node-opcua-server-configuration 2.170.1 → 2.173.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/server/file_transaction_manager.js +4 -4
- package/dist/server/file_transaction_manager.js.map +1 -1
- package/dist/server/install_certificate_file_watcher.d.ts +4 -4
- package/dist/server/install_certificate_file_watcher.js.map +1 -1
- package/dist/server/install_push_certificate_management.d.ts +4 -2
- package/dist/server/install_push_certificate_management.js +29 -21
- package/dist/server/install_push_certificate_management.js.map +1 -1
- package/package.json +26 -25
- package/source/server/file_transaction_manager.ts +4 -4
- package/source/server/install_certificate_file_watcher.ts +9 -5
- package/source/server/install_push_certificate_management.ts +36 -24
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* @module node-opcua-server-configuration-server
|
|
3
3
|
*/
|
|
4
|
-
import crypto from "node:crypto";
|
|
5
4
|
import fs from "node:fs";
|
|
6
5
|
import os from "node:os";
|
|
7
6
|
import path from "node:path";
|
|
8
7
|
import { make_debugLog, make_errorLog, make_warningLog } from "node-opcua-debug";
|
|
8
|
+
import { randomBytes } from "node-opcua-utils";
|
|
9
9
|
const debugLog = make_debugLog("ServerConfiguration");
|
|
10
10
|
const errorLog = make_errorLog("ServerConfiguration");
|
|
11
11
|
const warningLog = make_warningLog("ServerConfiguration");
|
|
@@ -72,7 +72,7 @@ export class FileTransactionManager {
|
|
|
72
72
|
async stageFile(destinationPath, content, encoding) {
|
|
73
73
|
// ensure tmpdir exists
|
|
74
74
|
const tmpDir = await this.getTmpDir();
|
|
75
|
-
const uniqueFileName = `${
|
|
75
|
+
const uniqueFileName = `${randomBytes(16).toString("hex")}.tmp`;
|
|
76
76
|
const tempFilePath = path.join(tmpDir, uniqueFileName);
|
|
77
77
|
if (encoding) {
|
|
78
78
|
await fs.promises.writeFile(tempFilePath, content, encoding);
|
|
@@ -98,7 +98,7 @@ export class FileTransactionManager {
|
|
|
98
98
|
}
|
|
99
99
|
// Create a backup before deleting so rollback can restore it
|
|
100
100
|
const tmpDir = await this.getTmpDir();
|
|
101
|
-
const uniqueFileName = `${
|
|
101
|
+
const uniqueFileName = `${randomBytes(16).toString("hex")}_backup.tmp`;
|
|
102
102
|
const backupPath = path.join(tmpDir, uniqueFileName);
|
|
103
103
|
this.#backupFiles.set(filePath, backupPath);
|
|
104
104
|
await _copyFile(filePath, backupPath);
|
|
@@ -130,7 +130,7 @@ export class FileTransactionManager {
|
|
|
130
130
|
*/
|
|
131
131
|
async #moveFileWithBackupTracked(source, dest) {
|
|
132
132
|
const tmpDir = await this.getTmpDir();
|
|
133
|
-
const uniqueFileName = `${
|
|
133
|
+
const uniqueFileName = `${randomBytes(16).toString("hex")}_backup.tmp`;
|
|
134
134
|
const backupPath = path.join(tmpDir, uniqueFileName);
|
|
135
135
|
// Track the backup before creating it
|
|
136
136
|
this.#backupFiles.set(dest, backupPath);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file_transaction_manager.js","sourceRoot":"","sources":["../../source/server/file_transaction_manager.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,
|
|
1
|
+
{"version":3,"file":"file_transaction_manager.js","sourceRoot":"","sources":["../../source/server/file_transaction_manager.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACjF,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,MAAM,QAAQ,GAAG,aAAa,CAAC,qBAAqB,CAAC,CAAC;AACtD,MAAM,QAAQ,GAAG,aAAa,CAAC,qBAAqB,CAAC,CAAC;AACtD,MAAM,UAAU,GAAG,eAAe,CAAC,qBAAqB,CAAC,CAAC;AAI1D,KAAK,UAAU,SAAS,CAAC,MAAc,EAAE,IAAY;IACjD,IAAI,CAAC;QACD,QAAQ,CAAC,yBAAyB,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,WAAW,GAAG,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAC1C,IAAI,WAAW,EAAE,CAAC;YACd,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC7C,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,QAAQ,CAAC,GAAG,CAAC,CAAC;IAClB,CAAC;AACL,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,IAAY;IACnC,IAAI,CAAC;QACD,MAAM,MAAM,GAAG,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QACnC,IAAI,MAAM,EAAE,CAAC;YACT,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;YACjC,MAAM,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACnC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,QAAQ,CAAC,GAAG,CAAC,CAAC;IAClB,CAAC;AACL,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,MAAc,EAAE,IAAY;IACjD,QAAQ,CAAC,6BAA6B,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,CAAC;IACvE,IAAI,CAAC;QACD,MAAM,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC9B,MAAM,WAAW,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,QAAQ,CAAC,GAAG,CAAC,CAAC;IAClB,CAAC;AACL,CAAC;AAED,KAAK,UAAU,mBAAmB,CAAC,MAAc,EAAE,IAAY,EAAE,UAAkB;IAC/E,0CAA0C;IAC1C,QAAQ,CAAC,oCAAoC,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,CAAC,CAAC;IAC9E,MAAM,SAAS,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IAClC,MAAM,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AAClC,CAAC;AAED,MAAM,OAAO,sBAAsB;IACtB,eAAe,GAAc,EAAE,CAAC;IAChC,aAAa,GAAc,EAAE,CAAC;IAC9B,YAAY,GAAwB,IAAI,GAAG,EAAE,CAAC;IACvD,OAAO,CAAU;IAEjB;;OAEG;IACI,KAAK,CAAC,SAAS;QAClB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAChB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,gBAAgB,CAAC,CAAC;YAC1D,IAAI,CAAC,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACvD,CAAC;QACD,OAAO,IAAI,CAAC,OAAO,CAAC;IACxB,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,SAAS,CAAC,eAAuB,EAAE,OAAwB,EAAE,QAAyB;QAC/F,uBAAuB;QACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QAEtC,MAAM,cAAc,GAAG,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC;QAChE,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAEvD,IAAI,QAAQ,EAAE,CAAC;YACX,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,YAAY,EAAE,OAAiB,EAAE,QAAQ,CAAC,CAAC;QAC3E,CAAC;aAAM,CAAC;YACJ,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,0BAA0B,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC,CAAC;IACzF,CAAC;IAED;;;;;;;;OAQG;IACI,gBAAgB,CAAC,QAAgB;QACpC,IAAI,CAAC,SAAS,CAAC,KAAK,IAAI,EAAE;YACtB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3B,OAAO;YACX,CAAC;YACD,6DAA6D;YAC7D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;YACtC,MAAM,cAAc,GAAG,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC;YACvE,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YAE5C,MAAM,SAAS,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YACtC,MAAM,WAAW,CAAC,QAAQ,CAAC,CAAC;QAChC,CAAC,CAAC,CAAC;IACP,CAAC;IAEM,SAAS,CAAC,OAAgB;QAC7B,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACvC,CAAC;IAEM,cAAc,CAAC,OAAgB;QAClC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;IAED,IAAW,iBAAiB;QACxB,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC;IACvC,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,gBAAgB;QACzB,IAAI,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC;QAChC,MAAM,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAClC,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAC;IACpC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,0BAA0B,CAAC,MAAc,EAAE,IAAY;QACzD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QACtC,MAAM,cAAc,GAAG,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC;QACvE,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAErD,sCAAsC;QACtC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAExC,sCAAsC;QACtC,MAAM,mBAAmB,CAAC,MAAM,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;IACxD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY;QACrB,QAAQ,CAAC,oBAAoB,CAAC,CAAC;QAC/B,MAAM,aAAa,GAAG,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAErD,IAAI,CAAC;YACD,OAAO,aAAa,CAAC,MAAM,EAAE,CAAC;gBAC1B,MAAM,EAAE,GAAG,aAAa,CAAC,KAAK,EAAE,CAAC;gBACjC,MAAM,EAAE,EAAE,EAAE,CAAC;YACjB,CAAC;YACD,QAAQ,CAAC,kBAAkB,CAAC,CAAC;YAE7B,iDAAiD;YACjD,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACjC,MAAM,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAClC,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACpC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,QAAQ,CAAC,4BAA4B,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;YAC/D,QAAQ,CAAC,gEAAgE,CAAC,CAAC;YAE3E,iEAAiE;YACjE,IAAI,CAAC;gBACD,MAAM,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAClC,QAAQ,CAAC,iCAAiC,CAAC,CAAC;YAChD,CAAC;YAAC,OAAO,WAAW,EAAE,CAAC;gBACnB,QAAQ,CAAC,4BAA4B,EAAG,WAAqB,CAAC,OAAO,CAAC,CAAC;gBACvE,QAAQ,CAAC,sEAAsE,CAAC,CAAC;YACrF,CAAC;YAED,uCAAuC;YACvC,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;YAC1B,MAAM,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAClC,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAEhC,MAAM,GAAG,CAAC;QACd,CAAC;IACL,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,oBAAoB;QACtB,QAAQ,CAAC,qCAAqC,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;QAExF,MAAM,gBAAgB,GAAoB,EAAE,CAAC;QAE7C,KAAK,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,EAAE,CAAC;YAC3D,gBAAgB,CAAC,IAAI,CACjB,CAAC,KAAK,IAAI,EAAE;gBACR,IAAI,CAAC;oBACD,kDAAkD;oBAClD,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;wBAC5B,QAAQ,CAAC,mBAAmB,EAAE,UAAU,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;wBACtD,MAAM,SAAS,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;wBAClC,8CAA8C;wBAC9C,MAAM,WAAW,CAAC,UAAU,CAAC,CAAC;oBAClC,CAAC;gBACL,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACX,QAAQ,CAAC,6BAA6B,EAAE,UAAU,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;gBACjG,CAAC;YACL,CAAC,CAAC,EAAE,CACP,CAAC;QACN,CAAC;QAED,MAAM,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QACpC,QAAQ,CAAC,gCAAgC,CAAC,CAAC;IAC/C,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,mBAAmB;QACrB,QAAQ,CAAC,aAAa,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;QAEhE,MAAM,eAAe,GAAoB,EAAE,CAAC;QAE5C,KAAK,MAAM,UAAU,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,EAAE,CAAC;YAClD,eAAe,CAAC,IAAI,CAChB,WAAW,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBAClC,UAAU,CAAC,8BAA8B,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACrE,CAAC,CAAC,CACL,CAAC;QACN,CAAC;QAED,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACnC,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,kBAAkB;QACpB,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACf,IAAI,CAAC;gBACD,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;YACzE,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACX,UAAU,CAAC,+CAA+C,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACxF,CAAC;oBAAS,CAAC;gBACP,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC;YAC7B,CAAC;QACL,CAAC;IACL,CAAC;IAED,KAAK,CAAC,oBAAoB;QACtB,QAAQ,CAAC,yBAAyB,CAAC,CAAC;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAC3C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,IAAI,CAAC;gBACD,MAAM,IAAI,EAAE,CAAC;YACjB,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACX,QAAQ,CAAC,4BAA4B,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;YACnE,CAAC;QACL,CAAC;IACL,CAAC;CACJ"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import type { UAObject } from "node-opcua-address-space-base";
