From adee6b62bee66c21e76f6766f92f901be8ec8dba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Simon=20St=C3=BCrz?= <simon.stuerz@guh.io>
Date: Wed, 15 Aug 2018 17:40:24 +0200
Subject: [PATCH] Clean up on tunnel disconnect and prevent 3 authenticated
 connections

---
 .../authentication/authenticationprocess.cpp  |  1 +
 libnymea-remoteproxy/proxyserver.cpp          | 19 ++++++++++++++++---
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/libnymea-remoteproxy/authentication/authenticationprocess.cpp b/libnymea-remoteproxy/authentication/authenticationprocess.cpp
index 1790c8e..03d6c2f 100644
--- a/libnymea-remoteproxy/authentication/authenticationprocess.cpp
+++ b/libnymea-remoteproxy/authentication/authenticationprocess.cpp
@@ -44,6 +44,7 @@ void AuthenticationProcess::startVerificationProcess()
     env.insert("AWS_DEFAULT_REGION", "eu-west-1");
 
     if (m_dynamicCredentials) {
+        qCDebug(dcAuthenticationProcess()) << "Using dynamic credentials" << m_awsAccessKeyId << m_awsSecretAccessKey << m_awsSessionToken;
         env.insert("AWS_ACCESS_KEY_ID", m_awsAccessKeyId);
         env.insert("AWS_SECRET_ACCESS_KEY", m_awsSecretAccessKey);
         env.insert("AWS_SESSION_TOKEN", m_awsSessionToken);
diff --git a/libnymea-remoteproxy/proxyserver.cpp b/libnymea-remoteproxy/proxyserver.cpp
index 2b8aafe..a111523 100644
--- a/libnymea-remoteproxy/proxyserver.cpp
+++ b/libnymea-remoteproxy/proxyserver.cpp
@@ -141,13 +141,20 @@ void ProxyServer::onClientDisconnected(const QUuid &clientId)
         // Unregister from json rpc server
         m_jsonRpcServer->unregisterClient(proxyClient);
 
+        // Check if
+        if (m_tunnels.contains(proxyClient->token())) {
+            // There is a tunnel connection for this client, remove the tunnel and disconnect also the other client
+            ProxyClient *remoteClient = getRemoteClient(proxyClient);
+            m_tunnels.remove(remoteClient->token());
+            if (remoteClient) {
+                remoteClient->interface()->killClientConnection(remoteClient->clientId(), "Tunnel client disconnected");
+            }
+        }
+
         // Delete the proxy client
         proxyClient->deleteLater();
-
-        // TODO: Disconnect also the other tunnel client
     }
 
-    // TODO: Clean up this client since it does not exist any more
 }
 
 void ProxyServer::onClientDataAvailable(const QUuid &clientId, const QByteArray &data)
@@ -203,6 +210,12 @@ void ProxyServer::onProxyClientAuthenticated()
     qCDebug(dcProxyServer()) << "   name:" << proxyClient->name();
     qCDebug(dcProxyServer()) << "   uuid:" << proxyClient->uuid();
 
+    if (m_tunnels.contains(proxyClient->token())) {
+        qCWarning(dcProxyServer()) << "There is already a tunnel connection for this token. A third client is not allowed.";
+        proxyClient->interface()->killClientConnection(proxyClient->clientId(), "There is already an established tunnel with this token.");
+        return;
+    }
+
     // Check if we have an other authenticated client with this token
     if (m_authenticatedClients.keys().contains(proxyClient->token())) {
         // Found a client with this token