/// <summary>
/// Creates a binding for to use for discovering servers.
/// </summary>
/// <param name="discoveryUrl">The discovery URL.</param>
/// <param name="bindingFactory">The binding factory.</param>
/// <param name="configuration">The configuration.</param>
/// <returns></returns>
public static DiscoveryClient Create(Uri discoveryUrl, BindingFactory bindingFactory, EndpointConfiguration configuration)
{
if (discoveryUrl == null) throw new ArgumentNullException("discoveryUrl");
if (bindingFactory == null)
{
bindingFactory = BindingFactory.Default;
}
if (configuration == null)
{
configuration = EndpointConfiguration.Create();
}
ITransportChannel channel = DiscoveryChannel.Create(discoveryUrl, bindingFactory, configuration, new ServiceMessageContext());
return new DiscoveryClient(channel);
}
/// <summary>
/// Copys an existing factory.
/// </summary>
/// <param name="factory">The factory.</param>
public BindingFactory(BindingFactory factory)
{
m_bindings = new Dictionary<string, Type>();
AddDefaultBindings(m_bindings);
m_namespaceUris = ServiceMessageContext.GlobalContext.NamespaceUris;
m_factory = ServiceMessageContext.GlobalContext.Factory;
if (factory != null)
{
foreach (KeyValuePair<string,Type> entry in factory.m_bindings)
{
m_bindings[entry.Key] = entry.Value;
}
m_namespaceUris = factory.m_namespaceUris;
m_factory = factory.m_factory;
}
}
/// <summary>
/// Creates a binding for to use for discovering servers.
/// </summary>
/// <param name="configuration">The configuration.</param>
/// <param name="description">The description.</param>
/// <param name="endpointConfiguration">The endpoint configuration.</param>
/// <param name="bindingFactory">The binding factory.</param>
/// <param name="instanceCertificate">The instance certificate.</param>
/// <returns></returns>
public static RegistrationClient Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
BindingFactory bindingFactory,
X509Certificate2 instanceCertificate)
{
if (configuration == null) throw new ArgumentNullException("configuration");
if (description == null) throw new ArgumentNullException("description");
ITransportChannel channel = RegistrationChannel.Create(
configuration,
description,
endpointConfiguration,
instanceCertificate,
new ServiceMessageContext());
return new RegistrationClient(channel);
}
private static void securelyUpdateEndpointConfiguration(ConfiguredEndpoint ep, ApplicationConfiguration applicationConfiguration)
{
// ep.UpdateFromServer(...) looks for matching endpoints on the server.
// If there is no match with the same securityMode and securityPolicy, it will simply
// _replace_ ep by one of the server endpoints, possibly lowering the security settings. Therefore:
// save old settings - update from server - verify security settings -- and throw update from server away if security settings have changed.
// note that ConfiguredEndpoints need a collection to live in. Note also that some settings of the configured endpoint may be changed nonetheless behind the scenes.
ConfiguredEndpointCollection cepc = new ConfiguredEndpointCollection();
EndpointDescription epd = (EndpointDescription)ep.Description.Clone();
ConfiguredEndpoint cep = new ConfiguredEndpoint(cepc, epd);
Opc.Ua.BindingFactory bindingFactory = BindingFactory.Create(applicationConfiguration, applicationConfiguration.CreateMessageContext());
ep.UpdateFromServer(bindingFactory);
if (ep.Description.SecurityMode != epd.SecurityMode || ep.Description.SecurityPolicyUri != epd.SecurityPolicyUri)
{
ep.Update(cep);
throw ServiceResultException.Create(StatusCodes.BadConfigurationError, "No endpoint with matching security configuration could be found during updated on connect.");
}
}
/// <summary>
/// Creates a binding for to use for discovering servers.