|
|
2
|
-
export interface
|
|
3
|
-
|
|
1
|
+
import type { ITypedEventEmitter, UAObject, UAObjectEvents } from "node-opcua-address-space-base";
|
|
2
|
+
export interface CertificateChangeEvents extends UAObjectEvents {
|
|
3
|
+
certificateChange: () => void;
|
|
4
4
|
}
|
|
5
|
-
export declare function installCertificateFileWatcher(node: UAObject
|
|
5
|
+
export declare function installCertificateFileWatcher(node: UAObject<CertificateChangeEvents>, certificateFile: string): ITypedEventEmitter<CertificateChangeEvents>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"install_certificate_file_watcher.js","sourceRoot":"","sources":["../../source/server/install_certificate_file_watcher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,MAAM,QAAQ,GAAG,aAAa,CAAC,qBAAqB,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"install_certificate_file_watcher.js","sourceRoot":"","sources":["../../source/server/install_certificate_file_watcher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,MAAM,QAAQ,GAAG,aAAa,CAAC,qBAAqB,CAAC,CAAC;AAMtD,MAAM,UAAU,6BAA6B,CACzC,IAAuC,EACvC,eAAuB;IAEvB,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,EAAE,CAAC,KAAK,CACtB,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,EAC7B,EAAE,UAAU,EAAE,KAAK,EAAE,EACrB,CAAC,UAA+B,EAAE,QAAQ,EAAE,EAAE;QAC1C,MAAM;QACN,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;YAC3B,QAAQ,CAAC,qBAAqB,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;YACvD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACnC,CAAC;IACL,CAAC,CACJ,CAAC;IACF,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;IACvC,YAAY,EAAE,oBAAoB,CAAC,GAAG,EAAE;QACpC,SAAS,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC,CAAC,CAAC;IACH,OAAO,IAAI,CAAC;AAChB,CAAC"}
|
|
@@ -1,16 +1,18 @@
|
|
|
1
1
|
import type { AddressSpace } from "node-opcua-address-space";
|
|
2
|
-
import
|
|
2
|
+
import { OPCUACertificateManager } from "node-opcua-certificate-manager";
|
|
3
3
|
import { type ICertificateKeyPairProvider } from "node-opcua-common";
|
|
4
4
|
import { type OPCUAServer } from "node-opcua-server";
|
|
5
5
|
import { type ApplicationDescriptionOptions } from "node-opcua-types";
|
|
6
6
|
export interface OPCUAServerPartial extends ICertificateKeyPairProvider {
|
|
7
7
|
serverInfo?: ApplicationDescriptionOptions;
|
|
8
8
|
serverCertificateManager: OPCUACertificateManager;
|
|
9
|
-
privateKeyFile: string;
|
|
10
9
|
certificateFile: string;
|
|
10
|
+
privateKeyFile: string;
|
|
11
11
|
engine: {
|
|
12
12
|
addressSpace?: AddressSpace;
|
|
13
13
|
};
|
|
14
14
|
createDefaultCertificate(): Promise<void>;
|
|
15
|
+
setProvider(provider: ICertificateKeyPairProvider): void;
|
|
16
|
+
invalidateCachedCertificates(): void;
|
|
15
17
|
}
|
|
16
18
|
export declare function installPushCertificateManagementOnServer(server: OPCUAServer): Promise<void>;
|
|
@@ -4,7 +4,8 @@
|
|
|
4
4
|
import path from "node:path";
|
|
5
5
|
import chalk from "chalk";
|
|
6
6
|
import { assert } from "node-opcua-assert";
|
|
7
|
-
import {
|
|
7
|
+
import { OPCUACertificateManager } from "node-opcua-certificate-manager";
|
|
8
|
+
import { DiskCertificateKeyPairProvider } from "node-opcua-common";
|
|
8
9
|
import { split_der, exploreCertificateInfo } from "node-opcua-crypto/web";
|
|
9
10
|
import { checkDebugFlag, make_debugLog, make_errorLog, make_warningLog } from "node-opcua-debug";
|
|
10
11
|
import { invalidateServerCertificateCache } from "node-opcua-server";
|
|
@@ -53,29 +54,25 @@ async function onApplyChangesCompleted(server) {
|
|
|
53
54
|
debugLog(chalk.yellow("channels have been closed -> client should reconnect "));
|
|
54
55
|
}
|
|
55
56
|
/**
|
|
56
|
-
* Redirect the server's
|
|
57
|
-
*
|
|
58
|
-
*
|
|
57
|
+
* Redirect the server's certificate provider to the cert manager's
|
|
58
|
+
* paths, create a default certificate if none exists, and invalidate
|
|
59
|
+
* cached secrets.
|
|
59
60
|
*/
|
|
60
61
|
async function install() {
|
|
61
62
|
doDebug && debugLog("install push certificate management", this.serverCertificateManager.rootDir);
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
get: () => path.join(this.serverCertificateManager.rootDir, CERT_PEM_RELATIVE_PATH),
|
|
69
|
-
configurable: true,
|
|
70
|
-
enumerable: true
|
|
71
|
-
});
|
|
63
|
+
const certFile = path.join(this.serverCertificateManager.rootDir, CERT_PEM_RELATIVE_PATH);
|
|
64
|
+
const keyFile = this.serverCertificateManager.privateKey;
|
|
65
|
+
// Inject a new disk provider pointing at the cert manager's
|
|
66
|
+
// paths. The server's certificateFile/privateKeyFile getters
|
|
67
|
+
// now automatically return the new paths.
|
|
68
|
+
this.setProvider(new DiskCertificateKeyPairProvider(certFile, keyFile));
|
|
72
69
|
// Delegate to the base server's createDefaultCertificate() which
|
|
73
70
|
// handles DNS (fqdn + hostname + configured), IPs (auto + configured),
|
|
74
71
|
// proper subject via makeSubject(), mutex locking, and file checks.
