Coverage Report

Created: 2026-06-30 06:45

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/open62541_15/src/server/ua_services_discovery.c
Line
Count
Source
1
/* This Source Code Form is subject to the terms of the Mozilla Public
2
 * License, v. 2.0. If a copy of the MPL was not distributed with this
3
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
4
 *
5
 *    Copyright 2014-2017 (c) Fraunhofer IOSB (Author: Julius Pfrommer)
6
 *    Copyright 2014-2016 (c) Sten GrĂ¼ner
7
 *    Copyright 2014, 2017 (c) Florian Palm
8
 *    Copyright 2016 (c) Oleksiy Vasylyev
9
 *    Copyright 2016-2017 (c) Stefan Profanter, fortiss GmbH
10
 *    Copyright 2017 (c) frax2222
11
 *    Copyright 2017 (c) Mark Giraud, Fraunhofer IOSB
12
 *    Copyright 2026 (c) o6 Automation GmbH (Author: Andreas Ebner)
13
 */
14
15
#include "ua_server_internal.h"
16
#include "ua_discovery.h"
17
#include "ua_services.h"
18
19
#ifdef UA_ENABLE_DISCOVERY
20
21
#include <open62541/client.h>
22
23
static UA_StatusCode
24
setApplicationDescriptionFromRegisteredServer(const UA_FindServersRequest *request,
25
                                              UA_ApplicationDescription *target,
26
0
                                              const UA_RegisteredServer *rs) {
27
0
    UA_StatusCode retval =  UA_STATUSCODE_GOOD;
28
0
    target->applicationType = rs->serverType;
29
0
    retval |= UA_String_copy(&rs->serverUri, &target->applicationUri);
30
0
    retval |= UA_String_copy(&rs->productUri, &target->productUri);
31
0
    retval |= UA_String_copy(&rs->gatewayServerUri, &target->gatewayServerUri);
32
0
    if(retval != UA_STATUSCODE_GOOD)
33
0
        return retval;
34
35
    /* If the client requests a specific locale, select the corresponding server
36
     * name */
37
0
    if(request->localeIdsSize) {
38
0
        UA_Boolean appNameFound = false;
39
0
        for(size_t i = 0; i < request->localeIdsSize && !appNameFound; i++) {
40
0
            for(size_t j =0; j < rs->serverNamesSize; j++) {
41
0
                if(UA_String_equal(&request->localeIds[i],
42
0
                                   &rs->serverNames[j].locale)) {
43
0
                    retval = UA_LocalizedText_copy(&rs->serverNames[j],
44
0
                                                   &target->applicationName);
45
0
                    if(retval != UA_STATUSCODE_GOOD)
46
0
                        return retval;
47
0
                    appNameFound = true;
48
0
                    break;
49
0
                }
50
0
            }
51
0
        }
52
53
        /* Server does not have the requested local, therefore we can select the
54
         * most suitable one */
55
0
        if(!appNameFound && rs->serverNamesSize) {
56
0
            retval = UA_LocalizedText_copy(&rs->serverNames[0],
57
0
                                           &target->applicationName);
58
0
            if(retval != UA_STATUSCODE_GOOD)
59
0
                return retval;
60
0
        }
61
0
    } else if(rs->serverNamesSize) {
62
        /* Just take the first name */
63
0
        retval = UA_LocalizedText_copy(&rs->serverNames[0],
64
0
                                       &target->applicationName);
65
0
        if(retval != UA_STATUSCODE_GOOD)
66
0
            return retval;
67
0
    }
68
69
    /* TODO: Where do we get the discoveryProfileUri for application data? */
70
71
0
    if(rs->discoveryUrlsSize > 0) {
72
0
        target->discoveryUrls = (UA_String *)
73
0
            UA_calloc(rs->discoveryUrlsSize, sizeof(UA_String));
74
0
        if(!target->discoveryUrls)
75
0
            return UA_STATUSCODE_BADOUTOFMEMORY;
76
0
        target->discoveryUrlsSize = rs->discoveryUrlsSize;
77
0
        for(size_t i = 0; i < rs->discoveryUrlsSize; i++)
78
0
            retval |= UA_String_copy(&rs->discoveryUrls[i],
79
0
                                     &target->discoveryUrls[i]);
80
0
    }
81
82
0
    return retval;
83
0
}
84
#endif
85
86
UA_Boolean
87
Service_FindServers(UA_Server *server, UA_Session *session,
88
                    const UA_FindServersRequest *request,
89
243
                    UA_FindServersResponse *response) {
90
243
    UA_ServerConfig *sc = &server->config;
91
243
    UA_LOG_DEBUG_SESSION(sc->logging, session, "Processing FindServersRequest");
92
243
    UA_LOCK_ASSERT(&server->serviceMutex);
93
94
    /* Return the server itself? */
95
243
    UA_Boolean foundSelf = false;
96
243
    if(request->serverUrisSize) {
97
4.29k
        for(size_t i = 0; i < request->serverUrisSize; i++) {
98
4.13k
            if(UA_String_equal(&request->serverUris[i],
99
4.13k
                               &sc->applicationDescription.applicationUri)) {
100
1
                foundSelf = true;
101
1
                break;
102
1
