ability to configure cipher list

src/common/config.py

@@ -349,6 +349,7 @@ class Config:
                     'enable_esessions': [opt_bool, True, _('Enable ESessions encryption for this account.')],
                     'autonegotiate_esessions': [opt_bool, True, _('Should Gajim automatically start an encrypted session when possible?')],
                     'connection_types': [ opt_str, 'tls ssl plain', _('Ordered list (space separated) of connection type to try. Can contain tls, ssl or plain')],
+                    'cipher_list': [ opt_str, 'HIGH:!aNULL:!eNULL:RC4-SHA', '' ],
                     'action_when_plaintext_connection': [ opt_str, 'warn', _('Show a warning dialog before sending password on an plaintext connection. Can be \'warn\', \'connect\', \'disconnect\'') ],
                     'warn_when_insecure_ssl_connection': [ opt_bool, True, _('Show a warning dialog before using standard SSL library.') ],
                     'warn_when_insecure_password': [ opt_bool, True, _('Show a warning dialog before sending PLAIN password over a plain connection.') ],

src/common/connection.py

@@ -1236,7 +1236,9 @@ class Connection(CommonConnection, ConnectionHandlers):
             if not os.path.exists(cacerts):
                 cacerts = ''
             mycerts = common.gajim.MY_CACERTS
-            secure_tuple = (self._current_type, cacerts, mycerts)
+            cipher_list = gajim.config.get_per('accounts', self.name,
+                'cipher_list')
+            secure_tuple = (self._current_type, cacerts, mycerts, cipher_list)
 
             con = nbxmpp.NonBlockingClient(
                 domain=self._hostname,