Releases: OPCFoundation/UA-.NETStandard
OPC UA 1.05 Maintenance Update
1.05.374 roll up until Jan 22nd.
This release is based on the 1.05.03 Nodeset with generated files from the ModelCompiler.
The focus in this release was on perf improvements and bug fixes.
This is also the last official release without ECC support...
Server improvements
- NodeIdDictionary
The underlying dictionary of the commonly used NodeIdDictionary
in node managers is now a ConcurrentDictionary. (see CustomNodeManager2 changes)
Perf comparisons with NodeId hashes showed that the lookup of entries is comparable to the previously used Dictionary, but doesn't require locking in the NodeManager. Now all implementations of GetManagerHandle
can be accessed without locking the node manager, which should reduce contention between service calls. Still, most calls need to be synchronized with locks, but the GetManagerHandle call is decoupled.
Client improvements
- A client fast datachange callback gets now access to the
MoreNotifications
flag, which makes it easier to reshuffle received data changes spread across multiple publish responses. To save the cost of a list translation, the notificationMessage gets a StringCollection for the StringTable instead of a List of strings.
Encoder/Decoder perf improvements
- Taking advantage of stackalloc and Span ins some areas to reduce allocations and JSON escaping.
.NET 9 lib issues
- Linking with .NET 8 LTS caused some issues with referenced .NET9 assemblies, now only .NET 8 flavors are referenced.
Other bug fixes as below
What's Changed
- Fix regression in Node AccessRestrictions: change return type from uint32 to ushort by @romanett in #2883
- fix nullreferenceException in NodeState by @romanett in #2894
- Fix server time and move all readerwriter locks outside of try/finally by @mregen in #2903
- Fix errors and warnings building on other Linux distributions by @mregen in #2908
- Add SetHiResClockDisabled & fix Rejected Store Creation in ApplicationConfigurationBuilder by @romanett #2909
- [Server] Improve GetManagerHandle & introduce a threadSafe NodeIdDictionary by @romanett in #2915
- [Client] Fix match endpoints by @romanett in #2925
- Handle status code Uncertain according to the specification by @larws in #2898
- Merge cherrypicks from master in develop branch by @mregen in #2928
- Fix race condition on Nuget build by @mregen in #2930
- Some .NET 9 maintenance and JSON encoder improvements by @mregen in #2922
- Merge develop/main374 in release branch by @mregen in #2944
Full Changelog: 1.5.374.158...1.5.374.168
OPC UA 1.05 Maintenance Update
1.05.374 roll up until Dec 4th.
This release is based on the 1.05.03 Nodeset with generated files from the ModelCompiler.
The focus in this release was on perf improvements and bug fixes.
Breaking change
Based on a recent security review, the Https server endpoints enforce by request TLS mutual authentication and change behavior without.
It is highly recommended to only use mutual TLS authentication. Some clients may not support the new scheme yet.
A new configuration variable
<HttpsMutualTls>true</HttpsMutualTls>
enables or disables the mutual TLS authentication support (default: true).
The behavior of the https TLS endpoint changes according to the following settings:
HttpsMutualTls is true
- The server checks the trust on the certificate which is used by the client for TLS authentication. It must be a valid OPC UA application certificate which is trusted.
- A client can still connect without providing a client certificate, but then it is only able to call discovery services.
- In order to create a session, the client must use the same application certificate that was used for the TLS channel.
HttpsMutualTls is false
- There is no application authentication. The server endpoint uses security None and there is no client application authentication.
- Instead, only user authentication is used to secure the server, anonymous user authentication is disabled.
- Discovery service calls are supported.
Enhancements
- Supports native .NET 9 assemblies. A new X509CertificateLoader was introduced for older .NET versions to keep the code readable without ifdef.
- Server GDS Push CreateSigningRequest supports regeneration of the public/private key pair. by @romanett.
- Callback to notify about channel token renewal.
- Server detection algorithm for clients which try to exploit the known Basic128Rsa15 vulnerability.
Bug fixes
- Client ReadNodes throws an BadInvalidType if a value type returns null.
- Client reading of large dictionaries is split in chunks. by @ThomasNehring.
- Mixed opc.https and https endpoint prevent a server from starting up .
- Server endpoint certificates were not updated after GDS Push UpdateCertificate. by @romanett.