/// </summary>
/// <param name="discoveryUrl">The discovery URL.</param>
/// <param name="bindingFactory">The binding factory.</param>
/// <param name="configuration">The configuration.</param>
/// <returns></returns>
public static DiscoveryClient Create(Uri discoveryUrl, BindingFactory bindingFactory, EndpointConfiguration configuration)
{
if (discoveryUrl == null)
{
throw new ArgumentNullException("discoveryUrl");
}
if (bindingFactory == null)
{
bindingFactory = BindingFactory.Default;
}
if (configuration == null)
{
configuration = EndpointConfiguration.Create();
}
ITransportChannel channel = DiscoveryChannel.Create(discoveryUrl, bindingFactory, configuration, new ServiceMessageContext());
return(new DiscoveryClient(channel));
}
/// <summary>
/// Creates a new transport channel that supports the IDiscoveryChannel service contract.
/// </summary>
/// <param name="discoveryUrl">The discovery URL.</param>
/// <param name="bindingFactory">The binding factory.</param>
/// <param name="endpointConfiguration">The endpoint configuration.</param>
/// <param name="messageContext">The message context.</param>
/// <returns></returns>
public static ITransportChannel Create(
Uri discoveryUrl,
BindingFactory bindingFactory,
EndpointConfiguration endpointConfiguration,
ServiceMessageContext messageContext)
{
// create a dummy description.
EndpointDescription endpoint = new EndpointDescription();
endpoint.EndpointUrl = discoveryUrl.ToString();
endpoint.SecurityMode = MessageSecurityMode.None;
endpoint.SecurityPolicyUri = SecurityPolicies.None;
endpoint.Server.ApplicationUri = endpoint.EndpointUrl;
endpoint.Server.ApplicationType = ApplicationType.DiscoveryServer;
ITransportChannel channel = CreateUaBinaryChannel(
null,
endpoint,
endpointConfiguration,
(System.Security.Cryptography.X509Certificates.X509Certificate2)null,
messageContext);
// create a WCF XML channel.
if (channel == null)
{
Binding binding = bindingFactory.Create(discoveryUrl.Scheme, endpointConfiguration);
DiscoveryChannel wcfXmlChannel = new DiscoveryChannel();
wcfXmlChannel.Initialize(
endpoint,
endpointConfiguration,
binding,
null);
channel = wcfXmlChannel;
}
return(channel);
}
/// <summary>
/// Creates a new transport channel that supports the ISessionChannel service contract.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
ServiceMessageContext messageContext)
{
// create a UA binary channel.
ITransportChannel channel = CreateUaBinaryChannel(
configuration,
description,
endpointConfiguration,
clientCertificate,
messageContext);
#if !SILVERLIGHT
// create a WCF XML channel.
if (channel == null)
{
Uri endpointUrl = new Uri(description.EndpointUrl);
BindingFactory bindingFactory = BindingFactory.Create(configuration, messageContext);
Binding binding = bindingFactory.Create(endpointUrl.Scheme, description, endpointConfiguration);
SessionChannel wcfXmlChannel = new SessionChannel();
wcfXmlChannel.Initialize(
configuration,
description,
endpointConfiguration,
binding,
clientCertificate,
null);
channel = wcfXmlChannel;
}
#endif
return(channel);
}
/// <summary>
/// Updates an endpoint with information from the server's discovery endpoint.
/// </summary>
/// <param name="endpoint">The server endpoint</param>
private void UpdateEndpoint(ConfiguredEndpoint endpoint)
{
try
{
Cursor = Cursors.WaitCursor;
// create the binding factory if it has not been created yet.
if (m_bindingFactory == null)
{
m_bindingFactory = BindingFactory.Create(m_configuration);
}
endpoint.UpdateFromServer(m_bindingFactory);
}
finally
{
Cursor = Cursors.Default;
}
}
/// <summary>
/// Creates a new transport channel that supports the IDiscoveryChannel service contract.
