Commit 3e3d9e95 authored by Ivan Tyagov's avatar Ivan Tyagov

X509

See merge request nexedi/osie!13
parents e5722c00 39d24d4c
CC=$(C_COMPILER)
CFLAGS= -I $(OPEN62541_SOURCE_HOME)
LDFLAGS= -L $(OPEN62541_HOME)/lib
LDFLAGS= -L $(OPEN62541_HOME)/lib -lmbedcrypto -lmbedx509
OUT_DIR= $(BINARY_OUT_DIR)
server: server.c
......
/* This work is licensed under a Creative Commons CCZero 1.0 Universal License.
* See http://creativecommons.org/publicdomain/zero/1.0/for more information. */
#include "open62541.h"
/* loadFile parses the certificate file.
*
* @param path specifies the file name given in argv[]
* @return Returns the file content after parsing */
static UA_INLINE UA_ByteString
loadFile(const char *const path) {
UA_ByteString fileContents = UA_STRING_NULL;
/* Open the file */
FILE *fp = fopen(path, "rb");
if(!fp) {
errno = 0; /* We read errno also from the tcp layer... */
return fileContents;
}
/* Get the file length, allocate the data and read */
fseek(fp, 0, SEEK_END);
fileContents.length = (size_t)ftell(fp);
fileContents.data = (UA_Byte *)UA_malloc(fileContents.length * sizeof(UA_Byte));
if(fileContents.data) {
fseek(fp, 0, SEEK_SET);
size_t read = fread(fileContents.data, sizeof(UA_Byte), fileContents.length, fp);
if(read != fileContents.length)
UA_ByteString_clear(&fileContents);
} else {
fileContents.length = 0;
}
fclose(fp);
return fileContents;
}
......@@ -23,6 +23,8 @@
#include "open62541.h"
#include <argp.h>
#include <string.h>
#include "common.h"
// The default port of OPC-UA server
const int DEFAULT_OPC_UA_PORT = 4840;
......@@ -39,9 +41,11 @@ static struct argp_option options[] = {
{"slave-address-list", 's', "0x58", 0, "Comma separated list of slave I2C addresses."},
{"mode", 'm', "0", 0, "Set different modes of operation of coupler. Default (0) is set attached \
I2C's state state. Virtual (1) which does NOT set any I2C slaves' state."},
{ "username", 'u', "", 0, "Username."},
{ "password", 'w', "", 0, "Password."},
{ 0 }
{"username", 'u', "", 0, "Username."},
{"password", 'w', "", 0, "Password."},
{"key", 'k', "", 0, "x509 key."},
{"certificate", 'c', "", 0, "X509 certificate."},
{0}
};
struct arguments
......@@ -52,6 +56,8 @@ struct arguments
char *slave_address_list;
char *username;
char *password;
char *key;
char *certificate;
};
static error_t parse_opt(int key, char *arg, struct argp_state *state)
......@@ -76,6 +82,12 @@ static error_t parse_opt(int key, char *arg, struct argp_state *state)
case 'w':
arguments->password = arg;
break;
case 'c':
arguments->certificate = arg;
break;
case 'k':
arguments->key = arg;
break;
case ARGP_KEY_ARG:
return 0;
default:
......@@ -178,12 +190,6 @@ static int getDigitalInputState(int i2c_addr, char **digital_input)
*/
int file;
char filename[20];
if (I2C_VIRTUAL_MODE)
{
// we're in a virtual mode, likely on x86 platform or without I2C support
// simply do nothing
return 0;
}
// step 1: open device
file = open(I2C_BLOCK_DEVICE_NAME, O_RDWR);
......@@ -231,12 +237,6 @@ static int getAnalogInputStateAIN(int i2c_addr, int **analog_input, uint8_t read
*/
int file;
char filename[20];
if (I2C_VIRTUAL_MODE)
{
// we're in a virtual mode, likely on x86 platform or without I2C support
// simply do nothing
return 0;
}
// step 1: open device
