From 5f65a65196dff2453ff86df711db018fefed1e54 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlos=20Ferreira=20Gonz=C3=A1lez?=
 <carlosferreira@eprosima.com>
Date: Wed, 21 Feb 2024 07:44:44 +0100
Subject: [PATCH] Enabling multiple interfaces through whitelist in TCP servers
 (#4297)

* Refs #20238: Add whitelist test in TCPv4

Signed-off-by: cferreiragonz <carlosferreira@eprosima.com>

* Refs #20238: Add whitelist test in TCPv6

Signed-off-by: cferreiragonz <carlosferreira@eprosima.com>

* Refs #20238: Adding interface to locator if whitelist is not empty

Signed-off-by: cferreiragonz <carlosferreira@eprosima.com>

* Refs #20238: Uncrustify

Signed-off-by: cferreiragonz <carlosferreira@eprosima.com>

* Refs #20238: Fix build in Windows

Signed-off-by: cferreiragonz <carlosferreira@eprosima.com>

* Refs #20238: Apply suggestions

Signed-off-by: cferreiragonz <carlosferreira@eprosima.com>

* Refs #20238: Remove repeated addition of listener port (added by default)

Signed-off-by: cferreiragonz <carlosferreira@eprosima.com>

---------

Signed-off-by: cferreiragonz <carlosferreira@eprosima.com>
---
 .../rtps/transport/TCPTransportInterface.cpp  | 13 +++-
 test/unittest/transport/TCPv4Tests.cpp        | 40 +++++++++++-
 test/unittest/transport/TCPv6Tests.cpp        | 64 +++++++++++++++++++
 .../transport/mock/MockTCPv4Transport.h       | 10 +++
 .../transport/mock/MockTCPv6Transport.h       | 10 +++
 5 files changed, 134 insertions(+), 3 deletions(-)

diff --git a/src/cpp/rtps/transport/TCPTransportInterface.cpp b/src/cpp/rtps/transport/TCPTransportInterface.cpp
index a5dc010f927..7aa7e694e13 100644
--- a/src/cpp/rtps/transport/TCPTransportInterface.cpp
+++ b/src/cpp/rtps/transport/TCPTransportInterface.cpp
@@ -348,11 +348,20 @@ uint16_t TCPTransportInterface::create_acceptor_socket(
             std::vector<std::string> vInterfaces = get_binding_interfaces_list();
             for (std::string& sInterface : vInterfaces)
             {
+                Locator loc = locator;
+                if (loc.kind == LOCATOR_KIND_TCPv4)
+                {
+                    IPLocator::setIPv4(loc, sInterface);
+                }
+                else if (loc.kind == LOCATOR_KIND_TCPv6)
+                {
+                    IPLocator::setIPv6(loc, sInterface);
+                }
 #if TLS_FOUND
                 if (configuration()->apply_security)
                 {
                     std::shared_ptr<TCPAcceptorSecure> acceptor =
-                            std::make_shared<TCPAcceptorSecure>(io_service_, sInterface, locator);
+                            std::make_shared<TCPAcceptorSecure>(io_service_, sInterface, loc);
                     acceptors_[acceptor->locator()] = acceptor;
                     acceptor->accept(this, ssl_context_);
                     final_port = static_cast<uint16_t>(acceptor->locator().port);
@@ -361,7 +370,7 @@ uint16_t TCPTransportInterface::create_acceptor_socket(
 #endif // if TLS_FOUND
                 {
                     std::shared_ptr<TCPAcceptorBasic> acceptor =
-                            std::make_shared<TCPAcceptorBasic>(io_service_, sInterface, locator);
+                            std::make_shared<TCPAcceptorBasic>(io_service_, sInterface, loc);
                     acceptors_[acceptor->locator()] = acceptor;
                     acceptor->accept(this);
                     final_port = static_cast<uint16_t>(acceptor->locator().port);
diff --git a/test/unittest/transport/TCPv4Tests.cpp b/test/unittest/transport/TCPv4Tests.cpp
index c6589f2fca5..3ae25bcae4a 100644
--- a/test/unittest/transport/TCPv4Tests.cpp
+++ b/test/unittest/transport/TCPv4Tests.cpp
@@ -567,10 +567,48 @@ TEST_F(TCPv4Tests, send_and_receive_between_allowed_interfaces_ports_by_name)
         senderThread->join();
         ASSERT_TRUE(bOk);
     }
+}
 
+TEST_F(TCPv4Tests, check_TCPv4_interface_whitelist_initialization)
+{
+    std::vector<IPFinder::info_IP> interfaces;
 
-}
+    GetIP4s(interfaces);
 
+    std::vector<std::string> mock_interfaces;
+    for (auto& ip : interfaces)
+    {
+        mock_interfaces.push_back(ip.name);
+    }
+    // Add manually localhost to test adding multiple interfaces
+    mock_interfaces.push_back("127.0.0.1");
+
+    for (auto& ip : mock_interfaces)
+    {
+        descriptor.interfaceWhiteList.emplace_back(ip);
+    }
+    MockTCPv4Transport transportUnderTest(descriptor);
+    transportUnderTest.init();
+
+    // Check that the transport whitelist and the acceptors map is the same size as the mock_interfaces
+    ASSERT_EQ(transportUnderTest.get_interface_whitelist().size(), descriptor.interfaceWhiteList.size());
+    ASSERT_EQ(transportUnderTest.get_acceptors_map().size(), descriptor.interfaceWhiteList.size());
+
+    // Check that every interface is in the whitelist
+    auto check_whitelist = transportUnderTest.get_interface_whitelist();
+    for (auto& ip : mock_interfaces)
+    {
+        ASSERT_NE(std::find(check_whitelist.begin(), check_whitelist.end(), asio::ip::address_v4::from_string(
+                    ip)), check_whitelist.end());
+    }
+
+    // Check that every interface is in the acceptors map
+    for (const auto& test : transportUnderTest.get_acceptors_map())
+    {
+        ASSERT_NE(std::find(mock_interfaces.begin(), mock_interfaces.end(), IPLocator::toIPv4string(
+                    test.first)), mock_interfaces.end());
+    }
+}
 
