Implemented hashed cloaked hostnames for +x
CloakHostModeX can now contain '%x'. It will be replace by the hash of the original client hostname. The new config option CloakHostModeXSalt defines the salt for the hash function. When CloakHostModeXSalt is not set a random salt will be generated after each server restart. Spelling fix in defines.h
This commit is contained in:
parent
b9e6cb3e55
commit
49385a98b2
|
@ -131,10 +131,12 @@
|
||||||
|
|
||||||
# Use this hostname for hostname cloaking on clients that have the
|
# Use this hostname for hostname cloaking on clients that have the
|
||||||
# user mode "+x" set, instead of the name of the server.
|
# user mode "+x" set, instead of the name of the server.
|
||||||
# Please note: don't use the percentage sign ("%"), it is reserved for
|
# Use %x to add the hashed value of the original hostname
|
||||||
# future extensions!
|
|
||||||
;CloakHostModeX = cloaked.user
|
;CloakHostModeX = cloaked.user
|
||||||
|
|
||||||
|
# The Salt for cloaked hostname hashing
|
||||||
|
;CloakHostModeXSalt = abcdefghijklmnopqrstuvwxyz
|
||||||
|
|
||||||
# Set every clients' user name to their nick name
|
# Set every clients' user name to their nick name
|
||||||
;CloakUserToNick = yes
|
;CloakUserToNick = yes
|
||||||
|
|
||||||
|
|
|
@ -223,13 +223,10 @@ Don't use the percentage sign ("%"), it is reserved for future extensions!
|
||||||
\fBCloakHostModeX\fR (string)
|
\fBCloakHostModeX\fR (string)
|
||||||
Use this hostname for hostname cloaking on clients that have the user mode
|
Use this hostname for hostname cloaking on clients that have the user mode
|
||||||
"+x" set, instead of the name of the server. Default: empty, use the name
|
"+x" set, instead of the name of the server. Default: empty, use the name
|
||||||
of the server.
|
of the server. Use %x to add the hashed value of the original hostname
|
||||||
.PP
|
.TP
|
||||||
.RS
|
\fBCloakHostModeXSalt\fR (string)
|
||||||
.B Please note:
|
The Salt for cloaked hostname hashing
|
||||||
.br
|
|
||||||
Don't use the percentage sign ("%"), it is reserved for future extensions!
|
|
||||||
.RE
|
|
||||||
.TP
|
.TP
|
||||||
\fBCloakUserToNick\fR (boolean)
|
\fBCloakUserToNick\fR (boolean)
|
||||||
Set every clients' user name to their nick name and hide the one supplied
|
Set every clients' user name to their nick name and hide the one supplied
|
||||||
|
|
|
@ -817,17 +817,24 @@ GLOBAL char *
|
||||||
Client_MaskCloaked(CLIENT *Client)
|
Client_MaskCloaked(CLIENT *Client)
|
||||||
{
|
{
|
||||||
static char Mask_Buffer[GETID_LEN];
|
static char Mask_Buffer[GETID_LEN];
|
||||||
|
char Cloak_Buffer[GETID_LEN];
|
||||||
|
|
||||||
assert (Client != NULL);
|
assert (Client != NULL);
|
||||||
|
|
||||||
/* Is the client using cloaking at all? */
|
/* Is the client using cloaking at all? */
|
||||||
if (!Client_HasMode(Client, 'x'))
|
if (!Client_HasMode(Client, 'x'))
|
||||||
return Client_Mask(Client);
|
return Client_Mask(Client);
|
||||||
|
|
||||||
|
if(*Conf_CloakHostModeX) {
|
||||||
|
snprintf(Mask_Buffer, GETID_LEN, "%s%s", Client->host, Conf_CloakHostModeXSalt);
