node-opcua-server-configuration 2.97.0 → 2.98.1

package/dist/server/install_push_certitifate_management.js

@@ -1,216 +1,216 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.installPushCertificateManagementOnServer = void 0;
-/**
- * @module node-opcua-server-configuration-server
- */
-const fs = require("fs");
-const os = require("os");
-const path = require("path");
-const crypto_1 = require("crypto");
-const chalk = require("chalk");
-const node_opcua_assert_1 = require("node-opcua-assert");
-const node_opcua_crypto_1 = require("node-opcua-crypto");
-const node_opcua_debug_1 = require("node-opcua-debug");
-const node_opcua_hostname_1 = require("node-opcua-hostname");
-const push_certificate_manager_helpers_1 = require("./push_certificate_manager_helpers");
-// node 14 onward : import {  readFile } from "fs/promises";
-const { readFile } = fs.promises;
-const debugLog = (0, node_opcua_debug_1.make_debugLog)("ServerConfiguration");
-const errorLog = (0, node_opcua_debug_1.make_errorLog)("ServerConfiguration");
-const doDebug = (0, node_opcua_debug_1.checkDebugFlag)("ServerConfiguration");
-function getCertificate() {
-    if (!this.$$certificate) {
-        const certificateChain = getCertificateChain.call(this);
-        this.$$certificate = (0, node_opcua_crypto_1.split_der)(certificateChain)[0];
-    }
-    return this.$$certificate;
-}
-function getCertificateChain() {
-    if (!this.$$certificateChain) {
-        throw new Error("internal Error. cannot find $$certificateChain");
-    }
-    return this.$$certificateChain;
-}
-function getPrivateKey() {
-    // istanbul ignore next
-    if (!this.$$privateKey) {
-        throw new Error("internal Error. cannot find $$privateKey");
-    }
-    return this.$$privateKey;
-}
-function getIpAddresses() {
-    return __awaiter(this, void 0, void 0, function* () {
-        const ipAddresses = [];
-        const netInterfaces = os.networkInterfaces();
-        for (const interfaceName of Object.keys(netInterfaces)) {
-            if (!netInterfaces[interfaceName]) {
-                continue;
-            }
-            for (const interFace of netInterfaces[interfaceName]) {
-                if ("IPv4" !== interFace.family || interFace.internal !== false) {
-                    // skip over internal (i.e. 127.0.0.1) and non-ipv4 addresses
-                    continue;
-                }
-                ipAddresses.push(interFace.address);
-            }
-        }
-        return ipAddresses;
-    });
-}
-/**
- *
- */
-function install() {
-    return __awaiter(this, void 0, void 0, function* () {
-        debugLog("install push certificate management", this.serverCertificateManager.rootDir);
-        this.__defineGetter__("privateKeyFile", () => this.serverCertificateManager.privateKey);
-        this.__defineGetter__("certificateFile", () => path.join(this.serverCertificateManager.rootDir, "own/certs/certificate.pem"));
-        if (!this.$$privateKey) {
-            this.$$privateKey = (0, crypto_1.createPrivateKey)(yield readFile(this.serverCertificateManager.privateKey, "utf8"));
-        }
-        if (!this.$$certificateChain) {
-            const certificateFile = this.certificateFile;
-            if (!fs.existsSync(certificateFile)) {
-                // this is the first time server is launch
-                // let's create a default self signed certificate with limited validity
-                const fqdn = yield (0, node_opcua_hostname_1.getFullyQualifiedDomainName)();
-                const ipAddresses = yield getIpAddresses();
-                const applicationUri = (this.serverInfo ? this.serverInfo.applicationUri : null) || "uri:MISSING";
-                const options = {
-                    applicationUri,
-                    dns: [fqdn],
-                    ip: ipAddresses,
-                    subject: "/CN=" + applicationUri + ";/L=Paris",
-                    startDate: new Date(),
-                    validity: 365 * 5,