file = open(I2C_BLOCK_DEVICE_NAME, O_RDWR);
......@@ -402,11 +402,13 @@ static void beforeReadTimeI2C0Ain0(UA_Server *server,
int addr = I2C_SLAVE_ADDR_LIST[0];
int *data_input = 0;
uint8_t read_addr =0x30;
if (!I2C_VIRTUAL_MODE) {
getAnalogInputStateAIN(addr, &data_input, read_addr);
if (data->value.type == &UA_TYPES[UA_TYPES_UINT32])
{
*(UA_UInt32 *)data->value.data = *data_input;
}
}
}
static void beforeReadTimeI2C0Ain1(UA_Server *server,
......@@ -417,11 +419,13 @@ static void beforeReadTimeI2C0Ain1(UA_Server *server,
int addr = I2C_SLAVE_ADDR_LIST[0];
int *data_input = 0;
uint8_t read_addr =0x31;
if (!I2C_VIRTUAL_MODE) {
getAnalogInputStateAIN(addr, &data_input, read_addr);
if (data->value.type == &UA_TYPES[UA_TYPES_UINT32])
{
*(UA_UInt32 *)data->value.data = *data_input;
}
}
}
static void beforeReadTimeI2C0Ain2(UA_Server *server,
......@@ -432,11 +436,13 @@ static void beforeReadTimeI2C0Ain2(UA_Server *server,
int addr = I2C_SLAVE_ADDR_LIST[0];
int *data_input = 0;
uint8_t read_addr =0x32;
if (!I2C_VIRTUAL_MODE) {
getAnalogInputStateAIN(addr, &data_input, read_addr);
if (data->value.type == &UA_TYPES[UA_TYPES_UINT32])
{
*(UA_UInt32 *)data->value.data = *data_input;
}
}
}
static void beforeReadTimeI2C0Ain3(UA_Server *server,
......@@ -447,11 +453,13 @@ static void beforeReadTimeI2C0Ain3(UA_Server *server,
int addr = I2C_SLAVE_ADDR_LIST[0];
int *data_input = 0;
uint8_t read_addr =0x33;
if (!I2C_VIRTUAL_MODE) {
getAnalogInputStateAIN(addr, &data_input, read_addr);
if (data->value.type == &UA_TYPES[UA_TYPES_UINT32])
{
*(UA_UInt32 *)data->value.data = *data_input;
}
}
}
static void beforeReadTimeI2C1Ain0(UA_Server *server,
const UA_NodeId *sessionId, void *sessionContext,
......@@ -461,11 +469,13 @@ static void beforeReadTimeI2C1Ain0(UA_Server *server,
int addr = I2C_SLAVE_ADDR_LIST[1];
int *data_input = 0;
uint8_t read_addr =0x30;
if (!I2C_VIRTUAL_MODE) {
getAnalogInputStateAIN(addr, &data_input, read_addr);
if (data->value.type == &UA_TYPES[UA_TYPES_UINT32])
{
*(UA_UInt32 *)data->value.data = *data_input;
}
}
}
static void beforeReadTimeI2C1Ain1(UA_Server *server,
......@@ -476,11 +486,13 @@ static void beforeReadTimeI2C1Ain1(UA_Server *server,
int addr = I2C_SLAVE_ADDR_LIST[1];
int *data_input = 0;
uint8_t read_addr =0x31;
if (!I2C_VIRTUAL_MODE) {
getAnalogInputStateAIN(addr, &data_input, read_addr);
if (data->value.type == &UA_TYPES[UA_TYPES_UINT32])
{
*(UA_UInt32 *)data->value.data = *data_input;
}
}
}
static void beforeReadTimeI2C1Ain2(UA_Server *server,
......@@ -491,11 +503,13 @@ static void beforeReadTimeI2C1Ain2(UA_Server *server,
int addr = I2C_SLAVE_ADDR_LIST[1];
int *data_input = 0;
uint8_t read_addr =0x32;
if (!I2C_VIRTUAL_MODE) {
getAnalogInputStateAIN(addr, &data_input, read_addr);
if (data->value.type == &UA_TYPES[UA_TYPES_UINT32])
{
*(UA_UInt32 *)data->value.data = *data_input;
}
}
}
static void beforeReadTimeI2C1Ain3(UA_Server *server,
......@@ -506,12 +520,15 @@ static void beforeReadTimeI2C1Ain3(UA_Server *server,
int addr = I2C_SLAVE_ADDR_LIST[1];
int *data_input = 0;
uint8_t read_addr =0x33;
if (!I2C_VIRTUAL_MODE) {
getAnalogInputStateAIN(addr, &data_input, read_addr);
if (data->value.type == &UA_TYPES[UA_TYPES_UINT32])
{
