-
Notifications
You must be signed in to change notification settings - Fork 783
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[20181] Hotfix: Secure simple participants with initialpeers
over TCP
match
#5071
Conversation
40eb072
to
890b0dd
Compare
890b0dd
to
c78b40b
Compare
238f832
to
e0e2cc9
Compare
e0e2cc9
to
1019a29
Compare
Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com>
Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com>
Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com>
Signed-off-by: Miguel Company <miguelcompany@eprosima.com>
Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com>
Signed-off-by: Miguel Company <miguelcompany@eprosima.com>
1019a29
to
13b778b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The new approach makes sense to me. It is cleaner. Thanks @MiguelCompany for the proposal. I am also testing in local for a corner case that made the test fail (using vpn) in my former approach that may also be overcome with this new one.
Local test with VPN passed, LGTM |
@Mergifyio backport 2.14.x 2.10.x |
✅ Backports have been created
|
…ch (#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: linter Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp
…ch (#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: linter Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp
…ch (eProsima#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: linter Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com> Signed-off-by: paxifaer <807128216@qq.com>
…ch (#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: linter Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp
…ch (#5071) (#5177) * Hotfix: Secure simple participants with `initialpeers` over `TCP` match (#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: linter Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp * Fix conflicts Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Mario Domínguez López <116071334+Mario-DL@users.noreply.github.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com>
…ch (#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: linter Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp
…ch (#5071) (#5176) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: linter Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com> (cherry picked from commit 3ca60e0) # Conflicts: # src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp # test/blackbox/common/BlackboxTestsSecurity.cpp Co-authored-by: Mario Domínguez López <116071334+Mario-DL@users.noreply.github.com>
…ch (eProsima#5071) (eProsima#5177) * Hotfix: Secure simple participants with `initialpeers` over `TCP` match (eProsima#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: linter Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com> (cherry picked from commit 3ca60e0) * Fix conflicts Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Mario Domínguez López <116071334+Mario-DL@users.noreply.github.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com>
…ch (eProsima#5071) (eProsima#5177) * Hotfix: Secure simple participants with `initialpeers` over `TCP` match (eProsima#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: linter Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com> (cherry picked from commit 3ca60e0) * Fix conflicts Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Mario Domínguez López <116071334+Mario-DL@users.noreply.github.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com>
…ch (eProsima#5071) (eProsima#5177) * Hotfix: Secure simple participants with `initialpeers` over `TCP` match (eProsima#5071) * Refs #20181: Add BB test Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: Add Fix Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181: linter Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> * Refs #20181. Pass in secure_endpoints as lambda capture. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. New approach. Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants. This resulted in some cases in the transport threads eating all CPU resources. The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> * Refs #20181. Unmatch non-secure before matching secure. Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com> Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com> (cherry picked from commit 3ca60e0) * Fix conflicts Signed-off-by: Miguel Company <miguelcompany@eprosima.com> --------- Signed-off-by: Miguel Company <miguelcompany@eprosima.com> Co-authored-by: Mario Domínguez López <116071334+Mario-DL@users.noreply.github.com> Co-authored-by: Miguel Company <miguelcompany@eprosima.com>
Description
This PR fixes a behavior that changed in f2e5ce making simple secure participants not match.
The
tcp client
sends itsDATA[P]
to the tcp server, the server starts the security handshake but the client is not able to accept the security handshake request because it does not have the discovery information from the server participant.@Mergifyio backport 2.14.x 2.10.x
Contributor Checklist
versions.md
file (if applicable).Reviewer Checklist