commit - 49385a98b2878ae6f19dd0925e0dc90fcc3d6372
commit + d0bb185cf55655fc68ad54508c84314c2520d54c
blob - 8297a9bb24a8700b325895261b542e6367e3128c
blob + 6d9d77098641ec4459375d56eb2a5a0d405dbd92
--- doc/sample-ngircd.conf.tmpl
+++ doc/sample-ngircd.conf.tmpl
@@ -125,17 +125,17 @@
 	;ChrootDir = /var/empty
 
 	# Set this hostname for every client instead of the real one.
-	# Please note: don't use the percentage sign ("%"), it is reserved for
-	# future extensions!
+	# Use %x to add the hashed value of the original hostname.
 	;CloakHost = cloaked.host
 
 	# Use this hostname for hostname cloaking on clients that have the
 	# user mode "+x" set, instead of the name of the server.
-	# Use %x to add the hashed value of the original hostname
+	# Use %x to add the hashed value of the original hostname.
 	;CloakHostModeX = cloaked.user
 
-	# The Salt for cloaked hostname hashing
-	;CloakHostModeXSalt = abcdefghijklmnopqrstuvwxyz
+	# The Salt for cloaked hostname hashing. When undefined a random
+	# hash is generated after each server start.
+	;CloakHostSalt = abcdefghijklmnopqrstuvwxyz
 
 	# Set every clients' user name to their nick name
 	;CloakUserToNick = yes
blob - 21a10475074d8218d712808a161b936a22ab52cf
blob + 71f0007851e738222ed7064b71921d4bb09cd097
--- man/ngircd.conf.5.tmpl
+++ man/ngircd.conf.5.tmpl
@@ -212,21 +212,16 @@ For this to work the server must have been started wit
 .TP
 \fBCloakHost\fR (string)
 Set this hostname for every client instead of the real one. Default: empty,
-don't change.
-.PP
-.RS
-.B Please note:
-.br
-Don't use the percentage sign ("%"), it is reserved for future extensions!
-.RE
+don't change. Use %x to add the hashed value of the original hostname.
 .TP
 \fBCloakHostModeX\fR (string)
 Use this hostname for hostname cloaking on clients that have the user mode
 "+x" set, instead of the name of the server. Default: empty, use the name
 of the server. Use %x to add the hashed value of the original hostname
 .TP
-\fBCloakHostModeXSalt\fR (string)
-The Salt for cloaked hostname hashing
+\fBCloakHostSalt\fR (string)
+The Salt for cloaked hostname hashing. When undefined a random hash is
+generated after each server start.
 .TP
 \fBCloakUserToNick\fR (boolean)
 Set every clients' user name to their nick name and hide the one supplied
blob - cefbd3a3464617506cd4c9d2eb00fd87258de0fb
blob + 49e273950ea6aeb955e909b1764021970b4fe982
--- src/ngircd/client.c
+++ src/ngircd/client.c
@@ -331,9 +331,15 @@ Client_SetHostname( CLIENT *Client, const char *Hostna
 	assert(Hostname != NULL);
 
 	if (strlen(Conf_CloakHost)) {
+		char cloak[GETID_LEN];
+
+		strlcpy(cloak, Hostname, GETID_LEN);
+		strlcat(cloak, Conf_CloakHostSalt, GETID_LEN);
+		snprintf(cloak, GETID_LEN, Conf_CloakHost, Hash(cloak));
+
 		LogDebug("Updating hostname of \"%s\": \"%s\" -> \"%s\"",
-			 Client_ID(Client), Client->host, Conf_CloakHost);
-		strlcpy(Client->host, Conf_CloakHost, sizeof(Client->host));
+			Client_ID(Client), Client->host, cloak);
+		strlcpy(Client->host, cloak, sizeof(Client->host));
 	} else {
 		LogDebug("Updating hostname of \"%s\": \"%s\" -> \"%s\"",
 			 Client_ID(Client), Client->host, Hostname);
@@ -826,8 +832,9 @@ Client_MaskCloaked(CLIENT *Client)
 		return Client_Mask(Client);
 
