path: root/a48aea18b6c7ee534cd21f7febfe253e31b33eda.patch

From a48aea18b6c7ee534cd21f7febfe253e31b33eda Mon Sep 17 00:00:00 2001
From: Davide Beatrici <git@davidebeatrici.dev>
Date: Sat, 4 Apr 2020 07:48:46 +0200
Subject: [PATCH] src/murmur/Server.cpp: implement workaround for critical
 QSslSocket issue

A severe bug was introduced in qt/qtbase@93a803a6de27d9eb57931c431b5f3d074914f693: q_SSL_shutdown() causes Qt to emit "error()" from unrelated QSslSocket(s), in addition to the correct one.

The issue causes Server::connectionClosed() to disconnect random authenticated clients.

The workaround consists in ignoring a specific OpenSSL error:
"Error while reading: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init [20]"

Definitely not ideal, but it fixes a critical vulnerability. Details on how to trigger it are deliberately omitted.
---
 src/murmur/Server.cpp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/murmur/Server.cpp b/src/murmur/Server.cpp
index cac75e4fea..055ad96d95 100644
--- a/src/murmur/Server.cpp
+++ b/src/murmur/Server.cpp
@@ -1422,6 +1422,19 @@ void Server::sslError(const QList<QSslError> &errors) {
 }
 
 void Server::connectionClosed(QAbstractSocket::SocketError err, const QString &reason) {
+	if (reason.contains(QLatin1String("140E0197"))) {
+		// A severe bug was introduced in qt/qtbase@93a803a6de27d9eb57931c431b5f3d074914f693.
+		// q_SSL_shutdown() causes Qt to emit "error()" from unrelated QSslSocket(s), in addition to the correct one.
+		// The issue causes this function to disconnect random authenticated clients.
+		//
+		// The workaround consists in ignoring a specific OpenSSL error:
+		// "Error while reading: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init [20]"
+		//
+		// Definitely not ideal, but it fixes a critical vulnerability.
+		qWarning("Ignored OpenSSL error 140E0197 for %p", sender());
+		return;
+	}
+
 	Connection *c = qobject_cast<Connection *>(sender());
 	if (! c)
 		return;