node-opcua-server 2.117.0 → 2.119.0

package/source/server_end_point.ts

@@ -1,12 +1,13 @@
+/* eslint-disable max-statements */
 /**
  * @module node-opcua-server
  */
 // tslint:disable:no-console
 import { EventEmitter } from "events";
-import * as net from "net";
+import net from "net";
 import { Server, Socket } from "net";
 import chalk from "chalk";
-import * as async from "async";
+import async from "async";
 
 import { assert } from "node-opcua-assert";
 import { OPCUACertificateManager } from "node-opcua-certificate-manager";
@@ -120,6 +121,10 @@ export interface OPCUAServerEndPointOptions {
      * the tcp port
      */
     port: number;
+    /**
+     * the tcp host
+     */
+    host?: string;
     /**
      * the DER certificate chain
      */
@@ -207,6 +212,7 @@ export class OPCUAServerEndPoint extends EventEmitter implements ServerSecureCha
      * the tcp port
      */
     public port: number;
+    public host: string | undefined;
     public certificateManager: OPCUACertificateManager;
     public defaultSecureTokenLifetime: number;
     public maxConnections: number;
@@ -244,6 +250,7 @@ export class OPCUAServerEndPoint extends EventEmitter implements ServerSecureCha
         options.port = options.port || 0;
 
         this.port = parseInt(options.port.toString(), 10);
+        this.host = options.host;
         assert(typeof this.port === "number");
 
         this._certificateChain = options.certificateChain;
@@ -294,9 +301,8 @@ export class OPCUAServerEndPoint extends EventEmitter implements ServerSecureCha
     }
 
     public toString(): string {
+        const privateKeyThumpPrint = makePrivateKeyThumbPrint(this.getPrivateKey());
 
-        const privateKeyThumpPrint = makePrivateKeyThumbPrint(this.getPrivateKey())
-        
         const txt =
             " end point" +
             this._counter +
@@ -510,8 +516,13 @@ export class OPCUAServerEndPoint extends EventEmitter implements ServerSecureCha
             debugLog("server is listening");
         });
 
+        const listenOptions: net.ListenOptions = {
+            port: this.port,
+            host: this.host
+        };
+
         this._server!.listen(
-            this.port,
+            listenOptions,
             /*"::",*/ (err?: Error) => {
                 // 'listening' listener
                 debugLog(chalk.green.bold("LISTENING TO PORT "), this.port, "err  ", err);
@@ -1111,22 +1122,42 @@ function _makeEndpointDescription(options: MakeEndpointDescriptionOptions, paren
             //  when channel session security is not "None",
             //  userIdentityTokens can be left to null.
             //  in this case this mean that secure policy will be the same as connection security policy
-            registerIdentity({
-                policyId: u("usernamePassword"),
-                tokenType: UserTokenType.UserName,
-                issuedTokenType: null,
-                issuerEndpointUrl: null,
-                securityPolicyUri: null
-            });
+            // istanbul ignore next
+            if (process.env.NODEOPCUA_SERVER_EMULATE_SIEMENS) {
+                // However, for some reason SIEMENS plc requires that password get encrypted even though
+                // the secure channel is also encrypted ....
+                // you can set the NODEOPCUA_SERVER_EMULATE_SIEMENS env variable to simulate this behavior
+                const registerIdentity3 = (tokenType: UserTokenType, securityPolicy: SecurityPolicy, name: string) => {
+                    const identity = {
+                        policyId: u(name),
+                        tokenType,
+                        issuedTokenType: null,
+                        issuerEndpointUrl: null,
+                        securityPolicyUri: securityPolicy
+                    };
+                    userIdentityTokens.push(identity);
+                };
+                registerIdentity3(UserTokenType.UserName, SecurityPolicy.Basic256, "username_basic256");
+                registerIdentity3(UserTokenType.UserName, SecurityPolicy.Basic128Rsa15, "username_basic128Rsa15");
+                registerIdentity3(UserTokenType.UserName, SecurityPolicy.Basic256Sha256, "username_basic256Sha256");
+            } else {
+                registerIdentity({
+                    policyId: u("usernamePassword"),
+                    tokenType: UserTokenType.UserName,
+                    issuedTokenType: null,
+                    issuerEndpointUrl: null,
+                    securityPolicyUri: null
+                });
 
