#include <uaserver_config.h>
#if defined(_WIN32) || defined(_WIN32_WCE)
# include <winsock2.h>
#else
# include <unistd.h>
# include <stdlib.h>
# include <netdb.h>
# ifdef VXWORKS
# include <hostLib.h>
# endif
#endif
#include <uaserver_module.h>
#include <uaserver_utilities.h>
#include <uabase_p_filesystem.h>
#include <uabase_pki.h>
#include "custom_provider.h"
#define UASERVER_PORT 48020
#define UASERVER_APPLICATIONNAME "UaSdkC - LessonSecurity03"
#define UASERVER_APPLICATIONURI "UnifiedAutomation:UaSdkC:LessonSecurity03"
#define UASERVER_PRODUCTNAME "UaSdkC - LessonSecurity03"
#define UASERVER_PRODUCTURI "urn:UnifiedAutomation:UaSdkC:LessonSecurity03"
#define UASERVER_MANUFACTURERNAME "Unified Automation GmbH"
#define UASERVER_PKI_CONFIGNAME OPCUA_P_PKI_TYPE_OPENSSL
#define UASERVER_PKI_SERVERCERT "pki/own/uaservercert.der"
#define UASERVER_PKI_PRIVATEKEY "pki/own/uaserverkey.nopass.pem"
#define UASERVER_PKI_CERTDIR "pki/trusted/certs/"
#define UASERVER_PKI_CRLDIR "pki/trusted/crl/"
#define UASERVER_PKI_REJECTED "pki/rejected/"
OpcUa_StatusCode CreateCertificates(OpcUa_CharA *szApplicationUri, OpcUa_CharA *szHostname)
{
OpcUa_StatusCode uStatus = OpcUa_Good;
UaBase_File *pFile = OpcUa_Null;
OpcUa_Boolean bCertAvailable = OpcUa_True;
OpcUa_Int iRet;
pFile = UaBase_Fopen(UASERVER_PKI_SERVERCERT, "r");
if (pFile != OpcUa_Null)
{
UaBase_Fclose(pFile);
}
else
{
bCertAvailable = OpcUa_False;
}
pFile = UaBase_Fopen(UASERVER_PKI_PRIVATEKEY, "r");
if (pFile != OpcUa_Null)
{
UaBase_Fclose(pFile);
}
else
{
bCertAvailable = OpcUa_False;
}
if (bCertAvailable == OpcUa_False)
{
if (iRet !=
UABASE_SUCCESS) {printf(
"Could not create certificate path (ret=%i)\n", iRet);}
if (iRet !=
UABASE_SUCCESS) {printf(
"Could not create trust list path (ret=%i)\n", iRet);}
if (iRet !=
UABASE_SUCCESS) {printf(
"Could not create CRL path (ret=%i)\n", iRet);}
if (iRet !=
UABASE_SUCCESS) {printf(
"Could not create rejected certificate path (ret=%i)\n", iRet);}
}
if (bCertAvailable == OpcUa_False)
{
OpcUa_StatusCode ret = OpcUa_Good;
if (OpcUa_IsNotGood(ret)) {printf("UaBase_PkiRsaKeyPair_Create failed (ret=0x%08x)\n", ret);}
certificateInfo.sURI = szApplicationUri;
certificateInfo.
sIP =
"";
certificateInfo.
sDNS = (OpcUa_StringA)szHostname;
certificateInfo.sEMail = "";
certificateInfo.validTime = 3600*24*365*5;
subject.sCommonName = UASERVER_APPLICATIONNAME;
subject.sOrganization = UASERVER_MANUFACTURERNAME;
subject.sOrganizationUnit = "";
subject.sLocality = "Nuremberg";
subject.sState = "Bavaria";
subject.sCountry = "DE";
subject.sDomainComponent = "";
&pCertificate,
certificateInfo,
subject,
*pSubjectKeyPair,
subject,
*pSubjectKeyPair);
if (OpcUa_IsNotGood(ret)) {printf("UaBase_PkiCertificate_Create failed (ret=0x%08x)\n", ret);}
if (OpcUa_IsNotGood(ret)) {printf("UaBase_PkiCertificate_ToDERFile failed (ret=0x%08x)\n", ret);}
if (OpcUa_IsNotGood(ret)) {printf("UaBase_PkiRsaKeyPair_ToPEMFile failed (ret=0x%08x)\n", ret);}
}
return uStatus;
}
OpcUa_StatusCode InitializeOpcUaStack(OpcUa_Handle *a_phProxyStubPlatformLayer,
OpcUa_ProxyStubConfiguration *a_pProxyStubConfiguration)
{
OpcUa_InitializeStatus(OpcUa_Module_Server, "InitializeOpcUaStack");
printf("UA Server: Initializing Stack...\n");
a_pProxyStubConfiguration->bProxyStub_Trace_Enabled = OpcUa_True;
a_pProxyStubConfiguration->uProxyStub_Trace_Level = OPCUA_TRACE_OUTPUT_LEVEL_ERROR;
