(GH-458) Warn To Verbose Log For Now

We want to provide the TLS warning in a way that doesn't have people just blindly ignoring future warnings, so we need a way to toggle the warning off once someone has accepted they have read and understood the warning. For now we will log to verbose so that it is at least present in logs, and when folks run at verbose.
chocolatey · Sep 19, 2016 · 558c845 · 558c845
1 parent 396f6fb
commit 558c845
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 4 deletions.
diff --git a/src/chocolatey/infrastructure.app/runners/GenericRunner.cs b/src/chocolatey/infrastructure.app/runners/GenericRunner.cs
@@ -136,7 +136,7 @@ public void run(ChocolateyConfiguration config, Container container, bool isCons
 
             fail_when_license_is_missing_or_invalid_if_requested(config);
 
-            SecurityProtocol.set_protocol();
+            SecurityProtocol.set_protocol(config, provideWarning:true);
 
             EventManager.publish(new PreRunMessage(config));
 

diff --git a/src/chocolatey/infrastructure.app/services/PowershellService.cs b/src/chocolatey/infrastructure.app/services/PowershellService.cs
@@ -479,7 +479,7 @@ public void prepare_powershell_environment(IPackage package, ChocolateyConfigura
                 }
             }
 
-            SecurityProtocol.set_protocol();
+            SecurityProtocol.set_protocol(configuration, provideWarning:false);
         }
 
         private ResolveEventHandler _handler = null;

diff --git a/src/chocolatey/infrastructure/registration/SecurityProtocol.cs b/src/chocolatey/infrastructure/registration/SecurityProtocol.cs
@@ -17,14 +17,15 @@ namespace chocolatey.infrastructure.registration
 {
     using System;
     using System.Net;
+    using app.configuration;
     using logging;
 
     public sealed class SecurityProtocol
     {
         private const int TLS_1_1 = 768;
         private const int TLS_1_2 = 3072;
 
-        public static void set_protocol()
+        public static void set_protocol(ChocolateyConfiguration config, bool provideWarning)
         {
             try
             {
@@ -39,7 +40,10 @@ public static void set_protocol()
             catch (Exception)
             {
                 ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Ssl3;
-                "chocolatey".Log().Warn(ChocolateyLoggers.Important,
+                //todo: provide this warning with the ability to opt out of seeing it again so we can move it up to more prominent visibility and not just the verbose log
+                if (provideWarning)
+                {
+                "chocolatey".Log().Warn(ChocolateyLoggers.Verbose,
 @" !!WARNING!!
 Choco prefers to use TLS v1.2 if it is available, but this client is 
  running on .NET 4.0, which uses an older SSL. It's using TLS 1.0 or 
@@ -48,6 +52,7 @@ public static void set_protocol()
  Chaining. Upgrade to at least .NET 4.5 at your earliest convenience.
 
  For more information you should visit https://www.howsmyssl.com/");
+                }
 
             }
-Original file line number
+Diff line change
@@ Expand Up @@
                     }
                 }
-                SecurityProtocol.set_protocol();
+                SecurityProtocol.set_protocol(configuration, provideWarning:false);
             }
             private ResolveEventHandler _handler = null;
@@ Expand Down @@