-            registerIdentity({
-                policyId: u("certificateX509"),
-                tokenType: UserTokenType.Certificate,
+                registerIdentity({
+                    policyId: u("certificateX509"),
+                    tokenType: UserTokenType.Certificate,
 
-                issuedTokenType: null,
-                issuerEndpointUrl: null,
-                securityPolicyUri: null
-            });
+                    issuedTokenType: null,
+                    issuerEndpointUrl: null,
+                    securityPolicyUri: null
+                });
+            }
         }
 
         registerIdentity({
@@ -1155,7 +1186,7 @@ function _makeEndpointDescription(options: MakeEndpointDescriptionOptions, paren
     endpoint._parent = parent;
 
     // endpointUrl is dynamic as port number may be adjusted
-    // when the tcp socker start listening
+    // when the tcp socket start listening
     (endpoint as any).__defineGetter__("endpointUrl", () => {
         const port = endpoint._parent.port;
         const resourcePath = options.resourcePath || "";

package/source/server_engine.ts

@@ -3,7 +3,7 @@
  */
 import { EventEmitter } from "events";
 import { types } from "util";
-import * as async from "async";
+import async from "async";
 import chalk from "chalk";
 import { assert } from "node-opcua-assert";
 import { BinaryStream } from "node-opcua-binary-stream";
@@ -65,7 +65,8 @@ import {
     CallMethodResultOptions,
     ReadRequestOptions,
     BrowseDescriptionOptions,
-    CallMethodRequest
+    CallMethodRequest,
+    ApplicationType
 } from "node-opcua-types";
 import { DataType, isValidVariant, Variant, VariantArrayType } from "node-opcua-variant";
 
@@ -287,7 +288,39 @@ function _get_next_subscriptionId() {
 }
 
 export type StringGetter = () => string;
+export type StringArrayGetter = () => string[];
+export type ApplicationTypeGetter = () => ApplicationType;
+export type BooleanGetter = () => boolean;
 
+export interface ServerConfigurationOptions {
+    applicationUri?: string | StringGetter;
+    applicationType?: ApplicationType | ApplicationTypeGetter; // default "Server"
+
+    hasSecureElement?: boolean | BooleanGetter; // default true
+
+    multicastDnsEnabled?: boolean | BooleanGetter; // default true
+
+    productUri?: string | StringGetter;
+
+    // /** @restricted only in professional version */
+    // resetToServerDefaults: () => Promise<void>;
+    // /** @restricted only in professional version */
+    // setAdminPassword?: (password: string) => Promise<void>;
+
+    /**
+     * The SupportedPrivateKeyFormats specifies the PrivateKey formats supported by the Server.
+     * Possible values include “PEM” (see RFC 5958) or “PFX” (see PKCS #12).
+     * @default ["PEM"]
+     */
+    supportedPrivateKeyFormat: string[] | StringArrayGetter;
+
+    /**
+     * The ServerCapabilities Property specifies the capabilities from Annex D
+     * ( see https://reference.opcfoundation.org/GDS/v104/docs/D)  which the Server supports. The value is
+     * the same as the value reported to the LocalDiscoveryServer when the Server calls the RegisterServer2 Service.
+     */
+    serverCapabilities?: string[] | StringArrayGetter; // default|"N/A"]
+}
 export interface ServerEngineOptions {
     applicationUri: string | StringGetter;
 
