Skip to content

Commit

Permalink
Avoid exporting "openssl_init" (#1307)
Browse files Browse the repository at this point in the history 
* Refs #8913 Avoid exporting "openssl_init".

* Uncrustify

* Fixing not found header in Mac/Windows.
  • Loading branch information
Luis Gasco authored Jul 23, 2020
1 parent 3ddc34b commit 40568fa
Show file tree
Hide file tree
Showing 10 changed files with 171 additions and 134 deletions.
5 changes: 2 additions & 3 deletions src/cpp/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@ set(${PROJECT_NAME}_source_files
rtps/reader/StatelessPersistentReader.cpp
rtps/reader/StatefulPersistentReader.cpp
rtps/persistence/PersistenceFactory.cpp

utils/IPFinder.cpp
utils/md5.cpp
utils/StringMatching.cpp
Expand Down Expand Up @@ -239,7 +239,6 @@ set(${PROJECT_NAME}_security_source_files
rtps/security/logging/Logging.cpp
rtps/security/SecurityManager.cpp
rtps/security/SecurityPluginFactory.cpp
security/OpenSSLInit.cpp
security/authentication/PKIDH.cpp
security/accesscontrol/Permissions.cpp
security/cryptography/AESGCMGMAC.cpp
Expand Down Expand Up @@ -355,7 +354,7 @@ elseif(NOT EPROSIMA_INSTALLER)
set_target_properties(${PROJECT_NAME} PROPERTIES SOVERSION ${PROJECT_VERSION_MAJOR})

option(INTERNAL_DEBUG "Activate developer debug messages" OFF)

target_compile_definitions(${PROJECT_NAME} PRIVATE
${PROJECT_NAME_UPPER}_SOURCE
BOOST_ASIO_STANDALONE
Expand Down
69 changes: 36 additions & 33 deletions src/cpp/rtps/security/SecurityManager.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
*/

#include <rtps/security/SecurityManager.h>
#include <security/OpenSSLInit.hpp>

// TODO Include relative path and fix SecurityTest
//#include <fastrtps_deprecated/participant/ParticipantImpl.h>
Expand Down Expand Up @@ -114,6 +115,7 @@ SecurityManager::SecurityManager(
participant->getRTPSParticipantAttributes().allocation.data_limits)
{
assert(participant != nullptr);
static OpenSSLInit openssl_init;
}

SecurityManager::~SecurityManager()
Expand Down Expand Up @@ -147,7 +149,8 @@ bool SecurityManager::init(
log_options.log_level = LoggingLevel::ERROR_LEVEL;
log_options.log_file = "";

const auto init_logging_fail = [this](SecurityException& exception){
const auto init_logging_fail = [this](SecurityException& exception)
{
logError(SECURITY, "Logging plugin not configured. Security logging will be disabled. ("
<< exception.what() << ").");
delete logging_plugin_;
Expand Down Expand Up @@ -341,9 +344,9 @@ bool SecurityManager::init(
{
SecurityException logging_exception;
logging_plugin_->log(LoggingLevel::INFORMATIONAL_LEVEL,
"Cryptography plugin not configured",
"SecurityManager,init",
logging_exception);
"Cryptography plugin not configured",
"SecurityManager,init",
logging_exception);
}
else
{
Expand Down Expand Up @@ -375,9 +378,9 @@ bool SecurityManager::init(
{
SecurityException logging_exception;
logging_plugin_->log(LoggingLevel::INFORMATIONAL_LEVEL,
"Authentication plugin not configured. Security will be disable",
"SecurityManager,init",
logging_exception);
"Authentication plugin not configured. Security will be disable",
"SecurityManager,init",
logging_exception);
}
else
{
Expand Down Expand Up @@ -838,10 +841,10 @@ bool SecurityManager::on_process_handshake(
participant_data.m_guid, *handshake_message);