            }
103
4.13k
        }
104
160
    } else {
105
83
        foundSelf = true;
106
83
    }
107
108
#ifndef UA_ENABLE_DISCOVERY
109
    if(!foundSelf)
110
        return true;
111
112
    response->responseHeader.serviceResult =
113
        UA_Array_copy(&sc->applicationDescription, 1, (void**)&response->servers,
114
                      &UA_TYPES[UA_TYPES_APPLICATIONDESCRIPTION]);
115
    if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD)
116
        return true;
117
118
    response->serversSize = 1;
119
#else
120
243
    UA_DiscoveryManager *dm = (UA_DiscoveryManager*)
121
243
        getServerComponentByName(server, UA_STRING("discovery"));
122
243
    if(!dm) {
123
0
        response->responseHeader.serviceResult = UA_STATUSCODE_BADINTERNALERROR;
124
0
        return true;
125
0
    }
126
127
    /* Allocate enough memory, including memory for the "self" response */
128
243
    size_t maxResults = dm->registeredServersSize + 1;
129
243
    response->servers = (UA_ApplicationDescription*)
130
243
        UA_Array_new(maxResults, &UA_TYPES[UA_TYPES_APPLICATIONDESCRIPTION]);
131
243
    if(!response->servers) {
132
0
        response->responseHeader.serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
133
0
        return true;
134
0
    }
135
136
243
    size_t pos = 0;
137
243
    registeredServer *current;
138
139
    /* Copy "self" ApplicationDescriptions into the response */
140
243
    if(foundSelf) {
141
84
        response->responseHeader.serviceResult =
142
84
            UA_ApplicationDescription_copy(&sc->applicationDescription,
143
84
                                           &response->servers[pos]);
144
84
        pos++;
145
84
        if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD)
146
0
            goto cleanup;
147
84
    }
148
149
    /* Copy registered ApplicationDescriptions into the response */
150
243
    LIST_FOREACH(current, &dm->registeredServers, pointers) {
151
0
        UA_Boolean usable = (request->serverUrisSize == 0);
152
0
        if(!usable) {
153
            /* If client only requested a specific set of servers */
154
0
            for(size_t i = 0; i < request->serverUrisSize; i++) {
155
0
                if(UA_String_equal(&current->registeredServer.serverUri,
156
0
                                   &request->serverUris[i])) {
157
0
                    usable = true;
158
0
                    break;
159
0
                }
160
0
            }
161
0
        }
162
163
0
        if(!usable)
164
0
            continue;
165
166
0
        response->responseHeader.serviceResult |=
167
0
            setApplicationDescriptionFromRegisteredServer(request,
168
0
                                                          &response->servers[pos],
169
0
                                                          &current->registeredServer);
170
0
        pos++;
171
0
    }
172
173
243
 cleanup:
174
175
    /* Set the final size */
176
243
    if(pos == 0) {
177
159
        UA_free(response->servers);
178
159
        response->servers = NULL;
179
159
    }
180
243
    response->serversSize = pos;
181
243
#endif
182
183
    /* Mirror back the expected EndpointUrl */
184
243
    if(request->endpointUrl.length > 0) {
185
59
        for(size_t i = 0; i < response->serversSize; i++) {
186
25
            UA_ApplicationDescription *ad = &response->servers[i];
187
25
            UA_Array_delete(ad->discoveryUrls, ad->discoveryUrlsSize,
188
25
                            &UA_TYPES[UA_TYPES_STRING]);
189
25
            ad->discoveryUrls = NULL;
190
25
            ad->discoveryUrlsSize = 0;
191
25
            response->responseHeader.serviceResult =
192
25
                UA_Array_copy(&request->endpointUrl, 1,
193
25
                              (void**)&ad->discoveryUrls,
194
25
                              &UA_TYPES[UA_TYPES_STRING]);
195
25
            if(response->responseHeader.serviceResult != UA_STATUSCODE_GOOD)
196
0
                break;
197
25
            ad->discoveryUrlsSize = 1;
198
25
        }
199
34
    }
200
201
243
    return true;
202
243
}
203
204
#if defined(UA_ENABLE_DISCOVERY) && defined(UA_ENABLE_DISCOVERY_MULTICAST)
205
/* All filter criteria must be fulfilled in the list entry. The comparison is
206
 * case insensitive. Returns true if the entry matches the filter. */
207
static UA_Boolean
208
entryMatchesCapabilityFilter(size_t serverCapabilityFilterSize,
209
                             UA_String *serverCapabilityFilter,
210
0
                             UA_ServerOnNetwork *current) {
211
    /* If the entry has less capabilities defined than the filter, there's no match */
212
0
    if(serverCapabilityFilterSize > current->serverCapabilitiesSize)
213
0
        return false;
214
0
