tristan/kdeconnect-kde
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Sanitize certificate subject name before comparing to deviceId

Browse source 
The device ID is sanitized to make it safe for D-Bus, so the device ID
stored in the certificate as the subject name also needs to be
sanitized before comparison.
This commit is contained in:
Andy Holmes 2023-09-03 15:55:34 -07:00
parent 4d5474db7b
commit 0640279ae0
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
core/backends/lan/lanlinkprovider.cpp
View file

@ -33,6 +33,7 @@
#include <QUdpSocket> #include <QUdpSocket>
#include "daemon.h" #include "daemon.h"
#include "dbushelper.h"
#include "kdeconnectconfig.h" #include "kdeconnectconfig.h"
#include "landevicelink.h" #include "landevicelink.h"
@ -606,6 +607,7 @@ void LanLinkProvider::configureSocket(QSslSocket *socket)
void LanLinkProvider::addLink(QSslSocket *socket, const DeviceInfo &deviceInfo) void LanLinkProvider::addLink(QSslSocket *socket, const DeviceInfo &deviceInfo)
{ {
QString certDeviceId = socket->peerCertificate().subjectDisplayName(); QString certDeviceId = socket->peerCertificate().subjectDisplayName();
DBusHelper::filterNonExportableCharacters(certDeviceId);
if (deviceInfo.id != certDeviceId) { if (deviceInfo.id != certDeviceId) {
socket->disconnectFromHost(); socket->disconnectFromHost();
qCWarning(KDECONNECT_CORE) << "DeviceID in cert doesn't match deviceID in identity packet. " << deviceInfo.id << " vs " << certDeviceId; qCWarning(KDECONNECT_CORE) << "DeviceID in cert doesn't match deviceID in identity packet. " << deviceInfo.id << " vs " << certDeviceId;