From f20d380a36e11a7591dacbf0a62d7c11d997f9db Mon Sep 17 00:00:00 2001
From: phuzion <398094+phuzion@users.noreply.github.com>
Date: Wed, 16 Jun 2021 13:28:38 -0400
Subject: [PATCH] core: Require TLS cert to be loaded if --require-ssl is used
 If the user specifies --require-ssl, but the core cannot load a SSL/TLS
 certificate for any reason, the core will throw an exception and quit. This
 fixes a minor security vulnerability where previously, the core would simply
 fall back to plaintext mode and not offer encrypted connections at all.

---
 src/core/sslserver.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/core/sslserver.cpp b/src/core/sslserver.cpp
index 9c3c7edc..c93f4861 100644
--- a/src/core/sslserver.cpp
+++ b/src/core/sslserver.cpp
@@ -49,6 +49,12 @@ SslServer::SslServer(QObject* parent)
 
     // Initialize the certificates for first-time usage
     if (!loadCerts()) {
+        // If the core is unable to load a certificate, and "--require-ssl" is specified,
+        // do not proceed, throw an exception and quit. This prevents the core from falling
+        // back to a plaintext-only core when they should be expecting SSL/TLS only.
+        if (Quassel::isOptionSet("require-ssl")) {
+            throw ExitException{EXIT_FAILURE, tr("--require-ssl is set, but no SSL certificate is available. Exiting.")};
+        }
         if (!sslWarningShown) {
             qWarning() << "SslServer: Unable to set certificate file\n"
                        << "          Quassel Core will still work, but cannot provide SSL for client connections.\n"
-- 
2.20.1