From e4a62bbc8555fe4a4538183a383b84cdb234c3ac Mon Sep 17 00:00:00 2001
From: Melissa Draper <melissa@meldraweb.com>
Date: Sat, 10 Jul 2021 17:02:06 -0700
Subject: [PATCH] Create configurations for user-facing messages within
 registration (#238)

---
 doc/ircd.conf.example |  9 ++++++
 doc/reference.conf    | 41 ++++++++++++++++++++++++++
 include/s_conf.h      |  8 ++++++
 ircd/newconf.c        |  8 ++++++
 ircd/s_conf.c         | 16 +++++++++++
 ircd/s_user.c         | 67 +++++++++++++++++++++++++++++++++++--------
 modules/m_info.c      | 40 ++++++++++++++++++++++++++
 7 files changed, 177 insertions(+), 12 deletions(-)

diff --git a/doc/ircd.conf.example b/doc/ircd.conf.example
index 470e8be6..986eb1a3 100644
--- a/doc/ircd.conf.example
+++ b/doc/ircd.conf.example
@@ -580,6 +580,15 @@ general {
 	hide_tkdline_duration = no;
 	kline_reason = "K-Lined";
 	sasl_only_client_message = "You need to identify via SASL to use to use this server.";
+	identd_only_client_message = "You need to install identd to use this server.";
+	sctp_forbidden_client_message = "You are not allowed to use SCTP on this server.";
+	ssltls_only_client_message = "You need to use SSL/TLS to use this server.";
+	not_authorised_client_message = "You are not authorised to access this server.";
+	illegal_hostname_client_message = "You have an illegal character in your hostname.";
+	server_full_client_message = "Sorry, server is full - try later";
+	illegal_name_long_client_message = "Your username is invalid. Please make sure that your username contains "
+									   "only alphanumeric characters.";
+	illegal_name_short_client_message = "Invalid username";
 	identify_service = "NickServ@services.int";
 	identify_command = "IDENTIFY";
 	non_redundant_klines = yes;
diff --git a/doc/reference.conf b/doc/reference.conf
index fc088ff3..b28a3f0f 100644
--- a/doc/reference.conf
+++ b/doc/reference.conf
@@ -1153,6 +1153,47 @@ general {
 	 */
 	sasl_only_client_message = "You need to identify via SASL to use to use this server.";
 
+	/* Identd access only client message: give users a message that
+	 * informs them
+	 */
+	identd_only_client_message = "You need to install identd to use this server.";
+
+	/* SCTP forbidden client message: give users a message that
+	 * informs them
+	 */
+	sctp_forbidden_client_message = "You are not allowed to use SCTP on this server.";
+
+	/* SSL/TLS access only client message: give users a message that
+	 * informs them
+	 */
+	ssltls_only_client_message = "You need to use SSL/TLS to use this server.";
+
+	/* Not authorised client message: tell users that they are not
+	 * authorised
+	 */
+	not_authorised_client_message = "You are not authorised to access this server.";
+
+	/* Illegal hostname client message: tell users that they have illegal
+	 * chars in their hostname
+	 */
+	illegal_hostname_client_message = "You have an illegal character in your hostname.";
+
+	/* Server full client message: tell users that the server they're connecting
+	 * to is full
+	 */
+	server_full_client_message = "Sorry, server is full - try later";
+
+	/* illegal name long client message: long-form explanation that their username
+	 * contains illegal characters
+	 */
+	illegal_name_long_client_message = "Your username is invalid. Please make sure that your username contains "
+									   "only alphanumeric characters.";
+
+	/* illegal name short client message: short-form notification that their username
+	 * contains illegal characters; will be followed by ": their_username"
+	 */
+	illegal_name_short_client_message = "Invalid username";
+
 	/* identify to services via server password
 	 * if auth{} block had no password but the user specified a
 	 * server password anyway, send a PRIVMSG to <identify_service>
diff --git a/include/s_conf.h b/include/s_conf.h
index a859feb5..b8bb1404 100644
--- a/include/s_conf.h
+++ b/include/s_conf.h
@@ -258,6 +258,14 @@ struct config_file_entry
 
