|
@@ -948,11 +948,11 @@ usage(void) {
|
|
#endif
|
|
#endif
|
|
"\t[--enableUnencrypted]\n"
|
|
"\t[--enableUnencrypted]\n"
|
|
"\t[--enableOutdatedSecurityPolicy]\n"
|
|
"\t[--enableOutdatedSecurityPolicy]\n"
|
|
- "\t[--enableTimestampCheck]\n"
|
|
|
|
"\t[--disableBasic128]\n"
|
|
"\t[--disableBasic128]\n"
|
|
"\t[--disableBasic256]\n"
|
|
"\t[--disableBasic256]\n"
|
|
"\t[--disableBasic256Sha256]\n"
|
|
"\t[--disableBasic256Sha256]\n"
|
|
#endif
|
|
#endif
|
|
|
|
+ "\t[--enableTimestampCheck]\n"
|
|
"\t[--enableAnonymous]\n");
|
|
"\t[--enableAnonymous]\n");
|
|
}
|
|
}
|
|
|
|
|
|
@@ -1000,7 +1000,6 @@ int main(int argc, char **argv) {
|
|
char filetype = ' '; /* t==trustlist, l == issuerList, r==revocationlist */
|
|
char filetype = ' '; /* t==trustlist, l == issuerList, r==revocationlist */
|
|
UA_Boolean enableUnencr = false;
|
|
UA_Boolean enableUnencr = false;
|
|
UA_Boolean enableSec = false;
|
|
UA_Boolean enableSec = false;
|
|
- UA_Boolean enableTime = false;
|
|
|
|
UA_Boolean disableBasic128 = false;
|
|
UA_Boolean disableBasic128 = false;
|
|
UA_Boolean disableBasic256 = false;
|
|
UA_Boolean disableBasic256 = false;
|
|
UA_Boolean disableBasic256Sha256 = false;
|
|
UA_Boolean disableBasic256Sha256 = false;
|
|
@@ -1021,6 +1020,7 @@ int main(int argc, char **argv) {
|
|
#endif /* UA_ENABLE_ENCRYPTION */
|
|
#endif /* UA_ENABLE_ENCRYPTION */
|
|
|
|
|
|
UA_Boolean enableAnon = false;
|
|
UA_Boolean enableAnon = false;
|
|
|
|
+ UA_Boolean enableTime = false;
|
|
|
|
|
|
/* Loop over the remaining arguments */
|
|
/* Loop over the remaining arguments */
|
|
for(; pos < (size_t)argc; pos++) {
|
|
for(; pos < (size_t)argc; pos++) {
|
|
@@ -1030,6 +1030,11 @@ int main(int argc, char **argv) {
|
|
continue;
|
|
continue;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+ if(strcmp(argv[pos], "--enableTimestampCheck") == 0) {
|
|
|
|
+ enableTime = true;
|
|
|
|
+ continue;
|
|
|
|
+ }
|
|
|
|
+
|
|
#ifdef UA_ENABLE_ENCRYPTION
|
|
#ifdef UA_ENABLE_ENCRYPTION
|
|
if(strcmp(argv[pos], "--enableUnencrypted") == 0) {
|
|
if(strcmp(argv[pos], "--enableUnencrypted") == 0) {
|
|
enableUnencr = true;
|
|
enableUnencr = true;
|
|
@@ -1041,11 +1046,6 @@ int main(int argc, char **argv) {
|
|
continue;
|
|
continue;
|
|
}
|
|
}
|
|
|
|
|
|
- if(strcmp(argv[pos], "--enableTimestampCheck") == 0) {
|
|
|
|
- enableTime = true;
|
|
|
|
- continue;
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
if(strcmp(argv[pos], "--disableBasic128") == 0) {
|
|
if(strcmp(argv[pos], "--disableBasic128") == 0) {
|
|
disableBasic128 = true;
|
|
disableBasic128 = true;
|
|
continue;
|
|
continue;
|
|
@@ -1216,6 +1216,16 @@ int main(int argc, char **argv) {
|
|
if(disableBasic256Sha256)
|
|
if(disableBasic256Sha256)
|
|
disableBasic256Sha256SecurityPolicy(&config);
|
|
disableBasic256Sha256SecurityPolicy(&config);
|
|
|
|
|
|
|
|
+#else /* UA_ENABLE_ENCRYPTION */
|
|
|
|
+ UA_StatusCode res =
|
|
|
|
+ UA_ServerConfig_setMinimal(&config, 4840, &certificate);
|
|
|
|
+ if(res != UA_STATUSCODE_GOOD)
|
|
|
|
+ goto cleanup;
|
|
|
|
+#endif /* UA_ENABLE_ENCRYPTION */
|
|
|
|
+
|
|
|
|
+ if(!enableAnon)
|
|
|
|
+ disableAnonymous(&config);
|
|
|
|
+
|
|
/* Set operation limits */
|
|
/* Set operation limits */
|
|
config.maxNodesPerRead = MAX_OPERATION_LIMIT;
|
|
config.maxNodesPerRead = MAX_OPERATION_LIMIT;
|
|
config.maxNodesPerWrite = MAX_OPERATION_LIMIT;
|
|
config.maxNodesPerWrite = MAX_OPERATION_LIMIT;
|
|
@@ -1228,18 +1238,9 @@ int main(int argc, char **argv) {
|
|
|
|
|
|
/* If RequestTimestamp is '0', log the warning and proceed */
|
|
/* If RequestTimestamp is '0', log the warning and proceed */
|
|
config.verifyRequestTimestamp = UA_RULEHANDLING_WARN;
|
|
config.verifyRequestTimestamp = UA_RULEHANDLING_WARN;
|
|
-
|
|
|
|
if(enableTime)
|
|
if(enableTime)
|
|
config.verifyRequestTimestamp = UA_RULEHANDLING_DEFAULT;
|
|
config.verifyRequestTimestamp = UA_RULEHANDLING_DEFAULT;
|
|
|
|
|
|
-#else /* UA_ENABLE_ENCRYPTION */
|
|
|
|
- UA_StatusCode res =
|
|
|
|
- UA_ServerConfig_setMinimal(&config, 4840, &certificate);
|
|
|
|
-#endif /* UA_ENABLE_ENCRYPTION */
|
|
|
|
-
|
|
|
|
- if(!enableAnon)
|
|
|
|
- disableAnonymous(&config);
|
|
|
|
-
|
|
|
|
/* Override with a custom access control policy */
|
|
/* Override with a custom access control policy */
|
|
config.accessControl.getUserAccessLevel = getUserAccessLevel_disallowSpecific;
|
|
config.accessControl.getUserAccessLevel = getUserAccessLevel_disallowSpecific;
|
|
UA_String_clear(&config.applicationDescription.applicationUri);
|
|
UA_String_clear(&config.applicationDescription.applicationUri);
|