/// </summary>
/// <param name="discoveryUrl">The discovery URL.</param>
/// <param name="bindingFactory">The binding factory.</param>
/// <param name="endpointConfiguration">The endpoint configuration.</param>
/// <param name="messageContext">The message context.</param>
/// <returns></returns>
public static ITransportChannel Create(
Uri discoveryUrl,
BindingFactory bindingFactory,
EndpointConfiguration endpointConfiguration,
ServiceMessageContext messageContext)
{
// create a dummy description.
EndpointDescription endpoint = new EndpointDescription();
endpoint.EndpointUrl = discoveryUrl.ToString();
endpoint.SecurityMode = MessageSecurityMode.None;
endpoint.SecurityPolicyUri = SecurityPolicies.None;
endpoint.Server.ApplicationUri = endpoint.EndpointUrl;
endpoint.Server.ApplicationType = ApplicationType.DiscoveryServer;
ITransportChannel channel = CreateUaBinaryChannel(
null,
endpoint,
endpointConfiguration,
(System.Security.Cryptography.X509Certificates.X509Certificate2)null,
messageContext);
// create a WCF XML channel.
if (channel == null)
{
Binding binding = bindingFactory.Create(discoveryUrl.Scheme, endpointConfiguration);
DiscoveryChannel wcfXmlChannel = new DiscoveryChannel();
wcfXmlChannel.Initialize(
endpoint,
endpointConfiguration,
binding,
null);
channel = wcfXmlChannel;
}
return channel;
}
public void InitializeSinglePolicy(
Type contractType,
ApplicationConfiguration configuration,
BindingFactory bindingFactory,
EndpointConfiguration endpointConfiguration,
List <EndpointDescription> endpoints,
MessageSecurityMode securityMode,
string securityPolicyUri)
{
// allow any url to match.
System.ServiceModel.ServiceBehaviorAttribute behavoir = this.Description.Behaviors.Find <System.ServiceModel.ServiceBehaviorAttribute>();
behavoir.AddressFilterMode = System.ServiceModel.AddressFilterMode.Any;
// specify service credentials
ServiceCredentials credentials = new ServiceCredentials();
credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.Custom;
credentials.ClientCertificate.Authentication.TrustedStoreLocation = StoreLocation.LocalMachine;
credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
credentials.ClientCertificate.Authentication.CustomCertificateValidator = configuration.CertificateValidator.GetChannelValidator();
if (configuration.SecurityConfiguration.ApplicationCertificate != null)
{
X509Certificate2 certificate = configuration.SecurityConfiguration.ApplicationCertificate.Find(true);
if (certificate != null)
{
credentials.ServiceCertificate.Certificate = CertificateFactory.Load(certificate, true);
}
}
this.Description.Behaviors.Add(credentials);
// check if explicitly specified.
ServiceThrottlingBehavior throttle = this.Description.Behaviors.Find <ServiceThrottlingBehavior>();
if (throttle == null)
{
throttle = new ServiceThrottlingBehavior();
throttle.MaxConcurrentCalls = 1000;
throttle.MaxConcurrentInstances = 100;
throttle.MaxConcurrentSessions = 100;
this.Description.Behaviors.Add(throttle);
}
// add the endpoints for each base address.
foreach (Uri baseAddress in this.BaseAddresses)
{
ServiceEndpoint endpoint = null;
// find endpoint configuration.
EndpointDescription description = null;
foreach (EndpointDescription current in endpoints)
{
if (new Uri(current.EndpointUrl) == baseAddress)
{
description = current;
break;
}
}
// skip endpoints without a matching base address.
if (description == null)
{
continue;
}
// set the supported profiles.
description.TransportProfileUri = Profiles.WsHttpXmlOrBinaryTransport;
// create the SOAP XML binding
Binding binding = bindingFactory.Create(baseAddress.Scheme, description, endpointConfiguration);
// add the session endpoint.
