From 70381b3381d77845dbc04fd521b729b7098134a5 Mon Sep 17 00:00:00 2001
From: Thomas Vanbesien <tvanbesi@proton.me>
Date: Wed, 18 Feb 2026 20:30:33 +0100
Subject: Extract createUnsecureClientConfig, fix None endpoint negotiation

UA_ClientConfig_setDefault leaves securityMode at SignAndEncrypt,
so unsecure clients failed endpoint negotiation when the LDS only
offered None endpoints.  Extract the unsecure client setup into
createUnsecureClientConfig() which explicitly sets securityMode and
securityPolicyUri to None.

Also enable discovery-only None endpoint on ServerRegister so
unencrypted clients can discover it, and update the unsecure_anonymous
test configs to run fully without encryption.
---
 tests/unsecure_anonymous/server_lds.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'tests/unsecure_anonymous/server_lds.conf')

diff --git a/tests/unsecure_anonymous/server_lds.conf b/tests/unsecure_anonymous/server_lds.conf
index c5808bd..4ebbf33 100644
--- a/tests/unsecure_anonymous/server_lds.conf
+++ b/tests/unsecure_anonymous/server_lds.conf
@@ -1,5 +1,5 @@
 # ServerLDS — test: unsecure_anonymous
-# Secured LDS with discovery-only None endpoint.
+# Unsecured LDS (no encryption).
 
 port = 14840
 applicationUri = urn:localhost:bobink:ServerLDS
-- 
cgit v1.2.3