void Service_CreateSession(UA_Server *server, UA_SecureChannel *channel,
const UA_CreateSessionRequest *request,
UA_CreateSessionResponse *response) {
response->responseHeader.serviceResult =
UA_Array_copy(server->endpointDescriptions, (void**)&response->serverEndpoints,
&UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION], server->endpointDescriptionsSize);
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD)
return;
response->serverEndpointsSize = server->endpointDescriptionsSize;
UA_Session *newSession;
response->responseHeader.serviceResult = UA_SessionManager_createSession(&server->sessionManager,
channel, request, &newSession);
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD)
return;
//TODO get maxResponseMessageSize internally
newSession->maxResponseMessageSize = request->maxResponseMessageSize;
response->sessionId = newSession->sessionId;
response->revisedSessionTimeout = newSession->timeout;
response->authenticationToken = newSession->authenticationToken;
response->responseHeader.serviceResult = UA_String_copy(&request->sessionName, &newSession->sessionName);
if(server->endpointDescriptions)
response->responseHeader.serviceResult |=
UA_ByteString_copy(&server->endpointDescriptions->serverCertificate, &response->serverCertificate);
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD) {
UA_SessionManager_removeSession(&server->sessionManager, server, &newSession->authenticationToken);
return;
}
}
static void
requestHistory(UA_DateTime start,
UA_DateTime end,
UA_HistoryReadResponse * response,
UA_UInt32 numValuesPerNode,
UA_Boolean returnBounds,
UA_ByteString *continuationPoint)
{
UA_ReadRawModifiedDetails *details = UA_ReadRawModifiedDetails_new();
details->startTime = start;
details->endTime = end;
details->isReadModified = false;
details->numValuesPerNode = numValuesPerNode;
details->returnBounds = returnBounds;
UA_HistoryReadValueId *valueId = UA_HistoryReadValueId_new();
UA_NodeId_copy(&outNodeId, &valueId->nodeId);
if (continuationPoint)
UA_ByteString_copy(continuationPoint, &valueId->continuationPoint);
UA_HistoryReadRequest request;
UA_HistoryReadRequest_init(&request);
request.historyReadDetails.encoding = UA_EXTENSIONOBJECT_DECODED;
request.historyReadDetails.content.decoded.type = &UA_TYPES[UA_TYPES_READRAWMODIFIEDDETAILS];
request.historyReadDetails.content.decoded.data = details;
request.timestampsToReturn = UA_TIMESTAMPSTORETURN_BOTH;
request.nodesToReadSize = 1;
request.nodesToRead = valueId;
Service_HistoryRead(server, &server->adminSession, &request, response);
UA_HistoryReadRequest_deleteMembers(&request);
}
/* Create a signed nonce */
static UA_StatusCode
nonceAndSignCreateSessionResponse(UA_Server *server, UA_SecureChannel *channel,
UA_Session *session,
const UA_CreateSessionRequest *request,
UA_CreateSessionResponse *response) {
if(channel->securityMode != UA_MESSAGESECURITYMODE_SIGN &&
channel->securityMode != UA_MESSAGESECURITYMODE_SIGNANDENCRYPT)
return UA_STATUSCODE_GOOD;
const UA_SecurityPolicy *const securityPolicy = channel->securityPolicy;
UA_SignatureData *signatureData = &response->serverSignature;
/* Generate Nonce
* FIXME: remove magic number??? */
UA_StatusCode retval = UA_SecureChannel_generateNonce(channel, 32, &response->serverNonce);
retval |= UA_ByteString_copy(&response->serverNonce, &session->serverNonce);
if(retval != UA_STATUSCODE_GOOD) {
UA_SessionManager_removeSession(&server->sessionManager, &session->authenticationToken);
return retval;
}
size_t signatureSize = securityPolicy->asymmetricModule.cryptoModule.
getLocalSignatureSize(securityPolicy, channel->channelContext);
retval |= UA_ByteString_allocBuffer(&signatureData->signature, signatureSize);
if(retval != UA_STATUSCODE_GOOD) {
UA_SessionManager_removeSession(&server->sessionManager, &session->authenticationToken);
return retval;
}
UA_ByteString dataToSign;
retval |= UA_ByteString_allocBuffer(&dataToSign,
request->clientCertificate.length +
request->clientNonce.length);
if(retval != UA_STATUSCODE_GOOD) {
UA_SignatureData_deleteMembers(signatureData);
UA_SessionManager_removeSession(&server->sessionManager, &session->authenticationToken);
return retval;
}
memcpy(dataToSign.data, request->clientCertificate.data, request->clientCertificate.length);
memcpy(dataToSign.data + request->clientCertificate.length,
request->clientNonce.data, request->clientNonce.length);
retval |= UA_String_copy(&securityPolicy->asymmetricModule.cryptoModule.
signatureAlgorithmUri, &signatureData->algorithm);
retval |= securityPolicy->asymmetricModule.cryptoModule.