 	if(*Conf_CloakHostModeX) {
-		snprintf(Mask_Buffer, GETID_LEN, "%s%s", Client->host, Conf_CloakHostModeXSalt);
-		snprintf(Cloak_Buffer, GETID_LEN, Conf_CloakHostModeX, Hash(Mask_Buffer));
+		strlcpy(Cloak_Buffer, Client->host, GETID_LEN);
+		strlcat(Cloak_Buffer, Conf_CloakHostSalt, GETID_LEN);
+		snprintf(Cloak_Buffer, GETID_LEN, Conf_CloakHostModeX, Hash(Cloak_Buffer));
 	} else {
 		strncpy(Cloak_Buffer, Client_ID(Client->introducer), GETID_LEN);
 	}
blob - 36eff905ecce8b04b4cfd9e20371c78c72c52b4b
blob + b09113730ef185dff831ca6a0392c4a8d757ddcf
--- src/ngircd/conf.c
+++ src/ngircd/conf.c
@@ -359,7 +359,7 @@ Conf_Test( void )
 	printf("  ChrootDir = %s\n", Conf_Chroot);
 	printf("  CloakHost = %s\n", Conf_CloakHost);
 	printf("  CloakHostModeX = %s\n", Conf_CloakHostModeX);
-	printf("  CloakHostModeXSalt = %s\n", Conf_CloakHostModeXSalt);
+	printf("  CloakHostSalt = %s\n", Conf_CloakHostSalt);
 	printf("  CloakUserToNick = %s\n", yesno_to_str(Conf_CloakUserToNick));
 #ifdef WANT_IPV6
 	printf("  ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6));
@@ -688,7 +688,7 @@ Set_Defaults(bool InitServers)
 	strlcpy(Conf_Chroot, CHROOT_DIR, sizeof(Conf_Chroot));
 	strcpy(Conf_CloakHost, "");
 	strcpy(Conf_CloakHostModeX, "");
-	strcpy(Conf_CloakHostModeXSalt,ngt_RandomStr(random,RANDOM_SALT_LEN));
+	strcpy(Conf_CloakHostSalt, ngt_RandomStr(random, RANDOM_SALT_LEN));
 	Conf_CloakUserToNick = false;
 	Conf_ConnectIPv4 = true;
 #ifdef WANT_IPV6
@@ -1488,9 +1488,9 @@ Handle_OPTIONS(int Line, char *Var, char *Arg)
 			Config_Error_TooLong(Line, Var);
 		return;
 	}
-	if (strcasecmp(Var, "CloakHostModeXSalt") == 0) {
-		len = strlcpy(Conf_CloakHostModeXSalt, Arg, sizeof(Conf_CloakHostModeXSalt));
-		if (len >= sizeof(Conf_CloakHostModeX))
+	if (strcasecmp(Var, "CloakHostSalt") == 0) {
+		len = strlcpy(Conf_CloakHostSalt, Arg, sizeof(Conf_CloakHostSalt));
+		if (len >= sizeof(Conf_CloakHostSalt))
 			Config_Error_TooLong(Line, Var);
 		return;
 	}
blob - 964b37b75ac0050b9776b9aba01bd2cdd60816ac
blob + 4e7e3796478d8f200b11661c4ade71488dcfbad3
--- src/ngircd/conf.h
+++ src/ngircd/conf.h
@@ -169,8 +169,8 @@ GLOBAL char Conf_CloakHost[CLIENT_ID_LEN];
 /** Cloaked hostname for clients that did +x */
 GLOBAL char Conf_CloakHostModeX[CLIENT_ID_LEN];
 
-/** Salt for hostname hash for clients that did +x */
-GLOBAL char Conf_CloakHostModeXSalt[CLIENT_ID_LEN];
+/** Salt for hostname hash for cloaked hostnames */
+GLOBAL char Conf_CloakHostSalt[CLIENT_ID_LEN];
 
 /** Use nick name as user name? */
 GLOBAL bool Conf_CloakUserToNick;