if (net->connectionState() != Network::Disconnected) {
// Network exists and is connected, check available capabilities...
// [SASL]
- if (net->saslMaybeSupports(IrcCap::SaslMech::PLAIN)) {
- setSASLStatus(CapSupportStatus::MaybeSupported);
+ // Quassel switches between SASL PLAIN and SASL EXTERNAL based on the existence of an
+ // SSL certificate on the identity - check EXTERNAL if CertID exists, PLAIN if not
+ bool usingSASLExternal = displayedNetworkHasCertId();
+ if ((usingSASLExternal && net->saslMaybeSupports(IrcCap::SaslMech::EXTERNAL))
+ || (!usingSASLExternal && net->saslMaybeSupports(IrcCap::SaslMech::PLAIN))) {
+ setCapSASLStatus(CapSupportStatus::MaybeSupported, usingSASLExternal);
}
else {
- setSASLStatus(CapSupportStatus::MaybeUnsupported);
+ setCapSASLStatus(CapSupportStatus::MaybeUnsupported, usingSASLExternal);
}
// Add additional capability-dependent interface updates here
else {
// Network is disconnected
// [SASL]
- setSASLStatus(CapSupportStatus::Disconnected);
+ setCapSASLStatus(CapSupportStatus::Disconnected);
// Add additional capability-dependent interface updates here
}
// Capability negotiation is not supported and/or network doesn't exist.
// Don't assume anything and reset all capability-dependent interface elements to neutral.
// [SASL]
- setSASLStatus(CapSupportStatus::Unknown);
+ setCapSASLStatus(CapSupportStatus::Unknown);
// Add additional capability-dependent interface updates here
}
}
}
-void NetworksSettingsPage::setSASLStatus(const CapSupportStatus saslStatus)
+void NetworksSettingsPage::setCapSASLStatus(const CapSupportStatus saslStatus, bool usingSASLExternal)
{
- if (_saslStatusSelected != saslStatus) {
+ if (_capSaslStatusSelected != saslStatus || _capSaslStatusUsingExternal != usingSASLExternal) {
// Update the cached copy of SASL status used with the Details dialog
- _saslStatusSelected = saslStatus;
+ _capSaslStatusSelected = saslStatus;
+ _capSaslStatusUsingExternal = usingSASLExternal;
// Update the user interface
switch (saslStatus) {
ui.saslStatusIcon->setPixmap(questionIcon.pixmap(16));
break;
case CapSupportStatus::MaybeUnsupported:
- // The network doesn't advertise support for SASL PLAIN. Here be dragons.
+ // The network doesn't advertise support for SASL PLAIN/EXTERNAL. Here be dragons.
ui.saslStatusLabel->setText(QString("<i>%1</i>").arg(tr("Not currently supported by network")));
ui.saslStatusIcon->setPixmap(unavailableIcon.pixmap(16));
break;
case CapSupportStatus::MaybeSupported:
- // The network advertises support for SASL PLAIN. Encourage using it!
+ // The network advertises support for SASL PLAIN/EXTERNAL. Encourage using it!
// Unfortunately we don't know for sure if it's desired or functional.
- ui.saslStatusLabel->setText(QString("<i>%1</i>").arg(tr("Supported by network")));
+ if (usingSASLExternal) {
+ // SASL EXTERNAL is used
+ // With SASL v3.1, it's not possible to reliably tell if SASL EXTERNAL is supported,
+ // or just SASL PLAIN. Use less assertive phrasing.
+ ui.saslStatusLabel->setText(QString("<i>%1</i>").arg(tr("May be supported by network")));
+ }
+ else {
+ // SASL PLAIN is used
+ ui.saslStatusLabel->setText(QString("<i>%1</i>").arg(tr("Supported by network")));
+ }
ui.saslStatusIcon->setPixmap(successIcon.pixmap(16));
break;
}
void NetworksSettingsPage::sslUpdated()
{
- if (_cid && !_cid->sslKey().isNull()) {
- ui.saslContents->setDisabled(true);
+ if (displayedNetworkHasCertId()) {
+ ui.saslPlainContents->setDisabled(true);
ui.saslExtInfo->setHidden(false);
}
else {
- ui.saslContents->setDisabled(false);
+ ui.saslPlainContents->setDisabled(false);
// Directly re-enabling causes the widgets to ignore the parent "Use SASL Authentication"
// state to indicate whether or not it's disabled. To workaround this, keep track of
// whether or not "Use SASL Authentication" is enabled, then quickly uncheck/recheck the
// group box.
if (!ui.sasl->isChecked()) {
- // SASL is not enabled, uncheck/recheck the group box to re-disable saslContents.
- // Leaving saslContents disabled doesn't work as that prevents it from re-enabling if
+ // SASL is not enabled, uncheck/recheck the group box to re-disable saslPlainContents.
+ // Leaving saslPlainContents disabled doesn't work as that prevents it from re-enabling if
// sasl is later checked.
ui.sasl->setChecked(true);
ui.sasl->setChecked(false);
}
ui.saslExtInfo->setHidden(true);
}
+ // Update whether SASL PLAIN or SASL EXTERNAL is used to detect SASL status
+ if (currentId != 0) {
+ setNetworkCapStates(currentId);
+ }
}
/*** Network list ***/
bool useWarningIcon = false;
// Determine which explanation to show
- switch (_saslStatusSelected) {
+ switch (_capSaslStatusSelected) {
case CapSupportStatus::Unknown:
saslStatusHeader = tr("Could not check if SASL supported by network");
saslStatusExplanation = tr("Quassel could not check if \"%1\" supports SASL. This may "
.arg(netName);
break;
case CapSupportStatus::MaybeUnsupported:
- saslStatusHeader = tr("SASL not currently supported by network");
- saslStatusExplanation = tr("The network \"%1\" does not currently support SASL. "
- "However, support might be added later on.")
- .arg(netName);
+ if (displayedNetworkHasCertId()) {
+ // SASL EXTERNAL is used
+ saslStatusHeader = tr("SASL EXTERNAL not currently supported by network");
+ saslStatusExplanation = tr("The network \"%1\" does not currently support SASL "
+ "EXTERNAL for SSL certificate authentication. However, "
+ "support might be added later on.")
+ .arg(netName);
+ }
+ else {
+ // SASL PLAIN is used
+ saslStatusHeader = tr("SASL not currently supported by network");
+ saslStatusExplanation = tr("The network \"%1\" does not currently support SASL. "
+ "However, support might be added later on.")
+ .arg(netName);
+ }
useWarningIcon = true;
break;
case CapSupportStatus::MaybeSupported:
- saslStatusHeader = tr("SASL supported by network");
- saslStatusExplanation = tr("The network \"%1\" supports SASL. In most cases, you "
- "should use SASL instead of NickServ identification.")
- .arg(netName);
+ if (displayedNetworkHasCertId()) {
+ // SASL EXTERNAL is used
+ // With SASL v3.1, it's not possible to reliably tell if SASL EXTERNAL is supported,
+ // or just SASL PLAIN. Caution about this in the details dialog.
+ saslStatusHeader = tr("SASL EXTERNAL may be supported by network");
+ saslStatusExplanation = tr("The network \"%1\" may support SASL EXTERNAL for SSL "
+ "certificate authentication. In most cases, you should "
+ "use SASL instead of NickServ identification.")
+ .arg(netName);
+ }
+ else {
+ // SASL PLAIN is used
+ saslStatusHeader = tr("SASL supported by network");
+ saslStatusExplanation = tr("The network \"%1\" supports SASL. In most cases, you "
+ "should use SASL instead of NickServ identification.")
+ .arg(netName);
+ }
break;
}
return defaultId;
}
+bool NetworksSettingsPage::displayedNetworkHasCertId() const
+{
+ // Check if the CertIdentity exists and that it has a non-null SSL key set
+ return (_cid && !_cid->sslKey().isNull());
+}
+
/**************************************************************************
* NetworkAddDlg
*************************************************************************/
</property>
<layout class="QVBoxLayout" name="verticalLayout_11">
<item>
- <widget class="QFrame" name="saslContents">
+ <widget class="QFrame" name="saslPlainContents">
<property name="frameShape">
<enum>QFrame::NoFrame</enum>
</property>
</item>
</layout>
</item>
- <item>
- <layout class="QHBoxLayout" name="horizontalLayout_7">
- <item>
- <widget class="QLabel" name="saslStatusIcon">
- <property name="text">
- <string notr="true">[icon]</string>
- </property>
- </widget>
- </item>
- <item>
- <widget class="QLabel" name="saslStatusLabel">
- <property name="sizePolicy">
- <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
- <horstretch>0</horstretch>
- <verstretch>0</verstretch>
- </sizepolicy>
- </property>
- <property name="text">
- <string>Could not detect if supported by server</string>
- </property>
- </widget>
- </item>
- <item>
- <widget class="QPushButton" name="saslStatusDetails">
- <property name="text">
- <string>Details...</string>
- </property>
- </widget>
- </item>
- </layout>
- </item>
</layout>
</widget>
</item>
+ <item>
+ <widget class="QLabel" name="saslExtInfo">
+ <property name="text">
+ <string><html><head/><body><p><span style=" font-weight:600;">Note:</span> because the identity has an ssl certificate set, SASL EXTERNAL will be used.</p></body></html></string>
+ </property>
+ <property name="wordWrap">
+ <bool>true</bool>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <layout class="QHBoxLayout" name="horizontalLayout_7">
+ <item>
+ <widget class="QLabel" name="saslStatusIcon">
+ <property name="text">
+ <string notr="true">[icon]</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QLabel" name="saslStatusLabel">
+ <property name="sizePolicy">
+ <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+ <horstretch>0</horstretch>
+ <verstretch>0</verstretch>
+ </sizepolicy>
+ </property>
+ <property name="text">
+ <string>Could not detect if supported by server</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QPushButton" name="saslStatusDetails">
+ <property name="text">
+ <string>Details...</string>
+ </property>
+ </widget>
+ </item>
+ </layout>
+ </item>
</layout>
</widget>
</item>
- <item>
- <widget class="QLabel" name="saslExtInfo">
- <property name="text">
- <string><html><head/><body><p><span style=" font-weight:600;">Note:</span> because the identity has an ssl certificate set, SASL EXTERNAL will be used.</p></body></html></string>
- </property>
- <property name="wordWrap">
- <bool>true</bool>
- </property>
- </widget>
- </item>
<item>
<widget class="QGroupBox" name="autoIdentify">
<property name="enabled">
projects / quassel.git / commitdiff