invalid nonce when opening secure channel #182
Comments
|
Here is a packet capture of the exchange between the "example server" from this repo and an out-of-the-box ignition client: Here is a screenshot of what ignition shows:
|
|
I tracked down this issue to 5c20ed8 The server sends a nonce composed of 32 zeroes instead of the previous correct behavior of not including a nonce when the security policy is None. |
lovasoa
added a commit
to lovasoa/opcua
that referenced
this issue
Mar 24, 2022
Fixes locka99#182 Reverts a change introduced in 5c20ed8
lovasoa
added a commit
to lovasoa/milo
that referenced
this issue
Mar 24, 2022
See locka99/opcua#182 Rust's [opcua-server](https://crates.io/crates/opcua-server) v0.9.0 sends an all-zero nonce for security policies where no nonce is required. There is no reason to throw an error in this case, since the nonce is not used anyway.
|
Yes I think this nonce stuff goes back and forth depending on the implementation being used against. The spec doesn't specify a nonce length and some client/server combinations want it and others do not |
|
I might revert it back to 0 but I'll have to review the change that put it to 32 bytes |
|
You can send a null nonce to signal you don't have a nonce when the security policy is none, but sending an all-zero nonce is a big no no, in any situation. |
|
You never want to end up in a situation where you use an all-zeroes array instead of a random nonce. |
|
I meant a zero length nonce |
locka99
pushed a commit
that referenced
this issue
Apr 5, 2022
* fix server connexions from ignition Fixes #182 Reverts a change introduced in 5c20ed8 * Never send an all-zeroes nonce See GHSA-pq4w-qm9g-qx68 (and eclipse/milo#949)
locka99
pushed a commit
that referenced
this issue
Apr 7, 2022
* fix server connexions from ignition Fixes #182 Reverts a change introduced in 5c20ed8 * Never send an all-zeroes nonce See GHSA-pq4w-qm9g-qx68 (and eclipse/milo#949)
schroeder-
added a commit
to schroeder-/opcua
that referenced
this issue
May 6, 2022
commit 93aafe1 Author: Thomas Bracht Laumann Jespersen <tj@omnio.net> Date: Tue May 3 22:39:51 2022 +0200 types/variant: fix cast to i32 that might result in negative number (locka99#200) When array_length is decoded and greater than zero, the configured decoding options are checked, casting max_array_length to i32. The type is a usize. We set max_array_length = usize::MAX, resulting the cast to produce -1 (as an i32) and returning BadEncodingLimitsExceeded. Given that array_length is cast to a usize immediately after this check, it makes sense to first convert to it to usize and perform the comparison on usize instead of i32. commit b942374 Author: Adam Lock <locka99@gmail.com> Date: Mon May 2 22:01:50 2022 +0100 Work on adding a docker image of the demo server. Not quite functional yet commit 3b052d0 Author: Adam Lock <locka99@gmail.com> Date: Mon Apr 18 22:20:30 2022 +0100 Move migration notes to a separate file. commit 4f03395 Author: Adam Lock <locka99@gmail.com> Date: Mon Apr 18 16:16:11 2022 +0100 Switch to parking_lot RwLock and Mutex commit 389c930 Author: Adam Lock <locka99@gmail.com> Date: Sun Apr 17 16:21:39 2022 +0100 Experiment - add integration tests to Linux build commit 79368fa Author: Adam Lock <locka99@gmail.com> Date: Sat Apr 16 11:46:40 2022 +0100 Update link in status badge commit 8937c5e Author: Adam Lock <locka99@gmail.com> Date: Sat Apr 16 11:44:48 2022 +0100 Fix badge in README.md and add a migration section for 0.9 and below. commit 3653b15 Author: Adam Lock <locka99@gmail.com> Date: Sat Apr 16 10:18:27 2022 +0100 Workaround CI/CD openssl issues another way commit 1aae5d6 Author: Adam Lock <locka99@gmail.com> Date: Thu Apr 14 15:46:01 2022 +0100 More Github Actions work commit ff956f8 Author: Adam Lock <locka99@gmail.com> Date: Thu Apr 14 15:13:53 2022 +0100 Github actions work commit eef216a Author: Adam Lock <locka99@gmail.com> Date: Thu Apr 14 00:41:03 2022 +0100 One last try commit 1fc5efa Author: Adam Lock <locka99@gmail.com> Date: Thu Apr 14 00:36:01 2022 +0100 Remove cmd commit 84afa8d Author: Adam Lock <locka99@gmail.com> Date: Thu Apr 14 00:31:30 2022 +0100 Try to fix openssl another way commit e794368 Author: Adam Lock <locka99@gmail.com> Date: Thu Apr 14 00:21:29 2022 +0100 Use an if statement to unify build pipeline for Windows & Linux commit 7623b01 Author: Adam Lock <locka99@gmail.com> Date: Thu Apr 14 00:13:11 2022 +0100 Try to install OpenSSL for Windows job commit 0541c10 Author: Adam Lock <locka99@gmail.com> Date: Thu Apr 14 00:06:10 2022 +0100 Get rid of travis & appveyor ci/cd files commit e0edff6 Author: Adam Lock <locka99@gmail.com> Date: Wed Apr 13 23:57:55 2022 +0100 Improve github actions to build Linux and Windows, update README.md to point at it commit 1ceeed8 Author: Adam Lock <locka99@gmail.com> Date: Wed Apr 13 23:57:25 2022 +0100 Add comments to features in Cargo.toml commit 5654c76 Author: Adam Lock <locka99@gmail.com> Date: Tue Apr 12 23:18:07 2022 +0100 Update Cargo.toml to fix description & url commit 9e49973 Author: locka99 <locka99@gmail.com> Date: Wed Apr 13 23:42:22 2022 +0100 Create rust.yml Add action to replace Travis CI/CD commit 2a06cb1 Author: Adam Lock <locka99@gmail.com> Date: Tue Apr 12 23:07:21 2022 +0100 Update docs commit d693711 Author: Adam Lock <locka99@gmail.com> Date: Tue Apr 12 23:01:41 2022 +0100 Version bump to 0.11.0 commit fca6cde Author: Adam Lock <locka99@gmail.com> Date: Tue Apr 12 22:54:50 2022 +0100 Update changelog commit 668f0f8 Merge: 5a267b4 3455b65 Author: Adam Lock <locka99@gmail.com> Date: Tue Apr 12 22:40:22 2022 +0100 Merge remote-tracking branch 'origin/master' into single-crate # Conflicts: # lib/src/client/session/session_state.rs # lib/src/client/subscription_state.rs # lib/src/core/comms/secure_channel.rs commit 3455b65 Author: Sander van Harmelen <sander@vanharmelen.nl> Date: Tue Apr 12 21:51:33 2022 +0200 Make sure subscriptions are kept alive (locka99#187) Thanks I'll take it commit 9b4d1b2 Author: Sander van Harmelen <sander@vanharmelen.nl> Date: Tue Apr 12 21:43:36 2022 +0200 Make the logic to ignore clock skew more robust (locka99#191) We encounted a Heuft OPC server that didn’t send a timestamp in the `OpenSecureChannelResponse` message. Yet it did send the correct timestamp in all other responses, so by adding a few more checks and also updating the offset on session creation fixes the problem. And at the same time it can help to prevent new clock skew in cases where the channel is kept alive very long and new sessions are created within the existing channel. commit 5a267b4 Author: Adam Lock <locka99@gmail.com> Date: Tue Apr 12 19:00:55 2022 +0100 Update docs commit 5f899b6 Author: Adam Lock <locka99@gmail.com> Date: Tue Apr 12 18:56:48 2022 +0100 Update docs commit 1bcef6a Author: Adam Lock <locka99@gmail.com> Date: Tue Apr 12 17:15:14 2022 +0100 Building and passing tests commit b798a4f Author: Adam Lock <locka99@gmail.com> Date: Tue Apr 12 00:10:27 2022 +0100 Work in progress commit a12931b Author: Adam Lock <locka99@gmail.com> Date: Mon Apr 11 23:56:24 2022 +0100 Work in progress commit aa10213 Author: Adam Lock <locka99@gmail.com> Date: Mon Apr 11 23:21:06 2022 +0100 Work in progress commit f253f40 Author: Ophir LOJKINE <pere.jobs@gmail.com> Date: Tue Apr 5 23:51:02 2022 +0200 fix server connexions from ignition (locka99#183) * fix server connexions from ignition Fixes locka99#182 Reverts a change introduced in 5c20ed8 * Never send an all-zeroes nonce See GHSA-pq4w-qm9g-qx68 (and eclipse/milo#949) commit 200ea9d Author: Adam Lock <locka99@gmail.com> Date: Tue Apr 5 22:48:08 2022 +0100 Update CHANGELOG.md commit 0e9a7b3 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Mar 29 22:31:23 2022 +0100 Bump minimist from 1.2.5 to 1.2.6 in /tools/schema (locka99#185) Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 