    for(size_t i = 0; i < serverCapabilityFilterSize; i++) {
215
0
        UA_Boolean capabilityFound = false;
216
0
        for(size_t j = 0; j < current->serverCapabilitiesSize; j++) {
217
0
            if(UA_String_equal_ignorecase(&serverCapabilityFilter[i],
218
0
                               &current->serverCapabilities[j])) {
219
0
                capabilityFound = true;
220
0
                break;
221
0
            }
222
0
        }
223
0
        if(!capabilityFound)
224
0
            return false;
225
0
    }
226
0
    return true;
227
0
}
228
229
UA_Boolean
230
Service_FindServersOnNetwork(UA_Server *server, UA_Session *session,
231
                             const UA_FindServersOnNetworkRequest *request,
232
2
                             UA_FindServersOnNetworkResponse *response) {
233
2
    UA_LOCK_ASSERT(&server->serviceMutex);
234
235
2
    UA_DiscoveryManager *dm = (UA_DiscoveryManager*)
236
2
        getServerComponentByName(server, UA_STRING("discovery"));
237
2
    if(!dm) {
238
0
        response->responseHeader.serviceResult = UA_STATUSCODE_BADINTERNALERROR;
239
0
        return true;
240
0
    }
241
242
2
    if(!server->config.mdnsEnabled) {
243
2
        response->responseHeader.serviceResult = UA_STATUSCODE_BADNOTIMPLEMENTED;
244
2
        return true;
245
2
    }
246
247
    /* Set LastCounterResetTime */
248
0
    response->lastCounterResetTime =
249
0
        UA_DiscoveryManager_getServerOnNetworkCounterResetTime(dm);
250
251
    /* Compute the max number of records to return */
252
0
    UA_UInt32 recordCount = 0;
253
0
    UA_UInt32 serverOnNetworkRecordIdCounter =
254
0
        UA_DiscoveryManager_getServerOnNetworkRecordIdCounter(dm);
255
0
    if(request->startingRecordId < serverOnNetworkRecordIdCounter)
256
0
        recordCount = serverOnNetworkRecordIdCounter - request->startingRecordId;
257
0
    if(request->maxRecordsToReturn && recordCount > request->maxRecordsToReturn)
258
0
        recordCount = UA_MIN(recordCount, request->maxRecordsToReturn);
259
0
    if(recordCount == 0) {
260
0
        response->serversSize = 0;
261
0
        return true;
262
0
    }
263
264
    /* Iterate over all records and add to filtered list */
265
0
    UA_UInt32 filteredCount = 0;
266
0
    UA_STACKARRAY(UA_ServerOnNetwork*, filtered, recordCount);
267
0
    UA_ServerOnNetwork *current = UA_DiscoveryManager_getServerOnNetworkList(dm);
268
0
    if(!current) {
269
0
        response->responseHeader.serviceResult = UA_STATUSCODE_BADINTERNALERROR;
270
0
        return true;
271
0
    }
272
0
    for(size_t i = 0; i < recordCount; i++) {
273
0
        if(filteredCount >= recordCount)
274
0
            break;
275
0
        if(current->recordId < request->startingRecordId)
276
0
            continue;
277
0
        if(!entryMatchesCapabilityFilter(request->serverCapabilityFilterSize,
278
0
                               request->serverCapabilityFilter, current))
279
0
            continue;
280
0
        filtered[filteredCount++] = current;
281
0
        current = UA_DiscoveryManager_getNextServerOnNetworkRecord(dm, current);
282
0
        if(!current)
283
0
            break;
284
0
    }
285
286
0
    if(filteredCount == 0)
287
0
        return true;
288
289
    /* Allocate the array for the response */
290
0
    response->servers = (UA_ServerOnNetwork*)
291
0
        UA_malloc(sizeof(UA_ServerOnNetwork)*filteredCount);
292
0
    if(!response->servers) {
293
0
        response->responseHeader.serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
294
0
        return true;
295
0
    }
296
0
    response->serversSize = filteredCount;
297
298
    /* Copy the server names */
299
0
    for(size_t i = 0; i < filteredCount; i++) {
300
0
        UA_ServerOnNetwork_copy(filtered[i], &response->servers[filteredCount-i-1]);
301
0
    }
302
0
    return true;
303
0
}
304
#endif
305
306
static UA_String basic256Sha256Uri = UA_STRING_STATIC("http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256");
307
308
/* Get an encrypted policy or NULL if no encrypted policy is defined */
309
UA_SecurityPolicy *
310
getDefaultEncryptedSecurityPolicy(UA_Server *server,
311
300
                                  UA_SecurityPolicyType type) {
312
300
    UA_SecurityPolicy *best = NULL;
313
300
    UA_Byte securityLevel = 0;
314
315
300
    (void)type;
316
600
    for(size_t i = 0; i < server->config.securityPoliciesSize; i++) {
317
300
        UA_SecurityPolicy *sp = &server->config.securityPolicies[i];
318
300
        if(sp->policyType == UA_SECURITYPOLICYTYPE_NONE)
319
300
            continue;
320
        /* This SecurityPolicy is used to secure a UserIdentityToken on top of a
321
         * #None SecureChannel (the only situation this function is called for).
