disallow people to expose private data by crypto downgrade

world/default/de/plain.textdb

@@ -4,6 +4,9 @@
 _warning_server_shutdown_temporary
 |Serverneustart: [_reason]
 
+_error_missing_circuit_encryption
+|Deine Verbindung ist plötzlich nicht mehr verschlüsselt. Bitte kontrolliere Deine Konfiguration.
+
 _warning_missing_circuit_encryption
 |Deine Verbindung ist nicht verschlüsselt. Du gefährdest die Privatsphäre anderer Personen!
 

world/default/en/plain.textdb

@@ -1,6 +1,9 @@
 <PSYC:TEXTDB> ## vim:syntax=mail
 ## Check utf-8: Praise Atatürk!
 
+_error_missing_circuit_encryption
+|Your connection has downgraded from being encrypted. Please fix your configuration.
+
 _warning_missing_circuit_encryption
 |Your connection is not encrypted. You are putting other people's privacy at risk!
 

world/default/it/plain.textdb

@@ -1,6 +1,9 @@
 <PSYC:TEXTDB> ## vim:syntax=mail
 ## tradotto al 30% ... cerca /TODO/ per continuare
 
+_error_missing_circuit_encryption
+|La tua connessione ha smesso di essere crittata. Controlla la tua configurazione.
+
 _warning_missing_circuit_encryption
 |La tua connessione non è crittata. Stai mettendo a rischio la privacy di altre persone!
 

world/net/user.c

@@ -28,6 +28,7 @@ volatile mixed query;
 volatile mapping tags;
 volatile int showEcho;
 volatile mixed beQuiet;
+volatile int encrypted = 0;
 
 // my nickspace. used by psyctext(). could be passed as closure, but then
 // it wouldn't be available for *any* psyctext call in user objects.
@@ -1572,6 +1573,7 @@ logon() {
 	string evil;
 
 	if (tls_query_connection_state(ME) == 1) {
+	    encrypted++;
 	    // evil TLS ciphers are no problem if the connection is being
 	    // tunneled through SSH or Tor, so we shut up in that case.
 	    if (probably_private(ME) < PRIVACY_REASONABLE &&
@@ -1583,11 +1585,22 @@ logon() {
                 unless (beQuiet) w("_status_circuit_encryption_cipher");
 	    }
 	} else if (!probably_private(ME)) {
-	    w("_warning_missing_circuit_encryption"
+	    if (encrypted) {
-# ifdef _warning_missing_circuit_encryption
+		// do not allow a person to (be) downgrade(d) from TLS...
-	      , _warning_missing_circuit_encryption
+		// at least not during the lifetime of this object
+		w("_error_missing_circuit_encryption"
+# ifdef _error_missing_circuit_encryption
+		  , _error_missing_circuit_encryption
 # endif
-	    );
+		);
+		return remove_interactive(ME);
+	    } else {
+		w("_warning_missing_circuit_encryption"
+# ifdef _warning_missing_circuit_encryption
+		  , _warning_missing_circuit_encryption
+# endif
+		);
+	    }
 	}
 #endif
 	// cannot if (greeting) here this since jabber:iq:auth depends on this