70bd6dd Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 29 21:29:51 2022 +0100 Work in progress commit 0f834b4 Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 29 21:02:15 2022 +0100 Work in progress commit 69ebfef Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 29 16:42:33 2022 +0100 Work in progress commit 13e5132 Merge: c67f27b 5d5bafd Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 29 16:02:34 2022 +0100 Merge remote-tracking branch 'origin/master' into single-crate # Conflicts: # Cargo.lock # crypto/Cargo.toml # server/Cargo.toml commit c67f27b Author: Adam Lock <locka99@gmail.com> Date: Thu Mar 24 23:50:17 2022 +0000 Merge from master commit 5d5bafd Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 29 13:55:29 2022 +0100 Add an integration test that calls a method on a server from a client. commit fe3a3fc Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 29 12:38:35 2022 +0100 Fix wrong callback for method in demo server commit 230da16 Author: Ophir LOJKINE <pere.jobs@gmail.com> Date: Tue Mar 22 17:15:30 2022 +0100 dependencies update to prevent duplicated dependencies (locka99#178) See locka99#177 commit 70aec38 Author: Adam Lock <locka99@gmail.com> Date: Sun Mar 20 20:54:30 2022 +0000 Release 0.9, Bump versions to 0.10 commit 34da1b9 Author: Adam Lock <locka99@gmail.com> Date: Sat Mar 19 21:05:34 2022 +0000 Update changelog commit 1f12b87 Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 8 23:07:05 2022 +0000 Fix failing integration test commit 985d383 Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 8 22:22:17 2022 +0000 Fix compiler error commit bec8834 Author: Adam Lock <locka99@gmail.com> Date: Sun Mar 6 22:21:16 2022 +0000 Ignore some junk commit cebab68 Author: Marcus Ilgner <mail@marcusilgner.com> Date: Thu Mar 3 13:57:43 2022 +0100 fix: don't send CloseSession requests for unregistered sessions (locka99#156) commit 50c9e0e Author: Adam Lock <locka99@gmail.com> Date: Wed Mar 2 23:22:48 2022 +0000 Clippy fixes commit 9c1e97d Author: Ophir LOJKINE <pere.jobs@gmail.com> Date: Wed Mar 2 22:59:42 2022 +0100 do not crash when a getter returns an error (locka99#173) fixes locka99#172 commit 414fafa Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 1 23:29:14 2022 +0000 Clippy fixes commit 5d3ef2a Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 1 23:16:18 2022 +0000 More clippy fixes commit 2d43135 Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 1 22:54:40 2022 +0000 Fix a missing tokio version commit 1b4b27f Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 1 22:28:03 2022 +0000 Clippy fixes commit 9820877 Author: Adam Lock <locka99@gmail.com> Date: Tue Mar 1 22:11:38 2022 +0000 Make Tokio dependencies more coarse commit cfe95ea Author: Alexander Schrode <Midix01@googlemail.com> Date: Mon Feb 28 21:56:12 2022 +0100 Support missing VariantTypes (locka99#171) Thanks I'll take it though a variant containing a variant seems weird. I'm assuming it's in the spec? commit 3efa126 Author: Adam Lock <locka99@gmail.com> Date: Wed Feb 23 00:00:08 2022 +0000 Issue locka99#165 make more descriptive errors for config loader errors - print serde error in log output commit 4c3ae26 Author: Marcus Ilgner <mail@marcusilgner.com> Date: Sun Feb 20 23:00:33 2022 +0100 fix(crypto): use constant-time comparison for hash verification (locka99#149) All credit goes to @phlay for pointing this out. Using regular comparison on the byte slice will abort as soon as the first byte doesn't match. This could open up the system to timing attacks on the verification. Using `openssl::memcmp::eq`, the comparison runs in constant-time. commit 3e635cc Author: Adam Lock <locka99@gmail.com> Date: Sun Feb 20 21:48:39 2022 +0000 Add a stub fuzzer for core although it needs to put a prefix on messages to ensure proper chance of testing. commit 65d15df Author: Adam Lock <locka99@gmail.com> Date: Sun Feb 20 21:47:39 