Skip to content

Commit

Permalink
refactor(core): Make SecureChannel message processing less indirect
Browse files Browse the repository at this point in the history
  • Loading branch information
@jpfr
jpfr committed Nov 17, 2024
1 parent 3f641e5 commit 633e210
Show file tree
Hide file tree
Showing 7 changed files with 373 additions and 314 deletions.
4 changes: 1 addition & 3 deletions src/client/ua_client.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -506,11 +506,9 @@ processMSGResponse(UA_Client *client, UA_UInt32 requestId,
}

UA_StatusCode
processServiceResponse(void *application, UA_SecureChannel *channel,
processServiceResponse(UA_Client *client, UA_SecureChannel *channel,
UA_MessageType messageType, UA_UInt32 requestId,
UA_ByteString *message) {
UA_Client *client = (UA_Client*)application;

if(!UA_SecureChannel_isConnected(channel)) {
if(messageType == UA_MESSAGETYPE_MSG) {
UA_LOG_DEBUG_CHANNEL(client->config.logging, channel, "Discard MSG message "
Expand Down
22 changes: 19 additions & 3 deletions src/client/ua_client_connect.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1591,9 +1591,23 @@ __Client_networkCallback(UA_ConnectionManager *cm, uintptr_t connectionId,
}

/* Received a message. Process the message with the SecureChannel. */
UA_StatusCode res =
UA_SecureChannel_processBuffer(&client->channel, client,
processServiceResponse, &msg);
UA_StatusCode res = UA_SecureChannel_loadBuffer(&client->channel, msg);
while(UA_LIKELY(res == UA_STATUSCODE_GOOD)) {
UA_MessageType messageType;
UA_UInt32 requestId = 0;
UA_ByteString payload = UA_BYTESTRING_NULL;
UA_Boolean copied = false;
res = UA_SecureChannel_getCompleteMessage(&client->channel, &messageType, &requestId,
&payload, &copied);
if(res != UA_STATUSCODE_GOOD || payload.length == 0)
break;
res = processServiceResponse(client, &client->channel,
messageType, requestId, &payload);
if(copied)
UA_ByteString_clear(&payload);
}
res |= UA_SecureChannel_persistBuffer(&client->channel);

if(res != UA_STATUSCODE_GOOD) {
UA_LOG_ERROR(client->config.logging, UA_LOGCATEGORY_CLIENT,
"Processing the message returned the error code %s",
Expand Down Expand Up @@ -1656,6 +1670,7 @@ initConnect(UA_Client *client) {
client->channel.config = client->config.localConnectionConfig;
client->channel.certificateVerification = &client->config.certificateVerification;
client->channel.processOPNHeader = verifyClientSecureChannelHeader;
client->channel.processOPNHeaderApplication = client;

/* Initialize the SecurityPolicy */
client->connectStatus = initSecurityPolicy(client);
Expand Down Expand Up @@ -2062,6 +2077,7 @@ UA_Client_startListeningForReverseConnect(UA_Client *client,
client->channel.config = client->config.localConnectionConfig;
client->channel.certificateVerification = &client->config.certificateVerification;
client->channel.processOPNHeader = verifyClientSecureChannelHeader;
client->channel.processOPNHeaderApplication = client;
client->channel.connectionId = 0;

client->connectStatus = initSecurityPolicy(client);
Expand Down
2 changes: 1 addition & 1 deletion src/client/ua_client_internal.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,7 +194,7 @@ UA_StatusCode
__Client_renewSecureChannel(UA_Client *client);

UA_StatusCode
processServiceResponse(void *application, UA_SecureChannel *channel,
processServiceResponse(UA_Client *client, UA_SecureChannel *channel,
UA_MessageType messageType, UA_UInt32 requestId,
UA_ByteString *message);

Expand Down
50 changes: 41 additions & 9 deletions src/server/ua_server_binary.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -952,11 +952,9 @@ processMSG(UA_Server *server, UA_SecureChannel *channel,

/* Takes decoded messages starting at the nodeid of the content type. */
static UA_StatusCode
processSecureChannelMessage(void *application, UA_SecureChannel *channel,
processSecureChannelMessage(UA_Server *server, UA_SecureChannel *channel,
UA_MessageType messagetype, UA_UInt32 requestId,
UA_ByteString *message) {
UA_Server *server = (UA_Server*)application;

