C++ Based OPC UA Client/Server/PubSub SDK
1.7.9.586
|
#include <uaendpoint.h>
Inherits UaPkiProviderCertificateValidationCallback.
Inherited by UaEndpointBase, UaEndpointIni, and UaEndpointXml.
Public Member Functions | |
UaEndpoint () | |
construction | |
UaEndpoint (const UaEndpoint &other) | |
construction More... | |
virtual | ~UaEndpoint () |
destruction | |
UaEndpoint & | operator= (const UaEndpoint &other) |
Implements the operator = for UaEndpoint. More... | |
UaStatus | setSerializerType (OpcUa_Endpoint_SerializerType eSerializerType) |
Set the serializer type used for the endpoint. More... | |
OpcUa_Endpoint_SerializerType | eSerializerType () const |
Get the serializer type used for the endpoint. More... | |
void | setEndpointUrl (UaString sEndpointUrl, OpcUa_Boolean useAlsoAsStackUrl) |
Set the URL used for the endpoint. More... | |
UaString | sEndpointUrl () const |
Get the URL used for the endpoint. More... | |
void | setAlternativeEndpointUrls (const UaStringArray &alternativeEndpointUrls) |
Set alternative Endpoint URL for the endpoint. More... | |
UaStringArray | alternativeEndpointUrls () const |
Get the alternative Endpoint URLs configured for the endpoint. More... | |
void | setStackEndpointUrl (UaString sStackEndpointUrl) |
Set the URL for the Endpoint used for the stack. More... | |
UaStatus | addSecuritySetting (const UaEndpointSecuritySetting &endpointSecuritySetting) |
Add a security setting to the endpoint. More... | |
const UaEndpointSecuritySettingArray & | securitySettings () const |
Get the list of security settings. More... | |
OpcUa_Handle | hPKIConfig () const |
Get the handle to the PKI configuration. More... | |
UaPkiProvider * | pkiProvider () const |
Get the PKI provider. More... | |
void | setEndpointHandle (OpcUa_Endpoint endpoint) |
Set the Endpoint handle for the Endpoint opened with the stack. More... | |
OpcUa_Endpoint | endpointHandle () const |
Get the URL used for the endpoint. More... | |
void | setIsVisible (OpcUa_Boolean isVisible) |
Set the flag that indicates if the endpoint is contained in GetEndpoints. More... | |
void | setDefaultVisibity (OpcUa_Boolean visibility) |
Configure the default visibility of this endpoint. More... | |
void | resetVisibilityToDefault (void) |
Reset the visibility flag to its configured default value. | |
OpcUa_Boolean | defaultVisibility (void) const |
Get the value of the configured default visibility. | |
OpcUa_Boolean | isVisible () const |
Get the flag that indicates if the endpoint is contained in GetEndpoints. More... | |
void | setIsDiscoveryUrl (OpcUa_Boolean isDiscoveryUrl) |
Set the flag that indicates if the endpoint URL is provided as discovery URL. More... | |
OpcUa_Boolean | isDiscoveryUrl () const |
Get the flag that indicates if the endpoint URL is provided as discovery URL. More... | |
void | setReturnOnlyOnEndpointUrlMatch (OpcUa_Boolean returnOnlyOnEndpointUrlMatch) |
Set the flag indicating if the endpoint is returned in discovery depending on EndpointUrl match. More... | |
OpcUa_Boolean | returnOnlyOnEndpointUrlMatch () const |
Get the flag indicating if the endpoint is returned in discovery depending on EndpointUrl match. More... | |
void | setPassword (const UaString &sPassword) |
Set the password to load a protected private key. More... | |
UaString | sPassword () const |
Get the password to load a protected private key. More... | |
void | setAutomaticallyTrustAllClientCertificates (OpcUa_Boolean automaticTrust) |
Sets the endpoint to automatically trust all client certificates. More... | |
OpcUa_Boolean | automaticallyTrustAllClientCertificates () const |
Get the flag that indicates if the endpoint automatically trusts all client certificates. More... | |
void | setProvisioningModeActive (OpcUa_Boolean isActive) |