2022 +0000 Update comment commit 235d61f Author: Adam Lock <locka99@gmail.com> Date: Sun Feb 20 18:28:05 2022 +0000 Fix for a panic caused by integer overflow in deserialize commit 5efc08f Author: Adam Lock <locka99@gmail.com> Date: Sun Feb 20 18:04:42 2022 +0000 Fix for a array deserialize panic found during fuzz testing commit 633b60a Author: Adam Lock <locka99@gmail.com> Date: Sun Feb 13 18:29:49 2022 +0000 Fix for a panic found during fuzz testing commit 8701d1f Author: Adam Lock <locka99@gmail.com> Date: Sun Feb 13 17:28:28 2022 +0000 Add a simple fuzz tester, from Linux & nightly - cargo fuzz run fuzz_target_1 commit d3621a1 Author: Adam Lock <locka99@gmail.com> Date: Thu Feb 3 15:23:16 2022 +0000 Cleanup type generation, reinstate whitespaces. Fix filename in autogenerated comment to be correct commit ce88915 Author: Alexander Schrode <Midix01@googlemail.com> Date: Sat Jan 15 18:08:21 2022 +0100 schema: allow code generation from bsd (locka99#154) commit 98d08dd Author: Adam Lock <locka99@gmail.com> Date: Tue Jan 11 19:20:03 2022 +0000 Update tokio and dependencies for other crates commit aaf73a2 Author: Adam Lock <locka99@gmail.com> Date: Tue Jan 11 11:11:56 2022 +0000 Shorten name of mutex / rwlock trace macros. commit 64844b9 Author: Adam Lock <locka99@gmail.com> Date: Mon Jan 10 23:43:51 2022 +0000 Update copyright message in source code. commit 060692e Author: Adam Lock <locka99@gmail.com> Date: Mon Jan 10 23:38:15 2022 +0000 Add a sample cbindgen.toml. Probably not much use without C functions but may have some purpose. commit e3046aa Author: Adam Lock <locka99@gmail.com> Date: Mon Dec 20 12:56:27 2021 +0000 Fix an issue spotted after code landed where error not propagated due to missing ? commit b2c2318 Author: Adam Lock <locka99@gmail.com> Date: Mon Dec 20 12:54:00 2021 +0000 Issue locka99#147, don't return a session from helper fn if the connection failed. commit cfee2e5 Author: Adam Lock <locka99@gmail.com> Date: Sun Dec 19 15:14:29 2021 +0000 Expose decoding limits to the config file commit bda2247 Merge: 08b832e 89ea484 Author: Adam Lock <locka99@gmail.com> Date: Sun Dec 19 13:08:14 2021 +0000 Merge remote-tracking branch 'origin/master' commit 08b832e Author: Adam Lock <locka99@gmail.com> Date: Tue Dec 7 23:37:24 2021 +0000 Expose decoding limits to the config file commit 89ea484 Author: Clayton Davidson <clayton.davidson847@topper.wku.edu> Date: Sat Nov 27 14:08:20 2021 -0500 Forgot quotation (locka99#143) commit b015afd Author: Kimi MA <jijun.ma@cn.abb.com> Date: Sun Nov 28 03:07:37 2021 +0800 fix docs typo (locka99#144) * fix docs typo * add missing quote commit 949dd7f Author: Marcus Ilgner <mail@marcusilgner.com> Date: Sat Nov 20 14:25:43 2021 +0100 feat: use CloseSession request when disconnecting (locka99#138) commit c0895fe Author: Adam Lock <locka99@gmail.com> Date: Mon Nov 1 12:55:36 2021 +0000 Update security profile section commit 2f66ed4 Author: Adam Lock <locka99@gmail.com> Date: Mon Nov 1 12:55:19 2021 +0000 Update fn comments commit aa132ee Author: Adam Lock <locka99@gmail.com> Date: Mon Nov 1 11:05:21 2021 +0000 Remove some stuff about synchronous I/O which is no longer relevant. commit 9c2f46e Author: Adam Lock <locka99@gmail.com> Date: Sat Oct 16 20:05:46 2021 +0100 Some tidy up of document commit 4d6111d Author: Adam Lock <locka99@gmail.com> Date: Sun Oct 31 09:57:21 2021 +0000 Refactor server start up so caller can supply their own tokio runtime commit 141cab9 Author: Adam Lock <locka99@gmail.com> Date: Sat Oct 30 17:59:39 2021 +0100 Use a read instead of write lock in a couple of places that don't need to write. commit 9036764 Author: Adam Lock <locka99@gmail.com> Date: Thu Oct 28 20:29:40 2021 +0100 Fix a deadlock in GetMonitoredItems method call. Compliance improvements. commit c458d4e Author: Adam Lock <locka99@gmail.com> Date: Thu Oct 28 09:47:47 2021 +0100 Update test configuration commit 8c10747 Author: Adam Lock <locka99@gmail.com> Date: Wed Oct 27 19:30:14 2021 +0100 Make nonce setting more lenient when policy is None commit 9786294 Author: Adam Lock <locka99@gmail.com> Date: Wed Oct 27 17:26:49 2021 +0100 Change a sentence. commit 005a9f2 Author: Adam Lock <locka99@gmail.com> Date: Wed Oct 27 10:30:30 2021 +0100 Update client docs a bit, also a note in wishlist about supporting .pem format certs. commit 632d94c Author: Adam Lock <locka99@gmail.com> Date: Wed Oct 27 10:00:18 2021 +0100 Update tokio documentation. commit a0e54a6 Author: Adam Lock <locka99@gmail.com> Date: Tue Oct 26 17:26:30 2021 +0100 Fix some compiler & lint warnings commit 55031ed Author: Adam Lock <locka99@gmail.com> Date: Tue Oct 26 17:09:04 2021 +0100 Fix some compiler warnings commit 280ca5e Author: Adam Lock <locka99@gmail.com> Date: Tue Oct 12 23:58:20 2021 +0100 Add timestamps_to_return and max_age as params to client read() commit 0ff9c9e Author: Adam Lock <locka99@gmail.com> Date: Tue Oct 12 23:57:47 2021 +0100 Remove unused import commit 1723991 Author: Adam Lock <locka99@gmail.com> Date: Sun Oct 10 13:34:09 2021 +0100 Allow nonce to be set even with security mode of none. User identity token policy might use the nonce, so allow it to be supplied, but at present there is no logic to check what the length should be. commit 74800a5 Author: Adam Lock <locka99@gmail.com> Date: Sun Oct 10 13:31:54 2021 +0100 Modify changelog to mention better client performance commit 25c623e Merge: 1a3c055 e50cda4 Author: Adam Lock <locka99@gmail.com> Date: Sun Oct 3 18:06:01 2021 +0100 Merge branch 'remove-client-polling' into master commit 1a3c055 Author: Adam Lock <locka99@gmail.com> Date: Sun Oct 3 14:46:07 2021 +0100 Fix compiler warning commit e50cda4 Author: Adam Lock <locka99@gmail.com> Date: Sun Oct 3 16:31:39 2021 +0100 Remove client polling loop by using sync sender commit 46f1be2 Author: Adam Lock <locka99@gmail.com> Date: Sun Oct 3 14:46:07 2021 +0100 Fix compiler warning commit 4527d41 Author: Alexander Schrode <Midix01@googlemail.com> Date: Sun Sep 26 20:46:06 2021 +0200 decode null array (locka99#136) Make it possible to decode a null array. commit 758a6b1 Author: Adam Lock <locka99@gmail.com> Date: Tue Aug 24 23:44:00 2021 +0100 Issue 133, strip forward slash from file name commit 1dbca0e Merge: 9f31490 a2f1997 Author: Adam Lock <locka99@gmail.com> Date: Fri Aug 6 07:08:50 2021 +0100 Merge remote-tracking branch 'origin/client-less-threads' commit 9f31490 Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 10:44:28 2021 +0100 Shrinkwrap package deps commit a2f1997 Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 12:34:59 2021 +0100 Fix compiler warning commit 7263c90 Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 12:34:49 2021 +0100 Remove some mut / write locks commit 2e26b19 Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 11:43:45 2021 +0100 Change most of Session functions to take immutable &self commit e3f6b06 Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 10:44:28 2021 +0100 Shrinkwrap package deps commit 94e31be Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 10:09:22 2021 +0100 Get rid of empty derive macros inside of bitflags enums commit b86495e Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 10:09:22 2021 +0100 Get rid of empty derive macros inside of bitflags enums commit 9e7095c Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 09:41:51 2021 +0100 Fix annoying compiler warnings commit 7f3d08a Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 09:58:37 2021 +0100 Some documentation laying down thoughts on making stuff async commit 5a3da2e Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 09:57:33 2021 +0100 Refactor Session into its own module, and use traits to define caller interfaces commit 86a0e18 Author: Adam Lock <locka99@gmail.com> Date: Thu Aug 5 09:41:51 2021 +0100 Fix annoying compiler warnings commit 