1 |
commit: 9e264ef7ff33d1bf2d7d696fab3fadae151a899b |
2 |
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Nov 28 13:50:40 2020 +0000 |
4 |
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Nov 28 14:12:48 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9e264ef7 |
7 |
|
8 |
kde-misc/kdeconnect: Drop obsolete patches |
9 |
|
10 |
Package-Manager: Portage-3.0.10, Repoman-3.0.2 |
11 |
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org> |
12 |
|
13 |
...re-SSL-errors-except-for-self-signed-cert.patch | 65 ------------- |
14 |
...ot-leak-the-local-user-in-the-device-name.patch | 32 ------- |
15 |
...fter-free-in-LanLinkProvider-connectError.patch | 28 ------ |
16 |
...20.04.3-04-Limit-identity-packets-to-8KiB.patch | 36 -------- |
17 |
...lanlink-connections-stay-open-for-long-wi.patch | 37 -------- |
18 |
...3-06-Don-t-brute-force-reading-the-socket.patch | 102 --------------------- |
19 |
...r-of-connected-sockets-from-unpaired-devi.patch | 42 --------- |
20 |
...mber-more-than-a-few-identity-packets-at-.patch | 54 ----------- |
21 |
...orts-we-try-to-connect-to-to-the-port-ran.patch | 32 ------- |
22 |
...ace-connections-for-a-given-deviceId-if-t.patch | 58 ------------ |
23 |
10 files changed, 486 deletions(-) |
24 |
|
25 |
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-01-Do-not-ignore-SSL-errors-except-for-self-signed-cert.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-01-Do-not-ignore-SSL-errors-except-for-self-signed-cert.patch |
26 |
deleted file mode 100644 |
27 |
index cafeb9501cd..00000000000 |
28 |
--- a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-01-Do-not-ignore-SSL-errors-except-for-self-signed-cert.patch |
29 |
+++ /dev/null |
30 |
@@ -1,65 +0,0 @@ |
31 |
-From f183b5447bad47655c21af87214579f03bf3a163 Mon Sep 17 00:00:00 2001 |
32 |
-From: Albert Vaca Cintora <albertvaka@×××××.com> |
33 |
-Date: Thu, 24 Sep 2020 16:59:22 +0200 |
34 |
-Subject: [PATCH 01/10] Do not ignore SSL errors, except for self-signed cert |
35 |
- errors. |
36 |
- |
37 |
-Thanks Matthias Gerstner <mgerstner@××××.de> for reporting this. |
38 |
---- |
39 |
- core/backends/lan/lanlinkprovider.cpp | 24 +++++++++++++----------- |
40 |
- 1 file changed, 13 insertions(+), 11 deletions(-) |
41 |
- |
42 |
-diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp |
43 |
-index d9a7d8fa..fc005cee 100644 |
44 |
---- a/core/backends/lan/lanlinkprovider.cpp |
45 |
-+++ b/core/backends/lan/lanlinkprovider.cpp |
46 |
-@@ -297,9 +297,7 @@ void LanLinkProvider::tcpSocketConnected() |
47 |
- |
48 |
- connect(socket, &QSslSocket::encrypted, this, &LanLinkProvider::encrypted); |
49 |
- |
50 |
-- if (isDeviceTrusted) { |
51 |
-- connect(socket, QOverload<const QList<QSslError> &>::of(&QSslSocket::sslErrors), this, &LanLinkProvider::sslErrors); |
52 |
-- } |
53 |
-+ connect(socket, QOverload<const QList<QSslError> &>::of(&QSslSocket::sslErrors), this, &LanLinkProvider::sslErrors); |
54 |
- |
55 |
- socket->startServerEncryption(); |
56 |
- |
57 |
-@@ -326,8 +324,6 @@ void LanLinkProvider::encrypted() |
58 |
- |
59 |
- QSslSocket* socket = qobject_cast<QSslSocket*>(sender()); |
60 |
- if (!socket) return; |
61 |
-- // TODO delete me? |
62 |
-- disconnect(socket, QOverload<const QList<QSslError> &>::of(&QSslSocket::sslErrors), this, &LanLinkProvider::sslErrors); |
63 |
- |
64 |
- Q_ASSERT(socket->mode() != QSslSocket::UnencryptedMode); |
65 |
