Merge commit '0c1f385623623c951ff3b4aef2bc98e8d170d8bc' into develop

airdcpp-web · Jan 7, 2021 · eb1d0dc · eb1d0dc
2 parents d5d4657 + 0c1f385
commit eb1d0dc
Show file tree

Hide file tree

Showing 9 changed files with 706 additions and 640 deletions.
diff --git a/airdcpp-core/airdcpp.vcxproj b/airdcpp-core/airdcpp.vcxproj
@@ -220,6 +220,7 @@
     <ClCompile Include="airdcpp\ErrorCollector.cpp" />
     <ClCompile Include="airdcpp\GroupedSearchResult.cpp" />
     <ClCompile Include="airdcpp\Hasher.cpp" />
+    <ClCompile Include="airdcpp\HashStore.cpp" />
     <ClCompile Include="airdcpp\IgnoreManager.cpp" />
     <ClCompile Include="airdcpp\MessageCache.cpp" />
     <ClCompile Include="airdcpp\MessageHighlight.cpp" />
@@ -340,6 +341,7 @@
     <ClInclude Include="airdcpp\AdcCommand.h" />
     <ClInclude Include="airdcpp\AdcHub.h" />
     <ClInclude Include="airdcpp\AddressInfo.h" />
+    <ClInclude Include="airdcpp\HashStore.h" />
     <ClInclude Include="airdcpp\QueueAddInfo.h" />
     <ClInclude Include="airdcpp\constants.h" />
     <ClInclude Include="airdcpp\DirectoryDownload.h" />

diff --git a/airdcpp-core/airdcpp.vcxproj.filters b/airdcpp-core/airdcpp.vcxproj.filters
@@ -362,6 +362,9 @@
     <ClCompile Include="airdcpp\Hasher.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
+    <ClCompile Include="airdcpp\HashStore.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="airdcpp\AdcCommand.h">
@@ -964,6 +967,9 @@
     <ClInclude Include="airdcpp\QueueAddInfo.h">
       <Filter>Header Files</Filter>
     </ClInclude>
+    <ClInclude Include="airdcpp\HashStore.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <CustomBuild Include="airdcpp\StringDefs.h">

diff --git a/airdcpp-core/airdcpp/AdcHub.cpp b/airdcpp-core/airdcpp/AdcHub.cpp
@@ -270,21 +270,6 @@ void AdcHub::handle(AdcCommand::INF, AdcCommand& c) noexcept {
 				statusMessage("WARNING: This hub is not displaying the connection speed fields, which prevents the client from choosing the best sources for downloads. Please advise the hub owner to fix this.", LogMessage::SEV_WARNING);
 			}
 
-			if (isSocketSecure()) {
-				auto encryption = getEncryptionInfo();
-				if (encryption.find("TLSv1.2") == string::npos && encryption.find("TLSv1.3") == string::npos) {
-					string warningMessage =
-						"This hub uses an outdated cryptographic protocol (" + encryption + ") with known security issues. "
-						"\n\n"
-						"IMPORTANT: IF THE HUB DECIDES TO TAKE NO ACTION, YOU WILL NOT BE ABLE TO JOIN THIS HUB AFTER 1ST OF JANUARY 2021"
-						"\n\n"
-						"For more information, please see https://www.airdcpp.net/hubsoft-warnings"
-						"\n";
-
-					statusMessage(warningMessage, LogMessage::SEV_ERROR);
-				}
-			}
-
 			if (isHubsoftVersionOrOlder("luadch", 2.18)) {
 				statusMessage("This hub uses an outdated hubsoft version that doesn't forward Advanced Direct Connect protocol messages according to the protocol specifications, which may silently break various client features. Certain functionality may have been disabled automatically in this hub. For more information, please see https://www.airdcpp.net/hubsoft-warnings", LogMessage::SEV_WARNING);
 			}

diff --git a/airdcpp-core/airdcpp/CryptoManager.cpp b/airdcpp-core/airdcpp/CryptoManager.cpp
@@ -109,24 +109,16 @@ CryptoManager::CryptoManager()
 }
 
 void CryptoManager::setContextOptions(SSL_CTX* aCtx, bool aServer) {
-	// TLS <= 1.2 ciphers
-#ifdef _DEBUG
-	bool useStrictConfig = true;
-#else
-	bool useStrictConfig = GET_TIME() > 1609459200; // 1.1.2021
-#endif
-	if (useStrictConfig) {
-		// Only require TLS 1.2 => for now, other requirements need to be tested first for compatibility issues
+	// Only require TLS 1.2 => for now, other requirements need to be tested first for compatibility issues
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
-		SSL_CTX_set_min_proto_version(aCtx, TLS1_2_VERSION);
-		// SSL_CTX_set_security_level(aCtx, 2);
+	SSL_CTX_set_min_proto_version(aCtx, TLS1_2_VERSION);
+	// SSL_CTX_set_security_level(aCtx, 2);
 #endif
-		// From DC++
-		// Connections with an unsupported cipher would just time out without any error, so don't use these yet
+	// From DC++
+	// Connections with an unsupported cipher would just time out without any error, so don't use these yet
 
-		// const char ciphersuitesTls12[] = "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256";
-		// SSL_CTX_set_cipher_list(aCtx, ciphersuitesTls12);
-	}
+	// const char ciphersuitesTls12[] = "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256";
+	// SSL_CTX_set_cipher_list(aCtx, ciphersuitesTls12);
 
 	const char ciphersuitesTls12[] =
 		"ECDHE-ECDSA-AES128-GCM-SHA256:"