OpcUa_ReturnStatusCode;
OpcUa_BeginErrorHandling;
OpcUa_FinishErrorHandling;
}
OpcUa_StatusCode CleanupOpcUaStack(OpcUa_Handle *a_phProxyStubPlatformLayer)
{
OpcUa_InitializeStatus(OpcUa_Module_Server, "CleanupOpcUaStack");
OpcUa_ReturnStatusCode;
OpcUa_BeginErrorHandling;
OpcUa_FinishErrorHandling;
}
int GetFQHostname( char *szHostname, int len )
{
struct hostent *pEnt = 0;
int ret = gethostname( szHostname, len );
if ( ret != 0 ) return ret;
pEnt = gethostbyname( szHostname );
if ( pEnt == 0 ) return -1;
UaBase_strlcpy( szHostname, pEnt->h_name, len );
szHostname[len - 1] = 0;
return 0;
}
OpcUa_StatusCode ServerMain()
{
UaServer uaServer;
UaServer_Configuration *pServerConfig = OpcUa_Null;
OpcUa_CharA szHostname[256];
OpcUa_CharA szEndpointURL[300];
OpcUa_CharA szApplicationUri[300];
UaServer_Endpoint *pEndpoint = OpcUa_Null;
UaServer_Provider customProvider;
OpcUa_InitializeStatus(OpcUa_Module_Server, "ServerMain");
OpcUa_MemSet(szEndpointURL, 0, sizeof(szEndpointURL));
OpcUa_MemSet(szApplicationUri, 0, sizeof(szApplicationUri));
GetFQHostname(szHostname, sizeof(szHostname));
OpcUa_SnPrintfA(szEndpointURL, sizeof(szEndpointURL)-1, "opc.tcp://%s:%u", szHostname, UASERVER_PORT);
OpcUa_SnPrintfA(szApplicationUri, sizeof(szApplicationUri)-1, "urn:%s:%s", szHostname, UASERVER_APPLICATIONURI);
uStatus = CreateCertificates(szApplicationUri, szHostname);
OpcUa_GotoErrorIfBad(uStatus);
OpcUa_GotoErrorIfBad(uStatus);
OpcUa_String_AttachReadOnly(&pServerConfig->ApplicationDescription.ApplicationUri, szApplicationUri);
OpcUa_String_AttachReadOnly(&pServerConfig->ApplicationDescription.ProductUri, UASERVER_PRODUCTURI);
OpcUa_String_AttachReadOnly(&pServerConfig->ApplicationDescription.ApplicationName.Text, UASERVER_APPLICATIONNAME);
pServerConfig->ApplicationDescription.NoOfDiscoveryUrls = 1;
pServerConfig->ApplicationDescription.DiscoveryUrls = OpcUa_Alloc(sizeof(OpcUa_String));
OpcUa_String_Initialize(&pServerConfig->ApplicationDescription.DiscoveryUrls[0]);
OpcUa_String_AttachReadOnly(&pServerConfig->ApplicationDescription.DiscoveryUrls[0], szEndpointURL);
OpcUa_String_AttachReadOnly(&pServerConfig->BuildInfo.ManufacturerName, UASERVER_MANUFACTURERNAME);
OpcUa_String_AttachReadOnly(&pServerConfig->BuildInfo.ProductName, UASERVER_PRODUCTNAME);
OpcUa_String_AttachReadOnly(&pServerConfig->BuildInfo.SoftwareVersion, UASDK_VERSION);
OpcUa_String_AttachReadOnly(&pServerConfig->BuildInfo.BuildNumber, UASDK_BUILD_VERSION_STR);
OpcUa_String_AttachReadOnly(&pServerConfig->BuildInfo.ProductUri, UASERVER_APPLICATIONURI);
pServerConfig->BuildInfo.BuildDate = UaServer_GetBuildDate();
OpcUa_String_AttachReadOnly(&pServerConfig->RejectedCertificateLocation, UASERVER_PKI_REJECTED);
pServerConfig->uNoOfEndpoints = 1;
pServerConfig->pEndpoints = OpcUa_Alloc(sizeof(UaServer_Endpoint));
UaServer_Endpoint_Initialize(&pServerConfig->pEndpoints[0]);
pEndpoint = &pServerConfig->pEndpoints[0];
OpcUa_String_AttachReadOnly(&pEndpoint->sEndpointUrl, szEndpointURL);
OpcUa_String_AttachReadOnly(&pEndpoint->PkiConfigName, "PkiStoreOpenSSL");
pEndpoint->PkiConfig.strPkiType = (char*)UASERVER_PKI_CONFIGNAME;
pEndpoint->PkiConfig.strTrustedCertificateListLocation = (char*)UASERVER_PKI_CERTDIR;
pEndpoint->PkiConfig.strRevokedCertificateListLocation = (char*)UASERVER_PKI_CRLDIR;