-                    /* */
-                    outputFile: certificateFile
-                };
-                debugLog("creating self signed certificate", options);
-                yield this.serverCertificateManager.createSelfSignedCertificate(options);
-            }
-            const certificatePEM = yield readFile(certificateFile, "utf8");
-            this.$$certificateChain = (0, node_opcua_crypto_1.convertPEMtoDER)(certificatePEM);
-            //  await this.serverCertificateManager.trustCertificate( this.$$certificateChain);
-        }
-    });
-}
-function getCertificateChainEP() {
-    const certificateFile = path.join(this.certificateManager.rootDir, "own/certs/certificate.pem");
-    const certificatePEM = fs.readFileSync(certificateFile, "utf8");
-    const $$certificateChain = (0, node_opcua_crypto_1.convertPEMtoDER)(certificatePEM);
-    const thumbprint = (0, node_opcua_crypto_1.makeSHA1Thumbprint)($$certificateChain);
-    return $$certificateChain;
-}
-function getPrivateKeyEP() {
-    const $$privateKey = (0, crypto_1.createPrivateKey)(fs.readFileSync(this.certificateManager.privateKey, "utf8"));
-    return $$privateKey;
-}
-function onCertificateAboutToChange(server) {
-    return __awaiter(this, void 0, void 0, function* () {
-        debugLog(chalk.yellow(" onCertificateAboutToChange => Suspending End points"));
-        yield server.suspendEndPoints();
-        debugLog(chalk.yellow(" onCertificateAboutToChange => End points suspended"));
-    });
-}
-/**
- * onCertificateChange is called when the serverConfiguration notifies
- * that the server certificate and/or private key has changed.
- *
- * this function suspends all endpoint listeners and stop all existing channels
- * then start all endpoint listener
- *
- * @param server
- */
-function onCertificateChange(server) {
-    return __awaiter(this, void 0, void 0, function* () {
-        debugLog("on CertificateChanged");
-        const _server = server;
-        _server.$$privateKey = (0, crypto_1.createPrivateKey)(fs.readFileSync(server.serverCertificateManager.privateKey, "utf8"));
-        const certificateFile = path.join(server.serverCertificateManager.rootDir, "own/certs/certificate.pem");
-        const certificatePEM = fs.readFileSync(certificateFile, "utf8");
-        const privateKeyFile = server.serverCertificateManager.privateKey;
-        const privateKey = (0, crypto_1.createPrivateKey)(fs.readFileSync(privateKeyFile, "utf8"));
-        // also reread the private key
-        _server.$$certificateChain = (0, node_opcua_crypto_1.convertPEMtoDER)(certificatePEM);
-        _server.$$privateKey = privateKey;
-        // note : $$certificate will be reconstructed on demand
-        _server.$$certificate = (0, node_opcua_crypto_1.split_der)(_server.$$certificateChain)[0];
-        setTimeout(() => __awaiter(this, void 0, void 0, function* () {
-            try {
-                debugLog(chalk.yellow(" onCertificateChange => shutting down channels"));
-                yield server.shutdownChannels();
-                debugLog(chalk.yellow(" onCertificateChange => channels shut down"));
-                debugLog(chalk.yellow(" onCertificateChange => resuming end points"));
-                yield server.resumeEndPoints();
-                debugLog(chalk.yellow(" onCertificateChange => end points resumed"));
-                debugLog(chalk.yellow("channels have been closed -> client should reconnect "));
-            }
-            catch (err) {
-                if (err instanceof Error) {
-                    errorLog("Error in CertificateChanged handler ", err.message);
-                }
-                debugLog("err = ", err);
-            }
-        }), 2000);
-    });
-}
-function installPushCertificateManagementOnServer(server) {
-    return __awaiter(this, void 0, void 0, function* () {
-        if (!server.engine || !server.engine.addressSpace) {
-            throw new Error("Server must have a valid address space." +
