optionally allow WEBIRC blocks to spoof ident responses

extensions/m_webirc.c

@@ -76,7 +76,7 @@ DECLARE_MODULE_AV2(webirc, NULL, NULL, webirc_clist, NULL, webirc_hfnlist, NULL,
 /*
  * mr_webirc - webirc message handler
  *	parv[1] = password
- *	parv[2] = fake username (we ignore this)
+ *	parv[2] = fake username
  *	parv[3] = fake hostname
  *	parv[4] = fake ip
  */
@@ -171,6 +171,13 @@ mr_webirc(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *sourc
 	else
 		rb_strlcpy(source_p->host, source_p->sockhost, sizeof(source_p->host));
 
+	if (aconf->flags & CONF_FLAGS_SPOOF_IDENT)
+	{
+		if (parv[2][0] != '~')
+			SetGotId(source_p);
+		rb_strlcpy(source_p->username, parv[2], sizeof(source_p->username));
+	}
+
 	/* Check dlines now, klines will be checked on registration */
 	if((aconf = find_dline((struct sockaddr *)&source_p->localClient->ip,
 			       GET_SS_FAMILY(&source_p->localClient->ip))))

include/client.h

@@ -419,6 +419,7 @@ struct ListClient
 #define FLAGS_EXEMPTSHIDE	0x04000000
 #define FLAGS_EXEMPTJUPE	0x08000000
 #define FLAGS_IDENTIFIED	0x10000000	/* owns their current nick */
+#define FLAGS_USER_SPOOFING	0x00000080	/* username has already been set, so ignore it in USER */
 
 
 /* flags for local clients, this needs stuff moved from above to here at some point */
@@ -545,6 +546,8 @@ struct ListClient
 #define SetExemptResv(x)	((x)->flags |= FLAGS_EXEMPTRESV)
 #define IsIPSpoof(x)            ((x)->flags & FLAGS_IP_SPOOFING)
 #define SetIPSpoof(x)           ((x)->flags |= FLAGS_IP_SPOOFING)
+#define IsUserSpoof(x)          ((x)->flags & FLAGS_USER_SPOOFING)
+#define SetUserSpoof(x)         ((x)->flags |= FLAGS_USER_SPOOFING)
 #define IsExtendChans(x)	((x)->flags & FLAGS_EXTENDCHANS)
 #define SetExtendChans(x)	((x)->flags |= FLAGS_EXTENDCHANS)
 

include/s_conf.h

@@ -101,6 +101,7 @@ struct ConfItem
 #define CONF_FLAGS_NEED_IDENTD		0x00000008
 #define CONF_FLAGS_EXEMPTKLINE		0x00000040
 #define CONF_FLAGS_NOLIMIT		0x00000080
+#define CONF_FLAGS_SPOOF_IDENT		0x00000100
 #define CONF_FLAGS_SPOOF_IP		0x00000200
 #define CONF_FLAGS_SPOOF_NOTICE		0x00000400
 #define CONF_FLAGS_REDIR		0x00000800

ircd/authproc.c

@@ -507,7 +507,7 @@ authd_decide_client(struct Client *client_p, const char *ident, const char *host
 	if(client_p->preClient == NULL || client_p->preClient->auth.cid == 0)
 		return;
 
-	if(*ident != '*')
+	if(*ident != '*' && !IsGotId(client_p))
 	{
 		rb_strlcpy(client_p->username, ident, sizeof(client_p->username));
 		SetGotId(client_p);

ircd/newconf.c

@@ -351,6 +351,7 @@ static struct mode_table auth_table[] = {
 	{"extend_chans",	CONF_FLAGS_EXTEND_CHANS		},
 	{"allow_sctp",		CONF_FLAGS_ALLOW_SCTP		},
 	{"kline_spoof_ip",	CONF_FLAGS_KLINE_SPOOF		},
+	{"spoof_ident",		CONF_FLAGS_SPOOF_IDENT		},
 	{NULL, 0}
 };
 

ircd/s_conf.c

@@ -346,6 +346,8 @@ verify_access(struct Client *client_p, const char *username)
 			/* user@host spoof */
 			if((p = strchr(aconf->info.name, '@')) != NULL)
 			{
+				SetUserSpoof(client_p);
+
 				char *host = p+1;
 				*p = '\0';
 

ircd/s_user.c

@@ -500,7 +500,7 @@ register_local_user(struct Client *client_p, struct Client *source_p)
 		}
 
 		/* dont replace username if its supposed to be spoofed --fl */
-		if(!IsConfDoSpoofIp(aconf) || !strchr(aconf->info.name, '@'))
+		if(!IsUserSpoof(source_p))
 		{
 			p = myusername;