Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Empty session policyURI #668

Closed
us3r64 opened this issue Jul 28, 2023 · 1 comment
Closed

Empty session policyURI #668

us3r64 opened this issue Jul 28, 2023 · 1 comment
Milestone
v0.5.2

Comments

@us3r64
Copy link
Contributor

us3r64 commented Jul 28, 2023

The session policyURI can be empty from GetEndpoints so NewUserTokenSignature method of SecureChannel is going to fail.

https://github.com/gopcua/opcua/blob/main/uasc/secure_channel_crypto.go#L103

Based on the OPC UA specs, the security policy for the SecureChannel should be used in that case.
(Looks like EncryptUserPassword is following this: https://github.com/gopcua/opcua/blob/main/uasc/secure_channel_crypto.go#L67)

https://reference.opcfoundation.org/Core/Part4/v104/docs/7.37

The security policy to use when encrypting or signing the UserIdentityToken when it is passed to the Server in the ActivateSession request. Clause 7.36 describes how this parameter is used. The security policy for the SecureChannel is used if this value is null or empty.
@us3r64 us3r64 mentioned this issue Jul 28, 2023
Merged
@pyrat
Copy link

pyrat commented Aug 29, 2023

This is affecting me as well. @kung-foo does this look reasonable to you?

@magiconair magiconair modified the milestones: v0.5.3, v0.5.2 Oct 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.5.2
Development

No branches or pull requests
4 participants
@pyrat @magiconair @us3r64 @kung-foo