aboutsummaryrefslogtreecommitdiffstats
path: root/src/server_lds.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/server_lds.c')
-rw-r--r--src/server_lds.c27
1 files changed, 15 insertions, 12 deletions
diff --git a/src/server_lds.c b/src/server_lds.c
index f1efa99..14c26b7 100644
--- a/src/server_lds.c
+++ b/src/server_lds.c
@@ -132,23 +132,26 @@ main (int argc, char *argv[])
Downgrade to a warning so third-party servers can still register. */
serverConfig->verifyRequestTimestamp = UA_RULEHANDLING_WARN;
- /* Configure access control after server creation because both
- UA_ServerConfig_setDefaultWithSecurityPolicies and
- UA_ServerConfig_setMinimal reset the access control plugin. The
- credential list is deep-copied by UA_AccessControl_default. */
- if (!allowAnonymous)
+ /* Configure access control. UA_ServerConfig_setDefaultWithSecure-
+ SecurityPolicies sets certificate-only auth by default, so we must
+ always call UA_AccessControl_default to get the desired policy. */
+ if (allowAnonymous)
+ {
+ retval = UA_AccessControl_default (serverConfig, true, NULL, 0, NULL);
+ }
+ else
{
UA_UsernamePasswordLogin logins[1];
logins[0].username = UA_STRING ((char *)username);
logins[0].password = UA_STRING ((char *)password);
retval = UA_AccessControl_default (serverConfig, false, NULL, 1, logins);
- if (retval != UA_STATUSCODE_GOOD)
- {
- UA_Server_delete (server);
- freeTrustStore (trustPaths, trustSize);
- configFree (&cfg);
- return EXIT_FAILURE;
- }
+ }
+ if (retval != UA_STATUSCODE_GOOD)
+ {
+ UA_Server_delete (server);
+ freeTrustStore (trustPaths, trustSize);
+ configFree (&cfg);
+ return EXIT_FAILURE;
}
/* Mark this server as a Discovery Server so clients can identify it. */
generated by cgit v1.2.3 (git 2.46.0) at 2026-02-20 07:24:44 +0000