diff --git a/docs/manual/config/config_file_reference.rst b/docs/manual/config/config_file_reference.rst
index 8f9b08018c..6280f1ed75 100644
--- a/docs/manual/config/config_file_reference.rst
+++ b/docs/manual/config/config_file_reference.rst
@@ -2699,10 +2699,10 @@ The categorisation of tracing output is incomplete and hence most of the verbosi
The default value is: ``none``
..
- generated from ddsi_config.h[9f834d377bdea61bea6507feed2fc4a8924dc02e]
+ generated from ddsi_config.h[eaf2059de5eccc422ae9ebd9bb3c40fd1d7545d3]
generated from ddsi__cfgunits.h[bd22f0c0ed210501d0ecd3b07c992eca549ef5aa]
- generated from ddsi__cfgelems.h[f10059d775cf2e4961a2e9520bb1a4da6a124778]
- generated from ddsi_config.c[0a59324bd889637ea7d04765da9b76bbe74997c1]
+ generated from ddsi__cfgelems.h[fc5746cc2e55b4ab9daf9bd51bc263cf30ece564]
+ generated from ddsi_config.c[2d3406ce4db09358597689d7382f80185634eb69]
generated from _confgen.h[e32eabfc35e9f3a7dcb63b19ed148c0d17c6e5fc]
generated from _confgen.c[237308acd53897a34e8c643e16e05a61d73ffd65]
generated from generate_rnc.c[b50e4b7ab1d04b2bc1d361a0811247c337b74934]
diff --git a/docs/manual/options.md b/docs/manual/options.md
index 1c0571abd7..2c80765dd3 100644
--- a/docs/manual/options.md
+++ b/docs/manual/options.md
@@ -1889,10 +1889,10 @@ While none prevents any message from being written to a DDSI2 log file.
The categorisation of tracing output is incomplete and hence most of the verbosity levels and categories are not of much use in the current release. This is an ongoing process and here we describe the target situation rather than the current situation. Currently, the most useful verbosity levels are config, fine and finest.
The default value is: `none`
-
+
-
-
+
+
diff --git a/etc/cyclonedds.rnc b/etc/cyclonedds.rnc
index e8cc343f05..8ff2bcb582 100644
--- a/etc/cyclonedds.rnc
+++ b/etc/cyclonedds.rnc
@@ -1310,10 +1310,10 @@ MIIEpAIBAAKCAQEA3HIh...AOBaaqSV37XBUJg==
duration_inf = xsd:token { pattern = "inf|0|(\d+(\.\d*)?([Ee][\-+]?\d+)?|\.\d+([Ee][\-+]?\d+)?) *([num]?s|min|hr|day)" }
memsize = xsd:token { pattern = "0|(\d+(\.\d*)?([Ee][\-+]?\d+)?|\.\d+([Ee][\-+]?\d+)?) *([kMG]i?)?B" }
}
-# generated from ddsi_config.h[9f834d377bdea61bea6507feed2fc4a8924dc02e]
+# generated from ddsi_config.h[eaf2059de5eccc422ae9ebd9bb3c40fd1d7545d3]
# generated from ddsi__cfgunits.h[bd22f0c0ed210501d0ecd3b07c992eca549ef5aa]
-# generated from ddsi__cfgelems.h[f10059d775cf2e4961a2e9520bb1a4da6a124778]
-# generated from ddsi_config.c[0a59324bd889637ea7d04765da9b76bbe74997c1]
+# generated from ddsi__cfgelems.h[fc5746cc2e55b4ab9daf9bd51bc263cf30ece564]
+# generated from ddsi_config.c[2d3406ce4db09358597689d7382f80185634eb69]
# generated from _confgen.h[e32eabfc35e9f3a7dcb63b19ed148c0d17c6e5fc]
# generated from _confgen.c[237308acd53897a34e8c643e16e05a61d73ffd65]
# generated from generate_rnc.c[b50e4b7ab1d04b2bc1d361a0811247c337b74934]
diff --git a/etc/cyclonedds.xsd b/etc/cyclonedds.xsd
index 893b41d8a7..8b3ceb9ecc 100644
--- a/etc/cyclonedds.xsd
+++ b/etc/cyclonedds.xsd
@@ -1970,10 +1970,10 @@ MIIEpAIBAAKCAQEA3HIh...AOBaaqSV37XBUJg==<br>
-
+
-
-
+
+
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index ae00de44c6..da328a2ea2 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -70,6 +70,16 @@ if(ENABLE_SSL)
endif()
endif()
+set(ENABLE_TCP_TLS "AUTO" CACHE STRING "Enable TCP+TLS support (depends on ENABLE_SSL)")
+set_property(CACHE ENABLE_TCP_TLS PROPERTY STRINGS ON OFF AUTO)
+if(ENABLE_TCP_TLS)
+ if(ENABLE_TCP_TLS STREQUAL "AUTO")
