Merge pull request #347 from edk0/hide-tls-info
Add general::tls_ciphers_oper_only
This commit is contained in:
commit
eb2103bb0e
7 changed files with 15 additions and 1 deletions
|
@ -625,6 +625,7 @@ general {
|
|||
away_interval = 30;
|
||||
certfp_method = spki_sha256;
|
||||
hide_opers_in_whois = no;
|
||||
tls_ciphers_oper_only = no;
|
||||
};
|
||||
|
||||
modules {
|
||||
|
|
|
@ -1436,6 +1436,9 @@ general {
|
|||
|
||||
/* hide_opers_in_whois: if set to YES, then oper status will be hidden in /WHOIS output. */
|
||||
hide_opers_in_whois = no;
|
||||
|
||||
/* tls_ciphers_oper_only: show the TLS cipher string in /WHOIS only to opers and self */
|
||||
tls_ciphers_oper_only = no;
|
||||
};
|
||||
|
||||
modules {
|
||||
|
|
|
@ -232,6 +232,7 @@ struct config_file_entry
|
|||
int use_propagated_bans;
|
||||
int max_ratelimit_tokens;
|
||||
int away_interval;
|
||||
int tls_ciphers_oper_only;
|
||||
|
||||
int client_flood_max_lines;
|
||||
int client_flood_burst_rate;
|
||||
|
|
|
@ -2802,6 +2802,7 @@ static struct ConfEntry conf_general_table[] =
|
|||
{ "hide_opers", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers },
|
||||
{ "certfp_method", CF_STRING, conf_set_general_certfp_method, 0, NULL },
|
||||
{ "drain_reason", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.drain_reason },
|
||||
{ "tls_ciphers_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.tls_ciphers_oper_only },
|
||||
{ "\0", 0, NULL, 0, NULL }
|
||||
};
|
||||
|
||||
|
|
|
@ -772,6 +772,7 @@ set_default_conf(void)
|
|||
ConfigFileEntry.use_propagated_bans = true;
|
||||
ConfigFileEntry.max_ratelimit_tokens = 30;
|
||||
ConfigFileEntry.away_interval = 30;
|
||||
ConfigFileEntry.tls_ciphers_oper_only = false;
|
||||
|
||||
#ifdef HAVE_LIBZ
|
||||
ConfigFileEntry.compression_level = 4;
|
||||
|
|
|
@ -524,6 +524,12 @@ static struct InfoStruct info_table[] = {
|
|||
&ConfigFileEntry.away_interval,
|
||||
"The minimum time between aways",
|
||||
},
|
||||
{
|
||||
"tls_ciphers_oper_only",
|
||||
OUTPUT_BOOLEAN_YN,
|
||||
&ConfigFileEntry.tls_ciphers_oper_only,
|
||||
"TLS cipher strings are hidden in whois for non-opers",
|
||||
},
|
||||
{
|
||||
"default_split_server_count",
|
||||
OUTPUT_DECIMAL,
|
||||
|
|
|
@ -334,7 +334,8 @@ single_whois(struct Client *source_p, struct Client *target_p, int operspy)
|
|||
{
|
||||
char cbuf[256] = "is using a secure connection";
|
||||
|
||||
if (MyClient(target_p) && target_p->localClient->cipher_string != NULL)
|
||||
if (MyClient(target_p) && target_p->localClient->cipher_string != NULL &&
|
||||
(!ConfigFileEntry.tls_ciphers_oper_only || source_p == target_p || IsOper(source_p)))
|
||||
rb_snprintf_append(cbuf, sizeof(cbuf), " [%s]", target_p->localClient->cipher_string);
|
||||
|
||||
sendto_one_numeric(source_p, RPL_WHOISSECURE, form_str(RPL_WHOISSECURE),
|
||||
|
|
Loading…
Reference in a new issue