canonical · artivis · Apr 2, 2020 · Feb 4, 2020 · Feb 5, 2020 · Feb 5, 2020
diff --git a/include/fastdds/rtps/security/accesscontrol/AccessControl.h b/include/fastdds/rtps/security/accesscontrol/AccessControl.h
@@ -36,6 +36,7 @@ class Authentication;
 class SecurityException;
 struct ParticipantSecurityAttributes;
 struct EndpointSecurityAttributes;
+class Logging;
 
 class AccessControl
 {
@@ -152,6 +153,14 @@ class AccessControl
             const std::vector<std::string>& partitions,
             EndpointSecurityAttributes& attributes,
             SecurityException& exception) = 0;
+
+    virtual inline bool set_logger(Logging* logger, SecurityException& /*exception*/) { logger_ = logger; return true; }
+
+    virtual inline Logging* get_logger() { return logger_; }
+
+  protected:
+
+    Logging* logger_ = nullptr;
 };
 
 } //namespace security

diff --git a/include/fastdds/rtps/security/authentication/Authentication.h b/include/fastdds/rtps/security/authentication/Authentication.h
@@ -34,6 +34,8 @@ namespace fastrtps {
 namespace rtps {
 namespace security {
 
+class Logging;
+
 enum ValidationResult_t : uint32_t
 {
     VALIDATION_OK = 0,
@@ -225,6 +227,13 @@ class Authentication
         virtual bool return_authenticated_peer_credential_token(PermissionsCredentialToken* token,
                 SecurityException& ex) = 0;
 
+        virtual inline bool set_logger(Logging* logger, SecurityException& /*exception*/) { logger_ = logger; return true; }
+
+        virtual inline Logging* get_logger() { return logger_; }
+
+    protected:
+
+        Logging* logger_ = nullptr;
 };
 
 } //namespace security

diff --git a/include/fastdds/rtps/security/cryptography/Cryptography.h b/include/fastdds/rtps/security/cryptography/Cryptography.h
@@ -28,12 +28,14 @@ namespace fastrtps {
 namespace rtps {
 namespace security {
 
+class Logging;
+
 class Cryptography
 {
 public:
 
     Cryptography(): m_cryptokeyexchange(nullptr), m_cryptokeyfactory(nullptr),
-    m_cryptotransform(nullptr) {}
+    m_cryptotransform(nullptr), m_logger(nullptr) {}
 
     virtual ~Cryptography() {}
 
@@ -44,11 +46,17 @@ class Cryptography
 
     CryptoTransform* cryptotransform() { return m_cryptotransform; }
 
+    virtual inline bool set_logger(Logging* logger, SecurityException& /*exception*/) { m_logger = logger; return true; }
+
+    virtual inline Logging* get_logger() { return m_logger; }
+
 protected:
 
     CryptoKeyExchange *m_cryptokeyexchange;
     CryptoKeyFactory *m_cryptokeyfactory;
     CryptoTransform *m_cryptotransform;
+
+    Logging *m_logger;
 };
 
