disallow people to expose private data by crypto downgrade

This commit is contained in:
psyc://loupsycedyglgamf.onion/~lynX 2016-02-22 06:38:36 +01:00
parent e7a194e703
commit 02d4e80119
4 changed files with 26 additions and 4 deletions

View File

@ -4,6 +4,9 @@
_warning_server_shutdown_temporary
|Serverneustart: [_reason]
_error_missing_circuit_encryption
|Deine Verbindung ist plötzlich nicht mehr verschlüsselt. Bitte kontrolliere Deine Konfiguration.
_warning_missing_circuit_encryption
|Deine Verbindung ist nicht verschlüsselt. Du gefährdest die Privatsphäre anderer Personen!

View File

@ -1,6 +1,9 @@
<PSYC:TEXTDB> ## vim:syntax=mail
## Check utf-8: Praise Atatürk!
_error_missing_circuit_encryption
|Your connection has downgraded from being encrypted. Please fix your configuration.
_warning_missing_circuit_encryption
|Your connection is not encrypted. You are putting other people's privacy at risk!

View File

@ -1,6 +1,9 @@
<PSYC:TEXTDB> ## vim:syntax=mail
## tradotto al 30% ... cerca /TODO/ per continuare
_error_missing_circuit_encryption
|La tua connessione ha smesso di essere crittata. Controlla la tua configurazione.
_warning_missing_circuit_encryption
|La tua connessione non è crittata. Stai mettendo a rischio la privacy di altre persone!

View File

@ -28,6 +28,7 @@ volatile mixed query;
volatile mapping tags;
volatile int showEcho;
volatile mixed beQuiet;
volatile int encrypted = 0;
// my nickspace. used by psyctext(). could be passed as closure, but then
// it wouldn't be available for *any* psyctext call in user objects.
@ -1572,6 +1573,7 @@ logon() {
string evil;
if (tls_query_connection_state(ME) == 1) {
encrypted++;
// evil TLS ciphers are no problem if the connection is being
// tunneled through SSH or Tor, so we shut up in that case.
if (probably_private(ME) < PRIVACY_REASONABLE &&
@ -1583,12 +1585,23 @@ logon() {
unless (beQuiet) w("_status_circuit_encryption_cipher");
}
} else if (!probably_private(ME)) {
if (encrypted) {
// do not allow a person to (be) downgrade(d) from TLS...
// at least not during the lifetime of this object
w("_error_missing_circuit_encryption"
# ifdef _error_missing_circuit_encryption
, _error_missing_circuit_encryption
# endif
);
return remove_interactive(ME);
} else {
w("_warning_missing_circuit_encryption"
# ifdef _warning_missing_circuit_encryption
, _warning_missing_circuit_encryption
# endif
);
}
}
#endif
// cannot if (greeting) here this since jabber:iq:auth depends on this
// also greeting will only be defined after ::logon()