From 9244c3e636f0f889915577226f5185c93f896165 Mon Sep 17 00:00:00 2001 From: Fred Hornsey Date: Wed, 10 Jul 2024 19:06:02 -0500 Subject: [PATCH] Fixed Broken Links, TypeLookup Sec Entity Names There were links that should have gone to https://issues.omg.org/issues/DDSSEC12-86 that that were wrong. On inspection, the issue was fixed in v1.2 of the DDS security spec, which just came out. It looks like what we have matches what's in 1.2, so I removed the links. I also switched the "reader"/"writer" and "secure" in names because it's what's in 1.2 and matches the other builtin entities. --- dds/DCPS/RTPS/MessageTypes.h | 16 ++-- dds/DCPS/RTPS/Sedp.cpp | 80 +++++++++---------- dds/DCPS/RTPS/Spdp.cpp | 60 +++++++------- dds/DdsSecurityCore.idl | 7 +- dds/DdsSecurityParams.idl | 10 +-- docs/devguide/xtypes.rst | 2 - .../ConcurrentAuthLimit.cpp | 8 +- tests/transport/spdp/spdp_transport.cpp | 8 +- 8 files changed, 91 insertions(+), 100 deletions(-) diff --git a/dds/DCPS/RTPS/MessageTypes.h b/dds/DCPS/RTPS/MessageTypes.h index eb0f175dfed..979ba033ea9 100644 --- a/dds/DCPS/RTPS/MessageTypes.h +++ b/dds/DCPS/RTPS/MessageTypes.h @@ -32,6 +32,7 @@ namespace OpenDDS { using OpenDDS::DCPS::GUIDPREFIX_UNKNOWN; using OpenDDS::DCPS::GUID_UNKNOWN; + using OpenDDS::DCPS::EntityId_t; using OpenDDS::DCPS::ENTITYID_UNKNOWN; using OpenDDS::DCPS::ENTITYID_PARTICIPANT; using OpenDDS::DCPS::ENTITYID_SEDP_BUILTIN_TOPIC_WRITER; @@ -68,12 +69,9 @@ namespace OpenDDS { const ProtocolVersion_t PROTOCOLVERSION_2_4 = { 2, 4 }; const ProtocolVersion_t PROTOCOLVERSION = PROTOCOLVERSION_2_4; - using OpenDDS::DCPS::EntityId_t; #if OPENDDS_CONFIG_SECURITY /** - * The below entities - are from the security spec. V1.1 - * section 7.3.7.1 "Mapping of the EntityIds for the Builtin DataWriters and DataReaders" + * See DDS Security spec v1.2 Table 9 */ ///@{ const EntityId_t ENTITYID_SEDP_BUILTIN_PUBLICATIONS_SECURE_WRITER = {{0xff, 0x00, 0x03}, 0xc2}; @@ -88,17 +86,15 @@ namespace OpenDDS { const EntityId_t ENTITYID_P2P_BUILTIN_PARTICIPANT_VOLATILE_SECURE_READER = {{0xff, 0x02, 0x02}, 0xc4}; const EntityId_t ENTITYID_SPDP_RELIABLE_BUILTIN_PARTICIPANT_SECURE_WRITER = {{0xff, 0x01, 0x01}, 0xc2}; const EntityId_t ENTITYID_SPDP_RELIABLE_BUILTIN_PARTICIPANT_SECURE_READER = {{0xff, 0x01, 0x01}, 0xc7}; - // https://issues.omg.org/browse/DDSSEC12-87 - const EntityId_t ENTITYID_TL_SVC_REQ_WRITER_SECURE = {{0xff, 0x03, 0x00}, 0xc3 }; - const EntityId_t ENTITYID_TL_SVC_REQ_READER_SECURE = {{0xff, 0x03, 0x00}, 0xc4 }; - const EntityId_t ENTITYID_TL_SVC_REPLY_WRITER_SECURE = {{0xff, 0x03, 0x01}, 0xc3 }; - const EntityId_t ENTITYID_TL_SVC_REPLY_READER_SECURE = {{0xff, 0x03, 0x01}, 0xc4 }; + const EntityId_t ENTITYID_TL_SVC_REQ_SECURE_WRITER = {{0xff, 0x03, 0x00}, 0xc3}; + const EntityId_t ENTITYID_TL_SVC_REQ_SECURE_READER = {{0xff, 0x03, 0x00}, 0xc4}; + const EntityId_t ENTITYID_TL_SVC_REPLY_SECURE_WRITER = {{0xff, 0x03, 0x01}, 0xc3}; + const EntityId_t ENTITYID_TL_SVC_REPLY_SECURE_READER = {{0xff, 0x03, 0x01}, 0xc4}; ///@} const DDS::Security::ParticipantSecurityInfo PARTICIPANT_SECURITY_ATTRIBUTES_INFO_DEFAULT = {0, 0}; const DDS::Security::EndpointSecurityInfo ENDPOINT_SECURITY_ATTRIBUTES_INFO_DEFAULT = {0, 0}; #endif - // end of EntityId section // For messages we create, the "octetsToInlineQoS" value will be constant. const ACE_CDR::UShort DATA_OCTETS_TO_IQOS = 16; diff --git a/dds/DCPS/RTPS/Sedp.cpp b/dds/DCPS/RTPS/Sedp.cpp index df01dd89473..d1435113d4b 100644 --- a/dds/DCPS/RTPS/Sedp.cpp +++ b/dds/DCPS/RTPS/Sedp.cpp @@ -351,9 +351,9 @@ Sedp::Sedp(const