322
         * ECC and RSA-DH policies use ephemeral key agreement that must be
323
         * bound to a secured SecureChannel - they must never be used to secure
324
         * an auth token over #None. Only the static-RSA encryption policies
325
         * (e.g. Basic256Sha256, Aes*_RsaOaep/RsaPss) qualify. */
326
0
        if(UA_SecurityPolicy_isEcc(sp) || UA_SecurityPolicy_isEnhancedSecurity(sp))
327
0
            continue;
328
        /* Return early with Basic256Sha256 when available. "Secure enough" and
329
         * most clients support it.*/
330
0
        if(UA_String_equal(&basic256Sha256Uri, &sp->policyUri))
331
0
            return sp;
332
0
        if(sp->securityLevel >= securityLevel) {
333
0
            best = sp;
334
0
            securityLevel = sp->securityLevel;
335
0
        }
336
0
    }
337
300
    return best;
338
300
}
339
340
static const char *securityModeStrs[4] = {"-invalid", "-none", "-sign", "-sign+encrypt"};
341
342
UA_String
343
253
securityPolicyUriPostfix(const UA_String uri) {
344
253
    if(uri.length == 0) return uri;
345
1.26k
    for(UA_Byte *b = uri.data + uri.length - 1; b >= uri.data; b--) {
346
1.26k
        if(*b != '#')
347
1.01k
            continue;
348
253
        UA_String postfix = {uri.length - (size_t)(b - uri.data), b};
349
253
        return postfix;
350
1.26k
    }
351
0
    return uri;
352
253
}
353
354
static UA_StatusCode
355
updateEndpointUserIdentityToken(UA_Server *server,
356
                                UA_SecurityPolicyType policyType,
357
253
                                UA_EndpointDescription *ed) {
358
    /* Don't modify the UserIdentityTokens if there are manually configured
359
     * entries */
360
253
    if(ed->userIdentityTokensSize > 0)
361
0
        return UA_STATUSCODE_GOOD;
362
363
    /* Copy the UserTokenPolicies from the AccessControl plugin, but only the
364
     * matching ones to the securityPolicyUri.
365
     * TODO: Different instances of the AccessControl plugin per Endpoint */
366
253
    UA_StatusCode res = UA_STATUSCODE_GOOD;
367
253
    UA_ServerConfig *sc = &server->config;
368
759
    for(size_t i = 0; i < sc->accessControl.userTokenPoliciesSize; i++) {
369
506
        UA_UserTokenPolicy *utp = &sc->accessControl.userTokenPolicies[i];
370
371
        /* Append the UserTokenPolicy from the AccesssControl plugin */
372
506
        res = UA_Array_appendCopy((void**)&ed->userIdentityTokens,
373
506
                                  &ed->userIdentityTokensSize, utp,
374
506
                                  &UA_TYPES[UA_TYPES_USERTOKENPOLICY]);
375
506
        if(res != UA_STATUSCODE_GOOD)
376
0
            return res;
377
378
        /* Now we modify the freshly copied last entry and ignore whatever
379
         * SecurityPolicy was set in sc->accessControl.userTokenPolicies and
380
         * choose something appropriate. If empty, the SecurityPolicy of the
381
         * SecureChannel is used. */
382
506
        utp = &ed->userIdentityTokens[ed->userIdentityTokensSize - 1];
383
506
        UA_String_clear(&utp->securityPolicyUri);
384
385
506
#ifdef UA_ENABLE_ENCRYPTION
386
        /* Anonymous tokens don't need encryption. All other tokens require
387
         * encryption with the exception of Username/Password if also the
388
         * allowNonePolicyPassword option has been set. The same logic is used
389
         * in selectEndpointAndTokenPolicy (ua_services_session.c). */
390
506
        if(utp->tokenType != UA_USERTOKENTYPE_ANONYMOUS &&
391
253
           UA_String_equal(&ed->securityPolicyUri, &UA_SECURITY_POLICY_NONE_URI) &&
392
253
           (!sc->allowNonePolicyPassword || utp->tokenType != UA_USERTOKENTYPE_USERNAME)) {
393
            /* Use the SecurityPolicy for the SecureChannel also for the
394
             * username/password. Otherwise pick the "bĂ«st" SecurityPolicĂ¿. */
395
253
            UA_SecurityPolicy *encSP;
396
253
            if(ed->securityMode == UA_MESSAGESECURITYMODE_NONE)
397
253
                encSP = getDefaultEncryptedSecurityPolicy(server, policyType);
398
0
            else
399
0
                encSP = getSecurityPolicyByUri(server, &ed->securityPolicyUri);
400
253
            if(!encSP) {
401
                /* No encrypted SecurityPolicy available */
402
253
                UA_LOG_WARNING(sc->logging, UA_LOGCATEGORY_CLIENT,
403
253
                               "Removing a UserTokenPolicy that would allow the "
404
253
                               "password to be transmitted without encryption "
405
253
                               "(Can be enabled via config->allowNonePolicyPassword)");
406
253
                UA_StatusCode res2 =
407
253
                    UA_Array_resize((void **)&ed->userIdentityTokens,