|
||||||
|
snprintf(Cloak_Buffer, GETID_LEN, Conf_CloakHostModeX, Hash(Mask_Buffer));
|
||||||
|
} else {
|
||||||
|
strncpy(Cloak_Buffer, Client_ID(Client->introducer), GETID_LEN);
|
||||||
|
}
|
||||||
|
|
||||||
snprintf(Mask_Buffer, GETID_LEN, "%s!%s@%s",
|
snprintf(Mask_Buffer, GETID_LEN, "%s!%s@%s",
|
||||||
Client->id, Client->user,
|
Client->id, Client->user, Cloak_Buffer);
|
||||||
*Conf_CloakHostModeX ? Conf_CloakHostModeX
|
|
||||||
: Client_ID(Client->introducer));
|
|
||||||
return Mask_Buffer;
|
return Mask_Buffer;
|
||||||
} /* Client_MaskCloaked */
|
} /* Client_MaskCloaked */
|
||||||
|
|
||||||
|
|
|
@ -359,6 +359,7 @@ Conf_Test( void )
|
||||||
printf(" ChrootDir = %s\n", Conf_Chroot);
|
printf(" ChrootDir = %s\n", Conf_Chroot);
|
||||||
printf(" CloakHost = %s\n", Conf_CloakHost);
|
printf(" CloakHost = %s\n", Conf_CloakHost);
|
||||||
printf(" CloakHostModeX = %s\n", Conf_CloakHostModeX);
|
printf(" CloakHostModeX = %s\n", Conf_CloakHostModeX);
|
||||||
|
printf(" CloakHostModeXSalt = %s\n", Conf_CloakHostModeXSalt);
|
||||||
printf(" CloakUserToNick = %s\n", yesno_to_str(Conf_CloakUserToNick));
|
printf(" CloakUserToNick = %s\n", yesno_to_str(Conf_CloakUserToNick));
|
||||||
#ifdef WANT_IPV6
|
#ifdef WANT_IPV6
|
||||||
printf(" ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6));
|
printf(" ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6));
|
||||||
|
@ -652,6 +653,7 @@ static void
|
||||||
Set_Defaults(bool InitServers)
|
Set_Defaults(bool InitServers)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
char random[RANDOM_SALT_LEN];
|
||||||
|
|
||||||
/* Global */
|
/* Global */
|
||||||
strcpy(Conf_ServerName, "");
|
strcpy(Conf_ServerName, "");
|
||||||
|
@ -686,6 +688,7 @@ Set_Defaults(bool InitServers)
|
||||||
strlcpy(Conf_Chroot, CHROOT_DIR, sizeof(Conf_Chroot));
|
strlcpy(Conf_Chroot, CHROOT_DIR, sizeof(Conf_Chroot));
|
||||||
strcpy(Conf_CloakHost, "");
|
strcpy(Conf_CloakHost, "");
|
||||||
strcpy(Conf_CloakHostModeX, "");
|
strcpy(Conf_CloakHostModeX, "");
|
||||||
|
strcpy(Conf_CloakHostModeXSalt,ngt_RandomStr(random,RANDOM_SALT_LEN));
|
||||||
Conf_CloakUserToNick = false;
|
Conf_CloakUserToNick = false;
|
||||||
Conf_ConnectIPv4 = true;
|
Conf_ConnectIPv4 = true;
|
||||||
#ifdef WANT_IPV6
|
#ifdef WANT_IPV6
|
||||||
|
@ -1485,6 +1488,12 @@ Handle_OPTIONS(int Line, char *Var, char *Arg)
|
||||||
Config_Error_TooLong(Line, Var);
|
Config_Error_TooLong(Line, Var);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
if (strcasecmp(Var, "CloakHostModeXSalt") == 0) {
|
||||||
|
len = strlcpy(Conf_CloakHostModeXSalt, Arg, sizeof(Conf_CloakHostModeXSalt));
|
||||||
|
if (len >= sizeof(Conf_CloakHostModeX))
|
||||||
|
Config_Error_TooLong(Line, Var);
|
||||||
|
return;
|
||||||
|
}
|
||||||
if (strcasecmp(Var, "CloakUserToNick") == 0) {
|
if (strcasecmp(Var, "CloakUserToNick") == 0) {
|
||||||
Conf_CloakUserToNick = Check_ArgIsTrue(Arg);
|
Conf_CloakUserToNick = Check_ArgIsTrue(Arg);
|
||||||
return;
|
return;
|
||||||
|
|
|
@ -169,6 +169,9 @@ GLOBAL char Conf_CloakHost[CLIENT_ID_LEN];
|
||||||