endpoint = this.AddServiceEndpoint(contractType, binding, baseAddress, baseAddress);
// set the protection level
if (securityMode == MessageSecurityMode.Sign)
{
endpoint.Contract.ProtectionLevel = System.Net.Security.ProtectionLevel.Sign;
}
// update the max items in graph (set to an low value by default).
foreach (OperationDescription operation in endpoint.Contract.Operations)
{
operation.Behaviors.Find <DataContractSerializerOperationBehavior>().MaxItemsInObjectGraph = Int32.MaxValue;
}
}
}
public void InitializeSinglePolicy(
Type contractType,
ApplicationConfiguration configuration,
BindingFactory bindingFactory,
EndpointConfiguration endpointConfiguration,
List<EndpointDescription> endpoints,
MessageSecurityMode securityMode,
string securityPolicyUri)
{
// allow any url to match.
System.ServiceModel.ServiceBehaviorAttribute behavoir = this.Description.Behaviors.Find<System.ServiceModel.ServiceBehaviorAttribute>();
behavoir.AddressFilterMode = System.ServiceModel.AddressFilterMode.Any;
// specify service credentials
ServiceCredentials credentials = new ServiceCredentials();
credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.Custom;
credentials.ClientCertificate.Authentication.TrustedStoreLocation = StoreLocation.LocalMachine;
credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
credentials.ClientCertificate.Authentication.CustomCertificateValidator = configuration.CertificateValidator.GetChannelValidator();
if (configuration.SecurityConfiguration.ApplicationCertificate != null)
{
X509Certificate2 certificate = configuration.SecurityConfiguration.ApplicationCertificate.Find(true);
if (certificate != null)
{
credentials.ServiceCertificate.Certificate = CertificateFactory.Load(certificate, true);
}
}
this.Description.Behaviors.Add(credentials);
// check if explicitly specified.
ServiceThrottlingBehavior throttle = this.Description.Behaviors.Find<ServiceThrottlingBehavior>();
if (throttle == null)
{
throttle = new ServiceThrottlingBehavior();
throttle.MaxConcurrentCalls = 1000;
throttle.MaxConcurrentInstances = 100;
throttle.MaxConcurrentSessions = 100;
this.Description.Behaviors.Add(throttle);
}
// add the endpoints for each base address.
foreach (Uri baseAddress in this.BaseAddresses)
{
ServiceEndpoint endpoint = null;
// find endpoint configuration.
EndpointDescription description = null;
foreach (EndpointDescription current in endpoints)
{
if (new Uri(current.EndpointUrl) == baseAddress)
{
description = current;
break;
}
}
// skip endpoints without a matching base address.
if (description == null)
{
continue;
}
// set the supported profiles.
description.TransportProfileUri = Profiles.WsHttpXmlOrBinaryTransport;
// create the SOAP XML binding
Binding binding = bindingFactory.Create(baseAddress.Scheme, description, endpointConfiguration);
// add the session endpoint.
endpoint = this.AddServiceEndpoint(contractType, binding, baseAddress, baseAddress);
// set the protection level
if (securityMode == MessageSecurityMode.Sign)
{
endpoint.Contract.ProtectionLevel = System.Net.Security.ProtectionLevel.Sign;
}
// update the max items in graph (set to an low value by default).
foreach (OperationDescription operation in endpoint.Contract.Operations)
{
operation.Behaviors.Find<DataContractSerializerOperationBehavior>().MaxItemsInObjectGraph = Int32.MaxValue;
}
}
}
/// <summary>
/// Create a new service host for protocols that support only one policy per host.
