This makes it easier for developers to keep all ua-nodesets XML
definitions in a common location.
Signed-off-by: Björn Esser <b.esser@pengutronix.de>
Co-authored-by: Björn Esser <b.esser@pengutronix.de>
* feat(pubsub): Add PubSub example to use keys stored in TPM
- Need to encrypt the AES and HMAC keys using the key stored
in TPM, before running the PubSub application
- The PubSub application decrypts the keys available in the
filesystem using the TPM key
Change-Id: I41c7906675333fa46673dabae1bb6d6d1c3fbecc
* feat(tools): Support to encrypt the key file using TPM key
- Add cert_encrypt_tpm.c to read the key file present in the
file system, encrypt it using the key stored in TPM and
store the encrypted data in different file
- Delete the original key after creating encrypted key
Change-Id: I9fc77ebf0c76a990c70f4d228950fba09fc39c51
* docs(pubsub): Add README for PubSub TPM keystore application
- README includes environment setup
- Steps to generate encryption and signing keys for PubSub
- Steps to use TPM keys to encrypt the keys in filesystem
- Build and run Pubsub application
- Change CMake build flag
Change-Id: I025662bd36ed9f27c7c23b8eda6e2f52cad82021
Co-authored-by: andreasebner <andreas.ebner@iosb.fraunhofer.de>
- Encrypt the private key using the key stored in TPM
and remove the unencrypted private key from the filesystem
- Used the encrypted key intermittently for software-based
encryption/decryption
Change-Id: I46fc24102365292d9af6b51c582e3a3f74b2af5e
Allow the user to disable -Werror to avoid the following build failures:
/tmp/instance-0/output-1/build/open62541-v1.2.2/arch/network_tcp.c: In function 'connection_recv':
/tmp/instance-0/output-1/build/open62541-v1.2.2/arch/network_tcp.c:96:5: error: conversion to 'unsigned int' from 'int' may change the sign of the result [-Werror=sign-conversion]
96 | UA_fd_set(connection->sockfd, &fdset);
| ^~~~~~~~~
/tmp/instance-6/output-1/build/open62541-v1.2.2/plugins/ua_pubsub_udp.c: In function 'UA_PubSubChannelUDPMC_receive':
/tmp/instance-6/output-1/build/open62541-v1.2.2/plugins/ua_pubsub_udp.c:477:21: error: conversion to '__suseconds_t' {aka 'int'} from 'UA_UInt32' {aka 'unsigned int'} may change the sign of the result [-Werror=sign-conversion]
477 | tmptv.tv_usec = (long int)(timeout % 1000000);
| ^
Fixes:
- http://autobuild.buildroot.org/results/911811de81d8abb2a31feb8f27af1592641c6fbc
- http://autobuild.buildroot.org/results/f0187b3f2d62e955fddeef4e90f84ba4fd642bd2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* test(pubsub): disable false-negative test
The "Test_many_components" is failing under specific circumstances,
disable it until it is fixed (correctly set the publisher-ids,
writergroup-ids, datasetwriter-ids).
* feat(pubsub): decryption
Adding the possibility to verify and decrypt pubsub networkmessages.
* test(pubsub): add decryption test
* feat(pubsub): subscriber encryption example
* test(pubsub): integration-test pubsub encrypted
Testing source-file testing_networklayers.c breaks
build when UA_DEBUG_DUMP_PKGS is enabled because
of missing dependencies (e.g. testing_lock) which are
only build for the testing-build.
The macros provide a way for cleaner error handling of
return codes (e.g. UA_StatusCode) and append additional
information to logging messages.
Adding file and line numbers to logging messages can be
activated and deactivted via CMake flag.
