Server API: TriggerEvent should also allow to restrict the session

Description

Code version identification

(Source code tag / commit used as reference for description)

Current behavior

SOPC_ServerHelper_TriggerEvent already provides parameter to trigger events for a particular subscription and monitored item. In some use cases it might be necessary to check that the session that requested this action is actually the session of the given subscription but there is no mean to verify this property with current API.

Expected behavior

SOPC_ServerHelper_TriggerEvent should provides an optional session id parameter to be able to restrict event triggering to a particular session. Using the current session given by the SOPC_CallContext in combination with the subscription id will then allow to restrict the triggering in a subscription to the session that owns it.

Security impact

No direct security impact. It might help improve security as it allows to restrict interaction between different sessions in the application code.

Implementation

Add current session in SOPC_CallContext which can then be used in Method calls. Add optional session restriction parameter in SOPC_ServerHelper_TriggerEvent and enforce it in the subscription service layer.