niklas/rmw_cyclonedds
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update conditional compile logic

Browse source 
Add in conditional compile based on ENABLE_SECURITY make flag
and Cyclone DDS feature availability.  Also addressed review
comments.

Signed-off-by: Sid Faber <sid.faber@canonical.com>
This commit is contained in:
Sid Faber 2020-03-23 21:13:19 +00:00
parent 99d2738a84
commit bca0852f50
1 changed files with 34 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

50
rmw_cyclonedds_cpp/src/rmw_node.cpp
View file

@ -27,10 +27,10 @@
#include <regex> #include <regex>
#include "rcutils/filesystem.h" #include "rcutils/filesystem.h"
#include "rcutils/format_string.h"
#include "rcutils/get_env.h" #include "rcutils/get_env.h"
#include "rcutils/logging_macros.h" #include "rcutils/logging_macros.h"
#include "rcutils/strdup.h" #include "rcutils/strdup.h"
#include "rcutils/format_string.h"
#include "rmw/allocators.h" #include "rmw/allocators.h"
#include "rmw/convert_rcutils_ret_to_rmw_ret.h" #include "rmw/convert_rcutils_ret_to_rmw_ret.h"
@ -61,6 +61,7 @@
#include "namespace_prefix.hpp" #include "namespace_prefix.hpp"
#include "dds/dds.h" #include "dds/dds.h"
#include "dds/ddsc/dds_public_qos.h"
#include "dds/ddsi/ddsi_sertopic.h" #include "dds/ddsi/ddsi_sertopic.h"
#include "rmw_cyclonedds_cpp/serdes.hpp" #include "rmw_cyclonedds_cpp/serdes.hpp"
#include "serdata.hpp" #include "serdata.hpp"
@ -81,6 +82,13 @@
#define SUPPORT_LOCALHOST 0 #define SUPPORT_LOCALHOST 0
#endif #endif
/* Security must be enabled when compiling and requires cyclone to support QOS property lists */
#if DDS_HAS_SECURITY && DDS_HAS_PROPERTY_LIST_QOS
#define RMW_SUPPORT_SECURITY 1
#else
#define RMW_SUPPORT_SECURITY 0
#endif
/* Set to > 0 for printing warnings to stderr for each messages that was taken more than this many /* Set to > 0 for printing warnings to stderr for each messages that was taken more than this many
ms after writing */ ms after writing */
#define REPORT_LATE_MESSAGES 0 #define REPORT_LATE_MESSAGES 0
@ -644,6 +652,7 @@ static std::string get_node_user_data(const char * node_name, const char * node_
std::string(";"); std::string(";");
} }
#if RMW_SUPPORT_SECURITY
/* Returns the full URI of a security file properly formatted for DDS */ /* Returns the full URI of a security file properly formatted for DDS */
char * get_security_file_URI( char * get_security_file_URI(
const char * security_filename, const char * node_secure_root, const char * security_filename, const char * node_secure_root,
@ -680,11 +689,14 @@ void store_security_filepath_in_qos(
allocator.deallocate(security_file_path, allocator.state); allocator.deallocate(security_file_path, allocator.state);
} }
} }
#endif /* RMW_SUPPORT_SECURITY */
/* Set all the qos properties needed to enable DDS security */ /* Set all the qos properties needed to enable DDS security */
void configure_qos_for_security( rmw_ret_t configure_qos_for_security(
dds_qos_t * qos, const rmw_node_security_options_t * security_options) dds_qos_t * qos, const rmw_node_security_options_t * security_options)
{ {
#if RMW_SUPPORT_SECURITY
/* File path is set to nullptr if file does not exist or is not readable */ /* File path is set to nullptr if file does not exist or is not readable */
store_security_filepath_in_qos( store_security_filepath_in_qos(
qos, "dds.sec.auth.identity_ca", "identity_ca.cert.pem", qos, "dds.sec.auth.identity_ca", "identity_ca.cert.pem",
