Core launched with --require-ssl flag, but no certificate to load, will accept plaintext connections
Cores launched with the "--require-ssl" flag, (introduced in https://github.com/quassel/quassel/pull/43) will reject clients that do not accept SSL.
However, if the core itself does not have an SSL certificate available to load, the core will still launch, and happily accept plaintext connections.
This is an unexpected situation.
Steps to reproduce:
- Install Quasselcore by whatever means you wish
- Configure Quasselcore's data directory with no quasselCert.pem file
- Launch Quasselcore with the "--require-ssl" flag on the command line
Quasselcore will not launch, because the core could not find an SSL certificate.
Quasselcore launches, and accepts plaintext client connections.
#1 Updated by phuzion almost 2 years ago
PR submitted to fix this.
#2 Updated by phuzion almost 2 years ago
- Related to Feature #1323: It doesn't seem to be possible to disable SSLv3. added
#3 Updated by phuzion almost 2 years ago
- Priority changed from Normal to High
#4 Updated by phuzion almost 2 years ago
- Status changed from New to Resolved
PR 581 has been merged, resolving this bug.