Do not replace connections for a given deviceId if the certs have changed
Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
This commit is contained in:
parent
85b691e40f
commit
48180b4655
3 changed files with 12 additions and 0 deletions
|
@ -192,3 +192,8 @@ bool LanDeviceLink::linkShouldBeKeptAlive() {
|
||||||
//return (mConnectionSource == ConnectionStarted::Remotely || pairStatus() == Paired);
|
//return (mConnectionSource == ConnectionStarted::Remotely || pairStatus() == Paired);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
QSslCertificate LanDeviceLink::certificate() const
|
||||||
|
{
|
||||||
|
return m_socketLineReader->peerCertificate();
|
||||||
|
}
|
||||||
|
|
|
@ -56,6 +56,7 @@ public:
|
||||||
bool linkShouldBeKeptAlive() override;
|
bool linkShouldBeKeptAlive() override;
|
||||||
|
|
||||||
QHostAddress hostAddress() const;
|
QHostAddress hostAddress() const;
|
||||||
|
QSslCertificate certificate() const;
|
||||||
|
|
||||||
private Q_SLOTS:
|
private Q_SLOTS:
|
||||||
void dataReceived();
|
void dataReceived();
|
||||||
|
|
|
@ -345,6 +345,12 @@ void LanLinkProvider::encrypted()
|
||||||
NetworkPacket* receivedPacket = m_receivedIdentityPackets[socket].np;
|
NetworkPacket* receivedPacket = m_receivedIdentityPackets[socket].np;
|
||||||
const QString& deviceId = receivedPacket->get<QString>(QStringLiteral("deviceId"));
|
const QString& deviceId = receivedPacket->get<QString>(QStringLiteral("deviceId"));
|
||||||
|
|
||||||
|
if (m_links.contains(deviceId) && m_links[deviceId]->certificate() != socket->peerCertificate()) {
|
||||||
|
socket->disconnectFromHost();
|
||||||
|
qCWarning(KDECONNECT_CORE) << "Got connection for the same deviceId but certificates don't match. Ignoring " << deviceId;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
addLink(deviceId, socket, receivedPacket, connectionOrigin);
|
addLink(deviceId, socket, receivedPacket, connectionOrigin);
|
||||||
|
|
||||||
// Copied from tcpSocketConnected slot, now delete received packet
|
// Copied from tcpSocketConnected slot, now delete received packet
|
||||||
|
|
Loading…
Reference in a new issue