408
253
                                    &ed->userIdentityTokensSize,
409
253
                                    ed->userIdentityTokensSize - 1,
410
253
                                    &UA_TYPES[UA_TYPES_USERTOKENPOLICY]);
411
253
                (void)res2;
412
253
                continue;
413
253
            }
414
0
            res |= UA_String_copy(&encSP->policyUri, &utp->securityPolicyUri);
415
0
        }
416
253
#endif
417
418
        /* Append the SecurityMode and SecurityPolicy postfix to the PolicyId to
419
         * make it unique */
420
253
        UA_String postfix;
421
253
        if(utp->securityPolicyUri.length > 0)
422
0
            postfix = securityPolicyUriPostfix(utp->securityPolicyUri);
423
253
        else
424
253
            postfix = securityPolicyUriPostfix(ed->securityPolicyUri);
425
253
        size_t newLen = utp->policyId.length + postfix.length +
426
253
            strlen(securityModeStrs[ed->securityMode]);
427
253
        UA_Byte *newString = (UA_Byte*)UA_realloc(utp->policyId.data, newLen);
428
253
        if(!newString)
429
0
            continue;
430
253
        size_t pos = utp->policyId.length;
431
253
        memcpy(&newString[pos], securityModeStrs[ed->securityMode],
432
253
               strlen(securityModeStrs[ed->securityMode]));
433
253
        pos += strlen(securityModeStrs[ed->securityMode]);
434
253
        memcpy(&newString[pos], postfix.data, postfix.length);
435
253
        utp->policyId.data = newString;
436
253
        utp->policyId.length = newLen;
437
253
    }
438
439
253
    return res;
440
253
}
441
442
/* Also reused to create the EndpointDescription array in the
443
 * CreateSessionResponse */
444
UA_StatusCode
445
setCurrentEndpointsArray(UA_Server *server, const UA_String endpointUrl,
446
                         UA_String *profileUris, size_t profileUrisSize,
447
4.49k
                         UA_EndpointDescription **arr, size_t *arrSize) {
448
4.49k
    UA_ServerConfig *sc = &server->config;
449
450
    /* Clone the endpoint for each discoveryURL? */
451
4.49k
    size_t clone_times = 1;
452
4.49k
    if(endpointUrl.length == 0)
453
4.23k
        clone_times = sc->applicationDescription.discoveryUrlsSize;
454
455
    /* Allocate the array */
456
4.49k
    *arr = (UA_EndpointDescription*)
457
4.49k
        UA_Array_new(sc->endpointsSize * clone_times,
458
4.49k
                     &UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
459
4.49k
    if(!*arr)
460
0
        return UA_STATUSCODE_BADOUTOFMEMORY;
461
462
4.49k
    size_t pos = 0;
463
4.49k
    UA_StatusCode retval = UA_STATUSCODE_GOOD;
464
8.99k
    for(size_t j = 0; j < sc->endpointsSize; ++j) {
465
4.49k
        const UA_EndpointDescription *ep = &sc->endpoints[j];
466
467
        /* Test if the supported binary profile shall be returned */
468
4.49k
        UA_Boolean usable = (profileUrisSize == 0);
469
4.49k
        if(!usable) {
470
897
            for(size_t i = 0; i < profileUrisSize; ++i) {
471
867
                if(!UA_String_equal(&profileUris[i], &ep->transportProfileUri))
472
867
                    continue;
473
0
                usable = true;
474
0
                break;
475
867
            }
476
30
        }
477
4.49k
        if(!usable)
478
30
            continue;
479
480
        /* Get the SecurityPolicy */
481
4.46k
        UA_SecurityPolicy *sp =
482
4.46k
            getSecurityPolicyByUri(server, &ep->securityPolicyUri);
483
4.46k
        if(!sp) {
484
0
            UA_LOG_WARNING(server->config.logging, UA_LOGCATEGORY_SERVER,
485
0
                           "GetEndpoints: Endpoint defines SecurityPolicy "
486
0
                           "%S which is not available", ep->securityPolicyUri);
487
0
            continue;
488
0
        }
489
490
        /* Copy into the results */
491
4.71k
        for(size_t i = 0; i < clone_times; ++i) {
492
            /* Copy the endpoint with a current ApplicationDescription */
493
253
            UA_EndpointDescription *ed = &(*arr)[pos];
494
253
            retval |= UA_EndpointDescription_copy(&sc->endpoints[j], ed);
495
253
            UA_ApplicationDescription_clear(&ed->server);
496
253
            retval |= UA_ApplicationDescription_copy(&sc->applicationDescription,
497
253
                                                     &ed->server);
498
499
            /* Set the local certificate configured for the SecurityPolicy */
500
253
            UA_ByteString_clear(&ed->serverCertificate);
501
253
            retval |= UA_ByteString_copy(&sp->localCertificate,
502
253
                                         &ed->serverCertificate);
503
504
            /* Set the User Identity Token list from the AccessControl plugin.