 	char *drain_reason;
 	char *sasl_only_client_message;
+	char *identd_only_client_message;
+	char *sctp_forbidden_client_message;
+	char *ssltls_only_client_message;
+	char *not_authorised_client_message;
+	char *illegal_hostname_client_message;
+	char *server_full_client_message;
+	char *illegal_name_long_client_message;
+	char *illegal_name_short_client_message;
 };
 
 struct config_channel_entry
diff --git a/ircd/newconf.c b/ircd/newconf.c
index 382d8c79..62faf427 100644
--- a/ircd/newconf.c
+++ b/ircd/newconf.c
@@ -2708,6 +2708,14 @@ static struct ConfEntry conf_general_table[] =
 	{ "certfp_method",	CF_STRING, conf_set_general_certfp_method, 0, NULL },
 	{ "drain_reason",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.drain_reason	},
 	{ "sasl_only_client_message",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.sasl_only_client_message	},
+	{ "identd_only_client_message",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.identd_only_client_message	},
+	{ "sctp_forbidden_client_message",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.sctp_forbidden_client_message	},
+	{ "ssltls_only_client_message",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.ssltls_only_client_message	},
+	{ "not_authorised_client_message",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.not_authorised_client_message	},
+	{ "illegal_hostname_client_message",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.not_authorised_client_message	},
+	{ "server_full_client_message",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.server_full_client_message	},
+	{ "illegal_name_long_client_message",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.illegal_name_long_client_message	},
+	{ "illegal_name_short_client_message",	CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.illegal_name_short_client_message	},
 	{ "tls_ciphers_oper_only",	CF_YESNO, NULL, 0, &ConfigFileEntry.tls_ciphers_oper_only	},
 	{ "oper_secure_only",	CF_YESNO, NULL, 0, &ConfigFileEntry.oper_secure_only	},
 	{ "\0", 		0, 	  NULL, 0, NULL }
diff --git a/ircd/s_conf.c b/ircd/s_conf.c
index 6513b342..28acd6c0 100644
--- a/ircd/s_conf.c
+++ b/ircd/s_conf.c
@@ -1552,6 +1552,22 @@ clear_out_old_conf(void)
 	ConfigFileEntry.drain_reason = NULL;
 	rb_free(ConfigFileEntry.sasl_only_client_message);
 	ConfigFileEntry.sasl_only_client_message = NULL;
+	rb_free(ConfigFileEntry.identd_only_client_message);
+	ConfigFileEntry.identd_only_client_message = NULL;
+	rb_free(ConfigFileEntry.sctp_forbidden_client_message);
+	ConfigFileEntry.sctp_forbidden_client_message = NULL;
+	rb_free(ConfigFileEntry.ssltls_only_client_message);
+	ConfigFileEntry.ssltls_only_client_message = NULL;
+	rb_free(ConfigFileEntry.not_authorised_client_message);
+	ConfigFileEntry.not_authorised_client_message = NULL;
+	rb_free(ConfigFileEntry.illegal_hostname_client_message);
+	ConfigFileEntry.illegal_hostname_client_message = NULL;
+	rb_free(ConfigFileEntry.server_full_client_message);
+	ConfigFileEntry.server_full_client_message = NULL;
+	rb_free(ConfigFileEntry.illegal_name_long_client_message);
+	ConfigFileEntry.illegal_name_long_client_message = NULL;
+	rb_free(ConfigFileEntry.illegal_name_short_client_message);
+	ConfigFileEntry.illegal_name_short_client_message = NULL;
 
 	if (ConfigFileEntry.hidden_caps != NULL)
 	{
diff --git a/ircd/s_user.c b/ircd/s_user.c
index 54a32fb9..6512b7bf 100644
--- a/ircd/s_user.c
+++ b/ircd/s_user.c
@@ -428,7 +428,12 @@ register_local_user(struct Client *client_p, struct Client *source_p)
 