|
|
75
72
|
await this.createDefaultCertificate();
|
|
76
73
|
// Invalidate any previously cached secrets so that
|
|
77
74
|
// getCertificateChain() / getPrivateKey() will re-read from disk.
|
|
78
|
-
|
|
75
|
+
this.invalidateCachedCertificates();
|
|
79
76
|
}
|
|
80
77
|
export async function installPushCertificateManagementOnServer(server) {
|
|
81
78
|
if (!server.engine || !server.engine.addressSpace) {
|
|
@@ -83,13 +80,24 @@ export async function installPushCertificateManagementOnServer(server) {
|
|
|
83
80
|
"You need to call installPushCertificateManagementOnServer after server has been initialized");
|
|
84
81
|
}
|
|
85
82
|
await install.call(server);
|
|
86
|
-
// After install()
|
|
87
|
-
// the
|
|
88
|
-
//
|
|
89
|
-
//
|
|
90
|
-
|
|
83
|
+
// After install() injected a new DiskCertificateKeyPairProvider,
|
|
84
|
+
// set the same provider on each endpoint so they all read from
|
|
85
|
+
// the cert manager's paths.
|
|
86
|
+
// Push certificate management is inherently disk-based.
|
|
87
|
+
// Assert that the store is a disk-based OPCUACertificateManager.
|
|
88
|
+
if (!(server.serverCertificateManager instanceof OPCUACertificateManager)) {
|
|
89
|
+
throw new Error("installPushCertificateManagementOnServer requires a" +
|
|
90
|
+
" disk-based OPCUACertificateManager as" +
|
|
91
|
+
" serverCertificateManager");
|
|
92
|
+
}
|
|
93
|
+
const cm = server.serverCertificateManager;
|
|
94
|
+
const certFile = path.join(cm.rootDir, CERT_PEM_RELATIVE_PATH);
|
|
95
|
+
const keyFile = cm.privateKey;
|
|
96
|
+
for (const endpoint of server.endpoints) {
|
|
97
|
+
endpoint.setCertificateProvider(new DiskCertificateKeyPairProvider(certFile, keyFile));
|
|
98
|
+
}
|
|
91
99
|
await installPushCertificateManagement(server.engine.addressSpace, {
|
|
92
|
-
applicationGroup:
|
|
100
|
+
applicationGroup: cm,
|
|
93
101
|
userTokenGroup: server.userCertificateManager,
|
|
94
102
|
applicationUri: server.serverInfo.applicationUri || "InvalidURI"
|
|
95
103
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"install_push_certificate_management.js","sourceRoot":"","sources":["../../source/server/install_push_certificate_management.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"install_push_certificate_management.js","sourceRoot":"","sources":["../../source/server/install_push_certificate_management.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AACzE,OAAO,EAAE,8BAA8B,EAAoC,MAAM,mBAAmB,CAAC;AACrG,OAAO,EAAoB,SAAS,EAAE,sBAAsB,EAAE,MAAM,uBAAuB,CAAC;AAC5F,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACjG,OAAO,EAAE,gCAAgC,EAA8C,MAAM,mBAAmB,CAAC;AACjH,OAAO,EAAmB,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAsC,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAEnF,OAAO,EAAE,gCAAgC,EAAE,MAAM,uCAAuC,CAAC;AAGzF,MAAM,QAAQ,GAAG,aAAa,CAAC,qBAAqB,CAAC,CAAC;AACtD,MAAM,OAAO,GAAG,cAAc,CAAC,qBAAqB,CAAC,CAAC;AACtD,MAAM,QAAQ,GAAG,aAAa,CAAC,qBAAqB,CAAC,CAAC;AACtD,MAAM,UAAU,GAAG,eAAe,CAAC,qBAAqB,CAAC,CAAC;AAE1D,wEAAwE;AACxE,MAAM,sBAAsB,GAAG,2BAA2B,CAAC;AAa3D,KAAK,UAAU,0BAA0B,CAAC,MAAmB;IACzD,OAAO,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,sDAAsD,CAAC,CAAC,CAAC;IAC1F,MAAM,MAAM,CAAC,gBAAgB,EAAE,CAAC;IAChC,OAAO,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,qDAAqD,CAAC,CAAC,CAAC;AAC7F,CAAC;AAED;;;;;;;;;;GAUG;AACH,KAAK,UAAU,mBAAmB,CAAC,MAAmB;IAClD,OAAO,IAAI,QAAQ,CAAC,uBAAuB,CAAC,CAAC;IAC7C,gCAAgC,CAAC,MAAM,CAAC,CAAC;AAC7C,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,uBAAuB,CAAC,MAAmB;IACtD,OAAO,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,oDAAoD,CAAC,CAAC,CAAC;IACxF,MAAM,MAAM,CAAC,gBAAgB,EAAE,CAAC;IAChC,OAAO,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,gDAAgD,CAAC,CAAC,CAAC;IAEpF,OAAO,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,iDAAiD,CAAC,CAAC,CAAC;IACrF,MAAM,MAAM,CAAC,eAAe,EAAE,CAAC;IAC/B,OAAO,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,gDAAgD,CAAC,CAAC,CAAC;IAEpF,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,uDAAuD,CAAC,CAAC,CAAC;AACpF,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,OAAO;IAClB,OAAO,IAAI,QAAQ,CAAC,qCAAqC,EAAE,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;IAElG,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;IAC1F,MAAM,OAAO,GAAG,IAAI,CAAC,wBAAwB,CAAC,UAAU,CAAC;IAEzD,4DAA4D;IAC5D,6DAA6D;IAC7D,0CAA0C;IAC1C,IAAI,CAAC,WAAW,CAAC,IAAI,8BAA8B,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IAExE,iEAAiE;IACjE,uEAAuE;IACvE,oEAAoE;IACpE,MAAM,IAAI,CAAC,wBAAwB,EAAE,CAAC;IAEtC,mDAAmD;IACnD,kEAAkE;IAClE,IAAI,CAAC,4BAA4B,EAAE,CAAC;AACxC,CAAC;AAMD,MAAM,CAAC,KAAK,UAAU,wCAAwC,CAAC,MAAmB;IAC9E,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CACX,0CAA0C;YAC1C,6FAA6F,CAChG,CAAC;IACN,CAAC;IACD,MAAM,OAAO,CAAC,IAAI,CAAC,MAAuC,CAAC,CAAC;IAE5D,iEAAiE;IACjE,+DAA+D;IAC/D,4BAA4B;IAC5B,wDAAwD;IACxD,iEAAiE;IACjE,IAAI,CAAC,CAAC,MAAM,CAAC,wBAAwB,YAAY,uBAAuB,CAAC,EAAE,CAAC;QACxE,MAAM,IAAI,KAAK,CACX,qDAAqD;YACrD,wCAAwC;YACxC,2BAA2B,CAC9B,CAAC;IACN,CAAC;IACD,MAAM,EAAE,GAAG,MAAM,CAAC,wBAAwB,CAAC;IAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;IAC/D,MAAM,OAAO,GAAG,EAAE,CAAC,UAAU,CAAC;IAC9B,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACtC,QAAQ,CAAC,sBAAsB,CAAC,IAAI,8BAA8B,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IAC3F,CAAC;IAED,MAAM,gCAAgC,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE;QAC/D,gBAAgB,EAAE,EAAE;QACpB,cAAc,EAAE,MAAM,CAAC,sBAAsB;QAE7C,cAAc,EAAE,MAAM,CAAC,UAAU,CAAC,cAAc,IAAI,YAAY;KACnE,CAAC,CAAC;IAEH,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC,qBAAqB,CAAC,CAAC;IACvH,MAAM,uBAAuB,GAAG,mBAA8C,CAAC;IAC/E,MAAM,CAAC,uBAAuB,CAAC,uBAAuB,CAAC,CAAC;IAExD,uBAAuB,CAAC,uBAAuB,CAAC,EAAE,CAAC,0BAA0B,EAAE,CAAC,WAAwB,EAAE,EAAE;QACxG,WAAW,CAAC,IAAI,CAAC,KAAK,IAAmB,EAAE;YACvC,OAAO,IAAI,QAAQ,CAAC,yCAAyC,CAAC,CAAC;YAC/D,MAAM,0BAA0B,CAAC,MAAM,CAAC,CAAC;YACzC,OAAO,IAAI,QAAQ,CAAC,0CAA0C,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IACH,uBAAuB,CAAC,uBAAuB,CAAC,EAAE,CAAC,oBAAoB,EAAE,CAAC,WAAwB,EAAE,EAAE;QAClG,WAAW,CAAC,IAAI,CAAC,KAAK,IAAmB,EAAE;YACvC,OAAO,IAAI,QAAQ,CAAC,mCAAmC,CAAC,CAAC;YACzD,MAAM,mBAAmB,CAAC,MAAM,CAAC,CAAC;YAClC,OAAO,IAAI,QAAQ,CAAC,oCAAoC,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,uBAAuB,CAAC,uBAAuB,CAAC,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;QAC7E,wDAAwD;QACxD,gDAAgD;QAChD,YAAY,CAAC,KAAK,IAAI,EAAE;YACpB,IAAI,CAAC;gBACD,MAAM,uBAAuB,CAAC,MAAM,CAAC,CAAC;YAC1C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACX,QAAQ,CAAC,gCAAgC,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;YACvE,CAAC;QACL,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,8DAA8D;IAC9D,EAAE;IACF,4DAA4D;IAC5D,4DAA4D;IAC5D,+DAA+D;IAC/D,EAAE;IACF,+DAA+D;IAC/D,sDAAsD;IACtD,gCAAgC,CAAC,MAAM,CAAC,CAAC;AAC7C,CAAC;AAED,iEAAiE;AAEjE;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,SAAS,2BAA2B,CAAC,UAAsB;IACvD,OAAO,CACH,WAAW,CAAC,uBAAuB,CAAC,MAAM,CAAC,UAAU,CAAC;QACtD,WAAW,CAAC,+BAA+B,CAAC,MAAM,CAAC,UAAU,CAAC;QAC9D,WAAW,CAAC,qCAAqC,CAAC,MAAM,CAAC,UAAU,CAAC;QACpE,WAAW,CAAC,6BAA6B,CAAC,MAAM,CAAC,UAAU,CAAC,CAC/D,CAAC;AACN,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,KAAK,UAAU,yBAAyB,CACpC,MAAmB,EACnB,WAAwB;IAExB,IAAI,KAAoB,CAAC;IACzB,IAAI,CAAC;QACD,KAAK,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IACnC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,UAAU,CACN,kEAAkE,EACjE,GAAa,CAAC,OAAO,CACzB,CAAC;QACF,OAAO;IACX,CAAC;IAED,MAAM,EAAE,GAAG,MAAM,CAAC,wBAA8D,CAAC;IAEjF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,gDAAgD;QAChD,iEAAiE;QACjE,yCAAyC;QACzC,IAAI,CAAC;YACD,sBAAsB,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,UAAU,CACN,yEAAyE,EACxE,GAAa,CAAC,OAAO,CACzB,CAAC;YACF,SAAS;QACb,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACV,sCAAsC;YACtC,IAAI,CAAC;gBACD,MAAM,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;YACpC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACX,uDAAuD;gBACvD,2CAA2C;gBAC3C,IAAK,GAAiC,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACvD,UAAU,CACN,0DAA0D,EACzD,GAAa,CAAC,OAAO,CACzB,CAAC;gBACN,CAAC;YACL,CAAC;QACL,CAAC;aAAM,CAAC;YACJ,0DAA0D;YAC1D,2CAA2C;YAC3C,IAAI,CAAC;gBACD,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAC7B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACX,UAAU,CACN,qDAAqD,EACpD,GAAa,CAAC,OAAO,CACzB,CAAC;YACN,CAAC;QACL,CAAC;IACL,CAAC;AACL,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAS,gCAAgC,CAAC,MAAmB;IACzD,MAAM,uBAAuB,GAAG,KAAK,EACjC,UAAsB,EACtB,WAAwB,EACL,EAAE;QACrB,sCAAsC;QACtC,IAAI,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,KAAK,WAAW,CAAC,eAAe,EAAE,CAAC;YACjE,OAAO,UAAU,CAAC;QACtB,CAAC;QAED,8DAA8D;QAC9D,IAAI,CAAC,2BAA2B,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3C,OAAO,UAAU,CAAC;QACtB,CAAC;QAED,OAAO,IAAI,UAAU,CACjB,+CAA+C,EAC/C,GAAG,UAAU,CAAC,QAAQ,EAAE,SAAS,EACjC,uCAAuC,CAC1C,CAAC;QAEF,6DAA6D;QAC7D,MAAM,yBAAyB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QAErD,OAAO,WAAW,CAAC,IAAI,CAAC;IAC5B,CAAC,CAAC;IAEF,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrC,QAAgC,CAAC,yBAAyB,GAAG,uBAAuB,CAAC;IAC1F,CAAC;AACL,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "node-opcua-server-configuration",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.173.0",
|
|
4
4
|
"description": "pure nodejs OPCUA SDK - module server-configuration",
|
|
5
5
|
"scripts": {
|
|
6
6
|
"build": "tsc -b",
|
|
@@ -14,35 +14,36 @@
|
|
|
14
14
|
"type": "module",
|
|
15
15
|
"dependencies": {
|
|
16
16
|
"chalk": "4.1.2",
|
|
17
|
-
"memfs": "^4.57.
|
|
18
|
-
"node-opcua-address-space": "2.
|
|
19
|
-
"node-opcua-address-space-base": "2.
|
|
17
|
+
"memfs": "^4.57.2",
|
|
18
|
+
"node-opcua-address-space": "2.173.0",
|
|
19
|
+
"node-opcua-address-space-base": "2.173.0",
|
|
20
20
|
"node-opcua-assert": "2.164.0",
|
|
21
|
-
"node-opcua-basic-types": "2.
|
|
22
|
-
"node-opcua-binary-stream": "2.
|
|
23
|
-
"node-opcua-certificate-manager": "2.
|
|
24
|
-
"node-opcua-common": "2.
|
|
21
|
+
"node-opcua-basic-types": "2.173.0",
|
|
22
|
+
"node-opcua-binary-stream": "2.173.0",
|
|
23
|
+
"node-opcua-certificate-manager": "2.173.0",
|
|
24
|
+
"node-opcua-common": "2.173.0",
|
|
25
25
|
"node-opcua-constants": "2.157.0",
|
|
26
|
-
"node-opcua-crypto": "5.3.
|
|
27
|
-
"node-opcua-data-model": "2.
|
|
28
|
-
"node-opcua-debug": "2.
|
|
29
|
-
"node-opcua-file-transfer": "2.
|
|
26
|
+
"node-opcua-crypto": "5.3.6",
|
|
27
|
+
"node-opcua-data-model": "2.173.0",
|
|
28
|
+
"node-opcua-debug": "2.172.0",
|
|
29
|
+
"node-opcua-file-transfer": "2.173.0",
|
|
30
30
|
"node-opcua-hostname": "2.167.0",
|
|
31
|
-
"node-opcua-nodeid": "2.
|
|
32
|
-
"node-opcua-pki": "6.
|
|
33
|
-
"node-opcua-pseudo-session": "2.
|
|
34
|
-
"node-opcua-secure-channel": "2.
|
|
35
|
-
"node-opcua-server": "2.
|
|
36
|
-
"node-opcua-service-translate-browse-path": "2.
|
|
37
|
-
"node-opcua-status-code": "2.
|
|
38
|
-
"node-opcua-types": "2.
|
|
39
|
-
"node-opcua-
|
|
31
|
+
"node-opcua-nodeid": "2.173.0",
|
|
32
|
+
"node-opcua-pki": "6.17.0",
|
|
33
|
+
"node-opcua-pseudo-session": "2.173.0",
|
|
34
|
+
"node-opcua-secure-channel": "2.173.0",
|
|
35
|
+
"node-opcua-server": "2.173.0",
|
|
36
|
+
"node-opcua-service-translate-browse-path": "2.173.0",
|
|
37
|
+
"node-opcua-status-code": "2.173.0",
|
|
38
|
+
"node-opcua-types": "2.173.0",
|
|
39
|
+
"node-opcua-utils": "2.173.0",
|
|
40
|
+
"node-opcua-variant": "2.173.0"
|
|
40
41
|
},
|
|
41
42
|
"devDependencies": {
|
|
42
43
|
"bcryptjs": "3.0.3",
|
|
43
|
-
"node-opcua-client": "2.
|
|
44
|
-
"node-opcua-data-value": "2.
|
|
45
|
-
"node-opcua-leak-detector": "2.
