core: Require TLS cert to be loaded if --require-ssl is used

If the user specifies --require-ssl, but the core cannot load a
SSL/TLS certificate for any reason, the core will throw an
exception and quit. This fixes a minor security vulnerability
where previously, the core would simply fall back to plaintext
mode and not offer encrypted connections at all.

diff --git a/src/core/sslserver.cpp b/src/core/sslserver.cpp
index 9c3c7ed..c93f486 100644 (file)
--- a/src/core/sslserver.cpp
+++ b/src/core/sslserver.cpp
@@ -49,6 +49,12 @@ SslServer::SslServer(QObject* parent)
 
     // Initialize the certificates for first-time usage
     if (!loadCerts()) {
+        // If the core is unable to load a certificate, and "--require-ssl" is specified,
+        // do not proceed, throw an exception and quit. This prevents the core from falling
+        // back to a plaintext-only core when they should be expecting SSL/TLS only.
+        if (Quassel::isOptionSet("require-ssl")) {
+            throw ExitException{EXIT_FAILURE, tr("--require-ssl is set, but no SSL certificate is available. Exiting.")};
+        }
         if (!sslWarningShown) {
             qWarning() << "SslServer: Unable to set certificate file\n"
                        << "          Quassel Core will still work, but cannot provide SSL for client connections.\n"