Merge pull request #2574 from OPCFoundation/master

Merge main in release build

.azurepipelines/signlistDebug.txt

@@ -1,3 +1,4 @@
+Stack\Opc.Ua.Core\bin\Debug\netstandard2.0\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Debug\netstandard2.1\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Debug\net48\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Debug\net6.0\Opc.Ua.Core.dll
@@ -30,6 +31,7 @@ Libraries\Opc.Ua.Gds.Server.Common\bin\Debug\netstandard2.1\Opc.Ua.Gds.Server.Co
 Libraries\Opc.Ua.Gds.Server.Common\bin\Debug\net48\Opc.Ua.Gds.Server.Common.dll
 Libraries\Opc.Ua.Gds.Server.Common\bin\Debug\net6.0\Opc.Ua.Gds.Server.Common.dll
 Libraries\Opc.Ua.Gds.Server.Common\bin\Debug\net8.0\Opc.Ua.Gds.Server.Common.dll
+Libraries\Opc.Ua.Security.Certificates\bin\Debug\netstandard2.0\Opc.Ua.Security.Certificates.dll
 Libraries\Opc.Ua.Security.Certificates\bin\Debug\netstandard2.1\Opc.Ua.Security.Certificates.dll
 Libraries\Opc.Ua.Security.Certificates\bin\Debug\net48\Opc.Ua.Security.Certificates.dll
 Libraries\Opc.Ua.Security.Certificates\bin\Debug\net6.0\Opc.Ua.Security.Certificates.dll

.azurepipelines/signlistRelease.txt

@@ -1,3 +1,4 @@
+Stack\Opc.Ua.Core\bin\Release\netstandard2.0\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Release\netstandard2.1\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Release\net48\Opc.Ua.Core.dll
 Stack\Opc.Ua.Core\bin\Release\net6.0\Opc.Ua.Core.dll
@@ -30,6 +31,7 @@ Libraries\Opc.Ua.Gds.Server.Common\bin\Release\netstandard2.1\Opc.Ua.Gds.Server.
 Libraries\Opc.Ua.Gds.Server.Common\bin\Release\net48\Opc.Ua.Gds.Server.Common.dll
 Libraries\Opc.Ua.Gds.Server.Common\bin\Release\net6.0\Opc.Ua.Gds.Server.Common.dll
 Libraries\Opc.Ua.Gds.Server.Common\bin\Release\net8.0\Opc.Ua.Gds.Server.Common.dll
+Libraries\Opc.Ua.Security.Certificates\bin\Release\netstandard2.0\Opc.Ua.Security.Certificates.dll
 Libraries\Opc.Ua.Security.Certificates\bin\Release\netstandard2.1\Opc.Ua.Security.Certificates.dll
 Libraries\Opc.Ua.Security.Certificates\bin\Release\net48\Opc.Ua.Security.Certificates.dll
 Libraries\Opc.Ua.Security.Certificates\bin\Release\net6.0\Opc.Ua.Security.Certificates.dll

.azurepipelines/test.yml

@@ -22,10 +22,11 @@ jobs:
     inputs:
       targetType: filePath
       filePath: ./.azurepipelines/get-matrix.ps1
-      arguments: -FileName azure-pipelines.yml -AgentTable ${{ parameters.agents }}
+      arguments: -FileName *.Tests.csproj -AgentTable ${{ parameters.agents }}
 - job: testall${{ parameters.jobnamesuffix }}
   displayName: Tests (${{ parameters.framework }})
   dependsOn: testprep${{ parameters.jobnamesuffix }}
+  timeoutInMinutes: 120
   strategy:
     matrix: $[dependencies.testprep${{ parameters.jobnamesuffix }}.outputs['testmatrix.jobMatrix'] ]
   variables:
@@ -62,12 +63,12 @@ jobs:
     displayName: Restore ${{ parameters.configuration }}
     inputs:
       command: restore
-      projects: '**/*.Tests.csproj'
+      projects: $(file)
       arguments: '${{ variables.DotCliCommandline }} --configuration ${{ parameters.configuration }}'
   - task: DotNetCoreCLI@2
     displayName: Test ${{ parameters.configuration }}
-    timeoutInMinutes: 60
+    timeoutInMinutes: 30
     inputs:
       command: test
-      projects: '**/*.Tests.csproj'
+      projects: $(file)
       arguments: '--no-restore ${{ variables.DotCliCommandline }} --configuration ${{ parameters.configuration }}'

