OPC UA applications in C http://git.tvcloud.fr/BobinkCOpcUa/atom/src/client.c?h=master 2026-02-18T23:14:25Z 2026-02-18T23:14:25Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T23:14:25Z urn:sha1:a9ebc3b434b7979163fdf83984b32f1e513dacb8 2026-02-18T22:23:44Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T22:23:44Z urn:sha1:3d30c8499ae37ca0ff837e9deaad359de0297765 Types PascalCase→snake_case, functions camelCase→snake_case, static functions get _s_ prefix, globals get g_ prefix, struct members and locals to snake_case. 2026-02-18T22:09:43Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T22:09:43Z urn:sha1:8bfd0dc6b44438ba6c5d2844ce21fbc2adfe3f1a Make download-cert always use an unsecure client so it can connect to a server's None discovery endpoint without the server certificate in the trust store. Add a cert_bootstrap test that verifies the full Trust On First Use workflow: find-servers succeeds, get-endpoints fails (untrusted cert), download-cert retrieves the certificate via None, then get-endpoints and read-time both succeed. 2026-02-18T21:17:30Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T21:17:30Z urn:sha1:77e70beff33d89f30082f3e5d513cd657fa529ea Retrieves the server's DER certificate via GetEndpoints and writes it to a local file. The test starts a secure ServerLDS, downloads its certificate, and verifies it matches the original. 2026-02-18T21:01:05Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T21:01:05Z urn:sha1:4a0e0ff8cca00a6e4b4557d468894682d1b91333 Introduce AuthConfig tagged union (AUTH_ANONYMOUS/AUTH_USER/AUTH_CERT) and SecurityConfig struct to replace scattered parameters. Add parseSecurityConfig helper to consolidate duplicated security parsing across all three programs. Simplify opReadTime by moving all auth handling into the client config factory functions. 2026-02-18T20:44:17Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T20:44:17Z urn:sha1:deaabd1464784a6fddbfa9e1ac6cb0e1148a8c34 Support authMode=cert alongside anonymous and user. The client reuses its application certificate as the X509 identity token (open62541 requires both to match). Server-side access control advertises the certificate token policy automatically when sessionPKI is configured. 2026-02-18T19:30:33Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T19:30:33Z urn:sha1:70381b3381d77845dbc04fd521b729b7098134a5 UA_ClientConfig_setDefault leaves securityMode at SignAndEncrypt, so unsecure clients failed endpoint negotiation when the LDS only offered None endpoints. Extract the unsecure client setup into createUnsecureClientConfig() which explicitly sets securityMode and securityPolicyUri to None. Also enable discovery-only None endpoint on ServerRegister so unencrypted clients can discover it, and update the unsecure_anonymous test configs to run fully without encryption. 2026-02-18T11:54:24Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T11:54:24Z urn:sha1:12989671c9f43707701a8cef8e77e34b1bf24a37 certificate, privateKey, and trustStore are now optional config keys using the same all-or-none pattern as the server programs. When all three are omitted the client connects without encryption via UA_ClientConfig_setDefault; when present, securityMode and securityPolicy are required and the secure path is used as before. 2026-02-18T09:16:45Z Thomas Vanbesien tvanbesi@proton.me 2026-02-18T09:16:45Z urn:sha1:5726a0d84460a4b67a254c4dcfaa40bf9cc12e45 Group config keys into sections separated by blank lines: identity, encryption (certificate/privateKey/trustStore), security mode, auth. Program-specific keys (cleanupTimeout, registerInterval) go last. Show available operations in Client usage message. 2026-02-17T22:52:06Z Thomas Vanbesien tvanbesi@proton.me 2026-02-17T22:52:06Z urn:sha1:7648a256d97abda40edbdc0d7bf59edd0a09fb95 Rename createSecureServer to createServer and add an unsecure path (UA_ServerConfig_setMinimal) when certPath is NULL, eliminating the if/else server creation blocks in server_lds.c and server_register.c. Add parseAuthConfig() to common.c to replace four near-identical authMode parsing blocks across the three programs. Restructure server_register.c error handling with goto cleanup, removing ~20 duplicated cleanup sequences. Rename the CMake library target from DiscoveryCommon to common.