From a54421dd976fd8081e96c11c2621076876c9986b Mon Sep 17 00:00:00 2001
From: Thomas Vanbesien <tvanbesi@proton.me>
Date: Tue, 17 Feb 2026 11:07:37 +0100
Subject: Replace CLI arguments with config-file parser and add integration
 tests

Introduce a reusable key=value config parser (config.h/c) and convert
all three programs to read their settings from config files instead of
positional command-line arguments.  Add example config files in config/
and 6 CTest integration tests covering None/Basic256Sha256/Aes128 with
anonymous and user authentication.  Remove the now-obsolete launch.sh.
---
 config/client_find_servers.conf | 29 +++++++++++++++++++++++++
 config/server_lds.conf          | 25 ++++++++++++++++++++++
 config/server_register.conf     | 47 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 101 insertions(+)
 create mode 100644 config/client_find_servers.conf
 create mode 100644 config/server_lds.conf
 create mode 100644 config/server_register.conf

(limited to 'config')

diff --git a/config/client_find_servers.conf b/config/client_find_servers.conf
new file mode 100644
index 0000000..a9e29c8
--- /dev/null
+++ b/config/client_find_servers.conf
@@ -0,0 +1,29 @@
+# ClientFindServers configuration
+#
+# Keys:
+#   discoveryEndpoint   LDS endpoint URL (e.g. opc.tcp://localhost:4840)
+#   applicationUri      OPC UA application URI
+#   certificate         Path to client certificate (.der)
+#   privateKey          Path to client private key (.der)
+#   securityMode        None, Sign, or SignAndEncrypt
+#   securityPolicy      None, Basic256Sha256, Aes256_Sha256_RsaPss,
+#                       Aes128_Sha256_RsaOaep, or ECC_nistP256
+#   authMode            "anonymous" or "user"
+#   username            Username (required when authMode = user)
+#   password            Password (required when authMode = user)
+#   trustList           Trusted certificate path (repeat for multiple)
+
+discoveryEndpoint = opc.tcp://localhost:4840
+applicationUri = urn:bobink.ClientFindServers
+certificate = certs/ClientFindServers_cert.der
+privateKey = certs/ClientFindServers_key.der
+
+securityMode = SignAndEncrypt
+securityPolicy = Aes128_Sha256_RsaOaep
+
+authMode = user
+username = user
+password = password
+
+trustList = certs/ServerLDS_cert.der
+trustList = certs/ServerRegister_cert.der
diff --git a/config/server_lds.conf b/config/server_lds.conf
new file mode 100644
index 0000000..a30106c
--- /dev/null
+++ b/config/server_lds.conf
@@ -0,0 +1,25 @@
+# ServerLDS configuration
+#
+# Keys:
+#   port              Server port number
+#   applicationUri    OPC UA application URI
+#   certificate       Path to server certificate (.der)
+#   privateKey        Path to server private key (.der)
+#   cleanupTimeout    Seconds before stale registrations are removed (must be > 10)
+#   authMode          "anonymous" or "user"
+#   username          Username (required when authMode = user)
+#   password          Password (required when authMode = user)
+#   trustList         Trusted certificate path (repeat for multiple)
+
+port = 4840
+applicationUri = urn:bobink.ServerLDS
+certificate = certs/ServerLDS_cert.der
+privateKey = certs/ServerLDS_key.der
+cleanupTimeout = 60
+
+authMode = user
+username = user
+password = password
+
+trustList = certs/ServerRegisterClient_cert.der
+trustList = certs/ClientFindServers_cert.der
diff --git a/config/server_register.conf b/config/server_register.conf
new file mode 100644
index 0000000..3c905a5
--- /dev/null
+++ b/config/server_register.conf
@@ -0,0 +1,47 @@
+# ServerRegister configuration
+#
+# Keys:
+#   port                Server port number
+#   applicationUri      OPC UA application URI
+#   serverCertificate   Path to server certificate (.der)
+#   serverPrivateKey    Path to server private key (.der)
+#   clientCertificate   Path to client certificate for LDS connection (.der)
+#   clientPrivateKey    Path to client private key for LDS connection (.der)
+#   discoveryEndpoint   LDS endpoint URL (e.g. opc.tcp://localhost:4840)
+#   registerInterval    Seconds between re-registrations with the LDS
+#   securityMode        None, Sign, or SignAndEncrypt
+#   securityPolicy      None, Basic256Sha256, Aes256_Sha256_RsaPss,
+#                       Aes128_Sha256_RsaOaep, or ECC_nistP256
+#   serverAuthMode      Auth mode for clients connecting to this server:
+#                       "anonymous" or "user"
+#   serverUsername      Username (required when serverAuthMode = user)
+#   serverPassword      Password (required when serverAuthMode = user)
+#   clientAuthMode      Auth mode for connecting to the LDS:
+#                       "anonymous" or "user"
+#   clientUsername      Username (required when clientAuthMode = user)
+#   clientPassword      Password (required when clientAuthMode = user)
+#   trustList           Trusted certificate path (repeat for multiple)
+
+port = 4841
+applicationUri = urn:bobink.ServerRegister
+serverCertificate = certs/ServerRegister_cert.der
+serverPrivateKey = certs/ServerRegister_key.der
+clientCertificate = certs/ServerRegisterClient_cert.der
+clientPrivateKey = certs/ServerRegisterClient_key.der
+
+discoveryEndpoint = opc.tcp://localhost:4840
+registerInterval = 10
+
+securityMode = SignAndEncrypt
+securityPolicy = Aes128_Sha256_RsaOaep
+
+serverAuthMode = user
+serverUsername = user
+serverPassword = password
+
+clientAuthMode = user
+clientUsername = user
+clientPassword = password
+
+trustList = certs/ServerLDS_cert.der
+trustList = certs/ClientFindServers_cert.der
-- 
cgit v1.2.3