- Event reports ignore session context. by @Filippo-Oliva-ABB.
- Accept namespace Uri which are not well formed. Stricter handling was added in previous release, but for IOP is again relaxed.
- Reading complex types from a server could cause a null pointer exception in BinaryDecoder. by @marcschier.
- Reading operation limits could cause an exception (thus operation limits were ignored).
- CRL with invalid content could cause exception when reading property with lazy decoding, decode CRL always when constructore is called to catch issues early.
- Channel token HMAC references were not disposed after a channel renew.
- Allow decoding of extension objects which set the length to -1.
- Fix for CauseMappings and bug in ConditionRefresh/2 by @Archie-Miller
What's Changed
- Bump Serilog and System.Diagnostics.DiagnosticSource by @dependabot in #2780
- Update CauseMappings to support transitions correctly by @Archie-Miller #2877
- ConditionRefreshAsync always results in BadNodeIdUnknown by @Archie-Miller #2876
- [Server] GDS Push: Enable regeneratePrivatekey for CreateSigningRequest method of Server by @romanett in #2778
- Client ReadNodes, throw BadInvalidType if a value type returned by an attribute is null by @mregen in #2746
- [Client] Read large dictionaries by @ThomasNehring in #2782
- Server doesn't start up with mixed https endpoints by @mregen in #2789
- #2777 Fix for - MonitoredItem2.OnReportEvent Ignores Session in ISystemContext During Notification Process by @Filippo-Oliva-ABB in #2779
- [Server] update endpoint descriptions after certificate update by @romanett in #2735
- Moved the modified reference server from the unit test to its own file by @ThomasNehring in #2725
- #2656 Fix for - Session is not provided by ClearChangeMasks when a change is notified by @Filippo-Oliva-ABB in #2772
- Revert "#2656 Fix for - Session is not provided by ClearChangeMasks w… by @mregen in #2792
- Fix ExpandedNodeId.Format output for not well formed uri and JSON Verbose WriteStatusCode by @mregen in #2794
- Null pointer exception when reading a complex type from umati server.… by @marcschier in #2798
- Add ReturnDiagnostics to Session Constructor by @romanett in #2810
- IOP: Fix FetchOperationLimits for some use cases by @mregen in #2807
- Update version.json to allow preview builds from develop by @mregen in #2813
- Fix bugs in JSON decoder by @mregen in #2828
- Update brokerHostName before MqttClientOptionsBuilder uses it's value by @mrsuciu in #2830
- Improve crl handling in certificate stores by @romanett in #2829
- Using Uri.TryCreate causes regression with namespace uri that use mixed lower/uppercase letters in the of the Uri. by @KircMax in #2837
- ChannelToken: Dispose HMAC and improve lifetime calculations. by @mregen in #2846
- Added a minimal rogue client detection mechanism at the transport level by @mrsuciu in #2850
- ValidateRolePermissions for MIs montioring the Value of a Node by @romanett in #2809
- [Server] ValidateRolePermissions of MonitoredItems based of the saved user identity to allow validation when no session is present by @romanett in #2832
- Support .NET 9.0 build by @mregen in #2865
- Client perf and memory improvements for JSON encoding and subscriptions by @mregen in #2864
- Register callback to notify about new channel token activation (#2872) by @marcschier in #2873
- [Client] Fix: KeepAliveInterval was not updated on ModifySubscription by @romanett in #2871
- Merge fixes from master in stable branch by @mregen in #2878
- Bump BouncyCastle.Cryptography from 2.4.0 to 2.5.0 by @mregen in #2875
- Allow decoding of extension objects for legacy devices which do not set the length by @mregen in #2869
- Enable mutual tls on server https endpoints by @mrsuciu in #2849
- fix serialization of ApplicationConfiguration /CertificateTrustList by @romanett in #2879
- Merge develop/main374 into release/1.5.374 by @mregen in #2881
New Contributors
- @Filippo-Oliva-ABB made their first contribution in #2779
Full Changelog: 1.5.374.126...1.5.374.158
OPC UA 1.05 Maintenance Update
One urgent bug in complex type decoding and two issues for the JSON encoder were found in the latest release:
- The output of the Pubsub JSON encoder namespace Uri for servers which use a not well formed namespace Uri added a http:// prefix, while the previous implementation passed the non well formed Uri along. To preserve the existing behavior, the change was reverted.