UA_StatusCode retval = UA_STATUSCODE_GOOD;
switch(messagetype) {
case UA_MESSAGETYPE_HEL:
Expand Down Expand Up @@ -1034,9 +1032,12 @@ purgeFirstChannelWithoutSession(UA_BinaryProtocolManager *bpm) {
static UA_StatusCode
configServerSecureChannel(void *application, UA_SecureChannel *channel,
const UA_AsymmetricAlgorithmSecurityHeader *asymHeader) {
if(channel->securityPolicy)
return UA_STATUSCODE_GOOD;

/* Iterate over available endpoints and choose the correct one */
UA_Server *server = (UA_Server *)application;
UA_SecurityPolicy *securityPolicy = NULL;
UA_Server *const server = (UA_Server *const) application;
for(size_t i = 0; i < server->config.securityPoliciesSize; ++i) {
UA_SecurityPolicy *policy = &server->config.securityPolicies[i];
if(!UA_ByteString_equal(&asymHeader->securityPolicyUri, &policy->policyUri))
Expand Down Expand Up @@ -1106,6 +1107,7 @@ createServerSecureChannel(UA_BinaryProtocolManager *bpm, UA_ConnectionManager *c
entry->channel.config = connConfig;
entry->channel.certificateVerification = &config->secureChannelPKI;
entry->channel.processOPNHeader = configServerSecureChannel;
entry->channel.processOPNHeaderApplication = server;
entry->channel.connectionManager = cm;
entry->channel.connectionId = connectionId;

Expand Down Expand Up @@ -1277,8 +1279,24 @@ serverNetworkCallback(UA_ConnectionManager *cm, uintptr_t connectionId,
UA_debug_dumpCompleteChunk(server, channel->connection, message);
#endif

retval = UA_SecureChannel_processBuffer(channel, bpm->server,
processSecureChannelMessage, &msg);
/* Process all complete messages */
retval = UA_SecureChannel_loadBuffer(channel, msg);
while(UA_LIKELY(retval == UA_STATUSCODE_GOOD)) {
UA_MessageType messageType;
UA_UInt32 requestId = 0;
UA_ByteString payload = UA_BYTESTRING_NULL;
UA_Boolean copied = false;
retval = UA_SecureChannel_getCompleteMessage(channel, &messageType, &requestId,
&payload, &copied);
if(retval != UA_STATUSCODE_GOOD || payload.length == 0)
break;
retval = processSecureChannelMessage(bpm->server, channel,
messageType, requestId, &payload);
if(copied)
UA_ByteString_clear(&payload);
}
retval |= UA_SecureChannel_persistBuffer(channel);

if(retval != UA_STATUSCODE_GOOD) {
UA_LOG_WARNING_CHANNEL(bpm->logging, channel,
"Processing the message failed with error %s",
Expand Down Expand Up @@ -1744,8 +1762,23 @@ serverReverseConnectCallback(UA_ConnectionManager *cm, uintptr_t connectionId,

/* The connection is fully opened and we have a SecureChannel.
* Process the received buffer */
retval = UA_SecureChannel_processBuffer(context->channel, bpm->server,
processSecureChannelMessage, &msg);
retval = UA_SecureChannel_loadBuffer(context->channel, msg);
while(UA_LIKELY(retval == UA_STATUSCODE_GOOD)) {
UA_MessageType messageType;
UA_UInt32 requestId = 0;
UA_ByteString payload = UA_BYTESTRING_NULL;
UA_Boolean copied = false;
retval = UA_SecureChannel_getCompleteMessage(context->channel, &messageType,
&requestId, &payload, &copied);
if(retval != UA_STATUSCODE_GOOD || payload.length == 0)
break;
retval = processSecureChannelMessage(bpm->server, context->channel,
messageType, requestId, &payload);
if(copied)
UA_ByteString_clear(&payload);
}
retval |= UA_SecureChannel_persistBuffer(context->channel);

if(retval != UA_STATUSCODE_GOOD) {
UA_LOG_WARNING_CHANNEL(bpm->logging, context->channel,
"Processing the message failed with error %s",
Expand All @@ -1758,7 +1791,6 @@ serverReverseConnectCallback(UA_ConnectionManager *cm, uintptr_t connectionId,
error.reason = UA_STRING_NULL;
UA_SecureChannel_sendError(context->channel, &error);
UA_SecureChannel_shutdown(context->channel, UA_SHUTDOWNREASON_ABORT);

setReverseConnectState(bpm->server, context, UA_SECURECHANNELSTATE_CLOSING);
return;
}
Expand Down
Loading

0 comments on commit 633e210

Please sign in to comment.