Added a UI section to configure encryption of peers communications

htroot/ConfigNetwork_p.html

@@ -218,6 +218,32 @@
 	</fieldset>
     </form>
     </fieldset>
+    
+    <form method="post" action="ConfigNetwork_p.html" enctype="multipart/form-data" accept-charset="UTF-8">
+    	<input type="hidden" name="transactionToken" value="#[transactionToken]#"/>
+    	<fieldset>
+   			<legend>
+        		<label>Outgoing communications encryption</label>
+      		</legend>
+      		<dl>
+    			<dt>Protocol operations encryption</dt>
+   				<dd>
+    				<label>
+						<input type="checkbox" name="network.unit.protocol.https.preferred" value="true" #(network.unit.protocol.https.preferred)#::checked="checked"#(/network.unit.protocol.https.preferred)# /> 
+						Prefer HTTPS for outgoing connexions to remote peers.
+        			</label>
+        			<p>When <abbr title="Transport Layer Security">TLS</abbr>/<abbr title="Secure Sockets Layer">SSL</abbr> is enabled on remote peers, it should be used to encrypt outgoing communications with them (for operations such as network presence, index transfer, remote crawl...).
+        			Please note that contrary to strict TLS, certificates are not validated against trusted certificate authorities (CA), thus allowing YaCy peers to use self-signed certificates.
+        			</p>
+        			<p>Note also that encryption of remote search queries is configured with a dedicated setting in the <a href="ConfigPortal_p.html">Config Portal</a> page.</p> 
+    			</dd>
+        		<dt></dt>
+        		<dd>
+          			<input type="submit" name="setEncryption" value="Save" class="btn btn-primary"/>
+        		</dd>
+    		</dl>
+    	</fieldset>
+    </form>
     #%env/templates/footer.template%#
   </body>
 </html>

htroot/ConfigNetwork_p.java

@@ -91,6 +91,26 @@ public class ConfigNetwork_p
                     sb.switchNetwork(networkDefinition);
                 }
             }
+            
+			if (post.containsKey("setEncryption")) {
+				/*
+				 * Settings will be modified : check this is a valid transaction using HTTP POST
+				 * method
+				 */
+				TransactionManager.checkPostTransaction(header, post);
+
+				final boolean httpsPreferred = sb.getConfigBool(SwitchboardConstants.NETWORK_PROTOCOL_HTTPS_PREFERRED,
+						SwitchboardConstants.NETWORK_PROTOCOL_HTTPS_PREFERRED_DEFAULT);
+				final boolean newHttpsPreferred = post
+						.getBoolean(SwitchboardConstants.NETWORK_PROTOCOL_HTTPS_PREFERRED);
+				if (httpsPreferred == newHttpsPreferred) {
+					// no change
+					commit = 3;
+				} else {
+					commit = 1;
+					sb.setConfig(SwitchboardConstants.NETWORK_PROTOCOL_HTTPS_PREFERRED, newHttpsPreferred);
+				}
+			}
 
             if ( post.containsKey("save") ) {
             	/* Settings will be modified : check this is a valid transaction using HTTP POST method */
@@ -211,6 +231,11 @@ public class ConfigNetwork_p
             prop.put("networks_" + c++ + "_network", s);
         }
         prop.put("networks", c);
+        
+        // set encryption setting
+		prop.put(SwitchboardConstants.NETWORK_PROTOCOL_HTTPS_PREFERRED,
+				sb.getConfigBool(SwitchboardConstants.NETWORK_PROTOCOL_HTTPS_PREFERRED,
+						SwitchboardConstants.NETWORK_PROTOCOL_HTTPS_PREFERRED_DEFAULT));
 
         return prop;
     }