Add ability to configure TLS protocol version.
add configuration option tls_version Related to https://python-nbxmpp.gajim.org/ticket/17
This commit is contained in:
parent
dcf1c33cc1
commit
d7c8bdc8c4
|
@ -349,6 +349,7 @@ class Config:
|
||||||
'enable_esessions': [opt_bool, True, _('Enable ESessions encryption for this account.')],
|
'enable_esessions': [opt_bool, True, _('Enable ESessions encryption for this account.')],
|
||||||
'autonegotiate_esessions': [opt_bool, True, _('Should Gajim automatically start an encrypted session when possible?')],
|
'autonegotiate_esessions': [opt_bool, True, _('Should Gajim automatically start an encrypted session when possible?')],
|
||||||
'connection_types': [ opt_str, 'tls ssl plain', _('Ordered list (space separated) of connection type to try. Can contain tls, ssl or plain')],
|
'connection_types': [ opt_str, 'tls ssl plain', _('Ordered list (space separated) of connection type to try. Can contain tls, ssl or plain')],
|
||||||
|
'tls_version': [ opt_str, '1.0', '' ],
|
||||||
'cipher_list': [ opt_str, 'HIGH:!aNULL:RC4-SHA', '' ],
|
'cipher_list': [ opt_str, 'HIGH:!aNULL:RC4-SHA', '' ],
|
||||||
'action_when_plaintext_connection': [ opt_str, 'warn', _('Show a warning dialog before sending password on an plaintext connection. Can be \'warn\', \'connect\', \'disconnect\'') ],
|
'action_when_plaintext_connection': [ opt_str, 'warn', _('Show a warning dialog before sending password on an plaintext connection. Can be \'warn\', \'connect\', \'disconnect\'') ],
|
||||||
'warn_when_insecure_ssl_connection': [ opt_bool, True, _('Show a warning dialog before using standard SSL library.') ],
|
'warn_when_insecure_ssl_connection': [ opt_bool, True, _('Show a warning dialog before using standard SSL library.') ],
|
||||||
|
|
|
@ -1239,9 +1239,11 @@ class Connection(CommonConnection, ConnectionHandlers):
|
||||||
if not os.path.exists(cacerts):
|
if not os.path.exists(cacerts):
|
||||||
cacerts = ''
|
cacerts = ''
|
||||||
mycerts = common.gajim.MY_CACERTS
|
mycerts = common.gajim.MY_CACERTS
|
||||||
|
tls_version = gajim.config.get_per('accounts', self.name,
|
||||||
|
'tls_version')
|
||||||
cipher_list = gajim.config.get_per('accounts', self.name,
|
cipher_list = gajim.config.get_per('accounts', self.name,
|
||||||
'cipher_list')
|
'cipher_list')
|
||||||
secure_tuple = (self._current_type, cacerts, mycerts, cipher_list)
|
secure_tuple = (self._current_type, cacerts, mycerts, tls_version, cipher_list)
|
||||||
|
|
||||||
con = nbxmpp.NonBlockingClient(
|
con = nbxmpp.NonBlockingClient(
|
||||||
domain=self._hostname,
|
domain=self._hostname,
|
||||||
|
|
Loading…
Reference in New Issue