changed calling sequence + functions to open secure channel

schema/UA_stackInternalTypes.bsd

@@ -49,7 +49,6 @@
     <opc:Field Name="SecurityPolicyUri" TypeName="opc:ByteString" />
     <opc:Field Name="SenderCertificate" TypeName="opc:ByteString" />
     <opc:Field Name="ReceiverCertificateThumbprint" TypeName="opc:ByteString" />
-    <opc:Field Name="RequestId" TypeName="opc:UInt32"/>
   </opc:StructuredType>
   
   <opc:StructuredType Name="SymmetricAlgorithmSecurityHeader">

src/ua_services_securechannel.c

@@ -6,10 +6,7 @@ const UA_OpenSecureChannelRequest* request,
 UA_OpenSecureChannelResponse* response)
 {
 	UA_Int32 retval = UA_SUCCESS;
-
-
 	SL_channelState channelState;
-
 	//channel takes care of opening process
 	retval |= SL_Channel_processOpenRequest(channel, request,response);
 	retval |= SL_Channel_getState(channel, &channelState);

src/ua_stack_channel.c

@@ -24,7 +24,6 @@ typedef struct SL_ChannelStruct {
 	UA_AsymmetricAlgorithmSecurityHeader remoteAsymAlgSettings;
 	UA_AsymmetricAlgorithmSecurityHeader localAsymAlgSettings;
 
-
 	UA_ChannelSecurityToken securityToken;
 
 	UA_MessageSecurityMode securityMode;
@@ -32,359 +31,334 @@ typedef struct SL_ChannelStruct {
 	UA_ByteString localNonce;
 	SL_ChannelSecurityTokenProvider tokenProvider;
 	SL_ChannelIdProvider channelIdProvider;
-}SL_ChannelType;
+} SL_ChannelType;
 
+UA_Int32 SL_Channel_setRemoteSecuritySettings(SL_Channel channel,
+		UA_AsymmetricAlgorithmSecurityHeader *asymSecHeader,
+		UA_SequenceHeader *sequenceHeader) {
+	UA_Int32 retval = UA_SUCCESS;
+	retval |= UA_AsymmetricAlgorithmSecurityHeader_copy(asymSecHeader,
+			&((SL_ChannelType*) channel)->remoteAsymAlgSettings);
 
-UA_Int32 SL_Channel_registerTokenProvider(SL_Channel channel, SL_ChannelSecurityTokenProvider provider)
+	((SL_ChannelType*) channel)->sequenceNumber =
+			sequenceHeader->sequenceNumber;
+	((SL_ChannelType*) channel)->requestId = sequenceHeader->requestId;
+	return retval;
+}
+/*
+UA_Int32 SL_Channel_initLocalSecuritySettings(SL_Channel channel)
 {
-	((SL_ChannelType*)channel)->tokenProvider = provider;
+	UA_Int32 retval = UA_SUCCESS;
+	((SL_ChannelType*) channel)->localAsymAlgSettings.receiverCertificateThumbprint.data = UA_NULL;
+	((SL_ChannelType*) channel)->localAsymAlgSettings.receiverCertificateThumbprint.length = 0;
+
+	retval |= UA_String_copycstring("http://opcfoundation.org/UA/SecurityPolicy#None",(UA_String*)&((SL_ChannelType*) channel)->localAsymAlgSettings.securityPolicyUri);
+
+	((SL_ChannelType*) channel)->localAsymAlgSettings.senderCertificate.data = UA_NULL;
+	((SL_ChannelType*) channel)->localAsymAlgSettings.senderCertificate.length = 0;
+	return retval;
+}
+*/
+UA_Int32 SL_Channel_new(SL_Channel **channel) {
+	UA_Int32 retval = UA_SUCCESS;
+	retval |= UA_alloc((void** )channel, sizeof(SL_Channel));
+	SL_ChannelType *thisChannel = UA_NULL;
+	retval |= UA_alloc((void** )&thisChannel, sizeof(SL_ChannelType));
+	**channel = (SL_Channel) thisChannel;
+	return retval;
+}
+
+//TODO implement real nonce generator - DUMMY function
+UA_Int32 SL_Channel_generateNonce(UA_ByteString *nonce) {
+	//UA_ByteString_new(&nonce);
+	UA_alloc((void** )&(nonce->data), 1);
+	nonce->length = 1;
+	nonce->data[0] = 'a';
 	return UA_SUCCESS;
 }
 
-UA_Int32 SL_Channel_getRemainingLifetime(SL_Channel channel, UA_Int32 *lifetime)
-{
-	if(channel)
-	{
-		UA_Int64 diffInMS = (((SL_ChannelType*)channel)->securityToken.createdAt - UA_DateTime_now()) / 1e7;
-		if(diffInMS > UA_INT32_MAX)
-		{
+UA_Int32 SL_Channel_init(SL_Channel channel, UA_TL_Connection connection,
+		SL_ChannelIdProvider channelIdProvider,
+		SL_ChannelSecurityTokenProvider tokenProvider) {
+
+	UA_Int32 retval = UA_SUCCESS;
+
+	((SL_ChannelType*) channel)->channelIdProvider = channelIdProvider;
+	((SL_ChannelType*) channel)->tokenProvider = tokenProvider;
+
+	((SL_ChannelType*) channel)->connection = connection;
+	//generate secure channel id
+	((SL_ChannelType*) channel)->channelIdProvider(
+			&((SL_ChannelType*) channel)->channelId);
+
+	//generate local nonce
+	SL_Channel_generateNonce(&channel->localNonce);
+	//TODO get this from the local configuration file MOCK UP ---start
+	((SL_ChannelType*) channel)->localAsymAlgSettings.receiverCertificateThumbprint.data = UA_NULL;
+	((SL_ChannelType*) channel)->localAsymAlgSettings.receiverCertificateThumbprint.length = 0;
+
+	retval |= UA_String_copycstring("http://opcfoundation.org/UA/SecurityPolicy#None",(UA_String*)&((SL_ChannelType*) channel)->localAsymAlgSettings.securityPolicyUri);
+
+	((SL_ChannelType*) channel)->localAsymAlgSettings.senderCertificate.data = UA_NULL;
+	((SL_ChannelType*) channel)->localAsymAlgSettings.senderCertificate.length = 0;
+	// MOCK UP ---end
+
+
+	((SL_ChannelType*) channel)->state = UA_SL_CHANNEL_CLOSED;
+	return retval;
+}
+
+UA_Int32 SL_Channel_registerTokenProvider(SL_Channel channel,
+		SL_ChannelSecurityTokenProvider provider) {
+	((SL_ChannelType*) channel)->tokenProvider = provider;
+	return UA_SUCCESS;
+}
+
+UA_Int32 SL_Channel_getRemainingLifetime(SL_Channel channel, UA_Int32 *lifetime) {
+	if (channel) {
+		UA_Int64 diffInMS =
+				(((SL_ChannelType*) channel)->securityToken.createdAt
+						- UA_DateTime_now()) / 1e7;
+		if (diffInMS > UA_INT32_MAX) {
 			*lifetime = UA_INT32_MAX;
-		}else
-		{
-			*lifetime = (UA_Int32)diffInMS;
+		} else {
+			*lifetime = (UA_Int32) diffInMS;
 		}
-			return UA_SUCCESS;
-	}
-	else
-	{
-		printf("SL_Channel_getRemainingLifetime - no valid channel object, null pointer");
+		return UA_SUCCESS;
+	} else {
+		printf(
+				"SL_Channel_getRemainingLifetime - no valid channel object, null pointer");
 		return UA_ERROR;
 	}
 }
 
