From 5726a0d84460a4b67a254c4dcfaa40bf9cc12e45 Mon Sep 17 00:00:00 2001 From: Thomas Vanbesien Date: Wed, 18 Feb 2026 10:16:45 +0100 Subject: Standardize config file section ordering, list operations in usage Group config keys into sections separated by blank lines: identity, encryption (certificate/privateKey/trustStore), security mode, auth. Program-specific keys (cleanupTimeout, registerInterval) go last. Show available operations in Client usage message. --- config/client.conf | 7 +++++-- config/server_lds.conf | 9 +++++---- config/server_register.conf | 10 +++++----- config/server_register_client.conf | 7 ++++--- src/client.c | 9 +++++---- tests/aes128_user/client.conf | 5 ++++- tests/aes128_user/server_lds.conf | 5 +++-- tests/aes128_user/server_register.conf | 6 +++--- tests/aes128_user/server_register_client.conf | 4 ++-- tests/aes256_anon/client.conf | 5 ++++- tests/aes256_anon/server_lds.conf | 5 +++-- tests/aes256_anon/server_register.conf | 6 +++--- tests/aes256_anon/server_register_client.conf | 4 ++-- tests/basic256sha256_anon/client.conf | 5 ++++- tests/basic256sha256_anon/server_lds.conf | 5 +++-- tests/basic256sha256_anon/server_register.conf | 6 +++--- tests/basic256sha256_anon/server_register_client.conf | 4 ++-- tests/none_user/client.conf | 5 ++++- tests/none_user/server_lds.conf | 5 +++-- tests/none_user/server_register.conf | 6 +++--- tests/none_user/server_register_client.conf | 4 ++-- tests/nosec_anon/client.conf | 5 ++++- tests/nosec_anon/server_lds.conf | 3 ++- tests/nosec_anon/server_register.conf | 4 ++-- tests/nosec_anon/server_register_client.conf | 4 ++-- 25 files changed, 82 insertions(+), 56 deletions(-) diff --git a/config/client.conf b/config/client.conf index 3f22038..dac9cb9 100644 --- a/config/client.conf +++ b/config/client.conf @@ -4,20 +4,23 @@ # applicationUri OPC UA application URI # certificate Path to client certificate (.der) # privateKey Path to client private key (.der) +# trustStore Directory containing trusted certificates (.der) # securityMode None, Sign, or SignAndEncrypt # securityPolicy None, Basic256Sha256, Aes256_Sha256_RsaPss, # Aes128_Sha256_RsaOaep, or ECC_nistP256 # authMode "anonymous" or "user" (read-time only) # username Username (required when authMode = user) # password Password (required when authMode = user) -# trustStore Directory containing trusted certificates (.der) applicationUri = urn:localhost:bobink:ClientFindServers + certificate = certs/ClientFindServers_cert.der privateKey = certs/ClientFindServers_key.der +trustStore = certs/trust/client + securityMode = SignAndEncrypt securityPolicy = Aes256_Sha256_RsaPss + authMode = user username = user password = password -trustStore = certs/trust/client diff --git a/config/server_lds.conf b/config/server_lds.conf index 9ce5e9b..54e0457 100644 --- a/config/server_lds.conf +++ b/config/server_lds.conf @@ -5,20 +5,21 @@ # applicationUri OPC UA application URI # certificate Path to server certificate (.der) # privateKey Path to server private key (.der) -# cleanupTimeout Seconds before stale registrations are removed (must be > 10) +# trustStore Directory containing trusted certificates (.der) # authMode "anonymous" or "user" # username Username (required when authMode = user) # password Password (required when authMode = user) -# trustStore Directory containing trusted certificates (.der) +# cleanupTimeout Seconds before stale registrations are removed (must be > 10) port = 4840 applicationUri = urn:localhost:bobink:ServerLDS + certificate = certs/ServerLDS_cert.der privateKey = certs/ServerLDS_key.der -cleanupTimeout = 60 +trustStore = certs/trust/server_lds authMode = user username = user password = password -trustStore = certs/trust/server_lds +cleanupTimeout = 60 diff --git a/config/server_register.conf b/config/server_register.conf index 1c3410d..b3f9290 100644 --- a/config/server_register.conf +++ b/config/server_register.conf @@ -5,21 +5,21 @@ # applicationUri OPC UA application URI # certificate Path to server certificate (.der) # privateKey Path to server private key (.der) -# registerInterval Seconds between re-registrations with the LDS +# trustStore Directory containing trusted certificates (.der) # authMode "anonymous" or "user" # username Username (required when authMode = user) # password Password (required when authMode = user) -# trustStore Directory containing trusted certificates (.der) +# registerInterval Seconds between re-registrations with the LDS port = 4841 applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegister_cert.der privateKey = certs/ServerRegister_key.der - -registerInterval = 10 +trustStore = certs/trust/server_register authMode = user username = user password = password -trustStore = certs/trust/server_register +registerInterval = 10 diff --git a/config/server_register_client.conf b/config/server_register_client.conf index 1301f03..f0cc0b8 100644 --- a/config/server_register_client.conf +++ b/config/server_register_client.conf @@ -4,17 +4,20 @@ # applicationUri OPC UA application URI # certificate Path to client certificate (.der) # privateKey Path to client private key (.der) +# trustStore Directory containing trusted certificates (.der) # securityMode None, Sign, or SignAndEncrypt # securityPolicy None, Basic256Sha256, Aes256_Sha256_RsaPss, # Aes128_Sha256_RsaOaep, or ECC_nistP256 # authMode "anonymous" or "user" # username Username (required when authMode = user) # password Password (required when authMode = user) -# trustStore Directory containing trusted certificates (.der) + applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegisterClient_cert.der privateKey = certs/ServerRegisterClient_key.der +trustStore = certs/trust/server_register_client securityMode = SignAndEncrypt securityPolicy = Aes256_Sha256_RsaPss @@ -22,5 +25,3 @@ securityPolicy = Aes256_Sha256_RsaPss authMode = user username = user password = password - -trustStore = certs/trust/server_register_client diff --git a/src/client.c b/src/client.c index f03a337..ccb1021 100644 --- a/src/client.c +++ b/src/client.c @@ -162,10 +162,11 @@ main (int argc, char **argv) { if (argc < 4 || argc > 5) { - UA_LOG_FATAL ( - UA_Log_Stdout, UA_LOGCATEGORY_USERLAND, - "Usage: %s [log-level]", - argv[0]); + UA_LOG_FATAL (UA_Log_Stdout, UA_LOGCATEGORY_USERLAND, + "Usage: %s " + "[log-level]\n" + "Operations: find-servers, get-endpoints, read-time", + argv[0]); return EXIT_FAILURE; } diff --git a/tests/aes128_user/client.conf b/tests/aes128_user/client.conf index 98dd4c4..614baff 100644 --- a/tests/aes128_user/client.conf +++ b/tests/aes128_user/client.conf @@ -1,11 +1,14 @@ # Client — test: aes128_user applicationUri = urn:localhost:bobink:ClientFindServers + certificate = certs/ClientFindServers_cert.der privateKey = certs/ClientFindServers_key.der +trustStore = certs/trust/client + securityMode = SignAndEncrypt securityPolicy = Aes128_Sha256_RsaOaep + authMode = user username = user password = password -trustStore = certs/trust/client diff --git a/tests/aes128_user/server_lds.conf b/tests/aes128_user/server_lds.conf index 2cc4b2e..86bf196 100644 --- a/tests/aes128_user/server_lds.conf +++ b/tests/aes128_user/server_lds.conf @@ -2,12 +2,13 @@ port = 14840 applicationUri = urn:localhost:bobink:ServerLDS + certificate = certs/ServerLDS_cert.der privateKey = certs/ServerLDS_key.der -cleanupTimeout = 60 +trustStore = certs/trust/server_lds authMode = user username = user password = password -trustStore = certs/trust/server_lds +cleanupTimeout = 60 diff --git a/tests/aes128_user/server_register.conf b/tests/aes128_user/server_register.conf index 077afc2..3c4c88a 100644 --- a/tests/aes128_user/server_register.conf +++ b/tests/aes128_user/server_register.conf @@ -2,13 +2,13 @@ port = 14841 applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegister_cert.der privateKey = certs/ServerRegister_key.der - -registerInterval = 10 +trustStore = certs/trust/server_register authMode = user username = user password = password -trustStore = certs/trust/server_register +registerInterval = 10 diff --git a/tests/aes128_user/server_register_client.conf b/tests/aes128_user/server_register_client.conf index 252bbd6..3e976be 100644 --- a/tests/aes128_user/server_register_client.conf +++ b/tests/aes128_user/server_register_client.conf @@ -1,8 +1,10 @@ # ServerRegister client config — test: aes128_user applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegisterClient_cert.der privateKey = certs/ServerRegisterClient_key.der +trustStore = certs/trust/server_register_client securityMode = SignAndEncrypt securityPolicy = Aes128_Sha256_RsaOaep @@ -10,5 +12,3 @@ securityPolicy = Aes128_Sha256_RsaOaep