Improvements on version 3.2

- new features:
    - TLS client can now read subjects from server certificate as well as server can

- improvements:
    - Improve the exception templates
    - When subject part can't be read from foreign certificate, throw exception instead returning nothing -> Return pattern is now guaranteed

- bug fixes:

Author: nilshenrich

README.md

@@ -146,7 +146,8 @@ using namespace tcp; // The entire library is in the namespace tcp
 
 The following linker flags are mandatory to be set depending on what sub-features are used:
 
-* **-lssl**     if the TLS encryption is used
+* **-lssl**     if the TLS encryption is used (General OpenSSL library)
+* **-lcrypto**  if the TLS encryption is used (OpenSSL cryptographic library)
 
 ### Message modes
 

example/CMakeLists.txt

@@ -5,7 +5,7 @@ cmake_minimum_required(VERSION 3.10)
 set(CMAKE_CXX_STANDARD 17)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 
-project(example VERSION 3.2.0 DESCRIPTION "Example of using the TCP client and server classes")
+project(example VERSION 3.2.1 DESCRIPTION "Example of using the TCP client and server classes")
 
 add_executable(server server.cpp)
 add_executable(client client.cpp)

example/client.cpp

@@ -2,10 +2,10 @@
  * @file server.cpp
  * @author Nils Henrich
  * @brief Example how to use the server part
- * @version 1.0
+ * @version 3.2.1
  * @date 2024-04-20
  *
- * @copyright Copyright (c) 2024
+ * @copyright Copyright (c) 2025
  */
 
 #include <iostream>

example/server.cpp

@@ -2,10 +2,10 @@
  * @file server.cpp
  * @author Nils Henrich
  * @brief Example how to use the server part
- * @version 1.0
+ * @version 3.2.1
  * @date 2024-04-20
  *
- * @copyright Copyright (c) 2024
+ * @copyright Copyright (c) 2025
  */
 
 #include <iostream>

hooks/post-checkout

@@ -23,9 +23,18 @@ then
     # ---------- Update version ----------
     version=$(echo $current_branch | sed "s/release\///g" | sed -E "s/^[a-zA-Z]+//g")
     find $root_dir/src/ -type f -exec sed -i -E "s/@version\s*[1234567890\.\+]+$/@version $version/g" {} \;
+    find $root_dir/example/ -type f -exec sed -i -E "s/@version\s*[1234567890\.\+]+$/@version $version/g" {} \;
     find $root_dir/example/ -type f -name CMakeLists.txt -exec sed -i -E "s/project\((\w+)\s+VERSION\s+[1234567890\.\+]+/project(\1 VERSION $version/g" {} \;
+
+    # ---------- Update copyright year ----------
+    year=$(date +"%Y")
+    find $root_dir/src/ -type f -exec sed -i -E "s/@copyright.*/@copyright Copyright (c) $year/g" {} \;
+    find $root_dir/example/ -type f -exec sed -i -E "s/@copyright.*/@copyright Copyright (c) $year/g" {} \;
+
+    # ---------- Commit changes ----------
     git add $root_dir
     git commit -m "<hook> Update to version $version"
+
 else
     echo "Nothing to be done for branch '$current_branch'"
 fi

src/TcpClient.hpp

@@ -2,10 +2,10 @@
  * @file TcpClient.hpp
  * @author Nils Henrich
  * @brief TCP client for unencrypted data transfer without authentication.
- * @version 3.2.0
+ * @version 3.2.1
  * @date 2021-12-27
  *
- * @copyright Copyright (c) 2021
+ * @copyright Copyright (c) 2025
  *
  */
 

src/TcpServer.hpp

@@ -2,10 +2,10 @@
  * @file TcpServer.hpp
  * @author Nils Henrich
  * @brief TCP server for unencrypted data transfer without authentication.
- * @version 3.2.0
+ * @version 3.2.1
  * @date 2021-12-27
  *
- * @copyright Copyright (c) 2021
+ * @copyright Copyright (c) 2025
  *
  */
 

src/TlsClient.hpp

@@ -2,10 +2,10 @@
  * @file TlsClient.hpp
  * @author Nils Henrich
  * @brief TLS client for encrypted data transfer with authentication.
- * @version 3.2.0
+ * @version 3.2.1
  * @date 2021-12-27
  *
- * @copyright Copyright (c) 2021
+ * @copyright Copyright (c) 2025
  *
  */
 
@@ -67,6 +67,46 @@ namespace tcp
          */
         virtual ~TlsClient() { stop(); }
 
+        /**
+         * @brief Get specific subject part as string of the certificate of the server.
+         *        Throw Client_error if server not connected or NID is invalid.
+         *
+         * @param subjPart
+         * @return string
+         */
+        ::std::string getSubjPartFromServerCert(const int subjPart)
+        {
+            char buf[256]{0};
+
+            // Check if server is connected
+            if (!isRunning())
+            {
+#ifdef DEVELOP
+                ::std::cerr << DEBUGINFO << ": Client is not running, means not connected to any server" << ::std::endl;
+#endif // DEVELOP
+
+                throw Client_error("Not connected to any server to read certificate subject part from");
+            }
+
+            // Read server certificate from TLS channel
+            ::std::unique_ptr<X509, void (*)(X509 *)> remoteCert{SSL_get_peer_certificate(clientSocket.get()), X509_free};
+
+            // Get whole subject part from server certificate
+            X509_NAME *remoteCertSubject{X509_get_subject_name(remoteCert.get())};
+
+            // Get specific part from subject
+            if (-1 == X509_NAME_get_text_by_NID(remoteCertSubject, subjPart, buf, 256))
+            {
+#ifdef DEVELOP
+                ::std::cerr << DEBUGINFO << ": Invalid NID " << subjPart << " for certificate subject" << ::std::endl;
+#endif // DEVELOP
+
+                throw Client_error("Invalid NID " + ::std::to_string(subjPart) + " for server certificate subject");
+            }
+
+            return ::std::string(buf);
+        }
+
         /**
          * @brief Sets the file paths for the CA certificate, server certificate, and private key.
          *

