Lines Matching +full:security +full:- +full:events
10 :iconsdir: {asciidoc-confdir}/{iconsdir}
14 :data-uri:
18 Copyright (C) 2015-2019, Bayerische Motoren Werke Aktiengesellschaft (BMW AG)
29 // or pass it via -a version=$VSOMEIP_VERSION to asciidoc
33 ----------------
34 The vsomeip stack implements the http://some-ip.com/[Scalable service-Oriented
38 * a second shared library for SOME/IP's service discovery (`libvsomeip-sd.so`)
42 ------------------
49 *** `sudo apt-get install libboost-system1.55-dev libboost-thread1.55-dev
50 libboost-log1.55-dev`
52 *** URL: https://launchpad.net/~boost-latest/+archive/ubuntu/ppa
53 *** `sudo add-apt-repository ppa:boost-latest/ppa`
54 *** `sudo apt-get install libboost-system1.55-dev libboost-thread1.55-dev
55 libboost-log1.55-dev`
58 ** URL: https://googletest.googlecode.com/files/gtest-1.7.0.zip[direct link,
60 * To build the documentation asciidoc, source-highlight, doxygen and graphviz is needed:
61 ** `sudo apt-get install asciidoc source-highlight doxygen graphviz`
68 ----
73 ----
75 To specify a installation directory (like `--prefix=` if you're used to
78 ----
79 cmake -DCMAKE_INSTALL_PREFIX:PATH=$YOUR_PATH ..
82 ----
89 ----
90 cmake -DBASE_PATH=<YOUR BASE PATH> ..
91 ----
98 ----
99 cmake -DUNICAST_ADDRESS=<YOUR IP ADDRESS> ..
100 ----
104 ----
105 cmake -DDIAGNOSIS_ADDRESS=<YOUR DIAGNOSIS ADDRESS> ..
106 ----
113 ----
114 cmake -DDEFAULT_CONFIGURATION_FOLDER=<DEFAULT CONFIGURATION FOLDER> ..
115 ----
122 ----
123 cmake -DDEFAULT_CONFIGURATION_FILE=<DEFAULT CONFIGURATION FILE> ..
124 ----
132 ----
133 cmake -DENABLE_SIGNAL_HANDLING=1 ..
134 ----
143 ----
144 cmake -DROUTING_READY_MESSAGE=<YOUR MESSAGE> ..
145 ----
152 ----
153 cmake -DENABLE_CONFIGURATION_OVERLAYS=1 ..
154 ----
161 ----
162 cmake -DENABLE_COMPAT=1 ..
163 ----
169 ----
174 ----
196 ----
199 export GTEST_ROOT=$PATH_TO_GTEST/gtest-1.7.0/
200 cmake -DENABLE_SIGNAL_HANDLING=1 -DTEST_IP_MASTER=10.0.3.1 -DTEST_IP_SLAVE=10.0.3.125 ..
202 ----
209 * To run single tests call `ctest --verbose --tests-regex $TESTNAME` short
210 form: `ctest -V -R $TESTNAME`
211 * To list all available tests run `ctest -N`.
228 ----
229 cmake -DTEST_SYMLINK_CONFIG_FILES=ON -DTEST_SYMLINK_CONFIG_FILES_RELATIVE=ON ..
230 ----
238 ----
239 cmake -DTESTS_BAT=ON ..
240 ----
246 ----
251 ----
263 ----------------------------------------------------------
276 files to speed-up application startup. While mandatory configuration files are read by all
284 To enable service-specific logs, provide a space- or colon-separated list of ServiceIDs (using
285 4-digit hexadecimal notation, optionally followed by dot-separted InstanceID). For example:
301 ----
306 ----
309 ----------------------------
310 The configuration files for vsomeip are http://www.json.org/[JSON]-Files and are
358 is 8 (2^8 = 256 - 1 (for the routing manager) = 255). The resulting client ID
372 named `/tmp/vsomeip-$CLIENTID`
425 * anchor:config-tracing[]'tracing' (optional)
477 instances of the corresponding service or tuples consisting of service-,
478 instance- and method-identifier. 'any' may be used as a wildcard for matching
482 service-, instance-and method-identifier. All messages with service-,
483 instance-and method-identifiers that are greater than or equal to "from"
522 The number of internal threads to process messages and events within an application.
523 Valid values are 1-255. Default is 2.
527 The nice level for internal threads processing messages and events. POSIX/Linux only.
532 Specifies a debounce-time interval in ms in which request-service messages are sent to
540 Contains the plug-ins that should be loaded to extend the functionality of vsomeip.
544 The name of the plug-in.
548 The plug-in type (valid values: _application_plugin_).
550 An application plug-in extends the functionality on application level. It gets informed
552 notifications, access the standard "application"-API via the runtime.