Sets the endpoint provisioning mode active flag. | |
OpcUa_Boolean | provisioningModeActive () const |
Get the flag that indicates if the endpoint is in Provisioning mode. | |
void | setCreateSignatureWithChain (OpcUa_Boolean createSignatureWithChain) |
Sets the endpoint to calculate the server signature using the certificate chain if available. More... | |
OpcUa_Boolean | createSignatureWithChain () const |
Get the flag that indicates if the endpoint uses a certificate chain to calculate the server signature. More... | |
void | setDisableApplicationUriCheck (OpcUa_Boolean disableApplicationUriCheck) |
Flag used to disable the ApplicationUri match check between client certificate and parameter in CreateSession. More... | |
OpcUa_Boolean | disableApplicationUriCheck () const |
Returns the flag used to disable the ApplicationUri match check between client certificate and parameter in CreateSession. | |
void | setDisableUserTokenPolicyIdCheck (OpcUa_Boolean disableUserTokenPolicyIdCheck) |
Flag used to disable the UserToken PolicyId check in ActivateSession. More... | |
OpcUa_Boolean | disableUserTokenPolicyIdCheck () const |
Returns the flag used to disable the UserToken PolicyId check in ActivateSession. | |
void | setDisableNonceLengthCheck (OpcUa_Boolean disableNonceLengthCheck) |
Flag used to disable the client nonce length check in CreateSession. More... | |
void | setDisableCertificateSignatureAlgorithmCheck (OpcUa_Boolean disableCertificateSignatureAlgorithmCheck) |
Flag used to disable the client certificate validation error BadSignatureAlgorithmNotAllowed. More... | |
void | setDisableErrorCertificateKeyTooShort (OpcUa_Boolean disableErrorCertificateKeyTooShort) |
Flag used to disable the client certificate validation error BadCryptoKeyTooShort. More... | |
void | setDisableErrorCertificateKeyTooLong (OpcUa_Boolean disableErrorCertificateKeyTooLong) |
Flag used to disable the client certificate validation error BadCryptoKeyTooLong. More... | |
void | setDisableCertificateUsageCheck (OpcUa_Boolean disableCertificateUsageCheck) |
Flag used to disable the client certificate validation error BadCertificateUseNotAllowed. More... | |
void | setDisableErrorCertificateTimeInvalid (OpcUa_Boolean disableErrorCertificateTimeInvalid) |
Flag used to disable the client certificate validation error BadCertificateTimeInvalid. More... | |
void | setDisableErrorCertificateIssuerTimeInvalid (OpcUa_Boolean disableErrorCertificateIssuerTimeInvalid) |
Flag used to disable the client certificate validation error BadCertificateIssuerTimeInvalid. More... | |
void | setDisableErrorCertificateRevocationUnknown (OpcUa_Boolean disableErrorCertificateRevocationUnknown) |
Flag used to disable the client certificate validation error BadCertificateRevocationUnknown. More... | |
void | setDisableErrorCertificateIssuerRevocationUnknown (OpcUa_Boolean disableErrorCertificateIssuerRevocationUnknown) |
Flag used to disable the client certificate validation error BadCertificateIssuerRevocationUnknown. More... | |
void | setIsTransparentRedundant (OpcUa_Boolean isTransparentRedundant) |
Set the flag that indicates if the endpoint support transparent redundancy. More... | |
OpcUa_Boolean | isTransparentRedundant () const |
Get the flag that indicates if the endpoint support transparent redundancy. More... | |
void | setReverseConnectUrls (const UaStringArray &arrayReverseConnectUrls) |
Sets the array of URLs used to create reverse connections to clients. More... | |
void | addReverseConnectUrl (const UaString &reverseConnectUrl) |
Adds a reverse connection to the list of reverse connections to clients. | |
void | getReverseConnectUrls (UaStringArray &arrayReverseConnectUrls) const |
Get the array of URLs used to create reverse connections to clients. | |