|
|
44
|
+
"node-opcua-client": "2.173.0",
|
|
45
|
+
"node-opcua-data-value": "2.173.0",
|
|
46
|
+
"node-opcua-leak-detector": "2.172.0",
|
|
46
47
|
"node-opcua-nodesets": "2.163.1"
|
|
47
48
|
},
|
|
48
49
|
"author": "Etienne Rossignon",
|
|
@@ -60,7 +61,7 @@
|
|
|
60
61
|
"internet of things"
|
|
61
62
|
],
|
|
62
63
|
"homepage": "http://node-opcua.github.io/",
|
|
63
|
-
"gitHead": "
|
|
64
|
+
"gitHead": "4aa6634e2e1e14e223fa46a632438295be12744c",
|
|
64
65
|
"files": [
|
|
65
66
|
"dist",
|
|
66
67
|
"source"
|
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
* @module node-opcua-server-configuration-server
|
|
3
3
|
*/
|
|
4
4
|
|
|
5
|
-
import crypto from "node:crypto";
|
|
6
5
|
import fs from "node:fs";
|
|
7
6
|
import os from "node:os";
|
|
8
7
|
import path from "node:path";
|
|
9
8
|
import { make_debugLog, make_errorLog, make_warningLog } from "node-opcua-debug";
|
|
9
|
+
import { randomBytes } from "node-opcua-utils";
|
|
10
10
|
|
|
11
11
|
const debugLog = make_debugLog("ServerConfiguration");
|
|
12
12
|
const errorLog = make_errorLog("ServerConfiguration");
|
|
@@ -81,7 +81,7 @@ export class FileTransactionManager {
|
|
|
81
81
|
// ensure tmpdir exists
|
|
82
82
|
const tmpDir = await this.getTmpDir();
|
|
83
83
|
|
|
84
|
-
const uniqueFileName = `${
|
|
84
|
+
const uniqueFileName = `${randomBytes(16).toString("hex")}.tmp`;
|
|
85
85
|
const tempFilePath = path.join(tmpDir, uniqueFileName);
|
|
86
86
|
|
|
87
87
|
if (encoding) {
|
|
@@ -109,7 +109,7 @@ export class FileTransactionManager {
|
|
|
109
109
|
}
|
|
110
110
|
// Create a backup before deleting so rollback can restore it
|
|
111
111
|
const tmpDir = await this.getTmpDir();
|
|
112
|
-
const uniqueFileName = `${
|
|
112
|
+
const uniqueFileName = `${randomBytes(16).toString("hex")}_backup.tmp`;
|
|
113
113
|
const backupPath = path.join(tmpDir, uniqueFileName);
|
|
114
114
|
this.#backupFiles.set(filePath, backupPath);
|
|
115
115
|
|
|
@@ -147,7 +147,7 @@ export class FileTransactionManager {
|
|
|
147
147
|
*/
|
|
148
148
|
async #moveFileWithBackupTracked(source: string, dest: string): Promise<void> {
|
|
149
149
|
const tmpDir = await this.getTmpDir();
|
|
150
|
-
const uniqueFileName = `${
|
|
150
|
+
const uniqueFileName = `${randomBytes(16).toString("hex")}_backup.tmp`;
|
|
151
151
|
const backupPath = path.join(tmpDir, uniqueFileName);
|
|
152
152
|
|
|
153
153
|
// Track the backup before creating it
|
|
@@ -1,14 +1,18 @@
|
|
|
1
1
|
import fs from "node:fs";
|
|
2
2
|
import path from "node:path";
|
|
3
|
-
import type { UAObject } from "node-opcua-address-space-base";
|
|
3
|
+
import type { ITypedEventEmitter, UAObject, UAObjectEvents } from "node-opcua-address-space-base";
|
|
4
4
|
import { make_debugLog } from "node-opcua-debug";
|
|
5
5
|
|
|
6
6
|
const debugLog = make_debugLog("ServerConfiguration");
|
|
7
7
|
|
|
8
|
-
|
|
9
|
-
|
|
8
|
+
|
|
9
|
+
export interface CertificateChangeEvents extends UAObjectEvents {
|
|
10
|
+
certificateChange: () => void;
|
|
10
11
|
}
|
|
11
|
-
export function installCertificateFileWatcher(
|
|
12
|
+
export function installCertificateFileWatcher(
|
|
13
|
+
node: UAObject<CertificateChangeEvents>,
|
|
14
|
+
certificateFile: string
|
|
15
|
+
): ITypedEventEmitter<CertificateChangeEvents> {
|
|
12
16
|
const fileToWatch = path.basename(certificateFile);
|
|
13
17
|
const fsWatcher = fs.watch(
|
|
14
18
|
path.dirname(certificateFile),
|
|
@@ -25,5 +29,5 @@ export function installCertificateFileWatcher(node: UAObject, certificateFile: s
|
|
|
25
29
|
addressSpace?.registerShutdownTask(() => {
|
|
26
30
|
fsWatcher.close();
|
|
27
31
|
});
|
|
28
|
-
return node
|
|
32
|
+
return node;
|
|
29
33
|
}
|
|
@@ -7,8 +7,8 @@ import chalk from "chalk";
|
|
|
7
7
|
|
|
8
8
|
import type { AddressSpace, UAServerConfiguration } from "node-opcua-address-space";
|
|
9
9
|
import { assert } from "node-opcua-assert";
|
|
10
|
-
import
|
|
11
|
-
import { type ICertificateKeyPairProvider
|
|
10
|
+
import { OPCUACertificateManager } from "node-opcua-certificate-manager";
|
|
11
|
+
import { DiskCertificateKeyPairProvider, type ICertificateKeyPairProvider } from "node-opcua-common";
|
|
12
12
|
import { type Certificate, split_der, exploreCertificateInfo } from "node-opcua-crypto/web";
|
|
13
13
|
import { checkDebugFlag, make_debugLog, make_errorLog, make_warningLog } from "node-opcua-debug";
|
|
14
14
|
import { invalidateServerCertificateCache, type OPCUAServer, type OPCUAServerEndPoint } from "node-opcua-server";
|
|
@@ -29,10 +29,12 @@ const CERT_PEM_RELATIVE_PATH = "own/certs/certificate.pem";
|
|
|
29
29
|
export interface OPCUAServerPartial extends ICertificateKeyPairProvider {
|
|
30
30
|
serverInfo?: ApplicationDescriptionOptions;
|
|
31
31
|
serverCertificateManager: OPCUACertificateManager;
|
|
32
|
-
privateKeyFile: string;
|
|
33
32
|
certificateFile: string;
|
|
33
|
+
privateKeyFile: string;
|
|
34
34
|
engine: { addressSpace?: AddressSpace };
|
|
35
35
|
createDefaultCertificate(): Promise<void>;
|
|
36
|
+
setProvider(provider: ICertificateKeyPairProvider): void;
|
|
37
|
+
invalidateCachedCertificates(): void;
|
|
36
38
|
}
|
|
37
39
|
|
|
38
40
|
async function onCertificateAboutToChange(server: OPCUAServer) {
|
|
@@ -76,23 +78,20 @@ async function onApplyChangesCompleted(server: OPCUAServer) {
|
|
|
76
78
|
}
|
|
77
79
|
|
|
78
80
|
/**
|
|
79
|
-
* Redirect the server's
|
|
80
|
-
*
|
|
81
|
-
*
|
|
81
|
+
* Redirect the server's certificate provider to the cert manager's
|
|
82
|
+
* paths, create a default certificate if none exists, and invalidate
|
|
83
|
+
* cached secrets.