 	if(!valid_hostname(source_p->host))
 	{
-		sendto_one_notice(source_p, ":*** Notice -- You have an illegal character in your hostname");
+		const char *illegal_hostname_client_message = ConfigFileEntry.illegal_hostname_client_message;
+
+		if (illegal_hostname_client_message == NULL)
+			illegal_hostname_client_message = "You have an illegal character in your hostname.";
+
+		sendto_one_notice(source_p, ":*** Notice -- %s", illegal_hostname_client_message);
 
 		rb_strlcpy(source_p->host, source_p->sockhost, sizeof(source_p->host));
  	}
@@ -437,23 +442,40 @@ register_local_user(struct Client *client_p, struct Client *source_p)
 
 	if(aconf == NULL)
 	{
-		exit_client(client_p, source_p, &me, "*** Not Authorised");
+		const char *not_authorised_client_message = ConfigFileEntry.not_authorised_client_message;
+
+		if (not_authorised_client_message == NULL)
+			not_authorised_client_message = "You are not authorised to access this server.";
+
+		exit_client(client_p, source_p, &me, not_authorised_client_message);
 		return (CLIENT_EXITED);
 	}
 
 	if(IsConfSSLNeeded(aconf) && !IsSecure(source_p))
 	{
+		const char *ssltls_only_client_message = ConfigFileEntry.ssltls_only_client_message;
+
+		if (ssltls_only_client_message == NULL)
+			ssltls_only_client_message = "You need to use SSL/TLS to use this server.";
+
 		ServerStats.is_ref++;
-		sendto_one_notice(source_p, ":*** Notice -- You need to use SSL/TLS to use this server");
-		exit_client(client_p, source_p, &me, "Use SSL/TLS");
+		sendto_one_notice(source_p, ":*** Notice -- %s", ssltls_only_client_message);
+
+		exit_client(client_p, source_p, &me, ssltls_only_client_message);
 		return (CLIENT_EXITED);
 	}
 
 	if(IsSCTP(source_p) && !IsConfAllowSCTP(aconf))
 	{
+		const char *sctp_forbidden_client_message = ConfigFileEntry.sctp_forbidden_client_message;
+
+		if (sctp_forbidden_client_message == NULL)
+			sctp_forbidden_client_message = "You are not allowed to use SCTP on this server.";
+
 		ServerStats.is_ref++;
-		sendto_one_notice(source_p, ":*** Notice -- You are not allowed to use SCTP on this server");
-		exit_client(client_p, source_p, &me, "SCTP not allowed");
+		sendto_one_notice(source_p, ":*** Notice -- %s", sctp_forbidden_client_message);
+
+		exit_client(client_p, source_p, &me, sctp_forbidden_client_message);
 		return (CLIENT_EXITED);
 	}
 
@@ -464,9 +486,16 @@ register_local_user(struct Client *client_p, struct Client *source_p)
 
 		if(IsNeedIdentd(aconf))
 		{
+
+			const char *identd_only_client_message = ConfigFileEntry.identd_only_client_message;
+
+			if (identd_only_client_message == NULL)
+				identd_only_client_message = "You need to install identd to use this server.";
+
 			ServerStats.is_ref++;
-			sendto_one_notice(source_p, ":*** Notice -- You need to install identd to use this server");
-			exit_client(client_p, source_p, &me, "Install identd");
+			sendto_one_notice(source_p, ":*** Notice -- %s", identd_only_client_message);
+
+			exit_client(client_p, source_p, &me, identd_only_client_message);
 			return (CLIENT_EXITED);
 		}
 
@@ -552,8 +581,13 @@ register_local_user(struct Client *client_p, struct Client *source_p)
 		sendto_realops_snomask(SNO_FULL, L_NETWIDE,
 				     "Too many clients, rejecting %s[%s].", source_p->name, source_p->host);
 
