Skip to content

Commit 2d9de4c

Browse files
colmeneroCopilot
andauthored
Enable monitoring in the examples that use the security plugins (#752)
* SEC-2914 dynamic_permissions working * SEC-2914 connextdds_generate_security_artifacts in dynamic * SEC-2914 lws interoperability example * SEC-2914 cds example * SEC-2914 cmake find components for cds example * SEC-2914 whitelist example * SEC-2914 certificate_revocation_list example * SEC-2914 formatting * wrong casing in file path Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * SEC-2914 fix grant number * SEC-2914 fix leftover passphrase * SEC-2914 fix current source dir wrong variable * SEC-2914 avoid recursivity in cds example profile * SEC-2914 removed qos copy because it is done by connextdds_add_example * SEC-2914: Update release number for schema in QoS Feedback: #752 (comment) * SEC-2914 Use domain range in Governance and Permissions Feedback: #752 (comment) * SEC-2914 allow subscribing to all and protect all Feedback: #752 (comment) #752 (comment) * SEC-2914 Protect metrics and logs in missing Governance Documents Feedback: #752 (comment) #752 (comment) * SEC-2914 CRL example - restrict monitoring DP permissions Feedback #752 (comment) * SEC-2914: Move profile to base name attribute Feedback: #752 (comment) * SEC-2914 cds example inherit from Generic.Monitoring2 Feedback #752 (comment) * SEC-2914 snippets for composition and profiles for inheritance Feedback #752 (comment) * SEC-2914 fix missing snippet tag * SEC-2914 property removal * SEC-2914 missing 7.7 release numbers * SEC-2914 more 7.7 release numbers * SEC-2914 more resources and cds monitor profile --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
1 parent d4b41b8 commit 2d9de4c

56 files changed

Lines changed: 889 additions & 901 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

examples/connext_dds/network_capture/01_shared_memory_and_udp/c++11/USER_QOS_PROFILES.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
use the software.
1111
-->
1212
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
13-
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.0.0/rti_dds_qos_profiles.xsd">
13+
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.7.0/rti_dds_qos_profiles.xsd">
1414
<qos_library name="network_capture_Library">
1515
<qos_profile name="network_capture_Profile" base_name="BuiltinQosLibExp::Generic.StrictReliable" is_default_qos="true">
1616
<domain_participant_qos>

examples/connext_dds/network_capture/01_shared_memory_and_udp/c++98/USER_QOS_PROFILES.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
use the software.
1111
-->
1212
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
13-
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.0.0/rti_dds_qos_profiles.xsd">
13+
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.7.0/rti_dds_qos_profiles.xsd">
1414
<qos_library name="network_capture_Library">
1515
<qos_profile name="network_capture_Profile" base_name="BuiltinQosLibExp::Generic.StrictReliable" is_default_qos="true">
1616
<domain_participant_qos>

examples/connext_dds/network_capture/01_shared_memory_and_udp/c/USER_QOS_PROFILES.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
use the software.
1111
-->
1212
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
13-
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.0.0/rti_dds_qos_profiles.xsd">
13+
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.7.0/rti_dds_qos_profiles.xsd">
1414
<qos_library name="network_capture_Library">
1515
<qos_profile name="network_capture_Profile" base_name="BuiltinQosLibExp::Generic.StrictReliable" is_default_qos="true">
1616
<domain_participant_qos>

examples/connext_dds/network_capture/01_shared_memory_and_udp/cs/USER_QOS_PROFILES.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
use the software.
1111
-->
1212
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
13-
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.0.0/rti_dds_qos_profiles.xsd">
13+
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.7.0/rti_dds_qos_profiles.xsd">
1414
<qos_library name="network_capture_Library">
1515
<qos_profile name="network_capture_Profile" base_name="BuiltinQosLibExp::Generic.StrictReliable" is_default_qos="true">
1616
<domain_participant_qos>

examples/connext_dds/network_capture/02_tcp/c/USER_QOS_PROFILES.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
use the software.
1111
-->
1212
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
13-
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.0.0/rti_dds_qos_profiles.xsd"
13+
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.7.0/rti_dds_qos_profiles.xsd"
1414
version="7.0.0">
1515
<qos_library name="network_capture_Library">
1616
<qos_profile name="network_capture_Profile" base_name="BuiltinQosLibExp::Generic.StrictReliable" is_default_qos="true">