OpcUa_UInt32 | endpointCertificateStoreIndex () const |
Returns the index of the CertificateSore used for the endpoint. | |
CertificateStoreConfiguration * | pEndpointCertificateStore () const |
Returns the CertificateStoreConfiguration object for the endpoint. | |
CertificateConfiguration * | pEndpointCertificateSettings () const |
Returns the CertificateConfiguration object for the endpoint. | |
UaStatus | loadCertificate () |
Load the configured certificate. More... | |
virtual bool | certificateVerificationError (OpcUa_Void *pvVerifyContext, const UaByteString &certificateChain, OpcUa_StatusCode uVerificationResult, OpcUa_UInt32 uDepth) |
Callback method to inform about errors during certificate validation. More... | |
Container class for optimized handling of OPC UA Endpoint description data. The list of endpoints is used by the SDK to open the endpoints in the UA ANSI C Stack when the UA Module is started with UaModule::startUp. For each endpoint in the list the method OpcUa_Endpoint_Open is called in the UA ANSI C Stack. The list is also used to return the list of endpoint descriptions in the UA Service implementation for GetEndpoints. In this case the Service returns multiple endpoint description for each endpoint if more than one security policy or more than one security mode is set.
UaEndpoint::UaEndpoint | ( | const UaEndpoint & | other | ) |
construction
other | the UaEndpoint to assign. |
UaStatus UaEndpoint::addSecuritySetting | ( | const UaEndpointSecuritySetting & | endpointSecuritySetting | ) |
Add a security setting to the endpoint.
endpointSecuritySetting | security setting from the endpoint. |
|
inline |
Get the alternative Endpoint URLs configured for the endpoint.
OpcUa_Boolean UaEndpoint::automaticallyTrustAllClientCertificates | ( | ) | const |
Get the flag that indicates if the endpoint automatically trusts all client certificates.
This option can be activated if certificates are used only for message security but not for application authentication. If set to true, all client certificates will be accepted automatically and they are not stored. It is strongly recommended to use this option only together with user authentication.
|
virtual |
Callback method to inform about errors during certificate validation.
Implements UaPkiProviderCertificateValidationCallback.
OpcUa_Boolean UaEndpoint::createSignatureWithChain | ( | ) | const |
Get the flag that indicates if the endpoint uses a certificate chain to calculate the server signature.
For calculating the server signature the server needs to append the client certificate to the client nonce. If the client sends a certificate chain the server should only use the leaf certificate to calculate the server signature. With this setting the server uses the complete certificate chain instead. This is not the recommandded behaviour. Only set this flag to workaround interoperability issues with misbehaving clients.
|
inline |
Get the URL used for the endpoint.
|
inline |
OpcUa_Handle UaEndpoint::hPKIConfig | ( | ) | const |
Get the handle to the PKI configuration.
OpcUa_Boolean UaEndpoint::isDiscoveryUrl | ( | ) | const |
Get the flag that indicates if the endpoint URL is provided as discovery URL.
OpcUa_Boolean UaEndpoint::isTransparentRedundant | ( | ) | const |
Get the flag that indicates if the endpoint support transparent redundancy.
OpcUa_Boolean UaEndpoint::isVisible | ( | ) | const |
Get the flag that indicates if the endpoint is contained in GetEndpoints.
UaStatus UaEndpoint::loadCertificate | ( | ) |
Load the configured certificate.
UaEndpoint & UaEndpoint::operator= | ( | const UaEndpoint & | other | ) |
Implements the operator = for UaEndpoint.
other | the UaEndpoint to assign. |
UaPkiProvider * UaEndpoint::pkiProvider | ( | ) | const |
Get the PKI provider.