-UA_Int32 SL_Channel_getChannelId(SL_Channel channel, UA_UInt32 *channelId)
-{
-	if(channel)
-	{
-		*channelId = ((SL_ChannelType*)channel)->channelId;
+UA_Int32 SL_Channel_getChannelId(SL_Channel channel, UA_UInt32 *channelId) {
+	if (channel) {
+		*channelId = ((SL_ChannelType*) channel)->channelId;
 		return UA_SUCCESS;
 	}
 	return UA_ERROR;
 }
 
-UA_Int32 SL_Channel_getTokenId(SL_Channel channel, UA_UInt32 *tokenId)
-{
-	if(channel)
-	{
-		*tokenId = ((SL_ChannelType*)channel)->securityToken.tokenId;
+UA_Int32 SL_Channel_getTokenId(SL_Channel channel, UA_UInt32 *tokenId) {
+	if (channel) {
+		*tokenId = ((SL_ChannelType*) channel)->securityToken.tokenId;
 		return UA_SUCCESS;
 	}
 	return UA_ERROR;
 }
 
-UA_Int32 SL_Channel_getLocalAsymAlgSettings(SL_Channel channel, UA_AsymmetricAlgorithmSecurityHeader **asymAlgSettings)
-{
+UA_Int32 SL_Channel_getLocalAsymAlgSettings(SL_Channel channel,
+		UA_AsymmetricAlgorithmSecurityHeader **asymAlgSettings) {
 	UA_Int32 retval = 0;
 
-	retval |= UA_alloc((void**)asymAlgSettings,UA_AsymmetricAlgorithmSecurityHeader_calcSizeBinary(UA_NULL));
-
-	retval |= UA_ByteString_copy(&(((SL_ChannelType*)channel)->localAsymAlgSettings.receiverCertificateThumbprint),
-			&(*asymAlgSettings)->receiverCertificateThumbprint);
-	retval |= UA_ByteString_copy(&(((SL_ChannelType*)channel)->localAsymAlgSettings.securityPolicyUri),
-				&(*asymAlgSettings)->securityPolicyUri);
-	retval |= UA_ByteString_copy(&(((SL_ChannelType*)channel)->localAsymAlgSettings.senderCertificate),
+	retval |= UA_alloc((void** )asymAlgSettings,
+			UA_AsymmetricAlgorithmSecurityHeader_calcSizeBinary(UA_NULL));
+
+	retval |=
+			UA_ByteString_copy(
+					&(((SL_ChannelType*) channel)->localAsymAlgSettings.receiverCertificateThumbprint),
+					&(*asymAlgSettings)->receiverCertificateThumbprint);
+	retval |=
+			UA_ByteString_copy(
+					&(((SL_ChannelType*) channel)->localAsymAlgSettings.securityPolicyUri),
+					&(*asymAlgSettings)->securityPolicyUri);
+	retval |=
+			UA_ByteString_copy(
+					&(((SL_ChannelType*) channel)->localAsymAlgSettings.senderCertificate),
 					&(*asymAlgSettings)->senderCertificate);
 
 	return UA_SUCCESS;
 }
-UA_Int32 SL_Channel_getConnection(SL_Channel channel, UA_TL_Connection *connection)
-{
-	if(channel)
-	{
-		*connection = ((SL_ChannelType*)channel)->connection;
+
+UA_Int32 SL_Channel_getConnection(SL_Channel channel,
+		UA_TL_Connection *connection) {
+	if (channel) {
+		*connection = ((SL_ChannelType*) channel)->connection;
 		return UA_SUCCESS;
 	}
 	return UA_ERROR;
 }
-UA_Int32 SL_Channel_getRequestId(SL_Channel channel, UA_UInt32 *requestId)
-{
-	if(channel)
-	{
-		*requestId = ((SL_ChannelType*)channel)->requestId;
+UA_Int32 SL_Channel_getRequestId(SL_Channel channel, UA_UInt32 *requestId) {
+	if (channel) {
+		*requestId = ((SL_ChannelType*) channel)->requestId;
 		return UA_SUCCESS;
 	}
 	return UA_ERROR;
 }
-UA_Int32 SL_Channel_getSequenceNumber(SL_Channel channel, UA_UInt32 *sequenceNumber)
-{
-	if(channel)
-	{
-		*sequenceNumber = ((SL_ChannelType*)channel)->sequenceNumber;
+UA_Int32 SL_Channel_getSequenceNumber(SL_Channel channel,
+		UA_UInt32 *sequenceNumber) {
+	if (channel) {
+		*sequenceNumber = ((SL_ChannelType*) channel)->sequenceNumber;
 		return UA_SUCCESS;
 	}
 	return UA_ERROR;
 }
-UA_Int32 SL_Channel_getState(SL_Channel channel,SL_channelState *channelState)
-{
-	if(channel)
-	{
-		*channelState = ((SL_ChannelType*)channel)->state;
+UA_Int32 SL_Channel_getState(SL_Channel channel, SL_channelState *channelState) {
+	if (channel) {
+		*channelState = ((SL_ChannelType*) channel)->state;
 		return UA_SUCCESS;
 	}
 	return UA_ERROR;
 }
 
-UA_Int32 SL_Channel_getRevisedLifetime(SL_Channel channel, UA_UInt32 *revisedLifetime)
-{
-	if(channel)
-	{
-		*revisedLifetime = ((SL_ChannelType*)channel)->securityToken.revisedLifetime;
+UA_Int32 SL_Channel_getRevisedLifetime(SL_Channel channel,
+		UA_UInt32 *revisedLifetime) {
+	if (channel) {
+		*revisedLifetime =
+				((SL_ChannelType*) channel)->securityToken.revisedLifetime;
 		return UA_SUCCESS;
 	}
 	return UA_ERROR;
 }
 
 //setters
-UA_Int32 SL_Channel_setId(SL_Channel channel, UA_UInt32 id)
-{
-	((SL_ChannelType*)channel)->channelId = id;
+UA_Int32 SL_Channel_setId(SL_Channel channel, UA_UInt32 id) {
+	((SL_ChannelType*) channel)->channelId = id;
 	return UA_SUCCESS;
 }
 
 //private function
-UA_Int32 SL_Channel_setState(SL_Channel channel,SL_channelState channelState)
-{
-	((SL_ChannelType*)channel)->state = channelState;
+UA_Int32 SL_Channel_setState(SL_Channel channel, SL_channelState channelState) {
+	((SL_ChannelType*) channel)->state = channelState;
 	return UA_SUCCESS;
 }
 
