commit d99edb7728e058a889e4734f8592f495effa5bc3 from: Alexander Barton date: Sun Jun 26 13:41:27 2011 UTC Merge branch 'MorePrivacy' * MorePrivacy: New configuration opion "MorePrivacy" to "censor" some user information commit - cb28c4ff03d775825b698fcff3fbe68b50a8f8a6 commit + d99edb7728e058a889e4734f8592f495effa5bc3 blob - fc903cd2135d5b6c4324e9e9d4478e1ddbfbdaa7 blob + 7cd8afe0b38801d8425cf8838e68ab07afa52712 --- doc/sample-ngircd.conf.tmpl +++ doc/sample-ngircd.conf.tmpl @@ -141,6 +141,10 @@ # Do IDENT lookups if ngIRCd has been compiled with support for it. ;Ident = yes + + # Enhance user privacy slightly (useful for IRC server on TOR or I2P) + # by censoring some information like idle time, logon time, etc. + ;MorePrivacy = no # Normally ngIRCd doesn't send any messages to a client until it is # registered. Enable this option to let the daemon send "NOTICE AUTH" blob - 13c5452b5887f90b556922618fca648b39fc89f3 blob + d25f1ebcb73e146f7c80f723f72a12827cc48690 --- man/ngircd.conf.5.tmpl +++ man/ngircd.conf.5.tmpl @@ -246,6 +246,15 @@ If ngIRCd is compiled with IDENT support this can be u lookups at run time. Default: yes. .TP +\fBMorePrivacy\fR (boolean) +This will cause ngIRCd to censor user idle time, logon time as well as the +part/quit messages (that are sometimes used to inform everyone about which +client software is being used). WHOWAS requests are also silently ignored. +This option is most useful when ngIRCd is being used together with +anonymizing software such as TOR or I2P and one does not wish to make it +too easy to collect statistics on the users. +Default: no. +.TP \fBNoticeAuth\fR (boolean) Normally ngIRCd doesn't send any messages to a client until it is registered. Enable this option to let the daemon send "NOTICE AUTH" messages to clients blob - 6e8851b64113b44c4b5dd7e47faf370dba0f6675 blob + a36131c0031f3c99e3bf2cd0ad359f622d932c4d --- src/ngircd/channel.c +++ src/ngircd/channel.c @@ -262,6 +262,9 @@ Channel_Part(CLIENT * Client, CLIENT * Origin, const c Client_ID(Client), Name); return false; } + + if (Conf_MorePrivacy) + Reason = ""; /* Part client from channel */ if (!Remove_Client(REMOVE_PART, chan, Client, Origin, Reason, true)) @@ -331,6 +334,9 @@ Channel_Quit( CLIENT *Client, const char *Reason ) assert( Client != NULL ); assert( Reason != NULL ); + if (Conf_MorePrivacy) + Reason = ""; + IRC_WriteStrRelatedPrefix( Client, Client, false, "QUIT :%s", Reason ); c = My_Channels; @@ -961,6 +967,9 @@ Remove_Client( int Type, CHANNEL *Chan, CLIENT *Client Client_Mask( Client ), c->name, Client_ID(Origin), Reason); break; default: /* PART */ + if (Conf_MorePrivacy) + Reason = ""; + if (InformServer) IRC_WriteStrServersPrefix(Origin, Client, "PART %s :%s", c->name, Reason); blob - e01c424091dc274b559cedd95d87f6275e895ead blob + d038fd2481cde6bc01aca29d1669c93fdf01c1ff --- src/ngircd/client.c +++ src/ngircd/client.c @@ -335,8 +335,10 @@ Client_SetID( CLIENT *Client, const char *ID ) strlcpy( Client->id, ID, sizeof( Client->id )); - if (Conf_CloakUserToNick) + if (Conf_CloakUserToNick) { strlcpy( Client->user, ID, sizeof( Client->user )); + strlcpy( Client->info, ID, sizeof( Client->info )); + } /* Hash */ Client->hash = Hash( Client->id ); @@ -351,9 +353,9 @@ Client_SetUser( CLIENT *Client, const char *User, bool assert( Client != NULL ); assert( User != NULL ); - if (Conf_CloakUserToNick) return; - - if (Idented) { + if (Conf_CloakUserToNick) { + strlcpy(Client->user, Client->id, sizeof(Client->user)); + } else