505
             * This also selects an appropriate SecurityPolicy for the
506
             * AuthenticationToken. */
507
253
            retval |= updateEndpointUserIdentityToken(server, sp->policyType, ed);
508
509
            /* OPC UA Part 4 §5.4.2:
510
             *
511
             * If the endpoint uses None security but a token policy requires
512
             * encryption, the client needs a certificate to encrypt the token.
513
             * Set serverCertificate from the first token policy's encryption
514
             * SecurityPolicy so the client can encrypt the credential. */
515
253
            if(ed->serverCertificate.length == 0) {
516
506
                for(size_t ti = 0; ti < ed->userIdentityTokensSize; ti++) {
517
253
                    UA_UserTokenPolicy *utp = &ed->userIdentityTokens[ti];
518
253
                    if(utp->securityPolicyUri.length == 0)
519
253
                        continue;
520
0
                    UA_SecurityPolicy *encSP =
521
0
                        getSecurityPolicyByUri(server, &utp->securityPolicyUri);
522
0
                    if(!encSP || encSP->localCertificate.length == 0)
523
0
                        continue;
524
0
                    retval |= UA_ByteString_copy(&encSP->localCertificate,
525
0
                                                 &ed->serverCertificate);
526
0
                    break;
527
0
                }
528
253
            }
529
530
            /* Set the EndpointURL */
531
253
            UA_String_clear(&ed->endpointUrl);
532
253
            if(endpointUrl.length == 0) {
533
0
                retval |= UA_String_copy(&sc->applicationDescription.discoveryUrls[i],
534
0
                                         &ed->endpointUrl);
535
253
            } else {
536
                /* Mirror back the requested EndpointUrl and also add it to the
537
                 * array of discovery urls */
538
253
                retval |= UA_String_copy(&endpointUrl, &ed->endpointUrl);
539
540
                /* Check if the ServerUrl is already present in the DiscoveryUrl
541
                 * array */
542
253
                size_t k = 0;
543
253
                for(; k < ed->server.discoveryUrlsSize; k++) {
544
0
                    if(UA_String_equal(&ed->endpointUrl, &ed->server.discoveryUrls[k]))
545
0
                        break;
546
0
                }
547
253
                if(k == ed->server.discoveryUrlsSize) {
548
253
                    retval |= UA_Array_appendCopy((void **)&ed->server.discoveryUrls,
549
253
                                                  &ed->server.discoveryUrlsSize,
550
253
                                                  &endpointUrl,
551
253
                                                  &UA_TYPES[UA_TYPES_STRING]);
552
253
                }
553
253
            }
554
253
            if(retval != UA_STATUSCODE_GOOD)
555
0
                goto error;
556
557
253
            pos++;
558
253
        }
559
4.46k
    }
560
561
4.49k
    *arrSize = pos;
562
4.49k
    return UA_STATUSCODE_GOOD;
563
564
0
 error:
565
0
    UA_Array_delete(*arr, sc->endpointsSize * clone_times,
566
0
                    &UA_TYPES[UA_TYPES_ENDPOINTDESCRIPTION]);
567
0
    *arr = NULL;
568
0
    return retval;
569
4.49k
}
570
571
UA_Boolean
572
Service_GetEndpoints(UA_Server *server, UA_Session *session,
573
                     const UA_GetEndpointsRequest *request,
574
90
                     UA_GetEndpointsResponse *response) {
575
90
    UA_LOCK_ASSERT(&server->serviceMutex);
576
577
90
    UA_LOG_DEBUG_SESSION(server->config.logging, session,
578
90
                         "Processing GetEndpointsRequest with endpointUrl %S",
579
90
                         request->endpointUrl);
580
581
    /* If the client expects to see a specific endpointurl, mirror it back. If
582
     * not, clone the endpoints with the discovery url of all networklayers. */
583
90
    response->responseHeader.serviceResult =
584
90
        setCurrentEndpointsArray(server, request->endpointUrl,
585
90
                                 request->profileUris, request->profileUrisSize,
586
90
                                 &response->endpoints, &response->endpointsSize);
587
90
    return true;
588
90
}
589
590
#ifdef UA_ENABLE_DISCOVERY
591
592
static void
593
process_RegisterServer(UA_Server *server, UA_Session *session,
594
                       const UA_RequestHeader* requestHeader,
595
                       const UA_RegisteredServer *requestServer,
596
                       const size_t requestDiscoveryConfigurationSize,
597
                       const UA_ExtensionObject *requestDiscoveryConfiguration,
598
                       UA_ResponseHeader* responseHeader,
599
