blob: 7691baf541e73ca2b37b4afd1cddf415cd332f74 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
#!/bin/bash
# launch.sh — Generate certificates and launch N RegisterServers + 1 LDS.
#
# Usage: tools/launch.sh [N] [extra_cert1.der ...]
# N Number of RegisterServer instances to launch (default: 1).
# extra certs Additional certificates to add to the LDS and every
# RegisterServer trustlist (e.g. external client certs).
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
PROJECT_DIR="$(cd "$SCRIPT_DIR/.." && pwd)"
BUILD_DIR="$PROJECT_DIR/build"
CERTS_DIR="$PROJECT_DIR/certs"
GEN_CERT="$SCRIPT_DIR/generate_certificate.sh"
N="${1:-1}"
if ! [[ "$N" =~ ^[1-9][0-9]*$ ]]; then
echo "Usage: $0 [N] [extra_cert1.der ...]" >&2
echo " N = number of RegisterServers (default 1)" >&2
exit 1
fi
shift || true
EXTRA_TRUST=("$@")
LDS_PORT=4840
BASE_REGISTER_PORT=4841
# ------------------------------------------------------------------
# Certificate generation (only creates missing ones)
# ------------------------------------------------------------------
generate_if_missing() {
local name="$1"
local uri="${2:-}"
if [ ! -f "$CERTS_DIR/${name}_cert.der" ] ||
[ ! -f "$CERTS_DIR/${name}_key.der" ]; then
"$GEN_CERT" "$CERTS_DIR" "$name" ${uri:+"$uri"}
fi
}
generate_if_missing "ServerLDS"
generate_if_missing "ClientFindServers"
for i in $(seq 1 "$N"); do
generate_if_missing "ServerRegister${i}"
# The client cert must carry the server's ApplicationUri so the LDS
# can verify the certificate against the ApplicationDescription.
generate_if_missing "ServerRegisterClient${i}" "urn:bobink.ServerRegister${i}"
done
# ------------------------------------------------------------------
# Cleanup on exit
# ------------------------------------------------------------------
pids=()
cleanup() {
echo ""
echo "Stopping all servers..."
for pid in "${pids[@]}"; do
kill "$pid" 2>/dev/null || true
done
wait 2>/dev/null
echo "All servers stopped."
}
trap cleanup EXIT INT TERM
# ------------------------------------------------------------------
# Launch LDS
# ------------------------------------------------------------------
# LDS trustlist: every RegisterServer client cert + the FindServers client cert.
lds_trustlist=()
for i in $(seq 1 "$N"); do
lds_trustlist+=("$CERTS_DIR/ServerRegisterClient${i}_cert.der")
done
lds_trustlist+=("$CERTS_DIR/ClientFindServers_cert.der")
lds_trustlist+=(${EXTRA_TRUST[@]+"${EXTRA_TRUST[@]}"})
echo "Starting LDS on port $LDS_PORT..."
"$BUILD_DIR/ServerLDS" \
"$LDS_PORT" \
"urn:bobink.ServerLDS" \
"$CERTS_DIR/ServerLDS_cert.der" \
"$CERTS_DIR/ServerLDS_key.der" \
60 \
"${lds_trustlist[@]}" &
pids+=($!)
sleep 1
# ------------------------------------------------------------------
# Launch RegisterServers
# ------------------------------------------------------------------
for i in $(seq 1 "$N"); do
port=$((BASE_REGISTER_PORT + i - 1))
echo "Starting ServerRegister${i} on port $port..."
"$BUILD_DIR/ServerRegister" \
"$port" \
"urn:bobink.ServerRegister${i}" \
"$CERTS_DIR/ServerRegister${i}_cert.der" \
"$CERTS_DIR/ServerRegister${i}_key.der" \
"$CERTS_DIR/ServerRegisterClient${i}_cert.der" \
"$CERTS_DIR/ServerRegisterClient${i}_key.der" \
"opc.tcp://localhost:$LDS_PORT" \
10 \
SignAndEncrypt Aes128_Sha256_RsaOaep \
"$CERTS_DIR/ServerLDS_cert.der" \
"$CERTS_DIR/ClientFindServers_cert.der" \
${EXTRA_TRUST[@]+"${EXTRA_TRUST[@]}"} &
pids+=($!)
sleep 0.5
done
# ------------------------------------------------------------------
# Summary
# ------------------------------------------------------------------
echo ""
echo "=== All servers running ==="
echo " LDS: port $LDS_PORT"
for i in $(seq 1 "$N"); do
port=$((BASE_REGISTER_PORT + i - 1))
echo " ServerRegister${i}: port $port"
done
# Build the client command hint with the correct trustlist.
client_trust="certs/ServerLDS_cert.der"
for i in $(seq 1 "$N"); do
client_trust="$client_trust certs/ServerRegister${i}_cert.der"
done
echo ""
echo "Run the client with:"
echo " build/ClientFindServers \"opc.tcp://localhost:$LDS_PORT\" \\"
echo " \"urn:bobink.ClientFindServers\" \\"
echo " certs/ClientFindServers_cert.der certs/ClientFindServers_key.der \\"
echo " SignAndEncrypt Aes128_Sha256_RsaOaep \\"
echo " $client_trust"
echo ""
echo "Press Ctrl+C to stop all servers."
wait
|