-UA_Int32 SL_Channel_init(SL_Channel channel,
-		UA_ByteString *receiverCertificateThumbprint,
-		UA_ByteString *securityPolicyUri,
-		UA_ByteString *senderCertificate,
-		UA_MessageSecurityMode securityMode)
-{
-	UA_Int32 retval = UA_SUCCESS;
-	retval |= UA_ByteString_copy(receiverCertificateThumbprint,
-			&((SL_ChannelType*)channel)->localAsymAlgSettings.receiverCertificateThumbprint);
-
-	retval |= UA_ByteString_copy(securityPolicyUri,
-			&((SL_ChannelType*)channel)->localAsymAlgSettings.securityPolicyUri);
 
-	retval |= UA_ByteString_copy(senderCertificate,
-			&((SL_ChannelType*)channel)->localAsymAlgSettings.senderCertificate);
 
-
-
-	((SL_ChannelType*)channel)->state = UA_SL_CHANNEL_CLOSED;
-	return retval;
-}
-//TODO implement real nonce generator - DUMMY function
-UA_Int32 SL_Channel_generateNonce(UA_ByteString *nonce)
-{
-	//UA_ByteString_new(&nonce);
-	UA_alloc((void**)&(nonce->data),1);
-	nonce->length = 1;
-	nonce->data[0] = 'a';
-	return UA_SUCCESS;
+UA_Boolean SL_Channel_equal(SL_Channel channel1, SL_Channel channel2) {
+	return (((SL_ChannelType*) channel1)->channelId
+			== ((SL_ChannelType*) channel2)->channelId) ?
+	UA_EQUAL :
+															UA_NOT_EQUAL;
 }
 
-UA_Boolean SL_Channel_compare(SL_Channel channel1, SL_Channel channel2)
-{
-	return (((SL_ChannelType*)channel1)->channelId == ((SL_ChannelType*)channel2)->channelId)
-			? UA_EQUAL : UA_NOT_EQUAL;
+UA_Int32 SL_Channel_bind(SL_Channel channel, UA_TL_Connection connection) {
+	if (channel && connection) {
+		((SL_ChannelType*) channel)->connection = connection;
+		return UA_SUCCESS;
+	}
+	return UA_ERROR;
 }
 
-UA_Int32 SL_Channel_new(SL_Channel **channel,
-		SL_ChannelIdProvider channelIdProvider,
-		SL_ChannelSecurityTokenProvider tokenProvider,
-		UA_ByteString *receiverCertificateThumbprint,
-		UA_ByteString *securityPolicyUri,
-		UA_ByteString *senderCertificate,
-		UA_MessageSecurityMode securityMode)
-
-{
+UA_Int32 SL_Channel_deleteMembers(SL_Channel channel) {
 	UA_Int32 retval = UA_SUCCESS;
-
-	retval |= UA_alloc((void**)channel,sizeof(SL_Channel));
-
-	SL_ChannelType *thisChannel = UA_NULL;
-	retval |= UA_alloc((void**)&thisChannel,sizeof(SL_ChannelType));
-
-	thisChannel->channelIdProvider = channelIdProvider;
-	thisChannel->tokenProvider = tokenProvider;
-
-	retval |= UA_ByteString_copy(receiverCertificateThumbprint,
-			&thisChannel->localAsymAlgSettings.receiverCertificateThumbprint);
-
-	retval |= UA_ByteString_copy(securityPolicyUri,
-			&thisChannel->localAsymAlgSettings.securityPolicyUri);
-
-	retval |= UA_ByteString_copy(senderCertificate,
-			&thisChannel->localAsymAlgSettings.senderCertificate);
-
-	thisChannel->state = UA_SL_CHANNEL_CLOSED;
-
-	**channel = (SL_Channel)thisChannel;
-
-	return UA_SUCCESS;
-}
-UA_Int32 SL_Channel_initByRequest(SL_Channel channel,
-		UA_TL_Connection connection,
-		const UA_ByteString* msg,
-		UA_UInt32* pos)
-{
-
-	UA_SequenceHeader *sequenceHeader;
-
-	UA_SequenceHeader_new(&sequenceHeader);
-	UA_SequenceHeader_init(sequenceHeader);
-
-
-	((SL_ChannelType*)channel)->channelIdProvider(&((SL_ChannelType*)channel)->channelId);
-
-	((SL_ChannelType*)channel)->connection = connection;
-
-	SL_Channel_generateNonce(&channel->localNonce);
-
-	*pos += 4; // skip the securechannelid
-	UA_AsymmetricAlgorithmSecurityHeader_decodeBinary(msg, pos,
-			&channel->remoteAsymAlgSettings);
-
-	UA_SequenceHeader_decodeBinary(msg, pos,
-			sequenceHeader);
-
-
-	//init last requestId and sequenceNumber
-
-	//channel->lastRequestId = sequenceHeader->requestId;
-	//channel->lastSequenceNumber = sequenceHeader->sequenceNumber;
-
-	channel->requestId = sequenceHeader->requestId;//channel->lastRequestId;
-	channel->sequenceNumber = sequenceHeader->sequenceNumber;//channel->lastSequenceNumber;
-
-	channel->state = UA_SL_CHANNEL_CLOSED;
-
-	return UA_SUCCESS;
-}
-UA_Int32 SL_Channel_deleteMembers(SL_Channel channel)
-{
-	UA_Int32 retval = UA_SUCCESS;
-	retval |= UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&((SL_ChannelType*)channel)->localAsymAlgSettings);
-	retval |= UA_ByteString_deleteMembers(&((SL_ChannelType*)channel)->localNonce);
-	retval |= UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&((SL_ChannelType*)channel)->remoteAsymAlgSettings);
-	retval |= UA_ByteString_deleteMembers(&((SL_ChannelType*)channel)->remoteNonce);
-	retval |= UA_ChannelSecurityToken_deleteMembers(&((SL_ChannelType*)channel)->securityToken);
+	retval |= UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(
+			&((SL_ChannelType*) channel)->localAsymAlgSettings);
+	retval |= UA_ByteString_deleteMembers(
+			&((SL_ChannelType*) channel)->localNonce);
+	retval |= UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(
+			&((SL_ChannelType*) channel)->remoteAsymAlgSettings);
+	retval |= UA_ByteString_deleteMembers(
+			&((SL_ChannelType*) channel)->remoteNonce);
+	retval |= UA_ChannelSecurityToken_deleteMembers(
+			&((SL_ChannelType*) channel)->securityToken);
 	return retval;
 }
-UA_Int32 SL_Channel_delete(SL_Channel *channel)
-{
+UA_Int32 SL_Channel_delete(SL_Channel *channel) {
 	UA_Int32 retval = UA_SUCCESS;
 	retval = SL_Channel_deleteMembers(*channel);
 	retval = UA_free(*channel);
 	return retval;
 }
 
