configuration is optional, but participant
creation currently fails if no or empty dir is provided. This commit
fixes this issue and adds some tests for various trusted_ca_dir values.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
[test_subscriber-12] /opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/ddsrt/src/mh3.c:28:53: runtime error: applying zero offset to null pointer
[test_subscriber-12] SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /opt/ros/master/src/eclipse-cyclonedds/cyclonedds/src/ddsrt/src/mh3.c:28:53 in
Signed-off-by: Dan Rose <dan@digilabs.io>
ddsrt_asprintf did not copy non-English interface names. To fix this memory is
allocated with ddsrt_malloc and UTF-16 encoded interface names are converted to
UTF-8.
Signed-off-by: Jeroen Koekkoek <jeroen@koekkoek.nl>
This commit changes the implementation of topics so that multiple topic
entities can exist in a single participant for the same topic.
Different entities may refer to different topic implementations
(sertopics, akin to a type support in the DDS specification). All
entities (for the same participant) always have the same QoS, via the
new "ktopic" table in the participant.
Readers and writers are bound to a topic entity and inherit its
properties. If a topic comes in two definitions, say one for C and one
for C++, one can have a single participant with a reader delivering the
data in C representation and another reader delivering it in C++
representation.
This changes the behaviour of create_topic and find_topic: these now (on
successful return) always return a new entity (and thus with a unique
handle), where previously these would simply return a existing one when
possible.
This also requires some small additions to the sertopic/serdata
interface.
Signed-off-by: Erik Boasson <eb@ilities.com>
Implement trigger of certificate and permission expiries using the timed callbacks.
Implement directory operations such that trusted CA can be read.
This implements OS abstraction functions such as opendir and stat.
Signed-off-by: Stefan Kimmer <skimmer@s2e-systems.com>
Signed-off-by: Erik Boasson <eb@ilities.com>
Fix typo in dlopen_unknown test
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Signed-off-by: Erik Boasson <eb@ilities.com>
A generic FSM has been added to DDS Security Core component to realize authentication handshake process.
The list of the states and the transitions are given in the creation and the FSM is started with a start call.
Passing arguments to transition funstions is possible.
Timeout transitions are possible.
Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
Security plugin loading with the given configuration has been added.
The configuration can be given by either the Cyclone DDS configuration file or ParticipantQoS during participant creation.
ParticipantQoS is required by DDS Security spec. However, the configuration file is an additional useful feature that helps the user to add security to the DDS application without changing the binary.
If ParticipantQoS has a Property starting with the name "dds.sec", then the configuration file is ignored.
If the participant is the first participant, the security component is initialized. If the participant is the last active participant, then the security component is de-initialized.
Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
* String functions required by DDS Security Access Control plugin
The implementation for the DDS Security Access Control plugin
requires two additional string functions. This commit adds the
ddsrt_str_replace function (including tests) and exports the
existing function ddsrt_todigit.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Suppress strcpy warnings in Windows builds for ddsrt_str_replace
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Minor nitpicks on ddsrt_str_replace
Signed-off-by: Erik Boasson <eb@ilities.com>
This commit adds support for the liveliness QoS for the liveliness
kinds automatic and manual-by-participant. It also implements the
lease_duration from this QoS, which was ignored until now. In the
api the function dds_assert_liveliness is added to assert liveliness
on a participant, which can be used when using liveliness kind
manual-by-participant.
Liveliness kind manual-by-topic is not yet supported, this will be
added in a later commit.
* Proxy participants now have 2 fibheaps to keep leases: one for leases
of pwrs with automatic liveliness and one for leases of the pwrs with
manual-by-participant liveliness (both protected by the proxypp lock).
The minl_auto and minl_man members represent the shortest lease from
these fibheaps and these leases are renewed when receiving data.
Replacing the minl_ leases is now done by replacing the lease object
(atomic ptr) with delayed deletion of the old lease using the gc.
* Proxy writers are set not-alive when the lease expired, and reset to
alive then data is received. When data is received by a pwr, the other
pwrs in the proxypp might also be set alive. I think the specification
is not clear at this point, and for now I have not implemented this
* I refactored out the counter for man-by-pp proxy writers and improved
locking when updating the min-leases on the proxy participant, so I
think this fixes the race conditions.
Some additional tests are required, e.g. to test the not-alive->alive
transition for pwrs. I will add these in short term, as well as the
implementation of the manual-by-topic liveliness kind.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
Sign extension causes some character values to be interpreted as special
tokens, potentially causing the parser to hang, pass a null pointer as
element name to the "elem_open" callback (which would crash the
configuration processing).
