Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[20181] Hotfix: Secure simple participants with initialpeers over TCP match (backport #5071) #5177

Merged
merged 2 commits into from
Sep 20, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Aug 27, 2024

Description

This PR fixes a behavior that changed in f2e5ce making simple secure participants not match.

The tcp client sends its DATA[P] to the tcp server, the server starts the security handshake but the client is not able to accept the security handshake request because it does not have the discovery information from the server participant.

@Mergifyio backport 2.14.x 2.10.x

Contributor Checklist

  • Commit messages follow the project guidelines.

  • The code follows the style guidelines of this project.

  • Tests that thoroughly check the new feature have been added/Regression tests checking the bug and its fix have been added; the added tests pass locally

  • Any new/modified methods have been properly documented using Doxygen.

  • N/A Any new configuration API has an equivalent XML API (with the corresponding XSD extension)

  • Changes are backport compatible: they do NOT break ABI nor change library core behavior.

  • Changes are API compatible.

  • N/A New feature has been added to the versions.md file (if applicable).

  • N/A New feature has been documented/Current behavior is correctly described in the documentation.

  • Applicable backports have been included in the description.

Reviewer Checklist

  • The PR has a milestone assigned.
  • The title and description correctly express the PR's purpose.
  • Check contributor checklist is correct.
  • N/A If this is a critical bug fix, backports to the critical-only supported branches have been requested.
  • Check CI results: changes do not issue any warning.
  • Check CI results: failing tests are unrelated with the changes.

This is an automatic backport of pull request #5071 done by [Mergify](https://mergify.com).

@mergify mergify bot added the conflicts Backport PR wich git cherry pick failed label Aug 27, 2024
Copy link
Contributor Author

mergify bot commented Aug 27, 2024

Cherry-pick of 3ca60e0 has failed:

On branch mergify/bp/2.10.x/pr-5071
Your branch is up to date with 'origin/2.10.x'.

You are currently cherry-picking commit 3ca60e061.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   include/fastdds/rtps/builtin/discovery/participant/PDPSimple.h

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp
	both modified:   test/blackbox/common/BlackboxTestsSecurity.cpp

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

@JesusPoderoso JesusPoderoso added this to the v2.10.5 milestone Aug 28, 2024
@MiguelCompany MiguelCompany removed the conflicts Backport PR wich git cherry pick failed label Sep 3, 2024
@github-actions github-actions bot added ci-pending PR which CI is running labels Sep 3, 2024
@MiguelCompany MiguelCompany requested review from MiguelCompany and removed request for MiguelCompany September 5, 2024 06:27
@MiguelCompany
Copy link
Member

@Mergifyio rebase

Mario-DL and others added 2 commits September 18, 2024 12:27
…ch (#5071)

* Refs #20181: Add BB test

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181: Add Fix

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181: linter

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181. Pass in secure_endpoints as lambda capture.

Signed-off-by: Miguel Company <[email protected]>

* Refs #20181. New approach.

Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants.
This resulted in some cases in the transport threads eating all CPU resources.

The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement.

Signed-off-by: Miguel Company <[email protected]>

* Refs #20181. Unmatch non-secure before matching secure.

Signed-off-by: Miguel Company <[email protected]>

---------

Signed-off-by: Mario Dominguez <[email protected]>
Signed-off-by: Miguel Company <[email protected]>
Co-authored-by: Miguel Company <[email protected]>
(cherry picked from commit 3ca60e0)

# Conflicts:
#	src/cpp/rtps/builtin/discovery/participant/PDPSimple.cpp
#	test/blackbox/common/BlackboxTestsSecurity.cpp
Signed-off-by: Miguel Company <[email protected]>
Copy link
Contributor Author

mergify bot commented Sep 18, 2024

rebase

✅ Branch has been successfully rebased

@MiguelCompany MiguelCompany merged commit 9316762 into 2.10.x Sep 20, 2024
15 of 18 checks passed
@MiguelCompany MiguelCompany deleted the mergify/bp/2.10.x/pr-5071 branch September 20, 2024 09:26
mfaferek93 pushed a commit to mfaferek93/Fast-DDS that referenced this pull request Sep 24, 2024
…ch (eProsima#5071) (eProsima#5177)

* Hotfix: Secure simple participants with `initialpeers` over `TCP` match (eProsima#5071)

* Refs #20181: Add BB test

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181: Add Fix

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181: linter

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181. Pass in secure_endpoints as lambda capture.