- LanDeviceLink::ConnectionStarted connectionOrigin = (socket->mode() == QSslSocket::SslClientMode)? LanDeviceLink::Locally : LanDeviceLink::Remotely; |
66 |
-@@ -346,14 +342,20 @@ void LanLinkProvider::sslErrors(const QList<QSslError>& errors) |
67 |
- QSslSocket* socket = qobject_cast<QSslSocket*>(sender()); |
68 |
- if (!socket) return; |
69 |
- |
70 |
-- qCDebug(KDECONNECT_CORE) << "Failing due to " << errors; |
71 |
-- Device* device = Daemon::instance()->getDevice(socket->peerVerifyName()); |
72 |
-- if (device) { |
73 |
-- device->unpair(); |
74 |
-+ bool fatal = false; |
75 |
-+ for (const QSslError& error : errors) { |
76 |
-+ if (error.error() != QSslError::SelfSignedCertificate) { |
77 |
-+ qCCritical(KDECONNECT_CORE) << "Disconnecting due to fatal SSL Error: " << error; |
78 |
-+ fatal = true; |
79 |
-+ } else { |
80 |
-+ qCDebug(KDECONNECT_CORE) << "Ignoring self-signed cert error"; |
81 |
-+ } |
82 |
- } |
83 |
- |
84 |
-- delete m_receivedIdentityPackets.take(socket).np; |
85 |
-- // Socket disconnects itself on ssl error and will be deleted by deleteLater slot, no need to delete manually |
86 |
-+ if (fatal) { |
87 |
-+ socket->disconnectFromHost(); |
88 |
-+ delete m_receivedIdentityPackets.take(socket).np; |
89 |
-+ } |
90 |
- } |
91 |
- |
92 |
- //I'm the new device and this is the answer to my UDP identity packet (no data received yet). They are connecting to us through TCP, and they should send an identity. |
93 |
--- |
94 |
-2.28.0 |
95 |
- |
96 |
|
97 |
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-02-Do-not-leak-the-local-user-in-the-device-name.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-02-Do-not-leak-the-local-user-in-the-device-name.patch |
98 |
deleted file mode 100644 |
99 |
index b374d001036..00000000000 |
100 |
--- a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-02-Do-not-leak-the-local-user-in-the-device-name.patch |
101 |
+++ /dev/null |
102 |
@@ -1,32 +0,0 @@ |
103 |
-From b279c52101d3f7cc30a26086d58de0b5f1c547fa Mon Sep 17 00:00:00 2001 |
104 |
-From: Albert Vaca Cintora <albertvaka@×××××.com> |
105 |
-Date: Thu, 24 Sep 2020 17:01:03 +0200 |
106 |
-Subject: [PATCH 02/10] Do not leak the local user in the device name. |
107 |
- |
108 |
-Thanks Matthias Gerstner <mgerstner@××××.de> for reporting this. |
109 |
---- |
110 |
- core/kdeconnectconfig.cpp | 8 +------- |
111 |
- 1 file changed, 1 insertion(+), 7 deletions(-) |
112 |
- |
113 |
-diff --git a/core/kdeconnectconfig.cpp b/core/kdeconnectconfig.cpp |
114 |
-index 91719303..a8dbcf5c 100644 |
115 |
---- a/core/kdeconnectconfig.cpp |
116 |
-+++ b/core/kdeconnectconfig.cpp |
117 |
-@@ -90,13 +90,7 @@ KdeConnectConfig::KdeConnectConfig() |
118 |
- |
119 |
- QString KdeConnectConfig::name() |
120 |
- { |
121 |
-- QString username; |
122 |
-- #ifdef Q_OS_WIN |
123 |
-- username = QString::fromLatin1(qgetenv("USERNAME")); |
124 |
-- #else |
125 |
-- username = QString::fromLatin1(qgetenv("USER")); |
126 |
-- #endif |
127 |
-- QString defaultName = username + QStringLiteral("@") + QHostInfo::localHostName(); |
128 |
-+ QString defaultName = QHostInfo::localHostName(); |
129 |
- QString name = d->m_config->value(QStringLiteral("name"), defaultName).toString(); |
130 |
- return name; |
131 |
- } |
132 |
--- |
133 |
-2.28.0 |
134 |
- |
135 |
|
136 |
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-03-Fix-use-after-free-in-LanLinkProvider-connectError.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-03-Fix-use-after-free-in-LanLinkProvider-connectError.patch |
