Index: binaries/data/config/default.cfg
===================================================================
--- binaries/data/config/default.cfg
+++ binaries/data/config/default.cfg
@@ -413,7 +413,7 @@
history = 0 ; Number of past messages to display on join
room = "arena23" ; Default MUC room to join
server = "lobby.wildfiregames.com" ; Address of lobby server
-require_tls = true ; Whether to reject connecting to the lobby if TLS encryption is unavailable.
+tls = true ; Whether to use TLS encryption when connecting to the server.
verify_certificate = false ; Whether to reject connecting to the lobby if the TLS certificate is invalid (TODO: wait for Gloox GnuTLS trust implementation to be fixed)
terms_url = "https://trac.wildfiregames.com/browser/ps/trunk/binaries/data/mods/public/gui/prelobby/common/terms/"; Allows the user to save the text and print the terms
terms_of_service = "0" ; Version (hash) of the Terms of Service that the user has accepted
Index: binaries/data/mods/public/gui/prelobby/common/encryption/encryption.js
===================================================================
--- /dev/null
+++ binaries/data/mods/public/gui/prelobby/common/encryption/encryption.js
@@ -0,0 +1,14 @@
+function initEncryption()
+{
+ Engine.GetGUIObjectByName("encryption").checked =
+ Engine.ConfigDB_GetValue("user", "lobby.tls") == "true";
+
+ for (let obj of ["encryption", "encryptionLabel"])
+ Engine.GetGUIObjectByName(obj).tooltip =
+ translate("Protect login and communication with the lobby server using TLS encryption.");
+}
+
+function updateEncryption(enabled)
+{
+ saveSettingAndWriteToUserConfig("lobby.tls", String(enabled))
+}
Index: binaries/data/mods/public/gui/prelobby/common/encryption/encryption.xml
===================================================================
--- /dev/null
+++ binaries/data/mods/public/gui/prelobby/common/encryption/encryption.xml
@@ -0,0 +1,9 @@
+
+
Index: binaries/data/mods/public/gui/prelobby/login/login.js
===================================================================
--- binaries/data/mods/public/gui/prelobby/login/login.js
+++ binaries/data/mods/public/gui/prelobby/login/login.js
@@ -9,7 +9,7 @@
Engine.GetGUIObjectByName("password").caption = Engine.ConfigDB_GetValue("user", "lobby.password").substr(0, 10);
initLobbyTerms();
-
+ initEncryption();
initRememberPassword();
updateFeedback();
Index: binaries/data/mods/public/gui/prelobby/login/login.xml
===================================================================
--- binaries/data/mods/public/gui/prelobby/login/login.xml
+++ binaries/data/mods/public/gui/prelobby/login/login.xml
@@ -4,10 +4,11 @@
+
-
+ Connect to the game lobby
@@ -17,15 +18,19 @@
-
+
-
+
+
+
+
+
-
+
Index: binaries/data/mods/public/gui/prelobby/register/register.js
===================================================================
--- binaries/data/mods/public/gui/prelobby/register/register.js
+++ binaries/data/mods/public/gui/prelobby/register/register.js
@@ -5,7 +5,7 @@
Engine.GetGUIObjectByName("continue").caption = translate("Register");
initLobbyTerms();
-
+ initEncryption();
initRememberPassword();
updateFeedback();
Index: binaries/data/mods/public/gui/prelobby/register/register.xml
===================================================================
--- binaries/data/mods/public/gui/prelobby/register/register.xml
+++ binaries/data/mods/public/gui/prelobby/register/register.xml
@@ -4,10 +4,11 @@
+
-
+ Registration
@@ -25,11 +26,15 @@
-
+
+
+
+
+
-
+
Index: source/lobby/XmppClient.cpp
===================================================================
--- source/lobby/XmppClient.cpp
+++ source/lobby/XmppClient.cpp
@@ -100,9 +100,9 @@
// Optionally join without a TLS certificate, so a local server can be tested quickly.
// Security risks from malicious JS mods can be mitigated if this option and also the hostname and login are shielded from JS access.
- bool require_tls = true;
- CFG_GET_VAL("lobby.require_tls", require_tls);
- m_client->setTls(require_tls ? gloox::TLSRequired : gloox::TLSOptional);
+ bool tls = true;
+ CFG_GET_VAL("lobby.tls", tls);
+ m_client->setTls(tls ? gloox::TLSRequired : gloox::TLSDisabled);
// Disable use of the SASL PLAIN mechanism, to prevent leaking credentials
// if the server doesn't list any supported SASL mechanism or the response