From 70381b3381d77845dbc04fd521b729b7098134a5 Mon Sep 17 00:00:00 2001
From: Thomas Vanbesien <tvanbesi@proton.me>
Date: Wed, 18 Feb 2026 20:30:33 +0100
Subject: Extract createUnsecureClientConfig, fix None endpoint negotiation

UA_ClientConfig_setDefault leaves securityMode at SignAndEncrypt,
so unsecure clients failed endpoint negotiation when the LDS only
offered None endpoints.  Extract the unsecure client setup into
createUnsecureClientConfig() which explicitly sets securityMode and
securityPolicyUri to None.

Also enable discovery-only None endpoint on ServerRegister so
unencrypted clients can discover it, and update the unsecure_anonymous
test configs to run fully without encryption.
---
 src/server_register.c | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

(limited to 'src/server_register.c')

diff --git a/src/server_register.c b/src/server_register.c
index 44a4d49..8f23d1c 100644
--- a/src/server_register.c
+++ b/src/server_register.c
@@ -71,13 +71,7 @@ makeLdsClientConfig (UA_ClientConfig *cc, const LdsClientParams *p)
     }
   else
     {
-      rv = UA_ClientConfig_setDefault (cc);
-      if (rv == UA_STATUSCODE_GOOD)
-        {
-          UA_String_clear (&cc->clientDescription.applicationUri);
-          cc->clientDescription.applicationUri
-              = UA_String_fromChars (p->appUri);
-        }
+      rv = createUnsecureClientConfig (cc, p->appUri);
     }
   if (rv != UA_STATUSCODE_GOOD)
     return rv;
@@ -246,7 +240,7 @@ main (int argc, char **argv)
   UA_StatusCode retval;
   server = createServer ((UA_UInt16)port, applicationUri, serverCertPath,
                          serverKeyPath, serverTrustPaths, serverTrustSize,
-                         false, &retval);
+                         true, &retval);
   if (!server)
     goto cleanup;
 
-- 
cgit v1.2.3