From 4a9bd500640449292e43fd138aebdd1dbe8195c8 Mon Sep 17 00:00:00 2001
From: "psyc://psyced.org/~lynX" <@>
Date: Tue, 21 Aug 2012 18:30:49 +0200
Subject: [PATCH] http://xmpp.org/resources/security-notices/server-dialback/

---
 world/net/jabber/active.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/world/net/jabber/active.c b/world/net/jabber/active.c
index 4419e1f..f472ac9 100644
--- a/world/net/jabber/active.c
+++ b/world/net/jabber/active.c
@@ -410,6 +410,14 @@ jabberMsg(XMLNode node) {
 	break;
     case "db:verify": // receiving step 9
 	// t = NAMEPREP(node["@to"]) + ";" + node["@id"];
+	if (hostname != node["@from"]) {
+	    // http://xmpp.org/resources/security-notices/server-dialback/
+	    P0(("db:verify: hostname %s != %s (verify from address)\n",
+		hostname, node["@from"]))
+	    emitraw("</stream:stream>");
+	    remove_interactive(ME);
+	    return;
+	}
 	t = node["@id"];
 	o = gateways[t];
 	if (objectp(o)) {