137 |
deleted file mode 100644 |
138 |
index 52fb9057b93..00000000000 |
139 |
--- a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-03-Fix-use-after-free-in-LanLinkProvider-connectError.patch |
140 |
+++ /dev/null |
141 |
@@ -1,28 +0,0 @@ |
142 |
-From d35b88c1b25fe13715f9170f18674d476ca9acdc Mon Sep 17 00:00:00 2001 |
143 |
-From: Matthias Gerstner <mgerstner@××××.de> |
144 |
-Date: Thu, 24 Sep 2020 17:03:06 +0200 |
145 |
-Subject: [PATCH 03/10] Fix use after free in LanLinkProvider::connectError() |
146 |
- |
147 |
-If QSslSocket::connectToHost() hasn't finished running. |
148 |
- |
149 |
-Thanks Matthias Gerstner <mgerstner@××××.de> for reporting this. |
150 |
---- |
151 |
- core/backends/lan/lanlinkprovider.cpp | 2 +- |
152 |
- 1 file changed, 1 insertion(+), 1 deletion(-) |
153 |
- |
154 |
-diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp |
155 |
-index fc005cee..235c221f 100644 |
156 |
---- a/core/backends/lan/lanlinkprovider.cpp |
157 |
-+++ b/core/backends/lan/lanlinkprovider.cpp |
158 |
-@@ -252,7 +252,7 @@ void LanLinkProvider::connectError(QAbstractSocket::SocketError socketError) |
159 |
- //The socket we created didn't work, and we didn't manage |
160 |
- //to create a LanDeviceLink from it, deleting everything. |
161 |
- delete m_receivedIdentityPackets.take(socket).np; |
162 |
-- delete socket; |
163 |
-+ socket->deleteLater(); |
164 |
- } |
165 |
- |
166 |
- //We received a UDP packet and answered by connecting to them by TCP. This gets called on a successful connection. |
167 |
--- |
168 |
-2.28.0 |
169 |
- |
170 |
|
171 |
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch |
172 |
deleted file mode 100644 |
173 |
index e083f5896de..00000000000 |
174 |
--- a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch |
175 |
+++ /dev/null |
176 |
@@ -1,36 +0,0 @@ |
177 |
-From b496e66899e5bc9547b6537a7f44ab44dd0aaf38 Mon Sep 17 00:00:00 2001 |
178 |
-From: Aleix Pol <aleixpol@×××.org> |
179 |
-Date: Wed, 16 Sep 2020 02:28:58 +0200 |
180 |
-Subject: [PATCH 04/10] Limit identity packets to 8KiB |
181 |
- |
182 |
-Healthy identity packages shouldn't be that big and we don't want to |
183 |
-allow systems around us to send us ever humongous packages that will |
184 |
-just leave us without any memory. |
185 |
- |
186 |
-Thanks Matthias Gerstner <mgerstner@××××.de> for reporting this. |
187 |
---- |
188 |
- core/backends/lan/lanlinkprovider.cpp | 8 ++++++++ |
189 |
- 1 file changed, 8 insertions(+) |
190 |
- |
191 |
-diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp |
192 |
-index 235c221f..1fd3870e 100644 |
193 |
---- a/core/backends/lan/lanlinkprovider.cpp |
194 |
-+++ b/core/backends/lan/lanlinkprovider.cpp |
195 |
-@@ -381,6 +381,14 @@ void LanLinkProvider::newConnection() |
196 |
- void LanLinkProvider::dataReceived() |
197 |
- { |
198 |
- QSslSocket* socket = qobject_cast<QSslSocket*>(sender()); |
199 |
-+ //the size here is arbitrary and is now at 8192 bytes. It needs to be considerably long as it includes the capabilities but there needs to be a limit |
200 |
-+ //Tested between my systems and I get around 2000 per identity package. |
201 |
-+ if (socket->bytesAvailable() > 8192) { |
202 |
-+ qCWarning(KDECONNECT_CORE) << "LanLinkProvider/newConnection: Suspiciously long identity package received. Closing connection." << socket->peerAddress() << socket->bytesAvailable(); |
