From e4c6eefdd33845e4450a715fcb63ef6982257906 Mon Sep 17 00:00:00 2001
From: Timm Fitschen <t.fitschen@indiscale.com>
Date: Wed, 23 Jun 2021 09:48:51 +0200
Subject: [PATCH] WIP: implement TLS

---
 include/connection.h |  6 +++++-
 src/connection.cpp   | 17 +++++++++++++++++
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/include/connection.h b/include/connection.h
index 80a1de1..7bd14f0 100644
--- a/include/connection.h
+++ b/include/connection.h
@@ -75,9 +75,13 @@ public:
 };
 
 class SslCaosDBConnectionConfig : public CaosDBConnectionConfig {
+private:
+  std::shared_ptr<ChannelCredentials> credentials;
+
+public:
   SslCaosDBConnectionConfig(const std::string &host, int port);
   SslCaosDBConnectionConfig(const std::string &host, int port,
-                            std::string cacert);
+                            const std::string &cacert);
 };
 
 /**
diff --git a/src/connection.cpp b/src/connection.cpp
index 87ae072..42ef66e 100644
--- a/src/connection.cpp
+++ b/src/connection.cpp
@@ -37,6 +37,8 @@ using caosdb::info::v1alpha1::GetVersionInfoRequest;
 using caosdb::info::v1alpha1::GetVersionInfoResponse;
 using caosdb::info::v1alpha1::VersionInfo;
 using grpc::InsecureChannelCredentials;
+using grpc::SslCredentials;
+using grpc::SslCredentialsOptions;
 
 CaosDBConnectionConfig::CaosDBConnectionConfig(const std::string &host,
                                                int port) {
@@ -72,6 +74,21 @@ auto InsecureCaosDBConnectionConfig::getChannelCredentials() const
   return this->credentials;
 }
 
+SslCaosDBConnectionConfig::SslCaosDBConnectionConfig(
+  const std::string &host, int port, const std::string &cacert)
+  : CaosDBConnectionConfig(host, port) {
+  auto options = SslCredentialsOptions();
+  options.pem_root_certs = cacert;
+  this->credentials = SslCredentials(options);
+}
+
+SslCaosDBConnectionConfig::SslCaosDBConnectionConfig(
+  const std::string &host, int port)
+  : CaosDBConnectionConfig(host, port) {
+  auto options = SslCredentialsOptions();
+  this->credentials = SslCredentials(options);
+}
+
 CaosDBConnection::CaosDBConnection(
   const std::shared_ptr<CaosDBConnectionConfig> &config) {
   this->config = config;
-- 
GitLab