Cores before 0.10 will default to SSLv3 if the user doesn't make a
selection. If a >=0.10 client is used with a <0.10 core to connect
to a server that has SSLv3 disabled, it is impossible to connect
to that server without upgrading the core or using an old client
to change the SSL protocol settings.
This also changes the SSLv2 and SSLv3 options to indicate their
insecurity and therefore discourage their use.
Cores from 0.10 and up use SSL autonegotiation and to not need the
protocol setting.
This partially reverts commit
e53fc69a91553b57932ba599b39999d550114588.
//! Check if we consider the last connect as reconnect
bool wasReconnect() const { return _wasReconnect; }
+ QPointer<Peer> peer() { return _peer; }
+
public slots:
bool connectToCore(AccountId = 0);
void reconnectToCore();
InternalPeer(QObject *parent = 0);
virtual ~InternalPeer();
+ Protocol::Type protocol() const { return Protocol::InternalProtocol; }
QString description() const;
SignalProxy *signalProxy() const;
public:
Peer(AuthHandler *authHandler, QObject *parent = 0);
+ virtual Protocol::Type protocol() const = 0;
virtual QString description() const = 0;
virtual SignalProxy *signalProxy() const = 0;
const quint32 magic = 0x42b33f00;
enum Type {
+ InternalProtocol = 0x00,
LegacyProtocol = 0x01,
DataStreamProtocol = 0x02
};
void setSignalProxy(SignalProxy *proxy);
- virtual Protocol::Type protocol() const = 0;
virtual QString protocolName() const = 0;
virtual QString description() const;
virtual quint16 enabledFeatures() const { return 0; }
ui.port->setValue(server.port);
ui.password->setText(server.password);
ui.useSSL->setChecked(server.useSsl);
+ ui.sslVersion->setCurrentIndex(server.sslVersion);
ui.useProxy->setChecked(server.useProxy);
ui.proxyType->setCurrentIndex(server.proxyType == QNetworkProxy::Socks5Proxy ? 0 : 1);
ui.proxyHost->setText(server.proxyHost);
ui.proxyPort->setValue(server.proxyPort);
ui.proxyUsername->setText(server.proxyUser);
ui.proxyPassword->setText(server.proxyPass);
+
+ // This is a dirty hack to display the core->IRC SSL protocol dropdown
+ // only if the core won't use autonegotiation to determine the best
+ // protocol. When autonegotiation was introduced, it would have been
+ // a good idea to use the CoreFeatures enum to accomplish this.
+ // However, since multiple versions have been released since then, that
+ // is no longer possible. Instead, we rely on the fact that the
+ // Datastream protocol was introduced in the same version (0.10) as SSL
+ // autonegotiation. Because of that, we can display the dropdown only
+ // if the Legacy protocol is in use. If any other RemotePeer protocol
+ // is in use, that means a newer protocol is in use and therefore the
+ // core will use autonegotiation.
+ if (Client::coreConnection()->peer()->protocol() != Protocol::LegacyProtocol) {
+ ui.label_3->hide();
+ ui.sslVersion->hide();
+ }
+
on_host_textChanged();
}
Network::Server ServerEditDlg::serverData() const
{
Network::Server server(ui.host->text().trimmed(), ui.port->value(), ui.password->text(), ui.useSSL->isChecked());
+ server.sslVersion = ui.sslVersion->currentIndex();
server.useProxy = ui.useProxy->isChecked();
server.proxyType = ui.proxyType->currentIndex() == 0 ? QNetworkProxy::Socks5Proxy : QNetworkProxy::HttpProxy;
server.proxyHost = ui.proxyHost->text();
<string>Advanced</string>
</attribute>
<layout class="QVBoxLayout" name="verticalLayout_2">
+ <item>
+ <layout class="QHBoxLayout" name="horizontalLayout">
+ <item>
+ <spacer name="horizontalSpacer">
+ <property name="orientation">
+ <enum>Qt::Horizontal</enum>
+ </property>
+ <property name="sizeHint" stdset="0">
+ <size>
+ <width>40</width>
+ <height>20</height>
+ </size>
+ </property>
+ </spacer>
+ </item>
+ <item>
+ <widget class="QLabel" name="label_3">
+ <property name="text">
+ <string>SSL Version:</string>
+ </property>
+ </widget>
+ </item>
+ <item>
+ <widget class="QComboBox" name="sslVersion">
+ <property name="toolTip">
+ <string>Use only TLSv1 unless you know what you are doing!</string>
+ </property>
+ <item>
+ <property name="text">
+ <string>SSLv3 (insecure)</string>
+ </property>
+ </item>
+ <item>
+ <property name="text">
+ <string>SSLv2 (insecure)</string>
+ </property>
+ </item>
+ <item>
+ <property name="text">
+ <string>TLSv1</string>
+ </property>
+ </item>
+ </widget>
+ </item>
+ </layout>
+ </item>
<item>
<widget class="QGroupBox" name="useProxy">
<property name="title">
<tabstop>port</tabstop>
<tabstop>password</tabstop>
<tabstop>useSSL</tabstop>
+ <tabstop>sslVersion</tabstop>
<tabstop>useProxy</tabstop>
<tabstop>proxyType</tabstop>
<tabstop>proxyHost</tabstop>