From 9eaf47d5dfa56ca79ae903aabfc2cf52bdfb981e Mon Sep 17 00:00:00 2001
From: Dennis Brentjes <d.brentjes@gmail.com>
Date: Fri, 21 Oct 2016 19:27:05 +0200
Subject: Added SSL connections to the client.

---
 client/cmixclient.cpp | 23 +++++++++++++++--------
 client/cmixclient.hpp | 15 ++++++++++++---
 client/main.cpp       | 17 ++++++++++++++++-
 3 files changed, 43 insertions(+), 12 deletions(-)

(limited to 'client')

diff --git a/client/cmixclient.cpp b/client/cmixclient.cpp
index ccbdeb5..6866274 100644
--- a/client/cmixclient.cpp
+++ b/client/cmixclient.cpp
@@ -2,6 +2,7 @@
 #include "cmixclient.hpp"
 
 using namespace boost::asio::ip;
+using namespace boost::asio;
 
 void CMixClient::key_exchange(int i) {
 	BOOST_LOG_TRIVIAL(trace) << "Sending KeyExchange for node: " << i;
@@ -16,11 +17,12 @@ void CMixClient::key_exchange(int i) {
 }
 
 void CMixClient::initialize_connections() {
-	network_connections.reserve(network_details.size());
-	data.resize(network_details.size());
+	size_t nr_nodes = network_details.node_details.size();
+	network_connections.reserve(nr_nodes);
+	data.resize(nr_nodes);
 	
-	for(int i = 0; i < network_details.size(); ++i) {
-		auto handler = [this, i]() mutable {
+	for(size_t i = 0; i < nr_nodes; ++i) {
+		auto handler = [this, i]() {
 			cmix_proto::ImAClient imaclient;
 			imaclient.set_id("A");
 			BOOST_LOG_TRIVIAL(trace) << "sending imaclient to node: " << i;
@@ -29,8 +31,8 @@ void CMixClient::initialize_connections() {
 			key_exchange(i);
 		};
 	
-		network_connections.emplace_back(std::unique_ptr<tcp::socket>(new tcp::socket(io_service)));
-		network_connections.back().async_connect(network_details[i].host, network_details[i].port, handler);
+		network_connections.emplace_back(std::unique_ptr<ssl::stream<tcp::socket>>(new ssl::stream<tcp::socket>(io_service, *ctx)));
+		network_connections.back().async_connect(network_details.node_details[i].host, network_details.node_details[i].port, handler);
 	}
 }
 
@@ -53,7 +55,7 @@ void CMixClient::handle_message(int node_id, cmix_proto::CMixMessage message)
 		case cmix_proto::CMixMessage::ContentsCase::kBye: {
 			BOOST_LOG_TRIVIAL(trace) << "handling bye";
 			network_connections.at(node_id).close();
-			if(std::all_of(network_connections.begin(), network_connections.end(), [](SenderReceiver const& c) { return c.is_open(); })) {
+			if(std::all_of(network_connections.begin(), network_connections.end(), [](SSLSenderReceiver const& c) { return !c.is_open(); })) {
 				break;
 			} else {
 				return;
@@ -67,13 +69,18 @@ void CMixClient::handle_message(int node_id, cmix_proto::CMixMessage message)
 	io_service.stop();
 }
 
-CMixClient::CMixClient(std::vector<NodeDetails> details)
+CMixClient::CMixClient(NetworkDetails details)
 : io_service()
+, ctx(std::make_shared<boost::asio::ssl::context>(boost::asio::ssl::context::sslv23))
 , network_details(details)
 , network_connections()
 , api(get_implementation())
 , keypair(api.create_key_pair())
 {
+	if(!details.certdir.empty()) {
+		ctx->add_verify_path(details.certdir);
+	}
+
 	initialize_connections();
 }
 
diff --git a/client/cmixclient.hpp b/client/cmixclient.hpp
index d87c4b3..db5e690 100644
--- a/client/cmixclient.hpp
+++ b/client/cmixclient.hpp
@@ -23,6 +23,14 @@ struct NodeDetails {
 	std::string port; ///< The port of the node.
 };
 
+/*!
+ * \brief The NetworkDetails struct
+ */
+struct NetworkDetails {
+	std::vector<NodeDetails> node_details; ///< Vector with all the node hosts and ports in network order.
+	std::string certdir; ///< The directory with trusted certificates.
+};
+
 /*!
  * \brief The CMixClient class
  */
@@ -33,9 +41,10 @@ class CMixClient {
 	};
 
 	boost::asio::io_service io_service;
+	std::shared_ptr<boost::asio::ssl::context> ctx;
 
-	std::vector<NodeDetails> network_details;
-	std::vector<SenderReceiver> network_connections;
+	NetworkDetails network_details;
+	std::vector<SSLSenderReceiver> network_connections;
 	std::vector<NodeData> data;
 
 	Api api;
@@ -54,7 +63,7 @@ public:
 	 * \brief CMixClient
 	 * \param details A vector of the connectiondetails for the cmix network
 	 */
-	CMixClient(std::vector<NodeDetails> details);
+	CMixClient(NetworkDetails details);
 	~CMixClient();
 	
 	/*!
diff --git a/client/main.cpp b/client/main.cpp
index bcac249..b84c3df 100644
--- a/client/main.cpp
+++ b/client/main.cpp
@@ -5,6 +5,7 @@
 #include "logging.hpp"
 
 #include <boost/program_options.hpp>
+#include <boost/filesystem/operations.hpp>
 
 #include <vector>
 #include <iostream>
@@ -20,6 +21,7 @@ int main(int argc, char* argv[]) {
 	desc.add_options()
 		("help,h", "produce help message.")
 		("network,n", po::value<std::vector<std::string>>()->multitoken(), "The addresses of the network nodes in order")
+		("certdir", po::value<std::string>(), "Directory containing trusted certificates.")
 	;
 
 	po::variables_map vm;
@@ -46,6 +48,19 @@ int main(int argc, char* argv[]) {
 		node_details.push_back({uri.host, uri.port});
 	}
 	
-	CMixClient cmix_client(node_details);
+	std::string certdir;
+	if(vm.count("certdir")) {
+		std::string filename = vm["certdir"].as<std::string>();
+		if(boost::filesystem::is_directory(filename)) {
+			certdir = filename;
+		} else {
+			std::cerr << "cert dir: \"" << filename << "\" is not a directory";
+			return -1;
+		}
+	}
+	
+	NetworkDetails details{node_details, certdir};
+	
+	CMixClient cmix_client(details);
 	cmix_client.run();
 }
-- 
cgit v1.2.3-70-g09d2