commit - cb28c4ff03d775825b698fcff3fbe68b50a8f8a6
commit + d99edb7728e058a889e4734f8592f495effa5bc3
blob - fc903cd2135d5b6c4324e9e9d4478e1ddbfbdaa7
blob + 7cd8afe0b38801d8425cf8838e68ab07afa52712
--- doc/sample-ngircd.conf.tmpl
+++ doc/sample-ngircd.conf.tmpl
# Do IDENT lookups if ngIRCd has been compiled with support for it.
;Ident = yes
+
+ # Enhance user privacy slightly (useful for IRC server on TOR or I2P)
+ # by censoring some information like idle time, logon time, etc.
+ ;MorePrivacy = no
# Normally ngIRCd doesn't send any messages to a client until it is
# registered. Enable this option to let the daemon send "NOTICE AUTH"
blob - 13c5452b5887f90b556922618fca648b39fc89f3
blob + d25f1ebcb73e146f7c80f723f72a12827cc48690
--- man/ngircd.conf.5.tmpl
+++ man/ngircd.conf.5.tmpl
lookups at run time.
Default: yes.
.TP
+\fBMorePrivacy\fR (boolean)
+This will cause ngIRCd to censor user idle time, logon time as well as the
+part/quit messages (that are sometimes used to inform everyone about which
+client software is being used). WHOWAS requests are also silently ignored.
+This option is most useful when ngIRCd is being used together with
+anonymizing software such as TOR or I2P and one does not wish to make it
+too easy to collect statistics on the users.
+Default: no.
+.TP
\fBNoticeAuth\fR (boolean)
Normally ngIRCd doesn't send any messages to a client until it is registered.
Enable this option to let the daemon send "NOTICE AUTH" messages to clients
blob - 6e8851b64113b44c4b5dd7e47faf370dba0f6675
blob + a36131c0031f3c99e3bf2cd0ad359f622d932c4d
--- src/ngircd/channel.c
+++ src/ngircd/channel.c
Client_ID(Client), Name);
return false;
}
+
+ if (Conf_MorePrivacy)
+ Reason = "";
/* Part client from channel */
if (!Remove_Client(REMOVE_PART, chan, Client, Origin, Reason, true))
assert( Client != NULL );
assert( Reason != NULL );
+ if (Conf_MorePrivacy)
+ Reason = "";
+
IRC_WriteStrRelatedPrefix( Client, Client, false, "QUIT :%s", Reason );
c = My_Channels;
Client_Mask( Client ), c->name, Client_ID(Origin), Reason);
break;
default: /* PART */
+ if (Conf_MorePrivacy)
+ Reason = "";
+
if (InformServer)
IRC_WriteStrServersPrefix(Origin, Client, "PART %s :%s", c->name, Reason);
blob - e01c424091dc274b559cedd95d87f6275e895ead
blob + d038fd2481cde6bc01aca29d1669c93fdf01c1ff
--- src/ngircd/client.c
+++ src/ngircd/client.c
strlcpy( Client->id, ID, sizeof( Client->id ));
- if (Conf_CloakUserToNick)
+ if (Conf_CloakUserToNick) {
strlcpy( Client->user, ID, sizeof( Client->user ));
+ strlcpy( Client->info, ID, sizeof( Client->info ));
+ }
/* Hash */
Client->hash = Hash( Client->id );
assert( Client != NULL );
assert( User != NULL );
- if (Conf_CloakUserToNick) return;
-
- if (Idented) {
+ if (Conf_CloakUserToNick) {
+ strlcpy(Client->user, Client->id, sizeof(Client->user));
+ } else if (Idented) {
strlcpy(Client->user, User, sizeof(Client->user));
} else {
Client->user[0] = '~';
assert( Client != NULL );
assert( Info != NULL );
- strlcpy(Client->info, Info, sizeof(Client->info));
+ if (Conf_CloakUserToNick)
+ strlcpy(Client->info, Client->id, sizeof(Client->info));
+ else
+ strlcpy(Client->info, Info, sizeof(Client->info));
} /* Client_SetInfo */
blob - 3be4eba1895c1ab887fe4afb1ed50feec7d39f71
blob + 4991918d54ade6d843e249bc61205e867d2ab497
--- src/ngircd/conf.c
+++ src/ngircd/conf.c
#ifdef IDENT
printf(" Ident = %s\n", yesno_to_str(Conf_Ident));
#endif
+ printf(" MorePrivacy = %s\n", yesno_to_str(Conf_MorePrivacy));
printf(" NoticeAuth = %s\n", yesno_to_str(Conf_NoticeAuth));
printf(" OperCanUseMode = %s\n", yesno_to_str(Conf_OperCanMode));
printf(" OperServerMode = %s\n", yesno_to_str(Conf_OperServerMode));
#else
Conf_Ident = false;
#endif
+ Conf_MorePrivacy = false;
Conf_NoticeAuth = false;
Conf_OperCanMode = false;
Conf_OperServerMode = false;
if (strcasecmp(Var, "Ident") == 0) {
Conf_Ident = Check_ArgIsTrue(Arg);
WarnIdent(Line);
+ return;
+ }
+ if (strcasecmp(Var, "MorePrivacy") == 0) {
+ Conf_MorePrivacy = Check_ArgIsTrue(Arg);
return;
}
if (strcasecmp(Var, "NoticeAuth") == 0) {
blob - 1f9bd122d02faf311e64bcce5d527163147d8fe3
blob + afc0afaa96c712f1c78626160a26d3dab2750aaa
--- src/ngircd/conf.h
+++ src/ngircd/conf.h
/** Enable IDENT lookups, even when compiled with support for it */
GLOBAL bool Conf_Ident;
+/** Enable "more privacy" mode and "censor" some user-related information */
+GLOBAL bool Conf_MorePrivacy;
+
+/** Enable NOTICE AUTH messages on connect */
+GLOBAL bool Conf_NoticeAuth;
+
/** Enable all usage of PAM, even when compiled with support for it */
GLOBAL bool Conf_PAM;
/** Disable all CTCP commands except for /me ? */
GLOBAL bool Conf_ScrubCTCP;
-/** Enable NOTICE AUTH messages on connect */
-GLOBAL bool Conf_NoticeAuth;
-
/*
* try to connect to remote systems using the ipv6 protocol,
* if they have an ipv6 address? (default yes)
blob - 22c65aa2a426cd6a36aba7d42d853391db6f984c
blob + 301da5337d32430592cfe1fe9e88838064b1c232
--- src/ngircd/irc-info.c
+++ src/ngircd/irc-info.c
return DISCONNECTED;
/* Idle and signon time (local clients only!) */
- if (Client_Conn(c) > NONE &&
+ if (!Conf_MorePrivacy && Client_Conn(c) > NONE &&
!IRC_WriteStrClient(from, RPL_WHOISIDLE_MSG,
Client_ID(from), Client_ID(c),
(unsigned long)Conn_GetIdle(Client_Conn(c)),
assert( Client != NULL );
assert( Req != NULL );
+
+ /* Do not reveal any info on disconnected users? */
+ if (Conf_MorePrivacy)
+ return CONNECTED;
/* Wrong number of parameters? */
if (Req->argc > 3)
if( Channel_IsMemberOf( Chan, Client )) is_member = true;
else is_member = false;
+
+ /* Do not print info on channel memberships to anyone that is not member? */
+ if (Conf_MorePrivacy && !is_member)
+ return CONNECTED;
/* Secret channel? */
if( ! is_member && strchr( Channel_Modes( Chan ), 's' )) return CONNECTED;