- WriteStatusCode in the JSON encoder could produce invalid JSON when used with NonReversible/Verbose encoding.
- A new issue was found when a complex type contains an empty array (length -1), the binary decoder fails to decode the type with a BadDecodingError.
What's Changed
- Fix ExpandedNodeId.Format output for not well formed uri and JSON Ver… by @mregen in #2795
- Null pointer exception when reading a complex type with empty arrays.… by @marcschier in #2799
Full Changelog: 1.5.374.124...1.5.374.126
OPC UA 1.05 Maintenance Update
1.05.374 Bug fix and JSON Preview Update
This release is based on the 1.05.03 Nodeset with generated files from the ModelCompiler.
The focus in this release was on a preview of the new JSON Compact and Verbose encoding types and bug fixes.
Improvements and bug fixes
- Certificate Directory Store created default folders in the last release which can cause issues when mapping folders in dockers.
Fix: removed to create the default folders until a certificate is stored (behavior before 118) - Fix for the Pubsub Interval runner where the timebase could drift.
- The JSON decoder supports all new encoding type variations including the NodeId encoding as a single JSON string value.
-- It supports to build the namespace table from Uri transferred by a publisher.
JSON encoder preview and known issues
- The JSON encoder supports a preview of new Compact and Verbose encoding types.
- The raw encoding for Compact and Verbose is not implemented yet.
- An enumeration in a Variant in Verbose encoding is encoded as Int32 but contains JSON string values. Tbd.
JSON encoder breaking changes
- The JSON encoder defaults for non reversible encoding were changed according to spec:
-- encode the namespaceUri if available
-- always encode default values
What's Changed
- Bump NUnit.Console from 3.18.1 to 3.18.2 by @dependabot in #2769
- Use HiresClock ticks instead of DateTime for IntervalRunner publish time calculation by @mrsuciu in #2753
- Bump NUnit from 4.1.0 to 4.2.2 by @dependabot in #2742
- Bump Nerdbank.GitVersioning from 3.6.141 to 3.6.143 by @dependabot in #2743
- Pubsub JSON updates preview by @mregen in #2768
- Do not create the default folders for DirectoryStore on Open by @mregen in #2773
- Merge updates to release branch by @mregen in #2776
Full Changelog: 1.5.374.118...1.5.374.124
OPC UA 1.05 August Maintenance Update
1.05.374 August Release
This release is based on the 1.05.03 Nodeset with generated files from the ModelCompiler.
The focus in this release was on security and performance improvements and bug fixes.
Improvements and bug fixes
- Various smaller bug fixes.
- Removed the mandatory client check for a match of the application Uri in the server certificate and the returned endpoint. Many production servers have it incorrectly configured. Open work item to make the check optional.
- Winforms samples were moved to the samples repo. The Reference server Quickstart samples are available in a Nuget package from the preview feed.
- Improve handling of client publish max request count. by @marcschier
- The rejected store can be completely disabled (by @romanett) and the rejected certificate history can be limited with a new setting
MaxRejectedCertificates
. Rejected store is only supported withDirectory
store. - Better support for client browse with a ManagedBrowse implementation, which handles BrowseNext and all various types of errors that can occur. Implicitely also used by the NodeCache and other API that exposed browse functionality. by @ThomasNehring.
- Reduce Server NodeManager contention on high load by moving some dictionaries to ConcurrentDictionary to avoid blocking in service calls.
- Fix a server deadlock in channel cleanup.
- More fuzz targets for the Xml Encoder/decoder. Now all encoders follow the dispose pattern.
Breaking changes
ICertificateStore
has a new memberNoPrivateKeys
and a new methodAddRejected
optimized to save certs with low overhead.CertificateStoreIdentifier.OpenStore
has been flagged deprecated to allow for certificate caching.CertificateStoreIdentifier
withDirectoryStore
supports to cache certificates if the store is just closed, not disposed.- Removed https package from
OPCFoundation.NetStandard.Opc.Ua
and marked it deprecated. Recommended is to set a dependency only to required packages, e.g. Server, Client, GDS.Client etc. to minimize the number of dependencies. - The Basic128Rsa15 policy has been removed from server configurations. It is considered unsafe and should only be used when connecting to legacy devices with no other option.