203 |
-+ socket->disconnectFromHost(); |
204 |
-+ return; |
205 |
-+ } |
206 |
-+ |
207 |
- #if QT_VERSION < QT_VERSION_CHECK(5,7,0) |
208 |
- if (!socket->canReadLine()) |
209 |
- return; |
210 |
--- |
211 |
-2.28.0 |
212 |
- |
213 |
|
214 |
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-05-Do-not-let-lanlink-connections-stay-open-for-long-wi.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-05-Do-not-let-lanlink-connections-stay-open-for-long-wi.patch |
215 |
deleted file mode 100644 |
216 |
index 1465ce48b98..00000000000 |
217 |
--- a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-05-Do-not-let-lanlink-connections-stay-open-for-long-wi.patch |
218 |
+++ /dev/null |
219 |
@@ -1,37 +0,0 @@ |
220 |
-From 5310eae85dbdf92fba30375238a2481f2e34943e Mon Sep 17 00:00:00 2001 |
221 |
-From: Aleix Pol <aleixpol@×××.org> |
222 |
-Date: Wed, 16 Sep 2020 02:44:38 +0200 |
223 |
-Subject: [PATCH 05/10] Do not let lanlink connections stay open for long |
224 |
- without authenticating |
225 |
- |
226 |
-If there's no information received, close the socket to try again. |
227 |
- |
228 |
-Thanks Matthias Gerstner <mgerstner@××××.de> for reporting this. |
229 |
---- |
230 |
- core/backends/lan/lanlinkprovider.cpp | 10 ++++++++++ |
231 |
- 1 file changed, 10 insertions(+) |
232 |
- |
233 |
-diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp |
234 |
-index 1fd3870e..a4942c65 100644 |
235 |
---- a/core/backends/lan/lanlinkprovider.cpp |
236 |
-+++ b/core/backends/lan/lanlinkprovider.cpp |
237 |
-@@ -374,6 +374,16 @@ void LanLinkProvider::newConnection() |
238 |
- connect(socket, &QIODevice::readyRead, |
239 |
- this, &LanLinkProvider::dataReceived); |
240 |
- |
241 |
-+ QTimer* timer = new QTimer(socket); |
242 |
-+ timer->setSingleShot(true); |
243 |
-+ timer->setInterval(1000); |
244 |
-+ connect(socket, &QSslSocket::encrypted, |
245 |
-+ timer, &QObject::deleteLater); |
246 |
-+ connect(timer, &QTimer::timeout, socket, [socket] { |
247 |
-+ qCWarning(KDECONNECT_CORE) << "LanLinkProvider/newConnection: Host timed out without sending any identity." << socket->peerAddress(); |
248 |
-+ socket->disconnectFromHost(); |
249 |
-+ }); |
250 |
-+ timer->start(); |
251 |
- } |
252 |
- } |
253 |
- |
254 |
--- |
255 |
-2.28.0 |
256 |
- |
257 |
|
258 |
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-06-Don-t-brute-force-reading-the-socket.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-06-Don-t-brute-force-reading-the-socket.patch |
259 |
deleted file mode 100644 |
260 |
index 7bb674a8e8f..00000000000 |
261 |
--- a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-06-Don-t-brute-force-reading-the-socket.patch |
262 |
+++ /dev/null |
263 |
@@ -1,102 +0,0 @@ |
264 |
-From 721ba9faafb79aac73973410ee1dd3624ded97a5 Mon Sep 17 00:00:00 2001 |
265 |
-From: Aleix Pol <aleixpol@×××.org> |
266 |
-Date: Wed, 16 Sep 2020 02:27:13 +0200 |
267 |
-Subject: [PATCH 06/10] Don't brute-force reading the socket |
268 |
- |
269 |
-The package will arrive eventually, and dataReceived will be emitted. |
270 |
-Otherwise we just end up calling dataReceived to no end. |
271 |
- |
272 |
-Thanks Matthias Gerstner <mgerstner@××××.de> for reporting this. |
273 |
---- |
274 |
- core/backends/lan/socketlinereader.cpp | 8 ------- |
275 |
- tests/testsocketlinereader.cpp | 31 ++++++++++++++++++++++++-- |
276 |
- 2 files changed, 29 insertions(+), 10 deletions(-) |