-UA_Int32 SL_Channel_processTokenRequest(SL_Channel channel,UA_UInt32 requestedLifetime, UA_SecurityTokenRequestType requestType)
-{
-	if(((SL_ChannelType*)channel)->tokenProvider)
-	{
-		return ((SL_ChannelType*)channel)->tokenProvider(channel,requestedLifetime,requestType, &((SL_ChannelType*)channel)->securityToken);
+UA_Int32 SL_Channel_processTokenRequest(SL_Channel channel,
+		UA_UInt32 requestedLifetime, UA_SecurityTokenRequestType requestType) {
+	if (((SL_ChannelType*) channel)->tokenProvider) {
+		return ((SL_ChannelType*) channel)->tokenProvider(channel,
+				requestedLifetime, requestType,
+				&((SL_ChannelType*) channel)->securityToken);
 	}
-		printf("SL_Channel_processTokenRequest - no Token provider registered");
-		return UA_ERROR;
+	printf("SL_Channel_processTokenRequest - no Token provider registered");
+	return UA_ERROR;
 }
-UA_Int32 SL_Channel_renewToken(SL_Channel channel, UA_UInt32 tokenId,UA_DateTime revisedLifetime, UA_DateTime createdAt)
-{
-	((SL_ChannelType*)channel)->securityToken.tokenId = tokenId;
-	((SL_ChannelType*)channel)->securityToken.createdAt = createdAt;
-	((SL_ChannelType*)channel)->securityToken.revisedLifetime = revisedLifetime;
+UA_Int32 SL_Channel_renewToken(SL_Channel channel, UA_UInt32 tokenId,
+		UA_DateTime revisedLifetime, UA_DateTime createdAt) {
+	((SL_ChannelType*) channel)->securityToken.tokenId = tokenId;
+	((SL_ChannelType*) channel)->securityToken.createdAt = createdAt;
+	((SL_ChannelType*) channel)->securityToken.revisedLifetime =
+			revisedLifetime;
 	return UA_SUCCESS;
 }
 
-
-UA_Int32 SL_Channel_checkSequenceNumber(SL_Channel channel, UA_UInt32 sequenceNumber)
-{
-	((SL_ChannelType*)channel)->sequenceNumber = sequenceNumber; //TODO mock up, to be removed;
+UA_Int32 SL_Channel_checkSequenceNumber(SL_Channel channel,
+		UA_UInt32 sequenceNumber) {
+	((SL_ChannelType*) channel)->sequenceNumber = sequenceNumber; //TODO mock up, to be removed;
 	return UA_SUCCESS;
 
-	if(((SL_ChannelType*)channel)->sequenceNumber+1 == sequenceNumber){
-		((SL_ChannelType*)channel)->sequenceNumber++;
+	if (((SL_ChannelType*) channel)->sequenceNumber + 1 == sequenceNumber) {
+		((SL_ChannelType*) channel)->sequenceNumber++;
 
 		return UA_SUCCESS;
 	}
-	printf("SL_Channel_checkSequenceNumber - ERROR, wrong SequenceNumber expected: %i, received: %i",
-			((SL_ChannelType*)channel)->sequenceNumber+1,sequenceNumber);
+	printf(
+			"SL_Channel_checkSequenceNumber - ERROR, wrong SequenceNumber expected: %i, received: %i",
+			((SL_ChannelType*) channel)->sequenceNumber + 1, sequenceNumber);
 	return UA_ERROR;
 
 }
 
-UA_Int32 SL_Channel_checkRequestId(SL_Channel channel, UA_UInt32 requestId)
-{
-	((SL_ChannelType*)channel)->requestId = requestId; //TODO mock up, to be removed;
+UA_Int32 SL_Channel_checkRequestId(SL_Channel channel, UA_UInt32 requestId) {
+	((SL_ChannelType*) channel)->requestId = requestId; //TODO mock up, to be removed;
 	return UA_SUCCESS;
-	if(((SL_ChannelType*)channel)->requestId+1 == requestId){
-		((SL_ChannelType*)channel)->requestId++;
+	if (((SL_ChannelType*) channel)->requestId + 1 == requestId) {
+		((SL_ChannelType*) channel)->requestId++;
 
 		return UA_SUCCESS;
 	}
-	printf("SL_Channel_requestId - ERROR, wrong requestId expected: %i, received: %i",
-			((SL_ChannelType*)channel)->requestId+1,requestId);
+	printf(
+			"SL_Channel_requestId - ERROR, wrong requestId expected: %i, received: %i",
+			((SL_ChannelType*) channel)->requestId + 1, requestId);
 	return UA_ERROR;
 
 }
 
 UA_Int32 SL_Channel_processOpenRequest(SL_Channel channel,
-		const UA_OpenSecureChannelRequest* request, UA_OpenSecureChannelResponse* response)
-{
+		const UA_OpenSecureChannelRequest* request,
+		UA_OpenSecureChannelResponse* response) {
 	UA_UInt32 protocolVersion;
-	SL_ChannelType *thisChannel = (SL_ChannelType*)channel;
+	SL_ChannelType *thisChannel = (SL_ChannelType*) channel;
 	UA_Int32 retval = UA_SUCCESS;
 
-	UA_TL_Connection_getProtocolVersion(thisChannel->connection, &protocolVersion);
+	UA_TL_Connection_getProtocolVersion(thisChannel->connection,
+			&protocolVersion);
+
 
-	if (request->clientProtocolVersion
-			!= protocolVersion)
-	{
+	if (request->clientProtocolVersion != protocolVersion) {
 		printf("SL_Channel_processOpenRequest - error protocol version \n");
 		//TODO ERROR_Bad_ProtocolVersionUnsupported
 	}
 
-	switch (request->requestType)
-	{
+	switch (request->requestType) {
 	case UA_SECURITYTOKEN_ISSUE:
-		if (thisChannel->state == UA_SL_CHANNEL_OPEN)
-		{
-			printf("SL_Channel_processOpenRequest - multiple security token request");
+		if (thisChannel->state == UA_SL_CHANNEL_OPEN) {
+			printf(
+					"SL_Channel_processOpenRequest - multiple security token request");
 			//TODO return ERROR
 			retval = UA_ERROR;
 			break;
 		}
 		printf(
 				"SL_Channel_processOpenRequest - creating new token for a new SecureChannel\n");
-		SL_Channel_processTokenRequest(channel,request->requestedLifetime, request->requestType);
+		SL_Channel_processTokenRequest(channel, request->requestedLifetime,
+				request->requestType);
 		//	SL_createNewToken(connection);
 		break;
 	case UA_SECURITYTOKEN_RENEW:
-		if (thisChannel->state == UA_SL_CHANNEL_CLOSED)
-		{
+		if (thisChannel->state == UA_SL_CHANNEL_CLOSED) {
 			printf(
 					"SL_Channel_processOpenRequest - renew token request received, but no secureChannel was established before");
 			//TODO return ERROR
 			retval = UA_ERROR;
 			break;
-		}
-		else
-		{
+		} else {
 			//generate new SecurityToken
-			retval = SL_Channel_processTokenRequest(channel,request->requestedLifetime, request->requestType);
-			if (retval != UA_SUCCESS)
-			{
+			retval = SL_Channel_processTokenRequest(channel,
+					request->requestedLifetime, request->requestType);
+			if (retval != UA_SUCCESS) {
 				printf(
 						"SL_Channel_processOpenRequest - creating new token for an existing SecureChannel\n");
-			}
-			else
-			{
+			} else {
 				printf(
 						"SL_Channel_processOpenRequest - cannot create new token for an existing SecureChannel\n");
 			}
@@ -392,8 +366,7 @@ UA_Int32 SL_Channel_processOpenRequest(SL_Channel channel,
 			break;
 		}
 	}
-	switch (request->securityMode)
-	{
+	switch (request->securityMode) {
 	case UA_SECURITYMODE_INVALID:
 		thisChannel->remoteNonce.data = UA_NULL;
 		thisChannel->remoteNonce.length = -1;
@@ -406,44 +379,37 @@ UA_Int32 SL_Channel_processOpenRequest(SL_Channel channel,
 		break;
 
 	case UA_SECURITYMODE_SIGNANDENCRYPT:
-		printf("SL_Channel_processOpenRequest - client demands signed & encrypted \n");
+		printf(
+				"SL_Channel_processOpenRequest - client demands signed & encrypted \n");
 		//TODO check if senderCertificate and ReceiverCertificateThumbprint are present
 		break;
 	}
-	UA_ByteString_copy(&request->clientNonce,&thisChannel->remoteNonce);
+	UA_ByteString_copy(&request->clientNonce, &thisChannel->remoteNonce);
 	thisChannel->state = UA_SL_CHANNEL_OPEN;
 
