https://bugs.kde.org/show_bug.cgi?id=414841
Bug ID: 414841
Summary: Crash with invalid or failed TLS authentication
Product: kdeconnect
Version: 1.3.5
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: android-application
Assignee: albertv...@gmail.com
Reporter: andrew.g.r.hol...@gmail.com
Target Milestone: ---
Created attachment 124323
--> https://bugs.kde.org/attachment.cgi?id=124323&action=edit
tombstone file from android
SUMMARY
On virtually any TLS error, including sending an invalid/corrupted certificate
or just bailing during the handshake, the Android app will crash.
STEPS TO REPRODUCE
1. Setup two devices with a KDE Connect client, at least one with the Android
app
2. Attempt to connect with a faulty certificate or just close the connection
during authentication
3.
OBSERVED RESULT
kdeconnect-android crashes, usually restarting and crashing again when the
device attempts to handshake again
EXPECTED RESULT
Probably the connection should close, or ideally prompt the user about a
possible fraudulent connection attempt.
SOFTWARE/OS VERSIONS
Windows:
macOS:
Linux/KDE Plasma:
(available in About System)
KDE Plasma Version:
KDE Frameworks Version:
Qt Version:
ADDITIONAL INFORMATION
I reproduced this with GSConnect, but no doubt it's possible to create this
issue with kdeconnect-kde. It's rare to happen in the wild, but tends to happen
when users do silly things like change their hostname or try copy settings
between machines.
--
You are receiving this mail because:
You are watching all bug changes.