sign(securityPolicy, channel->channelContext, &dataToSign, &signatureData->signature);
UA_ByteString_deleteMembers(&dataToSign);
if(retval != UA_STATUSCODE_GOOD) {
UA_SignatureData_deleteMembers(signatureData);
UA_SessionManager_removeSession(&server->sessionManager, &session->authenticationToken);
}
return retval;
}
static void
checkSignature(const UA_Server *server,
const UA_SecureChannel *channel,
UA_Session *session,
const UA_ActivateSessionRequest *request,
UA_ActivateSessionResponse *response) {
if(channel->securityMode == UA_MESSAGESECURITYMODE_SIGN ||
channel->securityMode == UA_MESSAGESECURITYMODE_SIGNANDENCRYPT) {
const UA_SecurityPolicy *const securityPolicy = channel->securityPolicy;
const UA_ByteString *const localCertificate = &securityPolicy->localCertificate;
UA_ByteString dataToVerify;
UA_StatusCode retval = UA_ByteString_allocBuffer(&dataToVerify,
localCertificate->length + session->serverNonce.length);
if(retval != UA_STATUSCODE_GOOD) {
response->responseHeader.serviceResult = retval;
UA_LOG_DEBUG_SESSION(server->config.logger, session,
"Failed to allocate buffer for signature verification! %#10x", retval);
return;
}
memcpy(dataToVerify.data, localCertificate->data, localCertificate->length);
memcpy(dataToVerify.data + localCertificate->length,
session->serverNonce.data, session->serverNonce.length);
retval = securityPolicy->asymmetricModule.cryptoModule.
verify(securityPolicy, channel->channelContext, &dataToVerify,
&request->clientSignature.signature);
if(retval != UA_STATUSCODE_GOOD) {
response->responseHeader.serviceResult = retval;
UA_LOG_DEBUG_SESSION(server->config.logger, session,
"Failed to verify the client signature! %#10x", retval);
UA_ByteString_deleteMembers(&dataToVerify);
return;
}
retval = UA_SecureChannel_generateNonce(channel, 32, &response->serverNonce);
retval |= UA_ByteString_copy(&response->serverNonce, &session->serverNonce);
if(retval != UA_STATUSCODE_GOOD) {
response->responseHeader.serviceResult = retval;
UA_LOG_DEBUG_SESSION(server->config.logger, session,
"Failed to generate a new nonce! %#10x", retval);
UA_ByteString_deleteMembers(&dataToVerify);
return;
}
UA_ByteString_deleteMembers(&dataToVerify);
}
}
/**
* Called in processCompleteChunk for every complete chunk which is received by the server.
*
* It will first try to decode the message to get the name of the called service.
* When we have a name the message is dumped as binary to that file.
* If the file already exists a new file will be created with a counter at the end.
*/
void
UA_debug_dumpCompleteChunk(UA_Server *const server, UA_Connection *const connection,
UA_ByteString *messageBuffer) {
struct UA_dump_filename dump_filename;
dump_filename.messageType = NULL;
dump_filename.serviceName[0] = 0;
if(!connection->channel) {
UA_debug_dump_setName_withoutChannel(server, connection, messageBuffer, &dump_filename);
} else {
UA_SecureChannel dummy = *connection->channel;
TAILQ_INIT(&dummy.messages);
UA_ByteString messageBufferCopy;
UA_ByteString_copy(messageBuffer, &messageBufferCopy);
UA_SecureChannel_decryptAddChunk(&dummy, &messageBufferCopy, UA_TRUE);
UA_SecureChannel_processCompleteMessages(&dummy, &dump_filename, UA_debug_dump_setName_withChannel);
UA_SecureChannel_deleteMessages(&dummy);
UA_ByteString_deleteMembers(&messageBufferCopy);
}
char fileName[250];
snprintf(fileName, 255, "%s/%05d_%s%s", UA_CORPUS_OUTPUT_DIR, ++UA_dump_chunkCount,
dump_filename.messageType ? dump_filename.messageType : "", dump_filename.serviceName);
char dumpOutputFile[255];
snprintf(dumpOutputFile, 255, "%s.bin", fileName);
// check if file exists and if yes create a counting filename to avoid overwriting
unsigned cnt = 1;
while ( access( dumpOutputFile, F_OK ) != -1 ) {
snprintf(dumpOutputFile, 255, "%s_%d.bin", fileName, cnt);
cnt++;
}
UA_LOG_INFO(&server->config.logger, UA_LOGCATEGORY_SERVER,
"Dumping package %s", dumpOutputFile);
FILE *write_ptr = fopen(dumpOutputFile, "ab");
fwrite(messageBuffer->data, messageBuffer->length, 1, write_ptr); // write 10 bytes from our buffer
// add the available memory size. See the UA_DUMP_RAM_SIZE define for more info.
uint32_t ramSize = UA_DUMP_RAM_SIZE;
fwrite(&ramSize, sizeof(ramSize), 1, write_ptr);
fclose(write_ptr);
}
static UA_StatusCode
requestSession(UA_Client *client, UA_UInt32 *requestId) {
UA_CreateSessionRequest request;
UA_CreateSessionRequest_init(&request);
UA_StatusCode retval = UA_STATUSCODE_GOOD;
if(client->channel.securityMode == UA_MESSAGESECURITYMODE_SIGN ||
client->channel.securityMode == UA_MESSAGESECURITYMODE_SIGNANDENCRYPT) {
if(client->channel.localNonce.length != UA_SESSION_LOCALNONCELENGTH) {
UA_ByteString_deleteMembers(&client->channel.localNonce);
retval = UA_ByteString_allocBuffer(&client->channel.localNonce,
UA_SESSION_LOCALNONCELENGTH);
if(retval != UA_STATUSCODE_GOOD)
return retval;
}
retval = client->channel.securityPolicy->symmetricModule.
