Add back the SSL protocol selection dialog box for old cores.

Cores before 0.10 will default to SSLv3 if the user doesn't make a
selection.  If a >=0.10 client is used with a <0.10 core to connect
to a server that has SSLv3 disabled, it is impossible to connect
to that server without upgrading the core or using an old client
to change the SSL protocol settings.

This also changes the SSLv2 and SSLv3 options to indicate their
insecurity and therefore discourage their use.

Cores from 0.10 and up use SSL autonegotiation and to not need the
protocol setting.

This partially reverts commit
e53fc69a91553b57932ba599b39999d550114588.

diff --git a/src/client/coreconnection.h b/src/client/coreconnection.h
index 0019a53..ba33f17 100644 (file)
--- a/src/client/coreconnection.h
+++ b/src/client/coreconnection.h
@@ -73,6 +73,8 @@ public:
     //! Check if we consider the last connect as reconnect
     bool wasReconnect() const { return _wasReconnect; }
 
     //! Check if we consider the last connect as reconnect
     bool wasReconnect() const { return _wasReconnect; }
 

+    QPointer<Peer> peer() { return _peer; }
+

 public slots:
     bool connectToCore(AccountId = 0);
     void reconnectToCore();
 public slots:
     bool connectToCore(AccountId = 0);
     void reconnectToCore();

diff --git a/src/common/internalpeer.h b/src/common/internalpeer.h
index 97499bd..103c47d 100644 (file)
--- a/src/common/internalpeer.h
+++ b/src/common/internalpeer.h
@@ -42,6 +42,7 @@ public:
     InternalPeer(QObject *parent = 0);
     virtual ~InternalPeer();
 
     InternalPeer(QObject *parent = 0);
     virtual ~InternalPeer();
 

+    Protocol::Type protocol() const { return Protocol::InternalProtocol; }

     QString description() const;
 
     SignalProxy *signalProxy() const;
     QString description() const;
 
     SignalProxy *signalProxy() const;

diff --git a/src/common/peer.h b/src/common/peer.h
index a21e9c1..5a863ee 100644 (file)
--- a/src/common/peer.h
+++ b/src/common/peer.h
@@ -35,6 +35,7 @@ class Peer : public QObject
 public:
     Peer(AuthHandler *authHandler, QObject *parent = 0);
 
 public:
     Peer(AuthHandler *authHandler, QObject *parent = 0);
 

+    virtual Protocol::Type protocol() const = 0;

     virtual QString description() const = 0;
 
     virtual SignalProxy *signalProxy() const = 0;
     virtual QString description() const = 0;
 
     virtual SignalProxy *signalProxy() const = 0;

diff --git a/src/common/protocol.h b/src/common/protocol.h
index 15f5e5d..ba70530 100644 (file)
--- a/src/common/protocol.h
+++ b/src/common/protocol.h
@@ -30,6 +30,7 @@ namespace Protocol {
 const quint32 magic = 0x42b33f00;
 
 enum Type {
 const quint32 magic = 0x42b33f00;
 
 enum Type {

+    InternalProtocol = 0x00,

     LegacyProtocol = 0x01,
     DataStreamProtocol = 0x02
 };
     LegacyProtocol = 0x01,
     DataStreamProtocol = 0x02
 };

diff --git a/src/common/remotepeer.h b/src/common/remotepeer.h
index 5650120..677ff21 100644 (file)
--- a/src/common/remotepeer.h
+++ b/src/common/remotepeer.h
@@ -45,7 +45,6 @@ public:
 
     void setSignalProxy(SignalProxy *proxy);
 
 
     void setSignalProxy(SignalProxy *proxy);
 

-    virtual Protocol::Type protocol() const = 0;

     virtual QString protocolName() const = 0;
     virtual QString description() const;
     virtual quint16 enabledFeatures() const { return 0; }
     virtual QString protocolName() const = 0;
     virtual QString description() const;
     virtual quint16 enabledFeatures() const { return 0; }

diff --git a/src/qtui/settingspages/networkssettingspage.cpp b/src/qtui/settingspages/networkssettingspage.cpp
index 011328d..f422ebb 100644 (file)
--- a/src/qtui/settingspages/networkssettingspage.cpp
+++ b/src/qtui/settingspages/networkssettingspage.cpp
@@ -869,12 +869,30 @@ ServerEditDlg::ServerEditDlg(const Network::Server &server, QWidget *parent) : Q
     ui.port->setValue(server.port);
     ui.password->setText(server.password);
     ui.useSSL->setChecked(server.useSsl);
     ui.port->setValue(server.port);
     ui.password->setText(server.password);
     ui.useSSL->setChecked(server.useSsl);