-                "you need to call installPushCertificateManagementOnServer after server has been initialized");
-        }
-        yield install.call(server);
-        server.getCertificate = getCertificate;
-        server.getCertificateChain = getCertificateChain;
-        server.getPrivateKey = getPrivateKey;
-        for (const endpoint of server.endpoints) {
-            const endpointPriv = endpoint;
-            endpointPriv._certificateChain = null;
-            endpointPriv._privateKey = null;
-            endpoint.getCertificateChain = getCertificateChainEP;
-            endpoint.getPrivateKey = getPrivateKeyEP;
-            for (const e of endpoint.endpointDescriptions()) {
-                // e.serverCertificate = null;
-                e.__defineGetter__("serverCertificate", function () {
-                    return endpoint.getCertificate();
-                });
-            }
-        }
-        yield (0, push_certificate_manager_helpers_1.installPushCertificateManagement)(server.engine.addressSpace, {
-            applicationGroup: server.serverCertificateManager,
-            userTokenGroup: server.userCertificateManager,
-            applicationUri: server.serverInfo.applicationUri || "InvalidURI"
-        });
-        const serverConfiguration = server.engine.addressSpace.rootFolder.objects.server.getChildByName("ServerConfiguration");
-        const serverConfigurationPriv = serverConfiguration;
-        (0, node_opcua_assert_1.assert)(serverConfigurationPriv.$pushCertificateManager);
-        serverConfigurationPriv.$pushCertificateManager.on("CertificateAboutToChange", (actionQueue) => {
-            actionQueue.push(() => __awaiter(this, void 0, void 0, function* () {
-                debugLog("CertificateAboutToChange Event received");
-                yield onCertificateAboutToChange(server);
-                debugLog("CertificateAboutToChange Event processed");
-            }));
-        });
-        serverConfigurationPriv.$pushCertificateManager.on("CertificateChanged", (actionQueue) => {
-            actionQueue.push(() => __awaiter(this, void 0, void 0, function* () {
-                debugLog("CertificateChanged Event received");
-                yield onCertificateChange(server);
-                debugLog("CertificateChanged Event processed");
-            }));
-        });
-    });
-}
-exports.installPushCertificateManagementOnServer = installPushCertificateManagementOnServer;
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.installPushCertificateManagementOnServer = void 0;
+/**
+ * @module node-opcua-server-configuration-server
+ */
+const fs = require("fs");
+const os = require("os");
+const path = require("path");
+const crypto_1 = require("crypto");
+const chalk = require("chalk");
+const node_opcua_assert_1 = require("node-opcua-assert");
+const node_opcua_crypto_1 = require("node-opcua-crypto");
+const node_opcua_debug_1 = require("node-opcua-debug");
+const node_opcua_hostname_1 = require("node-opcua-hostname");
+const push_certificate_manager_helpers_1 = require("./push_certificate_manager_helpers");
+// node 14 onward : import {  readFile } from "fs/promises";
+const { readFile } = fs.promises;
+const debugLog = (0, node_opcua_debug_1.make_debugLog)("ServerConfiguration");
+const errorLog = (0, node_opcua_debug_1.make_errorLog)("ServerConfiguration");
+const doDebug = (0, node_opcua_debug_1.checkDebugFlag)("ServerConfiguration");
+function getCertificate() {
+    if (!this.$$certificate) {
+        const certificateChain = getCertificateChain.call(this);
+        this.$$certificate = (0, node_opcua_crypto_1.split_der)(certificateChain)[0];
+    }
+    return this.$$certificate;
+}
+function getCertificateChain() {
+    if (!this.$$certificateChain) {
+        throw new Error("internal Error. cannot find $$certificateChain");
+    }
+    return this.$$certificateChain;
+}
+function getPrivateKey() {
+    // istanbul ignore next
+    if (!this.$$privateKey) {