generateNonce(client->channel.securityPolicy, &client->channel.localNonce);
if(retval != UA_STATUSCODE_GOOD)
return retval;
}
request.requestHeader.requestHandle = ++client->requestHandle;
request.requestHeader.timestamp = UA_DateTime_now();
request.requestHeader.timeoutHint = 10000;
UA_ByteString_copy(&client->channel.localNonce, &request.clientNonce);
request.requestedSessionTimeout = client->config.requestedSessionTimeout;
request.maxResponseMessageSize = UA_INT32_MAX;
UA_String_copy(&client->config.endpoint.endpointUrl, &request.endpointUrl);
UA_ApplicationDescription_copy(&client->config.clientDescription,
&request.clientDescription);
retval = UA_Client_sendAsyncRequest (
client, &request, &UA_TYPES[UA_TYPES_CREATESESSIONREQUEST],
(UA_ClientAsyncServiceCallback) responseSessionCallback,
&UA_TYPES[UA_TYPES_CREATESESSIONRESPONSE], NULL, requestId);
UA_CreateSessionRequest_deleteMembers(&request);
client->connectStatus = retval;
return client->connectStatus;
}
static UA_StatusCode SessionHandshake(UA_Client *client) {
UA_CreateSessionRequest request;
UA_CreateSessionRequest_init(&request);
// todo: is this needed for all requests?
UA_NodeId_copy(&client->authenticationToken, &request.requestHeader.authenticationToken);
request.requestHeader.timestamp = UA_DateTime_now();
request.requestHeader.timeoutHint = 10000;
UA_ByteString_copy(&client->channel.clientNonce, &request.clientNonce);
request.requestedSessionTimeout = 1200000;
request.maxResponseMessageSize = UA_INT32_MAX;
UA_CreateSessionResponse response;
UA_CreateSessionResponse_init(&response);
__UA_Client_Service(client, &request, &UA_TYPES[UA_TYPES_CREATESESSIONREQUEST],
&response, &UA_TYPES[UA_TYPES_CREATESESSIONRESPONSE]);
UA_NodeId_copy(&response.authenticationToken, &client->authenticationToken);
UA_CreateSessionRequest_deleteMembers(&request);
UA_CreateSessionResponse_deleteMembers(&response);
return response.responseHeader.serviceResult; // not deleted
}
void Service_CreateSession(UA_Server *server, UA_SecureChannel *channel,
const UA_CreateSessionRequest *request, UA_CreateSessionResponse *response) {
if(channel->securityToken.channelId == 0) {
response->responseHeader.serviceResult = UA_STATUSCODE_BADSECURECHANNELIDINVALID;
return;
}
response->responseHeader.serviceResult =
UA_Array_copy(server->endpointDescriptions, server->endpointDescriptionsSize,
(void**)&response->serverEndpoints, &UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD)
return;
response->serverEndpointsSize = server->endpointDescriptionsSize;
UA_Session *newSession;
response->responseHeader.serviceResult =
UA_SessionManager_createSession(&server->sessionManager, channel, request, &newSession);
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD) {
UA_LOG_DEBUG_CHANNEL(server->config.logger, channel, "Processing CreateSessionRequest failed");
return;
}
newSession->maxResponseMessageSize = request->maxResponseMessageSize;
newSession->maxRequestMessageSize = channel->connection->localConf.maxMessageSize;
response->sessionId = newSession->sessionId;
response->revisedSessionTimeout = (UA_Double)newSession->timeout;
response->authenticationToken = newSession->authenticationToken;
response->responseHeader.serviceResult = UA_String_copy(&request->sessionName, &newSession->sessionName);
if(server->endpointDescriptionsSize > 0)
response->responseHeader.serviceResult |= UA_ByteString_copy(&server->endpointDescriptions->serverCertificate,
&response->serverCertificate);
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD) {
UA_SessionManager_removeSession(&server->sessionManager, &newSession->authenticationToken);
return;
}
UA_LOG_DEBUG_CHANNEL(server->config.logger, channel, "Session " PRINTF_GUID_FORMAT " created",
PRINTF_GUID_DATA(newSession->sessionId));
}
static UA_StatusCode SecureChannelHandshake(UA_Client *client, UA_Boolean renew) {
/* Check if sc is still valid */
if(renew && client->scExpiresAt - UA_DateTime_now() > client->config.timeToRenewSecureChannel * 10000)
return UA_STATUSCODE_GOOD;
UA_SecureConversationMessageHeader messageHeader;
messageHeader.messageHeader.messageTypeAndFinal = UA_MESSAGETYPEANDFINAL_OPNF;
messageHeader.secureChannelId = 0;
UA_SequenceHeader seqHeader;
seqHeader.sequenceNumber = ++client->channel.sequenceNumber;
seqHeader.requestId = ++client->requestId;
UA_AsymmetricAlgorithmSecurityHeader asymHeader;
UA_AsymmetricAlgorithmSecurityHeader_init(&asymHeader);
asymHeader.securityPolicyUri = UA_STRING_ALLOC("http://opcfoundation.org/UA/SecurityPolicy#None");
/* id of opensecurechannelrequest */
UA_NodeId requestType = UA_NODEID_NUMERIC(0, UA_NS0ID_OPENSECURECHANNELREQUEST + UA_ENCODINGOFFSET_BINARY);
UA_OpenSecureChannelRequest opnSecRq;
