Open Jakio815 opened 3 days ago
The recent updates to the RTI system's federated components enhance authentication handling by introducing a specific error message when an RTI nonce is not executed with HMAC authentication. This comprehensive modification affects the message rejection process with refined error handling and logging, ensuring clearer communication and stricter security protocols.
File(s) | Change Summary |
---|---|
core/federated/RTI/rti_remote.c |
Modified handling of MSG_TYPE_FED_NONCE to reject the connection with RTI_NOT_EXECUTED_WITH_AUTH and log an error message. |
core/federated/federate.c |
Added a new condition to handle MSG_TYPE_REJECT with the error RTI_NOT_EXECUTED_WITH_AUTH during HMAC authentication. |
include/core/federated/network/net_common.h |
Introduced the constant #define RTI_NOT_EXECUTED_WITH_AUTH 7 . |
sequenceDiagram
participant Client
participant RTI Remote
participant Authentication Module
Client->>RTI Remote: Send MSG_TYPE_FED_NONCE
RTI Remote->>Authentication Module: Authenticate Message
Authentication Module-->>RTI Remote: Authentication Failed
RTI Remote->>Client: Send MSG_TYPE_REJECT with RTI_NOT_EXECUTED_WITH_AUTH
RTI Remote->>Log System: Log error "RTI not executed with HMAC authentication"
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
This gives better error messages in lf-lang/lingua-franca#2326. When the federates are using the HMAC authentication as
auth:true
, and the RTI is not executed using the-a
or--auth
option, the RTI will not expect theMSG_TYPE_FED_NONCE
type, and reject it. For better errors, add a rejection codeRTI_NOT_EXECUTED_WITH_AUTH
and messages.