+        throw new Error("internal Error. cannot find $$privateKey");
+    }
+    return this.$$privateKey;
+}
+function getIpAddresses() {
+    return __awaiter(this, void 0, void 0, function* () {
+        const ipAddresses = [];
+        const netInterfaces = os.networkInterfaces();
+        for (const interfaceName of Object.keys(netInterfaces)) {
+            if (!netInterfaces[interfaceName]) {
+                continue;
+            }
+            for (const interFace of netInterfaces[interfaceName]) {
+                if ("IPv4" !== interFace.family || interFace.internal !== false) {
+                    // skip over internal (i.e. 127.0.0.1) and non-ipv4 addresses
+                    continue;
+                }
+                ipAddresses.push(interFace.address);
+            }
+        }
+        return ipAddresses;
+    });
+}
+/**
+ *
+ */
+function install() {
+    return __awaiter(this, void 0, void 0, function* () {
+        debugLog("install push certificate management", this.serverCertificateManager.rootDir);
+        this.__defineGetter__("privateKeyFile", () => this.serverCertificateManager.privateKey);
+        this.__defineGetter__("certificateFile", () => path.join(this.serverCertificateManager.rootDir, "own/certs/certificate.pem"));
+        if (!this.$$privateKey) {
+            this.$$privateKey = (0, crypto_1.createPrivateKey)(yield readFile(this.serverCertificateManager.privateKey, "utf8"));
+        }
+        if (!this.$$certificateChain) {
+            const certificateFile = this.certificateFile;
+            if (!fs.existsSync(certificateFile)) {
+                // this is the first time server is launch
+                // let's create a default self signed certificate with limited validity
+                const fqdn = yield (0, node_opcua_hostname_1.getFullyQualifiedDomainName)();
+                const ipAddresses = yield getIpAddresses();
+                const applicationUri = (this.serverInfo ? this.serverInfo.applicationUri : null) || "uri:MISSING";
+                const options = {
+                    applicationUri,
+                    dns: [fqdn],
+                    ip: ipAddresses,
+                    subject: "/CN=" + applicationUri + ";/L=Paris",
+                    startDate: new Date(),
+                    validity: 365 * 5,
+                    /* */
+                    outputFile: certificateFile
+                };
+                debugLog("creating self signed certificate", options);
+                yield this.serverCertificateManager.createSelfSignedCertificate(options);
+            }
+            const certificatePEM = yield readFile(certificateFile, "utf8");
+            this.$$certificateChain = (0, node_opcua_crypto_1.convertPEMtoDER)(certificatePEM);
+            //  await this.serverCertificateManager.trustCertificate( this.$$certificateChain);
+        }
+    });
+}
+function getCertificateChainEP() {
+    const certificateFile = path.join(this.certificateManager.rootDir, "own/certs/certificate.pem");
+    const certificatePEM = fs.readFileSync(certificateFile, "utf8");
+    const $$certificateChain = (0, node_opcua_crypto_1.convertPEMtoDER)(certificatePEM);
+    const thumbprint = (0, node_opcua_crypto_1.makeSHA1Thumbprint)($$certificateChain);
+    return $$certificateChain;
+}
+function getPrivateKeyEP() {
+    const $$privateKey = (0, crypto_1.createPrivateKey)(fs.readFileSync(this.certificateManager.privateKey, "utf8"));
+    return $$privateKey;
+}
+function onCertificateAboutToChange(server) {
+    return __awaiter(this, void 0, void 0, function* () {
+        debugLog(chalk.yellow(" onCertificateAboutToChange => Suspending End points"));
+        yield server.suspendEndPoints();
+        debugLog(chalk.yellow(" onCertificateAboutToChange => End points suspended"));
+    });
+}
+/**
+ * onCertificateChange is called when the serverConfiguration notifies
+ * that the server certificate and/or private key has changed.
