1 files changed, 148 insertions, 0 deletions
diff --git a/tools/launch.sh b/tools/launch.sh
new file mode 100755
index 0000000..7691baf
--- /dev/null
+++ b/tools/launch.sh
@@ -0,0 +1,148 @@
+#!/bin/bash
+# launch.sh — Generate certificates and launch N RegisterServers + 1 LDS.
+#
+# Usage: tools/launch.sh [N] [extra_cert1.der ...]
+#   N             Number of RegisterServer instances to launch (default: 1).
+#   extra certs   Additional certificates to add to the LDS and every
+#                 RegisterServer trustlist (e.g. external client certs).
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+PROJECT_DIR="$(cd "$SCRIPT_DIR/.." && pwd)"
+BUILD_DIR="$PROJECT_DIR/build"
+CERTS_DIR="$PROJECT_DIR/certs"
+GEN_CERT="$SCRIPT_DIR/generate_certificate.sh"
+
+N="${1:-1}"
+
+if ! [[ "$N" =~ ^[1-9][0-9]*$ ]]; then
+  echo "Usage: $0 [N] [extra_cert1.der ...]" >&2
+  echo "  N = number of RegisterServers (default 1)" >&2
+  exit 1
+fi
+
+shift || true
+EXTRA_TRUST=("$@")
+
+LDS_PORT=4840
+BASE_REGISTER_PORT=4841
+
+# ------------------------------------------------------------------
+# Certificate generation (only creates missing ones)
+# ------------------------------------------------------------------
+
+generate_if_missing() {
+  local name="$1"
+  local uri="${2:-}"
+  if [ ! -f "$CERTS_DIR/${name}_cert.der" ] ||
+    [ ! -f "$CERTS_DIR/${name}_key.der" ]; then
+    "$GEN_CERT" "$CERTS_DIR" "$name" ${uri:+"$uri"}
+  fi
+}
+
+generate_if_missing "ServerLDS"
+generate_if_missing "ClientFindServers"
+
+for i in $(seq 1 "$N"); do
+  generate_if_missing "ServerRegister${i}"
+  # The client cert must carry the server's ApplicationUri so the LDS
+  # can verify the certificate against the ApplicationDescription.
+  generate_if_missing "ServerRegisterClient${i}" "urn:bobink.ServerRegister${i}"
+done
+
+# ------------------------------------------------------------------
+# Cleanup on exit
+# ------------------------------------------------------------------
+
+pids=()
+
+cleanup() {
+  echo ""
+  echo "Stopping all servers..."
+  for pid in "${pids[@]}"; do
+    kill "$pid" 2>/dev/null || true
+  done
+  wait 2>/dev/null
+  echo "All servers stopped."
+}
+
+trap cleanup EXIT INT TERM
+
+# ------------------------------------------------------------------
+# Launch LDS
+# ------------------------------------------------------------------
+
+# LDS trustlist: every RegisterServer client cert + the FindServers client cert.
+lds_trustlist=()
+for i in $(seq 1 "$N"); do
+  lds_trustlist+=("$CERTS_DIR/ServerRegisterClient${i}_cert.der")
+done
+lds_trustlist+=("$CERTS_DIR/ClientFindServers_cert.der")
+lds_trustlist+=(${EXTRA_TRUST[@]+"${EXTRA_TRUST[@]}"})
+
+echo "Starting LDS on port $LDS_PORT..."
+"$BUILD_DIR/ServerLDS" \
+  "$LDS_PORT" \
+  "urn:bobink.ServerLDS" \
+  "$CERTS_DIR/ServerLDS_cert.der" \
+  "$CERTS_DIR/ServerLDS_key.der" \
+  60 \
+  "${lds_trustlist[@]}" &
+pids+=($!)
+sleep 1
+
+# ------------------------------------------------------------------
+# Launch RegisterServers
+# ------------------------------------------------------------------
+
+for i in $(seq 1 "$N"); do
+  port=$((BASE_REGISTER_PORT + i - 1))
+
+  echo "Starting ServerRegister${i} on port $port..."
+  "$BUILD_DIR/ServerRegister" \
+    "$port" \
+    "urn:bobink.ServerRegister${i}" \
+    "$CERTS_DIR/ServerRegister${i}_cert.der" \
+    "$CERTS_DIR/ServerRegister${i}_key.der" \
+    "$CERTS_DIR/ServerRegisterClient${i}_cert.der" \
+    "$CERTS_DIR/ServerRegisterClient${i}_key.der" \
+    "opc.tcp://localhost:$LDS_PORT" \
+    10 \
+    SignAndEncrypt Aes128_Sha256_RsaOaep \
+    "$CERTS_DIR/ServerLDS_cert.der" \
+    "$CERTS_DIR/ClientFindServers_cert.der" \
+    ${EXTRA_TRUST[@]+"${EXTRA_TRUST[@]}"} &
+  pids+=($!)
+  sleep 0.5
+done
+
+# ------------------------------------------------------------------
+# Summary
+# ------------------------------------------------------------------
+
+echo ""
+echo "=== All servers running ==="
+echo "  LDS:              port $LDS_PORT"
+for i in $(seq 1 "$N"); do
+  port=$((BASE_REGISTER_PORT + i - 1))
+  echo "  ServerRegister${i}:  port $port"
+done
+
+# Build the client command hint with the correct trustlist.
+client_trust="certs/ServerLDS_cert.der"
+for i in $(seq 1 "$N"); do
+  client_trust="$client_trust certs/ServerRegister${i}_cert.der"
+done
+
+echo ""
+echo "Run the client with:"
+echo "  build/ClientFindServers \"opc.tcp://localhost:$LDS_PORT\" \\"
+echo "    \"urn:bobink.ClientFindServers\" \\"
+echo "    certs/ClientFindServers_cert.der certs/ClientFindServers_key.der \\"
+echo "    SignAndEncrypt Aes128_Sha256_RsaOaep \\"
+echo "    $client_trust"
+echo ""
+echo "Press Ctrl+C to stop all servers."
+
+wait