From f97cb6a4f33052feadce6abfc6cd80c6559b4a98 Mon Sep 17 00:00:00 2001
From: ThiefMaster <thiefmaster@gamesurge.net>
Date: Tue, 1 Sep 2009 23:29:27 +0200
Subject: [PATCH] Reject ident@host fakehost osets if the setter lacks access
 to fake idents instead of setting the full ident@host as a fakehost
 (real@fake@fake).

---
 src/nickserv.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/nickserv.c b/src/nickserv.c
index 1192c24..1f6bf22 100644
--- a/src/nickserv.c
+++ b/src/nickserv.c
@@ -2636,8 +2636,9 @@ static OPTION_FUNC(opt_fakehost)
     if ((argc > 1) && oper_has_access(user, nickserv, nickserv_conf.set_fakehost_level, 0)) {
         safestrncpy(mask, argv[1], sizeof(mask));
 
-        if ((host = strrchr(mask, '@')) && host != mask &&
-            oper_has_access(user, nickserv, nickserv_conf.set_fakeident_level, 0)) {
+        if ((host = strrchr(mask, '@')) && host != mask) {
+            if(!oper_has_access(user, nickserv, nickserv_conf.set_fakeident_level, 0))
+                goto no_access;
             ident = mask;
             *host++ = '\0';
         } else {
@@ -2679,6 +2680,7 @@ static OPTION_FUNC(opt_fakehost)
 
         apply_fakehost(hi, NULL);
     } else {
+no_access:
         host = generate_fakehost(hi);
         ident = generate_fakeident(hi, NULL);
     }
-- 
2.20.1