Security on Ros2 requires the user to specify the enclave so it can find the security keys needed for the communication at the DDS level. The usual way to specify this is passing --enclave <enclave_info> as an argument to ros on the command line when executing a ros node, however this doesn't seem to be trivial when ros nodes are created by plugins on gzclient.
Using --ros-args --enclave <enclave_info> seems to work for plugins in gzserver but not for gzclient. It would be good to figure out a way to pass the--enclave to ros when usinggzclient.
It seems that libgazebo_ros_init.so might be in charge of this, so it would be good to digg into the code here to see what code path it's taking:
Yadunund
commented
3 years ago
Security on Ros2 requires the user to specify the
enclaveso it can find the security keys needed for the communication at the DDS level. The usual way to specify this is passing--enclave <enclave_info>as an argument to ros on the command line when executing a ros node, however this doesn't seem to be trivial when ros nodes are created by plugins ongzclient.Using
--ros-args --enclave <enclave_info>seems to work for plugins ingzserverbut not forgzclient. It would be good to figure out a way to pass the--enclaveto ros when usinggzclient.It seems that
libgazebo_ros_init.somight be in charge of this, so it would be good to digg into the code here to see what code path it's taking:https://github.com/ros-simulation/gazebo_ros_pkgs/blob/8e3f7d7622fa7422d601010ac34cf4aaf06d4c3c/gazebo_ros/src/gazebo_ros_init.cpp#L140-L146