277 |
- |
278 |
-diff --git a/core/backends/lan/socketlinereader.cpp b/core/backends/lan/socketlinereader.cpp |
279 |
-index f67fdf3f..da77052a 100644 |
280 |
---- a/core/backends/lan/socketlinereader.cpp |
281 |
-+++ b/core/backends/lan/socketlinereader.cpp |
282 |
-@@ -38,14 +38,6 @@ void SocketLineReader::dataReceived() |
283 |
- } |
284 |
- } |
285 |
- |
286 |
-- //If we still have things to read from the socket, call dataReceived again |
287 |
-- //We do this manually because we do not trust readyRead to be emitted again |
288 |
-- //So we call this method again just in case. |
289 |
-- if (m_socket->bytesAvailable() > 0) { |
290 |
-- QMetaObject::invokeMethod(this, "dataReceived", Qt::QueuedConnection); |
291 |
-- return; |
292 |
-- } |
293 |
-- |
294 |
- //If we have any packets, tell it to the world. |
295 |
- if (!m_packets.isEmpty()) { |
296 |
- Q_EMIT readyRead(); |
297 |
-diff --git a/tests/testsocketlinereader.cpp b/tests/testsocketlinereader.cpp |
298 |
-index 75584556..b6425b03 100644 |
299 |
---- a/tests/testsocketlinereader.cpp |
300 |
-+++ b/tests/testsocketlinereader.cpp |
301 |
-@@ -25,16 +25,19 @@ |
302 |
- #include <QProcess> |
303 |
- #include <QEventLoop> |
304 |
- #include <QTimer> |
305 |
-+#include <QSignalSpy> |
306 |
- |
307 |
- class TestSocketLineReader : public QObject |
308 |
- { |
309 |
- Q_OBJECT |
310 |
- public Q_SLOTS: |
311 |
-- void initTestCase(); |
312 |
-+ void init(); |
313 |
-+ void cleanup() { delete m_server; } |
314 |
- void newPacket(); |
315 |
- |
316 |
- private Q_SLOTS: |
317 |
- void socketLineReader(); |
318 |
-+ void badData(); |
319 |
- |
320 |
- private: |
321 |
- QTimer m_timer; |
322 |
-@@ -45,8 +48,9 @@ private: |
323 |
- SocketLineReader* m_reader; |
324 |
- }; |
325 |
- |
326 |
--void TestSocketLineReader::initTestCase() |
327 |
-+void TestSocketLineReader::init() |
328 |
- { |
329 |
-+ m_packets.clear(); |
330 |
- m_server = new Server(this); |
331 |
- |
332 |
- QVERIFY2(m_server->listen(QHostAddress::LocalHost, 8694), "Failed to create local tcp server"); |
333 |
-@@ -97,6 +101,29 @@ void TestSocketLineReader::socketLineReader() |
334 |
- } |
335 |
- } |
336 |
- |
337 |
-+void TestSocketLineReader::badData() |
338 |
-+{ |
339 |
-+ const QList<QByteArray> dataToSend = { "data1\n", "data" }; //does not end in a \n |
340 |
-+ for (const QByteArray& line : qAsConst(dataToSend)) { |
341 |
-+ m_conn->write(line); |
342 |
-+ } |
343 |
-+ m_conn->flush(); |
344 |
-+ |
345 |
-+ QSignalSpy spy(m_server, &QTcpServer::newConnection); |
346 |
-+ QVERIFY(m_server->hasPendingConnections() || spy.wait(1000)); |
347 |
-+ QSslSocket* sock = m_server->nextPendingConnection(); |
348 |
-+ |
349 |
-+ QVERIFY2(sock != nullptr, "Could not open a connection to the client"); |
350 |
-+ |
351 |
-+ m_reader = new SocketLineReader(sock, this); |
352 |
-+ connect(m_reader, &SocketLineReader::readyRead, this, &TestSocketLineReader::newPacket); |
353 |
-+ m_timer.start(); |
354 |
-+ m_loop.exec(); |
355 |
-+ |
356 |
-+ QCOMPARE(m_packets.count(), 1); |
357 |
-+ QCOMPARE(m_packets[0], dataToSend[0]); |
358 |
-+} |
359 |
-+ |
360 |
- void TestSocketLineReader::newPacket() |
361 |
- { |
362 |
- if (!m_reader->bytesAvailable()) { |
363 |
--- |
364 |
-2.28.0 |
365 |
- |
366 |
|
367 |
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-07-Limit-number-of-connected-sockets-from-unpaired-devi.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-07-Limit-number-of-connected-sockets-from-unpaired-devi.patch |