GUID_t& participant_id, Spdp& owner, ACE_Thread_Mutex& lock) make_id(participant_id, ENTITYID_TL_SVC_REPLY_WRITER), ref(*this))) #if OPENDDS_CONFIG_SECURITY , type_lookup_request_secure_writer_(make_rch( - make_id(participant_id, ENTITYID_TL_SVC_REQ_WRITER_SECURE), ref(*this))) + make_id(participant_id, ENTITYID_TL_SVC_REQ_SECURE_WRITER), ref(*this))) , type_lookup_reply_secure_writer_(make_rch( - make_id(participant_id, ENTITYID_TL_SVC_REPLY_WRITER_SECURE), ref(*this))) + make_id(participant_id, ENTITYID_TL_SVC_REPLY_SECURE_WRITER), ref(*this))) #endif , publications_reader_(make_rch( make_id(participant_id, ENTITYID_SEDP_BUILTIN_PUBLICATIONS_READER), ref(*this))) @@ -385,9 +385,9 @@ Sedp::Sedp(const GUID_t& participant_id, Spdp& owner, ACE_Thread_Mutex& lock) make_id(participant_id, ENTITYID_TL_SVC_REPLY_READER), ref(*this))) #if OPENDDS_CONFIG_SECURITY , type_lookup_request_secure_reader_(make_rch( - make_id(participant_id, ENTITYID_TL_SVC_REQ_READER_SECURE), ref(*this))) + make_id(participant_id, ENTITYID_TL_SVC_REQ_SECURE_READER), ref(*this))) , type_lookup_reply_secure_reader_(make_rch( - make_id(participant_id, ENTITYID_TL_SVC_REPLY_READER_SECURE), ref(*this))) + make_id(participant_id, ENTITYID_TL_SVC_REPLY_SECURE_READER), ref(*this))) , ice_agent_(ICE::Agent::instance()) , publication_agent_info_listener_(DCPS::make_rch(ref(*this))) , subscription_agent_info_listener_(DCPS::make_rch(ref(*this))) @@ -617,20 +617,20 @@ Sedp::init(const GUID_t& guid, } #if OPENDDS_CONFIG_SECURITY - if (xbep & DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE) { + if (xbep & DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER) { type_lookup_request_secure_writer_->set_crypto_handles(spdp_.crypto_handle()); type_lookup_request_secure_writer_->enable_transport_using_config(reliable, nondurable, transport_cfg_, 0); } - if (xbep & DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE) { + if (xbep & DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER) { type_lookup_request_secure_reader_->set_crypto_handles(spdp_.crypto_handle()); type_lookup_request_secure_reader_->enable_transport_using_config(reliable, nondurable, transport_cfg_, 0); } - if (xbep & DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE) { + if (xbep & DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER) { type_lookup_reply_secure_writer_->set_crypto_handles(spdp_.crypto_handle()); type_lookup_reply_secure_writer_->enable_transport_using_config(reliable, nondurable, transport_cfg_, 0); } - if (xbep & DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE) { + if (xbep & DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER) { type_lookup_reply_secure_reader_->set_crypto_handles(spdp_.crypto_handle()); type_lookup_reply_secure_reader_->enable_transport_using_config(reliable, nondurable, transport_cfg_, 0); } @@ -1231,31 +1231,31 @@ Sedp::associate(DiscoveredParticipant& participant participant.builtin_pending_records_.push_back(record); } - if ((local_available_extended & TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE) && - (remote_available_extended & TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE)) { + if ((local_available_extended & TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER) && + (remote_available_extended & TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER)) { BuiltinAssociationRecord record(type_lookup_request_secure_reader_, - make_id(participant.pdata_.participantProxy.guidPrefix, ENTITYID_TL_SVC_REQ_WRITER_SECURE), + make_id(participant.pdata_.participantProxy.guidPrefix, ENTITYID_TL_SVC_REQ_SECURE_WRITER), AC_REMOTE_RELIABLE | AC_GENERATE_REMOTE_MATCHED_CRYPTO_HANDLE | (participant_sec_attr.is_discovery_protected ? AC_SEND_LOCAL_TOKEN : AC_EMPTY)); participant.builtin_pending_records_.push_back(record); } - if ((local_available_extended & TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE) && - (remote_available_extended & TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE)) { + if ((local_available_extended & TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER) && + (remote_available_extended & TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER)) { BuiltinAssociationRecord record(type_lookup_request_secure_writer_, - make_id(participant.pdata_.participantProxy.guidPrefix, ENTITYID_TL_SVC_REQ_READER_SECURE), + make_id(participant.pdata_.participantProxy.guidPrefix, ENTITYID_TL_SVC_REQ_SECURE_READER), AC_REMOTE_RELIABLE | AC_GENERATE_REMOTE_MATCHED_CRYPTO_HANDLE | (participant_sec_attr.is_discovery_protected ? AC_SEND_LOCAL_TOKEN : AC_EMPTY)); participant.builtin_pending_records_.push_back(record); } - if ((local_available_extended & TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE) && - (remote_available_extended & TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE)) { + if ((local_available_extended & TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER) && + (remote_available_extended & TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER)) { BuiltinAssociationRecord record(type_lookup_reply_secure_reader_, - make_id(participant.pdata_.participantProxy.guidPrefix, ENTITYID_TL_SVC_REPLY_WRITER_SECURE), + make_id(participant.pdata_.participantProxy.guidPrefix, ENTITYID_TL_SVC_REPLY_SECURE_WRITER), AC_REMOTE_RELIABLE | AC_GENERATE_REMOTE_MATCHED_CRYPTO_HANDLE | (participant_sec_attr.is_discovery_protected ? AC_SEND_LOCAL_TOKEN : AC_EMPTY)); participant.builtin_pending_records_.push_back(record); } - if ((local_available_extended & TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE) && - (remote_available_extended & TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE)) { + if ((local_available_extended & TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER) && + (remote_available_extended & TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER)) { BuiltinAssociationRecord record(type_lookup_reply_secure_writer_, - make_id(participant.pdata_.participantProxy.guidPrefix, ENTITYID_TL_SVC_REPLY_READER_SECURE), + make_id(participant.pdata_.participantProxy.guidPrefix, ENTITYID_TL_SVC_REPLY_SECURE_READER), AC_REMOTE_RELIABLE | AC_GENERATE_REMOTE_MATCHED_CRYPTO_HANDLE | (participant_sec_attr.is_discovery_protected ? AC_SEND_LOCAL_TOKEN : AC_EMPTY)); participant.builtin_pending_records_.push_back(record); } @@ -1623,10 +1623,10 @@ Sedp::disassociate(DiscoveredParticipant& participant) ENTITYID_P2P_BUILTIN_PARTICIPANT_VOLATILE_SECURE_WRITER, ENTITYID_SPDP_RELIABLE_BUILTIN_PARTICIPANT_SECURE_READER, ENTITYID_SPDP_RELIABLE_BUILTIN_PARTICIPANT_SECURE_WRITER, - ENTITYID_TL_SVC_REQ_WRITER_SECURE, - ENTITYID_TL_SVC_REQ_READER_SECURE, - ENTITYID_TL_SVC_REPLY_WRITER_SECURE, - ENTITYID_TL_SVC_REPLY_READER_SECURE + ENTITYID_TL_SVC_REQ_SECURE_WRITER, + ENTITYID_TL_SVC_REQ_SECURE_READER, + ENTITYID_TL_SVC_REPLY_SECURE_WRITER, + ENTITYID_TL_SVC_REPLY_SECURE_READER }; for (size_t i = 0; i < DCPS::array_count(secure_entities); ++i) { remove_remote_crypto_handle(part, secure_entities[i]); @@ -1809,20 +1809,20 @@ Sedp::update_locators(const ParticipantData_t& pdata) const DDS::Security::ExtendedBuiltinEndpointSet_t& extended_avail = pdata.participantProxy.availableExtendedBuiltinEndpoints; - if (extended_avail & DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE) { - remote_id.entityId = ENTITYID_TL_SVC_REQ_WRITER_SECURE; + if (extended_avail & DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER) { + remote_id.entityId = ENTITYID_TL_SVC_REQ_SECURE_WRITER; transport_inst_->update_locators(remote_id, remote_data, get_domain_id(), 0); } - if (extended_avail & DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE) { - remote_id.entityId = ENTITYID_TL_SVC_REQ_READER_SECURE; + if (extended_avail & DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER) { + remote_id.entityId = ENTITYID_TL_SVC_REQ_SECURE_READER; transport_inst_->update_locators(remote_id, remote_data, get_domain_id(), 0); } - if (extended_avail & DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE) { - remote_id.entityId = ENTITYID_TL_SVC_REPLY_WRITER_SECURE; + if (extended_avail & DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER) { + remote_id.entityId = ENTITYID_TL_SVC_REPLY_SECURE_WRITER; transport_inst_->update_locators(remote_id, remote_data, get_domain_id(), 0); } - if (extended_avail & DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE) { - remote_id.entityId = ENTITYID_TL_SVC_REPLY_READER_SECURE; + if (extended_avail & DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER) { + remote_id.entityId = ENTITYID_TL_SVC_REPLY_SECURE_READER; transport_inst_->update_locators(remote_id, remote_data, get_domain_id(), 0); } #endif @@ -3029,9 +3029,9 @@ Sedp::association_complete_i(const GUID_t& localId, spdp_.send_participant_crypto_tokens(remoteId); send_builtin_crypto_tokens(remoteId); resend_user_crypto_tokens(remoteId); - } else if (remoteId.entityId == ENTITYID_TL_SVC_REQ_READER_SECURE) { + } else if (remoteId.entityId == ENTITYID_TL_SVC_REQ_SECURE_READER) { type_lookup_request_secure_writer_->send_deferred_samples(remoteId); - } else if (remoteId.entityId == ENTITYID_TL_SVC_REPLY_READER_SECURE) { + } else if (remoteId.entityId == ENTITYID_TL_SVC_REPLY_SECURE_READER) { type_lookup_reply_secure_writer_->send_deferred_samples(remoteId); } else #endif @@ -3146,7 +3146,7 @@ bool Sedp::send_type_lookup_request(const XTypes::TypeIdentifierSeq& type_ids, #if OPENDDS_CONFIG_SECURITY if (is_security_enabled() && is_discovery_protected) { writer = type_lookup_request_secure_writer_; - remote_reader = make_id(reader, ENTITYID_TL_SVC_REQ_READER_SECURE); + remote_reader = make_id(reader, ENTITYID_TL_SVC_REQ_SECURE_READER); } #else ACE_UNUSED_ARG(is_discovery_protected); @@ -4224,8 +4224,8 @@ Sedp::Reader::data_received(const DCPS::ReceivedDataSample& sample) entity_id == ENTITYID_TL_SVC_REQ_WRITER || entity_id == ENTITYID_TL_SVC_REPLY_WRITER || #if OPENDDS_CONFIG_SECURITY - entity_id == ENTITYID_TL_SVC_REQ_WRITER_SECURE || - entity_id == ENTITYID_TL_SVC_REPLY_WRITER_SECURE || + entity_id == ENTITYID_TL_SVC_REQ_SECURE_WRITER || + entity_id == ENTITYID_TL_SVC_REPLY_SECURE_WRITER || #endif false; if (is_mutable == is_final) { @@ -4584,8 +4584,8 @@ Sedp::TypeLookupRequestReader::data_received_i(const DCPS::ReceivedDataSample& s } #if OPENDDS_CONFIG_SECURITY - if (entity_id == ENTITYID_TL_SVC_REQ_WRITER_SECURE) { - const DCPS::GUID_t reader = make_id(sample.header_.publication_id_, ENTITYID_TL_SVC_REPLY_READER_SECURE); + if (entity_id == ENTITYID_TL_SVC_REQ_SECURE_WRITER) { + const DCPS::GUID_t reader = make_id(sample.header_.publication_id_, ENTITYID_TL_SVC_REPLY_SECURE_READER); if (!sedp_.type_lookup_reply_secure_writer_->send_type_lookup_reply(type_lookup_reply, reader)) { if (DCPS::DCPS_debug_level) { ACE_ERROR((LM_ERROR, ACE_TEXT("(%P|%t) ERROR: Sedp::TypeLookupRequestReader::data_received_i: ") @@ -4622,7 +4622,7 @@ void Sedp::TypeLookupReplyReader::data_received_i( } #if OPENDDS_CONFIG_SECURITY - if (remote_id == ENTITYID_TL_SVC_REPLY_WRITER_SECURE) { + if (remote_id == ENTITYID_TL_SVC_REPLY_SECURE_WRITER) { if (!process_type_lookup_reply(sample, ser, true)) { if (DCPS::DCPS_debug_level) { ACE_ERROR((LM_ERROR, ACE_TEXT("(%P|%t) ERROR: Sedp::TypeLookupReplyReader::data_received_i: ") diff --git a/dds/DCPS/RTPS/Spdp.cpp b/dds/DCPS/RTPS/Spdp.cpp index d0e3ba52877..f6434f102ab 100644 --- a/dds/DCPS/RTPS/Spdp.cpp +++ b/dds/DCPS/RTPS/Spdp.cpp @@ -208,10 +208,10 @@ void Spdp::init(DDS::DomainId_t /*domain*/, if (enable_type_lookup_service) { available_extended_builtin_endpoints_ = - TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE | - TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE | - TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE | - TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE; + TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER | + TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER | + TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER | + TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER; } } #endif @@ -1263,8 +1263,8 @@ DDS::OctetSeq Spdp::local_participant_data_as_octets() const if (participant_sec_attr_.is_discovery_protected) { pbtds.base.security_info.participant_security_attributes |= DDS::Security::PARTICIPANT_SECURITY_ATTRIBUTES_FLAG_IS_DISCOVERY_PROTECTED; pbtds.base.extended_builtin_endpoints = - DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE | DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE | - DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE | DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE; + DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER | DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER | + DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER | DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER; } if (participant_sec_attr_.is_liveliness_protected) { pbtds.base.security_info.participant_security_attributes |= DDS::Security::PARTICIPANT_SECURITY_ATTRIBUTES_FLAG_IS_LIVELINESS_PROTECTED; @@ -4156,24 +4156,24 @@ void Spdp::start_ice(DCPS::WeakRcHandle endpoint, GUID_t r, Built r.entityId = ENTITYID_SPDP_RELIABLE_BUILTIN_PARTICIPANT_SECURE_READER; ice_agent_->start_ice(endpoint, l, r, agent_info); } - if (extended_avail & TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE) { - l.entityId = ENTITYID_TL_SVC_REQ_READER_SECURE; - r.entityId = ENTITYID_TL_SVC_REQ_WRITER_SECURE; + if (extended_avail & TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER) { + l.entityId = ENTITYID_TL_SVC_REQ_SECURE_READER; + r.entityId = ENTITYID_TL_SVC_REQ_SECURE_WRITER; ice_agent_->start_ice(endpoint, l, r, agent_info); } - if (extended_avail & TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE) { - l.entityId = ENTITYID_TL_SVC_REQ_WRITER_SECURE; - r.entityId = ENTITYID_TL_SVC_REQ_READER_SECURE; + if (extended_avail & TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER) { + l.entityId = ENTITYID_TL_SVC_REQ_SECURE_WRITER; + r.entityId = ENTITYID_TL_SVC_REQ_SECURE_READER; ice_agent_->start_ice(endpoint, l, r, agent_info); } - if (extended_avail & TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE) { - l.entityId = ENTITYID_TL_SVC_REPLY_READER_SECURE; - r.entityId = ENTITYID_TL_SVC_REPLY_WRITER_SECURE; + if (extended_avail & TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER) { + l.entityId = ENTITYID_TL_SVC_REPLY_SECURE_READER; + r.entityId = ENTITYID_TL_SVC_REPLY_SECURE_WRITER; ice_agent_->start_ice(endpoint, l, r, agent_info); } - if (extended_avail & TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE) { - l.entityId = ENTITYID_TL_SVC_REPLY_WRITER_SECURE; - r.entityId = ENTITYID_TL_SVC_REPLY_READER_SECURE; + if (extended_avail & TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER) { + l.entityId = ENTITYID_TL_SVC_REPLY_SECURE_WRITER; + r.entityId = ENTITYID_TL_SVC_REPLY_SECURE_READER; ice_agent_->start_ice(endpoint, l, r, agent_info); } } @@ -4296,24 +4296,24 @@ void Spdp::stop_ice(DCPS::WeakRcHandle endpoint, DCPS::GUID_t r, r.entityId = ENTITYID_SPDP_RELIABLE_BUILTIN_PARTICIPANT_SECURE_READER; ice_agent_->stop_ice(endpoint, l, r); } - if (extended_avail & TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE) { - l.entityId = ENTITYID_TL_SVC_REQ_READER_SECURE; - r.entityId = ENTITYID_TL_SVC_REQ_WRITER_SECURE; + if (extended_avail & TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER) { + l.entityId = ENTITYID_TL_SVC_REQ_SECURE_READER; + r.entityId = ENTITYID_TL_SVC_REQ_SECURE_WRITER; ice_agent_->stop_ice(endpoint, l, r); } - if (extended_avail & TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE) { - l.entityId = ENTITYID_TL_SVC_REQ_WRITER_SECURE; - r.entityId = ENTITYID_TL_SVC_REQ_READER_SECURE; + if (extended_avail & TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER) { + l.entityId = ENTITYID_TL_SVC_REQ_SECURE_WRITER; + r.entityId = ENTITYID_TL_SVC_REQ_SECURE_READER; ice_agent_->stop_ice(endpoint, l, r); } - if (extended_avail & TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE) { - l.entityId = ENTITYID_TL_SVC_REPLY_READER_SECURE; - r.entityId = ENTITYID_TL_SVC_REPLY_WRITER_SECURE; + if (extended_avail & TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER) { + l.entityId = ENTITYID_TL_SVC_REPLY_SECURE_READER; + r.entityId = ENTITYID_TL_SVC_REPLY_SECURE_WRITER; ice_agent_->stop_ice(endpoint, l, r); } - if (extended_avail & TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE) { - l.entityId = ENTITYID_TL_SVC_REPLY_WRITER_SECURE; - r.entityId = ENTITYID_TL_SVC_REPLY_READER_SECURE; + if (extended_avail & TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER) { + l.entityId = ENTITYID_TL_SVC_REPLY_SECURE_WRITER; + r.entityId = ENTITYID_TL_SVC_REPLY_SECURE_READER; ice_agent_->stop_ice(endpoint, l, r); } } diff --git a/dds/DdsSecurityCore.idl b/dds/DdsSecurityCore.idl index 1cb33d1dfb1..31e62e82062 100644 --- a/dds/DdsSecurityCore.idl +++ b/dds/DdsSecurityCore.idl @@ -112,11 +112,10 @@ module DDS { // in this and following structs, 'base' is used in place of struct inheritance DDS::ParticipantBuiltinTopicData base; - IdentityToken identity_token; - PermissionsToken permissions_token; + IdentityToken identity_token; + PermissionsToken permissions_token; PropertyQosPolicy property; - ParticipantSecurityInfo security_info; - // https://issues.omg.org/browse/DDSSEC12-87 + ParticipantSecurityInfo security_info; ExtendedBuiltinEndpointSet_t extended_builtin_endpoints; }; diff --git a/dds/DdsSecurityParams.idl b/dds/DdsSecurityParams.idl index 69c7935a080..0cd86bf99f0 100644 --- a/dds/DdsSecurityParams.idl +++ b/dds/DdsSecurityParams.idl @@ -32,7 +32,6 @@ module DDS { const ParameterId_t PID_ENDPOINT_SECURITY_INFO = 0x1004; const ParameterId_t PID_PARTICIPANT_SECURITY_INFO = 0x1005; const ParameterId_t PID_IDENTITY_STATUS_TOKEN = 0x1006; - // https://issues.omg.org/browse/DDSSEC12-87 const ParameterId_t PID_EXTENDED_BUILTIN_ENDPOINTS = 0x1007; struct DataHolder { @@ -116,12 +115,11 @@ module DDS { const BuiltinEndpointSet_t