UA_DEBUG_FILE_LINE_INFO
* Add TLS support for MQTT
- OpenSSL only for now
- New connection options mqttUseTLS, mqttCertPath and mqttCaPath
* Add UA_ENABLE_MQTT_TLS option to CMakeLists.txt
* Add client certificate support for MQTT TLS
* Add fallback to DER for client certificate and key
* Use default path if neither mqttCertPath nor mqttCaPath are specified
* Rename mqttCertPath to mqttCaFilePath
* Extend MQTT PubSub example with TLS support
* Fix possible memory leak for mqtt client certificate and private key
* Fix UA_PubSubChannelDataMQTT initialization
* Handle SSL_WANT_READ on connect
- Static library usage of bpf removed
- XDP APIs modified with respect to new kernel of 5.4
- TODO: c99 support
Change-Id: I16cb2092fa9c0385c8f6f6692d6938b4c7d5d9ca
This will fix the following build failure:
CMake Error at CMakeLists.txt:2 (project):
The CMAKE_CXX_COMPILER:
/srv/storage/autobuild/run/instance-3/output-1/host/bin/arm-linux-g++
is not a full path to an existing compiler tool.
Tell CMake where to find the compiler by setting either the environment
variable "CXX" or the CMake cache entry CMAKE_CXX_COMPILER to the full path
to the compiler, or to the compiler name if it is in the PATH.
Fixes:
- http://autobuild.buildroot.org/results/86ca6a5a01ecfc7030c6be0da81924436b41d057
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Added an optional feature to provide a general PubSub monitoring/timeout
handling backend. Build option UA_ENABLE_PUBSUB_MONITORING
The monitoring backend uses the server callback implementation per default.
An application can provide it's own monitoring/timer backend by setting the
monitoring callbacks in the server configuration.
The MessageReceiveTimeout handling of DataSetReaders is provided as an
monitoring example.
The timeout check starts after the DataSetReader has received the first message.
If there is no new message within the configured MessageReceiveTimeout the
DataSetReader state changes to error. An application can get a notification
about this timeout by providing a pubSubStateChangeCallback, which can be
configured at the server configuration.
When the DataSetReader receives a new message again, the state changes back to
operational.
If UA_ENABLE_ENCRYPTION_MBEDTLS is set, SecurityPolicy None will still
just copy the certificate data. If the input is PEM, the trailing null
byte is not added and mbedTLS will fail to parse the data.
This breaks the application URI check on server start.
In case of UA_ENABLE_ENCRYPTION_OPENSSL, there is a similar problem
if the PEM data is just copied into the local certificate byte string.
- Extra argument of WG and RG nodeId in add custom callback
- Update the documentation
- Support to remove callback in TSN examples
Change-Id: I611db8e5fdddaf704eee9491627cea137ef927d8
The feature of internal worker threads is unusable at this time.
UA_Timer is an easier to understand replacement of the workqueue.
Delayed memory reclamation is still important. For example when we
remove a session in the context of that session.
Only check for (and potentially enable) IPO if the variable has
not been set yet. This allows to disable IPO on the commandline.
Reasoning: a consumer of the open62541 static library might decide
to not enable IPO. Currently open62541 is, via the requirement
that all objects files are IPO, forcing the consumer to also enable
IPO.
Currently, UA_ENABLE_ENCRYPTION_* must be activated to have the encryption plugins
included into the amalgamation files.
With this change, all encryption plugin files require guards to make sure they are
only built if the defines are set from outside at build time.
Extended/refactor the node value source structure to the new data source value backend concept, added the sceleton for a PubSub RT example with information model related nodes
- New transport settings added for XDP functionality
- Moved both XDP config and xdpsocket to plugins
- Default values for defines in plugin
Change-Id: Ibd7760c9abab45c6f37ae324fec6dabc853cf797
- New transport file created ua_pubsub_ethernet.c
- Modification are removed in ethernet and udp .c files
- New transport settings added for ETF functionality
Change-Id: Id11b1a06f67a8f96cd8713415f6b8472fae0b532
- Thread creation has been integrated with addRepeatedCallback
- Introduction of RT Fixed offsets
- Change from Datetime nodes to UInt64 nodes(for RT)
Change-Id: I361a1027dfe633e9b36d25bb74dad6d3a5774e01
- Run time triggered PubSub application using ETF at a publishing interval
of 250 microseconds with qbv offset of 25us
- Integrate time triggered functionality and publish
OPCUA PubSub packets at calculated transmission time
- Handle PubSub application for UDP and Ethernet over UADP
- Implement Publisher and Subscriber as threads and handle
in same core
- Integrate target variable implementation in Subscriber thread
- TODO: Write unit test cases to ensure no memory leaks are possible
Change-Id: I50982a32e126de82f4adb5e07b1ec626c0527f26
* Update src/server/ua_subscription_events.c
* Alarms and Conditions First Implementation
implemented facets:
1- A&C Base Condition Server Facet (only mandatory)
2- A&C Enable Server Facet (only mandatory)
3- A&C Alarm Server Facet (only mandatory)
4- A&C Acknowledgeable Alarm Server Facet (complete, with ConfirmedState and Confirm Method)
Notes:
1) Change in ua_subscriptions_monitoreditem.c is related to issue #2114. Without that fix, the server crashes when generating OverflowEvents.
