Implemented hashed cloaked hostnames for +x

CloakHostModeX can now contain '%x'. It will be replace by the hash of
the original client hostname. The new config option CloakHostModeXSalt
defines the salt for the hash function. When CloakHostModeXSalt is not
set a random salt will be generated after each server restart.

Spelling fix in defines.h
This commit is contained in:
Sebastian Köhler 2012-08-02 13:53:46 +02:00
parent b9e6cb3e55
commit 49385a98b2
8 changed files with 67 additions and 14 deletions

View File

@ -131,10 +131,12 @@
# Use this hostname for hostname cloaking on clients that have the
# user mode "+x" set, instead of the name of the server.
# Please note: don't use the percentage sign ("%"), it is reserved for
# future extensions!
# Use %x to add the hashed value of the original hostname
;CloakHostModeX = cloaked.user
# The Salt for cloaked hostname hashing
;CloakHostModeXSalt = abcdefghijklmnopqrstuvwxyz
# Set every clients' user name to their nick name
;CloakUserToNick = yes

View File

@ -223,13 +223,10 @@ Don't use the percentage sign ("%"), it is reserved for future extensions!
\fBCloakHostModeX\fR (string)
Use this hostname for hostname cloaking on clients that have the user mode
"+x" set, instead of the name of the server. Default: empty, use the name
of the server.
.PP
.RS
.B Please note:
.br
Don't use the percentage sign ("%"), it is reserved for future extensions!
.RE
of the server. Use %x to add the hashed value of the original hostname
.TP
\fBCloakHostModeXSalt\fR (string)
The Salt for cloaked hostname hashing
.TP
\fBCloakUserToNick\fR (boolean)
Set every clients' user name to their nick name and hide the one supplied

View File

@ -817,6 +817,7 @@ GLOBAL char *
Client_MaskCloaked(CLIENT *Client)
{
static char Mask_Buffer[GETID_LEN];
char Cloak_Buffer[GETID_LEN];
assert (Client != NULL);
@ -824,10 +825,16 @@ Client_MaskCloaked(CLIENT *Client)
if (!Client_HasMode(Client, 'x'))
return Client_Mask(Client);
if(*Conf_CloakHostModeX) {
snprintf(Mask_Buffer, GETID_LEN, "%s%s", Client->host, Conf_CloakHostModeXSalt);
snprintf(Cloak_Buffer, GETID_LEN, Conf_CloakHostModeX, Hash(Mask_Buffer));
} else {
strncpy(Cloak_Buffer, Client_ID(Client->introducer), GETID_LEN);
}
snprintf(Mask_Buffer, GETID_LEN, "%s!%s@%s",
Client->id, Client->user,
*Conf_CloakHostModeX ? Conf_CloakHostModeX
: Client_ID(Client->introducer));
Client->id, Client->user, Cloak_Buffer);
return Mask_Buffer;
} /* Client_MaskCloaked */

View File

@ -359,6 +359,7 @@ Conf_Test( void )
printf(" ChrootDir = %s\n", Conf_Chroot);
printf(" CloakHost = %s\n", Conf_CloakHost);
printf(" CloakHostModeX = %s\n", Conf_CloakHostModeX);
printf(" CloakHostModeXSalt = %s\n", Conf_CloakHostModeXSalt);
printf(" CloakUserToNick = %s\n", yesno_to_str(Conf_CloakUserToNick));
#ifdef WANT_IPV6
printf(" ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6));
@ -652,6 +653,7 @@ static void
Set_Defaults(bool InitServers)
{
int i;
char random[RANDOM_SALT_LEN];
/* Global */
strcpy(Conf_ServerName, "");
@ -686,6 +688,7 @@ Set_Defaults(bool InitServers)
strlcpy(Conf_Chroot, CHROOT_DIR, sizeof(Conf_Chroot));
strcpy(Conf_CloakHost, "");
strcpy(Conf_CloakHostModeX, "");
strcpy(Conf_CloakHostModeXSalt,ngt_RandomStr(random,RANDOM_SALT_LEN));
Conf_CloakUserToNick = false;
Conf_ConnectIPv4 = true;
#ifdef WANT_IPV6
@ -1485,6 +1488,12 @@ Handle_OPTIONS(int Line, char *Var, char *Arg)
Config_Error_TooLong(Line, Var);
return;
}
if (strcasecmp(Var, "CloakHostModeXSalt") == 0) {
len = strlcpy(Conf_CloakHostModeXSalt, Arg, sizeof(Conf_CloakHostModeXSalt));
if (len >= sizeof(Conf_CloakHostModeX))
Config_Error_TooLong(Line, Var);
return;
}
if (strcasecmp(Var, "CloakUserToNick") == 0) {
Conf_CloakUserToNick = Check_ArgIsTrue(Arg);
return;

View File

@ -169,6 +169,9 @@ GLOBAL char Conf_CloakHost[CLIENT_ID_LEN];
/** Cloaked hostname for clients that did +x */
GLOBAL char Conf_CloakHostModeX[CLIENT_ID_LEN];
/** Salt for hostname hash for clients that did +x */
GLOBAL char Conf_CloakHostModeXSalt[CLIENT_ID_LEN];
/** Use nick name as user name? */
GLOBAL bool Conf_CloakUserToNick;

View File

@ -44,9 +44,12 @@
/** Max. length of file name. */
#define FNAME_LEN 256
/** Max. lenght of fully qualified host names (e. g. "abc.domain.tld"). */
/** Max. length of fully qualified host names (e. g. "abc.domain.tld"). */
#define HOST_LEN 256
/** Max. length of random salt */
#define RANDOM_SALT_LEN 32
/* Size of structures */

View File

@ -20,7 +20,9 @@
#include <assert.h>
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/time.h>
#include <netinet/in.h>
@ -129,6 +131,34 @@ ngt_TrimLastChr( char *String, const char Chr)
} /* ngt_TrimLastChr */
/**
* Fill a String with random chars
*/
GLOBAL char *
ngt_RandomStr( char *String, const size_t len)
{
assert(String != NULL);
static const char chars[] =
"0123456789ABCDEFGHIJKLMNO"
"PQRSTUVWXYZabcdefghijklmn"
"opqrstuvwxyz!\"#$&'()*+,-"
"./:;<=>?@[\\]^_`";
struct timeval t;
gettimeofday(&t, NULL);
srand(t.tv_usec * t.tv_sec);
for (size_t i = 0; i < len; ++i) {
String[i] = chars[rand() % (sizeof(chars) - 1)];
}
String[len] = '\0';
return String;
} /* ngt_RandomStr */
#ifdef SYSLOG

View File

@ -32,6 +32,8 @@ GLOBAL void ngt_TrimStr PARAMS((char *String ));
GLOBAL char *ngt_UpperStr PARAMS((char *String ));
GLOBAL char *ngt_LowerStr PARAMS((char *String ));
GLOBAL char *ngt_RandomStr PARAMS((char *String, const size_t len));
#ifdef SYSLOG
GLOBAL const char *ngt_SyslogFacilityName PARAMS((int Facility));
GLOBAL int ngt_SyslogFacilityID PARAMS((char *Name, int DefaultFacility));