Index: binaries/data/config/default.cfg =================================================================== --- binaries/data/config/default.cfg +++ binaries/data/config/default.cfg @@ -413,7 +413,7 @@ history = 0 ; Number of past messages to display on join room = "arena23" ; Default MUC room to join server = "lobby.wildfiregames.com" ; Address of lobby server -require_tls = true ; Whether to reject connecting to the lobby if TLS encryption is unavailable. +tls = true ; Whether to use TLS encryption when connecting to the server. verify_certificate = false ; Whether to reject connecting to the lobby if the TLS certificate is invalid (TODO: wait for Gloox GnuTLS trust implementation to be fixed) terms_url = "https://trac.wildfiregames.com/browser/ps/trunk/binaries/data/mods/public/gui/prelobby/common/terms/"; Allows the user to save the text and print the terms terms_of_service = "0" ; Version (hash) of the Terms of Service that the user has accepted Index: binaries/data/mods/public/gui/options/options.json =================================================================== --- binaries/data/mods/public/gui/options/options.json +++ binaries/data/mods/public/gui/options/options.json @@ -378,6 +378,12 @@ "options": [ { + "type": "boolean", + "label": "TLS Encryption", + "tooltip": "Encrypt data exchanged with the lobby server using TLS.", + "config": "lobby.tls" + }, + { "type": "number", "label": "Chat Backlog", "tooltip": "Number of backlogged messages to load when joining the lobby.", Index: binaries/data/mods/public/gui/prelobby/common/terms/Privacy_Policy.txt =================================================================== --- binaries/data/mods/public/gui/prelobby/common/terms/Privacy_Policy.txt +++ binaries/data/mods/public/gui/prelobby/common/terms/Privacy_Policy.txt @@ -39,7 +39,6 @@ 2. Compute and publish community statistics to improve the game and the service, for example to improve the balancing of the game or to make certain aspects of the game more appealing. [font="sans-bold-14"]Security of processing:[/font] -The transmission of personal data is secured using TLS encryption (GDPR 32). Personal data is protected against unintentional loss in encrypted backups for additional time (GDPR 30.1.g, GDPR 32). All personal data that Wildfire Games processes is obtained from the user (GDPR 14). Index: source/lobby/XmppClient.cpp =================================================================== --- source/lobby/XmppClient.cpp +++ source/lobby/XmppClient.cpp @@ -100,9 +100,9 @@ // Optionally join without a TLS certificate, so a local server can be tested quickly. // Security risks from malicious JS mods can be mitigated if this option and also the hostname and login are shielded from JS access. - bool require_tls = true; - CFG_GET_VAL("lobby.require_tls", require_tls); - m_client->setTls(require_tls ? gloox::TLSRequired : gloox::TLSOptional); + bool tls = true; + CFG_GET_VAL("lobby.tls", tls); + m_client->setTls(tls ? gloox::TLSRequired : gloox::TLSDisabled); // Disable use of the SASL PLAIN mechanism, to prevent leaking credentials // if the server doesn't list any supported SASL mechanism or the response