Signed-off-by: Erik Boasson <eb@ilities.com>
When scanning buckets while looking for a specific element, it is faster
to only inspect those buckets for which the corresponding bit in
"hopinfo" is set. Sadly, simple scanning is faster than the far more
elegant perfect hash based on a De Bruijn sequence.
Add a simple test/performance measurement.
Signed-off-by: Erik Boasson <eb@ilities.com>
Builtin authentication plugin of DDS Security implementation was added.
This plugin is the first implementation and it also contains the functions that are used initially in the secure communication sequence.
The builtin authentication plugin implements authentication using a trusted Certificate Authority (CA). It performs mutual authentication between discovered participants using the RSA or ECDSA Digital Signature Algorithms and establishes a shared secret using Diffie-Hellman (DH) or Elliptic Curve Diffie-Hellman (ECDH) Key Agreement Methods.
DDS Security core component is introduced with this commit. DDSI and other builtin plugins will also use the security core.
Like all builtin plugins, dds security authentication plugin is a shared library for providing dynamic library loading on runtime. So that, dds participants can use different plugin implementations with different configurations.
Authentication plugin uses ddsrt functions. ddsrt is not expected to be a shared library and statically adding ddsrt objects to authentication library produces linkage errors in windows. So, dynamically linking authentication plugin to ddc library is decided. Another decision should be taken for the platforms that are not supporting dynamic libraries later.
Signed-off-by: Kurtulus Oksuztepe <kurtulus.oksuztepe@adlinktech.com>
* Moved bswap functions to ddsrt
Moved the byte swapping functions from ddsi to ddsrt so that
these can be re-used in e.g. the security plugins and tests.
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
* Moved decarations for bswap functions to ddsrt
Signed-off-by: Dennis Potman <dennis.potman@adlinktech.com>
CMAKE_PROJECT_NAME refers to the top-level project name, not the most recent project. So any CMake project that pulls this in as a dependency was in for a nasty surprise.
https://cmake.org/cmake/help/latest/variable/CMAKE_PROJECT_NAME.html
Signed-off-by: Dan Rose <dan@digilabs.io>
The test only works on Linux and macOS because of the system
dependencies in catching an abort. The logging code is platform
independent so testing only on these platforms still gives a good sanity
check.
Signed-off-by: Erik Boasson <eb@ilities.com>
* macOS < 10.13: skip log tests for want of fmemopen
There is a dependency on fmemopen in the tests for the logging
functions, which macOS introduced only in version 10.13. There should
be no other obstacle to building/running/testing on older versions of
macOS. This commit does the pragmatic thing: remove the dependency and
turns the tests into no-ops in this one case.
Signed-off-by: Erik Boasson <eb@ilities.com>
* Fix macOS clock_gettime_nsec_np availability test
Signed-off-by: Erik Boasson <eb@ilities.com>
* Fix type of num reliable readers (int to int32_t)
* Conversion codes in debug monitor printf formats
* Dead code elimination
* Skipping a test case where SIZE_MAX is assumed > INT32_MAX if
assumption is false on target platform
* Error handling in os_sockWaitsetNew
* Stick to unsigned in fragment size calculations
This check is actually guarded by valid_DataFrag and was safe for
datagrams up to 2GB, but the unintended and implicit conversion to is
still best eliminated.
* A "server" connection never has an invalid socket in TCP wrapper
* Handle error return from gethostname in SPDP write (CID 248183)
* Handle extended retcodes in dds_strretcode
CID 248131, introduced by 19aec98b8a
* Remove dead code in ddsrt logging test (CID 248195)
* Validate command-line argument in process test (CID 248117)
* Allow for extremely delayed store in test
Test is constructed to have the events trigger only at the appropriate
times, but it does assume that the store to cb_called becomes visible
prior to the listener callback. I'm pretty sure that will always be
the case in practice, but I'm also pretty sure there is no formal
guarantee without a memory barrier, which mutex_unlock provides.
CID 248088, 248136, 248177, 253590, 253591, 253593
* Check unsetenv return value in test (CID 248099)
Signed-off-by: Erik Boasson <eb@ilities.com>
Initialisation of ddsrt layer uses a hand-rolled CAS/sleep device not
unlike a spin lock. This so initialisation doesn't depend on, e.g.,
ddsrt_once.
Checking or changing thread states between "awake" and "asleep" can end
up in ddsrt_init if the thread is unknown at the time of the call.
Once really only ends up in those cases when the library is initialised
already, in which case no sleeping occurs.
In any case, the sleep is just a friendly yielding of the CPU. Coverity
will still see the loop, just not the sleep.
Signed-off-by: Erik Boasson <eb@ilities.com>