examples/connext_dds/network_capture/03_security/c/USER_QOS_PROFILES.xml

Lines changed: 61 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,11 @@
1010
use the software.
1111
-->
1212
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
13-
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.0.0/rti_dds_qos_profiles.xsd">
13+
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.7.0/rti_dds_qos_profiles.xsd">
1414
<qos_library name="network_capture_Library">
15-
<qos_profile name="network_capture_ProfileA" base_name="BuiltinQosLib::Generic.Security" is_default_qos="true">
15+
<qos_profile name="network_capture_SnippetCommon">
16+
<?rti-qos_snippet?>
17+
1618
<domain_participant_qos>
1719
<property>
1820
<value>
@@ -21,20 +23,45 @@
2123
<value>file:security/ecdsa01/certs/ca_cert.pem</value>
2224
</element>
2325
<element>
24-
<name>dds.sec.auth.identity_certificate</name>
25-
<value>file:security/ecdsa01/certs/peer1_cert.pem</value>
26-
</element>
27-
<element>
28-
<name>dds.sec.auth.private_key</name>
29-
<value>file:security/ecdsa01/certs/peer1_key.pem</value>
26+
<name>dds.sec.access.governance</name>
27+
<value>file:security/ecdsa01/xml/signed/signed_Governance.p7s</value>
3028
</element>
3129
<element>
3230
<name>dds.sec.access.permissions_ca</name>
3331
<value>file:security/ecdsa01/certs/ca_cert.pem</value>
3432
</element>
3533
<element>
36-
<name>dds.sec.access.governance</name>
37-
<value>file:security/ecdsa01/xml/signed/signed_Governance.p7s</value>
34+
<name>dds.sec.crypto.rtps_psk_secret_passphrase</name>
35+
<value>data:,0:PLEASE-CHANGE-THIS-DEFAULT-SEED</value>
36+
</element>
37+
</value>
38+
</property>
39+
</domain_participant_qos>
40+
</qos_profile>
41+
<qos_profile name="network_capture_ProfileA" is_default_qos="true">
42+
<base_name>
43+
<element>network_capture_Library::network_capture_SnippetCommon</element>
44+
<element>BuiltinQosSnippetLib::Feature.Security.Enable</element>
45+
</base_name>
46+
<participant_factory_qos>
47+
<monitoring>
48+
<distribution_settings>
49+
<dedicated_participant>
50+
<participant_qos_profile_name>network_capture_Library::network_capture_ProfileMonitor</participant_qos_profile_name>
51+
</dedicated_participant>
52+
</distribution_settings>
53+
</monitoring>
54+
</participant_factory_qos>
55+
<domain_participant_qos>
56+
<property>
57+
<value>
58+
<element>
59+
<name>dds.sec.auth.identity_certificate</name>
60+
<value>file:security/ecdsa01/certs/peer1_cert.pem</value>
61+
</element>
62+
<element>
63+
<name>dds.sec.auth.private_key</name>
64+
<value>file:security/ecdsa01/certs/peer1_key.pem</value>
3865
</element>
3966
<element>
4067
<name>dds.sec.access.permissions</name>
@@ -72,5 +99,29 @@
7299
</property>
73100
</domain_participant_qos>
74101
</qos_profile>
102+
<qos_profile name="network_capture_ProfileMonitor" base_name="BuiltinQosLib::Generic.Monitoring2">
103+
<base_name>
104+
<element>network_capture_Library::network_capture_SnippetCommon</element>
105+
<element>BuiltinQosSnippetLib::Feature.Security.Enable</element>
106+
</base_name>
107+
<domain_participant_qos>
108+
<property>
109+
<value>
110+
<element>
111+
<name>dds.sec.auth.identity_certificate</name>
112+
<value>file:security/ecdsa01/certs/peerM_cert.pem</value>
113+
</element>
114+
<element>
115+
<name>dds.sec.auth.private_key</name>
116+
<value>file:security/ecdsa01/certs/peerM_key.pem</value>
117+
</element>
118+
<element>
119+
<name>dds.sec.access.permissions</name>
120+
<value>file:security/ecdsa01/xml/signed/signed_PermissionsM.p7s</value>
121+
</element>
122+
</value>
123+
</property>
124+
</domain_participant_qos>
125+
</qos_profile>
75126
</qos_library>
76127
</dds>