/// </summary>
/// <param name="hosts">The hosts.</param>
/// <param name="configuration">The configuration.</param>
/// <param name="bindingFactory">The binding factory.</param>
/// <param name="baseAddresses">The base addresses.</param>
/// <param name="serverDescription">The server description.</param>
/// <param name="securityMode">The security mode.</param>
/// <param name="securityPolicyUri">The security policy URI.</param>
/// <param name="basePath">The base path to use when constructing the hosts.</param>
/// <returns>Returns list of descriptions for the EndpointDescription DataType, return type is list of <seealso cref="EndpointDescription"/>.</returns>
protected List<EndpointDescription> CreateSinglePolicyServiceHost(
IDictionary<string, ServiceHost> hosts,
ApplicationConfiguration configuration,
BindingFactory bindingFactory,
IList<string> baseAddresses,
ApplicationDescription serverDescription,
MessageSecurityMode securityMode,
string securityPolicyUri,
string basePath)
{
// generate a unique host name.
string hostName = basePath;
if (hosts.ContainsKey(hostName))
{
hostName += Utils.Format("/{0}", SecurityPolicies.GetDisplayName(securityPolicyUri));
}
if (hosts.ContainsKey(hostName))
{
hostName += Utils.Format("/{0}", securityMode);
}
if (hosts.ContainsKey(hostName))
{
hostName += Utils.Format("/{0}", hosts.Count);
}
// build list of uris.
List<Uri> uris = new List<Uri>();
List<EndpointDescription> endpoints = new List<EndpointDescription>();
string computerName = System.Net.Dns.GetHostName();
for (int ii = 0; ii < baseAddresses.Count; ii++)
{
// UA TCP and HTTPS endpoints have their own host.
if (baseAddresses[ii].StartsWith(Utils.UriSchemeOpcTcp, StringComparison.Ordinal) ||
baseAddresses[ii].StartsWith(Utils.UriSchemeHttps, StringComparison.Ordinal) ||
baseAddresses[ii].StartsWith(Utils.UriSchemeNoSecurityHttp, StringComparison.Ordinal))
{
continue;
}
UriBuilder uri = new UriBuilder(baseAddresses[ii]);
if (String.Compare(uri.Host, "localhost", StringComparison.OrdinalIgnoreCase) == 0)
{
uri.Host = computerName;
}
uri.Path += hostName;
uris.Add(uri.Uri);
// create the endpoint description.
EndpointDescription description = new EndpointDescription();
description.EndpointUrl = uri.ToString();
description.Server = serverDescription;
description.SecurityMode = securityMode;
description.SecurityPolicyUri = securityPolicyUri;
description.TransportProfileUri = Profiles.WsHttpXmlTransport;
description.UserIdentityTokens = GetUserTokenPolicies(configuration, description);
bool requireEncryption = RequireEncryption(description);
if (!requireEncryption)
{
foreach (UserTokenPolicy userTokenPolicy in description.UserIdentityTokens)
{
if (userTokenPolicy.SecurityPolicyUri != SecurityPolicies.None)
{
requireEncryption = true;
break;
}
}
}
if (requireEncryption)
{
if (InstanceCertificate == null)
{
throw new ServiceResultException( StatusCodes.BadConfigurationError,
"Server does not have an instance certificate assigned." );
}
description.ServerCertificate = InstanceCertificate.RawData;
//if (InstanceCertificateChain != null)
//{
// List<byte> certificateChainList = new List<byte>();
// for (int i = 0; i < InstanceCertificateChain.Count; i++)
// {
// certificateChainList.AddRange(InstanceCertificateChain[i].RawData);
// }
// description.ServerCertificate = certificateChainList.ToArray();
//}
}
endpoints.Add(description);
}
// check if nothing to do.
if (uris.Count == 0)
{
return endpoints;
}
// create the host.
ServiceHost serviceHost = CreateServiceHost(this, uris.ToArray());
// create the endpoint configuration to use.
EndpointConfiguration endpointConfiguration = EndpointConfiguration.Create(configuration);
// initialize the host.
serviceHost.InitializeSinglePolicy(
GetServiceContract(),
configuration,
bindingFactory,
endpointConfiguration,
endpoints,
securityMode,
securityPolicyUri);
if (String.IsNullOrEmpty(hostName))
{
serviceHost.InitializeDiscovery(configuration, serverDescription.DiscoveryUrls);
}
// save in server list.
hosts[hostName] = serviceHost;
return endpoints;
}
/// <summary>
/// Create a new service host for UA TCP.