CacheChange_t* change = participant_stateless_message_writer_->new_change([&message]() -> uint32_t
{
return static_cast<uint32_t>(ParticipantGenericMessageHelper::serialized_size(message)
+ 4 /*encapsulation*/);
}
{
return static_cast<uint32_t>(ParticipantGenericMessageHelper::serialized_size(message)
+ 4 /*encapsulation*/);
}
, ALIVE, c_InstanceHandle_Unknown);

if (change != nullptr)
Expand All @@ -863,7 +866,7 @@ bool SecurityManager::on_process_handshake(
aux_msg.msg_endian = LITTLEEND;
change->serializedPayload.encapsulation = PL_CDR_LE;
CDRMessage::addOctet(&aux_msg, CDR_LE);
#endif
#endif // if __BIG_ENDIAN__
CDRMessage::addUInt16(&aux_msg, 0);

if (CDRMessage::addParticipantGenericMessage(&aux_msg, message))
Expand Down Expand Up @@ -939,10 +942,10 @@ bool SecurityManager::on_process_handshake(
const GUID_t guid = participant_data.m_guid;
remote_participant_info->event_ = new TimedEvent(participant_->getEventResource(),
[&, guid]() -> bool
{
resend_handshake_message_token(guid);
return true;
},
{
resend_handshake_message_token(guid);
return true;
},
500); // TODO (Ricardo) Configurable
remote_participant_info->event_->restart_timer();
}
Expand Down Expand Up @@ -2012,10 +2015,10 @@ void SecurityManager::exchange_participant_crypto(

CacheChange_t* change = participant_volatile_message_secure_writer_->new_change(
[&message]() -> uint32_t
{
return static_cast<uint32_t>(ParticipantGenericMessageHelper::serialized_size(message)
+ 4 /*encapsulation*/);
}
{
return static_cast<uint32_t>(ParticipantGenericMessageHelper::serialized_size(message)
+ 4 /*encapsulation*/);
}
, ALIVE, c_InstanceHandle_Unknown);

if (change != nullptr)
Expand All @@ -2037,7 +2040,7 @@ void SecurityManager::exchange_participant_crypto(
aux_msg.msg_endian = LITTLEEND;
change->serializedPayload.encapsulation = PL_CDR_LE;
CDRMessage::addOctet(&aux_msg, CDR_LE);
#endif
#endif // if __BIG_ENDIAN__
CDRMessage::addUInt16(&aux_msg, 0);

if (CDRMessage::addParticipantGenericMessage(&aux_msg, message))
Expand Down Expand Up @@ -2779,11 +2782,11 @@ bool SecurityManager::discovered_reader(

CacheChange_t* change = participant_volatile_message_secure_writer_->new_change(
[&message]() -> uint32_t
{
return static_cast<uint32_t>(
ParticipantGenericMessageHelper::serialized_size(message)
+ 4 /*encapsulation*/);
}
{
return static_cast<uint32_t>(
ParticipantGenericMessageHelper::serialized_size(message)
+ 4 /*encapsulation*/);
}
, ALIVE, c_InstanceHandle_Unknown);

if (change != nullptr)
Expand All @@ -2805,7 +2808,7 @@ bool SecurityManager::discovered_reader(
aux_msg.msg_endian = LITTLEEND;
change->serializedPayload.encapsulation = PL_CDR_LE;
CDRMessage::addOctet(&aux_msg, CDR_LE);
#endif
#endif // if __BIG_ENDIAN__
CDRMessage::addUInt16(&aux_msg, 0);

if (CDRMessage::addParticipantGenericMessage(&aux_msg, message))
Expand Down Expand Up @@ -3116,11 +3119,11 @@ bool SecurityManager::discovered_writer(