+ set(ENABLE_TCP_TLS "${ENABLE_SSL}")
+ elseif(ENABLE_TCP_TLS AND NOT ENABLE_SSL)
+ message(FATAL "ENABLE_TCP_TLS requires ENABLE_SSL")
+ endif()
+endif()
+
if(NOT ENABLE_SECURITY)
message(STATUS "Building without OMG DDS Security support")
endif()
diff --git a/src/core/CMakeLists.txt b/src/core/CMakeLists.txt
index 0db30e1fe8..2c5761e36b 100644
--- a/src/core/CMakeLists.txt
+++ b/src/core/CMakeLists.txt
@@ -23,7 +23,7 @@ if("${CMAKE_C_COMPILER_ID}" STREQUAL "MSVC")
target_link_libraries(ddsc PRIVATE dbghelp)
endif()
-if(ENABLE_SSL AND OPENSSL_FOUND)
+if(ENABLE_TCP_TLS AND OPENSSL_FOUND)
target_link_libraries(ddsc PRIVATE OpenSSL::SSL)
if(CMAKE_GENERATOR MATCHES "Visual Studio")
set_target_properties(ddsc PROPERTIES LINK_FLAGS "/ignore:4099")
diff --git a/src/core/ddsi/defconfig.c b/src/core/ddsi/defconfig.c
index b1e7c1e663..082bca3bed 100644
--- a/src/core/ddsi/defconfig.c
+++ b/src/core/ddsi/defconfig.c
@@ -89,7 +89,7 @@ void ddsi_config_init_default (struct ddsi_config *cfg)
cfg->tcp_port = INT32_C (-1);
cfg->tcp_read_timeout = INT64_C (2000000000);
cfg->tcp_write_timeout = INT64_C (2000000000);
-#ifdef DDS_HAS_SSL
+#ifdef DDS_HAS_TCP_TLS
cfg->ssl_verify = INT32_C (1);
cfg->ssl_verify_client = INT32_C (1);
cfg->ssl_keystore = "keystore";
@@ -98,12 +98,12 @@ void ddsi_config_init_default (struct ddsi_config *cfg)
cfg->ssl_rand_file = "";
cfg->ssl_min_version.major = 1;
cfg->ssl_min_version.minor = 3;
-#endif /* DDS_HAS_SSL */
+#endif /* DDS_HAS_TCP_TLS */
}
-/* generated from ddsi_config.h[9f834d377bdea61bea6507feed2fc4a8924dc02e] */
+/* generated from ddsi_config.h[eaf2059de5eccc422ae9ebd9bb3c40fd1d7545d3] */
/* generated from ddsi__cfgunits.h[bd22f0c0ed210501d0ecd3b07c992eca549ef5aa] */
-/* generated from ddsi__cfgelems.h[f10059d775cf2e4961a2e9520bb1a4da6a124778] */
-/* generated from ddsi_config.c[0a59324bd889637ea7d04765da9b76bbe74997c1] */
+/* generated from ddsi__cfgelems.h[fc5746cc2e55b4ab9daf9bd51bc263cf30ece564] */
+/* generated from ddsi_config.c[2d3406ce4db09358597689d7382f80185634eb69] */
/* generated from _confgen.h[e32eabfc35e9f3a7dcb63b19ed148c0d17c6e5fc] */
/* generated from _confgen.c[237308acd53897a34e8c643e16e05a61d73ffd65] */
/* generated from generate_rnc.c[b50e4b7ab1d04b2bc1d361a0811247c337b74934] */
diff --git a/src/core/ddsi/include/dds/ddsi/ddsi_config.h b/src/core/ddsi/include/dds/ddsi/ddsi_config.h
index 334032089c..1b7295eb70 100644
--- a/src/core/ddsi/include/dds/ddsi/ddsi_config.h
+++ b/src/core/ddsi/include/dds/ddsi/ddsi_config.h
@@ -205,7 +205,7 @@ struct ddsi_config_omg_security_listelem {
};
#endif /* DDS_HAS_SECURITY */
-#ifdef DDS_HAS_SSL
+#ifdef DDS_HAS_TCP_TLS
struct ddsi_config_ssl_min_version {
int major;
int minor;
@@ -340,7 +340,7 @@ struct ddsi_config
int64_t tcp_write_timeout;
int tcp_use_peeraddr_for_unicast;
-#ifdef DDS_HAS_SSL
+#ifdef DDS_HAS_TCP_TLS
/* SSL support for TCP */
int ssl_enable;
int ssl_verify;
diff --git a/src/core/ddsi/src/ddsi__cfgelems.h b/src/core/ddsi/src/ddsi__cfgelems.h
index 8204f5541c..5b3b453c0d 100644
--- a/src/core/ddsi/src/ddsi__cfgelems.h
+++ b/src/core/ddsi/src/ddsi__cfgelems.h
@@ -1737,7 +1737,7 @@ static struct cfgelem tcp_cfgelems[] = {
END_MARKER
};
-#ifdef DDS_HAS_SSL
+#ifdef DDS_HAS_TCP_TLS
static struct cfgelem ssl_cfgelems[] = {
BOOL("Enable", NULL, 1, "false",
MEMBER(ssl_enable),
@@ -2189,7 +2189,7 @@ static struct cfgelem domain_cfgelems[] = {
"
The TCP element allows you to specify various parameters related to " "running DDSI over TCP.
