From cca5a56643aeb6beeb1adafc0b884e8a0f214fa1 Mon Sep 17 00:00:00 2001
From: Qv2ray-dev <59914293+Qv2ray-dev@users.noreply.github.com>
Date: Mon, 13 Apr 2020 16:03:29 +0800
Subject: [PATCH] add: test adding allowInsecure allowInsecureCipher

---
 src/base/models/CoreObjectModels.hpp    |  5 +++--
 src/base/models/QvSettingsObject.hpp    |  3 ++-
 src/core/connection/Serialization.cpp   | 16 ++++++++++++++++
 src/core/handler/ConfigHandler.cpp      |  9 ++++-----
 src/ui/w_PreferencesWindow.cpp          | 21 +++++++++++++++++++--
 src/ui/w_PreferencesWindow.hpp          |  2 ++
 src/ui/w_PreferencesWindow.ui           | 18 ++++++++++++++++--
 src/ui/widgets/StreamSettingsWidget.cpp | 12 +++++++++---
 src/ui/widgets/StreamSettingsWidget.hpp |  4 +++-
 src/ui/widgets/StreamSettingsWidget.ui  | 20 ++++++++++----------
 10 files changed, 84 insertions(+), 26 deletions(-)

diff --git a/src/base/models/CoreObjectModels.hpp b/src/base/models/CoreObjectModels.hpp
index 14d86f04..3c4e5a68 100644
--- a/src/base/models/CoreObjectModels.hpp
+++ b/src/base/models/CoreObjectModels.hpp
@@ -257,13 +257,14 @@ namespace Qv2ray::base::objects
         {
             QString serverName;
             bool allowInsecure;
+            bool allowInsecureCiphers;
             QList<QString> alpn;
             QList<CertificateObject> certificates;
             bool disableSystemRoot;
-            TLSObject() : serverName(), allowInsecure(), certificates(), disableSystemRoot()
+            TLSObject() : serverName(), allowInsecure(), allowInsecureCiphers(), certificates(), disableSystemRoot()
             {
             }
-            XTOSTRUCT(O(serverName, allowInsecure, alpn, certificates, disableSystemRoot))
+            XTOSTRUCT(O(serverName, allowInsecure, allowInsecureCiphers, alpn, certificates, disableSystemRoot))
         };
     } // namespace transfer
     //
diff --git a/src/base/models/QvSettingsObject.hpp b/src/base/models/QvSettingsObject.hpp
index db3c6e8c..6c216d86 100644
--- a/src/base/models/QvSettingsObject.hpp
+++ b/src/base/models/QvSettingsObject.hpp
@@ -217,8 +217,9 @@ namespace Qv2ray::base::config
     struct Qv2rayAdvancedConfig
     {
         bool setAllowInsecure;
+        bool setAllowInsecureCiphers;
         bool testLatencyPeriodcally;
-        XTOSTRUCT(O(setAllowInsecure, testLatencyPeriodcally))
+        XTOSTRUCT(O(setAllowInsecure, setAllowInsecureCiphers, testLatencyPeriodcally))
     };
 
     struct Qv2rayNetworkConfig
diff --git a/src/core/connection/Serialization.cpp b/src/core/connection/Serialization.cpp
index 56a3445f..b9aa8908 100644
--- a/src/core/connection/Serialization.cpp
+++ b/src/core/connection/Serialization.cpp
@@ -16,6 +16,22 @@ namespace Qv2ray::core::connection
             if (link.startsWith("vmess://"))
             {
                 auto conf = ConvertConfigFromVMessString(link, prefix, errMessage);
+                //
+                if (GlobalConfig.advancedConfig.setAllowInsecureCiphers || GlobalConfig.advancedConfig.setAllowInsecure)
+                {
+                    auto outbound = conf["outbounds"].toArray().first().toObject();
+                    auto streamSettings = outbound["streamSettings"].toObject();
+                    auto tlsSettings = streamSettings["tlsSettings"].toObject();
+                    tlsSettings["allowInsecure"] = GlobalConfig.advancedConfig.setAllowInsecure;
+                    tlsSettings["allowInsecureCiphers"] = GlobalConfig.advancedConfig.setAllowInsecureCiphers;
+                    streamSettings["tlsSettings"] = tlsSettings;
+                    outbound["streamSettings"] = streamSettings;
+                    //
+                    auto outbounds = conf["outbounds"].toArray();
+                    outbounds[0] = outbound;
+                    conf["outbounds"] = outbounds;
+                }
+                //
                 connectionConf.insert(*prefix, conf);
             }
             else if (link.startsWith("ss://"))
diff --git a/src/core/handler/ConfigHandler.cpp b/src/core/handler/ConfigHandler.cpp
index ae39900a..9771bba0 100644
--- a/src/core/handler/ConfigHandler.cpp
+++ b/src/core/handler/ConfigHandler.cpp
@@ -13,7 +13,7 @@ namespace Qv2ray::core::handlers
         DEBUG(MODULE_CORE_HANDLER, "ConnectionHandler Constructor.")
 
