From 9fe1d1f41069eda254e11746512d6be032db81d5 Mon Sep 17 00:00:00 2001
From: Thomas Vanbesien <tvanbesi@proton.me>
Date: Thu, 19 Feb 2026 00:38:47 +0100
Subject: Drop auth parameter from create_unsecure_client_config

Credentials over plaintext SecurityPolicy#None are insecure, so the
unsecure client path now always uses anonymous authentication.
---
 src/common.h | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

(limited to 'src/common.h')

diff --git a/src/common.h b/src/common.h
index 0196e06..66bf905 100644
--- a/src/common.h
+++ b/src/common.h
@@ -215,18 +215,15 @@ UA_Server *create_server (UA_UInt16 port, const char *application_uri,
  *
  * Sets up a default client config with SecurityPolicy#None and the given
  * application URI.  Explicitly sets securityMode and securityPolicyUri so
- * that internal endpoint negotiation matches None endpoints.  When @p auth
- * is non-NULL and mode is AUTH_USER, configures username/password
- * authentication.  AUTH_CERT returns an error (requires encryption).
+ * that internal endpoint negotiation matches None endpoints.  Always uses
+ * anonymous authentication (credentials over plaintext are insecure).
  *
  * @param cc Pointer to a zero-initialized UA_ClientConfig.
  * @param application_uri OPC UA application URI.
- * @param auth Authentication config, or NULL for anonymous.
  * @return UA_STATUSCODE_GOOD on success, error code otherwise.
  */
 UA_StatusCode create_unsecure_client_config (UA_ClientConfig *cc,
-                                             const char *application_uri,
-                                             const auth_config *auth);
+                                             const char *application_uri);
 
 /**
  * @brief Initializes a UA_ClientConfig with encryption.
-- 
cgit v1.2.3