 #if TLS_FOUND
 TEST_F(TCPv4Tests, send_and_receive_between_secure_ports_client_verifies)
diff --git a/test/unittest/transport/TCPv6Tests.cpp b/test/unittest/transport/TCPv6Tests.cpp
index 17a4ea01578..1834e28cef0 100644
--- a/test/unittest/transport/TCPv6Tests.cpp
+++ b/test/unittest/transport/TCPv6Tests.cpp
@@ -215,6 +215,70 @@ TEST_F(TCPv6Tests, autofill_port)
     EXPECT_TRUE(transportUnderTest_multiple_autofill.configuration()->listening_ports.size() == 3);
 }
 
+static void GetIP6s(
+        std::vector<IPFinder::info_IP>& interfaces)
+{
+    IPFinder::getIPs(&interfaces, false);
+    auto new_end = remove_if(interfaces.begin(),
+                    interfaces.end(),
+                    [](IPFinder::info_IP ip)
+                    {
+                        return ip.type != IPFinder::IP6 && ip.type != IPFinder::IP6_LOCAL;
+                    });
+    interfaces.erase(new_end, interfaces.end());
+    std::for_each(interfaces.begin(), interfaces.end(), [](IPFinder::info_IP& loc)
+            {
+                loc.locator.kind = LOCATOR_KIND_TCPv6;
+            });
+}
+
+TEST_F(TCPv6Tests, check_TCPv6_interface_whitelist_initialization)
+{
+    std::vector<IPFinder::info_IP> interfaces;
+
+    GetIP6s(interfaces);
+
+    // asio::ip::addres_v6 appends the interface name to the IP address, but the locator does not
+    // Create two different vectors to compare them
+    std::vector<std::string> asio_interfaces;
+    std::vector<std::string> locator_interfaces;
+    for (auto& ip : interfaces)
+    {
+        asio_interfaces.push_back(ip.name);
+        locator_interfaces.push_back(IPLocator::toIPv6string(ip.locator));
+    }
+    // Add manually localhost to test adding multiple interfaces
+    asio_interfaces.push_back("::1");
+    locator_interfaces.push_back("::1");
+
+    for (auto& ip : locator_interfaces)
+    {
+        descriptor.interfaceWhiteList.emplace_back(ip);
+    }
+    descriptor.add_listener_port(g_default_port);
+    MockTCPv6Transport transportUnderTest(descriptor);
+    transportUnderTest.init();
+
+    // Check that the transport whitelist and the acceptors map is the same size as the locator_interfaces
+    ASSERT_EQ(transportUnderTest.get_interface_whitelist().size(), descriptor.interfaceWhiteList.size());
+    ASSERT_EQ(transportUnderTest.get_acceptors_map().size(), descriptor.interfaceWhiteList.size());
+
+    // Check that every interface is in the whitelist
+    auto check_whitelist = transportUnderTest.get_interface_whitelist();
+    for (auto& ip : asio_interfaces)
+    {
+        ASSERT_NE(std::find(check_whitelist.begin(), check_whitelist.end(), asio::ip::address_v6::from_string(
+                    ip)), check_whitelist.end());
+    }
+
+    // Check that every interface is in the acceptors map
+    for (const auto& test : transportUnderTest.get_acceptors_map())
+    {
+        ASSERT_NE(std::find(locator_interfaces.begin(), locator_interfaces.end(), IPLocator::toIPv6string(
+                    test.first)), locator_interfaces.end());
+    }
+}
+
 // This test verifies server's channel resources mapping keys uniqueness, where keys are clients locators.
 // Clients typically communicated its PID as its locator port. When having several clients in the same
 // process this lead to overwriting server's channel resources map elements.
diff --git a/test/unittest/transport/mock/MockTCPv4Transport.h b/test/unittest/transport/mock/MockTCPv4Transport.h
index 6a1e7300b86..f5aff8b452b 100644
--- a/test/unittest/transport/mock/MockTCPv4Transport.h
+++ b/test/unittest/transport/mock/MockTCPv4Transport.h
@@ -46,6 +46,16 @@ class MockTCPv4Transport : public TCPv4Transport
         return unbound_channel_resources_;
     }
 
+    const std::vector<asio::ip::address_v4>& get_interface_whitelist() const
+    {
+        return interface_whitelist_;
+    }
+
+    const std::map<Locator_t, std::shared_ptr<fastdds::rtps::TCPAcceptor>>& get_acceptors_map() const
+    {
+        return acceptors_;
+    }
+
 };
 
 } // namespace rtps
diff --git a/test/unittest/transport/mock/MockTCPv6Transport.h b/test/unittest/transport/mock/MockTCPv6Transport.h
index 37b8d7c02d3..33f9155e2dc 100644
--- a/test/unittest/transport/mock/MockTCPv6Transport.h
+++ b/test/unittest/transport/mock/MockTCPv6Transport.h
@@ -46,6 +46,16 @@ class MockTCPv6Transport : public TCPv6Transport
         return unbound_channel_resources_;
     }
 
+    const std::vector<asio::ip::address_v6>& get_interface_whitelist() const
+    {
+        return interface_whitelist_;
+    }
+
+    const std::map<Locator_t, std::shared_ptr<fastdds::rtps::TCPAcceptor>>& get_acceptors_map() const
+    {
+        return acceptors_;
+    }
+
 };
 
 } // namespace rtps