If the user specifies --require-ssl, but the core cannot load a
SSL/TLS certificate for any reason, the core will throw an
exception and quit. This fixes a minor security vulnerability
where previously, the core would simply fall back to plaintext
mode and not offer encrypted connections at all.
// Initialize the certificates for first-time usage
if (!loadCerts()) {
// Initialize the certificates for first-time usage
if (!loadCerts()) {
+ // If the core is unable to load a certificate, and "--require-ssl" is specified,
+ // do not proceed, throw an exception and quit. This prevents the core from falling
+ // back to a plaintext-only core when they should be expecting SSL/TLS only.
+ if (Quassel::isOptionSet("require-ssl")) {
+ throw ExitException{EXIT_FAILURE, tr("--require-ssl is set, but no SSL certificate is available. Exiting.")};
+ }
if (!sslWarningShown) {
qWarning() << "SslServer: Unable to set certificate file\n"
<< " Quassel Core will still work, but cannot provide SSL for client connections.\n"
if (!sslWarningShown) {
qWarning() << "SslServer: Unable to set certificate file\n"
<< " Quassel Core will still work, but cannot provide SSL for client connections.\n"