 } //namespace security

diff --git a/include/fastdds/rtps/security/logging/BuiltinLogging.h b/include/fastdds/rtps/security/logging/BuiltinLogging.h
@@ -0,0 +1,79 @@
+// Copyright 2020 Canonical ltd.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/*!
+ * @file Logging.h
+ */
+#ifndef _FASTDDS_RTPS_SECURITY_LOGGING_BUILTINLOGGING_H_
+#define _FASTDDS_RTPS_SECURITY_LOGGING_BUILTINLOGGING_H_
+
+#include "fastdds/rtps/security/logging/Logging.h"
+#include "fastdds/rtps/security/logging/BuiltinLoggingType.h"
+#include "fastrtps/utils/concurrent_queue.h"
+
+#include <thread>
+#include <atomic>
+
+namespace eprosima {
+namespace fastrtps {
+namespace rtps {
+namespace security {
+
+/**
+ * @brief BuiltinLogging
+ */
+class BuiltinLogging final : public Logging
+{
+  using Message = std::pair<std::string,std::string>;
+  using MessagePtr = std::unique_ptr<Message>;
+
+public:
+
+  BuiltinLogging();
+  ~BuiltinLogging();
+
+private:
+
+  /**
+   * @brief log_impl
+   * @param message
+   * @param category
+   * @param exception
+   */
+  virtual void log_impl(const std::string& message,
+                        const std::string& category,
+                        SecurityException& exception) override;
+
+  BuiltinLoggingType convert(Message& msg);
+  void publish(BuiltinLoggingType& msg);
+
+  inline void stop() { stop_ = true; }
+
+  //TODO(artivis):figure out which to use
+  // Publisher* publisher_; // publisher_ = DomainParticipant::create_publisher(...)
+  // DataWriter* data_writer_;
+
+  std::atomic_bool stop_;
+
+  std::thread thread_;
+
+  ConcurrentQueue<MessagePtr> queue_;
+};
+
+} //namespace security
+} //namespace rtps
+} //namespace fastrtps
+} //namespace eprosima
+
+#endif // _FASTDDS_RTPS_SECURITY_LOGGING_BUILTINLOGGING_H_
diff --git a/include/fastdds/rtps/security/logging/BuiltinLoggingType.h b/include/fastdds/rtps/security/logging/BuiltinLoggingType.h
@@ -0,0 +1,57 @@
+// Copyright 2020 Canonical ltd.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/*!
+ * @file BuiltinLoggingType.h
+ */
+#ifndef _FASTDDS_RTPS_SECURITY_LOGGING_BUILTINLOGGINGTYPE_H_
+#define _FASTDDS_RTPS_SECURITY_LOGGING_BUILTINLOGGINGTYPE_H_
+
+#include "fastdds/rtps/common/Types.h"
+#include "fastdds/rtps/common/Time_t.h"
+#include "fastdds/rtps/security/logging/LoggingLevel.h"
+#include "fastdds/rtps/security/logging/NameValuePair.h"
+
+#include <map>
+
+namespace eprosima {
+namespace fastrtps {
+namespace rtps {
+namespace security {
+
+/**
+ * @brief The BuiltinLoggingType struct
+ *
+ * @note Definition in DDS-Sec v1.1 9.6
+ */
+struct BuiltinLoggingType final {
+ octet facility;              // Set to 0x0A (10). Indicates sec/auth msgs
+ LoggingLevel severity;
+ rtps::Time_t timestamp;      // Since epoch 1970-01-01 00:00:00 +0000 (UTC)
+ std::string hostname;        // IP host name of originator
+ std::string hostip;          // IP address of originator
+ std::string appname;         // Identify the device or application
+ std::string procid;          // Process name/ID for syslog system
+ std::string msgid;           // Identify the type of message
+ std::string message;         // Free-form message
+ // Note that certain string keys (SD-IDs) are reserved by IANA
+ std::map<std::string, NameValuePairSeq> structured_data;
+};
+
+} //namespace security
+} //namespace rtps
+} //namespace fastrtps
+} //namespace eprosima
+
+#endif // _FASTDDS_RTPS_SECURITY_LOGGING_BUILTINLOGGINGTYPE_H_
diff --git a/include/fastdds/rtps/security/logging/EventLogLevel.h b/include/fastdds/rtps/security/logging/EventLogLevel.h
@@ -0,0 +1,97 @@
+// Copyright 2020 Canonical ltd.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/*!
+ * @file EventLogLevel.h
+ */
+#ifndef _FASTDDS_RTPS_SECURITY_LOGGING_EVENTLOGLEVEL_H_
+#define _FASTDDS_RTPS_SECURITY_LOGGING_EVENTLOGLEVEL_H_
+
+#include "fastdds/rtps/security/exceptions/SecurityException.h"
+
+namespace eprosima {
+namespace fastrtps {
+namespace rtps {
+namespace security {
+
+/**
+ * @brief The EventLogLevel enum
+ *
+ * @note Definition in DDS-Sec v1.1 8.6.2.1.1
+ */
+enum struct EventLogLevel : long
+{
+  FATAL_LEVEL = 0,  // security error causing a shutdown or failure of the Domain Participant
+  SEVERE_LEVEL,     // major security error or fault
+  ERROR_LEVEL,      // minor security error or fault
+  WARNING_LEVEL,    // undesirable or unexpected behavior
+  NOTICE_LEVEL,     // important security event
+  INFO_LEVEL,       // interesting security event
+  DEBUG_LEVEL,      // detailed information on the flow of the security events
+  TRACE_LEVEL       // even more detailed information
+};
+
+inline bool string_to_EventLogLevel(const std::string& s,
+                                    EventLogLevel& l,
+                                    SecurityException& e)
+{
+  //TODO(artivis): use an array of const char to avoid strings?
+  bool convert = true;
+  if (!bool(s.compare("0")) || !bool(s.compare("FATAL_LEVEL")))
+  {
+    l = EventLogLevel::FATAL_LEVEL;
+  }
+  else if (!s.compare("1") || !s.compare("SEVERE_LEVEL"))
+  {
+    l = EventLogLevel::SEVERE_LEVEL;
+  }
+  else if (!s.compare("2") || !s.compare("ERROR_LEVEL"))
+  {
+    l = EventLogLevel::ERROR_LEVEL;
+  }
+  else if (!s.compare("3") || !s.compare("WARNING_LEVEL"))
+  {
+    l = EventLogLevel::WARNING_LEVEL;
+  }
+  else if (!s.compare("4") || !s.compare("NOTICE_LEVEL"))
+  {
+    l = EventLogLevel::NOTICE_LEVEL;
+  }
+  else if (!s.compare("5") || !s.compare("INFO_LEVEL"))
+  {
+    l = EventLogLevel::INFO_LEVEL;
+  }
+  else if (!s.compare("6") || !s.compare("DEBUG_LEVEL"))
+  {
+    l = EventLogLevel::DEBUG_LEVEL;
+  }
+  else if (!s.compare("7") || !s.compare("TRACE_LEVEL"))
+  {
+    l = EventLogLevel::TRACE_LEVEL;
+  }
+  else
+  {
+    e = SecurityException("Unknown EventLogLevel");
+    convert = false;
+  }
+
+  return convert;
+}
+
+} //namespace security
+} //namespace rtps
+} //namespace fastrtps
+} //namespace eprosima
+
+#endif // _FASTDDS_RTPS_SECURITY_LOGGING_EVENTLOGLEVEL_H_
diff --git a/include/fastdds/rtps/security/logging/LogOptions.h b/include/fastdds/rtps/security/logging/LogOptions.h
@@ -0,0 +1,52 @@
+// Copyright 2020 Canonical ltd.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/*!
+ * @file LogOptions.h
+ */
+#ifndef _FASTDDS_RTPS_SECURITY_LOGGING_LOGOPTIONS_H_
+#define _FASTDDS_RTPS_SECURITY_LOGGING_LOGOPTIONS_H_
+
+#include <string>
+
+#include "fastdds/rtps/security/logging/EventLogLevel.h"
+
+namespace eprosima {
+namespace fastrtps {
+namespace rtps {
+namespace security {
+
+/**
+ * @brief The LogOptions struct
+ * @note Definition in DDS-Sec v1.1 8.6.2.1
+ */
+struct LogOptions
+{
+  //! Whether the log events should be distributed over DDS
+  bool distribute;
+
+  //! Level at which log messages will be logged.
+  //! Messages at or below the log_level are logged.
+  EventLogLevel event_log_level;
+
+  //! Full path to a local file
+  std::string log_file;
+};
+
+} //namespace security
+} //namespace rtps
+} //namespace fastrtps
+} //namespace eprosima
+
+#endif // _FASTDDS_RTPS_SECURITY_LOGGING_LOGOPTIONS_H_