-	if (request->requestHeader.returnDiagnostics != 0)
-	{
+	if (request->requestHeader.returnDiagnostics != 0) {
 		printf("SL_openSecureChannel - diagnostics demanded by the client\n");
 		printf(
 				"SL_openSecureChannel - retrieving diagnostics not implemented!\n");
 		//TODO fill with demanded information part 4, 7.8 - Table 123
 		response->responseHeader.serviceDiagnostics.encodingMask = 0;
-	}
-	else
-	{
+	} else {
 		response->responseHeader.serviceDiagnostics.encodingMask = 0;
 	}
 
 	response->serverProtocolVersion = protocolVersion;
 
-	UA_ChannelSecurityToken_copy(&((SL_ChannelType*)(channel))->securityToken, &(response->securityToken));
+	UA_ChannelSecurityToken_copy(&((SL_ChannelType*) (channel))->securityToken,
+			&(response->securityToken));
 
 	UA_ByteString_copy(&thisChannel->localNonce, &response->serverNonce);
 
-
 	return retval;
 }
 
 UA_Int32 SL_Channel_processCloseRequest(SL_Channel channel,
-		const UA_CloseSecureChannelRequest* request)
-{
-	SL_Channel_setState(channel,UA_SL_CHANNEL_CLOSED);
-	UA_TL_Connection connection;
-	SL_Channel_getConnection(channel, &connection);
-	UA_TL_Connection_close(connection);
+		const UA_CloseSecureChannelRequest* request) {
+	SL_Channel_setState(channel, UA_SL_CHANNEL_CLOSED);
 	return UA_SUCCESS;
 }
 
-

src/ua_stack_channel.h

@@ -18,93 +18,61 @@ typedef enum ChannelState {
 	UA_SL_CHANNEL_CLOSED,
 	UA_SL_CHANNEL_OPENING,
 	UA_SL_CHANNEL_OPEN
-}SL_channelState;
+} SL_channelState;
 //hide object behind typedef
 typedef struct SL_ChannelStruct *SL_Channel;
-typedef UA_Int32 (*SL_ChannelSecurityTokenProvider)(SL_Channel ,UA_Int32 , SecurityTokenRequestType, UA_ChannelSecurityToken*);
+typedef UA_Int32 (*SL_ChannelSecurityTokenProvider)(SL_Channel, UA_Int32,
+		SecurityTokenRequestType, UA_ChannelSecurityToken*);
 typedef UA_Int32 (*SL_ChannelIdProvider)(UA_UInt32*);
+UA_Int32 SL_Channel_new(SL_Channel **channel);
 
-UA_Int32 SL_Channel_new(SL_Channel **channel,
+UA_Int32 SL_Channel_init(SL_Channel channel, UA_TL_Connection connection,
 		SL_ChannelIdProvider channelIdProvider,
-		SL_ChannelSecurityTokenProvider tokenProvider,
-		UA_ByteString *receiverCertificateThumbprint,
-		UA_ByteString *securityPolicyUri,
-		UA_ByteString *senderCertificate,
-		UA_MessageSecurityMode securityMode);
+		SL_ChannelSecurityTokenProvider tokenProvider);
 
-UA_Int32 SL_Channel_init(SL_Channel channel,
-		UA_ByteString *receiverCertificateThumbprint,
-		UA_ByteString *securityPolicyUri,
-		UA_ByteString *senderCertificate, UA_MessageSecurityMode securityMode);
-
-UA_Int32 SL_Channel_initByRequest(SL_Channel channel, UA_TL_Connection connection, const UA_ByteString* msg,
-		UA_UInt32* pos);
-
-UA_Int32 SL_Channel_initMembers(SL_Channel channel,
-		UA_TL_Connection *connection,
-		UA_UInt32 connectionId,
-		UA_UInt32 sequenceNumber,
-		UA_UInt32 requestId,
-		UA_MessageSecurityMode securityMode,
-		UA_ByteString *remoteNonce,
-		UA_ByteString *localNonce,
-		UA_ByteString *receiverCertificateThumbprint,
-		UA_ByteString *securityPolicyUri,
-		UA_ByteString *senderCertificate);
+UA_Int32 SL_Channel_bind(SL_Channel channel, UA_TL_Connection connection);
+UA_Int32 SL_Channel_setRemoteSecuritySettings(SL_Channel channel,
+		UA_AsymmetricAlgorithmSecurityHeader *asymSecHeader,
+		UA_SequenceHeader *sequenceHeader);
+UA_Int32 SL_Channel_initLocalSecuritySettings(SL_Channel channel);
 
 UA_Int32 SL_Channel_delete(SL_Channel *channel);
 UA_Int32 SL_Channel_deleteMembers(SL_Channel channel);
-UA_Int32 SL_Channel_renewToken(SL_Channel channel, UA_UInt32 tokenId, UA_DateTime revisedLifetime, UA_DateTime createdAt);
+UA_Int32 SL_Channel_renewToken(SL_Channel channel, UA_UInt32 tokenId,
+		UA_DateTime revisedLifetime, UA_DateTime createdAt);
 UA_Int32 SL_Channel_processOpenRequest(SL_Channel channel,
-		const UA_OpenSecureChannelRequest* request, UA_OpenSecureChannelResponse* response);
+		const UA_OpenSecureChannelRequest* request,
+		UA_OpenSecureChannelResponse* response);
 UA_Int32 SL_Channel_processCloseRequest(SL_Channel channel,
 		const UA_CloseSecureChannelRequest* request);
-UA_Int32 SL_Channel_registerTokenProvider(SL_Channel channel,SL_ChannelSecurityTokenProvider provider);
+UA_Int32 SL_Channel_registerTokenProvider(SL_Channel channel,
+		SL_ChannelSecurityTokenProvider provider);
 UA_Int32 SL_Channel_registerChannelIdProvider(SL_ChannelIdProvider provider);
 UA_Int32 SL_Channel_checkRequestId(SL_Channel channel, UA_UInt32 requestId);
 