/** Cloaked hostname for clients that did +x */
|
/** Cloaked hostname for clients that did +x */
|
||||||
GLOBAL char Conf_CloakHostModeX[CLIENT_ID_LEN];
|
GLOBAL char Conf_CloakHostModeX[CLIENT_ID_LEN];
|
||||||
|
|
||||||
|
/** Salt for hostname hash for clients that did +x */
|
||||||
|
GLOBAL char Conf_CloakHostModeXSalt[CLIENT_ID_LEN];
|
||||||
|
|
||||||
/** Use nick name as user name? */
|
/** Use nick name as user name? */
|
||||||
GLOBAL bool Conf_CloakUserToNick;
|
GLOBAL bool Conf_CloakUserToNick;
|
||||||
|
|
||||||
|
|
|
@ -44,9 +44,12 @@
|
||||||
/** Max. length of file name. */
|
/** Max. length of file name. */
|
||||||
#define FNAME_LEN 256
|
#define FNAME_LEN 256
|
||||||
|
|
||||||
/** Max. lenght of fully qualified host names (e. g. "abc.domain.tld"). */
|
/** Max. length of fully qualified host names (e. g. "abc.domain.tld"). */
|
||||||
#define HOST_LEN 256
|
#define HOST_LEN 256
|
||||||
|
|
||||||
|
/** Max. length of random salt */
|
||||||
|
#define RANDOM_SALT_LEN 32
|
||||||
|
|
||||||
|
|
||||||
/* Size of structures */
|
/* Size of structures */
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,9 @@
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
#include <sys/time.h>
|
||||||
|
|
||||||
#include <netinet/in.h>
|
#include <netinet/in.h>
|
||||||
|
|
||||||
|
@ -129,6 +131,34 @@ ngt_TrimLastChr( char *String, const char Chr)
|
||||||
} /* ngt_TrimLastChr */
|
} /* ngt_TrimLastChr */
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Fill a String with random chars
|
||||||
|
*/
|
||||||
|
GLOBAL char *
|
||||||
|
ngt_RandomStr( char *String, const size_t len)
|
||||||
|
{
|
||||||
|
assert(String != NULL);
|
||||||
|
|
||||||
|
static const char chars[] =
|
||||||
|
"0123456789ABCDEFGHIJKLMNO"
|
||||||
|
"PQRSTUVWXYZabcdefghijklmn"
|
||||||
|
"opqrstuvwxyz!\"#$&'()*+,-"
|
||||||
|
"./:;<=>?@[\\]^_`";
|
||||||
|
|
||||||
|
struct timeval t;
|
||||||
|
gettimeofday(&t, NULL);
|
||||||
|
srand(t.tv_usec * t.tv_sec);
|
||||||
|
|
||||||
|
for (size_t i = 0; i < len; ++i) {
|
||||||
|
String[i] = chars[rand() % (sizeof(chars) - 1)];
|
||||||
|
}
|
||||||
|
|
||||||
|
String[len] = '\0';
|
||||||
|
|
||||||
|
return String;
|
||||||
|
} /* ngt_RandomStr */
|
||||||
|
|
||||||
|
|
||||||
#ifdef SYSLOG
|
#ifdef SYSLOG
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -32,6 +32,8 @@ GLOBAL void ngt_TrimStr PARAMS((char *String ));
|
||||||
GLOBAL char *ngt_UpperStr PARAMS((char *String ));
|
GLOBAL char *ngt_UpperStr PARAMS((char *String ));
|
||||||
GLOBAL char *ngt_LowerStr PARAMS((char *String ));
|
GLOBAL char *ngt_LowerStr PARAMS((char *String ));
|
||||||
|
|
||||||
|
GLOBAL char *ngt_RandomStr PARAMS((char *String, const size_t len));
|
||||||
|
|
||||||
#ifdef SYSLOG
|
#ifdef SYSLOG
|
||||||
GLOBAL const char *ngt_SyslogFacilityName PARAMS((int Facility));
|
GLOBAL const char *ngt_SyslogFacilityName PARAMS((int Facility));
|
||||||
GLOBAL int ngt_SyslogFacilityID PARAMS((char *Name, int DefaultFacility));
|
GLOBAL int ngt_SyslogFacilityID PARAMS((char *Name, int DefaultFacility));
|
||||||
|
|
Loading…
Reference in New Issue