/// </summary>
protected List<EndpointDescription> CreateUaTcpServiceHost(
IDictionary<string, ServiceHost> hosts,
ApplicationConfiguration configuration,
BindingFactory bindingFactory,
IList<string> baseAddresses,
ApplicationDescription serverDescription,
List<ServerSecurityPolicy> securityPolicies)
{
// generate a unique host name.
string hostName = String.Empty;
if (hosts.ContainsKey(hostName))
{
hostName = "/Tcp";
}
if (hosts.ContainsKey(hostName))
{
hostName += Utils.Format("/{0}", hosts.Count);
}
// check if the server if configured to use the ANSI C stack.
bool useAnsiCStack = configuration.UseNativeStack;
// build list of uris.
List<Uri> uris = new List<Uri>();
EndpointDescriptionCollection endpoints = new EndpointDescriptionCollection();
// create the endpoint configuration to use.
EndpointConfiguration endpointConfiguration = EndpointConfiguration.Create(configuration);
string computerName = System.Net.Dns.GetHostName();
for (int ii = 0; ii < baseAddresses.Count; ii++)
{
// UA TCP and HTTPS endpoints support multiple policies.
if (!baseAddresses[ii].StartsWith(Utils.UriSchemeOpcTcp, StringComparison.Ordinal))
{
continue;
}
UriBuilder uri = new UriBuilder(baseAddresses[ii]);
if (String.Compare(uri.Host, "localhost", StringComparison.OrdinalIgnoreCase) == 0)
{
uri.Host = computerName;
}
uris.Add(uri.Uri);
foreach (ServerSecurityPolicy policy in securityPolicies)
{
// create the endpoint description.
EndpointDescription description = new EndpointDescription();
description.EndpointUrl = uri.ToString();
description.Server = serverDescription;
description.SecurityMode = policy.SecurityMode;
description.SecurityPolicyUri = policy.SecurityPolicyUri;
description.SecurityLevel = policy.SecurityLevel;
description.UserIdentityTokens = GetUserTokenPolicies( configuration, description );
description.TransportProfileUri = Profiles.UaTcpTransport;
bool requireEncryption = RequireEncryption(description);
if (!requireEncryption)
{
foreach (UserTokenPolicy userTokenPolicy in description.UserIdentityTokens)
{
if (userTokenPolicy.SecurityPolicyUri != SecurityPolicies.None)
{
requireEncryption = true;
break;
}
}
}
if (requireEncryption)
{
description.ServerCertificate = InstanceCertificate.RawData;
//if (InstanceCertificateChain != null)
//{
// List<byte> certificateChainList = new List<byte>();
// for (int i = 0; i < InstanceCertificateChain.Count; i++)
// {
// certificateChainList.AddRange(InstanceCertificateChain[i].RawData);
// }
// description.ServerCertificate = certificateChainList.ToArray();
//}
}
endpoints.Add( description );
}
// create the UA-TCP stack listener.
try
{
TransportListenerSettings settings = new TransportListenerSettings();
settings.Descriptions = endpoints;
settings.Configuration = endpointConfiguration;
settings.ServerCertificate = this.InstanceCertificate;
//settings.ServerCertificateChain = this.InstanceCertificateChain;
settings.CertificateValidator = configuration.CertificateValidator.GetChannelValidator();
settings.NamespaceUris = this.MessageContext.NamespaceUris;
settings.Factory = this.MessageContext.Factory;
ITransportListener listener = null;
Type type = null;
if (useAnsiCStack)
{
type = Type.GetType("Opc.Ua.NativeStack.NativeStackListener,Opc.Ua.NativeStackWrapper");
}
if (useAnsiCStack && type != null)
{
listener = (ITransportListener)Activator.CreateInstance(type);
}
else
{
listener = new Opc.Ua.Bindings.UaTcpChannelListener();
}
listener.Open(
uri.Uri,
settings,
GetEndpointInstance(this));
TransportListeners.Add(listener);
}
catch (Exception e)
{
Utils.Trace(e, "Could not load UA-TCP Stack Listener.");
throw;
}
}
return endpoints;
}
/// <summary>
/// Creates the endpoints and creates the hosts.
