From c631a832d375b8848ddf75b4314cc6decb460d5e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrien=20B=C3=A9raud?= <adrien.beraud@savoirfairelinux.com>
Date: Wed, 26 Jul 2023 22:19:00 -0400
Subject: [PATCH] Revert "ConnectionManager: allow self-signed certificate" and
 generate ca

This reverts commit 62b657d75b4830326f1d0cd99d838ba6a40bacb3.

Change-Id: I1789883b516f96f6c5ffc664da6f940c3dcd3e61
---
 src/connectionmanager.cpp   | 18 ++++++++----------
 tests/connectionManager.cpp | 10 +++++++---
 2 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/src/connectionmanager.cpp b/src/connectionmanager.cpp
index 70d48e4..7243f53 100644
--- a/src/connectionmanager.cpp
+++ b/src/connectionmanager.cpp
@@ -1503,11 +1503,11 @@ ConnectionManager::Impl::foundPeerDevice(const std::shared_ptr<dht::crypto::Cert
         top_issuer = top_issuer->issuer;
 
     // Device certificate can't be self-signed
-    /* if (top_issuer == crt) {
+    if (top_issuer == crt) {
         if (logger)
             logger->warn("Found invalid (self-signed) peer device: {}", crt->getLongId());
         return false;
-    } */
+    }
 
     // Check peer certificate chain
     // Trust store with top issuer as the only CA
@@ -1526,14 +1526,12 @@ ConnectionManager::Impl::foundPeerDevice(const std::shared_ptr<dht::crypto::Cert
         return false;
     }
 
-    if (auto issuer = crt->issuer) {
-        account_id = issuer->getId();
-        if (logger)
-            logger->warn("Found peer device: {} account:{} CA:{}",
-                crt->getLongId(),
-                account_id,
-                top_issuer->getId());
-    }
+    account_id = crt->issuer->getId();
+    if (logger)
+        logger->warn("Found peer device: {} account:{} CA:{}",
+              crt->getLongId(),
+              account_id,
+              top_issuer->getId());
     return true;
 }
 
diff --git a/tests/connectionManager.cpp b/tests/connectionManager.cpp
index a4e3759..01cd91a 100644
--- a/tests/connectionManager.cpp
+++ b/tests/connectionManager.cpp
@@ -59,8 +59,6 @@ public:
 
     std::unique_ptr<ConnectionHandler> alice;
     std::unique_ptr<ConnectionHandler> bob;
-    //std::string aliceId;
-    //std::string bobId;
 
 //Create a lock to be used in the test units
     std::mutex mtx;
@@ -133,7 +131,8 @@ CPPUNIT_TEST_SUITE_NAMED_REGISTRATION(ConnectionManagerTest, ConnectionManagerTe
 std::unique_ptr<ConnectionHandler>
 ConnectionManagerTest::setupHandler(const std::string& name) {
     auto h = std::make_unique<ConnectionHandler>();
-    h->id = dht::crypto::generateIdentity(name);
+    auto ca = dht::crypto::generateIdentity("ca");
+    h->id = dht::crypto::generateIdentity(name, ca);
     h->logger = logger;
     h->certStore = std::make_shared<tls::CertificateStore>(name, h->logger);
     h->ioContext = std::make_shared<asio::io_context>();
@@ -188,6 +187,11 @@ void
 ConnectionManagerTest::setUp()
 {
     logger = dht::log::getStdLogger();
+
+    logger->debug("Using PJSIP version {} for {}", pj_get_version(), PJ_OS_NAME);
+    logger->debug("Using GnuTLS version {}", gnutls_check_version(nullptr));
+    logger->debug("Using OpenDHT version {}", dht::version());
+
     ioContext = std::make_shared<asio::io_context>();
     ioContextRunner = std::thread([context = ioContext]() {
         try {
-- 
GitLab