+		const char *server_full_client_message = ConfigFileEntry.server_full_client_message;
+
+		if (server_full_client_message == NULL)
+			server_full_client_message = "Sorry, server is full - try later";
+
 		ServerStats.is_ref++;
-		exit_client(client_p, source_p, &me, "Sorry, server is full - try later");
+		exit_client(client_p, source_p, &me, server_full_client_message);
 		return (CLIENT_EXITED);
 	}
 
@@ -578,10 +612,19 @@ register_local_user(struct Client *client_p, struct Client *source_p)
 		sendto_realops_snomask(SNO_REJ, L_NETWIDE,
 				     "Invalid username: %s (%s@%s)",
 				     source_p->name, source_p->username, source_p->host);
+
+		const char *illegal_name_long_client_message = ConfigFileEntry.illegal_name_long_client_message;
+		const char *illegal_name_short_client_message = ConfigFileEntry.illegal_name_short_client_message;
+
+		if (illegal_name_long_client_message == NULL)
+			illegal_name_long_client_message = "Your username is invalid. Please make sure that your username contains "
+											   "only alphanumeric characters.";
+		if (illegal_name_short_client_message == NULL)
+			illegal_name_short_client_message = "Invalid username";
+
 		ServerStats.is_ref++;
-		sendto_one_notice(source_p, ":*** Your username is invalid. Please make sure that your username contains "
-					    "only alphanumeric characters.");
-		sprintf(tmpstr2, "Invalid username [%s]", source_p->username);
+		sendto_one_notice(source_p, ":*** %s", illegal_name_long_client_message);
+		sprintf(tmpstr2, "%s [%s]", illegal_name_short_client_message, source_p->username);
 		exit_client(client_p, source_p, &me, tmpstr2);
 		return (CLIENT_EXITED);
 	}
diff --git a/modules/m_info.c b/modules/m_info.c
index 5a08ec8a..f6d03659 100644
--- a/modules/m_info.c
+++ b/modules/m_info.c
@@ -205,6 +205,46 @@ static struct InfoStruct info_table[] = {
 		"Message to quit users with if they require SASL authentication.",
 		INFO_STRING(&ConfigFileEntry.sasl_only_client_message),
 	},
+	{
+		"identd_only_client_message",
+		"Message to quit users with if they require Identd.",
+		INFO_STRING(&ConfigFileEntry.identd_only_client_message),
+	},
+	{
+		"sctp_forbidden_client_message",
+		"Message to quit users with if they attempt using SCTP.",
+		INFO_STRING(&ConfigFileEntry.sctp_forbidden_client_message),
+	},
+	{
+		"ssltls_only_client_message",
+		"Message to quit users with if they require SSL/TLS.",
+		INFO_STRING(&ConfigFileEntry.ssltls_only_client_message),
+	},
+	{
+		"not_authorised_client_message",
+		"Message to quit users with if they are not authorised.",
+		INFO_STRING(&ConfigFileEntry.not_authorised_client_message),
+	},
+	{
+		"illegal_hostname_client_message",
+		"Message to users when their hostname contains illegal characters.",
+		INFO_STRING(&ConfigFileEntry.illegal_hostname_client_message),
+	},
+	{
+		"server_full_client_message",
+		"Message to users when the server is full.",
+		INFO_STRING(&ConfigFileEntry.server_full_client_message),
+	},
+	{
+		"illegal_name_long_client_message",
+		"Long message to users when their username contains illegal characters.",
+		INFO_STRING(&ConfigFileEntry.illegal_name_long_client_message),
+	},
+	{
+		"illegal_name_short_client_message",
+		"Short message to users when their username contains illegal characters.",
+		INFO_STRING(&ConfigFileEntry.illegal_name_short_client_message),
+	},
 	{
 		"disable_auth",
 		"Controls whether auth checking is disabled or not",