/// </summary>
/// <param name="configuration">The object that stores the configurable configuration information for a UA application.</param>
/// <param name="bindingFactory">The object of a class that manages a mapping between a URL scheme and a binding.</param>
/// <param name="serverDescription">The object of the class that contains a description for the ApplicationDescription DataType.</param>
/// <param name="endpoints">The collection of <see cref="EndpointDescription"/> objects.</param>
/// <returns>Returns list of hosts for a UA service.</returns>
protected virtual IList<ServiceHost> InitializeServiceHosts(
ApplicationConfiguration configuration,
BindingFactory bindingFactory,
out ApplicationDescription serverDescription,
out EndpointDescriptionCollection endpoints)
{
serverDescription = null;
endpoints = null;
return new List<ServiceHost>();
}
/// <summary>
/// Create a new service host for UA HTTPS.
/// </summary>
protected List<EndpointDescription> CreateHttpsServiceHost(
IDictionary<string, ServiceHost> hosts,
ApplicationConfiguration configuration,
BindingFactory bindingFactory,
IList<string> baseAddresses,
ApplicationDescription serverDescription,
List<ServerSecurityPolicy> securityPolicies)
{
// generate a unique host name.
string hostName = String.Empty;
if (hosts.ContainsKey(hostName))
{
hostName = "/Https";
}
if (hosts.ContainsKey(hostName))
{
hostName += Utils.Format("/{0}", hosts.Count);
}
// build list of uris.
List<Uri> uris = new List<Uri>();
EndpointDescriptionCollection endpoints = new EndpointDescriptionCollection();
// create the endpoint configuration to use.
EndpointConfiguration endpointConfiguration = EndpointConfiguration.Create(configuration);
string computerName = System.Net.Dns.GetHostName();
for (int ii = 0; ii < baseAddresses.Count; ii++)
{
if (!baseAddresses[ii].StartsWith(Utils.UriSchemeHttps, StringComparison.Ordinal) &&
!baseAddresses[ii].StartsWith(Utils.UriSchemeNoSecurityHttp, StringComparison.Ordinal))
{
continue;
}
UriBuilder uri = new UriBuilder(baseAddresses[ii]);
if (uri.Scheme == Utils.UriSchemeNoSecurityHttp)
{
uri.Scheme = Utils.UriSchemeHttp;
}
if (uri.Path[uri.Path.Length-1] != '/')
{
uri.Path += "/";
}
if (String.Compare(uri.Host, "localhost", StringComparison.OrdinalIgnoreCase) == 0)
{
uri.Host = computerName;
}
uris.Add(uri.Uri);
if (uri.Scheme == Utils.UriSchemeHttps)
{
// can only support one policy with HTTPS so pick the best one.
ServerSecurityPolicy bestPolicy = null;
foreach (ServerSecurityPolicy policy in securityPolicies)
{
if (bestPolicy == null)
{
bestPolicy = policy;
continue;
}
if (bestPolicy.SecurityLevel > policy.SecurityLevel)
{
bestPolicy = policy;
continue;
}
}
EndpointDescription description = new EndpointDescription();
description.EndpointUrl = uri.ToString();
description.Server = serverDescription;
description.ServerCertificate = InstanceCertificate.RawData;
//if (InstanceCertificateChain != null)
//{
// List<byte> certificateChainList = new List<byte>();
// for (int i = 0; i < InstanceCertificateChain.Count; i++)
// {
// certificateChainList.AddRange(InstanceCertificateChain[i].RawData);
// }
// description.ServerCertificate = certificateChainList.ToArray();
//}
description.SecurityMode = bestPolicy.SecurityMode;
description.SecurityPolicyUri = bestPolicy.SecurityPolicyUri;
description.SecurityLevel = bestPolicy.SecurityLevel;
description.UserIdentityTokens = GetUserTokenPolicies(configuration, description);
description.TransportProfileUri = Profiles.HttpsBinaryTransport;
endpoints.Add(description);
// create the endpoint description.