SPDP_BUILTIN_PARTICIPANT_SECURE_WRITER = 1 << 26; const BuiltinEndpointSet_t SPDP_BUILTIN_PARTICIPANT_SECURE_READER = 1 << 27; - // https://issues.omg.org/browse/DDSSEC12-87 typedef unsigned long ExtendedBuiltinEndpointSet_t; - const ExtendedBuiltinEndpointSet_t TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE = 1 << 0; - const ExtendedBuiltinEndpointSet_t TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE = 1 << 1; - const ExtendedBuiltinEndpointSet_t TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE = 1 << 2; - const ExtendedBuiltinEndpointSet_t TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE = 1 << 3; + const ExtendedBuiltinEndpointSet_t TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER = 1 << 0; + const ExtendedBuiltinEndpointSet_t TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER = 1 << 1; + const ExtendedBuiltinEndpointSet_t TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER = 1 << 2; + const ExtendedBuiltinEndpointSet_t TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER = 1 << 3; }; }; diff --git a/docs/devguide/xtypes.rst b/docs/devguide/xtypes.rst index 27604c388b7..2c0eafcd88a 100644 --- a/docs/devguide/xtypes.rst +++ b/docs/devguide/xtypes.rst @@ -1604,8 +1604,6 @@ Differences From the Specification * :omgissue:`Default data representation is XCDR2 ` -* :omgissue:`Type Lookup Service when using DDS Security ` - * :omgissue:`Anonymous types in Strongly Connected Components ` * :omgissue:`Meaning of ignore_member_names in TypeConsistencyEnforcement ` diff --git a/tests/security/ConcurrentAuthLimit/ConcurrentAuthLimit.cpp b/tests/security/ConcurrentAuthLimit/ConcurrentAuthLimit.cpp index 2faff3d81ca..dec943c73bf 100644 --- a/tests/security/ConcurrentAuthLimit/ConcurrentAuthLimit.cpp +++ b/tests/security/ConcurrentAuthLimit/ConcurrentAuthLimit.cpp @@ -82,10 +82,10 @@ participant_data(DDS::DomainId_t domain, DDS::Security::SPDP_BUILTIN_PARTICIPANT_SECURE_READER; const DDS::Security::ExtendedBuiltinEndpointSet_t availableExtendedBuiltinEndpoints = - DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE | - DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE | - DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE | - DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE; + DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER | + DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER | + DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER | + DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER; ACE_INET_Addr bogus(12345, "127.0.0.1"); OpenDDS::DCPS::LocatorSeq nonEmptyList(1); diff --git a/tests/transport/spdp/spdp_transport.cpp b/tests/transport/spdp/spdp_transport.cpp index 1793fab50f4..a6304da0467 100644 --- a/tests/transport/spdp/spdp_transport.cpp +++ b/tests/transport/spdp/spdp_transport.cpp @@ -363,10 +363,10 @@ bool run_test() #if OPENDDS_CONFIG_SECURITY const DDS::Security::ExtendedBuiltinEndpointSet_t availableExtendedBuiltinEndpoints = - DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_WRITER_SECURE | - DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_WRITER_SECURE | - DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_READER_SECURE | - DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_READER_SECURE; + DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_SECURE_WRITER | + DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_SECURE_WRITER | + DDS::Security::TYPE_LOOKUP_SERVICE_REQUEST_SECURE_READER | + DDS::Security::TYPE_LOOKUP_SERVICE_REPLY_SECURE_READER; #endif OpenDDS::DCPS::LocatorSeq nonEmptyList(1);