@@ -299,6 +332,7 @@ export interface ServerEngineOptions {
     serverDiagnosticsEnabled?: boolean;
     serverCapabilities?: ServerCapabilitiesOptions;
     historyServerCapabilities?: HistoryServerCapabilitiesOptions;
+    serverConfiguration?: ServerConfigurationOptions;
 }
 
 export interface CreateSessionOption {
@@ -322,6 +356,7 @@ export class ServerEngine extends EventEmitter implements IAddressSpaceAccessor
     public serverDiagnosticsEnabled: boolean;
     public serverCapabilities: ServerCapabilities;
     public historyServerCapabilities: HistoryServerCapabilities;
+    public serverConfiguration: ServerConfigurationOptions;
     public clientDescription?: ApplicationDescription;
 
     public addressSpace: AddressSpace | null;
@@ -367,6 +402,10 @@ export class ServerEngine extends EventEmitter implements IAddressSpaceAccessor
         // --------------------------------------------------- ServerCapabilities
         options.serverCapabilities = options.serverCapabilities || {};
 
+        options.serverConfiguration = options.serverConfiguration || {
+            supportedPrivateKeyFormat: ["PEM"]
+        };
+
         // https://profiles.opcfoundation.org/profile
         options.serverCapabilities.serverProfileArray = options.serverCapabilities.serverProfileArray || [
             "http://opcfoundation.org/UA-Profile/Server/Standard", // Standard UA Server Profile",
@@ -405,6 +444,8 @@ export class ServerEngine extends EventEmitter implements IAddressSpaceAccessor
             return MonitoredItem.minimumSamplingInterval;
         });
 
+        this.serverConfiguration = options.serverConfiguration;
+
         this.historyServerCapabilities = new HistoryServerCapabilities(options.historyServerCapabilities);
 
         // --------------------------------------------------- serverDiagnosticsSummary extension Object
@@ -1133,12 +1174,49 @@ export class ServerEngine extends EventEmitter implements IAddressSpaceAccessor
                 });
             };
 
+            type Getter<T> = () => T;
+            function r<T>(a: undefined | T | Getter<T>, defaultValue: T): T {
+                if (a === undefined) return defaultValue;
+                if (typeof a === "function") {
+                    return (a as any)();
+                }
+                return a;
+            }
+            const bindServerConfigurationBasic = () => {
+                bindStandardArray(VariableIds.ServerConfiguration_ServerCapabilities, DataType.String, DataType.String, () =>
+                    r(this.serverConfiguration.serverCapabilities, ["NA"])
+                );
+                bindStandardScalar(VariableIds.ServerConfiguration_ApplicationType, DataType.Int32, () =>
+                    r(this.serverConfiguration.applicationType, ApplicationType.Server)
+                );
+                bindStandardScalar(VariableIds.ServerConfiguration_ApplicationUri, DataType.String, () =>
+                    r(this.serverConfiguration.applicationUri, "")
+                );
+                bindStandardScalar(VariableIds.ServerConfiguration_ProductUri, DataType.String, () =>
+                    r(this.serverConfiguration.productUri, "")
+                );
+                bindStandardScalar(VariableIds.ServerConfiguration_HasSecureElement, DataType.Boolean, () =>
+                    r(this.serverConfiguration.hasSecureElement, false)
+                );
+                bindStandardScalar(VariableIds.ServerConfiguration_MulticastDnsEnabled, DataType.Boolean, () =>
+                    r(this.serverConfiguration.multicastDnsEnabled, false)
+                );
+                bindStandardArray(
+                    VariableIds.ServerConfiguration_SupportedPrivateKeyFormats,
+                    DataType.String,
+                    DataType.String,
+                    () => r(this.serverConfiguration.supportedPrivateKeyFormat, ["PEM"])
+                );
+            };
+
             bindServerDiagnostics();
 
             bindServerStatus();
 
             bindServerCapabilities();
 
+            bindServerConfigurationBasic();
+
             bindHistoryServerCapabilities();
 
             const bindExtraStuff = () => {