From df24540c622d9d3a5ecdfe668eaeaa1342d5dcae Mon Sep 17 00:00:00 2001
From: jesopo <github@lolnerd.net>
Date: Thu, 16 Jun 2022 09:08:07 +0000
Subject: [PATCH 1/6] optionally allow WEBIRC blocks to spoof ident responses

---
 extensions/m_webirc.c | 6 ++++++
 include/s_conf.h      | 1 +
 ircd/newconf.c        | 1 +
 3 files changed, 8 insertions(+)

diff --git a/extensions/m_webirc.c b/extensions/m_webirc.c
index d0b648c3a..94e67177c 100644
--- a/extensions/m_webirc.c
+++ b/extensions/m_webirc.c
@@ -171,6 +171,12 @@ mr_webirc(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *sourc
 	else
 		rb_strlcpy(source_p->host, source_p->sockhost, sizeof(source_p->host));
 
+	if (aconf->flags & CONF_FLAGS_SPOOF_IDENT)
+	{
+		SetGotId(source_p);
+		rb_strlcpy(source_p->username, parv[2], sizeof(source_p->username));
+	}
+
 	/* Check dlines now, klines will be checked on registration */
 	if((aconf = find_dline((struct sockaddr *)&source_p->localClient->ip,
 			       GET_SS_FAMILY(&source_p->localClient->ip))))
diff --git a/include/s_conf.h b/include/s_conf.h
index acc4f1b82..73d6a31d5 100644
--- a/include/s_conf.h
+++ b/include/s_conf.h
@@ -102,6 +102,7 @@ struct ConfItem
 #define CONF_FLAGS_EXEMPTKLINE		0x00000040
 #define CONF_FLAGS_NOLIMIT		0x00000080
 #define CONF_FLAGS_SPOOF_IP		0x00000200
+#define CONF_FLAGS_SPOOF_IDENT		0x00000200
 #define CONF_FLAGS_SPOOF_NOTICE		0x00000400
 #define CONF_FLAGS_REDIR		0x00000800
 #define CONF_FLAGS_EXEMPTRESV		0x00002000	/* exempt from resvs */
diff --git a/ircd/newconf.c b/ircd/newconf.c
index a160e29ef..a78e549f0 100644
--- a/ircd/newconf.c
+++ b/ircd/newconf.c
@@ -351,6 +351,7 @@ static struct mode_table auth_table[] = {
 	{"extend_chans",	CONF_FLAGS_EXTEND_CHANS		},
 	{"allow_sctp",		CONF_FLAGS_ALLOW_SCTP		},
 	{"kline_spoof_ip",	CONF_FLAGS_KLINE_SPOOF		},
+	{"spoof_ident",		CONF_FLAGS_SPOOF_IDENT		},
 	{NULL, 0}
 };
 

From 1010aac0b3b39adf8059b3c31496105647454166 Mon Sep 17 00:00:00 2001
From: jesopo <github@lolnerd.net>
Date: Thu, 16 Jun 2022 09:11:00 +0000
Subject: [PATCH 2/6] update comment

---
 extensions/m_webirc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/extensions/m_webirc.c b/extensions/m_webirc.c
index 94e67177c..f0a037b50 100644
--- a/extensions/m_webirc.c
+++ b/extensions/m_webirc.c
@@ -76,7 +76,7 @@ DECLARE_MODULE_AV2(webirc, NULL, NULL, webirc_clist, NULL, webirc_hfnlist, NULL,
 /*
  * mr_webirc - webirc message handler
  *	parv[1] = password
- *	parv[2] = fake username (we ignore this)
+ *	parv[2] = fake username
  *	parv[3] = fake hostname
  *	parv[4] = fake ip
  */

From 45eef6718f15735df8232a06a456b06a24f79690 Mon Sep 17 00:00:00 2001
From: jesopo <github@lolnerd.net>
Date: Thu, 16 Jun 2022 12:21:58 +0000
Subject: [PATCH 3/6] ircd/authproc.c: don't override webirc spoofed usernames

---
 ircd/authproc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ircd/authproc.c b/ircd/authproc.c
index 602601b04..b79c29399 100644
--- a/ircd/authproc.c
+++ b/ircd/authproc.c
@@ -507,7 +507,7 @@ authd_decide_client(struct Client *client_p, const char *ident, const char *host
 	if(client_p->preClient == NULL || client_p->preClient->auth.cid == 0)
 		return;
 
-	if(*ident != '*')
+	if(*ident != '*' && !IsGotId(client_p))
 	{
 		rb_strlcpy(client_p->username, ident, sizeof(client_p->username));
 		SetGotId(client_p);

From 73e9ad0d48c3a0c73b3185e65f275caef657dd8d Mon Sep 17 00:00:00 2001
From: jesopo <github@lolnerd.net>
Date: Thu, 16 Jun 2022 12:35:10 +0000
Subject: [PATCH 4/6] correct unchanged duplicated flag value

