From ec0dd57538f52acc9259f5fa0c310b650f34a04a Mon Sep 17 00:00:00 2001 From: Sadie Powell Date: Thu, 23 Nov 2023 15:42:20 +0000 Subject: Disable the TLS welcome notice by default. This is just needless spam for the vast majority of users. --- src/modules/m_sslinfo.cpp | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp index 0014d296b..d6454e1c6 100644 --- a/src/modules/m_sslinfo.cpp +++ b/src/modules/m_sslinfo.cpp @@ -309,6 +309,7 @@ private: std::string hash; bool spkifp; unsigned long warnexpiring; + bool welcomemsg; static bool MatchFP(ssl_cert* const cert, const std::string& fp) { @@ -333,6 +334,7 @@ public: hash = tag->getString("hash"); spkifp = tag->getBool("spkifp"); warnexpiring = tag->getDuration("warnexpiring", 0, 0, 60*60*24*365); + welcomemsg = tag->getBool("welcomemsg"); } void OnWhois(Whois::Context& whois) override @@ -400,15 +402,18 @@ public: ssl_cert* const cert = ssliohook->GetCertificate(); - std::string text = "*** You are connected to "; - if (!ssliohook->GetServerName(text)) - text.append(ServerInstance->Config->GetServerName()); - text.append(" using TLS cipher '"); - ssliohook->GetCiphersuite(text); - text.push_back('\''); - if (cert && !cert->GetFingerprint().empty()) - text.append(" and your TLS client certificate fingerprint is ").append(cert->GetFingerprint()); - user->WriteNotice(text); + if (welcomemsg) + { + std::string text = "*** You are connected to "; + if (!ssliohook->GetServerName(text)) + text.append(ServerInstance->Config->GetServerName()); + text.append(" using TLS cipher '"); + ssliohook->GetCiphersuite(text); + text.push_back('\''); + if (cert && !cert->GetFingerprint().empty()) + text.append(" and your TLS client certificate fingerprint is ").append(cert->GetFingerprint()); + user->WriteNotice(text); + } if (!cert || !warnexpiring || !cert->GetExpirationTime()) return; -- cgit v1.3.1-10-gc9f91