UA_OpenSecureChannelRequest_init(&opnSecRq);
opnSecRq.requestHeader.timestamp = UA_DateTime_now();
opnSecRq.requestHeader.authenticationToken = client->authenticationToken;
opnSecRq.requestedLifetime = client->config.secureChannelLifeTime;
if(renew) {
opnSecRq.requestType = UA_SECURITYTOKENREQUESTTYPE_RENEW;
UA_LOG_DEBUG(client->logger, UA_LOGCATEGORY_SECURECHANNEL, "Requesting to renew the SecureChannel");
} else {
opnSecRq.requestType = UA_SECURITYTOKENREQUESTTYPE_ISSUE;
UA_ByteString_init(&client->channel.clientNonce);
UA_ByteString_copy(&client->channel.clientNonce, &opnSecRq.clientNonce);
opnSecRq.securityMode = UA_MESSAGESECURITYMODE_NONE;
UA_LOG_DEBUG(client->logger, UA_LOGCATEGORY_SECURECHANNEL, "Requesting to open a SecureChannel");
}
UA_ByteString message;
UA_Connection *c = &client->connection;
UA_StatusCode retval = c->getSendBuffer(c, c->remoteConf.recvBufferSize, &message);
if(retval != UA_STATUSCODE_GOOD) {
UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&asymHeader);
UA_OpenSecureChannelRequest_deleteMembers(&opnSecRq);
return retval;
}
size_t offset = 12;
retval = UA_AsymmetricAlgorithmSecurityHeader_encodeBinary(&asymHeader, &message, &offset);
retval |= UA_SequenceHeader_encodeBinary(&seqHeader, &message, &offset);
retval |= UA_NodeId_encodeBinary(&requestType, &message, &offset);
retval |= UA_OpenSecureChannelRequest_encodeBinary(&opnSecRq, &message, &offset);
messageHeader.messageHeader.messageSize = offset;
offset = 0;
retval |= UA_SecureConversationMessageHeader_encodeBinary(&messageHeader, &message, &offset);
UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&asymHeader);
UA_OpenSecureChannelRequest_deleteMembers(&opnSecRq);
if(retval != UA_STATUSCODE_GOOD) {
client->connection.releaseSendBuffer(&client->connection, &message);
return retval;
}
message.length = messageHeader.messageHeader.messageSize;
retval = client->connection.send(&client->connection, &message);
if(retval != UA_STATUSCODE_GOOD)
return retval;
UA_ByteString reply;
UA_ByteString_init(&reply);
do {
retval = client->connection.recv(&client->connection, &reply, client->config.timeout);
if(retval != UA_STATUSCODE_GOOD) {
UA_LOG_DEBUG(client->logger, UA_LOGCATEGORY_SECURECHANNEL,
"Receiving OpenSecureChannelResponse failed");
return retval;
}
} while(!reply.data);
offset = 0;
UA_SecureConversationMessageHeader_decodeBinary(&reply, &offset, &messageHeader);
UA_AsymmetricAlgorithmSecurityHeader_decodeBinary(&reply, &offset, &asymHeader);
UA_SequenceHeader_decodeBinary(&reply, &offset, &seqHeader);
UA_NodeId_decodeBinary(&reply, &offset, &requestType);
UA_NodeId expectedRequest = UA_NODEID_NUMERIC(0, UA_NS0ID_OPENSECURECHANNELRESPONSE +
UA_ENCODINGOFFSET_BINARY);
if(!UA_NodeId_equal(&requestType, &expectedRequest)) {
UA_ByteString_deleteMembers(&reply);
UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&asymHeader);
UA_NodeId_deleteMembers(&requestType);
UA_LOG_DEBUG(client->logger, UA_LOGCATEGORY_CLIENT,
"Reply answers the wrong request. Expected OpenSecureChannelResponse.");
return UA_STATUSCODE_BADINTERNALERROR;
}
UA_OpenSecureChannelResponse response;
UA_OpenSecureChannelResponse_init(&response);
retval = UA_OpenSecureChannelResponse_decodeBinary(&reply, &offset, &response);
if(retval != UA_STATUSCODE_GOOD) {
UA_LOG_DEBUG(client->logger, UA_LOGCATEGORY_SECURECHANNEL,
"Decoding OpenSecureChannelResponse failed");
UA_ByteString_deleteMembers(&reply);
UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&asymHeader);
UA_OpenSecureChannelResponse_init(&response);
response.responseHeader.serviceResult = retval;
return retval;
}
client->scExpiresAt = UA_DateTime_now() + response.securityToken.revisedLifetime * 10000;
UA_ByteString_deleteMembers(&reply);
retval = response.responseHeader.serviceResult;
if(retval != UA_STATUSCODE_GOOD)
UA_LOG_DEBUG(client->logger, UA_LOGCATEGORY_SECURECHANNEL,
"SecureChannel could not be opened / renewed");
else if(!renew) {
UA_ChannelSecurityToken_copy(&response.securityToken, &client->channel.securityToken);
/* if the handshake is repeated, replace the old nonce */
UA_ByteString_deleteMembers(&client->channel.serverNonce);
UA_ByteString_copy(&response.serverNonce, &client->channel.serverNonce);
UA_LOG_DEBUG(client->logger, UA_LOGCATEGORY_SECURECHANNEL, "SecureChannel opened");
} else
UA_LOG_DEBUG(client->logger, UA_LOGCATEGORY_SECURECHANNEL, "SecureChannel renewed");
UA_OpenSecureChannelResponse_deleteMembers(&response);
UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&asymHeader);
return retval;
}
void Service_CreateSession(UA_Server *server, UA_SecureChannel *channel,
const UA_CreateSessionRequest *request,
UA_CreateSessionResponse *response) {