@ -705,17 +717,28 @@ void configure_qos_for_security(
qos, "dds.sec.access.permissions", "permissions.p7s", qos, "dds.sec.access.permissions", "permissions.p7s",
security_options); security_options);
dds_qset_prop(qos, "dds.sec.auth.library.path", "libdds_security_auth.so"); dds_qset_prop(qos, "dds.sec.auth.library.path", "dds_security_auth");
dds_qset_prop(qos, "dds.sec.auth.library.init", "init_authentication"); dds_qset_prop(qos, "dds.sec.auth.library.init", "init_authentication");
dds_qset_prop(qos, "dds.sec.auth.library.finalize", "finalize_authentication"); dds_qset_prop(qos, "dds.sec.auth.library.finalize", "finalize_authentication");
dds_qset_prop(qos, "dds.sec.crypto.library.path", "libdds_security_crypto.so"); dds_qset_prop(qos, "dds.sec.crypto.library.path", "dds_security_crypto");
dds_qset_prop(qos, "dds.sec.crypto.library.init", "init_crypto"); dds_qset_prop(qos, "dds.sec.crypto.library.init", "init_crypto");
dds_qset_prop(qos, "dds.sec.crypto.library.finalize", "finalize_crypto"); dds_qset_prop(qos, "dds.sec.crypto.library.finalize", "finalize_crypto");
dds_qset_prop(qos, "dds.sec.access.library.path", "libdds_security_ac.so"); dds_qset_prop(qos, "dds.sec.access.library.path", "dds_security_ac");
dds_qset_prop(qos, "dds.sec.access.library.init", "init_access_control"); dds_qset_prop(qos, "dds.sec.access.library.init", "init_access_control");
dds_qset_prop(qos, "dds.sec.access.library.finalize", "finalize_access_control"); dds_qset_prop(qos, "dds.sec.access.library.finalize", "finalize_access_control");
return RMW_RET_OK;
#else
(void) qos;
(void) security_options;
RMW_SET_ERROR_MSG(
"Security was requested but the Cyclone DDS being used does not have security "
"support enabled. Recompile Cyclone DDS with the '-DENABLE_SECURITY=ON' "
"CMake option");
return RMW_RET_UNSUPPORTED;
#endif
} }
extern "C" rmw_node_t * rmw_create_node( extern "C" rmw_node_t * rmw_create_node(
@ -743,11 +766,7 @@ extern "C" rmw_node_t * rmw_create_node(
const dds_domainid_t did = DDS_DOMAIN_DEFAULT; const dds_domainid_t did = DDS_DOMAIN_DEFAULT;
#endif #endif
if (security_options == nullptr) { RCUTILS_CHECK_ARGUMENT_FOR_NULL(security_options, nullptr);
RCUTILS_LOG_ERROR_NAMED(
"rmw_cyclonedds_cpp", "rmw_create_node: security options null");
return nullptr;
}
rmw_ret_t ret; rmw_ret_t ret;
int dummy_validation_result; int dummy_validation_result;
@ -770,16 +789,15 @@ extern "C" rmw_node_t * rmw_create_node(
#endif #endif
dds_qos_t * qos = dds_create_qos(); dds_qos_t * qos = dds_create_qos();
if (qos == nullptr) { RCUTILS_CHECK_FOR_NULL_WITH_MSG(
RCUTILS_LOG_ERROR_NAMED( security_options, "rmw_create_node: Unable to create qos", return nullptr);
"rmw_cyclonedds_cpp", "rmw_create_node: Unable to create qos");
return nullptr;
}
std::string user_data = get_node_user_data(name, namespace_); std::string user_data = get_node_user_data(name, namespace_);
dds_qset_userdata(qos, user_data.c_str(), user_data.size()); dds_qset_userdata(qos, user_data.c_str(), user_data.size());
if (security_options->enforce_security) { if (security_options->enforce_security) {
configure_qos_for_security(qos, security_options); if (configure_qos_for_security(qos, security_options) != RMW_RET_OK) {
return nullptr;
}
} }
dds_entity_t pp = dds_create_participant(did, qos, nullptr); dds_entity_t pp = dds_create_participant(did, qos, nullptr);