OpcUa_Boolean UaEndpoint::returnOnlyOnEndpointUrlMatch | ( | ) | const |
Get the flag indicating if the endpoint is returned in discovery depending on EndpointUrl match.
|
inline |
|
inline |
Get the URL used for the endpoint.
void UaEndpoint::setAlternativeEndpointUrls | ( | const UaStringArray & | alternativeEndpointUrls | ) |
Set alternative Endpoint URL for the endpoint.
These URLs are URLs accessible for OPC UA clients when they connect through an intermediate component like a proxy. These endpoints will be accepted in GetEndpoints and CreateSession and returned by GetEndpoints and CreateSession if the matching URL is provided by the client in these services.
alternativeEndpointUrls | the list of alternative URLs. |
void UaEndpoint::setAutomaticallyTrustAllClientCertificates | ( | OpcUa_Boolean | automaticTrust | ) |
Sets the endpoint to automatically trust all client certificates.
This option can be activated if certificates are used only for message security but not for application authentication. If set to true, all client certificates will be accepted automatically and they are not stored. It is stronly recommended to use this option only together with user authentication.
void UaEndpoint::setCreateSignatureWithChain | ( | OpcUa_Boolean | createSignatureWithChain | ) |
Sets the endpoint to calculate the server signature using the certificate chain if available.
For calculating the server signature the server needs to append the client certificate to the client nonce. If the client sends a certificate chain the server should only use the leaf certificate to calculate the server signature. With this setting the server uses the complete certificate chain instead. This is not the recommandded behaviour. Only set this flag to workaround interoperability issues with misbehaving clients.
void UaEndpoint::setDefaultVisibity | ( | OpcUa_Boolean | visibility | ) |
Configure the default visibility of this endpoint.
The visibility can be used to restore the visibility when opening the endpoint again.
void UaEndpoint::setDisableApplicationUriCheck | ( | OpcUa_Boolean | disableApplicationUriCheck | ) |
Flag used to disable the ApplicationUri match check between client certificate and parameter in CreateSession.
The check is required for compliant OPC UA servers but older clients may provide a wrong ApplicationUri.
Default value is OpcUa_False.
void UaEndpoint::setDisableCertificateSignatureAlgorithmCheck | ( | OpcUa_Boolean | disableCertificateSignatureAlgorithmCheck | ) |
Flag used to disable the client certificate validation error BadSignatureAlgorithmNotAllowed.
This is a security relevant check and should never be disabled except for a temporary workaround if absolutely necessary. Default value is OpcUa_False.
void UaEndpoint::setDisableCertificateUsageCheck | ( | OpcUa_Boolean | disableCertificateUsageCheck | ) |
Flag used to disable the client certificate validation error BadCertificateUseNotAllowed.
These checks include checking for the SubjectAlternativeName, the KeyUsage and ExtendedKeyUsage of the certificate. These are security relevant checks and should not be disabled except for a temporary workaround if absolutely necessary. Default value is OpcUa_False.
void UaEndpoint::setDisableErrorCertificateIssuerRevocationUnknown | ( | OpcUa_Boolean | disableErrorCertificateIssuerRevocationUnknown | ) |
Flag used to disable the client certificate validation error BadCertificateIssuerRevocationUnknown.
Default value is OpcUa_False.
void UaEndpoint::setDisableErrorCertificateIssuerTimeInvalid | ( | OpcUa_Boolean | disableErrorCertificateIssuerTimeInvalid | ) |
Flag used to disable the client certificate validation error BadCertificateIssuerTimeInvalid.
Default value is OpcUa_False.
void UaEndpoint::setDisableErrorCertificateKeyTooLong | ( | OpcUa_Boolean | disableErrorCertificateKeyTooLong | ) |
Flag used to disable the client certificate validation error BadCryptoKeyTooLong.
