Home Esplora Aiuto
Accedi
thomas
/
open62541
Segui 1
Vota 0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): ac07df68b6
Rami (Branch) Tag
open62541
/
src
/
server
/
ua_securechannel_manager.c

ua_securechannel_manager.c 6.4 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154 
  1. #include "ua_securechannel_manager.h"
    2. 

  2. #include "ua_session.h"
    3. 

  3. #include "ua_statuscodes.h"
    4. 

  4. 

  5. UA_StatusCode
    6. 

  6. UA_SecureChannelManager_init(UA_SecureChannelManager *cm, size_t maxChannelCount, UA_UInt32 tokenLifetime,
    7. 

  7.                              UA_UInt32 startChannelId, UA_UInt32 startTokenId) {
    8. 

  8.     LIST_INIT(&cm->channels);
    9. 

  9.     cm->lastChannelId = startChannelId;
    10. 

  10.     cm->lastTokenId = startTokenId;
    11. 

  11.     cm->maxChannelLifetime = tokenLifetime;
    12. 

  12.     cm->maxChannelCount = maxChannelCount;
    13. 

  13.     cm->currentChannelCount = 0;
    14. 

  14.     return UA_STATUSCODE_GOOD;
    15. 

  15. }
    16. 

  16. 

  17. void UA_SecureChannelManager_deleteMembers(UA_SecureChannelManager *cm) {
    18. 

  18.     channel_list_entry *entry, *temp;
    19. 

  19.     LIST_FOREACH_SAFE(entry, &cm->channels, pointers, temp) {
    20. 

  20.         LIST_REMOVE(entry, pointers);
    21. 

  21.         UA_SecureChannel_deleteMembersCleanup(&entry->channel);
    22. 

  22.         UA_free(entry);
    23. 

  23.     }
    24. 

  24. }
    25. 

  25. 

  26. /* remove channels that were not renewed or who have no connection attached */
    27. 

  27. void UA_SecureChannelManager_cleanupTimedOut(UA_SecureChannelManager *cm, UA_DateTime now) {
    28. 

  28.     channel_list_entry *entry, *temp;
    29. 

  29.     LIST_FOREACH_SAFE(entry, &cm->channels, pointers, temp) {
    30. 

  30.         UA_DateTime timeout =
    31. 

  31.             entry->channel.securityToken.createdAt +
    32. 

  32.             ((UA_DateTime)entry->channel.securityToken.revisedLifetime * 10000);
    33. 

  33.         if(timeout < now || !entry->channel.connection) {
    34. 

  34.             LIST_REMOVE(entry, pointers);
    35. 

  35.             UA_SecureChannel_deleteMembersCleanup(&entry->channel);
    36. 

  36. #ifndef UA_MULTITHREADING
    37. 

  37.             cm->currentChannelCount--;
    38. 

  38. #else
    39. 

  39.             cm->currentChannelCount = uatomic_add_return(
    40. 

  40.                     &cm->currentChannelCount, -1);
    41. 

  41. #endif
    42. 

  42.             UA_free(entry);
    43. 

  43.         } else if(entry->channel.nextSecurityToken.tokenId > 0) {
    44. 

  44.             UA_SecureChannel_revolveTokens(&entry->channel);
    45. 

  45.         }
    46. 

  46.     }
    47. 

  47. }
    48. 

  48. 

  49. UA_StatusCode
    50. 

  50. UA_SecureChannelManager_open(UA_SecureChannelManager *cm, UA_Connection *conn,
    51. 

  51.                              const UA_OpenSecureChannelRequest *request,
    52. 

  52.                              UA_OpenSecureChannelResponse *response) {
    53. 

  53.     if(request->securityMode != UA_MESSAGESECURITYMODE_NONE)
    54. 

  54.         return UA_STATUSCODE_BADSECURITYMODEREJECTED;
    55. 

  55.     if(cm->currentChannelCount >= cm->maxChannelCount)
    56. 

  56.         return UA_STATUSCODE_BADOUTOFMEMORY;
    57. 

  57.     channel_list_entry *entry = UA_malloc(sizeof(channel_list_entry));
    58. 

  58.     if(!entry)
    59. 

  59.         return UA_STATUSCODE_BADOUTOFMEMORY;
    60. 

  60. #ifndef UA_MULTITHREADING
    61. 

  61.     cm->currentChannelCount++;
    62. 

  62. #else
    63. 

  63.     cm->currentChannelCount = uatomic_add_return(&cm->currentChannelCount, 1);
    64. 

  64. #endif
    65. 

  65. 

  66.     UA_SecureChannel_init(&entry->channel);
    67. 

  67.     response->responseHeader.stringTableSize = 0;
    68. 

  68.     response->responseHeader.timestamp = UA_DateTime_now();
    69. 

  69.     response->serverProtocolVersion = 0;
    70. 

  70. 

  71.     entry->channel.securityToken.channelId = cm->lastChannelId++;
    72. 

  72.     entry->channel.securityToken.tokenId = cm->lastTokenId++;
    73. 

  73.     entry->channel.securityToken.createdAt = UA_DateTime_now();
    74. 

  74.     entry->channel.securityToken.revisedLifetime =
    75. 

  75.             (request->requestedLifetime > cm->maxChannelLifetime) ?
    76. 

