Replace ClientFindServers with unified Client, use trust store directories

Replace the single-purpose ClientFindServers program with a unified Client
that supports three operations via CLI: find-servers, get-endpoints, and
read-time.  This simplifies the architecture by using one client binary with
a single config file instead of a monolithic program that did everything in
one run.

Split the ServerRegister config into separate server and client config files
so the LDS-registration credentials are isolated from the server's own
settings.  The discovery URL moves from config to a CLI argument.

Replace repeated trustList config entries with a single trustStore directory
path.  Each program now points to a directory under certs/trust/ containing
.der files, so adding or removing trust is a file-copy operation rather than
editing every config file.  Add loadTrustStore()/freeTrustStore() to
common.c and remove the now-unused configGetAll() from the config parser.

Simplify the test matrix from 6 to 4 cases (security and auth are
orthogonal, so the full 3x2 matrix is unnecessary).  Update run_test.sh to
invoke the new Client three times and use port-polling instead of sleep.

1 files changed, 0 insertions, 50 deletions

diff --git a/config/client_find_servers.conf b/config/client_find_servers.conf
deleted file mode 100644
index 5ab15d5..0000000
--- a/config/client_find_servers.conf
+++ /dev/null
@@ -1,50 +0,0 @@
-# ClientFindServers configuration
-#
-# Shared keys:
-#   discoveryEndpoint   LDS endpoint URL (e.g. opc.tcp://localhost:4840)
-#   applicationUri      OPC UA application URI
-#
-# Discovery-side keys (LDS connection):
-#   discoveryCertificate      Path to certificate for LDS connections (.der)
-#   discoveryPrivateKey       Path to private key for LDS connections (.der)
-#   discoverySecurityMode     None, Sign, or SignAndEncrypt
-#   discoverySecurityPolicy   None, Basic256Sha256, Aes256_Sha256_RsaPss,
-#                             Aes128_Sha256_RsaOaep, or ECC_nistP256
-#   discoveryAuthMode         "anonymous" or "user"
-#   discoveryUsername         Username (required when discoveryAuthMode = user)
-#   discoveryPassword         Password (required when discoveryAuthMode = user)
-#   discoveryTrustList        Trusted certificate path (repeat for multiple)
-#
-# Server-side keys (connections to discovered servers):
-#   serverCertificate         Path to certificate for server connections (.der)
-#   serverPrivateKey          Path to private key for server connections (.der)
-#   serverSecurityMode        None, Sign, or SignAndEncrypt
-#   serverSecurityPolicy      None, Basic256Sha256, Aes256_Sha256_RsaPss,
-#                             Aes128_Sha256_RsaOaep, or ECC_nistP256
-#   serverAuthMode            "anonymous" or "user"
-#   serverUsername            Username (required when serverAuthMode = user)
-#   serverPassword            Password (required when serverAuthMode = user)
-#   serverTrustList           Trusted certificate path (repeat for multiple)
-
-discoveryEndpoint = opc.tcp://localhost:4840
-applicationUri = urn:bobink.ClientFindServers
-
-# Discovery (LDS) side
-discoveryCertificate = certs/ClientFindServers_cert.der
-discoveryPrivateKey = certs/ClientFindServers_key.der
-discoverySecurityMode = SignAndEncrypt
-discoverySecurityPolicy = Aes256_Sha256_RsaPss
-discoveryAuthMode = user
-discoveryUsername = user
-discoveryPassword = password
-discoveryTrustList = certs/ServerLDS_cert.der
-
-# Server side
-serverCertificate = certs/ClientFindServers_cert.der
-serverPrivateKey = certs/ClientFindServers_key.der
-serverSecurityMode = SignAndEncrypt
-serverSecurityPolicy = Aes256_Sha256_RsaPss
-serverAuthMode = user
-serverUsername = user
-serverPassword = password
-serverTrustList = certs/ServerRegister_cert.der