src/TlsServer.hpp

@@ -2,10 +2,10 @@
  * @file TlsServer.hpp
  * @author Nils Henrich
  * @brief TLS server for encrypted data transfer with authentication.
- * @version 3.2.0
+ * @version 3.2.1
  * @date 2021-12-27
  *
- * @copyright Copyright (c) 2021
+ * @copyright Copyright (c) 2025
  *
  */
 
@@ -62,40 +62,42 @@ namespace tcp
 
       /**
        * @brief Get specific subject part as string of the certificate of a specific connected client (Identified by its TCP ID).
+       *        Throw Server_error if client ID is not found or NID is invalid.
        *
        * @param clientId
-       * @param tlsSocket
        * @param subjPart
        * @return string
        */
-      ::std::string getSubjPartFromClientCert(const int clientId, const SSL *tlsSocket, const int subjPart)
+      ::std::string getSubjPartFromClientCert(const int clientId, const int subjPart)
       {
          char buf[256]{0};
+         ::std::lock_guard<::std::mutex> lck{activeConnections_m};
 
-         // If TLS socket is null, get socket from list of connected clients
-         if (!tlsSocket)
+         // Check if client is connected
+         if (activeConnections.find(clientId) == activeConnections.end())
          {
-            ::std::lock_guard<::std::mutex> lck{activeConnections_m};
-            if (activeConnections.find(clientId) == activeConnections.end())
-            {
 #ifdef DEVELOP
-               ::std::cerr << DEBUGINFO << ": No connected client " << clientId << ::std::endl;
+            ::std::cerr << DEBUGINFO << ": No connected client " << clientId << ::std::endl;
 #endif // DEVELOP
 
-               return "";
-            }
-
-            tlsSocket = activeConnections[clientId].get();
+            throw Server_error("No connected client " + ::std::to_string(clientId) + " to read certificate subject part from");
          }
 
          // Read client certificate from TLS channel
-         ::std::unique_ptr<X509, void (*)(X509 *)> remoteCert{SSL_get_peer_certificate(tlsSocket), X509_free};
+         ::std::unique_ptr<X509, void (*)(X509 *)> remoteCert{SSL_get_peer_certificate(activeConnections[clientId].get()), X509_free};
 
-         // Get wholw subject part from client certificate
+         // Get whole subject part from client certificate
          X509_NAME *remoteCertSubject{X509_get_subject_name(remoteCert.get())};
 
          // Get specific part from subject
-         X509_NAME_get_text_by_NID(remoteCertSubject, subjPart, buf, 256);
+         if (-1 == X509_NAME_get_text_by_NID(remoteCertSubject, subjPart, buf, 256))
+         {
+#ifdef DEVELOP
+            ::std::cerr << DEBUGINFO << ": Invalid NID " << subjPart << " for certificate subject" << ::std::endl;
+#endif // DEVELOP
+
+            throw Server_error("Invalid NID " + ::std::to_string(subjPart) + " for client certificate subject");
+         }
 
          // Return subject part as string
          return ::std::string(buf);

src/template/Client.hpp

@@ -4,10 +4,10 @@
  * @brief Base framework for all classes that build a network client based on TCP.
  * This class contains no functionality, but serves a base framework for the creation of stable clients based on TCP.
  * When compiling with the -DDEBUG flag, the class will print out all received messages to the console.
- * @version 3.2.0
+ * @version 3.2.1
  * @date 2021-12-28
  *
- * @copyright Copyright (c) 2021
+ * @copyright Copyright (c) 2025
  *
  */
 
@@ -20,14 +20,14 @@
 #include <cstring>
 #include <thread>
 #include <memory>
-#include <exception>
 #include <atomic>
 #include <functional>
 #include <unistd.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <netdb.h>
 #include <sys/socket.h>
+#include "exception.hpp"
 
 // Debugging output
 #ifdef DEVELOP
@@ -65,29 +65,11 @@ namespace tcp
         }
     };
 
-    /**
-     * @brief Exception class for the Client class.
-     */
-    class Client_error : public ::std::exception
+    // Client error
+    class Client_error : public Error
     {
     public:
-        Client_error(::std::string msg = "unexpected client error") : msg{msg} {}
-        virtual ~Client_error() {}
-
-        const char *what()
-        {
-            return msg.c_str();
-        }
-
-    private:
-        const ::std::string msg;
-
-        // Delete default constructor
-        Client_error() = delete;
-
-        // Disallow copy
-        Client_error(const Client_error &) = delete;
-        Client_error &operator=(const Client_error &) = delete;
+        Client_error(::std::string msg = "unexpected client error") : Error{msg} {}
     };
 
     /**