*(UA_UInt32 *)data->value.data = *data_input;
}
}
}
static void beforeReadTimeI2C0In0(UA_Server *server,
const UA_NodeId *sessionId, void *sessionContext,
const UA_NodeId *nodeid, void *nodeContext,
......@@ -519,6 +536,7 @@ static void beforeReadTimeI2C0In0(UA_Server *server,
{
int addr = I2C_SLAVE_ADDR_LIST[0];
char *data_input = 0;
if (!I2C_VIRTUAL_MODE) {
getDigitalInputState(addr, &data_input);
if ((*data_input) & (1UL << 0))
{
......@@ -534,6 +552,7 @@ static void beforeReadTimeI2C0In0(UA_Server *server,
*(UA_Boolean *)data->value.data = false;
}
}
}
}
static void beforeReadTimeI2C0In1(UA_Server *server,
......@@ -543,6 +562,7 @@ static void beforeReadTimeI2C0In1(UA_Server *server,
{
int addr = I2C_SLAVE_ADDR_LIST[0];
char *data_input = 0;
if (!I2C_VIRTUAL_MODE) {
getDigitalInputState(addr, &data_input);
if ((*data_input) & (1UL << 1))
{
......@@ -558,6 +578,7 @@ static void beforeReadTimeI2C0In1(UA_Server *server,
*(UA_Boolean *)data->value.data = false;
}
}
}
}
static void beforeReadTimeI2C0In2(UA_Server *server,
......@@ -567,6 +588,7 @@ static void beforeReadTimeI2C0In2(UA_Server *server,
{
int addr = I2C_SLAVE_ADDR_LIST[0];
char *data_input = 0;
if (!I2C_VIRTUAL_MODE) {
getDigitalInputState(addr, &data_input);
if ((*data_input) & (1UL << 2))
{
......@@ -582,6 +604,7 @@ static void beforeReadTimeI2C0In2(UA_Server *server,
*(UA_Boolean *)data->value.data = false;
}
}
}
}
static void beforeReadTimeI2C0In3(UA_Server *server,
......@@ -591,6 +614,7 @@ static void beforeReadTimeI2C0In3(UA_Server *server,
{
int addr = I2C_SLAVE_ADDR_LIST[0];
char *data_input = 0;
if (!I2C_VIRTUAL_MODE) {
getDigitalInputState(addr, &data_input);
if ((*data_input) & (1UL << 3))
{
......@@ -606,6 +630,7 @@ static void beforeReadTimeI2C0In3(UA_Server *server,
*(UA_Boolean *)data->value.data = false;
}
}
}
}
static void beforeReadTimeI2C1In0(UA_Server *server,
const UA_NodeId *sessionId, void *sessionContext,
......@@ -614,6 +639,7 @@ static void beforeReadTimeI2C1In0(UA_Server *server,
{
int addr = I2C_SLAVE_ADDR_LIST[1];
char *data_input = 0;
if (!I2C_VIRTUAL_MODE) {
getDigitalInputState(addr, &data_input);
if ((*data_input) & (1UL << 0))
{
......@@ -629,6 +655,7 @@ static void beforeReadTimeI2C1In0(UA_Server *server,
*(UA_Boolean *)data->value.data = false;
}
}
}
}
static void beforeReadTimeI2C1In1(UA_Server *server,
......@@ -638,6 +665,7 @@ static void beforeReadTimeI2C1In1(UA_Server *server,
{
int addr = I2C_SLAVE_ADDR_LIST[1];
char *data_input = 0;
if (!I2C_VIRTUAL_MODE) {
getDigitalInputState(addr, &data_input);
if ((*data_input) & (1UL << 1))
{
......@@ -653,6 +681,7 @@ static void beforeReadTimeI2C1In1(UA_Server *server,
*(UA_Boolean *)data->value.data = false;
}
}
}
}
static void beforeReadTimeI2C1In2(UA_Server *server,
......@@ -662,6 +691,7 @@ static void beforeReadTimeI2C1In2(UA_Server *server,
{
int addr = I2C_SLAVE_ADDR_LIST[1];
char *data_input = 0;
if (!I2C_VIRTUAL_MODE) {
getDigitalInputState(addr, &data_input);
if ((*data_input) & (1UL << 2))
{
......@@ -677,6 +707,7 @@ static void beforeReadTimeI2C1In2(UA_Server *server,
*(UA_Boolean *)data->value.data = false;
}
}
}
}
static void beforeReadTimeI2C1In3(UA_Server *server,
......@@ -686,6 +717,7 @@ static void beforeReadTimeI2C1In3(UA_Server *server,