Released packages
OPCFoundation.NetStandard.Opc.Ua
OPCFoundation.NetStandard.Opc.Ua.Core
OPCFoundation.NetStandard.Opc.Ua.Security.Certificates
OPCFoundation.NetStandard.Opc.Ua.Configuration
OPCFoundation.NetStandard.Opc.Ua.Server
OPCFoundation.NetStandard.Opc.Ua.Client
OPCFoundation.NetStandard.Opc.Ua.Client.ComplexTypes
OPCFoundation.NetStandard.Opc.Ua.Bindings.Https
OPCFoundation.NetStandard.Opc.Ua.PubSub
What's Changed
- remove winforms sample projects from main repo by @romanett in #2626
- Client Structure by @romanett in #2668
- Add test cases which need security none but are currently skipped on a secured server by @mregen in #2678
- Bump NUnit.Console from 3.17.0 to 3.18.1 by @dependabot in #2682
- Remove System.Security.Cryptography.Cng dependency by @mregen in #2688
- Bump Serilog and System.Diagnostics.DiagnosticSource by @dependabot in #2689
- Bump NUnit3TestAdapter from 4.5.0 to 4.6.0 by @dependabot in #2690
- Bump NunitXml.TestLogger from 3.1.20 to 4.0.254 by @dependabot in #2691
- Enhance publish request count management to allow limiting the publish requests to a max count by @marcschier in #2681
- (bug) fix #2697 - m_keepAliveInterval should always be >= kMinKeepAliveTimerInterval by @BoBiene in #2698
- Fix template based constructor in Subscription.cs by @ThomasNehring in #2677
- Added PublisherMqttClientOptions and SubscriberMqttClientOptions for enabling custom configurations. by @mrsuciu in #2672
- Remove default rejected store creation by @romanett in #2696
- More fuzz targets for binary and Xml decoders by @mregen in #2621
- Bump Microsoft.NET.Test.Sdk from 17.9.0 to 17.10.0 by @dependabot in #2701
- [Server] Limit Access to server diagnostics array to Admin User by @romanett in #2695
- Fix CI Build flaky tests by reducing log output, default tests to net8.0, by @mregen in #2704
- Bump Nerdbank.GitVersioning from 3.6.139 to 3.6.141 by @dependabot in #2706
- Bump BenchmarkDotNet from 0.13.12 to 0.14.0 and fix some build issues for legacy platforms by @dependabot in #2707
- Managed Browse and Browse Next for the UA client. by @ThomasNehring in #2673
- Server SDK mistakenly uses SendBufferSize as ReceiveBufferSize and vice versa by @mregen in #2718
- Bump System.Security.Cryptography.Cng from 4.5.2 to 5.0.0 by @dependabot in #2724
- Bump Newtonsoft.Json and System.Runtime.InteropServices.RuntimeInformation by @dependabot in #2723
- Improve reconnect error messages, misc. small improvements by @mregen in #2719
- Remove example of how to select unrecommended RSA15 Policy by @Archie-Miller in #2728
- In the managed browse, pass the request header into browse next. by @ThomasNehring in #2726
- Allow bad status code for optional Attributes in ReadNodes by @NoahHoelterhoff in #2730
- Add tolerance to timestamp validation to reduce excessive future time… by @BoBiene in #2711
- Skip client server cert app uri validation due to IOP issues by @mregen in #2733
- Fix a deadlock in binary channel on cleanup, reduce contention due to locks on high server load by @mregen in #2714
- AddRejected method for ICertificateStore by @mregen in #2720
- Add a 1.05 update notice by @BoBiene in #2709
- Check that DataValue.Value is not null when verifying the event notifier for an object by @kristianmo in #2729
- August release testing: Improve cert blob decoding hot path and fix cert validator semaphore regression by @mregen in #2748
- Remove https package from OPCFoundation.NetStandard.Opc.Ua dependencies, causes build issues. by @mregen in #2751
