lib/server: Close connection when client app-level handshake fails

This fixes the following security vulnerability:
 - CVE-2021-42075 DoS via file descriptor exhaustion

The issue has been reported by Matthias Gerstner <mgerstner@suse.de>.

(cherry picked from commit deefecc262)

doc/newsfragments/close-failed-handshake-connections.bugfix

@@ -0,0 +1,6 @@
+SECURITY ISSUE
+
+Barrier will now correctly close connections when the app-level handshake fails (fixes CVE-2021-42075).
+
+Previously repeated failing connections would leak file descriptors leading to Barrier being unable
+to receive new connections from clients.

src/lib/server/ClientListener.cpp

@@ -195,6 +195,11 @@ ClientListener::handleUnknownClient(const Event&, void* vclient)
                             new TMethodEventJob<ClientListener>(this,
                                 &ClientListener::handleClientDisconnected,
                                 client));
+    } else {
+        auto* stream = unknownClient->getStream();
+        if (stream) {
+            stream->close();
+        }
     }
 
     // now finished with unknown client