Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion tools/socktap/dcc_passthrough.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
#include <vanetza/net/chunk_packet.hpp>
#include <boost/asio/generic/raw_protocol.hpp>
#include <iostream>
#include <sstream>

#ifdef SOCKTAP_WITH_COHDA_LLC
#include "cohda.hpp"
Expand Down Expand Up @@ -43,7 +44,9 @@ void DccPassthrough::request(const dcc::DataRequest& request, std::unique_ptr<Ch
const_buffers[i] = asio::buffer(buffers_[i]);
}
auto bytes_sent = socket_.send(const_buffers);
std::cout << "sent packet to " << request.destination << " (" << bytes_sent << " bytes)\n";
std::ostringstream ostream;
ostream << "sent packet to " << request.destination << " (" << bytes_sent << " bytes)\n";
std::cout << ostream.str();

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this beneficial? From my point of view, this causes an additional memory allocation and thus this should be justifiable.

@glmax glmax Feb 26, 2020

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When Vanetza shares stdout with other threads that manipulate the flags for stdout, it can happen (although rarely and unpredictable) that the std::hex flag set in the streaming operator overload of MacAddress is not properly cleared. One could probably move the special treatment to the streaming operator overload.

If you don't see that as a problem Socktap/Vanetza should care about, feel free to omit this commit.

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay, but socktap is not multi-threaded ;-) If this is going to change, we will need some more sophisticated logging anyway.

}

void DccPassthrough::allow_packet_flow(bool allow)
Expand Down
7 changes: 6 additions & 1 deletion tools/socktap/main_cam.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ int main(int argc, const char** argv)
("print-rx-cam", "Print received CAMs")
("print-tx-cam", "Print generated CAMs")
("benchmark", "Enable benchmarking")
("non-strict", "Set MIB parameter ItsGnSnDecapResultHandling to NON_STRICT")
;

po::positional_options_description positional_options;
Expand Down Expand Up @@ -107,6 +108,9 @@ int main(int argc, const char** argv)
mib.itsGnLocalGnAddr.is_manually_configured(true);
mib.itsGnLocalAddrConfMethod = geonet::AddrConfMethod::Managed;
mib.itsGnSecurity = false;
if (vm.count("non-strict")) {
mib.itsGnSnDecapResultHandling = vanetza::geonet::SecurityDecapHandling::Non_Strict;
}
mib.itsGnProtocolVersion = vm["gn-version"].as<unsigned>();

if (mib.itsGnProtocolVersion != 0 && mib.itsGnProtocolVersion != 1) {
Expand Down Expand Up @@ -144,6 +148,7 @@ int main(int argc, const char** argv)
for (auto& chain_path : vm["certificate-chain"].as<std::vector<std::string> >()) {
auto chain_certificate = security::load_certificate_from_file(chain_path);
chain.push_back(chain_certificate);
cert_cache.insert(chain_certificate);

// Only add root certificates to trust store, so certificate requests are visible for demo purposes.

@glmax glmax Feb 26, 2020

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Regarding this comment and the change above: Demonstrating certificate requests by using tickets signed by different AAs is a cleaner way and closer to the use of this feature in the real world.

If you want to keep this need for a request for the own AA certificate as a demo feature, I would propose that it is off by default and can be activated via a command line option.

if (chain_certificate.subject_info.subject_type == security::SubjectType::Root_CA) {
Expand Down Expand Up @@ -172,7 +177,7 @@ int main(int argc, const char** argv)
security::VerifyService verify_service = straight_verify_service(trigger.runtime(), *certificate_provider, *certificate_validator, *crypto_backend, cert_cache, sign_header_policy, positioning);

security::DelegatingSecurityEntity security_entity(sign_service, verify_service);
RouterContext context(raw_socket, mib, trigger, positioning, security_entity);
RouterContext context(raw_socket, mib, trigger, positioning, &security_entity);
context.require_position_fix(vm.count("require-gnss-fix") > 0);

CamApplication cam_app(positioning, trigger.runtime());
Expand Down
2 changes: 1 addition & 1 deletion tools/socktap/main_hello.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ int main(int argc, const char** argv)
security::dummy_verify_service(security::VerificationReport::Success, security::CertificateValidity::valid());
security::DelegatingSecurityEntity security_entity(sign_service, verify_service);

RouterContext context(raw_socket, mib, trigger, positioning, security_entity);
RouterContext context(raw_socket, mib, trigger, positioning, &security_entity);
context.require_position_fix(vm.count("require-gnss-fix") > 0);

asio::steady_timer hello_timer(io_service);
Expand Down
26 changes: 21 additions & 5 deletions tools/socktap/router_context.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
#include <boost/asio/generic/raw_protocol.hpp>
#include <boost/optional/optional.hpp>
#include <iostream>
#include <sstream>
#include <vanetza/common/byte_order.hpp>

#ifdef SOCKTAP_WITH_COHDA_LLC
Expand All @@ -20,7 +21,7 @@ namespace asio = boost::asio;
using boost::asio::generic::raw_protocol;
using namespace vanetza;

