Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
return this._send_error(securityPolicyStatus, description, message, callback);
}
// check certificate
this.securityMode = request.securityMode;
this.securityPolicy = securityPolicy;
this.messageBuilder.securityMode = this.securityMode;
const hasEndpoint = this.has_endpoint_for_security_mode_and_policy(this.securityMode, securityPolicy);
if (!hasEndpoint) {
// there is no
description =
" This server doesn't not support " + securityPolicy.toString() + " " + this.securityMode.toString();
return this._send_error(StatusCodes.BadSecurityPolicyRejected, description, message, callback);
}
this.endpoint = this.getEndpointDescription(this.securityMode, securityPolicy)!;
this.messageBuilder
.on("message", (request, msgType, requestId, channelId) => {
this._on_common_message(request, msgType, requestId, channelId);
})
.on("start_chunk", () => {
if (doPerfMonitoring) {
// record tick 0: when the first chunk is received
this._tick0 = get_clock_tick();
}
});
// handle initial OpenSecureChannelRequest
if (check_security_policy !== StatusCodes.Good) {
description = " Unsupported securityPolicyUri " + self.messageBuilder.securityHeader.securityPolicyUri;
return _send_error.call(this, check_security_policy, description, message, callback);
}
assert(request.securityMode);
self.securityMode = request.securityMode;
self.messageBuilder.securityMode = self.securityMode;
const has_endpoint = self.has_endpoint_for_security_mode_and_policy(self.securityMode, securityPolicy);
if (!has_endpoint) {
// there is no
description =
" This server doesn't not support " + securityPolicy.toString() + " " + self.securityMode.toString();
return _send_error.call(self, StatusCodes.BadSecurityPolicyRejected, description, message, callback);
}
self.endpoint = self.endpoints && self.endpoints.getEndpointDescription(self.securityMode, securityPolicy);
self.messageBuilder.on("message", _on_common_message.bind(self)).on("start_chunk", function() {
if (doPerfMonitoring) {
//record tick 0: when the first chunk is received
self._tick0 = get_clock_tick();
}
});
// handle initial OpenSecureChannelRequest
self._process_certificates(message, function() {
_handle_OpenSecureChannelRequest.call(self, message, callback);
});
}
endpoints = endpoints.filter(function (endpoint) {
return !endpoint.restricted;
});
const endpoints_matching_security_mode = endpoints.filter(function (e) {
return e.securityMode === channel.securityMode;
});
if (endpoints_matching_security_mode.length === 0) {
return StatusCodes.BadSecurityModeRejected;
}
const endpoints_matching_security_policy = endpoints_matching_security_mode.filter(function (e) {
return e.securityPolicyUri === channel.securityHeader.securityPolicyUri;
});
if (endpoints_matching_security_policy.length === 0) {
return StatusCodes.BadSecurityPolicyRejected;
}
return StatusCodes.Good;
}
function isValidSecurityPolicy(securityPolicy) {
switch (securityPolicy.value) {
case SecurityPolicy.None.value:
case SecurityPolicy.Basic128Rsa15.value:
case SecurityPolicy.Basic256.value:
case SecurityPolicy.Basic256Sha256.value:
return StatusCodes.Good;
default:
return StatusCodes.BadSecurityPolicyRejected;
}
}
function isValidSecurityPolicy(securityPolicy: SecurityPolicy) {
switch (securityPolicy) {
case SecurityPolicy.None:
case SecurityPolicy.Basic128Rsa15:
case SecurityPolicy.Basic256:
case SecurityPolicy.Basic256Sha256:
return StatusCodes.Good;
default:
return StatusCodes.BadSecurityPolicyRejected;
}
}