diff --git a/rmw_cyclonedds_cpp/src/rmw_node.cpp b/rmw_cyclonedds_cpp/src/rmw_node.cpp index 505892d..5dc4406 100644 --- a/rmw_cyclonedds_cpp/src/rmw_node.cpp +++ b/rmw_cyclonedds_cpp/src/rmw_node.cpp @@ -27,10 +27,10 @@ #include #include "rcutils/filesystem.h" +#include "rcutils/format_string.h" #include "rcutils/get_env.h" #include "rcutils/logging_macros.h" #include "rcutils/strdup.h" -#include "rcutils/format_string.h" #include "rmw/allocators.h" #include "rmw/convert_rcutils_ret_to_rmw_ret.h" @@ -61,6 +61,7 @@ #include "namespace_prefix.hpp" #include "dds/dds.h" +#include "dds/ddsc/dds_public_qos.h" #include "dds/ddsi/ddsi_sertopic.h" #include "rmw_cyclonedds_cpp/serdes.hpp" #include "serdata.hpp" @@ -81,6 +82,13 @@ #define SUPPORT_LOCALHOST 0 #endif +/* Security must be enabled when compiling and requires cyclone to support QOS property lists */ +#if DDS_HAS_SECURITY && DDS_HAS_PROPERTY_LIST_QOS +#define RMW_SUPPORT_SECURITY 1 +#else +#define RMW_SUPPORT_SECURITY 0 +#endif + /* Set to > 0 for printing warnings to stderr for each messages that was taken more than this many ms after writing */ #define REPORT_LATE_MESSAGES 0 @@ -644,6 +652,7 @@ static std::string get_node_user_data(const char * node_name, const char * node_ std::string(";"); } +#if RMW_SUPPORT_SECURITY /* Returns the full URI of a security file properly formatted for DDS */ char * get_security_file_URI( const char * security_filename, const char * node_secure_root, @@ -680,11 +689,14 @@ void store_security_filepath_in_qos( allocator.deallocate(security_file_path, allocator.state); } } +#endif /* RMW_SUPPORT_SECURITY */ /* Set all the qos properties needed to enable DDS security */ -void configure_qos_for_security( +rmw_ret_t configure_qos_for_security( dds_qos_t * qos, const rmw_node_security_options_t * security_options) { + +#if RMW_SUPPORT_SECURITY /* File path is set to nullptr if file does not exist or is not readable */ store_security_filepath_in_qos( qos, "dds.sec.auth.identity_ca", "identity_ca.cert.pem", @@ -705,17 +717,28 @@ void configure_qos_for_security( qos, "dds.sec.access.permissions", "permissions.p7s", security_options); - dds_qset_prop(qos, "dds.sec.auth.library.path", "libdds_security_auth.so"); + dds_qset_prop(qos, "dds.sec.auth.library.path", "dds_security_auth"); dds_qset_prop(qos, "dds.sec.auth.library.init", "init_authentication"); dds_qset_prop(qos, "dds.sec.auth.library.finalize", "finalize_authentication"); - dds_qset_prop(qos, "dds.sec.crypto.library.path", "libdds_security_crypto.so"); + dds_qset_prop(qos, "dds.sec.crypto.library.path", "dds_security_crypto"); dds_qset_prop(qos, "dds.sec.crypto.library.init", "init_crypto"); dds_qset_prop(qos, "dds.sec.crypto.library.finalize", "finalize_crypto"); - dds_qset_prop(qos, "dds.sec.access.library.path", "libdds_security_ac.so"); + dds_qset_prop(qos, "dds.sec.access.library.path", "dds_security_ac"); dds_qset_prop(qos, "dds.sec.access.library.init", "init_access_control"); dds_qset_prop(qos, "dds.sec.access.library.finalize", "finalize_access_control"); + + return RMW_RET_OK; +#else + (void) qos; + (void) security_options; + RMW_SET_ERROR_MSG( + "Security was requested but the Cyclone DDS being used does not have security " + "support enabled. Recompile Cyclone DDS with the '-DENABLE_SECURITY=ON' " + "CMake option"); + return RMW_RET_UNSUPPORTED; +#endif } extern "C" rmw_node_t * rmw_create_node( @@ -743,11 +766,7 @@ extern "C" rmw_node_t * rmw_create_node( const dds_domainid_t did = DDS_DOMAIN_DEFAULT; #endif - if (security_options == nullptr) { - RCUTILS_LOG_ERROR_NAMED( - "rmw_cyclonedds_cpp", "rmw_create_node: security options null"); - return nullptr; - } + RCUTILS_CHECK_ARGUMENT_FOR_NULL(security_options, nullptr); rmw_ret_t ret; int dummy_validation_result; @@ -770,16 +789,15 @@ extern "C" rmw_node_t * rmw_create_node( #endif dds_qos_t * qos = dds_create_qos(); - if (qos == nullptr) { - RCUTILS_LOG_ERROR_NAMED( - "rmw_cyclonedds_cpp", "rmw_create_node: Unable to create qos"); - return nullptr; - } + RCUTILS_CHECK_FOR_NULL_WITH_MSG( + security_options, "rmw_create_node: Unable to create qos", return nullptr); std::string user_data = get_node_user_data(name, namespace_); dds_qset_userdata(qos, user_data.c_str(), user_data.size()); if (security_options->enforce_security) { - configure_qos_for_security(qos, security_options); + if (configure_qos_for_security(qos, security_options) != RMW_RET_OK) { + return nullptr; + } } dds_entity_t pp = dds_create_participant(did, qos, nullptr);