examples/connext_dds/network_capture/04_advanced_api/c/USER_QOS_PROFILES.xml

Lines changed: 61 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,11 @@
1010
use the software.
1111
-->
1212
<dds xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
13-
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.0.0/rti_dds_qos_profiles.xsd">
13+
xsi:noNamespaceSchemaLocation="http://community.rti.com/schema/7.7.0/rti_dds_qos_profiles.xsd">
1414
<qos_library name="network_capture_Library">
15-
<qos_profile name="network_capture_ProfileA" base_name="BuiltinQosLib::Generic.Security" is_default_qos="true">
15+
<qos_profile name="network_capture_SnippetCommon">
16+
<?rti-qos_snippet?>
17+
1618
<domain_participant_qos>
1719
<property>
1820
<value>
@@ -21,20 +23,45 @@
2123
<value>file:security/ecdsa01/certs/ca_cert.pem</value>
2224
</element>
2325
<element>
24-
<name>dds.sec.auth.identity_certificate</name>
25-
<value>file:security/ecdsa01/certs/peer1_cert.pem</value>
26-
</element>
27-
<element>
28-
<name>dds.sec.auth.private_key</name>
29-
<value>file:security/ecdsa01/certs/peer1_key.pem</value>
26+
<name>dds.sec.access.governance</name>
27+
<value>file:security/ecdsa01/xml/signed/signed_Governance.p7s</value>
3028
</element>
3129
<element>
3230
<name>dds.sec.access.permissions_ca</name>
3331
<value>file:security/ecdsa01/certs/ca_cert.pem</value>
3432
</element>
3533
<element>
36-
<name>dds.sec.access.governance</name>
37-
<value>file:security/ecdsa01/xml/signed/signed_Governance.p7s</value>
34+
<name>dds.sec.crypto.rtps_psk_secret_passphrase</name>
35+
<value>data:,0:PLEASE-CHANGE-THIS-DEFAULT-SEED</value>
36+
</element>
37+
</value>
38+
</property>
39+
</domain_participant_qos>
40+
</qos_profile>
41+
<qos_profile name="network_capture_ProfileA" is_default_qos="true">
42+
<base_name>
43+
<element>network_capture_Library::network_capture_SnippetCommon</element>
44+
<element>BuiltinQosSnippetLib::Feature.Security.Enable</element>
45+
</base_name>
46+
<participant_factory_qos>
47+
<monitoring>
48+
<distribution_settings>
49+
<dedicated_participant>
50+
<participant_qos_profile_name>network_capture_Library::network_capture_ProfileMonitor</participant_qos_profile_name>
51+
</dedicated_participant>
52+
</distribution_settings>
53+
</monitoring>
54+
</participant_factory_qos>
55+
<domain_participant_qos>
56+
<property>
57+
<value>
58+
<element>
59+
<name>dds.sec.auth.identity_certificate</name>
60+
<value>file:security/ecdsa01/certs/peer1_cert.pem</value>
61+
</element>
62+
<element>
63+
<name>dds.sec.auth.private_key</name>
64+
<value>file:security/ecdsa01/certs/peer1_key.pem</value>
3865
</element>
3966
<element>
4067
<name>dds.sec.access.permissions</name>
@@ -72,5 +99,29 @@
7299
</property>
73100
</domain_participant_qos>
74101
</qos_profile>
102+
<qos_profile name="network_capture_ProfileMonitor" base_name="BuiltinQosLib::Generic.Monitoring2">
103+
<base_name>
104+
<element>network_capture_Library::network_capture_SnippetCommon</element>
105+
<element>BuiltinQosSnippetLib::Feature.Security.Enable</element>
106+
</base_name>
107+
<domain_participant_qos>
108+
<property>
109+
<value>
110+
<element>
111+
<name>dds.sec.auth.identity_certificate</name>
112+
<value>file:security/ecdsa01/certs/peerM_cert.pem</value>
113+
</element>
114+
<element>
115+
<name>dds.sec.auth.private_key</name>
116+
<value>file:security/ecdsa01/certs/peerM_key.pem</value>
117+
</element>
118+
<element>
119+
<name>dds.sec.access.permissions</name>
120+
<value>file:security/ecdsa01/xml/signed/signed_PermissionsM.p7s</value>
121+
</element>
122+
</value>
123+
</property>
124+
</domain_participant_qos>
125+
</qos_profile>
75126
</qos_library>
76127
</dds>

examples/connext_dds/real_time_wan_transport/c++98/CLOUD_DISCOVERY_SERVICE.xml

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -58,12 +58,8 @@
5858
<security>
5959
<property>
6060
<element>
61-
<name>com.rti.serv.secure.authentication.participant_discovery_protection_key</name>
62-
<value>str:key1</value>
63-
</element>
64-
<element>
65-
<name>com.rti.serv.secure.cryptography.rtps_protection_key</name>
66-
<value>str:key0</value>
61+
<name>dds.sec.crypto.rtps_psk_secret_passphrase</name>
62+
<value>data:,0:PLEASE-CHANGE-THIS-DEFAULT-SEED</value>
6763
</element>
6864
</property>
6965
</security>

0 commit comments

Comments
 (0)