368 |
deleted file mode 100644 |
369 |
index 6a6bdb01cb9..00000000000 |
370 |
--- a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-07-Limit-number-of-connected-sockets-from-unpaired-devi.patch |
371 |
+++ /dev/null |
372 |
@@ -1,42 +0,0 @@ |
373 |
-From ae58b9dec49c809b85b5404cee17946116f8a706 Mon Sep 17 00:00:00 2001 |
374 |
-From: Albert Vaca Cintora <albertvaka@×××××.com> |
375 |
-Date: Thu, 24 Sep 2020 17:13:34 +0200 |
376 |
-Subject: [PATCH 07/10] Limit number of connected sockets from unpaired devices |
377 |
- |
378 |
-Thanks Matthias Gerstner <mgerstner@××××.de> for reporting this. |
379 |
---- |
380 |
- core/backends/lan/lanlinkprovider.cpp | 11 +++++++++++ |
381 |
- 1 file changed, 11 insertions(+) |
382 |
- |
383 |
-diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp |
384 |
-index a4942c65..770e7866 100644 |
385 |
---- a/core/backends/lan/lanlinkprovider.cpp |
386 |
-+++ b/core/backends/lan/lanlinkprovider.cpp |
387 |
-@@ -46,6 +46,8 @@ |
388 |
- |
389 |
- #define MIN_VERSION_WITH_SSL_SUPPORT 6 |
390 |
- |
391 |
-+static const int MAX_UNPAIRED_CONNECTIONS = 42; |
392 |
-+ |
393 |
- LanLinkProvider::LanLinkProvider( |
394 |
- bool testMode, |
395 |
- quint16 udpBroadcastPort, |
396 |
-@@ -555,6 +557,15 @@ void LanLinkProvider::addLink(const QString& deviceId, QSslSocket* socket, Netwo |
397 |
- deviceLink->reset(socket, connectionOrigin); |
398 |
- } else { |
399 |
- deviceLink = new LanDeviceLink(deviceId, this, socket, connectionOrigin); |
400 |
-+ // Socket disconnection will now be handled by LanDeviceLink |
401 |
-+ disconnect(socket, &QAbstractSocket::disconnected, socket, &QObject::deleteLater); |
402 |
-+ bool isDeviceTrusted = KdeConnectConfig::instance().trustedDevices().contains(deviceId); |
403 |
-+ if (!isDeviceTrusted && m_links.size() > MAX_UNPAIRED_CONNECTIONS) { |
404 |
-+ qCWarning(KDECONNECT_CORE) << "Too many unpaired devices to remember them all. Ignoring " << deviceId; |
405 |
-+ socket->disconnectFromHost(); |
406 |
-+ socket->deleteLater(); |
407 |
-+ return; |
408 |
-+ } |
409 |
- connect(deviceLink, &QObject::destroyed, this, &LanLinkProvider::deviceLinkDestroyed); |
410 |
- m_links[deviceId] = deviceLink; |
411 |
- if (m_pairingHandlers.contains(deviceId)) { |
412 |
--- |
413 |
-2.28.0 |
414 |
- |
415 |
|
416 |
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-08-Do-not-remember-more-than-a-few-identity-packets-at-.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-08-Do-not-remember-more-than-a-few-identity-packets-at-.patch |
417 |
deleted file mode 100644 |
418 |
index 36d612e9cbc..00000000000 |
419 |
--- a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-08-Do-not-remember-more-than-a-few-identity-packets-at-.patch |
420 |
+++ /dev/null |
421 |
@@ -1,54 +0,0 @@ |
422 |
-From 66c768aa9e7fba30b119c8b801efd49ed1270b0a Mon Sep 17 00:00:00 2001 |
423 |
-From: Albert Vaca Cintora <albertvaka@×××××.com> |
424 |
-Date: Thu, 24 Sep 2020 17:16:02 +0200 |
425 |
-Subject: [PATCH 08/10] Do not remember more than a few identity packets at a |
426 |
- time |
427 |
- |
428 |
-To prevent the kdeconnect process from using too much memory. |
429 |
- |
430 |
-Thanks Matthias Gerstner <mgerstner@××××.de> for reporting this. |
431 |
---- |
432 |
- core/backends/lan/lanlinkprovider.cpp | 13 +++++++++++++ |
433 |
- 1 file changed, 13 insertions(+) |
434 |
- |
