static UA_StatusCode EndpointsHandshake(UA_Client *client) {
UA_GetEndpointsRequest request;
UA_GetEndpointsRequest_init(&request);
request.requestHeader.authenticationToken = client->authenticationToken;
request.requestHeader.timestamp = UA_DateTime_now();
request.requestHeader.timeoutHint = 10000;
request.endpointUrl = client->endpointUrl;
UA_String profileUri = UA_STRING("http://opcfoundation.org/UA-Profile/Transport/uatcp-uasc-uabinary");
request.profileUris = &profileUri;
request.profileUrisSize = 1;
UA_GetEndpointsResponse response;
UA_GetEndpointsResponse_init(&response);
__UA_Client_Service(client, &request, &UA_TYPES[UA_TYPES_GETENDPOINTSREQUEST],
&response, &UA_TYPES[UA_TYPES_GETENDPOINTSRESPONSE]);
UA_Boolean endpointFound = UA_FALSE;
UA_Boolean tokenFound = UA_FALSE;
UA_String securityNone = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#None");
for(UA_Int32 i = 0; i < response.endpointsSize; i++) {
UA_EndpointDescription* endpoint = &response.endpoints[i];
/* look out for an endpoint without security */
if(!UA_String_equal(&endpoint->securityPolicyUri, &securityNone))
continue;
endpointFound = UA_TRUE;
/* endpoint with no security found */
/* look for a user token policy with an anonymous token */
for(UA_Int32 j=0; j<endpoint->userIdentityTokensSize; ++j) {
UA_UserTokenPolicy* userToken = &endpoint->userIdentityTokens[j];
if(userToken->tokenType != UA_USERTOKENTYPE_ANONYMOUS)
continue;
tokenFound = UA_TRUE;
UA_UserTokenPolicy_copy(userToken, &client->token);
break;
}
}
UA_GetEndpointsResponse_deleteMembers(&response);
if(!endpointFound) {
UA_LOG_ERROR(client->logger, UA_LOGCATEGORY_CLIENT, "No suitable endpoint found");
return UA_STATUSCODE_BADINTERNALERROR;
}
if(!tokenFound) {
UA_LOG_ERROR(client->logger, UA_LOGCATEGORY_CLIENT, "No anonymous token found");
return UA_STATUSCODE_BADINTERNALERROR;
}
return response.responseHeader.serviceResult;
}
/* Combination of UA_Client_getEndpointsInternal and getEndpoints */
static void
responseGetEndpoints(UA_Client *client, void *userdata, UA_UInt32 requestId,
void *response) {
UA_EndpointDescription* endpointArray = NULL;
size_t endpointArraySize = 0;
UA_GetEndpointsResponse* resp;
resp = (UA_GetEndpointsResponse*)response;
if (resp->responseHeader.serviceResult != UA_STATUSCODE_GOOD) {
client->connectStatus = resp->responseHeader.serviceResult;
UA_LOG_ERROR(&client->config.logger, UA_LOGCATEGORY_CLIENT,
"GetEndpointRequest failed with error code %s",
UA_StatusCode_name (client->connectStatus));
UA_GetEndpointsResponse_deleteMembers(resp);
return;
}
endpointArray = resp->endpoints;
endpointArraySize = resp->endpointsSize;
resp->endpoints = NULL;
resp->endpointsSize = 0;
UA_Boolean endpointFound = false;
UA_Boolean tokenFound = false;
UA_String securityNone = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#None");
UA_String binaryTransport = UA_STRING("http://opcfoundation.org/UA-Profile/"
"Transport/uatcp-uasc-uabinary");
// TODO: compare endpoint information with client->endpointUri
for(size_t i = 0; i < endpointArraySize; ++i) {
UA_EndpointDescription* endpoint = &endpointArray[i];
/* look out for binary transport endpoints */
/* Note: Siemens returns empty ProfileUrl, we will accept it as binary */
if(endpoint->transportProfileUri.length != 0
&& !UA_String_equal (&endpoint->transportProfileUri,
&binaryTransport))
continue;
/* Look for an endpoint corresponding to the client security policy */
if(!UA_String_equal(&endpoint->securityPolicyUri, &client->channel.securityPolicy->policyUri))
continue;
endpointFound = true;
/* Look for a user token policy with an anonymous token */
for(size_t j = 0; j < endpoint->userIdentityTokensSize; ++j) {
UA_UserTokenPolicy* userToken = &endpoint->userIdentityTokens[j];
/* Usertokens also have a security policy... */
if(userToken->securityPolicyUri.length > 0 &&
!UA_String_equal(&userToken->securityPolicyUri, &securityNone))
continue;
/* Does the token type match the client configuration? */
if((userToken->tokenType == UA_USERTOKENTYPE_ANONYMOUS &&
client->config.userIdentityToken.content.decoded.type !=
&UA_TYPES[UA_TYPES_ANONYMOUSIDENTITYTOKEN] &&
client->config.userIdentityToken.content.decoded.type != NULL) ||
(userToken->tokenType == UA_USERTOKENTYPE_USERNAME &&
client->config.userIdentityToken.content.decoded.type !=
&UA_TYPES[UA_TYPES_USERNAMEIDENTITYTOKEN]) ||
(userToken->tokenType == UA_USERTOKENTYPE_CERTIFICATE &&
client->config.userIdentityToken.content.decoded.type !=
&UA_TYPES[UA_TYPES_X509IDENTITYTOKEN]) ||
(userToken->tokenType == UA_USERTOKENTYPE_ISSUEDTOKEN &&
client->config.userIdentityToken.content.decoded.type !=
&UA_TYPES[UA_TYPES_ISSUEDIDENTITYTOKEN]))
continue;
/* Endpoint with matching usertokenpolicy found */
tokenFound = true;
UA_EndpointDescription_deleteMembers(&client->config.endpoint);
UA_EndpointDescription_copy(endpoint, &client->config.endpoint);
UA_UserTokenPolicy_deleteMembers(&client->config.userTokenPolicy);
UA_UserTokenPolicy_copy(userToken, &client->config.userTokenPolicy);
break;
}
}
UA_Array_delete(endpointArray, endpointArraySize,
&UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
if(!endpointFound) {
UA_LOG_ERROR(&client->config.logger, UA_LOGCATEGORY_CLIENT,
"No suitable endpoint found");
client->connectStatus = UA_STATUSCODE_BADINTERNALERROR;
} else if(!tokenFound) {
UA_LOG_ERROR(&client->config.logger, UA_LOGCATEGORY_CLIENT,
"No suitable UserTokenPolicy found for the possible endpoints");
client->connectStatus = UA_STATUSCODE_BADINTERNALERROR;
}
requestSession(client, &requestId);
}