authMode = user username = user password = password - -trustStore = certs/trust/server_register_client diff --git a/tests/aes256_anon/client.conf b/tests/aes256_anon/client.conf index 2818355..d8d5ab2 100644 --- a/tests/aes256_anon/client.conf +++ b/tests/aes256_anon/client.conf @@ -1,9 +1,12 @@ # Client — test: aes256_anon applicationUri = urn:localhost:bobink:ClientFindServers + certificate = certs/ClientFindServers_cert.der privateKey = certs/ClientFindServers_key.der +trustStore = certs/trust/client + securityMode = SignAndEncrypt securityPolicy = Aes256_Sha256_RsaPss + authMode = anonymous -trustStore = certs/trust/client diff --git a/tests/aes256_anon/server_lds.conf b/tests/aes256_anon/server_lds.conf index 587820f..763ec54 100644 --- a/tests/aes256_anon/server_lds.conf +++ b/tests/aes256_anon/server_lds.conf @@ -2,10 +2,11 @@ port = 14840 applicationUri = urn:localhost:bobink:ServerLDS + certificate = certs/ServerLDS_cert.der privateKey = certs/ServerLDS_key.der -cleanupTimeout = 60 +trustStore = certs/trust/server_lds authMode = anonymous -trustStore = certs/trust/server_lds +cleanupTimeout = 60 diff --git a/tests/aes256_anon/server_register.conf b/tests/aes256_anon/server_register.conf index a2ce852..7f08405 100644 --- a/tests/aes256_anon/server_register.conf +++ b/tests/aes256_anon/server_register.conf @@ -2,11 +2,11 @@ port = 14841 applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegister_cert.der privateKey = certs/ServerRegister_key.der - -registerInterval = 10 +trustStore = certs/trust/server_register authMode = anonymous -trustStore = certs/trust/server_register +registerInterval = 10 diff --git a/tests/aes256_anon/server_register_client.conf b/tests/aes256_anon/server_register_client.conf index 46e8659..0a79338 100644 --- a/tests/aes256_anon/server_register_client.conf +++ b/tests/aes256_anon/server_register_client.conf @@ -1,12 +1,12 @@ # ServerRegister client config — test: aes256_anon applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegisterClient_cert.der privateKey = certs/ServerRegisterClient_key.der +trustStore = certs/trust/server_register_client securityMode = SignAndEncrypt securityPolicy = Aes256_Sha256_RsaPss authMode = anonymous - -trustStore = certs/trust/server_register_client diff --git a/tests/basic256sha256_anon/client.conf b/tests/basic256sha256_anon/client.conf index 589a741..5517368 100644 --- a/tests/basic256sha256_anon/client.conf +++ b/tests/basic256sha256_anon/client.conf @@ -1,9 +1,12 @@ # Client — test: basic256sha256_anon applicationUri = urn:localhost:bobink:ClientFindServers + certificate = certs/ClientFindServers_cert.der privateKey = certs/ClientFindServers_key.der +trustStore = certs/trust/client + securityMode = SignAndEncrypt securityPolicy = Basic256Sha256 + authMode = anonymous -trustStore = certs/trust/client diff --git a/tests/basic256sha256_anon/server_lds.conf b/tests/basic256sha256_anon/server_lds.conf index 59e84ac..4560153 100644 --- a/tests/basic256sha256_anon/server_lds.conf +++ b/tests/basic256sha256_anon/server_lds.conf @@ -2,10 +2,11 @@ port = 14840 applicationUri = urn:localhost:bobink:ServerLDS + certificate = certs/ServerLDS_cert.der privateKey = certs/ServerLDS_key.der -cleanupTimeout = 60 +trustStore = certs/trust/server_lds authMode = anonymous -trustStore = certs/trust/server_lds +cleanupTimeout = 60 diff --git a/tests/basic256sha256_anon/server_register.conf b/tests/basic256sha256_anon/server_register.conf index b65f996..6a47796 100644 --- a/tests/basic256sha256_anon/server_register.conf +++ b/tests/basic256sha256_anon/server_register.conf @@ -2,11 +2,11 @@ port = 14841 applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegister_cert.der privateKey = certs/ServerRegister_key.der - -registerInterval = 10 +trustStore = certs/trust/server_register authMode = anonymous -trustStore = certs/trust/server_register +registerInterval = 10 diff --git a/tests/basic256sha256_anon/server_register_client.conf b/tests/basic256sha256_anon/server_register_client.conf index e87a713..aa0339c 100644 --- a/tests/basic256sha256_anon/server_register_client.conf +++ b/tests/basic256sha256_anon/server_register_client.conf @@ -1,12 +1,12 @@ # ServerRegister client config — test: basic256sha256_anon applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegisterClient_cert.der