mirror of
https://github.com/ChronosX88/psyced.git
synced 2024-12-05 00:22:19 +00:00
disallow people to expose private data by crypto downgrade
This commit is contained in:
parent
e7a194e703
commit
02d4e80119
@ -4,6 +4,9 @@
|
|||||||
_warning_server_shutdown_temporary
|
_warning_server_shutdown_temporary
|
||||||
|Serverneustart: [_reason]
|
|Serverneustart: [_reason]
|
||||||
|
|
||||||
|
_error_missing_circuit_encryption
|
||||||
|
|Deine Verbindung ist plötzlich nicht mehr verschlüsselt. Bitte kontrolliere Deine Konfiguration.
|
||||||
|
|
||||||
_warning_missing_circuit_encryption
|
_warning_missing_circuit_encryption
|
||||||
|Deine Verbindung ist nicht verschlüsselt. Du gefährdest die Privatsphäre anderer Personen!
|
|Deine Verbindung ist nicht verschlüsselt. Du gefährdest die Privatsphäre anderer Personen!
|
||||||
|
|
||||||
|
@ -1,6 +1,9 @@
|
|||||||
<PSYC:TEXTDB> ## vim:syntax=mail
|
<PSYC:TEXTDB> ## vim:syntax=mail
|
||||||
## Check utf-8: Praise Atatürk!
|
## Check utf-8: Praise Atatürk!
|
||||||
|
|
||||||
|
_error_missing_circuit_encryption
|
||||||
|
|Your connection has downgraded from being encrypted. Please fix your configuration.
|
||||||
|
|
||||||
_warning_missing_circuit_encryption
|
_warning_missing_circuit_encryption
|
||||||
|Your connection is not encrypted. You are putting other people's privacy at risk!
|
|Your connection is not encrypted. You are putting other people's privacy at risk!
|
||||||
|
|
||||||
|
@ -1,6 +1,9 @@
|
|||||||
<PSYC:TEXTDB> ## vim:syntax=mail
|
<PSYC:TEXTDB> ## vim:syntax=mail
|
||||||
## tradotto al 30% ... cerca /TODO/ per continuare
|
## tradotto al 30% ... cerca /TODO/ per continuare
|
||||||
|
|
||||||
|
_error_missing_circuit_encryption
|
||||||
|
|La tua connessione ha smesso di essere crittata. Controlla la tua configurazione.
|
||||||
|
|
||||||
_warning_missing_circuit_encryption
|
_warning_missing_circuit_encryption
|
||||||
|La tua connessione non è crittata. Stai mettendo a rischio la privacy di altre persone!
|
|La tua connessione non è crittata. Stai mettendo a rischio la privacy di altre persone!
|
||||||
|
|
||||||
|
@ -28,6 +28,7 @@ volatile mixed query;
|
|||||||
volatile mapping tags;
|
volatile mapping tags;
|
||||||
volatile int showEcho;
|
volatile int showEcho;
|
||||||
volatile mixed beQuiet;
|
volatile mixed beQuiet;
|
||||||
|
volatile int encrypted = 0;
|
||||||
|
|
||||||
// my nickspace. used by psyctext(). could be passed as closure, but then
|
// my nickspace. used by psyctext(). could be passed as closure, but then
|
||||||
// it wouldn't be available for *any* psyctext call in user objects.
|
// it wouldn't be available for *any* psyctext call in user objects.
|
||||||
@ -1572,6 +1573,7 @@ logon() {
|
|||||||
string evil;
|
string evil;
|
||||||
|
|
||||||
if (tls_query_connection_state(ME) == 1) {
|
if (tls_query_connection_state(ME) == 1) {
|
||||||
|
encrypted++;
|
||||||
// evil TLS ciphers are no problem if the connection is being
|
// evil TLS ciphers are no problem if the connection is being
|
||||||
// tunneled through SSH or Tor, so we shut up in that case.
|
// tunneled through SSH or Tor, so we shut up in that case.
|
||||||
if (probably_private(ME) < PRIVACY_REASONABLE &&
|
if (probably_private(ME) < PRIVACY_REASONABLE &&
|
||||||
@ -1583,11 +1585,22 @@ logon() {
|
|||||||
unless (beQuiet) w("_status_circuit_encryption_cipher");
|
unless (beQuiet) w("_status_circuit_encryption_cipher");
|
||||||
}
|
}
|
||||||
} else if (!probably_private(ME)) {
|
} else if (!probably_private(ME)) {
|
||||||
w("_warning_missing_circuit_encryption"
|
if (encrypted) {
|
||||||
# ifdef _warning_missing_circuit_encryption
|
// do not allow a person to (be) downgrade(d) from TLS...
|
||||||
, _warning_missing_circuit_encryption
|
// at least not during the lifetime of this object
|
||||||
|
w("_error_missing_circuit_encryption"
|
||||||
|
# ifdef _error_missing_circuit_encryption
|
||||||
|
, _error_missing_circuit_encryption
|
||||||
# endif
|
# endif
|
||||||
);
|
);
|
||||||
|
return remove_interactive(ME);
|
||||||
|
} else {
|
||||||
|
w("_warning_missing_circuit_encryption"
|
||||||
|
# ifdef _warning_missing_circuit_encryption
|
||||||
|
, _warning_missing_circuit_encryption
|
||||||
|
# endif
|
||||||
|
);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
// cannot if (greeting) here this since jabber:iq:auth depends on this
|
// cannot if (greeting) here this since jabber:iq:auth depends on this
|
||||||
|
Loading…
Reference in New Issue
Block a user