A key longer than defined by the security policy is not a security problem but against the standard. Default value is OpcUa_False.
void UaEndpoint::setDisableErrorCertificateKeyTooShort | ( | OpcUa_Boolean | disableErrorCertificateKeyTooShort | ) |
Flag used to disable the client certificate validation error BadCryptoKeyTooShort.
This is a security relevant check and should never be disabled except for a temporary workaround if absolutely necessary. Default value is OpcUa_False.
void UaEndpoint::setDisableErrorCertificateRevocationUnknown | ( | OpcUa_Boolean | disableErrorCertificateRevocationUnknown | ) |
Flag used to disable the client certificate validation error BadCertificateRevocationUnknown.
Default value is OpcUa_False.
void UaEndpoint::setDisableErrorCertificateTimeInvalid | ( | OpcUa_Boolean | disableErrorCertificateTimeInvalid | ) |
Flag used to disable the client certificate validation error BadCertificateTimeInvalid.
Default value is OpcUa_False.
void UaEndpoint::setDisableNonceLengthCheck | ( | OpcUa_Boolean | disableNonceLengthCheck | ) |
Flag used to disable the client nonce length check in CreateSession.
The check is required for compliant OPC UA servers but older clients may provide a client nonce that is shorter than the required 32 bytes.
Default value is OpcUa_False.
void UaEndpoint::setDisableUserTokenPolicyIdCheck | ( | OpcUa_Boolean | disableUserTokenPolicyIdCheck | ) |
Flag used to disable the UserToken PolicyId check in ActivateSession.
The check is required for compliant OPC UA servers but older clients may not provide the UserToken PolicyId.
Default value is OpcUa_False.
void UaEndpoint::setEndpointHandle | ( | OpcUa_Endpoint | endpoint | ) |
Set the Endpoint handle for the Endpoint opened with the stack.
void UaEndpoint::setEndpointUrl | ( | UaString | sEndpointUrl, |
OpcUa_Boolean | useAlsoAsStackUrl | ||
) |
Set the URL used for the endpoint.
sEndpointUrl | the URL used for the endpoint. |
useAlsoAsStackUrl | true if also used false if not. |
void UaEndpoint::setIsDiscoveryUrl | ( | OpcUa_Boolean | isDiscoveryUrl | ) |
Set the flag that indicates if the endpoint URL is provided as discovery URL.
void UaEndpoint::setIsTransparentRedundant | ( | OpcUa_Boolean | isTransparentRedundant | ) |
Set the flag that indicates if the endpoint support transparent redundancy.
void UaEndpoint::setIsVisible | ( | OpcUa_Boolean | isVisible | ) |
Set the flag that indicates if the endpoint is contained in GetEndpoints.
void UaEndpoint::setPassword | ( | const UaString & | sPassword | ) |
Set the password to load a protected private key.
void UaEndpoint::setReturnOnlyOnEndpointUrlMatch | ( | OpcUa_Boolean | returnOnlyOnEndpointUrlMatch | ) |
Set the flag indicating if the endpoint is returned in discovery depending on EndpointUrl match.
void UaEndpoint::setReverseConnectUrls | ( | const UaStringArray & | arrayReverseConnectUrls | ) |
Sets the array of URLs used to create reverse connections to clients.
This overwrites the list stored for the endpoint
UaStatus UaEndpoint::setSerializerType | ( | OpcUa_Endpoint_SerializerType | eSerializerType | ) |
Set the serializer type used for the endpoint.
eSerializerType | Serializer type enumeration value. Possible enumeration values are OpcUa_Endpoint_SerializerType_Binary OpcUa_Endpoint_SerializerType_Xml |
void UaEndpoint::setStackEndpointUrl | ( | UaString | sStackEndpointUrl | ) |
Set the URL for the Endpoint used for the stack.
This URL allows to define a specific address the stack should use to bind to.
sStackEndpointUrl | the URL for the Endpoint used for the stack. |
UaString UaEndpoint::sPassword | ( | ) | const |
Get the password to load a protected private key.