privateKey = certs/ServerRegisterClient_key.der +trustStore = certs/trust/server_register_client securityMode = SignAndEncrypt securityPolicy = Basic256Sha256 authMode = anonymous - -trustStore = certs/trust/server_register_client diff --git a/tests/none_user/client.conf b/tests/none_user/client.conf index 1aa5e67..cb5d187 100644 --- a/tests/none_user/client.conf +++ b/tests/none_user/client.conf @@ -1,11 +1,14 @@ # Client — test: none_user applicationUri = urn:localhost:bobink:ClientFindServers + certificate = certs/ClientFindServers_cert.der privateKey = certs/ClientFindServers_key.der +trustStore = certs/trust/client + securityMode = None securityPolicy = None + authMode = user username = user password = password -trustStore = certs/trust/client diff --git a/tests/none_user/server_lds.conf b/tests/none_user/server_lds.conf index ff8f3b4..5da2c50 100644 --- a/tests/none_user/server_lds.conf +++ b/tests/none_user/server_lds.conf @@ -2,12 +2,13 @@ port = 14840 applicationUri = urn:localhost:bobink:ServerLDS + certificate = certs/ServerLDS_cert.der privateKey = certs/ServerLDS_key.der -cleanupTimeout = 60 +trustStore = certs/trust/server_lds authMode = user username = user password = password -trustStore = certs/trust/server_lds +cleanupTimeout = 60 diff --git a/tests/none_user/server_register.conf b/tests/none_user/server_register.conf index dd7a064..c44c0e6 100644 --- a/tests/none_user/server_register.conf +++ b/tests/none_user/server_register.conf @@ -2,13 +2,13 @@ port = 14841 applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegister_cert.der privateKey = certs/ServerRegister_key.der - -registerInterval = 10 +trustStore = certs/trust/server_register authMode = user username = user password = password -trustStore = certs/trust/server_register +registerInterval = 10 diff --git a/tests/none_user/server_register_client.conf b/tests/none_user/server_register_client.conf index 9d3f9c4..bfc4ce2 100644 --- a/tests/none_user/server_register_client.conf +++ b/tests/none_user/server_register_client.conf @@ -1,8 +1,10 @@ # ServerRegister client config — test: none_user applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegisterClient_cert.der privateKey = certs/ServerRegisterClient_key.der +trustStore = certs/trust/server_register_client securityMode = None securityPolicy = None @@ -10,5 +12,3 @@ securityPolicy = None authMode = user username = user password = password - -trustStore = certs/trust/server_register_client diff --git a/tests/nosec_anon/client.conf b/tests/nosec_anon/client.conf index 72679c9..2e7f959 100644 --- a/tests/nosec_anon/client.conf +++ b/tests/nosec_anon/client.conf @@ -1,9 +1,12 @@ # Client — test: nosec_anon applicationUri = urn:localhost:bobink:ClientFindServers + certificate = certs/ClientFindServers_cert.der privateKey = certs/ClientFindServers_key.der +trustStore = certs/trust/client + securityMode = None securityPolicy = None + authMode = anonymous -trustStore = certs/trust/client diff --git a/tests/nosec_anon/server_lds.conf b/tests/nosec_anon/server_lds.conf index aa4b6ec..a4598a0 100644 --- a/tests/nosec_anon/server_lds.conf +++ b/tests/nosec_anon/server_lds.conf @@ -3,6 +3,7 @@ port = 14840 applicationUri = urn:localhost:bobink:ServerLDS -cleanupTimeout = 60 authMode = anonymous + +cleanupTimeout = 60 diff --git a/tests/nosec_anon/server_register.conf b/tests/nosec_anon/server_register.conf index 15743f5..8a2e0c9 100644 --- a/tests/nosec_anon/server_register.conf +++ b/tests/nosec_anon/server_register.conf @@ -3,6 +3,6 @@ port = 14841 applicationUri = urn:localhost:bobink:ServerRegister -registerInterval = 10 - authMode = anonymous + +registerInterval = 10 diff --git a/tests/nosec_anon/server_register_client.conf b/tests/nosec_anon/server_register_client.conf index 8bdc05e..cc81a64 100644 --- a/tests/nosec_anon/server_register_client.conf +++ b/tests/nosec_anon/server_register_client.conf @@ -2,12 +2,12 @@ # Connects to an unsecured LDS, so no trust store for the LDS cert is needed. applicationUri = urn:localhost:bobink:ServerRegister + certificate = certs/ServerRegisterClient_cert.der privateKey = certs/ServerRegisterClient_key.der +trustStore = certs/trust/server_register_client securityMode = None securityPolicy = None authMode = anonymous - -trustStore = certs/trust/server_register_client -- cgit v1.2.3