Overview

File 0009-Do-not-replace-connections-for-a-given-deviceId-if-t.patch of Package kdeconnect-kde

From bc5a302a9044aa13ab96c6c56077278a034a92f1 Mon Sep 17 00:00:00 2001
From: Albert Vaca Cintora <albertvaka@gmail.com>
Date: Thu, 24 Sep 2020 18:46:57 +0200
Subject: [PATCH 9/9] Do not replace connections for a given deviceId if the
 certs have changed

Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
---
 core/backends/lan/landevicelink.cpp   | 5 +++++
 core/backends/lan/landevicelink.h     | 1 +
 core/backends/lan/lanlinkprovider.cpp | 6 ++++++
 3 files changed, 12 insertions(+)

diff --git a/core/backends/lan/landevicelink.cpp b/core/backends/lan/landevicelink.cpp
index 8a65fb92..41af6f0e 100644
--- a/core/backends/lan/landevicelink.cpp
+++ b/core/backends/lan/landevicelink.cpp
@@ -192,3 +192,8 @@ bool LanDeviceLink::linkShouldBeKeptAlive() {
     //return (mConnectionSource == ConnectionStarted::Remotely || pairStatus() == Paired);
 
 }
+
+QSslCertificate LanDeviceLink::certificate() const
+{
+    return m_socketLineReader->peerCertificate();
+}
diff --git a/core/backends/lan/landevicelink.h b/core/backends/lan/landevicelink.h
index 28f63db2..485c58b5 100644
--- a/core/backends/lan/landevicelink.h
+++ b/core/backends/lan/landevicelink.h
@@ -56,6 +56,7 @@ public:
     bool linkShouldBeKeptAlive() override;
 
     QHostAddress hostAddress() const;
+    QSslCertificate certificate() const;
 
 private Q_SLOTS:
     void dataReceived();
diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp
index 8e0bad0a..95c35c9d 100644
--- a/core/backends/lan/lanlinkprovider.cpp
+++ b/core/backends/lan/lanlinkprovider.cpp
@@ -341,6 +341,12 @@ void LanLinkProvider::encrypted()
     NetworkPacket* receivedPacket = m_receivedIdentityPackets[socket].np;
     const QString& deviceId = receivedPacket->get<QString>(QStringLiteral("deviceId"));
 
+    if (m_links.contains(deviceId) && m_links[deviceId]->certificate() != socket->peerCertificate()) {
+        socket->disconnectFromHost();
+        qCWarning(KDECONNECT_CORE) << "Got connection for the same deviceId but certificates don't match. Ignoring " << deviceId;
+        return;
+    }
+
     addLink(deviceId, socket, receivedPacket, connectionOrigin);
 
     // Copied from tcpSocketConnected slot, now delete received packet
-- 
2.28.0
openSUSE Build Service is sponsored by
Places