| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make encryption optional for both ServerRegister's LDS client
connection and the server side of ServerLDS/ServerRegister: when
certificate, privateKey, and trustStore are omitted the programs
run with SecurityPolicy#None only. Secure servers also add a
discovery-only None endpoint so unencrypted clients can still call
FindServers and GetEndpoints.
Consolidate tests from 5 policy-specific cases (nosec_anon,
none_user, basic256sha256_anon, aes256_anon, aes128_user) down to
3 that cover the important axes: unsecure_anonymous,
secure_anonymous, secure_user. Rename directories to use full
names. Auto-generate certificates and trust stores in run_test.sh.
Update readme and CLAUDE.md to reflect the current program
interface (unified Client binary, split ServerRegister configs)
and the new test names.
|
| |
|
|
|
|
| |
The unified client program is no longer just for FindServers.
Regenerated the certificate as "Client" and updated all configs,
trust store symlinks, readme, and script comments.
|
| |
|
|
|
|
|
| |
Group config keys into sections separated by blank lines: identity,
encryption (certificate/privateKey/trustStore), security mode, auth.
Program-specific keys (cleanupTimeout, registerInterval) go last.
Show available operations in Client usage message.
|
| |
|
|
|
|
| |
Create test configs for SignAndEncrypt / Aes256_Sha256_RsaPss with
anonymous auth. Expand the readme certificate section with an identity
table and clearer trust store explanation.
|
| |
|
|
|
|
| |
none_anon was redundant — nosec_anon now covers the unsecured case
with both LDS and ServerRegister running without security config.
Update readme test table to reflect the change.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ServerLDS and ServerRegister can now run without encryption when
certificate, privateKey, and trustStore are all omitted from the
server config file. When any of the three is present, all three are
still required. The unsecured server uses UA_ServerConfig_setMinimal
with SecurityPolicy#None only.
Add nosec_anon integration test covering the LDS unsecured path.
Update readme: use symlinks instead of copies for trust stores, note
that ServerLDS and ServerRegister support running without certs.
|
| |
|
|
|
|
|
|
| |
Stop deleting intermediate PEM and CNF files so they can be reused.
Change default application URI from urn:bobink.<name> to
urn:localhost:bobink:<name> to follow proper URN syntax (Qt OPC UA
rejects the dotted format). Update all config files and test configs
to use the new URI format.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the single-purpose ClientFindServers program with a unified Client
that supports three operations via CLI: find-servers, get-endpoints, and
read-time. This simplifies the architecture by using one client binary with
a single config file instead of a monolithic program that did everything in
one run.
Split the ServerRegister config into separate server and client config files
so the LDS-registration credentials are isolated from the server's own
settings. The discovery URL moves from config to a CLI argument.
Replace repeated trustList config entries with a single trustStore directory
path. Each program now points to a directory under certs/trust/ containing
.der files, so adding or removing trust is a file-copy operation rather than
editing every config file. Add loadTrustStore()/freeTrustStore() to
common.c and remove the now-unused configGetAll() from the config parser.
Simplify the test matrix from 6 to 4 cases (security and auth are
orthogonal, so the full 3x2 matrix is unnecessary). Update run_test.sh to
invoke the new Client three times and use port-polling instead of sleep.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Create two independent UA_Client instances in client_find_servers.c:
one for LDS discovery calls (FindServers, GetEndpoints) and one for
server session calls (readServerTime). This allows different security
modes, policies, auth, and trust lists for the LDS vs discovered
servers.
Config keys are now prefixed: discovery* for LDS connection settings,
server* for discovered server settings. All config files updated
accordingly with split trust lists (discoveryTrustList for LDS cert,
serverTrustList for server cert).
|
| |
|
|
|
|
|
|
|
| |
All three programs now accept an optional second argument [log-level]
(trace, debug, info, warning, error, fatal) defaulting to info. The
level is applied by setting the logger context pointer directly,
avoiding a memory leak that would occur from overwriting the
heap-allocated logger struct. Also documents the ASan leak-check
workflow in CLAUDE.md.
|
|
|
Introduce a reusable key=value config parser (config.h/c) and convert
all three programs to read their settings from config files instead of
positional command-line arguments. Add example config files in config/
and 6 CTest integration tests covering None/Basic256Sha256/Aes128 with
anonymous and user authentication. Remove the now-obsolete launch.sh.
|