-UA_Int32 SL_Channel_checkSequenceNumber(SL_Channel channel, UA_UInt32 sequenceNumber);
-UA_Boolean SL_Channel_compare(SL_Channel channel1, SL_Channel channel2);
+UA_Int32 SL_Channel_checkSequenceNumber(SL_Channel channel,
+		UA_UInt32 sequenceNumber);
+UA_Boolean SL_Channel_equal(SL_Channel channel1, SL_Channel channel2);
 //getters
 UA_Int32 SL_Channel_getChannelId(SL_Channel channel, UA_UInt32 *channelId);
 UA_Int32 SL_Channel_getTokenId(SL_Channel channel, UA_UInt32 *tokenlId);
-UA_Int32 SL_Channel_getSequenceNumber(SL_Channel channel, UA_UInt32 *sequenceNumber);
+UA_Int32 SL_Channel_getSequenceNumber(SL_Channel channel,
+		UA_UInt32 *sequenceNumber);
 UA_Int32 SL_Channel_getRequestId(SL_Channel channel, UA_UInt32 *requestId);
-UA_Int32 SL_Channel_getConnectionId(SL_Channel channel, UA_UInt32 *connectionId);
-UA_Int32 SL_Channel_getConnection(SL_Channel channel, UA_TL_Connection *connection);
+UA_Int32 SL_Channel_getConnectionId(SL_Channel channel,
+		UA_UInt32 *connectionId);
+UA_Int32 SL_Channel_getConnection(SL_Channel channel,
+		UA_TL_Connection *connection);
 UA_Int32 SL_Channel_getState(SL_Channel channel, SL_channelState *channelState);
-UA_Int32 SL_Channel_getLocalAsymAlgSettings(SL_Channel channel, UA_AsymmetricAlgorithmSecurityHeader **asymAlgSettings);
-UA_Int32 SL_Channel_getRemainingLifetime(SL_Channel channel, UA_Int32 *lifetime);
-
-UA_Int32 SL_Channel_getRevisedLifetime(SL_Channel channel, UA_UInt32 *revisedLifetime);
+UA_Int32 SL_Channel_getLocalAsymAlgSettings(SL_Channel channel,
+		UA_AsymmetricAlgorithmSecurityHeader **asymAlgSettings);
+UA_Int32 SL_Channel_getRemainingLifetime(SL_Channel channel,
+		UA_Int32 *lifetime);
 
+UA_Int32 SL_Channel_getRevisedLifetime(SL_Channel channel,
+		UA_UInt32 *revisedLifetime);
 
 //setters
 UA_Int32 SL_Channel_setId(SL_Channel channel, UA_UInt32 id);
 
-
-
-/*
-typedef struct SL_ChannelManager {
-	UA_UInt32 maxChannelCount;
-	UA_Int32 lastChannelId;
-	UA_UInt32 currentChannelCount;
-	UA_DateTime maxChannelLifeTime;
-	UA_indexedList_List channels;
-	UA_MessageSecurityMode securityMode;
-	UA_String *endpointUrl;
-}SL_ChannelManager;
-
-UA_Int32 SL_ChannelManager_init(SL_ChannelManager *channelManager, UA_UInt32 maxChannelCount, UA_Int32 startChannelId);
-UA_Int32 SL_ChannelManager_addChannel(SL_secureChannel channel);
-UA_Int32 SL_ChannelManager_renewChannelToken(UA_Int32 channelId, UA_DateTime requestedLifeTime);
-UA_Int32 SL_ChannelManager_bindChannel(UA_Int32 channelId, UA_TL_Connection1 connection);
-UA_Int32 SL_ChannelManager_removeChannel(UA_Int32 channelId);
-UA_Int32 SL_ChannelManager_getChannel(UA_Int32 channelId, SL_secureChannel *channel);
-UA_Int32 SL_ChannelManager_updateChannels();
-
-*/
-
-
-
 #endif /* UA_STACK_CHANNEL_H_ */

src/ua_stack_channel_manager.c

@@ -149,7 +149,7 @@ UA_Int32 SL_ChannelManager_removeChannel(UA_Int32 channelId)
 	UA_Int32 retval = UA_SUCCESS;
 	SL_ChannelManager_getChannel(channelId, &channel);
 
-	UA_list_Element *element =  UA_list_search(&channelManager->channels, (UA_list_PayloadComparer)SL_Channel_compare, &channel);
+	UA_list_Element *element =  UA_list_search(&channelManager->channels, (UA_list_PayloadComparer)SL_Channel_equal, &channel);
 	if(element){
 		retval |= UA_list_removeElement(element,(UA_list_PayloadVisitor)SL_Channel_delete);
 		return retval;

src/ua_stack_session.c

@@ -188,7 +188,7 @@ UA_Boolean UA_Session_verifyChannel(UA_Session session, SL_Channel channel)
 {
 	if(session && channel)
 	{
-		if(SL_Channel_compare(((UA_SessionType*)session)->channel, channel) == UA_EQUAL) {
+		if(SL_Channel_equal(((UA_SessionType*)session)->channel, channel) == UA_EQUAL) {
 				return UA_TRUE;
 		}
 	}

src/ua_stack_session.h

@@ -14,27 +14,111 @@
 
 typedef struct UA_SessionStruct *UA_Session;
 typedef UA_Int32(*UA_Session_idProvider)(UA_NodeId *newSessionId);
-
+/**
+ * @brief creates a session object
+ * @param newSession
+ * @return error code
+ */
 UA_Int32 UA_Session_new(UA_Session **newSession);
+/**
+ * @brief inits a session object
+ * @param session
+ * @param sessionName
+ * @param requestedSessionTimeout
+ * @param maxRequestMessageSize
+ * @param maxResponseMessageSize
+ * @param idProvider
+ * @param timeout
+ * @return error code
+ */
 UA_Int32 UA_Session_init(UA_Session session, UA_String *sessionName, UA_Double requestedSessionTimeout,
 		UA_UInt32 maxRequestMessageSize,
 		UA_UInt32 maxResponseMessageSize,
 		UA_Session_idProvider idProvider,
 		UA_Int64 timeout);
 UA_Int32 UA_Session_delete(UA_Session *session);
-
+/**
+ * @brief compares two session objects
+ * @param session1
+ * @param session2
+ * @return UA_EQUAL if it is the same session, UA_NOT_EQUAL else
+ */
 UA_Boolean UA_Session_compare(UA_Session session1, UA_Session session2);
+/**
+ * @brief compares two sessions by their authentication token
+ * @param session
+ * @param token
+ * @return UA_EQUAL if the session token matches the session UA_NOT_EQUAL
+ */
 UA_Boolean UA_Session_compareByToken(UA_Session session, UA_NodeId *token);
+/**
+ * @brief compares two sessions by their session id
+ * @param session
+ * @param sessionId
+ * @return UA_EQUAL if the session identifier matches the session UA_NOT_EQUAL
+ */
 UA_Boolean UA_Session_compareById(UA_Session session, UA_NodeId *sessionId);
+/**
+ * @brief binds a channel to a session
+ * @param session
+ * @param channel
+ * @return error code
+ */
 UA_Int32 UA_Session_bind(UA_Session session, SL_Channel channel);
+/**
+ * @brief checks if the given channel is related to the session
+ * @param session
+ * @param channel
+ * @return UA_TRUE if there is a relation between session and given channel
+ */
 UA_Boolean UA_Session_verifyChannel(UA_Session session, SL_Channel channel);
+/**
+ * @brief If any activity on a session happens, the timeout must be extended
+ * @param session
+ * @return error code
+ */
 UA_Int32 UA_Session_updateLifetime(UA_Session session);
+/**
+ * @brief Gets the session identifier (UA_NodeId)
+ * @param session session from which the identifier should be returned
+ * @param sessionId return value
+ * @return error code
+ */
 UA_Int32 UA_Session_getId(UA_Session session, UA_NodeId *sessionId);
+/**
+ * @brief Gets the session authentication token
+ * @param session session from which the token should be returned
+ * @param authenticationToken return value
+ * @return error code
+ */
 UA_Int32 UA_Session_getToken(UA_Session session, UA_NodeId *authenticationToken);
+/**
+ * @brief Gets the channel on which the session is currently running
+ * @param session session from which the channel should be returned
+ * @param channel return value
+ * @return
+ */
 UA_Int32 UA_Session_getChannel(UA_Session session, SL_Channel *channel);
-UA_Int32 UA_Session_getPendingLifetime(UA_Session,UA_Double *pendingLifetime);
+/**
+ * @brief Gets the sessions pending lifetime (calculated from the timeout which was set)
+ * @param session session from which the lifetime should be returned
+ * @param pendingLifetime return value
+ * @return error code
+ */
+UA_Int32 UA_Session_getPendingLifetime(UA_Session session,UA_Double *pendingLifetime);
+/**
+ * @brief Gets the pointer to the application
+ * @param session session from which the application pointer should be returned
+ * @param application return value
+ * @return  error code
+ */
 UA_Int32 UA_Session_getApplicationPointer(UA_Session session, Application** application);
-
+/**
+ * @brief Sets the application pointer to the application
+ * @param session session of which the application pointer should be set
+ * @param application return value
+ * @return error code
+ */
 UA_Int32 UA_Session_setApplicationPointer(UA_Session session, Application* application);
 
