DTLS - treat QSslSocket::UnencryptedMode as invalid

Unfortunately, this enum is not 'binary', it also has 'UnencryptedMode' and as a result we can end up with server-side method/context. Change-Id: If2da4c1b9f7e9ff916d933c9517c00a632aea324 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io> Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
author: Timur Pocheptsov <timur.pocheptsov@qt.io> 2018-07-27 14:34:32 +0200
committer: Timur Pocheptsov <timur.pocheptsov@qt.io> 2018-07-28 08:08:14 +0000
commit: 28503387ead00f82710ffdc1c415c564479825a9 (patch)
tree: f617cf5ca0488584374f12b31ac99ab29140e649 /src/network
parent: 8a450f570b8dc40f61a68db0ca5eb69a7a97272c (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/src/network/ssl/qdtls_openssl.cpp b/src/network/ssl/qdtls_openssl.cpp
index 90457c3724..2e5a26d596 100644
--- a/src/network/ssl/qdtls_openssl.cpp
+++ b/src/network/ssl/qdtls_openssl.cpp
@@ -715,6 +715,12 @@ bool DtlsState::initCtxAndConnection(QDtlsBasePrivate *dtlsBase)
     Q_ASSERT(dtlsBase);
     Q_ASSERT(QSslSocket::supportsSsl());
 
+    if (dtlsBase->mode == QSslSocket::UnencryptedMode) {
+        dtlsBase->setDtlsError(QDtlsError::TlsInitializationError,
+                               QDtls::tr("Invalid SslMode, SslServerMode or SslClientMode expected"));
+        return false;
+    }
+
     // create a deep copy of our configuration
     auto configurationCopy = new QSslConfigurationPrivate(dtlsBase->dtlsConfiguration);
     configurationCopy->ref.store(0); // the QSslConfiguration constructor refs up
author	Timur Pocheptsov <timur.pocheptsov@qt.io>	2018-07-27 14:34:32 +0200
committer	Timur Pocheptsov <timur.pocheptsov@qt.io>	2018-07-28 08:08:14 +0000
commit	28503387ead00f82710ffdc1c415c564479825a9 (patch)
tree	f617cf5ca0488584374f12b31ac99ab29140e649 /src/network
parent	8a450f570b8dc40f61a68db0ca5eb69a7a97272c (diff)