2) The Events: RefreshStart and RefreshEnd are abstract according to the specification. So to make it possible to create instances of them the fix in function "create_event()" is added (change abstract attribute of the EventType to false).
@basysKom-jvoe, I will be glad if you help reviewing the code:)
* some fixes
Update src/server/ua_subscription_alarms_conditions.c
* correcting example name
adding function prototype
* some fixes
1) keep events and A&C disabled and NS0 reduced in main CMakeLists
2) enable A&C in test scripts (Travis and Veyor)
* Update ua_subscription_alarms_conditions.c
fix som error handling
* Update ua_subscription_alarms_conditions.c
* fixing issues from first review
1) calculate size of array
2) correct misspelling
3) correct some comments
* Update ua_subscription_alarms_conditions.c
to retrigger travis test.
14 - subscription_events test fails randomly!
* fix memory leak issues
the function UA_NodeId_copy was used multiple times, however, the memory allocated is not freed because only numeric NodeIds were used in testing. So using nun numeric NodeIds will cause memory leak.
Next commit/version should fix that issue.
* review fixes: comments 1 and 2
1) use new server logger function (PR rebase).
2) use values instead of pointers in A&C API functions for consistency
* Review: reduce indent
reducing indent by using "continue" inside if statements in loops
* Update tutorial_server_alarms_conditions.c
modify includes
* update to upstream master and fix some A&C Module issues
* fix CI test and some review issues
* fix some review issues
the previous commits fix issues mentioned in comments:
- https://github.com/open62541/open62541/pull/2083#discussion_r241070233
- https://github.com/open62541/open62541/pull/2083#discussion_r241072127
- https://github.com/open62541/open62541/pull/2083#discussion_r241076137
- https://github.com/open62541/open62541/pull/2083#discussion_r241076137
- https://github.com/open62541/open62541/pull/2083#discussion_r241079915
- https://github.com/open62541/open62541/pull/2083#discussion_r241082415
- https://github.com/open62541/open62541/pull/2083#discussion_r241083539
- https://github.com/open62541/open62541/pull/2083#discussion_r284586642
- https://github.com/open62541/open62541/pull/2083#discussion_r284587406
- https://github.com/open62541/open62541/pull/2083#discussion_r284589129
not resolved yet, need further discussion:
- https://github.com/open62541/open62541/pull/2083#discussion_r241072659
- https://github.com/open62541/open62541/pull/2083#discussion_r241075205
* some modification after rebase
* remove unused code + some fixes
* some fixes and modifications
changes:
- fix conflicting variable names
- pass FieldNames directly without help variable in
"UA_Server_setConditionField"
- remove unused code
- add some comments
- correct indentation
* fix issues mentioned in review
* enable setting ConditionId when creating Condition Instances
* fix issues based on review
- pass variant instead of void* and type when setting Condition Fields and their Properties.
- Change RefreshEvents IsAbstract attribute to "False" when creating the Condition instead of doing that when generating the event.
- comment issue #2114 fix out (it seems to work fine after recent commits).
- modify A&C example according to changes.
* use A&C public API to set condition fields and properties
* check for Null pointer before comparing NodeIds
Co-Authored-By: andr <aandranikk@gmail.com>
* correct Typo
Co-Authored-By: andr <aandranikk@gmail.com>
* rebase + fix issues from review
some issues need further discussion before fixing them. Please see:
https://github.com/open62541/open62541/pull/2083#discussion_r326857289https://github.com/open62541/open62541/pull/2083#discussion_r326857373
* fixup after rebase
The server config is simplified a bit. A single timeout is used for the
request. No changes to the public API otherwise.
Full integration tests for the async operations.