---
 include/s_conf.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/s_conf.h b/include/s_conf.h
index 73d6a31d5..6153f2a9d 100644
--- a/include/s_conf.h
+++ b/include/s_conf.h
@@ -101,8 +101,8 @@ struct ConfItem
 #define CONF_FLAGS_NEED_IDENTD		0x00000008
 #define CONF_FLAGS_EXEMPTKLINE		0x00000040
 #define CONF_FLAGS_NOLIMIT		0x00000080
+#define CONF_FLAGS_SPOOF_IDENT		0x00000100
 #define CONF_FLAGS_SPOOF_IP		0x00000200
-#define CONF_FLAGS_SPOOF_IDENT		0x00000200
 #define CONF_FLAGS_SPOOF_NOTICE		0x00000400
 #define CONF_FLAGS_REDIR		0x00000800
 #define CONF_FLAGS_EXEMPTRESV		0x00002000	/* exempt from resvs */

From ace0e3ad8579c31f9e5d2e7b37b6e4bd3a6d99e2 Mon Sep 17 00:00:00 2001
From: jesopo <github@lolnerd.net>
Date: Thu, 16 Jun 2022 12:43:26 +0000
Subject: [PATCH 5/6] only SetGotId when webirc spoofed username doesn't have ~

---
 extensions/m_webirc.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/extensions/m_webirc.c b/extensions/m_webirc.c
index f0a037b50..4a97bad3f 100644
--- a/extensions/m_webirc.c
+++ b/extensions/m_webirc.c
@@ -173,7 +173,8 @@ mr_webirc(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *sourc
 
 	if (aconf->flags & CONF_FLAGS_SPOOF_IDENT)
 	{
-		SetGotId(source_p);
+		if (parv[2][0] != '~')
+			SetGotId(source_p);
 		rb_strlcpy(source_p->username, parv[2], sizeof(source_p->username));
 	}
 

From 4579f8b555dca0d0e717651b03d5f87988a0745c Mon Sep 17 00:00:00 2001
From: jesopo <github@lolnerd.net>
Date: Thu, 16 Jun 2022 15:39:09 +0000
Subject: [PATCH 6/6] don't override webirc spoofed username in USER

---
 include/client.h | 3 +++
 ircd/s_conf.c    | 2 ++
 ircd/s_user.c    | 2 +-
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/include/client.h b/include/client.h
index 6a50f5339..ec2b17f36 100644
--- a/include/client.h
+++ b/include/client.h
@@ -419,6 +419,7 @@ struct ListClient
 #define FLAGS_EXEMPTSHIDE	0x04000000
 #define FLAGS_EXEMPTJUPE	0x08000000
 #define FLAGS_IDENTIFIED	0x10000000	/* owns their current nick */
+#define FLAGS_USER_SPOOFING	0x00000080	/* username has already been set, so ignore it in USER */
 
 
 /* flags for local clients, this needs stuff moved from above to here at some point */
@@ -545,6 +546,8 @@ struct ListClient
 #define SetExemptResv(x)	((x)->flags |= FLAGS_EXEMPTRESV)
 #define IsIPSpoof(x)            ((x)->flags & FLAGS_IP_SPOOFING)
 #define SetIPSpoof(x)           ((x)->flags |= FLAGS_IP_SPOOFING)
+#define IsUserSpoof(x)          ((x)->flags & FLAGS_USER_SPOOFING)
+#define SetUserSpoof(x)         ((x)->flags |= FLAGS_USER_SPOOFING)
 #define IsExtendChans(x)	((x)->flags & FLAGS_EXTENDCHANS)
 #define SetExtendChans(x)	((x)->flags |= FLAGS_EXTENDCHANS)
 
diff --git a/ircd/s_conf.c b/ircd/s_conf.c
index cb86811ff..238633071 100644
--- a/ircd/s_conf.c
+++ b/ircd/s_conf.c
@@ -346,6 +346,8 @@ verify_access(struct Client *client_p, const char *username)
 			/* user@host spoof */
 			if((p = strchr(aconf->info.name, '@')) != NULL)
 			{
+				SetUserSpoof(client_p);
+
 				char *host = p+1;
 				*p = '\0';
 
diff --git a/ircd/s_user.c b/ircd/s_user.c
index d758b537c..8a19b2ec5 100644
--- a/ircd/s_user.c
+++ b/ircd/s_user.c
@@ -500,7 +500,7 @@ register_local_user(struct Client *client_p, struct Client *source_p)
 		}
 
 		/* dont replace username if its supposed to be spoofed --fl */
-		if(!IsConfDoSpoofIp(aconf) || !strchr(aconf->info.name, '@'))
+		if(!IsUserSpoof(source_p))
 		{
 			p = myusername;