599 *** `enable-magic-cookies`
609 ** `events` (array)
611 Contains the events of the service.
634 Events can be grouped together into on event group. For a client it is thus
635 possible to subscribe for an event group and to receive the appropriate events
642 *** `events` (array)
644 Contains the ids of the appropriate events.
661 Must be set to a non-negative number. If it is set to zero, all events of the eventgroup
662 will be sent by unicast. Otherwise, the events will be sent by unicast as long as the
664 of subscribers is greater or equal. This means, a threshold of 1 will lead to all events
667 ** `debounce-times` (object)
672 ** `someip-tp` (object)
674 Used to configure the SOME/IP-TP feature. There's an example available at
675 <<someiptp, SOME/IP-TP>>.
677 *** `service-to-client` (array)
679 Contains the IDs for responses, fields and events which are sent from the node
680 to a remote client which can be segmented via SOME/IP-TP if they exceed the
684 *** `client-to-service` (array)
687 to a remote service which can be segmented via SOME/IP-TP if they exceed the
696 The client-side ports that shall be used to connect to a specific service.
750 * `payload-sizes` (array)
755 `max-payload-size-local` can be used.
777 *** `max-payload-size`
788 * `max-payload-size-local`
794 * `max-payload-size-reliable`
800 * `max-payload-size-unreliable`
802 The maximum allowed payload size for UDP communication via SOME/IP-TP in
803 bytes. By default the payload size for UDP via SOME/IP-TP communication is
805 SOME/IP-TP enabled methods/events/fields (otherwise the UDP default of 1400
806 bytes applies). See <<someiptp, SOME/IP-TP>> for an example configuration.
808 * `endpoint-queue-limits` (array)
813 communication. To limit the local queue size `endpoint-queue-limit-local` can
838 *** `queue-size-limit`
849 * `endpoint-queue-limit-external`
854 setting. Settings done in the `endpoint-queue-limits` array override this
857 * `endpoint-queue-limit-local`
864 * `buffer-shrink-threshold`
874 Example: `buffer-shrink-threshold` is set to 50. A message with 500 bytes has to
879 * `tcp-restart-aborts-max`
884 * `tcp-connect-time-max`
887 If `tcp-connect-time-max` is elapsed, the TCP client endpoint is forcely restarted if the connectio…
889 * `udp-receive-buffer-size`
896 Specifies service/instance ranges for pure internal service-instances.
897 This information is used by vsomeip to avoid sending Find-Service messages
898 via the Service-Discovery when a client is requesting a not available service-
900 only which then includes all instance from 0x0000-0xffff.
908 The lowest Service-ID in hex of the internal service range.
912 The lowest Instance-ID in hex of a internal service-instance range.
913 If not specified the lowest Instance-ID is 0x0000.
921 The highest Service-ID in hex of a internal service range.
925 The highest Instance-ID in hex of a internal service-instance range.
926 If not specified the highest Instance-ID is 0xFFFF.
930 Events/fields sent by external devices will be forwarded to the
937 Service ID which hosts the events to be debounced.
941 Instance ID which hosts the events to be debounced.
943 ** `events`
945 Array of events which shall be debounced based on the following
986 * `routing-credentials`
1011 * `service-discovery`
1125 * anchor:config-watchdog[]`watchdog` (optional)
1141 (valid values: _2 - 2^32_), (default is _5000_ ms).
1146 (valid values: _1 - 2^32_), (default is _3_ pongs).
1148 //CAPI-Selective Broadcasts support
1149 * anchor:config-supports_selective_broadcasts[]`supports_selective_broadcasts` (optional array)
1151 This nodes allow to add a list of IP addresses on which CAPI-Selective-Broadcasts feature is suppor…
1153 normal events.
1157 Specifies an IP-Address (in IPv4 or IPv6 notation) on which the "selective"-feature is supported.
1160 Security
1161 --------
1162 vsomeip has a security implementation based on UNIX credentials.
1166 …s bound to the receiving socket and can therefore be used to do further security checks on incomin…
1174 Therefore, whenever the "security" tag is specified, the routing manager (e.g. routingmanagerd/vsom…
1177 Credential passing is only possible via Unix-Domain-Sockets and therefore only available for local …
1178 However if security is activated method calls from remote clients to local services are checked as …
1181 Security configuration
1183 The available configuration switches for the security feature are:
1185 // Security
1186 * anchor:config-policy[]`security` (optional)
1188 …al or security checks are done as long as _check_credentials_ isn't set to _true_, but the routing…
1189 … to _true_, the routing managers UID and GID needs to be specified using _routing-credentials_ tag.
1193 Specifies whether security checks are active or not. This includes credentials checks on connect as…
1204 Specifies the security policies. Each policy at least needs to specify _allow_ or _deny_.
1208 Specifies the credentials for which a security policy will be applied.
1237 This tag specifies either _allow_ or _deny_ depending on white- or blacklisting is needed. Specifin…
1269 `first` - The lower bound of the instance range.
1271 `last` - The upper bound of the instance range.
1279 `first` - The lower bound of the method range.
1281 `last` - The upper bound of the method range.
1312 Security configuration example
1315 ----
1317 "security" :
1401 ----
1404 examples with activated security checks.
1405 Additionally there's a security test in the `test/` subfolder which can be used
1407 They give a basic overview how to use the security related configuration tags described
1413 vsomeip's security implementation can be put in a so called 'Audit Mode' where
1414 all security violations will be logged but allowed. This mode can be used to
1415 build a security configuration.
