remove domain guessing

not even all freenode hosts have a reverse dns ending in .freenode.net, some (quakenet..) often have none at all, so our heuristic is pretty much useless

remove domain guessing
not even all freenode hosts have a reverse dns ending in .freenode.net, some (quakenet..) often have none at all, so our heuristic is pretty much useless
cf00784b · Johannes Schilling · 03670d78 · cf00784b · cf00784b
Commit cf00784b authored Nov 01, 2017 by Johannes Schilling
--- a/README.md
+++ b/README.md
@@ -3,10 +3,9 @@ pcidentd

 A *P*rivacy *C*onserving Ident Daemon.

-Uses HMAC with uid and requesting server domain (without subdomains) to generate
-a per-domain unique ident response. If no reverse DNS is available for a
-requesting server, no domain is part of ident response generation; i.e. for all
-such servers the response will be the same for a specific user.
+Uses HMAC with uid to generate a unique ident response which cannot be linked to
+the original user name. A single user can however be pseudonymously tracked
+across different IRC networks.

 USAGE
 -----

--- a/main.go
+++ b/main.go
@@ -38,7 +38,6 @@ import (
 	"os"
 	"regexp"
 	"strconv"
-	"strings"
 )

 const (
@@ -139,23 +138,10 @@ func handleIdentRequest(c net.Conn, hmacSecret []byte) error {
 		return err
 	}

-	// idea: have the same ident accross multiple servers of the same network
-	// (e.g. foo.freenode.net, bar.freenode.net, ..), so we make the domain
-	// without subdomains part of the hmac sum.
-	guessedDomain, err := guessRemoteAddrDomain(rIPstr)
-	if err != nil {
-		log.Printf("reverse lookup failed for %v: %v", rIPstr, err)
-		// if reverse dns fails for our peer, we must use a stable identifier.
-		// this makes the ident string for one user for all hosts without
-		// reverse dns the same, but can't be helped really
-		guessedDomain = ""
-	}
-
 	// use hmac, because plain hash would allow local users to brute force ident
 	// response (i.e. reverse lookup)
 	mac := hmac.New(sha256.New, hmacSecret)
 	fmt.Fprintln(mac, uid)
-	fmt.Fprintln(mac, guessedDomain)
 	macB64 := base64.StdEncoding.EncodeToString(mac.Sum(nil))

 	_, err = fmt.Fprintf(c, "%d,%d:USERID:OTHER:%s\n",
@@ -167,22 +153,6 @@ func handleIdentRequest(c net.Conn, hmacSecret []byte) error {
 	return nil
 }

-func guessRemoteAddrDomain(rIPstr string) (string, error) {
-	hostnames, err := net.LookupAddr(rIPstr)
-	if err != nil {
-		return "", err
-	}
-
-	parts := strings.Split(hostnames[0], ".")
-	n := len(parts)
-	// just tld?
-	if n < 3 {
-		return hostnames[0], nil
-	}
-
-	return strings.Join(parts[n-3:], "."), nil
-}
-
 func parsePort(in string) (int, error) {
 	p, err := strconv.ParseUint(in, 10, 16)
 	return int(p), err