commit 4325f0ff509827fac554a1b56b4768e5f67ae663
author Amna <amna.snene@savoirfairelinux.com> Mon Jan 22 16:11:00 2024 -0500
committer Amna Snene <amna.snene@savoirfairelinux.com> Tue Feb 06 15:25:18 2024 -0500
tree 4b8e81706dd5ff1d0c0932df2e95171bbcabfe4f
parent ad16157b6c7299443a7b2ba919ca463eb08b5647

tools: add certification check

If the server disable the anonymous connection option, it accept a client only if the CA of the client matches the CA of the server.
Else (anonymous connection option enabled), the server accept any request.

Change-Id: I6ff6ec72d6f6452ce50fd8aa35896ff7117be6c0

tools/dnc/main.cpp

diff --git a/tools/dnc/main.cpp b/tools/dnc/main.cpp
index 0ba8b57..363e05e 100644
--- a/tools/dnc/main.cpp
+++ b/tools/dnc/main.cpp
@@ -47,6 +47,7 @@
     std::string turn_realm {};
     std::string ca {};
     std::string dnc_configuration {};
+    bool anonymous_cnx {false};
 };
 
 static const constexpr struct option long_options[]
@@ -63,6 +64,7 @@
        {"turn_realm", required_argument, nullptr, 'r'},
        {"CA", required_argument, nullptr, 'C'},
        {"dnc_configuration", required_argument, nullptr, 'd'},
+       {"anonymous_cnx", no_argument, nullptr, 'a'},
        {nullptr, 0, nullptr, 0}};
 
 dhtnc_params
@@ -70,7 +72,7 @@
 {
     dhtnc_params params;
     int opt;
-    while ((opt = getopt_long(argc, argv, "hvlw:r:u:t:I:b:p:i:C:d:", long_options, nullptr)) != -1) {
+    while ((opt = getopt_long(argc, argv, "ahvlw:r:u:t:I:b:p:i:C:d:", long_options, nullptr)) != -1) {
         switch (opt) {
         case 'h':
             params.help = true;
@@ -110,6 +112,10 @@
             break;
         case 'd':
             params.dnc_configuration = optarg;
+            break;
+        case 'a':
+            params.anonymous_cnx = true;
+            break;
         default:
             std::cerr << "Invalid option" << std::endl;
             exit(EXIT_FAILURE);
@@ -162,6 +168,9 @@
             if (config["port"] && params.remote_port == 0) {
                 params.remote_port = config["port"].as<int>();
             }
+            if (config["anonymous"] && !params.anonymous_cnx) {
+                params.anonymous_cnx = config["anonymous"].as<bool>();
+            }
         }
     }
     return params;
@@ -202,16 +211,20 @@
                    "  -u, --turn_user       Specify the turn_user option with an argument.\n"
                    "  -w, --turn_pass       Specify the turn_pass option with an argument.\n"
                    "  -r, --turn_realm      Specify the turn_realm option with an argument.\n"
-                   "  -C, --CA              Specify the CA option with an argument.\n");
+                   "  -C, --CA              Specify the CA option with an argument.\n"
+                   "  -d, --dnc_configuration Specify the dnc_configuration option with an argument.\n"
+                   "  -a, --anonymous_cnx   Enable the anonymous mode.\n");
         return EXIT_SUCCESS;
     }
+
     if (params.version) {
         fmt::print("dnc v1.0\n");
         return EXIT_SUCCESS;
     }
+    auto identity = dhtnet::loadIdentity(params.path, params.ca);
+
 
     fmt::print("dnc 1.0\n");
-    auto identity = dhtnet::loadIdentity(params.path, params.ca);
     fmt::print("Loaded identity: {} from {}\n", identity.second->getId(), params.path);
 
     std::unique_ptr<dhtnet::Dnc> dhtnc;
@@ -223,7 +236,8 @@
                                               params.turn_host,
                                               params.turn_user,
                                               params.turn_pass,
-                                              params.turn_realm);
+                                              params.turn_realm,
+                                              params.anonymous_cnx);
     } else {
         dhtnc = std::make_unique<dhtnet::Dnc>(params.path,
                                               identity,