.editorconfig

@@ -336,6 +336,12 @@ dotnet_diagnostic.IDE1005.severity                                            =
 # CA1305: Specify IFormatProvider
 dotnet_diagnostic.CA1305.severity                                             = warning
 
+# CA1819: Properties should not return arrays
+dotnet_diagnostic.CA1819.severity                                             = silent
+
+# CA1721: The property name is confusing given the existence of another method with the same name.
+dotnet_diagnostic.CA1721.severity                                             = silent
+
 # exclude generated code
 [**/Generated/*.cs]
 generated_code = true

Docs/NugetREADME.md

@@ -0,0 +1,36 @@
+# OPC UA .NET Standard stack documentation
+
+## Overview
+
+The OPC UA .NET Standard stack enables you to build multi-platform OPC UA Applications with rich functionality including:
+ - Server
+ - Client
+ - PubSub
+
+
+### For more information and license terms, see the projects official [Website](http://opcfoundation.github.io/UA-.NETStandard).
+
+## Getting started
+
+The reference [Client](https://github.com/OPCFoundation/UA-.NETStandard/tree/master/Applications/ConsoleReferenceClient) & [Server](https://github.com/OPCFoundation/UA-.NETStandard/tree/master/Applications/ReferenceServer) projects provide a starting point in implementing your own application.
+
+<!---
+ Simple Client:
+```C#
+ToDo
+```
+
+Simple Server:
+```C#
+ToDo
+```
+-->
+
+
+## Packages Overview
+
+Caution, there are multiple packages available with different functional scopes, for a detailed overview take a look at the [Information about the different Packages](https://github.com/OPCFoundation/UA-.NETStandard/blob/master/Docs/PlatformBuild.md#further-information-on-the-supported-nuget-packages).
+
+## Additional documentation
+
+Additional information about the OPC UA .NET Standard stack is available on the GitHub Repo of the project in the [detailed Documentation](https://github.com/OPCFoundation/UA-.NETStandard/tree/master/Docs#opc-ua-net-standard-stack-documentation).

Docs/PlatformBuild.md

@@ -50,17 +50,17 @@ The following platform is deprecated but can still be built and tested:
 To reduce the ci build overhead and the number of tests to be run in Visual Studio, only the tagged versions (* and **) are part of a qualifying ci build to pass a pull request. 
 All other platforms are only tested in weekly scheduled or manual ci builds.
 
-By default, in Visual Studio only the platforms tagged with (*) are tested. In order to test the other platforms in a command line window or in VS, there is a custom build variable defined to target a specific build. E.g. to target a .NETStandard2.1 build, the test runners are compiled with .NET 6.0 but the class libraries target only netstandard2.1, to force the use of that target.
+By default, in Visual Studio only the platforms tagged with (*) are tested. In order to test the other platforms in a command line window or in VS, there is a custom build variable defined to target a specific build. E.g. to target a .NETStandard2.0 build, the test runners are compiled with .NET 6.0 but the class libraries target only netstandard2.0, to force the use of that target.
 Another option is to test run such a custom target in a command window with a batch file [CustomTest.bat](../Tests/customtest.bat) which is provided to clean up, restore the project and to run the tests. To run the custom tests in Visual Studio a section in [target.props](../targets.props) needs to be uncommented and the target platform value must be set. 
 
 ```xml
 <!-- 
   Uncomment the following lines to test a custom test target 
-  supported values: net462, netstandard2.1, net48, net6.0, net8.0
+  supported values: net462, netstandard2.0, netstandard2.1, net48, net6.0, net8.0
  -->
 
   <PropertyGroup>
-    <CustomTestTarget>netstandard2.1</CustomTestTarget>
+    <CustomTestTarget>netstandard2.0</CustomTestTarget>
   </PropertyGroup> 
 ```
 