         // Do we need to check how many of them are loaded?
-        // Do not use: for (const auto &key : connections)
+        // Do not use: for (const auto &key : connections), why?
         for (auto i = 0; i < GlobalConfig.connections.count(); i++)
         {
             auto const &id = ConnectionId(GlobalConfig.connections.keys().at(i));
@@ -87,10 +87,9 @@ namespace Qv2ray::core::handlers
         httpHelper = new QvHttpRequestHelper(this);
         connect(tcpingHelper, &QvTCPingHelper::OnLatencyTestCompleted, this, &QvConfigHandler::OnLatencyDataArrived_p);
         //
-        // Save per 2 minutes.
-        saveTimerId = startTimer(2 * 60 * 1000);
+        // Save per 1 minutes.
+        saveTimerId = startTimer(1 * 60 * 1000);
         // Do not ping all...
-        // pingAllTimerId = startTimer(5 * 60 * 1000);
         pingConnectionTimerId = startTimer(60 * 1000);
     }
 
@@ -141,7 +140,7 @@ namespace Qv2ray::core::handlers
         else if (event->timerId() == pingConnectionTimerId)
         {
             auto id = kernelHandler->CurrentConnection();
-            if (id != NullConnectionId)
+            if (id != NullConnectionId && GlobalConfig.advancedConfig.testLatencyPeriodcally)
             {
                 StartLatencyTest(id);
             }
diff --git a/src/ui/w_PreferencesWindow.cpp b/src/ui/w_PreferencesWindow.cpp
index 5ab4b16b..f28f0867 100644
--- a/src/ui/w_PreferencesWindow.cpp
+++ b/src/ui/w_PreferencesWindow.cpp
@@ -139,6 +139,7 @@ PreferencesWindow::PreferencesWindow(QWidget *parent) : QDialog(parent), Current
     //
     // Advanced config.
     setAllowInsecureCB->setChecked(CurrentConfig.advancedConfig.setAllowInsecure);
+    setAllowInsecureCiphersCB->setChecked(CurrentConfig.advancedConfig.setAllowInsecureCiphers);
     setTestLatenctCB->setChecked(CurrentConfig.advancedConfig.testLatencyPeriodcally);
     //
     DNSListTxt->clear();
@@ -1156,13 +1157,29 @@ void PreferencesWindow::on_qvUseProxyCB_stateChanged(int arg1)
 void PreferencesWindow::on_setAllowInsecureCB_stateChanged(int arg1)
 {
     LOADINGCHECK
-    QvMessageBoxWarn(this, tr("Dangerous Operation"), tr("You may under MITM attack, which is just what TLS is protective for."));
+    if (arg1 == Qt::Checked)
+    {
+        QvMessageBoxWarn(this, tr("Dangerous Operation"), tr("You will lose the advantage of TLS and make your connection under MITM attack."));
+    }
     CurrentConfig.advancedConfig.setAllowInsecure = arg1 == Qt::Checked;
 }
 