Signed-off-by: Miguel Company <[email protected]>

* Refs #20181. New approach.

Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants.
This resulted in some cases in the transport threads eating all CPU resources.

The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement.

Signed-off-by: Miguel Company <[email protected]>

* Refs #20181. Unmatch non-secure before matching secure.

Signed-off-by: Miguel Company <[email protected]>

---------

Signed-off-by: Mario Dominguez <[email protected]>
Signed-off-by: Miguel Company <[email protected]>
Co-authored-by: Miguel Company <[email protected]>
(cherry picked from commit 3ca60e0)

* Fix conflicts

Signed-off-by: Miguel Company <[email protected]>

---------

Signed-off-by: Miguel Company <[email protected]>
Co-authored-by: Mario Domínguez López <[email protected]>
Co-authored-by: Miguel Company <[email protected]>
mfaferek93 pushed a commit to mfaferek93/Fast-DDS that referenced this pull request Sep 24, 2024
…ch (eProsima#5071) (eProsima#5177)

* Hotfix: Secure simple participants with `initialpeers` over `TCP` match (eProsima#5071)

* Refs #20181: Add BB test

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181: Add Fix

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181: linter

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181. Pass in secure_endpoints as lambda capture.

Signed-off-by: Miguel Company <[email protected]>

* Refs #20181. New approach.

Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants.
This resulted in some cases in the transport threads eating all CPU resources.

The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement.

Signed-off-by: Miguel Company <[email protected]>

* Refs #20181. Unmatch non-secure before matching secure.

Signed-off-by: Miguel Company <[email protected]>

---------

Signed-off-by: Mario Dominguez <[email protected]>
Signed-off-by: Miguel Company <[email protected]>
Co-authored-by: Miguel Company <[email protected]>
(cherry picked from commit 3ca60e0)

* Fix conflicts

Signed-off-by: Miguel Company <[email protected]>

---------

Signed-off-by: Miguel Company <[email protected]>
Co-authored-by: Mario Domínguez López <[email protected]>
Co-authored-by: Miguel Company <[email protected]>
mfaferek93 pushed a commit to mfaferek93/Fast-DDS that referenced this pull request Sep 25, 2024
…ch (eProsima#5071) (eProsima#5177)

* Hotfix: Secure simple participants with `initialpeers` over `TCP` match (eProsima#5071)

* Refs #20181: Add BB test

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181: Add Fix

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181: linter

Signed-off-by: Mario Dominguez <[email protected]>

* Refs #20181. Pass in secure_endpoints as lambda capture.

Signed-off-by: Miguel Company <[email protected]>

* Refs #20181. New approach.

Automatically sending DATA(p) when receiving a DATA(p) could lead to an infinite ping-pong between the two participants.
This resulted in some cases in the transport threads eating all CPU resources.

The new approach matches the discovered participant to the builtin non-secure PDP writer, so it will receive the DATA(p) of the local participant in the next periodic announcement.

Signed-off-by: Miguel Company <[email protected]>

* Refs #20181. Unmatch non-secure before matching secure.

Signed-off-by: Miguel Company <[email protected]>

---------

Signed-off-by: Mario Dominguez <[email protected]>
Signed-off-by: Miguel Company <[email protected]>
Co-authored-by: Miguel Company <[email protected]>
(cherry picked from commit 3ca60e0)

* Fix conflicts

Signed-off-by: Miguel Company <[email protected]>

---------

Signed-off-by: Miguel Company <[email protected]>
Co-authored-by: Mario Domínguez López <[email protected]>
Co-authored-by: Miguel Company <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ci-pending PR which CI is running
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants