1 files changed, 34 insertions, 12 deletions
diff --git a/src/common.h b/src/common.h
index 7290181..b4bd323 100644
--- a/src/common.h
+++ b/src/common.h
@@ -15,6 +15,8 @@
 
 #include <stddef.h>
 
+#include "config.h"
+
 /**
  * @brief Loads a DER-encoded certificate or key file into a UA_ByteString.
  *
@@ -47,26 +49,26 @@ int loadTrustStore (const char *dirPath, char ***outPaths, size_t *outSize);
 void freeTrustStore (char **paths, size_t size);
 
 /**
- * @brief Creates a UA_Server configured with security policies and encryption.
+ * @brief Creates a UA_Server, optionally configured with security policies.
  *
- * The server is initialized with the specified port, certificate, private key,
- * and trustlist. The applicationUri is set in the server's application
- * description.
+ * When @p certPath is non-NULL the server is initialized with encryption
+ * (certificate, private key, trustlist).  When @p certPath is NULL the server
+ * runs with SecurityPolicy#None only (keyPath and trustPaths are ignored).
+ * The applicationUri is set in both cases.
  *
  * @param port Server port number.
  * @param applicationUri OPC UA application URI.
- * @param certPath Path to server certificate (.der).
- * @param keyPath Path to private key (.der).
- * @param trustPaths Array of trustlist file paths (may be NULL if trustSize is
- * 0).
+ * @param certPath Path to server certificate (.der), or NULL for unsecure.
+ * @param keyPath Path to private key (.der), or NULL when certPath is NULL.
+ * @param trustPaths Array of trustlist file paths (may be NULL).
  * @param trustSize Number of entries in trustPaths.
  * @param retval Output parameter set to the status code on failure.
  * @return A configured UA_Server, or NULL on error.
  */
-UA_Server *createSecureServer (UA_UInt16 port, const char *applicationUri,
-                               const char *certPath, const char *keyPath,
-                               char **trustPaths, size_t trustSize,
-                               UA_StatusCode *retval);
+UA_Server *createServer (UA_UInt16 port, const char *applicationUri,
+                         const char *certPath, const char *keyPath,
+                         char **trustPaths, size_t trustSize,
+                         UA_StatusCode *retval);
 
 /**
  * @brief Parses a log-level name into the corresponding UA_LogLevel value.
@@ -80,6 +82,26 @@ UA_Server *createSecureServer (UA_UInt16 port, const char *applicationUri,
 int parseLogLevel (const char *name);
 
 /**
+ * @brief Parses the authMode key from a configuration file.
+ *
+ * When authMode is "anonymous", sets *allowAnonymous to true and
+ * *username / *password to NULL.  When authMode is "user", sets
+ * *allowAnonymous to false and loads the username/password keys.
+ * Logs errors internally.
+ *
+ * @param cfg            Parsed configuration.
+ * @param program        Program name (for error messages).
+ * @param allowAnonymous Output: true for anonymous, false for user.
+ *                       May be NULL (ignored — useful for client callers).
+ * @param username       Output: username string (owned by cfg), or NULL.
+ * @param password       Output: password string (owned by cfg), or NULL.
+ * @return 0 on success, -1 on error.
+ */
+int parseAuthConfig (const Config *cfg, const char *program,
+                     UA_Boolean *allowAnonymous, const char **username,
+                     const char **password);
+
+/**
  * @brief Parses a security mode name into the corresponding enum value.
  *
  * Accepted names: "None", "Sign", "SignAndEncrypt".