From 779a41c71b43b4781c661bf3533d143aa0a7f823 Mon Sep 17 00:00:00 2001
From: Ron Koenderink <rkoenderink@yahoo.ca>
Date: Mon, 21 Nov 2005 18:25:49 +0000
Subject: [PATCH] (natbyname): Do not look up a non-active country. Previously
 a blank country name or deleted country name would return a pointer to
 non-active countries. This creates a security problem where some one can
 successfully login into the server without country or password.  Closes
 #1219569.

---
 src/lib/player/nat.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/lib/player/nat.c b/src/lib/player/nat.c
index 9ec93018..d88d5aa8 100644
--- a/src/lib/player/nat.c
+++ b/src/lib/player/nat.c
@@ -45,7 +45,8 @@ natbyname(s_char *name, natid *result)
     int i;
 
     for (i = 0; NULL != (np = getnatp(i)); i++) {
-	if (strcmp(np->nat_cnam, name) == 0) {
+	if ((np->nat_stat & STAT_INUSE) &&
+	    (strcmp(np->nat_cnam, name) == 0)) {
 	    *result = i;
 	    return 0;
 	}