if (Idented) { strlcpy(Client->user, User, sizeof(Client->user)); } else { Client->user[0] = '~'; @@ -390,7 +392,10 @@ Client_SetInfo( CLIENT *Client, const char *Info ) assert( Client != NULL ); assert( Info != NULL ); - strlcpy(Client->info, Info, sizeof(Client->info)); + if (Conf_CloakUserToNick) + strlcpy(Client->info, Client->id, sizeof(Client->info)); + else + strlcpy(Client->info, Info, sizeof(Client->info)); } /* Client_SetInfo */ blob - 3be4eba1895c1ab887fe4afb1ed50feec7d39f71 blob + 4991918d54ade6d843e249bc61205e867d2ab497 --- src/ngircd/conf.c +++ src/ngircd/conf.c @@ -369,6 +369,7 @@ Conf_Test( void ) #ifdef IDENT printf(" Ident = %s\n", yesno_to_str(Conf_Ident)); #endif + printf(" MorePrivacy = %s\n", yesno_to_str(Conf_MorePrivacy)); printf(" NoticeAuth = %s\n", yesno_to_str(Conf_NoticeAuth)); printf(" OperCanUseMode = %s\n", yesno_to_str(Conf_OperCanMode)); printf(" OperServerMode = %s\n", yesno_to_str(Conf_OperServerMode)); @@ -689,6 +690,7 @@ Set_Defaults(bool InitServers) #else Conf_Ident = false; #endif + Conf_MorePrivacy = false; Conf_NoticeAuth = false; Conf_OperCanMode = false; Conf_OperServerMode = false; @@ -1458,6 +1460,10 @@ Handle_OPTIONS(int Line, char *Var, char *Arg) if (strcasecmp(Var, "Ident") == 0) { Conf_Ident = Check_ArgIsTrue(Arg); WarnIdent(Line); + return; + } + if (strcasecmp(Var, "MorePrivacy") == 0) { + Conf_MorePrivacy = Check_ArgIsTrue(Arg); return; } if (strcasecmp(Var, "NoticeAuth") == 0) { blob - 1f9bd122d02faf311e64bcce5d527163147d8fe3 blob + afc0afaa96c712f1c78626160a26d3dab2750aaa --- src/ngircd/conf.h +++ src/ngircd/conf.h @@ -175,15 +175,18 @@ GLOBAL bool Conf_DNS; /** Enable IDENT lookups, even when compiled with support for it */ GLOBAL bool Conf_Ident; +/** Enable "more privacy" mode and "censor" some user-related information */ +GLOBAL bool Conf_MorePrivacy; + +/** Enable NOTICE AUTH messages on connect */ +GLOBAL bool Conf_NoticeAuth; + /** Enable all usage of PAM, even when compiled with support for it */ GLOBAL bool Conf_PAM; /** Disable all CTCP commands except for /me ? */ GLOBAL bool Conf_ScrubCTCP; -/** Enable NOTICE AUTH messages on connect */ -GLOBAL bool Conf_NoticeAuth; - /* * try to connect to remote systems using the ipv6 protocol, * if they have an ipv6 address? (default yes) blob - 22c65aa2a426cd6a36aba7d42d853391db6f984c blob + 301da5337d32430592cfe1fe9e88838064b1c232 --- src/ngircd/irc-info.c +++ src/ngircd/irc-info.c @@ -999,7 +999,7 @@ IRC_WHOIS_SendReply(CLIENT *Client, CLIENT *from, CLIE return DISCONNECTED; /* Idle and signon time (local clients only!) */ - if (Client_Conn(c) > NONE && + if (!Conf_MorePrivacy && Client_Conn(c) > NONE && !IRC_WriteStrClient(from, RPL_WHOISIDLE_MSG, Client_ID(from), Client_ID(c), (unsigned long)Conn_GetIdle(Client_Conn(c)), @@ -1162,6 +1162,10 @@ IRC_WHOWAS( CLIENT *Client, REQUEST *Req ) assert( Client != NULL ); assert( Req != NULL ); + + /* Do not reveal any info on disconnected users? */ + if (Conf_MorePrivacy) + return CONNECTED; /* Wrong number of parameters? */ if (Req->argc > 3) @@ -1388,6 +1392,10 @@ IRC_Send_NAMES( CLIENT *Client, CHANNEL *Chan ) if( Channel_IsMemberOf( Chan, Client )) is_member = true; else is_member = false; + + /* Do not print info on channel memberships to anyone that is not member? */ + if (Conf_MorePrivacy && !is_member) + return CONNECTED; /* Secret channel? */ if( ! is_member && strchr( Channel_Modes( Chan ), 's' )) return CONNECTED;