Merge branch 'security'

Atostek · Nov 3, 2023 · 5b03cc8 · 5b03cc8
2 parents 526519a + a8d7aa2
commit 5b03cc8
Show file tree

Hide file tree

Showing 27 changed files with 883 additions and 724 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -14,9 +14,9 @@ Please see the [DDS Security Specification](https://www.omg.org/spec/DDS-SECURIT
 
 In order to use the security functionality, enable the Cargo feature `security` in RustDDS. By default, it is not enabled, because it adds a large body of code and some processing overhead.
 
-Security needs to be confgured in order to be used. There are several mandatory configuration files that need to be supplied to RustDDS. These configuration files and their format and semantics are not unique to RustDDS, but specified in the OMG DDS Security specification. The security configration files should also be interoperable between compliant DDS implementations.
+Security needs to be configured in order to be used. There are several mandatory configuration files that need to be supplied to RustDDS. These configuration files and their format and semantics are not unique to RustDDS, but specified in the OMG DDS Security specification. The security configuration files should also be interoperable between compliant DDS implementations.
 
-Configuring security for DomainParticipants needs two Certification Authority roles, or CAs. A CA is someone who has the ability to issue and sign the various configuration files. The two CAs are the Identity Certification Authority and the Permissions Certificate Authority. 
+Configuring security for DomainParticipants needs two Certificate Authority roles, or CAs. A CA is someone who has the ability to issue and sign the various configuration files. The two CAs are the Identity Certificate Authority and the Permissions Certificate Authority. 
 
 It is possible that a single CA performs both of these roles. This is a matter of security configuration.
 
@@ -35,8 +35,8 @@ The following security configuration files are needed:
 
 * X.509 Certificate `.pem` file
 * This file gives the Subject Name and corresponding public key for a DomainParticipant.
-* Signed by Identity CA.
-* Not secret. Sent as plaintext to other DomainParticiapnts during authentication.
+* Signed by the Identity CA.
+* Not secret. Sent as plaintext to other DomainParticipants during authentication.
 
 ## Participant Private Key
 
@@ -46,8 +46,8 @@ The following security configuration files are needed:
 
 ## Permissions CA Certificate
 
-* Used to verify the auhenticity of permisisons documents, both our own and those presented to us over the authentication protocol.
-* X.509 Certificate (`.pem`)
+* Used to verify the authenticity of permissions documents, both our own and those presented to us over the authentication protocol.
+* X.509 Certificate `.pem` file
 
 ## Participant Permissions
 

diff --git a/examples/async_shapes_demo/main.rs b/examples/async_shapes_demo/main.rs
@@ -57,6 +57,7 @@ fn main() {
     .cloned()
     .unwrap_or("BLUE".to_owned());
 
+  // Domain Participant
   let domain_participant = DomainParticipant::new(*domain_id)
     .unwrap_or_else(|e| panic!("DomainParticipant construction failed: {e:?}"));
 
@@ -131,11 +132,12 @@ fn main() {
   );
 
   // Set Ctrl-C handler
-  let (stop_sender, stop_receiver) = smol::channel::bounded(2);
+  let (stop_sender, stop_receiver) = smol::channel::bounded(3);
   ctrlc::set_handler(move || {
     // We will send two stop coammnds, one for reader, the other for writer.
     stop_sender.send_blocking(()).unwrap_or(());
     stop_sender.send_blocking(()).unwrap_or(());
+    stop_sender.send_blocking(()).unwrap_or(());
     // ignore errors, as we are quitting anyway
   })
   .expect("Error setting Ctrl-C handler");
@@ -188,6 +190,22 @@ fn main() {
     random_gen.gen_range(-5..-1)
   };
 
+  let dp_event_loop = async {
+    let mut run = true;
+    let mut stop = stop_receiver.recv().fuse();
+    let dp_status_listener = domain_participant.status_listener();
+    let mut dp_status_stream = dp_status_listener.as_async_stream();
+
+    while run {
+      futures::select! {
+        _ = stop => run = false,
+        e = dp_status_stream.select_next_some() => {
+          println!("DP Status: {e:?}");
+        }
+      } // select!
+    } // while
+  };
+
   let read_loop = async {
     match reader_opt {
       None => (),
@@ -263,7 +281,7 @@ fn main() {
   };
 
   // Run both read and write concurrently, until both are done.
-  smol::block_on(async { futures::join!(read_loop, write_loop) });
+  smol::block_on(async { futures::join!(read_loop, write_loop, dp_event_loop) });
 }
 
 fn configure_logging() {

diff --git a/prepare-for-commit.sh b/prepare-for-commit.sh
@@ -8,6 +8,6 @@ cargo +nightly fmt
 echo cargo +nightly clippy --tests --examples
 cargo +nightly clippy --tests --examples
 
-# Run linter without default features (=without security in the security branch)
-echo cargo +nightly clippy --no-default-features --tests --examples
-cargo +nightly clippy --no-default-features --tests --examples
+# Run linter with all features, including security
+echo cargo +nightly clippy --tests --examples --all-features
+cargo +nightly clippy --tests --examples --all-features