Libraries/Opc.Ua.Client/NodeCache.cs

@@ -32,6 +32,7 @@
 using System.Linq;
 using System.Reflection;
 using System.Threading;
+using Opc.Ua.Redaction;
 
 namespace Opc.Ua.Client
 {
@@ -131,7 +132,7 @@ public INode Find(ExpandedNodeId nodeId)
             }
             catch (Exception e)
             {
-                Utils.LogError("Could not fetch node from server: NodeId={0}, Reason='{1}'.", nodeId, e.Message);
+                Utils.LogError("Could not fetch node from server: NodeId={0}, Reason='{1}'.", nodeId, Redact.Create(e));
                 // m_nodes[nodeId] = null;
                 return null;
             }
@@ -856,7 +857,7 @@ public Node FetchNode(ExpandedNodeId nodeId)
             }
             catch (Exception e)
             {
-                Utils.LogError("Could not fetch references for valid node with NodeId = {0}. Error = {1}", nodeId, e.Message);
+                Utils.LogError("Could not fetch references for valid node with NodeId = {0}. Error = {1}", nodeId, Redact.Create(e));
             }
 
             InternalWriteLockedAttach(source);

Libraries/Opc.Ua.Client/NodeCacheAsync.cs

@@ -34,6 +34,7 @@
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
+using Opc.Ua.Redaction;
 
 namespace Opc.Ua.Client
 {
@@ -80,7 +81,7 @@ public async Task<INode> FindAsync(ExpandedNodeId nodeId, CancellationToken ct =
             }
             catch (Exception e)
             {
-                Utils.LogError("Could not fetch node from server: NodeId={0}, Reason='{1}'.", nodeId, e.Message);
+                Utils.LogError("Could not fetch node from server: NodeId={0}, Reason='{1}'.", nodeId, Redact.Create(e));
                 // m_nodes[nodeId] = null;
                 return null;
             }
@@ -263,7 +264,7 @@ public async Task<Node> FetchNodeAsync(ExpandedNodeId nodeId, CancellationToken
             }
             catch (Exception e)
             {
-                Utils.LogError("Could not fetch references for valid node with NodeId = {0}. Error = {1}", nodeId, e.Message);
+                Utils.LogError("Could not fetch references for valid node with NodeId = {0}. Error = {1}", nodeId, Redact.Create(e));
             }
 
             InternalWriteLockedAttach(source);

Libraries/Opc.Ua.Client/SessionReconnectHandler.cs

@@ -30,6 +30,7 @@
 using System;
 using System.Threading;
 using System.Threading.Tasks;
+using Opc.Ua.Redaction;
 
 namespace Opc.Ua.Client
 {
@@ -339,7 +340,7 @@ await DoReconnectAsync().ConfigureAwait(false))
             }
             catch (Exception exception)
             {
-                Utils.LogError(exception, "Unexpected error during reconnect.");
+                Utils.LogError("Unexpected error during reconnect: {0}", Redact.Create(exception));
             }
 
             // schedule the next reconnect.
@@ -510,17 +511,17 @@ await endpoint.UpdateFromServerAsync(
                     {
                         m_reconnectPeriod = m_baseReconnectPeriod;
                     }
-                    Utils.LogError("Could not reconnect due to failed security check. Request endpoint update from server. {0}", sre.Message);
+                    Utils.LogError("Could not reconnect due to failed security check. Request endpoint update from server. {0}", Redact.Create(sre));
                 }
                 else
                 {
-                    Utils.LogError("Could not reconnect the Session. {0}", sre.Message);
+                    Utils.LogError("Could not reconnect the Session. {0}", Redact.Create(sre));
                 }
                 return false;
             }
             catch (Exception exception)
             {
-                Utils.LogError("Could not reconnect the Session. {0}", exception.Message);
+                Utils.LogError("Could not reconnect the Session. {0}", Redact.Create(exception));
                 return false;
             }
             finally