+ *
+ * this function suspends all endpoint listeners and stop all existing channels
+ * then start all endpoint listener
+ *
+ * @param server
+ */
+function onCertificateChange(server) {
+    return __awaiter(this, void 0, void 0, function* () {
+        debugLog("on CertificateChanged");
+        const _server = server;
+        _server.$$privateKey = (0, crypto_1.createPrivateKey)(fs.readFileSync(server.serverCertificateManager.privateKey, "utf8"));
+        const certificateFile = path.join(server.serverCertificateManager.rootDir, "own/certs/certificate.pem");
+        const certificatePEM = fs.readFileSync(certificateFile, "utf8");
+        const privateKeyFile = server.serverCertificateManager.privateKey;
+        const privateKey = (0, crypto_1.createPrivateKey)(fs.readFileSync(privateKeyFile, "utf8"));
+        // also reread the private key
+        _server.$$certificateChain = (0, node_opcua_crypto_1.convertPEMtoDER)(certificatePEM);
+        _server.$$privateKey = privateKey;
+        // note : $$certificate will be reconstructed on demand
+        _server.$$certificate = (0, node_opcua_crypto_1.split_der)(_server.$$certificateChain)[0];
+        setTimeout(() => __awaiter(this, void 0, void 0, function* () {
+            try {
+                debugLog(chalk.yellow(" onCertificateChange => shutting down channels"));
+                yield server.shutdownChannels();
+                debugLog(chalk.yellow(" onCertificateChange => channels shut down"));
+                debugLog(chalk.yellow(" onCertificateChange => resuming end points"));
+                yield server.resumeEndPoints();
+                debugLog(chalk.yellow(" onCertificateChange => end points resumed"));
+                debugLog(chalk.yellow("channels have been closed -> client should reconnect "));
+            }
+            catch (err) {
+                if (err instanceof Error) {
+                    errorLog("Error in CertificateChanged handler ", err.message);
+                }
+                debugLog("err = ", err);
+            }
+        }), 2000);
+    });
+}
+function installPushCertificateManagementOnServer(server) {
+    return __awaiter(this, void 0, void 0, function* () {
+        if (!server.engine || !server.engine.addressSpace) {
+            throw new Error("Server must have a valid address space." +
+                "you need to call installPushCertificateManagementOnServer after server has been initialized");
+        }
+        yield install.call(server);
+        server.getCertificate = getCertificate;
+        server.getCertificateChain = getCertificateChain;
+        server.getPrivateKey = getPrivateKey;
+        for (const endpoint of server.endpoints) {
+            const endpointPriv = endpoint;
+            endpointPriv._certificateChain = null;
+            endpointPriv._privateKey = null;
+            endpoint.getCertificateChain = getCertificateChainEP;
+            endpoint.getPrivateKey = getPrivateKeyEP;
+            for (const e of endpoint.endpointDescriptions()) {
+                // e.serverCertificate = null;
+                e.__defineGetter__("serverCertificate", function () {
+                    return endpoint.getCertificate();
+                });
+            }
+        }
+        yield (0, push_certificate_manager_helpers_1.installPushCertificateManagement)(server.engine.addressSpace, {
+            applicationGroup: server.serverCertificateManager,
+            userTokenGroup: server.userCertificateManager,
+            applicationUri: server.serverInfo.applicationUri || "InvalidURI"
+        });
+        const serverConfiguration = server.engine.addressSpace.rootFolder.objects.server.getChildByName("ServerConfiguration");
+        const serverConfigurationPriv = serverConfiguration;
+        (0, node_opcua_assert_1.assert)(serverConfigurationPriv.$pushCertificateManager);
+        serverConfigurationPriv.$pushCertificateManager.on("CertificateAboutToChange", (actionQueue) => {
+            actionQueue.push(() => __awaiter(this, void 0, void 0, function* () {
+                debugLog("CertificateAboutToChange Event received");
+                yield onCertificateAboutToChange(server);
+                debugLog("CertificateAboutToChange Event processed");
+            }));
+        });
+        serverConfigurationPriv.$pushCertificateManager.on("CertificateChanged", (actionQueue) => {
+            actionQueue.push(() => __awaiter(this, void 0, void 0, function* () {
+                debugLog("CertificateChanged Event received");
+                yield onCertificateChange(server);
+                debugLog("CertificateChanged Event processed");
+            }));
+        });
+    });
+}
+exports.installPushCertificateManagementOnServer = installPushCertificateManagementOnServer;
 //# sourceMappingURL=install_push_certitifate_management.js.map

package/dist/server/promote_trust_list.d.ts

@@ -1,6 +1,6 @@
-/**
- * @module node-opcua-server-configuration
- */
-import { UATrustList, UAObject, UAVariable } from "node-opcua-address-space";
-export declare function promoteTrustList(trustList: UATrustList): Promise<void>;
-export declare function installAccessRestrictionOnTrustList(trustList: UAVariable | UAObject): void;
+/**
+ * @module node-opcua-server-configuration
+ */
+import { UATrustList, UAObject, UAVariable } from "node-opcua-address-space";
+export declare function promoteTrustList(trustList: UATrustList): Promise<void>;
+export declare function installAccessRestrictionOnTrustList(trustList: UAVariable | UAObject): void;