/** * @file server_lds.c * @brief Local Discovery Server implementation. * * This program runs an OPC UA Local Discovery Server (LDS) with a configurable * cleanup timeout. Encryption is optional: when certificate, privateKey, and * trustStore are provided, the server offers all security policies; otherwise * it runs with SecurityPolicy#None only. Other OPC UA servers register * with this LDS using the RegisterServer2 service. Clients can query this LDS * using the FindServers service to discover registered servers. */ #include "common.h" #include "config.h" #include #include #include #include #include volatile UA_Boolean running = true; static void stopHandler (int sig) { running = false; } int main (int argc, char *argv[]) { signal (SIGINT, stopHandler); signal (SIGTERM, stopHandler); if (argc < 2 || argc > 3) { UA_LOG_FATAL (UA_Log_Stdout, UA_LOGCATEGORY_USERLAND, "Usage: %s [log-level]", argv[0]); return EXIT_FAILURE; } const char *logLevelStr = (argc == 3) ? argv[2] : "info"; int logLevel = parseLogLevel (logLevelStr); if (logLevel < 0) { UA_LOG_FATAL (UA_Log_Stdout, UA_LOGCATEGORY_USERLAND, "Unknown log level: %s " "(expected trace, debug, info, warning, error, fatal)", logLevelStr); return EXIT_FAILURE; } Config cfg; if (configLoad (argv[1], &cfg) != 0) return EXIT_FAILURE; int port = configRequireInt (&cfg, "port", "ServerLDS"); const char *applicationUri = configRequire (&cfg, "applicationUri", "ServerLDS"); int cleanupTimeout = configRequireInt (&cfg, "cleanupTimeout", "ServerLDS"); if (!applicationUri || port < 0 || cleanupTimeout < 0) { configFree (&cfg); return EXIT_FAILURE; } /* The OPC UA specification requires the cleanup timeout to exceed the register-server interval. open62541 enforces a floor of 10 seconds. */ if (cleanupTimeout <= 10) { UA_LOG_FATAL (UA_Log_Stdout, UA_LOGCATEGORY_USERLAND, "Cleanup timeout must be > 10 seconds (got %d)", cleanupTimeout); configFree (&cfg); return EXIT_FAILURE; } SecurityConfig sec; if (parseSecurityConfig (&cfg, "ServerLDS", false, &sec) != 0) { configFree (&cfg); return EXIT_FAILURE; } AuthConfig auth; if (parseAuthConfig (&cfg, "ServerLDS", &auth) != 0) { freeTrustStore (sec.trustPaths, sec.trustSize); configFree (&cfg); return EXIT_FAILURE; } UA_StatusCode retval; UA_Server *server = createServer ((UA_UInt16)port, applicationUri, sec.certPath ? &sec : NULL, true, &retval); if (!server) { freeTrustStore (sec.trustPaths, sec.trustSize); configFree (&cfg); return EXIT_FAILURE; } UA_ServerConfig *serverConfig = UA_Server_getConfig (server); serverConfig->logging->context = (void *)(uintptr_t)logLevel; /* Some OPC UA stacks omit the timestamp in the request header. The default behaviour rejects these requests with BadInvalidTimestamp. Downgrade to a warning so third-party servers can still register. */ serverConfig->verifyRequestTimestamp = UA_RULEHANDLING_WARN; /* Configure access control. UA_ServerConfig_setDefaultWithSecure- SecurityPolicies sets certificate-only auth by default, so we must always call UA_AccessControl_default to get the desired policy. */ switch (auth.mode) { case AUTH_ANONYMOUS: retval = UA_AccessControl_default (serverConfig, true, NULL, 0, NULL); break; case AUTH_USER: { UA_UsernamePasswordLogin logins[1]; logins[0].username = UA_STRING ((char *)auth.user.username); logins[0].password = UA_STRING ((char *)auth.user.password); retval = UA_AccessControl_default (serverConfig, false, NULL, 1, logins); break; } case AUTH_CERT: retval = UA_AccessControl_default (serverConfig, false, NULL, 0, NULL); break; } if (retval != UA_STATUSCODE_GOOD) { UA_Server_delete (server); freeTrustStore (sec.trustPaths, sec.trustSize); configFree (&cfg); return EXIT_FAILURE; } /* Mark this server as a Discovery Server so clients can identify it. */ serverConfig->applicationDescription.applicationType = UA_APPLICATIONTYPE_DISCOVERYSERVER; /* Time (seconds) after which stale registrations are removed. Must exceed the registering server's re-register interval. */ serverConfig->discoveryCleanupTimeout = cleanupTimeout; retval = UA_Server_run (server, &running); UA_Server_delete (server); freeTrustStore (sec.trustPaths, sec.trustSize); configFree (&cfg); return retval == UA_STATUSCODE_GOOD ? EXIT_SUCCESS : EXIT_FAILURE; }