Hashed hostnames for CloakHost

Implemented support for hashed hostnames for CloakHost. The admin can
use '%x' in both the CloakHost and CloakHostModeX setting. The config
option CloakHostModeX was renamed to CloakHostSalt. This salt is used
for both cloaking options.
This commit is contained in:
Sebastian Köhler 2012-08-02 19:44:40 +02:00
parent 49385a98b2
commit d0bb185cf5
5 changed files with 27 additions and 25 deletions

View File

@ -125,17 +125,17 @@
;ChrootDir = /var/empty
# Set this hostname for every client instead of the real one.
# Please note: don't use the percentage sign ("%"), it is reserved for
# future extensions!
# Use %x to add the hashed value of the original hostname.
;CloakHost = cloaked.host
# Use this hostname for hostname cloaking on clients that have the
# user mode "+x" set, instead of the name of the server.
# Use %x to add the hashed value of the original hostname
# Use %x to add the hashed value of the original hostname.
;CloakHostModeX = cloaked.user
# The Salt for cloaked hostname hashing
;CloakHostModeXSalt = abcdefghijklmnopqrstuvwxyz
# The Salt for cloaked hostname hashing. When undefined a random
# hash is generated after each server start.
;CloakHostSalt = abcdefghijklmnopqrstuvwxyz
# Set every clients' user name to their nick name
;CloakUserToNick = yes

View File

@ -212,21 +212,16 @@ For this to work the server must have been started with root privileges!
.TP
\fBCloakHost\fR (string)
Set this hostname for every client instead of the real one. Default: empty,
don't change.
.PP
.RS
.B Please note:
.br
Don't use the percentage sign ("%"), it is reserved for future extensions!
.RE
don't change. Use %x to add the hashed value of the original hostname.
.TP
\fBCloakHostModeX\fR (string)
Use this hostname for hostname cloaking on clients that have the user mode
"+x" set, instead of the name of the server. Default: empty, use the name
of the server. Use %x to add the hashed value of the original hostname
.TP
\fBCloakHostModeXSalt\fR (string)
The Salt for cloaked hostname hashing
\fBCloakHostSalt\fR (string)
The Salt for cloaked hostname hashing. When undefined a random hash is
generated after each server start.
.TP
\fBCloakUserToNick\fR (boolean)
Set every clients' user name to their nick name and hide the one supplied

View File

@ -331,9 +331,15 @@ Client_SetHostname( CLIENT *Client, const char *Hostname )
assert(Hostname != NULL);
if (strlen(Conf_CloakHost)) {
char cloak[GETID_LEN];
strlcpy(cloak, Hostname, GETID_LEN);
strlcat(cloak, Conf_CloakHostSalt, GETID_LEN);
snprintf(cloak, GETID_LEN, Conf_CloakHost, Hash(cloak));
LogDebug("Updating hostname of \"%s\": \"%s\" -> \"%s\"",
Client_ID(Client), Client->host, Conf_CloakHost);
strlcpy(Client->host, Conf_CloakHost, sizeof(Client->host));
Client_ID(Client), Client->host, cloak);
strlcpy(Client->host, cloak, sizeof(Client->host));
} else {
LogDebug("Updating hostname of \"%s\": \"%s\" -> \"%s\"",
Client_ID(Client), Client->host, Hostname);
@ -826,8 +832,9 @@ Client_MaskCloaked(CLIENT *Client)
return Client_Mask(Client);
if(*Conf_CloakHostModeX) {
snprintf(Mask_Buffer, GETID_LEN, "%s%s", Client->host, Conf_CloakHostModeXSalt);
snprintf(Cloak_Buffer, GETID_LEN, Conf_CloakHostModeX, Hash(Mask_Buffer));
strlcpy(Cloak_Buffer, Client->host, GETID_LEN);
strlcat(Cloak_Buffer, Conf_CloakHostSalt, GETID_LEN);
snprintf(Cloak_Buffer, GETID_LEN, Conf_CloakHostModeX, Hash(Cloak_Buffer));
} else {
strncpy(Cloak_Buffer, Client_ID(Client->introducer), GETID_LEN);
}

View File

@ -359,7 +359,7 @@ Conf_Test( void )
printf(" ChrootDir = %s\n", Conf_Chroot);
printf(" CloakHost = %s\n", Conf_CloakHost);
printf(" CloakHostModeX = %s\n", Conf_CloakHostModeX);
printf(" CloakHostModeXSalt = %s\n", Conf_CloakHostModeXSalt);
printf(" CloakHostSalt = %s\n", Conf_CloakHostSalt);
printf(" CloakUserToNick = %s\n", yesno_to_str(Conf_CloakUserToNick));
#ifdef WANT_IPV6
printf(" ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6));
@ -688,7 +688,7 @@ Set_Defaults(bool InitServers)
strlcpy(Conf_Chroot, CHROOT_DIR, sizeof(Conf_Chroot));
strcpy(Conf_CloakHost, "");
strcpy(Conf_CloakHostModeX, "");
strcpy(Conf_CloakHostModeXSalt,ngt_RandomStr(random,RANDOM_SALT_LEN));
strcpy(Conf_CloakHostSalt, ngt_RandomStr(random, RANDOM_SALT_LEN));
Conf_CloakUserToNick = false;
Conf_ConnectIPv4 = true;
#ifdef WANT_IPV6
@ -1488,9 +1488,9 @@ Handle_OPTIONS(int Line, char *Var, char *Arg)
Config_Error_TooLong(Line, Var);
return;
}
if (strcasecmp(Var, "CloakHostModeXSalt") == 0) {
len = strlcpy(Conf_CloakHostModeXSalt, Arg, sizeof(Conf_CloakHostModeXSalt));
if (len >= sizeof(Conf_CloakHostModeX))
if (strcasecmp(Var, "CloakHostSalt") == 0) {
len = strlcpy(Conf_CloakHostSalt, Arg, sizeof(Conf_CloakHostSalt));
if (len >= sizeof(Conf_CloakHostSalt))
Config_Error_TooLong(Line, Var);
return;
}

View File

@ -169,8 +169,8 @@ GLOBAL char Conf_CloakHost[CLIENT_ID_LEN];
/** Cloaked hostname for clients that did +x */
GLOBAL char Conf_CloakHostModeX[CLIENT_ID_LEN];
/** Salt for hostname hash for clients that did +x */
GLOBAL char Conf_CloakHostModeXSalt[CLIENT_ID_LEN];
/** Salt for hostname hash for cloaked hostnames */
GLOBAL char Conf_CloakHostSalt[CLIENT_ID_LEN];
/** Use nick name as user name? */
GLOBAL bool Conf_CloakUserToNick;