                       size_t *responseConfigurationResultsSize,
600
                       UA_StatusCode **responseConfigurationResults,
601
                       size_t *responseDiagnosticInfosSize,
602
17
                       UA_DiagnosticInfo *responseDiagnosticInfos) {
603
17
    UA_LOCK_ASSERT(&server->serviceMutex);
604
605
17
    UA_DiscoveryManager *dm = (UA_DiscoveryManager*)
606
17
        getServerComponentByName(server, UA_STRING("discovery"));
607
17
    if(!dm)
608
0
        return;
609
610
17
    UA_ServerConfig *sc = &server->config;
611
17
    if(sc->applicationDescription.applicationType != UA_APPLICATIONTYPE_DISCOVERYSERVER) {
612
17
        responseHeader->serviceResult = UA_STATUSCODE_BADSERVICEUNSUPPORTED;
613
17
        return;
614
17
    }
615
616
    /* Find the server from the request in the registered list */
617
0
    registeredServer *rs = NULL;
618
0
    LIST_FOREACH(rs, &dm->registeredServers, pointers) {
619
0
        if(UA_String_equal(&rs->registeredServer.serverUri, &requestServer->serverUri))
620
0
            break;
621
0
    }
622
623
0
    UA_MdnsDiscoveryConfiguration *mdnsConfig = NULL;
624
625
0
    const UA_String* mdnsServerName = NULL;
626
0
    if(requestDiscoveryConfigurationSize) {
627
0
        *responseConfigurationResults =
628
0
            (UA_StatusCode *)UA_Array_new(requestDiscoveryConfigurationSize,
629
0
                                          &UA_TYPES[UA_TYPES_STATUSCODE]);
630
0
        if(!(*responseConfigurationResults)) {
631
0
            responseHeader->serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
632
0
            return;
633
0
        }
634
0
        *responseConfigurationResultsSize = requestDiscoveryConfigurationSize;
635
636
0
        for(size_t i = 0; i < requestDiscoveryConfigurationSize; i++) {
637
0
            const UA_ExtensionObject *object = &requestDiscoveryConfiguration[i];
638
0
            if(!mdnsConfig && (object->encoding == UA_EXTENSIONOBJECT_DECODED ||
639
0
                               object->encoding == UA_EXTENSIONOBJECT_DECODED_NODELETE) &&
640
0
               (object->content.decoded.type == &UA_TYPES[UA_TYPES_MDNSDISCOVERYCONFIGURATION])) {
641
0
                mdnsConfig = (UA_MdnsDiscoveryConfiguration *)object->content.decoded.data;
642
0
                mdnsServerName = &mdnsConfig->mdnsServerName;
643
0
                (*responseConfigurationResults)[i] = UA_STATUSCODE_GOOD;
644
0
            } else {
645
0
                (*responseConfigurationResults)[i] = UA_STATUSCODE_BADNOTSUPPORTED;
646
0
            }
647
0
        }
648
0
    }
649
650
0
    if(!mdnsServerName && requestServer->serverNamesSize)
651
0
        mdnsServerName = &requestServer->serverNames[0].text;
652
653
0
    if(!mdnsServerName) {
654
0
        responseHeader->serviceResult = UA_STATUSCODE_BADSERVERNAMEMISSING;
655
0
        return;
656
0
    }
657
658
0
    if(requestServer->discoveryUrlsSize == 0) {
659
0
        responseHeader->serviceResult = UA_STATUSCODE_BADDISCOVERYURLMISSING;
660
0
        return;
661
0
    }
662
663
0
    if(requestServer->semaphoreFilePath.length) {
664
0
#ifdef UA_ENABLE_DISCOVERY_SEMAPHORE
665
0
        char* filePath = (char*)
666
0
            UA_malloc(sizeof(char)*requestServer->semaphoreFilePath.length+1);
667
0
        if(!filePath) {
668
0
            UA_LOG_ERROR_SESSION(sc->logging, session,
669
0
                                 "Cannot allocate memory for semaphore path. "
670
0
                                 "Out of memory.");
671
0
            responseHeader->serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
672
0
            return;
673
0
        }
674
0
        memcpy(filePath, requestServer->semaphoreFilePath.data,
675
0
               requestServer->semaphoreFilePath.length );
676
0
        filePath[requestServer->semaphoreFilePath.length] = '\0';
677
0
        if(!UA_fileExists( filePath )) {
678
0
            responseHeader->serviceResult = UA_STATUSCODE_BADSEMAPHOREFILEMISSING;
679
0
            UA_free(filePath);
680
0
            return;
681
0
        }
682
0
        UA_free(filePath);
683
#else
684
        UA_LOG_WARNING(sc->logging, UA_LOGCATEGORY_CLIENT,
685
                       "Ignoring semaphore file path. open62541 not compiled "
686
                       "with UA_ENABLE_DISCOVERY_SEMAPHORE=ON");
687
#endif
688
0
    }
689
690
0
#ifdef UA_ENABLE_DISCOVERY_MULTICAST
691
0
    if(sc->mdnsEnabled) {
692
0
        for(size_t i = 0; i < requestServer->discoveryUrlsSize; i++) {
693
            /* create TXT if is online and first index, delete TXT if is offline
694
             * and last index */
695
0
            UA_Boolean updateTxt = (requestServer->isOnline && i==0) ||
696
0
