BobinkCOpcUa/CMakeLists.txt, branch master

BobinkCOpcUa/CMakeLists.txt, branch master OPC UA applications in C http://git.tvcloud.fr/BobinkCOpcUa/atom/CMakeLists.txt?h=master 2026-02-19T05:19:23Z Add configurable variable node initialization for server_register 2026-02-19T05:19:23Z Thomas Vanbesien tvanbesi@proton.me 2026-02-19T05:19:23Z urn:sha1:2b632bd229edaa9999be5043f9a8ae2ac7d17e41 New optional CLI argument [nodes-config] lets the server populate its address space from a dot-indexed config file (node.N.name/type/value/ accessLevel/description). Supports 10 scalar types plus 1D arrays. Rename print_endpoint to print_endpoint_description and fix clone URL 2026-02-18T23:47:37Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T23:43:50Z urn:sha1:37c0fee672afd3701ea3ed87958da4d548bf1be3 Rename client executable to bobink_opcua_client 2026-02-18T23:14:25Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T23:14:25Z urn:sha1:a9ebc3b434b7979163fdf83984b32f1e513dacb8 Rename project to BobinkCOpcUa and update readme 2026-02-18T23:08:41Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T23:05:00Z urn:sha1:bdc2305c2376c8b6697b6ecfecce104c956bdfcf Lower cmake_minimum_required to 3.17 and tidy generate_certificate.sh 2026-02-18T22:47:23Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T22:47:23Z urn:sha1:965db7e3243aecb02f7f57b4fe8dabe9ad50a697 4.0 was unnecessarily strict — the highest feature used is foreach(IN ZIP_LISTS) from 3.17. Also fix the shebang, complete the Produces header, and document the OPC UA v3_ext requirements. Rename CMake project and executable targets 2026-02-18T22:36:35Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T22:36:35Z urn:sha1:52727a053c45f8d6c634d405742c3289a0be1f78 Project: OpcUaC → BobinkOpcUaC Targets: ServerLDS → bobink_opcua_discovery_server, ServerRegister → bobink_opcua_server, Client → client Add TOFU certificate bootstrap integration test 2026-02-18T22:09:43Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T22:09:43Z urn:sha1:8bfd0dc6b44438ba6c5d2844ce21fbc2adfe3f1a Make download-cert always use an unsecure client so it can connect to a server's None discovery endpoint without the server certificate in the trust store. Add a cert_bootstrap test that verifies the full Trust On First Use workflow: find-servers succeeds, get-endpoints fails (untrusted cert), download-cert retrieves the certificate via None, then get-endpoints and read-time both succeed. Add download-cert client operation with integration test 2026-02-18T21:17:30Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T21:17:30Z urn:sha1:77e70beff33d89f30082f3e5d513cd657fa529ea Retrieves the server's DER certificate via GetEndpoints and writes it to a local file. The test starts a secure ServerLDS, downloads its certificate, and verifies it matches the original. Remove redundant config/ dir, use Aes256_Sha256_RsaPss everywhere 2026-02-18T21:07:07Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T21:07:07Z urn:sha1:95f40458a9dd927fba35624564b64b5f973dd9fe The config/ example files duplicated the test configs. Remove them and point the Running docs at tests/secure_user/ instead. Switch the security policy from Basic256Sha256 to Aes256_Sha256_RsaPss in all test configs, CMakeLists.txt, and readme.md. Add X509 certificate identity token authentication 2026-02-18T20:44:17Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T20:44:17Z urn:sha1:deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34 Support authMode=cert alongside anonymous and user. The client reuses its application certificate as the X509 identity token (open62541 requires both to match). Server-side access control advertises the certificate token policy automatically when sessionPKI is configured.