CacheChange_t* change = participant_volatile_message_secure_writer_->new_change(
[&message]() -> uint32_t
{
return static_cast<uint32_t>(
ParticipantGenericMessageHelper::serialized_size(message)
+ 4 /*encapsulation*/);
}
{
return static_cast<uint32_t>(
ParticipantGenericMessageHelper::serialized_size(message)
+ 4 /*encapsulation*/);
}
, ALIVE, c_InstanceHandle_Unknown);

if (change != nullptr)
Expand All @@ -3142,7 +3145,7 @@ bool SecurityManager::discovered_writer(
aux_msg.msg_endian = LITTLEEND;
change->serializedPayload.encapsulation = PL_CDR_LE;
CDRMessage::addOctet(&aux_msg, CDR_LE);
#endif
#endif // if __BIG_ENDIAN__
CDRMessage::addUInt16(&aux_msg, 0);

if (CDRMessage::addParticipantGenericMessage(&aux_msg, message))
Expand Down
14 changes: 12 additions & 2 deletions src/cpp/security/OpenSSLInit.cpp → src/cpp/security/OpenSSLInit.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,20 @@
#include <openssl/rand.h>
#include <openssl/err.h>

namespace eprosima {
namespace fastrtps {
namespace rtps {
namespace security {

class OpenSSLInit
{
public:

OpenSSLInit()
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L
OpenSSL_add_all_algorithms();
#endif // if OPENSSL_VERSION_NUMBER < 0x10100000L
}

~OpenSSLInit()
Expand All @@ -18,7 +25,7 @@ class OpenSSLInit
ERR_remove_state(0);
#elif OPENSSL_VERSION_NUMBER < 0x10100000L
ERR_remove_thread_state(NULL);
#endif
#endif // if OPENSSL_VERSION_NUMBER < 0x10000000L
ENGINE_cleanup();
RAND_cleanup();
CRYPTO_cleanup_all_ex_data();
Expand All @@ -28,4 +35,7 @@ class OpenSSLInit

};

OpenSSLInit openssl_init;
} // namespace security
} // namespace rtps
} // namespace fastrtps
} // namespace eprosima
1 change: 0 additions & 1 deletion test/unittest/rtps/network/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,6 @@ if(NOT ((MSVC OR MSVC_IDE) AND EPROSIMA_INSTALLER))
${NETWORKFACTORYTESTS_SOURCE}
${PROJECT_SOURCE_DIR}/src/cpp/rtps/transport/TCPChannelResourceSecure.cpp
${PROJECT_SOURCE_DIR}/src/cpp/rtps/transport/TCPAcceptorSecure.cpp
${PROJECT_SOURCE_DIR}/src/cpp/security/OpenSSLInit.cpp
)
endif()

Expand Down
7 changes: 6 additions & 1 deletion test/unittest/rtps/security/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ if(NOT ((MSVC OR MSVC_IDE) AND EPROSIMA_INSTALLER))
target_compile_definitions(SecurityAuthentication PRIVATE FASTRTPS_NO_LIB)
target_include_directories(SecurityAuthentication PRIVATE
${GTEST_INCLUDE_DIRS} ${GMOCK_INCLUDE_DIRS}
${OPENSSL_INCLUDE_DIR}
${PROJECT_SOURCE_DIR}/test/mock/rtps/SecurityPluginFactory
${PROJECT_SOURCE_DIR}/test/mock/rtps/Endpoint
${PROJECT_SOURCE_DIR}/test/mock/rtps/RTPSParticipantImpl
Expand All @@ -79,7 +80,11 @@ if(NOT ((MSVC OR MSVC_IDE) AND EPROSIMA_INSTALLER))
${PROJECT_SOURCE_DIR}/include ${PROJECT_BINARY_DIR}/include
${PROJECT_SOURCE_DIR}/src/cpp
)
target_link_libraries(SecurityAuthentication fastcdr ${GTEST_LIBRARIES} ${GMOCK_LIBRARIES})
target_link_libraries(SecurityAuthentication fastcdr
${GTEST_LIBRARIES}
${GMOCK_LIBRARIES}
${OPENSSL_LIBRARIES}
)
add_gtest(SecurityAuthentication
SOURCES
${CMAKE_CURRENT_SOURCE_DIR}/SecurityInitializationTests.cpp
Expand Down
Loading

0 comments on commit 40568fa

Please sign in to comment.