if(channel->securityToken.channelId == 0) {
response->responseHeader.serviceResult =
UA_STATUSCODE_BADSECURECHANNELIDINVALID;
return;
}
/* Allocate the response */
response->serverEndpoints = (UA_EndpointDescription*)
UA_Array_new(server->config.endpoints.count,
&UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
if(!response->serverEndpoints) {
response->responseHeader.serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
return;
}
response->serverEndpointsSize = server->config.endpoints.count;
/* Copy the server's endpointdescriptions into the response */
for(size_t i = 0; i < server->config.endpoints.count; ++i)
response->responseHeader.serviceResult |=
UA_EndpointDescription_copy(&server->config.endpoints.endpoints[0].endpointDescription,
&response->serverEndpoints[i]);
/* Mirror back the endpointUrl */
for(size_t i = 0; i < response->serverEndpointsSize; ++i) {
UA_String_deleteMembers(&response->serverEndpoints[i].endpointUrl);
UA_String_copy(&request->endpointUrl,
&response->serverEndpoints[i].endpointUrl);
}
UA_Session *newSession;
response->responseHeader.serviceResult =
UA_SessionManager_createSession(&server->sessionManager,
channel, request, &newSession);
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD) {
UA_LOG_DEBUG_CHANNEL(server->config.logger, channel,
"Processing CreateSessionRequest failed");
return;
}
/* Fill the session with more information */
newSession->maxResponseMessageSize = request->maxResponseMessageSize;
newSession->maxRequestMessageSize =
channel->connection->localConf.maxMessageSize;
response->responseHeader.serviceResult |=
UA_ApplicationDescription_copy(&request->clientDescription,
&newSession->clientDescription);
/* Prepare the response */
response->sessionId = newSession->sessionId;
response->revisedSessionTimeout = (UA_Double)newSession->timeout;
response->authenticationToken = newSession->authenticationToken;
response->responseHeader.serviceResult =
UA_String_copy(&request->sessionName, &newSession->sessionName);
if(server->config.endpoints.count > 0)
response->responseHeader.serviceResult |=
UA_ByteString_copy(&server->config.endpoints.endpoints[0].endpointDescription.serverCertificate,
&response->serverCertificate);
/* Failure -> remove the session */
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD) {
UA_SessionManager_removeSession(&server->sessionManager,
&newSession->authenticationToken);
return;
}
UA_LOG_DEBUG_CHANNEL(server->config.logger, channel,
"Session " UA_PRINTF_GUID_FORMAT " created",
UA_PRINTF_GUID_DATA(newSession->sessionId.identifier.guid));
}
static UA_UInt32
testHistoricalDataBackend(size_t maxResponseSize)
{
const UA_HistorizingNodeIdSettings* setting = gathering->getHistorizingSetting(server, gathering->context, &outNodeId);
UA_HistorizingNodeIdSettings newSetting = *setting;
newSetting.maxHistoryDataResponseSize = maxResponseSize;
gathering->updateNodeIdSetting(server, gathering->context, &outNodeId, newSetting);
UA_UInt32 retval = 0;
size_t i = 0;
testTuple *current = &testRequests[i];
fprintf(stderr, "Testing with maxResponseSize of %lu\n", maxResponseSize);
fprintf(stderr, "Start | End | numValuesPerNode | returnBounds |ContPoint| {Expected}{Result} Result\n");
fprintf(stderr, "------+------+------------------+--------------+---------+----------------\n");
size_t j;
while (current->start || current->end) {
j = 0;
if (current->start == TIMESTAMP_UNSPECIFIED) {
fprintf(stderr, "UNSPEC|");
} else {
fprintf(stderr, " %3lld |", current->start / UA_DATETIME_SEC);
}
if (current->end == TIMESTAMP_UNSPECIFIED) {
fprintf(stderr, "UNSPEC|");
} else {
fprintf(stderr, " %3lld |", current->end / UA_DATETIME_SEC);
}
fprintf(stderr, " %2u | %s | %s | {", current->numValuesPerNode, (current->returnBounds ? "Yes" : " No"), (current->returnContinuationPoint ? "Yes" : " No"));
while (current->result[j]) {
printTimestamp(current->result[j]);
++j;
}
fprintf(stderr, "}");
UA_DataValue *result = NULL;
size_t resultSize = 0;
UA_ByteString continuous;
UA_ByteString_init(&continuous);
UA_Boolean readOk = true;
size_t reseivedValues = 0;
fprintf(stderr, "{");
size_t counter = 0;
do {
UA_HistoryReadResponse response;
UA_HistoryReadResponse_init(&response);
UA_UInt32 numValuesPerNode = current->numValuesPerNode;
if (numValuesPerNode > 0 && numValuesPerNode + (UA_UInt32)reseivedValues > current->numValuesPerNode)
numValuesPerNode = current->numValuesPerNode - (UA_UInt32)reseivedValues;
requestHistory(current->start,
current->end,
&response,
numValuesPerNode,
current->returnBounds,
&continuous);
++counter;
if(response.resultsSize != 1) {
fprintf(stderr, "ResultError:Size %lu %s", response.resultsSize, UA_StatusCode_name(response.responseHeader.serviceResult));