 void PreferencesWindow::on_setTestLatenctCB_stateChanged(int arg1)
 {
     LOADINGCHECK
-    QvMessageBoxWarn(this, tr("Dangerous Operation"), tr("This will (probably) makes it easy to fingerprint your connection."));
+    if (arg1 == Qt::Checked)
+    {
+        QvMessageBoxWarn(this, tr("Dangerous Operation"), tr("This will (probably) makes it easy to fingerprint your connection."));
+    }
     CurrentConfig.advancedConfig.testLatencyPeriodcally = arg1 == Qt::Checked;
 }
+
+void PreferencesWindow::on_setAllowInsecureCiphersCB_stateChanged(int arg1)
+{
+    LOADINGCHECK
+    if (arg1 == Qt::Checked)
+    {
+        QvMessageBoxWarn(this, tr("Dangerous Operation"), tr("You will lose the advantage of TLS and make your connection under MITM attack."));
+    }
+    CurrentConfig.advancedConfig.setAllowInsecureCiphers = arg1 == Qt::Checked;
+}
diff --git a/src/ui/w_PreferencesWindow.hpp b/src/ui/w_PreferencesWindow.hpp
index 62e4c1ad..fc5dec20 100644
--- a/src/ui/w_PreferencesWindow.hpp
+++ b/src/ui/w_PreferencesWindow.hpp
@@ -174,6 +174,8 @@ class PreferencesWindow
 
     void on_setTestLatenctCB_stateChanged(int arg1);
 
+    void on_setAllowInsecureCiphersCB_stateChanged(int arg1);
+
   private:
     //
     RouteSettingsMatrixWidget *routeSettingsWidget;
diff --git a/src/ui/w_PreferencesWindow.ui b/src/ui/w_PreferencesWindow.ui
index 819f0cb3..98720403 100644
--- a/src/ui/w_PreferencesWindow.ui
+++ b/src/ui/w_PreferencesWindow.ui
@@ -347,14 +347,14 @@ This could resolve the certificate issues, but also could let one performing TLS
               </property>
              </widget>
             </item>
-            <item row="2" column="0">
+            <item row="3" column="0">
              <widget class="QLabel" name="label_83">
               <property name="text">
                <string>Test Latency Periodcally</string>
               </property>
              </widget>
             </item>
-            <item row="2" column="1">
+            <item row="3" column="1">
              <widget class="QCheckBox" name="setTestLatenctCB">
               <property name="toolTip">
                <string>Run TCPing or ICMPing periodcally after connecting to a server.
@@ -383,6 +383,20 @@ But could damage your server if improperly used.</string>
               </property>
              </widget>
             </item>
+            <item row="2" column="0">
+             <widget class="QLabel" name="label_85">
+              <property name="text">
+               <string>AllowInsecureCiphers By Default</string>
+              </property>
+             </widget>
+            </item>
+            <item row="2" column="1">
+             <widget class="QCheckBox" name="setAllowInsecureCiphersCB">
+              <property name="text">
+               <string>Enabled</string>
+              </property>
+             </widget>
+            </item>
            </layout>
           </widget>
          </item>
diff --git a/src/ui/widgets/StreamSettingsWidget.cpp b/src/ui/widgets/StreamSettingsWidget.cpp
index a0f1825c..eea7fa3e 100644
--- a/src/ui/widgets/StreamSettingsWidget.cpp
+++ b/src/ui/widgets/StreamSettingsWidget.cpp
@@ -22,7 +22,7 @@ QvMessageBusSlotImpl(StreamSettingsWidget)
     }
 }
 
