SSL support for server tunnels

libi2pd_client/I2PTunnel.h

@@ -16,6 +16,7 @@
 #include <memory>
 #include <sstream>
 #include <boost/asio.hpp>
+#include <boost/asio/ssl.hpp>
 #include "Identity.h"
 #include "Destination.h"
 #include "Datagram.h"
@@ -44,8 +45,9 @@ namespace client
 				std::shared_ptr<const i2p::data::LeaseSet> leaseSet, int port = 0); // to I2P
 			I2PTunnelConnection (I2PService * owner, std::shared_ptr<boost::asio::ip::tcp::socket> socket,
 				std::shared_ptr<i2p::stream::Stream> stream); // to I2P using simplified API
-			I2PTunnelConnection (I2PService * owner, std::shared_ptr<i2p::stream::Stream> stream, std::shared_ptr<boost::asio::ip::tcp::socket> socket,
-				const boost::asio::ip::tcp::endpoint& target, bool quiet = true); // from I2P
+			I2PTunnelConnection (I2PService * owner, std::shared_ptr<i2p::stream::Stream> stream,
+				const boost::asio::ip::tcp::endpoint& target, bool quiet = true,
+			    std::shared_ptr<boost::asio::ssl::context> sslCtx = nullptr); // from I2P
 			~I2PTunnelConnection ();
 			void I2PConnect (const uint8_t * msg = nullptr, size_t len = 0);
 			void Connect (bool isUniqueLocal = true);
@@ -56,21 +58,27 @@ namespace client
 			void Terminate ();
 
 			void Receive ();
-			void HandleReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred);
+			void StreamReceive ();
 			virtual void Write (const uint8_t * buf, size_t len); // can be overloaded
-			void HandleWrite (const boost::system::error_code& ecode);
 			virtual void WriteToStream (const uint8_t * buf, size_t len); // can be overloaded
 
-			void StreamReceive ();
-			void HandleStreamReceive (const boost::system::error_code& ecode, std::size_t bytes_transferred);
+			std::shared_ptr<boost::asio::ip::tcp::socket> GetSocket () const { return m_Socket; };
+			std::shared_ptr<boost::asio::ssl::stream<boost::asio::ip::tcp::socket&> > GetSSL () const { return m_SSL; };
+
+		private:
+
 			void HandleConnect (const boost::system::error_code& ecode);
-
-			std::shared_ptr<const boost::asio::ip::tcp::socket> GetSocket () const { return m_Socket; };
-
+			void HandleHandshake (const boost::system::error_code& ecode);
+			void Established ();
+			void HandleReceive (const boost::system::error_code& ecode, std::size_t bytes_transferred);
+			void HandleWrite (const boost::system::error_code& ecode);
+			void HandleStreamReceive (const boost::system::error_code& ecode, std::size_t bytes_transferred);
+		
 		private:
 
 			uint8_t m_Buffer[I2P_TUNNEL_CONNECTION_BUFFER_SIZE], m_StreamBuffer[I2P_TUNNEL_CONNECTION_BUFFER_SIZE];
 			std::shared_ptr<boost::asio::ip::tcp::socket> m_Socket;
+			std::shared_ptr<boost::asio::ssl::stream<boost::asio::ip::tcp::socket&> > m_SSL;
 			std::shared_ptr<i2p::stream::Stream> m_Stream;
 			boost::asio::ip::tcp::endpoint m_RemoteEndpoint;
 			bool m_IsQuiet; // don't send destination
@@ -100,8 +108,8 @@ namespace client
 		public:
 
 			I2PServerTunnelConnectionHTTP (I2PService * owner, std::shared_ptr<i2p::stream::Stream> stream,
-				std::shared_ptr<boost::asio::ip::tcp::socket> socket,
-				const boost::asio::ip::tcp::endpoint& target, const std::string& host);
+				const boost::asio::ip::tcp::endpoint& target, const std::string& host,
+			    std::shared_ptr<boost::asio::ssl::context> sslCtx = nullptr);
 
 		protected:
 
@@ -121,7 +129,6 @@ namespace client
 		public:
 
 			I2PTunnelConnectionIRC (I2PService * owner, std::shared_ptr<i2p::stream::Stream> stream,
-				std::shared_ptr<boost::asio::ip::tcp::socket> socket,
 				const boost::asio::ip::tcp::endpoint& target, const std::string& m_WebircPass);
 
 		protected:
@@ -343,6 +350,9 @@ namespace client
 			void SetUniqueLocal (bool isUniqueLocal) { m_IsUniqueLocal = isUniqueLocal; }
 			bool IsUniqueLocal () const { return m_IsUniqueLocal; }
 
+			void SetSSL (bool ssl);				
+			std::shared_ptr<boost::asio::ssl::context> GetSSLCtx () const { return m_SSLCtx; };
+			
 			void SetLocalAddress (const std::string& localAddress);
 
 			const std::string& GetAddress() const { return m_Address; }
@@ -371,6 +381,7 @@ namespace client
 			std::set<i2p::data::IdentHash> m_AccessList;
 			bool m_IsAccessList;
 			std::unique_ptr<boost::asio::ip::address> m_LocalAddress;
+			std::shared_ptr<boost::asio::ssl::context> m_SSLCtx;
 	};
 
 	class I2PServerTunnelHTTP: public I2PServerTunnel