Project

General

Profile

Bug #1728

Core launched with --require-ssl flag, but no certificate to load, will accept plaintext connections

Added by phuzion 4 months ago. Updated 4 months ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
Quassel Core
Target version:
-
Start date:
06/16/2021
Due date:
% Done:

0%

Estimated time:
Version:
0.13.1
OS:
Any

Description

Cores launched with the "--require-ssl" flag, (introduced in https://github.com/quassel/quassel/pull/43) will reject clients that do not accept SSL.

However, if the core itself does not have an SSL certificate available to load, the core will still launch, and happily accept plaintext connections.

This is an unexpected situation.

Steps to reproduce:

  1. Install Quasselcore by whatever means you wish
  2. Configure Quasselcore's data directory with no quasselCert.pem file
  3. Launch Quasselcore with the "--require-ssl" flag on the command line

Expected results:

Quasselcore will not launch, because the core could not find an SSL certificate.

Actual results

Quasselcore launches, and accepts plaintext client connections.


Related issues

Related to Quassel IRC - Feature #1323: It doesn't seem to be possible to disable SSLv3.Resolved2014-11-04

History

#1 Updated by phuzion 4 months ago

#2 Updated by phuzion 4 months ago

  • Related to Feature #1323: It doesn't seem to be possible to disable SSLv3. added

#4 Updated by phuzion 4 months ago

  • Status changed from New to Resolved

PR 581 has been merged, resolving this bug.

Also available in: Atom PDF