435 |
-diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp |
436 |
-index 770e7866..6afb8552 100644 |
437 |
---- a/core/backends/lan/lanlinkprovider.cpp |
438 |
-+++ b/core/backends/lan/lanlinkprovider.cpp |
439 |
-@@ -47,6 +47,7 @@ |
440 |
- #define MIN_VERSION_WITH_SSL_SUPPORT 6 |
441 |
- |
442 |
- static const int MAX_UNPAIRED_CONNECTIONS = 42; |
443 |
-+static const int MAX_REMEMBERED_IDENTITY_PACKETS = 42; |
444 |
- |
445 |
- LanLinkProvider::LanLinkProvider( |
446 |
- bool testMode, |
447 |
-@@ -225,6 +226,12 @@ void LanLinkProvider::udpBroadcastReceived() |
448 |
- |
449 |
- //qCDebug(KDECONNECT_CORE) << "Received Udp identity packet from" << sender << " asking for a tcp connection on port " << tcpPort; |
450 |
- |
451 |
-+ if (m_receivedIdentityPackets.size() > MAX_REMEMBERED_IDENTITY_PACKETS) { |
452 |
-+ qCWarning(KDECONNECT_CORE) << "Too many remembered identities, ignoring" << receivedPacket->get<QString>(QStringLiteral("deviceId")) << "received via UDP"; |
453 |
-+ delete receivedPacket; |
454 |
-+ continue; |
455 |
-+ } |
456 |
-+ |
457 |
- QSslSocket* socket = new QSslSocket(this); |
458 |
- socket->setProxy(QNetworkProxy::NoProxy); |
459 |
- m_receivedIdentityPackets[socket].np = receivedPacket; |
460 |
-@@ -435,6 +442,12 @@ void LanLinkProvider::dataReceived() |
461 |
- return; |
462 |
- } |
463 |
- |
464 |
-+ if (m_receivedIdentityPackets.size() > MAX_REMEMBERED_IDENTITY_PACKETS) { |
465 |
-+ qCWarning(KDECONNECT_CORE) << "Too many remembered identities, ignoring" << np->get<QString>(QStringLiteral("deviceId")) << "received via TCP"; |
466 |
-+ delete np; |
467 |
-+ return; |
468 |
-+ } |
469 |
-+ |
470 |
- // Needed in "encrypted" if ssl is used, similar to "tcpSocketConnected" |
471 |
- m_receivedIdentityPackets[socket].np = np; |
472 |
- |
473 |
--- |
474 |
-2.28.0 |
475 |
- |
476 |
|
477 |
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-09-Limit-the-ports-we-try-to-connect-to-to-the-port-ran.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-09-Limit-the-ports-we-try-to-connect-to-to-the-port-ran.patch |
478 |
deleted file mode 100644 |
479 |
index c108144632c..00000000000 |
480 |
--- a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-09-Limit-the-ports-we-try-to-connect-to-to-the-port-ran.patch |
481 |
+++ /dev/null |
482 |
@@ -1,32 +0,0 @@ |
483 |
-From 85b691e40f525e22ca5cc4ebe79c361d71d7dc05 Mon Sep 17 00:00:00 2001 |
484 |
-From: Albert Vaca Cintora <albertvaka@×××××.com> |
485 |
-Date: Thu, 24 Sep 2020 17:18:06 +0200 |
486 |
-Subject: [PATCH 09/10] Limit the ports we try to connect to to the port range |
487 |
- of KDE Connect |
488 |
- |
489 |
-So we can't trigger connections to other services. |
490 |
- |
491 |
-Thanks Matthias Gerstner <mgerstner@××××.de> for reporting this. |
492 |
---- |
493 |
- core/backends/lan/lanlinkprovider.cpp | 5 +++++ |
494 |
- 1 file changed, 5 insertions(+) |
495 |
- |
496 |
-diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp |
497 |
-index 6afb8552..f3d6801d 100644 |
498 |
---- a/core/backends/lan/lanlinkprovider.cpp |
499 |
-+++ b/core/backends/lan/lanlinkprovider.cpp |
500 |
-@@ -223,6 +223,11 @@ void LanLinkProvider::udpBroadcastReceived() |
501 |
- } |
502 |
- |
503 |
- int tcpPort = receivedPacket->get<int>(QStringLiteral("tcpPort")); |
504 |
-+ if (tcpPort < MIN_TCP_PORT || tcpPort > MAX_TCP_PORT) { |
505 |
-+ qCDebug(KDECONNECT_CORE) << "TCP port outside of kdeconnect's range"; |
506 |
-+ delete receivedPacket; |
507 |
-+ continue; |
508 |
-+ } |
509 |
- |
510 |
- //qCDebug(KDECONNECT_CORE) << "Received Udp identity packet from" << sender << " asking for a tcp connection on port " << tcpPort; |
511 |
- |
512 |
--- |
513 |
-2.28.0 |
514 |
- |
515 |
|
516 |
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-10-Do-not-replace-connections-for-a-given-deviceId-if-t.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-10-Do-not-replace-connections-for-a-given-deviceId-if-t.patch |
517 |
deleted file mode 100644 |
518 |
index d10f0193dac..00000000000 |
519 |
--- a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-10-Do-not-replace-connections-for-a-given-deviceId-if-t.patch |
520 |
+++ /dev/null |
521 |
@@ -1,58 +0,0 @@ |
522 |
-From 48180b46552d40729a36b7431e97bbe2b5379306 Mon Sep 17 00:00:00 2001 |
523 |
-From: Albert Vaca Cintora <albertvaka@×××××.com> |
524 |
-Date: Thu, 24 Sep 2020 18:46:57 +0200 |
525 |
-Subject: [PATCH 10/10] Do not replace connections for a given deviceId if the |
526 |
- certs have changed |
527 |
- |
528 |
-Thanks Matthias Gerstner <mgerstner@××××.de> for reporting this. |
529 |
---- |
530 |
- core/backends/lan/landevicelink.cpp | 5 +++++ |
531 |
- core/backends/lan/landevicelink.h | 1 + |
532 |
- core/backends/lan/lanlinkprovider.cpp | 6 ++++++ |
533 |
- 3 files changed, 12 insertions(+) |
534 |
- |
535 |
-diff --git a/core/backends/lan/landevicelink.cpp b/core/backends/lan/landevicelink.cpp |
536 |
-index 8a65fb92..41af6f0e 100644 |
537 |
---- a/core/backends/lan/landevicelink.cpp |
538 |
-+++ b/core/backends/lan/landevicelink.cpp |
539 |
-@@ -192,3 +192,8 @@ bool LanDeviceLink::linkShouldBeKeptAlive() { |
540 |
- //return (mConnectionSource == ConnectionStarted::Remotely || pairStatus() == Paired); |
541 |
- |
542 |
- } |
543 |
-+ |
544 |
-+QSslCertificate LanDeviceLink::certificate() const |
545 |
-+{ |
546 |
-+ return m_socketLineReader->peerCertificate(); |
547 |
-+} |
548 |
-diff --git a/core/backends/lan/landevicelink.h b/core/backends/lan/landevicelink.h |
549 |
-index 28f63db2..485c58b5 100644 |
550 |
---- a/core/backends/lan/landevicelink.h |
551 |
-+++ b/core/backends/lan/landevicelink.h |
552 |
-@@ -56,6 +56,7 @@ public: |
553 |
- bool linkShouldBeKeptAlive() override; |
554 |
- |
555 |
- QHostAddress hostAddress() const; |
556 |
-+ QSslCertificate certificate() const; |
557 |
- |
558 |
- private Q_SLOTS: |
559 |
- void dataReceived(); |
560 |
-diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp |
561 |
-index f3d6801d..372cdc8f 100644 |
562 |
---- a/core/backends/lan/lanlinkprovider.cpp |
563 |
-+++ b/core/backends/lan/lanlinkprovider.cpp |
564 |
-@@ -345,6 +345,12 @@ void LanLinkProvider::encrypted() |
565 |
- NetworkPacket* receivedPacket = m_receivedIdentityPackets[socket].np; |
566 |
- const QString& deviceId = receivedPacket->get<QString>(QStringLiteral("deviceId")); |
567 |
- |
568 |
-+ if (m_links.contains(deviceId) && m_links[deviceId]->certificate() != socket->peerCertificate()) { |
569 |
-+ socket->disconnectFromHost(); |
570 |
-+ qCWarning(KDECONNECT_CORE) << "Got connection for the same deviceId but certificates don't match. Ignoring " << deviceId; |
571 |
-+ return; |
572 |
-+ } |
573 |
-+ |
574 |
- addLink(deviceId, socket, receivedPacket, connectionOrigin); |
575 |
- |
576 |
- // Copied from tcpSocketConnected slot, now delete received packet |
577 |
--- |
578 |
-2.28.0 |
579 |
- |