readOk = false;
UA_HistoryReadResponse_deleteMembers(&response);
break;
}
UA_StatusCode stat = response.results[0].statusCode;
if (stat == UA_STATUSCODE_BADBOUNDNOTSUPPORTED && current->returnBounds) {
fprintf(stderr, "%s", UA_StatusCode_name(stat));
UA_HistoryReadResponse_deleteMembers(&response);
break;
}
if(response.results[0].historyData.encoding != UA_EXTENSIONOBJECT_DECODED
|| response.results[0].historyData.content.decoded.type != &UA_TYPES[UA_TYPES_HISTORYDATA]) {
fprintf(stderr, "ResultError:HistoryData");
readOk = false;
UA_HistoryReadResponse_deleteMembers(&response);
break;
}
UA_HistoryData * data = (UA_HistoryData *)response.results[0].historyData.content.decoded.data;
resultSize = data->dataValuesSize;
result = data->dataValues;
if (resultSize == 0 && continuous.length > 0) {
fprintf(stderr, "continuousResultEmpty");
readOk = false;
UA_HistoryReadResponse_deleteMembers(&response);
break;
}
if (resultSize > maxResponseSize) {
fprintf(stderr, "resultToBig");
readOk = false;
UA_HistoryReadResponse_deleteMembers(&response);
break;
}
if (stat != UA_STATUSCODE_GOOD) {
fprintf(stderr, "%s", UA_StatusCode_name(stat));
} else {
for (size_t k = 0; k < resultSize; ++k)
printResult(&result[k]);
}
if (stat == UA_STATUSCODE_GOOD && j >= resultSize + reseivedValues) {
for (size_t l = 0; l < resultSize; ++l) {
/* See OPC UA Part 11, Version 1.03, Page 5-6, Table 1, Mark a for details.*/
if (current->result[l + reseivedValues] == TIMESTAMP_LAST && current->end == TIMESTAMP_UNSPECIFIED) {
// This test will work on not continous read, only
if (reseivedValues == 0 && !(l > 0 && result[l].sourceTimestamp == result[l-1].sourceTimestamp + UA_DATETIME_SEC))
readOk = false;
}
/* See OPC UA Part 11, Version 1.03, Page 5-6, Table 1, Mark b for details.*/
if (current->result[l + reseivedValues] == TIMESTAMP_FIRST && current->start == TIMESTAMP_UNSPECIFIED) {
// This test will work on not continous read, only
if (reseivedValues == 0 && !(l > 0 && result[l].sourceTimestamp == result[l-1].sourceTimestamp - UA_DATETIME_SEC))
readOk = false;
}
if (!resultIsEqual(&result[l], current, l + reseivedValues))
readOk = false;
}
if (response.results[0].continuationPoint.length > 0)
fprintf(stderr, "C,");
reseivedValues += resultSize;
if (reseivedValues == j) {
if (current->returnContinuationPoint && response.results[0].continuationPoint.length == 0) {
readOk = false;
fprintf(stderr, "missingContinuationPoint");
}
if (!current->returnContinuationPoint && response.results[0].continuationPoint.length > 0) {
readOk = false;
fprintf(stderr, "unexpectedContinuationPoint");
}
UA_HistoryReadResponse_deleteMembers(&response);
break;
}
UA_ByteString_deleteMembers(&continuous);
UA_ByteString_copy(&response.results[0].continuationPoint, &continuous);
} else {
readOk = false;
UA_HistoryReadResponse_deleteMembers(&response);
break;
}
UA_HistoryReadResponse_deleteMembers(&response);
} while (continuous.length > 0);
if (j != reseivedValues) {
readOk = false;
}
UA_ByteString_deleteMembers(&continuous);
if (!readOk) {
fprintf(stderr, "} Fail (%lu requests)\n", counter);
++retval;
} else {
fprintf(stderr, "} OK (%lu requests)\n", counter);
}
current = &testRequests[++i];
}
return retval;
}
void Service_CreateSession(UA_Server *server, UA_SecureChannel *channel,
const UA_CreateSessionRequest *request,
UA_CreateSessionResponse *response) {
if(channel == NULL) {
response->responseHeader.serviceResult = UA_STATUSCODE_BADINTERNALERROR;
return;
}
if(channel->connection == NULL) {
response->responseHeader.serviceResult = UA_STATUSCODE_BADINTERNALERROR;
return;
}
UA_LOG_DEBUG_CHANNEL(server->config.logger, channel, "Trying to create session");
if(channel->securityMode == UA_MESSAGESECURITYMODE_SIGN ||
channel->securityMode == UA_MESSAGESECURITYMODE_SIGNANDENCRYPT) {
if(!UA_ByteString_equal(&request->clientCertificate,
&channel->remoteCertificate)) {
response->responseHeader.serviceResult = UA_STATUSCODE_BADCERTIFICATEINVALID;
return;
}
}
if(channel->securityToken.channelId == 0) {
response->responseHeader.serviceResult =
UA_STATUSCODE_BADSECURECHANNELIDINVALID;
return;
}
if(!UA_ByteString_equal(&channel->securityPolicy->policyUri,
&UA_SECURITY_POLICY_NONE_URI) &&
request->clientNonce.length < 32) {
response->responseHeader.serviceResult = UA_STATUSCODE_BADNONCEINVALID;
return;
}
////////////////////// TODO: Compare application URI with certificate uri (decode certificate)
/* Allocate the response */
response->serverEndpoints = (UA_EndpointDescription*)
UA_Array_new(server->config.endpointsSize,
&UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
if(!response->serverEndpoints) {
response->responseHeader.serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
