1 files changed, 132 insertions, 0 deletions
diff --git a/readme.md b/readme.md
new file mode 100644
index 0000000..4156e51
--- /dev/null
+++ b/readme.md
@@ -0,0 +1,132 @@
+# OPC UA Discovery
+
+A small C project that demonstrates OPC UA server discovery using the
+[open62541](https://www.open62541.org/) library. Three programs work together:
+
+- **ServerLDS** — Local Discovery Server that other servers register with
+- **ServerRegister** — a server that periodically registers itself with the LDS
+- **Client** — queries the LDS for servers, lists endpoints, or reads the current time from a server
+
+## Prerequisites
+
+- CMake 4.0+
+- A C11 compiler (GCC or Clang)
+- OpenSSL development libraries (`libssl-dev` / `openssl-devel`)
+- `openssl` CLI (for generating certificates)
+
+## Getting started
+
+Clone the repository with its submodule:
+
+```sh
+git clone --recursive https://git.tvcloud.fr/opcua_c
+cd opcua_c
+```
+
+### Generate certificates
+
+The programs use TLS certificates for mutual authentication. Four identities
+are needed — run these from the project root:
+
+```sh
+tools/generate_certificate.sh certs ServerLDS
+tools/generate_certificate.sh certs ServerRegister
+tools/generate_certificate.sh certs ServerRegisterClient
+tools/generate_certificate.sh certs ClientFindServers
+```
+
+### Populate the trust stores
+
+Each program trusts a specific set of peers. Copy the certificates into the
+trust store directories so they can find each other:
+
+```sh
+mkdir -p certs/trust/{server_lds,server_register,server_register_client,client}
+
+cp certs/ServerRegisterClient_cert.der certs/ClientFindServers_cert.der \
+   certs/trust/server_lds/
+
+cp certs/ServerLDS_cert.der certs/ClientFindServers_cert.der \
+   certs/trust/server_register/
+
+cp certs/ServerLDS_cert.der \
+   certs/trust/server_register_client/
+
+cp certs/ServerLDS_cert.der certs/ServerRegister_cert.der \
+   certs/trust/client/
+```
+
+### Build
+
+```sh
+cmake -B build
+cmake --build build --parallel
+```
+
+open62541 is fetched from the submodule and built automatically — the first
+build takes a bit longer.
+
+## Running
+
+Start the programs in order, each in its own terminal, from the project root:
+
+```sh
+# 1. Local Discovery Server
+build/ServerLDS config/server_lds.conf
+
+# 2. Register Server (connects to the LDS on port 4840)
+build/ServerRegister config/server_register.conf \
+  config/server_register_client.conf opc.tcp://localhost:4840
+
+# 3. Find registered servers via the LDS
+build/Client config/client.conf find-servers opc.tcp://localhost:4840
+
+# 4. List endpoints on the registered server
+build/Client config/client.conf get-endpoints opc.tcp://localhost:4841
+
+# 5. Read the current time from the registered server
+build/Client config/client.conf read-time opc.tcp://localhost:4841
+```
+
+All three programs accept an optional log level as the last argument
+(`trace`, `debug`, `info`, `warning`, `error`, `fatal`). The default is `info`.
+
+## Tests
+
+Integration tests exercise four combinations of security and authentication:
+
+| Test | Security | Auth |
+|------|----------|------|
+| `none_anon` | None | anonymous |
+| `none_user` | None | user/password |
+| `basic256sha256_anon` | SignAndEncrypt / Basic256Sha256 | anonymous |
+| `aes128_user` | SignAndEncrypt / Aes128_Sha256_RsaOaep | user/password |
+
+Run them:
+
+```sh
+ctest --test-dir build --output-on-failure
+```
+
+### Memory leak check
+
+Rebuild with AddressSanitizer, run the tests, then switch back:
+
+```sh
+# ASan build
+cmake -B build \
+  -DCMAKE_C_FLAGS="-fsanitize=address -fno-omit-frame-pointer" \
+  -DCMAKE_EXE_LINKER_FLAGS="-fsanitize=address"
+cmake --build build --parallel
+
+ASAN_OPTIONS="detect_leaks=1" ctest --test-dir build --output-on-failure
+
+# Restore normal build
+cmake -B build -DCMAKE_C_FLAGS="" -DCMAKE_EXE_LINKER_FLAGS=""
+cmake --build build --parallel
+```
+
+## Configuration
+
+Programs are configured through plain text files (`key = value`, one per line).
+Example configs are in `config/`.