-StreamSettingsObject StreamSettingsWidget::GetStreamSettings()
+StreamSettingsObject StreamSettingsWidget::GetStreamSettings() const
 {
     return stream;
 }
@@ -36,6 +36,7 @@ void StreamSettingsWidget::SetStreamObject(const StreamSettingsObject &sso)
     tlsCB->setChecked(stream.security == "tls");
     serverNameTxt->setText(stream.tlsSettings.serverName);
     allowInsecureCB->setChecked(stream.tlsSettings.allowInsecure);
+    allowInsecureCiphersCB->setChecked(stream.tlsSettings.allowInsecureCiphers);
     alpnTxt->setPlainText(stream.tlsSettings.alpn.join(NEWLINE));
     // TCP
     tcpHeaderTypeCB->setCurrentText(stream.tcpSettings.header.type);
@@ -47,9 +48,9 @@ void StreamSettingsWidget::SetStreamObject(const StreamSettingsObject &sso)
     // WS
     wsPathTxt->setText(stream.wsSettings.path);
     QString wsHeaders;
-    for (auto index = 0; index < stream.wsSettings.headers.count(); index++)
+    for (auto i = 0; i < stream.wsSettings.headers.count(); i++)
     {
-        wsHeaders = wsHeaders % stream.wsSettings.headers.keys().at(index) % "|" % stream.wsSettings.headers.values().at(index) % NEWLINE;
+        wsHeaders = wsHeaders % stream.wsSettings.headers.keys().at(i) % "|" % stream.wsSettings.headers.values().at(i) % NEWLINE;
     }
 
     wsHeadersTxt->setPlainText(wsHeaders);
@@ -284,3 +285,8 @@ void StreamSettingsWidget::on_alpnTxt_textChanged()
 {
     stream.tlsSettings.alpn = SplitLines(alpnTxt->toPlainText());
 }
+
+void StreamSettingsWidget::on_allowInsecureCiphersCB_stateChanged(int arg1)
+{
+    stream.tlsSettings.allowInsecureCiphers = arg1 == Qt::Checked;
+}
diff --git a/src/ui/widgets/StreamSettingsWidget.hpp b/src/ui/widgets/StreamSettingsWidget.hpp
index 32c309bb..8393a9a4 100644
--- a/src/ui/widgets/StreamSettingsWidget.hpp
+++ b/src/ui/widgets/StreamSettingsWidget.hpp
@@ -14,7 +14,7 @@ class StreamSettingsWidget
   public:
     explicit StreamSettingsWidget(QWidget *parent = nullptr);
     void SetStreamObject(const StreamSettingsObject &sso);
-    StreamSettingsObject GetStreamSettings();
+    StreamSettingsObject GetStreamSettings() const;
 
   private slots:
     void on_httpPathTxt_textEdited(const QString &arg1);
@@ -77,6 +77,8 @@ class StreamSettingsWidget
 
     void on_alpnTxt_textChanged();
 
+    void on_allowInsecureCiphersCB_stateChanged(int arg1);
+
   private:
     QvMessageBusSlotDecl;
     StreamSettingsObject stream;
diff --git a/src/ui/widgets/StreamSettingsWidget.ui b/src/ui/widgets/StreamSettingsWidget.ui
index 66620515..0b401485 100644
--- a/src/ui/widgets/StreamSettingsWidget.ui
+++ b/src/ui/widgets/StreamSettingsWidget.ui
@@ -635,37 +635,37 @@
          </property>
         </widget>
        </item>
-       <item row="2" column="0">
+       <item row="3" column="0">
         <widget class="QLabel" name="label_6">
          <property name="text">
           <string>Server</string>
          </property>
         </widget>
        </item>
-       <item row="2" column="1">
+       <item row="3" column="1">
         <widget class="QLineEdit" name="serverNameTxt"/>
        </item>
-       <item row="3" column="0">
+       <item row="4" column="0">
         <widget class="QLabel" name="label_14">
          <property name="text">
           <string>ALPN</string>
          </property>
         </widget>
        </item>
-       <item row="3" column="1">
+       <item row="4" column="1">
         <widget class="QPlainTextEdit" name="alpnTxt"/>
        </item>
-       <item row="0" column="0">
-        <widget class="QLabel" name="label_13">
+       <item row="0" column="0" colspan="2">
+        <widget class="QCheckBox" name="tlsCB">
          <property name="text">
-          <string>TLS</string>
+          <string>Enable TLS</string>
          </property>
         </widget>
        </item>
-       <item row="0" column="1">
-        <widget class="QCheckBox" name="tlsCB">
+       <item row="2" column="0" colspan="2">
+        <widget class="QCheckBox" name="allowInsecureCiphersCB">
          <property name="text">
-          <string>Enabled</string>
+          <string>Allow Insecure Ciphers</string>
          </property>
         </widget>
        </item>