WIP: implement TLS

e4c6eefd · Timm Fitschen · 5b1149d5 · e4c6eefd · e4c6eefd
Verified Commit e4c6eefd authored 3 years ago by Timm Fitschen
--- a/include/connection.h
+++ b/include/connection.h
@@ -75,9 +75,13 @@ public:
 };

 class SslCaosDBConnectionConfig : public CaosDBConnectionConfig {
+private:
+  std::shared_ptr<ChannelCredentials> credentials;
+
+public:
  SslCaosDBConnectionConfig(const std::string &host, int port);
  SslCaosDBConnectionConfig(const std::string &host, int port,
-                            std::string cacert);
+                            const std::string &cacert);
 };

 /**

--- a/src/connection.cpp
+++ b/src/connection.cpp
@@ -37,6 +37,8 @@ using caosdb::info::v1alpha1::GetVersionInfoRequest;
 using caosdb::info::v1alpha1::GetVersionInfoResponse;
 using caosdb::info::v1alpha1::VersionInfo;
 using grpc::InsecureChannelCredentials;
+using grpc::SslCredentials;
+using grpc::SslCredentialsOptions;

 CaosDBConnectionConfig::CaosDBConnectionConfig(const std::string &host,
                                               int port) {
@@ -72,6 +74,21 @@ auto InsecureCaosDBConnectionConfig::getChannelCredentials() const
  return this->credentials;
 }

+SslCaosDBConnectionConfig::SslCaosDBConnectionConfig(
+  const std::string &host, int port, const std::string &cacert)
+  : CaosDBConnectionConfig(host, port) {
+  auto options = SslCredentialsOptions();
+  options.pem_root_certs = cacert;
+  this->credentials = SslCredentials(options);
+}
+
+SslCaosDBConnectionConfig::SslCaosDBConnectionConfig(
+  const std::string &host, int port)
+  : CaosDBConnectionConfig(host, port) {
+  auto options = SslCredentialsOptions();
+  this->credentials = SslCredentials(options);
+}
+
 CaosDBConnection::CaosDBConnection(
  const std::shared_ptr<CaosDBConnectionConfig> &config) {
  this->config = config;