return;
}
response->serverEndpointsSize = server->config.endpointsSize;
/* Copy the server's endpointdescriptions into the response */
for(size_t i = 0; i < server->config.endpointsSize; ++i)
response->responseHeader.serviceResult |=
UA_EndpointDescription_copy(&server->config.endpoints[0].endpointDescription,
&response->serverEndpoints[i]);
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD)
return;
/* Mirror back the endpointUrl */
for(size_t i = 0; i < response->serverEndpointsSize; ++i) {
UA_String_deleteMembers(&response->serverEndpoints[i].endpointUrl);
UA_String_copy(&request->endpointUrl,
&response->serverEndpoints[i].endpointUrl);
}
UA_Session *newSession;
response->responseHeader.serviceResult =
UA_SessionManager_createSession(&server->sessionManager,
channel, request, &newSession);
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD) {
UA_LOG_DEBUG_CHANNEL(server->config.logger, channel,
"Processing CreateSessionRequest failed");
return;
}
/* Fill the session with more information */
newSession->maxResponseMessageSize = request->maxResponseMessageSize;
newSession->maxRequestMessageSize =
channel->connection->localConf.maxMessageSize;
response->responseHeader.serviceResult |=
UA_ApplicationDescription_copy(&request->clientDescription,
&newSession->clientDescription);
/* Prepare the response */
response->sessionId = newSession->sessionId;
response->revisedSessionTimeout = (UA_Double)newSession->timeout;
response->authenticationToken = newSession->authenticationToken;
response->responseHeader.serviceResult =
UA_String_copy(&request->sessionName, &newSession->sessionName);
if(server->config.endpointsSize > 0)
response->responseHeader.serviceResult |=
UA_ByteString_copy(&channel->securityPolicy->localCertificate,
&response->serverCertificate);
/* Create a signed nonce */
response->responseHeader.serviceResult =
nonceAndSignCreateSessionResponse(server, channel, newSession, request, response);
/* Failure -> remove the session */
if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD) {
UA_SessionManager_removeSession(&server->sessionManager, &newSession->authenticationToken);
return;
}
UA_LOG_DEBUG_CHANNEL(server->config.logger, channel,
"Session " UA_PRINTF_GUID_FORMAT " created",
UA_PRINTF_GUID_DATA(newSession->sessionId.identifier.guid));
}
UA_StatusCode
TestingPolicy(UA_SecurityPolicy *policy, UA_ByteString localCertificate,
funcs_called *fCalled, const key_sizes *kSizes) {
keySizes = kSizes;
funcsCalled = fCalled;
policy->policyContext = (void *)funcsCalled;
policy->policyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#Testing");
policy->logger = UA_Log_Stdout;
policy->certificateVerification = NULL;
UA_ByteString_copy(&localCertificate, &policy->localCertificate);
policy->asymmetricModule.makeCertificateThumbprint = makeThumbprint_testing;
policy->asymmetricModule.compareCertificateThumbprint = compareThumbprint_testing;
UA_SecurityPolicySignatureAlgorithm *asym_signatureAlgorithm =
&policy->asymmetricModule.cryptoModule.signatureAlgorithm;
asym_signatureAlgorithm->uri = UA_STRING_NULL;
asym_signatureAlgorithm->verify = verify_testing;
asym_signatureAlgorithm->sign = asym_sign_testing;
asym_signatureAlgorithm->getLocalSignatureSize = asym_getLocalSignatureSize_testing;
asym_signatureAlgorithm->getRemoteSignatureSize = asym_getRemoteSignatureSize_testing;
UA_SecurityPolicyEncryptionAlgorithm *asym_encryptionAlgorithm =
&policy->asymmetricModule.cryptoModule.encryptionAlgorithm;
asym_encryptionAlgorithm->encrypt = asym_encrypt_testing;
asym_encryptionAlgorithm->decrypt = decrypt_testing;
asym_encryptionAlgorithm->getLocalKeyLength = asym_getLocalEncryptionKeyLength_testing;
asym_encryptionAlgorithm->getRemoteKeyLength = asym_getRemoteEncryptionKeyLength_testing;
asym_encryptionAlgorithm->getRemotePlainTextBlockSize = asym_getRemotePlainTextBlockSize_testing;
asym_encryptionAlgorithm->getRemoteBlockSize = asym_getRemoteBlockSize_testing;
policy->symmetricModule.generateKey = generateKey_testing;
policy->symmetricModule.generateNonce = generateNonce_testing;
UA_SecurityPolicySignatureAlgorithm *sym_signatureAlgorithm =
&policy->symmetricModule.cryptoModule.signatureAlgorithm;
sym_signatureAlgorithm->uri = UA_STRING_NULL;
sym_signatureAlgorithm->verify = verify_testing;
sym_signatureAlgorithm->sign = sym_sign_testing;
sym_signatureAlgorithm->getLocalSignatureSize = sym_getLocalSignatureSize_testing;
sym_signatureAlgorithm->getRemoteSignatureSize = sym_getRemoteSignatureSize_testing;
sym_signatureAlgorithm->getLocalKeyLength = sym_getLocalSigningKeyLength_testing;
sym_signatureAlgorithm->getRemoteKeyLength = sym_getRemoteSigningKeyLength_testing;