- Release testing: Fix channel remove issue and channel exhaustion on reconnect by @mregen in #2749
- Merge main in release branch by @mregen in #2750
- Bump Moq from 4.20.70 to 4.20.72 by @dependabot in #2758
- Bump MQTTnet from 4.3.6.1152 to 4.3.7.1207 by @dependabot in #2756
- Bump Microsoft.NET.Test.Sdk from 17.11.0 to 17.11.1 by @dependabot in #2757
- Openstore returns null if CertificateIdentifier is empty by @mregen in #2761
- Merge some fixes for release by @mregen in #2762
New Contributors
- @kristianmo made their first contribution in #2729
Full Changelog: 1.5.374.78...1.5.374.118
OPC UA 1.05 Maintenance Update
Changes:
- 1a7d9b8 Remove m_monitoredItems (#2715)
- d588ece improve server contention, fix a deadlock in binary channel on cleanup
- 4b822fc Bump BenchmarkDotNet from 0.13.12 to 0.14.0 and fix some build issues for legacy platforms (#2707)
- aaf6f7d Bump Nerdbank.GitVersioning from 3.6.139 to 3.6.141 (#2706)
- b81e9d6 Fix CI Build flaky tests by reducing log output, default tests to net8.0, (#2704)
- 02761c7 [Server] Limit Access to server diagnostics array to Admin User (#2695) [ #2691 ]
- afb94e7 Bump missed test dependencies in fuzz test project (#2701)
- 1032d71 More fuzz targets for binary and Xml decoders (#2621)
- 84628ee Remove default rejected store creation (#2696)
- e7ae573 Added PublisherMqttClientOptions and SubscriberMqttClientOptions for allowing custom configuration (#2672)
See More
- d184c9c Fix template based constructor in Subscription.cs (#2677)
- 055d2c5 (bug) fix #2697 - m_keepAliveInterval should always be greater or equal to kMinKeepAliveTimerInterval (#2698)
- 784dde6 Enhance publish request count management to allow limiting the publish requests to a max count (#2681)
- d967bd5 Bump NunitXml.TestLogger from 3.1.20 to 4.0.254 (#2691)
- 49407c2 Bump NUnit3TestAdapter from 4.5.0 to 4.6.0 (#2690)
- 1f6708a Bump Serilog and System.Diagnostics.DiagnosticSource (#2689)
- b48fe7b Remove System.Security.Cryptography.Cng dependency (#2688)
- fd649e9 Bump NUnit.Console from 3.17.0 to 3.18.1 (#2682)
- 2aec785 Add client tests which need security none (#2678)
- 3479eb6 Opc UA Client Structure (#2668)
- 65f245d Remove winforms sample projects from main repo (#2626)
This list of changes was auto generated.
OPC UA 1.05.374 June Maintenance Update
1.05.374 June Release
This release is based on the 1.05.03 Nodeset with generated files from the ModelCompiler.
The focus in this release was on security improvements and bug fixes.
Improvements and bug fixes
- Moved
opc.https
client support back to the core library, to avoid the client dependency on a kestrel server package. Now the opc.https package is only needed to enable server https profile support. - Add back support for netstandard2.0 (excl. complex types) to support some legacy applications.
Please note the following restrictions:
-- no support for the client complex types library due to the lack of support forSystem.Emit
.
-- ECC profiles will not be supported. - Support .NET Framework 4.7.2. as base version for .NET Framework. (previously 4.8)
- Fixes a null reference in the XmlDecoder by @JSGInray
- The client time calculations for keep alive and subscriptions are now based on a contiguous clock counter, so changing the system time should not disconnect or time out sessions and subscriptions. By @mrsuciu.
- Fix issues found by fuzzing the UA Binary and UA Json encoders.
- Fix a regression in the connect function which prevented RegisterServer calls to connect to a LDS. by @MD-V.
- Bump CVE flagged
System.Formats.Asn1
to 8.0.1.