                (!requestServer->isOnline && i==requestServer->discoveryUrlsSize);
697
0
            UA_Discovery_updateMdnsForDiscoveryUrl(dm, *mdnsServerName, mdnsConfig,
698
0
                                                   requestServer->discoveryUrls[i],
699
0
                                                   requestServer->isOnline, updateTxt);
700
0
        }
701
0
    }
702
0
#endif
703
704
0
    if(!requestServer->isOnline) {
705
        /* Server is shutting down. Remove it from the registered servers list */
706
0
        if(!rs) {
707
            /* Server not found, show warning */
708
0
            UA_LOG_WARNING_SESSION(sc->logging, session,
709
0
                                   "Could not unregister server %S. Not registered.",
710
0
                                   requestServer->serverUri);
711
0
            responseHeader->serviceResult = UA_STATUSCODE_BADNOTHINGTODO;
712
0
            return;
713
0
        }
714
715
0
        if(dm->registerServerCallback)
716
0
            dm->registerServerCallback(requestServer, dm->registerServerCallbackData);
717
718
        /* Server found, remove from list */
719
0
        LIST_REMOVE(rs, pointers);
720
0
        UA_RegisteredServer_clear(&rs->registeredServer);
721
0
        UA_free(rs);
722
0
        dm->registeredServersSize--;
723
0
        responseHeader->serviceResult = UA_STATUSCODE_GOOD;
724
0
        return;
725
0
    }
726
727
0
    UA_StatusCode retval = UA_STATUSCODE_GOOD;
728
0
    if(!rs) {
729
        /* Server not yet registered, register it by adding it to the list */
730
0
        UA_LOG_DEBUG_SESSION(sc->logging, session,
731
0
                             "Registering new server: %S",
732
0
                             requestServer->serverUri);
733
734
0
        rs = (registeredServer*)UA_malloc(sizeof(registeredServer));
735
0
        if(!rs) {
736
0
            responseHeader->serviceResult = UA_STATUSCODE_BADOUTOFMEMORY;
737
0
            return;
738
0
        }
739
740
0
        LIST_INSERT_HEAD(&dm->registeredServers, rs, pointers);
741
0
        dm->registeredServersSize++;
742
0
    } else {
743
0
        UA_RegisteredServer_clear(&rs->registeredServer);
744
0
    }
745
746
    /* Always call the callback, if it is set. Previously we only called it if
747
     * it was a new register call. It may be the case that this endpoint
748
     * registered before, then crashed, restarts and registeres again. In that
749
     * case the entry is not deleted and the callback would not be called. */
750
0
    if(dm->registerServerCallback)
751
0
        dm->registerServerCallback(requestServer,
752
0
                                   dm->registerServerCallbackData);
753
754
    /* Ccopy the data from the request into the list */
755
0
    UA_EventLoop *el = sc->eventLoop;
756
0
    UA_DateTime nowMonotonic = el->dateTime_nowMonotonic(el);
757
0
    UA_RegisteredServer_copy(requestServer, &rs->registeredServer);
758
0
    rs->lastSeen = nowMonotonic;
759
0
    responseHeader->serviceResult = retval;
760
0
}
761
762
UA_Boolean
763
Service_RegisterServer(UA_Server *server, UA_Session *session,
764
                       const UA_RegisterServerRequest *request,
765
10
                       UA_RegisterServerResponse *response) {
766
10
    UA_LOG_DEBUG_SESSION(server->config.logging, session,
767
10
                         "Processing RegisterServerRequest");
768
10
    UA_LOCK_ASSERT(&server->serviceMutex);
769
10
    process_RegisterServer(server, session, &request->requestHeader,
770
10
                           &request->server, 0, NULL, &response->responseHeader,
771
10
                           0, NULL, 0, NULL);
772
10
    return true;
773
10
}
774
775
UA_Boolean
776
Service_RegisterServer2(UA_Server *server, UA_Session *session,
777
                        const UA_RegisterServer2Request *request,
778
7
                        UA_RegisterServer2Response *response) {
779
7
    UA_LOG_DEBUG_SESSION(server->config.logging, session,
780
7
                         "Processing RegisterServer2Request");
781
7
    UA_LOCK_ASSERT(&server->serviceMutex);
782
7
    process_RegisterServer(server, session, &request->requestHeader,
783
7
                           &request->server,
784
7
                           request->discoveryConfigurationSize,
785
7
                           request->discoveryConfiguration,
786
7
                           &response->responseHeader,
787
7
                           &response->configurationResultsSize,
788
7
                           &response->configurationResults,
789
7
                           &response->diagnosticInfosSize,
790
7
                           response->diagnosticInfos);
791
    return true;
792
7
}
793
794
#endif /* UA_ENABLE_DISCOVERY */