Extract createServer and parseAuthConfig, simplify programs

Rename createSecureServer to createServer and add an unsecure path
(UA_ServerConfig_setMinimal) when certPath is NULL, eliminating the
if/else server creation blocks in server_lds.c and server_register.c.

Add parseAuthConfig() to common.c to replace four near-identical
authMode parsing blocks across the three programs.

Restructure server_register.c error handling with goto cleanup,
removing ~20 duplicated cleanup sequences.

Rename the CMake library target from DiscoveryCommon to common.

1 files changed, 64 insertions, 21 deletions

diff --git a/src/common.c b/src/common.c
index 568e4d0..8d7d651 100644
--- a/src/common.c
+++ b/src/common.c
@@ -27,7 +27,7 @@ loadFile (const char *const path)
   FILE *fp = fopen (path, "rb");
   if (!fp)
     {
-      /* fopen sets errno on failure.  Callers like createSecureServer use
+      /* fopen sets errno on failure.  Callers like createServer use
          loadFile for optional trustlist entries where a missing file is not
          an error.  Clear errno so open62541's logging does not pick up
          a stale value and emit misleading error messages. */
@@ -153,7 +153,7 @@ freeTrustStore (char **paths, size_t size)
 }
 
 /* ========================================================================
- * Security Helpers
+ * Parsing Helpers
  * ======================================================================== */
 
 int
@@ -176,6 +176,42 @@ parseLogLevel (const char *name)
   return -1;
 }
 
+int
+parseAuthConfig (const Config *cfg, const char *program,
+                 UA_Boolean *allowAnonymous, const char **username,
+                 const char **password)
+{
+  const char *authMode = configRequire (cfg, "authMode", program);
+  if (!authMode)
+    return -1;
+
+  *username = NULL;
+  *password = NULL;
+
+  if (strcmp (authMode, "anonymous") == 0)
+    {
+      if (allowAnonymous)
+        *allowAnonymous = true;
+      return 0;
+    }
+
+  if (strcmp (authMode, "user") == 0)
+    {
+      if (allowAnonymous)
+        *allowAnonymous = false;
+      *username = configRequire (cfg, "username", program);
+      *password = configRequire (cfg, "password", program);
+      if (!*username || !*password)
+        return -1;
+      return 0;
+    }
+
+  UA_LOG_FATAL (UA_Log_Stdout, UA_LOGCATEGORY_USERLAND,
+                "%s: unknown auth mode '%s' (expected 'anonymous' or 'user')",
+                program, authMode);
+  return -1;
+}
+
 UA_MessageSecurityMode
 parseSecurityMode (const char *name)
 {
@@ -308,29 +344,36 @@ printEndpoint (const UA_EndpointDescription *endpoint, size_t index)
  * ======================================================================== */
 
 UA_Server *
-createSecureServer (UA_UInt16 port, const char *applicationUri,
-                    const char *certPath, const char *keyPath,
-                    char **trustPaths, size_t trustSize, UA_StatusCode *retval)
+createServer (UA_UInt16 port, const char *applicationUri, const char *certPath,
+              const char *keyPath, char **trustPaths, size_t trustSize,
+              UA_StatusCode *retval)
 {
-  UA_ByteString certificate = loadFile (certPath);
-  UA_ByteString privateKey = loadFile (keyPath);
-
-  /* +1: UA_STACKARRAY requires a strictly positive size for VLA. */
-  UA_STACKARRAY (UA_ByteString, trustList, trustSize + 1);
-  for (size_t i = 0; i < trustSize; i++)
-    trustList[i] = loadFile (trustPaths[i]);
-
   UA_Server *server = UA_Server_new ();
   UA_ServerConfig *config = UA_Server_getConfig (server);
 
-  *retval = UA_ServerConfig_setDefaultWithSecurityPolicies (
-      config, port, &certificate, &privateKey, trustList, trustSize, NULL, 0,
-      NULL, 0);
-
-  UA_ByteString_clear (&certificate);
-  UA_ByteString_clear (&privateKey);
-  for (size_t i = 0; i < trustSize; i++)
-    UA_ByteString_clear (&trustList[i]);
+  if (certPath)
+    {
+      UA_ByteString certificate = loadFile (certPath);
+      UA_ByteString privateKey = loadFile (keyPath);
+
+      /* +1: UA_STACKARRAY requires a strictly positive size for VLA. */
+      UA_STACKARRAY (UA_ByteString, trustList, trustSize + 1);
+      for (size_t i = 0; i < trustSize; i++)
+        trustList[i] = loadFile (trustPaths[i]);
+
+      *retval = UA_ServerConfig_setDefaultWithSecurityPolicies (
+          config, port, &certificate, &privateKey, trustList, trustSize, NULL,
+          0, NULL, 0);
+
+      UA_ByteString_clear (&certificate);
+      UA_ByteString_clear (&privateKey);
+      for (size_t i = 0; i < trustSize; i++)
+        UA_ByteString_clear (&trustList[i]);
+    }
+  else
+    {
+      *retval = UA_ServerConfig_setMinimal (config, port, NULL);
+    }
 
   if (*retval != UA_STATUSCODE_GOOD)
     {