RouterContext::RouterContext(raw_protocol::socket& socket, const geonet::MIB& mib, TimeTrigger& trigger, vanetza::PositionProvider& positioning, vanetza::security::SecurityEntity& security_entity) :
RouterContext::RouterContext(raw_protocol::socket& socket, const geonet::MIB& mib, TimeTrigger& trigger, vanetza::PositionProvider& positioning, vanetza::security::SecurityEntity* security_entity) :
mib_(mib), router_(trigger.runtime(), mib_),
socket_(socket), trigger_(trigger), positioning_(positioning),
request_interface_(new DccPassthrough(socket, trigger)),
Expand All @@ -30,7 +31,7 @@ RouterContext::RouterContext(raw_protocol::socket& socket, const geonet::MIB& mi
router_.set_address(mib_.itsGnLocalGnAddr);
router_.set_access_interface(request_interface_.get());
router_.set_transport_handler(geonet::UpperProtocol::BTP_B, &dispatcher_);
router_.set_security_entity(&security_entity);
router_.set_security_entity(security_entity);
update_position_vector();

do_receive();
Expand All @@ -40,14 +41,16 @@ RouterContext::RouterContext(raw_protocol::socket& socket, const geonet::MIB& mi
RouterContext::~RouterContext()
{
for (auto* app : applications_) {
app->router_ = nullptr;
disable(app);
}
}

void RouterContext::log_packet_drop(geonet::Router::PacketDropReason reason)
{
auto reason_string = stringify(reason);
std::cout << "Router dropped packet because of " << reason_string << " (" << static_cast<int>(reason) << ")\n";
std::ostringstream ostream;
ostream << "Router dropped packet because of " << reason_string << " (" << static_cast<int>(reason) << ")\n";
std::cout << ostream.str();
}

void RouterContext::do_receive()
Expand Down Expand Up @@ -84,7 +87,10 @@ void RouterContext::pass_up(CohesivePacket&& packet)
EthernetHeader hdr = decode_ethernet_header(link_range.begin(), link_range.end());
#endif
if (hdr.source != mib_.itsGnLocalGnAddr.mid() && hdr.type == access::ethertype::GeoNetworking) {
std::cout << "received packet from " << hdr.source << " (" << packet.size() << " bytes)\n";
std::ostringstream ostream;
ostream << "received packet from " << hdr.source << " (" << packet.size() << " bytes)\n";
std::cout << ostream.str();

std::unique_ptr<PacketVariant> up { new PacketVariant(std::move(packet)) };
trigger_.schedule(); // ensure the clock is up-to-date for the security entity
router_.indicate(std::move(up), hdr.source, hdr.destination);
Expand All @@ -103,6 +109,16 @@ void RouterContext::enable(Application* app)
}
}

void RouterContext::disable(Application* app)
{
if (app->port() != btp::port_type(0)) {
dispatcher_.set_non_interactive_handler(app->port(), nullptr);
}
dispatcher_.remove_promiscuous_hook(app->promiscuous_hook());

app->router_ = nullptr;
}

void RouterContext::require_position_fix(bool flag)
{
require_position_fix_ = flag;
Expand Down
3 changes: 2 additions & 1 deletion tools/socktap/router_context.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,10 @@ class TimeTrigger;
class RouterContext
{
public:
RouterContext(boost::asio::generic::raw_protocol::socket&, const vanetza::geonet::MIB&, TimeTrigger&, vanetza::PositionProvider&, vanetza::security::SecurityEntity&);
RouterContext(boost::asio::generic::raw_protocol::socket&, const vanetza::geonet::MIB&, TimeTrigger&, vanetza::PositionProvider&, vanetza::security::SecurityEntity*);
~RouterContext();
void enable(Application*);
void disable(Application*);

/**
* Allow/disallow transmissions without GNSS position fix
Expand Down
7 changes: 7 additions & 0 deletions vanetza/btp/port_dispatcher.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,13 @@ void PortDispatcher::add_promiscuous_hook(PromiscuousHook* hook)
}
}

void PortDispatcher::remove_promiscuous_hook(PromiscuousHook* hook)
{
if (hook != nullptr) {
m_promiscuous_hooks.remove(hook);
}
}

void PortDispatcher::set_interactive_handler(
port_type port,
IndicationInterface* handler)
Expand Down
5 changes: 5 additions & 0 deletions vanetza/btp/port_dispatcher.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,11 @@ class PortDispatcher : public geonet::TransportInterface
*/
void add_promiscuous_hook(PromiscuousHook*);

/**
* Remove a hook
*/
void remove_promiscuous_hook(PromiscuousHook*);

// Implementation of geonet::TransportInterface
void indicate(const geonet::DataIndication&, std::unique_ptr<UpPacket>) override;

Expand Down
1 change: 0 additions & 1 deletion vanetza/geonet/router.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -398,7 +398,6 @@ void Router::indicate_basic(IndicationContextBasic& ctx)
indicate_secured(ctx, *basic);
} else if (basic->next_header == NextHeaderBasic::Common) {
if (!m_mib.itsGnSecurity || SecurityDecapHandling::Non_Strict == m_mib.itsGnSnDecapResultHandling) {
indication.security_report = security::DecapReport::Unsigned_Message,

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, security_report is not optional in geonet::DataIndication though EN 302 636-4-1 says so. Why do you think that Unsigned_Message is unsuitable?

@glmax glmax Feb 26, 2020

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, sorry, that commit/change needs to be moved to #105. There, security_report is made optional because of EN 302 636-4-1 and EN 302 636-5-1.

Apart from that, please have a look at the explanation in the commit message. Essentially, the security report is the report from the security entity which is never invoked for packets without secure header.

indicate_common(ctx, *basic);
} else {
packet_dropped(PacketDropReason::Decap_Unsuccessful_Strict);
Expand Down