 

src/ua_transport.c

@@ -276,7 +276,6 @@ UA_Int32 UA_AsymmetricAlgorithmSecurityHeader_calcSizeBinary(UA_AsymmetricAlgori
 	 + UA_ByteString_calcSizeBinary(&ptr->securityPolicyUri)
 	 + UA_ByteString_calcSizeBinary(&ptr->senderCertificate)
 	 + UA_ByteString_calcSizeBinary(&ptr->receiverCertificateThumbprint)
-			//	 + sizeof(UA_UInt32) // requestId
 	;
 }
 
@@ -285,7 +284,6 @@ UA_Int32 UA_AsymmetricAlgorithmSecurityHeader_encodeBinary(UA_AsymmetricAlgorith
 	retval |= UA_ByteString_encodeBinary(&src->securityPolicyUri,dst,offset);
 	retval |= UA_ByteString_encodeBinary(&src->senderCertificate,dst,offset);
 	retval |= UA_ByteString_encodeBinary(&src->receiverCertificateThumbprint,dst,offset);
-	//	retval |= UA_UInt32_encodeBinary(&src->requestId,dst,offset);
 	return retval;
 }
 
@@ -295,7 +293,6 @@ UA_Int32 UA_AsymmetricAlgorithmSecurityHeader_decodeBinary(UA_ByteString const *
 	CHECKED_DECODE(UA_ByteString_decodeBinary(src,offset,&dst->securityPolicyUri), UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(dst));
 	CHECKED_DECODE(UA_ByteString_decodeBinary(src,offset,&dst->senderCertificate), UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(dst));
 	CHECKED_DECODE(UA_ByteString_decodeBinary(src,offset,&dst->receiverCertificateThumbprint), UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(dst));
-	//	CHECKED_DECODE(UA_UInt32_decodeBinary(src,offset,&dst->requestId), UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(dst));
 	return retval;
 }
 
@@ -319,7 +316,6 @@ UA_Int32 UA_AsymmetricAlgorithmSecurityHeader_init(UA_AsymmetricAlgorithmSecurit
 	retval |= UA_ByteString_init(&p->securityPolicyUri);
 	retval |= UA_ByteString_init(&p->senderCertificate);
 	retval |= UA_ByteString_init(&p->receiverCertificateThumbprint);
-	//retval |= UA_UInt32_init(&p->requestId);
 	return retval;
 }
 

src/ua_transport.h

@@ -89,7 +89,6 @@ typedef struct UA_AsymmetricAlgorithmSecurityHeader {
 	UA_ByteString securityPolicyUri;
 	UA_ByteString senderCertificate;
 	UA_ByteString receiverCertificateThumbprint;
-	UA_UInt32 requestId;
 } UA_AsymmetricAlgorithmSecurityHeader;
 UA_TYPE_PROTOTYPES(UA_AsymmetricAlgorithmSecurityHeader)
 UA_TYPE_BINARY_ENCODING(UA_AsymmetricAlgorithmSecurityHeader)

src/ua_transport_binary.c

@@ -58,52 +58,23 @@ static UA_Int32 TL_handleHello(UA_TL_Connection connection, const UA_ByteString*
 	return retval;
 }
 
-
-static UA_Int32 TL_securitySettingsMockup_get(UA_ByteString *receiverCertificateThumbprint,UA_ByteString *securityPolicyUri, UA_ByteString *senderCertificate)
-{
-	receiverCertificateThumbprint->data = UA_NULL;
-	receiverCertificateThumbprint->length = 0;
-
-	UA_String_copycstring("http://opcfoundation.org/UA/SecurityPolicy#None",(UA_String*)securityPolicyUri);
-
-	senderCertificate->data = UA_NULL;
-	senderCertificate->length = 0;
-
-	return UA_SUCCESS;
-}
 static UA_Int32 TL_handleOpen(UA_TL_Connection connection, const UA_ByteString* msg, UA_UInt32* pos) {
 	UA_Int32 retval = UA_SUCCESS;
 	UA_Int32 state;
 	SL_Channel *channel;
 
-	UA_ByteString receiverCertificateThumbprint;
-	UA_ByteString securityPolicyUri;
-	UA_ByteString senderCertificate;
-
-/*TODO place this into a initialization routine, get this from the "stack"-object*/
-	retval |= TL_securitySettingsMockup_get(&receiverCertificateThumbprint, &securityPolicyUri, &senderCertificate);
-
 	retval |= UA_TL_Connection_getState(connection,&state);
 	if (state == CONNECTIONSTATE_ESTABLISHED) {
-		retval |= SL_Channel_new(&channel,
+		retval |= SL_Channel_new(&channel);//just create channel
+		retval |= SL_Channel_init(*channel,connection,
 				SL_ChannelManager_generateChannelId,
-				SL_ChannelManager_generateToken,
-				&receiverCertificateThumbprint,
-				&securityPolicyUri,
-				&senderCertificate,
-				UA_SECURITYMODE_INVALID);
-
-		if(SL_Channel_initByRequest(*channel,connection, msg, pos) == UA_SUCCESS){
-			//TODO remove SL_ProcessOpenChannel (only a special case in SL_Process)
-			retval |= SL_ProcessOpenChannel(*channel, msg, pos);
-			retval |= SL_ChannelManager_addChannel(channel);
-			return retval;
-		}else{
-			printf("TL_handleOpen - ERROR: could not create new secureChannel");
-		}
-	}
-	else{
-		printf("TL_handleOpen - ERROR: wrong ConnectionState");
+			SL_ChannelManager_generateToken);
+		retval |= SL_Channel_bind(*channel,connection);
+		retval |= SL_ProcessOpenChannel(*channel, msg, pos);
+		retval |= SL_ChannelManager_addChannel(channel);
+		return retval;
+	}else{
+		printf("TL_handleOpen - ERROR: could not create new secureChannel");
 	}
 
