diff --git a/libretroshare/src/retroshare/rspeers.h b/libretroshare/src/retroshare/rspeers.h
index 1ae7e5941..f7574afaa 100644
--- a/libretroshare/src/retroshare/rspeers.h
+++ b/libretroshare/src/retroshare/rspeers.h
@@ -78,8 +78,9 @@ const uint32_t RS_PEER_STATE_UNREACHABLE= 0x0008;
const ServicePermissionFlags RS_NODE_PERM_NONE ( 0x00000000 ) ;// 0x1, 0x2 and Ox4 are deprecated.
const ServicePermissionFlags RS_NODE_PERM_DIRECT_DL ( 0x00000008 ) ;// Accept to directly DL from this peer (breaks anonymity)
const ServicePermissionFlags RS_NODE_PERM_ALLOW_PUSH ( 0x00000010 ) ;// Auto-DL files recommended by this peer
-const ServicePermissionFlags RS_NODE_PERM_DEFAULT = RS_NODE_PERM_DIRECT_DL ;
-const ServicePermissionFlags RS_NODE_PERM_ALL = RS_NODE_PERM_DIRECT_DL | RS_NODE_PERM_ALLOW_PUSH;
+const ServicePermissionFlags RS_NODE_PERM_REQUIRE_WL ( 0x00000020 ) ;// Require white list clearance for connection
+const ServicePermissionFlags RS_NODE_PERM_DEFAULT = RS_NODE_PERM_DIRECT_DL | RS_NODE_PERM_REQUIRE_WL;
+const ServicePermissionFlags RS_NODE_PERM_ALL = RS_NODE_PERM_DIRECT_DL | RS_NODE_PERM_ALLOW_PUSH | RS_NODE_PERM_REQUIRE_WL;
// ...
diff --git a/retroshare-gui/src/gui/ServicePermissionDialog.cpp b/retroshare-gui/src/gui/ServicePermissionDialog.cpp
index 9d364c271..b3afbeb45 100644
--- a/retroshare-gui/src/gui/ServicePermissionDialog.cpp
+++ b/retroshare-gui/src/gui/ServicePermissionDialog.cpp
@@ -55,6 +55,8 @@ ServicePermissionDialog::ServicePermissionDialog() :
mColumns[column] = RS_NODE_PERM_DIRECT_DL;
column = ui->servicePermissionList->addColumn(tr("Auto-download recommended files"));
mColumns[column] = RS_NODE_PERM_ALLOW_PUSH;
+ column = ui->servicePermissionList->addColumn(tr("Require whitelist"));
+ mColumns[column] = RS_NODE_PERM_REQUIRE_WL;
ui->servicePermissionList->start();
}
diff --git a/retroshare-gui/src/gui/connect/ConfCertDialog.cpp b/retroshare-gui/src/gui/connect/ConfCertDialog.cpp
index c17e5ba4d..47dfabba2 100644
--- a/retroshare-gui/src/gui/connect/ConfCertDialog.cpp
+++ b/retroshare-gui/src/gui/connect/ConfCertDialog.cpp
@@ -137,6 +137,7 @@ void ConfCertDialog::setServiceFlags()
if( ui._direct_transfer_CB->isChecked()) flags = flags | RS_NODE_PERM_DIRECT_DL ;
if( ui._allow_push_CB->isChecked()) flags = flags | RS_NODE_PERM_ALLOW_PUSH ;
+ if( ui._require_WL_CB->isChecked()) flags = flags | RS_NODE_PERM_REQUIRE_WL ;
rsPeers->setServicePermissionFlags(pgpId,flags) ;
}
@@ -162,6 +163,7 @@ void ConfCertDialog::load()
ui._direct_transfer_CB->setChecked( detail.service_perm_flags & RS_NODE_PERM_DIRECT_DL ) ;
ui._allow_push_CB->setChecked( detail.service_perm_flags & RS_NODE_PERM_ALLOW_PUSH) ;
+ ui._require_WL_CB->setChecked( detail.service_perm_flags & RS_NODE_PERM_REQUIRE_WL) ;
//ui.pgpfingerprint->setText(QString::fromUtf8(detail.name.c_str()));
ui.peerid->setText(QString::fromStdString(detail.id.toStdString()));
diff --git a/retroshare-gui/src/gui/connect/ConfCertDialog.ui b/retroshare-gui/src/gui/connect/ConfCertDialog.ui
index 58a0f0741..358f411ee 100644
--- a/retroshare-gui/src/gui/connect/ConfCertDialog.ui
+++ b/retroshare-gui/src/gui/connect/ConfCertDialog.ui
@@ -60,7 +60,7 @@
-
- 0
+ 2
@@ -445,7 +445,7 @@
Options
-
-
+
-
Qt::Vertical
@@ -475,6 +475,16 @@
+ -
+
+
+ <html><head/><body><p>Peers that have this option cannot connect if their connection address is not in the whitelist. This protects you from traffic forwarding attacks. When used, rejected peers will be reported by "security feed items" in the News Feed section. From there, you can whitelist/blacklist their IP.</p></body></html>
+
+
+ Require white list clearance
+
+
+
diff --git a/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp b/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp
index a61ff4d3a..edd45a2f6 100755
--- a/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp
+++ b/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp
@@ -258,6 +258,7 @@ void ConnectFriendWizard::initializePage(int id)
ui->_direct_transfer_CB_2 ->setChecked(peerDetails.service_perm_flags & RS_NODE_PERM_DIRECT_DL) ;
ui->_allow_push_CB_2 ->setChecked(peerDetails.service_perm_flags & RS_NODE_PERM_ALLOW_PUSH) ;
+ ui->_require_WL_CB_2 ->setChecked(peerDetails.service_perm_flags & RS_NODE_PERM_REQUIRE_WL) ;
RsPeerDetails tmp_det ;
bool already_in_keyring = rsPeers->getGPGDetails(peerDetails.gpg_id, tmp_det) ;
@@ -623,9 +624,11 @@ ServicePermissionFlags ConnectFriendWizard::serviceFlags() const
{
if( ui->_direct_transfer_CB->isChecked()) flags |= RS_NODE_PERM_DIRECT_DL ;
if( ui->_allow_push_CB->isChecked()) flags |= RS_NODE_PERM_ALLOW_PUSH ;
+ if( ui->_require_WL_CB->isChecked()) flags |= RS_NODE_PERM_REQUIRE_WL ;
} else if (hasVisitedPage(Page_Conclusion)) {
if( ui->_direct_transfer_CB_2->isChecked()) flags |= RS_NODE_PERM_DIRECT_DL ;
if( ui->_allow_push_CB_2->isChecked()) flags |= RS_NODE_PERM_ALLOW_PUSH ;
+ if( ui->_require_WL_CB_2->isChecked()) flags |= RS_NODE_PERM_REQUIRE_WL ;
}
return flags ;
}
diff --git a/retroshare-gui/src/gui/connect/ConnectFriendWizard.ui b/retroshare-gui/src/gui/connect/ConnectFriendWizard.ui
index 8b9f8dc7b..dbce19959 100644
--- a/retroshare-gui/src/gui/connect/ConnectFriendWizard.ui
+++ b/retroshare-gui/src/gui/connect/ConnectFriendWizard.ui
@@ -694,6 +694,13 @@
+ -
+
+
+ Require whitelist clearance to connect
+
+
+
-
@@ -1020,6 +1027,13 @@
+ -
+
+
+ Require whitelist clearance to connect
+
+
+