From 74f18c6264618187386a5dc8b1152faa8727bf53 Mon Sep 17 00:00:00 2001 From: Thomas Vanbesien Date: Wed, 18 Feb 2026 22:45:06 +0100 Subject: Extract configureAccessControl() into common The access-control switch block was duplicated in server_lds.c and server_register.c. Move it to a shared helper in common.c with a Doxygen block that consolidates the rationale from both call sites. --- src/common.h | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'src/common.h') diff --git a/src/common.h b/src/common.h index b8643d7..63fa683 100644 --- a/src/common.h +++ b/src/common.h @@ -247,6 +247,23 @@ UA_StatusCode createSecureClientConfig (UA_ClientConfig *cc, const SecurityConfig *sec, const AuthConfig *auth); +/** + * @brief Configures server access control from an AuthConfig. + * + * UA_ServerConfig_setDefaultWithSecureSecurityPolicies installs + * certificate-only authentication by default. This function + * overrides that with the desired policy: anonymous, username/password, + * or X509 certificate. For AUTH_CERT the sessionPKI verifier set by + * createServer is preserved, so UA_AccessControl_default automatically + * advertises the X509 certificate token policy. + * + * @param config Server configuration to modify. + * @param auth Authentication configuration. + * @return UA_STATUSCODE_GOOD on success, error code otherwise. + */ +UA_StatusCode configureAccessControl (UA_ServerConfig *config, + const AuthConfig *auth); + /* ======================================================================== * Output Formatting * ======================================================================== */ -- cgit v1.2.3