description = new EndpointDescription();
description.EndpointUrl = uri.ToString();
description.Server = serverDescription;
description.ServerCertificate = InstanceCertificate.RawData;
//if (InstanceCertificateChain != null)
//{
// List<byte> certificateChainList = new List<byte>();
// for (int i = 0; i < InstanceCertificateChain.Count; i++)
// {
// certificateChainList.AddRange(InstanceCertificateChain[i].RawData);
// }
// description.ServerCertificate = certificateChainList.ToArray();
//}
description.SecurityMode = MessageSecurityMode.None;
description.SecurityPolicyUri = SecurityPolicies.None;
description.SecurityLevel = 0;
description.UserIdentityTokens = GetUserTokenPolicies(configuration, description);
description.TransportProfileUri = Profiles.HttpsXmlTransport;
endpoints.Add(description);
}
// create the stack listener.
try
{
TransportListenerSettings settings = new TransportListenerSettings();
settings.Descriptions = endpoints;
settings.Configuration = endpointConfiguration;
settings.ServerCertificate = this.InstanceCertificate;
//settings.ServerCertificateChain = this.InstanceCertificateChain;
settings.CertificateValidator = configuration.CertificateValidator.GetChannelValidator();
settings.NamespaceUris = this.MessageContext.NamespaceUris;
settings.Factory = this.MessageContext.Factory;
ITransportListener listener = new Opc.Ua.Bindings.UaHttpsChannelListener();
listener.Open(
uri.Uri,
settings,
GetEndpointInstance(this));
TransportListeners.Add(listener);
}
catch (Exception e)
{
Utils.Trace(e, "Could not load HTTPS Stack Listener.");
throw;
}
}
return endpoints;
}
public static DiscoveryChannel Create(
Uri discoveryUrl,
EndpointConfiguration configuration,
BindingFactory bindingFactory,
string configurationName)
{
return Create(discoveryUrl, configuration, bindingFactory.Create(discoveryUrl.Scheme, configuration), configurationName);
}
/// <summary>
/// Creates a binding table from the bindings specified in the application configuration.
/// </summary>
public static BindingFactory Create(ApplicationConfiguration configuration, ServiceMessageContext context)
{
if (configuration == null || configuration.TransportConfigurations == null || configuration.TransportConfigurations.Count == 0)
{
return new BindingFactory(context.NamespaceUris, context.Factory);
}
BindingFactory table = new BindingFactory(context.NamespaceUris, context.Factory);
foreach (TransportConfiguration entry in configuration.TransportConfigurations)
{
if (entry.TypeName == Utils.UaTcpBindingDefault)
{
continue;
}
Type type = Type.GetType(entry.TypeName);
if (type == null)
{
throw ServiceResultException.Create(StatusCodes.BadConfigurationError, "Could not find binding type '{0}'.", entry.TypeName);
}
table.Add(entry.UriScheme, type);
}
return table;
}
public static SessionChannel Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
BindingFactory bindingFactory,
X509Certificate2 clientCertificate,
string configurationName)
{
if (description == null) throw new ArgumentNullException("description");
if (configuration == null) throw new ArgumentNullException("configuration");
if (bindingFactory == null) throw new ArgumentNullException("bindingFactory");
Uri uri = new Uri(description.EndpointUrl);
Binding binding = bindingFactory.Create(uri.Scheme, description, endpointConfiguration);
return Create(configuration, description, endpointConfiguration, binding, clientCertificate, configurationName);
}