+    ui.sslVersion->setCurrentIndex(server.sslVersion);

     ui.useProxy->setChecked(server.useProxy);
     ui.proxyType->setCurrentIndex(server.proxyType == QNetworkProxy::Socks5Proxy ? 0 : 1);
     ui.proxyHost->setText(server.proxyHost);
     ui.proxyPort->setValue(server.proxyPort);
     ui.proxyUsername->setText(server.proxyUser);
     ui.proxyPassword->setText(server.proxyPass);
     ui.useProxy->setChecked(server.useProxy);
     ui.proxyType->setCurrentIndex(server.proxyType == QNetworkProxy::Socks5Proxy ? 0 : 1);
     ui.proxyHost->setText(server.proxyHost);
     ui.proxyPort->setValue(server.proxyPort);
     ui.proxyUsername->setText(server.proxyUser);
     ui.proxyPassword->setText(server.proxyPass);

+
+    // This is a dirty hack to display the core->IRC SSL protocol dropdown
+    // only if the core won't use autonegotiation to determine the best
+    // protocol.  When autonegotiation was introduced, it would have been
+    // a good idea to use the CoreFeatures enum to accomplish this.
+    // However, since multiple versions have been released since then, that
+    // is no longer possible.  Instead, we rely on the fact that the
+    // Datastream protocol was introduced in the same version (0.10) as SSL
+    // autonegotiation.  Because of that, we can display the dropdown only
+    // if the Legacy protocol is in use.  If any other RemotePeer protocol
+    // is in use, that means a newer protocol is in use and therefore the
+    // core will use autonegotiation.
+    if (Client::coreConnection()->peer()->protocol() != Protocol::LegacyProtocol) {
+        ui.label_3->hide();
+        ui.sslVersion->hide();
+    }
+

     on_host_textChanged();
 }
 
     on_host_textChanged();
 }
 


@@ -882,6 +900,7 @@ ServerEditDlg::ServerEditDlg(const Network::Server &server, QWidget *parent) : Q
 Network::Server ServerEditDlg::serverData() const
 {
     Network::Server server(ui.host->text().trimmed(), ui.port->value(), ui.password->text(), ui.useSSL->isChecked());
 Network::Server ServerEditDlg::serverData() const
 {
     Network::Server server(ui.host->text().trimmed(), ui.port->value(), ui.password->text(), ui.useSSL->isChecked());

+    server.sslVersion = ui.sslVersion->currentIndex();

     server.useProxy = ui.useProxy->isChecked();
     server.proxyType = ui.proxyType->currentIndex() == 0 ? QNetworkProxy::Socks5Proxy : QNetworkProxy::HttpProxy;
     server.proxyHost = ui.proxyHost->text();
     server.useProxy = ui.useProxy->isChecked();
     server.proxyType = ui.proxyType->currentIndex() == 0 ? QNetworkProxy::Socks5Proxy : QNetworkProxy::HttpProxy;
     server.proxyHost = ui.proxyHost->text();

diff --git a/src/qtui/settingspages/servereditdlg.ui b/src/qtui/settingspages/servereditdlg.ui
index d16d1e4..2917710 100644 (file)
--- a/src/qtui/settingspages/servereditdlg.ui
+++ b/src/qtui/settingspages/servereditdlg.ui
@@ -119,6 +119,52 @@
        <string>Advanced</string>
       </attribute>
       <layout class="QVBoxLayout" name="verticalLayout_2">
        <string>Advanced</string>
       </attribute>
       <layout class="QVBoxLayout" name="verticalLayout_2">

+       <item>
+        <layout class="QHBoxLayout" name="horizontalLayout">
+         <item>
+          <spacer name="horizontalSpacer">
+           <property name="orientation">
+            <enum>Qt::Horizontal</enum>
+           </property>
+           <property name="sizeHint" stdset="0">
+            <size>
+             <width>40</width>
+             <height>20</height>
+            </size>
+           </property>
+          </spacer>
+         </item>
+         <item>
+          <widget class="QLabel" name="label_3">
+           <property name="text">
+            <string>SSL Version:</string>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <widget class="QComboBox" name="sslVersion">
+           <property name="toolTip">
+            <string>Use only TLSv1 unless you know what you are doing!</string>
+           </property>
+           <item>
+            <property name="text">
+             <string>SSLv3 (insecure)</string>
+            </property>
+           </item>
+           <item>
+            <property name="text">
+             <string>SSLv2 (insecure)</string>
+            </property>
+           </item>
+           <item>
+            <property name="text">
+             <string>TLSv1</string>
+            </property>
+           </item>
+          </widget>
+         </item>
+        </layout>
+       </item>

        <item>
         <widget class="QGroupBox" name="useProxy">
          <property name="title">
        <item>
         <widget class="QGroupBox" name="useProxy">
          <property name="title">


@@ -263,6 +309,7 @@
   <tabstop>port</tabstop>
   <tabstop>password</tabstop>
   <tabstop>useSSL</tabstop>
   <tabstop>port</tabstop>
   <tabstop>password</tabstop>
   <tabstop>useSSL</tabstop>

+  <tabstop>sslVersion</tabstop>

   <tabstop>useProxy</tabstop>
   <tabstop>proxyType</tabstop>
   <tabstop>proxyHost</tabstop>
   <tabstop>useProxy</tabstop>
   <tabstop>proxyType</tabstop>
   <tabstop>proxyHost</tabstop>