OpcUa_String_AttachReadOnly(&pEndpoint->ServerCertificateLocation, UASERVER_PKI_SERVERCERT);
OpcUa_String_AttachReadOnly(&pEndpoint->ServerPrivateKeyLocation, UASERVER_PKI_PRIVATEKEY);
pEndpoint->uNoOfSecurityPolicyConfigurations = 1;
pEndpoint->pSecurityPolicyConfigurations = OpcUa_Alloc(sizeof(OpcUa_Endpoint_SecurityPolicyConfiguration));
OpcUa_MemSet(pEndpoint->pSecurityPolicyConfigurations, 0, sizeof(OpcUa_Endpoint_SecurityPolicyConfiguration));
OpcUa_String_AttachReadOnly(&pEndpoint->pSecurityPolicyConfigurations[0].sSecurityPolicy, OpcUa_SecurityPolicy_Basic256);
pEndpoint->pSecurityPolicyConfigurations[0].uMessageSecurityModes = OPCUA_ENDPOINT_MESSAGESECURITYMODE_SIGNANDENCRYPT;
pEndpoint->uNoOfUserTokenPolicy = 2;
pEndpoint->pUserTokenPolicy = OpcUa_Alloc(pEndpoint->uNoOfUserTokenPolicy *
sizeof(
OpcUa_UserTokenPolicy));
OpcUa_UserTokenPolicy_Initialize(&pEndpoint->pUserTokenPolicy[0]);
pEndpoint->pUserTokenPolicy[0].TokenType = OpcUa_UserTokenType_Anonymous;
OpcUa_String_AttachReadOnly(&pEndpoint->pUserTokenPolicy[0].PolicyId, "Anonymous");
OpcUa_UserTokenPolicy_Initialize(&pEndpoint->pUserTokenPolicy[1]);
pEndpoint->pUserTokenPolicy[1].TokenType = OpcUa_UserTokenType_UserName;
OpcUa_String_AttachReadOnly(&pEndpoint->pUserTokenPolicy[1].PolicyId, "UserName");
OpcUa_String_AttachReadOnly(&pEndpoint->pUserTokenPolicy[1].SecurityPolicyUri, OpcUa_SecurityPolicy_Basic256);
printf("UA Server: Building Provider List...\n");
OpcUa_GotoErrorIfBad(uStatus);
OpcUa_MemSet(&customProvider, 0, sizeof(customProvider));
customProvider.pfInit = CustomProvider_Initialize;
OpcUa_GotoErrorIfBad(uStatus);
printf("UA Server: Loading Provider Modules...\n");
OpcUa_GotoErrorIfBad(uStatus);
OpcUa_GotoErrorIfBad(uStatus);
printf("\n#############################################");
printf("\n# Server started! Press %s to stop!", UABASE_P_SHUTDOWN_SEQUENCE);
printf("\n#############################################\n\n");
printf("Endpoint URL: %s\n", szEndpointURL);
{
}
OpcUa_GotoErrorIfBad(uStatus);
OpcUa_CertificateStoreConfiguration_Initialize(&pEndpoint->PkiConfig);
printf("UA Server: Main stopped successfully.\n");
OpcUa_ReturnStatusCode;
OpcUa_BeginErrorHandling;
if (pEndpoint != OpcUa_Null)
{
OpcUa_CertificateStoreConfiguration_Initialize(&pEndpoint->PkiConfig);
}
printf("UA Server: Main stopped due to ERROR! (0x%08X)\nPress Enter to close Window!\n", uStatus);
getchar();
OpcUa_FinishErrorHandling;
}
int main(int argc, char *argv[])
{
int ret = EXIT_SUCCESS;
OpcUa_StatusCode uStatus = OpcUa_Good;
OpcUa_Handle hProxyStubPlatformLayer = OpcUa_Null;
OpcUa_ProxyStubConfiguration proxyStubConfiguration;
OpcUa_ReferenceParameter(argc);
OpcUa_ReferenceParameter(argv);
uStatus = InitializeOpcUaStack(&hProxyStubPlatformLayer, &proxyStubConfiguration);
if ( OpcUa_IsNotGood(uStatus) )
{
return EXIT_FAILURE;
}
uStatus = ServerMain();
if ( OpcUa_IsNotGood(uStatus) )
{
ret = EXIT_FAILURE;
}
uStatus = CleanupOpcUaStack(&hProxyStubPlatformLayer);
if ( OpcUa_IsNotGood(uStatus) )
{
ret = EXIT_FAILURE;
}
return ret;
}
#ifdef _WIN32_WCE
int WINAPI WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPWSTR lpCmdLine,
int nShowCmd)
{
OpcUa_ReferenceParameter(hInstance);
OpcUa_ReferenceParameter(hPrevInstance);
OpcUa_ReferenceParameter(lpCmdLine);
OpcUa_ReferenceParameter(nShowCmd);
return main(0, OpcUa_Null);
}
#endif