|
|
82
84
|
*/
|
|
83
85
|
async function install(this: OPCUAServerPartial): Promise<void> {
|
|
84
86
|
doDebug && debugLog("install push certificate management", this.serverCertificateManager.rootDir);
|
|
85
87
|
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
configurable: true,
|
|
94
|
-
enumerable: true
|
|
95
|
-
});
|
|
88
|
+
const certFile = path.join(this.serverCertificateManager.rootDir, CERT_PEM_RELATIVE_PATH);
|
|
89
|
+
const keyFile = this.serverCertificateManager.privateKey;
|
|
90
|
+
|
|
91
|
+
// Inject a new disk provider pointing at the cert manager's
|
|
92
|
+
// paths. The server's certificateFile/privateKeyFile getters
|
|
93
|
+
// now automatically return the new paths.
|
|
94
|
+
this.setProvider(new DiskCertificateKeyPairProvider(certFile, keyFile));
|
|
96
95
|
|
|
97
96
|
// Delegate to the base server's createDefaultCertificate() which
|
|
98
97
|
// handles DNS (fqdn + hostname + configured), IPs (auto + configured),
|
|
@@ -101,7 +100,7 @@ async function install(this: OPCUAServerPartial): Promise<void> {
|
|
|
101
100
|
|
|
102
101
|
// Invalidate any previously cached secrets so that
|
|
103
102
|
// getCertificateChain() / getPrivateKey() will re-read from disk.
|
|
104
|
-
|
|
103
|
+
this.invalidateCachedCertificates();
|
|
105
104
|
}
|
|
106
105
|
|
|
107
106
|
interface UAServerConfigurationEx extends UAServerConfiguration {
|
|
@@ -117,14 +116,27 @@ export async function installPushCertificateManagementOnServer(server: OPCUAServ
|
|
|
117
116
|
}
|
|
118
117
|
await install.call(server as unknown as OPCUAServerPartial);
|
|
119
118
|
|
|
120
|
-
// After install()
|
|
121
|
-
// the
|
|
122
|
-
//
|
|
123
|
-
//
|
|
124
|
-
|
|
119
|
+
// After install() injected a new DiskCertificateKeyPairProvider,
|
|
120
|
+
// set the same provider on each endpoint so they all read from
|
|
121
|
+
// the cert manager's paths.
|
|
122
|
+
// Push certificate management is inherently disk-based.
|
|
123
|
+
// Assert that the store is a disk-based OPCUACertificateManager.
|
|
124
|
+
if (!(server.serverCertificateManager instanceof OPCUACertificateManager)) {
|
|
125
|
+
throw new Error(
|
|
126
|
+
"installPushCertificateManagementOnServer requires a" +
|
|
127
|
+
" disk-based OPCUACertificateManager as" +
|
|
128
|
+
" serverCertificateManager"
|
|
129
|
+
);
|
|
130
|
+
}
|
|
131
|
+
const cm = server.serverCertificateManager;
|
|
132
|
+
const certFile = path.join(cm.rootDir, CERT_PEM_RELATIVE_PATH);
|
|
133
|
+
const keyFile = cm.privateKey;
|
|
134
|
+
for (const endpoint of server.endpoints) {
|
|
135
|
+
endpoint.setCertificateProvider(new DiskCertificateKeyPairProvider(certFile, keyFile));
|
|
136
|
+
}
|
|
125
137
|
|
|
126
138
|
await installPushCertificateManagement(server.engine.addressSpace, {
|
|
127
|
-
applicationGroup:
|
|
139
|
+
applicationGroup: cm,
|
|
128
140
|
userTokenGroup: server.userCertificateManager,
|
|
129
141
|
|
|
130
142
|
applicationUri: server.serverInfo.applicationUri || "InvalidURI"
|
|
@@ -241,7 +253,7 @@ async function autoTrustCertificateChain(
|
|
|
241
253
|
return;
|
|
242
254
|
}
|
|
243
255
|
|
|
244
|
-
const cm = server.serverCertificateManager;
|
|
256
|
+
const cm = server.serverCertificateManager as unknown as OPCUACertificateManager;
|
|
245
257
|
|
|
246
258
|
for (let i = 0; i < chain.length; i++) {
|
|
247
259
|
const cert = chain[i];
|