Extract configureAccessControl() into common

The access-control switch block was duplicated in server_lds.c and
server_register.c.  Move it to a shared helper in common.c with a
Doxygen block that consolidates the rationale from both call sites.

1 files changed, 17 insertions, 0 deletions

diff --git a/src/common.h b/src/common.h
index b8643d7..63fa683 100644
--- a/src/common.h
+++ b/src/common.h
@@ -247,6 +247,23 @@ UA_StatusCode createSecureClientConfig (UA_ClientConfig *cc,
                                         const SecurityConfig *sec,
                                         const AuthConfig *auth);
 
+/**
+ * @brief Configures server access control from an AuthConfig.
+ *
+ * UA_ServerConfig_setDefaultWithSecureSecurityPolicies installs
+ * certificate-only authentication by default.  This function
+ * overrides that with the desired policy: anonymous, username/password,
+ * or X509 certificate.  For AUTH_CERT the sessionPKI verifier set by
+ * createServer is preserved, so UA_AccessControl_default automatically
+ * advertises the X509 certificate token policy.
+ *
+ * @param config  Server configuration to modify.
+ * @param auth    Authentication configuration.
+ * @return UA_STATUSCODE_GOOD on success, error code otherwise.
+ */
+UA_StatusCode configureAccessControl (UA_ServerConfig *config,
+                                      const AuthConfig *auth);
+
 /* ========================================================================
  * Output Formatting
  * ======================================================================== */