-
Notifications
You must be signed in to change notification settings - Fork 787
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[20181] Hotfix: Secure simple participants with initialpeers
over TCP
match
#5071
Conversation
40eb072
to
890b0dd
Compare
890b0dd
to
c78b40b
Compare
238f832
to
e0e2cc9
Compare
e0e2cc9
to
1019a29
Compare
Signed-off-by: Mario Dominguez <[email protected]>
Signed-off-by: Mario Dominguez <[email protected]>
Signed-off-by: Mario Dominguez <[email protected]>
Signed-off-by: Miguel Company <[email protected]>
Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]>
Signed-off-by: Miguel Company <[email protected]>
1019a29
to
13b778b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The new approach makes sense to me. It is cleaner. Thanks @MiguelCompany for the proposal. I am also testing in local for a corner case that made the test fail (using vpn) in my former approach that may also be overcome with this new one.
Local test with VPN passed, LGTM |
@Mergifyio backport 2.14.x 2.10.x |
✅ Backports have been created
|
…ch (#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: linter Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Mario Dominguez <[email protected]> Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Miguel Company <[email protected]> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp
…ch (#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: linter Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Mario Dominguez <[email protected]> Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Miguel Company <[email protected]> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp
…ch (eProsima#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: linter Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Mario Dominguez <[email protected]> Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Miguel Company <[email protected]> Signed-off-by: paxifaer <[email protected]>
…ch (#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: linter Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Mario Dominguez <[email protected]> Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Miguel Company <[email protected]> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp
…ch (#5071) (#5177) * Hotfix: Secure simple participants with `initialpeers` over `TCP` match (#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: linter Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Mario Dominguez <[email protected]> Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Miguel Company <[email protected]> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp * Fix conflicts Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Mario Domínguez López <[email protected]> Co-authored-by: Miguel Company <[email protected]>
…ch (#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: linter Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Mario Dominguez <[email protected]> Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Miguel Company <[email protected]> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp
…ch (#5071) (#5176) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: linter Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Mario Dominguez <[email protected]> Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Miguel Company <[email protected]> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp Co-authored-by: Mario Domínguez López <[email protected]>
…ch (eProsima#5071) (eProsima#5177) * Hotfix: Secure simple participants with `initialpeers` over `TCP` match (eProsima#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: linter Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Mario Dominguez <[email protected]> Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Miguel Company <[email protected]> (cherry picked from commit 3ca60e0) * Fix conflicts Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Mario Domínguez López <[email protected]> Co-authored-by: Miguel Company <[email protected]>
…ch (eProsima#5071) (eProsima#5177) * Hotfix: Secure simple participants with `initialpeers` over `TCP` match (eProsima#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: linter Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Mario Dominguez <[email protected]> Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Miguel Company <[email protected]> (cherry picked from commit 3ca60e0) * Fix conflicts Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Mario Domínguez López <[email protected]> Co-authored-by: Miguel Company <[email protected]>
…ch (eProsima#5071) (eProsima#5177) * Hotfix: Secure simple participants with `initialpeers` over `TCP` match (eProsima#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181: linter Signed-off-by: Mario Dominguez <[email protected]> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <[email protected]> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Mario Dominguez <[email protected]> Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Miguel Company <[email protected]> (cherry picked from commit 3ca60e0) * Fix conflicts Signed-off-by: Miguel Company <[email protected]> --------- Signed-off-by: Miguel Company <[email protected]> Co-authored-by: Mario Domínguez López <[email protected]> Co-authored-by: Miguel Company <[email protected]>
Description
This PR fixes a behavior that changed in f2e5ce making simple secure participants not match.
The
tcp client
sends itsDATA[P]
to the tcp server, the server starts the security handshake but the client is not able to accept the security handshake request because it does not have the discovery information from the server participant.@Mergifyio backport 2.14.x 2.10.x
Contributor Checklist
versions.md
file (if applicable).Reviewer Checklist