Released packages
OPCFoundation.NetStandard.Opc.Ua
OPCFoundation.NetStandard.Opc.Ua.Core
OPCFoundation.NetStandard.Opc.Ua.Security.Certificates
OPCFoundation.NetStandard.Opc.Ua.Configuration
OPCFoundation.NetStandard.Opc.Ua.Server
OPCFoundation.NetStandard.Opc.Ua.Client
OPCFoundation.NetStandard.Opc.Ua.Client.ComplexTypes
OPCFoundation.NetStandard.Opc.Ua.Bindings.Https
OPCFoundation.NetStandard.Opc.Ua.PubSub
What's Changed
- Fix macOS build, move https client transport back to core and other maintenance, by @mregen in #2659
- Fix NullReference in XmlDecoder.ReadExpandedNodeId by @JSGInray in #2636
- Bump Serilog.Sinks.File and System.Diagnostics.DiagnosticSource by @dependabot in #2654
- [Client] Compute time intervals independent of System Time changes by @mrsuciu in #2639
- Fix exception in TcpTransportlistener OnAccept call by @mregen in #2661
- Fuzzing issues found in June by @mregen in #2663
- Fix: RegisterServer and RegisterServer2 do not initiate connection by @MD-V in #2664
- Fix NodeId compare found by fuzzer, Bump Asn1 Nuget due to security update by @mregen in #2669
- Merge main for June release by @mregen in #2670
Full Changelog: 1.5.374.70...1.5.374.78
OPC UA 1.05 ECC-preview
1.05.375 ECC-preview Release
This release is based on the 1.05.03 Nodeset with generated files from the ModelCompiler.
The focus in this release was on Elliptic Curve Cryptography (ECC) support.
ECC support
- Changes to applications configuration
- Configuration permits specifying multiple application certificate types details
- Bacword compatibility with existing configurations - meaning no ECC just RSA encryption support
- Further details can be found here
Known Limitations
Not all curves are supported by all OS platforms and not all .NET implementations offer cryptographic API support for all curve types.
Due to these limitations, the support for ECC profiles is available starting with the following target platforms: .NET 4.8, .NET standard 2.1 and .NET 5 and above.
The supported ECC curve types are the following:
NistP256
for ECC certificates with NIST P256 curveNistP384
for ECC certificates with NIST P384 curveBrainpoolP256r1
for ECC certificates with Brainpool P256r1 curveBrainpoolP384r1
for ECC certificates with Brainpool P384r1 curve
Released packages
OPCFoundation.NetStandard.Opc.Ua
OPCFoundation.NetStandard.Opc.Ua.Core
OPCFoundation.NetStandard.Opc.Ua.Security.Certificates
OPCFoundation.NetStandard.Opc.Ua.Configuration
OPCFoundation.NetStandard.Opc.Ua.Server
OPCFoundation.NetStandard.Opc.Ua.Client
OPCFoundation.NetStandard.Opc.Ua.Client.ComplexTypes
OPCFoundation.NetStandard.Opc.Ua.Bindings.Https
OPCFoundation.NetStandard.Opc.Ua.PubSub
What's Changed
- Fix special case for reconnect without activate by @mregen in #2643
- Bump Serilog.Sinks.Console and System.Diagnostics.DiagnosticSource by @dependabot in #2642
- Make X509CertificateStore support CRLs on Windows by @romanett in #2571
- [Client] add null check to avoid warning message when checking Security Level for anonymous user token by @romanett in #2646
- Bump Microsoft.IO.RecyclableMemoryStream from 3.0.0 to 3.0.1 by @dependabot in #2649
- Bump Serilog.Sinks.Debug and System.Diagnostics.DiagnosticSource by @dependabot in #2650
- Bump docker/build-push-action from 5 to 6 by @dependabot in #2647
- Bump Serilog.Expressions and System.Diagnostics.DiagnosticSource by @dependabot in #2648
- Fix macOS build, move https client transport back to core and other maintenance, by @mregen in #2659
- Fix NullReference in XmlDecoder.ReadExpandedNodeId by @JSGInray in #2636
- Bump Serilog.Sinks.File and System.Diagnostics.DiagnosticSource by @dependabot in #2654
- [Client] Compute time intervals independent of System Time changes by @mrsuciu in #2639
- Fix exception in TcpTransportlistener OnAccept call by @mregen in #2661
- Fuzzing issues found in June by @mregen in #2663
- Fix: RegisterServer and RegisterServer2 do not initiate connection by @MD-V in #2664
- Create 1.5.375-ECC-preview by @mrsuciu in #2667
Full Changelog: 1.5.374.61-preview...1.5.375.71-ECC-preview
OPC UA 1.05 May Maintenance Update
1.05.374 May Release
This release is based on the 1.05.03 Nodeset with generated files from the ModelCompiler.
The focus in this release was on new features, security improvements and bug fixes.
Improvements and bug fixes
- Client: Fix for a case when the client reconnects automatically but is not sending an
ActivateSession
, so a lotBadSessionInvalid
were logged before theSessionReconnectHandler
was able to recover. These service calls are now immediately returning aBadNotConnected
error, allowing theSessionReconnectHandler
to issue anActivateSession
immediately. - Client: A client sample and bug fix how to use a user certificate for authentication. (thanks @romanett)
- Client: Choose the most secure security profile based on internal rating and not by rating returned by the server endpoint, to avoid accidently selecting a less secure profile if the server doesn't return the proper rating. (thanks @romanett)
- Add CRL support for the
X509CertificateStore
on Windows. Added test cases and validated with CTT cert tests. (thanks @romanett) - GDS: Add method for
GetCertificates
support and fixCheckRevocationStatus
. (thanks @romanett)
Released packages
OPCFoundation.NetStandard.Opc.Ua
OPCFoundation.NetStandard.Opc.Ua.Core
OPCFoundation.NetStandard.Opc.Ua.Security.Certificates
OPCFoundation.NetStandard.Opc.Ua.Configuration
OPCFoundation.NetStandard.Opc.Ua.Server
OPCFoundation.NetStandard.Opc.Ua.Client
OPCFoundation.NetStandard.Opc.Ua.Client.ComplexTypes
OPCFoundation.NetStandard.Opc.Ua.Bindings.Https
OPCFoundation.NetStandard.Opc.Ua.PubSub
What's Changed
- Bump MQTTnet from 4.3.3.952 to 4.3.6.1152 by @dependabot in #2629
- Bump BouncyCastle.Cryptography from 2.3.1 to 2.4.0 by @dependabot in #2630
- Bump Microsoft.NET.Test.Sdk from 17.9.0 to 17.10.0 by @dependabot in #2631
- Fix reopen secure channel without activate by @mregen in #2577
- [Client] Fix UserIdentity for CertificateIdentifer & add parameter for console reference client to specify UserCertificate by @romanett in #2624
- [Client] select the most secure User Identity Token if a server offers multiple ones by @romanett in #2611
- [GDS] Add Method GetCertificates to GDS for Pull Support and ServerConfiguration for Push Support / Fix CheckRevocationStatus by @romanett in #2553
- Bump Serilog and System.Diagnostics.DiagnosticSource by @dependabot in #2633
- Fix special case for reconnect without activate by @mregen in #2643
- Bump Serilog.Sinks.Console and System.Diagnostics.DiagnosticSource by @dependabot in #2642
- Make X509CertificateStore support CRLs on Windows by @romanett in #2571
- [Client] add null check to avoid warning message when checking Security Level for anonymous user token by @romanett in #2646
- Bump Microsoft.IO.RecyclableMemoryStream from 3.0.0 to 3.0.1 by @dependabot in #2649
- Bump Serilog.Sinks.Debug and System.Diagnostics.DiagnosticSource by @dependabot in #2650
- Bump docker/build-push-action from 5 to 6 by @dependabot in #2647
- Bump Serilog.Expressions and System.Diagnostics.DiagnosticSource by @dependabot in #2648
- Prep 1.5.374 May release merge by @mregen in #2652
Full Changelog: 1.5.374.54...1.5.374.70
OPC UA 1.05 Maintenance Update
Changes:
- 33319d2 Bump Serilog and System.Diagnostics.DiagnosticSource (#2633)
- 6ad2873 [GDS] Add Method GetCertificates to GDS for Pull Support and ServerConfiguration for Push Support / Fix CheckRevocationStatus (#2553)
- 8a0349e [Client] select the most secure User Identity Token if a server offers multiple ones (#2611)
- 8a1df6d [Client] Fix UserIdentity for CertificateIdentifer & add parameter for console reference client to specify UserCertificate (#2624)
- ebf8f62 Fix reopen secure channel without activate (#2577)
- 3ba3b17 Bump Microsoft.NET.Test.Sdk from 17.9.0 to 17.10.0 (#2631)
- 1e1de48 Bump BouncyCastle.Cryptography from 2.3.1 to 2.4.0 (#2630)
- e4b880d Bump MQTTnet from 4.3.3.952 to 4.3.6.1152 (#2629)
This list of changes was auto generated.