Skip to content

Commit

Permalink
Adding override for ROS_SECURITY_NODE_DIRECTORY
Browse files Browse the repository at this point in the history
Addressing ros2/sros2#69
  • Loading branch information
ruffsl committed Oct 31, 2018
1 parent 510a9e4 commit fcf0fa0
Showing 1 changed file with 32 additions and 8 deletions.
40 changes: 32 additions & 8 deletions rcl/src/rcl/node.c
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ extern "C"
#include "./common.h"


#define ROS_SECURITY_NODE_DIRECTORY_VAR_NAME "ROS_SECURITY_NODE_DIRECTORY"
#define ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME "ROS_SECURITY_ROOT_DIRECTORY"
#define ROS_SECURITY_STRATEGY_VAR_NAME "ROS_SECURITY_STRATEGY"
#define ROS_SECURITY_ENABLE_VAR_NAME "ROS_SECURITY_ENABLE"
Expand Down Expand Up @@ -103,6 +104,10 @@ const char * rcl_create_node_logger_name(
/**
* E.g. for a node named "c" in namespace "/a/b", the secure root path will be
* "a/b/c", where the delimiter "/" is native for target file system (e.g. "\\" for _WIN32).
* However, this expansion can be overridden by setting the secure node directory environment
* variable, allowing users to explicitly specify the exact secure root directory to be utilized.
* Such an override is useful for case where the FQN of a node is non-determinist before runtime,
* or when testing and using additional tools that may not otherwise not be easily provisioned
*
* \param[in] node_name validated node name (a single token)
* \param[in] node_namespace validated, absolute namespace (starting with "/")
Expand All @@ -114,25 +119,42 @@ const char * rcl_get_secure_root(
const char * node_namespace,
const rcl_allocator_t * allocator)
{
bool ros_secure_node_override = true;
const char * ros_secure_root_env = NULL;
if (NULL == node_name) {
return NULL;
}
if (rcutils_get_env(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME, &ros_secure_root_env)) {
if (rcutils_get_env(ROS_SECURITY_NODE_DIRECTORY_VAR_NAME, &ros_secure_root_env)) {
return NULL;
}
if (!ros_secure_root_env) {
return NULL; // environment variable not defined
return NULL;
}
size_t ros_secure_root_size = strlen(ros_secure_root_env);
if (!ros_secure_root_size) {
return NULL; // environment variable was empty
// check root directory if node directory environment variable is empty
if (rcutils_get_env(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME, &ros_secure_root_env)) {
return NULL;
}
if (!ros_secure_root_env) {
return NULL;
}
ros_secure_root_size = strlen(ros_secure_root_env);
if (!ros_secure_root_size) {
return NULL; // environment variable was empty
} else {
ros_secure_node_override = false;
}
}
char * node_secure_root = NULL;
// TODO(ros2team): This make an assumption on the value and length of the root namespace.
// This should likely come from another (rcl/rmw?) function for reuse.
// If the namespace is the root namespace ("/"), the secure root is just the node name.
if (strlen(node_namespace) == 1) {
if (ros_secure_node_override) {
node_secure_root =
(char *)allocator->allocate(strlen(ros_secure_root_env) + 1, allocator->state);
strcpy(node_secure_root, ros_secure_root_env);
// TODO(ros2team): This make an assumption on the value and length of the root namespace.
// This should likely come from another (rcl/rmw?) function for reuse.
// If the namespace is the root namespace ("/"), the secure root is just the node name.
} else if (strlen(node_namespace) == 1) {
node_secure_root = rcutils_join_path(ros_secure_root_env, node_name, *allocator);
} else {
char * node_fqn = NULL;
Expand Down Expand Up @@ -357,8 +379,10 @@ rcl_node_init(
if (RMW_SECURITY_ENFORCEMENT_ENFORCE == node_security_options.enforce_security) {
RCL_SET_ERROR_MSG(
"SECURITY ERROR: unable to find a folder matching the node name in the "
RCUTILS_STRINGIFY(ROS_SECURITY_NODE_DIRECTORY_VAR_NAME)
" or "
RCUTILS_STRINGIFY(ROS_SECURITY_ROOT_DIRECTORY_VAR_NAME)
" directory while the requested security strategy requires it", *allocator);
" directories while the requested security strategy requires it", *allocator);
ret = RCL_RET_ERROR;
goto cleanup;
}
Expand Down

0 comments on commit fcf0fa0

Please sign in to comment.