implement ip cloaking

irc/config.go

@@ -263,6 +263,38 @@ type TorListenersConfig struct {
 	MaxConnectionsPerDuration int           `yaml:"max-connections-per-duration"`
 }
 
+type CloakConfig struct {
+	Enabled     bool
+	Netname     string
+	Secret      string
+	CidrLenIPv4 int `yaml:"cidr-len-ipv4"`
+	CidrLenIPv6 int `yaml:"cidr-len-ipv6"`
+	NumBits     int `yaml:"num-bits"`
+
+	numBytes int
+	ipv4Mask net.IPMask
+	ipv6Mask net.IPMask
+}
+
+func (cloakConfig *CloakConfig) postprocess() {
+	// sanity checks:
+	numBits := cloakConfig.NumBits
+	if 0 == numBits {
+		numBits = 80
+	} else if 256 < numBits {
+		numBits = 256
+	}
+
+	// derived values:
+	cloakConfig.numBytes = numBits / 8
+	// round up to the nearest byte
+	if numBits%8 != 0 {
+		cloakConfig.numBytes += 1
+	}
+	cloakConfig.ipv4Mask = net.CIDRMask(cloakConfig.CidrLenIPv4, 32)
+	cloakConfig.ipv6Mask = net.CIDRMask(cloakConfig.CidrLenIPv6, 128)
+}
+
 // Config defines the overall configuration.
 type Config struct {
 	Network struct {
@@ -297,6 +329,7 @@ type Config struct {
 		isupport            isupport.List
 		ConnectionLimiter   connection_limits.LimiterConfig   `yaml:"connection-limits"`
 		ConnectionThrottler connection_limits.ThrottlerConfig `yaml:"connection-throttling"`
+		Cloaks              CloakConfig                       `yaml:"ip-cloaking"`
 	}
 
 	Languages struct {
@@ -728,6 +761,8 @@ func LoadConfig(filename string) (config *Config, err error) {
 		config.History.ClientLength = 0
 	}
 
+	config.Server.Cloaks.postprocess()
+
 	for _, listenAddress := range config.Server.TorListeners.Listeners {
 		found := false
 		for _, configuredListener := range config.Server.Listen {