From: Manuel Nickschas <sputnick@quassel-irc.org>
Date: Wed, 11 Mar 2015 19:13:12 +0000 (+0100)
Subject: Merge pull request #111 from mamarley/nosslloopback
X-Git-Tag: 0.12-rc1~5
X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=commitdiff_plain;h=4988547cbb3c35016872a4ed8dbcc1376473ad80;hp=d82f98b8cf9c7c83f3aab1d7f010ccf8bdd2c003

Merge pull request #111 from mamarley/nosslloopback

Don't require SSL for loopback connections with --require-ssl
---

diff --git a/src/common/main.cpp b/src/common/main.cpp
index 6847371d..b13d3eef 100644
--- a/src/common/main.cpp
+++ b/src/common/main.cpp
@@ -169,7 +169,7 @@ int main(int argc, char **argv)
     cliParser->addSwitch("oidentd", 0, "Enable oidentd integration");
     cliParser->addOption("oidentd-conffile", 0, "Set path to oidentd configuration file", "file");
 #ifdef HAVE_SSL
-    cliParser->addSwitch("require-ssl", 0, "Require SSL for client connections");
+    cliParser->addSwitch("require-ssl", 0, "Require SSL for remote (non-loopback) client connections");
 #endif
     cliParser->addSwitch("enable-experimental-dcc", 0, "Enable highly experimental and unfinished support for CTCP DCC (DANGEROUS)");
 #endif
diff --git a/src/core/coreauthhandler.cpp b/src/core/coreauthhandler.cpp
index 75a29282..92b32c5c 100644
--- a/src/core/coreauthhandler.cpp
+++ b/src/core/coreauthhandler.cpp
@@ -158,7 +158,7 @@ void CoreAuthHandler::handle(const RegisterClient &msg)
     else
         useSsl = _connectionFeatures & Protocol::Encryption;
 
-    if (Quassel::isOptionSet("require-ssl") && !useSsl) {
+    if (Quassel::isOptionSet("require-ssl") && !useSsl && !_peer->isLocal()) {
         _peer->dispatch(ClientDenied(tr("<b>SSL is required!</b><br>You need to use SSL in order to connect to this core.")));
         _peer->close();
         return;