 	return UA_ERR_INVALID_VALUE;

src/ua_transport_binary_secure.c

@@ -15,11 +15,6 @@
 static UA_Int32 SL_Send(SL_Channel channel,
 		const UA_ByteString * responseMessage, UA_Int32 type)
 {
-
-	//access function for SL_secureChannel
-	//SL_Channel_getId(secureChannel)
-	//SL_Channel_getSequenceNumber(secureChannel)
-
 	UA_UInt32 pos = 0;
 	UA_Int32 isAsym = (type == UA_OPENSECURECHANNELRESPONSE_NS0); // FIXME: this is a to dumb method to determine asymmetric algorithm setting
 	UA_UInt32 channelId;
@@ -29,8 +24,6 @@ static UA_Int32 SL_Send(SL_Channel channel,
 	UA_NodeId resp_nodeid;
 	UA_AsymmetricAlgorithmSecurityHeader *asymAlgSettings = UA_NULL;
 
-	//UA_AsymmetricAlgorithmSecurityHeader_new((void**)(&asymAlgSettings));
-
 	resp_nodeid.encodingByte = UA_NODEIDTYPE_FOURBYTE;
 	resp_nodeid.namespace = 0;
 	resp_nodeid.identifier.numeric = type + 2; // binary encoding
@@ -191,7 +184,6 @@ UA_Int32 SL_handleRequest(SL_Channel channel, const UA_ByteString* msg,
 	UA_Int32 serviceid = serviceRequestType.identifier.numeric - 2; // binary encoding has 2 added to the id
 	UA_Int32 responsetype;
 /* stack related services which only need information about the secure Channel */
-	//services which need a channel as parameter
 	if (serviceid == UA_GETENDPOINTSREQUEST_NS0)
 	{
 		RESPONSE_PREPARE(GetEndpoints);
@@ -280,7 +272,7 @@ UA_Int32 SL_handleRequest(SL_Channel channel, const UA_ByteString* msg,
 		}
 		DBG_VERBOSE(printf("Finished Service: %s\n", Write));
 		RESPONSE_CLEANUP(Write);
-		//TODO prepare userdefined implementation
+
 
 		responsetype = UA_WRITERESPONSE_NS0;
 	}
@@ -298,7 +290,7 @@ UA_Int32 SL_handleRequest(SL_Channel channel, const UA_ByteString* msg,
 		}
 		DBG_VERBOSE(printf("Finished Service: %s\n", Browse));
 		RESPONSE_CLEANUP(Browse);
-		//TODO prepare userdefined implementation
+
 
 		responsetype = UA_BROWSERESPONSE_NS0;
 	}
@@ -316,8 +308,6 @@ UA_Int32 SL_handleRequest(SL_Channel channel, const UA_ByteString* msg,
 		}
 		DBG_VERBOSE(printf("Finished Service: %s\n", CreateSubscription));
 		RESPONSE_CLEANUP(CreateSubscription);
-		//TODO prepare userdefined implementation
-
 		responsetype = UA_CREATESUBSCRIPTIONRESPONSE_NS0;
 	}
 	else if (serviceid == UA_TRANSLATEBROWSEPATHSTONODEIDSREQUEST_NS0)
@@ -334,8 +324,6 @@ UA_Int32 SL_handleRequest(SL_Channel channel, const UA_ByteString* msg,
 		}
 		DBG_VERBOSE(printf("Finished Service: %s\n", TranslateBrowsePathsToNodeIds));
 		RESPONSE_CLEANUP(TranslateBrowsePathsToNodeIds);
-		//TODO prepare userdefined implementation
-
 		responsetype = UA_TRANSLATEBROWSEPATHSTONODEIDSRESPONSE_NS0;
 	}
 	else if (serviceid == UA_PUBLISHREQUEST_NS0)
@@ -352,8 +340,6 @@ UA_Int32 SL_handleRequest(SL_Channel channel, const UA_ByteString* msg,
 		}
 		DBG_VERBOSE(printf("Finished Service: %s\n", Publish));
 		RESPONSE_CLEANUP(Publish);
-		//TODO prepare userdefined implementation
-
 		responsetype = UA_PUBLISHRESPONSE_NS0;
 	}
 	else if (serviceid == UA_CREATEMONITOREDITEMSREQUEST_NS0)
@@ -369,8 +355,6 @@ UA_Int32 SL_handleRequest(SL_Channel channel, const UA_ByteString* msg,
 		}
 		DBG_VERBOSE(printf("Finished Service: %s\n", CreateMonitoredItems));
 		RESPONSE_CLEANUP(CreateMonitoredItems);
-		//TODO prepare userdefined implementation
-
 		responsetype = UA_CREATEMONITOREDITEMSRESPONSE_NS0;
 	}
 	else if (serviceid == UA_SETPUBLISHINGMODEREQUEST_NS0)
@@ -386,8 +370,6 @@ UA_Int32 SL_handleRequest(SL_Channel channel, const UA_ByteString* msg,
 		}
 		DBG_VERBOSE(printf("Finished Service: %s\n", SetPublishingMode));
 		RESPONSE_CLEANUP(SetPublishingMode);
-		//TODO prepare userdefined implementation
-
 		responsetype = UA_SETPUBLISHINGMODERESPONSE_NS0;
 	}
 	else
@@ -416,18 +398,20 @@ UA_Int32 SL_handleRequest(SL_Channel channel, const UA_ByteString* msg,
 	*pos = recvOffset;
 	return retval;
 }
-/**
- *
- * @param connection
- * @param msg
- * @param pos
- * @return
- */
 
 UA_Int32 SL_ProcessOpenChannel(SL_Channel channel, const UA_ByteString* msg,
 		UA_UInt32 *pos)
 {
-	return SL_handleRequest(channel, msg, pos);
+	UA_Int32 retval = UA_SUCCESS;
+	UA_SequenceHeader sequenceHeader;
+	UA_AsymmetricAlgorithmSecurityHeader asymHeader;
+	*pos+=4; //skip secure channel id
+	UA_AsymmetricAlgorithmSecurityHeader_decodeBinary(msg,pos,&asymHeader);
+	UA_SequenceHeader_decodeBinary(msg,pos,&sequenceHeader);
+
+	//init remote security settings from the security header
+	SL_Channel_setRemoteSecuritySettings(channel,&asymHeader,&sequenceHeader);
+	return SL_handleRequest(channel, msg, pos) | retval;
 }
 UA_Int32 SL_ProcessCloseChannel(SL_Channel channel, const UA_ByteString* msg,
 		UA_UInt32 *pos)