Domů Procházet Nápověda
Přihlásit se
opc-ua
/
open62541
Sledovat 2
Oblíbit 0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Procházet zdrojové kódy

Get server certificate of create session rsp from used endpoint

The server certificate included in the Create session response have
been fetched from the channel that the session is created on.
This works if the security policy of the secure channel != security
policy none.

If the secure channel is not secured (security policy none) but the
UserIdentityToken is (e.g. encrypted password when using
UserIdentityToken Username_1), the certificate of the endpoint must
be present in the Create session response. In this case it is not
possible to retrieve it from the channel, as the channel is not
secured and has no reference to the certificate of the device.

A common solution that works in both cases is to retrieve the
certificate from the endpoint.
Jonas Green před 6 roky
rodič
9310e39a06
revize
beb635ac4c
1 změnil soubory, kde provedl 14 přidání a 3 odebrání
Rozdělené zobrazení Ukázat statistiku rozdílových dat
  1. 14 3
      src/server/ua_services_session.c

+ 14 - 3
src/server/ua_services_session.c
Zobrazit soubor 

@@ -162,10 +162,21 @@ Service_CreateSession(UA_Server *server, UA_SecureChannel *channel,
 
     response->responseHeader.serviceResult |=
 
         UA_String_copy(&request->sessionName, &newSession->sessionName);
 
 
+    UA_ByteString_init(&response->serverCertificate);
 
+
 
     if(server->config.endpointsSize > 0)
 
-        response->responseHeader.serviceResult |=
 
-            UA_ByteString_copy(&channel->securityPolicy->localCertificate,
 
-                               &response->serverCertificate);
 
+       for(size_t i = 0; i < response->serverEndpointsSize; ++i) {
 
+          if(response->serverEndpoints[i].securityMode==channel->securityMode &&
 
+             UA_ByteString_equal(&response->serverEndpoints[i].securityPolicyUri,
 
+                                 &channel->securityPolicy->policyUri) &&
 
+             UA_String_equal(&response->serverEndpoints[i].endpointUrl,
 
+                             &request->endpointUrl))
 
+          {
 
+             response->responseHeader.serviceResult |=
 
+                 UA_ByteString_copy(&response->serverEndpoints[i].serverCertificate,
 
+                                    &response->serverCertificate);
 
+          }
 
+       }
 
 
     /* Create a session nonce */
 
     response->responseHeader.serviceResult |= UA_Session_generateNonce(newSession);