{
int addr = I2C_SLAVE_ADDR_LIST[1];
char *data_input = 0;
if (!I2C_VIRTUAL_MODE) {
getDigitalInputState(addr, &data_input);
if ((*data_input) & (1UL << 3))
{
......@@ -701,6 +733,7 @@ static void beforeReadTimeI2C1In3(UA_Server *server,
*(UA_Boolean *)data->value.data = false;
}
}
}
}
static void afterWriteTime(UA_Server *server,
......@@ -1111,11 +1144,15 @@ int main(int argc, char **argv)
arguments.slave_address_list = DEFAULT_I2C_0_ADDR;
arguments.username = "";
arguments.password = "";
arguments.key = "";
arguments.certificate = "";
argp_parse(&argp, argc, argv, 0, 0, &arguments);
printf("Mode=%d\n", arguments.mode);
printf("Listening port=%d\n", arguments.port);
printf("Block device=%s\n", arguments.device);
printf("Slave address list=%s\n", arguments.slave_address_list);
printf("key=%s\n", arguments.key);
printf("certificate=%s\n", arguments.certificate);
// transfer to global variables (CLI input)
I2C_VIRTUAL_MODE = arguments.mode;
......@@ -1159,6 +1196,36 @@ int main(int argc, char **argv)
UA_StatusCode retval1 = UA_AccessControl_default(config, false, NULL,
&config->securityPolicies[config->securityPoliciesSize-1].policyUri, 1, logins);
}
/* Enable x509 */
if (strlen(arguments.key) > 0 && strlen(arguments.certificate) > 0){
char *key_filename = arguments.key;
char *certificate_filename = arguments.certificate;
/* Load certificate and private key */
UA_ByteString certificate = loadFile(certificate_filename);
UA_ByteString privateKey = loadFile(key_filename);
/* Load the trustlist - not used thus 0 */
size_t trustListSize = 0;
UA_STACKARRAY(UA_ByteString, trustList, trustListSize);
/* Loading of a issuer list, not used in this application */
size_t issuerListSize = 0;
UA_ByteString *issuerList = NULL;
/* Loading of a revocation list currently unsupported */
UA_ByteString *revocationList = NULL;
size_t revocationListSize = 0;
UA_StatusCode retval =
UA_ServerConfig_setDefaultWithSecurityPolicies(config, 4841, // XXX: why not use 4840 ?
&certificate, &privateKey,
trustList, trustListSize,
issuerList, issuerListSize,
revocationList, revocationListSize);
//The place to fill the hole is very important
config->applicationDescription.applicationUri = UA_STRING_ALLOC("urn:open62541.server.application");
}
// run server
UA_StatusCode retval = UA_Server_run(server, &running);
UA_Server_delete(server);
......
......@@ -22,6 +22,7 @@ recipe = slapos.recipe.build:gitclone
repository = https://github.com/open62541/open62541.git
branch = master
git-executable = ${git:location}/bin/git
revision = 931e0f0c0be04c311ef3c647d580b6eed01f40b3
[open62541]
recipe = slapos.recipe.cmmi
......@@ -37,6 +38,8 @@ configure-options =
-DUA_ENABLE_PUBSUB_MONITORING=ON
-DUA_NAMESPACE_ZERO=FULL
-DUA_ENABLE_AMALGAMATION=ON
-DUA_ENABLE_ENCRYPTION=MBEDTLS
-DUA_ENABLE_ENCRYPTION_MBEDTLS=ON
[osie-repository]
recipe = slapos.recipe.build:gitclone
......@@ -44,6 +47,7 @@ git-executable = ${git:location}/bin/git
# token must be removed if going public!!!
repository = https://gitlab+deploy-token-4:pLwtBu8TbusqZDKPUpZA@lab.nexedi.com/nexedi/osie.git
location = ${buildout:parts-directory}/osie
branch = x509
[compile-coupler]
recipe = slapos.recipe.cmmi
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment