Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update opc-f.netstandard to 1.5.374.158 #86

Merged
merged 1 commit into from
Dec 9, 2024
Merged

chore(deps): update opc-f.netstandard to 1.5.374.158 #86

merged 1 commit into from
Dec 9, 2024

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Dec 4, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
OPCFoundation.NetStandard.Opc.Ua.Client 1.5.374.126 -> 1.5.374.158 age adoption passing confidence
OPCFoundation.NetStandard.Opc.Ua.Client.ComplexTypes 1.5.374.126 -> 1.5.374.158 age adoption passing confidence
OPCFoundation.NetStandard.Opc.Ua.Gds.Client.Common 1.5.374.126 -> 1.5.374.158 age adoption passing confidence

Release Notes

OPCFoundation/UA-.NETStandard (OPCFoundation.NetStandard.Opc.Ua.Client)

v1.5.374.158: OPC UA 1.05 Maintenance Update

Compare Source

1.05.374 roll up until Dec 4th.

This release is based on the 1.05.03 Nodeset with generated files from the ModelCompiler.
The focus in this release was on perf improvements and bug fixes.

Breaking change

Based on a recent security review, the Https server endpoints enforce by request TLS mutual authentication and change behavior without.
It is highly recommended to only use mutual TLS authentication. Some clients may not support the new scheme yet.

A new configuration variable

    <HttpsMutualTls>true</HttpsMutualTls>

enables or disables the mutual TLS authentication support (default: true).

The behavior of the https TLS endpoint changes according to the following settings:

HttpsMutualTls is true
  • The server checks the trust on the certificate which is used by the client for TLS authentication. It must be a valid OPC UA application certificate which is trusted.
  • A client can still connect without providing a client certificate, but then it is only able to call discovery services.
  • In order to create a session, the client must use the same application certificate that was used for the TLS channel.
HttpsMutualTls is false
  • There is no application authentication. The server endpoint uses security None and there is no client application authentication.
  • Instead, only user authentication is used to secure the server, anonymous user authentication is disabled.
  • Discovery service calls are supported.
Enhancements
  • Supports native .NET 9 assemblies. A new X509CertificateLoader was introduced for older .NET versions to keep the code readable without ifdef.
  • Server GDS Push CreateSigningRequest supports regeneration of the public/private key pair. by @​romanett.
  • Callback to notify about channel token renewal.
  • Server detection algorithm for clients which try to exploit the known Basic128Rsa15 vulnerability.
Bug fixes
  • Client ReadNodes throws an BadInvalidType if a value type returns null.
  • Client reading of large dictionaries is split in chunks. by @​ThomasNehring.
  • Mixed opc.https and https endpoint prevent a server from starting up .
  • Server endpoint certificates were not updated after GDS Push UpdateCertificate. by @​romanett.
  • Event reports ignore session context. by @​Filippo-Oliva-ABB.
  • Accept namespace Uri which are not well formed. Stricter handling was added in previous release, but for IOP is again relaxed.
  • Reading complex types from a server could cause a null pointer exception in BinaryDecoder. by @​marcschier.
  • Reading operation limits could cause an exception (thus operation limits were ignored).
  • CRL with invalid content could cause exception when reading property with lazy decoding, decode CRL always when constructore is called to catch issues early.
  • Channel token HMAC references were not disposed after a channel renew.
  • Allow decoding of extension objects which set the length to -1.
What's Changed
New Contributors

Full Changelog: OPCFoundation/UA-.NETStandard@1.5.374.126...1.5.374.158

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@GoetzGoerisch GoetzGoerisch merged commit c7a5da5 into upstream Dec 9, 2024
31 checks passed
@renovate renovate bot deleted the renovate/opc-f.netstandard branch December 9, 2024 08:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
OPC-F.NetStandard
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@GoetzGoerisch