added basic ssl support to ircu

[ircu2.10.12-pk.git] / ircd / m_userhost.c

diff --git a/ircd/m_userhost.c b/ircd/m_userhost.c
index 9f93381c1d02de798fc1c2c2fff8b812a683226d..c6654ebcd094a9ecc5ee7f381d22b326ca881cbf 100644 (file)
--- a/ircd/m_userhost.c
+++ b/ircd/m_userhost.c
@@ -82,6 +82,7 @@
 #include "config.h"
 
 #include "client.h"
+#include "ircd_log.h"
 #include "ircd_reply.h"
 #include "ircd_string.h"
 #include "msgq.h"
@@ -89,7 +90,7 @@
 #include "s_user.h"
 #include "struct.h"
 
-#include <assert.h>
+/* #include <assert.h> -- Now using assert in ircd_log.h */
 
 static void userhost_formatter(struct Client* cptr, struct Client *sptr, struct MsgBuf* mb)
 {
@@ -97,7 +98,13 @@ static void userhost_formatter(struct Client* cptr, struct Client *sptr, struct
   msgq_append(0, mb, "%s%s=%c%s@%s", cli_name(cptr),
               SeeOper(sptr,cptr) ? "*" : "",
              cli_user(cptr)->away ? '-' : '+', cli_user(cptr)->username,
-             HasHiddenHost(cptr) && !IsAnOper(sptr) && (sptr != cptr) ?
+             /* Do not *EVER* change this to give opers the real host.
+              * Too many scripts rely on this data and can inadvertently
+              * publish the user's real host, thus breaking the security
+              * of +x.  If an oper wants the real host, he should go to
+              * /whois to get it.
+              */
+             HasHiddenHost(cptr) && (sptr != cptr) ?
              cli_user(cptr)->host : cli_user(cptr)->realhost);
 }