2 files changed, 16 insertions, 5 deletions

diff --git a/doc/guide.tex b/doc/guide.tex
index ca60f37d1..552b83a34 100644
--- a/doc/guide.tex
+++ b/doc/guide.tex
@@ -1241,7 +1241,7 @@ The option \option{fqdn} allows you to define the Fully Qualified Domain Name
 of the machine, in case it isn't detected automatically.
 The FQDN is used to authenticate some clients that use the DIGEST-MD5 SASL mechanism.
 The option syntax is:
-\esyntax{\{fqdn, undefined|FqdnString\}.}
+\esyntax{\{fqdn, undefined|FqdnString|[FqdnString]\}.}
 
 \makesubsubsection{internalauth}{Internal}
 \ind{internal authentication}\ind{Mnesia}
diff --git a/src/cyrsasl_digest.erl b/src/cyrsasl_digest.erl
index 134a86daf..056df3356 100644
--- a/src/cyrsasl_digest.erl
+++ b/src/cyrsasl_digest.erl
@@ -165,14 +165,25 @@ parse4([], Key, Val, Ts) ->
 is_digesturi_valid(DigestURICase, JabberDomain, JabberFQDN) ->
     DigestURI = stringprep:tolower(DigestURICase),
     case catch string:tokens(DigestURI, "/") of
-	["xmpp", Host] when (Host == JabberDomain) or (Host == JabberFQDN) ->
-	    true;
-	["xmpp", Host, ServName] when (ServName == JabberDomain) and (Host == JabberFQDN) ->
-	    true;
+	["xmpp", Host] ->
+	    IsHostFqdn = is_host_fqdn(Host, JabberFQDN),
+	    (Host == JabberDomain) or IsHostFqdn;
+	["xmpp", Host, ServName] ->
+	    IsHostFqdn = is_host_fqdn(Host, JabberFQDN),
+	    (ServName == JabberDomain) and IsHostFqdn;
 	_ ->
 	    false
     end.
 
+is_host_fqdn(Host, [Letter | _Tail] = Fqdn) when not is_list(Letter) ->
+    Host == Fqdn;
+is_host_fqdn(_Host, []) ->
+    false;
+is_host_fqdn(Host, [Fqdn | _FqdnTail]) when Host == Fqdn ->
+    true;
+is_host_fqdn(Host, [Fqdn | FqdnTail]) when Host /= Fqdn ->
+    is_host_fqdn(Host, FqdnTail).
+
 get_local_fqdn() ->
     case (catch get_local_fqdn2()) of
 	Str when is_list(Str) -> Str;