Libraries/Opc.Ua.Configuration/ApplicationInstance.cs

@@ -999,7 +999,7 @@ private static async Task AddToTrustedStoreAsync(ApplicationConfiguration config
             }
             catch (Exception e)
             {
-                Utils.LogError(e, "Could not add certificate to trusted peer store.");
+                Utils.LogError("Could not add certificate to trusted peer store: {0}", Redaction.Redact.Create(e));
             }
         }
 

Libraries/Opc.Ua.Gds.Server.Common/ApplicationsNodeManager.cs

@@ -1,5 +1,5 @@
 /* ========================================================================
- * Copyright (c) 2005-2020 The OPC Foundation, Inc. All rights reserved.
+ * Copyright (c) 2005-2024 The OPC Foundation, Inc. All rights reserved.
  *
  * OPC Foundation MIT License 1.00
  * 
@@ -35,6 +35,7 @@
 using System.Text;
 using System.Threading.Tasks;
 using Opc.Ua.Gds.Server.Database;
+using Opc.Ua.Gds.Server.Diagnostics;
 using Opc.Ua.Server;
 
 namespace Opc.Ua.Gds.Server
@@ -508,6 +509,12 @@ private ServiceResult OnRegisterApplication(
 
             applicationId = m_database.RegisterApplication(application);
 
+            if (applicationId != null)
+            {
+                object[] inputArguments = new object[] { application, applicationId };
+                Server.ReportApplicationRegistrationChangedAuditEvent(context, objectId, method, inputArguments);
+            }
+
             return ServiceResult.Good;
         }
 
@@ -530,6 +537,9 @@ private ServiceResult OnUpdateApplication(
 
             m_database.RegisterApplication(application);
 
+            object[] inputArguments = new object[] { application };
+            Server.ReportApplicationRegistrationChangedAuditEvent(context, objectId, method, inputArguments);
+
             return ServiceResult.Good;
         }
 
@@ -539,7 +549,7 @@ private ServiceResult OnUnregisterApplication(
             NodeId objectId,
             NodeId applicationId)
         {
-            AuthorizationHelper.HasAuthorization(context, AuthorizationHelper.DiscoveryAdmin);
+            AuthorizationHelper.HasAuthorization(context, AuthorizationHelper.DiscoveryAdminOrSelfAdmin);
 
             Utils.LogInfo("OnUnregisterApplication: {0}", applicationId.ToString());
 
@@ -564,6 +574,9 @@ private ServiceResult OnUnregisterApplication(
 
             m_database.UnregisterApplication(applicationId);
 
+            object[] inputArguments = new object[] { applicationId };
+            Server.ReportApplicationRegistrationChangedAuditEvent(context, objectId, method, inputArguments);
+
             return ServiceResult.Good;
         }
 
@@ -825,6 +838,9 @@ private ServiceResult OnStartNewKeyPairRequest(
             string privateKeyPassword,
             ref NodeId requestId)
         {
+            object[] inputArguments = new object[] { applicationId, certificateGroupId, certificateTypeId, subjectName, domainNames, privateKeyFormat, privateKeyPassword };
+            Server.ReportCertificateRequestedAuditEvent(context, objectId, method, inputArguments, certificateGroupId, certificateTypeId);
+
             AuthorizationHelper.HasAuthorization(context, AuthorizationHelper.CertificateAuthorityAdminOrSelfAdmin, applicationId); ;
 
             var application = m_database.GetApplication(applicationId);
@@ -1183,6 +1199,9 @@ out privateKeyPassword
 
             m_request.AcceptRequest(requestId, signedCertificate);
 
+            object[] inputArguments = new object[] { applicationId, requestId, signedCertificate, privateKey, issuerCertificates };
+            Server.ReportCertificateDeliveredAuditEvent(context, objectId, method, inputArguments);
+
             return ServiceResult.Good;
         }