UA_SecurityPolicyEncryptionAlgorithm *sym_encryptionAlgorithm =
&policy->symmetricModule.cryptoModule.encryptionAlgorithm;
sym_encryptionAlgorithm->encrypt = sym_encrypt_testing;
sym_encryptionAlgorithm->decrypt = decrypt_testing;
sym_encryptionAlgorithm->getLocalKeyLength = sym_getLocalEncryptionKeyLength_testing;
sym_encryptionAlgorithm->getRemoteKeyLength = sym_getRemoteEncryptionKeyLength_testing;
sym_encryptionAlgorithm->getLocalBlockSize = sym_getLocalEncryptionBlockSize_testing;
sym_encryptionAlgorithm->getRemoteBlockSize = sym_getRemoteEncryptionBlockSize_testing;
policy->channelModule.newContext = newContext_testing;
policy->channelModule.deleteContext = deleteContext_testing;
policy->channelModule.setLocalSymEncryptingKey = setLocalSymEncryptingKey_testing;
policy->channelModule.setLocalSymSigningKey = setLocalSymSigningKey_testing;
policy->channelModule.setLocalSymIv = setLocalSymIv_testing;
policy->channelModule.setRemoteSymEncryptingKey = setRemoteSymEncryptingKey_testing;
policy->channelModule.setRemoteSymSigningKey = setRemoteSymSigningKey_testing;
policy->channelModule.setRemoteSymIv = setRemoteSymIv_testing;
policy->channelModule.compareCertificate = compareCertificate_testing;
policy->deleteMembers = policy_deletemembers_testing;
return UA_STATUSCODE_GOOD;
}
/* When a change is detected, encoding contains the heap-allocated binary
* encoded value. The default for changed is false. */
static UA_StatusCode
detectValueChangeWithFilter(UA_Server *server, UA_MonitoredItem *mon, UA_DataValue *value,
UA_ByteString *encoding, UA_Boolean *changed) {
if(UA_DataType_isNumeric(value->value.type) &&
(mon->filter.dataChangeFilter.trigger == UA_DATACHANGETRIGGER_STATUSVALUE ||
mon->filter.dataChangeFilter.trigger == UA_DATACHANGETRIGGER_STATUSVALUETIMESTAMP)) {
if(mon->filter.dataChangeFilter.deadbandType == UA_DEADBANDTYPE_ABSOLUTE) {
if(!updateNeededForFilteredValue(&value->value, &mon->lastValue,
mon->filter.dataChangeFilter.deadbandValue))
return UA_STATUSCODE_GOOD;
}
#ifdef UA_ENABLE_DA
else if(mon->filter.dataChangeFilter.deadbandType == UA_DEADBANDTYPE_PERCENT) {
UA_QualifiedName qn = UA_QUALIFIEDNAME(0, "EURange");
UA_BrowsePathResult bpr = UA_Server_browseSimplifiedBrowsePath(server, mon->monitoredNodeId, 1, &qn);
if(bpr.statusCode != UA_STATUSCODE_GOOD || bpr.targetsSize < 1) { //if branch is not entried, property has been found
UA_BrowsePathResult_deleteMembers(&bpr);
return UA_STATUSCODE_GOOD;
}
const UA_VariableNode* node =
(const UA_VariableNode*) UA_Nodestore_getNode(server->nsCtx, &bpr.targets->targetId.nodeId);
UA_Range* euRange = (UA_Range*) node->value.data.value.value.data;
if(!updateNeededForFilteredPercentValue(&value->value, &mon->lastValue,
mon->filter.dataChangeFilter.deadbandValue, euRange)) {
if(!updateNeededForStatusCode(value, mon)) //when same value, but different status code is written
return UA_STATUSCODE_GOOD;
}
}
#endif
}
/* Stack-allocate some memory for the value encoding. We might heap-allocate
* more memory if needed. This is just enough for scalars and small
* structures. */
UA_STACKARRAY(UA_Byte, stackValueEncoding, UA_VALUENCODING_MAXSTACK);
UA_ByteString valueEncoding;
valueEncoding.data = stackValueEncoding;
valueEncoding.length = UA_VALUENCODING_MAXSTACK;
/* Encode the value */
UA_Byte *bufPos = valueEncoding.data;
const UA_Byte *bufEnd = &valueEncoding.data[valueEncoding.length];
UA_StatusCode retval = UA_encodeBinary(value, &UA_TYPES[UA_TYPES_DATAVALUE],
&bufPos, &bufEnd, NULL, NULL);
if(retval == UA_STATUSCODE_BADENCODINGERROR) {
size_t binsize = UA_calcSizeBinary(value, &UA_TYPES[UA_TYPES_DATAVALUE]);
if(binsize == 0)
return UA_STATUSCODE_BADENCODINGERROR;
if(binsize > UA_VALUENCODING_MAXSTACK) {
retval = UA_ByteString_allocBuffer(&valueEncoding, binsize);
if(retval == UA_STATUSCODE_GOOD) {
bufPos = valueEncoding.data;
bufEnd = &valueEncoding.data[valueEncoding.length];
retval = UA_encodeBinary(value, &UA_TYPES[UA_TYPES_DATAVALUE],
&bufPos, &bufEnd, NULL, NULL);
}
}
}
if(retval != UA_STATUSCODE_GOOD) {
if(valueEncoding.data != stackValueEncoding)
UA_ByteString_deleteMembers(&valueEncoding);
return retval;
}
/* Has the value changed? */
valueEncoding.length = (uintptr_t)bufPos - (uintptr_t)valueEncoding.data;
*changed = (!mon->lastSampledValue.data ||
!UA_String_equal(&valueEncoding, &mon->lastSampledValue));
/* No change */
if(!(*changed)) {
if(valueEncoding.data != stackValueEncoding)
UA_ByteString_deleteMembers(&valueEncoding);
return UA_STATUSCODE_GOOD;
}
/* Change detected. Copy encoding on the heap if necessary. */
if(valueEncoding.data == stackValueEncoding)
return UA_ByteString_copy(&valueEncoding, encoding);
*encoding = valueEncoding;
return UA_STATUSCODE_GOOD;
}