1417 To activate the 'Audit Mode' the 'security' object has to be included in the
1422 ----
1428 "security" :
1432 "routing" : "service-sample",
1434 ----
1437 -----------------
1446 Autoconfiguration of client identifiers isn't meant to be used together with vsomeip Security.
1447 Every client running locally needs to have at least its own credentials configured when security is…
1449 …AGNOSIS_ADDRESS) client identifier range to mix autoconfiguration together with activated security.
1452 ---------------
1460 ----
1462 ----
1476 -------------------
1493 ----
1499 ----
1507 ----
1508 $ VSOMEIP_CONFIGURATION=../helloworld-local.json \
1511 2015-04-01 11:31:13.248437 [info] Using configuration file: ../helloworld-local.json
1512 2015-04-01 11:31:13.248766 [debug] Routing endpoint at /tmp/vsomeip-0
1513 2015-04-01 11:31:13.248913 [info] Service Discovery disabled. Using static routing information.
1514 2015-04-01 11:31:13.248979 [debug] Application(hello_world_service, 4444) is initialized.
1515 2015-04-01 11:31:22.705010 [debug] Application/Client 5555 got registered!
1516 ----
1521 ----
1522 $ VSOMEIP_CONFIGURATION=../helloworld-local.json \
1525 2015-04-01 11:31:22.704166 [info] Using configuration file: ../helloworld-local.json
1526 2015-04-01 11:31:22.704417 [debug] Connecting to [0] at /tmp/vsomeip-0
1527 2015-04-01 11:31:22.704630 [debug] Listening at /tmp/vsomeip-5555
1528 2015-04-01 11:31:22.704680 [debug] Application(hello_world_client, 5555) is initialized.
1531 ----
1537 ----
1539 ----
1545 ----
1546 include::../examples/hello_world/helloworld-local.json[]
1547 ----
1553 ----
1555 ----
1585 The event handler declares a callback (__on_event_cbk__) for events that occur.
1636 ----
1638 ----
1729 ---------------
1747 <<config-tracing,JSON configuration file>>. +
1754 ----
1764 ----
1774 ----
1798 ----
1829 ----
1836 = its_connector->create_channel("MC", "My channel");
1842 = its_channel->add_filter(its_match, true);
1845 its_connector->init();
1848 its_connector->set_enabled(true);
1851 its_channel->remove_filter(its_filter_id);
1852 ----
1857 ------------------
1859 This is the add-on documentation for the nPDU feature, aka. _Zugverfahren_.
1870 * As the client- and server-endpoints of a node are managed by the routing
1880 `npdu-default-timings` json object.
1896 "services" section on service level in a special _debounce-times_ section:
1899 ----
1907 "debounce-times":
1915 ----
1919 The global default timings can be overwritten via the `npdu-default-timings`
1924 ----
1928 "npdu-default-timings" : {
1929 "debounce-time-request" : "0",
1930 "debounce-time-response" : "0",
1931 "max-retention-time-request" : "0",
1932 "max-retention-time-response" : "0"
1935 "service-discovery": { [...] }
1937 ----
1957 ----
1968 "debounce-times":
1972 "debounce-time":"10",
1973 "maximum-retention-time":"100"
1980 "service-discovery": { [...] }
1982 ----
1991 ----
2003 "debounce-times":
2007 "debounce-time":"20",
2008 "maximum-retention-time":"200"
2015 "service-discovery": { [...] }
2017 ----
2037 ----
2048 "debounce-times":
2052 "debounce-time":"10",
2053 "maximum-retention-time":"100"
2056 "debounce-time":"20",
2057 "maximum-retention-time":"200"
2064 "service-discovery": { [...] }
2066 ----
2075 ----
2087 "debounce-times":
2091 "debounce-time":"20",
2092 "maximum-retention-time":"200"
2095 "debounce-time":"40",
2096 "maximum-retention-time":"400"
2103 "service-discovery": { [...] }
2105 ----
2126 ----
2140 "enable-magic-cookies":"false"
2142 "debounce-times":
2146 "debounce-time":"10",
2147 "maximum-retention-time":"100",
2154 "service-discovery": { [...] }
2156 ----
2166 ----
2181 "enable-magic-cookies":"false"
2183 "debounce-times":
2187 "debounce-time":"20",
2188 "maximum-retention-time":"200",
2195 "service-discovery": { [...] }
2197 ----
2203 ----------
2219 ----
2230 "someip-tp": {
2231 "service-to-client": [
2237 "max-payload-size-unreliable" : "5000",
2239 "service-discovery": { [...] }
2241 ----
2246 ----
2258 "someip-tp": {
2259 "client-to-service": [
2266 "service-discovery": { [...] }
2268 ----
2271 -----
2284 * See the `--help` parameter for available options.
2296 ----
2297 ./vsomeip_ctrl --instance 5678 --message 123480e800000015134300030100000000000009efbbbf576f726c6400
2298 ----
2303 ----
2304 ./vsomeip_ctrl --tcp --instance 5678 --message 12340bb8000000081344000101010000
2305 ----