2b302fc Author: Adam Lock <locka99@gmail.com> Date: Wed Aug 4 14:53:13 2021 +0100 Add some tokio notes commit c18c5f1 Author: Adam Lock <locka99@gmail.com> Date: Wed Aug 4 14:51:01 2021 +0100 Rollback some changes commit 1ed8caf Author: Adam Lock <locka99@gmail.com> Date: Wed Aug 4 10:49:43 2021 +0100 Less thread work commit c44a35f Author: Adam Lock <locka99@gmail.com> Date: Tue Aug 3 10:41:57 2021 +0100 Experimental work to reduce number of client threads down to 1 or 2 in minimal config commit 3462e6a Author: Adam Lock <locka99@gmail.com> Date: Mon Aug 2 10:49:21 2021 +0100 Rename some enums to disambiguate them from a struct with the same name commit d1c9e68 Author: Adam Lock <locka99@gmail.com> Date: Mon Aug 2 10:44:23 2021 +0100 Add explicit multi_threaded_executor() fn to server builder commit 7a2dd0f Author: Adam Lock <locka99@gmail.com> Date: Mon Aug 2 09:00:37 2021 +0100 Add a builder command to choose a multi-threaded executor commit 092e26e Author: Adam Lock <locka99@gmail.com> Date: Mon Aug 2 08:58:47 2021 +0100 Change client to default single_threaded_executor to false which probably makes more sense. commit 789115e Author: Adam Lock <locka99@gmail.com> Date: Mon Aug 2 08:51:38 2021 +0100 Documentation changes commit a6a3a3d Author: Adam Lock <locka99@gmail.com> Date: Sun Aug 1 20:28:18 2021 +0100 Make default cert file name match those in client/server commit fade500 Author: Adam Lock <locka99@gmail.com> Date: Sun Aug 1 11:27:51 2021 +0100 Fix for failing build commit 6d4dd1e Author: Adam Lock <locka99@gmail.com> Date: Sun Aug 1 11:00:40 2021 +0100 Use tokio for client session's main processing loop commit 7a243b8 Author: Adam Lock <locka99@gmail.com> Date: Thu Jul 29 12:14:54 2021 +0100 Fix a JS error in server status html commit 8cda7d2 Author: Adam Lock <locka99@gmail.com> Date: Thu Jul 29 11:34:54 2021 +0100 Update to Tokio 1.8.x LTS release commit 61ed575 Author: Adam Lock <locka99@gmail.com> Date: Sun Jul 25 10:36:43 2021 +0100 Refactor server so to allow for multiple sessions to be created in the same transport. Some minor changes to configuration file. Fixes for invalid TimestampsToReturn & BrowseDirection deserializing. commit a67327e Author: Adam Lock <locka99@gmail.com> Date: Sat Jul 24 08:54:34 2021 +0100 Reformat docs commit 2ce4c01 Author: Adam Lock <locka99@gmail.com> Date: Tue Jul 13 23:17:23 2021 +0100 Add a find relative path test commit 0df9576 Author: Adam Lock <locka99@gmail.com> Date: Mon Jul 12 23:43:06 2021 +0100 Create a find_nodes_relative_path_simple for browsing nodes by a string path commit 2bd6ddf Author: Sander van Harmelen <sander@vanharmelen.nl> Date: Tue Jul 6 23:41:43 2021 +0200 Add a log trace that shows the response (locka99#119) commit 4d359b4 Author: Alexander Schrode <Midix01@googlemail.com> Date: Thu Jun 24 22:45:42 2021 +0200 Async Padding use remote certificate keylength (locka99#116) * Use correct certificate * run fmt * Use remote certificate for padding * Some cleanups commit a9cd7fb Author: Sander van Harmelen <sander@vanharmelen.nl> Date: Thu Jun 24 22:44:24 2021 +0200 Fix the rustfmt skip logic as it breaks with Rust 1.53 (locka99#117) Instead of inserting `#[rustfmt::skip]` the files that need to be excluded are now described in the `rustfmt.toml` file.
einarmo
pushed a commit
to einarmo/opcua
that referenced
this issue
Mar 26, 2024
* fix server connexions from ignition Fixes locka99#182 Reverts a change introduced in 8c6b9a9 * Never send an all-zeroes nonce See GHSA-pq4w-qm9g-qx68 (and eclipse/milo#949)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When trying to connect to a rust opcua server with a SecurityPolicy of None from ignition, one gets the following error:
Indeed, it looks like the server always sends a null string instead of a random nonce
https://reference.opcfoundation.org/v104/Core/docs/Part4/5.5.2/
The text was updated successfully, but these errors were encountered: