X-Git-Url: https://git.quassel-irc.org/?a=blobdiff_plain;f=src%2Fcore%2Fcoreauthhandler.cpp;h=7356d5b430ad73c3c711aeb47c3437939f389839;hb=2a89d1b0c473f92c5cf9fb803d99e8b51b2c68e7;hp=5942676f87b1ad7c8d0d9d7c1388a384bc1c8c8c;hpb=64cf9f9b8a737dad5f29447805d4004cfd03c454;p=quassel.git

diff --git a/src/core/coreauthhandler.cpp b/src/core/coreauthhandler.cpp
index 5942676f..7356d5b4 100644
--- a/src/core/coreauthhandler.cpp
+++ b/src/core/coreauthhandler.cpp
@@ -68,6 +68,7 @@ void CoreAuthHandler::startSsl()
 
     qDebug() << qPrintable(tr("Starting encryption for Client:"))  << _peer->description();
     connect(sslSocket, SIGNAL(sslErrors(const QList<QSslError> &)), SLOT(onSslErrors()));
+    sslSocket->flush(); // ensure that the write cache is flushed before we switch to ssl (bug 682)
     sslSocket->startServerEncryption();
 #endif
 }
@@ -100,6 +101,11 @@ void CoreAuthHandler::handle(const RegisterClient &msg)
     // TODO: only in compat mode
     bool useSsl = false;
 #ifdef HAVE_SSL
+    if (Quassel::isOptionSet("require-ssl") && !msg.sslSupported) {
+        _peer->dispatch(ClientDenied(tr("<b>SSL is required!</b><br>You need to use SSL in order to connect to this core.")));
+        _peer->close();
+        return;
+    }
     if (Core::sslSupported() && msg.sslSupported)
         useSsl = true;
 #endif
@@ -148,5 +154,6 @@ void CoreAuthHandler::handle(const Login &msg)
     disconnect(_peer, 0, this, 0);
     _peer->setParent(0); // Core needs to take care of this one now!
 
+    socket()->flush(); // Make sure all data is sent before handing over the peer (and socket) to the session thread (bug 682)
     emit handshakeComplete(_peer, uid);
 }