" )), -#ifdef DDS_HAS_SSL +#ifdef DDS_HAS_TCP_TLS GROUP("SSL", ssl_cfgelems, NULL, 1, NOMEMBER, NOFUNCTIONS, @@ -2197,7 +2197,7 @@ static struct cfgelem domain_cfgelems[] = { "The SSL element allows specifying various parameters related to " "using SSL/TLS for DDSI over TCP.
" ), - BEHIND_FLAG("DDS_HAS_SSL") + BEHIND_FLAG("DDS_HAS_TCP_TLS") ), #endif GROUP("SharedMemory", shmem_cfgelems, NULL, 1, @@ -2232,7 +2232,7 @@ static struct cfgelem root_cfgelems[] = { MOVED("DDSSecurity", "CycloneDDS/Domain/Security"), #endif MOVED("SharedMemory", "CycloneDDS/Domain/SharedMemory"), -#if DDS_HAS_SSL +#if DDS_HAS_TCP_TLS MOVED("SSL", "CycloneDDS/Domain/SSL"), #endif MOVED("DDSI2E|DDSI2", "CycloneDDS/Domain"), diff --git a/src/core/ddsi/src/ddsi__ssl.h b/src/core/ddsi/src/ddsi__ssl.h index 766fb6eb3a..46c5783a39 100644 --- a/src/core/ddsi/src/ddsi__ssl.h +++ b/src/core/ddsi/src/ddsi__ssl.h @@ -13,7 +13,7 @@ #include "dds/features.h" -#ifdef DDS_HAS_SSL +#ifdef DDS_HAS_TCP_TLS #ifdef _WIN32 /* supposedly WinSock2 must be included before openssl headers otherwise winsock will be used */ @@ -45,5 +45,5 @@ void ddsi_ssl_config_plugin (struct ddsi_ssl_plugins *plugin); } #endif -#endif /* DDS_HAS_SSL */ +#endif /* DDS_HAS_TCP_TLS */ #endif /* DDSI__SSL_H */ diff --git a/src/core/ddsi/src/ddsi_config.c b/src/core/ddsi/src/ddsi_config.c index 18617573ef..73eeacbac8 100644 --- a/src/core/ddsi/src/ddsi_config.c +++ b/src/core/ddsi/src/ddsi_config.c @@ -188,7 +188,7 @@ DUPF(domainId); DUPF(transport_selector); DUPF(many_sockets_mode); DU(deaf_mute); -#ifdef DDS_HAS_SSL +#ifdef DDS_HAS_TCP_TLS DUPF(min_tls_version); #endif DUPF(shm_loglevel); @@ -1073,7 +1073,7 @@ static void pf_xcheck (struct ddsi_cfgst *cfgst, void *parent, struct cfgelem co do_print_uint32_bitset (cfgst, *p, sizeof (xcheck_codes) / sizeof (*xcheck_codes), xcheck_names, xcheck_codes, sources, suffix); } -#ifdef DDS_HAS_SSL +#ifdef DDS_HAS_TCP_TLS static enum update_result uf_min_tls_version (struct ddsi_cfgst *cfgst, UNUSED_ARG (void *parent), UNUSED_ARG (struct cfgelem const * const cfgelem), UNUSED_ARG (int first), const char *value) { static const char *vs[] = { diff --git a/src/core/ddsi/src/ddsi_ssl.c b/src/core/ddsi/src/ddsi_ssl.c index e43f8e53fb..2b3928d345 100644 --- a/src/core/ddsi/src/ddsi_ssl.c +++ b/src/core/ddsi/src/ddsi_ssl.c @@ -13,7 +13,7 @@ #include "ddsi__tcp.h" #include "ddsi__ssl.h" -#ifdef DDS_HAS_SSL +#ifdef DDS_HAS_TCP_TLS #include