  76.                     cm->maxChannelLifetime : request->requestedLifetime;
    77. 

  77.     /* pragmatic workaround to get clients requesting lifetime of 0 working */
    78. 

  78.     if(entry->channel.securityToken.revisedLifetime == 0)
    79. 

  79.         entry->channel.securityToken.revisedLifetime = cm->maxChannelLifetime;
    80. 

  80. 

  81.     UA_ByteString_copy(&request->clientNonce, &entry->channel.clientNonce);
    82. 

  82.     entry->channel.serverAsymAlgSettings.securityPolicyUri = UA_STRING_ALLOC(
    83. 

  83.             "http://opcfoundation.org/UA/SecurityPolicy#None");
    84. 

  84. 

  85.     UA_SecureChannel_generateNonce(&entry->channel.serverNonce);
    86. 

  86.     UA_ByteString_copy(&entry->channel.serverNonce, &response->serverNonce);
    87. 

  87.     UA_ChannelSecurityToken_copy(&entry->channel.securityToken,
    88. 

  88.             &response->securityToken);
    89. 

  89. 

  90.     UA_Connection_attachSecureChannel(conn, &entry->channel);
    91. 

  91.     LIST_INSERT_HEAD(&cm->channels, entry, pointers);
    92. 

  92.     return UA_STATUSCODE_GOOD;
    93. 

  93. }
    94. 

  94. 

  95. UA_StatusCode
    96. 

  96. UA_SecureChannelManager_renew(UA_SecureChannelManager *cm, UA_Connection *conn,
    97. 

  97.                               const UA_OpenSecureChannelRequest *request,
    98. 

  98.                               UA_OpenSecureChannelResponse *response) {
    99. 

  99.     UA_SecureChannel *channel = conn->channel;
    100. 

  100.     if(!channel)
    101. 

  101.         return UA_STATUSCODE_BADINTERNALERROR;
    102. 

  102. 

  103.     /* if no security token is already issued */
    104. 

  104.     if(channel->nextSecurityToken.tokenId == 0) {
    105. 

  105.         channel->nextSecurityToken.channelId = channel->securityToken.channelId;
    106. 

  106.         //FIXME: UaExpert seems not to use the new tokenid
    107. 

  107.         channel->nextSecurityToken.tokenId = cm->lastTokenId++;
    108. 

  108.         //channel->nextSecurityToken.tokenId = channel->securityToken.tokenId;
    109. 

  109.         channel->nextSecurityToken.createdAt = UA_DateTime_now();
    110. 

  110.         channel->nextSecurityToken.revisedLifetime =
    111. 

  111.                 (request->requestedLifetime > cm->maxChannelLifetime) ?
    112. 

  112.                         cm->maxChannelLifetime : request->requestedLifetime;
    113. 

  113. 

  114.         /* pragmatic workaround to get clients requesting lifetime of 0 working */
    115. 

  115.         if(channel->nextSecurityToken.revisedLifetime == 0)
    116. 

  116.             channel->nextSecurityToken.revisedLifetime = cm->maxChannelLifetime;
    117. 

  117.     }
    118. 

  118. 

  119.     if(channel->clientNonce.data)
    120. 

  120.         UA_ByteString_deleteMembers(&channel->clientNonce);
    121. 

  121. 

  122.     UA_ByteString_copy(&request->clientNonce, &channel->clientNonce);
    123. 

  123.     UA_ByteString_copy(&channel->serverNonce, &response->serverNonce);
    124. 

  124.     UA_ChannelSecurityToken_copy(&channel->nextSecurityToken, &response->securityToken);
    125. 

  125.     return UA_STATUSCODE_GOOD;
    126. 

  126. }
    127. 

  127. 

  128. UA_SecureChannel * UA_SecureChannelManager_get(UA_SecureChannelManager *cm, UA_UInt32 channelId) {
    129. 

  129.     channel_list_entry *entry;
    130. 

  130.     LIST_FOREACH(entry, &cm->channels, pointers) {
    131. 

  131.         if(entry->channel.securityToken.channelId == channelId)
    132. 

  132.             return &entry->channel;
    133. 

  133.     }
    134. 

  134.     return NULL;
    135. 

  135. }
    136. 

  136. 

  137. UA_StatusCode UA_SecureChannelManager_close(UA_SecureChannelManager *cm, UA_UInt32 channelId) {
    138. 

  138.     channel_list_entry *entry;
    139. 

  139.     LIST_FOREACH(entry, &cm->channels, pointers) {
    140. 

  140.         if(entry->channel.securityToken.channelId == channelId) {
    141. 

  141.             LIST_REMOVE(entry, pointers);
    142. 

  142.             UA_SecureChannel_deleteMembersCleanup(&entry->channel);
    143. 

  143.             UA_free(entry);
    144. 

  144. #ifndef UA_MULTITHREADING
    145. 

  145.             cm->currentChannelCount--;
    146. 

  146. #else
    147. 

  147.             cm->currentChannelCount = uatomic_add_return(&cm->currentChannelCount, -1);
    148. 

  148. #endif
    149. 

  149.             return UA_STATUSCODE_GOOD;
    150. 

  150.         }
    151. 

  151.     }
    152. 

  152.     return UA_STATUSCODE_BADINTERNALERROR;
    153. 

  153. }
    154. 

  154.